From c7e0b3b8d993c2edaaafa54cd40da9378d641263 Mon Sep 17 00:00:00 2001 From: Jonathan Kang Date: Fri, 27 Oct 2023 16:51:26 +0800 Subject: [PATCH] gnome-control-center-bring-back-firewall-zone.patch --- .../connection-editor/ce-page-ethernet.c | 27 ++++ .../connection-editor/ce-page-security.c | 15 +++ .../network/connection-editor/ce-page-vpn.c | 8 ++ .../connection-editor/ethernet-page.ui | 26 ++++ .../connection-editor/firewall-helpers.c | 125 ++++++++++++++++++ .../connection-editor/firewall-helpers.h | 33 +++++ panels/network/connection-editor/meson.build | 1 + .../connection-editor/security-page.ui | 27 ++++ panels/network/connection-editor/vpn-page.ui | 24 ++++ 9 files changed, 286 insertions(+) create mode 100644 panels/network/connection-editor/firewall-helpers.c create mode 100644 panels/network/connection-editor/firewall-helpers.h diff --git a/panels/network/connection-editor/ce-page-ethernet.c b/panels/network/connection-editor/ce-page-ethernet.c index dce05a3..bba438f 100644 --- a/panels/network/connection-editor/ce-page-ethernet.c +++ b/panels/network/connection-editor/ce-page-ethernet.c @@ -27,6 +27,7 @@ #include "ce-page.h" #include "ce-page-ethernet.h" +#include "firewall-helpers.h" #include "ui-helpers.h" struct _CEPageEthernet @@ -38,8 +39,11 @@ struct _CEPageEthernet GtkSpinButton *mtu_spin; GtkWidget *mtu_label; GtkEntry *name_entry; + GtkLabel *firewall_heading; + GtkComboBoxText *firewall_combo; NMClient *client; + NMConnection *connection; NMSettingConnection *setting_connection; NMSettingWired *setting_wired; }; @@ -78,6 +82,7 @@ static void connect_ethernet_page (CEPageEthernet *self) { NMSettingWired *setting = self->setting_wired; + NMSettingConnection *sc; char **mac_list; const char *s_mac_str; const gchar *name; @@ -107,6 +112,10 @@ connect_ethernet_page (CEPageEthernet *self) g_signal_connect_object (self->name_entry, "changed", G_CALLBACK (ce_page_changed), self, G_CONNECT_SWAPPED); g_signal_connect_object (self->mtu_spin, "value-changed", G_CALLBACK (ce_page_changed), self, G_CONNECT_SWAPPED); + + sc = nm_connection_get_setting_connection (self->connection); + firewall_ui_setup (sc, GTK_WIDGET (self->firewall_combo), GTK_WIDGET (self->firewall_heading), NULL); + g_signal_connect_swapped (self->firewall_combo, "changed", G_CALLBACK (ce_page_changed), self); } static void @@ -134,6 +143,8 @@ ui_to_setting (CEPageEthernet *self) g_object_set (self->setting_connection, NM_SETTING_CONNECTION_ID, gtk_editable_get_text (GTK_EDITABLE (self->name_entry)), NULL); + + firewall_ui_to_setting (self->setting_connection, GTK_WIDGET (self->firewall_combo)); } static const gchar * @@ -177,6 +188,16 @@ ce_page_ethernet_validate (CEPage *page, nm_setting_verify (NM_SETTING (self->setting_wired), NULL, error); } +static void +ce_page_ethernet_dispose (GObject *object) +{ + CEPageEthernet *self = CE_PAGE_ETHERNET (object); + + g_clear_object (&self->connection); + + G_OBJECT_CLASS (ce_page_ethernet_parent_class)->dispose (object); +} + static void ce_page_ethernet_init (CEPageEthernet *self) { @@ -186,8 +207,11 @@ ce_page_ethernet_init (CEPageEthernet *self) static void ce_page_ethernet_class_init (CEPageEthernetClass *klass) { + GObjectClass *object_class = G_OBJECT_CLASS (klass); GtkWidgetClass *widget_class = GTK_WIDGET_CLASS (klass); + object_class->dispose = ce_page_ethernet_dispose; + gtk_widget_class_set_template_from_resource (widget_class, "/org/gnome/control-center/network/ethernet-page.ui"); gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, cloned_mac_combo); @@ -195,6 +219,8 @@ ce_page_ethernet_class_init (CEPageEthernetClass *klass) gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, mtu_spin); gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, mtu_label); gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, name_entry); + gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, firewall_heading); + gtk_widget_class_bind_template_child (widget_class, CEPageEthernet, firewall_combo); } static void @@ -213,6 +239,7 @@ ce_page_ethernet_new (NMConnection *connection, self = CE_PAGE_ETHERNET (g_object_new (ce_page_ethernet_get_type (), NULL)); self->client = client; + self->connection = g_object_ref (connection); self->setting_connection = nm_connection_get_setting_connection (connection); self->setting_wired = nm_connection_get_setting_wired (connection); diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c index ae6fbd4..b8a1b83 100644 --- a/panels/network/connection-editor/ce-page-security.c +++ b/panels/network/connection-editor/ce-page-security.c @@ -27,6 +27,7 @@ #include "ce-page.h" #include "ce-page-security.h" +#include "firewall-helpers.h" #include "nma-ws.h" struct _CEPageSecurity @@ -36,6 +37,8 @@ struct _CEPageSecurity GtkBox *box; GtkComboBox *security_combo; GtkLabel *security_label; + GtkComboBox *firewall_combo; + GtkWidget *firewall_heading; NMConnection *connection; const gchar *security_setting; @@ -165,6 +168,7 @@ security_combo_changed (CEPageSecurity *self) gtk_box_remove (self->box, GTK_WIDGET (sec)); gtk_size_group_add_widget (self->group, GTK_WIDGET (self->security_label)); + gtk_size_group_add_widget (self->group, self->firewall_heading); nma_ws_add_to_size_group (sec, self->group); gtk_box_append (self->box, g_object_ref (GTK_WIDGET (sec))); @@ -222,6 +226,7 @@ finish_setup (CEPageSecurity *self) { NMSettingWireless *sw; NMSettingWirelessSecurity *sws; + NMSettingConnection *sc; gboolean is_adhoc = FALSE; g_autoptr(GtkListStore) sec_model = NULL; GtkTreeIter iter; @@ -388,6 +393,10 @@ finish_setup (CEPageSecurity *self) gtk_combo_box_set_active (self->security_combo, active < 0 ? 0 : (guint32) active); + sc = nm_connection_get_setting_connection (self->connection); + firewall_ui_setup (sc, GTK_WIDGET (self->firewall_combo), self->firewall_heading, NULL); + g_signal_connect_swapped (self->firewall_combo, "changed", G_CALLBACK (ce_page_changed), self); + security_combo_changed (self); g_signal_connect_object (self->security_combo, "changed", G_CALLBACK (security_combo_changed), self, G_CONNECT_SWAPPED); @@ -423,6 +432,7 @@ ce_page_security_validate (CEPage *page, { CEPageSecurity *self = CE_PAGE_SECURITY (page); NMSettingWireless *sw; + NMSettingConnection *sc; NMAWs *sec; gboolean valid = FALSE; const char *mode; @@ -479,6 +489,9 @@ ce_page_security_validate (CEPage *page, } + sc = nm_connection_get_setting_connection (connection); + firewall_ui_to_setting (sc, GTK_WIDGET (CE_PAGE_SECURITY (self)->firewall_combo)); + return valid; } @@ -501,6 +514,8 @@ ce_page_security_class_init (CEPageSecurityClass *klass) gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, box); gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, security_label); gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, security_combo); + gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, firewall_heading); + gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, firewall_combo); } static void diff --git a/panels/network/connection-editor/ce-page-vpn.c b/panels/network/connection-editor/ce-page-vpn.c index 36afde5..edbf331 100644 --- a/panels/network/connection-editor/ce-page-vpn.c +++ b/panels/network/connection-editor/ce-page-vpn.c @@ -35,6 +35,8 @@ struct _CEPageVpn GtkLabel *failure_label; GtkEntry *name_entry; + GtkLabel *firewall_heading; + GtkComboBoxText *firewall_combo; NMConnection *connection; NMSettingConnection *setting_connection; @@ -123,6 +125,9 @@ connect_vpn_page (CEPageVpn *self) name = nm_setting_connection_get_id (self->setting_connection); gtk_editable_set_text (GTK_EDITABLE (self->name_entry), name); g_signal_connect_object (self->name_entry, "changed", G_CALLBACK (ce_page_changed), self, G_CONNECT_SWAPPED); + + firewall_ui_setup (self->setting_connection, GTK_WIDGET (self->firewall_combo), GTK_WIDGET (self->firewall_heading), NULL); + g_signal_connect_swapped (self->firewall_combo, "changed", G_CALLBACK (ce_page_changed), self); } static void @@ -158,6 +163,7 @@ ce_page_vpn_validate (CEPage *page, g_object_set (self->setting_connection, NM_SETTING_CONNECTION_ID, gtk_editable_get_text (GTK_EDITABLE (self->name_entry)), NULL); + firewall_ui_to_setting (self->setting_connection, GTK_WIDGET (self->firewall_combo)); if (!nm_setting_verify (NM_SETTING (self->setting_connection), NULL, error)) return FALSE; @@ -186,6 +192,8 @@ ce_page_vpn_class_init (CEPageVpnClass *class) gtk_widget_class_bind_template_child (widget_class, CEPageVpn, failure_label); gtk_widget_class_bind_template_child (widget_class, CEPageVpn, name_entry); + gtk_widget_class_bind_template_child (widget_class, CEPageVpn, firewall_heading); + gtk_widget_class_bind_template_child (widget_class, CEPageVpn, firewall_combo); } static void diff --git a/panels/network/connection-editor/ethernet-page.ui b/panels/network/connection-editor/ethernet-page.ui index e35a18a..c3618a9 100644 --- a/panels/network/connection-editor/ethernet-page.ui +++ b/panels/network/connection-editor/ethernet-page.ui @@ -117,5 +117,31 @@ + + + True + False + 1 + Firewall _Zone + True + firewall_combo + + 0 + 4 + + + + + + True + False + 0 + 1 + + 1 + 4 + + + diff --git a/panels/network/connection-editor/firewall-helpers.c b/panels/network/connection-editor/firewall-helpers.c new file mode 100644 index 0000000..2e2c29f --- /dev/null +++ b/panels/network/connection-editor/firewall-helpers.c @@ -0,0 +1,125 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * (C) Copyright 2013 Red Hat, Inc. + */ + +#include "config.h" + +#include +#include + +#include "firewall-helpers.h" + +typedef struct { + gchar *zone; + GtkWidget *combo; + GtkWidget *label; +} GetZonesReplyData; + +static void +get_zones_reply (GObject *source, + GAsyncResult *res, + gpointer user_data) +{ + GDBusConnection *bus = G_DBUS_CONNECTION (source); + GetZonesReplyData *d = user_data; + GVariant *ret; + GError *error = NULL; + const gchar **zones; + gint idx; + gint i; + + ret = g_dbus_connection_call_finish (bus, res, &error); + + gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (d->combo), + C_("Firewall zone", "Default")); + gtk_widget_set_tooltip_text (d->combo, _("The zone defines the trust level of the connection")); + + idx = 0; + if (error) { + gtk_widget_hide (d->combo); + gtk_widget_hide (d->label); + g_error_free (error); + } + else { + gtk_widget_show (d->combo); + gtk_widget_show (d->label); + g_variant_get (ret, "(^a&s)", &zones); + + for (i = 0; zones[i]; i++) { + gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (d->combo), + zones[i]); + if (g_strcmp0 (d->zone, zones[i]) == 0) + idx = i + 1; + } + if (d->zone && idx == 0) { + gtk_combo_box_text_append_text (GTK_COMBO_BOX_TEXT (d->combo), + d->zone); + idx = i + 1; + } + g_variant_unref (ret); + } + gtk_combo_box_set_active (GTK_COMBO_BOX (d->combo), idx); + + g_free (d->zone); + g_free (d); +} + +void +firewall_ui_setup (NMSettingConnection *setting, + GtkWidget *combo, + GtkWidget *label, + GCancellable *cancellable) +{ + GDBusConnection *bus; + GetZonesReplyData *d; + + bus = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, NULL); + + d = g_new0 (GetZonesReplyData, 1); + d->zone = g_strdup (nm_setting_connection_get_zone (setting)); + d->combo = combo; + d->label = label; + + g_dbus_connection_call (bus, + "org.fedoraproject.FirewallD1", + "/org/fedoraproject/FirewallD1", + "org.fedoraproject.FirewallD1.zone", + "getZones", + NULL, + NULL, + 0, + G_MAXINT, + cancellable, + get_zones_reply, d); + g_object_unref (bus); +} + +void +firewall_ui_to_setting (NMSettingConnection *setting, GtkWidget *combo) +{ + gchar *zone; + + zone = gtk_combo_box_text_get_active_text (GTK_COMBO_BOX_TEXT (combo)); + if (g_strcmp0 (zone, C_("Firewall zone", "Default")) == 0) { + g_free (zone); + zone = NULL; + } + + g_object_set (setting, NM_SETTING_CONNECTION_ZONE, zone, NULL); + g_free (zone); +} diff --git a/panels/network/connection-editor/firewall-helpers.h b/panels/network/connection-editor/firewall-helpers.h new file mode 100644 index 0000000..213c515 --- /dev/null +++ b/panels/network/connection-editor/firewall-helpers.h @@ -0,0 +1,33 @@ +/* + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * (C) Copyright 2013 Red Hat, Inc. + */ + +#ifndef _FIREWALL_HELPERS_H_ +#define _FIREWALL_HELPERS_H_ + +#include +#include + +void firewall_ui_setup (NMSettingConnection *setting, + GtkWidget *combo, + GtkWidget *label, + GCancellable *cancellable); +void firewall_ui_to_setting (NMSettingConnection *setting, + GtkWidget *combo); + + +#endif /* _FIREWALL_HELPERS_H_ */ diff --git a/panels/network/connection-editor/meson.build b/panels/network/connection-editor/meson.build index c544b21..7377fc0 100644 --- a/panels/network/connection-editor/meson.build +++ b/panels/network/connection-editor/meson.build @@ -13,6 +13,7 @@ sources = files( 'ce-page-wireguard.c', 'ce-page-wifi.c', 'ce-page.c', + 'firewall-helpers.c', 'net-connection-editor.c', 'vpn-helpers.c' ) diff --git a/panels/network/connection-editor/security-page.ui b/panels/network/connection-editor/security-page.ui index 9a1c0de..ba31a81 100644 --- a/panels/network/connection-editor/security-page.ui +++ b/panels/network/connection-editor/security-page.ui @@ -41,5 +41,32 @@ + + + True + False + 1 + Firewall _Zone + True + firewall_combo + + 0 + 2 + + + + + + True + False + True + 0 + 1 + + 1 + 2 + + + diff --git a/panels/network/connection-editor/vpn-page.ui b/panels/network/connection-editor/vpn-page.ui index 98f801b..73bbef8 100644 --- a/panels/network/connection-editor/vpn-page.ui +++ b/panels/network/connection-editor/vpn-page.ui @@ -28,6 +28,30 @@ + + + True + False + 6 + + + True + False + Firewall _Zone + True + firewall_combo + + + + + True + False + 0 + 1 + + + + 0 -- 2.42.0