system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-10-15 20:45:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

nmtui: merge branch 'bg/nmtui-8021x'

Browse source 
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1314
This commit is contained in:
Beniamino Galvani 2022-09-28 09:14:05 +02:00
parent c32823d5e9 48b7ab5636
commit 683239166b
18 changed files with 1241 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Makefile.am
View file

@ -5058,6 +5058,8 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nm-editor-utils.c \
src/nmtui/nm-editor-utils.h \
\
src/nmtui/nmt-8021x-fields.c \
src/nmtui/nmt-8021x-fields.h \
src/nmtui/nmt-address-list.c \
src/nmtui/nmt-address-list.h \
src/nmtui/nmt-connect-connection-list.c \
@ -5068,10 +5070,10 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nmt-edit-connection-list.h \
src/nmtui/nmt-editor-grid.c \
src/nmtui/nmt-editor-grid.h \
src/nmtui/nmt-editor-page.c \
src/nmtui/nmt-editor-page.h \
src/nmtui/nmt-editor-page-device.c \
src/nmtui/nmt-editor-page-device.h \
src/nmtui/nmt-editor-page.c \
src/nmtui/nmt-editor-page.h \
src/nmtui/nmt-editor-section.c \
src/nmtui/nmt-editor-section.h \
src/nmtui/nmt-editor.c \
@ -5102,6 +5104,8 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nmt-page-ip4.h \
src/nmtui/nmt-page-ip6.c \
src/nmtui/nmt-page-ip6.h \
src/nmtui/nmt-page-macsec.c \
src/nmtui/nmt-page-macsec.h \
src/nmtui/nmt-page-ppp.c \
src/nmtui/nmt-page-ppp.h \
src/nmtui/nmt-page-team-port.c \
@ -5128,12 +5132,12 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nmt-slave-list.h \
src/nmtui/nmt-utils.c \
src/nmtui/nmt-utils.h \
src/nmtui/nmt-widget-list.c \
src/nmtui/nmt-widget-list.h \
src/nmtui/nmt-wireguard-peer-editor.c \
src/nmtui/nmt-wireguard-peer-editor.h \
src/nmtui/nmt-wireguard-peer-list.c \
src/nmtui/nmt-wireguard-peer-list.h \
src/nmtui/nmt-widget-list.c \
src/nmtui/nmt-widget-list.h \
$(NULL)
src_nmtui_nmtui_CPPFLAGS = \

2
NEWS
View file

@ -10,6 +10,8 @@ USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE!
* nmcli: allow changing "connection.uuid" and "connection.type"
in offline mode and setting the UUID when creating a connection.
* nmtui now supports editing Wi-Fi WPA-Enterprise, Ethernet with 802.1X
authentication and MACsec connection profiles.
=============================================
NetworkManager-1.40

6
src/libnmt-newt/nmt-newt-stack.c
View file

@ -166,8 +166,7 @@ nmt_newt_stack_child_validity_changed(NmtNewtContainer *container, NmtNewtWidget
return;
if (priv->children->pdata[priv->active] == (gpointer) widget) {
NMT_NEWT_CONTAINER_CLASS(nmt_newt_stack_parent_class)
->child_validity_changed(container, widget);
nmt_newt_widget_set_valid(NMT_NEWT_WIDGET(container), nmt_newt_widget_get_valid(widget));
}
}
@ -190,6 +189,7 @@ nmt_newt_stack_set_active(NmtNewtStack *stack, guint active)
g_object_notify(G_OBJECT(stack), "active");
g_object_notify(G_OBJECT(stack), "active-id");
nmt_newt_widget_needs_rebuild(NMT_NEWT_WIDGET(stack));
nmt_newt_stack_child_validity_changed(NMT_NEWT_CONTAINER(stack), priv->children->pdata[active]);
}
/**
@ -230,6 +230,8 @@ nmt_newt_stack_set_active_id(NmtNewtStack *stack, const char *id)
g_object_notify(G_OBJECT(stack), "active");
g_object_notify(G_OBJECT(stack), "active-id");
nmt_newt_widget_needs_rebuild(NMT_NEWT_WIDGET(stack));
nmt_newt_stack_child_validity_changed(NMT_NEWT_CONTAINER(stack),
priv->children->pdata[i]);
return;
}
}

2
src/nmtui/meson.build
View file

@ -5,6 +5,7 @@ executable(
files(
'nm-editor-bindings.c',
'nm-editor-utils.c',
'nmt-8021x-fields.c',
'nmt-address-list.c',
'nmt-connect-connection-list.c',
'nmt-device-entry.c',
@ -27,6 +28,7 @@ executable(
'nmt-page-ip4.c',
'nmt-page-ip6.c',
'nmt-page-ip-tunnel.c',
'nmt-page-macsec.c',
'nmt-page-ppp.c',
'nmt-page-team.c',
'nmt-page-team-port.c',

79
src/nmtui/nm-editor-bindings.c
View file

@ -54,6 +54,51 @@ nm_editor_bindings_init(void)
g_value_register_transform_func(G_TYPE_STRING, G_TYPE_UINT, value_transform_string_uint);
}
gboolean
certificate_to_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data)
{
GBytes *bytes;
char *utf8;
bytes = g_value_get_boxed(source_value);
if (bytes)
utf8 = nm_utils_ssid_to_utf8(g_bytes_get_data(bytes, NULL), g_bytes_get_size(bytes));
else
utf8 = g_strdup("");
g_value_take_string(target_value, utf8);
return TRUE;
}
gboolean
certificate_from_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data)
{
const char *text;
gs_free char *cert = NULL;
GBytes *bytes = NULL;
text = g_value_get_string(source_value);
if (text[0]) {
/* Consider anything without a scheme prefix as an absolute path */
if (!g_str_has_prefix(text, "file://") && !g_str_has_prefix(text, "blob://")
&& !g_str_has_prefix(text, "pkcs11://")) {
cert = g_strdup_printf("file://%s%s", text[0] == '/' ? "" : "/", text);
text = cert;
}
bytes = g_bytes_new(text, strlen(text) + 1);
}
g_value_take_boxed(target_value, bytes);
return TRUE;
}
static gboolean
ip_addresses_with_prefix_to_strv(GBinding *binding,
const GValue *source_value,
@ -803,7 +848,9 @@ peer_transform_from_persistent_keepalive_string(GBinding *binding,
typedef struct {
NMConnection *connection;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
gboolean s_wsec_in_use;
gboolean s_8021x_in_use;
GObject *target;
char *target_property;
@ -891,6 +938,7 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us
{
NMEditorWirelessSecurityMethodBinding *binding = user_data;
char *method;
gboolean need_8021x = FALSE;
if (binding->updating)
return;
@ -900,11 +948,14 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us
binding->updating = TRUE;
if (!strcmp(method, "none")) {
if (!binding->s_wsec_in_use)
return;
binding->s_wsec_in_use = FALSE;
nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
if (binding->s_wsec_in_use) {
binding->s_wsec_in_use = FALSE;
nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
}
if (binding->s_8021x_in_use) {
binding->s_8021x_in_use = FALSE;
nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_802_1X);
}
binding->updating = FALSE;
return;
}
@ -985,10 +1036,21 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us
NULL,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE,
NM_WEP_KEY_TYPE_UNKNOWN,
NM_SETTING_WIRELESS_SECURITY_PSK,
NULL,
NULL);
need_8021x = TRUE;
} else
g_warn_if_reached();
if (need_8021x != binding->s_8021x_in_use) {
binding->s_8021x_in_use = need_8021x;
if (need_8021x)
nm_connection_add_setting(binding->connection, NM_SETTING(binding->s_8021x));
else
nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_802_1X);
}
binding->updating = FALSE;
}
@ -1031,6 +1093,7 @@ wireless_security_target_destroyed(gpointer user_data, GObject *ex_target)
void
nm_editor_bind_wireless_security_method(NMConnection *connection,
NMSettingWirelessSecurity *s_wsec,
NMSetting8021x *s_8021x,
gpointer target,
const char *target_property,
GBindingFlags flags)
@ -1054,9 +1117,11 @@ nm_editor_bind_wireless_security_method(NMConnection *connection,
NM_CONNECTION_CHANGED,
G_CALLBACK(wireless_connection_changed),
binding);
binding->s_wsec_in_use = (nm_connection_get_setting_wireless_security(connection) != NULL);
binding->s_wsec_in_use = (nm_connection_get_setting_wireless_security(connection) != NULL);
binding->s_wsec = g_object_ref(s_wsec);
binding->s_8021x_in_use = (nm_connection_get_setting_802_1x(connection) != NULL);
binding->s_8021x = g_object_ref(s_8021x);
binding->s_wsec = g_object_ref(s_wsec);
g_signal_connect(s_wsec,
"notify::" NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
G_CALLBACK(wireless_security_changed),

11
src/nmtui/nm-editor-bindings.h
View file

@ -8,6 +8,16 @@
void nm_editor_bindings_init(void);
gboolean certificate_from_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data);
gboolean certificate_to_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data);
void nm_editor_bind_ip_addresses_with_prefix_to_strv(int family,
gpointer source,
const char *source_property,
@ -41,6 +51,7 @@ void nm_editor_bind_ip_route_to_strings(int family,
void nm_editor_bind_wireless_security_method(NMConnection *connection,
NMSettingWirelessSecurity *s_wsec,
NMSetting8021x *s_8021x,
gpointer target,
const char *target_property,
GBindingFlags flags);

8
src/nmtui/nm-editor-utils.c
View file

@ -235,6 +235,14 @@ nm_editor_utils_get_connection_type_list(void)
item->id_format = _("IP tunnel connection %d");
g_ptr_array_add(array, item);
item = g_new0(NMEditorConnectionTypeDataReal, 1);
item->data.name = _("MACsec");
item->data.setting_type = NM_TYPE_SETTING_MACSEC;
item->data.device_type = NM_TYPE_DEVICE_MACSEC;
item->data.virtual = TRUE;
item->id_format = _("MACsec connection %d");
g_ptr_array_add(array, item);
#if 0
/* Add "VPN" only if there are plugins */
vpn_plugins_hash = nm_vpn_get_plugin_infos ();

693
src/nmtui/nmt-8021x-fields.c Normal file
View file

@ -0,0 +1,693 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
/**
* SECTION:nmt-8021x-fields
* @short_description: Widgets for 802.1X setting
*
* #Nmt8021xFields provides widgets to configure the 802.1X setting
*/
#include "libnm-client-aux-extern/nm-default-client.h"
#include "nmt-8021x-fields.h"
#include "nmt-editor-grid.h"
#include "nmt-password-fields.h"
#include "nm-editor-bindings.h"
typedef struct _EapMethod EapMethod;
typedef struct {
const char *id;
const char *label;
gboolean only_for_wired;
void (*populate)(EapMethod *method, NmtNewtWidget *grid);
void (*selected)(EapMethod *method);
} EapMethodDesc;
struct _EapMethod {
const EapMethodDesc *desc;
NMSetting8021x *setting;
NmtNewtWidget *inner_popup;
};
typedef struct {
NMSetting8021x *setting;
NmtNewtWidget *authentication;
NmtNewtWidget *phase2_auth;
gboolean is_wired;
gboolean is_updating;
EapMethod *eap_methods;
} Nmt8021xFieldsPrivate;
struct _Nmt8021xFields {
NmtNewtGrid parent;
Nmt8021xFieldsPrivate _priv;
};
struct _Nmt8021xFieldsClass {
NmtNewtGridClass parent;
};
G_DEFINE_TYPE(Nmt8021xFields, nmt_8021x_fields, NMT_TYPE_EDITOR_GRID)
#define NMT_8021X_FIELDS_GET_PRIVATE(self) \
_NM_GET_PRIVATE(self, Nmt8021xFields, NMT_IS_8021X_FIELDS)
enum {
PROP_0,
PROP_IS_WIRED,
PROP_SETTING,
LAST_PROP
};
static void
nmt_8021x_fields_init(Nmt8021xFields *fields)
{}
/**
* nmt_8021x_fields_new:
* @setting: the backing 802.1X setting
* @is_wired: whether the setting is for a wired connection or wireless
*
* Creates a new #Nmt8021xFields
*
* Returns: a new #Nmt8021xFields
*/
NmtNewtWidget *
nmt_8021x_fields_new(NMSetting8021x *setting, gboolean is_wired)
{
return g_object_new(NMT_TYPE_8021X_FIELDS, "setting", setting, "is-wired", is_wired, NULL);
}
static gboolean
eap_methods_to_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data)
{
char **strv;
strv = g_value_get_boxed(source_value);
if (!strv)
return FALSE;
/* The API allows multiple EAP methods. The UI to
* support this would be complicate, only allow
* one for now. */
g_value_set_string(target_value, strv[0]);
return TRUE;
}
static gboolean
eap_methods_from_string(GBinding *binding,
const GValue *source_value,
GValue *target_value,
gpointer user_data)
{
const char *text;
char **strv = g_new(char *, 2);
text = g_value_get_string(source_value);
strv[0] = g_strdup(text);
strv[1] = NULL;
g_value_take_boxed(target_value, strv);
return TRUE;
}
static gboolean
cert_validate(NmtNewtEntry *entry, const char *text, gpointer user_data)
{
NMSetting8021xCKScheme scheme;
scheme = nm_setting_802_1x_check_cert_scheme(text, strlen(text) + 1, NULL);
return scheme != NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
}
static void
phase2_auth_widget_changed(GObject *object, GParamSpec *pspec, gpointer user_data)
{
NmtNewtWidget *widget = NMT_NEWT_WIDGET(object);
NMSetting8021x *setting = user_data;
const char *active_id;
const char *auth_eap;
const char *auth;
active_id = nmt_newt_popup_get_active_id(NMT_NEWT_POPUP(widget));
if (g_str_has_prefix(active_id, "eap-")) {
auth_eap = &active_id[NM_STRLEN("eap-")];
auth = NULL;
} else {
auth_eap = NULL;
auth = active_id;
}
if (!nm_streq0(auth, nm_setting_802_1x_get_phase2_auth(setting)))
g_object_set(setting, NM_SETTING_802_1X_PHASE2_AUTH, auth, NULL);
if (!nm_streq0(auth_eap, nm_setting_802_1x_get_phase2_autheap(setting)))
g_object_set(setting, NM_SETTING_802_1X_PHASE2_AUTHEAP, auth_eap, NULL);
}
static void
phase2_auth_setting_changed(GObject *object, GParamSpec *pspec, gpointer user_data)
{
NMSetting8021x *setting = NM_SETTING_802_1X(object);
NmtNewtWidget *widget = user_data;
gs_free char *active_id = NULL;
const char *auth;
auth = nm_setting_802_1x_get_phase2_auth(setting);
if (auth) {
active_id = g_strdup(auth);
} else {
auth = nm_setting_802_1x_get_phase2_autheap(setting);
if (auth)
active_id = g_strdup_printf("eap-%s", auth);
}
if (active_id)
nmt_newt_popup_set_active_id(NMT_NEWT_POPUP(widget), active_id);
}
static void
eap_method_populate_simple(EapMethod *method, NmtNewtWidget *subgrid)
{
NmtNewtWidget *widget;
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new(40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL);
}
static void
eap_method_populate_tls(EapMethod *method, NmtNewtWidget *subgrid)
{
NmtNewtWidget *widget;
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Identity"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Domain"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL);
nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL);
g_object_bind_property_full(method->setting,
NM_SETTING_802_1X_CA_CERT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL,
certificate_to_string,
certificate_from_string,
NULL,
NULL);
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_CA_CERT_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL);
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User cert"), widget, NULL);
nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL);
g_object_bind_property_full(method->setting,
NM_SETTING_802_1X_CLIENT_CERT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL,
certificate_to_string,
certificate_from_string,
NULL,
NULL);
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_CLIENT_CERT_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User cert password"), widget, NULL);
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User private key"), widget, NULL);
nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL);
g_object_bind_property_full(method->setting,
NM_SETTING_802_1X_PRIVATE_KEY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL,
certificate_to_string,
certificate_from_string,
NULL,
NULL);
widget = nmt_password_fields_new(40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User privkey password"), widget, NULL);
}
static void
eap_method_populate_ttls(EapMethod *method, NmtNewtWidget *subgrid)
{
NmtNewtWidget *widget;
NmtNewtPopupEntry ttls_inner_methods[] = {{N_("PAP"), "pap"},
{N_("MSCHAP"), "mschap"},
{N_("MSCHAPv2"), "eap-mschapv2"},
{N_("MSCHAPv2 (no EAP)"), "mschapv2"},
{N_("CHAP"), "chap"},
{N_("MD5"), "eap-md5"},
{N_("GTC"), "eap-gtc"},
{NULL, NULL}};
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Anonymous identity"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_ANONYMOUS_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL);
nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL);
g_object_bind_property_full(method->setting,
NM_SETTING_802_1X_CA_CERT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL,
certificate_to_string,
certificate_from_string,
NULL,
NULL);
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_CA_CERT_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL);
widget = nmt_newt_popup_new(ttls_inner_methods);
method->inner_popup = widget;
g_signal_connect(widget,
"notify::active-id",
G_CALLBACK(phase2_auth_widget_changed),
method->setting);
g_signal_connect(method->setting,
"notify::" NM_SETTING_802_1X_PHASE2_AUTH,
G_CALLBACK(phase2_auth_setting_changed),
widget);
g_signal_connect(method->setting,
"notify::" NM_SETTING_802_1X_PHASE2_AUTHEAP,
G_CALLBACK(phase2_auth_setting_changed),
widget);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Inner authentication"), widget, NULL);
if (nm_setting_802_1x_get_num_eap_methods(method->setting) > 0
&& nm_streq0(nm_setting_802_1x_get_eap_method(method->setting, 0), "ttls")) {
phase2_auth_setting_changed(G_OBJECT(method->setting), NULL, widget);
}
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD
| NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PASSWORD_FLAGS,
widget,
"secret-flags",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL);
}
static void
eap_method_populate_peap(EapMethod *method, NmtNewtWidget *subgrid)
{
NmtNewtWidget *widget;
static NmtNewtPopupEntry peap_version_entries[] = {{N_("Automatic"), NULL},
{N_("Version 0"), "0"},
{N_("Version 1"), "1"},
{NULL, NULL}};
static NmtNewtPopupEntry peap_inner_methods[] = {{N_("MSCHAPv2"), "mschapv2"},
{N_("MD5"), "md5"},
{N_("GTC"), "gtc"},
{NULL, NULL}};
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Anonymous identity"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_ANONYMOUS_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Domain"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL);
nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL);
g_object_bind_property_full(method->setting,
NM_SETTING_802_1X_CA_CERT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL,
certificate_to_string,
certificate_from_string,
NULL,
NULL);
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_CA_CERT_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL);
widget = nmt_newt_popup_new(peap_version_entries);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PHASE1_PEAPVER,
widget,
"active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("PEAP version"), widget, NULL);
widget = nmt_newt_popup_new(peap_inner_methods);
method->inner_popup = widget;
g_signal_connect(widget,
"notify::active-id",
G_CALLBACK(phase2_auth_widget_changed),
method->setting);
g_signal_connect(method->setting,
"notify::" NM_SETTING_802_1X_PHASE2_AUTH,
G_CALLBACK(phase2_auth_setting_changed),
widget);
g_signal_connect(method->setting,
"notify::" NM_SETTING_802_1X_PHASE2_AUTHEAP,
G_CALLBACK(phase2_auth_setting_changed),
widget);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Inner authentication"), widget, NULL);
if (nm_setting_802_1x_get_num_eap_methods(method->setting) > 0
&& nm_streq0(nm_setting_802_1x_get_eap_method(method->setting, 0), "peap")) {
phase2_auth_setting_changed(G_OBJECT(method->setting), NULL, widget);
}
widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_IDENTITY,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD
| NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PASSWORD,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
g_object_bind_property(method->setting,
NM_SETTING_802_1X_PASSWORD_FLAGS,
widget,
"secret-flags",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL);
}
static void
eap_method_selected_tunneled(EapMethod *method)
{
phase2_auth_widget_changed(G_OBJECT(method->inner_popup), NULL, method->setting);
}
static const EapMethodDesc eap_method_descs[] = {
{
.id = "md5",
.label = N_("MD5"),
.only_for_wired = TRUE,
.populate = eap_method_populate_simple,
},
{
.id = "pwd",
.label = N_("PWD"),
.populate = eap_method_populate_simple,
},
{
.id = "tls",
.label = N_("TLS"),
.populate = eap_method_populate_tls,
},
{
.id = "ttls",
.label = N_("TTLS"),
.populate = eap_method_populate_ttls,
.selected = eap_method_selected_tunneled,
},
{
.id = "peap",
.label = N_("PEAP"),
.populate = eap_method_populate_peap,
.selected = eap_method_selected_tunneled,
},
{},
};
static void
eap_method_changed(GObject *object, GParamSpec *pspec, gpointer user_data)
{
Nmt8021xFields *self = user_data;
Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self);
int active;
active = nmt_newt_popup_get_active(NMT_NEWT_POPUP(priv->authentication));
if (priv->eap_methods[active].desc->selected)
priv->eap_methods[active].desc->selected(&priv->eap_methods[active]);
}
static void
nmt_8021x_fields_constructed(GObject *object)
{
Nmt8021xFields *self = NMT_8021X_FIELDS(object);
Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self);
NmtEditorGrid *grid = NMT_EDITOR_GRID(object);
gs_unref_array GArray *entries = NULL;
NmtNewtStack *stack;
NmtNewtWidget *subgrid;
NmtNewtWidget *widget;
guint i, j;
EapMethod *method;
/* Create the EAP methods popup */
entries = g_array_new(TRUE, TRUE, sizeof(NmtNewtPopupEntry));
for (i = 0; eap_method_descs[i].id; i++) {
NmtNewtPopupEntry entry;
if (eap_method_descs[i].only_for_wired && !priv->is_wired)
continue;
entry.label = (char *) eap_method_descs[i].label;
entry.id = (char *) eap_method_descs[i].id;
g_array_append_val(entries, entry);
}
priv->authentication = nmt_newt_popup_new((NmtNewtPopupEntry *) entries->data);
nmt_editor_grid_append(grid, "Authentication", NMT_NEWT_WIDGET(priv->authentication), NULL);
widget = nmt_newt_stack_new();
stack = NMT_NEWT_STACK(widget);
/* Instantiate EAP methods and populate widgets */
priv->eap_methods = g_new0(EapMethod, G_N_ELEMENTS(eap_method_descs));
for (i = 0, j = 0; eap_method_descs[i].id; i++) {
if (eap_method_descs[i].only_for_wired && !priv->is_wired)
continue;
method = &priv->eap_methods[j++];
method->desc = &eap_method_descs[i];
method->setting = priv->setting;
subgrid = nmt_editor_grid_new();
method->desc->populate(method, subgrid);
nmt_newt_stack_add(stack, method->desc->id, subgrid);
}
g_object_bind_property(priv->authentication,
"active-id",
stack,
"active-id",
G_BINDING_SYNC_CREATE);
g_object_bind_property_full(priv->setting,
NM_SETTING_802_1X_EAP,
priv->authentication,
"active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE,
eap_methods_to_string,
eap_methods_from_string,
NULL,
NULL);
/* When the popup value changes, in addition to updating the stack and the setting,
* we need to refresh the selected EAP method's widget to ensure the setting and
* the widget are in sync. */
g_signal_connect(priv->authentication,
"notify::active-id",
G_CALLBACK(eap_method_changed),
self);
nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL);
G_OBJECT_CLASS(nmt_8021x_fields_parent_class)->constructed(object);
}
static void
nmt_8021x_fields_finalize(GObject *object)
{
Nmt8021xFields *self = NMT_8021X_FIELDS(object);
Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self);
nm_clear_g_free(&priv->eap_methods);
g_clear_object(&priv->authentication);
G_OBJECT_CLASS(nmt_8021x_fields_parent_class)->finalize(object);
}
static void
nmt_8021x_fields_set_property(GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec)
{
Nmt8021xFields *self = NMT_8021X_FIELDS(object);
Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self);
switch (prop_id) {
case PROP_SETTING:
priv->setting = g_object_ref(g_value_get_object(value));
break;
case PROP_IS_WIRED:
priv->is_wired = g_value_get_boolean(value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
break;
}
}
static void
nmt_8021x_fields_get_property(GObject *object, guint prop_id, GValue *value, GParamSpec *pspec)
{
Nmt8021xFields *self = NMT_8021X_FIELDS(object);
Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self);
switch (prop_id) {
case PROP_SETTING:
g_value_set_object(value, priv->setting);
break;
case PROP_IS_WIRED:
g_value_set_boolean(value, priv->is_wired);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
break;
}
}
static void
nmt_8021x_fields_class_init(Nmt8021xFieldsClass *entry_class)
{
GObjectClass *object_class = G_OBJECT_CLASS(entry_class);
object_class->constructed = nmt_8021x_fields_constructed;
object_class->finalize = nmt_8021x_fields_finalize;
object_class->set_property = nmt_8021x_fields_set_property;
object_class->get_property = nmt_8021x_fields_get_property;
/**
* Nmt8021xFields:setting:
*
* The backing 802.1X setting
*/
g_object_class_install_property(
object_class,
PROP_SETTING,
g_param_spec_object("setting",
"",
"",
NM_TYPE_SETTING_802_1X,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS));
/**
* Nmt8021xFields:is-wired
*
* Whether the setting is for a wired connection
*/
g_object_class_install_property(
object_class,
PROP_IS_WIRED,
g_param_spec_boolean("is-wired",
"",
"",
FALSE,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS));
}

