mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2026-01-04 12:10:15 +01:00
2007-10-08 Tambet Ingo <tambet@gmail.com>
* Update everything to work with the 0.7 branch NetworkManager. git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@2952 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
This commit is contained in:
Tambet Ingo
parent
9d318e9fae
commit
a9251b8b68
9 changed files with 2606 additions and 3507 deletions
|
|
@ -1,3 +1,7 @@
|
|||
2007-10-08 Tambet Ingo <tambet@gmail.com>
|
||||
|
||||
* Update everything to work with the 0.7 branch NetworkManager.
|
||||
|
||||
2007-08-15 Tambet Ingo <tambet@gmail.com>
|
||||
|
||||
* nm-openvpn-service.name.in: Use uppercase macros so that they get replaced
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
INCLUDES = -I${top_srcdir} -I${top_srcdir}/utils
|
||||
|
||||
libexec_PROGRAMS = nm-openvpn-auth-dialog
|
||||
|
||||
nm_openvpn_auth_dialog_CPPFLAGS = \
|
||||
|
|
@ -7,6 +5,7 @@ nm_openvpn_auth_dialog_CPPFLAGS = \
|
|||
$(GTK_CFLAGS) \
|
||||
$(LIBGNOMEUI_CFLAGS) \
|
||||
$(GNOMEKEYRING_CFLAGS) \
|
||||
$(NETWORK_MANAGER_CFLAGS) \
|
||||
-DICONDIR=\""$(datadir)/pixmaps"\" \
|
||||
-DGLADEDIR=\""$(gladedir)"\" \
|
||||
-DBINDIR=\""$(bindir)"\" \
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
/* -*- Mode: C; tab-width: 5; indent-tabs-mode: t; c-basic-offset: 5 -*- */
|
||||
/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
|
||||
*
|
||||
* Dan Williams <dcbw@redhat.com>
|
||||
|
|
@ -32,109 +33,94 @@
|
|||
#include <gconf/gconf-client.h>
|
||||
#include <gnome-keyring.h>
|
||||
|
||||
#include "../src/nm-openvpn-service.h"
|
||||
#include "gnome-two-password-dialog.h"
|
||||
|
||||
#define VPN_SERVICE "org.freedesktop.NetworkManager.openvpn"
|
||||
// MUST be the same as in gnome/applet/applet.h
|
||||
// A real fix for this is needed by giving more information to auth apps
|
||||
#define GCONF_PATH_VPN_CONNECTIONS "/system/networking/vpn_connections"
|
||||
typedef struct {
|
||||
char *vpn_name;
|
||||
char *vpn_service;
|
||||
|
||||
static GSList *
|
||||
lookup_pass (const char *vpn_name, const char *vpn_service, gboolean *is_session)
|
||||
gboolean need_password;
|
||||
char *password;
|
||||
|
||||
gboolean need_certpass;
|
||||
char *certpass;
|
||||
} PasswordsInfo;
|
||||
|
||||
static gboolean
|
||||
lookup_pass (PasswordsInfo *info, gboolean *is_session)
|
||||
{
|
||||
GSList *passwords;
|
||||
GList *keyring_result;
|
||||
GList *keyring_i;
|
||||
int status;
|
||||
GList *list = NULL;
|
||||
GList *iter;
|
||||
|
||||
char *password = NULL;
|
||||
char *certpass = NULL;
|
||||
status = gnome_keyring_find_network_password_sync (g_get_user_name (), /* user */
|
||||
NULL, /* domain */
|
||||
info->vpn_name, /* server */
|
||||
NULL, /* object */
|
||||
info->vpn_service, /* protocol */
|
||||
NULL, /* authtype */
|
||||
0, /* port */
|
||||
&list);
|
||||
|
||||
passwords = NULL;
|
||||
if (status != GNOME_KEYRING_RESULT_OK || list == NULL)
|
||||
return FALSE;
|
||||
|
||||
if (gnome_keyring_find_network_password_sync (g_get_user_name (), /* user */
|
||||
NULL, /* domain */
|
||||
vpn_name, /* server */
|
||||
NULL, /* object */
|
||||
vpn_service, /* protocol */
|
||||
NULL, /* authtype */
|
||||
0, /* port */
|
||||
&keyring_result) != GNOME_KEYRING_RESULT_OK)
|
||||
return FALSE;
|
||||
*is_session = FALSE;
|
||||
|
||||
*is_session = FALSE;
|
||||
|
||||
// Go through all passwords and assign to appropriate variable
|
||||
for (keyring_i = keyring_result; keyring_i != NULL; keyring_i = g_list_next (keyring_i)) {
|
||||
|
||||
GnomeKeyringNetworkPasswordData *data = keyring_i->data;
|
||||
/* Go through all passwords and assign to appropriate variable */
|
||||
for (iter = list; iter; iter = iter->next) {
|
||||
GnomeKeyringNetworkPasswordData *data = iter->data;
|
||||
|
||||
if (strcmp (data->object, "password") == 0) {
|
||||
password = data->password;
|
||||
} else if (strcmp (data->object, "certpass") == 0) {
|
||||
certpass = data->password;
|
||||
}
|
||||
if (!strcmp (data->object, "password") && data->password)
|
||||
info->password = g_strdup (data->password);
|
||||
else if (strcmp (data->object, "certpass") == 0)
|
||||
info->certpass = g_strdup (data->password);
|
||||
|
||||
if (strcmp (data->keyring, "session") == 0)
|
||||
*is_session = TRUE;
|
||||
|
||||
}
|
||||
if (strcmp (data->keyring, "session") == 0)
|
||||
*is_session = TRUE;
|
||||
}
|
||||
|
||||
gnome_keyring_network_password_list_free (list);
|
||||
|
||||
if (password != NULL) {
|
||||
passwords = g_slist_append (passwords, g_strdup (password));
|
||||
} else {
|
||||
passwords = g_slist_append (passwords, g_strdup (""));
|
||||
}
|
||||
|
||||
if (certpass != NULL) {
|
||||
passwords = g_slist_append (passwords, g_strdup (certpass));
|
||||
} else {
|
||||
passwords = g_slist_append (passwords, g_strdup (""));
|
||||
}
|
||||
|
||||
gnome_keyring_network_password_list_free (keyring_result);
|
||||
|
||||
return passwords;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
static void save_vpn_password (const char *vpn_name, const char *vpn_service, const char *keyring,
|
||||
const char *password, const char *certpass)
|
||||
static void
|
||||
save_vpn_password (PasswordsInfo *info, const char *keyring)
|
||||
{
|
||||
guint32 item_id;
|
||||
GnomeKeyringResult keyring_result;
|
||||
guint32 item_id;
|
||||
GnomeKeyringResult keyring_result;
|
||||
|
||||
if ( password != NULL) {
|
||||
keyring_result = gnome_keyring_set_network_password_sync (keyring,
|
||||
g_get_user_name (),
|
||||
NULL,
|
||||
vpn_name,
|
||||
"password",
|
||||
vpn_service,
|
||||
NULL,
|
||||
0,
|
||||
password,
|
||||
&item_id);
|
||||
if (keyring_result != GNOME_KEYRING_RESULT_OK) {
|
||||
g_warning ("Couldn't store password in keyring, code %d", (int) keyring_result);
|
||||
}
|
||||
}
|
||||
|
||||
if ( certpass != NULL) {
|
||||
keyring_result = gnome_keyring_set_network_password_sync (keyring,
|
||||
g_get_user_name (),
|
||||
NULL,
|
||||
vpn_name,
|
||||
"certpass",
|
||||
vpn_service,
|
||||
NULL,
|
||||
0,
|
||||
certpass,
|
||||
&item_id);
|
||||
if (keyring_result != GNOME_KEYRING_RESULT_OK) {
|
||||
g_warning ("Couldn't store certpass in keyring, code %d", (int) keyring_result);
|
||||
}
|
||||
}
|
||||
if (info->password) {
|
||||
keyring_result = gnome_keyring_set_network_password_sync (keyring,
|
||||
g_get_user_name (),
|
||||
NULL,
|
||||
info->vpn_name,
|
||||
"password",
|
||||
info->vpn_service,
|
||||
NULL,
|
||||
0,
|
||||
info->password,
|
||||
&item_id);
|
||||
if (keyring_result != GNOME_KEYRING_RESULT_OK)
|
||||
g_warning ("Couldn't store password in keyring, code %d", (int) keyring_result);
|
||||
}
|
||||
|
||||
if (info->certpass) {
|
||||
keyring_result = gnome_keyring_set_network_password_sync (keyring,
|
||||
g_get_user_name (),
|
||||
NULL,
|
||||
info->vpn_name,
|
||||
"certpass",
|
||||
info->vpn_service,
|
||||
NULL,
|
||||
0,
|
||||
info->certpass,
|
||||
&item_id);
|
||||
if (keyring_result != GNOME_KEYRING_RESULT_OK)
|
||||
