360 lines
15 KiB
Diff
360 lines
15 KiB
Diff
diff -up NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 NetworkManager-openswan-0.8/properties/nm-openswan.c
|
|
--- NetworkManager-openswan-0.8/properties/nm-openswan.c.nm09 2011-03-27 17:51:22.426710054 -0700
|
|
+++ NetworkManager-openswan-0.8/properties/nm-openswan.c 2011-03-27 17:58:58.457008890 -0700
|
|
@@ -170,43 +170,41 @@ fill_vpn_passwords (OpenswanPluginUiWidg
|
|
char *password = NULL;
|
|
char *group_password = NULL;
|
|
|
|
- /* Grab secrets from the keyring */
|
|
+ /* Grab secrets from the connection or the keyring */
|
|
if (connection) {
|
|
NMSettingConnection *s_con;
|
|
NMSettingVPN *s_vpn;
|
|
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
|
|
const char *tmp;
|
|
|
|
+ s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
|
|
+
|
|
s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
|
|
+ if (s_vpn) {
|
|
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
|
|
+ if (tmp)
|
|
+ password = gnome_keyring_memory_strdup (tmp);
|
|
+
|
|
+ tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
|
|
+ if (tmp)
|
|
+ group_password = gnome_keyring_memory_strdup (tmp);
|
|
+ }
|
|
|
|
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
|
|
- if (s_vpn) {
|
|
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD);
|
|
- if (tmp)
|
|
- password = gnome_keyring_memory_strdup (tmp);
|
|
-
|
|
- tmp = nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE);
|
|
- if (tmp)
|
|
- group_password = gnome_keyring_memory_strdup (tmp);
|
|
- }
|
|
- } else {
|
|
- s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
|
|
-
|
|
- /* Lookup passwords in the keyring, and if they weren't there, try
|
|
- * the connection itself, which is where they'd be right after import.
|
|
- */
|
|
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_USER_PASSWORD, &secret_flags, NULL);
|
|
+ if (!password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
|
|
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
|
|
- OPENSWAN_USER_PASSWORD,
|
|
- &password,
|
|
- NULL);
|
|
- if (!password)
|
|
- password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD));
|
|
+ OPENSWAN_USER_PASSWORD,
|
|
+ &password,
|
|
+ NULL);
|
|
+ }
|
|
|
|
+ secret_flags = NM_SETTING_SECRET_FLAG_NONE;
|
|
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), OPENSWAN_GROUP_PASSWORD, &secret_flags, NULL);
|
|
+ if (!group_password && (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)) {
|
|
keyring_helpers_get_one_secret (nm_setting_connection_get_uuid (s_con),
|
|
OPENSWAN_GROUP_PASSWORD,
|
|
&group_password,
|
|
NULL);
|
|
- if (!group_password)
|
|
- group_password = gnome_keyring_memory_strdup (nm_setting_vpn_get_secret (s_vpn, NM_OPENSWAN_PSK_VALUE));
|
|
}
|
|
}
|
|
|
|
@@ -300,6 +298,20 @@ pw_type_combo_changed_cb (GtkWidget *com
|
|
stuff_changed_cb (combo, self);
|
|
}
|
|
|
|
+static const char *
|
|
+secret_flags_to_pw_type (NMSettingVPN *s_vpn, const char *key)
|
|
+{
|
|
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
|
|
+
|
|
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL)) {
|
|
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED)
|
|
+ return NM_OPENSWAN_PW_TYPE_UNUSED;
|
|
+ if (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
|
|
+ return NM_OPENSWAN_PW_TYPE_ASK;
|
|
+ }
|
|
+ return NM_OPENSWAN_PW_TYPE_SAVE;
|
|
+}
|
|
+
|
|
static void
|
|
init_one_pw_combo (OpenswanPluginUiWidget *self,
|
|
NMSettingVPN *s_vpn,
|
|
@@ -330,6 +342,8 @@ init_one_pw_combo (OpenswanPluginUiWidge
|
|
store = gtk_list_store_new (1, G_TYPE_STRING);
|
|
if (s_vpn)
|
|
value = nm_setting_vpn_get_data_item (s_vpn, key);
|
|
+ if (!value)
|
|
+ value = secret_flags_to_pw_type (s_vpn, key);
