[network-manager-applet] security: don't depend on gconf-helpers code
- From: Dan Williams <dcbw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-applet] security: don't depend on gconf-helpers code
- Date: Thu, 10 Mar 2011 06:54:23 +0000 (UTC)
commit 615054bf04adceefae74c242cc8ded0a50b01794
Author: Dan Williams <dcbw redhat com>
Date: Wed Mar 9 12:56:34 2011 -0600
security: don't depend on gconf-helpers code
The only thing it's used for is the "ignore CA cert" stuff so
we don't really need to bring in all of the gconf-helpers code.
src/wireless-security/Makefile.am | 6 +--
src/wireless-security/eap-method-leap.c | 3 +-
src/wireless-security/eap-method-peap.c | 13 +----
src/wireless-security/eap-method-simple.c | 9 ++--
src/wireless-security/eap-method-tls.c | 49 ++++++-----------
src/wireless-security/eap-method-ttls.c | 13 +----
src/wireless-security/eap-method.c | 80 ++++++++++++++++++++++-------
src/wireless-security/eap-method.h | 9 ++--
8 files changed, 97 insertions(+), 85 deletions(-)
---
diff --git a/src/wireless-security/Makefile.am b/src/wireless-security/Makefile.am
index 831600f..888aa2e 100644
--- a/src/wireless-security/Makefile.am
+++ b/src/wireless-security/Makefile.am
@@ -33,14 +33,12 @@ libwireless_security_la_CPPFLAGS = \
-DUIDIR=\""$(uidir)"\" \
$(NMA_CFLAGS) \
$(DISABLE_DEPRECATED) \
- -I${top_srcdir}/src/utils \
- -I${top_srcdir}/src/gconf-helpers
+ -I${top_srcdir}/src/utils
libwireless_security_la_LIBADD = \
$(GTK_LIBS) \
$(NMA_LIBS) \
- ${top_builddir}/src/utils/libutils.la \
- ${top_builddir}/src/gconf-helpers/libgconf-helpers.la
+ ${top_builddir}/src/utils/libutils.la
uidir = $(datadir)/nm-applet
ui_DATA = \
diff --git a/src/wireless-security/eap-method-leap.c b/src/wireless-security/eap-method-leap.c
index e61af00..bc80f59 100644
--- a/src/wireless-security/eap-method-leap.c
+++ b/src/wireless-security/eap-method-leap.c
@@ -125,7 +125,8 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
NULL,
UIDIR "/eap-method-leap.ui",
"eap_leap_notebook",
- "eap_leap_username_entry");
+ "eap_leap_username_entry",
+ FALSE);
if (!parent)
return NULL;
diff --git a/src/wireless-security/eap-method-peap.c b/src/wireless-security/eap-method-peap.c
index 1b300b8..26cec44 100644
--- a/src/wireless-security/eap-method-peap.c
+++ b/src/wireless-security/eap-method-peap.c
@@ -29,7 +29,6 @@
#include "eap-method.h"
#include "wireless-security.h"
-#include "gconf-helpers.h"
#define I_NAME_COLUMN 0
#define I_METHOD_COLUMN 1
@@ -152,10 +151,6 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_clear_error (&error);
}
- nm_gconf_set_ignore_ca_cert (nm_setting_connection_get_uuid (s_con),
- FALSE,
- eap_method_get_ignore_ca_cert (parent));
-
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_version_combo"));
peapver_active = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
switch (peapver_active) {
@@ -331,14 +326,12 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
destroy,
UIDIR "/eap-method-peap.ui",
"eap_peap_notebook",
- "eap_peap_anon_identity_entry");
+ "eap_peap_anon_identity_entry",
+ FALSE);
if (!parent)
return NULL;
- eap_method_nag_init (parent,
- "eap_peap_ca_cert_button",
- connection,
- FALSE);
+ eap_method_nag_init (parent, "eap_peap_ca_cert_button", connection);
method = (EAPMethodPEAP *) parent;
method->sec_parent = ws_parent;
diff --git a/src/wireless-security/eap-method-simple.c b/src/wireless-security/eap-method-simple.c
index 446264b..e7fca34 100644
--- a/src/wireless-security/eap-method-simple.c
+++ b/src/wireless-security/eap-method-simple.c
@@ -34,7 +34,6 @@ struct _EAPMethodSimple {
EAPMethodSimpleType type;
gboolean is_editor;
- gboolean phase2;
};
static void
@@ -107,7 +106,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
/* If this is the main EAP method, clear any existing methods because the
* user-selected on will replace it.
