[network-manager-applet/lr/pkcs11: 9/22] libnma: add a certificate picker interface
- From: Lubomir Rintel <lkundrak src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-applet/lr/pkcs11: 9/22] libnma: add a certificate picker interface
- Date: Fri, 17 Mar 2017 18:35:26 +0000 (UTC)
commit e3d6f4ae2e94bcecd6d0c0616c24586e548bc987
Author: Lubomir Rintel <lkundrak v3 sk>
Date: Thu Mar 2 17:25:41 2017 +0100
libnma: add a certificate picker interface
A grid with certificate & key pair optionally with passwords.
The idea is to provide reusable interface for the 802.1x and VPN plugins
that can be backed by a simple file-base chooser or a PKCS#11 based
chooser. The API is designed with possible future Gcr certificate chooser
in mind.
This is available from libnm-gtk too, since the wireless-security
library will make use for it. It still resides in the libnma/ tree not
to introduce complexity into how the tree is organized for the sake of a
legacy component.
Makefile.am | 10 +-
libnma-docs.xml | 6 +
src/libnm-gtk/libnm-gtk.ver | 26 ++
src/libnm-gtk/nm-cert-chooser.h | 216 ++++++++++
src/libnma/libnma.ver | 26 ++
src/libnma/nma-cert-chooser.c | 826 +++++++++++++++++++++++++++++++++++++++
src/libnma/nma-cert-chooser.h | 261 ++++++++++++
7 files changed, 1368 insertions(+), 3 deletions(-)
---
diff --git a/Makefile.am b/Makefile.am
index ed407ac..4a3505c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -350,7 +350,8 @@ libnm_gtk_h_pub = \
src/libnm-gtk/nm-mobile-wizard.h \
src/libnm-gtk/nm-ui-utils.h \
src/libnm-gtk/nm-mobile-providers.h \
- src/libnm-gtk/nm-vpn-password-dialog.h
+ src/libnm-gtk/nm-vpn-password-dialog.h \
+ src/libnm-gtk/nm-cert-chooser.h
libnm_gtk_c_real = \
src/libnm-gtk/nm-wifi-dialog.c \
@@ -359,6 +360,7 @@ libnm_gtk_c_real = \
src/libnm-gtk/nm-ui-utils.c \
src/libnm-gtk/nm-mobile-providers.c \
src/libnm-gtk/nm-vpn-password-dialog.c \
+ src/libnma/nma-cert-chooser.c \
src/libnm-gtk/init.c
src_libnm_gtk_libnmgtkdir = $(includedir)/libnm-gtk
@@ -479,7 +481,8 @@ libnma_h_pub = \
src/libnma/nma-mobile-wizard.h \
src/libnma/nma-mobile-providers.h \
src/libnma/nma-vpn-password-dialog.h \
- src/libnma/nma-ui-utils.h
+ src/libnma/nma-ui-utils.h \
+ src/libnma/nma-cert-chooser.h
libnma_c_real = \
src/libnma/nma-wifi-dialog.c \
@@ -487,7 +490,8 @@ libnma_c_real = \
src/libnma/nma-mobile-providers.c \
src/libnma/nma-vpn-password-dialog.c \
src/libnma/nma-ui-utils.c \
- src/libnma/init.c
+ src/libnma/init.c \
+ src/libnma/nma-cert-chooser.c
src_libnma_libnmadir = $(includedir)/libnma
diff --git a/libnma-docs.xml b/libnma-docs.xml
index 0ef92e1..fdcfb38 100644
--- a/libnma-docs.xml
+++ b/libnma-docs.xml
@@ -50,6 +50,7 @@
<xi:include href="xml/nma-mobile-providers.xml"/>
<xi:include href="xml/nma-vpn-password-dialog.xml"/>
<xi:include href="xml/nma-wifi-dialog.xml"/>
+ <xi:include href="xml/nma-cert-chooser.xml"/>
</chapter>
<chapter id="object-tree">
@@ -62,6 +63,11 @@
<xi:include href="xml/api-index-full.xml"><xi:fallback /></xi:include>
</index>
+ <index id="api-index-1.8.0">
+ <title>Index of API available in version 1.8.0</title>
+ <xi:include href="api-index-1.8.0.xml"><xi:fallback /></xi:include>
+ </index>
+
<index id="deprecated-api-index" role="deprecated">
<title>Index of deprecated API</title>
<xi:include href="xml/api-index-deprecated.xml"><xi:fallback /></xi:include>
diff --git a/src/libnm-gtk/libnm-gtk.ver b/src/libnm-gtk/libnm-gtk.ver
index 769450e..2c5eaae 100644
--- a/src/libnm-gtk/libnm-gtk.ver
+++ b/src/libnm-gtk/libnm-gtk.ver
@@ -14,3 +14,29 @@ local:
nm[^a]*;
nma[^_]*;
};
+
+libnm_gtk_1_8_0 {
+global:
+ nma_cert_chooser_add_to_size_group;
+ nma_cert_chooser_get_cert;
+ nma_cert_chooser_get_cert_password;
+ nma_cert_chooser_get_cert_password_flags;
+ nma_cert_chooser_get_cert_uri;
+ nma_cert_chooser_get_key;
+ nma_cert_chooser_get_key_password;
+ nma_cert_chooser_get_key_password_flags;
+ nma_cert_chooser_get_key_uri;
+ nma_cert_chooser_get_type;
+ nma_cert_chooser_new;
+ nma_cert_chooser_set_cert;
+ nma_cert_chooser_set_cert_password;
+ nma_cert_chooser_set_cert_uri;
+ nma_cert_chooser_set_key;
+ nma_cert_chooser_set_key_password;
+ nma_cert_chooser_set_key_uri;
+ nma_cert_chooser_setup_cert_password_storage;
+ nma_cert_chooser_setup_key_password_storage;
+ nma_cert_chooser_update_cert_password_storage;
+ nma_cert_chooser_update_key_password_storage;
+ nma_cert_chooser_validate;
+} libnm_gtk_1_0_6;
diff --git a/src/libnm-gtk/nm-cert-chooser.h b/src/libnm-gtk/nm-cert-chooser.h
new file mode 100644
index 0000000..824c9b6
--- /dev/null
+++ b/src/libnm-gtk/nm-cert-chooser.h
@@ -0,0 +1,216 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER,
NMACertChooser))
+#define NMA_IS_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_INTERFACE(obj) (G_TYPE_INSTANCE_GET_INTERFACE ((obj),
NMA_TYPE_CERT_CHOOSER, NMACertChooserInterface))
+
+typedef struct _NMACertChooser NMACertChooser;
+
+/**
+ * NMACertChooserInterface:
+ * @parent_iface: The parent interface.
+ * @set_cert: Set the certificate location for the chooser button.
+ * @get_cert: Get the real certificate location from the chooser button along
+ * with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ * access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ * access the certificate.
+ * @set_key: Set the key location for the chooser button.
+ * @get_key: Get the real key location from the chooser button along with the
+ * scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ * access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ * access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ * are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ * certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ * password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ * validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+typedef struct {
+ GTypeInterface parent_iface;
+
+ /* virtual methods */
+ void (*set_cert) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_cert) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_cert_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_cert_password) (NMACertChooser *cert_chooser);
+ void (*set_key) (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+ gchar *(*get_key) (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+ void (*set_key_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_key_password) (NMACertChooser *cert_chooser);
+
+ void (*add_to_size_group) (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+ gboolean (*validate) (NMACertChooser *cert_chooser,
+ GError **error);
+
+ void (*setup_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_cert_password_flags) (NMACertChooser *cert_chooser);
+ void (*setup_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_key_password_flags) (NMACertChooser *cert_chooser);
+
+ /* signals */
+ GError *(*cert_validate) (NMACertChooser *cert_chooser);
+ GError *(*cert_password_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_password_validate) (NMACertChooser *cert_chooser);
+ void (*changed) (NMACertChooser *cert_chooser);
+} NMACertChooserInterface;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+typedef enum {
+ NMA_CERT_CHOOSER_FLAG_CERT = 0x1,
+ NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+ NMA_CERT_CHOOSER_FLAG_PEM = 0x4,
+} NMACertChooserFlags;
+
+GType nma_cert_chooser_get_type (void);
+
+void nma_cert_chooser_set_cert (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+gchar *nma_cert_chooser_get_cert (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+void nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+const gchar *nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser);
+
+void nma_cert_chooser_set_key (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+gchar *nma_cert_chooser_get_key (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+void nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+const gchar *nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser);
+
+GtkWidget *nma_cert_chooser_new (const gchar *title,
+ NMACertChooserFlags flags);
+
+
+void nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+
+gboolean nma_cert_chooser_validate (NMACertChooser *cert_chooser,
+ GError **error);
+
+void nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+void nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser);
+
+void nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+void nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */
diff --git a/src/libnma/libnma.ver b/src/libnma/libnma.ver
index 30ea6b9..b1efa74 100644
--- a/src/libnma/libnma.ver
+++ b/src/libnma/libnma.ver
@@ -69,3 +69,29 @@ global:
local:
*;
};
+
+libnma_1_8_0 {
+global:
+ nma_cert_chooser_add_to_size_group;
+ nma_cert_chooser_get_cert;
+ nma_cert_chooser_get_cert_password;
