[network-manager-applet/thaller/758076_ui_no_ca_cert_required_v2: 1/2] applet: extend ui to ignore ca cert instead of nag dialog.
- From: Thomas Haller <thaller src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-applet/thaller/758076_ui_no_ca_cert_required_v2: 1/2] applet: extend ui to ignore ca cert instead of nag dialog.
- Date: Tue, 27 Aug 2013 21:17:12 +0000 (UTC)
commit 9d1a379a2a8ffd758e5d6fbeecbcd021bb001759
Author: Thomas Haller <thaller redhat com>
Date: Fri Aug 16 11:21:45 2013 +0200
applet: extend ui to ignore ca cert instead of nag dialog.
This applies to EAP methods PEAP, TLS, TTLS.
When the user configures a connection without CA certificate,
previously a warning dialog was shown where the user could
either return to the connection configuration or proceed.
Change the UI so that the configuration mask has a checkbox
"No CA is required" and enable the "Connect" button only when
either a certificate is selected or the user choose to ignore
it.
The flag no_ca_required is saved in the gsettings of the user.
When creating a new connection, the checkbox is always unchecked, so
that the user must make an active decision. When editing connections,
the flag is only set, if there is no ca cert filename and the
ca_cert_ignored flag is not set.
The nag dialog is still here and active. The next commit will
remove it.
https://bugzilla.redhat.com/show_bug.cgi?id=758076
https://bugzilla.redhat.com/show_bug.cgi?id=809489
Signed-off-by: Thomas Haller <thaller redhat com>
src/wireless-security/eap-method-peap.c | 35 ++++++++++-
src/wireless-security/eap-method-peap.ui | 39 +++++++++---
src/wireless-security/eap-method-tls.c | 39 ++++++++++++
src/wireless-security/eap-method-tls.ui | 39 +++++++++---
src/wireless-security/eap-method-ttls.c | 35 ++++++++++-
src/wireless-security/eap-method-ttls.ui | 31 ++++++++--
src/wireless-security/eap-method.c | 99 ++++++++++++++++++++++++++++++
src/wireless-security/eap-method.h | 13 ++++
8 files changed, 302 insertions(+), 28 deletions(-)
---
diff --git a/src/wireless-security/eap-method-peap.c b/src/wireless-security/eap-method-peap.c
index 4d2041c..7ccfbce 100644
--- a/src/wireless-security/eap-method-peap.c
+++ b/src/wireless-security/eap-method-peap.c
@@ -63,6 +63,8 @@ validate (EAPMethod *parent)
if (!eap_method_validate_filepicker (parent->builder, "eap_peap_ca_cert_button", TYPE_CA_CERT, NULL,
NULL))
return FALSE;
+ if (eap_method_ca_cert_required (parent->builder, "eap_peap_ca_cert_not_required_checkbox",
"eap_peap_ca_cert_button") )
+ return FALSE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_combo"));
g_assert (widget);
@@ -77,6 +79,14 @@ validate (EAPMethod *parent)
}
static void
+ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
+{
+ EAPMethod *parent = user_data;
+
+ eap_method_ca_cert_not_required_toggled (parent->builder, "eap_peap_ca_cert_not_required_checkbox",
"eap_peap_ca_cert_button");
+}
+
+static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
EAPMethodPEAP *method = (EAPMethodPEAP *) parent;
@@ -89,6 +99,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
g_object_unref (method->size_group);
method->size_group = g_object_ref (group);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_peap_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ gtk_size_group_add_widget (group, widget);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@@ -129,6 +143,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
GtkTreeIter iter;
int peapver_active = 0;
GError *error = NULL;
+ gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@@ -147,7 +162,10 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_ca_cert (s_8021x, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format,
&error)) {
g_warning ("Couldn't read CA certificate '%s': %s", filename, error ? error->message :
"(unknown)");
g_clear_error (&error);
+ ca_cert_error = TRUE;
}
+ eap_method_ca_cert_ignore_set (parent, connection, filename, ca_cert_error,
"eap_peap_ca_cert_not_required_checkbox");
+ g_free (filename);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_version_combo"));
peapver_active = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
@@ -316,7 +334,7 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
{
EAPMethod *parent;
EAPMethodPEAP *method;
- GtkWidget *widget;
+ GtkWidget *widget, *widget_ca_not_required_checkbox;
GtkFileFilter *filter;
NMSetting8021x *s_8021x = NULL;
const char *filename;
