static void hash_copy_advanced (gpointer key, gpointer data, gpointer user_data) { NMSettingVPN *s_vpn = NM_SETTING_VPN (user_data); nm_setting_vpn_add_data_item (s_vpn, (const char *) key, (const char *) data); }
static gboolean real_need_secrets (NMVpnServicePlugin *plugin, NMConnection *connection, const char **setting_name, GError **error) { NMSettingVpn *s_vpn; NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE; g_return_val_if_fail (NM_IS_VPN_SERVICE_PLUGIN (plugin), FALSE); g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE); s_vpn = nm_connection_get_setting_vpn (connection); nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_SSTP_KEY_PASSWORD, &flags, NULL); /* Don't need the password if it's not required */ if (flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED) return FALSE; /* Don't need the password if we already have one */ if (nm_setting_vpn_get_secret (NM_SETTING_VPN (s_vpn), NM_SSTP_KEY_PASSWORD)) return FALSE; /* Otherwise we need a password */ *setting_name = NM_SETTING_VPN_SETTING_NAME; return TRUE; }
static void read_hash_of_string (GKeyFile *file, NMSetting *setting, const char *key) { char **keys, **iter; char *value; const char *setting_name = nm_setting_get_name (setting); keys = nm_keyfile_plugin_kf_get_keys (file, setting_name, NULL, NULL); if (!keys || !*keys) return; for (iter = keys; *iter; iter++) { value = nm_keyfile_plugin_kf_get_string (file, setting_name, *iter, NULL); if (!value) continue; if (NM_IS_SETTING_VPN (setting)) { if (strcmp (*iter, NM_SETTING_VPN_SERVICE_TYPE)) nm_setting_vpn_add_data_item (NM_SETTING_VPN (setting), *iter, value); } if (NM_IS_SETTING_BOND (setting)) { if (strcmp (*iter, NM_SETTING_BOND_INTERFACE_NAME)) nm_setting_bond_add_option (NM_SETTING_BOND (setting), *iter, value); } g_free (value); } g_strfreev (keys); }
static void write_one_secret_to_keyring (NMSetting *setting, const char *key, const GValue *value, GParamFlags flags, gpointer user_data) { Request *r = user_data; GType type = G_VALUE_TYPE (value); const char *secret; /* Non-secrets obviously don't get saved in the keyring */ if (!(flags & NM_SETTING_PARAM_SECRET)) return; if (NM_IS_SETTING_VPN (setting) && (g_strcmp0 (key, NM_SETTING_VPN_SECRETS) == 0)) { g_return_if_fail (type == DBUS_TYPE_G_MAP_OF_STRING); /* Process VPN secrets specially since it's a hash of secrets, not just one */ nm_setting_vpn_foreach_secret (NM_SETTING_VPN (setting), vpn_secret_iter_cb, r); } else { g_return_if_fail (type == G_TYPE_STRING); secret = g_value_get_string (value); if (secret && strlen (secret)) save_one_secret (r, setting, key, secret, NULL); } }
static void get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { NMSettingVpn *setting = NM_SETTING_VPN (object); NMSettingVpnPrivate *priv = NM_SETTING_VPN_GET_PRIVATE (setting); switch (prop_id) { case PROP_SERVICE_TYPE: g_value_set_string (value, nm_setting_vpn_get_service_type (setting)); break; case PROP_USER_NAME: g_value_set_string (value, nm_setting_vpn_get_user_name (setting)); break; case PROP_PERSISTENT: g_value_set_boolean (value, priv->persistent); break; case PROP_DATA: g_value_take_boxed (value, _nm_utils_copy_strdict (priv->data)); break; case PROP_SECRETS: g_value_take_boxed (value, _nm_utils_copy_strdict (priv->secrets)); break; case PROP_TIMEOUT: g_value_set_uint (value, nm_setting_vpn_get_timeout (setting)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } }
static gboolean real_connect (NMVPNPlugin *plugin, NMConnection *connection, GError **error) { NMSettingVPN *s_vpn; gint openconnect_fd = -1; s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN)); g_assert (s_vpn); if (!nm_openconnect_properties_validate (s_vpn, error)) goto out; if (!nm_openconnect_secrets_validate (s_vpn, error)) goto out; if (debug) nm_connection_dump (connection); openconnect_fd = nm_openconnect_start_openconnect_binary (NM_OPENCONNECT_PLUGIN (plugin), s_vpn, error); if (!openconnect_fd) return TRUE; out: return FALSE; }
static void get_property (GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { NMSettingVPN *setting = NM_SETTING_VPN (object); NMSettingVPNPrivate *priv = NM_SETTING_VPN_GET_PRIVATE (setting); switch (prop_id) { case PROP_SERVICE_TYPE: g_value_set_string (value, nm_setting_vpn_get_service_type (setting)); break; case PROP_USER_NAME: g_value_set_string (value, nm_setting_vpn_get_user_name (setting)); break; case PROP_DATA: g_value_set_boxed (value, priv->data); break; case PROP_SECRETS: g_value_set_boxed (value, priv->secrets); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; } }
static gboolean real_need_secrets (NMVPNPlugin *plugin, NMConnection *connection, char **setting_name, GError **error) { NMSettingVPN *s_vpn; gboolean need_secrets = FALSE; g_return_val_if_fail (NM_IS_VPN_PLUGIN (plugin), FALSE); g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE); s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN)); if (!s_vpn) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CONNECTION_INVALID, "%s", "Could not process the request because the VPN connection settings were invalid."); return FALSE; } if (!nm_setting_vpn_get_secret (s_vpn, NM_OPENSSH_KEY_PASSWORD)) need_secrets = TRUE; if (need_secrets) *setting_name = NM_SETTING_VPN_SETTING_NAME; return need_secrets; }