+ nma_cert_chooser_get_cert_password_flags;
+ nma_cert_chooser_get_cert_uri;
+ nma_cert_chooser_get_key;
+ nma_cert_chooser_get_key_password;
+ nma_cert_chooser_get_key_password_flags;
+ nma_cert_chooser_get_key_uri;
+ nma_cert_chooser_get_type;
+ nma_cert_chooser_new;
+ nma_cert_chooser_set_cert;
+ nma_cert_chooser_set_cert_password;
+ nma_cert_chooser_set_cert_uri;
+ nma_cert_chooser_set_key;
+ nma_cert_chooser_set_key_password;
+ nma_cert_chooser_set_key_uri;
+ nma_cert_chooser_setup_cert_password_storage;
+ nma_cert_chooser_setup_key_password_storage;
+ nma_cert_chooser_update_cert_password_storage;
+ nma_cert_chooser_update_key_password_storage;
+ nma_cert_chooser_validate;
+} libnma_1_2_0;
diff --git a/src/libnma/nma-cert-chooser.c b/src/libnma/nma-cert-chooser.c
new file mode 100644
index 0000000..18c3ede
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.c
@@ -0,0 +1,826 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Red Hat, Inc.
+ */
+
+#include "nm-default.h"
+#include "nma-cert-chooser.h"
+
+/**
+ * SECTION:nma-cert-chooser
+ * @title: NMACertChooser
+ *
+ * Certificate chooser allows for selection of a certificate or
+ * various schemes optionally accompanied with a key and passwords
+ * or PIN.
+ *
+ * The widgets that implement this interface may allow selecting
+ * the certificates from various sources such as files or cryptographic
+ * tokens.
+ */
+
+enum {
+ PROP_0,
+ PROP_TITLE,
+ PROP_FLAGS,
+ LAST_PROP,
+};
+
+static GParamSpec *properties[LAST_PROP];
+
+enum {
+ CERT_VALIDATE,
+ CERT_PASSWORD_VALIDATE,
+ KEY_VALIDATE,
+ KEY_PASSWORD_VALIDATE,
+ CHANGED,
+ LAST_SIGNAL,
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+G_DEFINE_TYPE (NMACertChooser, nma_cert_chooser, GTK_TYPE_GRID)
+
+static gboolean
+accu_validation_error (GSignalInvocationHint *ihint,
+ GValue *return_accu,
+ const GValue *handler_return,
+ gpointer data)
+{
+ if (g_value_get_boxed (handler_return)) {
+ g_value_copy (handler_return, return_accu);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+#ifdef NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11
+
+static gchar *
+value_with_scheme_to_uri (const gchar *value, NMSetting8021xCKScheme scheme)
+{
+ switch (scheme) {
+ case NM_SETTING_802_1X_CK_SCHEME_PATH:
+ return g_strdup_printf (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH "%s", value);
+ case NM_SETTING_802_1X_CK_SCHEME_PKCS11:
+ return g_strdup (value);
+ default:
+ g_warning ("The key '%s' uses an unknown scheme %d\n", value, scheme);
+ return NULL;
+ }
+}
+
+static gchar *
+uri_to_value_with_scheme (const gchar *uri, NMSetting8021xCKScheme *scheme)
+{
+ if (!uri) {
+ *scheme = NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
+ return NULL;
+ } else if (g_str_has_prefix (uri, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) {
+ *scheme = NM_SETTING_802_1X_CK_SCHEME_PATH;
+ return g_strdup (uri + sizeof (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH) - 1);
+ } else if (g_str_has_prefix (uri, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11)) {
+ *scheme = NM_SETTING_802_1X_CK_SCHEME_PKCS11;
+ return g_strdup (uri);
+ } else {
+ g_warning ("The dialog returned URI of unknown scheme: '%s'\n", uri);
+ return NULL;
+ }
+}
+
+#else
+
+/* libnm-glib only supports certificates in files. */
+
+static gchar *
+value_with_scheme_to_uri (const gchar *value, NMSetting8021xCKScheme scheme)
+{
+ g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
+ return g_strdup_printf ("file://%s", value);
+}
+
+static gchar *
+uri_to_value_with_scheme (const gchar *uri, NMSetting8021xCKScheme *scheme)
+{
+ if (!uri) {
+ *scheme = NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
+ return NULL;
+ }
+
+ g_return_val_if_fail (g_str_has_prefix (uri, "file://"), NULL);
+ return g_strdup (uri + 7);
+}
+
+#endif
+
+/**
+ * nma_cert_chooser_set_cert_uri:
+ * @cert_chooser: certificate chooser button instance
+ * @uri: the path or URI of a certificate
+ *
+ * Sets the certificate URI for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert_uri (NMACertChooser *cert_chooser,
+ const gchar *uri)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!klass->set_cert_uri)
+ return;
+ klass->set_cert_uri (cert_chooser, uri);
+}
+
+/**
+ * nma_cert_chooser_set_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a certificate
+ * @scheme: the scheme of the certificate path
+ *
