NetworkManager-libreswan/nm09.patch
2011-03-27 18:02:23 -07:00

360 lines
15 KiB
Diff

diff -up NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 NetworkManager-openswan-0.8/properties/nm-openswan.c
--- NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 2011-03-27 17:51:22.426710054 -0700
+++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2011-03-27 17:58:58.457008890 -0700
@@ -170,43 +170,41 @@ fill_vpn_passwords (OpenswanPluginUiWidg
char *password = NULL;
char *group_password = NULL;
- /* Grab secrets from the keyring */
+ /* Grab secrets from the connection or the keyring */
if (connection) {
NMSettingConnection *s_con;
NMSettingVPN *s_vpn;
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
const char *tmp;
+ s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
+
s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ if (s_vpn) {
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
+ if (tmp)
+ password = gnome_keyring_memory_strdup (tmp);
+
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
+ if (tmp)
+ group_password = gnome_keyring_memory_strdup (tmp);
+ }
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
- if (s_vpn) {
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
- if (tmp)
- password = gnome_keyring_memory_strdup (tmp);
-
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
- if (tmp)
- group_password = gnome_keyring_memory_strdup (tmp);
- }
- } else {
- s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
-
- /* Lookup passwords in the keyring, and if they weren't there, try
- * the connection itself, which is where they'd be right after import.
- */
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_USER_PASSWORD, &secret_flags, NULL);
+ if (!password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
- OPENSWAN_USER_PASSWORD,
- &password,
- NULL);
- if (!password)
- password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
+ OPENSWAN_USER_PASSWORD,
+ &password,
+ NULL);
+ }
+ secret_flags = NM_SETTING_SECRET_FLAG_NONE;
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_GROUP_PASSWORD, &secret_flags, NULL);
+ if (!group_password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
OPENSWAN_GROUP_PASSWORD,
&group_password,
NULL);
- if (!group_password)
- group_password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE));
}
}
@@ -300,6 +298,20 @@ pw_type_combo_changed_cb (GtkWidget *com
stuff_changed_cb (combo, self);
}
+static const char *
+secret_flags_to_pw_type (NMSettingVPN *s_vpn, const char *key)
+{
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
+
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL)) {
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED)
+ return NM_OPENSWAN_PW_TYPE_UNUSED;
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
+ return NM_OPENSWAN_PW_TYPE_ASK;
+ }
+ return NM_OPENSWAN_PW_TYPE_SAVE;
+}
+
static void
init_one_pw_combo (OpenswanPluginUiWidget *self,
NMSettingVPN *s_vpn,
@@ -330,6 +342,8 @@ init_one_pw_combo (OpenswanPluginUiWidge
store = gtk_list_store_new (1, G_TYPE_STRING);
if (s_vpn)
value = nm_setting_vpn_get_data_item (s_vpn, key);
+ if (!value)
+ value = secret_flags_to_pw_type (s_vpn, key);
gtk_list_store_append (store, &iter);
gtk_list_store_set (store, &iter, 0, _("Saved"), -1);
@@ -485,26 +499,35 @@ get_widget (NMVpnPluginUiWidgetInterface
static guint32
handle_one_pw_type (NMSettingVPN *s_vpn, GladeXML *xml, const char *name, const char *key)
{
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
GtkWidget *widget;
guint32 pw_type;
+ const char *data_val = NULL;
widget = glade_xml_get_widget (xml, name);
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL);
+ flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
+
pw_type = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
switch (pw_type) {
case PW_TYPE_SAVE:
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_SAVE);
+ data_val = NM_OPENSWAN_PW_TYPE_SAVE;
break;
case PW_TYPE_UNUSED:
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_UNUSED);
+ data_val = NM_OPENSWAN_PW_TYPE_UNUSED;
+ flags |= NM_SETTING_SECRET_FLAG_NOT_REQUIRED;
break;
case PW_TYPE_ASK:
default:
pw_type = PW_TYPE_ASK;
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_ASK);
+ data_val = NM_OPENSWAN_PW_TYPE_ASK;
+ flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED;
break;
}
+ nm_setting_vpn_add_data_item (s_vpn, key, data_val);
+ nm_setting_set_secret_flags (NM_SETTING (s_vpn), key, flags, NULL);
return pw_type;
}
@@ -580,22 +603,17 @@ update_connection (NMVpnPluginUiWidgetIn
upw_type = handle_one_pw_type (s_vpn, priv->xml, "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
gpw_type = handle_one_pw_type (s_vpn, priv->xml, "group_pass_type_combo", NM_OPENSWAN_PSK_INPUT_MODES);
- /* System secrets get stored in the connection, user secrets are saved
- * via the save_secrets() hook.
