system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-07-21 02:04:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

libnm-util: add secret flags for each secret describing how the secret is stored

Browse source 
This allows the necessary flexibility when handling secrets; otherwise
it wouldn't be known when NM should save secrets returned from agents
to backing storage, or when the agents should store the secrets. We
can't simply use lack of a secret in persistent storage as the indicator
of this, as (for example) when creating a new connection without
secrets the storage method would be abmiguous.

At the same time, fold in "always ask" functionality for OTP tokens
so user agents don't have to store that attribute themselves out-of-band.
This commit is contained in:
Dan Williams 2011-01-29 13:34:24 -06:00
parent 12908c8a1a
commit 5a7cf39a62
14 changed files with 627 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
libnm-util/libnm-util.ver
View file

@ -46,6 +46,7 @@ global:
nm_setting_802_1x_get_identity;
nm_setting_802_1x_get_num_eap_methods;
nm_setting_802_1x_get_password;
nm_setting_802_1x_get_password_flags;
nm_setting_802_1x_get_phase1_fast_provisioning;
nm_setting_802_1x_get_phase1_peaplabel;
nm_setting_802_1x_get_phase1_peapver;
@ -69,6 +70,7 @@ global:
nm_setting_802_1x_get_phase2_private_key_format;
nm_setting_802_1x_set_phase2_private_key_from_file;
nm_setting_802_1x_get_phase2_private_key_password;
nm_setting_802_1x_get_phase2_private_key_password_flags;
nm_setting_802_1x_get_phase2_private_key_path;
nm_setting_802_1x_get_phase2_private_key_scheme;
nm_setting_802_1x_get_phase2_private_key_type;
@ -79,11 +81,11 @@ global:
nm_setting_802_1x_get_private_key_format;
nm_setting_802_1x_set_private_key_from_file;
nm_setting_802_1x_get_private_key_password;
nm_setting_802_1x_get_private_key_password_flags;
nm_setting_802_1x_get_private_key_path;
nm_setting_802_1x_get_private_key_scheme;
nm_setting_802_1x_get_private_key_type;
nm_setting_802_1x_set_private_key;
nm_setting_802_1x_get_psk;
nm_setting_802_1x_get_system_ca_certs;
nm_setting_802_1x_get_type;
nm_setting_802_1x_new;
@ -101,6 +103,7 @@ global:
nm_setting_cdma_get_number;
nm_setting_cdma_get_username;
nm_setting_cdma_get_password;
nm_setting_cdma_get_password_flags;
nm_setting_clear_secrets;
nm_setting_compare;
nm_setting_connection_error_get_type;
@ -130,13 +133,13 @@ global:
nm_setting_gsm_get_number;
nm_setting_gsm_get_username;
nm_setting_gsm_get_password;
nm_setting_gsm_get_password_flags;
nm_setting_gsm_get_apn;
nm_setting_gsm_get_network_id;
nm_setting_gsm_get_network_type;
nm_setting_gsm_get_allowed_bands;
nm_setting_gsm_get_band;
nm_setting_gsm_get_pin;
nm_setting_gsm_get_puk;
nm_setting_gsm_get_pin_flags;
nm_setting_gsm_get_home_only;
nm_setting_ip4_config_error_get_type;
nm_setting_ip4_config_error_quark;
@ -255,6 +258,7 @@ global:
nm_setting_pppoe_get_service;
nm_setting_pppoe_get_username;
nm_setting_pppoe_get_password;
nm_setting_pppoe_get_password_flags;
nm_setting_serial_error_get_type;
nm_setting_serial_error_quark;
nm_setting_serial_get_type;
@ -268,20 +272,22 @@ global:
nm_setting_to_string;
nm_setting_update_secrets;
nm_setting_verify;
nm_setting_vpn_add_data_item;
nm_setting_vpn_add_secret;
nm_setting_vpn_error_get_type;
nm_setting_vpn_error_quark;
nm_setting_vpn_get_type;
nm_setting_vpn_new;
nm_setting_vpn_get_service_type;
nm_setting_vpn_get_user_name;
nm_setting_vpn_add_data_item;
nm_setting_vpn_foreach_data_item;
nm_setting_vpn_get_data_item;
nm_setting_vpn_remove_data_item;
nm_setting_vpn_add_secret;
nm_setting_vpn_foreach_secret;
nm_setting_vpn_get_data_item;
nm_setting_vpn_get_secret;
nm_setting_vpn_get_secret_flags;
nm_setting_vpn_get_service_type;
nm_setting_vpn_get_type;
nm_setting_vpn_get_user_name;
nm_setting_vpn_new;
nm_setting_vpn_remove_data_item;
nm_setting_vpn_remove_secret;
nm_setting_vpn_set_secret_flags;
nm_setting_wimax_error_get_type;
nm_setting_wimax_error_quark;
nm_setting_wimax_get_type;
@ -338,14 +344,17 @@ global:
nm_setting_wireless_security_get_key_mgmt;
nm_setting_wireless_security_get_leap_username;
nm_setting_wireless_security_get_leap_password;
nm_setting_wireless_security_get_leap_password_flags;
nm_setting_wireless_security_get_num_groups;
nm_setting_wireless_security_get_num_pairwise;
nm_setting_wireless_security_get_num_protos;
nm_setting_wireless_security_get_pairwise;
nm_setting_wireless_security_get_proto;
nm_setting_wireless_security_get_psk;
nm_setting_wireless_security_get_psk_flags;
nm_setting_wireless_security_get_type;
nm_setting_wireless_security_get_wep_key;
nm_setting_wireless_security_get_wep_key_flags;
nm_setting_wireless_security_get_wep_key_type;
nm_setting_wireless_security_get_wep_tx_keyidx;
nm_setting_wireless_security_new;

191
libnm-util/nm-setting-8021x.c
View file

@ -125,11 +125,15 @@ typedef struct {
char *phase2_ca_path;
GByteArray *phase2_client_cert;
char *password;
NMSettingSecretFlags password_flags;
char *pin;
NMSettingSecretFlags pin_flags;
GByteArray *private_key;
char *private_key_password;
NMSettingSecretFlags private_key_password_flags;
GByteArray *phase2_private_key;
char *phase2_private_key_password;
NMSettingSecretFlags phase2_private_key_password_flags;
gboolean system_ca_certs;
} NMSetting8021xPrivate;
@ -150,11 +154,15 @@ enum {
PROP_PHASE2_CA_PATH,
PROP_PHASE2_CLIENT_CERT,
PROP_PASSWORD,
PROP_PASSWORD_FLAGS,
PROP_PRIVATE_KEY,
PROP_PRIVATE_KEY_PASSWORD,
PROP_PRIVATE_KEY_PASSWORD_FLAGS,
PROP_PHASE2_PRIVATE_KEY,
PROP_PHASE2_PRIVATE_KEY_PASSWORD,
PROP_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS,
PROP_PIN,
PROP_PIN_FLAGS,
PROP_SYSTEM_CA_CERTS,
LAST_PROP
@ -1131,6 +1139,20 @@ nm_setting_802_1x_get_password (NMSetting8021x *setting)
return NM_SETTING_802_1X_GET_PRIVATE (setting)->password;
}
/**
* nm_setting_802_1x_get_password_flags:
* @setting: the #NMSetting8021x
*
* Returns: the #NMSettingSecretFlags pertaining to the #NMSetting8021x:password
**/
NMSettingSecretFlags
nm_setting_802_1x_get_password_flags (NMSetting8021x *setting)
{
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_802_1X_GET_PRIVATE (setting)->password_flags;
}
/**
* nm_setting_802_1x_get_pin:
* @setting: the #NMSetting8021x
@ -1146,6 +1168,21 @@ nm_setting_802_1x_get_pin (NMSetting8021x *setting)
return NM_SETTING_802_1X_GET_PRIVATE (setting)->pin;
}
/**
* nm_setting_802_1x_get_pin_flags:
* @setting: the #NMSetting8021x
*
* Returns: the #NMSettingSecretFlags pertaining to the
* #NMSetting8021x:pin
**/
NMSettingSecretFlags
nm_setting_802_1x_get_pin_flags (NMSetting8021x *setting)
{
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_802_1X_GET_PRIVATE (setting)->pin_flags;
}
/**
* nm_setting_802_1x_get_private_key_scheme:
* @setting: the #NMSetting8021x
@ -1174,6 +1211,10 @@ nm_setting_802_1x_get_private_key_scheme (NMSetting8021x *setting)
* when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x
* authentication method.
*
* WARNING: the private key property is not a "secret" property, and thus
* unencrypted private key data may be readable by unprivileged users. Private
* keys should always be encrypted with a private key password.
*
* Returns: the private key data
**/
const GByteArray *
@ -1234,6 +1275,11 @@ nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting)
* when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x
* authentication method.
*
* WARNING: the private key property is not a "secret" property, and thus
* unencrypted private key data using the BLOB scheme may be readable by
* unprivileged users. Private keys should always be encrypted with a private
* key password to prevent unauthorized access to unencrypted private key data.
*
* Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful
**/
gboolean
@ -1377,6 +1423,21 @@ nm_setting_802_1x_get_private_key_password (NMSetting8021x *setting)
return NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key_password;
}
/**
* nm_setting_802_1x_get_private_key_password_flags:
* @setting: the #NMSetting8021x
*
* Returns: the #NMSettingSecretFlags pertaining to the
* #NMSetting8021x:private-key-password
**/
NMSettingSecretFlags
nm_setting_802_1x_get_private_key_password_flags (NMSetting8021x *setting)
{
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key_password_flags;
}
/**
* nm_setting_802_1x_get_private_key_format:
* @setting: the #NMSetting8021x
@ -1436,6 +1497,21 @@ nm_setting_802_1x_get_phase2_private_key_password (NMSetting8021x *setting)
return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key_password;
}
/**
* nm_setting_802_1x_get_phase2_private_key_password_flags:
* @setting: the #NMSetting8021x
*
* Returns: the #NMSettingSecretFlags pertaining to the
* #NMSetting8021x:phase2-private-key-password
**/
NMSettingSecretFlags
nm_setting_802_1x_get_phase2_private_key_password_flags (NMSetting8021x *setting)
{
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key_password_flags;
}
/**
* nm_setting_802_1x_get_phase2_private_key_scheme:
* @setting: the #NMSetting8021x
@ -1464,6 +1540,10 @@ nm_setting_802_1x_get_phase2_private_key_scheme (NMSetting8021x *setting)
* when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x
* authentication method.
*
* WARNING: the phase2 private key property is not a "secret" property, and thus
* unencrypted private key data may be readable by unprivileged users. Private
* keys should always be encrypted with a private key password.
*
* Returns: the "phase 2" private key data
**/
const GByteArray *
@ -1524,6 +1604,11 @@ nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting)
* when EAP-TLS is used as either the "phase 1" or "phase 2" 802.1x
* authentication method.
*
* WARNING: the phase2 private key property is not a "secret" property, and thus
* unencrypted private key data using the BLOB scheme may be readable by
* unprivileged users. Private keys should always be encrypted with a private
* key password to prevent unauthorized access to unencrypted private key data.
*
* Returns: TRUE if the operation succeeded, FALSE if it was unsuccessful
**/
gboolean
@ -2374,6 +2459,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->password);
priv->password = g_value_dup_string (value);
break;
case PROP_PASSWORD_FLAGS:
priv->password_flags = g_value_get_uint (value);
break;
case PROP_PRIVATE_KEY:
if (priv->private_key) {
g_byte_array_free (priv->private_key, TRUE);
@ -2390,6 +2478,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->private_key_password);
priv->private_key_password = g_value_dup_string (value);
break;
case PROP_PRIVATE_KEY_PASSWORD_FLAGS:
priv->private_key_password_flags = g_value_get_uint (value);
break;
case PROP_PHASE2_PRIVATE_KEY:
if (priv->phase2_private_key) {
g_byte_array_free (priv->phase2_private_key, TRUE);
@ -2406,6 +2497,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->phase2_private_key_password);
priv->phase2_private_key_password = g_value_dup_string (value);