@@ -343,6 +361,16 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_peap_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) ca_cert_not_required_toggled,
+ parent);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) wireless_security_changed_cb,
+ ws_parent);
+ widget_ca_not_required_checkbox = widget;
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
g_assert (widget);
gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
@@ -354,11 +382,14 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
filter = eap_method_default_file_chooser_filter_new (FALSE);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
if (connection && s_8021x) {
+ filename = NULL;
if (nm_setting_802_1x_get_ca_cert_scheme (s_8021x) == NM_SETTING_802_1X_CK_SCHEME_PATH) {
filename = nm_setting_802_1x_get_ca_cert_path (s_8021x);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
}
+ gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget_ca_not_required_checkbox),
+ !filename && eap_method_ca_cert_ignore_get (parent,
connection));
}
widget = inner_auth_combo_init (method, connection, s_8021x, secrets_only);
@@ -399,6 +430,8 @@ eap_method_peap_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button"));
gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_peap_ca_cert_not_required_checkbox"));
+ gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_inner_auth_combo"));
diff --git a/src/wireless-security/eap-method-peap.ui b/src/wireless-security/eap-method-peap.ui
index 3d1caa7..3bb455a 100644
--- a/src/wireless-security/eap-method-peap.ui
+++ b/src/wireless-security/eap-method-peap.ui
@@ -99,6 +99,25 @@
</packing>
</child>
<child>
+ <object class="GtkCheckButton" id="eap_peap_ca_cert_not_required_checkbox">
+ <property name="label" translatable="yes">No CA certificate is _required</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_underline">True</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"/>
+ </packing>
+ </child>
+ <child>
<object class="GtkVBox" id="eap_peap_inner_auth_vbox">
<property name="visible">True</property>
<property name="can_focus">False</property>
@@ -108,8 +127,8 @@
</object>
<packing>
<property name="right_attach">2</property>
- <property name="top_attach">4</property>
- <property name="bottom_attach">5</property>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>
@@ -123,8 +142,8 @@
<property name="mnemonic_widget">eap_peap_inner_auth_combo</property>
</object>
<packing>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -144,8 +163,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -160,8 +179,8 @@
<property name="mnemonic_widget">eap_peap_version_combo</property>
</object>
<packing>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -181,8 +200,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index da02873..4e78c40 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -68,6 +68,9 @@ validate (EAPMethod *parent)
if (!eap_method_validate_filepicker (parent->builder, "eap_tls_ca_cert_button", TYPE_CA_CERT, NULL,
NULL))
return FALSE;
+ if (eap_method_ca_cert_required (parent->builder, "eap_tls_ca_cert_not_required_checkbox",
"eap_tls_ca_cert_button") )
+ return FALSE;
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_password_entry"));
g_assert (widget);
@@ -91,10 +94,22 @@ validate (EAPMethod *parent)
}
static void
+ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
+{
+ EAPMethod *parent = user_data;
+
+ eap_method_ca_cert_not_required_toggled (parent->builder, "eap_tls_ca_cert_not_required_checkbox",
"eap_tls_ca_cert_button");
+}
+
+static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
GtkWidget *widget;
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_tls_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ gtk_size_group_add_widget (group, widget);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@@ -127,6 +142,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
const char *password = NULL;
GError *error = NULL;
const char *secret_flag_prop = NULL;
+ gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@@ -209,13 +225,17 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, ca_filename,
NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
g_warning ("Couldn't read phase2 CA certificate '%s': %s", ca_filename, error ?
error->message : "(unknown)");
g_clear_error (&error);
+ ca_cert_error = TRUE;
}
} else {
if (!nm_setting_802_1x_set_ca_cert (s_8021x, ca_filename, NM_SETTING_802_1X_CK_SCHEME_PATH,
&format, &error)) {
g_warning ("Couldn't read CA certificate '%s': %s", ca_filename, error ?