g_warning ("Couldn't store certpass in keyring, code %d", (int) keyring_result);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -146,308 +132,281 @@ static void save_vpn_password (const char *vpn_name, const char *vpn_service, co
|
|||
* @return returns true if the key is encrypted, false otherwise
|
||||
*/
|
||||
static gboolean
|
||||
pem_is_encrypted(const char *filename)
|
||||
pem_is_encrypted (const char *filename)
|
||||
{
|
||||
|
||||
GIOChannel *pem_chan;
|
||||
char *str = NULL;
|
||||
gboolean encrypted = FALSE;
|
||||
GIOChannel *pem_chan;
|
||||
char *str = NULL;
|
||||
gboolean encrypted = FALSE;
|
||||
|
||||
pem_chan = g_io_channel_new_file (filename, "r", NULL);
|
||||
pem_chan = g_io_channel_new_file (filename, "r", NULL);
|
||||
|
||||
if ( pem_chan == NULL ) {
|
||||
// We don't know
|
||||
return FALSE;
|
||||
}
|
||||
if ( pem_chan == NULL ) {
|
||||
// We don't know
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
while ( ! encrypted && (g_io_channel_read_line (pem_chan, &str, NULL, NULL, NULL) != G_IO_STATUS_EOF) ) {
|
||||
if ( strstr (str, "Proc-Type: 4,ENCRYPTED") == str ) {
|
||||
// encrypted!
|
||||
encrypted = TRUE;
|
||||
}
|
||||
while ( ! encrypted && (g_io_channel_read_line (pem_chan, &str, NULL, NULL, NULL) != G_IO_STATUS_EOF) ) {
|
||||
if ( strstr (str, "Proc-Type: 4,ENCRYPTED") == str ) {
|
||||
// encrypted!
|
||||
encrypted = TRUE;
|
||||
}
|
||||
|
||||
g_free (str);
|
||||
}
|
||||
g_free (str);
|
||||
}
|
||||
|
||||
return encrypted;
|
||||
return encrypted;
|
||||
}
|
||||
|
||||
|
||||
static GSList *
|
||||
get_passwords (const char *vpn_name,
|
||||
const char *vpn_service,
|
||||
gboolean retry,
|
||||
gboolean need_password,
|
||||
gboolean need_certpass)
|
||||
static gboolean
|
||||
get_passwords (PasswordsInfo *info, gboolean retry)
|
||||
{
|
||||
GSList *result;
|
||||
char *prompt;
|
||||
GtkWidget *dialog;
|
||||
char *keyring_password;
|
||||
char *keyring_certpass;
|
||||
gboolean keyring_is_session;
|
||||
GSList *keyring_result;
|
||||
GnomeTwoPasswordDialogRemember remember;
|
||||
int num_passwords = 0;
|
||||
char *prompt;
|
||||
GtkWidget *dialog;
|
||||
gboolean keyring_is_session;
|
||||
GnomeTwoPasswordDialogRemember remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING;
|
||||
gboolean success = FALSE;
|
||||
|
||||
result = NULL;
|
||||
keyring_password = NULL;
|
||||
keyring_certpass = NULL;
|
||||
keyring_result = NULL;
|
||||
if (lookup_pass (info, &keyring_is_session)) {
|
||||
if (!retry)
|
||||
return TRUE;
|
||||
|
||||
g_return_val_if_fail (vpn_name != NULL, NULL);
|
||||
if (keyring_is_session)
|
||||
remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION;
|
||||
else
|
||||
remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER;
|
||||
}
|
||||
|
||||
/* Use the system user name, since the VPN might have a different user name */
|
||||
if (!retry) {
|
||||
if ((result = lookup_pass (vpn_name, vpn_service, &keyring_is_session)) != NULL) {
|
||||
return result;
|
||||
}
|
||||
} else {
|
||||
if ((keyring_result = lookup_pass (vpn_name, vpn_service, &keyring_is_session)) != NULL) {
|
||||
keyring_password = g_strdup ((char *) keyring_result->data);
|
||||
keyring_certpass = g_strdup ((char *) (g_slist_next (keyring_result))->data);
|
||||
}
|
||||
g_slist_foreach (keyring_result, (GFunc)g_free, NULL);
|
||||
g_slist_free (keyring_result);
|
||||
}
|
||||
prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network '%s'."), info->vpn_name);
|
||||
dialog = gnome_two_password_dialog_new (_("Authenticate VPN"), prompt, NULL, NULL, FALSE);
|
||||
g_free (prompt);
|
||||
|
||||
prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network '%s'."), vpn_name);
|
||||
dialog = gnome_two_password_dialog_new (_("Authenticate VPN"), prompt, NULL, NULL, FALSE);
|
||||
g_free (prompt);
|
||||
gnome_two_password_dialog_set_remember (GNOME_TWO_PASSWORD_DIALOG (dialog), remember);
|
||||
gnome_two_password_dialog_set_show_username (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_userpass_buttons (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_domain (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_remember (GNOME_TWO_PASSWORD_DIALOG (dialog), TRUE);
|
||||
|
||||
gnome_two_password_dialog_set_show_username (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_userpass_buttons (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_domain (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
gnome_two_password_dialog_set_show_remember (GNOME_TWO_PASSWORD_DIALOG (dialog), TRUE);
|
||||
if (info->need_password && info->need_certpass) {
|
||||
gnome_two_password_dialog_set_show_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
TRUE);
|
||||
gnome_two_password_dialog_set_password_secondary_label (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
_("Certificate pass_word:") );
|
||||
|
||||
if (need_password && need_certpass) {
|
||||
gnome_two_password_dialog_set_show_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
TRUE);
|
||||
gnome_two_password_dialog_set_password_secondary_label (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
_("Certificate pass_word:") );
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (info->password)
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog), info->password);
|
||||
if (info->certpass)
|
||||
gnome_two_password_dialog_set_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog), info->certpass);
|
||||
} else {
|
||||
gnome_two_password_dialog_set_show_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog), FALSE);
|
||||
if (info->need_password) {
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (info->password)
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog), info->password);
|
||||
} else if (info->need_certpass) {
|
||||
gnome_two_password_dialog_set_password_primary_label (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
_("Certificate password:"));
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (info->certpass)
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog), info->certpass);
|
||||
}
|
||||
}
|
||||
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (keyring_password != NULL) {
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
keyring_password);
|
||||
}
|
||||
if (keyring_certpass != NULL) {
|
||||
gnome_two_password_dialog_set_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
keyring_certpass);
|
||||
}
|
||||
} else {
|
||||
gnome_two_password_dialog_set_show_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
FALSE);
|
||||
if (need_password) {
|
||||
// defaults for label are ok
|
||||
gtk_widget_show (dialog);
|
||||
if (gnome_two_password_dialog_run_and_block (GNOME_TWO_PASSWORD_DIALOG (dialog))) {
|
||||
success = TRUE;
|
||||
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (keyring_password != NULL) {
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
keyring_password);
|
||||
}
|
||||
if (info->need_password)
|
||||
info->password = g_strdup (gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog)));
|
||||
if (info->need_certpass)
|
||||
info->certpass = g_strdup (info->need_password ?
|
||||
gnome_two_password_dialog_get_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog)) :
|
||||
gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog)));
|
||||
|
||||
} else if (need_certpass) {
|
||||
gnome_two_password_dialog_set_password_primary_label (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
_("Certificate password:") );
|
||||
/* if retrying, put in the passwords from the keyring */
|
||||
if (keyring_certpass != NULL) {
|
||||
gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog),
|
||||
keyring_certpass);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* use the same keyring storage options as from the items we put in the entry boxes */
|
||||
remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING;
|
||||
if (keyring_result != NULL) {
|
||||
if (keyring_is_session)
|
||||
remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION;
|
||||
else
|
||||
remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER;
|
||||
}
|
||||
gnome_two_password_dialog_set_remember (GNOME_TWO_PASSWORD_DIALOG (dialog), remember);
|
||||
switch (gnome_two_password_dialog_get_remember (GNOME_TWO_PASSWORD_DIALOG (dialog))) {
|
||||
case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION:
|
||||
save_vpn_password (info, "session");
|
||||
break;
|
||||
case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER:
|
||||
save_vpn_password (info, NULL);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
gtk_widget_show (dialog);
|
||||
gtk_widget_destroy (dialog);
|
||||
|
||||
if (gnome_two_password_dialog_run_and_block (GNOME_TWO_PASSWORD_DIALOG (dialog))) {
|
||||
char *password = "unused";
|
||||
char *certpass = "unused";
|
||||
return success;
|
||||
}
|
||||
|
||||
if (need_password && need_certpass) {
|
||||
password = gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog));
|
||||
certpass = gnome_two_password_dialog_get_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog));
|
||||
} else {
|
||||
if (need_password) {
|
||||
password = gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog));
|
||||
} else if (need_certpass) {
|
||||
certpass = gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog));
|
||||
}
|
||||
}
|
||||
static gboolean
|
||||
get_password_types (PasswordsInfo *info)
|
||||
{
|
||||
GConfClient *gconf_client = NULL;
|
||||
GSList *conf_list;
|
||||
GSList *iter;
|
||||
char *key;
|
||||
char *str;
|
||||
char *connection_path = NULL;
|
||||
gboolean success = FALSE;
|
||||
|
||||
result = g_slist_append (result, g_strdup (password));
|
||||
result = g_slist_append (result, g_strdup (certpass));
|
||||
/* FIXME: This whole thing sucks: we should not go around poking gconf
|
||||
directly, but there's nothing that does it for us right now */
|
||||
|
||||
switch (gnome_two_password_dialog_get_remember (GNOME_TWO_PASSWORD_DIALOG (dialog))) {
|
||||
case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION:
|
||||
save_vpn_password (vpn_name, vpn_service, "session", password, certpass);
|
||||
break;
|
||||
case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER:
|
||||
save_vpn_password (vpn_name, vpn_service, NULL, password, certpass);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
gconf_client = gconf_client_get_default ();
|
||||
|
||||
g_free (keyring_password);
|
||||
g_free (keyring_certpass);
|
||||
conf_list = gconf_client_all_dirs (gconf_client, "/system/networking/connections", NULL);
|
||||
if (!conf_list)
|
||||
return FALSE;
|
||||
|
||||
gtk_widget_destroy (dialog);
|
||||
for (iter = conf_list; iter; iter = iter->next) {
|
||||
key = g_strconcat ((char *) iter->data, "connection/type", NULL);
|
||||
str = gconf_client_get_string (gconf_client, key, NULL);
|
||||
g_free (key);
|
||||
|
||||
return result;
|
||||
if (!str || strcmp (str, "vpn")) {
|
||||
g_free (str);
|
||||
continue;
|
||||
}
|
||||
|
||||
key = g_strconcat ((char *) iter->data, "connection/name", NULL);
|
||||
str = gconf_client_get_string (gconf_client, key, NULL);
|
||||
g_free (key);
|
||||
|
||||
if (!str || strcmp (str, info->vpn_name)) {
|
||||
g_free (str);
|
||||
continue;
|
||||
}
|
||||
|
||||
/* Woo, found the connection */
|
||||
connection_path = g_strdup ((char *) iter->data);
|
||||
break;
|
||||
}
|
||||
|
||||
g_slist_foreach (conf_list, (GFunc) g_free, NULL);
|
||||
g_slist_free (conf_list);
|
||||
|
||||
if (connection_path) {
|
||||
int connection_type;
|
||||
|
||||
key = g_strconcat (connection_path, "vpn-properties/connection-type", NULL);
|
||||
connection_type = gconf_client_get_int (gconf_client, key, NULL);
|
||||
g_free (key);
|
||||
|
||||
switch (connection_type) {
|
||||
case NM_OPENVPN_CONTYPE_X509USERPASS:
|
||||
info->need_password = TRUE;
|
||||
/* Fall through */
|
||||
case NM_OPENVPN_CONTYPE_X509:
|
||||
success = TRUE;
|
||||
|
||||
key = g_strconcat (connection_path, "vpn-properties/", NM_OPENVPN_KEY_KEY, NULL);
|
||||
str = gconf_client_get_string (gconf_client, key, NULL);
|
||||
g_free (key);
|
||||
if (str) {
|
||||
info->need_certpass = pem_is_encrypted (str);
|
||||
g_free (str);
|
||||
}
|
||||
break;
|
||||
case NM_OPENVPN_CONTYPE_SHAREDKEY:
|
||||
success = TRUE;
|
||||
break;
|
||||
case NM_OPENVPN_CONTYPE_PASSWORD:
|
||||
success = TRUE;
|
||||
info->need_password = TRUE;
|
||||
break;
|
||||
default:
|
||||
/* Invalid connection type */
|
||||
break;
|
||||
}
|
||||
|
||||
info->need_password = TRUE;
|
||||
info->need_certpass = TRUE;
|
||||
|
||||
g_free (connection_path);
|
||||
}
|
||||
|
||||
g_object_unref (gconf_client);
|
||||
|
||||
return success;