break;
case PROP_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS:
priv->phase2_private_key_password_flags = g_value_get_uint (value);
break;
case PROP_SYSTEM_CA_CERTS:
priv->system_ca_certs = g_value_get_boolean (value);
break;
@ -2468,18 +2562,27 @@ get_property (GObject *object, guint prop_id,
case PROP_PASSWORD:
g_value_set_string (value, priv->password);
break;
case PROP_PASSWORD_FLAGS:
g_value_set_uint (value, priv->password_flags);
break;
case PROP_PRIVATE_KEY:
g_value_set_boxed (value, priv->private_key);
break;
case PROP_PRIVATE_KEY_PASSWORD:
g_value_set_string (value, priv->private_key_password);
break;
case PROP_PRIVATE_KEY_PASSWORD_FLAGS:
g_value_set_uint (value, priv->private_key_password_flags);
break;
case PROP_PHASE2_PRIVATE_KEY:
g_value_set_boxed (value, priv->phase2_private_key);
break;
case PROP_PHASE2_PRIVATE_KEY_PASSWORD:
g_value_set_string (value, priv->phase2_private_key_password);
break;
case PROP_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS:
g_value_set_uint (value, priv->phase2_private_key_password_flags);
break;
case PROP_SYSTEM_CA_CERTS:
g_value_set_boolean (value, priv->system_ca_certs);
break;
@ -2842,12 +2945,32 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSetting8021x:password-flags:
*
* Flags indicating how to handle #NMSetting8021x:password:.
**/
g_object_class_install_property (object_class, PROP_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_802_1X_PASSWORD_FLAGS,
"Password Flags",
"Flags indicating how to handle the 802.1x password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSetting8021x:private-key:
*
* Contains the private key if the #NMSetting8021x:eap property is set to
* 'tls'. Setting this property directly is discouraged; use the
* nm_setting_802_1x_set_private_key() function instead.
*
* WARNING: #NMSetting8021x:private-key is not a "secret" property, and thus
* unencrypted private key data using the BLOB scheme may be readable by
* unprivileged users. Private keys should always be encrypted with a
* private key password to prevent unauthorized access to unencrypted
* private key data.
**/
g_object_class_install_property
(object_class, PROP_PRIVATE_KEY,
@ -2858,12 +2981,17 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
"'scheme'; two are currently supported: blob and "
"path. When using the blob scheme and X.509 private "
"keys, this property should be set to the keys's "
"decrypted DER encoded data. When using X.509 "
"private keys with the path scheme, this property "
"should be set to the full UTF-8 encoded path of "
"the key, prefixed with the string 'file://' and "
"and ending with a terminating NULL byte. When "
"using PKCS#12 format private keys and the blob "
"PEM or DER encoded data; if using DER-encoded "
"data the private key must be decrypted as the "
"DER format is incomplete. Use of decrypted "
"DER-format private keys is not recommended as it "
"may allow unprivileged users access to the "
"decrypted data. When using X.509 private keys "
"with the path scheme, this property should be "
"set to the full UTF-8 encoded path of the key, "
"prefixed with the string 'file://' and ending "
"with a terminating NULL byte. When using "
"PKCS#12 format private keys and the blob "
"scheme, this property should be set to the "
"PKCS#12 data (which is encrypted) and the "
"'private-key-password' property must be set to "
@ -2877,7 +3005,7 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
"be set to the password used to decode the PKCS#12 "
"private key and certificate.",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSetting8021x:private-key-password:
@ -2900,6 +3028,21 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSetting8021x:private-key-password-flags:
*
* Flags indicating how to handle #NMSetting8021x:private-key-password:.
**/
g_object_class_install_property (object_class, PROP_PRIVATE_KEY_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS,
"Private Key Password Flags",
"Flags indicating how to handle the 802.1x private "
"key password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSetting8021x:phase2-private-key:
*
@ -2920,12 +3063,17 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
"'scheme'; two are currently supported: blob and "
"path. When using the blob scheme and X.509 private "
"keys, this property should be set to the keys's "
"decrypted DER encoded data. When using X.509 "
"private keys with the path scheme, this property "
"should be set to the full UTF-8 encoded path of "
"the key, prefixed with the string 'file://' and "
"and ending with a terminating NULL byte. When "
"using PKCS#12 format private keys and the blob "
"PEM or DER encoded data; if using DER-encoded "
"data the private key must be decrypted as the "
"DER format is incomplete. Use of decrypted "
"DER-format private keys is not recommended as it "
"may allow unprivileged users access to the "
"decrypted data. When using X.509 private keys "
"with the path scheme, this property should be "
"set to the full UTF-8 encoded path of the key, "
"prefixed with the string 'file://' and ending "
"with a terminating NULL byte. When using "
"PKCS#12 format private keys and the blob "
"scheme, this property should be set to the "
"PKCS#12 data (which is encrypted) and the "
"'private-key-password' property must be set to "
@ -2939,7 +3087,7 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
"be set to the password used to decode the PKCS#12 "
"private key and certificate.",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSetting8021x:phase2-private-key-password:
@ -2962,6 +3110,21 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSetting8021x:phase2-private-key-password-flags:
*
* Flags indicating how to handle #NMSetting8021x:phase2-private-key-password:.
**/
g_object_class_install_property (object_class, PROP_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS,
"Phase2 Private Key Password Flags",
"Flags indicating how to handle the 802.1x phase2 "
"private key password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSetting8021x:system-ca-certs:
*

28
libnm-util/nm-setting-8021x.h
View file

@ -81,11 +81,15 @@ GQuark nm_setting_802_1x_error_quark (void);
#define NM_SETTING_802_1X_PHASE2_CA_PATH "phase2-ca-path"
#define NM_SETTING_802_1X_PHASE2_CLIENT_CERT "phase2-client-cert"
#define NM_SETTING_802_1X_PASSWORD "password"
#define NM_SETTING_802_1X_PASSWORD_FLAGS "password-flags"
#define NM_SETTING_802_1X_PRIVATE_KEY "private-key"
#define NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD "private-key-password"
#define NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS "private-key-password-flags"
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY "phase2-private-key"
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD "phase2-private-key-password"
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS "phase2-private-key-password-flags"
#define NM_SETTING_802_1X_PIN "pin"
#define NM_SETTING_802_1X_PIN_FLAGS "pin-flags"
#define NM_SETTING_802_1X_SYSTEM_CA_CERTS "system-ca-certs"
/* PRIVATE KEY NOTE: when setting PKCS#12 private keys directly via properties
@ -101,15 +105,17 @@ GQuark nm_setting_802_1x_error_quark (void);
*
* When setting OpenSSL-derived "traditional" format (ie S/MIME style, not
* PKCS#8) RSA and DSA keys directly via properties with the "blob" scheme, they
* must passed to NetworkManager completely decrypted because the OpenSSL
* "traditional" format is non-standard and is not complete enough for all
* crypto libraries to use. Thus, for OpenSSL "traditional" format keys, the
* private key password is not passed to NetworkManager (because the data is
* already decrypted by the client), and the appropriate "client-cert" (or
* "phase2-client-cert") property of the NMSetting8021x object must be a valid
* client certificate. When using the "path" scheme, just set the private-key
* and client-cert properties to the paths to their respective objects, and
* set the private-key password correctly.
* should be passed to NetworkManager in PEM format with the "DEK-Info" and
* "Proc-Type" tags intact, or in decrypted binary DER format (not recommended,
* as this may allow unprivileged users to read the decrypted private key).
* When decryped keys are used (again, not recommended) the private key password
* should not be set. The recommended method for passing private keys to
* NetworkManager is via the "path" scheme with encrypted private keys, and a
* private key password.
*
* When using the "path" scheme, just set the private-key and client-cert
* properties to the paths to their respective objects, and set the private-key
* password correctly.
*/
typedef struct {
@ -191,8 +197,10 @@ gboolean nm_setting_802_1x_set_phase2_client_cert (NMSett
GError **error);
const char * nm_setting_802_1x_get_password (NMSetting8021x *setting);
NMSettingSecretFlags nm_setting_802_1x_get_password_flags (NMSetting8021x *setting);
const char * nm_setting_802_1x_get_pin (NMSetting8021x *setting);
NMSettingSecretFlags nm_setting_802_1x_get_pin_flags (NMSetting8021x *setting);
NMSetting8021xCKScheme nm_setting_802_1x_get_private_key_scheme (NMSetting8021x *setting);
const GByteArray * nm_setting_802_1x_get_private_key_blob (NMSetting8021x *setting);
@ -204,6 +212,7 @@ gboolean nm_setting_802_1x_set_private_key (NMSett
NMSetting8021xCKFormat *out_format,
GError **error);
const char * nm_setting_802_1x_get_private_key_password (NMSetting8021x *setting);
NMSettingSecretFlags nm_setting_802_1x_get_private_key_password_flags (NMSetting8021x *setting);
NMSetting8021xCKFormat nm_setting_802_1x_get_private_key_format (NMSetting8021x *setting);
@ -217,6 +226,7 @@ gboolean nm_setting_802_1x_set_phase2_private_key (NMSett
NMSetting8021xCKFormat *out_format,
GError **error);
const char * nm_setting_802_1x_get_phase2_private_key_password (NMSetting8021x *setting);
NMSettingSecretFlags nm_setting_802_1x_get_phase2_private_key_password_flags (NMSetting8021x *setting);
NMSetting8021xCKFormat nm_setting_802_1x_get_phase2_private_key_format (NMSetting8021x *setting);

38
libnm-util/nm-setting-cdma.c
View file

@ -18,7 +18,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
*/
#include <string.h>
@ -87,6 +87,7 @@ typedef struct {
char *number; /* For dialing, duh */
char *username;
char *password;
NMSettingSecretFlags password_flags;
} NMSettingCdmaPrivate;
enum {
@ -94,6 +95,7 @@ enum {
PROP_NUMBER,
PROP_USERNAME,
PROP_PASSWORD,
PROP_PASSWORD_FLAGS,
LAST_PROP
};
@ -153,6 +155,20 @@ nm_setting_cdma_get_password (NMSettingCdma *setting)
return NM_SETTING_CDMA_GET_PRIVATE (setting)->password;
}
/**
* nm_setting_cdma_get_password_flags:
* @setting: the #NMSettingCdma
*
* Returns: the #NMSettingSecretFlags pertaining to the #NMSettingCdma:password
**/
NMSettingSecretFlags
nm_setting_cdma_get_password_flags (NMSettingCdma *setting)
{
g_return_val_if_fail (NM_IS_SETTING_CDMA (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_CDMA_GET_PRIVATE (setting)->password_flags;
}
static gint
find_setting_by_name (gconstpointer a, gconstpointer b)
{
@ -264,6 +280,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->password);
priv->password = g_value_dup_string (value);
break;
case PROP_PASSWORD_FLAGS:
priv->password_flags = g_value_get_uint (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -286,6 +305,9 @@ get_property (GObject *object, guint prop_id,
case PROP_PASSWORD:
g_value_set_string (value, nm_setting_cdma_get_password (setting));
break;
case PROP_PASSWORD_FLAGS:
g_value_set_uint (value, nm_setting_cdma_get_password_flags (setting));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -360,4 +382,18 @@ nm_setting_cdma_class_init (NMSettingCdmaClass *setting_class)
"a password or accept any password.",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingCdma:password-flags:
*
* Flags indicating how to handle #NMSettingCdma:password:.
**/
g_object_class_install_property (object_class, PROP_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_CDMA_PASSWORD_FLAGS,
"Password Flags",
"Flags indicating how to handle the CDMA password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
}

10
libnm-util/nm-setting-cdma.h
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -53,9 +53,10 @@ GType nm_setting_cdma_error_get_type (void);
#define NM_SETTING_CDMA_ERROR nm_setting_cdma_error_quark ()
GQuark nm_setting_cdma_error_quark (void);
#define NM_SETTING_CDMA_NUMBER "number"
#define NM_SETTING_CDMA_USERNAME "username"
#define NM_SETTING_CDMA_PASSWORD "password"
#define NM_SETTING_CDMA_NUMBER "number"
#define NM_SETTING_CDMA_USERNAME "username"
#define NM_SETTING_CDMA_PASSWORD "password"
#define NM_SETTING_CDMA_PASSWORD_FLAGS "password-flags"
typedef struct {
NMSetting parent;
@ -77,6 +78,7 @@ NMSetting *nm_setting_cdma_new (void);
const char *nm_setting_cdma_get_number (NMSettingCdma *setting);
const char *nm_setting_cdma_get_username (NMSettingCdma *setting);
const char *nm_setting_cdma_get_password (NMSettingCdma *setting);
NMSettingSecretFlags nm_setting_cdma_get_password_flags (NMSettingCdma *setting);
G_END_DECLS