|
|
|
|
gtk_list_store_append (store, &iter);
|
|
gtk_list_store_set (store, &iter, 0, _("Saved"), -1);
|
|
@@ -485,26 +499,35 @@ get_widget (NMVpnPluginUiWidgetInterface
|
|
static guint32
|
|
handle_one_pw_type (NMSettingVPN *s_vpn, GladeXML *xml, const char *name, const char *key)
|
|
{
|
|
+ NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
|
|
GtkWidget *widget;
|
|
guint32 pw_type;
|
|
+ const char *data_val = NULL;
|
|
|
|
widget = glade_xml_get_widget (xml, name);
|
|
|
|
+ nm_setting_get_secret_flags (NM_SETTING (s_vpn), key, &flags, NULL);
|
|
+ flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
|
|
+
|
|
pw_type = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
|
|
switch (pw_type) {
|
|
case PW_TYPE_SAVE:
|
|
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_SAVE);
|
|
+ data_val = NM_OPENSWAN_PW_TYPE_SAVE;
|
|
break;
|
|
case PW_TYPE_UNUSED:
|
|
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_UNUSED);
|
|
+ data_val = NM_OPENSWAN_PW_TYPE_UNUSED;
|
|
+ flags |= NM_SETTING_SECRET_FLAG_NOT_REQUIRED;
|
|
break;
|
|
case PW_TYPE_ASK:
|
|
default:
|
|
pw_type = PW_TYPE_ASK;
|
|
- nm_setting_vpn_add_data_item (s_vpn, key, NM_OPENSWAN_PW_TYPE_ASK);
|
|
+ data_val = NM_OPENSWAN_PW_TYPE_ASK;
|
|
+ flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED;
|
|
break;
|
|
}
|
|
|
|
+ nm_setting_vpn_add_data_item (s_vpn, key, data_val);
|
|
+ nm_setting_set_secret_flags (NM_SETTING (s_vpn), key, flags, NULL);
|
|
return pw_type;
|
|
}
|
|
|
|
@@ -580,22 +603,17 @@ update_connection (NMVpnPluginUiWidgetIn
|
|
upw_type = handle_one_pw_type (s_vpn, priv->xml, "user_pass_type_combo", NM_OPENSWAN_XAUTH_PASSWORD_INPUT_MODES);
|
|
gpw_type = handle_one_pw_type (s_vpn, priv->xml, "group_pass_type_combo", NM_OPENSWAN_PSK_INPUT_MODES);
|
|
|
|
- /* System secrets get stored in the connection, user secrets are saved
|
|
- * via the save_secrets() hook.
|
|
- */
|
|
- if (nm_connection_get_scope (connection) == NM_CONNECTION_SCOPE_SYSTEM) {
|
|
- /* User password */
|
|
- widget = glade_xml_get_widget (priv->xml, "user_password_entry");
|
|
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
|
|
- if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
|
|
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
|
|
-
|
|
- /* Group password */
|
|
- widget = glade_xml_get_widget (priv->xml, "group_password_entry");
|
|
- str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
|
|
- if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
|
|
- nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
|
|
- }
|
|
+ /* User password */
|
|
+ widget = glade_xml_get_widget (priv->xml, "user_password_entry");
|
|
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
|
|
+ if (str && strlen (str) && (upw_type != PW_TYPE_UNUSED))
|
|
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_XAUTH_PASSWORD, str);
|
|
+
|
|
+ /* Group password */
|
|
+ widget = glade_xml_get_widget (priv->xml, "group_password_entry");
|
|
+ str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
|
|
+ if (str && strlen (str) && (gpw_type != PW_TYPE_UNUSED))
|
|
+ nm_setting_vpn_add_secret (s_vpn, NM_OPENSWAN_PSK_VALUE, str);
|
|
|
|
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
|
|
return TRUE;
|
|
@@ -642,24 +660,36 @@ save_secrets (NMVpnPluginUiWidgetInterfa
|
|
OpenswanPluginUiWidget *self = OPENSWAN_PLUGIN_UI_WIDGET (iface);
|
|
OpenswanPluginUiWidgetPrivate *priv = OPENSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
|
|
NMSettingConnection *s_con;
|
|
+ NMSettingVPN *s_vpn;
|
|
const char *id, *uuid;
|
|
+ NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
|
|
|
|
s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