|
||||
}
|
||||
|
||||
int
|
||||
main (int argc, char *argv[])
|
||||
{
|
||||
GConfClient *gconf_client = NULL;
|
||||
GConfValue *gconf_val = NULL;
|
||||
gchar *gconf_key = NULL;
|
||||
char *escaped_name;
|
||||
gboolean needs_password = FALSE;
|
||||
gboolean needs_certpass = FALSE;
|
||||
gboolean valid_conn = FALSE;
|
||||
GSList *i;
|
||||
GSList *passwords;
|
||||
gchar *key = NULL;
|
||||
gchar *connection_type = NULL;
|
||||
static gboolean retry = FALSE;
|
||||
static gchar *vpn_name = NULL;
|
||||
static gchar *vpn_service = NULL;
|
||||
GError *error = NULL;
|
||||
GOptionContext *context;
|
||||
GnomeProgram *program = NULL;
|
||||
int bytes_read;
|
||||
GOptionEntry entries[] =
|
||||
{
|
||||
{ "reprompt", 'r', 0, G_OPTION_ARG_NONE, &retry, "Reprompt for passwords", NULL},
|
||||
{ "name", 'n', 0, G_OPTION_ARG_STRING, &vpn_name, "Name of VPN connection", NULL},
|
||||
{ "service", 's', 0, G_OPTION_ARG_STRING, &vpn_service, "VPN service type", NULL},
|
||||
{ NULL }
|
||||
};
|
||||
char buf[1];
|
||||
PasswordsInfo info;
|
||||
int exit_status = 1;
|
||||
static gboolean retry = FALSE;
|
||||
static gchar *vpn_name = NULL;
|
||||
static gchar *vpn_service = NULL;
|
||||
GOptionContext *context;
|
||||
GnomeProgram *program = NULL;
|
||||
int bytes_read;
|
||||
GOptionEntry entries[] =
|
||||
{
|
||||
{ "reprompt", 'r', 0, G_OPTION_ARG_NONE, &retry, "Reprompt for passwords", NULL},
|
||||
{ "name", 'n', 0, G_OPTION_ARG_STRING, &vpn_name, "Name of VPN connection", NULL},
|
||||
{ "service", 's', 0, G_OPTION_ARG_STRING, &vpn_service, "VPN service type", NULL},
|
||||
{ NULL }
|
||||
};
|
||||
char buf[1];
|
||||
|
||||
bindtextdomain (GETTEXT_PACKAGE, NULL);
|
||||
bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
|
||||
textdomain (GETTEXT_PACKAGE);
|
||||
bindtextdomain (GETTEXT_PACKAGE, NULL);
|
||||
bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
|
||||
textdomain (GETTEXT_PACKAGE);
|
||||
|
||||
passwords = NULL;
|
||||
context = g_option_context_new ("- openvpn auth dialog");
|
||||
g_option_context_add_main_entries (context, entries, GETTEXT_PACKAGE);
|
||||
|
||||
context = g_option_context_new ("- openvpn auth dialog");
|
||||
g_option_context_add_main_entries (context, entries, GETTEXT_PACKAGE);
|
||||
program = gnome_program_init ("nm-openvpn-auth-dialog", VERSION,
|
||||
LIBGNOMEUI_MODULE,
|
||||
argc, argv,
|
||||
GNOME_PARAM_GOPTION_CONTEXT, context,
|
||||
GNOME_PARAM_NONE);
|
||||
|
||||
program = gnome_program_init ("nm-openvpn-auth-dialog", VERSION,
|
||||
LIBGNOMEUI_MODULE,
|
||||
argc, argv,
|
||||
GNOME_PARAM_GOPTION_CONTEXT, context,
|
||||
GNOME_PARAM_NONE);
|
||||
|
||||
if (vpn_name == NULL || vpn_service == NULL) {
|
||||
fprintf (stderr, "Have to supply both name and service\n");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (strcmp (vpn_service, VPN_SERVICE) != 0) {
|
||||
fprintf (stderr, "This dialog only works with the '%s' service\n", VPN_SERVICE);
|
||||
goto out;
|
||||
}
|
||||
|
||||
gconf_client = gconf_client_get_default();
|
||||
escaped_name = gconf_escape_key (vpn_name, strlen (vpn_name));
|
||||
gconf_key = g_strdup_printf ("%s/%s/vpn_data", GCONF_PATH_VPN_CONNECTIONS, escaped_name);
|
||||
if ( !(gconf_val = gconf_client_get (gconf_client, gconf_key, NULL)) ||
|
||||
!(gconf_val->type == GCONF_VALUE_LIST) ||
|
||||
!(gconf_value_get_list_type (gconf_val) == GCONF_VALUE_STRING)) {
|
||||
|
||||
if (gconf_val)
|
||||
gconf_value_free (gconf_val);
|
||||
g_free (gconf_key);
|
||||
goto out;
|
||||
}
|
||||
g_free (gconf_key);
|
||||
|
||||
valid_conn = TRUE;
|
||||
|
||||
for (i = gconf_value_get_list (gconf_val); i != NULL; i = g_slist_next (i)) {
|
||||
const char *gkey = gconf_value_get_string ((GConfValue *)i->data);
|
||||
const char *gval = NULL;
|
||||
|
||||
i = g_slist_next (i);
|
||||
if (i != NULL) {
|
||||
gval = gconf_value_get_string ((GConfValue *)i->data);
|
||||
}
|
||||
|
||||
if ( gkey != NULL ) {
|
||||
if ( strcmp (gkey, "connection-type") == 0 ) {
|
||||
connection_type = g_strdup (gval);
|
||||
if ( (strcmp (gval, "password") == 0) ||
|
||||
(strcmp (gval, "x509userpass") == 0) ) {
|
||||
needs_password = TRUE;
|
||||
if (vpn_name == NULL || vpn_service == NULL) {
|
||||
fprintf (stderr, "Have to supply both name and service\n");
|
||||
goto out;
|
||||
}
|
||||
} else if ( strcmp (gkey, "key") == 0 ) {
|
||||
key = g_strdup (gval);
|
||||
}
|
||||
}
|
||||
}
|
||||
gconf_value_free (gconf_val);
|
||||
|
||||
if ( (connection_type != NULL) && (key != NULL) ) {
|
||||
if ( (strcmp (connection_type, "x509") == 0) ||
|
||||
(strcmp (connection_type, "x509userpass") == 0) ) {
|
||||
needs_certpass = pem_is_encrypted (key);
|
||||
}
|
||||
}
|
||||
if (strcmp (vpn_service, NM_DBUS_SERVICE_OPENVPN) != 0) {
|
||||
fprintf (stderr, "This dialog only works with the '%s' service\n", NM_DBUS_SERVICE_OPENVPN);
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ( needs_password || needs_certpass ) {
|
||||
passwords = get_passwords (vpn_name, vpn_service, retry, needs_password, needs_certpass);
|
||||
if (passwords == NULL)
|
||||
goto out;
|
||||
memset (&info, 0, sizeof (PasswordsInfo));
|
||||
info.vpn_name = vpn_name;
|
||||
info.vpn_service = vpn_service;
|
||||
|
||||
/* dump the passwords to stdout */
|
||||
for (i = passwords; i != NULL; i = g_slist_next (i)) {
|
||||
char *password = (char *) i->data;
|
||||
printf ("%s\n", password);
|
||||
}
|
||||
if (!get_password_types (&info)) {
|
||||
fprintf (stderr, "Invalid connection");
|
||||
goto out;
|
||||
}
|
||||
|
