mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-07-23 11:14:29 +00:00
cli: fix reading "vpn.secrets.*" from passwd-file
Due to a bug, we required VPN secrets to be prefixed with
"vpn.secret." instead of "vpn.secrets.". This was a change
in behavior with 1.12.0 release.
Fix it, to restore the old behavior. For backward compatibility
to the broken behavior, adjust parse_passwords() to treat accept
that as well.
https://bugzilla.redhat.com/show_bug.cgi?id=1628833
https://github.com/NetworkManager/NetworkManager/pull/201
Fixes: 0601b5d725
This commit is contained in:
parent
cc8c207120
commit
5815ae8c60
|
@ -645,13 +645,13 @@ vpn_openconnect_get_secrets (NMConnection *connection, GPtrArray *secrets)
|
|||
if (!nm_streq0 (secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
|
||||
continue;
|
||||
|
||||
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "cookie")) {
|
||||
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "cookie")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&cookie);
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gateway")) {
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gateway")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&gateway);
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gwcert")) {
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gwcert")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&gwcert);
|
||||
}
|
||||
|
|
|
@ -2607,7 +2607,15 @@ parse_passwords (const char *passwd_file, GError **error)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
pwd_spec = g_strdup_printf ("%s.%s", setting, prop);
|
||||
if ( nm_streq (setting, "vpn")
|
||||
&& g_str_has_prefix (prop, "secret.")) {
|
||||
/* in 1.12.0, we wrongly required the VPN secrets to be named
|
||||
* "vpn.secret". It should be "vpn.secrets". Work around it
|
||||
* (rh#1628833). */
|
||||
pwd_spec = g_strdup_printf ("vpn.secrets.%s", &prop[NM_STRLEN ("secret.")]);
|
||||
} else
|
||||
pwd_spec = g_strdup_printf ("%s.%s", setting, prop);
|
||||
|
||||
g_hash_table_insert (pwds_hash, pwd_spec, g_strdup (pwd));
|
||||
}
|
||||
return g_steal_pointer (&pwds_hash);
|
||||
|
|
|
@ -195,7 +195,7 @@ nm_secret_agent_simple_secret_new (NMSecretAgentSecretType secret_type,
|
|||
real->base.is_secret = (secret_type != NM_SECRET_AGENT_SECRET_TYPE_PROPERTY);
|
||||
break;
|
||||
case NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET:
|
||||
vpn_prefix = NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET;
|
||||
vpn_prefix = NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS;
|
||||
value = nm_setting_vpn_get_secret (NM_SETTING_VPN (setting), property);
|
||||
real->base.entry_id = g_strdup_printf ("%s%s", vpn_prefix, property);
|
||||
nm_assert (vpn_type);
|
||||
|
|
|
@ -56,7 +56,7 @@ typedef struct {
|
|||
gboolean is_secret;
|
||||
} NMSecretAgentSimpleSecret;
|
||||
|
||||
#define NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "vpn.secret."
|
||||
#define NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "vpn.secrets."
|
||||
|
||||
#define NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT NM_DBUS_INTERFACE".openconnect"
|
||||
|
||||
|
|
|
@ -121,13 +121,13 @@ secrets_requested (NMSecretAgentSimple *agent,
|
|||
continue;
|
||||
if (!nm_streq0 (secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
|
||||
continue;
|
||||
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "cookie")) {
|
||||
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "cookie")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&cookie);
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gateway")) {
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gateway")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&gateway);
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gwcert")) {
|
||||
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gwcert")) {
|
||||
g_free (secret->value);
|
||||
secret->value = g_steal_pointer (&gwcert);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue