[network-manager-openconnect] Add support for TOTP software tokens



commit 7e89ade07cca0677aa374d5effd619631e86421d
Author: Kevin Cernekee <cernekee gmail com>
Date:   Sun Mar 24 18:15:23 2013 -0700

    Add support for TOTP software tokens
    
    Create new TOTP option on the UI, and make the appropriate library calls
    if the user enables it.

 auth-dialog/main.c                  |   14 ++++++++++----
 properties/nm-openconnect-dialog.ui |   13 ++++++++-----
 properties/nm-openconnect.c         |   16 ++++++++++++++--
 3 files changed, 32 insertions(+), 11 deletions(-)
---
diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index 30fa8d7..68bdb8b 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -66,7 +66,11 @@
 #endif
 
 #if !OPENCONNECT_CHECK_VER(2,1)
-#define openconnect_set_stoken_mode(...) -EOPNOTSUPP
+#define __openconnect_set_token_mode(...) -EOPNOTSUPP
+#elif !OPENCONNECT_CHECK_VER(2,2)
+#define __openconnect_set_token_mode(vpninfo, mode, secret) openconnect_set_stoken_mode(vpninfo, 1, secret)
+#else
+#define __openconnect_set_token_mode openconnect_set_token_mode
 #endif
 
 #ifdef OPENCONNECT_OPENSSL
@@ -1116,12 +1120,14 @@ static int get_config (GHashTable *options, GHashTable *secrets,
                int ret = 0;
 
                if (!strcmp(token_mode, "manual") && token_secret)
-                       ret = openconnect_set_stoken_mode(vpninfo, 1, token_secret);
+                       ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_STOKEN, token_secret);
                else if (!strcmp(token_mode, "stokenrc"))
-                       ret = openconnect_set_stoken_mode(vpninfo, 1, NULL);
+                       ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_STOKEN, NULL);
+               else if (!strcmp(token_mode, "totp") && token_secret)
+                       ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_TOTP, token_secret);
 
                if (ret)
-                       fprintf(stderr, "Failed to initialize stoken: %d\n", ret);
+                       fprintf(stderr, "Failed to initialize software token: %d\n", ret);
        }
 
        return 0;
diff --git a/properties/nm-openconnect-dialog.ui b/properties/nm-openconnect-dialog.ui
index 66b9119..bc38374 100644
--- a/properties/nm-openconnect-dialog.ui
+++ b/properties/nm-openconnect-dialog.ui
@@ -636,7 +636,7 @@
                 <child>
                   <object class="GtkLabel" id="label5">
                     <property name="visible">True</property>
-                    <property name="label" translatable="yes">Token _Source:</property>
+                    <property name="label" translatable="yes">Token _Mode:</property>
                     <property name="use_underline">True</property>
                     <property name="use_markup">False</property>
                     <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -646,7 +646,7 @@
                     <property name="yalign">0.5</property>
                     <property name="xpad">0</property>
                     <property name="ypad">0</property>
-                    <property name="mnemonic_widget">token_source</property>
+                    <property name="mnemonic_widget">token_mode</property>
                     <property name="ellipsize">PANGO_ELLIPSIZE_NONE</property>
                     <property name="width_chars">-1</property>
                     <property name="single_line_mode">False</property>
@@ -663,7 +663,7 @@
                 <child>
                   <object class="GtkLabel" id="token_secret_label">
                     <property name="visible">True</property>
-                    <property name="label" translatable="yes">Token St_ring:</property>
+                    <property name="label" translatable="yes">Token Sec_ret:</property>
                     <property name="use_underline">True</property>
                     <property name="use_markup">False</property>
                     <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -740,10 +740,13 @@
             <col id="0" translatable="yes">Disabled</col>
           </row>
           <row>
-            <col id="0" translatable="yes">Read from ~/.stokenrc</col>
+            <col id="0" translatable="yes">RSA SecurID - read from ~/.stokenrc</col>
           </row>
           <row>
-            <col id="0" translatable="yes">Manually entered</col>
+            <col id="0" translatable="yes">RSA SecurID - manually entered</col>
+          </row>
+          <row>
+            <col id="0" translatable="yes">TOTP - manually entered</col>
           </row>
         </data>
       </object>
diff --git a/properties/nm-openconnect.c b/properties/nm-openconnect.c
index f7c43d8..7a60937 100644
--- a/properties/nm-openconnect.c
+++ b/properties/nm-openconnect.c
@@ -45,6 +45,9 @@
 #if !OPENCONNECT_CHECK_VER(2,1)
 #define openconnect_has_stoken_support() 0
 #endif
+#if !OPENCONNECT_CHECK_VER(2,2)
+#define openconnect_has_oath_support() 0
+#endif
 
 #define NM_VPN_API_SUBJECT_TO_CHANGE
 
@@ -380,8 +383,11 @@ init_token_ui (OpenconnectPluginUiWidget *self,
        GtkTextBuffer *buffer;
        const char *value;
 
-       /* don't advertise stoken properties if we can't use them anyway */
-       if (!openconnect_has_stoken_support ())
+       /*
+        * don't advertise software token properties if we can't use them anyway
+        * TODO: Fix up the dialog accordingly if e.g. stoken is present but oath is missing
+        */
+       if (!openconnect_has_stoken_support () && !openconnect_has_oath_support ())
                return TRUE;
 
        widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "token_vbox"));
@@ -399,6 +405,8 @@ init_token_ui (OpenconnectPluginUiWidget *self,
                                gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 1);
                        else if (!strcmp (value, "manual"))
                                gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 2);
+                       else if (!strcmp (value, "totp"))
+                               gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 3);
                        else
                                gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
                }
@@ -558,6 +566,10 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
                str = "manual";
                token_secret_editable = TRUE;
                break;
+       case 3:
+               str = "totp";
+               token_secret_editable = TRUE;
+               break;
        }
        if (str)
                nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_MODE, str);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]