Tree - source-git/NetworkManager

source-git / NetworkManager

Blame clients/common/nm-secret-agent-simple.c

Blob History Raw

Packit Service	87a54e	`/* SPDX-License-Identifier: GPL-2.0-or-later */`
Packit	5756e2	`/*`
Packit	5756e2	`* Copyright (C) 2011 - 2015 Red Hat, Inc.`
Packit	5756e2	`* Copyright (C) 2011 Giovanni Campagna <scampa.giovanni@gmail.com>`
Packit	5756e2	`*/`
Packit	5756e2
Packit	5756e2	`/**`
Packit	5756e2	`* SECTION:nm-secret-agent-simple`
Packit	5756e2	`* @short_description: A simple secret agent for NetworkManager`
Packit	5756e2	`*`
Packit	5756e2	`* #NMSecretAgentSimple is the secret agent used by nmtui-connect and nmcli.`
Packit	5756e2	`*`
Packit	5756e2	`* This is a stripped-down version of gnome-shell's ShellNetworkAgent,`
Packit	5756e2	`* with bits of the corresponding JavaScript code squished down into`
Packit	5756e2	`* it. It is intended to eventually be generic enough that it could`
Packit	5756e2	`* replace ShellNetworkAgent.`
Packit	5756e2	`*/`
Packit	5756e2
Packit Service	2bceb2	`#include "libnm/nm-default-client.h"`
Packit	5756e2
Packit	5756e2	`#include "nm-secret-agent-simple.h"`
Packit	5756e2
Packit	5756e2	`#include <gio/gunixoutputstream.h>`
Packit	5756e2	`#include <gio/gunixinputstream.h>`
Packit	5756e2
Packit	5756e2	`#include "nm-vpn-service-plugin.h"`
Packit	5756e2	`#include "nm-vpn-helpers.h"`
Packit	5756e2	`#include "nm-glib-aux/nm-secret-utils.h"`
Packit	5756e2
Packit	5756e2	`/*****************************************************************************/`
Packit	5756e2
Packit	5756e2	`typedef struct {`
Packit Service	a1bd4f	`char *request_id;`
Packit	5756e2
Packit Service	a1bd4f	`NMSecretAgentSimple *self;`
Packit	5756e2
Packit Service	a1bd4f	`NMConnection * connection;`
Packit Service	a1bd4f	`const char * setting_name;`
Packit Service	a1bd4f	`char ** hints;`
Packit Service	a1bd4f	`NMSecretAgentOldGetSecretsFunc callback;`
Packit Service	a1bd4f	`gpointer callback_data;`
Packit Service	a1bd4f	`GCancellable * cancellable;`
Packit Service	a1bd4f	`NMSecretAgentGetSecretsFlags flags;`
Packit	5756e2	`} RequestData;`
Packit	5756e2
Packit	5756e2	`enum {`
Packit Service	a1bd4f	`REQUEST_SECRETS,`
Packit	5756e2
Packit Service	a1bd4f	`LAST_SIGNAL`
Packit	5756e2	`};`
Packit	5756e2
Packit Service	a1bd4f	`static guint signals[LAST_SIGNAL] = {0};`
Packit	5756e2
Packit	5756e2	`typedef struct {`
Packit Service	a1bd4f	`GHashTable *requests;`
Packit	5756e2
Packit Service	a1bd4f	`char * path;`
Packit Service	a1bd4f	`gboolean enabled;`
Packit	5756e2	`} NMSecretAgentSimplePrivate;`
Packit	5756e2
Packit	5756e2	`struct _NMSecretAgentSimple {`
Packit Service	a1bd4f	`NMSecretAgentOld parent;`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate _priv;`
Packit	5756e2	`};`
Packit	5756e2
Packit	5756e2	`struct _NMSecretAgentSimpleClass {`
Packit Service	a1bd4f	`NMSecretAgentOldClass parent;`
Packit	5756e2	`};`
Packit	5756e2
Packit Service	a1bd4f	`G_DEFINE_TYPE(NMSecretAgentSimple, nm_secret_agent_simple, NM_TYPE_SECRET_AGENT_OLD)`
Packit	5756e2
Packit Service	a1bd4f	`#define NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self) \`
Packit Service	a1bd4f	`_NM_GET_PRIVATE(self, NMSecretAgentSimple, NM_IS_SECRET_AGENT_SIMPLE, NMSecretAgentOld)`
Packit	5756e2
Packit	5756e2	`/*****************************************************************************/`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_request_data_free(gpointer data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`RequestData *request = data;`
Packit	5756e2
Packit Service	a1bd4f	`g_free(request->request_id);`
Packit Service	a1bd4f	`nm_clear_g_cancellable(&request->cancellable);`
Packit Service	a1bd4f	`g_object_unref(request->connection);`
Packit Service	a1bd4f	`g_strfreev(request->hints);`
Packit	5756e2
Packit Service	a1bd4f	`g_slice_free(RequestData, request);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_request_data_complete(RequestData * request,`
Packit Service	a1bd4f	`GVariant * secrets,`
Packit Service	a1bd4f	`GError * error,`
Packit Service	a1bd4f	`GHashTableIter *iter_to_remove)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimple * self = request->self;`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self);`
Packit	5756e2
Packit Service	a1bd4f	`nm_assert((secrets != NULL) != (error != NULL));`
Packit	5756e2
Packit Service	a1bd4f	`request->callback(NM_SECRET_AGENT_OLD(request->self),`
Packit Service	a1bd4f	`request->connection,`
Packit Service	a1bd4f	`secrets,`
Packit Service	a1bd4f	`error,`
Packit Service	a1bd4f	`request->callback_data);`
Packit	5756e2
Packit Service	a1bd4f	`if (iter_to_remove)`
Packit Service	a1bd4f	`g_hash_table_iter_remove(iter_to_remove);`
Packit Service	a1bd4f	`else`
Packit Service	a1bd4f	`g_hash_table_remove(priv->requests, request);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/*****************************************************************************/`
Packit	5756e2
Packit	5756e2	`/**`
Packit	5756e2	`* NMSecretAgentSimpleSecret:`
Packit	5756e2	`* @name: the user-visible name of the secret. Eg, "WEP Passphrase".`
Packit	5756e2	`* @value: the value of the secret`
Packit	5756e2	`* @password: %TRUE if this secret represents a password, %FALSE`
Packit	5756e2	`* if it represents non-secret data.`
Packit	5756e2	`*`
Packit	5756e2	`* A single "secret" being requested.`
Packit	5756e2	`*/`
Packit	5756e2
Packit	5756e2	`typedef struct {`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret base;`
Packit Service	a1bd4f	`NMSetting * setting;`
Packit Service	a1bd4f	`char * property;`
Packit	5756e2	`} SecretReal;`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_secret_real_free(NMSecretAgentSimpleSecret *secret)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`SecretReal real = (SecretReal ) secret;`
Packit	5756e2
Packit Service	a1bd4f	`g_free((char *) secret->pretty_name);`
Packit Service	a1bd4f	`g_free((char *) secret->entry_id);`
Packit Service	a1bd4f	`nm_free_secret(secret->value);`
Packit Service	a1bd4f	`g_free((char *) secret->vpn_type);`
Packit Service	a1bd4f	`g_free(real->property);`
Packit Service	a1bd4f	`g_clear_object(&real->setting);`
Packit	5756e2
Packit Service	a1bd4f	`g_slice_free(SecretReal, real);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static NMSecretAgentSimpleSecret *`
Packit Service	a1bd4f	`_secret_real_new_plain(NMSecretAgentSecretType secret_type,`
Packit Service	a1bd4f	`const char * pretty_name,`
Packit Service	a1bd4f	`NMSetting * setting,`
Packit Service	a1bd4f	`const char * property)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`SecretReal * real;`
Packit Service	a1bd4f	`gs_free char *value = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`nm_assert(property);`
Packit Service	a1bd4f	`nm_assert(NM_IS_SETTING(setting));`
Packit Service	a1bd4f	`nm_assert(NM_IN_SET(secret_type,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_SECRET_TYPE_SECRET));`
Packit Service	a1bd4f	`nm_assert(g_object_class_find_property(G_OBJECT_GET_CLASS(setting), property));`
Packit Service	a1bd4f	`nm_assert((secret_type == NM_SECRET_AGENT_SECRET_TYPE_SECRET)`
Packit Service	a1bd4f	`== nm_setting_get_secret_flags(setting, property, NULL, NULL));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_object_get(setting, property, &value, NULL);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`real = g_slice_new(SecretReal);`
Packit Service	a1bd4f	`*real = (SecretReal){`
Packit Service	a1bd4f	`.base.secret_type = secret_type,`
Packit Service	a1bd4f	`.base.pretty_name = g_strdup(pretty_name),`
Packit Service	a1bd4f	`.base.entry_id = g_strdup_printf("%s.%s", nm_setting_get_name(setting), property),`
Packit Service	a1bd4f	`.base.value = g_steal_pointer(&value),`
Packit Service	a1bd4f	`.base.is_secret = (secret_type != NM_SECRET_AGENT_SECRET_TYPE_PROPERTY),`
Packit Service	a1bd4f	`.setting = g_object_ref(setting),`
Packit Service	a1bd4f	`.property = g_strdup(property),`
Packit Service	a1bd4f	`};`
Packit Service	a1bd4f	`return &real->base;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static NMSecretAgentSimpleSecret *`
Packit Service	a1bd4f	`_secret_real_new_vpn_secret(const char *pretty_name,`
Packit Service	a1bd4f	`NMSetting * setting,`
