/* SPDX-License-Identifier: GPL-2.0+ */ /* * Copyright (C) 2013 Red Hat, Inc. */ /** * SECTION:nmtui-connect * @short_description: nm-applet-like functionality * * nmtui-connect implements activating and deactivating #NMConnections, * including presenting a password dialog if necessary. */ #include "nm-default.h" #include #include "nmt-newt.h" #include "nmtui.h" #include "nmtui-connect.h" #include "nmt-connect-connection-list.h" #include "nmt-password-dialog.h" #include "nm-secret-agent-simple.h" #include "nm-vpn-helpers.h" #include "nm-client-utils.h" #include "nmt-utils.h" /** * Runs openconnect to authenticate. The current screen state is saved * before starting the command and restored after it returns. */ static gboolean openconnect_authenticate(NMConnection *connection, char **cookie, char **gateway, char **gwcert) { GError * error = NULL; NMSettingVpn *s_vpn; gboolean ret; int status = 0; const char * gw, *port; nmt_newt_message_dialog( _("openconnect will be run to authenticate.\nIt will return to nmtui when completed.")); /* Get port */ s_vpn = nm_connection_get_setting_vpn(connection); gw = nm_setting_vpn_get_data_item(s_vpn, "gateway"); port = gw ? strrchr(gw, ':') : NULL; newtSuspend(); ret = nm_vpn_openconnect_authenticate_helper(gw, cookie, gateway, gwcert, &status, &error); newtResume(); if (!ret) { nmt_newt_message_dialog(_("Error: openconnect failed: %s"), error->message); g_clear_error(&error); return FALSE; } if (WIFEXITED(status)) { if (WEXITSTATUS(status) != 0) { nmt_newt_message_dialog(_("openconnect failed with status %d"), WEXITSTATUS(status)); return FALSE; } } else if (WIFSIGNALED(status)) { nmt_newt_message_dialog(_("openconnect failed with signal %d"), WTERMSIG(status)); return FALSE; } if (gateway && *gateway && port) { char *tmp = *gateway; *gateway = g_strdup_printf("%s%s", *gateway, port); g_free(tmp); } return TRUE; } static void secrets_requested(NMSecretAgentSimple *agent, const char * request_id, const char * title, const char * msg, GPtrArray * secrets, gpointer user_data) { NmtNewtForm * form; NMConnection *connection = NM_CONNECTION(user_data); int i; /* Get secrets for OpenConnect VPN */ if (connection && nm_connection_is_type(connection, NM_SETTING_VPN_SETTING_NAME)) { NMSettingVpn *s_vpn = nm_connection_get_setting_vpn(connection); if (nm_streq0(nm_setting_vpn_get_service_type(s_vpn), NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT)) { gs_free char *cookie = NULL; gs_free char *gateway = NULL; gs_free char *gwcert = NULL; openconnect_authenticate(connection, &cookie, &gateway, &gwcert); for (i = 0; i < secrets->len; i++) { NMSecretAgentSimpleSecret *secret = secrets->pdata[i]; if (secret->secret_type != NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET) continue; if (!nm_streq0(secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT)) continue; if (nm_streq0(secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "cookie")) { g_free(secret->value); secret->value = g_steal_pointer(&cookie); } else if (nm_streq0(secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gateway")) { g_free(secret->value); secret->value = g_steal_pointer(&gateway); } else if (nm_streq0(secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gwcert")) { g_free(secret->value); secret->value = g_steal_pointer(&gwcert); } } } } form = nmt_password_dialog_new(request_id, title, msg, secrets); nmt_newt_form_run_sync(form); if (nmt_password_dialog_succeeded(NMT_PASSWORD_DIALOG(form))) nm_secret_agent_simple_response(agent, request_id, secrets); else nm_secret_agent_simple_response(agent, request_id, NULL); g_object_unref(form); } typedef struct { NMDevice * device; NMActiveConnection *active; NmtSyncOp * op; } ActivateConnectionInfo; static void connect_cancelled(NmtNewtForm *form, gpointer user_data) { ActivateConnectionInfo *info = user_data; GError * error = NULL; error = g_error_new_literal(G_IO_ERROR, G_IO_ERROR_CANCELLED, "Cancelled"); nmt_sync_op_complete_boolean(info->op, FALSE, error); g_clear_error(&error); } static void check_activated(ActivateConnectionInfo *info) { NMActiveConnectionState ac_state; const char * reason = NULL; gs_free_error GError *error = NULL; ac_state = nmc_activation_get_effective_state(info->active, info->device, &reason); if (!NM_IN_SET(ac_state, NM_ACTIVE_CONNECTION_STATE_ACTIVATED, NM_ACTIVE_CONNECTION_STATE_DEACTIVATED)) return; if (ac_state == NM_ACTIVE_CONNECTION_STATE_DEACTIVATED) { nm_assert(reason); error = g_error_new(NM_CLIENT_ERROR, NM_CLIENT_ERROR_FAILED, _("Activation failed: %s"), reason); } nmt_sync_op_complete_boolean(info->op, error == NULL, error); } static void activate_ac_state_changed(GObject *object, GParamSpec *pspec, gpointer user_data) { check_activated(user_data); } static void activate_device_state_changed(GObject *object, GParamSpec *pspec, gpointer user_data) { check_activated(user_data); } static void activate_callback(GObject *client, GAsyncResult *result, gpointer user_data) { NmtSyncOp * op = user_data; NMActiveConnection *ac; GError * error = NULL; ac = nm_client_activate_connection_finish(NM_CLIENT(client), result, &error); if (error) nmt_sync_op_complete_pointer(op, NULL, error); else nmt_sync_op_complete_pointer(op, ac, NULL); } static void add_and_activate_callback(GObject *client, GAsyncResult *result, gpointer user_data) { NmtSyncOp * op = user_data; NMActiveConnection *ac; GError * error = NULL; ac = nm_client_add_and_activate_connection_finish(NM_CLIENT(client), result, &error); if (error) nmt_sync_op_complete_pointer(op, NULL, error); else nmt_sync_op_complete_pointer(op, ac, NULL); } static void deactivate_connection(NMActiveConnection *ac) { GError *error = NULL; if (!nm_client_deactivate_connection(nm_client, ac, NULL, &error)) { nmt_newt_message_dialog(_("Could not deactivate connection: %s"), error->message); g_clear_error(&error); } } static void activate_connection(NMConnection *connection, NMDevice *device, NMObject *specific_object) { NmtNewtForm * form; gs_unref_object NMSecretAgentSimple *agent = NULL; NmtNewtWidget * label; NmtSyncOp op; const char * specific_object_path; NMActiveConnection * ac; GError * error = NULL; ActivateConnectionInfo info = {}; form = g_object_new(NMT_TYPE_NEWT_FORM, "escape-exits", TRUE, NULL); label = nmt_newt_label_new(_("Connecting...")); nmt_newt_form_set_content(form, label); agent = nm_secret_agent_simple_new("nmtui"); if (agent) { if (connection) { nm_secret_agent_simple_enable(agent, nm_object_get_path(NM_OBJECT(connection))); } g_signal_connect(agent, NM_SECRET_AGENT_SIMPLE_REQUEST_SECRETS, G_CALLBACK(secrets_requested), connection); } specific_object_path = specific_object ? nm_object_get_path(specific_object) : NULL; /* There's no way to cancel an nm_client_activate_connection() / * nm_client_add_and_activate_connection() call, so we always let them * complete, even if the user hits Esc; they shouldn't normally take long * to complete anyway. */ nmt_sync_op_init(&op); if (connection) { nm_client_activate_connection_async(nm_client, connection, device, specific_object_path, NULL, activate_callback, &op); } else { nm_client_add_and_activate_connection_async(nm_client, NULL, device, specific_object_path, NULL, add_and_activate_callback, &op); } nmt_newt_form_show(form); ac = nmt_sync_op_wait_pointer(&op, &error); if (!ac) { nmt_newt_message_dialog(_("Could not activate connection: %s"), error->message); g_clear_error(&error); goto done; } else if (nm_active_connection_get_state(ac) == NM_ACTIVE_CONNECTION_STATE_ACTIVATED) { /* Already active */ goto done; } else if (!nmt_newt_widget_get_realized(NMT_NEWT_WIDGET(form))) { /* User already hit Esc */ goto done; } if (agent && !connection) { connection = NM_CONNECTION(nm_active_connection_get_connection(ac)); if (connection) { nm_secret_agent_simple_enable(agent, nm_object_get_path(NM_OBJECT(connection))); } } /* Now wait for the connection to actually reach the ACTIVATED state, * allowing the user to cancel if it takes too long. */ nmt_sync_op_init(&op); info.active = ac; info.device = device; info.op = &op; g_signal_connect(form, "quit", G_CALLBACK(connect_cancelled), &info); g_signal_connect(ac, "notify::" NM_ACTIVE_CONNECTION_STATE, G_CALLBACK(activate_ac_state_changed), &info); if (device) { g_signal_connect(device, "notify::" NM_DEVICE_STATE, G_CALLBACK(activate_device_state_changed), &info); } if (!nmt_sync_op_wait_boolean(&op, &error)) { if (!g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) nmt_newt_message_dialog(_("Could not activate connection: %s"), error->message); g_clear_error(&error); } g_signal_handlers_disconnect_by_func(form, G_CALLBACK(connect_cancelled), &info); g_signal_handlers_disconnect_by_func(ac, G_CALLBACK(activate_ac_state_changed), &info); if (device) g_signal_handlers_disconnect_by_func(device, G_CALLBACK(activate_device_state_changed), &info); done: if (nmt_newt_widget_get_realized(NMT_NEWT_WIDGET(form))) nmt_newt_form_quit(form); g_object_unref(form); if (agent) nm_secret_agent_old_unregister(NM_SECRET_AGENT_OLD(agent), NULL, NULL); } static void listbox_activated(NmtNewtListbox *listbox, gpointer user_data) { NmtConnectConnectionList *list = NMT_CONNECT_CONNECTION_LIST(listbox); NMConnection * connection; NMDevice * device; NMObject * specific_object; NMActiveConnection * ac; if (!nmt_connect_connection_list_get_selection(list, &connection, &device, &specific_object, &ac)) return; if (ac) deactivate_connection(ac); else activate_connection(connection, device, specific_object); } static void activate_clicked(NmtNewtButton *button, gpointer listbox) { listbox_activated(listbox, NULL); } static void listbox_active_changed(GObject *object, GParamSpec *pspec, gpointer button) { NmtConnectConnectionList *list = NMT_CONNECT_CONNECTION_LIST(object); static const char * activate, *deactivate; static int deactivate_padding, activate_padding; NMActiveConnection * ac; gboolean has_selection; if (G_UNLIKELY(activate == NULL)) { int activate_width, deactivate_width; activate = _("Activate"); activate_width = nmt_newt_text_width(activate); deactivate = _("Deactivate"); deactivate_width = nmt_newt_text_width(deactivate); activate_padding = MAX(0, deactivate_width - activate_width); deactivate_padding = MAX(0, activate_width - deactivate_width); } has_selection = nmt_connect_connection_list_get_selection(list, NULL, NULL, NULL, &ac); nmt_newt_component_set_sensitive(button, has_selection); if (has_selection && ac) { nmt_newt_button_set_label(button, deactivate); nmt_newt_widget_set_padding(button, 0, 0, deactivate_padding, 0); } else { nmt_newt_button_set_label(button, activate); nmt_newt_widget_set_padding(button, 0, 0, activate_padding, 0); } } static NmtNewtForm * nmt_connect_connection_list(gboolean is_top) { int screen_width, screen_height; NmtNewtForm * form; NmtNewtWidget *list, *activate, *quit, *bbox, *grid; newtGetScreenSize(&screen_width, &screen_height); form = g_object_new(NMT_TYPE_NEWT_FORM, "y", 2, "height", screen_height - 4, "escape-exits", TRUE, NULL); grid = nmt_newt_grid_new(); list = nmt_connect_connection_list_new(); nmt_newt_grid_add(NMT_NEWT_GRID(grid), list, 0, 0); nmt_newt_grid_set_flags(NMT_NEWT_GRID(grid), list, NMT_NEWT_GRID_FILL_X | NMT_NEWT_GRID_FILL_Y | NMT_NEWT_GRID_EXPAND_X | NMT_NEWT_GRID_EXPAND_Y); g_signal_connect(list, "activated", G_CALLBACK(listbox_activated), NULL); bbox = nmt_newt_button_box_new(NMT_NEWT_BUTTON_BOX_VERTICAL); nmt_newt_grid_add(NMT_NEWT_GRID(grid), bbox, 1, 0); nmt_newt_widget_set_padding(bbox, 1, 1, 0, 1); activate = nmt_newt_button_box_add_start(NMT_NEWT_BUTTON_BOX(bbox), _("Activate")); g_signal_connect(list, "notify::active", G_CALLBACK(listbox_active_changed), activate); listbox_active_changed(G_OBJECT(list), NULL, activate); g_signal_connect(activate, "clicked", G_CALLBACK(activate_clicked), list); quit = nmt_newt_button_box_add_end(NMT_NEWT_BUTTON_BOX(bbox), is_top ? _("Quit") : _("Back")); nmt_newt_widget_set_exit_on_activate(quit, TRUE); nmt_newt_form_set_content(form, grid); return form; } static NmtNewtForm * nmt_connect_connection(const char *identifier) { NmtNewtWidget * list; NMConnection * connection; NMDevice * device; NMObject * specific_object; NMActiveConnection *ac; list = nmt_connect_connection_list_new(); if (!nmt_connect_connection_list_get_connection(NMT_CONNECT_CONNECTION_LIST(list), identifier, &connection, &device, &specific_object, &ac)) nmt_newt_message_dialog(_("No such connection '%s'"), identifier); else if (ac) nmt_newt_message_dialog(_("Connection is already active")); else activate_connection(connection, device, specific_object); g_object_unref(list); return NULL; } NmtNewtForm * nmtui_connect(gboolean is_top, int argc, char **argv) { if (argc == 2) return nmt_connect_connection(argv[1]); else return nmt_connect_connection_list(is_top); }