// SPDX-License-Identifier: GPL-2.0+
/* NetworkManager Connection editor -- Connection editor for NetworkManager
*
* Copyright 2017 Red Hat, Inc.
*/
#include "nm-default.h"
#include <string.h>
#include "page-macsec.h"
#include "nm-connection-editor.h"
#include "nma-ui-utils.h"
G_DEFINE_TYPE (CEPageMacsec, ce_page_macsec, CE_TYPE_PAGE)
#define CE_PAGE_MACSEC_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), CE_TYPE_PAGE_MACSEC, CEPageMacsecPrivate))
typedef struct {
NMSettingMacsec *setting;
GtkEntry *name;
GtkComboBoxText *parent;
GtkComboBox *mode;
GtkEntry *cak;
GtkEntry *ckn;
GtkToggleButton *encryption;
GtkComboBox *validation;
GtkSpinButton *sci_port;
} CEPageMacsecPrivate;
static void
macsec_private_init (CEPageMacsec *self)
{
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
GtkBuilder *builder;
builder = CE_PAGE (self)->builder;
priv->name = GTK_ENTRY (gtk_builder_get_object (builder, "macsec_name"));
priv->parent = GTK_COMBO_BOX_TEXT (gtk_builder_get_object (builder, "macsec_parent"));
priv->mode = GTK_COMBO_BOX (gtk_builder_get_object (builder, "macsec_mode"));
priv->cak = GTK_ENTRY (gtk_builder_get_object (builder, "macsec_cak"));
priv->ckn = GTK_ENTRY (gtk_builder_get_object (builder, "macsec_ckn"));
priv->encryption = GTK_TOGGLE_BUTTON (gtk_builder_get_object (builder, "macsec_encryption"));
priv->validation = GTK_COMBO_BOX (gtk_builder_get_object (builder, "macsec_validation"));
priv->sci_port = GTK_SPIN_BUTTON (gtk_builder_get_object (builder, "macsec_sci_port"));
}
static void
mode_changed (GtkComboBox *combo, gpointer user_data)
{
CEPageMacsec *self = user_data;
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
NMSettingMacsecMode mode;
NMConnection *connection;
gboolean mode_psk;
mode = gtk_combo_box_get_active (combo);
mode_psk = mode == NM_SETTING_MACSEC_MODE_PSK;
gtk_widget_set_sensitive (GTK_WIDGET (priv->cak), mode_psk);
gtk_widget_set_sensitive (GTK_WIDGET (priv->ckn), mode_psk);
if (!mode_psk) {
gtk_entry_set_text (priv->cak, "");
gtk_entry_set_text (priv->ckn, "");
connection = CE_PAGE (self)->connection;
if (!nm_connection_get_setting_802_1x (connection))
nm_connection_add_setting (connection, nm_setting_802_1x_new ());
}
nm_connection_editor_inter_page_set_value (CE_PAGE (self)->editor,
INTER_PAGE_CHANGE_MACSEC_MODE,
GUINT_TO_POINTER (mode));
ce_page_changed (CE_PAGE (user_data));
}
static void
populate_ui (CEPageMacsec *self, NMConnection *connection)
{
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
NMSettingMacsec *setting = priv->setting;
NMSettingMacsecMode mode;
NMSettingMacsecValidation validation;
const char *cak = "", *ckn = "", *str;
str = nm_connection_get_interface_name (CE_PAGE (self)->connection);
if (str)
gtk_entry_set_text (priv->name, str);
str = nm_setting_macsec_get_parent (setting);
ce_page_setup_device_combo (CE_PAGE (self), GTK_COMBO_BOX (priv->parent),
G_TYPE_NONE, str,
NULL, NULL);
mode = nm_setting_macsec_get_mode (setting);
if (mode >= NM_SETTING_MACSEC_MODE_PSK && mode <= NM_SETTING_MACSEC_MODE_EAP)
gtk_combo_box_set_active (priv->mode, mode);
if (mode == NM_SETTING_MACSEC_MODE_PSK) {
cak = nm_setting_macsec_get_mka_cak (setting);
ckn = nm_setting_macsec_get_mka_ckn (setting);
}
gtk_entry_set_text (priv->cak, cak ?: "");
gtk_entry_set_text (priv->ckn, ckn ?: "");
nma_utils_setup_password_storage ((GtkWidget *) priv->cak, 0,
(NMSetting *) priv->setting,
NM_SETTING_MACSEC_MKA_CAK,
FALSE, FALSE);
gtk_toggle_button_set_active (priv->encryption,
nm_setting_macsec_get_encrypt (setting));
validation = nm_setting_macsec_get_validation (setting);
if ( validation >= NM_SETTING_MACSEC_VALIDATION_DISABLE
&& validation <= NM_SETTING_MACSEC_VALIDATION_STRICT)
gtk_combo_box_set_active (priv->validation, validation);
gtk_spin_button_set_value (priv->sci_port, nm_setting_macsec_get_port (setting));
mode_changed (priv->mode, self);
}
static void
stuff_changed (GtkEditable *editable, gpointer user_data)
{
ce_page_changed (CE_PAGE (user_data));
}
static void
finish_setup (CEPageMacsec *self, gpointer user_data)
{
CEPage *parent = CE_PAGE (self);
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
populate_ui (self, parent->connection);
g_signal_connect (priv->name, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->parent, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->mode, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->cak, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->ckn, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->sci_port, "value-changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->validation, "changed", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->encryption, "toggled", G_CALLBACK (stuff_changed), self);
