Changeset 4334
- Timestamp:
- 09/05/08 15:26:58 (3 months ago)
- Files:
-
- trunk/src/charon/plugins/nm/gnome/auth-dialog/main.c (modified) (4 diffs)
- trunk/src/charon/plugins/nm/gnome/properties/nm-strongswan-dialog.glade (modified) (2 diffs)
- trunk/src/charon/plugins/nm/gnome/properties/nm-strongswan.c (modified) (5 diffs)
- trunk/src/charon/plugins/nm/nm_service.c (modified) (7 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/src/charon/plugins/nm/gnome/auth-dialog/main.c
r4326 r4334 64 64 65 65 /** 66 * check if this connection needs a password66 * get the connection type 67 67 */ 68 static gboolean need_password(char *id)68 static char* get_connection_type(char *id) 69 69 { 70 70 GConfClient *client; … … 76 76 id, NM_SETTING_VPN_SETTING_NAME, "method"); 77 77 str = gconf_client_get_string(client, key, NULL); 78 if (str && !strcmp(str, "eap"))79 {80 need_password = TRUE;81 }82 g_free(str);83 78 g_free(key); 84 79 g_object_unref(client); 85 return need_password;80 return str; 86 81 } 87 82 … … 93 88 GnomeProgram *program = NULL; 94 89 int exit_status = 1; 95 char buf, *agent ;90 char buf, *agent, *type; 96 91 guint32 itemid; 97 92 GtkWidget *dialog; … … 132 127 } 133 128 134 if (need_password(id)) 129 type = get_connection_type(id); 130 if (!type) 131 { 132 fprintf(stderr, "Connection lookup failed\n"); 133 g_object_unref (program); 134 return 1; 135 } 136 if (!strcmp(type, "eap") || !strcmp(type, "key")) 135 137 { 136 138 pass = lookup_password(name, service); 137 139 if (!pass || retry) 138 140 { 139 dialog = gnome_password_dialog_new(_("VPN password required"), 140 _("Password required to establish VPN connection:"), 141 NULL, NULL, TRUE); 141 if (!strcmp(type, "eap")) 142 { 143 dialog = gnome_password_dialog_new(_("VPN password required"), 144 _("EAP password required to establish VPN connection:"), 145 NULL, NULL, TRUE); 146 } 147 else 148 { 149 dialog = gnome_password_dialog_new(_("VPN password required"), 150 _("Private key decryption password required to establish VPN connection:"), 151 NULL, NULL, TRUE); 152 } 142 153 gnome_password_dialog_set_show_remember(GNOME_PASSWORD_DIALOG(dialog), TRUE); 143 154 gnome_password_dialog_set_show_username(GNOME_PASSWORD_DIALOG(dialog), FALSE); trunk/src/charon/plugins/nm/gnome/properties/nm-strongswan-dialog.glade
r4326 r4334 38 38 <property name="row_spacing">6</property> 39 39 <child> 40 <widget class="GtkFileChooserButton" id="certificate-button"> 41 <property name="visible">True</property> 42 <property name="tooltip_text">Gateway certificate to use for gateway authentication.</property> 43 </widget> 44 <packing> 45 <property name="left_attach">1</property> 46 <property name="right_attach">2</property> 40 <widget class="GtkLabel" id="address-label"> 41 <property name="visible">True</property> 42 <property name="xalign">0</property> 43 <property name="label" translatable="yes">_Address:</property> 44 <property name="use_underline">True</property> 45 <property name="mnemonic_widget">address-entry</property> 46 </widget> 47 <packing> 48 <property name="x_options">GTK_FILL</property> 49 <property name="y_options"></property> 50 </packing> 51 </child> 52 <child> 53 <widget class="GtkEntry" id="address-entry"> 54 <property name="visible">True</property> 55 <property name="can_focus">True</property> 56 <property name="has_tooltip">True</property> 57 <property name="tooltip_text">An IP address or hostname the Gateway can be contacted.</property> 58 </widget> 59 <packing> 60 <property name="left_attach">1</property> 61 <property name="right_attach">2</property> 62 <property name="y_options"></property> 63 </packing> 64 </child> 65 <child> 66 <widget class="GtkLabel" id="certificate-label"> 67 <property name="visible">True</property> 68 <property name="xalign">0</property> 69 <property name="label" translatable="yes">C_ertificate:</property> 70 <property name="use_underline">True</property> 71 <property name="mnemonic_widget">certificate-button</property> 72 </widget> 73 <packing> 47 74 <property name="top_attach">1</property> 48 75 <property name="bottom_attach">2</property> 49 </packing> 50 </child> 51 <child> 52 <widget class="GtkLabel" id="certificate-label"> 53 <property name="visible">True</property> 54 <property name="xalign">0</property> 55 <property name="label" translatable="yes">C_ertificate:</property> 56 <property name="use_underline">True</property> 57 <property name="mnemonic_widget">certificate-button</property> 58 </widget> 59 <packing> 76 <property name="x_options">GTK_FILL</property> 77 <property name="y_options"></property> 78 </packing> 79 </child> 80 <child> 81 <widget class="GtkFileChooserButton" id="certificate-button"> 82 <property name="visible">True</property> 83 <property name="tooltip_text">Gateway certificate to use for gateway authentication.</property> 84 </widget> 85 <packing> 86 <property name="left_attach">1</property> 87 <property name="right_attach">2</property> 60 88 <property name="top_attach">1</property> 61 89 <property name="bottom_attach">2</property> 62 <property name="x_options">GTK_FILL</property>63 <property name="y_options"></property>64 </packing>65 </child>66 <child>67 <widget class="GtkEntry" id="address-entry">68 <property name="visible">True</property>69 <property name="can_focus">True</property>70 <property name="has_tooltip">True</property>71 <property name="tooltip_text">An IP address or hostname the Gateway can be contacted.</property>72 </widget>73 <packing>74 <property name="left_attach">1</property>75 <property name="right_attach">2</property>76 <property name="y_options"></property>77 </packing>78 </child>79 <child>80 <widget class="GtkLabel" id="address-label">81 <property name="visible">True</property>82 <property name="xalign">0</property>83 <property name="label" translatable="yes">_Address:</property>84 <property name="use_underline">True</property>85 <property name="mnemonic_widget">address-entry</property>86 </widget>87 <packing>88 <property name="x_options">GTK_FILL</property>89 <property name="y_options"></property>90 90 </packing> 91 91 </child> … … 125 125 <widget class="GtkTable" id="client-table"> 126 126 <property name="visible">True</property> 127 <property name="n_rows"> 3</property>127 <property name="n_rows">4</property> 128 128 <property name="n_columns">2</property> 129 129 <property name="column_spacing">6</property> 130 130 <property name="row_spacing">6</property> 131 131 <child> 132 <widget class="GtkFileChooserButton" id="usercert-button"> 133 <property name="visible">True</property> 134 <property name="tooltip_text">Client certificate to use for client authentication.</property> 135 </widget> 136 <packing> 137 <property name="left_attach">1</property> 138 <property name="right_attach">2</property> 132 <widget class="GtkFileChooserButton" id="userkey-button"> 133 <property name="visible">True</property> 134 <property name="tooltip_text">Private key to use for client authentication. This key has to match the certificates public key and may be encrypted..</property> 135 </widget> 136 <packing> 137 <property name="left_attach">1</property> 138 <property name="right_attach">2</property> 139 <property name="top_attach">3</property> 140 <property name="bottom_attach">4</property> 141 </packing> 142 </child> 143 <child> 144 <widget class="GtkLabel" id="userkey-label"> 145 <property name="visible">True</property> 146 <property name="xalign">0</property> 147 <property name="label" translatable="yes">Private _key:</property> 148 <property name="use_underline">True</property> 149 <property name="mnemonic_widget">userkey-button</property> 150 </widget> 151 <packing> 152 <property name="top_attach">3</property> 153 <property name="bottom_attach">4</property> 154 <property name="x_options">GTK_FILL</property> 155 <property name="y_options"></property> 156 </packing> 157 </child> 158 <child> 159 <widget class="GtkComboBox" id="method-combo"> 160 <property name="visible">True</property> 161 <property name="has_tooltip">True</property> 162 <property name="tooltip_text">Authentication Method to use for authentication against the Gateway. </property> 163 <property name="items"></property> 164 </widget> 165 <packing> 166 <property name="left_attach">1</property> 167 <property name="right_attach">2</property> 168 </packing> 169 </child> 170 <child> 171 <widget class="GtkLabel" id="method-label"> 172 <property name="visible">True</property> 173 <property name="xalign">0</property> 174 <property name="label" translatable="yes">Au_thentication:</property> 175 <property name="use_underline">True</property> 176 <property name="mnemonic_widget">method-combo</property> 177 </widget> 178 <packing> 179 <property name="x_options">GTK_FILL</property> 180 <property name="y_options"></property> 181 </packing> 182 </child> 183 <child> 184 <widget class="GtkLabel" id="user-label"> 185 <property name="visible">True</property> 186 <property name="xalign">0</property> 187 <property name="label" translatable="yes">_Username:</property> 188 <property name="use_underline">True</property> 189 <property name="mnemonic_widget">user-entry</property> 190 </widget> 191 <packing> 192 <property name="top_attach">1</property> 193 <property name="bottom_attach">2</property> 194 <property name="x_options">GTK_FILL</property> 195 <property name="y_options"></property> 196 </packing> 197 </child> 198 <child> 199 <widget class="GtkEntry" id="user-entry"> 200 <property name="visible">True</property> 201 <property name="can_focus">True</property> 202 <property name="has_tooltip">True</property> 203 <property name="tooltip_text">The username (identity) to use for authentication against the gateway.</property> 204 </widget> 205 <packing> 206 <property name="left_attach">1</property> 207 <property name="right_attach">2</property> 208 <property name="top_attach">1</property> 209 <property name="bottom_attach">2</property> 210 <property name="y_options"></property> 211 </packing> 212 </child> 213 <child> 214 <widget class="GtkLabel" id="usercert-label"> 215 <property name="visible">True</property> 216 <property name="xalign">0</property> 217 <property name="label" translatable="yes">Ce_rtificate:</property> 218 <property name="use_underline">True</property> 219 <property name="mnemonic_widget">usercert-button</property> 220 </widget> 221 <packing> 139 222 <property name="top_attach">2</property> 140 223 <property name="bottom_attach">3</property> 141 </packing> 142 </child> 143 <child> 144 <widget class="GtkLabel" id="usercert-label"> 145 <property name="visible">True</property> 146 <property name="xalign">0</property> 147 <property name="label" translatable="yes">Ce_rtificate:</property> 148 <property name="use_underline">True</property> 149 <property name="mnemonic_widget">usercert-button</property> 150 </widget> 151 <packing> 224 <property name="x_options">GTK_FILL</property> 225 <property name="y_options"></property> 226 </packing> 227 </child> 228 <child> 229 <widget class="GtkFileChooserButton" id="usercert-button"> 230 <property name="visible">True</property> 231 <property name="tooltip_text">Client certificate to use for client authentication.</property> 232 </widget> 233 <packing> 234 <property name="left_attach">1</property> 235 <property name="right_attach">2</property> 152 236 <property name="top_attach">2</property> 153 237 <property name="bottom_attach">3</property> 154 <property name="x_options">GTK_FILL</property>155 <property name="y_options"></property>156 </packing>157 </child>158 <child>159 <widget class="GtkEntry" id="user-entry">160 <property name="visible">True</property>161 <property name="can_focus">True</property>162 <property name="has_tooltip">True</property>163 <property name="tooltip_text">The username (identity) to use for authentication against the gateway.</property>164 </widget>165 <packing>166 <property name="left_attach">1</property>167 <property name="right_attach">2</property>168 <property name="top_attach">1</property>169 <property name="bottom_attach">2</property>170 <property name="y_options"></property>171 </packing>172 </child>173 <child>174 <widget class="GtkLabel" id="user-label">175 <property name="visible">True</property>176 <property name="xalign">0</property>177 <property name="label" translatable="yes">_Username:</property>178 <property name="use_underline">True</property>179 <property name="mnemonic_widget">user-entry</property>180 </widget>181 <packing>182 <property name="top_attach">1</property>183 <property name="bottom_attach">2</property>184 <property name="x_options">GTK_FILL</property>185 <property name="y_options"></property>186 </packing>187 </child>188 <child>189 <widget class="GtkLabel" id="method-label">190 <property name="visible">True</property>191 <property name="xalign">0</property>192 <property name="label" translatable="yes">Au_thentication:</property>193 <property name="use_underline">True</property>194 <property name="mnemonic_widget">method-combo</property>195 </widget>196 <packing>197 <property name="x_options">GTK_FILL</property>198 <property name="y_options"></property>199 </packing>200 </child>201 <child>202 <widget class="GtkComboBox" id="method-combo">203 <property name="visible">True</property>204 <property name="has_tooltip">True</property>205 <property name="tooltip_text">Authentication Method to use for authentication against the Gateway. </property>206 <property name="items"></property>207 </widget>208 <packing>209 <property name="left_attach">1</property>210 <property name="right_attach">2</property>211 238 </packing> 212 239 </child> trunk/src/charon/plugins/nm/gnome/properties/nm-strongswan.c
