From 1a6468380204bf782ba5974c746af5fc78d410fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= Date: Thu, 11 Sep 2014 16:34:50 +0200 Subject: [PATCH 1/4] cli: add '--show-secrets' option for 'nmcli connection show' It can be used to display connection secrets (passwords). When used, it will get secrets for the connection profile and merge it into the connection's settings before displaying it. Example: nmcli con show -s hotel-wifi --- clients/cli/connections.c | 45 +++++++++++++++++++++++++++++++-------- man/nmcli.1.in | 15 ++++++++----- 2 files changed, 46 insertions(+), 14 deletions(-) diff --git a/clients/cli/connections.c b/clients/cli/connections.c index f5656ab26d..fd4ad4330a 100644 --- a/clients/cli/connections.c +++ b/clients/cli/connections.c @@ -248,7 +248,7 @@ usage (void) { g_printerr (_("Usage: nmcli connection { COMMAND | help }\n\n" "COMMAND := { show | up | down | add | modify | edit | delete | reload | load }\n\n" - " show [--active] [[id | uuid | path | apath] ] ...\n\n" + " show [--active] [[--show-secrets] [id | uuid | path | apath] ] ...\n\n" #if WITH_WIMAX " up [[id | uuid | path] ] [ifname ] [ap ] [nsp ]\n\n" #else @@ -276,13 +276,13 @@ usage_connection_show (void) "profiles are listed. When --active option is specified, only the active\n" "profiles are shown.\n" "\n" - "ARGUMENTS := [--active] [id | uuid | path | apath] ...\n" + "ARGUMENTS := [--active] [--show-secrets] [id | uuid | path | apath] ...\n" "\n" "Show details for specified connections. By default, both static configuration\n" "and active connection data are displayed. It is possible to filter the output\n" "using global '--fields' option. Refer to the manual page for more information.\n" "When --active option is specified, only the active profiles are taken into\n" - "account.\n")); + "account. --show-secrets option will reveal associated secrets as well.\n")); } static void @@ -615,6 +615,21 @@ get_ac_for_connection (const GPtrArray *active_cons, NMConnection *connection) return ac; } +static void +update_secrets_in_connection (NMRemoteConnection *con) +{ + GVariant *secrets; + int i; + + for (i = 0; nmc_fields_settings_names[i].name; i++) { + secrets = nm_remote_connection_get_secrets (con, nmc_fields_settings_names[i].name, NULL, NULL); + if (secrets) { + (void) nm_connection_update_secrets (NM_CONNECTION (con), NULL, secrets, NULL); + g_variant_unref (secrets); + } + } +} + static gboolean nmc_connection_profile_details (NMConnection *connection, NmCli *nmc) { @@ -1312,7 +1327,8 @@ split_required_fields_for_con_show (const char *input, } static NMCResultCode -do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv) +do_connections_show (NmCli *nmc, gboolean active_only, gboolean show_secrets, + int argc, char **argv) { GError *err = NULL; char *profile_flds = NULL, *active_flds = NULL; @@ -1427,6 +1443,8 @@ do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv) if (without_fields || profile_flds) { if (con) { nmc->required_fields = profile_flds; + if (show_secrets) + update_secrets_in_connection (NM_REMOTE_CONNECTION (con)); res = nmc_connection_profile_details (con, nmc); nmc->required_fields = NULL; if (!res) @@ -8524,17 +8542,26 @@ do_connections (NmCli *nmc, int argc, char **argv) if (argc == 0) { if (!nmc_terse_option_check (nmc->print_output, nmc->required_fields, &error)) goto opt_error; - nmc->return_value = do_connections_show (nmc, FALSE, argc, argv); + nmc->return_value = do_connections_show (nmc, FALSE, FALSE, argc, argv); } else { if (matches (*argv, "show") == 0) { gboolean active = FALSE; + gboolean show_secrets = FALSE; + int i; next_arg (&argc, &argv); - if (nmc_arg_is_option (*argv, "active")) { - active = TRUE; - next_arg (&argc, &argv); + /* check connection show options [--active] [--show-secrets] */ + for (i = 0; i < 2; i++) { + if (!active && nmc_arg_is_option (*argv, "active")) { + active = TRUE; + next_arg (&argc, &argv); + } + if (!show_secrets && nmc_arg_is_option (*argv, "show-secrets")) { + show_secrets = TRUE; + next_arg (&argc, &argv); + } } - nmc->return_value = do_connections_show (nmc, active, argc, argv); + nmc->return_value = do_connections_show (nmc, active, show_secrets, argc, argv); } else if (matches(*argv, "up") == 0) { nmc->return_value = do_connection_up (nmc, argc-1, argv+1); } else if (matches(*argv, "down") == 0) { diff --git a/man/nmcli.1.in b/man/nmcli.1.in index 308dbeccc2..b662c4a82e 100644 --- a/man/nmcli.1.in +++ b/man/nmcli.1.in @@ -19,9 +19,9 @@ .