Commit 0601b5d7 authored by Thomas Haller's avatar Thomas Haller

clients: some cleanup of requesting VPN secrets

parent f76dbfc1
......@@ -104,7 +104,7 @@ get_secrets_from_user (const char *request_id,
rl_startup_hook = set_deftext;
pre_input_deftext = g_strdup (secret->value);
}
pwd = nmc_readline ("%s (%s): ", secret->name, secret->prop_name);
pwd = nmc_readline ("%s (%s): ", secret->pretty_name, secret->entry_id);
/* No password provided, cancel the secrets. */
if (!pwd)
......
......@@ -531,10 +531,10 @@ vpn_openconnect_get_secrets (NMConnection *connection, GPtrArray *secrets)
{
GError *error = NULL;
NMSettingVpn *s_vpn;
const char *vpn_type, *gw, *port;
char *cookie = NULL;
char *gateway = NULL;
char *gwcert = NULL;
const char *gw, *port;
gs_free char *cookie = NULL;
gs_free char *gateway = NULL;
gs_free char *gwcert = NULL;
int status = 0;
int i;
gboolean ret;
......@@ -546,8 +546,7 @@ vpn_openconnect_get_secrets (NMConnection *connection, GPtrArray *secrets)
return FALSE;
s_vpn = nm_connection_get_setting_vpn (connection);
vpn_type = nm_setting_vpn_get_service_type (s_vpn);
if (g_strcmp0 (vpn_type, NM_DBUS_INTERFACE ".openconnect"))
if (!nm_streq0 (nm_setting_vpn_get_service_type (s_vpn), NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
return FALSE;
/* Get gateway and port */
......@@ -570,34 +569,31 @@ vpn_openconnect_get_secrets (NMConnection *connection, GPtrArray *secrets)
/* Append port to the host value */
if (gateway && port) {
char *tmp = gateway;
gateway = g_strdup_printf ("%s%s", gateway, port);
g_free (tmp);
gs_free char *tmp = gateway;
gateway = g_strdup_printf ("%s%s", tmp, port);
}
/* Fill secrets to the array */
for (i = 0; i < secrets->len; i++) {
NMSecretAgentSimpleSecret *secret = secrets->pdata[i];
if (!g_strcmp0 (secret->vpn_type, vpn_type)) {
if (!g_strcmp0 (secret->vpn_property, "cookie")) {
g_free (secret->value);
secret->value = cookie;
cookie = NULL;
} else if (!g_strcmp0 (secret->vpn_property, "gateway")) {
g_free (secret->value);
secret->value = gateway;
gateway = NULL;
} else if (!g_strcmp0 (secret->vpn_property, "gwcert")) {
g_free (secret->value);
secret->value = gwcert;
gwcert = NULL;
}
if (secret->secret_type != NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET)
continue;
if (!nm_streq0 (secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
continue;
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "cookie")) {
g_free (secret->value);
secret->value = g_steal_pointer (&cookie);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gateway")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gateway);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gwcert")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gwcert);
}
}
g_free (cookie);
g_free (gateway);
g_free (gwcert);
return TRUE;
}
......@@ -624,7 +620,7 @@ get_secrets_from_user (const char *request_id,
/* First try to find the password in provided passwords file,
* then ask user. */
if (pwds_hash && (pwd = g_hash_table_lookup (pwds_hash, secret->prop_name))) {
if (pwds_hash && (pwd = g_hash_table_lookup (pwds_hash, secret->entry_id))) {
pwd = g_strdup (pwd);
} else {
if (ask) {
......@@ -640,8 +636,10 @@ get_secrets_from_user (const char *request_id,
}
if (msg)
g_print ("%s\n", msg);
pwd = nmc_readline_echo (secret->password ? echo_on : TRUE,
"%s (%s): ", secret->name, secret->prop_name);
pwd = nmc_readline_echo (secret->is_secret
? echo_on
: TRUE,
"%s (%s): ", secret->pretty_name, secret->entry_id);
if (!pwd)
pwd = g_strdup ("");
} else {
......@@ -649,7 +647,7 @@ get_secrets_from_user (const char *request_id,
g_print ("%s\n", msg);
g_printerr (_("Warning: password for '%s' not given in 'passwd-file' "
"and nmcli cannot ask without '--ask' option.\n"),
secret->prop_name);
secret->entry_id);
}
}
/* No password provided, cancel the secrets. */
......