error->message : "(unknown)");
g_clear_error (&error);
+ ca_cert_error = TRUE;
}
}
+ eap_method_ca_cert_ignore_set (parent, connection, ca_filename, ca_cert_error,
"eap_tls_ca_cert_not_required_checkbox");
+ g_free (ca_filename);
}
static void
@@ -394,6 +414,7 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
EAPMethod *parent;
GtkWidget *widget;
NMSetting8021x *s_8021x = NULL;
+ gboolean ca_not_required = FALSE;
parent = eap_method_init (sizeof (EAPMethodTLS),
validate,
@@ -416,6 +437,15 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_tls_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) ca_cert_not_required_toggled,
+ parent);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) wireless_security_changed_cb,
+ ws_parent);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
@@ -443,6 +473,13 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
phase2 ? nm_setting_802_1x_get_phase2_private_key_path :
nm_setting_802_1x_get_private_key_path,
TRUE, FALSE);
+ if (eap_method_ca_cert_ignore_get (parent, connection)) {
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
+ ca_not_required = !gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
+ }
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_tls_ca_cert_not_required_checkbox"));
+ gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), ca_not_required);
+
/* Fill secrets, if any */
if (connection)
update_secrets (parent, connection);
@@ -474,6 +511,8 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_tls_ca_cert_not_required_checkbox"));
+ gtk_widget_hide (widget);
}
return method;
diff --git a/src/wireless-security/eap-method-tls.ui b/src/wireless-security/eap-method-tls.ui
index 23c16a5..dac5fda 100644
--- a/src/wireless-security/eap-method-tls.ui
+++ b/src/wireless-security/eap-method-tls.ui
@@ -91,6 +91,25 @@
</packing>
</child>
<child>
+ <object class="GtkCheckButton" id="eap_tls_ca_cert_not_required_checkbox">
+ <property name="label" translatable="yes">No CA certificate is _required</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_underline">True</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"/>
+ </packing>
+ </child>
+ <child>
<object class="GtkLabel" id="eap_tls_private_key_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
@@ -100,8 +119,8 @@
<property name="mnemonic_widget">eap_tls_private_key_button</property>
</object>
<packing>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -114,8 +133,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -130,8 +149,8 @@
<property name="mnemonic_widget">eap_tls_private_key_password_entry</property>
</object>
<packing>
- <property name="top_attach">4</property>
- <property name="bottom_attach">5</property>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -146,8 +165,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">4</property>
- <property name="bottom_attach">5</property>
+ <property name="top_attach">5</property>
+ <property name="bottom_attach">6</property>
<property name="y_options"/>
</packing>
</child>
@@ -164,8 +183,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">5</property>
- <property name="bottom_attach">6</property>
+ <property name="top_attach">6</property>
+ <property name="bottom_attach">7</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
diff --git a/src/wireless-security/eap-method-ttls.c b/src/wireless-security/eap-method-ttls.c
index 65346c2..f06d8b7 100644
--- a/src/wireless-security/eap-method-ttls.c
+++ b/src/wireless-security/eap-method-ttls.c
@@ -63,6 +63,8 @@ validate (EAPMethod *parent)
if (!eap_method_validate_filepicker (parent->builder, "eap_ttls_ca_cert_button", TYPE_CA_CERT, NULL,
NULL))
return FALSE;
+ if (eap_method_ca_cert_required (parent->builder, "eap_ttls_ca_cert_not_required_checkbox",
"eap_ttls_ca_cert_button") )
+ return FALSE;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
g_assert (widget);
@@ -77,6 +79,14 @@ validate (EAPMethod *parent)
}
static void
+ca_cert_not_required_toggled (GtkWidget *ignored, gpointer user_data)
+{
+ EAPMethod *parent = user_data;
+
+ eap_method_ca_cert_not_required_toggled (parent->builder, "eap_ttls_ca_cert_not_required_checkbox",
"eap_ttls_ca_cert_button");
+}
+
+static void
add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
{
EAPMethodTTLS *method = (EAPMethodTTLS *) parent;
@@ -89,6 +99,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
g_object_unref (method->size_group);
method->size_group = g_object_ref (group);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_ttls_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ gtk_size_group_add_widget (group, widget);
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_label"));
g_assert (widget);
gtk_size_group_add_widget (group, widget);
@@ -124,6 +138,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
GtkTreeModel *model;
GtkTreeIter iter;
GError *error = NULL;
+ gboolean ca_cert_error = FALSE;
s_8021x = nm_connection_get_setting_802_1x (connection);
g_assert (s_8021x);
@@ -142,7 +157,10 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
if (!nm_setting_802_1x_set_ca_cert (s_8021x, filename, NM_SETTING_802_1X_CK_SCHEME_PATH, &format,
&error)) {
g_warning ("Couldn't read CA certificate '%s': %s", filename, error ? error->message :
"(unknown)");
g_clear_error (&error);
+ ca_cert_error = TRUE;
}
+ eap_method_ca_cert_ignore_set (parent, connection, filename, ca_cert_error,
"eap_ttls_ca_cert_not_required_checkbox");
+ g_free (filename);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
@@ -316,7 +334,7 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
{
EAPMethod *parent;
EAPMethodTTLS *method;
- GtkWidget *widget;
+ GtkWidget *widget, *widget_ca_not_required_checkbox;
GtkFileFilter *filter;
NMSetting8021x *s_8021x = NULL;
const char *filename;
@@ -343,6 +361,16 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
if (connection)
s_8021x = nm_connection_get_setting_802_1x (connection);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_ttls_ca_cert_not_required_checkbox"));
+ g_assert (widget);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) ca_cert_not_required_toggled,
+ parent);
+ g_signal_connect (G_OBJECT (widget), "toggled",
+ (GCallback) wireless_security_changed_cb,
+ ws_parent);
+ widget_ca_not_required_checkbox = widget;
+
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
g_assert (widget);
gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
@@ -354,11 +382,14 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
filter = eap_method_default_file_chooser_filter_new (FALSE);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
if (connection && s_8021x) {
+ filename = NULL;
if (nm_setting_802_1x_get_ca_cert_scheme (s_8021x) == NM_SETTING_802_1X_CK_SCHEME_PATH) {
filename = nm_setting_802_1x_get_ca_cert_path (s_8021x);
if (filename)
gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
}
+ gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget_ca_not_required_checkbox),
+ !filename && eap_method_ca_cert_ignore_get (parent,
connection));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_entry"));
@@ -380,6 +411,8 @@ eap_method_ttls_new (WirelessSecurity *ws_parent,
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button"));
gtk_widget_hide (widget);
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder,
"eap_ttls_ca_cert_not_required_checkbox"));
+ gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_label"));
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_combo"));
diff --git a/src/wireless-security/eap-method-ttls.ui b/src/wireless-security/eap-method-ttls.ui
index d33c10e..312695d 100644
--- a/src/wireless-security/eap-method-ttls.ui
+++ b/src/wireless-security/eap-method-ttls.ui
@@ -82,6 +82,25 @@
</packing>
</child>
<child>
+ <object class="GtkCheckButton" id="eap_ttls_ca_cert_not_required_checkbox">
+ <property name="label" translatable="yes">No CA certificate is _required</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="use_underline">True</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="right_attach">2</property>
+ <property name="top_attach">2</property>
+ <property name="bottom_attach">3</property>
+ <property name="x_options">GTK_FILL</property>
+ <property name="y_options"/>
+ </packing>
+ </child>
+ <child>
<object class="GtkLabel" id="eap_ttls_inner_auth_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
@@ -91,8 +110,8 @@
<property name="mnemonic_widget">eap_ttls_inner_auth_combo</property>
</object>
<packing>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options"/>
</packing>
@@ -112,8 +131,8 @@
<packing>
<property name="left_attach">1</property>
<property name="right_attach">2</property>
- <property name="top_attach">2</property>
- <property name="bottom_attach">3</property>
+ <property name="top_attach">3</property>
+ <property name="bottom_attach">4</property>
<property name="x_options">GTK_FILL</property>
<property name="y_options">GTK_FILL</property>
</packing>
@@ -129,8 +148,8 @@
</object>
<packing>
<property name="right_attach">2</property>
- <property name="top_attach">3</property>
- <property name="bottom_attach">4</property>
+ <property name="top_attach">4</property>
+ <property name="bottom_attach">5</property>
<property name="x_options">GTK_FILL</property>
</packing>
</child>
diff --git a/src/wireless-security/eap-method.c b/src/wireless-security/eap-method.c
index cdc525d..1b97d25 100644
--- a/src/wireless-security/eap-method.c
+++ b/src/wireless-security/eap-method.c
@@ -658,3 +658,102 @@ eap_method_is_encrypted_private_key (const char *path)
return default_filter_privkey (&info, (gpointer) TRUE);
}
+/* Some methods (PEAP, TLS, TTLS) require a CA certificate. The user can choose
+ * not to provide such a certificate. This method whether the checkbox
+ * id_ca_cert_not_required_checkbutton is checked or id_ca_cert_chooser has a certificate
+ * selected.
+ */
+gboolean
+eap_method_ca_cert_required (GtkBuilder *builder, const char *id_ca_cert_not_required_checkbutton, const
char *id_ca_cert_chooser)
+{
+ char *filename;
+ GtkWidget *widget;
+
+ g_assert (builder && id_ca_cert_not_required_checkbutton && id_ca_cert_chooser);
+
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_not_required_checkbutton));
+ g_assert (widget && GTK_IS_TOGGLE_BUTTON (widget));
+
+ if (!gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_chooser));
+ g_assert (widget && GTK_IS_FILE_CHOOSER (widget));
+
+ filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
+ if (!filename)
+ return TRUE;
+ g_free (filename);
+ }
+ return FALSE;
+}
+
+
+void
+eap_method_ca_cert_not_required_toggled (GtkBuilder *builder, const char
*id_ca_cert_not_required_checkbutton, const char *id_ca_cert_chooser)
+{
+ char *filename, *filename_old;
+ gboolean is_not_required;
+ GtkWidget *widget;
+
+ g_assert (builder && id_ca_cert_not_required_checkbutton && id_ca_cert_chooser);
+
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_not_required_checkbutton));
+ g_assert (widget && GTK_IS_TOGGLE_BUTTON (widget));
+ is_not_required = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget));
+
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, id_ca_cert_chooser));
+ g_assert (widget && GTK_IS_FILE_CHOOSER (widget));
+
+ filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
+ filename_old = g_object_steal_data (G_OBJECT (widget), "filename-old");
+ if (is_not_required) {
+ g_free (filename_old);
+ filename_old = filename;
+ filename = NULL;
+ } else {
+ g_free (filename);
+ filename = filename_old;
+ filename_old = NULL;
+ }
+ gtk_widget_set_sensitive (widget, !is_not_required);
+ if (filename)
+ gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
+ else
+ gtk_file_chooser_unselect_all (GTK_FILE_CHOOSER (widget));
+ g_free (filename);
+ g_object_set_data_full (G_OBJECT (widget), "filename-old", filename_old, g_free);
+}
+
+void
+eap_method_ca_cert_ignore_set (EAPMethod *method,
+ NMConnection *connection,
+ const char *filename,
+ gboolean ca_cert_error,
+ const char *id_ca_cert_is_not_required_checkbox)
+{
+ GtkWidget *widget;
+
+ /* We don't really need the checkbox value here. Just assert that it is set as expected. */
+ widget = GTK_WIDGET (gtk_builder_get_object (method->builder, id_ca_cert_is_not_required_checkbox));
+ g_assert (widget && (ca_cert_error || !filename == gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON
(widget))));
+
+ _set_ignore_ca_cert (nm_connection_get_uuid (connection),
+ method->phase2,
+ !ca_cert_error && filename==NULL);
+}
+
+gboolean
+eap_method_ca_cert_ignore_get (EAPMethod *method, NMConnection *connection)
+{
+ NMSettingConnection *s_con;
+ const char *uuid;
+
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+ uuid = nm_setting_connection_get_uuid (s_con);
+ g_assert (uuid);
+
+ /* Figure out if the user wants to ignore missing CA cert */
+ return _get_ignore_ca_cert (uuid, method->phase2);
+}
+
+
diff --git a/src/wireless-security/eap-method.h b/src/wireless-security/eap-method.h
index fdfa1a8..3d71931 100644
--- a/src/wireless-security/eap-method.h
+++ b/src/wireless-security/eap-method.h
@@ -124,5 +124,18 @@ void eap_method_phase2_update_secrets_helper (EAPMethod *method,
const char *combo_name,
guint32 column);
+gboolean eap_method_ca_cert_required (GtkBuilder *builder,
+ const char *id_ca_cert_is_not_required_checkbox,
+ const char *id_ca_cert_chooser);
+void eap_method_ca_cert_not_required_toggled (GtkBuilder *builder,
+ const char *id_ca_cert_is_not_required_checkbox,
+ const char *id_ca_cert_chooser);
+void eap_method_ca_cert_ignore_set (EAPMethod *method,
+ NMConnection *connection,
+ const char *filename,
+ gboolean ca_cert_error,
+ const char *id_ca_cert_is_not_required_checkbox);
+gboolean eap_method_ca_cert_ignore_get (EAPMethod *method, NMConnection *connection);
+
#endif /* EAP_METHOD_H */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
