vpn: fix handling of connections with only system secrets
The core problem was the nm_connection_need_secrets() call in nm-agent-manager.c's get_start() function; for VPN settings this always returns TRUE. Thus if a VPN connection had only system secrets, when the agent manager checked if additional secrets were required, they would be, and agents would be asked for secrets they didn't have and couldn't provide. Thus the connection would fail. nm_connection_need_secrets() simply can't know if VPN secrets are really required because it doesn't know anything about the internal VPN private data; only the plugin itself can tell us if secrets are required. If the system secrets are sufficient we shouldn't be asking any agents for secrets at all. So implement a three-step secrets path for VPN connections. First we retrieve existing system secrets, and ask the plugin if these are sufficient. Second we request both existing system secrets and existing agent secrets and again ask the plugin if these are sufficient. If both those fail, we ask agents for new secrets.
Showing with 101 additions and 87 deletions