static gboolean compare_property (NMSetting *setting, NMSetting *other, const GParamSpec *prop_spec, NMSettingCompareFlags flags) { gboolean same; /* We only need to treat the 'secrets' property specially */ if (g_strcmp0 (prop_spec->name, NM_SETTING_VPN_SECRETS) != 0) return NM_SETTING_CLASS (nm_setting_vpn_parent_class)->compare_property (setting, other, prop_spec, flags); /* Compare A to B to ensure everything in A is found in B */ same = compare_one_secret (NM_SETTING_VPN (setting), NM_SETTING_VPN (other), flags); if (same) { /* And then B to A to ensure everything in B is also found in A */ same = compare_one_secret (NM_SETTING_VPN (other), NM_SETTING_VPN (setting), flags); } return same; }
static gboolean update_connection (NMVpnPluginUiWidgetInterface *iface, NMConnection *connection, GError **error) { L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (iface); L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self); NMSettingVPN *s_vpn; GtkWidget *widget; const char *str; gboolean valid = FALSE; if (!check_validity (self, error)) return FALSE; s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_L2TP, NULL); /* Gateway */ widget = glade_xml_get_widget (priv->xml, "gateway_entry"); str = gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_GATEWAY, str); /* Username */ widget = glade_xml_get_widget (priv->xml, "user_entry"); str = gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_USER, str); /* Domain */ widget = glade_xml_get_widget (priv->xml, "domain_entry"); str = gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_DOMAIN, str); if (priv->advanced) g_hash_table_foreach (priv->advanced, hash_copy_advanced, s_vpn); nm_connection_add_setting (connection, NM_SETTING (s_vpn)); valid = TRUE; return valid; }
static gboolean real_connect (NMVPNPlugin *plugin, NMConnection *connection, GError **error) { NMSettingVPN *s_vpn; const char *user_name; s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN)); if (!s_vpn) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CONNECTION_INVALID, "%s", "Could not process the request because the VPN connection settings were invalid."); return FALSE; } user_name = nm_setting_vpn_get_user_name (s_vpn); if (!user_name && !nm_setting_vpn_get_data_item (s_vpn, NM_OPENSSH_KEY_USER)) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CONNECTION_INVALID, "%s", "Could not process the request because no username was provided."); return FALSE; } /* Validate the properties */ if (!nm_openssh_properties_validate (s_vpn, error)) return FALSE; /* Finally try to start sshtun */ if (!nm_openssh_start (plugin, s_vpn, error)) return FALSE; return TRUE; }
static gboolean real_need_secrets (NMVPNPlugin *plugin, NMConnection *connection, char **setting_name, GError **error) { NMSettingVPN *s_vpn; g_return_val_if_fail (NM_IS_VPN_PLUGIN (plugin), FALSE); g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE); s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN)); if (!s_vpn) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CONNECTION_INVALID, "%s", "Could not process the request because the VPN connection settings were invalid."); return FALSE; } /* We just need the WebVPN cookie, and the final IP address of the gateway (after HTTP redirects, which do happen). All the certificate/SecurID nonsense can be handled for us, in the user's context, by auth-dialog */ if (!nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_GATEWAY)) { *setting_name = NM_SETTING_VPN_SETTING_NAME; return TRUE; } if (!nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_COOKIE)) { *setting_name = NM_SETTING_VPN_SETTING_NAME; return TRUE; } if (!nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_GWCERT)) { *setting_name = NM_SETTING_VPN_SETTING_NAME; return TRUE; } return FALSE; }
static void vpn_secret_iter_cb (const char *key, const char *secret, gpointer user_data) { Request *r = user_data; NMSetting *setting; const char *service_name, *id; char *display_name; if (secret && strlen (secret)) { setting = nm_connection_get_setting (r->connection, NM_TYPE_SETTING_VPN); g_assert (setting); service_name = nm_setting_vpn_get_service_type (NM_SETTING_VPN (setting)); g_assert (service_name); id = nm_connection_get_id (r->connection); g_assert (id); display_name = g_strdup_printf ("VPN %s secret for %s/%s/" NM_SETTING_VPN_SETTING_NAME, key, id, service_name); save_one_secret (r, setting, key, secret, display_name); g_free (display_name); } }
