diff options
| author | Martin Willi <martin@strongswan.org> | 2009-03-18 19:48:06 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-03-18 19:48:06 +0000 |
| commit | d7625f09909fcc74edf957fbd862b3f2c3d51ede (patch) | |
| tree | e1bea06c4f2cef00efeffaa460909f8a61b6eac9 /src/charon/plugins/nm | |
| parent | 9717826f10d5a0e1c15e0501fb28e9a90dee89fd (diff) | |
| download | strongswan-d7625f09909fcc74edf957fbd862b3f2c3d51ede.tar.bz2 strongswan-d7625f09909fcc74edf957fbd862b3f2c3d51ede.tar.xz | |
ported nm plugin and gnome applet to NetworkManager 7.1
Diffstat (limited to 'src/charon/plugins/nm')
| -rw-r--r-- | src/charon/plugins/nm/gnome/properties/nm-strongswan.c | 47 | ||||
| -rw-r--r-- | src/charon/plugins/nm/nm_service.c | 80 |
2 files changed, 73 insertions, 54 deletions
diff --git a/src/charon/plugins/nm/gnome/properties/nm-strongswan.c b/src/charon/plugins/nm/gnome/properties/nm-strongswan.c index e8a882cdf..46263b9f6 100644 --- a/src/charon/plugins/nm/gnome/properties/nm-strongswan.c +++ b/src/charon/plugins/nm/gnome/properties/nm-strongswan.c @@ -176,18 +176,18 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self); NMSettingVPN *settings; GtkWidget *widget; - char *value; + const char *value; gboolean active; settings = NM_SETTING_VPN(nm_connection_get_setting(connection, NM_TYPE_SETTING_VPN)); widget = glade_xml_get_widget (priv->xml, "address-entry"); - value = g_hash_table_lookup (settings->data, "address"); + value = nm_setting_vpn_get_data_item (settings, "address"); if (value) gtk_entry_set_text (GTK_ENTRY (widget), value); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); widget = glade_xml_get_widget (priv->xml, "certificate-button"); - value = g_hash_table_lookup (settings->data, "certificate"); + value = nm_setting_vpn_get_data_item (settings, "certificate"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); @@ -196,7 +196,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError gtk_widget_set_no_show_all (widget, TRUE); widget = glade_xml_get_widget (priv->xml, "user-entry"); gtk_widget_set_no_show_all (widget, TRUE); - value = g_hash_table_lookup (settings->data, "user"); + value = nm_setting_vpn_get_data_item (settings, "user"); if (value) gtk_entry_set_text (GTK_ENTRY (widget), value); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self); @@ -205,7 +205,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/private key")); gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/ssh-agent")); gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("EAP")); - value = g_hash_table_lookup (settings->data, "method"); + value = nm_setting_vpn_get_data_item (settings, "method"); if (value) { if (g_strcasecmp (value, "key") == 0) { gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); @@ -228,7 +228,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError gtk_widget_set_no_show_all (widget, TRUE); widget = glade_xml_get_widget (priv->xml, "usercert-button"); gtk_widget_set_no_show_all (widget, TRUE); - value = g_hash_table_lookup (settings->data, "usercert"); + value = nm_setting_vpn_get_data_item (settings, "usercert"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); @@ -237,13 +237,13 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError gtk_widget_set_no_show_all (widget, TRUE); widget = glade_xml_get_widget (priv->xml, "userkey-button"); gtk_widget_set_no_show_all (widget, TRUE); - value = g_hash_table_lookup (settings->data, "userkey"); + value = nm_setting_vpn_get_data_item (settings, "userkey"); if (value) gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value); g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self); widget = glade_xml_get_widget (priv->xml, "virtual-check"); - value = g_hash_table_lookup (settings->data, "virtual"); + value = nm_setting_vpn_get_data_item (settings, "virtual"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); @@ -251,7 +251,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self); widget = glade_xml_get_widget (priv->xml, "encap-check"); - value = g_hash_table_lookup (settings->data, "encap"); + value = nm_setting_vpn_get_data_item (settings, "encap"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); @@ -259,7 +259,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self); widget = glade_xml_get_widget (priv->xml, "ipcomp-check"); - value = g_hash_table_lookup (settings->data, "ipcomp"); + value = nm_setting_vpn_get_data_item (settings, "ipcomp"); if (value && strcmp(value, "yes") == 0) { gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE); @@ -296,18 +296,20 @@ update_connection (NMVpnPluginUiWidgetInterface *iface, if (!check_validity (self, error)) return FALSE; settings = NM_SETTING_VPN (nm_setting_vpn_new ()); - settings->service_type = g_strdup (NM_DBUS_SERVICE_STRONGSWAN); + + g_object_set (settings, NM_SETTING_VPN_SERVICE_TYPE, + NM_DBUS_SERVICE_STRONGSWAN, NULL); widget = glade_xml_get_widget (priv->xml, "address-entry"); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) { - g_hash_table_insert (settings->data, g_strdup ("address"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "address", str); } widget = glade_xml_get_widget (priv->xml, "certificate-button"); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { - g_hash_table_insert (settings->data, g_strdup ("certificate"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "certificate", str); } widget = glade_xml_get_widget (priv->xml, "method-combo"); @@ -318,12 +320,12 @@ update_connection (NMVpnPluginUiWidgetInterface *iface, widget = glade_xml_get_widget (priv->xml, "userkey-button"); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { - g_hash_table_insert (settings->data, g_strdup ("userkey"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "userkey", str); } widget = glade_xml_get_widget (priv->xml, "usercert-button"); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { - g_hash_table_insert (settings->data, g_strdup ("usercert"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "usercert", str); } str = "key"; break; @@ -331,7 +333,7 @@ update_connection (NMVpnPluginUiWidgetInterface *iface, widget = glade_xml_get_widget (priv->xml, "usercert-button"); str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); if (str) { - g_hash_table_insert (settings->data, g_strdup ("usercert"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "usercert", str); } str = "agent"; break; @@ -339,27 +341,24 @@ update_connection (NMVpnPluginUiWidgetInterface *iface, widget = glade_xml_get_widget (priv->xml, "user-entry"); str = (char *) gtk_entry_get_text (GTK_ENTRY (widget)); if (str && strlen (str)) { - g_hash_table_insert (settings->data, g_strdup ("user"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "user", str); } str = "eap"; break; } - g_hash_table_insert (settings->data, g_strdup ("method"), g_strdup(str)); + nm_setting_vpn_add_data_item (settings, "method", str); widget = glade_xml_get_widget (priv->xml, "virtual-check"); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); - g_hash_table_insert (settings->data, g_strdup ("virtual"), - g_strdup(active ? "yes" : "no")); + nm_setting_vpn_add_data_item (settings, "virtual", active ? "yes" : "no"); widget = glade_xml_get_widget (priv->xml, "encap-check"); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); - g_hash_table_insert (settings->data, g_strdup ("encap"), - g_strdup(active ? "yes" : "no")); + nm_setting_vpn_add_data_item (settings, "encap", active ? "yes" : "no"); widget = glade_xml_get_widget (priv->xml, "ipcomp-check"); active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); - g_hash_table_insert (settings->data, g_strdup ("ipcomp"), - g_strdup(active ? "yes" : "no")); + nm_setting_vpn_add_data_item (settings, "ipcomp", active ? "yes" : "no"); nm_connection_add_setting (connection, NM_SETTING (settings)); return TRUE; diff --git a/src/charon/plugins/nm/nm_service.c b/src/charon/plugins/nm/nm_service.c index 1f2b6f723..72744b784 100644 --- a/src/charon/plugins/nm/nm_service.c +++ b/src/charon/plugins/nm/nm_service.c @@ -83,8 +83,8 @@ static void signal_ipv4_config(NMVPNPlugin *plugin, */ static void signal_failure(NMVPNPlugin *plugin) { - /* TODO: NM does not handle this failure!? - nm_vpn_plugin_failure(plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED); */ + /* TODO: NM does not handle this failure!? */ + nm_vpn_plugin_failure(plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED); nm_vpn_plugin_set_state(plugin, NM_VPN_SERVICE_STATE_STOPPED); } @@ -144,7 +144,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, nm_creds_t *creds; NMSettingVPN *settings; identification_t *user = NULL, *gateway; - char *address, *str; + const char *address, *str; bool virtual, encap, ipcomp; ike_cfg_t *ike_cfg; peer_cfg_t *peer_cfg; @@ -164,20 +164,20 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, DBG4(DBG_CFG, "received NetworkManager connection: %s", nm_setting_to_string(NM_SETTING(settings))); - address = g_hash_table_lookup(settings->data, "address"); + address = nm_setting_vpn_get_data_item(settings, "address"); if (!address || !