2013-10-17 12:31:38 +02:00
|
|
|
From b72c423a344f2e455c17978bab76eb29912d0b5b Mon Sep 17 00:00:00 2001
|
2012-06-29 10:52:02 +02:00
|
|
|
From: Gary Ching-Pang Lin <chingpang@gmail.com>
|
|
|
|
Date: Tue, 14 Feb 2012 18:41:51 +0800
|
|
|
|
Subject: [PATCH] network: create private connections if the user if not
|
|
|
|
authorized
|
|
|
|
|
|
|
|
This commit checks whether the polkit policy allows the user to
|
|
|
|
create a system connection without authentication. If not, create
|
|
|
|
private connections.
|
|
|
|
|
|
|
|
https://bugzilla.gnome.org/show_bug.cgi?id=646187
|
|
|
|
---
|
2013-10-07 10:47:00 +02:00
|
|
|
configure.ac | 3 ++-
|
|
|
|
panels/network/cc-network-panel.c | 40 ++++++++++++++++++++++++++++++++++++--
|
|
|
|
panels/network/cc-network-panel.h | 2 ++
|
|
|
|
panels/network/net-device-mobile.c | 5 ++++-
|
|
|
|
panels/network/net-device-wifi.c | 25 +++++++++++++++++++++++-
|
|
|
|
panels/network/network-dialogs.c | 22 +++++++++++++++++++--
|
|
|
|
panels/network/network-dialogs.h | 6 ++++--
|
|
|
|
7 files changed, 94 insertions(+), 9 deletions(-)
|
2012-06-29 10:52:02 +02:00
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
diff --git a/configure.ac b/configure.ac
|
2013-10-17 12:31:38 +02:00
|
|
|
index b0b492d..4453123 100644
|
2013-10-07 10:47:00 +02:00
|
|
|
--- a/configure.ac
|
|
|
|
+++ b/configure.ac
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -134,7 +134,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMON_MODULES
|
2012-06-29 10:52:02 +02:00
|
|
|
PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES)
|
|
|
|
PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2
|
|
|
|
gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11)
|
2013-10-07 10:47:00 +02:00
|
|
|
-PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES gmodule-2.0)
|
|
|
|
+PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES gmodule-2.0
|
|
|
|
+ polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION)
|
|
|
|
PKG_CHECK_MODULES(NOTIFICATIONS_PANEL, $COMMON_MODULES libgnome-menu-3.0)
|
2012-09-12 11:27:40 +02:00
|
|
|
PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0 >= $GOA_REQUIRED_VERSION)
|
2012-06-29 10:52:02 +02:00
|
|
|
PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.9.1
|
2013-10-07 10:47:00 +02:00
|
|
|
diff --git a/panels/network/cc-network-panel.c b/panels/network/cc-network-panel.c
|
2013-10-17 12:31:38 +02:00
|
|
|
index 4fa3706..7bae539 100644
|
2013-10-07 10:47:00 +02:00
|
|
|
--- a/panels/network/cc-network-panel.c
|
|
|
|
+++ b/panels/network/cc-network-panel.c
|
|
|
|
@@ -24,6 +24,8 @@
|
2012-09-14 14:37:21 +02:00
|
|
|
#include <glib/gi18n.h>
|
2012-06-29 10:52:02 +02:00
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
+#include <polkit/polkit.h>
|
|
|
|
+
|
|
|
|
#include "cc-network-panel.h"
|
2013-10-07 10:47:00 +02:00
|
|
|
#include "cc-network-resources.h"
|
2012-06-29 10:52:02 +02:00
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -87,6 +89,9 @@ struct _CcNetworkPanelPrivate
|
2012-06-29 10:52:02 +02:00
|
|
|
gchar *arg_device;
|
|
|
|
gchar *arg_access_point;
|
|
|
|
gboolean operation_done;
|
|
|
|
+
|
|
|
|
+ /* polkit authentication check */
|
|
|
|
+ gboolean default_private;