||||
g_slist_foreach (passwords, (GFunc)g_free, NULL);
|
||||
g_slist_free (passwords);
|
||||
exit_status = 0;
|
||||
|
||||
} else {
|
||||
printf ("No password needed\nNo certpass needed\n");
|
||||
}
|
||||
if (!info.need_password && !info.need_certpass)
|
||||
goto out;
|
||||
|
||||
printf ("\n\n");
|
||||
/* for good measure, flush stdout since Kansas is going Bye-Bye */
|
||||
fflush (stdout);
|
||||
if (get_passwords (&info, retry)) {
|
||||
if (info.need_password)
|
||||
printf ("%s\n", info.password);
|
||||
if (info.need_certpass)
|
||||
printf ("%s\n", info.certpass);
|
||||
}
|
||||
printf ("\n\n");
|
||||
/* for good measure, flush stdout since Kansas is going Bye-Bye */
|
||||
fflush (stdout);
|
||||
|
||||
/* wait for data on stdin */
|
||||
bytes_read = fread (buf, sizeof (char), sizeof (buf), stdin);
|
||||
/* wait for data on stdin */
|
||||
bytes_read = fread (buf, sizeof (char), sizeof (buf), stdin);
|
||||
|
||||
out:
|
||||
if (gconf_client)
|
||||
g_object_unref (gconf_client);
|
||||
g_object_unref (program);
|
||||
|
||||
g_object_unref (program);
|
||||
|
||||
g_free (connection_type);
|
||||
g_free (key);
|
||||
|
||||
if ( ! valid_conn ) {
|
||||
return 1;
|
||||
} else if ( needs_password ) {
|
||||
return (passwords != NULL) ? 0 : 1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
return exit_status;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ PKG_CHECK_MODULES(DBUS, dbus-glib-1 >= 0.30)
|
|||
AC_SUBST(DBUS_CFLAGS)
|
||||
AC_SUBST(DBUS_LIBS)
|
||||
|
||||
PKG_CHECK_MODULES(NETWORK_MANAGER, NetworkManager >= 0.4.1 libnm-util >= 0.7.0)
|
||||
PKG_CHECK_MODULES(NETWORK_MANAGER, NetworkManager >= 0.7.0 libnm-util >= 0.7.0 libnm_glib)
|
||||
AC_SUBST(NETWORK_MANAGER_CFLAGS)
|
||||
AC_SUBST(NETWORK_MANAGER_LIBS)
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -1,8 +1,5 @@
|
|||
INCLUDES = -I${top_srcdir} -I${top_srcdir}/utils -I${top_srcdir}/vpn-daemons/openvpn
|
||||
|
||||
AM_CPPFLAGS = \
|
||||
$(DBUS_CFLAGS) \
|
||||
$(GTHREAD_CFLAGS) \
|
||||
$(NETWORK_MANAGER_CFLAGS) \
|
||||
-Wall \
|
||||
-DDBUS_API_SUBJECT_TO_CHANGE \
|
||||
|
|
@ -20,15 +17,10 @@ bin_PROGRAMS = nm-openvpn-service nm-openvpn-service-openvpn-helper
|
|||
|
||||
nm_openvpn_service_SOURCES = \
|
||||
nm-openvpn-service.c \
|
||||
nm-openvpn-service.h \
|
||||
nm-utils.c \
|
||||
nm-utils.h
|
||||
nm-openvpn-service.h
|
||||
|
||||
|
||||
nm_openvpn_service_LDADD = \
|
||||
$(DBUS_LIBS) \
|
||||
$(GTHREAD_LIBS) \
|
||||
$(NETWORK_MANAGER_LIBS)
|
||||
nm_openvpn_service_LDADD = $(NETWORK_MANAGER_LIBS) -lnm_glib_vpn
|
||||
|
||||
|
||||
nm_openvpn_service_openvpn_helper_SOURCES = \
|
||||
|
|
@ -36,7 +28,6 @@ nm_openvpn_service_openvpn_helper_SOURCES = \
|
|||
|
||||
nm_openvpn_service_openvpn_helper_LDADD = \
|
||||
$(DBUS_LIBS) \
|
||||
$(GTHREAD_LIBS) \
|
||||
$(NETWORK_MANAGER_LIBS)
|
||||
|
||||
CLEANFILES = *~
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
/* -*- Mode: C; tab-width: 5; indent-tabs-mode: t; c-basic-offset: 5 -*- */
|
||||
/* nm-openvpn-service-openvpn-helper - helper called after OpenVPN established
|
||||
* a connection, uses DBUS to send information back to nm-openvpn-service
|
||||
*
|
||||
|
|
@ -38,389 +39,226 @@
|
|||
#include <dbus/dbus-glib-lowlevel.h>
|
||||
#include <dbus/dbus-glib.h>
|
||||
#include <NetworkManager.h>
|
||||
#include <syslog.h>
|
||||
|
||||
#include "nm-openvpn-service.h"
|
||||
#include "nm-utils.h"
|
||||
|
||||
static void
|
||||
nm_log_handler (const gchar * log_domain,
|
||||
GLogLevelFlags log_level,
|
||||
const gchar * message,
|
||||
gpointer ignored)
|
||||
helper_failed (DBusGConnection *connection, const char *reason)
|
||||
{
|
||||
int syslog_priority;
|
||||
DBusGProxy *proxy;
|
||||
GError *err = NULL;
|
||||
|
||||
switch (log_level)
|
||||
{
|
||||
case G_LOG_LEVEL_ERROR:
|
||||
syslog_priority = LOG_CRIT;
|
||||
break;
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper did not receive a valid %s from openvpn", reason);
|
||||
|
||||
case G_LOG_LEVEL_CRITICAL:
|
||||
syslog_priority = LOG_ERR;
|
||||
break;
|
||||
proxy = dbus_g_proxy_new_for_name (connection,
|
||||
NM_DBUS_SERVICE_OPENVPN,
|
||||
NM_VPN_DBUS_PLUGIN_PATH,
|
||||
NM_VPN_DBUS_PLUGIN_INTERFACE);
|
||||
|
||||
case G_LOG_LEVEL_WARNING:
|
||||
syslog_priority = LOG_WARNING;
|
||||
break;
|
||||
dbus_g_proxy_call (proxy, "SetFailure", &err,
|
||||
G_TYPE_STRING, reason,
|
||||
G_TYPE_INVALID,
|
||||
G_TYPE_INVALID);
|
||||
|
||||
case G_LOG_LEVEL_MESSAGE:
|
||||
syslog_priority = LOG_NOTICE;
|
||||
break;
|
||||
if (err) {
|
||||
nm_warning ("Could not send failure information: %s", err->message);
|
||||
g_error_free (err);
|
||||
}
|
||||
|
||||
case G_LOG_LEVEL_DEBUG:
|
||||
syslog_priority = LOG_DEBUG;
|
||||
break;
|
||||
g_object_unref (proxy);
|
||||
|
||||
case G_LOG_LEVEL_INFO:
|
||||
default:
|
||||
syslog_priority = LOG_INFO;
|
||||
break;
|
||||
}
|
||||
|
||||
syslog (syslog_priority, "%s", message);
|
||||
exit (1);
|
||||
}
|
||||
|
||||
void
|
||||
nm_logging_setup ()
|
||||
{
|
||||
openlog (G_LOG_DOMAIN, LOG_CONS, LOG_DAEMON);
|
||||
g_log_set_handler (G_LOG_DOMAIN,
|
||||
G_LOG_LEVEL_MASK | G_LOG_FLAG_FATAL | G_LOG_FLAG_RECURSION,
|
||||
nm_log_handler,
|
||||
NULL);
|
||||
}
|
||||
|
||||
void
|
||||
nm_logging_shutdown (void)
|
||||
{
|
||||
closelog ();
|
||||
}
|
||||
|
||||
void
|
||||
cleanup_and_exit(int n)
|
||||
{
|
||||
nm_logging_shutdown();
|
||||
exit(n);
|
||||
}
|
||||
/*
|
||||
* send_config_error
|
||||
*
|
||||
* Notify nm-openvpn-service of a config error from 'openvpn'.