*address) { g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, "Gateway address missing."); return FALSE; } - str = g_hash_table_lookup(settings->data, "virtual"); + str = nm_setting_vpn_get_data_item(settings, "virtual"); virtual = str && streq(str, "yes"); - str = g_hash_table_lookup(settings->data, "encap"); + str = nm_setting_vpn_get_data_item(settings, "encap"); encap = str && streq(str, "yes"); - str = g_hash_table_lookup(settings->data, "ipcomp"); + str = nm_setting_vpn_get_data_item(settings, "ipcomp"); ipcomp = str && streq(str, "yes"); - str = g_hash_table_lookup(settings->data, "method"); + str = nm_setting_vpn_get_data_item(settings, "method"); if (str) { if (streq(str, "psk")) @@ -202,7 +202,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, creds->clear(creds); /* gateway cert */ - str = g_hash_table_lookup(settings->data, "certificate"); + str = nm_setting_vpn_get_data_item(settings, "certificate"); if (str) { cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, @@ -220,20 +220,20 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, if (auth_class == AUTH_CLASS_EAP) { /* username/password authentication ... */ - str = g_hash_table_lookup(settings->data, "user"); + str = nm_setting_vpn_get_data_item(settings, "user"); if (str) { user = identification_create_from_encoding(ID_KEY_ID, chunk_create(str, strlen(str))); - str = g_hash_table_lookup(settings->secrets, "password"); - creds->set_username_password(creds, user, str); + str = nm_setting_vpn_get_secret(settings, "password"); + creds->set_username_password(creds, user, (char*)str); } } if (auth_class == AUTH_CLASS_PUBKEY) { /* ... or certificate/private key authenitcation */ - str = g_hash_table_lookup(settings->data, "usercert"); + str = nm_setting_vpn_get_data_item(settings, "usercert"); if (str) { public_key_t *public; @@ -241,10 +241,16 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, BUILD_FROM_FILE, str, BUILD_END); - + if (!cert) + { + g_set_error(err, NM_VPN_PLUGIN_ERROR, + NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, + "Loading peer certificate failed."); + return FALSE; + } /* try agent */ - str = g_hash_table_lookup(settings->secrets, "agent"); - if (agent && str && cert) + str = nm_setting_vpn_get_secret(settings, "agent"); + if (agent && str) { public = cert->get_public_key(cert); if (public) @@ -256,25 +262,38 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, BUILD_END); public->destroy(public); } + if (!private) + { + g_set_error(err, NM_VPN_PLUGIN_ERROR, + NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, + "Connecting to SSH agent failed."); + } } /* ... or key file */ - str = g_hash_table_lookup(settings->data, "userkey"); - if (!agent && str && cert) + str = nm_setting_vpn_get_data_item(settings, "userkey"); + if (!agent && str) { chunk_t secret, chunk; bool pgp = FALSE; - secret.ptr = g_hash_table_lookup(settings->secrets, "password"); + secret.ptr = (char*)nm_setting_vpn_get_secret(settings, + "password"); if (secret.ptr) { secret.len = strlen(secret.ptr); } - if (pem_asn1_load_file(str, &secret, &chunk, &pgp)) + if (pem_asn1_load_file((char*)str, &secret, &chunk, &pgp)) { private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, BUILD_BLOB_ASN1_DER, chunk, BUILD_END); free(chunk.ptr); } + if (!private) + { + g_set_error(err, NM_VPN_PLUGIN_ERROR, + NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, + "Loading private key failed."); + } } if (private) { @@ -285,8 +304,6 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, else { DESTROY_IF(cert); - g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS, - "Loading user certificate/private key failed."); return FALSE; } } @@ -302,7 +319,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection, /** * Set up configurations */ - ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", address); + ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", (char*)address); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); peer_cfg = peer_cfg_create(CONFIG_NAME, 2, ike_cfg, user, gateway->clone(gateway), @@ -367,40 +384,40 @@ static gboolean need_secrets(NMVPNPlugin *plugin, NMConnection *connection, char **setting_name, GError **error) { NMSettingVPN *settings; - char *method, *path; + const char *method, *path; chunk_t secret = chunk_empty, key; bool pgp = FALSE; settings = NM_SETTING_VPN(nm_connection_get_setting(connection, NM_TYPE_SETTING_VPN)); - method = g_hash_table_lookup(settings->data, "method"); + method = nm_setting_vpn_get_data_item(settings, "method"); if (method) { if (streq(method, "eap")) { - if (g_hash_table_lookup(settings->secrets, "password")) + if (nm_setting_vpn_get_secret(settings, "password")) { return FALSE; } } else if (streq(method, "agent")) { - if (g_hash_table_lookup(settings->secrets, "agent")) + if (nm_setting_vpn_get_secret(settings, "agent")) { return FALSE; } } else if (streq(method, "key")) { - path = g_hash_table_lookup(settings->data, "userkey"); + path = nm_setting_vpn_get_data_item(settings, "userkey"); if (path) { - secret.ptr = g_hash_table_lookup(settings->secrets, "password"); + secret.ptr = (char*)nm_setting_vpn_get_secret(settings, "password"); if (secret.ptr) { secret.len = strlen(secret.ptr); } - if (pem_asn1_load_file(path, &secret, &key, &pgp)) + if (pem_asn1_load_file((char*)path, &secret, &key, &pgp)) { free(key.ptr); return FALSE; @@ -434,6 +451,9 @@ static gboolean disconnect(NMVPNPlugin *plugin, GError **err) } } enumerator->destroy(enumerator); + + g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_GENERAL, + "Connection not found."); return FALSE; } |