2
Copyright (c) 2013 Lukas Tinkl <ltinkl@redhat.com>
4
This library is free software; you can redistribute it and/or
5
modify it under the terms of the GNU Lesser General Public
6
License as published by the Free Software Foundation; either
7
version 2.1 of the License, or (at your option) version 3, or any
8
later version accepted by the membership of KDE e.V. (or its
9
successor approved by the membership of KDE e.V.), which shall
10
act as a proxy defined in Section 6 of version 3 of the license.
12
This library is distributed in the hope that it will be useful,
13
but WITHOUT ANY WARRANTY; without even the implied warranty of
14
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
Lesser General Public License for more details.
17
You should have received a copy of the GNU Lesser General Public
18
License along with this library. If not, see <http://www.gnu.org/licenses/>.
21
#include "security802-1x.h"
22
#include "ui_802-1x.h"
25
#include <KAcceleratorManager>
27
Security8021x::Security8021x(const NetworkManager::Security8021xSetting::Ptr &setting, bool wifiMode, QWidget *parent) :
30
m_ui(new Ui::Security8021x)
34
m_ui->auth->setItemData(0, NetworkManager::Security8021xSetting::EapMethodMd5);
35
m_ui->auth->setItemData(1, NetworkManager::Security8021xSetting::EapMethodTls);
36
m_ui->auth->setItemData(2, NetworkManager::Security8021xSetting::EapMethodLeap);
37
m_ui->auth->setItemData(3, NetworkManager::Security8021xSetting::EapMethodFast);
38
m_ui->auth->setItemData(4, NetworkManager::Security8021xSetting::EapMethodTtls);
39
m_ui->auth->setItemData(5, NetworkManager::Security8021xSetting::EapMethodPeap);
41
connect(m_ui->cbShowMd5Password, SIGNAL(toggled(bool)), SLOT(setShowMD5Password(bool)));
42
connect(m_ui->cbShowTlsPassword, SIGNAL(toggled(bool)), SLOT(setShowTlsPrivateKeyPassword(bool)));
43
connect(m_ui->cbShowLeapPassword, SIGNAL(toggled(bool)), SLOT(setShowLeapPassword(bool)));
44
connect(m_ui->cbShowFastPassword, SIGNAL(toggled(bool)), SLOT(setShowFastPassword(bool)));
45
connect(m_ui->cbShowTtlsPassword, SIGNAL(toggled(bool)), SLOT(setShowTtlsPassword(bool)));
46
connect(m_ui->cbShowPeapPassword, SIGNAL(toggled(bool)), SLOT(setShowPeapPassword(bool)));
48
connect(m_ui->cbAskMd5Password, SIGNAL(toggled(bool)), m_ui->cbShowMd5Password, SLOT(setDisabled(bool)));
49
connect(m_ui->cbAskFastPassword, SIGNAL(toggled(bool)), m_ui->cbShowFastPassword, SLOT(setDisabled(bool)));
50
connect(m_ui->cbAskPeapPassword, SIGNAL(toggled(bool)), m_ui->cbShowPeapPassword, SLOT(setDisabled(bool)));
51
connect(m_ui->cbAskTtlsPassword, SIGNAL(toggled(bool)), m_ui->cbShowTtlsPassword, SLOT(setDisabled(bool)));
54
m_ui->auth->removeItem(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodMd5)); // MD 5
55
m_ui->stackedWidget->removeWidget(m_ui->md5Page);
57
m_ui->auth->removeItem(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodLeap)); // LEAP
58
m_ui->stackedWidget->removeWidget(m_ui->leapPage);
61
KAcceleratorManager::manage(this);
62
connect(m_ui->stackedWidget, SIGNAL(currentChanged(int)), SLOT(currentAuthChanged(int)));
68
Security8021x::~Security8021x()
73
void Security8021x::loadConfig()
75
const QList<NetworkManager::Security8021xSetting::EapMethod> eapMethods = m_setting->eapMethods();
76
const NetworkManager::Security8021xSetting::AuthMethod phase2AuthMethod = m_setting->phase2AuthMethod();
77
const bool notSavedPassword = m_setting->passwordFlags() & NetworkManager::Setting::NotSaved;
79
if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodMd5)) {
80
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodMd5));
81
m_ui->md5UserName->setText(m_setting->identity());
82
m_ui->md5Password->setText(m_setting->password());
83
m_ui->cbAskMd5Password->setChecked(notSavedPassword);
84
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodTls)) {
85
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodTls));
86
m_ui->tlsIdentity->setText(m_setting->identity());
87
m_ui->tlsUserCert->setText(m_setting->clientCertificate()); // FIXME check the blob vs. path case
88
m_ui->tlsCACert->setText(m_setting->caCertificate()); // FIXME check the blob vs. path case
89
m_ui->tlsPrivateKey->setText(m_setting->privateKey()); // FIXME check the blob vs. path case
90
m_ui->tlsPrivateKeyPassword->setText(m_setting->privateKeyPassword());
91
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodLeap)) {
92
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodLeap));
93
m_ui->leapUsername->setText(m_setting->identity());
94