g_signal_connect (priv->mode, "changed", G_CALLBACK (mode_changed), self);
}
CEPage *
ce_page_macsec_new (NMConnectionEditor *editor,
NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageMacsec *self;
CEPageMacsecPrivate *priv;
self = CE_PAGE_MACSEC (ce_page_new (CE_TYPE_PAGE_MACSEC,
editor,
connection,
parent_window,
client,
"/org/gnome/nm_connection_editor/ce-page-macsec.ui",
"MacsecPage",
_("MACsec")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load MACsec user interface."));
return NULL;
}
macsec_private_init (self);
priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
priv->setting = nm_connection_get_setting_macsec (connection);
if (!priv->setting) {
priv->setting = NM_SETTING_MACSEC (nm_setting_macsec_new ());
nm_connection_add_setting (connection, NM_SETTING (priv->setting));
}
g_signal_connect (self, CE_PAGE_INITIALIZED, G_CALLBACK (finish_setup), NULL);
*out_secrets_setting_name = NM_SETTING_MACSEC_SETTING_NAME;
return CE_PAGE (self);
}
static void
ui_to_setting (CEPageMacsec *self)
{
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
NMSettingConnection *s_con;
const char *parent = NULL;
const char *cak = NULL;
const char *ckn = NULL;
NMSettingMacsecMode mode;
gboolean encryption;
NMSettingMacsecValidation validation;
gint sci_port;
GtkWidget *entry;
NMSettingSecretFlags secret_flags;
s_con = nm_connection_get_setting_connection (CE_PAGE (self)->connection);
g_return_if_fail (s_con != NULL);
g_object_set (s_con,
NM_SETTING_CONNECTION_INTERFACE_NAME, gtk_entry_get_text (priv->name),
NULL);
entry = gtk_bin_get_child (GTK_BIN (priv->parent));
if (entry) {
ce_page_device_entry_get (GTK_ENTRY (entry), ARPHRD_ETHER, TRUE,
(char **) &parent, NULL, NULL, NULL);
}
mode = gtk_combo_box_get_active (priv->mode);
if (mode == NM_SETTING_MACSEC_MODE_PSK) {
cak = gtk_entry_get_text (priv->cak);
ckn = gtk_entry_get_text (priv->ckn);
}
encryption = gtk_toggle_button_get_active (priv->encryption);
validation = gtk_combo_box_get_active (priv->validation);
sci_port = gtk_spin_button_get_value_as_int (priv->sci_port);
g_object_set (priv->setting,
NM_SETTING_MACSEC_PARENT, parent,
NM_SETTING_MACSEC_MODE, mode,
NM_SETTING_MACSEC_MKA_CAK, cak,
NM_SETTING_MACSEC_MKA_CKN, ckn,
NM_SETTING_MACSEC_ENCRYPT, encryption,
NM_SETTING_MACSEC_VALIDATION, validation,
NM_SETTING_MACSEC_PORT, sci_port,
NULL);
/* Save CAK flags to the connection */
secret_flags = nma_utils_menu_to_secret_flags ((GtkWidget *) priv->cak);
nm_setting_set_secret_flags (NM_SETTING (priv->setting), NM_SETTING_MACSEC_MKA_CAK,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
nma_utils_update_password_storage ((GtkWidget *) priv->cak, secret_flags,
NM_SETTING (priv->setting), NM_SETTING_MACSEC_MKA_CAK);
}
static gboolean
ce_page_validate_v (CEPage *page, NMConnection *connection, GError **error)
{
CEPageMacsec *self = CE_PAGE_MACSEC (page);
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (self);
ui_to_setting (self);
return nm_setting_verify (NM_SETTING (priv->setting), connection, error);
}
static gboolean
inter_page_change (CEPage *page)
{
CEPageMacsecPrivate *priv = CE_PAGE_MACSEC_GET_PRIVATE (page);
gpointer enable;
if (nm_connection_editor_inter_page_get_value (page->editor,
INTER_PAGE_CHANGE_802_1X_ENABLE,
&enable)) {
gtk_combo_box_set_active (priv->mode,
GPOINTER_TO_INT (enable) ?
NM_SETTING_MACSEC_MODE_EAP :
NM_SETTING_MACSEC_MODE_PSK);
ce_page_changed (page);
}
return TRUE;
}
static void
ce_page_macsec_init (CEPageMacsec *self)
{
}
static void
ce_page_macsec_class_init (CEPageMacsecClass *macsec_class)
{
GObjectClass *object_class = G_OBJECT_CLASS (macsec_class);
CEPageClass *parent_class = CE_PAGE_CLASS (macsec_class);
g_type_class_add_private (object_class, sizeof (CEPageMacsecPrivate));
/* virtual methods */
parent_class->ce_page_validate_v = ce_page_validate_v;
parent_class->inter_page_change = inter_page_change;
}
void
macsec_connection_new (FUNC_TAG_PAGE_NEW_CONNECTION_IMPL,
GtkWindow *parent,
const char *detail,
gpointer detail_data,
NMConnection *connection,
NMClient *client,
PageNewConnectionResultFunc result_func,
gpointer user_data)
{
gs_unref_object NMConnection *connection_tmp = NULL;
connection = _ensure_connection_other (connection, &connection_tmp);
ce_page_complete_connection (connection,
_("MACSEC connection %d"),
NM_SETTING_MACSEC_SETTING_NAME,
FALSE,
client);
nm_connection_add_setting (connection, nm_setting_macsec_new ());
nm_connection_add_setting (connection, nm_setting_wired_new ());
(*result_func) (FUNC_TAG_PAGE_NEW_CONNECTION_RESULT_CALL, connection, FALSE, NULL, user_data);
}