*/
- if (method->phase2 == FALSE)
+ if (parent->phase2 == FALSE)
nm_setting_802_1x_clear_eap_methods (s_8021x);
switch (method->type) {
@@ -134,7 +133,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
break;
}
- if (method->phase2)
+ if (parent->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, eap, NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, eap);
@@ -222,14 +221,14 @@ eap_method_simple_new (WirelessSecurity *ws_parent,
NULL,
UIDIR "/eap-method-simple.ui",
"eap_simple_notebook",
- "eap_simple_username_entry");
+ "eap_simple_username_entry",
+ phase2);
if (!parent)
return NULL;
method = (EAPMethodSimple *) parent;
method->type = type;
method->is_editor = is_editor;
- method->phase2 = phase2;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry"));
g_assert (widget);
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index 065efbb..754f45b 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -27,15 +27,12 @@
#include <nm-setting-connection.h>
#include <nm-setting-8021x.h>
-#include "gconf-helpers.h"
#include "eap-method.h"
#include "wireless-security.h"
#include "helpers.h"
struct _EAPMethodTLS {
EAPMethod parent;
-
- gboolean phase2;
};
@@ -118,7 +115,6 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
static void
fill_connection (EAPMethod *parent, NMConnection *connection)
{
- EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
NMSetting8021x *s_8021x;
NMSettingConnection *s_con;
@@ -133,7 +129,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
g_assert (s_8021x);
- if (method->phase2)
+ if (parent->phase2)
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_AUTH, "tls", NULL);
else
nm_setting_802_1x_add_eap_method (s_8021x, "tls");
@@ -153,7 +149,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
pk_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
g_assert (pk_filename);
- if (method->phase2) {
+ if (parent->phase2) {
if (!nm_setting_802_1x_set_phase2_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
@@ -177,7 +173,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_assert (cc_filename);
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
- if (method->phase2) {
+ if (parent->phase2) {
if (!nm_setting_802_1x_set_phase2_client_cert (s_8021x, cc_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 client certificate '%s': %s", cc_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
@@ -197,7 +193,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
ca_filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
- if (method->phase2) {
+ if (parent->phase2) {
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 CA certificate '%s': %s", ca_filename, error ? error->message : "(unknown)");
g_clear_error (&error);
@@ -208,10 +204,6 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_clear_error (&error);
}
}
-
- nm_gconf_set_ignore_ca_cert (nm_setting_connection_get_uuid (s_con),
- method->phase2,
- eap_method_get_ignore_ca_cert (parent));
}
static void
@@ -291,7 +283,7 @@ setup_filepicker (GtkBuilder *builder,
const char *name,
const char *title,
WirelessSecurity *ws_parent,
- EAPMethodTLS *method,
+ EAPMethod *parent,
NMSetting8021x *s_8021x,
SchemeFunc scheme_func,
PathFunc path_func,
@@ -321,9 +313,9 @@ setup_filepicker (GtkBuilder *builder,
if (privkey) {
g_signal_connect (G_OBJECT (widget), "selection-changed",
(GCallback) private_key_picker_file_set_cb,
- method);
+ parent);
if (filename)
- private_key_picker_helper ((EAPMethod *) method, filename, FALSE);
+ private_key_picker_helper (parent, filename, FALSE);
}
g_signal_connect (G_OBJECT (widget), "selection-changed",
@@ -345,7 +337,6 @@ setup_filepicker (GtkBuilder *builder,
static void
update_secrets (EAPMethod *parent, NMConnection *connection)
{
- EAPMethodTLS *method = (EAPMethodTLS *) parent;
NMSetting8021x *s_8021x;
HelperSecretFunc password_func;
SchemeFunc scheme_func;
@@ -353,7 +344,7 @@ update_secrets (EAPMethod *parent, NMConnection *connection)
const char *filename;
