34
33
Knm::VpnSetting * setting;
36
class EnumPasswordStorage
39
enum PasswordStorage {AlwaysAsk = 0, Save, NotRequired};
41
class EnumEncryptionMethod
44
enum EncryptionMethod {Secure = 0, Weak, None};
49
enum NatT {NattIfAvail = 0, Force, CiscoUdp, Disabled};
54
enum Dh {Dh1 = 0, Dh2, Dh5};
56
class EnumPerfectForwardSecrecy
59
enum PFS {NoPfs = 0, Server, Dh1, Dh2, Dh5};
64
enum Vendor {Cisco = 0, Netscreen};
38
68
VpncSettingWidget::VpncSettingWidget(Knm::Connection * connection, QWidget * parent)
41
71
Q_D(VpncSettingWidget);
43
73
d->ui.setupUi(this);
44
d->ui.cboDHGroup->setCurrentIndex(1); // DH Group 2 default
45
74
d->setting = static_cast<Knm::VpnSetting *>(connection->setting(Knm::Setting::Vpn));
75
connect(d->ui.cboNatTraversal, SIGNAL(currentIndexChanged(int)), this, SLOT(natTraversalChanged(int)));
46
76
connect(d->ui.cboUserPassOptions, SIGNAL(currentIndexChanged(int)), this, SLOT(userPasswordTypeChanged(int)));
47
77
connect(d->ui.cboGroupPassOptions, SIGNAL(currentIndexChanged(int)), this, SLOT(groupPasswordTypeChanged(int)));
55
85
void VpncSettingWidget::userPasswordTypeChanged(int index)
57
87
Q_D(VpncSettingWidget);
58
d->ui.leUserPassword->setEnabled(index == 1);
88
d->ui.leUserPassword->setEnabled(index == VpncSettingWidgetPrivate::EnumPasswordStorage::Save);
61
91
void VpncSettingWidget::groupPasswordTypeChanged(int index)
63
93
Q_D(VpncSettingWidget);
64
d->ui.leGroupPassword->setEnabled(index == 1);
94
d->ui.leGroupPassword->setEnabled(index == VpncSettingWidgetPrivate::EnumPasswordStorage::Save);
97
void VpncSettingWidget::natTraversalChanged(int index)
99
Q_D(VpncSettingWidget);
100
if (index == VpncSettingWidgetPrivate::EnumNatt::CiscoUdp) {
101
d->ui.spbCiscoUdpEncPort->setEnabled(true);
103
d->ui.spbCiscoUdpEncPort->setEnabled(false);
67
107
void VpncSettingWidget::readConfig()
74
114
if (!gateway.isEmpty()) {
75
115
d->ui.leGateway->setText(gateway);
118
QString user = dataMap[NM_VPNC_KEY_XAUTH_USER];
119
if (!user.isEmpty()) {
120
d->ui.leUserName->setText(user);
78
123
QString group = dataMap[NM_VPNC_KEY_ID];
79
124
if (!group.isEmpty()) {
80
125
d->ui.leGroupName->setText(group);
128
if (dataMap[NM_VPNC_KEY_AUTHMODE] == QLatin1String("hybrid")) {
129
d->ui.cbUseHybridAuth->setChecked(true);
130
d->ui.leCaCertPath->setUrl(KUrl(dataMap[NM_VPNC_KEY_CA_FILE]));
82
132
// password storage type is set in readSecrets
84
134
// Optional settings
86
QString user = dataMap[NM_VPNC_KEY_XAUTH_USER];
87
if (!user.isEmpty()) {
88
d->ui.leUserName->setText(user);
92
136
QString domain = dataMap[NM_VPNC_KEY_DOMAIN];
93
137
if (!domain.isEmpty()) {
98
142
if (dataMap[NM_VPNC_KEY_SINGLE_DES] == QLatin1String("yes")) {
99
d->ui.cboEncryptionMethod->setCurrentIndex(1);
143
d->ui.cboEncryptionMethod->setCurrentIndex(VpncSettingWidgetPrivate::EnumEncryptionMethod::Weak);