static gboolean update_connection (NMVpnPluginUiWidgetInterface *iface, NMConnection *connection, GError **error) { OpenswanPluginUiWidget *self = OPENSWAN_PLUGIN_UI_WIDGET (iface); OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self); NMSettingVPN *s_vpn; GtkWidget *widget; char *str; if (!check_validity (self, error)) return FALSE; s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_OPENSWAN, NULL); /* Gateway */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "gateway_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_RIGHT, str); /* Group name */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "group_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTID, str); /* User name*/ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_LEFTXAUTHUSER, str); /* Phase 1 Algorithms: ike */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "phase1_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_IKE, str); /* Phase 2 Algorithms: esp */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "phase2_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_ESP, str); /* Domain entry */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "domain_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_OPENSWAN_DOMAIN, str); save_one_password (s_vpn, priv->builder, "user_password_entry", "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD, NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES); save_one_password (s_vpn, priv->builder, "group_password_entry", "group_pass_type_combo", NM_OPENSWAN_PSK_VALUE, NM_OPENSWAN_PSK_INPUT_MODES); nm_connection_add_setting (connection, NM_SETTING (s_vpn)); return TRUE; }
static gboolean update_connection (NMVpnEditor *editor, NMConnection *connection, GError **error) { VpncEditor *self = VPNC_EDITOR (editor); VpncEditorPrivate *priv = VPNC_EDITOR_GET_PRIVATE (self); NMSettingConnection *s_con; NMSettingVpn *s_vpn; GtkWidget *widget; char *str; guint32 port; GtkTreeModel *model; GtkTreeIter iter; if (!check_validity (self, error)) return FALSE; s_con = nm_connection_get_setting_connection (connection); s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_VPNC, NULL); /* Interface name */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "interface_name_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_INTERFACE_NAME, str, NULL); /* Gateway */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "gateway_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_GATEWAY, str); /* Group name */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "group_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_ID, str); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_XAUTH_USER, str); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "domain_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DOMAIN, str); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "vendor_combo")); model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget)); if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) { const char *vendor = NULL; gtk_tree_model_get (model, &iter, 1, &vendor, -1); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_VENDOR, vendor); } else nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_VENDOR, NM_VPNC_VENDOR_CISCO); /* Application version */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "application_version_entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_APP_VERSION, str); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encryption_combo")); switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget))) { case ENC_TYPE_WEAK: nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_SINGLE_DES, "yes"); break; case ENC_TYPE_NONE: nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NO_ENCRYPTION, "yes"); break; case ENC_TYPE_SECURE: default: break; } widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "natt_combo")); model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget)); if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) { const char *mode = NULL; gtk_tree_model_get (model, &iter, 1, &mode, -1); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NAT_TRAVERSAL_MODE, mode); } else nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_NAT_TRAVERSAL_MODE, NM_VPNC_NATT_MODE_NATT); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "dhgroup_combo")); model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget)); if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) { const char *dhgroup = NULL; gtk_tree_model_get (model, &iter, 1, &dhgroup, -1); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DHGROUP, dhgroup); } else nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DHGROUP, NM_VPNC_DHGROUP_DH2); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "pfsecrecy_combo")); model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget)); if (gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter)) { const char *pfs = NULL; gtk_tree_model_get (model, &iter, 1, &pfs, -1); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_PERFECT_FORWARD, pfs); } else nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_PERFECT_FORWARD, NM_VPNC_PFS_SERVER); /* Local