+ * Sets the certificate location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme)
+{
+ gs_free gchar *uri = NULL;
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!value)
+ return;
+
+ uri = value_with_scheme_to_uri (value, scheme);
+ nma_cert_chooser_set_cert_uri (cert_chooser, uri);
+}
+
+/**
+ * nma_cert_chooser_get_cert_uri:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Gets the real certificate URI from the chooser button along with the scheme.
+ *
+ * Returns: the certificate URI
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_cert_uri (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+ g_return_val_if_fail (klass->get_cert_uri, NULL);
+
+ return klass->get_cert_uri (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_get_cert:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned certificate path
+ *
+ * Gets the real certificate location from the chooser button along with the scheme.
+ *
+ * Returns: the certificate path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_cert (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+ gs_free gchar *uri = NULL;
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ uri = nma_cert_chooser_get_cert_uri (cert_chooser);
+ return uri_to_value_with_scheme (uri, scheme);
+}
+
+/**
+ * nma_cert_chooser_set_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the certificate PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the certificate.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->set_cert_password)
+ klass->set_cert_password (cert_chooser, password);
+ else
+ g_warning ("Can't set certificate password");
+}
+
+/**
+ * nma_cert_chooser_get_cert_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the certificate.
+ *
+ * Returns: the certificate PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ if (!klass->get_cert_password)
+ return NULL;
+ return klass->get_cert_password (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_set_key_uri:
+ * @cert_chooser: certificate chooser button instance
+ * @uri: the URI of a key
+ *
+ * Sets the key URI for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key_uri (NMACertChooser *cert_chooser,
+ const gchar *uri)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!klass->set_key_uri)
+ return;
+ klass->set_key_uri (cert_chooser, uri);
+}
+
+/**
+ * nma_cert_chooser_set_key:
+ * @cert_chooser: certificate chooser button instance
+ * @value: the path or URI of a key
+ * @scheme: the scheme of the key path
+ *
+ * Sets the key location for the chooser button.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme)
+{
+ gs_free gchar *uri = NULL;
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (!value)
+ return;
+
+ uri = value_with_scheme_to_uri (value, scheme);
+ nma_cert_chooser_set_key_uri (cert_chooser, uri);
+}
+
+/**
+ * nma_cert_chooser_get_key:
+ * @cert_chooser: certificate chooser button instance
+ * @scheme: (out): the scheme of the returned key path
+ *
+ * Gets the real key location from the chooser button along with the scheme.
+ *
+ * Returns: the key path
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_key (NMACertChooser *cert_chooser, NMSetting8021xCKScheme *scheme)
+{
+ gs_free gchar *uri = NULL;
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ uri = nma_cert_chooser_get_key_uri (cert_chooser);
+ return uri_to_value_with_scheme (uri, scheme);
+}
+
+/**
+ * nma_cert_chooser_get_key_uri:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Gets the real key URI from the chooser button along with the scheme.
+ *
+ * Returns: the key URI
+ *
+ * Since: 1.8.0
+ */
+gchar *
+nma_cert_chooser_get_key_uri (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+ g_return_val_if_fail (klass->get_key_uri, NULL);
+
+ return klass->get_key_uri (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_set_key_password:
+ * @cert_chooser: certificate chooser button instance
+ * @password: the key PIN or password
+ *
+ * Sets the password or a PIN that might be required to access the key.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser, const gchar *password)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+ g_return_if_fail (klass->set_key_password);
+
+ klass->set_key_password (cert_chooser, password);
+}
+
+/**
+ * nma_cert_chooser_get_key_password:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Obtains the password or a PIN that was be required to access the key.