Packit Service	a1bd4f	`const char *property,`
Packit Service	a1bd4f	`const char *vpn_type)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`SecretReal *real;`
Packit Service	a1bd4f	`const char *value;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`nm_assert(property);`
Packit Service	a1bd4f	`nm_assert(NM_IS_SETTING_VPN(setting));`
Packit Service	a1bd4f	`nm_assert(vpn_type);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`value = nm_setting_vpn_get_secret(NM_SETTING_VPN(setting), property);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`real = g_slice_new(SecretReal);`
Packit Service	a1bd4f	`*real = (SecretReal){`
Packit Service	a1bd4f	`.base.secret_type = NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET,`
Packit Service	a1bd4f	`.base.pretty_name = g_strdup(pretty_name),`
Packit Service	a1bd4f	`.base.entry_id =`
Packit Service	a1bd4f	`g_strdup_printf("%s%s", NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS, property),`
Packit Service	a1bd4f	`.base.value = g_strdup(value),`
Packit Service	a1bd4f	`.base.is_secret = TRUE,`
Packit Service	a1bd4f	`.base.vpn_type = g_strdup(vpn_type),`
Packit Service	a1bd4f	`.setting = g_object_ref(setting),`
Packit Service	a1bd4f	`.property = g_strdup(property),`
Packit Service	a1bd4f	`};`
Packit Service	a1bd4f	`return &real->base;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static NMSecretAgentSimpleSecret *`
Packit Service	a1bd4f	`_secret_real_new_wireguard_peer_psk(NMSettingWireGuard *s_wg,`
Packit Service	a1bd4f	`const char * public_key,`
Packit Service	a1bd4f	`const char * preshared_key)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`SecretReal *real;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`nm_assert(NM_IS_SETTING_WIREGUARD(s_wg));`
Packit Service	a1bd4f	`nm_assert(public_key);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`real = g_slice_new(SecretReal);`
Packit Service	a1bd4f	`*real = (SecretReal){`
Packit Service	a1bd4f	`.base.secret_type = NM_SECRET_AGENT_SECRET_TYPE_WIREGUARD_PEER_PSK,`
Packit Service	a1bd4f	`.base.pretty_name = g_strdup_printf(_("Preshared-key for %s"), public_key),`
Packit Service	a1bd4f	`.base.entry_id = g_strdup_printf(NM_SETTING_WIREGUARD_SETTING_NAME`
Packit Service	a1bd4f	`"." NM_SETTING_WIREGUARD_PEERS`
Packit Service	a1bd4f	`".%s." NM_WIREGUARD_PEER_ATTR_PRESHARED_KEY,`
Packit Service	a1bd4f	`public_key),`
Packit Service	a1bd4f	`.base.value = g_strdup(preshared_key),`
Packit Service	a1bd4f	`.base.is_secret = TRUE,`
Packit Service	a1bd4f	`.base.no_prompt_entry_id = TRUE,`
Packit Service	a1bd4f	`.setting = NM_SETTING(g_object_ref(s_wg)),`
Packit Service	a1bd4f	`.property = g_strdup(public_key),`
Packit Service	a1bd4f	`};`
Packit Service	a1bd4f	`return &real->base;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/*****************************************************************************/`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`add_8021x_secrets(RequestData request, GPtrArray secrets)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSetting8021x * s_8021x = nm_connection_get_setting_802_1x(request->connection);`
Packit Service	a1bd4f	`const char * eap_method;`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *secret;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* If hints are given, then always ask for what the hints require */`
Packit Service	a1bd4f	`if (request->hints && request->hints[0]) {`
Packit Service	a1bd4f	`char **iter;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`for (iter = request->hints; *iter; iter++) {`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_(*iter),`
Packit Service	a1bd4f	`NM_SETTING(s_8021x),`
Packit Service	a1bd4f	`*iter);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`eap_method = nm_setting_802_1x_get_eap_method(s_8021x, 0);`
Packit Service	a1bd4f	`if (!eap_method)`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (NM_IN_STRSET(eap_method, "md5", "leap", "ttls", "peap")) {`
Packit Service	a1bd4f	`/* TTLS and PEAP are actually much more complicated, but this complication`
Packit Service	a1bd4f	`* is not visible here since we only care about phase2 authentication`
Packit Service	a1bd4f	`* (and don't even care of which one)`
Packit Service	a1bd4f	`*/`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,`
Packit Service	a1bd4f	`_("Username"),`
Packit Service	a1bd4f	`NM_SETTING(s_8021x),`
Packit Service	a1bd4f	`NM_SETTING_802_1X_IDENTITY);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_8021x),`
Packit Service	a1bd4f	`NM_SETTING_802_1X_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_streq(eap_method, "tls")) {`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,`
Packit Service	a1bd4f	`_("Identity"),`
Packit Service	a1bd4f	`NM_SETTING(s_8021x),`
Packit Service	a1bd4f	`NM_SETTING_802_1X_IDENTITY);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Private key password"),`
Packit Service	a1bd4f	`NM_SETTING(s_8021x),`
Packit Service	a1bd4f	`NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`return FALSE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`add_wireless_secrets(RequestData request, GPtrArray secrets)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingWirelessSecurity *s_wsec =`
Packit Service	a1bd4f	`nm_connection_get_setting_wireless_security(request->connection);`
Packit Service	a1bd4f	`const char * key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *secret;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!key_mgmt \|\| nm_streq(key_mgmt, "owe"))`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (NM_IN_STRSET(key_mgmt, "wpa-psk", "sae")) {`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_wsec),`
Packit Service	a1bd4f	`NM_SETTING_WIRELESS_SECURITY_PSK);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_streq(key_mgmt, "none")) {`
Packit Service	a1bd4f	`guint32 index;`
Packit Service	a1bd4f	`char key[100];`
Packit Service	a1bd4f
Packit Service	a1bd4f	`index = nm_setting_wireless_security_get_wep_tx_keyidx(s_wsec);`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Key"),`
Packit Service	a1bd4f	`NM_SETTING(s_wsec),`
Packit Service	a1bd4f	`nm_sprintf_buf(key, "wep-key%u", (guint) index));`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_streq(key_mgmt, "iee8021x")) {`
Packit Service	a1bd4f	`if (nm_streq0(nm_setting_wireless_security_get_auth_alg(s_wsec), "leap")) {`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_wsec),`
Packit Service	a1bd4f	`NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit Service	a1bd4f	`} else`
Packit Service	a1bd4f	`return add_8021x_secrets(request, secrets);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	d0b836	`if (nm_streq(key_mgmt, "wpa-eap") \|\| nm_streq(key_mgmt, "wpa-eap-suite-b-192"))`
Packit Service	a1bd4f	`return add_8021x_secrets(request, secrets);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`return FALSE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`add_pppoe_secrets(RequestData request, GPtrArray secrets)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingPppoe * s_pppoe = nm_connection_get_setting_pppoe(request->connection);`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *secret;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,`
Packit Service	a1bd4f	`_("Username"),`
Packit Service	a1bd4f	`NM_SETTING(s_pppoe),`
Packit Service	a1bd4f	`NM_SETTING_PPPOE_USERNAME);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_PROPERTY,`
Packit Service	a1bd4f	`_("Service"),`
Packit Service	a1bd4f	`NM_SETTING(s_pppoe),`
Packit Service	a1bd4f	`NM_SETTING_PPPOE_SERVICE);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_pppoe),`
Packit Service	a1bd4f	`NM_SETTING_PPPOE_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`return TRUE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static NMSettingSecretFlags`
Packit Service	a1bd4f	`get_vpn_secret_flags(NMSettingVpn s_vpn, const char secret_name)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;`
Packit Service	a1bd4f	`GHashTable * vpn_data;`
Packit	5756e2
Packit Service	a1bd4f	`g_object_get(s_vpn, NM_SETTING_VPN_DATA, &vpn_data, NULL);`