r4326 r4334 123 123 } 124 124 125 static void update_layout (GtkWidget *widget, StrongswanPluginUiWidgetPrivate *priv) 126 { 127 switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget))) 128 { 129 default: 130 gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); 131 /* FALL */ 132 case 0: 133 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-label")); 134 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-button")); 135 gtk_widget_show (glade_xml_get_widget (priv->xml, "userkey-label")); 136 gtk_widget_show (glade_xml_get_widget (priv->xml, "userkey-button")); 137 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-label")); 138 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-entry")); 139 break; 140 case 1: 141 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-label")); 142 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-button")); 143 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-label")); 144 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-entry")); 145 gtk_widget_hide (glade_xml_get_widget (priv->xml, "userkey-label")); 146 gtk_widget_hide (glade_xml_get_widget (priv->xml, "userkey-button")); 147 break; 148 case 2: 149 gtk_widget_show (glade_xml_get_widget (priv->xml, "user-label")); 150 gtk_widget_show (glade_xml_get_widget (priv->xml, "user-entry")); 151 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-label")); 152 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-button")); 153 gtk_widget_hide (glade_xml_get_widget (priv->xml, "userkey-label")); 154 gtk_widget_hide (glade_xml_get_widget (priv->xml, "userkey-button")); 155 break; 156 } 157 158 } 159 125 160 static void 126 161 settings_changed_cb (GtkWidget *widget, gpointer user_data) 127 {128 g_signal_emit_by_name (STRONGSWAN_PLUGIN_UI_WIDGET (user_data), "changed");129 }130 131 static void132 method_changed_cb (GtkWidget *widget, gpointer user_data)133 162 { 134 163 StrongswanPluginUiWidget *self = STRONGSWAN_PLUGIN_UI_WIDGET (user_data); 135 164 StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self); 136 165 137 if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) == 0) 138 { 139 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-label")); 140 gtk_widget_show (glade_xml_get_widget (priv->xml, "usercert-button")); 141 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-label")); 142 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-entry")); 143 } 144 else 145 { 146 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-label")); 147 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-button")); 148 gtk_widget_show (glade_xml_get_widget (priv->xml, "user-label")); 149 gtk_widget_show (glade_xml_get_widget (priv->xml, "user-entry")); 166 if (widget == glade_xml_get_widget (priv->xml, "method-combo")) 167 { 168 update_layout(glade_xml_get_widget (priv->xml, "method-combo"), priv); 150 169 } 151 170 g_signal_emit_by_name (STRONGSWAN_PLUGIN_UI_WIDGET (user_data), "changed"); … … 184 203 185 204 widget = glade_xml_get_widget (priv->xml, "method-combo"); 205 gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/private key")); 186 206 gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/ssh-agent")); 187 207 gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("EAP")); 188 208 value = g_hash_table_lookup (settings->data, "method"); 189 209 if (value) { 190 if (g_strcasecmp (value, " agent") == 0) {210 if (g_strcasecmp (value, "key") == 0) { 191 211 gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); 192 212 } 193 if (g_strcasecmp (value, " eap") == 0) {213 if (g_strcasecmp (value, "agent") == 0) { 194 214 gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 1); 195 215 } 196 } 197 g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (method_changed_cb), self); 216 if (g_strcasecmp (value, "eap") == 0) { 217 gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 2); 218 } 219 } 198 220 if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) == -1) 199 221 { 200 222 gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); 201 223 } 202 if (gtk_combo_box_get_active (GTK_COMBO_BOX (widget)) != 0) 203 { 204 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-label")); 205 gtk_widget_hide (glade_xml_get_widget (priv->xml, "usercert-button")); 206 } 207 else 208 { 209 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-label")); 210 gtk_widget_hide (glade_xml_get_widget (priv->xml, "user-entry")); 211 } 224 update_layout (widget, priv); 225 g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); 212 226 213 227 widget = glade_xml_get_widget (priv->xml, "usercert-label"); … … 216 230 gtk_widget_set_no_show_all (widget, TRUE); 217 231 value = g_hash_table_lookup (settings->data, "usercert"); 232 if (value) 233 gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); 234 g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); 235 236 widget = glade_xml_get_widget (priv->xml, "userkey-label"); 237 gtk_widget_set_no_show_all (widget, TRUE); 238 widget = glade_xml_get_widget (priv->xml, "userkey-button"); 239 gtk_widget_set_no_show_all (widget, TRUE); 240 value = g_hash_table_lookup (settings->data, "userkey"); 218 241 if (value) 219 242 gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); … … 291 314 switch (gtk_combo_box_get_active (GTK_COMBO_BOX (widget))) 292 315 { 316 default: 293 317 case 0: 294 default: 318 widget = glade_xml_get_widget (priv->xml, "userkey-button"); 319 str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); 320 if (str) { 321 g_hash_table_insert (settings->data, g_strdup ("userkey"), g_strdup(str)); 322 } 323 widget = glade_xml_get_widget (priv->xml, "usercert-button"); 324 str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); 325 if (str) { 326 g_hash_table_insert (settings->data, g_strdup ("usercert"), g_strdup(str)); 327 } 328 str = "key"; 329 break; 330 case 1: 295 331 widget = glade_xml_get_widget (priv->xml, "usercert-button"); 296 332 str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); … … 300 336 str = "agent"; 301 337 break; 302 case 1:338 case 2: 303 339 widget = glade_xml_get_widget (priv->xml, "user-entry"); 304 340 str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); trunk/src/charon/plugins/nm/nm_service.c
r4327 r4334 20 20 21 21 #include <daemon.h> 22 #include <asn1/pem.h> 22 23 #include <utils/host.h> 23 24 #include <utils/identification.h> … … 175 176 auth_class_t auth_class = AUTH_CLASS_EAP; 176 177 certificate_t *cert = NULL; 178 bool agent = FALSE; 177 179 178 180 /** … … 207 209 { 208 210 auth_class = AUTH_CLASS_PUBKEY; 211 agent = TRUE; 212 } 213 else if (streq(str, "key")) 214 { 215 auth_class = AUTH_CLASS_PUBKEY; 209 216 } 210 217 } … … 254 261 255 262 cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, 256 BUILD_FROM_FILE, str, BUILD_END); 263 BUILD_FROM_FILE, str, BUILD_END); 264 265 /* try agent */ 257 266 str = g_hash_table_lookup(settings->data, "agent"); 258 if ( str && cert)267 if (agent && str && cert) 259 268 { 260 269 public = cert->get_public_key(cert); … … 267 276 BUILD_END); 268 277 public->destroy(public); 278 } 279 } 280 /* ... or key file */ 281 str = g_hash_table_lookup(settings->data, "userkey"); 282 if (!agent && str && cert) 283 { 284 chunk_t secret, chunk; 285 bool pgp = FALSE; 286 287 secret.ptr = g_hash_table_lookup(settings->data, "password"); 288 if (secret.ptr) 289 { 290 secret.len = strlen(secret.ptr); 291 } 292 if (pem_asn1_load_file(str, &secret, &chunk, &pgp)) 293 { 294 private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, 295 KEY_RSA, BUILD_BLOB_ASN1_DER, chunk, BUILD_END); 296 free(chunk.ptr); 269 297 } 270 298 } … … 360 388 { 361 389 NMSettingVPN *settings; 362 char *method; 390 char *method, *path; 391 chunk_t secret = chunk_empty, key; 392 bool pgp = FALSE; 363 393 364 394 settings = NM_SETTING_VPN(nm_connection_get_setting(connection, … … 379 409 { 380 410 return FALSE; 411 } 412 } 413 else if (streq(method, "key")) 414 { 415 path = g_hash_table_lookup(settings->data, "userkey"); 416 if (path) 417 { 418 secret.ptr = g_hash_table_lookup(settings->data, "password"); 419 if (secret.ptr) 420 { 421 secret.len = strlen(secret.ptr); 422 } 423 if (pem_asn1_load_file(path, &secret, &key, &pgp)) 424 { 425 free(key.ptr); 426 return FALSE; 427 } 381 428 } 382 429 }