|
||||
*
|
||||
*/
|
||||
static void send_config_error (DBusConnection *con, const char *item)
|
||||
{
|
||||
DBusMessage *message;
|
||||
|
||||
g_return_if_fail (con != NULL);
|
||||
g_return_if_fail (item != NULL);
|
||||
|
||||
if (!(message = dbus_message_new_method_call (NM_DBUS_SERVICE_OPENVPN, NM_DBUS_PATH_OPENVPN, NM_DBUS_INTERFACE_OPENVPN, "signalConfigError")))
|
||||
{
|
||||
nm_warning ("send_config_error(): Couldn't allocate the dbus message");
|
||||
return;
|
||||
}
|
||||
|
||||
dbus_message_append_args (message, DBUS_TYPE_STRING, &item, DBUS_TYPE_INVALID);
|
||||
if (!dbus_connection_send (con, message, NULL))
|
||||
nm_warning ("send_config_error(): could not send dbus message");
|
||||
|
||||
dbus_message_unref (message);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* gpa_to_uint32arr
|
||||
*
|
||||
* Convert GPtrArray of uint32 to a uint32* array
|
||||
*
|
||||
*/
|
||||
static void
|
||||
gpa_to_uint32arr (const GPtrArray *gpa,
|
||||
guint32 **uia,
|
||||
guint32 *uia_len)
|
||||
send_ip4_config (DBusGConnection *connection, GHashTable *config)
|
||||
{
|
||||
|
||||
guint32 num_valid = 0, i = 0;
|
||||
struct in_addr temp_addr;
|
||||
DBusGProxy *proxy;
|
||||
GError *err = NULL;
|
||||
|
||||
*uia = NULL;
|
||||
proxy = dbus_g_proxy_new_for_name (connection,
|
||||
NM_DBUS_SERVICE_OPENVPN,
|
||||
NM_VPN_DBUS_PLUGIN_PATH,
|
||||
NM_VPN_DBUS_PLUGIN_INTERFACE);
|
||||
|
||||
if ( gpa->len > 0 ) {
|
||||
/* Pass over the array first to determine how many valid entries there are */
|
||||
num_valid = 0;
|
||||
for (i = 0; i < gpa->len; ++i) {
|
||||
if (inet_aton ((char *)gpa->pdata[i], &temp_addr)) {
|
||||
num_valid++;
|
||||
}
|
||||
}
|
||||
|
||||
/* Do the actual string->int conversion and assign to the array. */
|
||||
if (num_valid > 0) {
|
||||
*uia = g_new0 (guint32, num_valid);
|
||||
for (i = 0; i < gpa->len; ++i) {
|
||||
if (inet_aton ((char *)gpa->pdata[i], &temp_addr)) {
|
||||
(*uia)[i] = temp_addr.s_addr;
|
||||
dbus_g_proxy_call (proxy, "SetIp4Config", &err,
|
||||
dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_VALUE),
|
||||
config,
|
||||
G_TYPE_INVALID,
|
||||
G_TYPE_INVALID);
|
||||
|
||||
if (err) {
|
||||
nm_warning ("Could not send failure information: %s", err->message);
|
||||
g_error_free (err);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
*uia_len = num_valid;
|
||||
}
|
||||
if (*uia == NULL) {
|
||||
*uia = g_malloc0 (sizeof (guint32));
|
||||
*uia_len = 1;
|
||||
}
|
||||
|
||||
g_object_unref (proxy);
|
||||
}
|
||||
|
||||
static gboolean
|
||||
ipstr_to_uint32 (const char *ip_str, guint32 *ip)
|
||||
static GValue *
|
||||
str_to_gvalue (const char *str, gboolean try_convert)
|
||||
{
|
||||
struct in_addr temp_addr;
|
||||
GValue *val;
|
||||
|
||||
/* Convert IPv4 address arguments from strings into numbers */
|
||||
if (!inet_aton (ip_str, &temp_addr))
|
||||
return FALSE;
|
||||
*ip = temp_addr.s_addr;
|
||||
return TRUE;
|
||||
}
|
||||
/* Empty */
|
||||
if (!str || strlen (str) < 1)
|
||||
return NULL;
|
||||
|
||||
if (!g_utf8_validate (str, -1, NULL)) {
|
||||
if (try_convert && !(str = g_convert (str, -1, "ISO-8859-1", "UTF-8", NULL, NULL, NULL)))
|
||||
str = g_convert (str, -1, "C", "UTF-8", NULL, NULL, NULL);
|
||||
|
||||
/*
|
||||
* send_config_info
|
||||
*
|
||||
* Send IP config info to nm-openvpn-service
|
||||
*
|
||||
*/
|
||||
static gboolean
|
||||
send_config_info (DBusConnection *con,
|
||||
const char *str_vpn_gateway,
|
||||
const char *str_tundev,
|
||||
const char *str_ip4_address,
|
||||
const char *str_ip4_ptpaddr,
|
||||
const char *str_ip4_netmask,
|
||||
const GPtrArray *gpa_ip4_dns,
|
||||
const GPtrArray *gpa_ip4_nbns
|
||||
)
|
||||
{
|
||||
DBusMessage * message;
|
||||
struct in_addr temp_addr;
|
||||
guint32 uint_vpn_gateway = 0;
|
||||
guint32 uint_ip4_address = 0;
|
||||
guint32 uint_ip4_ptpaddr = 0;
|
||||
guint32 uint_ip4_netmask = 0xFFFFFFFF; /* Default mask of 255.255.255.255 */
|
||||
guint32 * uint_ip4_dns = NULL;
|
||||
guint32 uint_ip4_dns_len = 0;
|
||||
guint32 * uint_ip4_nbns = NULL;
|
||||
guint32 uint_ip4_nbns_len = 0;
|
||||
gboolean success = FALSE;
|
||||
|
||||
g_return_val_if_fail (con != NULL, FALSE);
|
||||
|
||||
if (!(message = dbus_message_new_method_call (NM_DBUS_SERVICE_OPENVPN, NM_DBUS_PATH_OPENVPN, NM_DBUS_INTERFACE_OPENVPN, "signalIP4Config")))
|
||||
{
|
||||
nm_warning ("send_config_error(): Couldn't allocate the dbus message");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (! ipstr_to_uint32 (str_vpn_gateway, &uint_vpn_gateway) ) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a valid VPN Gateway from openvpn.");
|
||||
send_config_error (con, "VPN Gateway");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (! ipstr_to_uint32 (str_ip4_address, &uint_ip4_address) ) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a valid Internal IP4 Address from openvpn.");
|
||||
send_config_error (con, "IP4 Address");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (str_ip4_ptpaddr && ! ipstr_to_uint32 (str_ip4_ptpaddr, &uint_ip4_ptpaddr) ) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a valid PtP IP4 Address from openvpn.");
|
||||
send_config_error (con, "IP4 PtP Address");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (strlen (str_ip4_netmask) > 0) {
|
||||
ipstr_to_uint32 (str_ip4_netmask, &uint_ip4_netmask);
|
||||
}
|
||||
|
||||
gpa_to_uint32arr (gpa_ip4_dns, &uint_ip4_dns, &uint_ip4_dns_len);
|
||||
gpa_to_uint32arr (gpa_ip4_nbns, &uint_ip4_nbns, &uint_ip4_nbns_len);
|
||||
|
||||
dbus_message_append_args (message, DBUS_TYPE_UINT32, &uint_vpn_gateway,
|
||||
DBUS_TYPE_STRING, &str_tundev,
|
||||
DBUS_TYPE_UINT32, &uint_ip4_address,
|
||||
DBUS_TYPE_UINT32, &uint_ip4_ptpaddr,
|
||||
DBUS_TYPE_UINT32, &uint_ip4_netmask,
|
||||
DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &uint_ip4_dns, uint_ip4_dns_len,
|
||||
DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &uint_ip4_nbns, uint_ip4_nbns_len,
|
||||
DBUS_TYPE_INVALID);
|
||||
