static void
eui_no_secrets_required (void)
{
GKeyFile *keyfile;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
keyfile_print_stdout (keyfile);
g_key_file_unref (keyfile);
}
static void
eui_finish (const char *vpn_name,
const char *prompt,
gboolean allow_interaction,
gboolean retry,
gboolean need_password,
const char *existing_password,
gboolean need_group_password,
const char *existing_group_password)
{
GKeyFile *keyfile;
char *title;
gboolean show;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Description", prompt);
title = g_strdup_printf (_("Authenticate VPN %s"), vpn_name);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Title", title);
g_free (title);
/* If we have an existing password, or we need the user to give us one,
* then tell the external UI about the password. An entry for the password
* (possibly pre-populated with the existing password) is only shown to the
* user when the password is needed or new secrets are required (retry).
* If the password isn't required and there's no existing password, then
* just ignore that password completely.
*/
if (need_password || existing_password || retry) {
show = (need_password && !existing_password) || retry;
keyfile_add_entry_info (keyfile,
NM_LIBRESWAN_XAUTH_PASSWORD,
existing_password ? existing_password : "",
_("Password:"******"",
_("Group Password:"),
TRUE,
show && allow_interaction);
}
keyfile_print_stdout (keyfile);
g_key_file_unref (keyfile);
}
static void
eui_no_secrets_required (void)
{
GKeyFile *keyfile;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
keyfile_add_entry_info (keyfile, NM_L2TP_KEY_NOSECRET, "true", "", TRUE, FALSE);
keyfile_print_stdout (keyfile);
g_key_file_unref (keyfile);
}
static void
eui_finish (const char *vpn_name,
const char *prompt,
gboolean allow_interaction,
gboolean retry,
gboolean need_password,
const char *existing_password,
gboolean need_group_password,
const char *existing_group_password)
{
GKeyFile *keyfile;
char *title;
gboolean show;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Description", prompt);
title = g_strdup_printf (_("Authenticate VPN %s"), vpn_name);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Title", title);
g_free (title);
/* Tell the external UI to show the password if (a) no password was passed
* from the UI initially and nothing was found in the keyring, but the
* password is required, or (b) we're retrying authentication, which implies
* the passwords we already have are wrong.
*
* And tell the external UI to show nothing if interaction is not allowed.
*/
show = (need_password && !existing_password) || retry;
keyfile_add_entry_info (keyfile,
NM_VPNC_KEY_XAUTH_PASSWORD,
existing_password ? existing_password : "",
_("Password:"******"",
_("Group Password:"),
TRUE,
show && allow_interaction);
keyfile_print_stdout (keyfile);
g_key_file_unref (keyfile);
}
static void
eui_finish (const char *vpn_name,
const char *prompt,
gboolean allow_interaction,
gboolean need_password,
const char *existing_password,
gboolean need_user_certpass,
const char *existing_user_certpass,
gboolean need_machine_certpass,
const char *existing_machine_certpass)
{
GKeyFile *keyfile;
char *title;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Description", prompt);
title = g_strdup_printf (_("Authenticate VPN %s"), vpn_name);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Title", title);
g_free (title);
keyfile_add_entry_info (keyfile,
NM_L2TP_KEY_PASSWORD,
existing_password ? existing_password : "",
_("Password:"******"",
_("User Certificate password:"******"",
_("Machine Certificate password:"),
TRUE,
need_machine_certpass && allow_interaction);
keyfile_print_stdout (keyfile);
g_key_file_unref (keyfile);
}
static gboolean
get_secrets (const char *vpn_uuid,
const char *vpn_name,
gboolean retry,
gboolean allow_interaction,
gboolean external_ui_mode,
const char *in_pw,
char **out_pw,
NMSettingSecretFlags pw_flags)
{
NMAVpnPasswordDialog *dialog;
char *prompt, *pw = NULL;
const char *new_password = NULL;
g_return_val_if_fail (vpn_uuid != NULL, FALSE);
g_return_val_if_fail (vpn_name != NULL, FALSE);
g_return_val_if_fail (out_pw != NULL, FALSE);
g_return_val_if_fail (*out_pw == NULL, FALSE);
/* Get the existing secret, if any */
if ( !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
&& !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED)) {
if (in_pw)
pw = g_strdup (in_pw);
else
pw = keyring_lookup_secret (vpn_uuid, NM_FORTISSLVPN_KEY_PASSWORD);
}
/* Don't ask if the passwords is unused */
if (pw_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED) {
g_free (pw);
return TRUE;
}
/* Otherwise, we have no saved password, or the password flags indicated
* that the password should never be saved.
*/
prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network “%s”."), vpn_name);
if (external_ui_mode) {
GKeyFile *keyfile;
keyfile = g_key_file_new ();
g_key_file_set_integer (keyfile, UI_KEYFILE_GROUP, "Version", 2);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Description", prompt);
g_key_file_set_string (keyfile, UI_KEYFILE_GROUP, "Title", _("Authenticate VPN"));
keyfile_add_entry_info (keyfile, NM_FORTISSLVPN_KEY_PASSWORD, pw ? pw : "", _("Password:"******"Authenticate VPN"), prompt, NULL);
nma_vpn_password_dialog_set_show_password_secondary (dialog, FALSE);
/* pre-fill dialog with the password */
if (pw && !(pw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED))
nma_vpn_password_dialog_set_password (dialog, pw);
gtk_widget_show (GTK_WIDGET (dialog));
if (nma_vpn_password_dialog_run_and_block (dialog)) {
new_password = nma_vpn_password_dialog_get_password (dialog);
if (new_password)
*out_pw = g_strdup (new_password);
}
gtk_widget_hide (GTK_WIDGET (dialog));
gtk_widget_destroy (GTK_WIDGET (dialog));
out:
g_free (prompt);
return TRUE;
}
