applications/gnome-control-center
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gnome-control-center/panels/network/wireless-security/wireless-security.c

467 lines
14 KiB
C
Raw Blame History

/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
/* NetworkManager Applet -- allow user control over networking
*
* Dan Williams <dcbw@redhat.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Copyright 2007 - 2014 Red Hat, Inc.
*/
#include "nm-default.h"
#include <string.h>
#include "wireless-security.h"
#include "wireless-security-resources.h"
#include "eap-method.h"
#include "eap-method-fast.h"
#include "eap-method-leap.h"
#include "eap-method-peap.h"
#include "eap-method-simple.h"
#include "eap-method-tls.h"
#include "eap-method-ttls.h"
#include "utils.h"
typedef struct {
char *username, *password;
gboolean always_ask, show_password;
} WirelessSecurityPrivate;
G_DEFINE_TYPE_WITH_PRIVATE (WirelessSecurity, wireless_security, G_TYPE_OBJECT)
enum {
CHANGED,
LAST_SIGNAL
};
static guint signals[LAST_SIGNAL] = { 0 };
static void
wireless_security_dispose (GObject *object)
{
WirelessSecurity *self = WIRELESS_SECURITY (object);
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
if (priv->password)
memset (priv->password, 0, strlen (priv->password));
g_clear_pointer (&priv->username, g_free);
g_clear_pointer (&priv->password, g_free);
G_OBJECT_CLASS (wireless_security_parent_class)->dispose (object);
}
void
wireless_security_init (WirelessSecurity *self)
{
g_resources_register (wireless_security_get_resource ());
}
void
wireless_security_class_init (WirelessSecurityClass *klass)
{
GObjectClass *object_class = G_OBJECT_CLASS (klass);
object_class->dispose = wireless_security_dispose;
signals[CHANGED] =
g_signal_new ("changed",
G_TYPE_FROM_CLASS (object_class),
G_SIGNAL_RUN_FIRST,
0,
NULL, NULL,
g_cclosure_marshal_VOID__VOID,
G_TYPE_NONE, 0);
}
GtkWidget *
wireless_security_get_widget (WirelessSecurity *self)
{
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), NULL);
return WIRELESS_SECURITY_GET_CLASS (self)->get_widget (self);
}
void
wireless_security_notify_changed (WirelessSecurity *self)
{
g_return_if_fail (WIRELESS_IS_SECURITY (self));
g_signal_emit (self, signals[CHANGED], 0);
}
gboolean
wireless_security_validate (WirelessSecurity *self, GError **error)
{
gboolean result;
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), FALSE);
g_return_val_if_fail (!error || !*error, FALSE);
result = WIRELESS_SECURITY_GET_CLASS (self)->validate (self, error);
if (!result && error && !*error)
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Unknown error validating 802.1X security"));
return result;
}
void
wireless_security_add_to_size_group (WirelessSecurity *self, GtkSizeGroup *group)
{
g_return_if_fail (WIRELESS_IS_SECURITY (self));
g_return_if_fail (GTK_IS_SIZE_GROUP (group));
return WIRELESS_SECURITY_GET_CLASS (self)->add_to_size_group (self, group);
}
void
wireless_security_fill_connection (WirelessSecurity *self,
NMConnection *connection)
{
g_return_if_fail (WIRELESS_IS_SECURITY (self));
g_return_if_fail (connection != NULL);
return WIRELESS_SECURITY_GET_CLASS (self)->fill_connection (self, connection);
}
gboolean
wireless_security_adhoc_compatible (WirelessSecurity *self)
{
if (WIRELESS_SECURITY_GET_CLASS (self)->adhoc_compatible)
return WIRELESS_SECURITY_GET_CLASS (self)->adhoc_compatible (self);
else
return TRUE;
}
void
wireless_security_set_username (WirelessSecurity *self, const gchar *username)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_if_fail (WIRELESS_IS_SECURITY (self));
g_clear_pointer (&priv->username, g_free);
priv->username = g_strdup (username);
}
const gchar *
wireless_security_get_username (WirelessSecurity *self)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), NULL);
return priv->username;
}
void
wireless_security_set_password (WirelessSecurity *self, const gchar *password)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_if_fail (WIRELESS_IS_SECURITY (self));
if (priv->password)
memset (priv->password, 0, strlen (priv->password));
g_clear_pointer (&priv->password, g_free);
priv->password = g_strdup (password);
}
const gchar *
wireless_security_get_password (WirelessSecurity *self)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), NULL);
return priv->password;
}
void
wireless_security_set_always_ask (WirelessSecurity *self, gboolean always_ask)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_if_fail (WIRELESS_IS_SECURITY (self));
priv->always_ask = always_ask;
}
gboolean
wireless_security_get_always_ask (WirelessSecurity *self)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), FALSE);
return priv->always_ask;
}
void
wireless_security_set_show_password (WirelessSecurity *self, gboolean show_password)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_if_fail (WIRELESS_IS_SECURITY (self));
priv->show_password = show_password;
}
gboolean
wireless_security_get_show_password (WirelessSecurity *self)
{
WirelessSecurityPrivate *priv = wireless_security_get_instance_private (self);
g_return_val_if_fail (WIRELESS_IS_SECURITY (self), FALSE);
return priv->show_password;
}
void
wireless_security_clear_ciphers (NMConnection *connection)
{
NMSettingWirelessSecurity *s_wireless_sec;
g_return_if_fail (connection != NULL);
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
g_assert (s_wireless_sec);
nm_setting_wireless_security_clear_protos (s_wireless_sec);
nm_setting_wireless_security_clear_pairwise (s_wireless_sec);
nm_setting_wireless_security_clear_groups (s_wireless_sec);
}
EAPMethod *
ws_802_1x_auth_combo_get_eap (GtkComboBox *combo)
{
GtkTreeModel *model;
GtkTreeIter iter;
g_autoptr(EAPMethod) eap = NULL;
model = gtk_combo_box_get_model (combo);
if (!gtk_combo_box_get_active_iter (combo, &iter))
return NULL;
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
return eap;
}
void
ws_802_1x_auth_combo_changed (GtkComboBox *combo,
GtkBox *vbox,
GtkSizeGroup *size_group)
{
EAPMethod *eap;
GList *elt, *children;
GtkWidget *eap_default_field;
/* Remove any previous wireless security widgets */
children = gtk_container_get_children (GTK_CONTAINER (vbox));
for (elt = children; elt; elt = g_list_next (elt))
gtk_container_remove (GTK_CONTAINER (vbox), GTK_WIDGET (elt->data));
eap = ws_802_1x_auth_combo_get_eap (GTK_COMBO_BOX (combo));
g_assert (eap);
gtk_widget_unparent (GTK_WIDGET (eap));
if (size_group)
eap_method_add_to_size_group (eap, size_group);
gtk_container_add (GTK_CONTAINER (vbox), g_object_ref (GTK_WIDGET (eap)));
/* Refocus the EAP method's default widget */
eap_default_field = eap_method_get_default_field (eap);
if (eap_default_field)
gtk_widget_grab_focus (eap_default_field);
}
void
ws_802_1x_auth_combo_init (WirelessSecurity *self,
GtkComboBox *combo,
NMConnection *connection,
gboolean is_editor,
gboolean secrets_only)
{
const gchar *user = NULL, *password = NULL;
gboolean always_ask = FALSE;
g_autoptr(GtkListStore) auth_model = NULL;
GtkTreeIter iter;
g_autoptr(EAPMethodTLS) em_tls = NULL;
g_autoptr(EAPMethodSimple) em_pwd = NULL;
g_autoptr(EAPMethodFAST) em_fast = NULL;
g_autoptr(EAPMethodTTLS) em_ttls = NULL;
g_autoptr(EAPMethodPEAP) em_peap = NULL;
const char *default_method = NULL, *ctype = NULL;
int active = -1, item = 0;
gboolean wired = FALSE;
EAPMethodSimpleFlags simple_flags = EAP_METHOD_SIMPLE_FLAG_NONE;
/* Grab the default EAP method out of the security object */
if (connection) {
NMSettingConnection *s_con;
NMSetting8021x *s_8021x;
s_con = nm_connection_get_setting_connection (connection);
if (s_con)
ctype = nm_setting_connection_get_connection_type (s_con);
if ( (g_strcmp0 (ctype, NM_SETTING_WIRED_SETTING_NAME) == 0)
|| nm_connection_get_setting_wired (connection))
wired = TRUE;
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x && nm_setting_802_1x_get_num_eap_methods (s_8021x))
