applications/gnome-control-center
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

network: Update wireless-security from network-manager-applet

Browse source
This commit is contained in:
Bastien Nocera 2016-06-07 12:03:22 +02:00
parent 36576a5cb6
commit 92b044ba7f
34 changed files with 1462 additions and 892 deletions
Download patch file Download diff file Expand all files Collapse all files

42
panels/network/wireless-security/eap-method-fast.c
View file

@ -17,19 +17,17 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2012 Red Hat, Inc.
* Copyright 2012 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <glib/gi18n.h>
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "utils.h"
#include "helpers.h"
#define I_NAME_COLUMN 0
@ -53,7 +51,7 @@ destroy (EAPMethod *parent)
}
static gboolean
validate (EAPMethod *parent)
validate (EAPMethod *parent, GError **error)
{
GtkWidget *widget;
GtkTreeModel *model;
@ -61,6 +59,7 @@ validate (EAPMethod *parent)
EAPMethod *eap = NULL;
const char *file;
gboolean provisioning;
gboolean valid = FALSE;
gboolean ret = TRUE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_fast_pac_provision_checkbutton"));
@ -71,6 +70,7 @@ validate (EAPMethod *parent)
file = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (!provisioning && !file) {
widget_set_error (widget);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP-FAST PAC file"));
ret = FALSE;
} else {
widget_unset_error (widget);
@ -82,14 +82,9 @@ validate (EAPMethod *parent)
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
if (!eap_method_validate (eap)) {
widget_set_error (widget);
ret = FALSE;
} else {
widget_unset_error (widget);
}
valid = eap_method_validate (eap, *error ? NULL : error);
eap_method_unref (eap);
return ret;
return ret ? valid : ret;
}
static void
@ -133,7 +128,7 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags flags)
{
NMSetting8021x *s_8021x;
GtkWidget *widget;
@ -192,7 +187,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_fill_connection (eap, connection, flags);
eap_method_unref (eap);
}
@ -249,8 +244,9 @@ inner_auth_combo_init (EAPMethodFAST *method,
EAPMethodSimple *em_mschap_v2;
guint32 active = 0;
const char *phase2_auth = NULL;
EAPMethodSimpleFlags simple_flags;
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_type ());
if (s_8021x) {
if (nm_setting_802_1x_get_phase2_auth (s_8021x))
@ -259,12 +255,16 @@ inner_auth_combo_init (EAPMethodFAST *method,
phase2_auth = nm_setting_802_1x_get_phase2_autheap (s_8021x);
}
simple_flags = EAP_METHOD_SIMPLE_FLAG_PHASE2;
if (method->is_editor)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_IS_EDITOR;
if (secrets_only)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
em_gtc = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_GTC,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("GTC"),
@ -279,8 +279,7 @@ inner_auth_combo_init (EAPMethodFAST *method,
em_mschap_v2 = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2,
TRUE,
method->is_editor, secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MSCHAPv2"),
@ -359,6 +358,7 @@ eap_method_fast_new (WirelessSecurity *ws_parent,
if (!parent)
return NULL;
parent->password_flags_name = NM_SETTING_802_1X_PASSWORD;
method = (EAPMethodFAST *) parent;
method->sec_parent = ws_parent;
method->is_editor = is_editor;

73
panels/network/wireless-security/eap-method-fast.ui
View file

@ -1,6 +1,34 @@
<?xml version="1.0" encoding="UTF-8"?>
<interface>
<!-- interface-requires gtk+ 3.0 -->
<object class="GtkListStore" id="model8">
<columns>
<!-- column-name gchararray -->
<column type="gchararray"/>
</columns>
<data>
<row>
<col id="0" translatable="yes"> </col>
</row>
</data>
</object>
<object class="GtkListStore" id="model9">
<columns>
<!-- column-name gchararray -->
<column type="gchararray"/>
</columns>
<data>
<row>
<col id="0" translatable="yes">Anonymous</col>
</row>
<row>
<col id="0" translatable="yes">Authenticated</col>
</row>
<row>
<col id="0" translatable="yes">Both</col>
</row>
</data>
</object>
<object class="GtkNotebook" id="eap_fast_notebook">
<property name="visible">True</property>
<property name="can_focus">False</property>
@ -12,14 +40,14 @@
<property name="can_focus">False</property>
<property name="n_rows">5</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="eap_fast_anon_identity_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Anony_mous identity</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Anony_mous identity:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_fast_anon_identity_entry</property>
</object>
@ -44,8 +72,8 @@
<object class="GtkLabel" id="eap_fast_pac_file_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">PAC _file</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">PAC _file:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_fast_pac_file_button</property>
</object>
@ -89,8 +117,8 @@
<object class="GtkLabel" id="eap_fast_inner_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Inner authentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Inner authentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_fast_inner_auth_combo</property>
</object>
@ -124,11 +152,12 @@
</child>
<child>
<object class="GtkCheckButton" id="eap_fast_pac_provision_checkbutton">
<property name="label" translatable="yes">PAC pro_visioning</property>
<property name="label" translatable="yes">Allow automatic PAC pro_visioning</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="top_attach">1</property>
@ -170,32 +199,4 @@
</packing>
</child>
</object>
<object class="GtkListStore" id="model8">
<columns>
<!-- column-name gchararray -->
<column type="gchararray"/>
</columns>
<data>
<row>
<col id="0" translatable="yes"> </col>
</row>
</data>
</object>
<object class="GtkListStore" id="model9">
<columns>
<!-- column-name gchararray -->
<column type="gchararray"/>
</columns>
<data>
<row>
<col id="0" translatable="yes">Anonymous</col>
</row>
<row>
<col id="0" translatable="yes">Authenticated</col>
</row>
<row>
<col id="0" translatable="yes">Both</col>
</row>
</data>
</object>
</interface>

174
panels/network/wireless-security/eap-method-leap.c
View file

@ -17,61 +17,65 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "helpers.h"
#include "nma-ui-utils.h"
#include "utils.h"
struct _EAPMethodLEAP {
EAPMethod parent;
gboolean new_connection;
WirelessSecurity *ws_parent;
gboolean editing_connection;
GtkEntry *username_entry;
GtkEntry *password_entry;
GtkToggleButton *show_password;
};
static void
show_toggled_cb (GtkCheckButton *button, EAPMethod *method)
show_toggled_cb (GtkToggleButton *button, EAPMethodLEAP *method)
{
GtkWidget *widget;
gboolean visible;
widget = GTK_WIDGET (gtk_builder_get_object (method->builder, "eap_leap_password_entry"));
g_assert (widget);
visible = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (button));
gtk_entry_set_visibility (GTK_ENTRY (widget), visible);
visible = gtk_toggle_button_get_active (button);
gtk_entry_set_visibility (method->password_entry, visible);
}
static gboolean
validate (EAPMethod *parent)
validate (EAPMethod *parent, GError **error)
{
GtkWidget *widget;
EAPMethodLEAP *method = (EAPMethodLEAP *)parent;
const char *text;
gboolean ret = TRUE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_username_entry"));
g_assert (widget);
text = gtk_entry_get_text (GTK_ENTRY (widget));
text = gtk_entry_get_text (method->username_entry);
if (!text || !strlen (text)) {
widget_set_error (widget);
widget_set_error (GTK_WIDGET (method->username_entry));
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP-LEAP username"));
ret = FALSE;
} else {
widget_unset_error (widget);
widget_unset_error (GTK_WIDGET (method->username_entry));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry"));
g_assert (widget);
text = gtk_entry_get_text (GTK_ENTRY (widget));
if (!text || *text == '\0') {
widget_set_error (widget);
text = gtk_entry_get_text (method->password_entry);
if (!text || !strlen (text)) {
widget_set_error (GTK_WIDGET (method->password_entry));
if (!*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP-LEAP password"));
ret = FALSE;
} else {
widget_unset_error (widget);
widget_unset_error (GTK_WIDGET (method->password_entry));
}
return ret;
@ -92,32 +96,33 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags flags)
{
EAPMethodLEAP *method = (EAPMethodLEAP *) parent;
NMSetting8021x *s_8021x;
GtkWidget *widget;
NMSettingSecretFlags secret_flags;
GtkWidget *passwd_entry;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
nm_setting_802_1x_add_eap_method (s_8021x, "leap");
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_username_entry"));
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (method->username_entry), NULL);
g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (method->password_entry), NULL);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry"));
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
passwd_entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry"));
g_assert (passwd_entry);
/* Default to agent-owned secrets for new connections */
if (method->new_connection) {
g_object_set (s_8021x,
NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
NM_SETTING_802_1X_SYSTEM_CA_CERTS, TRUE,
NULL);
}
/* Save 802.1X password flags to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_8021x), parent->password_flags_name,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (method->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_8021x), parent->password_flags_name);
}
static void
@ -130,6 +135,59 @@ update_secrets (EAPMethod *parent, NMConnection *connection)
(HelperSecretFunc) nm_setting_802_1x_get_password);
}
/* Set the UI fields for user, password and show_password to the
* values as provided by method->ws_parent. */
static void
set_userpass_ui (EAPMethodLEAP *method)
{
if (method->ws_parent->username)
gtk_entry_set_text (method->username_entry, method->ws_parent->username);
else
gtk_entry_set_text (method->username_entry, "");
if (method->ws_parent->password && !method->ws_parent->always_ask)
gtk_entry_set_text (method->password_entry, method->ws_parent->password);
else
gtk_entry_set_text (method->password_entry, "");
gtk_toggle_button_set_active (method->show_password, method->ws_parent->show_password);
}
static void
widgets_realized (GtkWidget *widget, EAPMethodLEAP *method)
{
set_userpass_ui (method);
}
static void
widgets_unrealized (GtkWidget *widget, EAPMethodLEAP *method)
{
wireless_security_set_userpass (method->ws_parent,
gtk_entry_get_text (method->username_entry),
gtk_entry_get_text (method->password_entry),
(gboolean) -1,
gtk_toggle_button_get_active (method->show_password));
}
static void
destroy (EAPMethod *parent)
{
EAPMethodLEAP *method = (EAPMethodLEAP *) parent;
GtkWidget *widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_notebook"));
g_assert (widget);
g_signal_handlers_disconnect_by_func (G_OBJECT (widget),
(GCallback) widgets_realized,
method);
g_signal_handlers_disconnect_by_func (G_OBJECT (widget),
(GCallback) widgets_unrealized,
method);
wireless_security_unref (method->ws_parent);
}
EAPMethodLEAP *
eap_method_leap_new (WirelessSecurity *ws_parent,
NMConnection *connection,
@ -138,13 +196,14 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
EAPMethodLEAP *method;
EAPMethod *parent;
GtkWidget *widget;
NMSetting8021x *s_8021x = NULL;
parent = eap_method_init (sizeof (EAPMethodLEAP),
validate,
add_to_size_group,
fill_connection,
update_secrets,
NULL,
destroy,
"/org/gnome/control-center/network/eap-method-leap.ui",
"eap_leap_notebook",
"eap_leap_username_entry",
@ -152,41 +211,58 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
if (!parent)
return NULL;
parent->password_flags_name = NM_SETTING_802_1X_PASSWORD;
method = (EAPMethodLEAP *) parent;
method->new_connection = secrets_only ? FALSE : TRUE;
method->editing_connection = secrets_only ? FALSE : TRUE;
method->ws_parent = wireless_security_ref (ws_parent);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_notebook"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "realize",
(GCallback) widgets_realized,
method);
g_signal_connect (G_OBJECT (widget), "unrealize",
(GCallback) widgets_unrealized,
method);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_username_entry"));
g_assert (widget);
method->username_entry = GTK_ENTRY (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
ws_parent);
if (connection) {
NMSetting8021x *s_8021x;
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x && nm_setting_802_1x_get_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x));
}
if (secrets_only)
gtk_widget_set_sensitive (widget, FALSE);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry"));
g_assert (widget);
method->password_entry = GTK_ENTRY (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
ws_parent);
/* Fill secrets, if any */
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
update_secrets (parent, connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
nma_utils_setup_password_storage (widget, 0, (NMSetting *) s_8021x, parent->password_flags_name,
FALSE, secrets_only);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_eapleap"));
g_assert (widget);
method->show_password = GTK_TOGGLE_BUTTON (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
parent);
/* Initialize the UI fields with the security settings from method->ws_parent.
* This will be done again when the widget gets realized. It must be done here as well,
* because the outer dialog will ask to 'validate' the connection before the security tab
* is shown/realized (to enable the 'Apply' button).
* As 'validate' accesses the contents of the UI fields, they must be initialized now, even
* if the widgets are not yet visible. */
set_userpass_ui (method);
return method;
}

12
panels/network/wireless-security/eap-method-leap.ui
View file

@ -10,9 +10,10 @@
<object class="GtkTable" id="table9">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="valign">start</property>
<property name="n_rows">3</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<placeholder/>
@ -21,8 +22,8 @@
<object class="GtkLabel" id="eap_leap_username_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Username</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Username:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_leap_username_entry</property>
</object>
@ -35,8 +36,8 @@
<object class="GtkLabel" id="eap_leap_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Password</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Password:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_leap_password_entry</property>
</object>
@ -69,7 +70,6 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="xalign">0</property>
<property name="draw_indicator">True</property>
</object>
<packing>

