From 448ce6c1097ee80d170d763e4bb90e74fef48e09 Mon Sep 17 00:00:00 2001 From: Josselin Mouette Date: Fri, 8 Mar 2013 08:01:42 +0100 Subject: [PATCH] Fall back to user-owned connections if user lacks permissions For simple operations like creating a wireless connection, we never want to bother the user with PolicyKit prompts. On the other hand, granting every user the org.freedesktop.NetworkManager.settings.modify.system privilege (without authorization) might not be wanted in certain setups (like a shared laptop/computer use case). To address this we check in advance if the action would trigger a PolicyKit prompt and if that is the case fall back to user-owned connections where the secret is agent-owned. The logic is: - Bluetooth, CDMA and GSM connections: always user-owned - WEP/WPA connections: system-owned if user has the permissions, user-owned otherwise. - WiMax / Wired connections: always system-owned (with 802.1x passwords in the keyring). Distributions can still choose to override the PolicyKit configuration to grant all active users those provileges (currently used in Fedora), or make that based on group memberships (like Debian does). --- src/applet-device-wifi.c | 25 +++++++++++++++++++++++++ src/connection-editor/ce-page.h | 1 + src/connection-editor/new-connection.c | 2 ++ src/connection-editor/page-bond.c | 1 + src/connection-editor/page-bond.h | 1 + src/connection-editor/page-bridge.c | 1 + src/connection-editor/page-bridge.h | 1 + src/connection-editor/page-dsl.c | 1 + src/connection-editor/page-dsl.h | 1 + src/connection-editor/page-ethernet.c | 1 + src/connection-editor/page-ethernet.h | 1 + src/connection-editor/page-infiniband.c | 1 + src/connection-editor/page-infiniband.h | 1 + src/connection-editor/page-mobile.c | 11 +++++++++++ src/connection-editor/page-mobile.h | 1 + src/connection-editor/page-vlan.c | 1 + src/connection-editor/page-vlan.h | 1 + src/connection-editor/page-vpn.c | 10 ++++++++++ src/connection-editor/page-vpn.h | 1 + src/connection-editor/page-wifi.c | 14 ++++++++++++++ src/connection-editor/page-wifi.h | 1 + src/connection-editor/page-wimax.c | 1 + src/connection-editor/page-wimax.h | 1 + src/gnome-bluetooth/nma-bt-device.c | 5 +++++ src/libnm-gtk/nm-wifi-dialog.c | 4 ++++ src/mobile-helpers.c | 3 +++ src/utils/utils.c | 7 +++++++ src/utils/utils.h | 3 +++ src/wireless-security/ws-wep-key.c | 7 +++++++ src/wireless-security/ws-wpa-psk.c | 5 +++++ 30 files changed, 114 insertions(+) diff --git a/src/applet-device-wifi.c b/src/applet-device-wifi.c index fa3d618..d4c8773 100644 --- a/src/applet-device-wifi.c +++ b/src/applet-device-wifi.c @@ -404,6 +404,7 @@ _do_new_auto_connection (NMApplet *applet, NMSettingWirelessSecurity *s_wsec = NULL; NMSetting8021x *s_8021x = NULL; const GByteArray *ssid; + NM80211ApFlags flags; NM80211ApSecurityFlags wpa_flags, rsn_flags; GtkWidget *dialog; MoreInfo *more_info; @@ -430,6 +431,7 @@ _do_new_auto_connection (NMApplet *applet, /* If the AP is WPA[2]-Enterprise then we need to set up a minimal 802.1x * setting and ask the user for more information. */ + flags = nm_access_point_get_flags (ap); rsn_flags = nm_access_point_get_rsn_flags (ap); wpa_flags = nm_access_point_get_wpa_flags (ap); if ( (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X) @@ -461,6 +463,29 @@ _do_new_auto_connection (NMApplet *applet, nm_connection_add_setting (connection, NM_SETTING (s_8021x)); } + if (utils_default_to_private_connection (applet->nm_client)) { + if (!s_con) { + s_con = (NMSettingConnection *) nm_setting_connection_new (); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + } + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + + if ((rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK) || + (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) { + if (!s_wsec) { + s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); + nm_connection_add_setting (connection, NM_SETTING (s_wsec)); + } + g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); + } else if (flags & NM_802_11_AP_FLAGS_PRIVACY) { + if (!s_wsec) { + s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); + nm_connection_add_setting (connection, NM_SETTING (s_wsec)); + } + g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); + } + } + /* If it's an 802.1x connection, we need more information, so pop up the * Dialog Of Doom. */ diff --git a/src/connection-editor/ce-page.h b/src/connection-editor/ce-page.h index 578f62e..9510387 100644 --- a/src/connection-editor/ce-page.h +++ b/src/connection-editor/ce-page.h @@ -48,6 +48,7 @@ typedef void (*PageNewConnectionFunc) (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #define CE_TYPE_PAGE (ce_page_get_type ()) diff --git a/src/connection-editor/new-connection.c b/src/connection-editor/new-connection.c index e60cfda..46b448c 100644 --- a/src/connection-editor/new-connection.c +++ b/src/connection-editor/new-connection.c @@ -394,6 +394,7 @@ new_connection_of_type (GtkWindow *parent_window, gpointer user_data) { NewConnectionData *ncd; + NMConnectionList *list = user_data; ncd = g_slice_new (NewConnectionData); ncd->parent_window = parent_window; @@ -405,6 +406,7 @@ new_connection_of_type (GtkWindow *parent_window, detail, settings, new_connection_result, + list->nm_client, ncd); } diff --git a/src/connection-editor/page-bond.c b/src/connection-editor/page-bond.c index a211f79..19de65f 100644 --- a/src/connection-editor/page-bond.c +++ b/src/connection-editor/page-bond.c @@ -548,6 +548,7 @@ bond_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-bond.h b/src/connection-editor/page-bond.h index dcc8e1f..3844869 100644 --- a/src/connection-editor/page-bond.h +++ b/src/connection-editor/page-bond.h @@ -56,6 +56,7 @@ void bond_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_BOND_H__ */ diff --git a/src/connection-editor/page-bridge.c b/src/connection-editor/page-bridge.c index 961002a..d313dfd 100644 --- a/src/connection-editor/page-bridge.c +++ b/src/connection-editor/page-bridge.c @@ -296,6 +296,7 @@ bridge_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-bridge.h b/src/connection-editor/page-bridge.h index fa6d927..4bd0b95 100644 --- a/src/connection-editor/page-bridge.h +++ b/src/connection-editor/page-bridge.h @@ -56,6 +56,7 @@ void bridge_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_BRIDGE_H__ */ diff --git a/src/connection-editor/page-dsl.c b/src/connection-editor/page-dsl.c index f2394eb..1452590 100644 --- a/src/connection-editor/page-dsl.c +++ b/src/connection-editor/page-dsl.c @@ -227,6 +227,7 @@ dsl_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-dsl.h b/src/connection-editor/page-dsl.h index 514699a..656e3c6 100644 --- a/src/connection-editor/page-dsl.h +++ b/src/connection-editor/page-dsl.h @@ -58,6 +58,7 @@ void dsl_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc callback, + NMClient *client, gpointer user_data); #endif /* __PAGE_DSL_H__ */ diff --git a/src/connection-editor/page-ethernet.c b/src/connection-editor/page-ethernet.c index e479232..618559f 100644 --- a/src/connection-editor/page-ethernet.c +++ b/src/connection-editor/page-ethernet.c @@ -428,6 +428,7 @@ ethernet_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-ethernet.h b/src/connection-editor/page-ethernet.h index 4dd4a5c..55ade9b 100644 --- a/src/connection-editor/page-ethernet.h +++ b/src/connection-editor/page-ethernet.h @@ -58,6 +58,7 @@ void ethernet_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_ETHERNET_H__ */ diff --git a/src/connection-editor/page-infiniband.c b/src/connection-editor/page-infiniband.c index dedd368..e041bea 100644 --- a/src/connection-editor/page-infiniband.c +++ b/src/connection-editor/page-infiniband.c @@ -295,6 +295,7 @@ infiniband_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-infiniband.h b/src/connection-editor/page-infiniband.h index e895a98..97bff3b 100644 --- a/src/connection-editor/page-infiniband.h +++ b/src/connection-editor/page-infiniband.h @@ -56,6 +56,7 @@ void infiniband_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_INFINIBAND_H__ */ diff --git a/src/connection-editor/page-mobile.c b/src/connection-editor/page-mobile.c index 9000e5f..b309478 100644 --- a/src/connection-editor/page-mobile.c +++ b/src/connection-editor/page-mobile.c @@ -570,6 +570,7 @@ new_connection_mobile_wizard_done (NMAMobileWizard *wizard, NMConnection *connection = NULL; if (!canceled && method) { + NMSettingConnection *s_con; NMSetting *type_setting; const char *ctype = NULL; char *detail = NULL; @@ -583,6 +584,7 @@ new_connection_mobile_wizard_done (NMAMobileWizard *wizard, NM_SETTING_GSM_NUMBER, "*99#", NM_SETTING_GSM_USERNAME, method->username, NM_SETTING_GSM_PASSWORD, method->password, + NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NM_SETTING_GSM_APN, method->gsm_apn, NULL); break; @@ -594,6 +596,7 @@ new_connection_mobile_wizard_done (NMAMobileWizard *wizard, NM_SETTING_CDMA_NUMBER, "#777", NM_SETTING_GSM_USERNAME, method->username, NM_SETTING_GSM_PASSWORD, method->password, + NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); break; default: @@ -608,6 +611,13 @@ new_connection_mobile_wizard_done (NMAMobileWizard *wizard, connection = ce_page_new_connection (detail, ctype, FALSE, info->settings, info->user_data); g_free (detail); + s_con = nm_connection_get_setting_connection (connection); + if (!s_con) { + s_con = (NMSettingConnection *) nm_setting_connection_new (); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + } + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, type_setting); add_default_serial_setting (connection); nm_connection_add_setting (connection, nm_setting_ppp_new ()); @@ -633,6 +643,7 @@ mobile_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMAMobileWizard *wizard; diff --git a/src/connection-editor/page-mobile.h b/src/connection-editor/page-mobile.h index ab2903c..bc5b479 100644 --- a/src/connection-editor/page-mobile.h +++ b/src/connection-editor/page-mobile.h @@ -58,6 +58,7 @@ void mobile_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_MOBILE_H__ */ diff --git a/src/connection-editor/page-vlan.c b/src/connection-editor/page-vlan.c index a60704f..aac89b3 100644 --- a/src/connection-editor/page-vlan.c +++ b/src/connection-editor/page-vlan.c @@ -712,6 +712,7 @@ vlan_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-vlan.h b/src/connection-editor/page-vlan.h index 0e66a06..c7969aa 100644 --- a/src/connection-editor/page-vlan.h +++ b/src/connection-editor/page-vlan.h @@ -56,6 +56,7 @@ void vlan_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_VLAN_H__ */ diff --git a/src/connection-editor/page-vpn.c b/src/connection-editor/page-vpn.c index 080b422..20e6c61 100644 --- a/src/connection-editor/page-vpn.c +++ b/src/connection-editor/page-vpn.c @@ -295,9 +295,11 @@ vpn_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; + NMSettingConnection *s_con; NMSetting *s_vpn; if (!detail) { @@ -323,6 +325,14 @@ vpn_connection_new (GtkWindow *parent, FALSE, settings, user_data); + + s_con = nm_connection_get_setting_connection (connection); + if (!s_con) { + s_con = (NMSettingConnection *) nm_setting_connection_new (); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + } + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + s_vpn = nm_setting_vpn_new (); g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, detail, NULL); nm_connection_add_setting (connection, s_vpn); diff --git a/src/connection-editor/page-vpn.h b/src/connection-editor/page-vpn.h index 2339732..74ae225 100644 --- a/src/connection-editor/page-vpn.h +++ b/src/connection-editor/page-vpn.h @@ -60,6 +60,7 @@ void vpn_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); void vpn_connection_import (GtkWindow *parent, diff --git a/src/connection-editor/page-wifi.c b/src/connection-editor/page-wifi.c index aa26a82..7d0d2b7 100644 --- a/src/connection-editor/page-wifi.c +++ b/src/connection-editor/page-wifi.c @@ -33,6 +33,8 @@ #include #include +#include "utils.h" + #include "page-wifi.h" G_DEFINE_TYPE (CEPageWifi, ce_page_wifi, CE_TYPE_PAGE) @@ -642,6 +644,7 @@ wifi_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; @@ -652,6 +655,17 @@ wifi_connection_new (GtkWindow *parent, TRUE, settings, user_data); + + if (utils_default_to_private_connection (client)) { + NMSettingConnection *s_con; + s_con = nm_connection_get_setting_connection (connection); + if (!s_con) { + s_con = (NMSettingConnection *) nm_setting_connection_new (); + nm_connection_add_setting (connection, NM_SETTING (s_con)); + } + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + } + s_wifi = nm_setting_wireless_new (); g_object_set (s_wifi, NM_SETTING_WIRELESS_MODE, "infrastructure", NULL); nm_connection_add_setting (connection, s_wifi); diff --git a/src/connection-editor/page-wifi.h b/src/connection-editor/page-wifi.h index c039b00..b89e589 100644 --- a/src/connection-editor/page-wifi.h +++ b/src/connection-editor/page-wifi.h @@ -62,6 +62,7 @@ void wifi_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_WIFI_H__ */ diff --git a/src/connection-editor/page-wimax.c b/src/connection-editor/page-wimax.c index 9b92a5c..c57116e 100644 --- a/src/connection-editor/page-wimax.c +++ b/src/connection-editor/page-wimax.c @@ -225,6 +225,7 @@ wimax_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data) { NMConnection *connection; diff --git a/src/connection-editor/page-wimax.h b/src/connection-editor/page-wimax.h index 6938284..91d937c 100644 --- a/src/connection-editor/page-wimax.h +++ b/src/connection-editor/page-wimax.h @@ -56,6 +56,7 @@ void wimax_connection_new (GtkWindow *parent, const char *detail, NMRemoteSettings *settings, PageNewConnectionResultFunc result_func, + NMClient *client, gpointer user_data); #endif /* __PAGE_WIMAX_H__ */ diff --git a/src/gnome-bluetooth/nma-bt-device.c b/src/gnome-bluetooth/nma-bt-device.c index 968dc89..b16e9ea 100644 --- a/src/gnome-bluetooth/nma-bt-device.c +++ b/src/gnome-bluetooth/nma-bt-device.c @@ -354,6 +354,7 @@ dun_new_cdma (NMAMobileWizardAccessMethod *method) NM_SETTING_CDMA_NUMBER, "#777", NM_SETTING_CDMA_USERNAME, method->username, NM_SETTING_CDMA_PASSWORD, method->password, + NM_SETTING_CDMA_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); nm_connection_add_setting (connection, setting); @@ -380,6 +381,7 @@ dun_new_cdma (NMAMobileWizardAccessMethod *method) NULL); g_free (uuid); g_free (id); + nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); nm_connection_add_setting (connection, setting); return connection; @@ -399,6 +401,7 @@ dun_new_gsm (NMAMobileWizardAccessMethod *method) NM_SETTING_GSM_NUMBER, "*99#", NM_SETTING_GSM_USERNAME, method->username, NM_SETTING_GSM_PASSWORD, method->password, + NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NM_SETTING_GSM_APN, method->gsm_apn, NULL); nm_connection_add_setting (connection, setting); @@ -426,6 +429,7 @@ dun_new_gsm (NMAMobileWizardAccessMethod *method) NULL); g_free (uuid); g_free (id); + nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); nm_connection_add_setting (connection, setting); return connection; @@ -985,6 +989,7 @@ add_pan_connection (NmaBtDevice *self) NULL); g_free (id); g_free (uuid); + nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); nm_connection_add_setting (connection, setting); /* The Bluetooth settings */ diff --git a/src/libnm-gtk/nm-wifi-dialog.c b/src/libnm-gtk/nm-wifi-dialog.c index 8a98957..77c1a0a 100644 --- a/src/libnm-gtk/nm-wifi-dialog.c +++ b/src/libnm-gtk/nm-wifi-dialog.c @@ -38,6 +38,7 @@ #include "nm-wifi-dialog.h" #include "wireless-security.h" #include "nm-ui-utils.h" +#include "utils.h" G_DEFINE_TYPE (NMAWifiDialog, nma_wifi_dialog, GTK_TYPE_DIALOG) @@ -1203,6 +1204,9 @@ nma_wifi_dialog_get_connection (NMAWifiDialog *self, NM_SETTING_CONNECTION_UUID, uuid, NULL); g_free (uuid); + if (utils_default_to_private_connection (priv->client)) { + nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); + } nm_connection_add_setting (connection, (NMSetting *) s_con); s_wireless = (NMSettingWireless *) nm_setting_wireless_new (); diff --git a/src/mobile-helpers.c b/src/mobile-helpers.c index 4c1db5f..371808c 100644 --- a/src/mobile-helpers.c +++ b/src/mobile-helpers.c @@ -172,6 +172,7 @@ mobile_wizard_done (NMAMobileWizard *wizard, NM_SETTING_CDMA_NUMBER, "#777", NM_SETTING_CDMA_USERNAME, method->username, NM_SETTING_CDMA_PASSWORD, method->password, + NM_SETTING_CDMA_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); nm_connection_add_setting (connection, setting); } else if (method->devtype == NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) { @@ -182,6 +183,7 @@ mobile_wizard_done (NMAMobileWizard *wizard, NM_SETTING_GSM_USERNAME, method->username, NM_SETTING_GSM_PASSWORD, method->password, NM_SETTING_GSM_APN, method->gsm_apn, + NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); nm_connection_add_setting (connection, setting); } else @@ -210,6 +212,7 @@ mobile_wizard_done (NMAMobileWizard *wizard, NULL); g_free (uuid); g_free (id); + nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); nm_connection_add_setting (connection, setting); } diff --git a/src/utils/utils.c b/src/utils/utils.c index 00f8596..79ec21f 100644 --- a/src/utils/utils.c +++ b/src/utils/utils.c @@ -209,3 +209,10 @@ utils_show_error_dialog (const char *title, } } +gboolean +utils_default_to_private_connection (NMClient *client) +{ + NMClientPermissionResult perms; + perms = nm_client_get_permission_result (client, NM_CLIENT_PERMISSION_SETTINGS_MODIFY_SYSTEM); + return (perms != NM_CLIENT_PERMISSION_RESULT_YES); +} diff --git a/src/utils/utils.h b/src/utils/utils.h index 0da159a..fc392fe 100644 --- a/src/utils/utils.h +++ b/src/utils/utils.h @@ -27,6 +27,7 @@ #include #include #include +#include #include #include @@ -53,6 +54,8 @@ void utils_show_error_dialog (const char *title, gboolean modal, GtkWindow *parent); +gboolean utils_default_to_private_connection (NMClient *client); + #define NMA_ERROR (g_quark_from_static_string ("nma-error-quark")) typedef enum { diff --git a/src/wireless-security/ws-wep-key.c b/src/wireless-security/ws-wep-key.c index 6af08df..d75e567 100644 --- a/src/wireless-security/ws-wep-key.c +++ b/src/wireless-security/ws-wep-key.c @@ -142,6 +142,7 @@ static void fill_connection (WirelessSecurity *parent, NMConnection *connection) { WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent; + NMSettingConnection *s_con; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wsec; GtkWidget *widget; @@ -156,6 +157,8 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection) key = gtk_entry_get_text (GTK_ENTRY (widget)); strcpy (sec->keys[sec->cur_index], key); + s_con = nm_connection_get_setting_connection (connection); + s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); @@ -172,6 +175,10 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection) NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type, NULL); + /* If the connection is user-owned, mark the secrets as agent-owned */ + if (s_con && nm_setting_connection_get_num_permissions (s_con)) + g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); + for (i = 0; i < 4; i++) { if (strlen (sec->keys[i])) nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]); diff --git a/src/wireless-security/ws-wpa-psk.c b/src/wireless-security/ws-wpa-psk.c index f19b25a..721399f 100644 --- a/src/wireless-security/ws-wpa-psk.c +++ b/src/wireless-security/ws-wpa-psk.c @@ -92,11 +92,13 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection) { GtkWidget *widget; const char *key; + NMSettingConnection *s_con; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; const char *mode; gboolean is_adhoc = FALSE; + s_con = nm_connection_get_setting_connection (connection); s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); @@ -113,6 +115,9 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection) widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry")); key = gtk_entry_get_text (GTK_ENTRY (widget)); g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); + /* If the connection is user-owned, mark the secrets as agent-owned */ + if (s_con && nm_setting_connection_get_num_permissions (s_con)) + g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); wireless_security_clear_ciphers (connection); if (is_adhoc) { -- 1.7.10.4