|
|
|
|
};
|
|
|
|
|
|
|
|
enum {
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -574,13 +579,13 @@ handle_argv_for_device (CcNetworkPanel *panel,
|
|
|
|
return TRUE;
|
|
|
|
} else if (g_strcmp0 (nm_object_get_path (NM_OBJECT (device)), priv->arg_device) == 0) {
|
|
|
|
if (priv->arg_operation == OPERATION_CONNECT_MOBILE) {
|
|
|
|
- cc_network_panel_connect_to_3g_network (toplevel, priv->client, priv->remote_settings, device);
|
|
|
|
+ cc_network_panel_connect_to_3g_network (toplevel, priv->client, priv->remote_settings, device, priv->default_private);
|
|
|
|
|
|
|
|
reset_command_line_args (panel); /* done */
|
|
|
|
select_tree_iter (panel, iter);
|
|
|
|
return TRUE;
|
|
|
|
} else if (priv->arg_operation == OPERATION_CONNECT_8021X) {
|
|
|
|
- cc_network_panel_connect_to_8021x_network (toplevel, priv->client, priv->remote_settings, device, priv->arg_access_point);
|
|
|
|
+ cc_network_panel_connect_to_8021x_network (toplevel, priv->client, priv->remote_settings, device, priv->arg_access_point, priv->default_private);
|
|
|
|
reset_command_line_args (panel); /* done */
|
|
|
|
select_tree_iter (panel, iter);
|
|
|
|
return TRUE;
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -1355,6 +1360,9 @@ cc_network_panel_init (CcNetworkPanel *panel)
|
2012-06-29 10:52:02 +02:00
|
|
|
GtkWidget *widget;
|
|
|
|
GtkWidget *toplevel;
|
2013-10-07 10:47:00 +02:00
|
|
|
GDBusConnection *system_bus;
|
2012-06-29 10:52:02 +02:00
|
|
|
+ PolkitSubject *subject;
|
|
|
|
+ PolkitAuthority *authority;
|
|
|
|
+ PolkitAuthorizationResult *result;
|
|
|
|
|
|
|
|
panel->priv = NETWORK_PANEL_PRIVATE (panel);
|
2013-10-07 10:47:00 +02:00
|
|
|
g_resources_register (cc_network_get_resource ());
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -1458,4 +1466,32 @@ cc_network_panel_init (CcNetworkPanel *panel)
|
2013-10-07 10:47:00 +02:00
|
|
|
widget = GTK_WIDGET (gtk_builder_get_object (panel->priv->builder,
|
|
|
|
"vbox1"));
|
2013-10-17 12:31:38 +02:00
|
|
|
gtk_container_add (GTK_CONTAINER (panel), widget);
|
2012-06-29 10:52:02 +02:00
|
|
|
+
|
|
|
|
+ /* check the polkit authentication */
|
|
|
|
+ panel->priv->default_private = TRUE;
|
|
|
|
+ authority = polkit_authority_get_sync (NULL, NULL);
|
2013-10-07 10:47:00 +02:00
|
|
|
+ subject = polkit_unix_process_new_for_owner (getpid (), 0, -1);
|
2012-06-29 10:52:02 +02:00
|
|
|
+ result = polkit_authority_check_authorization_sync (authority,
|
|
|
|
+ subject,
|
|
|
|
+ "org.freedesktop.NetworkManager.settings.modify.system",
|
|
|
|
+ NULL,
|
|
|
|
+ POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
|
|
|
|
+ NULL,
|
|
|
|
+ &error);
|
|
|
|
+ if (error || !result) {
|
|
|
|
+ g_warning ("Failed to check polkit authorization! %s",
|
|
|
|
+ error->message);
|
|
|
|
+ g_clear_error (&error);
|
|
|
|
+ } else if (polkit_authorization_result_get_is_authorized (result)) {
|
|
|
|
+ panel->priv->default_private = FALSE;
|
|
|
|
+ }
|
|
|
|
+ g_object_unref (result);
|
|
|
|
+ g_object_unref (authority);
|
|
|
|
+ g_object_unref (subject);
|
2013-10-07 10:47:00 +02:00
|
|
|
+}
|
2012-06-29 10:52:02 +02:00
|
|
|
+
|
|
|
|
+gboolean
|
|
|
|
+cc_network_panel_get_default_private (CcNetworkPanel *panel)