port */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "local_port_spinbutton")); port = gtk_spin_button_get_value_as_int (GTK_SPIN_BUTTON (widget)); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_LOCAL_PORT, g_strdup_printf ("%d", port)); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "disable_dpd_checkbutton")); if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) { nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DPD_IDLE_TIMEOUT, "0"); } else { /* If DPD was disabled and now the user wishes to enable it, just * don't pass the DPD_IDLE_TIMEOUT option to vpnc and thus use the * default DPD idle time. Otherwise keep the original DPD idle timeout. */ if (priv->orig_dpd_timeout >= 10) { char *tmp = g_strdup_printf ("%d", priv->orig_dpd_timeout); nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_DPD_IDLE_TIMEOUT, tmp); g_free (tmp); } } /* User password */ save_one_password (s_vpn, priv->builder, "user_password_entry", NM_VPNC_KEY_XAUTH_PASSWORD, NM_VPNC_KEY_XAUTH_PASSWORD_TYPE); /* Group password */ save_one_password (s_vpn, priv->builder, "group_password_entry", NM_VPNC_KEY_SECRET, NM_VPNC_KEY_SECRET_TYPE); /* hybrid auth */ widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "hybrid_checkbutton")); if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_AUTHMODE, "hybrid"); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ca_file_chooser")); str = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str && strlen (str)) nm_setting_vpn_add_data_item (s_vpn, NM_VPNC_KEY_CA_FILE, str); nm_connection_add_setting (connection, NM_SETTING (s_vpn)); return TRUE; }
static gboolean update_connection (NMVpnPluginUiWidgetInterface *iface, NMConnection *connection, GError **error) { StrongswanPluginUiWidget *self = STRONGSWAN_PLUGIN_UI_WIDGET (iface); StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self); NMSettingVPN *settings; GtkWidget *widget; gboolean active; char *str; if (!check_validity (self, error)) return FALSE; settings = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (settings, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_STRONGSWAN, NULL); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "address-entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) { nm_setting_vpn_add_data_item (settings, "address", str); } widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "certificate-button")); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { nm_setting_vpn_add_data_item (settings, "certificate", str); } widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "method-combo")); switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget))) { default: case 0: widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-button")); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { nm_setting_vpn_add_data_item (settings, "userkey", str); } widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button")); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { nm_setting_vpn_add_data_item (settings, "usercert", str); } str = "key"; break; case 1: widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button")); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { nm_setting_vpn_add_data_item (settings, "usercert", str); } str = "agent"; break; case 2: str = "smartcard"; break; case 3: widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) { nm_setting_vpn_add_data_item (settings, "user", str); } str = "eap"; break; case 4: widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry")); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) { nm_setting_vpn_add_data_item (settings, "user", str); } str = "psk"; break; } nm_setting_vpn_add_data_item (settings, "method", str); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "virtual-check")); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); nm_setting_vpn_add_data_item (settings, "virtual", active ? "yes" : "no"); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encap-check")); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); nm_setting_vpn_add_data_item (settings, "encap", active ? "yes" : "no"); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ipcomp-check")); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); nm_setting_vpn_add_data_item (settings, "ipcomp", active ? "yes" : "no"); nm_setting_set_secret_flags (NM_SETTING (settings), "password", NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); nm_connection_add_setting (connection, NM_SETTING (settings)); return TRUE; }
