shell/network-agent: Add method to add VPN secrets to agent response

While most secrets are serialized as individual settings with a string
value, all VPN secrets are serialized together as a string dict which is
the value of a single setting. Incorrect serialization causes VPN
secrets to not be remembered by NetworkManager.

This commit adds a new method that allows adding secrets as VPN secrets
specifically such that they can be correctly serialized.

Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1535>

src/shell-network-agent.c

@@ -48,6 +48,7 @@ typedef struct {
   gpointer                          callback_data;
 
   GVariantDict                     *entries;
+  GVariantBuilder                   builder_vpn;
 } ShellAgentRequest;
 
 struct _ShellNetworkAgentPrivate {
@@ -80,6 +81,7 @@ shell_agent_request_free (gpointer data)
   g_free (request->setting_name);
   g_strfreev (request->hints);
   g_clear_pointer (&request->entries, g_variant_dict_unref);
+  g_variant_builder_clear (&request->builder_vpn);
 
   g_free (request);
 }
@@ -373,6 +375,8 @@ shell_network_agent_get_secrets (NMSecretAgentOld                 *agent,
   request->request_id = request_id;
   g_hash_table_replace (self->priv->requests, request->request_id, request);
 
+  g_variant_builder_init (&request->builder_vpn, G_VARIANT_TYPE ("a{ss}"));
+
   if ((flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW) ||
       ((flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION)
        && is_connection_always_ask (request->connection)))
@@ -394,6 +398,24 @@ shell_network_agent_get_secrets (NMSecretAgentOld                 *agent,
   g_hash_table_unref (attributes);
 }
 
+void
+shell_network_agent_add_vpn_secret (ShellNetworkAgent *self,
+                                    gchar             *request_id,
+                                    gchar             *setting_key,
+                                    gchar             *setting_value)
+{
+  ShellNetworkAgentPrivate *priv;
+  ShellAgentRequest *request;
+
+  g_return_if_fail (SHELL_IS_NETWORK_AGENT (self));
+
+  priv = self->priv;
+  request = g_hash_table_lookup (priv->requests, request_id);
+  g_return_if_fail (request != NULL);
+
+  g_variant_builder_add (&request->builder_vpn, "{ss}", setting_key, setting_value);
+}
+
 void
 shell_network_agent_set_password (ShellNetworkAgent *self,
                                   gchar             *request_id,
@@ -420,7 +442,7 @@ shell_network_agent_respond (ShellNetworkAgent         *self,
   ShellNetworkAgentPrivate *priv;
   ShellAgentRequest *request;
   GVariantBuilder builder_connection;
-  GVariant *setting;
+  GVariant *vpn_secrets, *setting;
 
   g_return_if_fail (SHELL_IS_NETWORK_AGENT (self));
 
@@ -454,6 +476,13 @@ shell_network_agent_respond (ShellNetworkAgent         *self,
 
   /* response == SHELL_NETWORK_AGENT_CONFIRMED */
 
+  /* VPN secrets are stored as a hash of secrets in a single setting */
+  vpn_secrets = g_variant_builder_end (&request->builder_vpn);
+  if (g_variant_n_children (vpn_secrets))
+    g_variant_dict_insert_value (request->entries, NM_SETTING_VPN_SECRETS, vpn_secrets);
+  else
+    g_variant_unref (vpn_secrets);
+
   setting = g_variant_dict_end (request->entries);
 
   /* Save any updated secrets */

src/shell-network-agent.h

@@ -43,6 +43,10 @@ struct _ShellNetworkAgentClass
 /* used by SHELL_TYPE_NETWORK_AGENT */
 GType shell_network_agent_get_type (void);
 
+void               shell_network_agent_add_vpn_secret (ShellNetworkAgent *self,
+                                                       gchar             *request_id,
+                                                       gchar             *setting_key,
+                                                       gchar             *setting_value);
 void               shell_network_agent_set_password (ShellNetworkAgent *self,
                                                      gchar             *request_id,
                                                      gchar             *setting_key,