VPN secrets agent not working
I used https://gitlab.freedesktop.org/NetworkManager/NetworkManager/blob/master/src/tests/test-secret-agent.py as a model to write my own VPN secrets agent:
#!/usr/bin/python3
""" docstring """
import datetime
from gi.repository import GLib
import dbus
import dbus.service
import dbus.mainloop.glib
IFACE_SECRET_AGENT = 'org.freedesktop.NetworkManager.SecretAgent'
IFACE_AGENT_MANAGER = 'org.freedesktop.NetworkManager.AgentManager'
class NotAuthorizedException(dbus.DBusException):
_dbus_error_name = IFACE_SECRET_AGENT + '.NotAuthorized'
class Agent(dbus.service.Object):
def __init__(self, bus, object_path):
self.agents = {}
self.bus = bus
dbus.service.Object.__init__(self, bus, object_path)
@dbus.service.method(IFACE_SECRET_AGENT,
in_signature='a{sa{sv}}osasb',
out_signature='a{sa{sv}}',
sender_keyword='sender')
def GetSecrets(self, connection_hash, connection_path, setting_name, hints,
request_new, sender=None):
if not sender:
raise NotAuthorizedException("Internal error: couldn't get sender")
uid = self.bus.get_unix_user(sender)
if uid != 0:
raise NotAuthorizedException("UID %d not authorized" % uid)
now = datetime.datetime.now()
print("%s: Secrets requested path '%s' setting '%s' hints '%s' new %d" %
(now.strftime("%Y-%m-%d %H:%M:%S"), connection_path,
setting_name, str(hints), request_new))
s_gsm = dbus.Dictionary({'password': '[redacted]'})
con = dbus.Dictionary({'gsm': s_gsm})
print("Sending %s" % con)
return con
def register(proxy):
""" docstring """
proxy.Register("test.agent.id", dbus_interface=IFACE_AGENT_MANAGER)
now = datetime.datetime.now()
print("%s: Registered!" % now.strftime("%Y-%m-%d %H:%M:%S"))
return False
def unregister(proxy, loop):
""" docstring """
proxy.Unregister(dbus_interface=IFACE_AGENT_MANAGER)
loop.quit()
return False
def main():
""" docstring """
dbus.mainloop.glib.DBusGMainLoop(set_as_default=True)
bus = dbus.SystemBus()
obj = Agent(bus, "/org/freedesktop/NetworkManager/SecretAgent")
proxy = bus.get_object("org.freedesktop.NetworkManager",
"/org/freedesktop/NetworkManager/AgentManager")
mainloop = GLib.MainLoop()
GLib.idle_add(register, proxy)
print("Running test secret agent")
try:
mainloop.run()
except KeyboardInterrupt:
pass
print("Unregistering...")
unregister(proxy, mainloop)
if __name__ == '__main__':
main()
When I run the above, it seems to register fine:
Apr 25 08:21:14 host.example.com NetworkManager[1603]: <info> [1587817274.3740] agent-manager: req[0x5574561531f0, :1.731032/test.agent.id/1001]: agent registered
Apr 25 08:21:31 host.example.com NetworkManager[1603]: <info> [1587817291.2500] agent-manager: req[0x5574560f22e0, :1.731037/test.agent.id/1001]: agent registered
And when nmcli c u vpn-connection
runs and NM asks for secrets for VPN, the agent above emits:
2020-04-28 22:53:20: Secrets requested path '/org/freedesktop/NetworkManager/Settings/12' setting 'vpn' hints 'dbus.Array([], signature=dbus.Signature('s'))' new 4
Sending dbus.Dictionary({'gsm': dbus.Dictionary({'password': '[redacted]'}, signature=None)}, signature=None)
2020-04-28 22:53:20: Secrets requested path '/org/freedesktop/NetworkManager/Settings/12' setting 'vpn' hints 'dbus.Array([], signature=dbus.Signature('s'))' new 5
Sending dbus.Dictionary({'gsm': dbus.Dictionary({'password': '[redacted]'}, signature=None)}, signature=None)
but NM still complains:
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <info> [1588128800.6692] agent-manager: req[0x557456192800, :1.781028/nmcli-connect/1001]: agent registered
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <info> [1588128800.6766] audit: op="connection-activate" uuid="c1c8f7be-812f-4253-b8c9-cbcdadeca3a2" name="[redacted] " pid=3896 uid=1001 result="success"
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <info> [1588128800.6824] vpn-connection[0x557456146720,c1c8f7be-812f-4253-b8c9-cbcdadeca3a2,"[redacted]",0]: Started the VPN service, PID 3979
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <info> [1588128800.6954] vpn-connection[0x557456146720,c1c8f7be-812f-4253-b8c9-cbcdadeca3a2,"[redacted]",0]: Saw the service appear; activating connection
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <error> [1588128800.7684] vpn-connection[0x557456146720,c1c8f7be-812f-4253-b8c9-cbcdadeca3a2,"[redacted]",0]: Failed to request VPN secrets #3: No agents were available for this request.
Apr 28 22:53:20 host.example.com NetworkManager[1603]: <info> [1588128800.7694] vpn-connection[0x557456146720,c1c8f7be-812f-4253-b8c9-cbcdadeca3a2,"[redacted]",0]: VPN plugin: state changed: stopped (6)
Is there something wrong with my agent or is this a bug of some sort?