74
libnm-util/nm-setting-gsm.c
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -73,6 +73,7 @@ typedef struct {
char *number; /* For dialing, duh */
char *username;
char *password;
NMSettingSecretFlags password_flags;
char *apn; /* NULL for dynamic */
char *network_id; /* for manual registration or NULL for automatic */
@ -80,6 +81,7 @@ typedef struct {
guint32 allowed_bands; /* A bitfield of NM_SETTING_GSM_BAND_* */
char *pin;
NMSettingSecretFlags pin_flags;
gboolean home_only;
} NMSettingGsmPrivate;
@ -89,10 +91,12 @@ enum {
PROP_NUMBER,
PROP_USERNAME,
PROP_PASSWORD,
PROP_PASSWORD_FLAGS,
PROP_APN,
PROP_NETWORK_ID,
PROP_NETWORK_TYPE,
PROP_PIN,
PROP_PIN_FLAGS,
PROP_ALLOWED_BANDS,
PROP_HOME_ONLY,
@ -138,6 +142,20 @@ nm_setting_gsm_get_password (NMSettingGsm *setting)
return NM_SETTING_GSM_GET_PRIVATE (setting)->password;
}
/**
* nm_setting_gsm_get_password_flags:
* @setting: the #NMSettingGsm
*
* Returns: the #NMSettingSecretFlags pertaining to the #NMSettingGsm:password
**/
NMSettingSecretFlags
nm_setting_gsm_get_password_flags (NMSettingGsm *setting)
{
g_return_val_if_fail (NM_IS_SETTING_GSM (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_GSM_GET_PRIVATE (setting)->password_flags;
}
const char *
nm_setting_gsm_get_apn (NMSettingGsm *setting)
{
@ -178,6 +196,20 @@ nm_setting_gsm_get_pin (NMSettingGsm *setting)
return NM_SETTING_GSM_GET_PRIVATE (setting)->pin;
}
/**
* nm_setting_gsm_get_pin_flags:
* @setting: the #NMSettingGsm
*
* Returns: the #NMSettingSecretFlags pertaining to the #NMSettingGsm:pin
**/
NMSettingSecretFlags
nm_setting_gsm_get_pin_flags (NMSettingGsm *setting)
{
g_return_val_if_fail (NM_IS_SETTING_GSM (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_GSM_GET_PRIVATE (setting)->pin_flags;
}
gboolean
nm_setting_gsm_get_home_only (NMSettingGsm *setting)
{
@ -342,6 +374,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->password);
priv->password = g_value_dup_string (value);
break;
case PROP_PASSWORD_FLAGS:
priv->password_flags = g_value_get_uint (value);
break;
case PROP_APN:
g_free (priv->apn);
priv->apn = NULL;
@ -366,6 +401,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->pin);
priv->pin = g_value_dup_string (value);
break;
case PROP_PIN_FLAGS:
priv->pin_flags = g_value_get_uint (value);
break;
case PROP_HOME_ONLY:
priv->home_only = g_value_get_boolean (value);
break;
@ -391,6 +429,9 @@ get_property (GObject *object, guint prop_id,
case PROP_PASSWORD:
g_value_set_string (value, nm_setting_gsm_get_password (setting));
break;
case PROP_PASSWORD_FLAGS:
g_value_set_uint (value, nm_setting_gsm_get_password_flags (setting));
break;
case PROP_APN:
g_value_set_string (value, nm_setting_gsm_get_apn (setting));
break;
@ -406,6 +447,9 @@ get_property (GObject *object, guint prop_id,
case PROP_PIN:
g_value_set_string (value, nm_setting_gsm_get_pin (setting));
break;
case PROP_PIN_FLAGS:
g_value_set_uint (value, nm_setting_gsm_get_pin_flags (setting));
break;
case PROP_HOME_ONLY:
g_value_set_boolean (value, nm_setting_gsm_get_home_only (setting));
break;
@ -486,6 +530,20 @@ nm_setting_gsm_class_init (NMSettingGsmClass *setting_class)
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingGsm:password-flags:
*
* Flags indicating how to handle #NMSettingGsm:password:.
**/
g_object_class_install_property (object_class, PROP_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_GSM_PASSWORD_FLAGS,
"Password Flags",
"Flags indicating how to handle the GSM password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSettingGsm:apn:
*
@ -605,6 +663,20 @@ nm_setting_gsm_class_init (NMSettingGsmClass *setting_class)
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingGsm:pin-flags:
*
* Flags indicating how to handle #NMSettingGsm:pin:.
**/
g_object_class_install_property (object_class, PROP_PIN_FLAGS,
g_param_spec_uint (NM_SETTING_GSM_PIN_FLAGS,
"PIN Flags",
"Flags indicating how to handle the GSM SIM PIN.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSettingGsm:home-only:
*

25
libnm-util/nm-setting-gsm.h
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -53,15 +53,17 @@ GType nm_setting_gsm_error_get_type (void);
#define NM_SETTING_GSM_ERROR nm_setting_gsm_error_quark ()
GQuark nm_setting_gsm_error_quark (void);
#define NM_SETTING_GSM_NUMBER "number"
#define NM_SETTING_GSM_USERNAME "username"
#define NM_SETTING_GSM_PASSWORD "password"
#define NM_SETTING_GSM_APN "apn"
#define NM_SETTING_GSM_NETWORK_ID "network-id"
#define NM_SETTING_GSM_NETWORK_TYPE "network-type"
#define NM_SETTING_GSM_ALLOWED_BANDS "allowed-bands"
#define NM_SETTING_GSM_PIN "pin"
#define NM_SETTING_GSM_HOME_ONLY "home-only"
#define NM_SETTING_GSM_NUMBER "number"
#define NM_SETTING_GSM_USERNAME "username"
#define NM_SETTING_GSM_PASSWORD "password"
#define NM_SETTING_GSM_PASSWORD_FLAGS "password-flags"
#define NM_SETTING_GSM_APN "apn"
#define NM_SETTING_GSM_NETWORK_ID "network-id"
#define NM_SETTING_GSM_NETWORK_TYPE "network-type"
#define NM_SETTING_GSM_ALLOWED_BANDS "allowed-bands"
#define NM_SETTING_GSM_PIN "pin"
#define NM_SETTING_GSM_PIN_FLAGS "pin-flags"
#define NM_SETTING_GSM_HOME_ONLY "home-only"
typedef enum {
NM_SETTING_GSM_NETWORK_TYPE_ANY = -1,
@ -115,6 +117,9 @@ guint32 nm_setting_gsm_get_allowed_bands (NMSettingGsm *setting);
const char *nm_setting_gsm_get_pin (NMSettingGsm *setting);
gboolean nm_setting_gsm_get_home_only (NMSettingGsm *setting);
NMSettingSecretFlags nm_setting_gsm_get_pin_flags (NMSettingGsm *setting);
NMSettingSecretFlags nm_setting_gsm_get_password_flags (NMSettingGsm *setting);
G_END_DECLS
#endif /* NM_SETTING_GSM_H */

38
libnm-util/nm-setting-pppoe.c
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -71,6 +71,7 @@ typedef struct {
char *service;
char *username;
char *password;
NMSettingSecretFlags password_flags;
} NMSettingPPPOEPrivate;
enum {
@ -78,6 +79,7 @@ enum {
PROP_SERVICE,
PROP_USERNAME,
PROP_PASSWORD,
PROP_PASSWORD_FLAGS,
LAST_PROP
};
@ -112,6 +114,20 @@ nm_setting_pppoe_get_password (NMSettingPPPOE *setting)
return NM_SETTING_PPPOE_GET_PRIVATE (setting)->password;
}
/**
* nm_setting_pppoe_get_password_flags:
* @setting: the #NMSettingPPPOE
*
* Returns: the #NMSettingSecretFlags pertaining to the #NMSettingPPPOE:password
**/
NMSettingSecretFlags
nm_setting_pppoe_get_password_flags (NMSettingPPPOE *setting)
{
g_return_val_if_fail (NM_IS_SETTING_PPPOE (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_PPPOE_GET_PRIVATE (setting)->password_flags;
}
static gboolean
verify (NMSetting *setting, GSList *all_settings, GError **error)
{
@ -182,6 +198,9 @@ set_property (GObject *object, guint prop_id,
g_free (priv->password);
priv->password = g_value_dup_string (value);
break;
case PROP_PASSWORD_FLAGS:
priv->password_flags = g_value_get_uint (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -204,6 +223,9 @@ get_property (GObject *object, guint prop_id,
case PROP_PASSWORD:
g_value_set_string (value, nm_setting_pppoe_get_password (setting));
break;
case PROP_PASSWORD_FLAGS:
g_value_set_uint (value, nm_setting_pppoe_get_password_flags (setting));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -271,4 +293,18 @@ nm_setting_pppoe_class_init (NMSettingPPPOEClass *setting_class)
"Password used to authenticate with the PPPoE service.",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingPPPOE:password-flags:
*
* Flags indicating how to handle #NMSettingPPPOE:password:.
**/
g_object_class_install_property (object_class, PROP_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_PPPOE_PASSWORD_FLAGS,
"Password Flags",
"Flags indicating how to handle the PPPoE password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
}

10
libnm-util/nm-setting-pppoe.h
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -53,9 +53,10 @@ GType nm_setting_pppoe_error_get_type (void);
#define NM_SETTING_PPPOE_ERROR nm_setting_pppoe_error_quark ()
GQuark nm_setting_pppoe_error_quark (void);
#define NM_SETTING_PPPOE_SERVICE "service"
#define NM_SETTING_PPPOE_USERNAME "username"
#define NM_SETTING_PPPOE_PASSWORD "password"
#define NM_SETTING_PPPOE_SERVICE "service"
#define NM_SETTING_PPPOE_USERNAME "username"
#define NM_SETTING_PPPOE_PASSWORD "password"
#define NM_SETTING_PPPOE_PASSWORD_FLAGS "password-flags"
typedef struct {
NMSetting parent;
@ -77,6 +78,7 @@ NMSetting *nm_setting_pppoe_new (void);
const char *nm_setting_pppoe_get_service (NMSettingPPPOE *setting);
const char *nm_setting_pppoe_get_username (NMSettingPPPOE *setting);
const char *nm_setting_pppoe_get_password (NMSettingPPPOE *setting);
NMSettingSecretFlags nm_setting_pppoe_get_password_flags (NMSettingPPPOE *setting);
G_END_DECLS

71
libnm-util/nm-setting-vpn.c
View file

@ -23,6 +23,8 @@
*/
#include <string.h>
#include <errno.h>
#include <stdlib.h>
#include <dbus/dbus-glib.h>
#include "nm-setting-vpn.h"
#include "nm-param-spec-specialized.h"
@ -227,6 +229,75 @@ nm_setting_vpn_foreach_secret (NMSettingVPN *setting,
(GHFunc) func, user_data);
}
/**
* nm_setting_vpn_get_secret_flags:
* @setting: a #NMSettingVPN
* @secret_name: the secret key name to get flags for
* @out_flags: on success, the flags for the secret @secret_name
*
* For a given VPN secret, retrieves the #NMSettingSecretFlags describing how to
* handle that secret.
*
* Returns: TRUE on success (if the secret flags data item was found), FALSE if
* the secret flags data item was not found
*/
gboolean
nm_setting_vpn_get_secret_flags (NMSettingVPN *setting,
const char *secret_name,
NMSettingSecretFlags *out_flags)
{
char *flags_key;
unsigned long tmp;
gboolean success = FALSE;
gpointer val;
g_return_val_if_fail (NM_IS_SETTING_VPN (setting), FALSE);
g_return_val_if_fail (secret_name != NULL, FALSE);
g_return_val_if_fail (out_flags != NULL, FALSE);
flags_key = g_strdup_printf ("%s-flags", secret_name);
g_assert (flags_key);
if (g_hash_table_lookup_extended (NM_SETTING_VPN_GET_PRIVATE (setting)->data,
flags_key,
NULL,
&val)) {
errno = 0;
tmp = strtoul ((const char *) val, NULL, 10);
if ((errno == 0) && (tmp <= NM_SETTING_SECRET_FLAG_LAST)) {
success = TRUE;
*out_flags = (guint32) tmp;
}
}
g_free (flags_key);
return success;
}
/**
* nm_setting_vpn_set_secret_flags:
* @setting: a #NMSettingVPN
* @secret_name: the secret key name to set flags for
* @flags: the flags for the secret
*
* For a given VPN secret, sets the #NMSettingSecretFlags describing how to
* handle that secret.
*/
void
nm_setting_vpn_set_secret_flags (NMSettingVPN *setting,
const char *secret_name,
NMSettingSecretFlags flags)
{
char *key_name, *str_val;
g_return_if_fail (NM_IS_SETTING_VPN (setting));
g_return_if_fail (secret_name != NULL);
key_name = g_strdup_printf ("%s-flags", secret_name);
g_assert (key_name);
str_val = g_strdup_printf ("%u", flags);
g_assert (str_val);
g_hash_table_insert (NM_SETTING_VPN_GET_PRIVATE (setting)->data, key_name, str_val);
}
static gboolean
verify (NMSetting *setting, GSList *all_settings, GError **error)
{

8
libnm-util/nm-setting-vpn.h
View file

@ -103,6 +103,14 @@ void nm_setting_vpn_foreach_secret (NMSettingVPN *setting,
NMVPNIterFunc func,
gpointer user_data);
gboolean nm_setting_vpn_get_secret_flags (NMSettingVPN *setting,
const char *secret_name,
NMSettingSecretFlags *out_flags);
void nm_setting_vpn_set_secret_flags (NMSettingVPN *setting,
const char *secret_name,
NMSettingSecretFlags flags);
G_END_DECLS
#endif /* NM_SETTING_VPN_H */

128
libnm-util/nm-setting-wireless-security.c
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -82,19 +82,28 @@ G_DEFINE_TYPE (NMSettingWirelessSecurity, nm_setting_wireless_security, NM_TYPE_
typedef struct {
char *key_mgmt;
guint32 wep_tx_keyidx;
char *auth_alg;
GSList *proto; /* GSList of strings */
GSList *pairwise; /* GSList of strings */
GSList *group; /* GSList of strings */
/* LEAP */
char *leap_username;
char *leap_password;
NMSettingSecretFlags leap_password_flags;
/* WEP */
char *wep_key0;
char *wep_key1;
char *wep_key2;
char *wep_key3;
char *psk;
char *leap_password;
NMSettingSecretFlags wep_key_flags;
NMWepKeyType wep_key_type;
guint32 wep_tx_keyidx;
/* WPA-PSK */
char *psk;
NMSettingSecretFlags psk_flags;
} NMSettingWirelessSecurityPrivate;
enum {
@ -110,9 +119,12 @@ enum {
PROP_WEP_KEY1,
PROP_WEP_KEY2,
PROP_WEP_KEY3,
PROP_PSK,
PROP_LEAP_PASSWORD,
PROP_WEP_KEY_FLAGS,
PROP_WEP_KEY_TYPE,
PROP_PSK,
PROP_PSK_FLAGS,
PROP_LEAP_PASSWORD,
PROP_LEAP_PASSWORD_FLAGS,
LAST_PROP
};
@ -343,6 +355,21 @@ nm_setting_wireless_security_get_psk (NMSettingWirelessSecurity *setting)
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->psk;
}
/**
* nm_setting_wireless_security_get_psk_flags:
* @setting: the #NMSettingWirelessSecurity
*
* Returns: the #NMSettingSecretFlags pertaining to the
* #NMSettingWirelessSecurity:psk
**/
NMSettingSecretFlags
nm_setting_wireless_security_get_psk_flags (NMSettingWirelessSecurity *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS_SECURITY (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->psk_flags;
}
const char *
nm_setting_wireless_security_get_leap_username (NMSettingWirelessSecurity *setting)
{
@ -359,6 +386,21 @@ nm_setting_wireless_security_get_leap_password (NMSettingWirelessSecurity *setti
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->leap_password;
}
/**
* nm_setting_wireless_security_get_leap_password_flags:
* @setting: the #NMSettingWirelessSecurity
*
* Returns: the #NMSettingSecretFlags pertaining to the
* #NMSettingWirelessSecurity:leap-password
**/
NMSettingSecretFlags
nm_setting_wireless_security_get_leap_password_flags (NMSettingWirelessSecurity *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS_SECURITY (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->leap_password_flags;
}
const char *
nm_setting_wireless_security_get_wep_key (NMSettingWirelessSecurity *setting, guint32 idx)
{
@ -428,6 +470,20 @@ nm_setting_wireless_security_get_auth_alg (NMSettingWirelessSecurity *setting)
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->auth_alg;
}
/**
* nm_setting_wireless_security_get_wep_key_flags:
* @setting: the #NMSettingWirelessSecurity
*
* Returns: the #NMSettingSecretFlags pertaining to the all WEP keys
**/
NMSettingSecretFlags
nm_setting_wireless_security_get_wep_key_flags (NMSettingWirelessSecurity *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS_SECURITY (setting), NM_SETTING_SECRET_FLAG_SYSTEM_OWNED);
return NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (setting)->wep_key_flags;
}
NMWepKeyType
nm_setting_wireless_security_get_wep_key_type (NMSettingWirelessSecurity *setting)
{
@ -852,14 +908,23 @@ set_property (GObject *object, guint prop_id,
case PROP_WEP_KEY3:
nm_setting_wireless_security_set_wep_key (setting, 3, g_value_get_string (value));
break;
case PROP_WEP_KEY_FLAGS:
priv->wep_key_flags = g_value_get_uint (value);
break;
case PROP_PSK:
g_free (priv->psk);
priv->psk = g_value_dup_string (value);
break;
case PROP_PSK_FLAGS:
priv->psk_flags = g_value_get_uint (value);
break;
case PROP_LEAP_PASSWORD:
g_free (priv->leap_password);
priv->leap_password = g_value_dup_string (value);
break;
case PROP_LEAP_PASSWORD_FLAGS:
priv->leap_password_flags = g_value_get_uint (value);
break;
case PROP_WEP_KEY_TYPE:
priv->wep_key_type = g_value_get_uint (value);
break;
@ -910,12 +975,21 @@ get_property (GObject *object, guint prop_id,
case PROP_WEP_KEY3:
g_value_set_string (value, priv->wep_key3);
break;
case PROP_WEP_KEY_FLAGS:
g_value_set_uint (value, priv->wep_key_flags);
break;
case PROP_PSK:
g_value_set_string (value, priv->psk);
break;
case PROP_PSK_FLAGS:
g_value_set_uint (value, priv->psk_flags);
break;
case PROP_LEAP_PASSWORD:
g_value_set_string (value, priv->leap_password);
break;
case PROP_LEAP_PASSWORD_FLAGS:
g_value_set_uint (value, priv->leap_password_flags);
break;
case PROP_WEP_KEY_TYPE:
g_value_set_uint (value, priv->wep_key_type);
break;
@ -1139,6 +1213,20 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingWirelessSecurity:wep-key-flags:
*
* Flags indicating how to handle #NMSettingWirelessSecurity WEP keys.
**/
g_object_class_install_property (object_class, PROP_WEP_KEY_FLAGS,
g_param_spec_uint (NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS,
"WEP Key Flags",
"Flags indicating how to handle the WEP keys.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSettingWirelessSecurity:psk:
*
@ -1164,6 +1252,20 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingWirelessSecurity:psk-flags:
*
* Flags indicating how to handle #NMSettingWirelessSecurity:psk
**/
g_object_class_install_property (object_class, PROP_PSK_FLAGS,
g_param_spec_uint (NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS,
"PSK Flags",
"Flags indicating how to handle the WPA PSK key.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSettingWirelessSecurity:leap-password:
*
@ -1179,6 +1281,20 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
/**
* NMSettingWirelessSecurity:leap-password-flags:
*
* Flags indicating how to handle #NMSettingWirelessSecurity:leap-password.
**/
g_object_class_install_property (object_class, PROP_LEAP_PASSWORD_FLAGS,
g_param_spec_uint (NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS,
"LEAP Password Flags",
"Flags indicating how to handle the LEAP password.",
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
NM_SETTING_SECRET_FLAG_LAST,
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
/**
* NMSettingWirelessSecurity:wep-key-type:
*