100
144
} else if (dataMap[NM_VPNC_KEY_NO_ENCRYPTION] == QLatin1String("yes")) {
101
d->ui.cboEncryptionMethod->setCurrentIndex(2);
145
d->ui.cboEncryptionMethod->setCurrentIndex(VpncSettingWidgetPrivate::EnumEncryptionMethod::None);
105
149
if (dataMap[NM_VPNC_KEY_NAT_TRAVERSAL_MODE] == NM_VPNC_NATT_MODE_NATT)
106
d->ui.cboNatTraversal->setCurrentIndex(0);
150
d->ui.cboNatTraversal->setCurrentIndex(VpncSettingWidgetPrivate::EnumNatt::NattIfAvail);
107
151
else if (dataMap[NM_VPNC_KEY_NAT_TRAVERSAL_MODE] == NM_VPNC_NATT_MODE_NATT_ALWAYS)
108
d->ui.cboNatTraversal->setCurrentIndex(1);
152
d->ui.cboNatTraversal->setCurrentIndex(VpncSettingWidgetPrivate::EnumNatt::Force);
109
153
else if (dataMap[NM_VPNC_KEY_NAT_TRAVERSAL_MODE] == NM_VPNC_NATT_MODE_CISCO)
110
d->ui.cboNatTraversal->setCurrentIndex(2);
154
d->ui.cboNatTraversal->setCurrentIndex(VpncSettingWidgetPrivate::EnumNatt::CiscoUdp);
111
155
else if (dataMap[NM_VPNC_KEY_NAT_TRAVERSAL_MODE] == NM_VPNC_NATT_MODE_NONE)
112
d->ui.cboNatTraversal->setCurrentIndex(3);
156
d->ui.cboNatTraversal->setCurrentIndex(VpncSettingWidgetPrivate::EnumNatt::Disabled);
114
158
// dead peer detection
115
159
if (dataMap.contains(NM_VPNC_KEY_DPD_IDLE_TIMEOUT)) {
124
168
QString dhGroup = dataMap.value(NM_VPNC_KEY_DHGROUP);
125
169
if (dhGroup == NM_VPNC_DHGROUP_DH1) {
127
d->ui.cboDHGroup->setCurrentIndex(0);
171
d->ui.cboDHGroup->setCurrentIndex(VpncSettingWidgetPrivate::EnumDh::Dh1);
128
172
} else if (dhGroup == NM_VPNC_DHGROUP_DH2) {
130
d->ui.cboDHGroup->setCurrentIndex(1);
174
d->ui.cboDHGroup->setCurrentIndex(VpncSettingWidgetPrivate::EnumDh::Dh2);
131
175
} else if (dhGroup == NM_VPNC_DHGROUP_DH5) {
133
d->ui.cboDHGroup->setCurrentIndex(2);
177
d->ui.cboDHGroup->setCurrentIndex(VpncSettingWidgetPrivate::EnumDh::Dh5);
181
// Perfect Forward Secrecy
182
if (dataMap.contains(NM_VPNC_KEY_PERFECT_FORWARD)) {
183
QString forwardSecrecy = dataMap.value(NM_VPNC_KEY_PERFECT_FORWARD);
184
if (forwardSecrecy == QLatin1String("nopfs")) {
185
d->ui.cboPerfectForwardSecrecy->setCurrentIndex(VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::NoPfs);
186
} else if (forwardSecrecy == QLatin1String("server")) {
187
d->ui.cboPerfectForwardSecrecy->setCurrentIndex(VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Server);
188
} else if (forwardSecrecy == QLatin1String("dh1")) {
189
d->ui.cboPerfectForwardSecrecy->setCurrentIndex(VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh1);
190
} else if (forwardSecrecy == QLatin1String("dh2")) {
191
d->ui.cboPerfectForwardSecrecy->setCurrentIndex(VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh2);
192
} else if (forwardSecrecy == QLatin1String("dh5")) {
193
d->ui.cboPerfectForwardSecrecy->setCurrentIndex(VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh5);
198
if (dataMap.contains(NM_VPNC_KEY_VENDOR)) {
