Commit d5716eed authored by Thomas Haller's avatar Thomas Haller

secrets: make agent-manager independent from NMSettingsConnection

NMSecretAgent (and in turn NMAgentManager) used the @connection argument both
for the connection data, but also for the connection path. Detangle these, and
accept the path separate from the connection.

This makes NMSecretAgent and NMAgentManager truly operate on a plain
NMConnection, without the non-obvious requirement, that the path of the
connection must be set.
parent 80a7b416
......@@ -29,7 +29,6 @@
#include "nm-secret-agent.h"
#include "nm-auth-utils.h"
#include "nm-setting-vpn.h"
#include "nm-setting-connection.h"
#include "nm-enum-types.h"
#include "nm-auth-manager.h"
#include "nm-bus-manager.h"
......@@ -455,6 +454,7 @@ struct _NMAgentManagerCallId {
union {
struct {
char *path;
NMConnection *connection;
NMAuthChain *chain;
......@@ -506,6 +506,7 @@ request_free (Request *req)
case REQUEST_TYPE_CON_SAVE:
case REQUEST_TYPE_CON_DEL:
g_object_unref (req->con.connection);
g_free (req->con.path);
if (req->con.chain)
nm_auth_chain_unref (req->con.chain);
if (req->request_type == REQUEST_TYPE_CON_GET) {
......@@ -943,6 +944,7 @@ _con_get_request_start_proceed (Request *req, gboolean include_system_secrets)
}
req->current_call_id = nm_secret_agent_get_secrets (req->current,
req->con.path,
tmp,
req->con.get.setting_name,
(const char **) req->con.get.hints,
......@@ -1157,6 +1159,7 @@ _con_get_try_complete_early (Request *req)
/**
* nm_agent_manager_get_secrets:
* @self:
* @path:
* @connection:
* @subject:
* @existing_secrets:
......@@ -1179,6 +1182,7 @@ _con_get_try_complete_early (Request *req)
*/
NMAgentManagerCallId
nm_agent_manager_get_secrets (NMAgentManager *self,
const char *path,
NMConnection *connection,
NMAuthSubject *subject,
GVariant *existing_secrets,
......@@ -1194,12 +1198,13 @@ nm_agent_manager_get_secrets (NMAgentManager *self,
Request *req;
g_return_val_if_fail (self != NULL, 0);
g_return_val_if_fail (path && *path, 0);
g_return_val_if_fail (NM_IS_CONNECTION (connection), 0);
g_return_val_if_fail (callback != NULL, 0);
nm_log_dbg (LOGD_SETTINGS,
"Secrets requested for connection %s (%s/%s)",
nm_connection_get_path (connection),
path,
nm_connection_get_id (connection),
setting_name);
......@@ -1213,6 +1218,7 @@ nm_agent_manager_get_secrets (NMAgentManager *self,
nm_connection_get_id (connection),
subject);
req->con.path = g_strdup (path);
req->con.connection = g_object_ref (connection);
if (existing_secrets)
req->con.get.existing_secrets = g_variant_ref (existing_secrets);
......@@ -1296,6 +1302,7 @@ static void
_con_save_request_start (Request *req)
{
req->current_call_id = nm_secret_agent_save_secrets (req->current,
req->con.path,
req->con.connection,
_con_save_request_done,
req);
......@@ -1307,6 +1314,7 @@ _con_save_request_start (Request *req)
void
nm_agent_manager_save_secrets (NMAgentManager *self,
const char *path,
NMConnection *connection,
NMAuthSubject *subject)
{
......@@ -1314,17 +1322,19 @@ nm_agent_manager_save_secrets (NMAgentManager *self,
Request *req;
g_return_if_fail (self);
g_return_if_fail (path && *path);
g_return_if_fail (NM_IS_CONNECTION (connection));
nm_log_dbg (LOGD_SETTINGS,
"Saving secrets for connection %s (%s)",
nm_connection_get_path (connection),
path,
nm_connection_get_id (connection));
req = request_new (self,
REQUEST_TYPE_CON_SAVE,
nm_connection_get_id (connection),
subject);
req->con.path = g_strdup (path);
req->con.connection = g_object_ref (connection);
if (!g_hash_table_add (priv->requests, req))
g_assert_not_reached ();
......@@ -1378,6 +1388,7 @@ static void
_con_del_request_start (Request *req)
{
req->current_call_id = nm_secret_agent_delete_secrets (req->current,
req->con.path,
req->con.connection,
_con_del_request_done,
req);
......@@ -1389,6 +1400,7 @@ _con_del_request_start (Request *req)
void
nm_agent_manager_delete_secrets (NMAgentManager *self,
const char *path,
NMConnection *connection)
{
NMAgentManagerPrivate *priv = NM_AGENT_MANAGER_GET_PRIVATE (self);
......@@ -1396,11 +1408,12 @@ nm_agent_manager_delete_secrets (NMAgentManager *self,
Request *req;
g_return_if_fail (self != NULL);
g_return_if_fail (path && *path);
g_return_if_fail (NM_IS_CONNECTION (connection));
nm_log_dbg (LOGD_SETTINGS,
"Deleting secrets for connection %s (%s)",
nm_connection_get_path (connection),
path,
nm_connection_get_id (connection));
subject = nm_auth_subject_new_internal ();
......@@ -1408,6 +1421,7 @@ nm_agent_manager_delete_secrets (NMAgentManager *self,
REQUEST_TYPE_CON_DEL,
nm_connection_get_id (connection),
subject);
req->con.path = g_strdup (path);
req->con.connection = g_object_ref (connection);
g_object_unref (subject);
if (!g_hash_table_add (priv->requests, req))
......
......@@ -66,6 +66,7 @@ typedef void (*NMAgentSecretsResultFunc) (NMAgentManager *manager,
gpointer other_data3);
NMAgentManagerCallId nm_agent_manager_get_secrets (NMAgentManager *manager,
const char *path,
NMConnection *connection,
NMAuthSubject *subject,
GVariant *existing_secrets,
......@@ -81,10 +82,12 @@ void nm_agent_manager_cancel_secrets (NMAgentManager *manager,
NMAgentManagerCallId request_id);
void nm_agent_manager_save_secrets (NMAgentManager *manager,
const char *path,
NMConnection *connection,
NMAuthSubject *subject);
void nm_agent_manager_delete_secrets (NMAgentManager *manager,
const char *path,
NMConnection *connection);
NMSecretAgent *nm_agent_manager_get_agent_by_user (NMAgentManager *manager,
......
......@@ -332,6 +332,7 @@ get_callback (GObject *proxy,
NMSecretAgentCallId
nm_secret_agent_get_secrets (NMSecretAgent *self,
const char *path,
NMConnection *connection,
const char *setting_name,
const char **hints,
......@@ -344,8 +345,9 @@ nm_secret_agent_get_secrets (NMSecretAgent *self,
GVariant *dict;
Request *r;
g_return_val_if_fail (self != NULL, NULL);
g_return_val_if_fail (connection != NULL, NULL);
g_return_val_if_fail (NM_IS_SECRET_AGENT (self), NULL);
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
g_return_val_if_fail (path && *path, NULL);
g_return_val_if_fail (setting_name != NULL, NULL);
priv = NM_SECRET_AGENT_GET_PRIVATE (self);
......@@ -357,12 +359,12 @@ nm_secret_agent_get_secrets (NMSecretAgent *self,
flags &= ~NM_SECRET_AGENT_GET_SECRETS_FLAG_ONLY_SYSTEM;
flags &= ~NM_SECRET_AGENT_GET_SECRETS_FLAG_NO_ERRORS;
r = request_new (self, "GetSecrets", nm_connection_get_path (connection), setting_name, callback, callback_data);
r = request_new (self, "GetSecrets", path, setting_name, callback, callback_data);
r->is_get_secrets = TRUE;
g_hash_table_add (priv->requests, r);
nmdbus_secret_agent_call_get_secrets (priv->proxy,
dict,
nm_connection_get_path (connection),
path,
setting_name,
hints ? hints : no_hints,
flags,
......@@ -497,6 +499,7 @@ agent_save_cb (GObject *proxy,
NMSecretAgentCallId
nm_secret_agent_save_secrets (NMSecretAgent *self,
const char *path,
NMConnection *connection,
NMSecretAgentCallback callback,
gpointer callback_data)
......@@ -504,21 +507,21 @@ nm_secret_agent_save_secrets (NMSecretAgent *self,
NMSecretAgentPrivate *priv;
GVariant *dict;
Request *r;
const char *cpath;
g_return_val_if_fail (self != NULL, NULL);
g_return_val_if_fail (connection != NULL, NULL);
g_return_val_if_fail (NM_IS_SECRET_AGENT (self), NULL);
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
g_return_val_if_fail (path && *path, NULL);
priv = NM_SECRET_AGENT_GET_PRIVATE (self);
cpath = nm_connection_get_path (connection);
/* Caller should have ensured that only agent-owned secrets exist in 'connection' */
dict = nm_connection_to_dbus (connection, NM_CONNECTION_SERIALIZE_ALL);
r = request_new (self, "SaveSecrets", cpath, NULL, callback, callback_data);
r = request_new (self, "SaveSecrets", path, NULL, callback, callback_data);
g_hash_table_add (priv->requests, r);
nmdbus_secret_agent_call_save_secrets (priv->proxy,
dict, cpath,
dict,
path,
NULL, /* cancelling the request does *not* cancel the D-Bus call. */
agent_save_cb, r);
......@@ -549,6 +552,7 @@ agent_delete_cb (GObject *proxy,
NMSecretAgentCallId
nm_secret_agent_delete_secrets (NMSecretAgent *self,
const char *path,
NMConnection *connection,
NMSecretAgentCallback callback,
gpointer callback_data)
......@@ -556,21 +560,21 @@ nm_secret_agent_delete_secrets (NMSecretAgent *self,
NMSecretAgentPrivate *priv;
GVariant *dict;
Request *r;
const char *cpath;
g_return_val_if_fail (self != NULL, NULL);
g_return_val_if_fail (connection != NULL, NULL);