Packit Service	a1bd4f	`nm_vpn_service_plugin_get_secret_flags(vpn_data, secret_name, &flags);`
Packit Service	a1bd4f	`g_hash_table_unref(vpn_data);`
Packit	5756e2
Packit Service	a1bd4f	`return flags;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`add_vpn_secret_helper(GPtrArray * secrets,`
Packit Service	a1bd4f	`NMSettingVpn *s_vpn,`
Packit Service	a1bd4f	`const char * name,`
Packit Service	a1bd4f	`const char * ui_name)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *secret;`
Packit Service	a1bd4f	`NMSettingSecretFlags flags;`
Packit Service	a1bd4f	`int i;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`flags = get_vpn_secret_flags(s_vpn, name);`
Packit Service	a1bd4f	`if (flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED \|\| flags & NM_SETTING_SECRET_FLAG_NOT_SAVED) {`
Packit Service	a1bd4f	`secret = _secret_real_new_vpn_secret(ui_name,`
Packit Service	a1bd4f	`NM_SETTING(s_vpn),`
Packit Service	a1bd4f	`name,`
Packit Service	a1bd4f	`nm_setting_vpn_get_service_type(s_vpn));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* Check for duplicates */`
Packit Service	a1bd4f	`for (i = 0; i < secrets->len; i++) {`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *s = secrets->pdata[i];`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (s->secret_type == secret->secret_type && nm_streq0(s->vpn_type, secret->vpn_type)`
Packit Service	a1bd4f	`&& nm_streq0(s->entry_id, secret->entry_id)) {`
Packit Service	a1bd4f	`_secret_real_free(secret);`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`}`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`#define VPN_MSG_TAG "x-vpn-message:"`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`add_vpn_secrets(RequestData request, GPtrArray secrets, char **msg)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingVpn * s_vpn = nm_connection_get_setting_vpn(request->connection);`
Packit Service	a1bd4f	`const NmcVpnPasswordName *p;`
Packit Service	a1bd4f	`const char * vpn_msg = NULL;`
Packit Service	a1bd4f	`char ** iter;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* If hints are given, then always ask for what the hints require */`
Packit Service	a1bd4f	`if (request->hints) {`
Packit Service	a1bd4f	`for (iter = request->hints; *iter; iter++) {`
Packit Service	a1bd4f	`if (!vpn_msg && g_str_has_prefix(*iter, VPN_MSG_TAG))`
Packit Service	a1bd4f	`vpn_msg = &(*iter)[NM_STRLEN(VPN_MSG_TAG)];`
Packit Service	a1bd4f	`else`
Packit Service	a1bd4f	`add_vpn_secret_helper(secrets, s_vpn, iter, iter);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`NM_SET_OUT(msg, g_strdup(vpn_msg));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* Now add what client thinks might be required, because hints may be empty or incomplete */`
Packit Service	a1bd4f	`p = nm_vpn_get_secret_names(nm_setting_vpn_get_service_type(s_vpn));`
Packit Service	a1bd4f	`while (p && p->name) {`
Packit Service	a1bd4f	`add_vpn_secret_helper(secrets, s_vpn, p->name, _(p->ui_name));`
Packit Service	a1bd4f	`p++;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`return TRUE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`add_wireguard_secrets(RequestData request, GPtrArray secrets, char msg, GError error)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingWireGuard * s_wg;`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret *secret;`
Packit Service	a1bd4f	`guint i;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`s_wg = NM_SETTING_WIREGUARD(`
Packit Service	a1bd4f	`nm_connection_get_setting(request->connection, NM_TYPE_SETTING_WIREGUARD));`
Packit Service	a1bd4f	`if (!s_wg) {`
Packit Service	a1bd4f	`g_set_error(error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Cannot service a WireGuard secrets request %s for a connection without "`
Packit Service	a1bd4f	`"WireGuard settings",`
Packit Service	a1bd4f	`request->request_id);`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!request->hints \|\| !request->hints[0]`
Packit Service	a1bd4f	`\|\| g_strv_contains(NM_CAST_STRV_CC(request->hints), NM_SETTING_WIREGUARD_PRIVATE_KEY)) {`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("WireGuard private-key"),`
Packit Service	a1bd4f	`NM_SETTING(s_wg),`
Packit Service	a1bd4f	`NM_SETTING_WIREGUARD_PRIVATE_KEY);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (request->hints) {`
Packit Service	a1bd4f	`for (i = 0; request->hints[i]; i++) {`
Packit Service	a1bd4f	`NMWireGuardPeer *peer;`
Packit Service	a1bd4f	`const char * name = request->hints[i];`
Packit Service	a1bd4f	`gs_free char * public_key = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_streq(name, NM_SETTING_WIREGUARD_PRIVATE_KEY))`
Packit Service	a1bd4f	`continue;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (NM_STR_HAS_PREFIX(name, NM_SETTING_WIREGUARD_PEERS ".")) {`
Packit Service	a1bd4f	`const char *tmp;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`tmp = &name[NM_STRLEN(NM_SETTING_WIREGUARD_PEERS ".")];`
Packit Service	a1bd4f	`if (NM_STR_HAS_SUFFIX(tmp, "." NM_WIREGUARD_PEER_ATTR_PRESHARED_KEY)) {`
Packit Service	a1bd4f	`public_key = g_strndup(`
Packit Service	a1bd4f	`tmp,`
Packit Service	a1bd4f	`strlen(tmp) - NM_STRLEN("." NM_WIREGUARD_PEER_ATTR_PRESHARED_KEY));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!public_key)`
Packit Service	a1bd4f	`continue;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`peer = nm_setting_wireguard_get_peer_by_public_key(s_wg, public_key, NULL);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_ptr_array_add(secrets,`
Packit Service	a1bd4f	`_secret_real_new_wireguard_peer_psk(`
Packit Service	a1bd4f	`s_wg,`
Packit Service	a1bd4f	`(peer ? nm_wireguard_peer_get_public_key(peer) : public_key),`
Packit Service	a1bd4f	`(peer ? nm_wireguard_peer_get_preshared_key(peer) : NULL)));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`*msg = g_strdup_printf(_("Secrets are required to connect WireGuard VPN '%s'"),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f	`return TRUE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`typedef struct {`
Packit Service	a1bd4f	`GPid auth_dialog_pid;`
Packit Service	a1bd4f	`GString * auth_dialog_response;`
Packit Service	a1bd4f	`RequestData * request;`
Packit Service	a1bd4f	`GPtrArray * secrets;`
Packit Service	a1bd4f	`GCancellable * cancellable;`
Packit Service	a1bd4f	`gulong cancellable_id;`
Packit Service	a1bd4f	`guint child_watch_id;`
Packit Service	a1bd4f	`GInputStream * input_stream;`
Packit Service	a1bd4f	`GOutputStream *output_stream;`
Packit Service	a1bd4f	`char read_buf[5];`
Packit	5756e2	`} AuthDialogData;`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_auth_dialog_data_free(AuthDialogData *data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`nm_clear_g_signal_handler(data->cancellable, &data->cancellable_id);`
Packit Service	a1bd4f	`g_clear_object(&data->cancellable);`
Packit Service	a1bd4f	`nm_clear_g_source(&data->child_watch_id);`
Packit Service	a1bd4f	`g_ptr_array_unref(data->secrets);`
Packit Service	a1bd4f	`g_spawn_close_pid(data->auth_dialog_pid);`
Packit Service	a1bd4f	`g_string_free(data->auth_dialog_response, TRUE);`
Packit Service	a1bd4f	`g_object_unref(data->input_stream);`
Packit Service	a1bd4f	`g_object_unref(data->output_stream);`
Packit Service	a1bd4f	`g_slice_free(AuthDialogData, data);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_auth_dialog_exited(GPid pid, int status, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`AuthDialogData * data = user_data;`
Packit Service	a1bd4f	`RequestData * request = data->request;`
Packit Service	a1bd4f	`GPtrArray * secrets = data->secrets;`
Packit Service	a1bd4f	`NMSettingVpn * s_vpn = nm_connection_get_setting_vpn(request->connection);`
Packit Service	a1bd4f	`nm_auto_unref_keyfile GKeyFile *keyfile = NULL;`
Packit Service	a1bd4f	`gs_strfreev char ** groups = NULL;`
Packit Service	a1bd4f	`gs_free char * title = NULL;`
Packit Service	a1bd4f	`gs_free char * message = NULL;`
Packit Service	a1bd4f	`int i;`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`data->child_watch_id = 0;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`nm_clear_g_cancellable_disconnect(data->cancellable, &data->cancellable_id);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (status != 0) {`