static gboolean init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError **error) { StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self); NMSettingVPN *settings; GtkWidget *widget; const char *value; settings = NM_SETTING_VPN(nm_connection_get_setting(connection, NM_TYPE_SETTING_VPN)); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "address-entry")); value = nm_setting_vpn_get_data_item (settings, "address"); if (value) gtk_entry_set_text (GTK_ENTRY (widget), value); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "certificate-button")); value = nm_setting_vpn_get_data_item (settings, "certificate"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-label")); gtk_widget_set_no_show_all (widget, TRUE); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "user-entry")); gtk_widget_set_no_show_all (widget, TRUE); value = nm_setting_vpn_get_data_item (settings, "user"); if (value) gtk_entry_set_text (GTK_ENTRY (widget), value); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "method-combo")); gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Certificate/private key")); gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Certificate/ssh-agent")); gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Smartcard")); gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("EAP")); gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (widget), _("Pre-shared key")); value = nm_setting_vpn_get_data_item (settings, "method"); if (value) { if (g_strcmp0 (value, "key") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); } if (g_strcmp0 (value, "agent") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 1); } if (g_strcmp0 (value, "smartcard") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 2); } if (g_strcmp0 (value, "eap") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 3); } if (g_strcmp0 (value, "psk") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 4); } } if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) == -1) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); } update_layout (widget, priv); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-label")); gtk_widget_set_no_show_all (widget, TRUE); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "usercert-button")); gtk_widget_set_no_show_all (widget, TRUE); value = nm_setting_vpn_get_data_item (settings, "usercert"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-label")); gtk_widget_set_no_show_all (widget, TRUE); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "userkey-button")); gtk_widget_set_no_show_all (widget, TRUE); value = nm_setting_vpn_get_data_item (settings, "userkey"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "virtual-check")); value = nm_setting_vpn_get_data_item (settings, "virtual"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); } g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "encap-check")); value = nm_setting_vpn_get_data_item (settings, "encap"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); } g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ipcomp-check")); value = nm_setting_vpn_get_data_item (settings, "ipcomp"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); } g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self); return TRUE; }
static gboolean real_connect (NMVPNPlugin *plugin, NMConnection *connection, GError **error) { NML2tpPluginPrivate *priv = NM_L2TP_PLUGIN_GET_PRIVATE (plugin); NMSettingVPN *s_vpn; const char *value; if (getenv ("NM_PPP_DUMP_CONNECTION") || debug) nm_connection_dump (connection); s_vpn = NM_SETTING_VPN (nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN)); g_assert (s_vpn); if (!nm_l2tp_properties_validate (s_vpn, error)) return FALSE; if (!nm_l2tp_secrets_validate (s_vpn, error)) return FALSE; /* Start our pppd plugin helper service */ if (priv->service) g_object_unref (priv->service); if (priv->connection) { g_object_unref (priv->connection); priv->connection = NULL; } priv->service = nm_l2tp_ppp_service_new (connection, error); if (!priv->service) { g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_LAUNCH_FAILED, "%s", _("Could not start pppd plugin helper service.")); return FALSE; } priv->connection = g_object_ref (connection); g_signal_connect (G_OBJECT (priv->service), "plugin-alive", G_CALLBACK (service_plugin_alive_cb), plugin); g_signal_connect (G_OBJECT (priv->service), "ppp-state", G_CALLBACK (service_ppp_state_cb), plugin); g_signal_connect (G_OBJECT (priv->service), "ip4-config", G_CALLBACK (service_ip4_config_cb), plugin); /* Cache the username and password so we can relay the secrets to the pppd * plugin when it asks for them. */ if (!_service_cache_credentials (priv->service, connection, error)) return FALSE; if (!nm_l2tp_resolve_gateway (NM_L2TP_PLUGIN (plugin), s_vpn, error)) return FALSE; if (!nm_l2tp_config_write (NM_L2TP_PLUGIN (plugin), s_vpn, error)) return FALSE; value = nm_setting_vpn_get_data_item (s_vpn, NM_L2TP_KEY_IPSEC_ENABLE); g_message(_("ipsec enable flag: %s"), value?value:"(null)"); if(value && !strcmp(value,"yes")) { g_message(_("starting ipsec")); if (!nm_l2tp_start_ipsec(NM_L2TP_PLUGIN (plugin), s_vpn, error)) return FALSE; } if (!nm_l2tp_start_l2tpd_binary (NM_L2TP_PLUGIN (plugin), s_vpn, error)) return FALSE; return TRUE; }
static NMConnection * import (NMVpnPluginUiInterface *iface, const char *path, GError **error) { NMConnection *connection; NMSettingConnection *s_con; NMSettingVPN *s_vpn; NMSettingIP4Config *s_ip4; GKeyFile *keyfile; GKeyFileFlags flags; const char *buf; keyfile = g_key_file_new (); flags = G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS; if (!g_key_file_load_from_file (keyfile, path, flags, error)) { g_set_error (error, NM_IODINE_IMPORT_EXPORT_ERROR, NM_IODINE_IMPORT_EXPORT_ERROR_NOT_IODINE, "does not look like a %s VPN connection (parse failed)", IODINE_PLUGIN_NAME); return NULL; } connection = nm_connection_new (); s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ()); nm_connection_add_setting (connection, NM_SETTING (s_con)); s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_IODINE, NULL); nm_connection_add_setting (connection, NM_SETTING (s_vpn)); s_ip4 = NM_SETTING_IP4_CONFIG (nm_setting_ip4_config_new ()); nm_connection_add_setting (connection, NM_SETTING (s_ip4)); /* top level domain */ buf = g_key_file_get_string (keyfile, "iodine", "topdomain", NULL); if (buf) { nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_TOPDOMAIN, buf); } else { g_set_error (error, NM_IODINE_IMPORT_EXPORT_ERROR, NM_IODINE_IMPORT_EXPORT_ERROR_NOT_IODINE, "does not look like a %s VPN connection " "(no top level domain)", IODINE_PLUGIN_NAME); g_object_unref (connection); return NULL; } /* Optional Settings */ /* Description */ buf = g_key_file_get_string (keyfile, "iodine", "Description", NULL); if (buf) g_object_set (s_con, NM_SETTING_CONNECTION_ID, buf, NULL); /* Name server */ buf = g_key_file_get_string (keyfile, "iodine", "Nameserver", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_NAMESERVER, buf); /* Fragment size */ buf = g_key_file_get_string (keyfile, "iodine", "Fragsize", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_IODINE_KEY_FRAGSIZE, "yes"); return connection; }
static NMConnection * import (NMVpnPluginUiInterface *iface, const char *path, GError **error) { NMConnection *connection; NMSettingConnection *s_con; NMSettingVPN *s_vpn; NMSettingIP4Config *s_ip4; GKeyFile *keyfile; GKeyFileFlags flags; const char *buf; gboolean bval; keyfile = g_key_file_new (); flags = G_KEY_FILE_KEEP_COMMENTS | G_KEY_FILE_KEEP_TRANSLATIONS; if (!g_key_file_load_from_file (keyfile, path, flags, NULL)) { g_set_error (error, NM_OPENCONNECT_IMPORT_EXPORT_ERROR, NM_OPENCONNECT_IMPORT_EXPORT_ERROR_NOT_OPENCONNECT, "does not look like a %s VPN connection (parse failed)", OPENCONNECT_PLUGIN_NAME); return NULL; } connection = nm_connection_new (); s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ()); nm_connection_add_setting (connection, NM_SETTING (s_con)); s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ()); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_DBUS_SERVICE_OPENCONNECT, NULL); nm_connection_add_setting (connection, NM_SETTING (s_vpn)); s_ip4 = NM_SETTING_IP4_CONFIG (nm_setting_ip4_config_new ()); nm_connection_add_setting (connection, NM_SETTING (s_ip4)); /* Host */ buf = g_key_file_get_string (keyfile, "openconnect", "Host", NULL); if (buf) { nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_GATEWAY, buf); } else { g_set_error (error, NM_OPENCONNECT_IMPORT_EXPORT_ERROR, NM_OPENCONNECT_IMPORT_EXPORT_ERROR_BAD_DATA, "does not look like a %s VPN connection (no Host)", OPENCONNECT_PLUGIN_NAME); g_object_unref (connection); return NULL; } /* Optional Settings */ /* Description */ buf = g_key_file_get_string (keyfile, "openconnect", "Description", NULL); if (buf) g_object_set (s_con, NM_SETTING_CONNECTION_ID, buf, NULL); /* CA Certificate */ buf = g_key_file_get_string (keyfile, "openconnect", "CACert", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CACERT, buf); /* Proxy */ buf = g_key_file_get_string (keyfile, "openconnect", "Proxy", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PROXY, buf); /* Cisco Secure Desktop */ bval = g_key_file_get_boolean (keyfile, "openconnect", "CSDEnable", NULL); if (bval) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CSD_ENABLE, "yes"); /* Cisco Secure Desktop wrapper */ buf = g_key_file_get_string (keyfile, "openconnect", "CSDWrapper", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_CSD_WRAPPER, buf); /* User Certificate */ buf = g_key_file_get_string (keyfile, "openconnect", "UserCertificate", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_USERCERT, buf); /* Private Key */ buf = g_key_file_get_string (keyfile, "openconnect", "PrivateKey", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PRIVKEY, buf); /* FSID */ bval = g_key_file_get_boolean (keyfile, "openconnect", "FSID", NULL); if (bval) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID, "yes"); /* Soft token mode */ buf = g_key_file_get_string (keyfile, "openconnect", "StokenSource", NULL); if (buf) nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_MODE, buf); /* Soft token secret */ buf = g_key_file_get_string (keyfile, "openconnect", "StokenString", NULL); if (buf) nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf); return connection; }