m_ui->leapPassword->setText(m_setting->password());
95
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodFast)) {
96
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodFast));
97
m_ui->fastAnonIdentity->setText(m_setting->anonymousIdentity());
98
m_ui->fastAllowPacProvisioning->setChecked((int)m_setting->phase1FastProvisioning() > 0);
99
m_ui->pacMethod->setCurrentIndex(m_setting->phase1FastProvisioning() - 1);
100
m_ui->pacFile->setText(m_setting->pacFile()); // TODO check the file scheme used
101
if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodGtc)
102
m_ui->fastInnerAuth->setCurrentIndex(0);
104
m_ui->fastInnerAuth->setCurrentIndex(1);
105
m_ui->fastUsername->setText(m_setting->identity());
106
m_ui->fastPassword->setText(m_setting->password());
107
m_ui->cbAskFastPassword->setChecked(notSavedPassword);
108
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodTtls)) {
109
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodTtls));
110
m_ui->ttlsAnonIdentity->setText(m_setting->anonymousIdentity());
111
m_ui->ttlsCACert->setText(m_setting->caCertificate()); // FIXME check the blob vs. path case
112
if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodPap)
113
m_ui->ttlsInnerAuth->setCurrentIndex(0);
114
else if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodMschap)
115
m_ui->ttlsInnerAuth->setCurrentIndex(1);
116
else if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodMschapv2)
117
m_ui->ttlsInnerAuth->setCurrentIndex(2);
118
else if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodChap)
119
m_ui->ttlsInnerAuth->setCurrentIndex(3);
120
m_ui->ttlsUsername->setText(m_setting->identity());
121
m_ui->ttlsPassword->setText(m_setting->password());
122
m_ui->cbAskTtlsPassword->setChecked(notSavedPassword);
123
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodPeap)) {
124
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodPeap));
125
m_ui->peapAnonIdentity->setText(m_setting->anonymousIdentity());
126
m_ui->peapCACert->setText(m_setting->caCertificate()); // FIXME check the blob vs. path case
127
m_ui->peapVersion->setCurrentIndex(m_setting->phase1PeapVersion() + 1);
128
if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodMschapv2)
129
m_ui->peapInnerAuth->setCurrentIndex(0);
130
else if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodMd5)
131
m_ui->peapInnerAuth->setCurrentIndex(1);
132
else if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodGtc)
133
m_ui->peapInnerAuth->setCurrentIndex(2);
134
m_ui->peapUsername->setText(m_setting->identity());
135
m_ui->peapPassword->setText(m_setting->password());
136
m_ui->cbAskPeapPassword->setChecked(notSavedPassword);
140
QVariantMap Security8021x::setting(bool agentOwned) const
142
NetworkManager::Security8021xSetting setting;
144
NetworkManager::Security8021xSetting::EapMethod method =
145
static_cast<NetworkManager::Security8021xSetting::EapMethod>(m_ui->auth->itemData(m_ui->auth->currentIndex()).toInt());
147
setting.setEapMethods(QList<NetworkManager::Security8021xSetting::EapMethod>() << method);
149
if (method == NetworkManager::Security8021xSetting::EapMethodMd5) {
150
if (!m_ui->md5UserName->text().isEmpty())
151
setting.setIdentity(m_ui->md5UserName->text());
152
if (m_ui->cbAskMd5Password->isChecked())
153
setting.setPasswordFlags(NetworkManager::Setting::NotSaved);
154
else if (!m_ui->md5Password->text().isEmpty())
155
setting.setPassword(m_ui->md5Password->text());
157
if (agentOwned && !m_ui->cbAskMd5Password->isChecked()) {
158
setting.setPasswordFlags(NetworkManager::Setting::AgentOwned);
160
} else if (method == NetworkManager::Security8021xSetting::EapMethodTls) {
161
if (!m_ui->tlsIdentity->text().isEmpty())
162
setting.setIdentity(m_ui->tlsIdentity->text());
163
if (!m_ui->tlsUserCert->url().isEmpty())
164
setting.setClientCertificate(QFile::encodeName(m_ui->tlsUserCert->url().url()));
165
if (!m_ui->tlsCACert->url().isEmpty())
166
setting.setCaCertificate(QFile::encodeName(m_ui->tlsCACert->url().url()));
167
if (!m_ui->tlsPrivateKey->url().isEmpty())
168
setting.setPrivateKey(QFile::encodeName(m_ui->tlsPrivateKey->url().url()));
169
if (!m_ui->tlsPrivateKeyPassword->text().isEmpty())
170
setting.setPrivateKeyPassword(m_ui->tlsPrivateKeyPassword->text());
173
setting.setPrivateKeyPasswordFlags(NetworkManager::Setting::AgentOwned);
175
} else if (method == NetworkManager::Security8021xSetting::EapMethodLeap) {
176
if (!m_ui->leapUsername->text().isEmpty())
177
setting.setIdentity(m_ui->leapUsername->text());
178
if (!m_ui->leapPassword->text().isEmpty())