\" with this manual; if not, write to the Free Software Foundation, Inc., .\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. .\" -.\" Copyright (C) 2010 - 2014 Red Hat, Inc. +.\" Copyright 2010 - 2014 Red Hat, Inc. .\" -.TH NMCLI "1" "11 July 2014" +.TH NMCLI "1" "11 September 2014" .SH NAME nmcli \- command\(hyline tool for controlling NetworkManager @@ -287,12 +287,12 @@ active if a device is using that connection profile. Without a parameter, all profiles are listed. When --active option is specified, only the active profiles are shown. .TP -.B show [--active] [ id | uuid | path | apath ] ... +.B show [--active] [--show-secrets] [ id | uuid | path | apath ] ... .br Show details for specified connections. By default, both static configuration and active connection data are displayed. When --active option is specified, -only the active profiles are taken into -account. +only the active profiles are taken into account. When --show-secrets option is +specified, secrets associated with the profile will be revealed too. \fIid\fP, \fIuuid\fP, \fIpath\fP and \fIapath\fP keywords can be used if \fI\fP is ambiguous. .RS @@ -859,6 +859,11 @@ shows all connection profile names and their auto-connect property. .IP shows details for "My default em1" connection profile. +.IP "\fB\f(CWnmcli connection show --show-secrets \(dq\&My Home WiFi\(dq\&\fP\fP" +.IP +shows details for "My Home WiFi" connection profile with all passwords. +Without \fI--show-secrets\fP option, secrets would not be displayed. + .IP "\fB\f(CWnmcli \-f active connection show \(dq\&My default em1\(dq\&\fP\fP" .IP shows details for "My default em1" active connection, like IP, DHCP From 2a40acc67d8d3eaefd8d70e4f899dfc460f1c3c1 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Wed, 29 Oct 2014 20:36:16 +0100 Subject: [PATCH 2/4] cli/bash-completion: update bash completion for '--show-secrets' option --- clients/cli/nmcli-completion | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/clients/cli/nmcli-completion b/clients/cli/nmcli-completion index 8c1cfaa713..3017dc40b3 100644 --- a/clients/cli/nmcli-completion +++ b/clients/cli/nmcli-completion @@ -170,6 +170,9 @@ _nmcli_compl_OPTIONS() ask) _nmcli_array_delete_at words 0 ;; + show-secrets) + _nmcli_array_delete_at words 0 + ;; active) _nmcli_array_delete_at words 0 ;; @@ -761,11 +764,11 @@ _nmcli() case "$command" in s|sh|sho|show) if [[ ${#words[@]} -eq 3 ]]; then - _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active + _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active show-secrets elif [[ ${#words[@]} -gt 3 ]]; then _nmcli_array_delete_at words 0 1 - LONG_OPTIONS=(help active) + LONG_OPTIONS=(help active show-secrets) HELP_ONLY_AS_FIRST=1 _nmcli_compl_OPTIONS i=$? From b4e013abed2d0a47f27b57714f9fe88c5d66200b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= Date: Mon, 29 Sep 2014 12:22:39 +0200 Subject: [PATCH 3/4] cli: display '' string for secret properties unless the user explicitly say to show them. --- clients/cli/connections.c | 10 ++--- clients/cli/settings.c | 95 ++++++++++++++++++++------------------- clients/cli/settings.h | 2 +- 3 files changed, 55 insertions(+), 52 deletions(-) diff --git a/clients/cli/connections.c b/clients/cli/connections.c index fd4ad4330a..2657800344 100644 --- a/clients/cli/connections.c +++ b/clients/cli/connections.c @@ -631,7 +631,7 @@ update_secrets_in_connection (NMRemoteConnection *con) } static gboolean -nmc_connection_profile_details (NMConnection *connection, NmCli *nmc) +nmc_connection_profile_details (NMConnection *connection, NmCli *nmc, gboolean secrets) { GError *error = NULL; GArray *print_settings_array; @@ -683,7 +683,7 @@ nmc_connection_profile_details (NMConnection *connection, NmCli *nmc) setting = nm_connection_get_setting_by_name (connection, nmc_fields_settings_names[section_idx].name); if (setting) { - setting_details (setting, nmc, prop_name); + setting_details (setting, nmc, prop_name, secrets); was_output = TRUE; continue; } @@ -1445,7 +1445,7 @@ do_connections_show (NmCli *nmc, gboolean active_only, gboolean show_secrets, nmc->required_fields = profile_flds; if (show_secrets) update_secrets_in_connection (NM_REMOTE_CONNECTION (con)); - res = nmc_connection_profile_details (con, nmc); + res = nmc_connection_profile_details (con, nmc, show_secrets); nmc->required_fields = NULL; if (!res) goto finish; @@ -6023,7 +6023,7 @@ editor_show_connection (NMConnection *connection, NmCli *nmc) /* Remove any previous data */ nmc_empty_output_fields (nmc); - nmc_connection_profile_details (connection, nmc); + nmc_connection_profile_details (connection, nmc, FALSE); } static void @@ -6039,7 +6039,7 @@ editor_show_setting (NMSetting *setting, NmCli *nmc) /* Remove any previous data */ nmc_empty_output_fields (nmc); - setting_details (setting, nmc, NULL); + setting_details (setting, nmc, NULL, FALSE); } typedef enum { diff --git a/clients/cli/settings.c b/clients/cli/settings.c index d00361897d..136c818641 100644 --- a/clients/cli/settings.c +++ b/clients/cli/settings.c @@ -14,7 +14,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * (C) Copyright 2010 - 2014 Red Hat, Inc. + * Copyright 2010 - 2014 Red Hat, Inc. */ #include "config.h" @@ -6524,8 +6524,11 @@ nmc_property_set_gvalue (NMSetting *setting, const char *prop, GValue *value) /*----------------------------------------------------------------------------*/ +#define GET_SECRET(show, setting, func) \ + (show ? func (setting) : g_strdup (_(""))) + static gboolean -setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingConnection *s_con = NM_SETTING_CONNECTION (setting); NmcOutputField *tmpl, *arr; @@ -6564,7 +6567,7 @@ setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop } static gboolean -setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingWired *s_wired = NM_SETTING_WIRED (setting); NmcOutputField *tmpl, *arr; @@ -6600,7 +6603,7 @@ setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSetting8021x *s_8021x = NM_SETTING_802_1X (setting); NmcOutputField *tmpl, *arr; @@ -6636,17 +6639,17 @@ setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop) set_val_str (arr, 17, nmc_property_802_1X_get_phase2_subject_match (setting)); set_val_str (arr, 18, nmc_property_802_1X_get_phase2_altsubject_matches (setting)); set_val_str (arr, 19, nmc_property_802_1X_get_phase2_client_cert (setting)); - set_val_str (arr, 20, nmc_property_802_1X_get_password (setting)); + set_val_str (arr, 20, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password)); set_val_str (arr, 21, nmc_property_802_1X_get_password_flags (setting)); - set_val_str (arr, 22, nmc_property_802_1X_get_password_raw (setting)); + set_val_str (arr, 22, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password_raw)); set_val_str (arr, 23, nmc_property_802_1X_get_password_raw_flags (setting)); set_val_str (arr, 24, nmc_property_802_1X_get_private_key (setting)); - set_val_str (arr, 25, nmc_property_802_1X_get_private_key_password (setting)); + set_val_str (arr, 25, GET_SECRET (secrets, setting, nmc_property_802_1X_get_private_key_password)); set_val_str (arr, 26, nmc_property_802_1X_get_private_key_password_flags (setting)); set_val_str (arr, 27, nmc_property_802_1X_get_phase2_private_key (setting)); - set_val_str (arr, 28, nmc_property_802_1X_get_phase2_private_key_password (setting)); + set_val_str (arr, 28, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_private_key_password)); set_val_str (arr, 29, nmc_property_802_1X_get_phase2_private_key_password_flags (setting)); - set_val_str (arr, 30, nmc_property_802_1X_get_pin (setting)); + set_val_str (arr, 30, GET_SECRET (secrets, setting, nmc_property_802_1X_get_pin)); set_val_str (arr, 31, nmc_property_802_1X_get_pin_flags (setting)); set_val_str (arr, 32, nmc_property_802_1X_get_system_ca_certs (setting)); g_ptr_array_add (nmc->output_data, arr); @@ -6657,7 +6660,7 @@ setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingWireless *s_wireless = NM_SETTING_WIRELESS (setting); NmcOutputField *tmpl, *arr; @@ -6695,7 +6698,7 @@ setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingWirelessSecurity *s_wireless_sec = NM_SETTING_WIRELESS_SECURITY (setting); NmcOutputField *tmpl, *arr; @@ -6719,15 +6722,15 @@ setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *o set_val_str (arr, 5, nmc_property_wifi_sec_get_pairwise (setting)); set_val_str (arr, 6, nmc_property_wifi_sec_get_group (setting)); set_val_str (arr, 7, nmc_property_wifi_sec_get_leap_username (setting)); - set_val_str (arr, 8, nmc_property_wifi_sec_get_wep_key0 (setting)); - set_val_str (arr, 9, nmc_property_wifi_sec_get_wep_key1 (setting)); - set_val_str (arr, 10, nmc_property_wifi_sec_get_wep_key2 (setting)); - set_val_str (arr, 11, nmc_property_wifi_sec_get_wep_key3 (setting)); + set_val_str (arr, 8, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key0)); + set_val_str (arr, 9, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key1)); + set_val_str (arr, 10, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key2)); + set_val_str (arr, 11, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key3)); set_val_str (arr, 12, nmc_property_wifi_sec_get_wep_key_flags (setting)); set_val_str (arr, 13, nmc_property_wifi_sec_get_wep_key_type (setting)); - set_val_str (arr, 14, nmc_property_wifi_sec_get_psk (setting)); + set_val_str (arr, 14, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_psk)); set_val_str (arr, 15, nmc_property_wifi_sec_get_psk_flags (setting)); - set_val_str (arr, 16, nmc_property_wifi_sec_get_leap_password (setting)); + set_val_str (arr, 16, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_leap_password)); set_val_str (arr, 17, nmc_property_wifi_sec_get_leap_password_flags (setting)); g_ptr_array_add (nmc->output_data, arr); @@ -6737,7 +6740,7 @@ setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *o } static gboolean -setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingIP4Config *s_ip4 = NM_SETTING_IP4_CONFIG (setting); NmcOutputField *tmpl, *arr; @@ -6774,7 +6777,7 @@ setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop } static gboolean -setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingIP6Config *s_ip6 = NM_SETTING_IP6_CONFIG (setting); NmcOutputField *tmpl, *arr; @@ -6810,7 +6813,7 @@ setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop } static gboolean -setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingSerial *s_serial = NM_SETTING_SERIAL (setting); NmcOutputField *tmpl, *arr; @@ -6840,7 +6843,7 @@ setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingPpp *s_ppp = NM_SETTING_PPP (setting); NmcOutputField *tmpl, *arr; @@ -6883,7 +6886,7 @@ setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingPppoe *s_pppoe = NM_SETTING_PPPOE (setting); NmcOutputField *tmpl, *arr; @@ -6902,7 +6905,7 @@ setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop) set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting))); set_val_str (arr, 1, nmc_property_pppoe_get_service (setting)); set_val_str (arr, 2, nmc_property_pppoe_get_username (setting)); - set_val_str (arr, 3, nmc_property_pppoe_get_password (setting)); + set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_pppoe_get_password)); set_val_str (arr, 4, nmc_property_pppoe_get_password_flags (setting)); g_ptr_array_add (nmc->output_data, arr); @@ -6912,7 +6915,7 @@ setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingGsm *s_gsm = NM_SETTING_GSM (setting); NmcOutputField *tmpl, *arr; @@ -6931,11 +6934,11 @@ setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop) set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting))); set_val_str (arr, 1, nmc_property_gsm_get_number (setting)); set_val_str (arr, 2, nmc_property_gsm_get_username (setting)); - set_val_str (arr, 3, nmc_property_gsm_get_password (setting)); + set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_gsm_get_password)); set_val_str (arr, 4, nmc_property_gsm_get_password_flags (setting)); set_val_str (arr, 5, nmc_property_gsm_get_apn (setting)); set_val_str (arr, 6, nmc_property_gsm_get_network_id (setting)); - set_val_str (arr, 7, nmc_property_gsm_get_pin (setting)); + set_val_str (arr, 7, GET_SECRET (secrets, setting, nmc_property_gsm_get_pin)); set_val_str (arr, 8, nmc_property_gsm_get_pin_flags (setting)); set_val_str (arr, 9, nmc_property_gsm_get_home_only (setting)); g_ptr_array_add (nmc->output_data, arr); @@ -6946,7 +6949,7 @@ setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingCdma *s_cdma = NM_SETTING_CDMA (setting); NmcOutputField *tmpl, *arr; @@ -6965,7 +6968,7 @@ setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop) set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting))); set_val_str (arr, 1, nmc_property_cdma_get_number (setting)); set_val_str (arr, 2, nmc_property_cdma_get_username (setting)); - set_val_str (arr, 3, nmc_property_cdma_get_password (setting)); + set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_cdma_get_password)); set_val_str (arr, 4, nmc_property_cdma_get_password_flags (setting)); g_ptr_array_add (nmc->output_data, arr); @@ -6975,7 +6978,7 @@ setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingBluetooth *s_bluetooth = NM_SETTING_BLUETOOTH (setting); NmcOutputField *tmpl, *arr; @@ -7002,7 +7005,7 @@ setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingOlpcMesh *s_olpc_mesh = NM_SETTING_OLPC_MESH (setting); NmcOutputField *tmpl, *arr; @@ -7030,7 +7033,7 @@ setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingVpn *s_vpn = NM_SETTING_VPN (setting); NmcOutputField *tmpl, *arr; @@ -7050,7 +7053,7 @@ setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop) set_val_str (arr, 1, nmc_property_vpn_get_service_type (setting)); set_val_str (arr, 2, nmc_property_vpn_get_user_name (setting)); set_val_str (arr, 3, nmc_property_vpn_get_data (setting)); - set_val_str (arr, 4, nmc_property_vpn_get_secrets (setting)); + set_val_str (arr, 4, GET_SECRET (secrets, setting, nmc_property_vpn_get_secrets)); g_ptr_array_add (nmc->output_data, arr); print_data (nmc); /* Print all data */ @@ -7059,7 +7062,7 @@ setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingWimax *s_wimax = NM_SETTING_WIMAX (setting); NmcOutputField *tmpl, *arr; @@ -7086,7 +7089,7 @@ setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingInfiniband *s_infiniband = NM_SETTING_INFINIBAND (setting); NmcOutputField *tmpl, *arr; @@ -7116,7 +7119,7 @@ setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop } static gboolean -setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingBond *s_bond = NM_SETTING_BOND (setting); NmcOutputField *tmpl, *arr; @@ -7142,7 +7145,7 @@ setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingVlan *s_vlan = NM_SETTING_VLAN (setting); NmcOutputField *tmpl, *arr; @@ -7172,7 +7175,7 @@ setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingAdsl *s_adsl = NM_SETTING_ADSL (setting); NmcOutputField *tmpl, *arr; @@ -7190,7 +7193,7 @@ setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop) arr = nmc_dup_fields_array (tmpl, tmpl_len, NMC_OF_FLAG_SECTION_PREFIX); set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting))); set_val_str (arr, 