Packit Service	a1bd4f	`g_set_error(&error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Auth dialog failed with error code %d\n",`
Packit Service	a1bd4f	`status);`
Packit Service	a1bd4f	`goto out;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`keyfile = g_key_file_new();`
Packit Service	a1bd4f	`if (!g_key_file_load_from_data(keyfile,`
Packit Service	a1bd4f	`data->auth_dialog_response->str,`
Packit Service	a1bd4f	`data->auth_dialog_response->len,`
Packit Service	a1bd4f	`G_KEY_FILE_NONE,`
Packit Service	a1bd4f	`&error)) {`
Packit Service	a1bd4f	`goto out;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`groups = g_key_file_get_groups(keyfile, NULL);`
Packit Service	a1bd4f	`if (!nm_streq0(groups[0], "VPN Plugin UI")) {`
Packit Service	a1bd4f	`g_set_error(&error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Expected [VPN Plugin UI] in auth dialog response");`
Packit Service	a1bd4f	`goto out;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`title = g_key_file_get_string(keyfile, "VPN Plugin UI", "Title", &error);`
Packit Service	a1bd4f	`if (!title)`
Packit Service	a1bd4f	`goto out;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`message = g_key_file_get_string(keyfile, "VPN Plugin UI", "Description", &error);`
Packit Service	a1bd4f	`if (!message)`
Packit Service	a1bd4f	`goto out;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`for (i = 1; groups[i]; i++) {`
Packit Service	a1bd4f	`gs_free char *pretty_name = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!g_key_file_get_boolean(keyfile, groups[i], "IsSecret", NULL))`
Packit Service	a1bd4f	`continue;`
Packit Service	a1bd4f	`if (!g_key_file_get_boolean(keyfile, groups[i], "ShouldAsk", NULL))`
Packit Service	a1bd4f	`continue;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`pretty_name = g_key_file_get_string(keyfile, groups[i], "Label", NULL);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets,`
Packit Service	a1bd4f	`_secret_real_new_vpn_secret(pretty_name,`
Packit Service	a1bd4f	`NM_SETTING(s_vpn),`
Packit Service	a1bd4f	`groups[i],`
Packit Service	a1bd4f	`nm_setting_vpn_get_service_type(s_vpn)));`
Packit Service	a1bd4f	`}`
Packit	5756e2
Packit	5756e2	`out:`
Packit Service	a1bd4f	`/* Try to fall back to the hardwired VPN support if the auth dialog fails.`
Packit Service	a1bd4f	`* We may eventually get rid of the whole hardwired secrets handling at some point,`
Packit Service	a1bd4f	`* when the auth helpers are goode enough.. */`
Packit Service	a1bd4f	`if (error && add_vpn_secrets(request, secrets, &message)) {`
Packit Service	a1bd4f	`g_clear_error(&error);`
Packit Service	a1bd4f	`if (!message) {`
Packit Service	a1bd4f	`message = g_strdup_printf(_("A password is required to connect to '%s'."),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (error)`
Packit Service	a1bd4f	`_request_data_complete(request, NULL, error, NULL);`
Packit Service	a1bd4f	`else {`
Packit Service	a1bd4f	`g_signal_emit(request->self,`
Packit Service	a1bd4f	`signals[REQUEST_SECRETS],`
Packit Service	a1bd4f	`0,`
Packit Service	a1bd4f	`request->request_id,`
Packit Service	a1bd4f	`title,`
Packit Service	a1bd4f	`message,`
Packit Service	a1bd4f	`secrets);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`_auth_dialog_data_free(data);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_request_cancelled(GObject *object, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`_auth_dialog_data_free(user_data);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_auth_dialog_read_done(GObject source_object, GAsyncResult res, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`GInputStream * auth_dialog_out = G_INPUT_STREAM(source_object);`
Packit Service	a1bd4f	`AuthDialogData *data = user_data;`
Packit Service	a1bd4f	`gssize read_size;`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`read_size = g_input_stream_read_finish(auth_dialog_out, res, &error);`
Packit Service	a1bd4f	`switch (read_size) {`
Packit Service	a1bd4f	`case -1:`
Packit Service	a1bd4f	`if (!g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED))`
Packit Service	a1bd4f	`_request_data_complete(data->request, NULL, error, NULL);`
Packit Service	a1bd4f	`_auth_dialog_data_free(data);`
Packit Service	a1bd4f	`break;`
Packit Service	a1bd4f	`case 0:`
Packit Service	a1bd4f	`/* Done reading. Let's wait for the auth dialog to exit so that we're able to collect the status.`
Packit Service	a1bd4f	`* Remember we can be cancelled in between. */`
Packit Service	a1bd4f	`data->child_watch_id = g_child_watch_add(data->auth_dialog_pid, _auth_dialog_exited, data);`
Packit Service	a1bd4f	`data->cancellable = g_object_ref(data->request->cancellable);`
Packit Service	a1bd4f	`data->cancellable_id =`
Packit Service	a1bd4f	`g_cancellable_connect(data->cancellable, G_CALLBACK(_request_cancelled), data, NULL);`
Packit Service	a1bd4f	`break;`
Packit Service	a1bd4f	`default:`
Packit Service	a1bd4f	`g_string_append_len(data->auth_dialog_response, data->read_buf, read_size);`
Packit Service	a1bd4f	`g_input_stream_read_async(auth_dialog_out,`
Packit Service	a1bd4f	`data->read_buf,`
Packit Service	a1bd4f	`sizeof(data->read_buf),`
Packit Service	a1bd4f	`G_PRIORITY_DEFAULT,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`_auth_dialog_read_done,`
Packit Service	a1bd4f	`data);`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_input_stream_close(auth_dialog_out, NULL, NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_auth_dialog_write_done(GObject source_object, GAsyncResult res, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`GOutputStream *auth_dialog_out = G_OUTPUT_STREAM(source_object);`
Packit Service	a1bd4f	`_nm_unused gs_free char *auth_dialog_request_free = user_data;`
Packit	5756e2
Packit Service	a1bd4f	`/* We don't care about write errors. If there are any problems, the`
Packit Service	a1bd4f	`* reader shall notice. */`
Packit Service	a1bd4f	`g_output_stream_write_finish(auth_dialog_out, res, NULL);`
Packit Service	a1bd4f	`g_output_stream_close(auth_dialog_out, NULL, NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_add_to_string(GString string, const char key, const char *value)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`gs_strfreev char **lines = NULL;`
Packit Service	a1bd4f	`int i;`
Packit	5756e2
Packit Service	a1bd4f	`lines = g_strsplit(value, "\n", -1);`
Packit	5756e2
Packit Service	a1bd4f	`g_string_append(string, key);`
Packit Service	a1bd4f	`for (i = 0; lines[i]; i++) {`
Packit Service	a1bd4f	`g_string_append_c(string, '=');`
Packit Service	a1bd4f	`g_string_append(string, lines[i]);`
Packit Service	a1bd4f	`g_string_append_c(string, '\n');`
Packit Service	a1bd4f	`}`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_add_data_item_to_string(const char key, const char value, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`GString *string = user_data;`
Packit	5756e2
Packit Service	a1bd4f	`_add_to_string(string, "DATA_KEY", key);`
Packit Service	a1bd4f	`_add_to_string(string, "DATA_VAL", value);`
Packit Service	a1bd4f	`g_string_append_c(string, '\n');`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`_add_secret_to_string(const char key, const char value, gpointer user_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`GString *string = user_data;`
Packit	5756e2
Packit Service	a1bd4f	`_add_to_string(string, "SECRET_KEY", key);`
Packit Service	a1bd4f	`_add_to_string(string, "SECRET_VAL", value);`
Packit Service	a1bd4f	`g_string_append_c(string, '\n');`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static gboolean`
Packit Service	a1bd4f	`try_spawn_vpn_auth_helper(RequestData request, GPtrArray secrets)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSettingVpn * s_vpn = nm_connection_get_setting_vpn(request->connection);`
Packit Service	a1bd4f	`gs_unref_ptrarray GPtrArray *auth_dialog_argv = NULL;`
Packit Service	a1bd4f	`NMVpnPluginInfo * plugin_info;`
Packit Service	a1bd4f	`const char * s;`
Packit Service	a1bd4f	`GPid auth_dialog_pid;`
Packit Service	a1bd4f	`int auth_dialog_in_fd;`
Packit Service	a1bd4f	`int auth_dialog_out_fd;`
Packit Service	a1bd4f	`GOutputStream * auth_dialog_in;`
