diff options
| -rw-r--r-- | clients/cli/connections.c | 36 | ||||
| -rw-r--r-- | clients/cli/settings.c | 11 | ||||
| -rw-r--r-- | clients/cli/settings.h | 2 |
3 files changed, 49 insertions, 0 deletions
diff --git a/clients/cli/connections.c b/clients/cli/connections.c index 09adf0e812..231b702ab3 100644 --- a/clients/cli/connections.c +++ b/clients/cli/connections.c @@ -1716,6 +1716,11 @@ get_connection (NmCli *nmc, int *argc, char ***argv, int *pos, GError **error) _("unknown connection '%s'"), **argv); } + /* This connection has no secrets until we update it with ones. */ + g_object_set (NM_REMOTE_CONNECTION (connection), + NM_REMOTE_CONNECTION_SERIALIZE_FLAGS, NM_CONNECTION_SERIALIZE_NO_SECRETS, + NULL); + /* If the caller wants multiple results (pos is set) and there are any, * don't switch to next argument. */ @@ -3632,6 +3637,32 @@ reset_options (void) } } +/* + * If the connection is a remote connection, update it with secrets. Set a flag to + * indicate we're serializing the secrets if we commit the connection. + */ +static void +ensure_remote_secrets (NMConnection *connection) +{ + NMConnectionSerializationFlags serialize_flags; + + /* If this is not a remote connection, it is thought to always + * have secrets. */ + if (!NM_IS_REMOTE_CONNECTION (connection)) + return; + + g_object_get (connection, + NM_REMOTE_CONNECTION_SERIALIZE_FLAGS, &serialize_flags, + NULL); + + if (serialize_flags == NM_CONNECTION_SERIALIZE_NO_SECRETS) + update_secrets_in_connection (NM_REMOTE_CONNECTION (connection), connection); + + g_object_set (connection, + NM_REMOTE_CONNECTION_SERIALIZE_FLAGS, NM_CONNECTION_SERIALIZE_ALL, + NULL); +} + static gboolean set_property (NMConnection *connection, const char *setting_name, const char *property, const char *value, @@ -3664,6 +3695,11 @@ set_property (NMConnection *connection, return FALSE; } + /* If we're setting a secret, we better make sure we are aware of the + * other secrets too. */ + if (nmc_setting_property_is_secret (setting, property_name)) + ensure_remote_secrets (connection); + if (modifier != '-') { /* Set/add value */ if (modifier != '+') { diff --git a/clients/cli/settings.c b/clients/cli/settings.c index 40cf9754ad..c8f60d104b 100644 --- a/clients/cli/settings.c +++ b/clients/cli/settings.c @@ -8254,6 +8254,17 @@ nmc_setting_get_property_parsable (NMSetting *setting, const char *prop, GError return get_property_val (setting, prop, NMC_PROPERTY_GET_PARSABLE, error); } +gboolean +nmc_setting_property_is_secret (NMSetting *setting, const char *prop) +{ + GParamSpec *param_spec; + + param_spec = g_object_class_find_property (G_OBJECT_GET_CLASS (G_OBJECT (setting)), prop); + if (param_spec) + return !!(param_spec->flags & NM_SETTING_PARAM_SECRET); + return FALSE; +} + /* * Generic function for setting property value. * diff --git a/clients/cli/settings.h b/clients/cli/settings.h index ad503f9ef6..c732328d10 100644 --- a/clients/cli/settings.h +++ b/clients/cli/settings.h @@ -45,6 +45,8 @@ char *nmc_setting_get_property (NMSetting *setting, char *nmc_setting_get_property_parsable (NMSetting *setting, const char *prop, GError **error); +gboolean nmc_setting_property_is_secret (NMSetting *setting, + const char *prop); gboolean nmc_setting_set_property (NMSetting *setting, const char *prop, const char *val, |