82
panels/network/wireless-security/eap-method-peap.c
View file

@ -17,18 +17,17 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <glib/gi18n.h>
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "utils.h"
#define I_NAME_COLUMN 0
#define I_METHOD_COLUMN 1
@ -51,16 +50,24 @@ destroy (EAPMethod *parent)
}
static gboolean
validate (EAPMethod *parent)
validate (EAPMethod *parent, GError **error)
{
GtkWidget *widget;
GtkTreeModel *model;
GtkTreeIter iter;
EAPMethod *eap = NULL;
gboolean valid = FALSE;
GError *local = NULL;
if (!eap_method_validate_filepicker (parent->builder, "eap_peap_ca_cert_button", TYPE_CA_CERT, NULL, NULL))
if (!eap_method_validate_filepicker (parent->builder, "eap_peap_ca_cert_button", TYPE_CA_CERT, NULL, NULL, &local)) {
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-PEAP CA certificate: %s"), local->message);
g_clear_error (&local);
return FALSE;
}
if (eap_method_ca_cert_required (parent->builder, "eap_peap_ca_cert_not_required_checkbox", "eap_peap_ca_cert_button")) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-PEAP CA certificate: no certificate specified"));
return FALSE;
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_combo"));
g_assert (widget);
@ -69,11 +76,19 @@ validate (EAPMethod *parent)
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
valid = eap_method_validate (eap);
valid = eap_method_validate (eap, error);
eap_method_unref (eap);
return valid;
}
static void
ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
{
EAPMethod *parent = user_data;
eap_method_ca_cert_not_required_toggled (parent->builder, "eap_peap_ca_cert_not_required_checkbox", "eap_peap_ca_cert_button");
}
static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
@ -87,6 +102,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
g_object_unref (method->size_group);
method->size_group = g_object_ref (group);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_not_required_checkbox"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@ -115,7 +134,7 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags flags)
{
NMSetting8021x *s_8021x;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
@ -127,6 +146,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
GtkTreeIter iter;
int peapver_active = 0;
GError *error = NULL;
gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@ -145,7 +165,10 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_ca_cert (s_8021x, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", filename, error ? error->message : "(unknown)");
g_clear_error (&error);
ca_cert_error = TRUE;
}
eap_method_ca_cert_ignore_set (parent, connection, filename, ca_cert_error);
g_free (filename);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_version_combo"));
peapver_active = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
@ -167,7 +190,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_fill_connection (eap, connection, flags);
eap_method_unref (eap);
}
static void
@ -223,8 +246,9 @@ inner_auth_combo_init (EAPMethodPEAP *method,
EAPMethodSimple *em_gtc;
guint32 active = 0;
const char *phase2_auth = NULL;
EAPMethodSimpleFlags simple_flags;
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_type ());
if (s_8021x) {
if (nm_setting_802_1x_get_phase2_auth (s_8021x))
@ -233,12 +257,16 @@ inner_auth_combo_init (EAPMethodPEAP *method,
phase2_auth = nm_setting_802_1x_get_phase2_autheap (s_8021x);
}
simple_flags = EAP_METHOD_SIMPLE_FLAG_PHASE2;
if (method->is_editor)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_IS_EDITOR;
if (secrets_only)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
em_mschap_v2 = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MSCHAPv2"),
@ -253,9 +281,7 @@ inner_auth_combo_init (EAPMethodPEAP *method,
em_md5 = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MD5,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MD5"),
@ -270,9 +296,7 @@ inner_auth_combo_init (EAPMethodPEAP *method,
em_gtc = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_GTC,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("GTC"),
@ -314,7 +338,7 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
{
EAPMethod *parent;
EAPMethodPEAP *method;
GtkWidget *widget;
GtkWidget *widget, *widget_ca_not_required_checkbox;
GtkFileFilter *filter;
NMSetting8021x *s_8021x = NULL;
const char *filename;
@ -332,8 +356,7 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
if (!parent)
return NULL;
eap_method_nag_init (parent, "eap_peap_ca_cert_button", connection);
parent->password_flags_name = NM_SETTING_802_1X_PASSWORD;
method = (EAPMethodPEAP *) parent;
method->sec_parent = ws_parent;
method->is_editor = is_editor;
@ -341,6 +364,16 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_not_required_checkbox"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) ca_cert_not_required_toggled,
parent);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) wireless_security_changed_cb,
ws_parent);
widget_ca_not_required_checkbox = widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
g_assert (widget);
gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
@ -352,11 +385,14 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
filter = eap_method_default_file_chooser_filter_new (FALSE);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
if (connection && s_8021x) {
filename = NULL;
if (nm_setting_802_1x_get_ca_cert_scheme (s_8021x) == NM_SETTING_802_1X_CK_SCHEME_PATH) {
filename = nm_setting_802_1x_get_ca_cert_path (s_8021x);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
}
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget_ca_not_required_checkbox),
!filename && eap_method_ca_cert_ignore_get (parent, connection));
}
widget = inner_auth_combo_init (method, connection, s_8021x, secrets_only);
@ -397,6 +433,8 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_not_required_checkbox"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_combo"));

56
panels/network/wireless-security/eap-method-peap.ui
View file

@ -40,14 +40,14 @@
<property name="can_focus">False</property>
<property name="n_rows">5</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="eap_peap_anon_identity_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Anony_mous identity</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Anony_mous identity:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_peap_anon_identity_entry</property>
</object>
@ -72,8 +72,8 @@
<object class="GtkLabel" id="eap_peap_ca_cert_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">C_A certificate</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">C_A certificate:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_peap_ca_cert_button</property>
</object>
@ -98,6 +98,24 @@
<property name="y_options">GTK_FILL</property>
</packing>
</child>
<child>
<object class="GtkCheckButton" id="eap_peap_ca_cert_not_required_checkbox">
<property name="label" translatable="yes">No CA certificate is _required</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
</child>
<child>
<object class="GtkVBox" id="eap_peap_inner_auth_vbox">
<property name="visible">True</property>
@ -108,8 +126,8 @@
</object>
<packing>
<property name="right_attach">2</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="top_attach">5</property>
<property name="bottom_attach">6</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>
@ -117,14 +135,14 @@
<object class="GtkLabel" id="eap_peap_inner_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Inner authentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Inner authentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_peap_inner_auth_combo</property>
</object>
<packing>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@ -144,8 +162,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@ -154,14 +172,14 @@
<object class="GtkLabel" id="eap_peap_version_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">PEAP _version</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">PEAP _version:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_peap_version_combo</property>
</object>
<packing>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@ -181,8 +199,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>

358
panels/network/wireless-security/eap-method-simple.c
View file

@ -17,71 +17,79 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2011 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "helpers.h"
#include "nma-ui-utils.h"
#include "utils.h"
struct _EAPMethodSimple {
EAPMethod parent;
WirelessSecurity *ws_parent;
EAPMethodSimpleType type;
gboolean is_editor;
gboolean new_connection;
EAPMethodSimpleFlags flags;
GtkEntry *username_entry;
GtkEntry *password_entry;
GtkToggleButton *show_password;
guint idle_func_id;
};
static void
show_toggled_cb (GtkCheckButton *button, EAPMethod *method)
show_toggled_cb (GtkToggleButton *button, EAPMethodSimple *method)
{
GtkWidget *widget;
gboolean visible;
widget = GTK_WIDGET (gtk_builder_get_object (method->builder, "eap_simple_password_entry"));
g_assert (widget);
visible = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (button));
gtk_entry_set_visibility (GTK_ENTRY (widget), visible);
visible = gtk_toggle_button_get_active (button);
gtk_entry_set_visibility (method->password_entry, visible);
}
static gboolean
validate (EAPMethod *parent)
always_ask_selected (GtkEntry *passwd_entry)
{
GtkWidget *widget;
return !!( nma_utils_menu_to_secret_flags (GTK_WIDGET (passwd_entry))
& NM_SETTING_SECRET_FLAG_NOT_SAVED);
}
static gboolean
validate (EAPMethod *parent, GError **error)
{
EAPMethodSimple *method = (EAPMethodSimple *)parent;
const char *text;
gboolean ret = TRUE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry"));
g_assert (widget);
text = gtk_entry_get_text (GTK_ENTRY (widget));
text = gtk_entry_get_text (method->username_entry);
if (!text || !strlen (text)) {
widget_set_error (widget);
widget_set_error (GTK_WIDGET (method->username_entry));
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP username"));
ret = FALSE;
} else {
widget_unset_error (widget);
widget_unset_error (GTK_WIDGET (method->username_entry));
}
/* Check if the password should always be requested */
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_password_always_ask"));
g_assert (widget);
if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
widget_unset_error (GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry")));
return ret;
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (widget);
text = gtk_entry_get_text (GTK_ENTRY (widget));
if (!text || !strlen (text)) {
widget_set_error (widget);
ret = FALSE;
if (always_ask_selected (method->password_entry)) {
widget_unset_error (GTK_WIDGET (method->password_entry));
} else {
widget_unset_error (widget);
text = gtk_entry_get_text (method->password_entry);
if (!text || !strlen (text)) {
widget_set_error (GTK_WIDGET (method->password_entry));
if (!*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP password"));
ret = FALSE;
} else {
widget_unset_error (GTK_WIDGET (method->password_entry));
}
}
return ret;
@ -101,15 +109,30 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
gtk_size_group_add_widget (group, widget);
}
typedef struct {
const char *name;
gboolean autheap_allowed;
} EapType;
/* Indexed by EAP_METHOD_SIMPLE_TYPE_* */
static const EapType eap_table[EAP_METHOD_SIMPLE_TYPE_LAST] = {
[EAP_METHOD_SIMPLE_TYPE_PAP] = { "pap", FALSE },
[EAP_METHOD_SIMPLE_TYPE_MSCHAP] = { "mschap", FALSE },
[EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2] = { "mschapv2", TRUE },
[EAP_METHOD_SIMPLE_TYPE_MD5] = { "md5", TRUE },
[EAP_METHOD_SIMPLE_TYPE_PWD] = { "pwd", TRUE },
[EAP_METHOD_SIMPLE_TYPE_CHAP] = { "chap", FALSE },
[EAP_METHOD_SIMPLE_TYPE_GTC] = { "gtc", TRUE },
};
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags prev_flags)
{
EAPMethodSimple *method = (EAPMethodSimple *) parent;
NMSetting8021x *s_8021x;
GtkWidget *widget;
gboolean not_saved = FALSE;
const char *eap = NULL;
NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
NMSettingSecretFlags flags;
const EapType *eap_type;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@ -120,48 +143,28 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (parent->phase2 == FALSE)
nm_setting_802_1x_clear_eap_methods (s_8021x);
switch (method->type) {
case EAP_METHOD_SIMPLE_TYPE_PAP:
eap = "pap";
break;
case EAP_METHOD_SIMPLE_TYPE_MSCHAP:
eap = "mschap";
break;
case EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2:
eap = "mschapv2";
break;
case EAP_METHOD_SIMPLE_TYPE_MD5:
eap = "md5";
break;
case EAP_METHOD_SIMPLE_TYPE_CHAP:
eap = "chap";
break;
case EAP_METHOD_SIMPLE_TYPE_GTC:
eap = "gtc";
break;
default:
g_assert_not_reached ();
break;
}
eap_type = &eap_table[method->type];
if (parent->phase2) {
/* If the outer EAP method (TLS, TTLS, PEAP, etc) allows inner/phase2
* EAP methods (which only TTLS allows) *and* the inner/phase2 method
* supports being an inner EAP method, then set PHASE2_AUTHEAP.
* Otherwise the inner/phase2 method goes into PHASE2_AUTH.
*/
if ((method->flags & EAP_METHOD_SIMPLE_FLAG_AUTHEAP_ALLOWED) && eap_type->autheap_allowed) {
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTHEAP, eap_type->name, NULL);
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, NULL, NULL);
} else {
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, eap_type->name, NULL);
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTHEAP, NULL, NULL);
}
} else
nm_setting_802_1x_add_eap_method (s_8021x, eap_type->name);
if (parent->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, eap, NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, eap);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry"));
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (method->username_entry), NULL);
/* Save the password always ask setting */
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_password_always_ask"));
g_assert (widget);
not_saved = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget));
nm_setting_get_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_PASSWORD, &flags, NULL);
flags &= ~(NM_SETTING_SECRET_FLAG_NOT_SAVED);
if (not_saved)
flags |= NM_SETTING_SECRET_FLAG_NOT_SAVED;
not_saved = always_ask_selected (method->password_entry);
flags = nma_utils_menu_to_secret_flags (GTK_WIDGET (method->password_entry));
nm_setting_set_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_PASSWORD, flags, NULL);
/* Fill the connection's password if we're in the applet so that it'll get
@ -169,18 +172,16 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
* back to NM in response to a GetSecrets() call, we don't save it if the
* user checked "Always Ask".
*/
if (method->is_editor == FALSE || not_saved == FALSE) {
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (widget);
g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
}
if (!(method->flags & EAP_METHOD_SIMPLE_FLAG_IS_EDITOR) || not_saved == FALSE)
g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (method->password_entry), NULL);
/* Default to agent-owned secrets for new connections */
if (method->new_connection && (not_saved == FALSE)) {
g_object_set (s_8021x,
NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
NM_SETTING_802_1X_SYSTEM_CA_CERTS, TRUE,
NULL);
/* Update secret flags and popup when editing the connection */
if (!(method->flags & EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY)) {
GtkWidget *passwd_entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (passwd_entry);
nma_utils_update_password_storage (passwd_entry, flags,
NM_SETTING (s_8021x), parent->password_flags_name);
}
}
@ -194,43 +195,110 @@ update_secrets (EAPMethod *parent, NMConnection *connection)
(HelperSecretFunc) nm_setting_802_1x_get_password);
}
static void
password_always_ask_changed (GtkButton *button, EAPMethodSimple *method)
static gboolean
stuff_changed (EAPMethodSimple *method)
{
wireless_security_changed_cb (NULL, method->ws_parent);
method->idle_func_id = 0;
return FALSE;
}
static void
password_storage_changed (GObject *entry,
GParamSpec *pspec,
EAPMethodSimple *method)
{
EAPMethod *parent = (EAPMethod *) method;
GtkWidget *password_entry;
GtkWidget *show_checkbox;
gboolean always_ask;
gboolean secrets_only = method->flags & EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
always_ask = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (button));
always_ask = always_ask_selected (method->password_entry);
password_entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (password_entry);
show_checkbox = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_eapsimple"));
g_assert (show_checkbox);
if (always_ask) {
gtk_entry_set_text (GTK_ENTRY (password_entry), "");
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (show_checkbox), FALSE);
if (always_ask && !secrets_only) {
/* we always clear this button and do not restore it
* (because we want to hide the password). */
gtk_toggle_button_set_active (method->show_password, FALSE);
}
gtk_widget_set_sensitive (password_entry, !always_ask);
gtk_widget_set_sensitive (show_checkbox, !always_ask);
gtk_widget_set_sensitive (GTK_WIDGET (method->show_password),
!always_ask || secrets_only);
if (!method->idle_func_id)
method->idle_func_id = g_idle_add ((GSourceFunc) stuff_changed, method);
}
/* Set the UI fields for user, password, always_ask and show_password to the
* values as provided by method->ws_parent. */
static void
set_userpass_ui (EAPMethodSimple *method)
{
if (method->ws_parent->username)
gtk_entry_set_text (method->username_entry, method->ws_parent->username);
else
gtk_entry_set_text (method->username_entry, "");
if (method->ws_parent->password && !method->ws_parent->always_ask)
gtk_entry_set_text (method->password_entry, method->ws_parent->password);
else
gtk_entry_set_text (method->password_entry, "");
gtk_toggle_button_set_active (method->show_password, method->ws_parent->show_password);
password_storage_changed (NULL, NULL, method);
}
static void
widgets_realized (GtkWidget *widget, EAPMethodSimple *method)
{
set_userpass_ui (method);
}
static void
widgets_unrealized (GtkWidget *widget, EAPMethodSimple *method)
{
wireless_security_set_userpass (method->ws_parent,
gtk_entry_get_text (method->username_entry),
gtk_entry_get_text (method->password_entry),
always_ask_selected (method->password_entry),
gtk_toggle_button_get_active (method->show_password));
}
static void
destroy (EAPMethod *parent)
{
EAPMethodSimple *method = (EAPMethodSimple *) parent;
GtkWidget *widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_notebook"));
g_assert (widget);
g_signal_handlers_disconnect_by_func (G_OBJECT (widget),
(GCallback) widgets_realized,
method);
g_signal_handlers_disconnect_by_func (G_OBJECT (widget),
(GCallback) widgets_unrealized,
method);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (widget);
g_signal_handlers_disconnect_by_func (G_OBJECT (widget),
(GCallback) password_storage_changed,
method);
if (method->idle_func_id > 0) {
g_source_remove (method->idle_func_id);
method->idle_func_id = 0;
}
wireless_security_unref (method->ws_parent);
}
EAPMethodSimple *
eap_method_simple_new (WirelessSecurity *ws_parent,
NMConnection *connection,
EAPMethodSimpleType type,
gboolean phase2,
gboolean is_editor,
gboolean secrets_only)
EAPMethodSimpleFlags flags)
{
EAPMethod *parent;
EAPMethodSimple *method;
GtkWidget *widget;
gboolean not_saved = FALSE;
NMSetting8021x *s_8021x = NULL;
parent = eap_method_init (sizeof (EAPMethodSimple),
@ -238,78 +306,72 @@ eap_method_simple_new (WirelessSecurity *ws_parent,
add_to_size_group,
fill_connection,
update_secrets,
NULL,
destroy,
"/org/gnome/control-center/network/eap-method-simple.ui",
"eap_simple_notebook",
"eap_simple_username_entry",
phase2);
flags & EAP_METHOD_SIMPLE_FLAG_PHASE2);
if (!parent)
return NULL;
parent->password_flags_name = NM_SETTING_802_1X_PASSWORD;
method = (EAPMethodSimple *) parent;
method->ws_parent = wireless_security_ref (ws_parent);
method->flags = flags;
method->type = type;
method->is_editor = is_editor;
method->new_connection = secrets_only ? FALSE : TRUE;
g_assert (type < EAP_METHOD_SIMPLE_TYPE_LAST);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_notebook"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "realize",
(GCallback) widgets_realized,
method);
g_signal_connect (G_OBJECT (widget), "unrealize",
(GCallback) widgets_unrealized,
method);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry"));
g_assert (widget);
method->username_entry = GTK_ENTRY (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
ws_parent);
if (connection) {
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x && nm_setting_802_1x_get_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x));
}
if (secrets_only)
if (method->flags & EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY)
gtk_widget_set_sensitive (widget, FALSE);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_password_entry"));
g_assert (widget);
method->password_entry = GTK_ENTRY (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
ws_parent);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_password_always_ask"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) wireless_security_changed_cb,
ws_parent);
if (is_editor) {
/* We only desensitize the password entry from the editor, because
* from nm-applet if the entry was desensitized, there'd be no way to
* get the password back to NetworkManager when NM asked for it. Since
* the editor only sets up the initial connection though, it's safe to
* do there.
*/
g_signal_connect (G_OBJECT (widget), "toggled",
G_CALLBACK (password_always_ask_changed),
method);
}
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
nma_utils_setup_password_storage (widget, 0, (NMSetting *) s_8021x, parent->password_flags_name,
FALSE, flags & EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY);
if (secrets_only)
gtk_widget_hide (widget);
if (s_8021x) {
NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
nm_setting_get_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_PASSWORD, &flags, NULL);
not_saved = (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED);
}
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), not_saved);
/* Fill secrets if there's a static (ie, not OTP) password */
if (connection && (not_saved == FALSE))
update_secrets (EAP_METHOD (method), connection);
g_signal_connect (method->password_entry, "notify::secondary-icon-name",
G_CALLBACK (password_storage_changed),
method);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_eapsimple"));
g_assert (widget);
method->show_password = GTK_TOGGLE_BUTTON (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
method);
/* Initialize the UI fields with the security settings from method->ws_parent.
* This will be done again when the widget gets realized. It must be done here as well,
* because the outer dialog will ask to 'validate' the connection before the security tab
* is shown/realized (to enable the 'Apply' button).
* As 'validate' accesses the contents of the UI fields, they must be initialized now, even
* if the widgets are not yet visible. */
set_userpass_ui (method);
return method;
}

23
panels/network/wireless-security/eap-method-simple.h
View file

@ -26,22 +26,37 @@
#include "wireless-security.h"
typedef enum {
/* NOTE: when updating this table, also update eap_methods[] */
EAP_METHOD_SIMPLE_TYPE_PAP = 0,
EAP_METHOD_SIMPLE_TYPE_MSCHAP,
EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2,
EAP_METHOD_SIMPLE_TYPE_MD5,
EAP_METHOD_SIMPLE_TYPE_PWD,
EAP_METHOD_SIMPLE_TYPE_CHAP,
EAP_METHOD_SIMPLE_TYPE_GTC
EAP_METHOD_SIMPLE_TYPE_GTC,
/* Boundary value, do not use */
EAP_METHOD_SIMPLE_TYPE_LAST
} EAPMethodSimpleType;
typedef enum {
EAP_METHOD_SIMPLE_FLAG_NONE = 0x00,
/* Indicates the EAP method is an inner/phase2 method */
EAP_METHOD_SIMPLE_FLAG_PHASE2 = 0x01,
/* Set by TTLS to indicate that inner/phase2 EAP is allowed */
EAP_METHOD_SIMPLE_FLAG_AUTHEAP_ALLOWED = 0x02,
/* Set from nm-connection-editor or the GNOME network panel */
EAP_METHOD_SIMPLE_FLAG_IS_EDITOR = 0x04,
/* Set to indicate that this request is only for secrets */
EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY = 0x08
} EAPMethodSimpleFlags;
typedef struct _EAPMethodSimple EAPMethodSimple;
EAPMethodSimple *eap_method_simple_new (WirelessSecurity *ws_parent,
NMConnection *connection,
EAPMethodSimpleType type,
gboolean phase2,
gboolean is_editor,
gboolean secrets_only);
EAPMethodSimpleFlags flags);
#endif /* EAP_METHOD_SIMPLE_H */

63
panels/network/wireless-security/eap-method-simple.ui
View file

@ -10,9 +10,10 @@
<object class="GtkTable" id="table11">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="valign">start</property>
<property name="n_rows">3</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<placeholder/>
@ -21,8 +22,8 @@
<object class="GtkLabel" id="eap_simple_username_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Username</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Username:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_simple_username_entry</property>
</object>
@ -35,8 +36,8 @@
<object class="GtkLabel" id="eap_simple_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Password</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Password:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_simple_password_entry</property>
</object>
@ -75,47 +76,26 @@
</packing>
</child>
<child>
<object class="GtkAlignment" id="alignment1">
<object class="GtkVBox" id="vbox5">
<property name="visible">True</property>
<property name="can_focus">False</property>
<child>
<object class="GtkVBox" id="vbox5">
<object class="GtkCheckButton" id="show_checkbutton_eapsimple">
<property name="label" translatable="yes">Sho_w password</property>
<property name="visible">True</property>
<property name="can_focus">False</property>
<child>
<object class="GtkCheckButton" id="eap_password_always_ask">
<property name="label" translatable="yes">As_k for this password every time</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
</object>
<packing>
<property name="expand">True</property>
<property name="fill">True</property>
<property name="position">0</property>
</packing>
</child>
<child>
<object class="GtkCheckButton" id="show_checkbutton_eapsimple">
<property name="label" translatable="yes">Sho_w password</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="xalign">0</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="expand">True</property>
<property name="fill">True</property>
<property name="position">1</property>
</packing>
</child>
<child>
<placeholder/>
</child>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="expand">True</property>
<property name="fill">True</property>
<property name="position">0</property>
</packing>
</child>
<child>
<placeholder/>
</child>
</object>
<packing>
@ -123,7 +103,6 @@
<property name="right_attach">2</property>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="y_options"/>
</packing>
</child>
</object>

122
panels/network/wireless-security/eap-method-tls.c
View file

@ -17,25 +17,24 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <glib/gi18n.h>
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "helpers.h"
#include "nma-ui-utils.h"
#include "utils.h"
struct _EAPMethodTLS {
EAPMethod parent;
gboolean new_connection;
gboolean editing_connection;
};
@ -53,11 +52,12 @@ show_toggled_cb (GtkCheckButton *button, EAPMethod *method)
}
static gboolean
validate (EAPMethod *parent)
validate (EAPMethod *parent, GError **error)
{
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
GtkWidget *widget;
const char *password, *identity;
GError *local = NULL;
gboolean ret = TRUE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_entry"));
@ -65,17 +65,23 @@ validate (EAPMethod *parent)
identity = gtk_entry_get_text (GTK_ENTRY (widget));
if (!identity || !strlen (identity)) {
widget_set_error (widget);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing EAP-TLS identity"));
ret = FALSE;
} else {
widget_unset_error (widget);
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
if (!eap_method_validate_filepicker (parent->builder, "eap_tls_ca_cert_button", TYPE_CA_CERT, NULL, NULL)) {
widget_set_error (widget);
if (!eap_method_validate_filepicker (parent->builder, "eap_tls_ca_cert_button", TYPE_CA_CERT, NULL, NULL, &local)) {
widget_set_error (GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button")));
if (!*error)
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TLS CA certificate: %s"), local->message);
g_clear_error (&local);
ret = FALSE;
} else if (eap_method_ca_cert_required (parent->builder, "eap_tls_ca_cert_not_required_checkbox", "eap_tls_ca_cert_button")) {
widget_set_error (GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button")));
if (!*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TLS CA certificate: no certificate specified"));
ret = FALSE;
} else {
widget_unset_error (widget);
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_password_entry"));
@ -83,39 +89,56 @@ validate (EAPMethod *parent)
password = gtk_entry_get_text (GTK_ENTRY (widget));
if (!password || !strlen (password)) {
widget_set_error (widget);
if (!*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TLS password: missing"));
ret = FALSE;
} else {
widget_unset_error (widget);
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_button"));
if (!eap_method_validate_filepicker (parent->builder,
"eap_tls_private_key_button",
TYPE_PRIVATE_KEY,
password,
&format)) {
widget_set_error (widget);
&format,
&local)) {
if (!*error)
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TLS private-key: %s"), local->message);
g_clear_error (&local);
widget_set_error (GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_button")));
ret = FALSE;
}
if (format != NM_SETTING_802_1X_CK_FORMAT_PKCS12) {
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_user_cert_button"));
if (!eap_method_validate_filepicker (parent->builder, "eap_tls_user_cert_button", TYPE_CLIENT_CERT, NULL, NULL)) {
widget_set_error (widget);
if (!eap_method_validate_filepicker (parent->builder, "eap_tls_user_cert_button", TYPE_CLIENT_CERT, NULL, NULL, &local)) {
if (!*error)
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TLS user-certificate: %s"), local->message);
g_clear_error (&local);
widget_set_error (GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_user_cert_button")));
ret = FALSE;
} else {
widget_unset_error (widget);
}
}
return ret;
}
static void
ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
{
EAPMethod *parent = user_data;
eap_method_ca_cert_not_required_toggled (parent->builder, "eap_tls_ca_cert_not_required_checkbox", "eap_tls_ca_cert_button");
}
static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
GtkWidget *widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_not_required_checkbox"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@ -138,16 +161,17 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags flags)
{
EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
NMSetting8021x *s_8021x;
GtkWidget *widget;
NMSettingSecretFlags secret_flags;
GtkWidget *widget, *passwd_entry;
char *ca_filename, *pk_filename, *cc_filename;
const char *password = NULL;
GError *error = NULL;
const char *secret_flag_prop = NULL;
gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@ -166,6 +190,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_assert (widget);
password = gtk_entry_get_text (GTK_ENTRY (widget));
g_assert (password);
passwd_entry = widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_button"));
g_assert (widget);
@ -177,22 +202,23 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
secret_flag_prop = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS;
} else {
if (!nm_setting_802_1x_set_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
}
secret_flag_prop = NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS;
}
g_free (pk_filename);
/* Default to agent-owned secrets for new connections */
if (method->new_connection) {
g_object_set (s_8021x,
secret_flag_prop, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
NM_SETTING_802_1X_SYSTEM_CA_CERTS, TRUE,
NULL);
/* Save 802.1X password flags to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_8021x), parent->password_flags_name,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (method->editing_connection) {
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_8021x), parent->password_flags_name);
}
/* TLS client certificate */
@ -230,13 +256,17 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
ca_cert_error = TRUE;
}
} else {
if (!nm_setting_802_1x_set_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
ca_cert_error = TRUE;
}
}
eap_method_ca_cert_ignore_set (parent, connection, ca_filename, ca_cert_error);
g_free (ca_filename);
}
static void
@ -415,6 +445,7 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
EAPMethod *parent;
GtkWidget *widget;
NMSetting8021x *s_8021x = NULL;
gboolean ca_not_required = FALSE;
parent = eap_method_init (sizeof (EAPMethodTLS),
validate,
@ -429,14 +460,24 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
if (!parent)
return NULL;
parent->password_flags_name = phase2 ?
NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD :
NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD;
method = (EAPMethodTLS *) parent;
method->new_connection = secrets_only ? FALSE : TRUE;
eap_method_nag_init (parent, "eap_tls_ca_cert_button", connection);
method->editing_connection = secrets_only ? FALSE : TRUE;
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_not_required_checkbox"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) ca_cert_not_required_toggled,
parent);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) wireless_security_changed_cb,
ws_parent);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
@ -464,6 +505,13 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
phase2 ? nm_setting_802_1x_get_phase2_private_key_path : nm_setting_802_1x_get_private_key_path,
TRUE, FALSE);
if (connection && eap_method_ca_cert_ignore_get (parent, connection)) {
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
ca_not_required = !gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_not_required_checkbox"));
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), ca_not_required);
/* Fill secrets, if any */
if (connection)
update_secrets (parent, connection);
@ -474,6 +522,10 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
(GCallback) wireless_security_changed_cb,
ws_parent);
/* Create password-storage popup menu for password entry under entry's secondary icon */
nma_utils_setup_password_storage (widget, 0, (NMSetting *) s_8021x, parent->password_flags_name,
FALSE, secrets_only);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_eaptls"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
@ -495,6 +547,8 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_not_required_checkbox"));
gtk_widget_hide (widget);
}
return method;

