1
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
2
/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
4
* Dan Williams <dcbw@redhat.com>
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* (at your option) any later version.
11
* This program is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License along
17
* with this program; if not, write to the Free Software Foundation, Inc.,
18
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20
* (C) Copyright 2004 - 2011 Red Hat, Inc.
27
#include <sys/types.h>
33
#include <glib-object.h>
35
#include "applet-vpn-request.h"
36
#include "nma-marshal.h"
37
#include <nm-connection.h>
38
#include <nm-setting-connection.h>
39
#include <nm-setting-vpn.h>
40
#include <nm-secret-agent.h>
42
#define APPLET_TYPE_VPN_REQUEST (applet_vpn_request_get_type ())
43
#define APPLET_VPN_REQUEST(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), APPLET_TYPE_VPN_REQUEST, AppletVpnRequest))
44
#define APPLET_VPN_REQUEST_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), APPLET_TYPE_VPN_REQUEST, AppletVpnRequestClass))
45
#define APPLET_IS_VPN_REQUEST(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), APPLET_TYPE_VPN_REQUEST))
46
#define APPLET_IS_VPN_REQUEST_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), APPLET_TYPE_VPN_REQUEST))
47
#define APPLET_VPN_REQUEST_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), APPLET_TYPE_VPN_REQUEST, AppletVpnRequestClass))
55
} AppletVpnRequestClass;
57
GType applet_vpn_request_get_type (void);
59
G_DEFINE_TYPE (AppletVpnRequest, applet_vpn_request, G_TYPE_OBJECT)
61
#define APPLET_VPN_REQUEST_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), \
62
APPLET_TYPE_VPN_REQUEST, \
63
AppletVpnRequestPrivate))
80
guint channel_eventid;
81
} AppletVpnRequestPrivate;
83
/****************************************************************/
87
AppletVpnRequest *vpn;
90
#define DBUS_TYPE_G_MAP_OF_STRING (dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_STRING))
93
child_finished_cb (GPid pid, gint status, gpointer user_data)
95
SecretsRequest *req = user_data;
96
VpnSecretsInfo *info = (VpnSecretsInfo *) req;
97
AppletVpnRequest *self = info->vpn;
98
AppletVpnRequestPrivate *priv = APPLET_VPN_REQUEST_GET_PRIVATE (self);
100
GHashTable *settings = NULL;
103
GHashTable *vpn, *secrets;
107
settings = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, (GDestroyNotify) g_hash_table_destroy);
109
vpn = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, (GDestroyNotify) g_value_unset);
110
g_hash_table_insert (settings, NM_SETTING_VPN_SETTING_NAME, vpn);
112
secrets = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, NULL);
113
g_value_init (&val, DBUS_TYPE_G_MAP_OF_STRING);
114
g_value_take_boxed (&val, secrets);
115
g_hash_table_insert (vpn, NM_SETTING_VPN_SECRETS, &val);
117
/* The length of 'lines' must be divisible by 2 since it must contain
118
* key:secret pairs with the key on one line and the associated secret
121
for (iter = priv->lines; iter; iter = g_slist_next (iter)) {
124
g_hash_table_insert (secrets, (char *) iter->data, (char *) iter->next->data);
128
error = g_error_new (NM_SECRET_AGENT_ERROR,
129
NM_SECRET_AGENT_ERROR_USER_CANCELED,
130
"%s.%d (%s): canceled", __FILE__, __LINE__, __func__);
133
/* Complete the secrets request */
134
applet_secrets_request_complete (req, settings, error);
135
applet_secrets_request_free (req);
138
g_hash_table_destroy (settings);
139
g_clear_error (&error);
143
child_stdout_data_cb (GIOChannel *source, GIOCondition condition, gpointer user_data)
145
VpnSecretsInfo *info = user_data;
146
AppletVpnRequest *self = info->vpn;
147
AppletVpnRequestPrivate *priv = APPLET_VPN_REQUEST_GET_PRIVATE (self);
148
const char *buf = "QUIT\n\n";
152
if (!(condition & G_IO_IN))
155