|
|
|
|
+{
|
|
|
|
+ return panel->priv->default_private;
|
2013-10-07 10:47:00 +02:00
|
|
|
}
|
|
|
|
diff --git a/panels/network/cc-network-panel.h b/panels/network/cc-network-panel.h
|
|
|
|
index f869c3f..d3773b2 100644
|
|
|
|
--- a/panels/network/cc-network-panel.h
|
|
|
|
+++ b/panels/network/cc-network-panel.h
|
|
|
|
@@ -67,6 +67,8 @@ GType cc_network_panel_get_type (void) G_GNUC_CONST;
|
2012-06-29 10:52:02 +02:00
|
|
|
|
2013-03-13 23:38:52 +01:00
|
|
|
GPtrArray *cc_network_panel_get_devices (CcNetworkPanel *panel);
|
2012-06-29 10:52:02 +02:00
|
|
|
|
|
|
|
+gboolean cc_network_panel_get_default_private (CcNetworkPanel *panel);
|
|
|
|
+
|
|
|
|
G_END_DECLS
|
|
|
|
|
|
|
|
#endif /* _CC_NETWORK_PANEL_H */
|
2013-10-07 10:47:00 +02:00
|
|
|
diff --git a/panels/network/net-device-mobile.c b/panels/network/net-device-mobile.c
|
2013-10-17 12:31:38 +02:00
|
|
|
index dad3a4a..c671637 100644
|
2013-10-07 10:47:00 +02:00
|
|
|
--- a/panels/network/net-device-mobile.c
|
|
|
|
+++ b/panels/network/net-device-mobile.c
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -141,12 +141,15 @@ mobile_connection_changed_cb (GtkComboBox *combo_box, NetDeviceMobile *device_mo
|
2013-10-07 10:47:00 +02:00
|
|
|
COLUMN_ID, &object_path,
|
|
|
|
-1);
|
|
|
|
if (g_strcmp0 (object_path, NULL) == 0) {
|
|
|
|
+ gboolean default_private;
|
|
|
|
panel = net_object_get_panel (NET_OBJECT (device_mobile));
|
|
|
|
toplevel = cc_shell_get_toplevel (cc_panel_get_shell (CC_PANEL (panel)));
|
|
|
|
+ default_private = cc_network_panel_get_default_private (panel);
|
|
|
|
cc_network_panel_connect_to_3g_network (toplevel,
|
|
|
|
client,
|
|
|
|
remote_settings,
|
|
|
|
- device);
|
|
|
|
+ device,
|
|
|
|
+ default_private);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c
|
2013-10-17 12:31:38 +02:00
|
|
|
index 49a79a8..da488c5 100644
|
2013-10-07 10:47:00 +02:00
|
|
|
--- a/panels/network/net-device-wifi.c
|
|
|
|
+++ b/panels/network/net-device-wifi.c
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -696,6 +696,9 @@ wireless_try_to_connect (NetDeviceWifi *device_wifi,
|
2013-10-07 10:47:00 +02:00
|
|
|
NMDevice *device;
|
|
|
|
NMSettingWireless *setting_wireless;
|
|
|
|
NMClient *client;
|
|
|
|
+ CcNetworkPanel *panel;
|
|
|
|
+ NMConnection *partial = NULL;
|
|
|
|
+ NMSettingConnection *setting_con;
|
|
|
|
|
|
|
|
if (device_wifi->priv->updating_device)
|
|
|
|
goto out;
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -747,10 +750,21 @@ wireless_try_to_connect (NetDeviceWifi *device_wifi,
|
2013-10-07 10:47:00 +02:00
|
|
|
/* create one, as it's missing */
|
|
|
|
g_debug ("no existing connection found for %s, creating", ssid_target);
|
|
|
|
|
|
|
|
+ panel = net_object_get_panel (NET_OBJECT (device_wifi));
|
|
|
|
+ if (cc_network_panel_get_default_private (panel)) {
|
|
|
|
+ partial = nm_connection_new ();
|
|
|
|
+ setting_con = (NMSettingConnection *)nm_setting_connection_new ();
|
|
|
|
+ nm_connection_add_setting (partial, NM_SETTING (setting_con));
|
|
|
|
+ nm_setting_connection_add_permission (setting_con,
|
|
|
|
+ "user",
|
|
|
|
+ g_get_user_name(),
|
|
|
|
+ NULL);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
if (!is_8021x (device, ap_object_path)) {
|
|
|
|
g_debug ("no existing connection found for %s, creating and activating one", ssid_target);
|
|
|
|
nm_client_add_and_activate_connection (client,
|
|
|
|
- NULL,
|
|
|
|
+ partial,
|
|
|
|
device, ap_object_path,
|
|
|
|
connection_add_activate_cb, device_wifi);
|
|
|
|
} else {
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -965,6 +979,7 @@ start_shared_connection (NetDeviceWifi *device_wifi)
|
2013-10-07 10:47:00 +02:00
|
|
|
GSList *l;
|
|
|
|
NMClient *client;
|
|
|
|
const char *mode;
|
|
|
|
+ CcNetworkPanel *panel;
|
|
|
|
|
|
|
|
device = net_device_get_nm_device (NET_DEVICE (device_wifi));
|
|
|
|
g_assert (nm_device_get_device_type (device) == NM_DEVICE_TYPE_WIFI);
|
2013-10-17 12:31:38 +02:00
|
|
|
@@ -1001,6 +1016,14 @@ start_shared_connection (NetDeviceWifi *device_wifi)
|
2013-10-07 10:47:00 +02:00
|
|
|
"id", "Hotspot",
|
|
|
|
"autoconnect", FALSE,
|
|
|
|
NULL);
|
|
|
|
+
|
|
|
|
+ panel = net_object_get_panel (NET_OBJECT (device_wifi));
|
|
|
|
+ if (cc_network_panel_get_default_private (panel))
|
|
|
|
+ nm_setting_connection_add_permission (sc,
|
|
|
|
+ "user",
|
|
|
|
+ g_get_user_name(),
|
|
|
|
+ NULL);
|
|
|
|
+
|
|
|
|
nm_connection_add_setting (c, (NMSetting *)sc);
|
|
|
|
|
|
|
|
sw = (NMSettingWireless *)nm_setting_wireless_new ();
|
|
|
|
diff --git a/panels/network/network-dialogs.c b/panels/network/network-dialogs.c
|
|
|
|
index b2f8376..24053cb 100644
|
|
|
|
--- a/panels/network/network-dialogs.c
|
|
|
|
+++ b/panels/network/network-dialogs.c
|
|
|
|
@@ -41,6 +41,7 @@ typedef struct {
|
2012-06-29 10:52:02 +02:00
|
|
|
NMClient *client;
|
|
|
|
NMRemoteSettings *settings;
|
|
|
|
NMDevice *device;
|
|
|
|
+ gboolean default_private;
|
|
|
|
} MobileDialogClosure;
|
|
|
|
|
|
|
|
static void
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -262,7 +263,8 @@ cc_network_panel_connect_to_8021x_network (GtkWidget *toplevel,
|
|
|
|
NMClient *client,
|
|
|
|
NMRemoteSettings *settings,
|
|
|
|
NMDevice *device,
|
|
|
|
- const gchar *arg_access_point)
|
|
|
|
+ const gchar *arg_access_point,
|
|
|
|
+ gboolean default_private)
|
|
|
|
{
|
|
|
|
NMConnection *connection;
|
|
|
|
NMSettingConnection *s_con;
|
|
|
|
@@ -300,6 +302,8 @@ cc_network_panel_connect_to_8021x_network (GtkWidget *toplevel,
|
2012-06-29 10:52:02 +02:00
|
|
|
uuid = nm_utils_uuid_generate ();
|
|
|
|
g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL);
|
|
|
|
g_free (uuid);
|
2013-10-07 10:47:00 +02:00
|
|
|
+ if (default_private)
|
2012-06-29 10:52:02 +02:00
|
|
|
+ nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
|
|
|
|
nm_connection_add_setting (connection, NM_SETTING (s_con));
|
|
|
|
|
|
|
|
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -357,6 +361,7 @@ cdma_mobile_wizard_done (NMAMobileWizard *wizard,
|
2012-06-29 10:52:02 +02:00
|
|
|
if (!canceled && method) {
|
|
|
|
NMSetting *setting;
|
|
|
|
char *uuid, *id;
|
|
|
|
+ MobileDialogClosure *closure = user_data;
|
|
|
|
|
|
|
|
if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_CDMA_EVDO) {
|
|
|
|
g_warning ("Unexpected device type (not CDMA).");
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -400,6 +405,11 @@ cdma_mobile_wizard_done (NMAMobileWizard *wizard,
|
2012-06-29 10:52:02 +02:00
|
|
|
NULL);
|
|
|
|
g_free (uuid);
|
|
|
|
g_free (id);
|
|
|
|
+ if (closure->default_private)
|
|
|
|
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
|
|
|
|
+ "user",
|
|
|
|
+ g_get_user_name(),
|
|
|
|
+ NULL);
|
|
|
|
nm_connection_add_setting (connection, setting);
|
|
|
|
}
|
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -419,6 +429,7 @@ gsm_mobile_wizard_done (NMAMobileWizard *wizard,
|
2012-06-29 10:52:02 +02:00
|
|
|
if (!canceled && method) {
|
|
|
|
NMSetting *setting;
|
|
|
|
char *uuid, *id;
|
|
|
|
+ MobileDialogClosure *closure = user_data;
|
|
|
|
|
|
|
|
if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {
|
|
|
|
g_warning ("Unexpected device type (not GSM).");
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -463,6 +474,11 @@ gsm_mobile_wizard_done (NMAMobileWizard *wizard,
|
2012-06-29 10:52:02 +02:00
|
|
|
NULL);
|
|
|
|
g_free (uuid);
|
|
|
|
g_free (id);
|
|
|
|
+ if (closure->default_private)
|
|
|
|
+ nm_setting_connection_add_permission ((NMSettingConnection *)setting,
|
|
|
|
+ "user",
|
|
|
|
+ g_get_user_name(),
|
|
|
|
+ NULL);
|
|
|
|
nm_connection_add_setting (connection, setting);
|
|
|
|
}
|
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
@@ -494,7 +510,8 @@ void
|
|
|
|
cc_network_panel_connect_to_3g_network (GtkWidget *toplevel,
|
|
|
|
NMClient *client,
|
|
|
|
NMRemoteSettings *settings,
|
|
|
|
- NMDevice *device)
|
|
|
|
+ NMDevice *device,
|
|
|
|
+ gboolean default_private)
|
|
|
|
{
|
|
|
|
MobileDialogClosure *closure;
|
|
|
|
NMAMobileWizard *wizard;
|
|
|
|
@@ -512,6 +529,7 @@ cc_network_panel_connect_to_3g_network (GtkWidget *toplevel,
|
2012-06-29 10:52:02 +02:00
|
|
|
closure->client = g_object_ref (client);
|
|
|
|
closure->settings = g_object_ref (settings);
|
|
|
|
closure->device = g_object_ref (device);
|
2013-10-07 10:47:00 +02:00
|
|
|
+ closure->default_private = default_private;
|
2012-06-29 10:52:02 +02:00
|
|
|
|
|
|
|
caps = nm_device_modem_get_current_capabilities (NM_DEVICE_MODEM (device));
|
|
|
|
if (caps & NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {
|
2013-10-07 10:47:00 +02:00
|
|
|
diff --git a/panels/network/network-dialogs.h b/panels/network/network-dialogs.h
|
|
|
|
index ddbf392..953fc2b 100644
|
|
|
|
--- a/panels/network/network-dialogs.h
|
|
|
|
+++ b/panels/network/network-dialogs.h
|
|
|
|
@@ -38,11 +38,13 @@ void cc_network_panel_connect_to_8021x_network (GtkWidget *toplevel,
|
|
|
|
NMClient *client,
|
|
|
|
NMRemoteSettings *settings,
|
|
|
|
NMDevice *device,
|
|
|
|
- const gchar *arg_access_point);
|
|
|
|
+ const gchar *arg_access_point,
|
|
|
|
+ gboolean default_private);
|
2012-09-14 14:37:21 +02:00
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
void cc_network_panel_connect_to_3g_network (GtkWidget *toplevel,
|
|
|
|
NMClient *client,
|
|
|
|
NMRemoteSettings *settings,
|
|
|
|
- NMDevice *device);
|
|
|
|
+ NMDevice *device,
|
|
|
|
+ gboolean default_private);
|
2012-10-15 10:30:33 +02:00
|
|
|
|
2013-10-07 10:47:00 +02:00
|
|
|
#endif /* _NETWORK_DIALOGS_H */
|
|
|
|
--
|
|
|
|
1.8.1.4
|
|
|
|
|