This allows the necessary flexibility when handling secrets; otherwise
it wouldn't be known when NM should save secrets returned from agents
to backing storage, or when the agents should store the secrets. We
can't simply use lack of a secret in persistent storage as the indicator
of this, as (for example) when creating a new connection without
secrets the storage method would be abmiguous.
At the same time, fold in "always ask" functionality for OTP tokens
so user agents don't have to store that attribute themselves out-of-band.
config.h defines _GNU_SOURCE, which in turn defines the bits necessary
for kill, isblank, and isascii. So wherever we use those, we need
to make sure config.h is included.
Instead of requiring applets to hash passphrases, just do it in NM instead.
This should fix confusion where people don't understand that they are seeing
their hashed passphrase.
This caused the 'autoconnect' property of NMSettingConnection to not
get updated in some cases (as when a system setting plugin noticed a
change to autoconnect=true and emitted the Updated signal, which wouldn't
contain the new value). Add a testcase for setting default values too.
* libnm-util/Makefile.am
libnm-util/nm-utils-private.h
- New header for internal utils private functions
* libnm-util/libnm-util.ver
libnm-util/nm-utils.c
libnm-util/nm-utils.h
- Document some functions
- (nm_utils_string_in_list, nm_utils_string_list_contains,
nm_utils_string_slist_validate): un-export, only used within
libnm-util or of limited use in general, and very easy to
re-implement by apps if needed
* libnm-util/nm-setting-8021x.c
libnm-util/nm-setting-wired.c
libnm-util/nm-setting-wireless-security.c
libnm-util/nm-setting-wireless.c
- Update for private nm_utils_string_* functions
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4319 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Add a GError argument to nm_connection_verify() and nm_setting_verify(),
and add error enums to each NMSetting subclass. Each NMSetting subclass now
returns a descriptive GError when verification fails.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3751 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-wireless-security.c
- (need_secrets): only require key0 if the transmit key index is also
0
- (verify): reject non-NULL but zero-length WEP keys; these are invalid
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3515 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Split the 802.1x bits out of the wireless-security setting so they are
generalized enough for wired 802.1x to use too.
* introspection/nm-exported-connection.xml
- GetSecrets now returns 'a{sa{sv}}' (a hash of settings hashes) instead
of just a hash of the secrets for one setting
* libnm-util/nm-setting-wireless-security.c
libnm-util/nm-setting-wireless-security.h
- Remove 802.1x-specific stuff
- Added leap-username and leap-password properties for old-school LEAP
* src/nm-device.c
src/nm-device.h
- (connection_secrets_updated_cb): take a list of updated settings names,
not just one
* src/supplicant-manager/nm-supplicant-config.c
src/supplicant-manager/nm-supplicant-config.h
- (nm_supplicant_config_add_setting_wireless_security): remove 802.1x
specific stuff; fix for updated LEAP bits; punt 802.1x stuff
to nm_supplicant_config_add_setting_8021x()
- (nm_supplicant_config_add_setting_8021x): add an 802-1x setting to
the supplicant config
* src/nm-device-802-11-wireless.c
- (build_supplicant_config): pass in the 802.1x setting too, if any
- (real_connection_secrets_updated): take a list of updated settings
names, not just one
* src/nm-device-802-3-ethernet.c
src/nm-cdma-device.c
src/nm-gsm-device.c
- (real_connection_secrets_updated_cb): take a list of updated settings
names, not just one
* src/nm-activation-request.c
src/nm-activation-request.h
- (nm_act_request_class_init): the 'connection-secrets-updated' signal
now passes a list of updated settings names, not just one
- (update_one_setting): new function; handle one updated setting
- (get_secrets_cb): handle multiple settings returned from the
settings service; have to be careful of ordering here as there are
some dependencies between settings (ex. wireless-security and 802.1x
in some cases)
* src/marshallers/nm-marshal.list
- new marshaller for connection-secrets-updated signal
* libnm-util/nm-setting-8021x.c
- Add back the 'pin' and 'psk' settings, for EAP-SIM and EAP-PSK auth