199
QString vendor = dataMap.value(NM_VPNC_KEY_VENDOR);
200
if (vendor == QLatin1String("cisco")) {
201
d->ui.cboVendor->setCurrentIndex(VpncSettingWidgetPrivate::EnumVendor::Cisco);
202
} else if (vendor == QLatin1String("netscreen")) {
203
d->ui.cboVendor->setCurrentIndex(VpncSettingWidgetPrivate::EnumVendor::Netscreen);
207
// Application Version
208
if (dataMap.contains(NM_VPNC_KEY_APP_VERSION)) {
209
d->ui.leApplicationVersion->setText(dataMap.value(NM_VPNC_KEY_APP_VERSION));
213
if (dataMap.contains(NM_VPNC_KEY_LOCAL_PORT)) {
214
d->ui.spbLocalPort->setValue(dataMap.value(NM_VPNC_KEY_LOCAL_PORT).toInt());
217
// Cisco UDP Encapsulation Port
218
if (dataMap.contains(NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT)) {
219
d->ui.spbCiscoUdpEncPort->setValue(dataMap.value(NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT).toInt());
138
void VpncSettingWidget::fillOnePasswordCombo(QComboBox * combo, const QString & type, bool hasPassword)
223
void VpncSettingWidget::fillOnePasswordCombo(QComboBox * combo, Knm::Setting::secretsTypes type)
140
if (!type.isNull()) {
141
if (type == QLatin1String(NM_VPN_PW_TYPE_SAVE)) {
142
combo->setCurrentIndex(1);
143
} else if (type == QLatin1String(NM_VPN_PW_TYPE_UNUSED)) {
144
combo->setCurrentIndex(2);
146
} else if (!hasPassword) {
147
combo->setCurrentIndex(1);
225
if (type.testFlag(Knm::Setting::AgentOwned) || type.testFlag(Knm::Setting::None)) {
226
combo->setCurrentIndex(VpncSettingWidgetPrivate::EnumPasswordStorage::Save);
227
} else if (type.testFlag(Knm::Setting::NotRequired)) {
228
combo->setCurrentIndex(VpncSettingWidgetPrivate::EnumPasswordStorage::NotRequired);
229
} else if (type.testFlag(Knm::Setting::NotSaved)) {
230
combo->setCurrentIndex(VpncSettingWidgetPrivate::EnumPasswordStorage::AlwaysAsk);
174
if (!d->ui.leUserPassword->text().isEmpty() && d->ui.cboUserPassOptions->currentIndex() == 1) {
256
if (!d->ui.leUserPassword->text().isEmpty() && d->ui.cboUserPassOptions->currentIndex() == VpncSettingWidgetPrivate::EnumPasswordStorage::Save) {
175
257
secretData.insert(NM_VPNC_KEY_XAUTH_PASSWORD, d->ui.leUserPassword->text());
177
259
// group password
178
if (!d->ui.leGroupPassword->text().isEmpty() && d->ui.cboGroupPassOptions->currentIndex() == 1) {
260
if (!d->ui.leGroupPassword->text().isEmpty() && d->ui.cboGroupPassOptions->currentIndex() == VpncSettingWidgetPrivate::EnumPasswordStorage::Save) {
179
261
secretData.insert(NM_VPNC_KEY_SECRET, d->ui.leGroupPassword->text());
181
handleOnePasswordType(d->ui.cboUserPassOptions, NM_VPNC_KEY_XAUTH_PASSWORD, secretsType);
182
handleOnePasswordType(d->ui.cboGroupPassOptions, NM_VPNC_KEY_SECRET, secretsType);
263
handleOnePasswordType(d->ui.cboUserPassOptions, NM_VPNC_KEY_XAUTH_PASSWORD"-flags", data);
264
handleOnePasswordType(d->ui.cboGroupPassOptions, NM_VPNC_KEY_SECRET"-flags", data);
267
if (d->ui.cbUseHybridAuth->isChecked()) {
268
data.insert(NM_VPNC_KEY_AUTHMODE, QLatin1String("hybrid"));
269
data.insert(NM_VPNC_KEY_CA_FILE, d->ui.leCaCertPath->url().path().toUtf8());
184
272
// Optional settings
208
296
switch (d->ui.cboNatTraversal->currentIndex()) {
297
case VpncSettingWidgetPrivate::EnumNatt::Force:
210
298
data.insert(NM_VPNC_KEY_NAT_TRAVERSAL_MODE, QLatin1String(NM_VPNC_NATT_MODE_NATT_ALWAYS));
300
case VpncSettingWidgetPrivate::EnumNatt::CiscoUdp:
213
301
data.insert(NM_VPNC_KEY_NAT_TRAVERSAL_MODE, QLatin1String(NM_VPNC_NATT_MODE_CISCO));
303
case VpncSettingWidgetPrivate::EnumNatt::Disabled:
216
304
data.insert(NM_VPNC_KEY_NAT_TRAVERSAL_MODE, QLatin1String(NM_VPNC_NATT_MODE_NONE));
306
case VpncSettingWidgetPrivate::EnumNatt::NattIfAvail:
220
308
data.insert(NM_VPNC_KEY_NAT_TRAVERSAL_MODE, QLatin1String(NM_VPNC_NATT_MODE_NATT));
234
322
switch (d->ui.cboDHGroup->currentIndex()) {
235
case 0: // DH Group 1
323
case VpncSettingWidgetPrivate::EnumDh::Dh1: // DH Group 1
236
324
data.insert(NM_VPNC_KEY_DHGROUP, NM_VPNC_DHGROUP_DH1);
238
case 1: // DH Group 2
326
case VpncSettingWidgetPrivate::EnumDh::Dh2: // DH Group 2
239
327
data.insert(NM_VPNC_KEY_DHGROUP, NM_VPNC_DHGROUP_DH2);
241
case 2: // DH Group 5
329
case VpncSettingWidgetPrivate::EnumDh::Dh5: // DH Group 5
242
330
data.insert(NM_VPNC_KEY_DHGROUP, NM_VPNC_DHGROUP_DH5);
334
// Perfect Forward Secrecy
335
switch (d->ui.cboPerfectForwardSecrecy->currentIndex()) {
336
case VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::NoPfs:
337
data.insert(NM_VPNC_KEY_PERFECT_FORWARD, QLatin1String("nopfs"));
339
case VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Server:
340
data.insert(NM_VPNC_KEY_PERFECT_FORWARD, QLatin1String("server"));
342
case VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh1:
343
data.insert(NM_VPNC_KEY_PERFECT_FORWARD, QLatin1String("dh1"));
345
case VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh2:
346
data.insert(NM_VPNC_KEY_PERFECT_FORWARD, QLatin1String("dh2"));
348
case VpncSettingWidgetPrivate::EnumPerfectForwardSecrecy::Dh5:
349
data.insert(NM_VPNC_KEY_PERFECT_FORWARD, QLatin1String("dh5"));
354
switch (d->ui.cboVendor->currentIndex()) {
355
case VpncSettingWidgetPrivate::EnumVendor::Cisco:
356
data.insert(NM_VPNC_KEY_VENDOR, QLatin1String("cisco"));
358
case VpncSettingWidgetPrivate::EnumVendor::Netscreen:
359
data.insert(NM_VPNC_KEY_VENDOR, QLatin1String("netscreen"));
363
// Application Version
364
if (!d->ui.leApplicationVersion->text().isEmpty()) {
365
data.insert(NM_VPNC_KEY_APP_VERSION, d->ui.leApplicationVersion->text());
369
data.insert(NM_VPNC_KEY_LOCAL_PORT, QString::number(d->ui.spbLocalPort->value()));
371
// Cisco UDP Encapsulation Port
372
