From e48d32e5699d824dc229f131246229f077709f84 Mon Sep 17 00:00:00 2001 From: Jonathan Kang Date: Tue, 19 Sep 2017 17:00:18 +0800 Subject: [PATCH 2/2] wifi: Add domain-suffix-match entry domain-suffix-match has been supported in nm-connection-editor for a while. So users can edit that property in nm-connection-editor. But it's still not available in gnome-control-center yet. Fix that by adding domain-suffix-match entry in tls, ttls and peap security settings page. https://bugzilla.gnome.org/show_bug.cgi?id=787882 --- panels/network/wireless-security/eap-method-peap.c | 21 ++++++++++ .../network/wireless-security/eap-method-peap.ui | 43 ++++++++++++++++---- panels/network/wireless-security/eap-method-tls.c | 29 ++++++++++++- panels/network/wireless-security/eap-method-tls.ui | 47 +++++++++++++++++----- panels/network/wireless-security/eap-method-ttls.c | 21 ++++++++++ .../network/wireless-security/eap-method-ttls.ui | 39 +++++++++++++++--- 6 files changed, 175 insertions(+), 25 deletions(-) diff --git a/panels/network/wireless-security/eap-method-peap.c b/panels/network/wireless-security/eap-method-peap.c index 402887c87..e94c0ef4f 100644 --- a/panels/network/wireless-security/eap-method-peap.c +++ b/panels/network/wireless-security/eap-method-peap.c @@ -114,6 +114,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group) g_assert (widget); gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_domain_label")); + g_assert (widget); + gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_version_label")); g_assert (widget); gtk_size_group_add_widget (group, widget); @@ -159,6 +163,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFla if (text && strlen (text)) g_object_set (s_8021x, NM_SETTING_802_1X_ANONYMOUS_IDENTITY, text, NULL); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_domain_entry")); + g_assert (widget); + text = gtk_entry_get_text (GTK_ENTRY (widget)); + if (text && strlen (text)) + g_object_set (s_8021x, NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH, text, NULL); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button")); g_assert (widget); filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); @@ -424,11 +434,22 @@ eap_method_peap_new (WirelessSecurity *ws_parent, (GCallback) wireless_security_changed_cb, ws_parent); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_domain_entry")); + if (s_8021x && nm_setting_802_1x_get_domain_suffix_match (s_8021x)) + gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_domain_suffix_match (s_8021x)); + g_signal_connect (G_OBJECT (widget), "changed", + (GCallback) wireless_security_changed_cb, + ws_parent); + if (secrets_only) { widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_label")); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_anon_identity_entry")); gtk_widget_hide (widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_domain_label")); + gtk_widget_hide (widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_domain_entry")); + gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_label")); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_peap_ca_cert_button")); diff --git a/panels/network/wireless-security/eap-method-peap.ui b/panels/network/wireless-security/eap-method-peap.ui index 37dddd643..1f5e7e599 100644 --- a/panels/network/wireless-security/eap-method-peap.ui +++ b/panels/network/wireless-security/eap-method-peap.ui @@ -67,6 +67,33 @@ + + True + False + _Domain: + True + eap_peap_domain_entry + 1 + + + 0 + 1 + + + + + True + True + True + True + Suffix of the server certificate name. + + + 1 + 1 + + + True False @@ -77,7 +104,7 @@ 0 - 1 + 2 @@ -88,7 +115,7 @@ 1 - 1 + 2 @@ -103,7 +130,7 @@ 1 - 2 + 3 @@ -117,7 +144,7 @@ 0 - 3 + 4 @@ -135,7 +162,7 @@ 1 - 3 + 4 @@ -149,7 +176,7 @@ 0 - 4 + 5 @@ -167,7 +194,7 @@ 1 - 4 + 5 @@ -180,7 +207,7 @@ 0 - 5 + 6 2 diff --git a/panels/network/wireless-security/eap-method-tls.c b/panels/network/wireless-security/eap-method-tls.c index 8d17fa459..278e98364 100644 --- a/panels/network/wireless-security/eap-method-tls.c +++ b/panels/network/wireless-security/eap-method-tls.c @@ -148,6 +148,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group) g_assert (widget); gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_label")); + g_assert (widget); + gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_user_cert_label")); g_assert (widget); gtk_size_group_add_widget (group, widget); @@ -190,6 +194,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFla g_assert (widget); g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_entry")); + g_assert (widget); + g_object_set (s_8021x, + parent->phase2 ? NM_SETTING_802_1X_PHASE2_DOMAIN_SUFFIX_MATCH : NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH, + gtk_entry_get_text (GTK_ENTRY (widget)), NULL); + /* TLS private key */ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_private_key_password_entry")); g_assert (widget); @@ -393,7 +403,7 @@ setup_filepicker (GtkBuilder *builder, filter = eap_method_default_file_chooser_filter_new (privkey); gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (widget), filter); - /* For some reason, GTK+ calls set_current_filter (..., NULL) from + /* For some reason, GTK+ calls set_current_filter (..., NULL) from * gtkfilechooserdefault.c::show_and_select_files_finished_loading() on our * dialog; so force-reset the filter to what we want it to be whenever * it gets cleared. @@ -491,6 +501,19 @@ eap_method_tls_new (WirelessSecurity *ws_parent, if (s_8021x && nm_setting_802_1x_get_identity (s_8021x)) gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x)); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_entry")); + g_assert (widget); + g_signal_connect (G_OBJECT (widget), "changed", + (GCallback) wireless_security_changed_cb, + ws_parent); + if (phase2) { + if (s_8021x && nm_setting_802_1x_get_phase2_domain_suffix_match (s_8021x)) + gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_phase2_domain_suffix_match (s_8021x)); + } else { + if (s_8021x && nm_setting_802_1x_get_domain_suffix_match (s_8021x)) + gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_domain_suffix_match (s_8021x)); + } + setup_filepicker (parent->builder, "eap_tls_user_cert_button", _("Choose your personal certificate"), ws_parent, parent, s_8021x, @@ -540,6 +563,10 @@ eap_method_tls_new (WirelessSecurity *ws_parent, if (secrets_only) { widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_identity_entry")); gtk_widget_set_sensitive (widget, FALSE); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_label")); + gtk_widget_hide (widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_entry")); + gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_user_cert_label")); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_user_cert_button")); diff --git a/panels/network/wireless-security/eap-method-tls.ui b/panels/network/wireless-security/eap-method-tls.ui index a399460fa..60fe59f06 100644 --- a/panels/network/wireless-security/eap-method-tls.ui +++ b/panels/network/wireless-security/eap-method-tls.ui @@ -43,6 +43,33 @@ + + True + False + _Domain: + True + eap_tls_domain_entry + 1 + + + 0 + 1 + + + + + True + True + True + True + Suffix of the server certificate name. + + + 1 + 1 + + + True False @@ -53,7 +80,7 @@ 0 - 1 + 2 @@ -64,7 +91,7 @@ 1 - 1 + 2 @@ -78,7 +105,7 @@ 0 - 2 + 3 @@ -89,7 +116,7 @@ 1 - 2 + 3 @@ -104,7 +131,7 @@ 1 - 3 + 4 @@ -118,7 +145,7 @@ 0 - 4 + 5 @@ -129,7 +156,7 @@ 1 - 4 + 5 @@ -143,7 +170,7 @@ 0 - 5 + 6 @@ -156,7 +183,7 @@ 1 - 5 + 6 @@ -171,7 +198,7 @@ 1 - 6 + 7 diff --git a/panels/network/wireless-security/eap-method-ttls.c b/panels/network/wireless-security/eap-method-ttls.c index 2d9de48d6..9cd2c205f 100644 --- a/panels/network/wireless-security/eap-method-ttls.c +++ b/panels/network/wireless-security/eap-method-ttls.c @@ -114,6 +114,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group) g_assert (widget); gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_domain_label")); + g_assert (widget); + gtk_size_group_add_widget (group, widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_inner_auth_label")); g_assert (widget); gtk_size_group_add_widget (group, widget); @@ -154,6 +158,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection, NMSettingSecretFla if (text && strlen (text)) g_object_set (s_8021x, NM_SETTING_802_1X_ANONYMOUS_IDENTITY, text, NULL); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_domain_entry")); + g_assert (widget); + text = gtk_entry_get_text (GTK_ENTRY (widget)); + if (text && strlen (text)) + g_object_set (s_8021x, NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH, text, NULL); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button")); g_assert (widget); filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget)); @@ -451,6 +461,13 @@ eap_method_ttls_new (WirelessSecurity *ws_parent, (GCallback) wireless_security_changed_cb, ws_parent); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_domain_entry")); + if (s_8021x && nm_setting_802_1x_get_domain_suffix_match (s_8021x)) + gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_domain_suffix_match (s_8021x)); + g_signal_connect (G_OBJECT (widget), "changed", + (GCallback) wireless_security_changed_cb, + ws_parent); + widget = inner_auth_combo_init (method, connection, s_8021x, secrets_only); inner_auth_combo_changed_cb (widget, (gpointer) method); @@ -459,6 +476,10 @@ eap_method_ttls_new (WirelessSecurity *ws_parent, gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_anon_identity_entry")); gtk_widget_hide (widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_domain_label")); + gtk_widget_hide (widget); + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_domain_entry")); + gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_label")); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_ttls_ca_cert_button")); diff --git a/panels/network/wireless-security/eap-method-ttls.ui b/panels/network/wireless-security/eap-method-ttls.ui index 0b23c54ba..c679cdf0b 100644 --- a/panels/network/wireless-security/eap-method-ttls.ui +++ b/panels/network/wireless-security/eap-method-ttls.ui @@ -50,6 +50,33 @@ + + True + False + _Domain: + True + eap_ttls_domain_entry + 1 + + + 0 + 1 + + + + + True + True + True + True + Suffix of the server certificate name. + + + 1 + 1 + + + True False @@ -60,7 +87,7 @@ 0 - 1 + 2 @@ -71,7 +98,7 @@ 1 - 1 + 2 @@ -87,7 +114,7 @@ 1 - 2 + 3 @@ -101,7 +128,7 @@ 0 - 3 + 4 @@ -119,7 +146,7 @@ 1 - 3 + 4 @@ -133,7 +160,7 @@ 0 - 4 + 5 2 -- 2.13.5