ported nm plugin and gnome applet to NetworkManager 7.1
authorMartin Willi <martin@strongswan.org>
Wed, 18 Mar 2009 19:48:06 +0000 (19:48 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 18 Mar 2009 19:48:06 +0000 (19:48 -0000)
src/charon/plugins/nm/gnome/properties/nm-strongswan.c
src/charon/plugins/nm/nm_service.c

index e8a882c..46263b9 100644 (file)
@@ -176,18 +176,18 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        StrongswanPluginUiWidgetPrivate *priv = STRONGSWAN_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
        NMSettingVPN *settings;
        GtkWidget *widget;
-       char *value;
+       const char *value;
        gboolean active;
        
        settings = NM_SETTING_VPN(nm_connection_get_setting(connection, NM_TYPE_SETTING_VPN));
        widget = glade_xml_get_widget (priv->xml, "address-entry");
-       value = g_hash_table_lookup (settings->data, "address");
+       value = nm_setting_vpn_get_data_item (settings, "address");
        if (value)
                gtk_entry_set_text (GTK_ENTRY (widget), value);
        g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self);
 
        widget = glade_xml_get_widget (priv->xml, "certificate-button");
-       value = g_hash_table_lookup (settings->data, "certificate");
+       value = nm_setting_vpn_get_data_item (settings, "certificate");
        if (value)
                gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
        g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
@@ -196,7 +196,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        gtk_widget_set_no_show_all (widget, TRUE);
        widget = glade_xml_get_widget (priv->xml, "user-entry");
        gtk_widget_set_no_show_all (widget, TRUE);
-       value = g_hash_table_lookup (settings->data, "user");
+       value = nm_setting_vpn_get_data_item (settings, "user");
        if (value)
                gtk_entry_set_text (GTK_ENTRY (widget), value);
        g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (settings_changed_cb), self);
@@ -205,7 +205,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/private key"));
        gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("Certificate/ssh-agent"));
        gtk_combo_box_append_text (GTK_COMBO_BOX (widget), _("EAP"));
-       value = g_hash_table_lookup (settings->data, "method");
+       value = nm_setting_vpn_get_data_item (settings, "method");
        if (value) {
                if (g_strcasecmp (value, "key") == 0) {
                        gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
@@ -228,7 +228,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        gtk_widget_set_no_show_all (widget, TRUE);
        widget = glade_xml_get_widget (priv->xml, "usercert-button");
        gtk_widget_set_no_show_all (widget, TRUE);
-       value = g_hash_table_lookup (settings->data, "usercert");
+       value = nm_setting_vpn_get_data_item (settings, "usercert");
        if (value)
                gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
        g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
@@ -237,13 +237,13 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        gtk_widget_set_no_show_all (widget, TRUE);
        widget = glade_xml_get_widget (priv->xml, "userkey-button");
        gtk_widget_set_no_show_all (widget, TRUE);
-       value = g_hash_table_lookup (settings->data, "userkey");
+       value = nm_setting_vpn_get_data_item (settings, "userkey");
        if (value)
                gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), value);
        g_signal_connect (G_OBJECT (widget), "selection-changed", G_CALLBACK (settings_changed_cb), self);
        
        widget = glade_xml_get_widget (priv->xml, "virtual-check");
-       value = g_hash_table_lookup (settings->data, "virtual");
+       value = nm_setting_vpn_get_data_item (settings, "virtual");
        if (value && strcmp(value, "yes") == 0)
        {
                gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
@@ -251,7 +251,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self);
        
        widget = glade_xml_get_widget (priv->xml, "encap-check");
-       value = g_hash_table_lookup (settings->data, "encap");
+       value = nm_setting_vpn_get_data_item (settings, "encap");
        if (value && strcmp(value, "yes") == 0)
        {
                gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
@@ -259,7 +259,7 @@ init_plugin_ui (StrongswanPluginUiWidget *self, NMConnection *connection, GError
        g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (settings_changed_cb), self);
        
        widget = glade_xml_get_widget (priv->xml, "ipcomp-check");
-       value = g_hash_table_lookup (settings->data, "ipcomp");
+       value = nm_setting_vpn_get_data_item (settings, "ipcomp");
        if (value && strcmp(value, "yes") == 0)
        {
                gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(widget), TRUE);
@@ -296,18 +296,20 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
        if (!check_validity (self, error))
                return FALSE;
        settings = NM_SETTING_VPN (nm_setting_vpn_new ());
-       settings->service_type = g_strdup (NM_DBUS_SERVICE_STRONGSWAN);
+       
+       g_object_set (settings, NM_SETTING_VPN_SERVICE_TYPE,
+                                 NM_DBUS_SERVICE_STRONGSWAN, NULL);
 
        widget = glade_xml_get_widget (priv->xml, "address-entry");
        str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
        if (str && strlen (str)) {
-               g_hash_table_insert (settings->data, g_strdup ("address"), g_strdup(str));
+               nm_setting_vpn_add_data_item (settings, "address", str);
        }
 
        widget = glade_xml_get_widget (priv->xml, "certificate-button");
        str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
        if (str) {
-               g_hash_table_insert (settings->data, g_strdup ("certificate"), g_strdup(str));
+               nm_setting_vpn_add_data_item (settings, "certificate", str);
        }
        
        widget = glade_xml_get_widget (priv->xml, "method-combo");
@@ -318,12 +320,12 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
                        widget = glade_xml_get_widget (priv->xml, "userkey-button");
                        str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
                        if (str) {
-                               g_hash_table_insert (settings->data, g_strdup ("userkey"), g_strdup(str));
+                               nm_setting_vpn_add_data_item (settings, "userkey", str);
                        }
                        widget = glade_xml_get_widget (priv->xml, "usercert-button");
                        str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
                        if (str) {
-                               g_hash_table_insert (settings->data, g_strdup ("usercert"), g_strdup(str));
+                               nm_setting_vpn_add_data_item (settings, "usercert", str);
                        }
                        str = "key";
                        break;
@@ -331,7 +333,7 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
                        widget = glade_xml_get_widget (priv->xml, "usercert-button");
                        str = (char *) gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
                        if (str) {
-                               g_hash_table_insert (settings->data, g_strdup ("usercert"), g_strdup(str));
+                               nm_setting_vpn_add_data_item (settings, "usercert", str);
                        }
                        str = "agent";
                        break;
@@ -339,27 +341,24 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
                        widget = glade_xml_get_widget (priv->xml, "user-entry");
                        str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
                        if (str && strlen (str)) {
-                               g_hash_table_insert (settings->data, g_strdup ("user"), g_strdup(str));
+                               nm_setting_vpn_add_data_item (settings, "user", str);
                        }
                        str = "eap";
                        break;
        }
-       g_hash_table_insert (settings->data, g_strdup ("method"), g_strdup(str));
+       nm_setting_vpn_add_data_item (settings, "method", str);
        
        widget = glade_xml_get_widget (priv->xml, "virtual-check");
        active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
-       g_hash_table_insert (settings->data, g_strdup ("virtual"),
-                                    g_strdup(active ? "yes" : "no"));
+       nm_setting_vpn_add_data_item (settings, "virtual", active ? "yes" : "no");
                             
        widget = glade_xml_get_widget (priv->xml, "encap-check");
        active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
-       g_hash_table_insert (settings->data, g_strdup ("encap"),
-                                    g_strdup(active ? "yes" : "no"));
+       nm_setting_vpn_add_data_item (settings, "encap", active ? "yes" : "no");
                             
        widget = glade_xml_get_widget (priv->xml, "ipcomp-check");
        active = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
-       g_hash_table_insert (settings->data, g_strdup ("ipcomp"),
-                                    g_strdup(active ? "yes" : "no"));
+       nm_setting_vpn_add_data_item (settings, "ipcomp", active ? "yes" : "no");
 
        nm_connection_add_setting (connection, NM_SETTING (settings));
        return TRUE;
index 1f2b6f7..72744b7 100644 (file)
@@ -83,8 +83,8 @@ static void signal_ipv4_config(NMVPNPlugin *plugin,
  */
 static void signal_failure(NMVPNPlugin *plugin)
 {
-       /* TODO: NM does not handle this failure!? 
-       nm_vpn_plugin_failure(plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED); */
+       /* TODO: NM does not handle this failure!? */
+       nm_vpn_plugin_failure(plugin, NM_VPN_PLUGIN_FAILURE_LOGIN_FAILED); 
        nm_vpn_plugin_set_state(plugin, NM_VPN_SERVICE_STATE_STOPPED);
 }
 
@@ -144,7 +144,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        nm_creds_t *creds;
        NMSettingVPN *settings;
        identification_t *user = NULL, *gateway;
-       char *address, *str;
+       const char *address, *str;
        bool virtual, encap, ipcomp;
        ike_cfg_t *ike_cfg;
        peer_cfg_t *peer_cfg;
@@ -164,20 +164,20 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        
        DBG4(DBG_CFG, "received NetworkManager connection: %s",
                 nm_setting_to_string(NM_SETTING(settings)));
-       address = g_hash_table_lookup(settings->data, "address");
+       address = nm_setting_vpn_get_data_item(settings, "address");
        if (!address || !*address)
        {
                g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
                                    "Gateway address missing.");
                return FALSE;
        }
-       str = g_hash_table_lookup(settings->data, "virtual");
+       str = nm_setting_vpn_get_data_item(settings, "virtual");
        virtual = str && streq(str, "yes");
-       str = g_hash_table_lookup(settings->data, "encap");
+       str = nm_setting_vpn_get_data_item(settings, "encap");
        encap = str && streq(str, "yes");
-       str = g_hash_table_lookup(settings->data, "ipcomp");
+       str = nm_setting_vpn_get_data_item(settings, "ipcomp");
        ipcomp = str && streq(str, "yes");
-       str = g_hash_table_lookup(settings->data, "method");
+       str = nm_setting_vpn_get_data_item(settings, "method");
        if (str)
        {
                if (streq(str, "psk"))
@@ -202,7 +202,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        creds->clear(creds);
        
        /* gateway cert */
-       str = g_hash_table_lookup(settings->data, "certificate");
+       str = nm_setting_vpn_get_data_item(settings, "certificate");
        if (str)
        {
                cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
@@ -220,20 +220,20 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        if (auth_class == AUTH_CLASS_EAP)
        {
                /* username/password authentication ... */
-               str = g_hash_table_lookup(settings->data, "user");
+               str = nm_setting_vpn_get_data_item(settings, "user");
                if (str)
                {
                        user = identification_create_from_encoding(ID_KEY_ID,
                                                                                        chunk_create(str, strlen(str)));
-                       str = g_hash_table_lookup(settings->secrets, "password");
-                       creds->set_username_password(creds, user, str);
+                       str = nm_setting_vpn_get_secret(settings, "password");
+                       creds->set_username_password(creds, user, (char*)str);
                }
        }
        
        if (auth_class == AUTH_CLASS_PUBKEY)
        {
                /* ... or certificate/private key authenitcation */
-               str = g_hash_table_lookup(settings->data, "usercert");
+               str = nm_setting_vpn_get_data_item(settings, "usercert");
                if (str)
                {
                        public_key_t *public;
@@ -241,10 +241,16 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                        
                        cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
                                                                          BUILD_FROM_FILE, str, BUILD_END);     
-                                                                         
+                       if (!cert)
+                       {
+                               g_set_error(err, NM_VPN_PLUGIN_ERROR,
+                                                       NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+                                                       "Loading peer certificate failed.");
+                               return FALSE;
+                       }
                        /* try agent */  
-                       str = g_hash_table_lookup(settings->secrets, "agent");
-                       if (agent && str && cert)
+                       str = nm_setting_vpn_get_secret(settings, "agent");
+                       if (agent && str)
                        {
                                public = cert->get_public_key(cert);
                                if (public)
@@ -256,25 +262,38 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                                                                                                 BUILD_END);
                                        public->destroy(public);
                                }
+                               if (!private)
+                               {
+                                       g_set_error(err, NM_VPN_PLUGIN_ERROR,
+                                                               NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+                                                               "Connecting to SSH agent failed.");
+                               }
                        }
                        /* ... or key file */  
-                       str = g_hash_table_lookup(settings->data, "userkey");
-                       if (!agent && str && cert)
+                       str = nm_setting_vpn_get_data_item(settings, "userkey");
+                       if (!agent && str)
                        {
                                chunk_t secret, chunk;
                                bool pgp = FALSE;
                                
-                               secret.ptr = g_hash_table_lookup(settings->secrets, "password");
+                               secret.ptr = (char*)nm_setting_vpn_get_secret(settings,
+                                                                                                                                "password");
                                if (secret.ptr)
                                {
                                        secret.len = strlen(secret.ptr);
                                }
-                               if (pem_asn1_load_file(str, &secret, &chunk, &pgp))
+                               if (pem_asn1_load_file((char*)str, &secret, &chunk, &pgp))
                                {
                                        private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
                                                                KEY_RSA, BUILD_BLOB_ASN1_DER, chunk, BUILD_END);
                                        free(chunk.ptr);
                                }
+                               if (!private)
+                               {
+                                       g_set_error(err, NM_VPN_PLUGIN_ERROR,
+                                                               NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+                                                               "Loading private key failed.");
+                               }
                        }
                        if (private)
                        {
@@ -285,8 +304,6 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
                        else
                        {
                                DESTROY_IF(cert);
-                               g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
-                                                       "Loading user certificate/private key failed.");
                                return FALSE;
                        }
                }
@@ -302,7 +319,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        /**
         * Set up configurations
         */
-       ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", address);
+       ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", (char*)address);
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
        peer_cfg = peer_cfg_create(CONFIG_NAME, 2, ike_cfg,
                                        user, gateway->clone(gateway),
@@ -367,40 +384,40 @@ static gboolean need_secrets(NMVPNPlugin *plugin, NMConnection *connection,
                                                         char **setting_name, GError **error)
 {
        NMSettingVPN *settings;
-       char *method, *path;
+       const char *method, *path;
        chunk_t secret = chunk_empty, key;
        bool pgp = FALSE;
        
        settings = NM_SETTING_VPN(nm_connection_get_setting(connection,
                                                                                                                NM_TYPE_SETTING_VPN));
-       method = g_hash_table_lookup(settings->data, "method");
+       method = nm_setting_vpn_get_data_item(settings, "method");
        if (method)
        {
                if (streq(method, "eap"))
                {
-                       if (g_hash_table_lookup(settings->secrets, "password"))
+                       if (nm_setting_vpn_get_secret(settings, "password"))
                        {
                                return FALSE;
                        }
                }
                else if (streq(method, "agent"))
                {
-                       if (g_hash_table_lookup(settings->secrets, "agent"))
+                       if (nm_setting_vpn_get_secret(settings, "agent"))
                        {
                                return FALSE;
                        }
                }
                else if (streq(method, "key"))
                {
-                       path = g_hash_table_lookup(settings->data, "userkey");
+                       path = nm_setting_vpn_get_data_item(settings, "userkey");
                        if (path)
                        {
-                               secret.ptr = g_hash_table_lookup(settings->secrets, "password");
+                               secret.ptr = (char*)nm_setting_vpn_get_secret(settings, "password");
                                if (secret.ptr)
                                {
                                        secret.len = strlen(secret.ptr);
                                }
-                               if (pem_asn1_load_file(path, &secret, &key, &pgp))
+                               if (pem_asn1_load_file((char*)path, &secret, &key, &pgp))
                                {
                                        free(key.ptr);
                                        return FALSE;
@@ -434,6 +451,9 @@ static gboolean disconnect(NMVPNPlugin *plugin, GError **err)
                }
        }
        enumerator->destroy(enumerator);
+       
+       g_set_error(err, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_GENERAL,
+                               "Connection not found.");
        return FALSE;
 }