if (dbus_connection_send (con, message, NULL))
|
||||
success = TRUE;
|
||||
else
|
||||
nm_warning ("send_config_error(): could not send dbus message");
|
||||
|
||||
dbus_message_unref (message);
|
||||
|
||||
g_free (uint_ip4_dns);
|
||||
g_free (uint_ip4_nbns);
|
||||
|
||||
out:
|
||||
return success;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* See the OpenVPN man page for available environment variables.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
#if 0 /* FIXME: Nothing uses this and it is static */
|
||||
/** Prints all environment variables to /tmp/environ
|
||||
*/
|
||||
static void
|
||||
print_env()
|
||||
{
|
||||
FILE *f = fopen("/tmp/environ", "w");
|
||||
int env = 0;
|
||||
while ( __environ[env] != NULL ) {
|
||||
fprintf(f, "%s\n", __environ[env++]);
|
||||
}
|
||||
fclose(f);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
/*
|
||||
* main
|
||||
*
|
||||
*/
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
DBusConnection *con;
|
||||
DBusError error;
|
||||
char *vpn_gateway = NULL;
|
||||
char *tundev = NULL;
|
||||
char *ip4_address = NULL;
|
||||
char *ip4_ptp = NULL;
|
||||
char *ip4_netmask = NULL;
|
||||
GPtrArray *ip4_dns = NULL;
|
||||
GPtrArray *ip4_nbns = NULL;
|
||||
|
||||
char **split = NULL;
|
||||
char **item;
|
||||
|
||||
char *tmp;
|
||||
// max(length(envname)) = length("foreign_option_") + length(to_string(MAX_INT)) + 1;
|
||||
// = 15 = 10 for 4 byte int
|
||||
// (which should be enough for quite some time)
|
||||
char envname[26];
|
||||
int i = 1;
|
||||
int exit_code = 0;
|
||||
|
||||
g_type_init ();
|
||||
if (!g_thread_supported ())
|
||||
g_thread_init (NULL);
|
||||
|
||||
nm_logging_setup();
|
||||
|
||||
dbus_error_init (&error);
|
||||
con = dbus_bus_get (DBUS_BUS_SYSTEM, &error);
|
||||
if ((con == NULL) || dbus_error_is_set (&error))
|
||||
{
|
||||
nm_warning ("Could not get the system bus. Make sure the message bus daemon is running?");
|
||||
cleanup_and_exit (1);
|
||||
}
|
||||
dbus_connection_set_exit_on_disconnect (con, FALSE);
|
||||
|
||||
// print_env();
|
||||
|
||||
vpn_gateway = getenv( "trusted_ip" );
|
||||
tundev = getenv ("dev");
|
||||
ip4_ptp = getenv("ifconfig_remote");
|
||||
ip4_address = getenv("ifconfig_local");
|
||||
ip4_netmask = getenv("route_netmask_1");
|
||||
|
||||
ip4_dns = g_ptr_array_new();
|
||||
ip4_nbns = g_ptr_array_new();
|
||||
|
||||
while (1) {
|
||||
sprintf(envname, "foreign_option_%i", i++);
|
||||
tmp = getenv( envname );
|
||||
|
||||
if ( (tmp == NULL) || (strlen(tmp) == 0) ) {
|
||||
break;
|
||||
} else {
|
||||
|
||||
if ((split = g_strsplit( tmp, " ", -1))) {
|
||||
int size = 0;
|
||||
for( item = split; *item; item++) {
|
||||
++size;
|
||||
if (!str)
|
||||
/* Invalid */
|
||||
return NULL;
|
||||
}
|
||||
if ( size != 3 ) continue;
|
||||
|
||||
if (strcmp( split[0], "dhcp-option") == 0) {
|
||||
// Interesting, now check if DNS or NBNS/WINS
|
||||
if (strcmp( split[1], "DNS") == 0) {
|
||||
// DNS, push it!
|
||||
g_ptr_array_add( ip4_dns, (gpointer) split[2] );
|
||||
} else if (strcmp( split[1], "WINS") == 0) {
|
||||
// WINS, push it!
|
||||
g_ptr_array_add( ip4_nbns, (gpointer) split[2] );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
{
|
||||
FILE *file = fopen ("/tmp/vpnstuff", "w");
|
||||
fprintf (file, "VPNGATEWAY: '%s'\n", vpn_gateway);
|
||||
fprintf (file, "TUNDEV: '%s'\n", tundev);
|
||||
fprintf (file, "IP4_ADDRESS: '%s'\n", ip4_address);
|
||||
fprintf (file, "IP4_NETMASK: '%s'\n", ip4_netmask);
|
||||
fclose (file);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!vpn_gateway) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a VPN Gateway from openvpn.");
|
||||
send_config_error (con, "VPN Gateway");
|
||||
exit (1);
|
||||
}
|
||||
if (!tundev || !g_utf8_validate (tundev, -1, NULL)) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive a Tunnel Device from openvpn, or the tunnel device was not valid UTF-8.");
|
||||
send_config_error (con, "Tunnel Device");
|
||||
cleanup_and_exit (1);
|
||||
}
|
||||
if (!ip4_address) {
|
||||
nm_warning ("nm-openvpn-service-openvpn-helper didn't receive an Internal IP4 Address from openvpn.");
|
||||
send_config_error (con, "IP4 Address");
|
||||
cleanup_and_exit (1);
|
||||
}
|
||||
val = g_slice_new0 (GValue);
|
||||
g_value_init (val, G_TYPE_STRING);
|
||||
g_value_set_string (val, str);
|
||||
|
||||
if (!ip4_netmask) {
|
||||
ip4_netmask = g_strdup ("");
|
||||
}
|
||||
|
||||
if (!send_config_info (con, vpn_gateway, tundev,
|
||||
ip4_address, ip4_ptp, ip4_netmask,
|
||||
ip4_dns, ip4_nbns)) {
|
||||
exit_code = 1;
|
||||
}
|
||||
|
||||
g_strfreev( split );
|
||||
g_ptr_array_free( ip4_dns, TRUE );
|
||||
g_ptr_array_free( ip4_nbns, TRUE );
|
||||
|
||||
cleanup_and_exit (exit_code);
|
||||
|
||||
// Dummy return; cleanup_and_exit() takes care of exit()
|
||||
return 0;
|
||||
return val;
|
||||
}
|
||||
|
||||
static GValue *
|
||||
addr_to_gvalue (const char *str)
|
||||
{
|
||||
struct in_addr temp_addr;
|
||||
GValue *val;
|
||||
|
||||
/* Empty */
|
||||
if (!str || strlen (str) < 1)
|
||||
return NULL;
|
||||
|
||||
if (!inet_aton (str, &temp_addr))
|
||||
return NULL;
|
||||
|
||||
val = g_slice_new0 (GValue);
|
||||
g_value_init (val, G_TYPE_UINT);
|
||||
g_value_set_uint (val, temp_addr.s_addr);
|
||||
|
||||
return val;
|
||||
}
|
||||
|
||||
static GValue *
|
||||
parse_addr_list (GValue *value_array, const char *str)
|
||||
{
|
||||
char **split;
|
||||
int i;
|
||||
struct in_addr temp_addr;
|
||||
GArray *array;
|
||||
|
||||
/* Empty */
|
||||
if (!str || strlen (str) < 1)
|
||||
return value_array;
|
||||
|
||||
if (value_array)
|
||||
array = (GArray *) g_value_get_boxed (value_array);
|
||||
else
|
||||
array = g_array_new (FALSE, FALSE, sizeof (guint));
|
||||
|
||||
split = g_strsplit (str, " ", -1);
|
||||
for (i = 0; split[i]; i++) {
|
||||
if (inet_aton (split[i], &temp_addr))
|
||||
g_array_append_val (array, temp_addr.s_addr);
|
||||
}
|
||||
|
||||
g_strfreev (split);
|
||||
|