62
panels/network/wireless-security/eap-method-tls.ui
View file

@ -10,9 +10,10 @@
<object class="GtkTable" id="table8">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="valign">start</property>
<property name="n_rows">6</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<placeholder/>
@ -21,8 +22,8 @@
<object class="GtkLabel" id="eap_tls_identity_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">I_dentity</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">I_dentity:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_tls_identity_entry</property>
</object>
@ -47,8 +48,8 @@
<object class="GtkLabel" id="eap_tls_user_cert_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_User certificate</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_User certificate:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_tls_user_cert_button</property>
</object>
@ -63,8 +64,8 @@
<object class="GtkLabel" id="eap_tls_ca_cert_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">C_A certificate</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">C_A certificate:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_tls_ca_cert_button</property>
</object>
@ -89,18 +90,36 @@
<property name="y_options">GTK_FILL</property>
</packing>
</child>
<child>
<object class="GtkCheckButton" id="eap_tls_ca_cert_not_required_checkbox">
<property name="label" translatable="yes">No CA certificate is _required</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
</child>
<child>
<object class="GtkLabel" id="eap_tls_private_key_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Private _key</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Private _key:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_tls_private_key_button</property>
</object>
<packing>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@ -113,8 +132,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@ -123,14 +142,14 @@
<object class="GtkLabel" id="eap_tls_private_key_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Private key password</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Private key password:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_tls_private_key_password_entry</property>
</object>
<packing>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="top_attach">5</property>
<property name="bottom_attach">6</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@ -145,8 +164,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="top_attach">5</property>
<property name="bottom_attach">6</property>
<property name="y_options"/>
</packing>
</child>
@ -157,14 +176,13 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="xalign">0</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">5</property>
<property name="bottom_attach">6</property>
<property name="top_attach">6</property>
<property name="bottom_attach">7</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>

117
panels/network/wireless-security/eap-method-ttls.c
View file

@ -17,18 +17,17 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <glib/gi18n.h>
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "wireless-security.h"
#include "utils.h"
#define I_NAME_COLUMN 0
#define I_METHOD_COLUMN 1
@ -51,16 +50,24 @@ destroy (EAPMethod *parent)
}
static gboolean
validate (EAPMethod *parent)
validate (EAPMethod *parent, GError **error)
{
GtkWidget *widget;
GtkTreeModel *model;
GtkTreeIter iter;
EAPMethod *eap = NULL;
gboolean valid = FALSE;
GError *local = NULL;
if (!eap_method_validate_filepicker (parent->builder, "eap_ttls_ca_cert_button", TYPE_CA_CERT, NULL, NULL))
if (!eap_method_validate_filepicker (parent->builder, "eap_ttls_ca_cert_button", TYPE_CA_CERT, NULL, NULL, &local)) {
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TTLS CA certificate: %s"), local->message);
g_clear_error (&local);
return FALSE;
}
if (eap_method_ca_cert_required (parent->builder, "eap_ttls_ca_cert_not_required_checkbox", "eap_ttls_ca_cert_button")) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid EAP-TTLS CA certificate: no certificate specified"));
return FALSE;
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
g_assert (widget);
@ -69,11 +76,19 @@ validate (EAPMethod *parent)
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
valid = eap_method_validate (eap);
valid = eap_method_validate (eap, error);
eap_method_unref (eap);
return valid;
}
static void
ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
{
EAPMethod *parent = user_data;
eap_method_ca_cert_not_required_toggled (parent->builder, "eap_ttls_ca_cert_not_required_checkbox", "eap_ttls_ca_cert_button");
}
static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
@ -87,6 +102,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
g_object_unref (method->size_group);
method->size_group = g_object_ref (group);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_not_required_checkbox"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@ -111,7 +130,7 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
}
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFlags flags)
{
NMSetting8021x *s_8021x;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
@ -122,6 +141,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
GtkTreeModel *model;
GtkTreeIter iter;
GError *error = NULL;
gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@ -140,7 +160,10 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_ca_cert (s_8021x, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", filename, error ? error->message : "(unknown)");
g_clear_error (&error);
ca_cert_error = TRUE;
}
eap_method_ca_cert_ignore_set (parent, connection, filename, ca_cert_error);
g_free (filename);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
@ -148,7 +171,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
gtk_tree_model_get (model, &iter, I_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_fill_connection (eap, connection, flags);
eap_method_unref (eap);
}
@ -205,10 +228,13 @@ inner_auth_combo_init (EAPMethodTTLS *method,
EAPMethodSimple *em_mschap;
EAPMethodSimple *em_mschap_v2;
EAPMethodSimple *em_chap;
EAPMethodSimple *em_md5;
EAPMethodSimple *em_gtc;
guint32 active = 0;
const char *phase2_auth = NULL;
EAPMethodSimpleFlags simple_flags;
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_type ());
if (s_8021x) {
if (nm_setting_802_1x_get_phase2_auth (s_8021x))
@ -217,12 +243,16 @@ inner_auth_combo_init (EAPMethodTTLS *method,
phase2_auth = nm_setting_802_1x_get_phase2_autheap (s_8021x);
}
simple_flags = EAP_METHOD_SIMPLE_FLAG_PHASE2 | EAP_METHOD_SIMPLE_FLAG_AUTHEAP_ALLOWED;
if (method->is_editor)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_IS_EDITOR;
if (secrets_only)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
em_pap = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_PAP,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("PAP"),
@ -237,9 +267,7 @@ inner_auth_combo_init (EAPMethodTTLS *method,
em_mschap = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MSCHAP,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MSCHAP"),
@ -254,8 +282,7 @@ inner_auth_combo_init (EAPMethodTTLS *method,
em_mschap_v2 = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MSCHAP_V2,
TRUE,
method->is_editor, secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MSCHAPv2"),
@ -270,9 +297,7 @@ inner_auth_combo_init (EAPMethodTTLS *method,
em_chap = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_CHAP,
TRUE,
method->is_editor,
secrets_only);
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("CHAP"),
@ -284,6 +309,36 @@ inner_auth_combo_init (EAPMethodTTLS *method,
if (phase2_auth && !strcasecmp (phase2_auth, "chap"))
active = 3;
em_md5 = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_MD5,
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("MD5"),
I_METHOD_COLUMN, em_md5,
-1);
eap_method_unref (EAP_METHOD (em_md5));
/* Check for defaulting to MD5 */
if (phase2_auth && !strcasecmp (phase2_auth, "md5"))
active = 4;
em_gtc = eap_method_simple_new (method->sec_parent,
connection,
EAP_METHOD_SIMPLE_TYPE_GTC,
simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
I_NAME_COLUMN, _("GTC"),
I_METHOD_COLUMN, em_gtc,
-1);
eap_method_unref (EAP_METHOD (em_gtc));
/* Check for defaulting to GTC */
if (phase2_auth && !strcasecmp (phase2_auth, "gtc"))
active = 5;
combo = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
g_assert (combo);
@ -314,7 +369,7 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
{
EAPMethod *parent;
EAPMethodTTLS *method;
GtkWidget *widget;
GtkWidget *widget, *widget_ca_not_required_checkbox;
GtkFileFilter *filter;
NMSetting8021x *s_8021x = NULL;
const char *filename;
@ -332,8 +387,7 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
if (!parent)
return NULL;
eap_method_nag_init (parent, "eap_ttls_ca_cert_button", connection);
parent->password_flags_name = NM_SETTING_802_1X_PASSWORD;
method = (EAPMethodTTLS *) parent;
method->sec_parent = ws_parent;
method->is_editor = is_editor;
@ -341,6 +395,16 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_not_required_checkbox"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) ca_cert_not_required_toggled,
parent);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) wireless_security_changed_cb,
ws_parent);
widget_ca_not_required_checkbox = widget;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
g_assert (widget);
gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
@ -352,11 +416,14 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
filter = eap_method_default_file_chooser_filter_new (FALSE);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
if (connection && s_8021x) {
filename = NULL;
if (nm_setting_802_1x_get_ca_cert_scheme (s_8021x) == NM_SETTING_802_1X_CK_SCHEME_PATH) {
filename = nm_setting_802_1x_get_ca_cert_path (s_8021x);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
}
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget_ca_not_required_checkbox),
!filename && eap_method_ca_cert_ignore_get (parent, connection));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_entry"));
@ -378,6 +445,8 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_not_required_checkbox"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));

44
panels/network/wireless-security/eap-method-ttls.ui
View file

@ -23,14 +23,14 @@
<property name="can_focus">False</property>
<property name="n_rows">4</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="eap_ttls_anon_identity_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Anony_mous identity</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Anony_mous identity:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_ttls_anon_identity_entry</property>
</object>
@ -55,8 +55,8 @@
<object class="GtkLabel" id="eap_ttls_ca_cert_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">C_A certificate</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">C_A certificate:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_ttls_ca_cert_button</property>
</object>
@ -81,18 +81,36 @@
<property name="y_options">GTK_FILL</property>
</packing>
</child>
<child>
<object class="GtkCheckButton" id="eap_ttls_ca_cert_not_required_checkbox">
<property name="label" translatable="yes">No CA certificate is _required</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
</child>
<child>
<object class="GtkLabel" id="eap_ttls_inner_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Inner authentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Inner authentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">eap_ttls_inner_auth_combo</property>
</object>
<packing>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@ -112,8 +130,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
<property name="top_attach">2</property>
<property name="bottom_attach">3</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@ -129,8 +147,8 @@
</object>
<packing>
<property name="right_attach">2</property>
<property name="top_attach">3</property>
<property name="bottom_attach">4</property>
<property name="top_attach">4</property>
<property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>

520
panels/network/wireless-security/eap-method.c
View file

@ -18,32 +18,31 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2012 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <glib.h>
#include <glib/gi18n.h>
#include <gtk/gtk.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <NetworkManager.h>
#include "eap-method.h"
#include "nm-utils.h"
#include "utils.h"
#include "helpers.h"
GType
eap_method_get_g_type (void)
eap_method_get_type (void)
{
static GType type_id = 0;
if (!type_id) {
type_id = g_boxed_type_register_static ("CcEAPMethod",
(GBoxedCopyFunc) eap_method_ref,
(GBoxedFreeFunc) eap_method_unref);
(GBoxedCopyFunc) eap_method_ref,
(GBoxedFreeFunc) eap_method_unref);
}
return type_id;
@ -58,12 +57,17 @@ eap_method_get_widget (EAPMethod *method)
}
gboolean
eap_method_validate (EAPMethod *method)
eap_method_validate (EAPMethod *method, GError **error)
{
gboolean result;
g_return_val_if_fail (method != NULL, FALSE);
g_assert (method->validate);
return (*(method->validate)) (method);
result = (*(method->validate)) (method, error);
if (!result && error && !*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("undefined error in 802.1x security (wpa-eap)"));
return result;
}
void
@ -77,13 +81,15 @@ eap_method_add_to_size_group (EAPMethod *method, GtkSizeGroup *group)
}
void
eap_method_fill_connection (EAPMethod *method, NMConnection *connection)
eap_method_fill_connection (EAPMethod *method,
NMConnection *connection,
NMSettingSecretFlags flags)
{
g_return_if_fail (method != NULL);
g_return_if_fail (connection != NULL);
g_assert (method->fill_connection);
return (*(method->fill_connection)) (method, connection);
return (*(method->fill_connection)) (method, connection, flags);
}
void
@ -96,197 +102,6 @@ eap_method_update_secrets (EAPMethod *method, NMConnection *connection)
method->update_secrets (method, connection);
}
typedef struct {
EAPMethod *method;
NMConnection *connection;
} NagDialogResponseInfo;
static void
nag_dialog_destroyed (gpointer data, GObject *dialog_ptr)
{
NagDialogResponseInfo *info = (NagDialogResponseInfo *) data;
memset (info, '\0', sizeof (NagDialogResponseInfo));
g_free (info);
}
static GSettings *
_get_ca_ignore_settings (const char *uuid)
{
GSettings *settings;
char *path = NULL;
path = g_strdup_printf ("/org/gnome/nm-applet/eap/%s/", uuid);
settings = g_settings_new_with_path ("org.gnome.nm-applet.eap", path);
g_free (path);
return settings;
}
static void
_set_ignore_ca_cert (const char *uuid, gboolean phase2, gboolean ignore)
{
GSettings *settings;
const char *key;
g_return_if_fail (uuid != NULL);
settings = _get_ca_ignore_settings (uuid);
key = phase2 ? "ignore-phase2-ca-cert" : "ignore-ca-cert";
g_settings_set_boolean (settings, key, ignore);
g_object_unref (settings);
}
static void
nag_dialog_response_cb (GtkDialog *nag_dialog,
gint response,
gpointer user_data)
{
NagDialogResponseInfo *info = (NagDialogResponseInfo *) user_data;
EAPMethod *method = (EAPMethod *) info->method;
NMConnection *connection = (NMConnection *) info->connection;
GtkWidget *widget;
if (response == GTK_RESPONSE_NO) {
/* Grab the value of the "don't bother me" checkbox */
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "ignore_checkbox"));
g_assert (widget);
method->ignore_ca_cert = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget));
/* And save it */
_set_ignore_ca_cert (nm_connection_get_uuid (connection),
method->phase2,
method->ignore_ca_cert);
}
gtk_widget_hide (GTK_WIDGET (nag_dialog));
}
static gboolean
nag_dialog_delete_event_cb (GtkDialog *nag_dialog, GdkEvent *e, gpointer user_data)
{
// FIXME?: By emitting response signal, dismissing nag dialog with upper right "x" icon,
// Alt-F4, or Esc would have the same behaviour as clicking "Ignore" button.
//g_signal_emit_by_name (nag_dialog, "response", GTK_RESPONSE_NO, user_data);
return TRUE; /* do not destroy */
}
GtkWidget *
eap_method_nag_user (EAPMethod *method)
{
GtkWidget *widget;
char *filename = NULL;
g_return_val_if_fail (method != NULL, NULL);
if (!method->nag_dialog || method->ignore_ca_cert)
return NULL;
/* Checkbox should be unchecked each time dialog comes up */
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "ignore_checkbox"));
g_assert (widget);
gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), FALSE);
/* Nag the user if the CA Cert is blank, since it's a security risk. */
widget = GTK_WIDGET (gtk_builder_get_object (method->builder, method->ca_cert_chooser));
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (filename != NULL) {
g_free (filename);
return NULL;
}
gtk_window_present (GTK_WINDOW (method->nag_dialog));
return method->nag_dialog;
}
#define NAG_DIALOG_UI "/org/gnome/control-center/network/nag-user-dialog.ui"
static gboolean
_get_ignore_ca_cert (const char *uuid, gboolean phase2)
{
GSettings *settings;
const char *key;
gboolean ignore = FALSE;
g_return_val_if_fail (uuid != NULL, FALSE);
settings = _get_ca_ignore_settings (uuid);
key = phase2 ? "ignore-phase2-ca-cert" : "ignore-ca-cert";
ignore = g_settings_get_boolean (settings, key);
g_object_unref (settings);
return ignore;
}
gboolean
eap_method_nag_init (EAPMethod *method,
const char *ca_cert_chooser,
NMConnection *connection)
{
GtkWidget *dialog, *widget;
NagDialogResponseInfo *info;
GError *error = NULL;
char *text;
g_return_val_if_fail (method != NULL, FALSE);
g_return_val_if_fail (ca_cert_chooser != NULL, FALSE);
method->nag_builder = gtk_builder_new ();
if (!gtk_builder_add_from_resource (method->nag_builder, NAG_DIALOG_UI, &error)) {
g_warning ("Couldn't load UI builder file " NAG_DIALOG_UI ": %s",
error->message);
g_error_free (error);
return FALSE;
}
method->ca_cert_chooser = g_strdup (ca_cert_chooser);
if (connection) {
NMSettingConnection *s_con;
const char *uuid;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
uuid = nm_setting_connection_get_uuid (s_con);
g_assert (uuid);
/* Figure out if the user wants to ignore missing CA cert */
method->ignore_ca_cert = _get_ignore_ca_cert (uuid, method->phase2);
}
info = g_malloc0 (sizeof (NagDialogResponseInfo));
info->method = method;
info->connection = connection;
dialog = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "nag_user_dialog"));
g_assert (dialog);
g_signal_connect (dialog, "response", G_CALLBACK (nag_dialog_response_cb), info);
g_signal_connect (dialog, "delete-event", G_CALLBACK (nag_dialog_delete_event_cb), info);
g_object_weak_ref (G_OBJECT (dialog), nag_dialog_destroyed, info);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "content_label"));
g_assert (widget);
text = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s",
_("No Certificate Authority certificate chosen"),
_("Not using a Certificate Authority (CA) certificate can result in connections to insecure, rogue Wi-Fi networks. Would you like to choose a Certificate Authority certificate?"));
gtk_label_set_markup (GTK_LABEL (widget), text);
g_free (text);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "ignore_button"));
gtk_button_set_label (GTK_BUTTON (widget), _("Ignore"));
g_assert (widget);
widget = GTK_WIDGET (gtk_builder_get_object (method->nag_builder, "change_button"));
gtk_button_set_label (GTK_BUTTON (widget), _("Choose CA Certificate"));
g_assert (widget);
method->nag_dialog = dialog;
return TRUE;
}
void
eap_method_phase2_update_secrets_helper (EAPMethod *method,
NMConnection *connection,
@ -347,7 +162,6 @@ eap_method_init (gsize obj_size,
method->add_to_size_group = add_to_size_group;
method->fill_connection = fill_connection;
method->update_secrets = update_secrets;
method->destroy = destroy;
method->default_field = default_field;
method->phase2 = phase2;
@ -368,6 +182,8 @@ eap_method_init (gsize obj_size,
}
g_object_ref_sink (method->ui_widget);
method->destroy = destroy;
return method;
}
@ -393,11 +209,6 @@ eap_method_unref (EAPMethod *method)
if (method->destroy)
method->destroy (method);
if (method->nag_dialog)
gtk_widget_destroy (method->nag_dialog);
if (method->nag_builder)
g_object_unref (method->nag_builder);
g_free (method->ca_cert_chooser);
if (method->builder)
g_object_unref (method->builder);
if (method->ui_widget)
@ -412,61 +223,67 @@ eap_method_validate_filepicker (GtkBuilder *builder,
const char *name,
guint32 item_type,
const char *password,
NMSetting8021xCKFormat *out_format)
NMSetting8021xCKFormat *out_format,
GError **error)
{
GtkWidget *widget;
char *filename;
NMSetting8021x *setting;
gboolean success = FALSE;
GError *error = NULL;
gboolean success = TRUE;
if (item_type == TYPE_PRIVATE_KEY) {
g_return_val_if_fail (password != NULL, FALSE);
g_return_val_if_fail (strlen (password), FALSE);
if (!password || *password == '\0')
success = FALSE;
}
widget = GTK_WIDGET (gtk_builder_get_object (builder, name));
g_assert (widget);
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (!filename)
return (item_type == TYPE_CA_CERT) ? TRUE : FALSE;
if (!g_file_test (filename, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))
if (!filename) {
if (item_type != TYPE_CA_CERT) {
widget_set_error (widget);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("no file selected"));
}
goto out;
}
if (!g_file_test (filename, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR)) {
success = FALSE;
widget_set_error (widget);
goto out;
}
setting = (NMSetting8021x *) nm_setting_802_1x_new ();
success = FALSE;
if (item_type == TYPE_PRIVATE_KEY) {
if (!nm_setting_802_1x_set_private_key (setting, filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, &error)) {
g_warning ("Error: couldn't verify private key: %d %s",
error ? error->code : -1, error ? error->message : "(none)");
g_clear_error (&error);
} else
if (nm_setting_802_1x_set_private_key (setting, filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, error))
success = TRUE;
} else if (item_type == TYPE_CLIENT_CERT) {
if (!nm_setting_802_1x_set_client_cert (setting, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, &error)) {
g_warning ("Error: couldn't verify client certificate: %d %s",
error ? error->code : -1, error ? error->message : "(none)");
g_clear_error (&error);
} else
if (nm_setting_802_1x_set_client_cert (setting, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, error))
success = TRUE;
} else if (item_type == TYPE_CA_CERT) {
if (!nm_setting_802_1x_set_ca_cert (setting, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, &error)) {
g_warning ("Error: couldn't verify CA certificate: %d %s",
error ? error->code : -1, error ? error->message : "(none)");
g_clear_error (&error);
} else
if (nm_setting_802_1x_set_ca_cert (setting, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, out_format, error))
success = TRUE;
} else
g_warning ("%s: invalid item type %d.", __func__, item_type);
if (!success)
widget_set_error (widget);
g_object_unref (setting);
out:
g_free (filename);
if (!success && error && !*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("unspecified error validating eap-method file"));
else
widget_unset_error (widget);
return success;
}
#ifdef LIBNM_GLIB_BUILD
static const char *
find_tag (const char *tag, const char *buf, gsize len)
{
@ -594,23 +411,35 @@ out:
close (fd);
return success;
}
#endif
static gboolean
default_filter_privkey (const GtkFileFilterInfo *filter_info, gpointer user_data)
{
const char *extensions[] = { ".der", ".pem", ".p12", NULL };
#ifdef LIBNM_GLIB_BUILD
const char *extensions[] = { ".der", ".pem", ".p12", ".key", NULL };
#endif
gboolean require_encrypted = !!user_data;
gboolean is_encrypted = TRUE;
gboolean is_encrypted;
if (!filter_info->filename)
return FALSE;
#if defined (LIBNM_GLIB_BUILD)
if (!file_has_extension (filter_info->filename, extensions))
return FALSE;
is_encrypted = TRUE;
if ( !file_is_der_or_pem (filter_info->filename, TRUE, &is_encrypted)
&& !nm_utils_file_is_pkcs12 (filter_info->filename))
return FALSE;
#elif defined (LIBNM_BUILD)
is_encrypted = FALSE;
if (!nm_utils_file_is_private_key (filter_info->filename, &is_encrypted))
return FALSE;
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
return require_encrypted ? is_encrypted : TRUE;
}
@ -618,16 +447,25 @@ default_filter_privkey (const GtkFileFilterInfo *filter_info, gpointer user_data
static gboolean
default_filter_cert (const GtkFileFilterInfo *filter_info, gpointer user_data)
{
#ifdef LIBNM_GLIB_BUILD
const char *extensions[] = { ".der", ".pem", ".crt", ".cer", NULL };
#endif
if (!filter_info->filename)
return FALSE;
#if defined (LIBNM_GLIB_BUILD)
if (!file_has_extension (filter_info->filename, extensions))
return FALSE;
if (!file_is_der_or_pem (filter_info->filename, FALSE, NULL))
return FALSE;
#elif defined (LIBNM_BUILD)
if (!nm_utils_file_is_certificate (filter_info->filename))
return FALSE;
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
return TRUE;
}
@ -640,7 +478,7 @@ eap_method_default_file_chooser_filter_new (gboolean privkey)
filter = gtk_file_filter_new ();
if (privkey) {
gtk_file_filter_add_custom (filter, GTK_FILE_FILTER_FILENAME, default_filter_privkey, NULL, NULL);
gtk_file_filter_set_name (filter, _("DER, PEM, or PKCS#12 private keys (*.der, *.pem, *.p12)"));
gtk_file_filter_set_name (filter, _("DER, PEM, or PKCS#12 private keys (*.der, *.pem, *.p12, *.key)"));
} else {
gtk_file_filter_add_custom (filter, GTK_FILE_FILTER_FILENAME, default_filter_cert, NULL, NULL);
gtk_file_filter_set_name (filter, _("DER or PEM certificates (*.der, *.pem, *.crt, *.cer)"));
@ -656,3 +494,211 @@ eap_method_is_encrypted_private_key (const char *path)
return default_filter_privkey (&info, (gpointer) TRUE);
}
/* Some methods (PEAP, TLS, TTLS) require a CA certificate. The user can choose
* not to provide such a certificate. This method whether the checkbox
* id_ca_cert_not_required_checkbutton is checked or id_ca_cert_chooser has a certificate
* selected.
*/
gboolean
eap_method_ca_cert_required (GtkBuilder *builder, const char *id_ca_cert_not_required_checkbutton, const char *id_ca_cert_chooser)
{
char *filename;
GtkWidget *widget;
g_assert (builder && id_ca_cert_not_required_checkbutton && id_ca_cert_chooser);
widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_not_required_checkbutton));
g_assert (widget && GTK_IS_TOGGLE_BUTTON (widget));
if (!gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_chooser));
g_assert (widget && GTK_IS_FILE_CHOOSER (widget));
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
if (!filename)
return TRUE;
g_free (filename);
}
return FALSE;
}
void
eap_method_ca_cert_not_required_toggled (GtkBuilder *builder, const char *id_ca_cert_not_required_checkbutton, const char *id_ca_cert_chooser)
{
char *filename, *filename_old;
gboolean is_not_required;
GtkWidget *widget;
g_assert (builder && id_ca_cert_not_required_checkbutton && id_ca_cert_chooser);
widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_not_required_checkbutton));
g_assert (widget && GTK_IS_TOGGLE_BUTTON (widget));
is_not_required = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget));
widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_chooser));
g_assert (widget && GTK_IS_FILE_CHOOSER (widget));
filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
filename_old = g_object_steal_data (G_OBJECT (widget), "filename-old");
if (is_not_required) {
g_free (filename_old);
filename_old = filename;
filename = NULL;
} else {
g_free (filename);
filename = filename_old;
filename_old = NULL;
}
gtk_widget_set_sensitive (widget, !is_not_required);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
else
gtk_file_chooser_unselect_all (GTK_FILE_CHOOSER (widget));
g_free (filename);
g_object_set_data_full (G_OBJECT (widget), "filename-old", filename_old, g_free);
}
/* Used as both GSettings keys and GObject data tags */
#define IGNORE_CA_CERT_TAG "ignore-ca-cert"
#define IGNORE_PHASE2_CA_CERT_TAG "ignore-phase2-ca-cert"
/**
* eap_method_ca_cert_ignore_set:
* @method: the #EAPMethod object
* @connection: the #NMConnection
* @filename: the certificate file, if any
* @ca_cert_error: %TRUE if an error was encountered loading the given CA
* certificate, %FALSE if not or if a CA certificate is not present
*
* Updates the connection's CA cert ignore value to %TRUE if the "CA certificate
* not required" checkbox is checked. If @ca_cert_error is %TRUE, then the
* connection's CA cert ignore value will always be set to %FALSE, because it
* means that the user selected an invalid certificate (thus he does not want to
* ignore the CA cert)..
*/
void
eap_method_ca_cert_ignore_set (EAPMethod *method,
NMConnection *connection,
const char *filename,
gboolean ca_cert_error)
{
NMSetting8021x *s_8021x;
gboolean ignore;
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x) {
ignore = !ca_cert_error && filename == NULL;
g_object_set_data (G_OBJECT (s_8021x),
method->phase2 ? IGNORE_PHASE2_CA_CERT_TAG : IGNORE_CA_CERT_TAG,
GUINT_TO_POINTER (ignore));
}
}
/**
* eap_method_ca_cert_ignore_get:
* @method: the #EAPMethod object
* @connection: the #NMConnection
*
* Returns: %TRUE if a missing CA certificate can be ignored, %FALSE if a CA
* certificate should be required for the connection to be valid.
*/
gboolean
eap_method_ca_cert_ignore_get (EAPMethod *method, NMConnection *connection)
{
NMSetting8021x *s_8021x;
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x) {
return !!g_object_get_data (G_OBJECT (s_8021x),
method->phase2 ? IGNORE_PHASE2_CA_CERT_TAG : IGNORE_CA_CERT_TAG);
}
return FALSE;
}
static GSettings *
_get_ca_ignore_settings (NMConnection *connection)
{
GSettings *settings;
char *path = NULL;
const char *uuid;
g_return_val_if_fail (connection, NULL);
uuid = nm_connection_get_uuid (connection);
g_return_val_if_fail (uuid && *uuid, NULL);
path = g_strdup_printf ("/org/gnome/nm-applet/eap/%s/", uuid);
settings = g_settings_new_with_path ("org.gnome.nm-applet.eap", path);
g_free (path);
return settings;
}
/**
* eap_method_ca_cert_ignore_save:
* @connection: the connection for which to save CA cert ignore values to GSettings
*
* Reads the CA cert ignore tags from the 802.1x setting GObject data and saves
* then to GSettings if present, using the connection UUID as the index.
*/
void
eap_method_ca_cert_ignore_save (NMConnection *connection)
{
NMSetting8021x *s_8021x;
GSettings *settings;
gboolean ignore = FALSE, phase2_ignore = FALSE;
g_return_if_fail (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x) {
ignore = !!g_object_get_data (G_OBJECT (s_8021x), IGNORE_CA_CERT_TAG);
phase2_ignore = !!g_object_get_data (G_OBJECT (s_8021x), IGNORE_PHASE2_CA_CERT_TAG);
}
settings = _get_ca_ignore_settings (connection);
if (!settings)
return;
g_settings_set_boolean (settings, IGNORE_CA_CERT_TAG, ignore);
g_settings_set_boolean (settings, IGNORE_PHASE2_CA_CERT_TAG, phase2_ignore);
g_object_unref (settings);
}
/**
* eap_method_ca_cert_ignore_load:
* @connection: the connection for which to load CA cert ignore values to GSettings
*
* Reads the CA cert ignore tags from the 802.1x setting GObject data and saves
* then to GSettings if present, using the connection UUID as the index.
*/
void
eap_method_ca_cert_ignore_load (NMConnection *connection)
{
GSettings *settings;
NMSetting8021x *s_8021x;
gboolean ignore, phase2_ignore;
g_return_if_fail (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
if (!s_8021x)
return;
settings = _get_ca_ignore_settings (connection);
if (!settings)
return;
ignore = g_settings_get_boolean (settings, IGNORE_CA_CERT_TAG);
phase2_ignore = g_settings_get_boolean (settings, IGNORE_PHASE2_CA_CERT_TAG);
g_object_set_data (G_OBJECT (s_8021x),
IGNORE_CA_CERT_TAG,
GUINT_TO_POINTER (ignore));
g_object_set_data (G_OBJECT (s_8021x),
IGNORE_PHASE2_CA_CERT_TAG,
GUINT_TO_POINTER (phase2_ignore));
g_object_unref (settings);
}

52
panels/network/wireless-security/eap-method.h
View file

@ -17,7 +17,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2012 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef EAP_METHOD_H
@ -25,15 +25,23 @@
#include <glib.h>
#include <gtk/gtk.h>
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#include <nm-setting-8021x.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _EAPMethod EAPMethod;
typedef void (*EMAddToSizeGroupFunc) (EAPMethod *method, GtkSizeGroup *group);
typedef void (*EMFillConnectionFunc) (EAPMethod *method, NMConnection *connection);
typedef void (*EMFillConnectionFunc) (EAPMethod *method, NMConnection *connection, NMSettingSecretFlags flags);
typedef void (*EMUpdateSecretsFunc) (EAPMethod *method, NMConnection *connection);
typedef void (*EMDestroyFunc) (EAPMethod *method);
typedef gboolean (*EMValidateFunc) (EAPMethod *method);
typedef gboolean (*EMValidateFunc) (EAPMethod *method, GError **error);
struct _EAPMethod {
guint32 refcount;
@ -42,14 +50,11 @@ struct _EAPMethod {
GtkBuilder *builder;
GtkWidget *ui_widget;
GtkBuilder *nag_builder;
char *ca_cert_chooser;
const char *default_field;
GtkWidget *nag_dialog;
const char *password_flags_name;
gboolean phase2;
gboolean secrets_only;
gboolean ignore_ca_cert;
EMAddToSizeGroupFunc add_to_size_group;
EMFillConnectionFunc fill_connection;
@ -63,21 +68,21 @@ struct _EAPMethod {
GtkWidget *eap_method_get_widget (EAPMethod *method);
gboolean eap_method_validate (EAPMethod *method);
gboolean eap_method_validate (EAPMethod *method, GError **error);
void eap_method_add_to_size_group (EAPMethod *method, GtkSizeGroup *group);
void eap_method_fill_connection (EAPMethod *method, NMConnection *connection);
void eap_method_fill_connection (EAPMethod *method,
NMConnection *connection,
NMSettingSecretFlags flags);
void eap_method_update_secrets (EAPMethod *method, NMConnection *connection);
GtkWidget * eap_method_nag_user (EAPMethod *method);
EAPMethod *eap_method_ref (EAPMethod *method);
void eap_method_unref (EAPMethod *method);
GType eap_method_get_g_type (void);
GType eap_method_get_type (void);
/* Below for internal use only */
@ -111,16 +116,29 @@ gboolean eap_method_validate_filepicker (GtkBuilder *builder,
const char *name,
guint32 item_type,
const char *password,
NMSetting8021xCKFormat *out_format);
gboolean eap_method_nag_init (EAPMethod *method,
const char *ca_cert_chooser,
NMConnection *connection);
NMSetting8021xCKFormat *out_format,
GError **error);
void eap_method_phase2_update_secrets_helper (EAPMethod *method,
NMConnection *connection,
const char *combo_name,
guint32 column);
gboolean eap_method_ca_cert_required (GtkBuilder *builder,
const char *id_ca_cert_is_not_required_checkbox,
const char *id_ca_cert_chooser);
void eap_method_ca_cert_not_required_toggled (GtkBuilder *builder,
const char *id_ca_cert_is_not_required_checkbox,
const char *id_ca_cert_chooser);
void eap_method_ca_cert_ignore_set (EAPMethod *method,
NMConnection *connection,
const char *filename,
gboolean ca_cert_error);
gboolean eap_method_ca_cert_ignore_get (EAPMethod *method, NMConnection *connection);
void eap_method_ca_cert_ignore_save (NMConnection *connection);
void eap_method_ca_cert_ignore_load (NMConnection *connection);
#endif /* EAP_METHOD_H */

5
panels/network/wireless-security/helpers.c
View file

@ -17,9 +17,11 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2009 Red Hat, Inc.
* Copyright 2009 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include "helpers.h"
void
@ -48,3 +50,4 @@ helper_fill_secret_entry (NMConnection *connection,
}
}
}

13
panels/network/wireless-security/helpers.h
View file

@ -17,7 +17,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2009 Red Hat, Inc.
* Copyright 2009 - 2014 Red Hat, Inc.
*/
#ifndef _HELPERS_H_
@ -25,7 +25,15 @@
#include <glib.h>
#include <gtk/gtk.h>
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#include <nm-setting.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef const char * (*HelperSecretFunc)(NMSetting *);
@ -35,8 +43,5 @@ void helper_fill_secret_entry (NMConnection *connection,
GType setting_type,
HelperSecretFunc func);
extern void widget_set_error (GtkWidget *widget);
extern void widget_unset_error (GtkWidget *widget);
#endif /* _HELPERS_H_ */

178
panels/network/wireless-security/wireless-security.c
View file

@ -17,25 +17,20 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2012 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "config.h"
#include "nm-default.h"
#include <string.h>
#include <glib.h>
#include <gtk/gtk.h>
#include <glib/gi18n.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "wireless-security-resources.h"
#include "eap-method.h"
#include "utils.h"
GType
wireless_security_get_g_type (void)
wireless_security_get_type (void)
{
static GType type_id = 0;
@ -43,8 +38,8 @@ wireless_security_get_g_type (void)
g_resources_register (wireless_security_get_resource ());
type_id = g_boxed_type_register_static ("CcWirelessSecurity",
(GBoxedCopyFunc) wireless_security_ref,
(GBoxedFreeFunc) wireless_security_unref);
(GBoxedCopyFunc) wireless_security_ref,
(GBoxedFreeFunc) wireless_security_unref);
}
return type_id;
@ -79,12 +74,18 @@ wireless_security_changed_cb (GtkWidget *ignored, gpointer user_data)
}
gboolean
wireless_security_validate (WirelessSecurity *sec, GBytes *ssid)
wireless_security_validate (WirelessSecurity *sec, GError **error)
{
gboolean result;
g_return_val_if_fail (sec != NULL, FALSE);
g_return_val_if_fail (!error || !*error, FALSE);
g_assert (sec->validate);
return (*(sec->validate)) (sec, ssid);
result = (*(sec->validate)) (sec, error);
if (!result && error && !*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Unknown error validating 802.1x security"));
return result;
}
void
@ -139,6 +140,12 @@ wireless_security_unref (WirelessSecurity *sec)
if (sec->destroy)
sec->destroy (sec);
g_free (sec->username);
if (sec->password) {
memset (sec->password, 0, strlen (sec->password));
g_free (sec->password);
}
if (sec->builder)
g_object_unref (sec->builder);
if (sec->ui_widget)
@ -175,7 +182,6 @@ wireless_security_init (gsize obj_size,
sec->add_to_size_group = add_to_size_group;
sec->fill_connection = fill_connection;
sec->update_secrets = update_secrets;
sec->destroy = destroy;
sec->default_field = default_field;
sec->builder = gtk_builder_new ();
@ -196,21 +202,13 @@ wireless_security_init (gsize obj_size,
}
g_object_ref_sink (sec->ui_widget);
sec->destroy = destroy;
sec->adhoc_compatible = TRUE;
sec->hotspot_compatible = TRUE;
return sec;
}
GtkWidget *
wireless_security_nag_user (WirelessSecurity *sec)
{
g_return_val_if_fail (sec != NULL, NULL);
if (sec->nag_user)
return (*(sec->nag_user)) (sec);
return NULL;
}
gboolean
wireless_security_adhoc_compatible (WirelessSecurity *sec)
{
@ -219,6 +217,61 @@ wireless_security_adhoc_compatible (WirelessSecurity *sec)
return sec->adhoc_compatible;
}
gboolean
wireless_security_hotspot_compatible (WirelessSecurity *sec)
{
g_return_val_if_fail (sec != NULL, FALSE);
return sec->hotspot_compatible;
}
void
wireless_security_set_userpass (WirelessSecurity *sec,
const char *user,
const char *password,
gboolean always_ask,
gboolean show_password)
{
g_free (sec->username);
sec->username = g_strdup (user);
if (sec->password) {
memset (sec->password, 0, strlen (sec->password));
g_free (sec->password);
}
sec->password = g_strdup (password);
if (always_ask != (gboolean) -1)
sec->always_ask = always_ask;
sec->show_password = show_password;
}
void
wireless_security_set_userpass_802_1x (WirelessSecurity *sec,
NMConnection *connection)
{
const char *user = NULL, *password = NULL;
gboolean always_ask = FALSE, show_password = FALSE;
NMSetting8021x *setting;
NMSettingSecretFlags flags;
if (!connection)
goto set;
setting = nm_connection_get_setting_802_1x (connection);
if (!setting)
goto set;
user = nm_setting_802_1x_get_identity (setting);
password = nm_setting_802_1x_get_password (setting);
if (nm_setting_get_secret_flags (NM_SETTING (setting), NM_SETTING_802_1X_PASSWORD, &flags, NULL))
always_ask = !!(flags & NM_SETTING_SECRET_FLAG_NOT_SAVED);
set:
wireless_security_set_userpass (sec, user, password, always_ask, show_password);
}
void
wireless_security_clear_ciphers (NMConnection *connection)
{
@ -261,7 +314,7 @@ ws_802_1x_add_to_size_group (WirelessSecurity *sec,
}
gboolean
ws_802_1x_validate (WirelessSecurity *sec, const char *combo_name)
ws_802_1x_validate (WirelessSecurity *sec, const char *combo_name, GError **error)
{
GtkWidget *widget;
GtkTreeModel *model;
@ -276,7 +329,7 @@ ws_802_1x_validate (WirelessSecurity *sec, const char *combo_name)
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_assert (eap);
valid = eap_method_validate (eap);
valid = eap_method_validate (eap, error);
eap_method_unref (eap);
return valid;
}
@ -343,12 +396,14 @@ ws_802_1x_auth_combo_init (WirelessSecurity *sec,
EAPMethodSimple *em_md5;
EAPMethodTLS *em_tls;
EAPMethodLEAP *em_leap;
EAPMethodSimple *em_pwd;
EAPMethodFAST *em_fast;
EAPMethodTTLS *em_ttls;
EAPMethodPEAP *em_peap;
const char *default_method = NULL, *ctype = NULL;
int active = -1, item = 0;
gboolean wired = FALSE;
EAPMethodSimpleFlags simple_flags = EAP_METHOD_SIMPLE_FLAG_NONE;
/* Grab the default EAP method out of the security object */
if (connection) {
@ -367,15 +422,18 @@ ws_802_1x_auth_combo_init (WirelessSecurity *sec,
default_method = nm_setting_802_1x_get_eap_method (s_8021x, 0);
}
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_g_type ());
/* initialize WirelessSecurity userpass from connection (clear if no connection) */
wireless_security_set_userpass_802_1x (sec, connection);
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_type ());
if (is_editor)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_IS_EDITOR;
if (secrets_only)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
if (wired) {
em_md5 = eap_method_simple_new (sec,
connection,
EAP_METHOD_SIMPLE_TYPE_MD5,
FALSE,
is_editor,
secrets_only);
em_md5 = eap_method_simple_new (sec, connection, EAP_METHOD_SIMPLE_TYPE_MD5, simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("MD5"),
@ -411,6 +469,17 @@ ws_802_1x_auth_combo_init (WirelessSecurity *sec,
item++;
}
em_pwd = eap_method_simple_new (sec, connection, EAP_METHOD_SIMPLE_TYPE_PWD, simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("PWD"),
AUTH_METHOD_COLUMN, em_pwd,
-1);
eap_method_unref (EAP_METHOD (em_pwd));
if (default_method && (active < 0) && !strcmp (default_method, "pwd"))
active = item;
item++;
em_fast = eap_method_fast_new (sec, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
@ -470,10 +539,25 @@ ws_802_1x_fill_connection (WirelessSecurity *sec,
GtkWidget *widget;
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x;
NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
EAPMethod *eap = NULL;
GtkTreeModel *model;
GtkTreeIter iter;
/* Get the EAPMethod object */
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_assert (eap);
/* Get previous pasword flags, if any. Otherwise default to agent-owned secrets */
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x)
nm_setting_get_secret_flags (NM_SETTING (s_8021x), eap->password_flags_name, &secret_flags, NULL);
else
secret_flags = NM_SETTING_SECRET_FLAG_AGENT_OWNED;
/* Blow away the old wireless security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
@ -482,13 +566,7 @@ ws_802_1x_fill_connection (WirelessSecurity *sec,
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
nm_connection_add_setting (connection, (NMSetting *) s_8021x);
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_fill_connection (eap, connection, secret_flags);
eap_method_unref (eap);
}
@ -522,23 +600,3 @@ ws_802_1x_update_secrets (WirelessSecurity *sec,
}
}
GtkWidget *
ws_802_1x_nag_user (WirelessSecurity *sec,
const char *combo_name)
{
GtkTreeModel *model;
GtkTreeIter iter;
EAPMethod *eap = NULL;
GtkWidget *widget;
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_return_val_if_fail (eap != NULL, NULL);
widget = eap_method_nag_user (eap);
eap_method_unref (eap);
return widget;
}

39
panels/network/wireless-security/wireless-security.h
View file

@ -17,15 +17,24 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WIRELESS_SECURITY_H
#define WIRELESS_SECURITY_H
#define LIBNM_GLIB_BUILD
#include <glib.h>
#include <gtk/gtk.h>
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurity WirelessSecurity;
@ -35,7 +44,7 @@ typedef void (*WSAddToSizeGroupFunc) (WirelessSecurity *sec, GtkSizeGroup *group
typedef void (*WSFillConnectionFunc) (WirelessSecurity *sec, NMConnection *connection);
typedef void (*WSUpdateSecretsFunc) (WirelessSecurity *sec, NMConnection *connection);
typedef void (*WSDestroyFunc) (WirelessSecurity *sec);
typedef gboolean (*WSValidateFunc) (WirelessSecurity *sec, GBytes *ssid);
typedef gboolean (*WSValidateFunc) (WirelessSecurity *sec, GError **error);
typedef GtkWidget * (*WSNagUserFunc) (WirelessSecurity *sec);
struct _WirelessSecurity {
@ -47,12 +56,15 @@ struct _WirelessSecurity {
gpointer changed_notify_data;
const char *default_field;
gboolean adhoc_compatible;
gboolean hotspot_compatible;
char *username, *password;
gboolean always_ask, show_password;
WSAddToSizeGroupFunc add_to_size_group;
WSFillConnectionFunc fill_connection;
WSUpdateSecretsFunc update_secrets;
WSValidateFunc validate;
WSNagUserFunc nag_user;
WSDestroyFunc destroy;
};
@ -65,7 +77,7 @@ void wireless_security_set_changed_notify (WirelessSecurity *sec,
WSChangedFunc func,
gpointer user_data);
gboolean wireless_security_validate (WirelessSecurity *sec, GBytes *ssid);
gboolean wireless_security_validate (WirelessSecurity *sec, GError **error);
void wireless_security_add_to_size_group (WirelessSecurity *sec,
GtkSizeGroup *group);
@ -76,15 +88,23 @@ void wireless_security_fill_connection (WirelessSecurity *sec,
void wireless_security_update_secrets (WirelessSecurity *sec,
NMConnection *connection);
GtkWidget * wireless_security_nag_user (WirelessSecurity *sec);
gboolean wireless_security_adhoc_compatible (WirelessSecurity *sec);
gboolean wireless_security_hotspot_compatible (WirelessSecurity *sec);
void wireless_security_set_userpass (WirelessSecurity *sec,
const char *user,
const char *password,
gboolean always_ask,
gboolean show_password);
void wireless_security_set_userpass_802_1x (WirelessSecurity *sec,
NMConnection *connection);
WirelessSecurity *wireless_security_ref (WirelessSecurity *sec);
void wireless_security_unref (WirelessSecurity *sec);
GType wireless_security_get_g_type (void);
GType wireless_security_get_type (void);
/* Below for internal use only */
@ -124,7 +144,7 @@ void ws_802_1x_auth_combo_changed (GtkWidget *combo,
const char *vbox_name,
GtkSizeGroup *size_group);
gboolean ws_802_1x_validate (WirelessSecurity *sec, const char *combo_name);
gboolean ws_802_1x_validate (WirelessSecurity *sec, const char *combo_name, GError **error);
void ws_802_1x_add_to_size_group (WirelessSecurity *sec,
GtkSizeGroup *size_group,
@ -139,8 +159,5 @@ void ws_802_1x_update_secrets (WirelessSecurity *sec,
const char *combo_name,
NMConnection *connection);
GtkWidget * ws_802_1x_nag_user (WirelessSecurity *sec,
const char *combo_name);
#endif /* WIRELESS_SECURITY_H */

23
panels/network/wireless-security/ws-dynamic-wep.c
View file

@ -17,13 +17,13 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include <glib/gi18n.h>
#include "nm-default.h"
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "eap-method.h"
@ -44,9 +44,9 @@ destroy (WirelessSecurity *parent)
}
static gboolean
validate (WirelessSecurity *parent, GBytes *ssid)
validate (WirelessSecurity *parent, GError **error)
{
return ws_802_1x_validate (parent, "dynamic_wep_auth_combo");
return ws_802_1x_validate (parent, "dynamic_wep_auth_combo", error);
}
static void
@ -75,11 +75,6 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
g_assert (s_wireless_sec);
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x", NULL);
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "wep40");
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "wep104");
nm_setting_wireless_security_add_group (s_wireless_sec, "wep40");
nm_setting_wireless_security_add_group (s_wireless_sec, "wep104");
}
static void
@ -94,12 +89,6 @@ auth_combo_changed_cb (GtkWidget *combo, gpointer user_data)
sec->size_group);
}
static GtkWidget *
nag_user (WirelessSecurity *parent)
{
return ws_802_1x_nag_user (parent, "dynamic_wep_auth_combo");
}
static void
update_secrets (WirelessSecurity *parent, NMConnection *connection)
{
@ -126,8 +115,8 @@ ws_dynamic_wep_new (NMConnection *connection,
if (!parent)
return NULL;
parent->nag_user = nag_user;
parent->adhoc_compatible = FALSE;
parent->hotspot_compatible = FALSE;
widget = ws_802_1x_auth_combo_init (parent,
"dynamic_wep_auth_combo",

8
panels/network/wireless-security/ws-dynamic-wep.h
View file

@ -17,13 +17,19 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WS_DYNAMIC_WEP_H
#define WS_DYNAMIC_WEP_H
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurityDynamicWEP WirelessSecurityDynamicWEP;

6
panels/network/wireless-security/ws-dynamic-wep.ui
View file

@ -23,7 +23,7 @@
<property name="can_focus">False</property>
<property name="n_rows">3</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<placeholder/>
@ -35,8 +35,8 @@
<object class="GtkLabel" id="dynamic_wep_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Au_thentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Au_thentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">dynamic_wep_auth_combo</property>
</object>

45
panels/network/wireless-security/ws-leap.c
View file

@ -17,18 +17,22 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include <string.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "helpers.h"
#include "nma-ui-utils.h"
#include "utils.h"
struct _WirelessSecurityLEAP {
WirelessSecurity parent;
gboolean new_connection;
gboolean editing_connection;
const char *password_flags_name;
};
static void
@ -45,7 +49,7 @@ show_toggled_cb (GtkCheckButton *button, WirelessSecurity *sec)
}
static gboolean
validate (WirelessSecurity *parent, GBytes *ssid)
validate (WirelessSecurity *parent, GError **error)
{
GtkWidget *entry;
const char *text;
@ -56,6 +60,7 @@ validate (WirelessSecurity *parent, GBytes *ssid)
text = gtk_entry_get_text (GTK_ENTRY (entry));
if (!text || !strlen (text)) {
widget_set_error (entry);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing leap-username"));
ret = FALSE;
} else {
widget_unset_error (entry);
@ -64,8 +69,10 @@ validate (WirelessSecurity *parent, GBytes *ssid)
entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
g_assert (entry);
text = gtk_entry_get_text (GTK_ENTRY (entry));
if (!text || *text == '\0') {
if (!text || !strlen (text)) {
widget_set_error (entry);
if (!*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing leap-password"));
ret = FALSE;
} else {
widget_unset_error (entry);
@ -91,7 +98,8 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityLEAP *sec = (WirelessSecurityLEAP *) parent;
NMSettingWirelessSecurity *s_wireless_sec;
GtkWidget *widget;
NMSettingSecretFlags secret_flags;
GtkWidget *widget, *passwd_entry;
const char *leap_password = NULL, *leap_username = NULL;
/* Blow away the old security setting by adding a clear one */
@ -102,6 +110,7 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
leap_username = gtk_entry_get_text (GTK_ENTRY (widget));
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
passwd_entry = widget;
leap_password = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec,
@ -111,12 +120,15 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, leap_password,
NULL);
/* Default to agent-owned secrets for new connections */
if (sec->new_connection) {
g_object_set (s_wireless_sec,
NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
NULL);
}
/* Save LEAP_PASSWORD_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), sec->password_flags_name,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (sec->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wireless_sec), sec->password_flags_name);
}
static void
@ -162,14 +174,21 @@ ws_leap_new (NMConnection *connection, gboolean secrets_only)
}
parent->adhoc_compatible = FALSE;
parent->hotspot_compatible = FALSE;
sec = (WirelessSecurityLEAP *) parent;
sec->new_connection = secrets_only ? FALSE : TRUE;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
/* Create password-storage popup menu for password entry under entry's secondary icon */
nma_utils_setup_password_storage (widget, 0, (NMSetting *) wsec, sec->password_flags_name,
FALSE, secrets_only);
if (wsec)
update_secrets (WIRELESS_SECURITY (sec), connection);

8
panels/network/wireless-security/ws-leap.h
View file

@ -17,13 +17,19 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WS_LEAP_H
#define WS_LEAP_H
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurityLEAP WirelessSecurityLEAP;

12
panels/network/wireless-security/ws-leap.ui
View file

@ -10,9 +10,10 @@
<object class="GtkTable" id="table5">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="valign">start</property>
<property name="n_rows">3</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<placeholder/>
@ -21,8 +22,8 @@
<object class="GtkLabel" id="leap_username_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Username</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Username:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">leap_username_entry</property>
</object>
@ -35,8 +36,8 @@
<object class="GtkLabel" id="leap_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Password</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Password:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">leap_password_entry</property>
</object>
@ -69,7 +70,6 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="xalign">0</property>
<property name="draw_indicator">True</property>
</object>
<packing>

97
panels/network/wireless-security/ws-wep-key.c
View file

@ -17,20 +17,24 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include <ctype.h>
#include "nm-default.h"
#include <string.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "utils.h"
#include "helpers.h"
#include "nma-ui-utils.h"
struct _WirelessSecurityWEPKey {
WirelessSecurity parent;
gboolean editing_connection;
const char *password_flags_name;
NMWepKeyType type;
char keys[4][65];
guint8 cur_index;
@ -61,7 +65,7 @@ key_index_combo_changed_cb (GtkWidget *combo, WirelessSecurity *parent)
entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
key = gtk_entry_get_text (GTK_ENTRY (entry));
if (key)
strcpy (sec->keys[sec->cur_index], key);
g_strlcpy (sec->keys[sec->cur_index], key, sizeof (sec->keys[sec->cur_index]));
else
memset (sec->keys[sec->cur_index], 0, sizeof (sec->keys[sec->cur_index]));
@ -87,7 +91,7 @@ destroy (WirelessSecurity *parent)
}
static gboolean
validate (WirelessSecurity *parent, GBytes *ssid)
validate (WirelessSecurity *parent, GError **error)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
GtkWidget *entry;
@ -100,31 +104,39 @@ validate (WirelessSecurity *parent, GBytes *ssid)
key = gtk_entry_get_text (GTK_ENTRY (entry));
if (!key) {
widget_set_error (entry);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing wep-key"));
return FALSE;
}
if (sec->type == NM_WEP_KEY_TYPE_KEY) {
if ((strlen (key) == 10) || (strlen (key) == 26)) {
for (i = 0; i < strlen (key); i++) {
if (!isxdigit (key[i])) {
if (!g_ascii_isxdigit (key[i])) {
widget_set_error (entry);
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wep-key: key with a length of %zu must contain only hex-digits"), strlen (key));
return FALSE;
}
}
} else if ((strlen (key) == 5) || (strlen (key) == 13)) {
for (i = 0; i < strlen (key); i++) {
if (!isascii (key[i])) {
if (!utils_char_is_ascii_print (key[i])) {
widget_set_error (entry);
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wep-key: key with a length of %zu must contain only ascii characters"), strlen (key));
return FALSE;
}
}
} else {
widget_set_error (entry);
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wep-key: wrong key length %zu. A key must be either of length 5/13 (ascii) or 10/26 (hex)"), strlen (key));
return FALSE;
}
} else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE) {
if (!strlen (key) || (strlen (key) > 64)) {
if (!*key || (strlen (key) > 64)) {
widget_set_error (entry);
if (!*key)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wep-key: passphrase must be non-empty"));
else
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wep-key: passphrase must be shorter than 64 characters"));
return FALSE;
}
}
@ -153,7 +165,8 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
NMSettingWirelessSecurity *s_wsec;
GtkWidget *widget;
NMSettingSecretFlags secret_flags;
GtkWidget *widget, *passwd_entry;
gint auth_alg;
const char *key;
int i;
@ -162,8 +175,9 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
passwd_entry = widget;
key = gtk_entry_get_text (GTK_ENTRY (widget));
strcpy (sec->keys[sec->cur_index], key);
g_strlcpy (sec->keys[sec->cur_index], key, sizeof (sec->keys[sec->cur_index]));
/* Blow away the old security setting by adding a clear one */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
@ -180,44 +194,32 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
if (strlen (sec->keys[i]))
nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]);
}
/* Save WEP_KEY_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS, secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (sec->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wsec), sec->password_flags_name);
}
static void
wep_entry_filter_cb (GtkEntry * entry,
const gchar *text,
gint length,
gint * position,
gpointer data)
wep_entry_filter_cb (GtkEditable *editable,
gchar *text,
gint length,
gint *position,
gpointer data)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) data;
GtkEditable *editable = GTK_EDITABLE (entry);
int i, count = 0;
gchar *result;
result = g_malloc0 (length + 1);
if (sec->type == NM_WEP_KEY_TYPE_KEY) {
for (i = 0; i < length; i++) {
if (isxdigit(text[i]) || isascii(text[i]))
result[count++] = text[i];
}
} else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE) {
for (i = 0; i < length; i++)
result[count++] = text[i];
utils_filter_editable_on_insert_text (editable,
text, length, position, data,
utils_char_is_ascii_print,
wep_entry_filter_cb);
}
if (count > 0) {
g_signal_handlers_block_by_func (G_OBJECT (editable),
G_CALLBACK (wep_entry_filter_cb),
data);
gtk_editable_insert_text (editable, result, count, position);
g_signal_handlers_unblock_by_func (G_OBJECT (editable),
G_CALLBACK (wep_entry_filter_cb),
data);
}
g_signal_stop_emission_by_name (G_OBJECT (editable), "insert-text");
g_free (result);
}
static void
@ -233,7 +235,7 @@ update_secrets (WirelessSecurity *parent, NMConnection *connection)
for (i = 0; s_wsec && i < 4; i++) {
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, i);
if (tmp)
strcpy (sec->keys[i], tmp);
g_strlcpy (sec->keys[i], tmp, sizeof (sec->keys[i]));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
@ -251,6 +253,7 @@ ws_wep_key_new (NMConnection *connection,
WirelessSecurityWEPKey *sec;
GtkWidget *widget;
NMSettingWirelessSecurity *s_wsec = NULL;
NMSetting *setting = NULL;
guint8 default_key_idx = 0;
gboolean is_adhoc = adhoc_create;
gboolean is_shared_key = FALSE;
@ -266,14 +269,22 @@ ws_wep_key_new (NMConnection *connection,
"wep_key_entry");
if (!parent)
return NULL;
sec = (WirelessSecurityWEPKey *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0;
sec->type = type;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
g_assert (widget);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
FALSE, secrets_only);
if (connection) {
NMSettingWireless *s_wireless;
const char *mode, *auth_alg;

8
panels/network/wireless-security/ws-wep-key.h
View file

@ -17,13 +17,19 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WS_WEP_KEY_H
#define WS_WEP_KEY_H
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-setting-wireless-security.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurityWEPKey WirelessSecurityWEPKey;

16
panels/network/wireless-security/ws-wep-key.ui
View file

@ -46,14 +46,14 @@
<property name="can_focus">False</property>
<property name="n_rows">4</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="wep_key_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Key</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Key:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">wep_key_entry</property>
</object>
@ -66,6 +66,7 @@
<object class="GtkEntry" id="wep_key_entry">
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="max_length">64</property>
<property name="visibility">False</property>
<property name="activates_default">True</property>
</object>
@ -95,7 +96,6 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="xalign">0</property>
<property name="draw_indicator">True</property>
</object>
<packing>
@ -111,8 +111,8 @@
<object class="GtkLabel" id="auth_method_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Au_thentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Au_thentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">auth_method_combo</property>
</object>
@ -148,8 +148,8 @@
<object class="GtkLabel" id="key_index_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">WEP inde_x</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">WEP inde_x:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">key_index_combo</property>
</object>

18
panels/network/wireless-security/ws-wpa-eap.c
View file

@ -17,13 +17,13 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include <glib/gi18n.h>
#include "nm-default.h"
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "eap-method.h"
@ -45,9 +45,9 @@ destroy (WirelessSecurity *parent)
}
static gboolean
validate (WirelessSecurity *parent, GBytes *ssid)
validate (WirelessSecurity *parent, GError **error)
{
return ws_802_1x_validate (parent, "wpa_eap_auth_combo");
return ws_802_1x_validate (parent, "wpa_eap_auth_combo", error);
}
static void
@ -90,12 +90,6 @@ auth_combo_changed_cb (GtkWidget *combo, gpointer user_data)
sec->size_group);
}
static GtkWidget *
nag_user (WirelessSecurity *parent)
{
return ws_802_1x_nag_user (parent, "wpa_eap_auth_combo");
}
static void
update_secrets (WirelessSecurity *parent, NMConnection *connection)
{
@ -122,8 +116,8 @@ ws_wpa_eap_new (NMConnection *connection,
if (!parent)
return NULL;
parent->nag_user = nag_user;
parent->adhoc_compatible = FALSE;
parent->hotspot_compatible = FALSE;
widget = ws_802_1x_auth_combo_init (parent,
"wpa_eap_auth_combo",

8
panels/network/wireless-security/ws-wpa-eap.h
View file

@ -17,13 +17,19 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WS_WPA_EAP_H
#define WS_WPA_EAP_H
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurityWPAEAP WirelessSecurityWPAEAP;

6
panels/network/wireless-security/ws-wpa-eap.ui
View file

@ -23,14 +23,14 @@
<property name="can_focus">False</property>
<property name="n_rows">2</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="wpa_eap_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">Au_thentication</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">Au_thentication:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">wpa_eap_auth_combo</property>
</object>

43
panels/network/wireless-security/ws-wpa-psk.c
View file

@ -17,20 +17,26 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include <ctype.h>
#include <string.h>
#include <NetworkManager.h>
#include "wireless-security.h"
#include "helpers.h"
#include "nma-ui-utils.h"
#include "utils.h"
#define WPA_PMK_LEN 32
struct _WirelessSecurityWPAPSK {
WirelessSecurity parent;
gboolean editing_connection;
const char *password_flags_name;
};
static void
@ -47,29 +53,30 @@ show_toggled_cb (GtkCheckButton *button, WirelessSecurity *sec)
}
static gboolean
validate (WirelessSecurity *parent, GBytes *ssid)
validate (WirelessSecurity *parent, GError **error)
{
GtkWidget *entry;
const char *key;
guint32 len;
gsize len;
int i;
entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
g_assert (entry);
key = gtk_entry_get_text (GTK_ENTRY (entry));
len = strlen (key);
len = key ? strlen (key) : 0;
if ((len < 8) || (len > 64)) {
widget_set_error (entry);
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wpa-psk: invalid key-length %zu. Must be [8,63] bytes or 64 hex digits"), len);
return FALSE;
}
widget_unset_error (entry);
if (len == 64) {
/* Hex PSK */
for (i = 0; i < len; i++) {
if (!isxdigit (key[i])) {
widget_set_error (entry);
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("invalid wpa-psk: cannot interpret key with 64 bytes as hex"));
return FALSE;
}
}
@ -96,10 +103,12 @@ add_to_size_group (WirelessSecurity *parent, GtkSizeGroup *group)
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
GtkWidget *widget;
WirelessSecurityWPAPSK *wpa_psk = (WirelessSecurityWPAPSK *) parent;
GtkWidget *widget, *passwd_entry;
const char *key;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSettingSecretFlags secret_flags;
const char *mode;
gboolean is_adhoc = FALSE;
@ -115,9 +124,20 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
passwd_entry = widget;
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);
/* Save PSK_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (wpa_psk->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wireless_sec), wpa_psk->password_flags_name);
wireless_security_clear_ciphers (connection);
if (is_adhoc) {
/* Ad-Hoc settings as specified by the supplicant */
@ -153,6 +173,7 @@ ws_wpa_psk_new (NMConnection *connection, gboolean secrets_only)
{
WirelessSecurity *parent;
WirelessSecurityWPAPSK *sec;
NMSetting *setting = NULL;
GtkWidget *widget;
parent = wireless_security_init (sizeof (WirelessSecurityWPAPSK),
@ -169,6 +190,8 @@ ws_wpa_psk_new (NMConnection *connection, gboolean secrets_only)
parent->adhoc_compatible = FALSE;
sec = (WirelessSecurityWPAPSK *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_PSK;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
g_assert (widget);
@ -177,6 +200,12 @@ ws_wpa_psk_new (NMConnection *connection, gboolean secrets_only)
sec);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
FALSE, secrets_only);
/* Fill secrets, if any */
if (connection)
update_secrets (WIRELESS_SECURITY (sec), connection);

10
panels/network/wireless-security/ws-wpa-psk.h
View file

@ -17,12 +17,20 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2007 - 2010 Red Hat, Inc.
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#ifndef WS_WPA_PSK_H
#define WS_WPA_PSK_H
#if defined (LIBNM_BUILD)
#include <NetworkManager.h>
#elif defined (LIBNM_GLIB_BUILD)
#include <nm-connection.h>
#else
#error neither LIBNM_BUILD nor LIBNM_GLIB_BUILD defined
#endif
typedef struct _WirelessSecurityWPAPSK WirelessSecurityWPAPSK;
WirelessSecurityWPAPSK * ws_wpa_psk_new (NMConnection *connection, gboolean secrets_only);

11
panels/network/wireless-security/ws-wpa-psk.ui
View file

@ -12,14 +12,14 @@
<property name="can_focus">False</property>
<property name="n_rows">3</property>
<property name="n_columns">2</property>
<property name="column_spacing">6</property>
<property name="column_spacing">12</property>
<property name="row_spacing">6</property>
<child>
<object class="GtkLabel" id="wpa_psk_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Password</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Password:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">wpa_psk_entry</property>
</object>
@ -46,8 +46,8 @@
<object class="GtkLabel" id="wpa_psk_type_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="xalign">1</property>
<property name="label" translatable="yes">_Type</property>
<property name="xalign">0</property>
<property name="label" translatable="yes">_Type:</property>
<property name="use_underline">True</property>
<property name="mnemonic_widget">wpa_psk_type_combo</property>
</object>
@ -78,6 +78,7 @@
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>