Packit Service	a1bd4f	`GInputStream * auth_dialog_out;`
Packit Service	a1bd4f	`GError * error = NULL;`
Packit Service	a1bd4f	`GString * auth_dialog_request;`
Packit Service	a1bd4f	`char * auth_dialog_request_str;`
Packit Service	a1bd4f	`gsize auth_dialog_request_len;`
Packit Service	a1bd4f	`AuthDialogData * data;`
Packit Service	a1bd4f	`int i;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`plugin_info = nm_vpn_plugin_info_list_find_by_service(nm_vpn_get_plugin_infos(),`
Packit Service	a1bd4f	`nm_setting_vpn_get_service_type(s_vpn));`
Packit Service	a1bd4f	`if (!plugin_info)`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`s = nm_vpn_plugin_info_lookup_property(plugin_info, "GNOME", "supports-external-ui-mode");`
Packit Service	a1bd4f	`if (!_nm_utils_ascii_str_to_bool(s, FALSE))`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`auth_dialog_argv = g_ptr_array_new();`
Packit Service	a1bd4f
Packit Service	a1bd4f	`s = nm_vpn_plugin_info_lookup_property(plugin_info, "GNOME", "auth-dialog");`
Packit Service	a1bd4f	`g_return_val_if_fail(s, FALSE);`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, (gpointer) s);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-u");`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, (gpointer) nm_connection_get_uuid(request->connection));`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-n");`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, (gpointer) nm_connection_get_id(request->connection));`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-s");`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, (gpointer) nm_setting_vpn_get_service_type(s_vpn));`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "--external-ui-mode");`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-i");`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (request->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW)`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-r");`
Packit Service	a1bd4f
Packit Service	a1bd4f	`s = nm_vpn_plugin_info_lookup_property(plugin_info, "GNOME", "supports-hints");`
Packit Service	a1bd4f	`if (_nm_utils_ascii_str_to_bool(s, FALSE)) {`
Packit Service	a1bd4f	`for (i = 0; request->hints[i]; i++) {`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, "-t");`
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, request->hints[i]);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_ptr_array_add(auth_dialog_argv, NULL);`
Packit Service	a1bd4f	`if (!g_spawn_async_with_pipes(NULL,`
Packit Service	a1bd4f	`(char **) auth_dialog_argv->pdata,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`G_SPAWN_DO_NOT_REAP_CHILD,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`&auth_dialog_pid,`
Packit Service	a1bd4f	`&auth_dialog_in_fd,`
Packit Service	a1bd4f	`&auth_dialog_out_fd,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`&error)) {`
Packit Service	a1bd4f	`g_warning("Failed to spawn the auth dialog%s\n", error->message);`
Packit Service	a1bd4f	`return FALSE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`auth_dialog_in = g_unix_output_stream_new(auth_dialog_in_fd, TRUE);`
Packit Service	a1bd4f	`auth_dialog_out = g_unix_input_stream_new(auth_dialog_out_fd, TRUE);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`auth_dialog_request = g_string_new_len(NULL, 1024);`
Packit Service	a1bd4f	`nm_setting_vpn_foreach_data_item(s_vpn, _add_data_item_to_string, auth_dialog_request);`
Packit Service	a1bd4f	`nm_setting_vpn_foreach_secret(s_vpn, _add_secret_to_string, auth_dialog_request);`
Packit Service	a1bd4f	`g_string_append(auth_dialog_request, "DONE\nQUIT\n");`
Packit Service	a1bd4f	`auth_dialog_request_len = auth_dialog_request->len;`
Packit Service	a1bd4f	`auth_dialog_request_str = g_string_free(auth_dialog_request, FALSE);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`data = g_slice_new(AuthDialogData);`
Packit Service	a1bd4f	`*data = (AuthDialogData){`
Packit Service	a1bd4f	`.auth_dialog_response = g_string_new_len(NULL, sizeof(data->read_buf)),`
Packit Service	a1bd4f	`.auth_dialog_pid = auth_dialog_pid,`
Packit Service	a1bd4f	`.request = request,`
Packit Service	a1bd4f	`.secrets = g_ptr_array_ref(secrets),`
Packit Service	a1bd4f	`.input_stream = auth_dialog_out,`
Packit Service	a1bd4f	`.output_stream = auth_dialog_in,`
Packit Service	a1bd4f	`};`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_output_stream_write_async(auth_dialog_in,`
Packit Service	a1bd4f	`auth_dialog_request_str,`
Packit Service	a1bd4f	`auth_dialog_request_len,`
Packit Service	a1bd4f	`G_PRIORITY_DEFAULT,`
Packit Service	a1bd4f	`request->cancellable,`
Packit Service	a1bd4f	`_auth_dialog_write_done,`
Packit Service	a1bd4f	`auth_dialog_request_str);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_input_stream_read_async(auth_dialog_out,`
Packit Service	a1bd4f	`data->read_buf,`
Packit Service	a1bd4f	`sizeof(data->read_buf),`
Packit Service	a1bd4f	`G_PRIORITY_DEFAULT,`
Packit Service	a1bd4f	`request->cancellable,`
Packit Service	a1bd4f	`_auth_dialog_read_done,`
Packit Service	a1bd4f	`data);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`return TRUE;`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`request_secrets_from_ui(RequestData *request)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`gs_unref_ptrarray GPtrArray *secrets = NULL;`
Packit Service	a1bd4f	`gs_free_error GError * error = NULL;`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv;`
Packit Service	a1bd4f	`NMSecretAgentSimpleSecret * secret;`
Packit Service	a1bd4f	`const char * title;`
Packit Service	a1bd4f	`gs_free char * msg = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(request->self);`
Packit Service	a1bd4f	`g_return_if_fail(priv->enabled);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* We only handle requests for connection with @path if set. */`
Packit Service	a1bd4f	`if (priv->path && !g_str_has_prefix(request->request_id, priv->path)) {`
Packit Service	a1bd4f	`g_set_error(&error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Request for %s secrets doesn't match path %s",`
Packit Service	a1bd4f	`request->request_id,`
Packit Service	a1bd4f	`priv->path);`
Packit Service	a1bd4f	`goto out_fail_error;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secrets = g_ptr_array_new_with_free_func((GDestroyNotify) _secret_real_free);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_connection_is_type(request->connection, NM_SETTING_WIRELESS_SETTING_NAME)) {`
Packit Service	a1bd4f	`NMSettingWireless *s_wireless;`
Packit Service	a1bd4f	`GBytes * ssid;`
Packit Service	a1bd4f	`char * ssid_utf8;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`s_wireless = nm_connection_get_setting_wireless(request->connection);`
Packit Service	a1bd4f	`ssid = nm_setting_wireless_get_ssid(s_wireless);`
Packit Service	a1bd4f	`ssid_utf8 = nm_utils_ssid_to_utf8(g_bytes_get_data(ssid, NULL), g_bytes_get_size(ssid));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`title = _("Authentication required by wireless network");`
Packit Service	a1bd4f	`msg = g_strdup_printf(`
Packit Service	a1bd4f	`_("Passwords or encryption keys are required to access the wireless network '%s'."),`
Packit Service	a1bd4f	`ssid_utf8);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!add_wireless_secrets(request, secrets))`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_WIRED_SETTING_NAME)) {`
Packit Service	a1bd4f	`title = _("Wired 802.1X authentication");`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("Secrets are required to access the wired network '%s'"),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!add_8021x_secrets(request, secrets))`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_PPPOE_SETTING_NAME)) {`
Packit Service	a1bd4f	`title = _("DSL authentication");`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("Secrets are required for the DSL connection '%s'"),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!add_pppoe_secrets(request, secrets))`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_GSM_SETTING_NAME)) {`
