[network-manager-applet/lr/pkcs11: 5/9] wireless-security: add password entries for certificates
- From: Lubomir Rintel <lkundrak src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-applet/lr/pkcs11: 5/9] wireless-security: add password entries for certificates
- Date: Mon, 20 Feb 2017 11:40:44 +0000 (UTC)
commit a8784df322392b28fffa15a135e1432ed10be2cd
Author: Lubomir Rintel <lkundrak v3 sk>
Date: Fri Feb 17 17:50:26 2017 +0000
wireless-security: add password entries for certificates
Grey them out unless the certificates are on PKCS#11 tokens (which may need PIN
login).
src/wireless-security/eap-method-tls.c | 81 +++++++++++++++++----
src/wireless-security/eap-method-tls.ui | 120 ++++++++++++++++++++++---------
2 files changed, 154 insertions(+), 47 deletions(-)
---
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index f5cd474..3a711a0 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -276,6 +276,20 @@ fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFla
}
static void
+cert_picker_helper (EAPMethod *parent, const char *password_name, NMSetting8021xCKScheme scheme)
+{
+ GtkWidget *widget;
+
+ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, password_name));
+ g_assert (widget);
+#ifdef NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11
+ gtk_widget_set_sensitive (widget, scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11);
+#else
+ gtk_widget_set_sensitive (widget, FALSE);
+#endif
+}
+
+static void
private_key_picker_helper (EAPMethod *parent, const char *value, NMSetting8021xCKScheme scheme, gboolean
changed)
{
NMSetting8021x *setting;
@@ -324,6 +338,32 @@ private_key_picker_helper (EAPMethod *parent, const char *value, NMSetting8021xC
}
static void
+cert_picker_file_set_cb (GtkWidget *chooser, const char *password_name, gpointer user_data)
+{
+ EAPMethod *parent = (EAPMethod *) user_data;
+ NMSetting8021xCKScheme scheme;
+ char *value;
+
+ value = eap_method_filepicker_get_value (GTK_FILE_CHOOSER (chooser), &scheme);
+ if (value)
+ cert_picker_helper (parent, password_name, scheme);
+
+ g_free (value);
+}
+
+static void
+client_cert_picker_file_set_cb (GtkWidget *chooser, gpointer user_data)
+{
+ cert_picker_file_set_cb (chooser, "eap_tls_user_cert_password_entry", user_data);
+}
+
+static void
+ca_cert_picker_file_set_cb (GtkWidget *chooser, gpointer user_data)
+{
+ cert_picker_file_set_cb (chooser, "eap_tls_ca_cert_password_entry", user_data);
+}
+
+static void
private_key_picker_file_set_cb (GtkWidget *chooser, gpointer user_data)
{
EAPMethod *parent = (EAPMethod *) user_data;
@@ -353,6 +393,7 @@ typedef NMSetting8021xCKScheme (*SchemeFunc) (NMSetting8021x *setting);
static void
setup_filepicker (GtkBuilder *builder,
const char *name,
+ const char *password_name,
const char *title,
WirelessSecurity *ws_parent,
EAPMethod *parent,
@@ -360,8 +401,7 @@ setup_filepicker (GtkBuilder *builder,
SchemeFunc scheme_func,
PathFunc path_func,
UriFunc uri_func,
- gboolean privkey,
- gboolean client_cert)
+ guint32 item_type)
{
GtkWidget *widget;
GtkFileFilter *filter;
@@ -387,22 +427,35 @@ setup_filepicker (GtkBuilder *builder,
}
}
- /* Connect a special handler for private keys to intercept PKCS#12 key types
- * and desensitize the user cert button.
- */
- if (privkey) {
+ switch (item_type) {
+ case TYPE_CLIENT_CERT:
+ g_signal_connect (G_OBJECT (widget), "selection-changed",
+ (GCallback) client_cert_picker_file_set_cb,
+ parent);
+ if (value)
+ cert_picker_helper (parent, password_name, scheme);
+ break;
+ case TYPE_CA_CERT:
+ g_signal_connect (G_OBJECT (widget), "selection-changed",
+ (GCallback) ca_cert_picker_file_set_cb,
+ parent);
+ if (value)
+ cert_picker_helper (parent, password_name, scheme);
+ break;
+ case TYPE_PRIVATE_KEY:
g_signal_connect (G_OBJECT (widget), "selection-changed",
(GCallback) private_key_picker_file_set_cb,
parent);
if (value)
private_key_picker_helper (parent, value, scheme, FALSE);
+ break;
}
g_signal_connect (G_OBJECT (widget), "selection-changed",
(GCallback) wireless_security_changed_cb,
ws_parent);
- filter = eap_method_default_file_chooser_filter_new (privkey);
+ filter = eap_method_default_file_chooser_filter_new (item_type == TYPE_PRIVATE_KEY);
gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter);
/* For some reason, GTK+ calls set_current_filter (..., NULL) from
@@ -410,7 +463,7 @@ setup_filepicker (GtkBuilder *builder,
* dialog; so force-reset the filter to what we want it to be whenever
* it gets cleared.
*/
- if (client_cert)
+ if (item_type == TYPE_CLIENT_CERT)
g_signal_connect (G_OBJECT (widget), "notify::filter", (GCallback) reset_filter, filter);
}
@@ -513,27 +566,27 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
if (s_8021x && nm_setting_802_1x_get_identity (s_8021x))
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x));
- setup_filepicker (parent->builder, "eap_tls_user_cert_button",
+ setup_filepicker (parent->builder, "eap_tls_user_cert_button", "eap_tls_user_cert_password_entry",
_("Choose your personal certificate"),
ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_scheme :
nm_setting_802_1x_get_client_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_path :
nm_setting_802_1x_get_client_cert_path,
phase2 ? nm_setting_802_1x_get_phase2_client_cert_uri :
nm_setting_802_1x_get_client_cert_uri,
- FALSE, TRUE);
- setup_filepicker (parent->builder, "eap_tls_ca_cert_button",
+ TYPE_CLIENT_CERT);
+ setup_filepicker (parent->builder, "eap_tls_ca_cert_button", "eap_tls_ca_cert_password_entry",
_("Choose a Certificate Authority certificate"),
ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_scheme :
nm_setting_802_1x_get_ca_cert_scheme,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_path :
nm_setting_802_1x_get_ca_cert_path,
phase2 ? nm_setting_802_1x_get_phase2_ca_cert_uri :
nm_setting_802_1x_get_ca_cert_uri,
- FALSE, FALSE);
- setup_filepicker (parent->builder, "eap_tls_private_key_button",
+ TYPE_CA_CERT);
+ setup_filepicker (parent->builder, "eap_tls_private_key_button", "eap_tls_private_key_password_entry",
_("Choose your private key"),
ws_parent, parent, s_8021x,
phase2 ? nm_setting_802_1x_get_phase2_private_key_scheme :
nm_setting_802_1x_get_private_key_scheme,
phase2 ? nm_setting_802_1x_get_phase2_private_key_path :
nm_setting_802_1x_get_private_key_path,
phase2 ? nm_setting_802_1x_get_phase2_private_key_uri :
nm_setting_802_1x_get_private_key_uri,
- TRUE, FALSE);
+ TYPE_PRIVATE_KEY);
if (connection && eap_method_ca_cert_ignore_get (parent, connection)) {
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_button"));
diff --git a/src/wireless-security/eap-method-tls.ui b/src/wireless-security/eap-method-tls.ui
index 94bad98..559b4cf 100644
--- a/src/wireless-security/eap-method-tls.ui
+++ b/src/wireless-security/eap-method-tls.ui
@@ -40,41 +40,73 @@
</packing>
</child>
<child>
- <object class="GtkFileChooserButton" id="eap_tls_ca_cert_button">
+ <object class="GtkFileChooserButton" id="eap_tls_user_cert_button">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="hexpand">True</property>
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">2</property>
+ <property name="top_attach">1</property>
</packing>
</child>
<child>
- <object class="GtkCheckButton" id="eap_tls_ca_cert_not_required_checkbox">
- <property name="label" translatable="yes">No CA certificate is _required</property>
+ <object class="GtkLabel" id="eap_tls_user_cert_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes">_User certificate:</property>
+ <property name="use_underline">True</property>
+ <property name="mnemonic_widget">eap_tls_user_cert_button</property>
+ <property name="xalign">0</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="show_checkbutton_eaptls">
+ <property name="label" translatable="yes">Sho_w passwords</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
<property name="halign">start</property>
+ <property name="valign">end</property>
<property name="hexpand">True</property>
+ <property name="vexpand">True</property>
<property name="use_underline">True</property>
<property name="draw_indicator">True</property>
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">3</property>
+ <property name="top_attach">8</property>
</packing>
</child>
<child>
- <object class="GtkFileChooserButton" id="eap_tls_private_key_button">
+ <object class="GtkLabel" id="eap_tls_private_key_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="hexpand">True</property>
+ <property name="label" translatable="yes">_Private key password:</property>
+ <property name="use_underline">True</property>
+ <property name="mnemonic_widget">eap_tls_private_key_password_entry</property>
+ <property name="xalign">0</property>
</object>
<packing>
- <property name="left_attach">1</property>
- <property name="top_attach">4</property>
+ <property name="left_attach">0</property>
+ <property name="top_attach">7</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel" id="eap_tls_private_key_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes">Private _key:</property>
+ <property name="use_underline">True</property>
+ <property name="xalign">0</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">6</property>
</packing>
</child>
<child>
@@ -87,12 +119,23 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">5</property>
+ <property name="top_attach">7</property>
</packing>
</child>
<child>
- <object class="GtkCheckButton" id="show_checkbutton_eaptls">
- <property name="label" translatable="yes">Sho_w password</property>
+ <object class="GtkFileChooserButton" id="eap_tls_private_key_button">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="hexpand">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">6</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="eap_tls_ca_cert_not_required_checkbox">
+ <property name="label" translatable="yes">No CA certificate is _required</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">False</property>
@@ -103,55 +146,66 @@
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">6</property>
+ <property name="top_attach">5</property>
</packing>
</child>
<child>
- <object class="GtkFileChooserButton" id="eap_tls_user_cert_button">
+ <object class="GtkFileChooserButton" id="eap_tls_ca_cert_button">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="hexpand">True</property>
</object>
<packing>
<property name="left_attach">1</property>
- <property name="top_attach">1</property>
+ <property name="top_attach">3</property>
</packing>
</child>
<child>
- <object class="GtkLabel" id="eap_tls_user_cert_label">
+ <object class="GtkLabel" id="eap_tls_ca_cert_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="label" translatable="yes">_User certificate:</property>
+ <property name="label" translatable="yes">C_A certificate:</property>
<property name="use_underline">True</property>
- <property name="mnemonic_widget">eap_tls_user_cert_button</property>
<property name="xalign">0</property>
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">1</property>
+ <property name="top_attach">3</property>
</packing>
</child>
<child>
- <object class="GtkLabel" id="eap_tls_ca_cert_label">
+ <object class="GtkEntry" id="eap_tls_ca_cert_password_entry">
<property name="visible">True</property>
- <property name="can_focus">False</property>
- <property name="label" translatable="yes">C_A certificate:</property>
- <property name="use_underline">True</property>
- <property name="mnemonic_widget">eap_tls_ca_cert_button</property>
- <property name="xalign">0</property>
+ <property name="can_focus">True</property>
+ <property name="hexpand">True</property>
+ <property name="visibility">False</property>
+ <property name="activates_default">True</property>
</object>
<packing>
- <property name="left_attach">0</property>
+ <property name="left_attach">1</property>
+ <property name="top_attach">4</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="eap_tls_user_cert_password_entry">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="hexpand">True</property>
+ <property name="visibility">False</property>
+ <property name="activates_default">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
<property name="top_attach">2</property>
</packing>
</child>
<child>
- <object class="GtkLabel" id="eap_tls_private_key_label">
+ <object class="GtkLabel" id="eap_tls_ca_cert_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="label" translatable="yes">Private _key:</property>
+ <property name="label" translatable="yes">CA c_ertificate password:</property>
<property name="use_underline">True</property>
- <property name="mnemonic_widget">eap_tls_private_key_button</property>
+ <property name="mnemonic_widget">eap_tls_ca_cert_password_entry</property>
<property name="xalign">0</property>
</object>
<packing>
@@ -160,17 +214,17 @@
</packing>
</child>
<child>
- <object class="GtkLabel" id="eap_tls_private_key_password_label">
+ <object class="GtkLabel" id="eap_tls_user_cert_password_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="label" translatable="yes">_Private key password:</property>
+ <property name="label" translatable="yes">U_ser certificate password:</property>
<property name="use_underline">True</property>
- <property name="mnemonic_widget">eap_tls_private_key_password_entry</property>
+ <property name="mnemonic_widget">eap_tls_user_cert_password_entry</property>
<property name="xalign">0</property>
</object>
<packing>
<property name="left_attach">0</property>
- <property name="top_attach">5</property>
+ <property name="top_attach">2</property>
</packing>
</child>
<child>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
