isa/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NetworkAgent: handle empty hints and VPN secrets correctly

Browse Source 
get_secrets_keyring_cb() contained an optimization (copied over from
nm-applet) that avoided a D-Bus round-trip when NetworkManager sent
secrets hints that were not satisified by the user.  This code did
not properly handle empty hints though, and proceeded to always
request new secrets whenever empty hints were sent.  Remove this
code entirely since the complexity is not worth it (per Jasper).

Second, get_secrets_keyring_cb() was mishandling VPN secrets which
were marked as "always ask".  Because the VPN secrets are not GObject
properties because they cannot be pre-defined, they are passed in
a hash table that is a GObject property marked 'secret'.  Unfortunately,
that means that the shell agent cannot determine their secret flags.
But since the VPN plugin auth dialogs have much better information
about what's required than the shell agent does, always ask the VPN
auth dialogs to handle the secrets requests after grabbing any that
already exist from the keyring.  This is also what nm-applet does.

https://bugzilla.gnome.org/show_bug.cgi?id=719815
This commit is contained in:
Dan Williams 2013-12-03 22:07:16 -06:00
parent 01f740ce69
commit 17726abb0a
1 changed files with 4 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/shell-network-agent.c
View File

@ -243,20 +243,6 @@ gvalue_destroy_notify (gpointer data)
g_slice_free (GValue, value); g_slice_free (GValue, value);
} }
static gboolean
strv_has (gchar **haystack,
gchar *needle)
{
gchar *iter;
for (iter = *haystack; iter; iter++)
{
if (g_strcmp0 (iter, needle) == 0)
return TRUE;
}
return FALSE;
}
static void static void
get_secrets_keyring_cb (GObject *source, get_secrets_keyring_cb (GObject *source,
GAsyncResult *result, GAsyncResult *result,
@ -267,7 +253,6 @@ get_secrets_keyring_cb (GObject *source,
ShellNetworkAgentPrivate *priv; ShellNetworkAgentPrivate *priv;
GError *secret_error = NULL; GError *secret_error = NULL;
GError *error = NULL; GError *error = NULL;
gint n_found = 0;
GList *items; GList *items;
GList *l; GList *l;
GHashTable *outer; GHashTable *outer;
@ -327,11 +312,6 @@ get_secrets_keyring_cb (GObject *source,
else else
g_hash_table_insert (closure->vpn_entries, secret_name, g_strdup (secret_value_get (secret, NULL))); g_hash_table_insert (closure->vpn_entries, secret_name, g_strdup (secret_value_get (secret, NULL)));
if (closure->hints)
n_found += strv_has (closure->hints, secret_name);
else
n_found += 1;
g_hash_table_unref (attributes); g_hash_table_unref (attributes);
secret_value_unref (secret); secret_value_unref (secret);
break; break;
@ -344,8 +324,10 @@ get_secrets_keyring_cb (GObject *source,
g_list_free_full (items, g_object_unref); g_list_free_full (items, g_object_unref);
if (n_found == 0 && /* All VPN requests get sent to the VPN's auth dialog, since it knows better
(closure->flags & NM_SECRET_AGENT_GET_SECRETS_FLAG_ALLOW_INTERACTION)) * than the agent do about what secrets are required.
*/
if (closure->is_vpn)
{ {
nm_connection_update_secrets (closure->connection, closure->setting_name, closure->entries, NULL); nm_connection_update_secrets (closure->connection, closure->setting_name, closure->entries, NULL);