179
setting.setPassword(m_ui->leapPassword->text());
182
setting.setPasswordFlags(NetworkManager::Setting::AgentOwned);
184
} else if (method == NetworkManager::Security8021xSetting::EapMethodFast) {
185
if (!m_ui->fastAnonIdentity->text().isEmpty())
186
setting.setAnonymousIdentity(m_ui->fastAnonIdentity->text());
187
if (!m_ui->fastAllowPacProvisioning->isChecked()) {
188
setting.setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioningDisabled);
190
setting.setPhase1FastProvisioning(static_cast<NetworkManager::Security8021xSetting::FastProvisioning>(m_ui->pacMethod->currentIndex() + 1));
192
if (!m_ui->pacFile->text().isEmpty())
193
setting.setPacFile(QFile::encodeName(m_ui->pacFile->url().url()));
194
if (m_ui->fastInnerAuth->currentIndex() == 0)
195
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodGtc);
197
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2);
198
if (!m_ui->fastUsername->text().isEmpty())
199
setting.setIdentity(m_ui->fastUsername->text());
200
if (m_ui->cbAskFastPassword->isChecked())
201
setting.setPasswordFlags(NetworkManager::Setting::NotSaved);
202
else if (!m_ui->fastPassword->text().isEmpty())
203
setting.setPassword(m_ui->fastPassword->text());
205
if (agentOwned && !m_ui->cbAskFastPassword->isChecked()) {
206
setting.setPasswordFlags(NetworkManager::Setting::AgentOwned);
208
} else if (method == NetworkManager::Security8021xSetting::EapMethodTtls) {
209
if (!m_ui->ttlsAnonIdentity->text().isEmpty())
210
setting.setAnonymousIdentity(m_ui->ttlsAnonIdentity->text());
211
if (!m_ui->ttlsCACert->text().isEmpty())
212
setting.setCaCertificate(QFile::encodeName(m_ui->ttlsCACert->url().url()));
213
const int innerAuth = m_ui->ttlsInnerAuth->currentIndex();
215
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodPap);
216
else if (innerAuth == 1)
217
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschap);
218
else if (innerAuth == 2)
219
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2);
220
else if (innerAuth == 3)
221
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodChap);
222
if (!m_ui->ttlsUsername->text().isEmpty())
223
setting.setIdentity(m_ui->ttlsUsername->text());
224
if (m_ui->cbAskTtlsPassword->isChecked())
225
setting.setPasswordFlags(NetworkManager::Setting::NotSaved);
226
else if (!m_ui->ttlsPassword->text().isEmpty())
227
setting.setPassword(m_ui->ttlsPassword->text());
229
if (agentOwned && !m_ui->cbAskTtlsPassword->isChecked()) {
230
setting.setPasswordFlags(NetworkManager::Setting::AgentOwned);
232
} else if (method == NetworkManager::Security8021xSetting::EapMethodPeap) {
233
if (!m_ui->peapAnonIdentity->text().isEmpty())
234
setting.setAnonymousIdentity(m_ui->peapAnonIdentity->text());
235
if (!m_ui->peapCACert->text().isEmpty())
236
setting.setCaCertificate(QFile::encodeName(m_ui->peapCACert->url().url()));
237
setting.setPhase1PeapVersion(static_cast<NetworkManager::Security8021xSetting::PeapVersion>(m_ui->peapVersion->currentIndex() - 1));
238
const int innerAuth = m_ui->peapInnerAuth->currentIndex();
240
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMschapv2);
241
else if (innerAuth == 1)
242
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodMd5);
243
else if (innerAuth == 2)
244
setting.setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethodGtc);
245
if (m_ui->cbAskPeapPassword->isChecked())
246
setting.setPasswordFlags(NetworkManager::Setting::NotSaved);
247
else if (!m_ui->peapPassword->text().isEmpty())
248
setting.setPassword(m_ui->peapPassword->text());
249
if (!m_ui->peapUsername->text().isEmpty())
250
setting.setIdentity(m_ui->peapUsername->text());
252
if (agentOwned && !m_ui->cbAskPeapPassword->isChecked()) {
253
setting.setPasswordFlags(NetworkManager::Setting::AgentOwned);
257
return setting.toMap();
260
void Security8021x::setShowMD5Password(bool on)
262
m_ui->md5Password->setPasswordMode(!on);
265
void Security8021x::setShowTlsPrivateKeyPassword(bool on)
267
m_ui->tlsPrivateKeyPassword->setPasswordMode(!on);
270
void Security8021x::setShowLeapPassword(bool on)
272
m_ui->leapPassword->setPasswordMode(!on);
275
void Security8021x::setShowFastPassword(bool on)
277
m_ui->fastPassword->setPasswordMode(!on);
280
void Security8021x::setShowTtlsPassword(bool on)
282
m_ui->ttlsPassword->setPasswordMode(!on);
285
void Security8021x::setShowPeapPassword(bool on)
287
m_ui->peapPassword->setPasswordMode(!on);
290
void Security8021x::currentAuthChanged(int index)
293
KAcceleratorManager::manage(m_ui->stackedWidget->currentWidget());