Packit Service	a1bd4f	`NMSettingGsm *s_gsm = nm_connection_get_setting_gsm(request->connection);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (g_strv_contains(NM_CAST_STRV_CC(request->hints), NM_SETTING_GSM_PIN)) {`
Packit Service	a1bd4f	`title = _("PIN code required");`
Packit Service	a1bd4f	`msg = g_strdup(_("PIN code is needed for the mobile broadband device"));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("PIN"),`
Packit Service	a1bd4f	`NM_SETTING(s_gsm),`
Packit Service	a1bd4f	`NM_SETTING_GSM_PIN);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`} else {`
Packit Service	a1bd4f	`title = _("Mobile broadband network password");`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("A password is required to connect to '%s'."),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_gsm),`
Packit Service	a1bd4f	`NM_SETTING_GSM_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_MACSEC_SETTING_NAME)) {`
Packit Service	a1bd4f	`NMSettingMacsec *s_macsec = nm_connection_get_setting_macsec(request->connection);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`msg = g_strdup_printf(_("Secrets are required to access the MACsec network '%s'"),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (nm_setting_macsec_get_mode(s_macsec) == NM_SETTING_MACSEC_MODE_PSK) {`
Packit Service	a1bd4f	`title = _("MACsec PSK authentication");`
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("MKA CAK"),`
Packit Service	a1bd4f	`NM_SETTING(s_macsec),`
Packit Service	a1bd4f	`NM_SETTING_MACSEC_MKA_CAK);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`} else {`
Packit Service	a1bd4f	`title = _("MACsec EAP authentication");`
Packit Service	a1bd4f	`if (!add_8021x_secrets(request, secrets))`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_WIREGUARD_SETTING_NAME)) {`
Packit Service	a1bd4f	`title = _("WireGuard VPN secret");`
Packit Service	a1bd4f	`if (!add_wireguard_secrets(request, secrets, &msg, &error))`
Packit Service	a1bd4f	`goto out_fail_error;`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_CDMA_SETTING_NAME)) {`
Packit Service	a1bd4f	`NMSettingCdma *s_cdma = nm_connection_get_setting_cdma(request->connection);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`title = _("Mobile broadband network password");`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("A password is required to connect to '%s'."),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`NM_SETTING(s_cdma),`
Packit Service	a1bd4f	`NM_SETTING_CDMA_PASSWORD);`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_BLUETOOTH_SETTING_NAME)) {`
Packit Service	a1bd4f	`NMSetting *setting = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`setting = nm_connection_get_setting_by_name(request->connection,`
Packit Service	a1bd4f	`NM_SETTING_BLUETOOTH_SETTING_NAME);`
Packit Service	a1bd4f	`if (setting`
Packit Service	a1bd4f	`&& !nm_streq0(nm_setting_bluetooth_get_connection_type(NM_SETTING_BLUETOOTH(setting)),`
Packit Service	a1bd4f	`NM_SETTING_BLUETOOTH_TYPE_NAP)) {`
Packit Service	a1bd4f	`setting =`
Packit Service	a1bd4f	`nm_connection_get_setting_by_name(request->connection, NM_SETTING_GSM_SETTING_NAME);`
Packit Service	a1bd4f	`if (!setting)`
Packit Service	a1bd4f	`setting = nm_connection_get_setting_by_name(request->connection,`
Packit Service	a1bd4f	`NM_SETTING_CDMA_SETTING_NAME);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!setting)`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`title = _("Mobile broadband network password");`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("A password is required to connect to '%s'."),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`secret = _secret_real_new_plain(NM_SECRET_AGENT_SECRET_TYPE_SECRET,`
Packit Service	a1bd4f	`_("Password"),`
Packit Service	a1bd4f	`setting,`
Packit Service	a1bd4f	`"password");`
Packit Service	a1bd4f	`g_ptr_array_add(secrets, secret);`
Packit Service	a1bd4f	`} else if (nm_connection_is_type(request->connection, NM_SETTING_VPN_SETTING_NAME)) {`
Packit Service	a1bd4f	`title = _("VPN password required");`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (try_spawn_vpn_auth_helper(request, secrets)) {`
Packit Service	a1bd4f	`/* This will emit REQUEST_SECRETS when ready */`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!add_vpn_secrets(request, secrets, &msg))`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f	`if (!msg) {`
Packit Service	a1bd4f	`msg = g_strdup_printf(_("A password is required to connect to '%s'."),`
Packit Service	a1bd4f	`nm_connection_get_id(request->connection));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`} else`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (secrets->len == 0)`
Packit Service	a1bd4f	`goto out_fail;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_signal_emit(request->self,`
Packit Service	a1bd4f	`signals[REQUEST_SECRETS],`
Packit Service	a1bd4f	`0,`
Packit Service	a1bd4f	`request->request_id,`
Packit Service	a1bd4f	`title,`
Packit Service	a1bd4f	`msg,`
Packit Service	a1bd4f	`secrets);`
Packit Service	a1bd4f	`return;`
Packit	5756e2
Packit	5756e2	`out_fail:`
Packit Service	a1bd4f	`g_set_error(&error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Cannot service a secrets request %s for a %s connection",`
Packit Service	a1bd4f	`request->request_id,`
Packit Service	a1bd4f	`nm_connection_get_connection_type(request->connection));`
Packit	5756e2	`out_fail_error:`
Packit Service	a1bd4f	`_request_data_complete(request, NULL, error, NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`get_secrets(NMSecretAgentOld * agent,`
Packit Service	a1bd4f	`NMConnection * connection,`
Packit Service	a1bd4f	`const char * connection_path,`
Packit Service	a1bd4f	`const char * setting_name,`
Packit Service	a1bd4f	`const char ** hints,`
Packit Service	a1bd4f	`NMSecretAgentGetSecretsFlags flags,`
Packit Service	a1bd4f	`NMSecretAgentOldGetSecretsFunc callback,`
Packit Service	a1bd4f	`gpointer callback_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimple * self = NM_SECRET_AGENT_SIMPLE(agent);`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self);`
Packit Service	a1bd4f	`RequestData * request;`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f	`gs_free char * request_id = NULL;`
Packit Service	a1bd4f	`const char * request_id_setting_name;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`request_id = g_strdup_printf("%s/%s", connection_path, setting_name);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (g_hash_table_contains(priv->requests, &request_id)) {`
Packit Service	a1bd4f	`/* We already have a request pending for this (connection, setting) */`
Packit Service	a1bd4f	`error = g_error_new(NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_FAILED,`
Packit Service	a1bd4f	`"Request for %s secrets already pending",`
Packit Service	a1bd4f	`request_id);`
Packit Service	a1bd4f	`callback(agent, connection, NULL, error, callback_data);`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!(flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION)) {`
Packit Service	a1bd4f	`/* We don't do stored passwords */`
Packit Service	a1bd4f	`error = g_error_new(NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_NO_SECRETS,`
Packit Service	a1bd4f	`"Stored passwords not supported");`
Packit Service	a1bd4f	`callback(agent, connection, NULL, error, callback_data);`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`nm_assert(g_str_has_suffix(request_id, setting_name));`
Packit Service	a1bd4f	`request_id_setting_name = &request_id[strlen(request_id) - strlen(setting_name)];`
Packit Service	a1bd4f	`nm_assert(nm_streq(request_id_setting_name, setting_name));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`request = g_slice_new(RequestData);`
Packit Service	a1bd4f	`*request = (RequestData){`
Packit Service	a1bd4f	`.self = self,`
Packit Service	a1bd4f	`.connection = g_object_ref(connection),`
Packit Service	a1bd4f	`.setting_name = request_id_setting_name,`
Packit Service	a1bd4f	`.hints = g_strdupv((char **) hints),`
Packit Service	a1bd4f	`.callback = callback,`
Packit Service	a1bd4f	`.callback_data = callback_data,`
Packit Service	a1bd4f	`.request_id = g_steal_pointer(&request_id),`
Packit Service	a1bd4f	`.flags = flags,`
Packit Service	a1bd4f	`.cancellable = g_cancellable_new(),`
Packit Service	a1bd4f	`};`
Packit Service	a1bd4f	`g_hash_table_add(priv->requests, request);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (priv->enabled)`
Packit Service	a1bd4f	`request_secrets_from_ui(request);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/**`
Packit	5756e2	`* nm_secret_agent_simple_response:`
Packit	5756e2	`* @self: the #NMSecretAgentSimple`
Packit	5756e2	`* @request_id: the request ID being responded to`
Packit	5756e2	`* @secrets: (allow-none): the array of secrets, or %NULL`
Packit	5756e2	`*`
Packit	5756e2	`* Response to a #NMSecretAgentSimple::get-secrets signal.`
Packit	5756e2	`*`
Packit	5756e2	`* If the user provided secrets, the caller should set the`
Packit	5756e2	`* corresponding <literal>value</literal> fields in the`
Packit	5756e2	`* #NMSecretAgentSimpleSecrets (freeing any initial values they had), and`
Packit	5756e2	`* pass the array to nm_secret_agent_simple_response(). If the user`
Packit	5756e2	`* cancelled the request, @secrets should be NULL.`
Packit	5756e2	`*/`
Packit	5756e2	`void`
Packit Service	a1bd4f	`nm_secret_agent_simple_response(NMSecretAgentSimple *self,`
Packit Service	a1bd4f	`const char * request_id,`
Packit Service	a1bd4f	`GPtrArray * secrets)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv;`
Packit Service	a1bd4f	`RequestData * request;`
Packit Service	a1bd4f	`gs_unref_variant GVariant *secrets_dict = NULL;`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f	`int i;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_return_if_fail(NM_IS_SECRET_AGENT_SIMPLE(self));`
Packit Service	a1bd4f
Packit Service	a1bd4f	`priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self);`
Packit Service	a1bd4f	`request = g_hash_table_lookup(priv->requests, &request_id);`
Packit Service	a1bd4f	`g_return_if_fail(request != NULL);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (secrets) {`
Packit Service	a1bd4f	`GVariantBuilder conn_builder, *setting_builder;`
Packit Service	a1bd4f	`GVariantBuilder vpn_secrets_builder;`
Packit Service	a1bd4f	`GVariantBuilder wg_secrets_builder;`
Packit Service	a1bd4f	`GVariantBuilder wg_peer_builder;`
Packit Service	a1bd4f	`GHashTable * settings;`
Packit Service	a1bd4f	`GHashTableIter iter;`
Packit Service	a1bd4f	`const char * name;`
Packit Service	a1bd4f	`gboolean has_vpn = FALSE;`
Packit Service	a1bd4f	`gboolean has_wg = FALSE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`settings = g_hash_table_new_full(nm_str_hash,`
Packit Service	a1bd4f	`g_str_equal,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`(GDestroyNotify) g_variant_builder_unref);`
Packit Service	a1bd4f	`for (i = 0; i < secrets->len; i++) {`
Packit Service	a1bd4f	`SecretReal *secret = secrets->pdata[i];`
Packit Service	a1bd4f
Packit Service	a1bd4f	`setting_builder = g_hash_table_lookup(settings, nm_setting_get_name(secret->setting));`
Packit Service	a1bd4f	`if (!setting_builder) {`
Packit Service	a1bd4f	`setting_builder = g_variant_builder_new(NM_VARIANT_TYPE_SETTING);`
Packit Service	a1bd4f	`g_hash_table_insert(settings,`
Packit Service	a1bd4f	`(char *) nm_setting_get_name(secret->setting),`
Packit Service	a1bd4f	`setting_builder);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`switch (secret->base.secret_type) {`
Packit Service	a1bd4f	`case NM_SECRET_AGENT_SECRET_TYPE_PROPERTY:`
Packit Service	a1bd4f	`case NM_SECRET_AGENT_SECRET_TYPE_SECRET:`
Packit Service	a1bd4f	`g_variant_builder_add(setting_builder,`
Packit Service	a1bd4f	`"{sv}",`
Packit Service	a1bd4f	`secret->property,`
Packit Service	a1bd4f	`g_variant_new_string(secret->base.value));`
Packit Service	a1bd4f	`break;`
Packit Service	a1bd4f	`case NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET:`
Packit Service	a1bd4f	`if (!has_vpn) {`
Packit Service	a1bd4f	`g_variant_builder_init(&vpn_secrets_builder, G_VARIANT_TYPE("a{ss}"));`
Packit Service	a1bd4f	`has_vpn = TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`g_variant_builder_add(&vpn_secrets_builder,`
Packit Service	a1bd4f	`"{ss}",`
Packit Service	a1bd4f	`secret->property,`
Packit Service	a1bd4f	`secret->base.value);`
Packit Service	a1bd4f	`break;`
Packit Service	a1bd4f	`case NM_SECRET_AGENT_SECRET_TYPE_WIREGUARD_PEER_PSK:`
Packit Service	a1bd4f	`if (!has_wg) {`
Packit Service	a1bd4f	`g_variant_builder_init(&wg_secrets_builder, G_VARIANT_TYPE("aa{sv}"));`
Packit Service	a1bd4f	`has_wg = TRUE;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`g_variant_builder_init(&wg_peer_builder, G_VARIANT_TYPE("a{sv}"));`
Packit Service	a1bd4f	`g_variant_builder_add(&wg_peer_builder,`
Packit Service	a1bd4f	`"{sv}",`
Packit Service	a1bd4f	`NM_WIREGUARD_PEER_ATTR_PUBLIC_KEY,`
Packit Service	a1bd4f	`g_variant_new_string(secret->property));`
Packit Service	a1bd4f	`g_variant_builder_add(&wg_peer_builder,`
Packit Service	a1bd4f	`"{sv}",`
Packit Service	a1bd4f	`NM_WIREGUARD_PEER_ATTR_PRESHARED_KEY,`
Packit Service	a1bd4f	`g_variant_new_string(secret->base.value));`
Packit Service	a1bd4f	`g_variant_builder_add(&wg_secrets_builder, "a{sv}", &wg_peer_builder);`
Packit Service	a1bd4f	`break;`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (has_vpn) {`
Packit Service	a1bd4f	`g_variant_builder_add(setting_builder,`
Packit Service	a1bd4f	`"{sv}",`
Packit Service	a1bd4f	`"secrets",`
Packit Service	a1bd4f	`g_variant_builder_end(&vpn_secrets_builder));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (has_wg) {`
Packit Service	a1bd4f	`g_variant_builder_add(setting_builder,`
Packit Service	a1bd4f	`"{sv}",`
Packit Service	a1bd4f	`NM_SETTING_WIREGUARD_PEERS,`
Packit Service	a1bd4f	`g_variant_builder_end(&wg_secrets_builder));`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_variant_builder_init(&conn_builder, NM_VARIANT_TYPE_CONNECTION);`
Packit Service	a1bd4f	`g_hash_table_iter_init(&iter, settings);`
Packit Service	a1bd4f	`while (g_hash_table_iter_next(&iter, (gpointer ) &name, (gpointer ) &setting_builder))`
Packit Service	a1bd4f	`g_variant_builder_add(&conn_builder, "{sa{sv}}", name, setting_builder);`
Packit Service	a1bd4f	`secrets_dict = g_variant_ref_sink(g_variant_builder_end(&conn_builder));`
Packit Service	a1bd4f	`g_hash_table_destroy(settings);`
Packit Service	a1bd4f	`} else {`
Packit Service	a1bd4f	`error = g_error_new(NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_USER_CANCELED,`
Packit Service	a1bd4f	`"User cancelled");`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`_request_data_complete(request, secrets_dict, error, NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`cancel_get_secrets(NMSecretAgentOld agent, const char connection_path, const char *setting_name)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimple * self = NM_SECRET_AGENT_SIMPLE(agent);`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self);`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f	`gs_free char * request_id = NULL;`
Packit Service	a1bd4f	`RequestData * request;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`request_id = g_strdup_printf("%s/%s", connection_path, setting_name);`
Packit Service	a1bd4f	`request = g_hash_table_lookup(priv->requests, &request_id);`
Packit Service	a1bd4f	`if (!request) {`
Packit Service	a1bd4f	`/* this is really a bug of the caller (or us?). We cannot invoke a callback,`
Packit Service	a1bd4f	`* hence the caller cannot cleanup the request. */`
Packit Service	a1bd4f	`g_return_if_reached();`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_set_error(&error,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_ERROR_AGENT_CANCELED,`
Packit Service	a1bd4f	`"The secret agent is going away");`
Packit Service	a1bd4f	`_request_data_complete(request, NULL, error, NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`save_secrets(NMSecretAgentOld * agent,`
Packit Service	a1bd4f	`NMConnection * connection,`
Packit Service	a1bd4f	`const char * connection_path,`
Packit Service	a1bd4f	`NMSecretAgentOldSaveSecretsFunc callback,`
Packit Service	a1bd4f	`gpointer callback_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`/* We don't support secret storage */`