default_method = nm_setting_802_1x_get_eap_method (s_8021x, 0);
}
/* initialize WirelessSecurity userpass from connection (clear if no connection) */
if (connection) {
NMSetting8021x *setting;
setting = nm_connection_get_setting_802_1x (connection);
if (setting) {
NMSettingSecretFlags flags;
user = nm_setting_802_1x_get_identity (setting);
password = nm_setting_802_1x_get_password (setting);
if (nm_setting_get_secret_flags (NM_SETTING (setting), NM_SETTING_802_1X_PASSWORD, &flags, NULL))
always_ask = !!(flags & NM_SETTING_SECRET_FLAG_NOT_SAVED);
}
}
wireless_security_set_username (self, user);
wireless_security_set_password (self, password);
wireless_security_set_always_ask (self, always_ask);
wireless_security_set_show_password (self, FALSE);
auth_model = gtk_list_store_new (2, G_TYPE_STRING, eap_method_get_type ());
if (is_editor)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_IS_EDITOR;
if (secrets_only)
simple_flags |= EAP_METHOD_SIMPLE_FLAG_SECRETS_ONLY;
if (wired) {
g_autoptr(EAPMethodSimple) em_md5 = NULL;
em_md5 = eap_method_simple_new (self, connection, EAP_METHOD_SIMPLE_TYPE_MD5, simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("MD5"),
AUTH_METHOD_COLUMN, em_md5,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "md5"))
active = item;
item++;
}
em_tls = eap_method_tls_new (self, connection, FALSE, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("TLS"),
AUTH_METHOD_COLUMN, em_tls,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "tls"))
active = item;
item++;
if (!wired) {
g_autoptr(EAPMethodLEAP) em_leap = NULL;
em_leap = eap_method_leap_new (self, connection, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("LEAP"),
AUTH_METHOD_COLUMN, em_leap,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "leap"))
active = item;
item++;
}
em_pwd = eap_method_simple_new (self, connection, EAP_METHOD_SIMPLE_TYPE_PWD, simple_flags);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("PWD"),
AUTH_METHOD_COLUMN, em_pwd,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "pwd"))
active = item;
item++;
em_fast = eap_method_fast_new (self, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("FAST"),
AUTH_METHOD_COLUMN, em_fast,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "fast"))
active = item;
item++;
em_ttls = eap_method_ttls_new (self, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Tunneled TLS"),
AUTH_METHOD_COLUMN, em_ttls,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "ttls"))
active = item;
item++;
em_peap = eap_method_peap_new (self, connection, is_editor, secrets_only);
gtk_list_store_append (auth_model, &iter);
gtk_list_store_set (auth_model, &iter,
AUTH_NAME_COLUMN, _("Protected EAP (PEAP)"),
AUTH_METHOD_COLUMN, em_peap,
-1);
if (default_method && (active < 0) && !strcmp (default_method, "peap"))
active = item;
item++;
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (auth_model));
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
}
void
ws_802_1x_fill_connection (GtkComboBox *combo,
NMConnection *connection)
{
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x;
NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
EAPMethod *eap;
/* Get the EAPMethod object */
eap = ws_802_1x_auth_combo_get_eap (combo);
g_assert (eap);
/* Get previous pasword flags, if any. Otherwise default to agent-owned secrets */
s_8021x = nm_connection_get_setting_802_1x (connection);
if (s_8021x)
nm_setting_get_secret_flags (NM_SETTING (s_8021x), eap_method_get_password_flags_name (eap), &secret_flags, NULL);
else
secret_flags = NM_SETTING_SECRET_FLAG_AGENT_OWNED;
/* Blow away the old wireless security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
/* Blow away the old 802.1x setting by adding a clear one */
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
nm_connection_add_setting (connection, (NMSetting *) s_8021x);
eap_method_fill_connection (eap, connection, secret_flags);
}
Reference in a new issue View git blame Copy permalink