static void
get_existing_passwords (GHashTable *vpn_data,
GHashTable *existing_secrets,
const char *vpn_uuid,
gboolean need_password,
gboolean need_group_password,
char **out_password,
char **out_group_password)
{
NMSettingSecretFlags upw_flags = NM_SETTING_SECRET_FLAG_NONE;
NMSettingSecretFlags gpw_flags = NM_SETTING_SECRET_FLAG_NONE;
g_return_if_fail (out_password != NULL);
g_return_if_fail (out_group_password != NULL);
if (need_password) {
upw_flags = get_pw_flags (existing_secrets, NM_LIBRESWAN_XAUTH_PASSWORD, NM_LIBRESWAN_XAUTH_PASSWORD_INPUT_MODES);
if (!(upw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_password = g_strdup (g_hash_table_lookup (existing_secrets, NM_LIBRESWAN_XAUTH_PASSWORD));
if (!*out_password)
*out_password = keyring_lookup_secret (vpn_uuid, NM_LIBRESWAN_XAUTH_PASSWORD);
}
}
if (need_group_password) {
gpw_flags = get_pw_flags (existing_secrets, NM_LIBRESWAN_PSK_VALUE, NM_LIBRESWAN_PSK_INPUT_MODES);
if (!(gpw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_group_password = g_strdup (g_hash_table_lookup (existing_secrets, NM_LIBRESWAN_PSK_VALUE));
if (!*out_group_password)
*out_group_password = keyring_lookup_secret (vpn_uuid, NM_LIBRESWAN_PSK_VALUE);
}
}
}
static gboolean get_secrets(const char *vpn_name,
const char *vpn_uuid,
gboolean need_password,
gboolean retry,
gboolean allow_interaction,
gboolean external_ui_mode,
const char *in_pass,
NMSettingSecretFlags pw_flags,
char **out_password) {
VpnPasswordDialog *dialog;
char *prompt, *password = NULL;
gboolean success = FALSE, need_secret = FALSE;
g_return_val_if_fail(vpn_name != NULL, FALSE);
g_return_val_if_fail(vpn_uuid != NULL, FALSE);
g_return_val_if_fail(out_password != NULL, FALSE);
if (need_password) {
if (!(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
if (in_pass)
#if defined(HAVE_LIBSECRET)
password = g_strdup(in_pass);
#else
password = gnome_keyring_memory_strdup(in_pass);
#endif
else
password = keyring_lookup_secret(vpn_uuid,
NM_IPOP_KEY_XMPP_PASSWORD);
}
if (!password && !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED))
need_secret = TRUE;
}
static void
get_existing_passwords (GHashTable *vpn_data,
GHashTable *existing_secrets,
const char *vpn_uuid,
gboolean need_password,
gboolean need_user_certpass,
gboolean need_machine_certpass,
char **out_password,
char **out_user_certpass,
char **out_machine_certpass)
{
NMSettingSecretFlags pw_flags = NM_SETTING_SECRET_FLAG_NONE;
NMSettingSecretFlags user_cp_flags = NM_SETTING_SECRET_FLAG_NONE;
NMSettingSecretFlags machine_cp_flags = NM_SETTING_SECRET_FLAG_NONE;
g_return_if_fail (out_password != NULL);
g_return_if_fail (out_user_certpass != NULL);
g_return_if_fail (out_machine_certpass != NULL);
nm_vpn_service_plugin_get_secret_flags (vpn_data, NM_L2TP_KEY_PASSWORD, &pw_flags);
if (need_password) {
if (!(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_password = g_strdup (g_hash_table_lookup (existing_secrets, NM_L2TP_KEY_PASSWORD));
if (!*out_password)
*out_password = keyring_lookup_secret (vpn_uuid, NM_L2TP_KEY_PASSWORD);
}
}
nm_vpn_service_plugin_get_secret_flags (vpn_data, NM_L2TP_KEY_USER_CERTPASS, &user_cp_flags);
if (need_user_certpass) {
if (!(user_cp_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_user_certpass = g_strdup (g_hash_table_lookup (existing_secrets, NM_L2TP_KEY_USER_CERTPASS));
if (!*out_user_certpass)
*out_user_certpass = keyring_lookup_secret (vpn_uuid, NM_L2TP_KEY_USER_CERTPASS);
}
}
nm_vpn_service_plugin_get_secret_flags (vpn_data, NM_L2TP_KEY_MACHINE_CERTPASS, &machine_cp_flags);
if (need_machine_certpass) {
if (!(machine_cp_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_machine_certpass = g_strdup (g_hash_table_lookup (existing_secrets, NM_L2TP_KEY_MACHINE_CERTPASS));
if (!*out_machine_certpass)
*out_machine_certpass = keyring_lookup_secret (vpn_uuid, NM_L2TP_KEY_MACHINE_CERTPASS);
}
}
}
static void
get_existing_passwords (GHashTable *vpn_data,
GHashTable *existing_secrets,
const char *vpn_uuid,
gboolean need_password,
gboolean need_group_password,
char **out_password,
char **out_group_password)
{
NMSettingSecretFlags upw_flags = NM_SETTING_SECRET_FLAG_NONE;
NMSettingSecretFlags gpw_flags = NM_SETTING_SECRET_FLAG_NONE;
g_return_if_fail (out_password != NULL);
g_return_if_fail (out_group_password != NULL);
upw_flags = get_pw_flags (existing_secrets, NM_VPNC_KEY_XAUTH_PASSWORD, NM_VPNC_KEY_XAUTH_PASSWORD_TYPE);
if (need_password) {
if (!(upw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_password = g_strdup (g_hash_table_lookup (existing_secrets, NM_VPNC_KEY_XAUTH_PASSWORD));
if (!*out_password)
*out_password = keyring_lookup_secret (vpn_uuid, NM_VPNC_KEY_XAUTH_PASSWORD);
/* Try the old name */
if (!*out_password)
*out_password = keyring_lookup_secret (vpn_uuid, "password");
}
}
gpw_flags = get_pw_flags (existing_secrets, NM_VPNC_KEY_SECRET, NM_VPNC_KEY_SECRET_TYPE);
if (need_group_password) {
if (!(gpw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)) {
*out_group_password = g_strdup (g_hash_table_lookup (existing_secrets, NM_VPNC_KEY_SECRET));
if (!*out_group_password)
*out_group_password = keyring_lookup_secret (vpn_uuid, NM_VPNC_KEY_SECRET);
/* Try the old name */
if (!*out_group_password)
*out_group_password = keyring_lookup_secret (vpn_uuid, "group-password");
}
}
}
static gboolean
get_secrets (const char *vpn_uuid,
const char *vpn_name,
gboolean retry,
gboolean allow_interaction,
gboolean external_ui_mode,
const char *in_pw,
char **out_pw,
NMSettingSecretFlags pw_flags)
{
NMAVpnPasswordDialog *dialog;
char *prompt, *pw = NULL;
const char *new_password = NULL;
g_return_val_if_fail (vpn_uuid != NULL, FALSE);
g_return_val_if_fail (vpn_name != NULL, FALSE);
g_return_val_if_fail (out_pw != NULL, FALSE);
g_return_val_if_fail (*out_pw == NULL, FALSE);
/* Get the existing secret, if any */
if ( !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
&& !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED)) {
if (in_pw)
pw = g_strdup (in_pw);
else
pw = keyring_lookup_secret (vpn_uuid, NM_FORTISSLVPN_KEY_PASSWORD);
}
/* Don't ask if the passwords is unused */
if (pw_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED) {
g_free (pw);
return TRUE;
}
/* Otherwise, we have no saved password, or the password flags indicated
* that the password should never be saved.
*/
prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network “%s”."), vpn_name);
if (external_ui_mode) {
GKeyFile *keyfile;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Description", prompt);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Title", _("Authenticate VPN"));
keyfile_add_entry_info (keyfile, NM_FORTISSLVPN_KEY_PASSWORD, pw ? pw : "", _("Password:"******"Authenticate VPN"), prompt, NULL);
nma_vpn_password_dialog_set_show_password_secondary (dialog, FALSE);
/* pre-fill dialog with the password */
if (pw && !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED))
nma_vpn_password_dialog_set_password (dialog, pw);
gtk_widget_show (GTK_WIDGET (dialog));
if (nma_vpn_password_dialog_run_and_block (dialog)) {
new_password = nma_vpn_password_dialog_get_password (dialog);
if (new_password)
*out_pw = g_strdup (new_password);
}
gtk_widget_hide (GTK_WIDGET (dialog));
gtk_widget_destroy (GTK_WIDGET (dialog));
out:
g_free (prompt);
return TRUE;
}