1, nmc_property_adsl_get_username (setting)); - set_val_str (arr, 2, nmc_property_adsl_get_password (setting)); + set_val_str (arr, 2, GET_SECRET (secrets, setting, nmc_property_adsl_get_password)); set_val_str (arr, 3, nmc_property_adsl_get_password_flags (setting)); set_val_str (arr, 4, nmc_property_adsl_get_protocol (setting)); set_val_str (arr, 5, nmc_property_adsl_get_encapsulation (setting)); @@ -7204,7 +7207,7 @@ setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingBridge *s_bridge = NM_SETTING_BRIDGE (setting); NmcOutputField *tmpl, *arr; @@ -7236,7 +7239,7 @@ setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingBridgePort *s_bridge_port = NM_SETTING_BRIDGE_PORT (setting); NmcOutputField *tmpl, *arr; @@ -7264,7 +7267,7 @@ setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_pro } static gboolean -setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingTeam *s_team = NM_SETTING_TEAM (setting); NmcOutputField *tmpl, *arr; @@ -7290,7 +7293,7 @@ setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingTeamPort *s_team_port = NM_SETTING_TEAM_PORT (setting); NmcOutputField *tmpl, *arr; @@ -7316,7 +7319,7 @@ setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop) } static gboolean -setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { NMSettingDcb *s_dcb = NM_SETTING_DCB (setting); NmcOutputField *tmpl, *arr; @@ -7357,7 +7360,7 @@ setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop) typedef struct { const char *sname; - gboolean (*func) (NMSetting *setting, NmCli *nmc, const char *one_prop); + gboolean (*func) (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets); } SettingDetails; static const SettingDetails detail_printers[] = { @@ -7390,7 +7393,7 @@ static const SettingDetails detail_printers[] = { }; gboolean -setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop) +setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets) { const SettingDetails *iter = &detail_printers[0]; @@ -7398,7 +7401,7 @@ setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop) while (iter->sname) { if (nm_setting_lookup_type (iter->sname) == G_OBJECT_TYPE (setting)) - return iter->func (setting, nmc, one_prop); + return iter->func (setting, nmc, one_prop, secrets); iter++; } diff --git a/clients/cli/settings.h b/clients/cli/settings.h index d9e9483889..ad74fc9053 100644 --- a/clients/cli/settings.h +++ b/clients/cli/settings.h @@ -61,6 +61,6 @@ void nmc_property_set_default_value (NMSetting *setting, const char *prop); gboolean nmc_property_get_gvalue (NMSetting *setting, const char *prop, GValue *value); gboolean nmc_property_set_gvalue (NMSetting *setting, const char *prop, GValue *value); -gboolean setting_details (NMSetting *ssetting, NmCli *nmc, const char *one_prop); +gboolean setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets); #endif /* NMC_SETTINGS_H */ From 45590f809addf82531616a55a30d4f4656f128e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= Date: Mon, 29 Sep 2014 13:57:22 +0200 Subject: [PATCH 4/4] cli: allow showing secrets in the editor --- clients/cli/connections.c | 27 +++++++++++++++++++++++---- clients/cli/nmcli.c | 1 + clients/cli/nmcli.h | 3 ++- 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/clients/cli/connections.c b/clients/cli/connections.c index 2657800344..329012a1fd 100644 --- a/clients/cli/connections.c +++ b/clients/cli/connections.c @@ -5380,7 +5380,7 @@ gen_nmcli_cmds_submenu (const char *text, int state) static char * gen_cmd_nmcli (const char *text, int state) { - const char *words[] = { "status-line", "save-confirmation", "prompt-color", NULL }; + const char *words[] = { "status-line", "save-confirmation", "show-secrets", "prompt-color", NULL }; return nmc_rl_gen_func_basic (text, state, words); } @@ -5612,6 +5612,8 @@ get_gen_func_cmd_nmcli (const char *str) return gen_func_bool_values; if (matches (str, "save-confirmation") == 0) return gen_func_bool_values; + if (matches (str, "show-secrets") == 0) + return gen_func_bool_values; if (matches (str, "prompt-color") == 0) return gen_cmd_nmcli_prompt_color; return NULL; @@ -6023,7 +6025,7 @@ editor_show_connection (NMConnection *connection, NmCli *nmc) /* Remove any previous data */ nmc_empty_output_fields (nmc); - nmc_connection_profile_details (connection, nmc, FALSE); + nmc_connection_profile_details (connection, nmc, nmc->editor_show_secrets); } static void @@ -6039,7 +6041,7 @@ editor_show_setting (NMSetting *setting, NmCli *nmc) /* Remove any previous data */ nmc_empty_output_fields (nmc); - setting_details (setting, nmc, NULL, FALSE); + setting_details (setting, nmc, NULL, nmc->editor_show_secrets); } typedef enum { @@ -6204,6 +6206,7 @@ editor_main_help (const char *command) "Configures nmcli. The following options are available:\n" "status-line yes | no [default: no]\n" "save-confirmation yes | no [default: yes]\n" + "show-secrets yes | no [default: no]\n" "prompt-color <0-8> [default: 0]\n" " 0 = normal\n" " 1 = \33[30mblack\33[0m\n" @@ -7026,6 +7029,12 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t g_weak_ref_init (&weak, con_tmp); rem_con = g_weak_ref_get (&weak); + /* Merge secrets into the connection */ + if (rem_con) { + update_secrets_in_connection (rem_con); + nm_connection_replace_settings_from_connection (connection, NM_CONNECTION (rem_con)); + } + while (cmd_loop) { /* Connection is dirty? (not saved or differs from the saved) */ dirty = is_connection_dirty (connection, rem_con); @@ -7633,6 +7642,14 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t g_clear_error (&tmp_err); } else nmc->editor_save_confirmation = bb; + } else if (cmd_arg_p && matches (cmd_arg_p, "show-secrets") == 0) { + GError *tmp_err = NULL; + gboolean bb; + if (!nmc_string_to_bool (cmd_arg_v ? g_strstrip (cmd_arg_v) : "", &bb, &tmp_err)) { + g_print (_("Error: show-secrets: %s\n"), tmp_err->message); + g_clear_error (&tmp_err); + } else + nmc->editor_show_secrets = bb; } else if (cmd_arg_p && matches (cmd_arg_p, "prompt-color") == 0) { unsigned long color; if (!nmc_string_to_uint (cmd_arg_v ? g_strstrip (cmd_arg_v) : "X", @@ -7652,13 +7669,15 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t g_print (_("Current nmcli configuration:\n")); g_print ("status-line: %s\n" "save-confirmation: %s\n" + "show-secrets: %s\n" "prompt-color: %d\n", nmc->editor_status_line ? "yes" : "no", nmc->editor_save_confirmation ? "yes" : "no", + nmc->editor_show_secrets ? "yes" : "no", nmc->editor_prompt_color); } else g_print (_("Invalid configuration option '%s'; allowed [%s]\n"), - cmd_arg_v ? cmd_arg_v : "", "status-line, save-confirmation, prompt-color"); + cmd_arg_v ? cmd_arg_v : "", "status-line, save-confirmation, show-secrets, prompt-color"); break; diff --git a/clients/cli/nmcli.c b/clients/cli/nmcli.c index ca71abf936..b1a810ce7a 100644 --- a/clients/cli/nmcli.c +++ b/clients/cli/nmcli.c @@ -514,6 +514,7 @@ nmc_init (NmCli *nmc) nmc->in_editor = FALSE; nmc->editor_status_line = FALSE; nmc->editor_save_confirmation = TRUE; + nmc->editor_show_secrets = FALSE; nmc->editor_prompt_color = NMC_TERM_COLOR_NORMAL; } diff --git a/clients/cli/nmcli.h b/clients/cli/nmcli.h index 34beb92298..0a87bd9147 100644 --- a/clients/cli/nmcli.h +++ b/clients/cli/nmcli.h @@ -14,7 +14,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * (C) Copyright 2010 - 2014 Red Hat, Inc. + * Copyright 2010 - 2014 Red Hat, Inc. */ #ifndef NMC_NMCLI_H @@ -126,6 +126,7 @@ typedef struct _NmCli { gboolean in_editor; /* Whether running the editor - nmcli con edit' */ gboolean editor_status_line; /* Whether to display status line in connection editor */ gboolean editor_save_confirmation; /* Whether to ask for confirmation on saving connections with 'autoconnect=yes' */ + gboolean editor_show_secrets; /* Whether to display secrets in the editor' */ NmcTermColor editor_prompt_color; /* Color of prompt in connection editor */ } NmCli;