29
src/nmtui/nmt-8021x-fields.h Normal file
View file

@ -0,0 +1,29 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
#ifndef NMT_8021X_FIELDS_H
#define NMT_8021X_FIELDS_H
#include "libnmt-newt/nmt-newt.h"
#define NMT_TYPE_8021X_FIELDS (nmt_8021x_fields_get_type())
#define NMT_8021X_FIELDS(obj) \
(G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_8021X_FIELDS, Nmt8021xFields))
#define NMT_8021X_FIELDS_CLASS(klass) \
(G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_8021X_FIELDS, Nmt8021xFieldsClass))
#define NMT_IS_8021X_FIELDS(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_8021X_FIELDS))
#define NMT_IS_8021X_FIELDS_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_8021X_FIELDS))
#define NMT_8021X_FIELDS_GET_CLASS(obj) \
(G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_8021X_FIELDS, Nmt8021xFieldsClass))
typedef struct _Nmt8021xFields Nmt8021xFields;
typedef struct _Nmt8021xFieldsClass Nmt8021xFieldsClass;
GType nmt_8021x_fields_get_type(void);
NmtNewtWidget *nmt_8021x_fields_new(NMSetting8021x *setting, gboolean is_wired);
#endif /* NMT_8021X_FIELDS_H */

1
src/nmtui/nmt-connect-connection-list.c
View file

@ -100,6 +100,7 @@ static const char *device_sort_order[] = {"NMDeviceEthernet",
NM_SETTING_TEAM_SETTING_NAME,
NM_SETTING_BRIDGE_SETTING_NAME,
NM_SETTING_IP_TUNNEL_SETTING_NAME,
NM_SETTING_MACSEC_SETTING_NAME,
NM_SETTING_WIREGUARD_SETTING_NAME,
NM_SETTING_TUN_SETTING_NAME,
"NMDeviceModem",

3
src/nmtui/nmt-editor.c
View file

@ -35,6 +35,7 @@
#include "nmt-page-ip-tunnel.h"
#include "nmt-page-ip4.h"
#include "nmt-page-ip6.h"
#include "nmt-page-macsec.h"
#include "nmt-page-ppp.h"
#include "nmt-page-team.h"
#include "nmt-page-team-port.h"
@ -362,6 +363,8 @@ nmt_editor_constructed(GObject *object)
page = nmt_page_bridge_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_INFINIBAND_SETTING_NAME))
page = nmt_page_infiniband_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_MACSEC_SETTING_NAME))
page = nmt_page_macsec_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_PPPOE_SETTING_NAME))
page = nmt_page_dsl_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_TEAM_SETTING_NAME))

90
src/nmtui/nmt-page-ethernet.c
View file

@ -18,9 +18,27 @@
#include "libnm-core-aux-intern/nm-libnm-core-utils.h"
#include "nmt-mac-entry.h"
#include "nmt-mtu-entry.h"
#include "nmt-8021x-fields.h"
typedef struct {
NMSetting8021x *s_8021x;
NmtNewtWidget *dot1x_fields;
} NmtPageEthernetPrivate;
struct _NmtPageEthernet {
NmtEditorPageDevice parent;
NmtPageEthernetPrivate _priv;
};
struct _NmtPageEthernetClass {
NmtEditorPageDeviceClass parent;
};
G_DEFINE_TYPE(NmtPageEthernet, nmt_page_ethernet, NMT_TYPE_EDITOR_PAGE_DEVICE)
#define NMT_PAGE_ETHERNET_GET_PRIVATE(self) \
_NM_GET_PRIVATE(self, NmtPageEthernet, NMT_IS_PAGE_ETHERNET)
NmtEditorPage *
nmt_page_ethernet_new(NMConnection *conn, NmtDeviceEntry *deventry)
{
@ -31,20 +49,54 @@ static void
nmt_page_ethernet_init(NmtPageEthernet *ethernet)
{}
static void
checkbox_8021x_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data)
{
NMConnection *conn;
NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(user_data);
NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(ethernet);
gboolean active;
gboolean has;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(ethernet));
active = nmt_newt_checkbox_get_active(NMT_NEWT_CHECKBOX(widget));
has = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X);
if (active != has) {
if (active)
nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x));
else
nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X);
}
nmt_newt_widget_set_visible(NMT_NEWT_WIDGET(priv->dot1x_fields), active);
}
static void
nmt_page_ethernet_constructed(GObject *object)
{
NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(object);
NmtDeviceEntry *deventry;
NmtEditorSection *section;
NmtEditorGrid *grid;
NMSettingWired *s_wired;
NmtNewtWidget *widget;
NMConnection *conn;
NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(object);
NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(object);
NmtDeviceEntry *deventry;
NmtEditorSection *section;
NmtEditorGrid *grid;
NMSettingWired *s_wired;
NMSetting8021x *s_8021x;
NmtNewtWidget *widget;
NMConnection *conn;
gboolean has_8021x;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(ethernet));
s_wired = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_WIRED);
s_8021x = nm_connection_get_setting_802_1x(conn);
has_8021x = !!s_8021x;
if (!s_8021x) {
s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new());
nm_setting_802_1x_add_eap_method(s_8021x, "TLS");
}
priv->s_8021x = g_object_ref(s_8021x);
deventry = nmt_editor_page_device_get_device_entry(NMT_EDITOR_PAGE_DEVICE(object));
g_object_bind_property(s_wired,
NM_SETTING_WIRED_MAC_ADDRESS,
@ -73,13 +125,37 @@ nmt_page_ethernet_constructed(GObject *object)
nmt_editor_page_add_section(NMT_EDITOR_PAGE(ethernet), section);
/* 802.1X security */
section = nmt_editor_section_new(_("802.1X SECURITY"), NULL, has_8021x);
grid = nmt_editor_section_get_body(section);
widget = nmt_newt_checkbox_new(_("Enable 802.1X security"));
nmt_newt_checkbox_set_active(NMT_NEWT_CHECKBOX(widget), has_8021x);
g_signal_connect(widget, "notify::active", G_CALLBACK(checkbox_8021x_changed), ethernet);
nmt_editor_grid_append(grid, NULL, widget, NULL);
priv->dot1x_fields = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE));
checkbox_8021x_changed(widget, NULL, ethernet);
nmt_editor_grid_append(grid, NULL, priv->dot1x_fields, NULL);
nmt_editor_page_add_section(NMT_EDITOR_PAGE(ethernet), section);
G_OBJECT_CLASS(nmt_page_ethernet_parent_class)->constructed(object);
}
static void
nmt_page_ethernet_finalize(GObject *object)
{
NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(object);
g_clear_object(&priv->s_8021x);
G_OBJECT_CLASS(nmt_page_ethernet_parent_class)->finalize(object);
}
static void
nmt_page_ethernet_class_init(NmtPageEthernetClass *ethernet_class)
{
GObjectClass *object_class = G_OBJECT_CLASS(ethernet_class);
object_class->constructed = nmt_page_ethernet_constructed;
object_class->finalize = nmt_page_ethernet_finalize;
}

11
src/nmtui/nmt-page-ethernet.h
View file

@ -18,15 +18,8 @@
#define NMT_PAGE_ETHERNET_GET_CLASS(obj) \
(G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_ETHERNET, NmtPageEthernetClass))
typedef struct {
NmtEditorPageDevice parent;
} NmtPageEthernet;
typedef struct {
NmtEditorPageDeviceClass parent;
} NmtPageEthernetClass;
typedef struct _NmtPageEthernet NmtPageEthernet;
typedef struct _NmtPageEthernetClass NmtPageEthernetClass;
GType nmt_page_ethernet_get_type(void);

196
src/nmtui/nmt-page-macsec.c Normal file
View file

@ -0,0 +1,196 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
/**
* SECTION:nmt-page-macsec
* @short_description: The editor page for MACsec connections
*/
#include "libnm-client-aux-extern/nm-default-client.h"
#include "nmt-page-macsec.h"
#include "libnm-core-aux-intern/nm-libnm-core-utils.h"
#include "nmt-device-entry.h"
#include "nmt-password-fields.h"
#include "nmt-8021x-fields.h"
typedef struct {
NMSetting8021x *s_8021x;
} NmtPageMacsecPrivate;
struct _NmtPageMacsec {
NmtEditorPageDevice parent;
NmtPageMacsecPrivate _priv;
};
struct _NmtPageMacsecClass {
NmtEditorPageDeviceClass parent;
};
G_DEFINE_TYPE(NmtPageMacsec, nmt_page_macsec, NMT_TYPE_EDITOR_PAGE_DEVICE)
#define NMT_PAGE_MACSEC_GET_PRIVATE(self) _NM_GET_PRIVATE(self, NmtPageMacsec, NMT_IS_PAGE_MACSEC)
static void
nmt_page_macsec_init(NmtPageMacsec *macsec)
{}
NmtEditorPage *
nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry)
{
return g_object_new(NMT_TYPE_PAGE_MACSEC, "connection", conn, "device-entry", deventry, NULL);
}
static void
macsec_mode_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data)
{
NmtPageMacsec *macsec = user_data;
NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec);
NMConnection *conn;
gboolean mode_eap;
gboolean has_setting;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec));
has_setting = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X);
mode_eap = nmt_newt_popup_get_active(NMT_NEWT_POPUP(widget)) == NM_SETTING_MACSEC_MODE_EAP;
if (mode_eap != has_setting) {
if (mode_eap)
nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x));
else
nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X);
}
}
static NmtNewtPopupEntry macsec_mode[] = {{N_("PSK"), "psk"}, {N_("EAP"), "eap"}, {NULL, NULL}};
static NmtNewtPopupEntry macsec_validation[] = {{N_("Disabled"), "disabled"},
{N_("Check"), "check"},
{N_("Strict"), "strict"},
{NULL, NULL}};
static void
nmt_page_macsec_constructed(GObject *object)
{
NmtPageMacsec *macsec = NMT_PAGE_MACSEC(object);
NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec);
NMConnection *conn;
NMSettingMacsec *s_macsec;
NMSetting8021x *s_8021x;
NmtNewtStack *stack;
NmtEditorSection *section;
NmtEditorGrid *grid;
NmtNewtWidget *subgrid;
NmtNewtWidget *widget;
NmtNewtWidget *mode;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec));
s_macsec = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_MACSEC);
s_8021x = nm_connection_get_setting_802_1x(conn);
if (!s_8021x) {
s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new());
nm_setting_802_1x_add_eap_method(s_8021x, "MD5");
}
priv->s_8021x = g_object_ref(s_8021x);
section = nmt_editor_section_new(_("MACsec"), NULL, TRUE);
grid = nmt_editor_section_get_body(section);
widget = nmt_device_entry_new(_("Parent device"), 40, G_TYPE_NONE);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_PARENT,
widget,
"interface-name",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append(grid, NULL, widget, NULL);
nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL);
widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_mode);
nmt_editor_grid_append(grid, _("Mode"), widget, NULL);
mode = widget;
widget = nmt_newt_stack_new();
stack = NMT_NEWT_STACK(widget);
/* PSK stack grid */
subgrid = nmt_editor_grid_new();
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MKA_CAK,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CAK"), widget, NULL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CKN"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MKA_CKN,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_newt_stack_add(stack, "psk", subgrid);
/* EAP stack grid */
subgrid = nmt_editor_grid_new();
widget = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE));
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), NULL, widget, NULL);
nmt_newt_stack_add(stack, "eap", subgrid);
g_object_bind_property(mode, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE);
nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MODE,
mode,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
g_signal_connect(mode, "notify::active", G_CALLBACK(macsec_mode_changed), macsec);
macsec_mode_changed(mode, NULL, macsec);
nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL);
/* Other MACsec options */
widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_validation);
nmt_editor_grid_append(grid, _("Validation"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_VALIDATION,
widget,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(grid, _("SCI port"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_PORT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_checkbox_new(_("Encrypt traffic"));
nmt_editor_grid_append(grid, NULL, widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_ENCRYPT,
widget,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_page_add_section(NMT_EDITOR_PAGE(macsec), section);
G_OBJECT_CLASS(nmt_page_macsec_parent_class)->constructed(object);
}
static void
nmt_page_macsec_class_init(NmtPageMacsecClass *macsec_class)
{
GObjectClass *object_class = G_OBJECT_CLASS(macsec_class);
object_class->constructed = nmt_page_macsec_constructed;
}

28
src/nmtui/nmt-page-macsec.h Normal file
View file

@ -0,0 +1,28 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
#ifndef NMT_PAGE_MACSEC_H
#define NMT_PAGE_MACSEC_H
#include "nmt-editor-page-device.h"
#define NMT_TYPE_PAGE_MACSEC (nmt_page_macsec_get_type())
#define NMT_PAGE_MACSEC(obj) \
(G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsec))
#define NMT_PAGE_MACSEC_CLASS(klass) \
(G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass))
#define NMT_IS_PAGE_MACSEC(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_PAGE_MACSEC))
#define NMT_IS_PAGE_MACSEC_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_PAGE_MACSEC))
#define NMT_PAGE_MACSEC_GET_CLASS(obj) \
(G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass))
typedef struct _NmtPageMacsec NmtPageMacsec;
typedef struct _NmtPageMacsecClass NmtPageMacsecClass;
GType nmt_page_macsec_get_type(void);
NmtEditorPage *nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry);
#endif /* NMT_PAGE_MACSEC_H */

17
src/nmtui/nmt-page-wifi.c
View file

@ -23,6 +23,7 @@
#include "nmt-mac-entry.h"
#include "nmt-mtu-entry.h"
#include "nmt-password-fields.h"
#include "nmt-8021x-fields.h"
#include "nm-editor-bindings.h"
@ -33,6 +34,7 @@ G_DEFINE_TYPE(NmtPageWifi, nmt_page_wifi, NMT_TYPE_EDITOR_PAGE_DEVICE)
typedef struct {
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
} NmtPageWifiPrivate;
@ -166,6 +168,7 @@ nmt_page_wifi_constructed(GObject *object)
NmtEditorGrid *grid;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
NmtNewtWidget *widget, *hbox, *subgrid;
NmtNewtWidget *mode, *band, *security, *entry;
NmtNewtStack *stack;
@ -181,7 +184,14 @@ nmt_page_wifi_constructed(GObject *object)
*/
s_wsec = NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new());
}
priv->s_wsec = g_object_ref_sink(s_wsec);
priv->s_wsec = g_object_ref(s_wsec);
s_8021x = nm_connection_get_setting_802_1x(conn);
if (!s_8021x) {
s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new());
nm_setting_802_1x_add_eap_method(s_8021x, "TLS");
}
priv->s_8021x = g_object_ref(s_8021x);
deventry = nmt_editor_page_device_get_device_entry(NMT_EDITOR_PAGE_DEVICE(object));
g_object_bind_property(s_wireless,
@ -279,9 +289,7 @@ nmt_page_wifi_constructed(GObject *object)
nmt_newt_stack_add(stack, "wpa3-personal", subgrid);
/* "wpa-enterprise" */
// FIXME
widget = nmt_newt_label_new(_("(No support for wpa-enterprise yet...)"));
nmt_newt_stack_add(stack, "wpa-enterprise", widget);
nmt_newt_stack_add(stack, "wpa-enterprise", nmt_8021x_fields_new(s_8021x, FALSE));
/* wep-key */
subgrid = nmt_editor_grid_new();
@ -355,6 +363,7 @@ nmt_page_wifi_constructed(GObject *object)
g_object_bind_property(security, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE);
nm_editor_bind_wireless_security_method(conn,
s_wsec,
s_8021x,
security,
"active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);

130
src/nmtui/nmt-password-fields.c
View file

@ -25,7 +25,7 @@ typedef struct {
NmtPasswordFieldsExtras extras;
NmtNewtEntry *entry;
NmtNewtCheckbox *always_ask;
NmtNewtPopup *secret_flags;
NmtNewtCheckbox *show_password;
char *init_password;
@ -37,7 +37,7 @@ enum {
PROP_WIDTH,
PROP_EXTRAS,
PROP_PASSWORD,
PROP_ALWAYS_ASK,
PROP_SECRET_FLAGS,
PROP_SHOW_PASSWORD,
LAST_PROP
@ -45,8 +45,9 @@ enum {
/**
* NmtPasswordFieldsExtras:
* @NMT_PASSWORD_FIELDS_ALWAYS_ASK: show an "Always ask" checkbox
* @NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS: show the secret flags popup
* @NMT_PASSWORD_FIELDS_SHOW_PASSWORD: show a "Show password" checkbox
* @NMT_PASSWORD_FIELDS_NOT_EMPTY: return NULL instead of empty string
*
* Extra widgets to include in an #NmtPasswordFields
*/
@ -82,14 +83,13 @@ static const char *
nmt_password_fields_get_password(NmtPasswordFields *fields)
{
NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields);
const char *text;
return nmt_newt_entry_get_text(priv->entry);
}
text = nmt_newt_entry_get_text(priv->entry);
if (priv->extras & NMT_PASSWORD_FIELDS_NOT_EMPTY)
return nm_str_not_empty(text);
static void
always_ask_changed(GObject *object, GParamSpec *pspec, gpointer fields)
{
g_object_notify(fields, "always-ask");
return text;
}
static void
@ -98,14 +98,49 @@ show_password_changed(GObject *object, GParamSpec *pspec, gpointer fields)
g_object_notify(fields, "show-password");
}
static void
secret_flags_changed(GObject *object, GParamSpec *pspec, gpointer fields)
{
g_object_notify(fields, "secret-flags");
}
static guint
secret_flags_from_popup_idx(guint idx)
{
switch (idx) {
case 1:
return NM_SETTING_SECRET_FLAG_AGENT_OWNED;
case 2:
return NM_SETTING_SECRET_FLAG_NOT_SAVED;
default:
case 0:
return NM_SETTING_SECRET_FLAG_NONE;
}
}
static guint
secret_flags_to_popup_idx(guint flags)
{
if (flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED)
return 1;
if (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
return 2;
return 0;
}
static void
nmt_password_fields_init(NmtPasswordFields *fields)
{
NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields);
NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields);
NmtNewtPopupEntry entries[] = {
{_("Store password for all users"), NULL},
{_("Store password only for this user"), NULL},
{_("Ask password every time"), NULL},
{},
};
priv->entry = NMT_NEWT_ENTRY(nmt_newt_entry_new(-1, 0));
priv->always_ask =
NMT_NEWT_CHECKBOX(nmt_newt_checkbox_new(_("Ask for this password every time")));
priv->entry = NMT_NEWT_ENTRY(nmt_newt_entry_new(-1, 0));
priv->secret_flags = NMT_NEWT_POPUP(nmt_newt_popup_new(entries));
priv->show_password = NMT_NEWT_CHECKBOX(nmt_newt_checkbox_new(_("Show password")));
}
@ -114,20 +149,12 @@ nmt_password_fields_constructed(GObject *object)
{
NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(object);
NmtNewtGrid *grid = NMT_NEWT_GRID(object);
guint row = 0;
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->entry), 0, 0);
if (priv->extras & NMT_PASSWORD_FIELDS_ALWAYS_ASK) {
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->always_ask), 0, 1);
g_signal_connect(priv->always_ask,
"notify::active",
G_CALLBACK(always_ask_changed),
object);
} else
g_clear_object(&priv->always_ask);
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->entry), 0, row++);
if (priv->extras & NMT_PASSWORD_FIELDS_SHOW_PASSWORD) {
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->show_password), 0, 2);
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->show_password), 0, row++);
g_signal_connect(priv->show_password,
"notify::active",
G_CALLBACK(show_password_changed),
@ -140,6 +167,15 @@ nmt_password_fields_constructed(GObject *object)
} else
g_clear_object(&priv->show_password);
if (priv->extras & NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS) {
nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->secret_flags), 0, row++);
g_signal_connect(priv->secret_flags,
"notify::active-id",
G_CALLBACK(secret_flags_changed),
object);
} else
g_clear_object(&priv->secret_flags);
g_object_bind_property(priv->entry,
"text",
object,
@ -154,9 +190,9 @@ nmt_password_fields_finalize(GObject *object)
{
NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(object);
if (priv->always_ask) {
g_signal_handlers_disconnect_by_func(priv->always_ask,
G_CALLBACK(always_ask_changed),
if (priv->secret_flags) {
g_signal_handlers_disconnect_by_func(priv->secret_flags,
G_CALLBACK(secret_flags_changed),
object);
}
if (priv->show_password) {
@ -188,13 +224,12 @@ nmt_password_fields_set_property(GObject *object,
case PROP_PASSWORD:
nmt_password_fields_set_password(fields, g_value_get_string(value));
break;
case PROP_ALWAYS_ASK:
if (priv->always_ask)
nmt_newt_checkbox_set_active(priv->always_ask, g_value_get_boolean(value));
case PROP_SECRET_FLAGS:
nmt_newt_popup_set_active(priv->secret_flags,
secret_flags_to_popup_idx(g_value_get_uint(value)));
break;
case PROP_SHOW_PASSWORD:
if (priv->show_password)
nmt_newt_checkbox_set_active(priv->show_password, g_value_get_boolean(value));
nmt_newt_checkbox_set_active(priv->show_password, g_value_get_boolean(value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
@ -218,13 +253,13 @@ nmt_password_fields_get_property(GObject *object, guint prop_id, GValue *value,
case PROP_PASSWORD:
g_value_set_string(value, nmt_password_fields_get_password(entry));
break;
case PROP_ALWAYS_ASK:
if (priv->always_ask)
g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->always_ask));
case PROP_SECRET_FLAGS:
g_value_set_uint(
value,
secret_flags_from_popup_idx(nmt_newt_popup_get_active(priv->secret_flags)));
break;
case PROP_SHOW_PASSWORD:
if (priv->show_password)
g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->show_password));
g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->show_password));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
@ -279,18 +314,19 @@ nmt_password_fields_class_init(NmtPasswordFieldsClass *entry_class)
PROP_PASSWORD,
g_param_spec_string("password", "", "", NULL, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
/**
* NmtPasswordFields:always-ask:
* NmtPasswordFields:secret-flags:
*
* The current state of the "Always ask" checkbox.
* The current state of the "Secret flags" popup.
*/
g_object_class_install_property(
object_class,
PROP_ALWAYS_ASK,
g_param_spec_boolean("always-ask",
"",
"",
FALSE,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
g_object_class_install_property(object_class,
PROP_SECRET_FLAGS,
g_param_spec_uint("secret-flags",
"",
"",
0,
G_MAXUINT,
0,
G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
/**
* NmtPasswordFields:show-password:
*

5
src/nmtui/nmt-password-fields.h
View file

@ -32,8 +32,9 @@ typedef struct {
GType nmt_password_fields_get_type(void);
typedef enum {
NMT_PASSWORD_FIELDS_ALWAYS_ASK = (1 << 0),
NMT_PASSWORD_FIELDS_SHOW_PASSWORD = (1 << 1),
NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS = (1 << 0),
NMT_PASSWORD_FIELDS_SHOW_PASSWORD = (1 << 1),
NMT_PASSWORD_FIELDS_NOT_EMPTY = (1 << 2), /* Return NULL instead of empty string */
} NmtPasswordFieldsExtras;
NmtNewtWidget *nmt_password_fields_new(int width, NmtPasswordFieldsExtras extras);