+ *
+ * Returns: the key PIN or password
+ *
+ * Since: 1.8.0
+ */
+const gchar *
+nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), NULL);
+
+ if (!klass->get_key_password)
+ return NULL;
+ return klass->get_key_password (cert_chooser);
+}
+
+/**
+ * nma_cert_chooser_add_to_size_group:
+ * @cert_chooser: certificate chooser button instance
+ * @group: a size group
+ *
+ * Adds the labels to the specified size group so that they are aligned
+ * nicely with other entries in a form.
+ *
+ * It is expected that the NMACertChooser is a GtkGrid with two columns
+ * with the labels in the first one.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser, GtkSizeGroup *group)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->add_to_size_group)
+ klass->add_to_size_group (cert_chooser, group);
+}
+
+/**
+ * nma_cert_chooser_validate:
+ * @cert_chooser: certificate chooser button instance
+ * @error: error return location
+ *
+ * Validates whether the chosen values make sense. The users can do further
+ * validation by subscribing to the "*-changed" signals and returning an
+ * error themselves.
+ *
+ * Returns: %TRUE if validation passes, %FALSE otherwise
+ *
+ * Since: 1.8.0
+ */
+gboolean
+nma_cert_chooser_validate (NMACertChooser *cert_chooser, GError **error)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser), TRUE);
+
+ if (!klass->validate)
+ return TRUE;
+ return klass->validate (cert_chooser, error);
+}
+
+/**
+ * nma_cert_chooser_setup_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->setup_cert_password_storage) {
+ klass->setup_cert_password_storage (cert_chooser,
+ initial_flags,
+ setting,
+ password_flags_name,
+ with_not_required,
+ ask_mode);
+ }
+}
+
+/**
+ * nma_cert_chooser_update_cert_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the certificate password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->update_cert_password_storage) {
+ klass->update_cert_password_storage (cert_chooser,
+ secret_flags,
+ setting,
+ password_flags_name);
+ }
+}
+
+/**
+ * nma_cert_chooser_get_cert_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the certificate password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the certificate password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the certificate password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+ NM_SETTING_SECRET_FLAG_NONE);
+
+ if (!klass->get_cert_password_flags)
+ return NM_SETTING_SECRET_FLAG_NONE;
+ return klass->get_cert_password_flags (cert_chooser);
+}
+
+
+/**
+ * nma_cert_chooser_setup_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @initial_flags: initial secret flags to setup password menu from
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ * @with_not_required: whether to include "Not required" menu item
+ * @ask_mode: %TRUE if the entry is shown in ASK mode
+ *
+ * This method basically calls nma_utils_setup_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->setup_key_password_storage) {
+ klass->setup_key_password_storage (cert_chooser,
+ initial_flags,
+ setting,
+ password_flags_name,
+ with_not_required,
+ ask_mode);
+ }
+}
+
+/**
+ * nma_cert_chooser_update_key_password_storage:
+ * @cert_chooser: certificate chooser button instance
+ * @secret_flags: secret flags to set
+ * @setting: #NMSetting containing the password, or NULL
+ * @password_flags_name: name of the secret flags (like psk-flags), or NULL
+ *
+ * This method basically calls nma_utils_update_password_storage()
+ * on the key password entry, in case one is present.
+ *
+ * Since: 1.8.0
+ */
+void
+nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser));
+
+ if (klass->update_key_password_storage) {
+ klass->update_key_password_storage (cert_chooser,
+ secret_flags,
+ setting,
+ password_flags_name);
+ }
+}
+
+/**
+ * nma_cert_chooser_get_key_password_flags:
+ * @cert_chooser: certificate chooser button instance
+ *
+ * Returns secret flags corresponding to the key password
+ * if one is present. The chooser would typically call into
+ * nma_utils_menu_to_secret_flags() for the key password
+ * entry.
