[gnome-control-center/benzea/fix-non-wifi-password-saving: 85/85] network: Fix saving passwords for non-wifi connections

From: Benjamin Berg <bberg src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-control-center/benzea/fix-non-wifi-password-saving: 85/85] network: Fix saving passwords for non-wifi connections
Date: Mon, 3 Jan 2022 16:52:12 +0000 (UTC)


commit 129327b77ebbbebbd03fe9f14084e975376c24f9
Author: Benjamin Berg <bberg redhat com>
Date:   Thu Dec 9 17:59:59 2021 +0100

    network: Fix saving passwords for non-wifi connections
    
    When validating security settings for non-wifi connections, we
    temporarily create a wireless connection. Unfortunately, when this
    connection is destroyed, it'll clear the stored password from the 802.1x
    settings object.
    
    Avoid this by removing the setting before the temporary connection is
    destroyed.
    
    Closes: #337

 panels/network/connection-editor/ce-page-8021x-security.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)
---
diff --git a/panels/network/connection-editor/ce-page-8021x-security.c 
b/panels/network/connection-editor/ce-page-8021x-security.c
index 3a15d0711..deec51fc8 100644
--- a/panels/network/connection-editor/ce-page-8021x-security.c
+++ b/panels/network/connection-editor/ce-page-8021x-security.c
@@ -122,22 +122,18 @@ ce_page_8021x_security_validate (CEPage *cepage, NMConnection *connection, GErro
                valid = wireless_security_validate (WIRELESS_SECURITY (self->security), error);
                if (valid) {
                        g_autoptr(NMConnection) tmp_connection = NULL;
-                       NMSetting *s_con;
 
                        /* Here's a nice hack to work around the fact that ws_802_1x_fill_connection needs 
wireless setting. */
-                       tmp_connection = nm_simple_connection_new ();
+                       tmp_connection = nm_simple_connection_new_clone (connection);
                        nm_connection_add_setting (tmp_connection, nm_setting_wireless_new ());
 
-                       /* temp connection needs a 'connection' setting too, since most of
-                        * the EAP methods need the UUID for CA cert ignore stuff.
-                        */
-                       s_con = nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION);
-                       nm_connection_add_setting (tmp_connection, nm_setting_duplicate (s_con));
-
                        ws_wpa_eap_fill_connection (self->security, tmp_connection);
 
+                       /* NOTE: It is important we create a copy of the settings, as the
+                        * secrets might be cleared otherwise.
+                        */
                        s_8021x = nm_connection_get_setting (tmp_connection, NM_TYPE_SETTING_802_1X);
-                       nm_connection_add_setting (connection, NM_SETTING (g_object_ref (s_8021x)));
+                       nm_connection_add_setting (connection, nm_setting_duplicate (NM_SETTING (s_8021x)));
                }
        } else {
                nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]