Packit Service	a1bd4f	`callback(agent, connection, NULL, callback_data);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`delete_secrets(NMSecretAgentOld * agent,`
Packit Service	a1bd4f	`NMConnection * connection,`
Packit Service	a1bd4f	`const char * connection_path,`
Packit Service	a1bd4f	`NMSecretAgentOldDeleteSecretsFunc callback,`
Packit Service	a1bd4f	`gpointer callback_data)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`/* We don't support secret storage, so there's nothing to delete. */`
Packit Service	a1bd4f	`callback(agent, connection, NULL, callback_data);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/**`
Packit	5756e2	`* nm_secret_agent_simple_enable:`
Packit	5756e2	`* @self: the #NMSecretAgentSimple`
Packit	5756e2	`* @path: (allow-none): the path of the connection (if any) to handle secrets`
Packit	5756e2	`* for. If %NULL, secrets for any connection will be handled.`
Packit	5756e2	`*`
Packit	5756e2	`* Enables servicing the requests including the already queued ones. If @path`
Packit	5756e2	`* is given, the agent will only handle requests for connections that match`
Packit	5756e2	`* @path.`
Packit	5756e2	`*/`
Packit	5756e2	`void`
Packit Service	a1bd4f	`nm_secret_agent_simple_enable(NMSecretAgentSimple self, const char path)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(self);`
Packit Service	a1bd4f	`gs_free RequestData **requests = NULL;`
Packit Service	a1bd4f	`gsize i;`
Packit Service	a1bd4f	`gs_free char * path_full = NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* The path is only used to match a request_id with the current`
Packit Service	a1bd4f	`* connection. Since the request_id is "${CONNECTION_PATH}/${SETTING}",`
Packit Service	a1bd4f	`* add a trailing '/' to the path to match the full connection path.`
Packit Service	a1bd4f	`*/`
Packit Service	a1bd4f	`path_full = path ? g_strdup_printf("%s/", path) : NULL;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (!nm_streq0(path_full, priv->path)) {`
Packit Service	a1bd4f	`g_free(priv->path);`
Packit Service	a1bd4f	`priv->path = g_steal_pointer(&path_full);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`if (priv->enabled)`
Packit Service	a1bd4f	`return;`
Packit Service	a1bd4f	`priv->enabled = TRUE;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/* Service pending secret requests. */`
Packit Service	a1bd4f	`requests = (RequestData **) g_hash_table_get_keys_as_array(priv->requests, NULL);`
Packit Service	a1bd4f	`for (i = 0; requests[i]; i++)`
Packit Service	a1bd4f	`request_secrets_from_ui(requests[i]);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/*****************************************************************************/`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`nm_secret_agent_simple_init(NMSecretAgentSimple *agent)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(agent);`
Packit	5756e2
Packit Service	a1bd4f	`G_STATIC_ASSERT_EXPR(G_STRUCT_OFFSET(RequestData, request_id) == 0);`
Packit Service	a1bd4f	`priv->requests = g_hash_table_new_full(nm_pstr_hash, nm_pstr_equal, NULL, _request_data_free);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`/**`
Packit	5756e2	`* nm_secret_agent_simple_new:`
Packit	5756e2	`* @name: the identifier of secret agent`
Packit	5756e2	`*`
Packit	5756e2	`* Creates a new #NMSecretAgentSimple. It does not serve any requests until`
Packit	5756e2	`* nm_secret_agent_simple_enable() is called.`
Packit	5756e2	`*`
Packit	5756e2	`* Returns: a new #NMSecretAgentSimple if the agent creation is successful`
Packit	5756e2	`* or %NULL in case of a failure.`
Packit	5756e2	`*/`
Packit	5756e2	`NMSecretAgentSimple *`
Packit Service	a1bd4f	`nm_secret_agent_simple_new(const char *name)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`return g_initable_new(NM_TYPE_SECRET_AGENT_SIMPLE,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_OLD_IDENTIFIER,`
Packit Service	a1bd4f	`name,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_OLD_CAPABILITIES,`
Packit Service	a1bd4f	`NM_SECRET_AGENT_CAPABILITY_VPN_HINTS,`
Packit Service	a1bd4f	`NULL);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`dispose(GObject *object)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(object);`
Packit Service	a1bd4f	`gs_free_error GError *error = NULL;`
Packit Service	a1bd4f	`GHashTableIter iter;`
Packit Service	a1bd4f	`RequestData * request;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`g_hash_table_iter_init(&iter, priv->requests);`
Packit Service	a1bd4f	`while (g_hash_table_iter_next(&iter, NULL, (gpointer *) &request)) {`
Packit Service	a1bd4f	`if (!error)`
Packit Service	a1bd4f	`nm_utils_error_set_cancelled(&error, TRUE, "NMSecretAgentSimple");`
Packit Service	a1bd4f	`_request_data_complete(request, NULL, error, &iter);`
Packit Service	a1bd4f	`}`
Packit Service	a1bd4f
Packit Service	a1bd4f	`G_OBJECT_CLASS(nm_secret_agent_simple_parent_class)->dispose(object);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`static void`
Packit Service	a1bd4f	`finalize(GObject *object)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`NMSecretAgentSimplePrivate *priv = NM_SECRET_AGENT_SIMPLE_GET_PRIVATE(object);`
Packit	5756e2
Packit Service	a1bd4f	`g_hash_table_destroy(priv->requests);`
Packit	5756e2
Packit Service	a1bd4f	`g_free(priv->path);`
Packit	5756e2
Packit Service	a1bd4f	`G_OBJECT_CLASS(nm_secret_agent_simple_parent_class)->finalize(object);`
Packit	5756e2	`}`
Packit	5756e2
Packit	5756e2	`void`
Packit Service	a1bd4f	`nm_secret_agent_simple_class_init(NMSecretAgentSimpleClass *klass)`
Packit	5756e2	`{`
Packit Service	a1bd4f	`GObjectClass * object_class = G_OBJECT_CLASS(klass);`
Packit Service	a1bd4f	`NMSecretAgentOldClass *agent_class = NM_SECRET_AGENT_OLD_CLASS(klass);`
Packit Service	a1bd4f
Packit Service	a1bd4f	`object_class->dispose = dispose;`
Packit Service	a1bd4f	`object_class->finalize = finalize;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`agent_class->get_secrets = get_secrets;`
Packit Service	a1bd4f	`agent_class->cancel_get_secrets = cancel_get_secrets;`
Packit Service	a1bd4f	`agent_class->save_secrets = save_secrets;`
Packit Service	a1bd4f	`agent_class->delete_secrets = delete_secrets;`
Packit Service	a1bd4f
Packit Service	a1bd4f	`/**`
Packit Service	a1bd4f	`* NMSecretAgentSimple::request-secrets:`
Packit Service	a1bd4f	`* @agent: the #NMSecretAgentSimple`
Packit Service	a1bd4f	`* @request_id: request ID, to eventually pass to`
Packit Service	a1bd4f	`* nm_secret_agent_simple_response().`
Packit Service	a1bd4f	`* @title: a title for the password dialog`
Packit Service	a1bd4f	`* @prompt: a prompt message for the password dialog`
Packit Service	a1bd4f	`* @secrets: (element-type #NMSecretAgentSimpleSecret): array of secrets`
Packit Service	a1bd4f	`* being requested.`
Packit Service	a1bd4f	`*`
Packit Service	a1bd4f	`* Emitted when the agent requires secrets from the user.`
Packit Service	a1bd4f	`*`
Packit Service	a1bd4f	`* The application should ask user for the secrets. For example,`
Packit Service	a1bd4f	`* nmtui should create a password dialog (#NmtPasswordDialog)`
Packit Service	a1bd4f	`* with the given title and prompt, and an entry for each`
Packit Service	a1bd4f	`* element of @secrets. If any of the secrets already have a`
Packit Service	a1bd4f	`* <literal>value</literal> filled in, the corresponding entry`
Packit Service	a1bd4f	`* should be initialized to that value.`
Packit Service	a1bd4f	`*`
Packit Service	a1bd4f	`* When the dialog is complete, the app must call`
Packit Service	a1bd4f	`* nm_secret_agent_simple_response() with the results.`
Packit Service	a1bd4f	`*/`
Packit Service	a1bd4f	`signals[REQUEST_SECRETS] = g_signal_new(NM_SECRET_AGENT_SIMPLE_REQUEST_SECRETS,`
Packit Service	a1bd4f	`G_TYPE_FROM_CLASS(klass),`
Packit Service	a1bd4f	`0,`
Packit Service	a1bd4f	`0,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`NULL,`
Packit Service	a1bd4f	`G_TYPE_NONE,`
Packit Service	a1bd4f	`4,`
Packit Service	a1bd4f	`G_TYPE_STRING, /* request_id */`
Packit Service	a1bd4f	`G_TYPE_STRING, /* title */`
Packit Service	a1bd4f	`G_TYPE_STRING, /* prompt */`
Packit Service	a1bd4f	`G_TYPE_PTR_ARRAY);`
Packit	5756e2	`}`

source-git / NetworkManager

Source Code

Blame clients/common/nm-secret-agent-simple.c