diff options
author | Jiří Klimeš <jklimes@redhat.com> | 2014-11-11 13:15:19 +0100 |
---|---|---|
committer | Jiří Klimeš <jklimes@redhat.com> | 2014-11-11 16:55:35 +0100 |
commit | c1fba69ec2bfb59b4f9f40e9c24589f2a346d682 (patch) | |
tree | ac721cb9683f994d2ac37ae44b9898ac8072b2c3 | |
parent | b75dfc62e899098e1178fddf991dce2772c51eec (diff) | |
download | NetworkManager-jk/clients-secrets-ask-fix.tar.gz |
clients: only handle secret requests for connection being explicitly activatedjk/clients-secrets-ask-fix
When a connection is being activated, nmcli could ask for secrets for another
connection, which might confuse users. We check the request now and only ask
for secrets of connection being activated.
Test case:
$ nmcli con up my-ethernet0
Passwords or encryption keys are required to access the wireless network 'Red Hat'.
Warning: password for '802-1x.identity' not given in 'passwd-file' and nmcli cannot ask without '--ask' option.
-rw-r--r-- | clients/cli/agent.c | 2 | ||||
-rw-r--r-- | clients/cli/connections.c | 3 | ||||
-rw-r--r-- | clients/common/nm-secret-agent-simple.c | 27 | ||||
-rw-r--r-- | clients/common/nm-secret-agent-simple.h | 2 | ||||
-rw-r--r-- | clients/tui/nmtui-connect.c | 2 |
5 files changed, 28 insertions, 8 deletions
diff --git a/clients/cli/agent.c b/clients/cli/agent.c index 9d4869b11e..2b606a7fca 100644 --- a/clients/cli/agent.c +++ b/clients/cli/agent.c @@ -142,7 +142,7 @@ static NMCResultCode do_agent_secret (NmCli *nmc, int argc, char **argv) { /* Create secret agent */ - nmc->secret_agent = nm_secret_agent_simple_new ("nmcli-agent"); + nmc->secret_agent = nm_secret_agent_simple_new ("nmcli-agent", NULL); if (nmc->secret_agent) { /* We keep running */ nmc->should_wait = TRUE; diff --git a/clients/cli/connections.c b/clients/cli/connections.c index 5327634926..ae1250aab2 100644 --- a/clients/cli/connections.c +++ b/clients/cli/connections.c @@ -2109,6 +2109,7 @@ nmc_activate_connection (NmCli *nmc, GError **error) { ActivateConnectionInfo *info; + GHashTable *pwds_hash; NMDevice *device = NULL; const char *spec_object = NULL; @@ -2153,7 +2154,7 @@ nmc_activate_connection (NmCli *nmc, nmc->pwds_hash = pwds_hash; /* Create secret agent */ - nmc->secret_agent = nm_secret_agent_simple_new ("nmcli-connect"); + nmc->secret_agent = nm_secret_agent_simple_new ("nmcli-connect", nm_object_get_path (NM_OBJECT (connection))); if (nmc->secret_agent) g_signal_connect (nmc->secret_agent, "request-secrets", G_CALLBACK (secrets_requested), nmc); diff --git a/clients/common/nm-secret-agent-simple.c b/clients/common/nm-secret-agent-simple.c index cb1f086016..3848bf9302 100644 --- a/clients/common/nm-secret-agent-simple.c +++ b/clients/common/nm-secret-agent-simple.c @@ -61,6 +61,8 @@ typedef struct { typedef struct { /* <char *request_id, NMSecretAgentSimpleRequest *request> */ GHashTable *requests; + + char *path; } NMSecretAgentSimplePrivate; static void @@ -110,6 +112,8 @@ nm_secret_agent_simple_finalize (GObject *object) g_hash_table_destroy (priv->requests); g_error_free (error); + g_free (priv->path); + G_OBJECT_CLASS (nm_secret_agent_simple_parent_class)->finalize (object); } @@ -447,6 +451,14 @@ nm_secret_agent_simple_get_secrets (NMSecretAgent *agent, return; } + if (priv->path && g_strcmp0 (priv->path, connection_path) != 0) { + /* We only handle requests for connection with @path if set. */ + error = g_error_new (NM_SECRET_AGENT_ERROR, NM_SECRET_AGENT_ERROR_FAILED, + "Request for %s secrets doesn't match path %s", + request_id, priv->path); + goto nope; + } + s_con = nm_connection_get_setting_connection (connection); connection_type = nm_setting_connection_get_connection_type (s_con); @@ -627,15 +639,22 @@ nm_secret_agent_simple_class_init (NMSecretAgentSimpleClass *klass) /** * nm_secret_agent_simple_new: * @name: the identifier of secret agent + * @path: (allow-none): the path of the connection the agent handle secrets for, + * or %NULL to handle requests for all connections * * Creates a new #NMSecretAgentSimple. * * Returns: a new #NMSecretAgentSimple */ NMSecretAgent * -nm_secret_agent_simple_new (const char *name) +nm_secret_agent_simple_new (const char *name, const char *path) { - return g_initable_new (NM_TYPE_SECRET_AGENT_SIMPLE, NULL, NULL, - NM_SECRET_AGENT_IDENTIFIER, name, - NULL); + NMSecretAgent *agent; + + agent = g_initable_new (NM_TYPE_SECRET_AGENT_SIMPLE, NULL, NULL, + NM_SECRET_AGENT_IDENTIFIER, name, + NULL); + NM_SECRET_AGENT_SIMPLE_GET_PRIVATE (agent)->path = g_strdup (path); + + return agent; } diff --git a/clients/common/nm-secret-agent-simple.h b/clients/common/nm-secret-agent-simple.h index 7e11d2a5c0..b1cc304492 100644 --- a/clients/common/nm-secret-agent-simple.h +++ b/clients/common/nm-secret-agent-simple.h @@ -47,7 +47,7 @@ typedef struct { GType nm_secret_agent_simple_get_type (void); -NMSecretAgent *nm_secret_agent_simple_new (const char *name); +NMSecretAgent *nm_secret_agent_simple_new (const char *name, const char *path); void nm_secret_agent_simple_response (NMSecretAgentSimple *self, const char *request_id, GPtrArray *secrets); diff --git a/clients/tui/nmtui-connect.c b/clients/tui/nmtui-connect.c index e2ffeb6495..26f7296a66 100644 --- a/clients/tui/nmtui-connect.c +++ b/clients/tui/nmtui-connect.c @@ -145,7 +145,7 @@ activate_connection (NMConnection *connection, label = nmt_newt_label_new (_("Connecting...")); nmt_newt_form_set_content (form, label); - agent = nm_secret_agent_simple_new ("nmtui"); + agent = nm_secret_agent_simple_new ("nmtui", nm_object_get_path (NM_OBJECT (connection))); g_signal_connect (agent, "request-secrets", G_CALLBACK (secrets_requested), NULL); specific_object_path = specific_object ? nm_object_get_path (specific_object) : NULL; |