[network-manager-openconnect/th/vpn-service-info-bgo767197: 2/2] change multiprotocol support to use a new "protocol" option



commit 1e51bb017f6f858ed977fb3fbaff8818dfb79d74
Author: Thomas Haller <thaller redhat com>
Date:   Wed Jun 8 01:45:20 2016 +0200

    change multiprotocol support to use a new "protocol" option
    
    The recently added Juniper VPN support was realized by adding a
    service-type alias openconnect.nc. Thereby, the protocol was encoded in
    the service-type. That is not great, because traditionally the service-type
    was the D-Bus bus name of the VPN service. Nowadays, with multi-VPN
    support that somewhat changed and it's used as a base to generate the
    real bus name.
    Another important role that the service-type plays is in the connection,
    where the vpn.service-type setting associates a connection with it's plugin.
    
    The service-type should not be hacked to encode the openconnect protocol
    option. Instead, add a NM_OPENCONNECT_KEY_PROTOCOL key.
    
    However, in nm-connection-editor's UI we don't want to show the protocol
    as an option inside the VPN dialog. Instead, the two protocols
    "anyconnect" and "nc" should result in two separate entires in the
    "add-connection" list. This way, the user first selects to create either
    an "anyconnect" or "nc" VPN connection, and then the UI doesn't let
    him switch protocol anymore.
    
    This is realized by exposing the protocol as an "add-detail". When
    populating the list of VPN types, connection-editor can ask the plugin
    whether it supports multiple entires. Later, when adding the connection,
    the protocol field is pre-filled via the "add-detail-key".
    
    Note that nm-openconnect is mostly agnostic to the actual protocol
    value. When openconnect gains support for a new protocol, the plugin
    will just support it for the most part. The only thing that is missing
    is to generate an additional add-connection entry.
    Note that the supported protocols are inside the .name file. So, the
    user could edit the plugin configuration with a new protocol. As a
    result, the new protocol would show up in the list. However, that
    doesn't really fly, because the plugin cannot show a proper name and
    description for the unknown protocol. Also, the .name file is really
    not user-configuration but a part of the plugin's implementation.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=767197

 nm-openconnect-service.name.in       |    4 +-
 properties/nm-openconnect.c          |  179 ++++++++++++++++++++++++++++++++++
 src/nm-openconnect-service-defines.h |    1 +
 src/nm-openconnect-service.c         |   14 +--
 4 files changed, 189 insertions(+), 9 deletions(-)
---
diff --git a/nm-openconnect-service.name.in b/nm-openconnect-service.name.in
index 38adcea..0dde170 100644
--- a/nm-openconnect-service.name.in
+++ b/nm-openconnect-service.name.in
@@ -1,6 +1,5 @@
 [VPN Connection]
 name=openconnect
-aliases=org.freedesktop.NetworkManager.openconnect.anyconnect;org.freedesktop.NetworkManager.openconnect.nc
 service=org.freedesktop.NetworkManager.openconnect
 program= LIBEXECDIR@/nm-openconnect-service
 supports-multiple-connections=true
@@ -11,3 +10,6 @@ plugin= PLUGINDIR@/libnm-vpn-plugin-openconnect.so
 [GNOME]
 auth-dialog= LIBEXECDIR@/nm-openconnect-auth-dialog
 properties= PLUGINDIR@/libnm-openconnect-properties
+
+[openconnect]
+supported-protocols=anyconnect,nc
diff --git a/properties/nm-openconnect.c b/properties/nm-openconnect.c
index ec1a3e8..09815ce 100644
--- a/properties/nm-openconnect.c
+++ b/properties/nm-openconnect.c
@@ -94,6 +94,12 @@ G_DEFINE_TYPE_EXTENDED (OpenconnectEditorPlugin, openconnect_editor_plugin, G_TY
                         G_IMPLEMENT_INTERFACE (NM_TYPE_VPN_EDITOR_PLUGIN,
                                                openconnect_editor_plugin_interface_init))
 