GtkWidget *widget;
- if (method->phase2) {
+ if (parent->phase2) {
password_func = (HelperSecretFunc) nm_setting_802_1x_get_phase2_private_key_password;
scheme_func = nm_setting_802_1x_get_phase2_private_key_scheme;
path_func = nm_setting_802_1x_get_phase2_private_key_path;
@@ -387,7 +378,6 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
gboolean phase2)
{
EAPMethod *parent;
- EAPMethodTLS *method;
GtkWidget *widget;
NMSetting8021x *s_8021x = NULL;
@@ -399,17 +389,12 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
NULL,
UIDIR "/eap-method-tls.ui",
"eap_tls_notebook",
- "eap_tls_identity_entry");
+ "eap_tls_identity_entry",
+ phase2);
if (!parent)
return NULL;
- eap_method_nag_init (parent,
- "eap_tls_ca_cert_button",
- connection,
- phase2);
-
- method = (EAPMethodTLS *) parent;
- method->phase2 = phase2;
+ eap_method_nag_init (parent, "eap_tls_ca_cert_button", connection);
if (connection)
s_8021x = NM_SETTING_802_1X (nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X));
@@ -424,26 +409,26 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
setup_filepicker (parent->builder, "eap_tls_user_cert_button",
_("Choose your personal certificate..."),
- ws_parent, method, s_8021x,
+ ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_scheme : nm_setting_802_1x_get_client_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_path : nm_setting_802_1x_get_client_cert_path,
FALSE, TRUE);
setup_filepicker (parent->builder, "eap_tls_ca_cert_button",
_("Choose a Certificate Authority certificate..."),
- ws_parent, method, s_8021x,
+ ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_scheme : nm_setting_802_1x_get_ca_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_path : nm_setting_802_1x_get_ca_cert_path,
FALSE, FALSE);
setup_filepicker (parent->builder, "eap_tls_private_key_button",
_("Choose your private key..."),
- ws_parent, method, s_8021x,
+ ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_private_key_scheme : nm_setting_802_1x_get_private_key_scheme,
phase2 ? nm_setting_802_1x_get_phase2_private_key_path : nm_setting_802_1x_get_private_key_path,
TRUE, FALSE);
/* Fill secrets, if any */
if (connection)
- update_secrets (EAP_METHOD (method), connection);
+ update_secrets (parent, connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_password_entry"));
g_assert (widget);
@@ -455,8 +440,8 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
- method);
+ parent);
- return method;
+ return (EAPMethodTLS *) parent;
}
diff --git a/src/wireless-security/eap-method-ttls.c b/src/wireless-security/eap-method-ttls.c
index d23e70c..897bda7 100644
--- a/src/wireless-security/eap-method-ttls.c
+++ b/src/wireless-security/eap-method-ttls.c
@@ -29,7 +29,6 @@
#include "eap-method.h"
#include "wireless-security.h"
-#include "gconf-helpers.h"
#define I_NAME_COLUMN 0
#define I_METHOD_COLUMN 1
@@ -147,10 +146,6 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_clear_error (&error);
}
- nm_gconf_set_ignore_ca_cert (nm_setting_connection_get_uuid (s_con),
- FALSE,
- eap_method_get_ignore_ca_cert (parent));
-
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
@@ -331,14 +326,12 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
destroy,
UIDIR "/eap-method-ttls.ui",
"eap_ttls_notebook",
- "eap_ttls_anon_identity_entry");
+ "eap_ttls_anon_identity_entry",
+ FALSE);
if (!parent)
return NULL;
- eap_method_nag_init (parent,
- "eap_ttls_ca_cert_button",
- connection,
- FALSE);
+ eap_method_nag_init (parent, "eap_ttls_ca_cert_button", connection);
method = (EAPMethodTTLS *) parent;
method->sec_parent = ws_parent;
diff --git a/src/wireless-security/eap-method.c b/src/wireless-security/eap-method.c
index ba9ded0..65837eb 100644
--- a/src/wireless-security/eap-method.c
+++ b/src/wireless-security/eap-method.c
@@ -18,7 +18,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
- * (C) Copyright 2007 - 2010 Red Hat, Inc.
+ * (C) Copyright 2007 - 2011 Red Hat, Inc.
*/
@@ -31,11 +31,12 @@
#include <fcntl.h>
#include <unistd.h>
+#include <gconf/gconf.h>
+#include <gconf/gconf-client.h>
+
#include <nm-setting-connection.h>
#include <nm-setting-8021x.h>
#include "eap-method.h"
-#include "gconf-helpers.h"
-
GType
eap_method_get_g_type (void)
@@ -112,6 +113,34 @@ nag_dialog_destroyed (gpointer data, GObject *dialog_ptr)
g_free (info);
}
+static char *
+_get_ca_ignore_path (const char *uuid, gboolean phase2)
+{
+ return g_strdup_printf ("/apps/nm-applet/%s/%s",
+ phase2 ? "ignore-phase2-ca-cert" : "ignore-ca-cert",
+ uuid);
+}
+
+static void
+_set_ignore_ca_cert (const char *uuid, gboolean phase2, gboolean ignore)
+{
+ GConfClient *client;
+ char *key = NULL;
+
+ g_return_if_fail (uuid != NULL);
+
+ client = gconf_client_get_default ();
+
+ key = _get_ca_ignore_path (uuid, phase2);
+ if (ignore)
+ gconf_client_set_bool (client, key, ignore, NULL);
+ else
+ gconf_client_unset (client, key, NULL);
+ g_free (key);
+
+ g_object_unref (client);
+}
+
static void
nag_dialog_response_cb (GtkDialog *nag_dialog,
gint response,
@@ -129,8 +158,10 @@ nag_dialog_response_cb (GtkDialog *nag_dialog,
method->ignore_ca_cert = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget));
- /* Set the value to connection. It will be stored when connection is written (in nm_gconf_write_connection()) */
- g_object_set_data (G_OBJECT (connection), IGNORE_CA_CERT_TAG, GUINT_TO_POINTER (method->ignore_ca_cert));
+ /* And save it */
+ _set_ignore_ca_cert (nm_connection_get_uuid (connection),
+ method->phase2,
+ method->ignore_ca_cert);
}
gtk_widget_hide (GTK_WIDGET (nag_dialog));
@@ -176,11 +207,29 @@ eap_method_nag_user (EAPMethod *method)
#define NAG_DIALOG_UI UIDIR "/nag-user-dialog.ui"
+static gboolean
+_get_ignore_ca_cert (const char *uuid, gboolean phase2)
+{
+ GConfClient *client;
+ char *key = NULL;
+ gboolean ignore = FALSE;
+
+ g_return_val_if_fail (uuid != NULL, FALSE);
+
+ client = gconf_client_get_default ();
+
+ key = _get_ca_ignore_path (uuid, phase2);
+ ignore = gconf_client_get_bool (client, key, NULL);
+ g_free (key);
+
+ g_object_unref (client);
+ return ignore;
+}
+
gboolean
eap_method_nag_init (EAPMethod *method,
const char *ca_cert_chooser,
- NMConnection *connection,
- gboolean phase2)
+ NMConnection *connection)
{
GtkWidget *dialog, *widget;
NagDialogResponseInfo *info;
@@ -208,7 +257,8 @@ eap_method_nag_init (EAPMethod *method,
uuid = nm_setting_connection_get_uuid (s_con);
g_assert (uuid);
- method->ignore_ca_cert = nm_gconf_get_ignore_ca_cert (uuid, phase2);
+ /* Figure out if the user wants to ignore missing CA cert */
+ method->ignore_ca_cert = _get_ignore_ca_cert (uuid, method->phase2);
}
info = g_malloc0 (sizeof (NagDialogResponseInfo));
@@ -242,14 +292,6 @@ eap_method_nag_init (EAPMethod *method,
return TRUE;
}
-gboolean
-eap_method_get_ignore_ca_cert (EAPMethod *method)
-{
- g_return_val_if_fail (method != NULL, FALSE);
-
- return method->ignore_ca_cert;
-}
-
void
eap_method_phase2_update_secrets_helper (EAPMethod *method,
NMConnection *connection,
@@ -291,8 +333,9 @@ eap_method_init (gsize obj_size,
EMDestroyFunc destroy,
const char *ui_file,
const char *ui_widget_name,
- const char *default_field)
-{
+ const char *default_field,
+ gboolean phase2)
+{
EAPMethod *method;
GError *error = NULL;
@@ -311,6 +354,7 @@ eap_method_init (gsize obj_size,
method->update_secrets = update_secrets;
method->destroy = destroy;
method->default_field = default_field;
+ method->phase2 = phase2;
method->builder = gtk_builder_new ();
if (!gtk_builder_add_from_file (method->builder, ui_file, &error)) {
diff --git a/src/wireless-security/eap-method.h b/src/wireless-security/eap-method.h
index 6553696..331ecb8 100644
--- a/src/wireless-security/eap-method.h
+++ b/src/wireless-security/eap-method.h
@@ -49,6 +49,7 @@ struct _EAPMethod {
const char *default_field;
GtkWidget *nag_dialog;
+ gboolean phase2;
gboolean ignore_ca_cert;
EMAddToSizeGroupFunc add_to_size_group;
@@ -95,7 +96,8 @@ EAPMethod *eap_method_init (gsize obj_size,
EMDestroyFunc destroy,
const char *ui_file,
const char *ui_widget_name,
- const char *default_field);
+ const char *default_field,
+ gboolean phase2);
GtkFileFilter * eap_method_default_file_chooser_filter_new (gboolean privkey);
@@ -113,10 +115,7 @@ gboolean eap_method_validate_filepicker (GtkBuilder *builder,
gboolean eap_method_nag_init (EAPMethod *method,
const char *ca_cert_chooser,
- NMConnection *connection,
- gboolean phase2);
-
-gboolean eap_method_get_ignore_ca_cert (EAPMethod *method);
+ NMConnection *connection);
void eap_method_phase2_update_secrets_helper (EAPMethod *method,
NMConnection *connection,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