methods
- (verify): a valid 'eap' property is now required
* libnm-util/nm-connection.c
- (register_default_settings): add priorities to settings; there are
some dependencies between settings, and during the need_secrets
calls this priority needs to be respected. For example, only the
wireless-security setting knows whether or not the connection is
going to use 802.1x or now, so it must be asked for secrets before
any existing 802.1x setting is
- (nm_connection_lookup_setting_type): expose
* libnm-util/nm-setting-wireless.c
- (verify): should verify even if all_settings is NULL; otherwise won't
catch the case where there is missing security
* libnm-util/nm-setting-wireless-security.c
- Remove everything to do with 802.1x
- Add old-school LEAP specific properties for username and password
- (need_secrets): rework LEAP secrets checking
- (verify): rework for LEAP and 802.1x verification
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3470 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-wireless-security.c
- (verify_tls, verify_ttls, verify_identity, verify_nai): do some
minimal verification of EAP methods too
- (verify): verify phase1 eap methods too
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3096 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Make certs actually work. The private key is now a secret, and should be
decrypted when requested by NM. The private key and phase2 private key
passwords are no longer interesting to NM because they should be used by
the settings service to decrypt the private key itself before passing it
to NM, and hence have been removed as fields.
* libnm-util/nm-setting-wireless-security.h
libnm-util/nm-setting-wireless-security.c
- Remove private-key-passwd and phase2-private-key-passwd from
properties
- (need_secrets_password, need_secrets_eappsk, need_secrets_sim,
need_secrets): use property #defines instead strings to keep things
consistent
- (need_secrets_tls): if a client certificate is present but no
private key, request the private key
- (set_property, get_property, nm_setting_wireless_security_class_init):
remove private key password stuff, mark private keys as secret
* src/supplicant-manager/nm-supplicant-settings-verify.c
- Remove private_key_passwd and private_key2_passwd from opt_table
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3080 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-wireless-security.h
libnm-util/nm-setting-wireless-security.c
- Add 'private-key-decrypted' and 'phase2-private-key-decrypted'
members to 802-11-wireless-security structure. This should be used
to indicate that the values in private-key and phase2-private-key
are already decrypted by the user agent, and that no
private-key-passwd or phase2-private-key-passwd should be expected.
It is not meant to be a stored configuration value, but meant to
be set when the conneciton is sent to NM over dbus.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3073 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Rework NMSetting structures: Move each setting to it's own file.
Convert to GObject. Remove home grown setting types and use
GTypes.
Use GObject property introspection for hash conversion,
enumerating
properties, etc.
* libnm-util/nm-setting-connection.[ch]
* libnm-util/nm-setting-ip4-config.[ch]
* libnm-util/nm-setting-ppp.[ch]
* libnm-util/nm-setting-vpn.[ch]
* libnm-util/nm-setting-vpn-properties.[ch]
* libnm-util/nm-setting-wired.[ch]
* libnm-util/nm-setting-wireless.[ch]
* libnm-util/nm-setting-wireless-security.[ch]
New files, each containing a setting.
* libnm-util/nm-setting-template.[ch]: A template for creating
* new
settings. To use it, just replace 'template' with the new
setting
name, and you're half-way done.
* libnm-util/nm-setting.c: Convert to GObject and use GObject
introspection instead of internal types and tables.
* libnm-util/nm-connection.c: Adapt the new NMSetting work.
* libnm-util/nm-param-spec-specialized.[ch]: Implement. Handles
GValue types defined by dbus-glib for composed types like
collections,
structures and maps.
* src/*: The API of NMSetting and NMConnection changed a bit:
* Getting
a setting from connection takes the setting type now. Also,
since
the settings are in multiple files, include relevant settings.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3068 4912f4e0-d625-0410-9fb7-b9a5a253dbdc