|
|
- if (!s_con) {
|
|
+ s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
|
|
+ if (!s_con || !s_vpn) {
|
|
g_set_error (error,
|
|
OPENSWAN_PLUGIN_UI_ERROR,
|
|
OPENSWAN_PLUGIN_UI_ERROR_INVALID_CONNECTION,
|
|
- "missing 'connection' setting");
|
|
+ "missing connection or VPN settings");
|
|
return FALSE;
|
|
}
|
|
|
|
id = nm_setting_connection_get_id (s_con);
|
|
uuid = nm_setting_connection_get_uuid (s_con);
|
|
|
|
- save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
|
|
- "user_password_entry", "user_pass_type_combo", "user password");
|
|
- save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
|
|
- "group_password_entry", "group_pass_type_combo", "group password");
|
|
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_XAUTH_PASSWORD, &secret_flags, NULL)) {
|
|
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
|
|
+ save_one_password (priv->xml, OPENSWAN_USER_PASSWORD, uuid, id,
|
|
+ "user_password_entry", "user_pass_type_combo", "user password");
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (nm_setting_get_secret_flags (NM_SETTING (s_vpn), NM_OPENSWAN_PSK_VALUE, &secret_flags, NULL)) {
|
|
+ if (secret_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
|
|
+ save_one_password (priv->xml, OPENSWAN_GROUP_PASSWORD, uuid, id,
|
|
+ "group_password_entry", "group_pass_type_combo", "group password");
|
|
+ }
|
|
+ }
|
|
|
|
return TRUE;
|
|
}
|
|
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service.c
|
|
--- NetworkManager-openswan-0.8/src/nm-openswan-service.c.nm09 2011-03-27 17:50:42.579208216 -0700
|
|
+++ NetworkManager-openswan-0.8/src/nm-openswan-service.c 2011-03-27 17:59:44.777429804 -0700
|
|
@@ -204,14 +204,14 @@ openswan_watch_cb_auto (GPid pid, gint s
|
|
if (WIFEXITED (status)) {
|
|
error = WEXITSTATUS (status);
|
|
if (error != 0)
|
|
- nm_warning ("openswan: ipsec auto exited with error code %d", error);
|
|
+ g_warning ("openswan: ipsec auto exited with error code %d", error);
|
|
}
|
|
else if (WIFSTOPPED (status))
|
|
- nm_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
|
|
+ g_warning ("openswan: ipsec auto stopped unexpectedly with signal %d", WSTOPSIG (status));
|
|
else if (WIFSIGNALED (status))
|
|
- nm_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
|
|
+ g_warning ("openswan: ipsec auto died with signal %d", WTERMSIG (status));
|
|
else
|
|
- nm_warning ("openswan: ipsec auto died from an unknown cause");
|
|
+ g_warning ("openswan: ipsec auto died from an unknown cause");
|
|
|
|
/* Reap child if needed. */
|
|
//waitpid (priv->pid_auto, NULL, WNOHANG);
|
|
@@ -274,12 +274,12 @@ nm_openswan_start_openswan_binary (NMOPE
|
|
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
|
|
0, NULL, NULL, &pid, error)) {
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
- nm_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
|
|
+ g_warning ("openswan ipsec failed to start. error: '%s'", (*error)->message);
|
|
return -1;
|
|
}
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
|
|
- nm_info ("openswan: ipsec started with pid %d", pid);
|
|
+ g_message ("openswan: ipsec started with pid %d", pid);
|
|
|
|
NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid = pid;
|
|
openswan_watch = g_child_watch_source_new (pid);
|
|
@@ -307,12 +307,12 @@ nm_openswan_start_openswan_binary (NMOPE
|
|
NULL, NULL, error)) {
|
|
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
- nm_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
|
|
+ g_warning ("openswan: ipsec auto failed to start. error: '%s'", (*error)->message);
|
|
return -1;
|
|
}
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
|
|
- nm_info ("openswan: ipsec auto started with pid %d", pid_auto);