g_return_val_if_fail (NM_IS_SECRET_AGENT (self), NULL);
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
g_return_val_if_fail (path && *path, NULL);
priv = NM_SECRET_AGENT_GET_PRIVATE (self);
cpath = nm_connection_get_path (connection);
/* No secrets sent; agents must be smart enough to track secrets using the UUID or something */
dict = nm_connection_to_dbus (connection, NM_CONNECTION_SERIALIZE_NO_SECRETS);
r = request_new (self, "DeleteSecrets", cpath, NULL, callback, callback_data);
r = request_new (self, "DeleteSecrets", path, NULL, callback, callback_data);
g_hash_table_add (priv->requests, r);
nmdbus_secret_agent_call_delete_secrets (priv->proxy,
dict, cpath,
dict,
path,
NULL, /* cancelling the request does *not* cancel the D-Bus call. */
agent_delete_cb, r);
......
......@@ -82,6 +82,7 @@ typedef void (*NMSecretAgentCallback) (NMSecretAgent *agent,
gpointer user_data);
NMSecretAgentCallId nm_secret_agent_get_secrets (NMSecretAgent *agent,
const char *path,
NMConnection *connection,
const char *setting_name,
const char **hints,
......@@ -93,11 +94,13 @@ void nm_secret_agent_cancel_secrets (NMSecretAgent *agent,
NMSecretAgentCallId call_id);
NMSecretAgentCallId nm_secret_agent_save_secrets (NMSecretAgent *agent,
const char *path,
NMConnection *connection,
NMSecretAgentCallback callback,
gpointer callback_data);
NMSecretAgentCallId nm_secret_agent_delete_secrets (NMSecretAgent *agent,
const char *path,
NMConnection *connection,
NMSecretAgentCallback callback,
gpointer callback_data);
......
......@@ -749,7 +749,9 @@ do_delete (NMSettingsConnection *self,
/* Tell agents to remove secrets for this connection */
for_agents = nm_simple_connection_new_clone (NM_CONNECTION (self));
nm_connection_clear_secrets (for_agents);
nm_agent_manager_delete_secrets (priv->agent_mgr, for_agents);
nm_agent_manager_delete_secrets (priv->agent_mgr,
nm_connection_get_path (NM_CONNECTION (self)),
for_agents);
g_object_unref (for_agents);
/* Remove timestamp from timestamps database file */
......@@ -1039,6 +1041,7 @@ nm_settings_connection_get_secrets (NMSettingsConnection *self,
if (existing_secrets)
g_variant_ref_sink (existing_secrets);
call_id_a = nm_agent_manager_get_secrets (priv->agent_mgr,
nm_connection_get_path (NM_CONNECTION (self)),
NM_CONNECTION (self),
subject,
existing_secrets,
......@@ -1413,7 +1416,10 @@ con_update_cb (NMSettingsConnection *self,
nm_connection_clear_secrets_with_flags (for_agent,
secrets_filter_cb,
GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED));
nm_agent_manager_save_secrets (info->agent_mgr, for_agent, info->subject);
nm_agent_manager_save_secrets (info->agent_mgr,
nm_connection_get_path (NM_CONNECTION (self)),
for_agent,
info->subject);
g_object_unref (for_agent);
}
......@@ -1795,7 +1801,9 @@ dbus_clear_secrets_auth_cb (NMSettingsConnection *self,
nm_connection_clear_secrets (priv->agent_secrets);
/* Tell agents to remove secrets for this connection */
nm_agent_manager_delete_secrets (priv->agent_mgr, NM_CONNECTION (self));
nm_agent_manager_delete_secrets (priv->agent_mgr,
nm_connection_get_path (NM_CONNECTION (self)),
NM_CONNECTION (self));
info = g_malloc0 (sizeof (*info));
info->context = context;
......
......@@ -1173,7 +1173,10 @@ send_agent_owned_secrets (NMSettings *self,
nm_connection_clear_secrets_with_flags (for_agent,
secrets_filter_cb,
GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED));
nm_agent_manager_save_secrets (priv->agent_mgr, for_agent, subject);
nm_agent_manager_save_secrets (priv->agent_mgr,
nm_connection_get_path (NM_CONNECTION (for_agent)),
for_agent,
subject);
g_object_unref (for_agent);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment