[network-manager-applet/lr/pkcs11: 9/24] libnma: add a certificate picker interface
- From: Lubomir Rintel <lkundrak src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-applet/lr/pkcs11: 9/24] libnma: add a certificate picker interface
- Date: Wed, 8 Mar 2017 15:30:56 +0000 (UTC)
commit 35637a528175e90141f5644dbb5618cd93162f94
Author: Lubomir Rintel <lkundrak v3 sk>
Date: Thu Mar 2 17:25:41 2017 +0100
libnma: add a certificate picker interface
A grid with certificate & key pair optionally with passwords.
The idea is to provide reusable interface for the 802.1x and VPN plugins
that can be backed by a simple file-base chooser or a PKCS#11 based
chooser. The API is designed with possible future Gcr certificate chooser
in mind.
This is available from libnm-gtk too, since the wireless-security
library will make use for it. It still resides in the libnma/ tree not
to introduce complexity into how the tree is organized for the sake of a
legacy component.
Makefile.am | 10 +-
libnma-docs.xml | 6 +
src/libnm-gtk/libnm-gtk.ver | 22 ++
src/libnm-gtk/nm-cert-chooser.h | 216 ++++++++++++++
src/libnma/libnma.ver | 22 ++
src/libnma/nma-cert-chooser.c | 585 +++++++++++++++++++++++++++++++++++++++
src/libnma/nma-cert-chooser.h | 239 ++++++++++++++++
7 files changed, 1097 insertions(+), 3 deletions(-)
---
diff --git a/Makefile.am b/Makefile.am
index fdd40d5..f62cb3e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -350,7 +350,8 @@ libnm_gtk_h_pub = \
src/libnm-gtk/nm-mobile-wizard.h \
src/libnm-gtk/nm-ui-utils.h \
src/libnm-gtk/nm-mobile-providers.h \
- src/libnm-gtk/nm-vpn-password-dialog.h
+ src/libnm-gtk/nm-vpn-password-dialog.h \
+ src/libnm-gtk/nm-cert-chooser.h
libnm_gtk_c_real = \
src/libnm-gtk/nm-wifi-dialog.c \
@@ -359,6 +360,7 @@ libnm_gtk_c_real = \
src/libnm-gtk/nm-ui-utils.c \
src/libnm-gtk/nm-mobile-providers.c \
src/libnm-gtk/nm-vpn-password-dialog.c \
+ src/libnma/nma-cert-chooser.c \
src/libnm-gtk/init.c
src_libnm_gtk_libnmgtkdir = $(includedir)/libnm-gtk
@@ -479,7 +481,8 @@ libnma_h_pub = \
src/libnma/nma-mobile-wizard.h \
src/libnma/nma-mobile-providers.h \
src/libnma/nma-vpn-password-dialog.h \
- src/libnma/nma-ui-utils.h
+ src/libnma/nma-ui-utils.h \
+ src/libnma/nma-cert-chooser.h
libnma_c_real = \
src/libnma/nma-wifi-dialog.c \
@@ -487,7 +490,8 @@ libnma_c_real = \
src/libnma/nma-mobile-providers.c \
src/libnma/nma-vpn-password-dialog.c \
src/libnma/nma-ui-utils.c \
- src/libnma/init.c
+ src/libnma/init.c \
+ src/libnma/nma-cert-chooser.c
src_libnma_libnmadir = $(includedir)/libnma
diff --git a/libnma-docs.xml b/libnma-docs.xml
index 0ef92e1..fdcfb38 100644
--- a/libnma-docs.xml
+++ b/libnma-docs.xml
@@ -50,6 +50,7 @@
<xi:include href="xml/nma-mobile-providers.xml"/>
<xi:include href="xml/nma-vpn-password-dialog.xml"/>
<xi:include href="xml/nma-wifi-dialog.xml"/>
+ <xi:include href="xml/nma-cert-chooser.xml"/>
</chapter>
<chapter id="object-tree">
@@ -62,6 +63,11 @@
<xi:include href="xml/api-index-full.xml"><xi:fallback /></xi:include>
</index>
+ <index id="api-index-1.8.0">
+ <title>Index of API available in version 1.8.0</title>
+ <xi:include href="api-index-1.8.0.xml"><xi:fallback /></xi:include>
+ </index>
+
<index id="deprecated-api-index" role="deprecated">
<title>Index of deprecated API</title>
<xi:include href="xml/api-index-deprecated.xml"><xi:fallback /></xi:include>
diff --git a/src/libnm-gtk/libnm-gtk.ver b/src/libnm-gtk/libnm-gtk.ver
index 769450e..415c9ca 100644
--- a/src/libnm-gtk/libnm-gtk.ver
+++ b/src/libnm-gtk/libnm-gtk.ver
@@ -14,3 +14,25 @@ local:
nm[^a]*;
nma[^_]*;
};
+
+libnm_gtk_1_8_0 {
+global:
+ nma_cert_chooser_add_to_size_group;
+ nma_cert_chooser_get_cert;
+ nma_cert_chooser_get_cert_password;
+ nma_cert_chooser_get_cert_password_flags;
+ nma_cert_chooser_get_key;
+ nma_cert_chooser_get_key_password;
+ nma_cert_chooser_get_key_password_flags;
+ nma_cert_chooser_get_type;
+ nma_cert_chooser_new;
+ nma_cert_chooser_set_cert;
+ nma_cert_chooser_set_cert_password;
+ nma_cert_chooser_set_key;
+ nma_cert_chooser_set_key_password;
+ nma_cert_chooser_setup_cert_password_storage;
+ nma_cert_chooser_setup_key_password_storage;
+ nma_cert_chooser_update_cert_password_storage;
+ nma_cert_chooser_update_key_password_storage;
+ nma_cert_chooser_validate;
+} libnm_gtk_1_0_6;
diff --git a/src/libnm-gtk/nm-cert-chooser.h b/src/libnm-gtk/nm-cert-chooser.h
new file mode 100644
index 0000000..824c9b6
--- /dev/null
+++ b/src/libnm-gtk/nm-cert-chooser.h
@@ -0,0 +1,216 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER,
NMACertChooser))
+#define NMA_IS_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_INTERFACE(obj) (G_TYPE_INSTANCE_GET_INTERFACE ((obj),
NMA_TYPE_CERT_CHOOSER, NMACertChooserInterface))
+
+typedef struct _NMACertChooser NMACertChooser;
+
+/**
+ * NMACertChooserInterface:
+ * @parent_iface: The parent interface.
+ * @set_cert: Set the certificate location for the chooser button.
+ * @get_cert: Get the real certificate location from the chooser button along
+ * with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ * access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ * access the certificate.
+ * @set_key: Set the key location for the chooser button.
+ * @get_key: Get the real key location from the chooser button along with the
+ * scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ * access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ * access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ * are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ * certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ * password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ * validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+typedef struct {
+ GTypeInterface parent_iface;
+
+ /* virtual methods */
+ void (*set_cert) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_cert) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_cert_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_cert_password) (NMACertChooser *cert_chooser);
+ void (*set_key) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_key) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_key_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_key_password) (NMACertChooser *cert_chooser);
+
+ void (*add_to_size_group) (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+ gboolean (*validate) (NMACertChooser *cert_chooser,
+ GError **error);
+
+ void (*setup_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_cert_password_flags) (NMACertChooser *cert_chooser);
+ void (*setup_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_key_password_flags) (NMACertChooser *cert_chooser);
+
+ /* signals */
+ GError *(*cert_validate) (NMACertChooser *cert_chooser);
+ GError *(*cert_password_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_password_validate) (NMACertChooser *cert_chooser);
+ void (*changed) (NMACertChooser *cert_chooser);
+} NMACertChooserInterface;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+typedef enum {
+ NMA_CERT_CHOOSER_FLAG_CERT = 0x1,
+ NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+ NMA_CERT_CHOOSER_FLAG_PEM = 0x4,
+} NMACertChooserFlags;
+
+GType nma_cert_chooser_get_type (void);
+
+void nma_cert_chooser_set_cert (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+gchar *nma_cert_chooser_get_cert (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+void nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+const gchar *nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser);
+
+void nma_cert_chooser_set_key (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+gchar *nma_cert_chooser_get_key (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+void nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+const gchar *nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser);
+
+GtkWidget *nma_cert_chooser_new (const gchar *title,
+ NMACertChooserFlags flags);
+
+
+void nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+
+gboolean nma_cert_chooser_validate (NMACertChooser *cert_chooser,
+ GError **error);
+
+void nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+void nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser);
+
+void nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+void nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */
diff --git a/src/libnma/libnma.ver b/src/libnma/libnma.ver
index 30ea6b9..90b89f3 100644
--- a/src/libnma/libnma.ver
+++ b/src/libnma/libnma.ver
@@ -69,3 +69,25 @@ global:
local:
*;
};
+
+libnma_1_8_0 {
+global:
+ nma_cert_chooser_add_to_size_group;
+ nma_cert_chooser_get_cert;
+ nma_cert_chooser_get_cert_password;
+ nma_cert_chooser_get_cert_password_flags;
+ nma_cert_chooser_get_key;
+ nma_cert_chooser_get_key_password;
+ nma_cert_chooser_get_key_password_flags;
+ nma_cert_chooser_get_type;
+ nma_cert_chooser_new;
+ nma_cert_chooser_set_cert;
+ nma_cert_chooser_set_cert_password;
+ nma_cert_chooser_set_key;
+ nma_cert_chooser_set_key_password;
+ nma_cert_chooser_setup_cert_password_storage;
+ nma_cert_chooser_setup_key_password_storage;
+ nma_cert_chooser_update_cert_password_storage;
+ nma_cert_chooser_update_key_password_storage;
+ nma_cert_chooser_validate;
+} libnma_1_2_0;
diff --git a/src/libnma/nma-cert-chooser.c b/src/libnma/nma-cert-chooser.c
new file mode 100644
index 0000000..8003d82
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.c
@@ -0,0 +1,585 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Red Hat, Inc.
+ */
+
+#include "nm-default.h"
+#include "nma-cert-chooser.h"
+
+/**
+ * SECTION:nma-cert-chooser
+ * @title: NMACertChooser
+ *
+ * Certificate chooser allows for selection of a certificate or
+ * various schemes optionally accompanied with a key and passwords
+ * or PIN.
+ *
+ * The widgets that implement this interface may allow selecting
+ * the certificates from various sources such as files or cryptographic
+ * tokens.
+ */
+
+enum {
+ CERT_VALIDATE,
+ CERT_PASSWORD_VALIDATE,
+ KEY_VALIDATE,
+ KEY_PASSWORD_VALIDATE,
+ CHANGED,
+ LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+G_DEFINE_INTERFACE (NMACertChooser, nma_cert_chooser, G_TYPE_OBJECT)
+
+static gboolean
+accu_validation_error (GSignalInvocationHint *ihint,
+ GValue *return_accu,
+ const GValue *handler_return,
+ gpointer data)
+{
+ if (g_value_get_boxed (handler_return)) {
+ g_value_copy (handler_return, return_accu);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static void
+nma_cert_chooser_default_init (NMACertChooserInterface *cert_chooser_iface)
+{
+ static volatile gsize initialized = 0;
+
+ if (!g_once_init_enter (&initialized))
+ return;
+
+ /**
+ * NMACertChooser::cert-validate:
+ *
+ * Emitted when the certificate needs validation. The handlers can indicate that
+ * the certificate is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[CERT_VALIDATE] = g_signal_new ("cert-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserInterface, cert_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::cert-password-validate:
+ *
+ * Emitted when the certificate password needs validation. The handlers
+ * can indicate that the password is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[CERT_PASSWORD_VALIDATE] = g_signal_new ("cert-password-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserInterface,
cert_password_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::key-validate:
+ *
+ * Emitted when the key needs validation. The handlers can indicate that
+ * the key is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[KEY_VALIDATE] = g_signal_new ("key-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserInterface, key_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::key-password-validate:
+ *
+ * Emitted when the key password needs validation. The handlers can indicate
+ * that the password is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[KEY_PASSWORD_VALIDATE] = g_signal_new ("key-password-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserInterface,
key_password_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::changed:
+ *
+ * Emitted when anything changes in the certificate chooser, be it a certificate,
+ * a key or associated passwords.
+ *
+ * Since: 1.8.0
+ */
+ signals[CHANGED] = g_signal_new ("changed",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE,
+ G_STRUCT_OFFSET (NMACertChooserInterface, changed),
+ NULL, NULL, NULL,
+ G_TYPE_NONE, 0);
+
+ g_once_init_leave (&initialized, 1);
+}
+
+/**
+ * nma_cert_chooser_set_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a certificate
+ * @scheme: the scheme of the certificate path
+ *
+ * Sets the certificate location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert (NMACertChooser *cert_chooser, const gchar *value, NMSetting8021xCKScheme scheme)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!iface->set_cert)
+ return;
+ iface->set_cert (cert_chooser, value, scheme);
+}
+
+/**
+ * nma_cert_chooser_get_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned certificate path
+ *
+ * Gets the real certificate location from the chooser button along with the scheme.
+ *
+ * Returns: the certificate path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_cert (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+ g_return_val_if_fail (iface->get_cert, NULL);
+
+ return iface->get_cert (cert_chooser, scheme);
+}
+
+/**
+ * nma_cert_chooser_set_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the certificate PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the certificate.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->set_cert_password)
+ iface->set_cert_password (cert_chooser, password);
+ else
+ g_warning ("Can't set certificate password");
+}
+
+/**
+ * nma_cert_chooser_get_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the certificate.
+ *
+ * Returns: the certificate PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ if (!iface->get_cert_password)
+ return NULL;
+ return iface->get_cert_password (cert_chooser);
+}
+
+
+/**
+ * nma_cert_chooser_set_key:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a key
+ * @scheme: the scheme of the key path
+ *
+ * Sets the key location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key (NMACertChooser *cert_chooser, const gchar *value, NMSetting8021xCKScheme scheme)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!iface->set_key)
+ return;
+ iface->set_key (cert_chooser, value, scheme);
+}
+
+/**
+ * nma_cert_chooser_get_key:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned key path
+ *
+ * Gets the real key location from the chooser button along with the scheme.
+ *
+ * Returns: the key path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_key (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+ g_return_val_if_fail (iface->get_key, NULL);
+
+ return iface->get_key (cert_chooser, scheme);
+}
+
+/**
+ * nma_cert_chooser_set_key_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the key PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the key.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+ g_return_if_fail (iface->set_key_password);
+
+ iface->set_key_password (cert_chooser, password);
+}
+
+/**
+ * nma_cert_chooser_get_key_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the key.
+ *
+ * Returns: the key PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ if (!iface->get_key_password)
+ return NULL;
+ return iface->get_key_password (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_add_to_size_group:
+ * @cert_chooser: certificate chooser button instance
+ * @group: a size group
+ *
+ * Adds the labels to the specified size group so that they are aligned
+ * nicely with other entries in a form.
+ *
+ * It is expected that the NMACertChooser is a GtkGrid with two columns
+ * with the labels in the first one.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser, GtkSizeGroup *group)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->add_to_size_group)
+ iface->add_to_size_group (cert_chooser, group);
+}
+
+/**
+ * nma_cert_chooser_validate:
+ * @cert_chooser: certificate chooser button instance
+ * @error: error return location
+ *
+ * Validates whether the chosen values make sense. The users can do further
+ * validation by subscribing to the "*-changed" signals and returning an
+ * error themselves.
+ *
+ * Returns: %TRUE if validation passes, %FALSE otherwise
+ *
+ * Since: 1.8.0
+ */
+gboolean
+nma_cert_chooser_validate (NMACertChooser *cert_chooser, GError **error)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), TRUE);
+
+ if (!iface->validate)
+ return TRUE;
+ return iface->validate (cert_chooser, error);
+}
+
+/**
+ * nma_cert_chooser_setup_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->setup_cert_password_storage) {
+ iface->setup_cert_password_storage (cert_chooser,
+ initial_flags,
+ setting,
+ password_flags_name,
+ with_not_required,
+ ask_mode);
+ }
+}
+
+/**
+ * nma_cert_chooser_update_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->update_cert_password_storage) {
+ iface->update_cert_password_storage (cert_chooser,
+ secret_flags,
+ setting,
+ password_flags_name);
+ }
+}
+
+/**
+ * nma_cert_chooser_get_cert_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the certificate password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the certificate password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the certificate password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+ NM_SETTING_SECRET_FLAG_NONE);
+
+ if (!iface->get_cert_password_flags)
+ return NM_SETTING_SECRET_FLAG_NONE;
+ return iface->get_cert_password_flags (cert_chooser);
+}
+
+
+/**
+ * nma_cert_chooser_setup_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->setup_key_password_storage) {
+ iface->setup_key_password_storage (cert_chooser,
+ initial_flags,
+ setting,
+ password_flags_name,
+ with_not_required,
+ ask_mode);
+ }
+}
+
+/**
+ * nma_cert_chooser_update_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (iface->update_key_password_storage) {
+ iface->update_key_password_storage (cert_chooser,
+ secret_flags,
+ setting,
+ password_flags_name);
+ }
+}
+
+/**
+ * nma_cert_chooser_get_key_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the key password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the key password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the key password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser)
+{
+ NMACertChooserInterface *iface = NMA_CERT_CHOOSER_GET_INTERFACE (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+ NM_SETTING_SECRET_FLAG_NONE);
+
+ if (!iface->get_key_password_flags)
+ return NM_SETTING_SECRET_FLAG_NONE;
+ return iface->get_key_password_flags (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_new:
+ * @title: title of the certificate chooser dialog
+ * @flags: the flags that configure the capabilities of the button
+ *
+ * Constructs the button that is capable of selecting a certificate
+ * and a key.
+ *
+ * Returns: (transfer full): the certificate chooser button instance
+ *
+ * Since: 1.8.0
+ */
+GtkWidget *
+nma_cert_chooser_new (const gchar *title, NMACertChooserFlags flags)
+{
+ g_return_val_if_reached (NULL);
+}
diff --git a/src/libnma/nma-cert-chooser.h b/src/libnma/nma-cert-chooser.h
new file mode 100644
index 0000000..b30f6ac
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.h
@@ -0,0 +1,239 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+#include "nma-version.h"
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER,
NMACertChooser))
+#define NMA_IS_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_INTERFACE(obj) (G_TYPE_INSTANCE_GET_INTERFACE ((obj),
NMA_TYPE_CERT_CHOOSER, NMACertChooserInterface))
+
+NMA_AVAILABLE_IN_1_8
+typedef struct _NMACertChooser NMACertChooser;
+
+/**
+ * NMACertChooserInterface:
+ * @parent_iface: The parent interface.
+ * @set_cert: Set the certificate location for the chooser button.
+ * @get_cert: Get the real certificate location from the chooser button along
+ * with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ * access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ * access the certificate.
+ * @set_key: Set the key location for the chooser button.
+ * @get_key: Get the real key location from the chooser button along with the
+ * scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ * access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ * access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ * are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ * certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ * password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ * validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef struct {
+ GTypeInterface parent_iface;
+
+ /* virtual methods */
+ void (*set_cert) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_cert) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_cert_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_cert_password) (NMACertChooser *cert_chooser);
+ void (*set_key) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_key) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_key_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_key_password) (NMACertChooser *cert_chooser);
+
+ void (*add_to_size_group) (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+ gboolean (*validate) (NMACertChooser *cert_chooser,
+ GError **error);
+
+ void (*setup_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_cert_password_flags) (NMACertChooser *cert_chooser);
+ void (*setup_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_key_password_flags) (NMACertChooser *cert_chooser);
+
+ /* signals */
+ GError *(*cert_validate) (NMACertChooser *cert_chooser);
+ GError *(*cert_password_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_password_validate) (NMACertChooser *cert_chooser);
+ void (*changed) (NMACertChooser *cert_chooser);
+} NMACertChooserInterface;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef enum {
+ NMA_CERT_CHOOSER_FLAG_CERT = 0x1,
+ NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+ NMA_CERT_CHOOSER_FLAG_PEM = 0x4,
+} NMACertChooserFlags;
+
+NMA_AVAILABLE_IN_1_8
+GType nma_cert_chooser_get_type (void);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_cert (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_cert (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar *nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_key (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_key (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar *nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+GtkWidget *nma_cert_chooser_new (const gchar *title,
+ NMACertChooserFlags flags);
+
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+
+NMA_AVAILABLE_IN_1_8
+gboolean nma_cert_chooser_validate (NMACertChooser *cert_chooser,
+ GError **error);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]