From d7e873d91310203726b6e2472da3a94b4c8aac9d Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Thu, 22 Jun 2017 12:39:42 +0200
Subject: [PATCH 1/2] wireless-security: acually save the PKCS#11 PINs for
 certificates

---
 src/wireless-security/eap-method-peap.c |  5 ++++-
 src/wireless-security/eap-method-tls.c  | 10 ++++++++--
 src/wireless-security/eap-method-ttls.c |  5 ++++-
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/wireless-security/eap-method-peap.c b/src/wireless-security/eap-method-peap.c
index 81bd2754..4be53762 100644
--- a/src/wireless-security/eap-method-peap.c
+++ b/src/wireless-security/eap-method-peap.c
@@ -174,7 +174,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 
 #if LIBNM_BUILD
 /* libnm-glib doesn't support this. */
-	/* Save CA certificate PIN password flags to the connection */
+	/* Save CA certificate PIN and its flags to the connection */
 	secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
 	nm_setting_set_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_CA_CERT_PASSWORD,
 	                             secret_flags, NULL);
@@ -183,6 +183,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 		nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
 		                                               secret_flags, NM_SETTING (s_8021x),
 		                                               NM_SETTING_802_1X_CA_CERT_PASSWORD);
+		g_object_set (s_8021x, NM_SETTING_802_1X_CA_CERT_PASSWORD,
+		              nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+		              NULL);
 	}
 #endif
 
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index a740c114..0595fd06 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -160,7 +160,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 
 #if LIBNM_BUILD
 /* libnm-glib doesn't support these. */
-	/* Save CA certificate PIN password flags to the connection */
+	/* Save CA certificate PIN and its flags to the connection */
 	secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
 	nm_setting_set_secret_flags (NM_SETTING (s_8021x), method->ca_cert_password_flags_name,
 	                             secret_flags, NULL);
@@ -169,9 +169,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 		nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
 		                                               secret_flags, NM_SETTING (s_8021x),
 		                                               method->ca_cert_password_flags_name);
+		g_object_set (s_8021x, method->ca_cert_password_flags_name,
+		              nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+		              NULL);
 	}
 
-	/* Save user certificate PIN password flags to the connection */
+	/* Save user certificate PIN and its flags flags to the connection */
 	secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->client_cert_chooser));
 	nm_setting_set_secret_flags (NM_SETTING (s_8021x), method->client_cert_password_flags_name,
 	                             secret_flags, NULL);
@@ -179,6 +182,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 		nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->client_cert_chooser),
 		                                               secret_flags, NM_SETTING (s_8021x),
 		                                               method->client_cert_password_flags_name);
+		g_object_set (s_8021x, method->client_cert_password_flags_name,
+		              nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->client_cert_chooser)),
+		              NULL);
 	}
 #endif
 
diff --git a/src/wireless-security/eap-method-ttls.c b/src/wireless-security/eap-method-ttls.c
index 4e9201fb..71bede99 100644
--- a/src/wireless-security/eap-method-ttls.c
+++ b/src/wireless-security/eap-method-ttls.c
@@ -170,7 +170,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 
 #if LIBNM_BUILD
 /* libnm-glib doesn't support this. */
-	/* Save CA certificate PIN password flags to the connection */
+	/* Save CA certificate PIN and its flags to the connection */
 	secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
 	nm_setting_set_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_CA_CERT_PASSWORD,
 	                             secret_flags, NULL);
@@ -179,6 +179,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 		nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
 		                                               secret_flags, NM_SETTING (s_8021x),
 		                                               NM_SETTING_802_1X_CA_CERT_PASSWORD);
+		g_object_set (s_8021x, NM_SETTING_802_1X_CA_CERT_PASSWORD,
+		              nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+		              NULL);
 	}
 #endif
 
-- 
2.13.0