- */
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
- /* User password */
- widget = glade_xml_get_widget (priv->xml, "user_password_entry");
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
- if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
-
- /* Group password */
- widget = glade_xml_get_widget (priv->xml, "group_password_entry");
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
- if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
- }
+ /* User password */
+ widget = glade_xml_get_widget (priv->xml, "user_password_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
+
+ /* Group password */
+ widget = glade_xml_get_widget (priv->xml, "group_password_entry");
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
+ if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
return TRUE;
@@ -642,24 +660,36 @@ save_secrets (NMVpnPluginUiWidgetInterfa
OpenswanPluginUiWidget *self = OPENSWAN_PLUGIN_UI_WIDGET (iface);
OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
NMSettingConnection *s_con;
+ NMSettingVPN *s_vpn;
const char *id, *uuid;
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
- if (!s_con) {
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+ if (!s_con || !s_vpn) {
g_set_error (error,
OPENSWAN_PLUGIN_UI_ERROR,
OPENSWAN_PLUGIN_UI_ERROR_INVALID_CONNECTION,
- "missing 'connection' setting");
+ "missing connection or VPN settings");
return FALSE;
}
id = nm_setting_connection_get_id (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
- save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
- "user_password_entry", "user_pass_type_combo", "user password");
- save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
- "group_password_entry", "group_pass_type_combo", "group password");
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_XAUTH_PASSWORD, &secret_flags, NULL)) {
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
+ save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
+ "user_password_entry", "user_pass_type_combo", "user password");
+ }
+ }
+
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_PSK_VALUE, &secret_flags, NULL)) {
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
+ save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
+ "group_password_entry", "group_pass_type_combo", "group password");
+ }
+ }
return TRUE;
}
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service.c
--- NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 2011-03-27 17:50:42.579208216 -0700
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2011-03-27 17:59:44.777429804 -0700
@@ -204,14 +204,14 @@ openswan_watch_cb_auto (GPid pid, gint s
if (WIFEXITED (status)) {
error = WEXITSTATUS (status);
if (error != 0)
- nm_warning ("openswan: ipsec auto exited with error code %d", error);
+ g_warning ("openswan: ipsec auto exited with error code %d", error);
}
else if (WIFSTOPPED (status))
- nm_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
+ g_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
else if (WIFSIGNALED (status))
- nm_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
+ g_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
else
- nm_warning ("openswan: ipsec auto died from an unknown cause");
+ g_warning ("openswan: ipsec auto died from an unknown cause");
/* Reap child if needed. */
//waitpid (priv->pid_auto, NULL, WNOHANG);
@@ -274,12 +274,12 @@ nm_openswan_start_openswan_binary (NMOPE
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
0, NULL, NULL, &pid, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec started with pid %d", pid);
+ g_message ("openswan: ipsec started with pid %d", pid);
NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
openswan_watch = g_child_watch_source_new (pid);
@@ -307,12 +307,12 @@ nm_openswan_start_openswan_binary (NMOPE
NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
- nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
+ g_message ("openswan: ipsec auto started with pid %d", pid_auto);
/*NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
openswan_watch = g_child_watch_source_new (pid_auto);
@@ -362,14 +362,14 @@ nm_openswan_start_openswan_connection (N
NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
+ g_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
sleep(3);
- nm_info ("openswan: ipsec auto connection started with pid %d", pid);
+ g_message ("openswan: ipsec auto connection started with pid %d", pid);
return stdin_fd;
}
@@ -384,7 +384,7 @@ write_config_option (int fd, const char
string = g_strdup_vprintf (format, args);
if ( write (fd, string, strlen (string)) == -1) {
- nm_warning ("nm-openswan: error in write_config_option");
+ g_warning ("nm-openswan: error in write_config_option");
}
g_free (string);
@@ -497,7 +497,7 @@ write_one_property (const char *key, con
/* ignored */
} else {
/* Just ignore unknown properties */
- nm_warning ("Don't know how to write property '%s' with type %s",
+ g_warning ("Don't know how to write property '%s' with type %s",
(char *) key, g_type_name (type));
}
}
@@ -784,7 +784,7 @@ real_disconnect (NMVPNPlugin *plugin,
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
0, NULL, NULL, NULL, error)) {
g_ptr_array_free (openswan_argv, TRUE);
- nm_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
+ g_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
return -1;
}
g_ptr_array_free (openswan_argv, TRUE);
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c
--- NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 2011-03-27 17:50:51.747093599 -0700
+++ NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c 2011-03-27 17:59:44.779429780 -0700
@@ -48,7 +48,7 @@ helper_failed (DBusGConnection *connecti
DBusGProxy *proxy;
GError *err = NULL;
- nm_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
+ g_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
proxy = dbus_g_proxy_new_for_name (connection,
NM_DBUS_SERVICE_OPENSWAN,
@@ -61,7 +61,7 @@ helper_failed (DBusGConnection *connecti
G_TYPE_INVALID);
if (err) {
- nm_warning ("Could not send failure information: %s", err->message);
+ g_warning ("Could not send failure information: %s", err->message);
g_error_free (err);
}
@@ -88,7 +88,7 @@ send_ip4_config (DBusGConnection *connec
G_TYPE_INVALID);
if (err) {
- nm_warning ("Could not send IPv4 configuration: %s", err->message);
+ g_warning ("Could not send IPv4 configuration: %s", err->message);
g_error_free (err);
}
@@ -221,7 +221,7 @@ main (int argc, char *argv[])
connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
if (!connection) {
- nm_warning ("Could not get the system bus: %s", err->message);
+ g_warning ("Could not get the system bus: %s", err->message);
exit (1);
}
@@ -299,7 +299,7 @@ main (int argc, char *argv[])
errno = 0;
mtu = strtol (tmp, NULL, 10);
if (errno || mtu < 0 || mtu > 20000) {
- nm_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
+ g_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
mtu = 1412;
}
}