+ *
+ * Returns: secret flags corresponding to the key password
+ *
+ * Since: 1.8.0
+ */
+NMSettingSecretFlags
+nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser)
+{
+ NMACertChooserClass *klass = NMA_CERT_CHOOSER_GET_CLASS (cert_chooser);
+
+ g_return_val_if_fail (NMA_IS_CERT_CHOOSER (cert_chooser),
+ NM_SETTING_SECRET_FLAG_NONE);
+
+ if (!klass->get_key_password_flags)
+ return NM_SETTING_SECRET_FLAG_NONE;
+ return klass->get_key_password_flags (cert_chooser);
+}
+
+static GObject *
+constructor (GType type, guint n_construct_properties, GObjectConstructParam *construct_properties)
+{
+ g_return_val_if_reached (NULL);
+}
+
+static void
+set_property (GObject *object, guint property_id, const GValue *value, GParamSpec *pspec)
+{
+ NMACertChooserClass *cert_chooser_class = NMA_CERT_CHOOSER_GET_CLASS (object);
+
+ switch (property_id) {
+ case PROP_TITLE:
+ g_return_if_fail (cert_chooser_class->set_title);
+ cert_chooser_class->set_title (NMA_CERT_CHOOSER (object),
+ g_value_get_string (value));
+ break;
+ case PROP_FLAGS:
+ g_return_if_fail (cert_chooser_class->set_flags);
+ cert_chooser_class->set_flags (NMA_CERT_CHOOSER (object),
+ g_value_get_uint (value));
+ break;
+ default:
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+ break;
+ }
+}
+
+static void
+get_property (GObject *object, guint property_id, GValue *value, GParamSpec *pspec)
+{
+ G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
+}
+
+static void
+nma_cert_chooser_class_init (NMACertChooserClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+ object_class->constructor = constructor;
+ object_class->get_property = get_property;
+ object_class->set_property = set_property;
+
+ /**
+ * NMACertChooser::title:
+ *
+ * Name of the certificate or certificate/key pair to be chosen.
+ * Used in labels and chooser dialog titles.
+ *
+ * Since: 1.8.0
+ */
+ properties[PROP_TITLE] = g_param_spec_string ("title",
+ "Title",
+ "Certificate Chooser Title",
+ NULL,
+ G_PARAM_WRITABLE
+ | G_PARAM_CONSTRUCT_ONLY
+ | G_PARAM_STATIC_STRINGS);
+
+ /**
+ * NMACertChooser::flags:
+ *
+ * The #NMACertChooserFlags flags that influnce which chooser
+ * implementation is used and configure its behavior.
+ *
+ * Since: 1.8.0
+ */
+ properties[PROP_FLAGS] = g_param_spec_uint ("flags",
+ "Flags",
+ "Certificate Chooser Flags",
+ NMA_CERT_CHOOSER_FLAG_NONE,
+ NMA_CERT_CHOOSER_FLAG_CERT
+ | NMA_CERT_CHOOSER_FLAG_PASSWORDS
+ | NMA_CERT_CHOOSER_FLAG_PEM,
+ NMA_CERT_CHOOSER_FLAG_NONE,
+ G_PARAM_READWRITE
+ | G_PARAM_CONSTRUCT_ONLY
+ | G_PARAM_STATIC_STRINGS);
+
+ g_object_class_install_properties (object_class, LAST_PROP, properties);
+
+ /**
+ * NMACertChooser::cert-validate:
+ *
+ * Emitted when the certificate needs validation. The handlers can indicate that
+ * the certificate is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[CERT_VALIDATE] = g_signal_new ("cert-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserClass, cert_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::cert-password-validate:
+ *
+ * Emitted when the certificate password needs validation. The handlers
+ * can indicate that the password is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[CERT_PASSWORD_VALIDATE] = g_signal_new ("cert-password-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserClass,
cert_password_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::key-validate:
+ *
+ * Emitted when the key needs validation. The handlers can indicate that
+ * the key is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[KEY_VALIDATE] = g_signal_new ("key-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserClass, key_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::key-password-validate:
+ *
+ * Emitted when the key password needs validation. The handlers can indicate
+ * that the password is invalid by returning an error, which blocks further
+ * signal processing and causes a call to nma_cert_chooser_validate()
+ * to fail.
+ *
+ * Since: 1.8.0
+ */
+ signals[KEY_PASSWORD_VALIDATE] = g_signal_new ("key-password-validate",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST,
+ G_STRUCT_OFFSET (NMACertChooserClass,
key_password_validate),
+ accu_validation_error, NULL, NULL,
+ G_TYPE_ERROR, 0);
+
+ /**
+ * NMACertChooser::changed:
+ *
+ * Emitted when anything changes in the certificate chooser, be it a certificate,
+ * a key or associated passwords.
+ *
+ * Since: 1.8.0
+ */
+ signals[CHANGED] = g_signal_new ("changed",
+ NMA_TYPE_CERT_CHOOSER,
+ G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE,
+ G_STRUCT_OFFSET (NMACertChooserClass, changed),
+ NULL, NULL, NULL,
+ G_TYPE_NONE, 0);
+
+}
+
+static void
+nma_cert_chooser_init (NMACertChooser *file_cert_chooser)
+{
+}
+
+/**
+ * nma_cert_chooser_new:
+ * @title: title of the certificate chooser dialog
+ * @flags: the flags that configure the capabilities of the button
+ *
+ * Constructs the button that is capable of selecting a certificate
+ * and a key.
+ *
+ * Returns: (transfer full): the certificate chooser button instance
+ *
+ * Since: 1.8.0
+ */
+GtkWidget *
+nma_cert_chooser_new (const gchar *title, NMACertChooserFlags flags)
+{
+ return g_object_new (NMA_TYPE_CERT_CHOOSER,
+ "title", title,
+ "flags", flags,
+ NULL);
+}
diff --git a/src/libnma/nma-cert-chooser.h b/src/libnma/nma-cert-chooser.h
new file mode 100644
index 0000000..d2ce2ed
--- /dev/null
+++ b/src/libnma/nma-cert-chooser.h
@@ -0,0 +1,261 @@
+/* NetworkManager Applet -- allow user control over networking
+ *
+ * Lubomir Rintel <lkundrak v3 sk>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2015,2017 Red Hat, Inc.
+ */
+
+#ifndef NMA_CERT_CHOOSER_H
+#define NMA_CERT_CHOOSER_H
+
+#include <gtk/gtk.h>
+#include <NetworkManager.h>
+
+#include "nma-version.h"
+
+G_BEGIN_DECLS
+
+#define NMA_TYPE_CERT_CHOOSER (nma_cert_chooser_get_type ())
+#define NMA_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMA_TYPE_CERT_CHOOSER,
NMACertChooser))
+#define NMA_CERT_CHOOSER_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NMA_TYPE_CERT_CHOOSER,
NMACertChooserClass))
+#define NMA_IS_CERT_CHOOSER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMA_TYPE_CERT_CHOOSER))
+#define NMA_IS_CERT_CHOOSER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NMA_TYPE_CERT_CHOOSER))
+#define NMA_CERT_CHOOSER_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NMA_TYPE_CERT_CHOOSER,
NMACertChooserClass))
+
+NMA_AVAILABLE_IN_1_8
+typedef struct {
+ GtkGrid parent;
+} NMACertChooser;
+
+/**
+ * NMACertChooserFlags:
+ * @NMA_CERT_CHOOSER_FLAG_NONE: No flags
+ * @NMA_CERT_CHOOSER_FLAG_CERT: Only pick a certificate, not a key
+ * @NMA_CERT_CHOOSER_FLAG_PASSWORDS: Hide all controls but the secrets entries
+ * @NMA_CERT_CHOOSER_FLAG_PEM: Ensure the chooser only selects regular PEM files
+ *
+ * Flags that controls what is the certificate chooser button able to pick.
+ * Currently only local files are supported, but might be extended to use URIs,
+ * such as PKCS\#11 certificate URIs in future as well.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef enum {
+ NMA_CERT_CHOOSER_FLAG_NONE = 0x0,
+ NMA_CERT_CHOOSER_FLAG_CERT = 0x1,
+ NMA_CERT_CHOOSER_FLAG_PASSWORDS = 0x2,
+ NMA_CERT_CHOOSER_FLAG_PEM = 0x4,
+} NMACertChooserFlags;
+
+/**
+ * NMACertChooserClass:
+ * @parent_class: The parent class.
+ * @set_cert_uri: Set the certificate location for the chooser button.
+ * @get_cert_uri: Get the real certificate location from the chooser button along
+ * with the scheme.
+ * @set_cert_password: Set the password or a PIN that might be required to
+ * access the certificate.
+ * @get_cert_password: Obtain the password or a PIN that was be required to
+ * access the certificate.
+ * @set_key_uri: Set the key location for the chooser button.
+ * @get_key_uri: Get the real key location from the chooser button along with the
+ * scheme.
+ * @set_key_password: Set the password or a PIN that might be required to
+ * access the key.
+ * @get_key_password: Obtain the password or a PIN that was be required to
+ * access the key.
+ * @add_to_size_group: Add the labels to the specified size group so that they
+ * are aligned.
+ * @validate: Validate whether the chosen values make sense.
+ * @setup_cert_password_storage: Set up certificate password storage.
+ * @update_cert_password_storage: Update certificate password storage.
+ * @get_cert_password_flags: Return secret flags corresponding to the
+ * certificate password if one is present.
+ * @setup_key_password_storage: Set up key password storage.
+ * @update_key_password_storage: Update key password storage.
+ * @get_key_password_flags: Returns secret flags corresponding to the key
+ * password if one is present.
+ * @cert_validate: Emitted when the certificate needs validation.
+ * @cert_password_validate: Emitted when the certificate password needs
+ * validation.
+ * @key_validate: Emitted when the key needs validation.
+ * @key_password_validate: Emitted when the key password needs validation.
+ * @changed: Emitted when anything changes in the certificate chooser.
+ *
+ * Since: 1.8.0
+ */
+NMA_AVAILABLE_IN_1_8
+typedef struct {
+ GtkGridClass parent_class;
+
+ /* virtual methods */
+ void (*set_cert_uri) (NMACertChooser *cert_chooser,
+ const gchar *uri);
+ gchar *(*get_cert_uri) (NMACertChooser *cert_chooser);
+ void (*set_cert_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_cert_password) (NMACertChooser *cert_chooser);
+ void (*set_key_uri) (NMACertChooser *cert_chooser,
+ const gchar *uri);
+ gchar *(*get_key_uri) (NMACertChooser *cert_chooser);
+ void (*set_key_password) (NMACertChooser *cert_chooser,
+ const gchar *password);
+ const gchar *(*get_key_password) (NMACertChooser *cert_chooser);
+
+ void (*add_to_size_group) (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+ gboolean (*validate) (NMACertChooser *cert_chooser,
+ GError **error);
+
+ void (*setup_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_cert_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_cert_password_flags) (NMACertChooser *cert_chooser);
+ void (*setup_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+ void (*update_key_password_storage) (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+ NMSettingSecretFlags (*get_key_password_flags) (NMACertChooser *cert_chooser);
+
+ /* signals */
+ GError *(*cert_validate) (NMACertChooser *cert_chooser);
+ GError *(*cert_password_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_validate) (NMACertChooser *cert_chooser);
+ GError *(*key_password_validate) (NMACertChooser *cert_chooser);
+ void (*changed) (NMACertChooser *cert_chooser);
+
+ /*< private >*/
+ void (*set_title) (NMACertChooser *cert_chooser,
+ const gchar *title);
+ void (*set_flags) (NMACertChooser *cert_chooser,
+ NMACertChooserFlags flags);
+} NMACertChooserClass;
+
+NMA_AVAILABLE_IN_1_8
+GType nma_cert_chooser_get_type (void);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_cert (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_cert_uri (NMACertChooser *cert_chooser,
+ const gchar *uri);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_cert (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_cert_uri (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_cert_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar *nma_cert_chooser_get_cert_password (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_key (NMACertChooser *cert_chooser,
+ const gchar *value,
+ NMSetting8021xCKScheme scheme);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_key_uri (NMACertChooser *cert_chooser,
+ const gchar *uri);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_key (NMACertChooser *cert_chooser,
+ NMSetting8021xCKScheme *scheme);
+
+NMA_AVAILABLE_IN_1_8
+gchar *nma_cert_chooser_get_key_uri (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_set_key_password (NMACertChooser *cert_chooser,
+ const gchar *password);
+
+NMA_AVAILABLE_IN_1_8
+const gchar *nma_cert_chooser_get_key_password (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+GtkWidget *nma_cert_chooser_new (const gchar *title,
+ NMACertChooserFlags flags);
+
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_add_to_size_group (NMACertChooser *cert_chooser,
+ GtkSizeGroup *group);
+
+NMA_AVAILABLE_IN_1_8
+gboolean nma_cert_chooser_validate (NMACertChooser *cert_chooser,
+ GError **error);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_setup_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_update_cert_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_cert_password_flags (NMACertChooser *cert_chooser);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_setup_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags initial_flags,
+ NMSetting *setting,
+ const char *password_flags_name,
+ gboolean with_not_required,
+ gboolean ask_mode);
+
+NMA_AVAILABLE_IN_1_8
+void nma_cert_chooser_update_key_password_storage (NMACertChooser *cert_chooser,
+ NMSettingSecretFlags secret_flags,
+ NMSetting *setting,
+ const char *password_flags_name);
+
+NMA_AVAILABLE_IN_1_8
+NMSettingSecretFlags nma_cert_chooser_get_key_password_flags (NMACertChooser *cert_chooser);
+
+G_END_DECLS
+
+#endif /* NMA_CERT_CHOOSER_H */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