+typedef struct {
+       char **supported_protocols;
+} OpenconnectEditorPluginPrivate;
+
+#define OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), 
OPENCONNECT_TYPE_EDITOR_PLUGIN, OpenconnectEditorPluginPrivate))
+
 /************** UI widget class **************/
 
 static void openconnect_editor_interface_init (NMVpnEditorInterface *iface_class);
@@ -595,10 +601,18 @@ update_connection (NMVpnEditor *iface,
        GtkTextIter iter_start, iter_end;
        GtkTextBuffer *buffer;
        const char *auth_type = NULL;
+       const char *protocol = NULL;
+
+       s_vpn = nm_connection_get_setting_vpn (connection);
+       if (s_vpn)
+               protocol = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_PROTOCOL);
 
        s_vpn = NM_SETTING_VPN (nm_setting_vpn_new ());
        g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_VPN_SERVICE_TYPE_OPENCONNECT, NULL);
 
+       if (protocol)
+               nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_PROTOCOL, protocol);
+
        widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "gateway_entry"));
        str = (char *) gtk_entry_get_text (GTK_ENTRY (widget));
        if (str && strlen (str))
@@ -792,6 +806,143 @@ get_capabilities (NMVpnEditorPlugin *iface)
                NM_VPN_EDITOR_PLUGIN_CAPABILITY_IPV6);
 }
 
+#ifndef NM_OPENCONNECT_OLD
+static void
+notify_plugin_info_set (NMVpnEditorPlugin *plugin,
+                        NMVpnPluginInfo *plugin_info)
+{
+       OpenconnectEditorPluginPrivate *priv = OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE (plugin);
+       const char *supported_protocols;
+       guint i, j;
+
+       if (!plugin_info)
+               return;
+
+       supported_protocols = nm_vpn_plugin_info_lookup_property (plugin_info, "openconnect", 
"supported-protocols");
+
+       g_strfreev (priv->supported_protocols);
+       priv->supported_protocols = supported_protocols
+           ? g_strsplit_set (supported_protocols, ",", -1)
+           : g_new0 (char *, 1);
+
+       /*remove empty entries and whitespace */
+       for (i = 0, j = 0; priv->supported_protocols[j]; j++) {
+               g_strstrip (priv->supported_protocols[j]);
+               if (priv->supported_protocols[j][0] == '\0')
+                       g_free (priv->supported_protocols[j]);
+               else
+                       priv->supported_protocols[i++] = priv->supported_protocols[j];
+       }
+       priv->supported_protocols[i] = NULL;
+}
+
+static gboolean
+call_get_signature (NMVpnEditorPlugin *plugin,
+                    const char *request,
+                    gboolean *free_types,
+                    GType **types_in,
+                    GType **types_out)
+{
+       if (!strcmp (request, "get-service-add-details")) {
+               static GType t_in[] = { G_TYPE_STRING, 0 };
+               static GType t_out[] = { 0, 0 };
+
+               if (G_UNLIKELY (t_out[0] == 0))
+                       t_out[0] = G_TYPE_STRV;
+
+               *types_in = t_in;
+               *types_out = t_out;
+               return TRUE;
+       }
+       if (!strcmp (request, "get-service-add-detail")) {
+               static GType t_in[] = { G_TYPE_STRING, G_TYPE_STRING, 0 };
+               static GType t_out[] = { G_TYPE_STRING, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_UINT, 0 };
+
+               *types_in = t_in;
+               *types_out = t_out;
+               return TRUE;
+       }
+       return FALSE;
+}
+
+static gboolean
+call (NMVpnEditorPlugin *plugin,
+      const char *request,
+      GError **error,
+      const GValue *const*args_in,
+      GValue *const*args_out)
+{
+       OpenconnectEditorPluginPrivate *priv;
+       const char *service_type;
+       const char *add_detail;
+
+       if (!strcmp (request, "get-service-add-details")) {
+               service_type = g_value_get_string (args_in[0]);
+
+               if (service_type) {
+                       if (!strcmp (service_type, NM_VPN_SERVICE_TYPE_OPENCONNECT)) {
+                               priv = OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE (plugin);
+                               g_value_set_boxed (args_out[0], priv->supported_protocols);
+                               return TRUE;
+                       }
+               }
+               goto out_unknown_service_type;
+       }
+       if (!strcmp (request, "get-service-add-detail")) {
+               service_type = g_value_get_string (args_in[0]);
+               add_detail = g_value_get_string (args_in[1]);
+
+               if (service_type) {
+                       if (!add_detail) {
+                               g_set_error (error, NM_VPN_PLUGIN_ERROR, 
NM_VPN_PLUGIN_ERROR_CALL_INVALID_ARGUMENT,
+                                             _("missing add_detail argument"));
+                               return FALSE;
+                       }
+                       if (!strcmp (service_type, NM_VPN_SERVICE_TYPE_OPENCONNECT)) {
+                               guint i;
+
+                               if (!strcmp (add_detail, "anyconnect")) {
+                                       g_value_set_string (args_out[0], OPENCONNECT_PLUGIN_NAME);
+                                       g_value_set_string (args_out[1], OPENCONNECT_PLUGIN_DESC);
+                                       g_value_set_string (args_out[2], NM_OPENCONNECT_KEY_PROTOCOL);
+                                       g_value_set_uint (args_out[3], 0);
+                                       return TRUE;
+                               }
+                               if (!strcmp (add_detail, "nc")) {
+                                       g_value_set_string (args_out[0], _("Juniper Network Connect 
(openconnect)"));
+                                       g_value_set_string (args_out[1], _("Compatible with Juniper Network 
Connect / Pulse Secure SSL VPN"));
+                                       g_value_set_string (args_out[2], NM_OPENCONNECT_KEY_PROTOCOL);
+                                       g_value_set_uint (args_out[3], 0);
+                                       return TRUE;
+                               }
+                               priv = OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE (plugin);
+                               for (i = 0; priv->supported_protocols[i]; i++) {
+                                       if (strcmp (add_detail, priv->supported_protocols[i]))
+                                               continue;
+                                       /* we don't know this protocol by name, but it's configured in the 
.name file,
+                                        * so just take it. */
+                                       g_value_take_string (args_out[0], g_strdup_printf (_("Openconnect VPN 
(%s)"), add_detail));
+                                       g_value_take_string (args_out[1], g_strdup_printf (_("Openconnect SSL 
VPN with %s protocol"), add_detail));
+                                       g_value_set_string (args_out[2], NM_OPENCONNECT_KEY_PROTOCOL);
+                                       g_value_set_uint (args_out[3], 0);
+                                       return TRUE;
+                               }
+
+                               g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_BAD_ARGUMENTS,
+                                             _("add-detail '%s' for '%s' does not support add-details"), 
add_detail, service_type);
+                               return FALSE;
+                       }
+               }
+               goto out_unknown_service_type;
+       }
+       return FALSE;
+out_unknown_service_type:
+       g_set_error (error, NM_VPN_PLUGIN_ERROR, NM_VPN_PLUGIN_ERROR_CALL_INVALID_ARGUMENT,
+                    _("Unknown service-type '%s'"), service_type);
+       return FALSE;
+}
+#endif
+
 static NMVpnEditor *
 get_editor (NMVpnEditorPlugin *iface, NMConnection *connection, GError **error)
 {
@@ -819,11 +970,26 @@ get_property (GObject *object, guint prop_id,
 }
 
 static void
+openconnect_editor_plugin_dispose (GObject *object)
+{
+       OpenconnectEditorPlugin *plugin = OPENCONNECT_EDITOR_PLUGIN (object);
+       OpenconnectEditorPluginPrivate *priv = OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE (plugin);
+
+       g_strfreev (priv->supported_protocols);
+       priv->supported_protocols = NULL;
+
+       G_OBJECT_CLASS (openconnect_editor_plugin_parent_class)->dispose (object);
+}
+
+static void
 openconnect_editor_plugin_class_init (OpenconnectEditorPluginClass *req_class)
 {
        GObjectClass *object_class = G_OBJECT_CLASS (req_class);
 
+       g_type_class_add_private (req_class, sizeof (OpenconnectEditorPluginPrivate));
+
        object_class->get_property = get_property;
+       object_class->dispose = openconnect_editor_plugin_dispose;
 
        g_object_class_override_property (object_class,
                                          PROP_NAME,
@@ -841,6 +1007,14 @@ openconnect_editor_plugin_class_init (OpenconnectEditorPluginClass *req_class)
 static void
 openconnect_editor_plugin_init (OpenconnectEditorPlugin *plugin)
 {
+       OpenconnectEditorPluginPrivate *priv = OPENCONNECT_EDITOR_PLUGIN_GET_PRIVATE (plugin);
+       char *dflt[] = {
+               "anyconnect",
+               "nc",
+               NULL,
+       };
+
+       priv->supported_protocols = g_strdupv (dflt);
 }
 
 static void
@@ -851,6 +1025,11 @@ openconnect_editor_plugin_interface_init (NMVpnEditorPluginInterface *iface_clas
        iface_class->get_capabilities = get_capabilities;
        iface_class->import_from_file = import;
        iface_class->export_to_file = export;
+#ifndef NM_OPENCONNECT_OLD
+       iface_class->call_get_signature = call_get_signature;
+       iface_class->call = call;
+       iface_class->notify_plugin_info_set = notify_plugin_info_set;
+#endif
 }
 
 G_MODULE_EXPORT NMVpnEditorPlugin *
diff --git a/src/nm-openconnect-service-defines.h b/src/nm-openconnect-service-defines.h
index 8bc2626..6853505 100644
--- a/src/nm-openconnect-service-defines.h
+++ b/src/nm-openconnect-service-defines.h
@@ -40,6 +40,7 @@
 #define NM_OPENCONNECT_KEY_PRIVKEY "userkey"
 #define NM_OPENCONNECT_KEY_MTU "mtu"
 #define NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID "pem_passphrase_fsid"
+#define NM_OPENCONNECT_KEY_PROTOCOL "protocol"
 #define NM_OPENCONNECT_KEY_PROXY "proxy"
 #define NM_OPENCONNECT_KEY_CSD_ENABLE "enable_csd_trojan"
 #define NM_OPENCONNECT_KEY_CSD_WRAPPER "csd_wrapper"
diff --git a/src/nm-openconnect-service.c b/src/nm-openconnect-service.c
index 7e8be4f..4fccba2 100644
--- a/src/nm-openconnect-service.c
+++ b/src/nm-openconnect-service.c
@@ -364,7 +364,7 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
        GSource *openconnect_watch;
        gint    stdin_fd;
        const char *props_vpn_gw, *props_cookie, *props_cacert, *props_mtu, *props_gwcert, *props_proxy;
-       const char *service;
+       const char *protocol;
 
        /* Find openconnect */
        openconnect_binary = openconnect_binary_paths;
@@ -410,20 +410,18 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
        props_mtu = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_MTU);
 
        props_proxy = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_PROXY);
-       service = nm_setting_vpn_get_service_type (s_vpn);
 
        openconnect_argv = g_ptr_array_new ();
        g_ptr_array_add (openconnect_argv, (gpointer) (*openconnect_binary));
 
-       if (service && g_str_has_prefix(service, NM_DBUS_SERVICE_OPENCONNECT ".")) {
-               service += strlen(NM_DBUS_SERVICE_OPENCONNECT ".");
-
+       protocol = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_PROTOCOL);
+       if (protocol && strcmp (protocol, "anyconnect")) {
                /* Special case for OpenConnect 7.06 which had --juniper but not --protocol */
-               if (!strcmp(service, "juniper"))
+               if (!strcmp (protocol, "juniper"))
                        g_ptr_array_add (openconnect_argv, (gpointer) "--juniper");
                else {
                        g_ptr_array_add (openconnect_argv, (gpointer) "--protocol");
-                       g_ptr_array_add (openconnect_argv, (gpointer) service);
+                       g_ptr_array_add (openconnect_argv, (gpointer) protocol);
                }
        }
 
@@ -444,7 +442,7 @@ nm_openconnect_start_openconnect_binary (NMOpenconnectPlugin *plugin,
                g_ptr_array_add (openconnect_argv, (gpointer) "--proxy");
                g_ptr_array_add (openconnect_argv, (gpointer) props_proxy);
        }
-               
+
        g_ptr_array_add (openconnect_argv, (gpointer) "--syslog");
        g_ptr_array_add (openconnect_argv, (gpointer) "--cookie-on-stdin");
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]