This diff is collapsed.
......@@ -42,13 +42,25 @@ typedef struct {
} NMSecretAgentSimpleClass;
typedef enum {
NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,
NM_SECRET_AGENT_SECRET_TYPE_SECRET,
NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET,
} NMSecretAgentSecretType;
typedef struct {
char *name, *prop_name, *value;
char *vpn_property;
char *vpn_type;
gboolean password;
const NMSecretAgentSecretType secret_type;
const char *pretty_name;
const char *entry_id;
char *value;
const char *vpn_type;
gboolean is_secret;
} NMSecretAgentSimpleSecret;
#define NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "vpn.secret."
#define NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT NM_DBUS_INTERFACE".openconnect"
GType nm_secret_agent_simple_get_type (void);
NMSecretAgentOld *nm_secret_agent_simple_new (const char *name);
......
......@@ -144,12 +144,12 @@ nmt_password_dialog_constructed (GObject *object)
NMSecretAgentSimpleSecret *secret = priv->secrets->pdata[i];
NmtNewtEntryFlags flags;
widget = nmt_newt_label_new (secret->name);
widget = nmt_newt_label_new (secret->pretty_name);
nmt_newt_grid_add (secret_grid, widget, 0, i);
nmt_newt_widget_set_padding (widget, 4, 0, 1, 0);
flags = NMT_NEWT_ENTRY_NONEMPTY;
if (secret->password)
if (secret->is_secret)
flags |= NMT_NEWT_ENTRY_PASSWORD;
widget = nmt_newt_entry_new (30, flags);
if (secret->value)
......
......@@ -100,41 +100,38 @@ secrets_requested (NMSecretAgentSimple *agent,
{
NmtNewtForm *form;
NMConnection *connection = NM_CONNECTION (user_data);
char *cookie = NULL;
char *gateway = NULL;
char *gwcert = NULL;
int i;
/* Get secrets for OpenConnect VPN */
if (connection && nm_connection_is_type (connection, NM_SETTING_VPN_SETTING_NAME)) {
if ( connection
&& nm_connection_is_type (connection, NM_SETTING_VPN_SETTING_NAME)) {
NMSettingVpn *s_vpn = nm_connection_get_setting_vpn (connection);
const char *vpn_type = nm_setting_vpn_get_service_type (s_vpn);
if (!g_strcmp0 (vpn_type, NM_DBUS_INTERFACE ".openconnect")) {
if (nm_streq0 (nm_setting_vpn_get_service_type (s_vpn), NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT)) {
gs_free char *cookie = NULL;
gs_free char *gateway = NULL;
gs_free char *gwcert = NULL;
openconnect_authenticate (connection, &cookie, &gateway, &gwcert);
for (i = 0; i < secrets->len; i++) {
NMSecretAgentSimpleSecret *secret = secrets->pdata[i];
if (!g_strcmp0 (secret->vpn_type, NM_DBUS_INTERFACE ".openconnect")) {
if (!g_strcmp0 (secret->vpn_property, "cookie")) {
g_free (secret->value);
secret->value = cookie;
cookie = NULL;
} else if (!g_strcmp0 (secret->vpn_property, "gateway")) {
g_free (secret->value);
secret->value = gateway;
gateway = NULL;
} else if (!g_strcmp0 (secret->vpn_property, "gwcert")) {
g_free (secret->value);
secret->value = gwcert;
gwcert = NULL;
}
if (secret->secret_type != NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET)
continue;
if (!nm_streq0 (secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
continue;
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "cookie")) {
g_free (secret->value);
secret->value = g_steal_pointer (&cookie);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gateway")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gateway);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRET "gwcert")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gwcert);
}
}
g_free (cookie);
g_free (gateway);
g_free (gwcert);
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment