Inconsistency in flags sent to GetSecrets() for VPN connections
- From: Ionuț Leonte <ionut leonte gmail com>
- To: networkmanager-list gnome org
- Subject: Inconsistency in flags sent to GetSecrets() for VPN connections
- Date: Wed, 26 Aug 2020 09:03:12 +0300
Hello,
I have the following code:
import gi
gi.require_version('NM', '1.0')
from gi.repository import GLib, Gio, NM
def handle_method_call(
connection, sender, object_path, interface_name,
method_name, params, invocation
):
if interface_name == 'org.freedesktop.NetworkManager.SecretAgent':
if method_name == 'GetSecrets':
conn, path, sett, hints, flags = params.unpack()
print(f'GetSecrets():')
print(f' path = {path}')
print(f' sett = {sett}')
print(f' hints = {hints}')
print(f' flags = {flags}')
invocation.return_value(
GLib.Variant.new_tuple(GLib.Variant('a{sa{sv}}', {}))
)
return
invocation.return_value(GLib.Variant('()', ()))
xml_path = 'org.freedesktop.NetworkManager.SecretAgent.xml' # from [2]
xml = open(xml_path, 'r').read()
node = Gio.DBusNodeInfo.new_for_xml(xml)
print(f'Getting DBus proxy for org.freedesktop.NetworkManager')
proxy = Gio.DBusProxy.new_for_bus_sync(
Gio.BusType.SYSTEM,
Gio.DBusProxyFlags.NONE,
None,
"org.freedesktop.NetworkManager",
"/org/freedesktop/NetworkManager/AgentManager",
"org.freedesktop.NetworkManager.AgentManager",
None,
)
print(f'Registering SecretAgent interface')
proxy.get_connection().register_object(
"/org/freedesktop/NetworkManager/SecretAgent",
node.interfaces[0],
handle_method_call,
None, None
)
print(f'Registering SecretAgent object')
proxy.call_sync(
"Register",
GLib.Variant.new_tuple(GLib.Variant.new_string('dev.ileonte.VPNSSO')),
Gio.DBusCallFlags.NO_AUTO_START,
-1,
None)
loop = GLib.MainLoop()
loop.run()
It registers as a SecretAgent and prints the parameters that NetworkManager
sends to its GetSecret() method.
With KDE - tested on Gentoo (NM version 1.26.0) and Kubuntu 20.04 (NM version
1.22.10) - I see the following (correct?) behavior:
- when I go to System Settings > Connections and click on a VPN connection
(to see the settings of the connection) my GetSecrets() function gets
called once with flags=4 (ie. USER_REQUESTED - see [1])
- when I try to activate a VPN connection (via nmcli OR from the connections
page in System Settings OR via the Plasma NetworkManager applet) my
function gets called twice - once with flags=4 then immediately after
with flags=5 (USER_REQUESTED | ALLOW_INTERACTION)
With GNOME - tested on Fedora 32 (NM version 1.22.14) and Ubuntu 20.04 (NM
version 1.22.10) - I see the following (incorrect?)
behavior:
- when I go to Settings > Network and edit a VPN connection my function
gets called once with flags=4 (same as the KDE case)
- when I activate a VPN connection via nmcli or from Settings > Network my
function gets called twice - once with flags=4 and once with flags=5
immediately after
- (!!) when I activate a VPN connection via the GNOME NetworkManager applet
however my function only gets called once with flags=4. After that the
default authentication dialog pops up and my function never gets called
again. Furthermore, when testing with an OpenConnect VPN, I can see that
nm-openconnect-auth-dialog gets run with the `-i` (interactive) parameter
even though my function gets called without ALLOW_INTERACTION set in flags
I have tested with two types of VPN connection (OpenConnect and OpenVPN) and
I have seen this in both cases.
Is this intended behavior? Seems to me like the GNOME applet is maybe missing
some fix that was applied to the Settings > Network page in GNOME.
PS: On an older distribution (Ubuntu 18.04 with NM version 1.10.0) my function
always gets called with flags=4 so it looks to me like support for
ALLOW_INTERACTION was introduced only to some of the components.
[1] https://lazka.github.io/pgi-docs/#NM-1.0/flags.html#NM.SecretAgentGetSecretsFlags
[2]
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/master/introspection/org.freedesktop.NetworkManager.SecretAgent.xml
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