|
|
+ g_message ("openswan: ipsec auto started with pid %d", pid_auto);
|
|
|
|
/*NM_OPENSWAN_PLUGIN_GET_PRIVATE (plugin)->pid_auto = pid_auto;
|
|
openswan_watch = g_child_watch_source_new (pid_auto);
|
|
@@ -362,14 +362,14 @@ nm_openswan_start_openswan_connection (N
|
|
NULL, NULL, error)) {
|
|
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
- nm_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
|
|
+ g_warning ("openswan: ipsec auto connection failed to start. error: '%s'", (*error)->message);
|
|
return -1;
|
|
}
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
|
|
sleep(3);
|
|
|
|
- nm_info ("openswan: ipsec auto connection started with pid %d", pid);
|
|
+ g_message ("openswan: ipsec auto connection started with pid %d", pid);
|
|
|
|
return stdin_fd;
|
|
}
|
|
@@ -384,7 +384,7 @@ write_config_option (int fd, const char
|
|
string = g_strdup_vprintf (format, args);
|
|
|
|
if ( write (fd, string, strlen (string)) == -1) {
|
|
- nm_warning ("nm-openswan: error in write_config_option");
|
|
+ g_warning ("nm-openswan: error in write_config_option");
|
|
}
|
|
|
|
g_free (string);
|
|
@@ -497,7 +497,7 @@ write_one_property (const char *key, con
|
|
/* ignored */
|
|
} else {
|
|
/* Just ignore unknown properties */
|
|
- nm_warning ("Don't know how to write property '%s' with type %s",
|
|
+ g_warning ("Don't know how to write property '%s' with type %s",
|
|
(char *) key, g_type_name (type));
|
|
}
|
|
}
|
|
@@ -784,7 +784,7 @@ real_disconnect (NMVPNPlugin *plugin,
|
|
if (!g_spawn_async (NULL, (char **) openswan_argv->pdata, NULL,
|
|
0, NULL, NULL, NULL, error)) {
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
- nm_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
|
|
+ g_warning ("Openswan (pluto) failed to stop. error: '%s'", (*error)->message);
|
|
return -1;
|
|
}
|
|
g_ptr_array_free (openswan_argv, TRUE);
|
|
diff -up NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c
|
|
--- NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c.nm09 2011-03-27 17:50:51.747093599 -0700
|
|
+++ NetworkManager-openswan-0.8/src/nm-openswan-service-helper.c 2011-03-27 17:59:44.779429780 -0700
|
|
@@ -48,7 +48,7 @@ helper_failed (DBusGConnection *connecti
|
|
DBusGProxy *proxy;
|
|
GError *err = NULL;
|
|
|
|
- nm_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
|
|
+ g_warning ("nm-openswan-service-helper did not receive a valid %s from openswan", reason);
|
|
|
|
proxy = dbus_g_proxy_new_for_name (connection,
|
|
NM_DBUS_SERVICE_OPENSWAN,
|
|
@@ -61,7 +61,7 @@ helper_failed (DBusGConnection *connecti
|
|
G_TYPE_INVALID);
|
|
|
|
if (err) {
|
|
- nm_warning ("Could not send failure information: %s", err->message);
|
|
+ g_warning ("Could not send failure information: %s", err->message);
|
|
g_error_free (err);
|
|
}
|
|
|
|
@@ -88,7 +88,7 @@ send_ip4_config (DBusGConnection *connec
|
|
G_TYPE_INVALID);
|
|
|
|
if (err) {
|
|
- nm_warning ("Could not send IPv4 configuration: %s", err->message);
|
|
+ g_warning ("Could not send IPv4 configuration: %s", err->message);
|
|
g_error_free (err);
|
|
}
|
|
|
|
@@ -221,7 +221,7 @@ main (int argc, char *argv[])
|
|
|
|
connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
|
|
if (!connection) {
|
|
- nm_warning ("Could not get the system bus: %s", err->message);
|
|
+ g_warning ("Could not get the system bus: %s", err->message);
|
|
exit (1);
|
|
}
|
|
|
|
@@ -299,7 +299,7 @@ main (int argc, char *argv[])
|
|
errno = 0;
|
|
mtu = strtol (tmp, NULL, 10);
|
|
if (errno || mtu < 0 || mtu > 20000) {
|
|
- nm_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
|
|
+ g_warning ("Ignoring invalid tunnel MTU '%s'", tmp);
|
|
mtu = 1412;
|
|
}
|
|
}
|