data.insert(NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT, QString::number(d->ui.spbCiscoUdpEncPort->value()));
246
374
d->setting->setData(data);
247
375
d->setting->setVpnSecrets(secretData);
248
d->setting->setSecretsStorageType(secretsType);
251
378
uint VpncSettingWidget::handleOnePasswordType(const QComboBox * combo, const QString & key, QStringMap & data)
253
380
uint type = combo->currentIndex();
256
data.insert(key, NM_VPN_PW_TYPE_ASK);
259
data.insert(key, NM_VPN_PW_TYPE_SAVE);
262
data.insert(key, NM_VPN_PW_TYPE_UNUSED);
382
case VpncSettingWidgetPrivate::EnumPasswordStorage::AlwaysAsk:
383
data.insert(key, QString::number(Knm::Setting::NotSaved));
385
case VpncSettingWidgetPrivate::EnumPasswordStorage::Save:
386
data.insert(key, QString::number(Knm::Setting::AgentOwned));
388
case VpncSettingWidgetPrivate::EnumPasswordStorage::NotRequired:
389
data.insert(key, QString::number(Knm::Setting::NotRequired));
270
397
Q_D(VpncSettingWidget);
271
398
QStringMap secrets = d->setting->vpnSecrets();
272
QStringMap secretsType = d->setting->secretsStorageType();
277
* First time "old" settings are loaded secretsType map is empty, so
278
* try to read from data as fallback
280
userType = secretsType.value(NM_VPNC_KEY_XAUTH_PASSWORD);
281
if (userType.isNull()) {
282
// TODO: change this to use the new Setting::secretsType instead of NM_VPNC_KEY_XAUTH_PASSWORD_TYPE.
283
userType = d->setting->data().value(NM_VPNC_KEY_XAUTH_PASSWORD_TYPE);
285
if (userType == QLatin1String(NM_VPN_PW_TYPE_SAVE)) {
399
Knm::Setting::secretsTypes userType;
400
Knm::Setting::secretsTypes groupType;
402
userType = (Knm::Setting::secretsTypes)d->setting->data().value(NM_VPNC_KEY_XAUTH_PASSWORD"-flags").toInt();
404
if (userType & Knm::Setting::AgentOwned || userType & Knm::Setting::None || !userType) {
286
405
d->ui.leUserPassword->setText(secrets.value(QLatin1String(NM_VPNC_KEY_XAUTH_PASSWORD)));
288
fillOnePasswordCombo(d->ui.cboUserPassOptions, userType, !d->ui.leUserName->text().isEmpty());
290
groupType = secretsType.value(NM_VPNC_KEY_SECRET);
291
if (groupType.isNull()) {
292
// TODO: change this to use the new Setting::secretsType instead of NM_VPNC_KEY_SECRET_TYPE.
293
groupType = d->setting->data().value(NM_VPNC_KEY_SECRET_TYPE);
295
if (groupType == QLatin1String(NM_VPN_PW_TYPE_SAVE)) {
407
fillOnePasswordCombo(d->ui.cboUserPassOptions, userType);
409
groupType = (Knm::Setting::secretsTypes)d->setting->data().value(NM_VPNC_KEY_SECRET"-flags").toInt();
411
if (groupType & Knm::Setting::AgentOwned || groupType & Knm::Setting::None || !groupType) {
296
412
d->ui.leGroupPassword->setText(secrets.value(QLatin1String(NM_VPNC_KEY_SECRET)));
298
fillOnePasswordCombo(d->ui.cboGroupPassOptions, groupType, !d->ui.leGroupPassword->text().isEmpty());
414
fillOnePasswordCombo(d->ui.cboGroupPassOptions, groupType);
301
417
void VpncSettingWidget::validate()