13
libnm-util/nm-setting-wireless-security.h
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -75,9 +75,12 @@ typedef enum {
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY1 "wep-key1"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY2 "wep-key2"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY3 "wep-key3"
#define NM_SETTING_WIRELESS_SECURITY_PSK "psk"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD "leap-password"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS "wep-key-flags"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE "wep-key-type"
#define NM_SETTING_WIRELESS_SECURITY_PSK "psk"
#define NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS "psk-flags"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD "leap-password"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS "leap-password-flags"
typedef struct {
NMSetting parent;
@ -118,14 +121,18 @@ void nm_setting_wireless_security_remove_group (NMSettingWirelessSec
void nm_setting_wireless_security_clear_groups (NMSettingWirelessSecurity *setting);
const char *nm_setting_wireless_security_get_psk (NMSettingWirelessSecurity *setting);
NMSettingSecretFlags nm_setting_wireless_security_get_psk_flags (NMSettingWirelessSecurity *setting);
const char *nm_setting_wireless_security_get_leap_username (NMSettingWirelessSecurity *setting);
const char *nm_setting_wireless_security_get_leap_password (NMSettingWirelessSecurity *setting);
NMSettingSecretFlags nm_setting_wireless_security_get_leap_password_flags (NMSettingWirelessSecurity *setting);
const char *nm_setting_wireless_security_get_wep_key (NMSettingWirelessSecurity *setting, guint32 idx);
void nm_setting_wireless_security_set_wep_key (NMSettingWirelessSecurity *setting, guint32 idx, const char *key);
guint32 nm_setting_wireless_security_get_wep_tx_keyidx (NMSettingWirelessSecurity *setting);
const char *nm_setting_wireless_security_get_auth_alg (NMSettingWirelessSecurity *setting);
NMSettingSecretFlags nm_setting_wireless_security_get_wep_key_flags (NMSettingWirelessSecurity *setting);
NMWepKeyType nm_setting_wireless_security_get_wep_key_type (NMSettingWirelessSecurity *setting);
G_END_DECLS

27
libnm-util/nm-setting.h
View file

@ -19,7 +19,7 @@
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2008 Red Hat, Inc.
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* (C) Copyright 2007 - 2008 Novell, Inc.
*/
@ -185,6 +185,31 @@ void nm_setting_enumerate_values (NMSetting *setting,
char *nm_setting_to_string (NMSetting *setting);
/* Secrets */
/**
* NMSettingSecretFlags:
* @NM_SETTING_SECRET_FLAG_SYTSEM_OWNED: the system is responsible for providing
* and storing this secret (default)
* @NM_SETTING_SECRET_FLAG_AGENT_OWNED: a user secret agent is responsible
* for providing and storing this secret; when it is required agents will be
* asked to retrieve it
* @NM_SETTING_SECRET_FLAG_NOT_SAVED: this secret should not be saved, but
* should be requested from the user each time it is needed
*
* These flags indicate specific behavior related to handling of a secret. Each
* secret has a corresponding set of these flags which indicate how the secret
* is to be stored and/or requested when it is needed.
*
**/
typedef enum {
NM_SETTING_SECRET_FLAG_SYSTEM_OWNED = 0x00000000,
NM_SETTING_SECRET_FLAG_AGENT_OWNED = 0x00000001,
NM_SETTING_SECRET_FLAG_NOT_SAVED = 0x00000002,
/* Placeholder for bounds checking */
NM_SETTING_SECRET_FLAG_LAST = NM_SETTING_SECRET_FLAG_NOT_SAVED,
} NMSettingSecretFlags;
void nm_setting_clear_secrets (NMSetting *setting);
GPtrArray *nm_setting_need_secrets (NMSetting *setting);
gboolean nm_setting_update_secrets (NMSetting *setting,