if (g_io_channel_read_line (source, &str, NULL, NULL, NULL) == G_IO_STATUS_NORMAL) {
157
if (len == 1 && str[0] == '\n') {
158
/* on second line with a newline newline */
159
if (++priv->num_newlines == 2) {
160
/* terminate the child */
161
if (write (priv->child_stdin, buf, strlen (buf)) == -1)
164
} else if (len > 0) {
165
/* remove terminating newline */
167
priv->lines = g_slist_append (priv->lines, str);
174
find_auth_dialog_binary (const char *service, GError **error)
180
dir = g_dir_open (VPN_NAME_FILES_DIR, 0, NULL);
183
NM_SECRET_AGENT_ERROR,
184
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
185
"Failed to open VPN plugin file configuration directory " VPN_NAME_FILES_DIR);
189
while (prog == NULL && (f = g_dir_read_name (dir)) != NULL) {
193
if (!g_str_has_suffix (f, ".name"))
196
path = g_strdup_printf ("%s/%s", VPN_NAME_FILES_DIR, f);
198
keyfile = g_key_file_new ();
199
if (g_key_file_load_from_file (keyfile, path, 0, NULL)) {
202
thisservice = g_key_file_get_string (keyfile, "VPN Connection", "service", NULL);
203
if (g_strcmp0 (thisservice, service) == 0)
204
prog = g_key_file_get_string (keyfile, "GNOME", "auth-dialog", NULL);
205
g_free (thisservice);
207
g_key_file_free (keyfile);
214
NM_SECRET_AGENT_ERROR,
215
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
216
"Could not find the authentication dialog for VPN connection type '%s'",
221
/* Remove any path component, then reconstruct path to the auth
222
* dialog in LIBEXECDIR.
224
prog_basename = g_path_get_basename (prog);
226
prog = g_strdup_printf ("%s/%s", LIBEXECDIR, prog_basename);
227
g_free (prog_basename);
234
free_vpn_secrets_info (SecretsRequest *req)
236
VpnSecretsInfo *info = (VpnSecretsInfo *) req;
239
g_object_unref (info->vpn);
243
applet_vpn_request_get_secrets_size (void)
245
return sizeof (VpnSecretsInfo);
254
static const char *data_key_tag = "DATA_KEY=";
255
static const char *data_val_tag = "DATA_VAL=";
256
static const char *secret_key_tag = "SECRET_KEY=";
257
static const char *secret_val_tag = "SECRET_VAL=";
260
write_item (int fd, const char *item, GError **error)
262
size_t item_len = strlen (item);
265
if (write (fd, item, item_len) != item_len) {
267
NM_SECRET_AGENT_ERROR,
268
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
269
"Failed to write connection to VPN UI: errno %d", errno);
276
write_one_key_val (const char *key, const char *value, gpointer user_data)
278
WriteItemInfo *info = user_data;
281
if (info->error && *(info->error))
284
/* Write the key name */
285
tag = info->secret ? secret_key_tag : data_key_tag;
286
if (!write_item (info->fd, tag, info->error))
288
if (!write_item (info->fd, key, info->error))
290
if (!write_item (info->fd, "\n", info->error))
293
/* Write the key value */
294
tag = info->secret ? secret_val_tag : data_val_tag;
295
if (!write_item (info->fd, tag, info->error))
297
if (!write_item (info->fd, value ? value : "", info->error))
299
if (!write_item (info->fd, "\n\n", info->error))
304
write_connection_to_child (int fd, NMConnection *connection, GError **error)
307
WriteItemInfo info = { .fd = fd, .secret = FALSE, .error = error };
309
s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
311
g_set_error_literal (error,
312
NM_SECRET_AGENT_ERROR,
313
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
314
"Connection had no VPN setting");
318
nm_setting_vpn_foreach_data_item (s_vpn, write_one_key_val, &info);
323
nm_setting_vpn_foreach_secret (s_vpn, write_one_key_val, &info);
327
if (!write_item (fd, "DONE\n\n", error))
334
vpn_child_setup (gpointer user_data G_GNUC_UNUSED)
336
/* We are in the child process at this point */
337
pid_t pid = getpid ();
342
applet_vpn_request_get_secrets (SecretsRequest *req, GError **error)
344
VpnSecretsInfo *info = (VpnSecretsInfo *) req;
345
AppletVpnRequestPrivate *priv;
346
NMSettingConnection *s_con;
348
const char *connection_type;
349
const char *service_type;
351
const char *argv[10];
352
gboolean success = FALSE;
355
applet_secrets_request_set_free_func (req, free_vpn_secrets_info);
357
s_con = (NMSettingConnection *) nm_connection_get_setting (req->connection, NM_TYPE_SETTING_CONNECTION);
358
g_return_val_if_fail (s_con != NULL, FALSE);
360
connection_type = nm_setting_connection_get_connection_type (s_con);
361
g_return_val_if_fail (connection_type != NULL, FALSE);
362
g_return_val_if_fail (strcmp (connection_type, NM_SETTING_VPN_SETTING_NAME) == 0, FALSE);
364
s_vpn = NM_SETTING_VPN (nm_connection_get_setting (req->connection, NM_TYPE_SETTING_VPN));
365
g_return_val_if_fail (s_vpn != NULL, FALSE);
367
service_type = nm_setting_vpn_get_service_type (s_vpn);
368
g_return_val_if_fail (service_type != NULL, FALSE);
370
/* find the auth-dialog binary */
371
bin_path = find_auth_dialog_binary (service_type, error);
375
info->vpn = (AppletVpnRequest *) g_object_new (APPLET_TYPE_VPN_REQUEST, NULL);
377
g_set_error_literal (error,
378
NM_SECRET_AGENT_ERROR,
379
NM_SECRET_AGENT_ERROR_INTERNAL_ERROR,
380
"Could not create VPN secrets request object");
384
priv = APPLET_VPN_REQUEST_GET_PRIVATE (info->vpn);
386
memset (argv, 0, sizeof (argv));
387
argv[i++] = bin_path;
389
argv[i++] = nm_setting_connection_get_uuid (s_con);
391
argv[i++] = nm_setting_connection_get_id (s_con);
393
argv[i++] = service_type;
394
if (req->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION)
396
if (req->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW)
399
if (!g_spawn_async_with_pipes (NULL, /* working_directory */
400
(gchar **) argv, /* argv */
402
G_SPAWN_DO_NOT_REAP_CHILD, /* flags */
403
vpn_child_setup, /* child_setup */
404
NULL, /* user_data */
405
&priv->pid, /* child_pid */
406
&priv->child_stdin, /* standard_input */
407
&priv->child_stdout, /* standard_output */
408
NULL, /* standard_error */
412
/* catch when child is reaped */
413
priv->watch_id = g_child_watch_add (priv->pid, child_finished_cb, info);
415
/* listen to what child has to say */
416
priv->channel = g_io_channel_unix_new (priv->child_stdout);
417
priv->channel_eventid = g_io_add_watch (priv->channel, G_IO_IN, child_stdout_data_cb, info);
418
g_io_channel_set_encoding (priv->channel, NULL, NULL);
420
/* Dump parts of the connection to the child */
421
success = write_connection_to_child (priv->child_stdin, req->connection, error);
429
applet_vpn_request_init (AppletVpnRequest *self)
434
ensure_killed (gpointer data)
436
pid_t pid = GPOINTER_TO_INT (data);
438
if (kill (pid, 0) == 0)
440
/* ensure the child is reaped */
441
waitpid (pid, NULL, 0);
446
dispose (GObject *object)
448
AppletVpnRequest *self = APPLET_VPN_REQUEST (object);
449
AppletVpnRequestPrivate *priv = APPLET_VPN_REQUEST_GET_PRIVATE (self);
454
priv->disposed = TRUE;
458
g_free (priv->service_type);
461
g_source_remove (priv->watch_id);
463
if (priv->channel_eventid)
464
g_source_remove (priv->channel_eventid);
466
g_io_channel_unref (priv->channel);
469
g_spawn_close_pid (priv->pid);
470
if (kill (priv->pid, SIGTERM) == 0)
471
g_timeout_add_seconds (2, ensure_killed, GINT_TO_POINTER (priv->pid));
473
kill (priv->pid, SIGKILL);
474
/* ensure the child is reaped */
475
waitpid (priv->pid, NULL, 0);
479
g_slist_foreach (priv->lines, (GFunc) g_free, NULL);
480
g_slist_free (priv->lines);
483
G_OBJECT_CLASS (applet_vpn_request_parent_class)->dispose (object);
487
applet_vpn_request_class_init (AppletVpnRequestClass *req_class)
489
GObjectClass *object_class = G_OBJECT_CLASS (req_class);
491
g_type_class_add_private (req_class, sizeof (AppletVpnRequestPrivate));
493
/* virtual methods */
494
object_class->dispose = dispose;