||||
if (!value_array && array->len > 1) {
|
||||
value_array = g_slice_new0 (GValue);
|
||||
g_value_init (value_array, DBUS_TYPE_G_UINT_ARRAY);
|
||||
g_value_set_boxed (value_array, array);
|
||||
}
|
||||
|
||||
return value_array;
|
||||
}
|
||||
|
||||
int
|
||||
main (int argc, char *argv[])
|
||||
{
|
||||
DBusGConnection *connection;
|
||||
GHashTable *config;
|
||||
char *tmp;
|
||||
GValue *val;
|
||||
int i;
|
||||
GError *err = NULL;
|
||||
GValue *dns_list = NULL;
|
||||
GValue *nbns_list = NULL;
|
||||
|
||||
g_type_init ();
|
||||
|
||||
connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &err);
|
||||
if (!connection) {
|
||||
nm_warning ("Could not get the system bus: %s", err->message);
|
||||
exit (1);
|
||||
}
|
||||
|
||||
config = g_hash_table_new (g_str_hash, g_str_equal);
|
||||
|
||||
/* Gateway */
|
||||
val = addr_to_gvalue (getenv ("trusted_ip"));
|
||||
if (val)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_GATEWAY, val);
|
||||
else
|
||||
helper_failed (connection, "VPN Gateway");
|
||||
|
||||
/* Tunnel device */
|
||||
val = str_to_gvalue (getenv ("dev"), FALSE);
|
||||
if (val)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val);
|
||||
else
|
||||
helper_failed (connection, "Tunnel Device");
|
||||
|
||||
/* IP address */
|
||||
val = addr_to_gvalue (getenv ("ipconfig_local"));
|
||||
if (val)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
|
||||
else
|
||||
helper_failed (connection, "IP4 Address");
|
||||
|
||||
/* PTP address; for vpnc PTP address == internal IP4 address */
|
||||
val = addr_to_gvalue (getenv ("ifconfig_remote"));
|
||||
if (val)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
|
||||
else
|
||||
helper_failed (connection, "IP4 PTP Address");
|
||||
|
||||
/* Netmask */
|
||||
val = addr_to_gvalue (getenv ("route_netmask_1"));
|
||||
if (val)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_NETMASK, val);
|
||||
|
||||
/* DNS and WINS servers */
|
||||
for (i = 1; i < 256; i++) {
|
||||
char *env_name;
|
||||
|
||||
env_name = g_strdup_printf ("foreign_option_%d", i);
|
||||
tmp = getenv (env_name);
|
||||
g_free (env_name);
|
||||
|
||||
if (!tmp || strlen (tmp) < 1)
|
||||
break;
|
||||
|
||||
if (!g_str_has_prefix (tmp, "dhcp-option "))
|
||||
continue;
|
||||
|
||||
tmp += 12; /* strlen ("dhcp-option ") */
|
||||
|
||||
if (g_str_has_prefix (tmp, "DNS "))
|
||||
dns_list = parse_addr_list (dns_list, tmp + 4);
|
||||
else if (g_str_has_prefix (tmp, "WINS "))
|
||||
nbns_list = parse_addr_list (nbns_list, tmp + 5);
|
||||
}
|
||||
|
||||
if (dns_list)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_DNS, dns_list);
|
||||
if (nbns_list)
|
||||
g_hash_table_insert (config, NM_VPN_PLUGIN_IP4_CONFIG_NBNS, nbns_list);
|
||||
|
||||
/* Send the config info to nm-openvpn-service */
|
||||
send_ip4_config (connection, config);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -1,3 +1,4 @@
|
|||
/* -*- Mode: C; tab-width: 5; indent-tabs-mode: t; c-basic-offset: 5 -*- */
|
||||
/* nm-openvpn-service - openvpn integration with NetworkManager
|
||||
*
|
||||
* Tim Niemueller <tim@niemueller.de>
|
||||
|
|
@ -22,9 +23,20 @@
|
|||
#ifndef NM_OPENVPN_SERVICE_H
|
||||
#define NM_OPENVPN_SERVICE_H
|
||||
|
||||
#define NM_DBUS_SERVICE_OPENVPN "org.freedesktop.NetworkManager.openvpn"
|
||||
#define NM_DBUS_INTERFACE_OPENVPN "org.freedesktop.NetworkManager.openvpn"
|
||||
#define NM_DBUS_PATH_OPENVPN "/org/freedesktop/NetworkManager/openvpn"
|
||||
#include <glib/gtypes.h>
|
||||
#include <glib-object.h>
|
||||
#include <nm-vpn-plugin.h>
|
||||
|
||||
#define NM_TYPE_OPENVPN_PLUGIN (nm_openvpn_plugin_get_type ())
|
||||
#define NM_OPENVPN_PLUGIN(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_OPENVPN_PLUGIN, NMOpenvpnPlugin))
|
||||
#define NM_OPENVPN_PLUGIN_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_OPENVPN_PLUGIN, NMOpenvpnPluginClass))
|
||||
#define NM_IS_OPENVPN_PLUGIN(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_OPENVPN_PLUGIN))
|
||||
#define NM_IS_OPENVPN_PLUGIN_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), NM_TYPE_OPENVPN_PLUGIN))
|
||||
#define NM_OPENVPN_PLUGIN_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_OPENVPN_PLUGIN, NMOpenvpnPluginClass))
|
||||
|
||||
#define NM_DBUS_SERVICE_OPENVPN "org.freedesktop.NetworkManager.openvpn"
|
||||
#define NM_DBUS_INTERFACE_OPENVPN "org.freedesktop.NetworkManager.openvpn"
|
||||
#define NM_DBUS_PATH_OPENVPN "/org/freedesktop/NetworkManager/openvpn"
|
||||
|
||||
/* Do not change numbers, only add if needed!
|
||||
See properties/nm-openvpn.c:connection_type_changed() for details
|
||||
|
|
@ -35,5 +47,36 @@
|
|||
#define NM_OPENVPN_CONTYPE_PASSWORD 2
|
||||
#define NM_OPENVPN_CONTYPE_X509USERPASS 3
|
||||
|
||||
#define NM_OPENVPN_KEY_CA "ca"
|
||||
#define NM_OPENVPN_KEY_CERT "cert"
|
||||
#define NM_OPENVPN_KEY_CIPHER "cipher"
|
||||
#define NM_OPENVPN_KEY_COMP_LZO "comp-lzo"
|
||||
#define NM_OPENVPN_KEY_CONNECTION_TYPE "connection-type"
|
||||
#define NM_OPENVPN_KEY_TAP_DEV "dev"
|
||||
#define NM_OPENVPN_KEY_KEY "key"
|
||||
#define NM_OPENVPN_KEY_LOCAL_IP "local-ip"
|
||||
#define NM_OPENVPN_KEY_PROTO_TCP "proto"
|
||||
#define NM_OPENVPN_KEY_PORT "port"
|
||||
#define NM_OPENVPN_KEY_REMOTE "remote"
|
||||
#define NM_OPENVPN_KEY_REMOTE_IP "remote-ip"
|
||||
#define NM_OPENVPN_KEY_SHARED_KEY "shared-key"
|
||||
#define NM_OPENVPN_KEY_TA "ta"
|
||||
#define NM_OPENVPN_KEY_TA_DIR "ta-dir"
|
||||
#define NM_OPENVPN_KEY_USERNAME "username"
|
||||
|
||||
#endif
|
||||
#define NM_OPENVPN_KEY_PASSWORD "password"
|
||||
#define NM_OPENVPN_KEY_CERTPASS "cert-pass"
|
||||
|
||||
typedef struct {
|
||||
NMVPNPlugin parent;
|
||||
} NMOpenvpnPlugin;
|
||||
|
||||
typedef struct {
|
||||
NMVPNPluginClass parent;
|
||||
} NMOpenvpnPluginClass;
|
||||
|
||||
GType nm_openvpn_plugin_get_type (void);
|
||||
|
||||
NMOpenvpnPlugin *nm_openvpn_plugin_new (void);
|
||||
|
||||
#endif /* NM_OPENVPN_SERVICE_H */
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue