diff options
author | Beniamino Galvani <bgalvani@redhat.com> | 2022-09-28 09:14:05 +0200 |
---|---|---|
committer | Beniamino Galvani <bgalvani@redhat.com> | 2022-09-28 09:14:05 +0200 |
commit | 683239166b1c0ea2b0d56ff263dc832775e19c5f (patch) | |
tree | c4bf0bafbd0786ebf533f8d6d802d856f8874a15 | |
parent | c32823d5e9d8e82a84cdca1c3ffdd2944512472d (diff) | |
parent | 48b7ab56361540e255ab0628e45de2eb83910ec9 (diff) |
nmtui: merge branch 'bg/nmtui-8021x'
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1314
-rw-r--r-- | Makefile.am | 12 | ||||
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | src/libnmt-newt/nmt-newt-stack.c | 6 | ||||
-rw-r--r-- | src/nmtui/meson.build | 2 | ||||
-rw-r--r-- | src/nmtui/nm-editor-bindings.c | 79 | ||||
-rw-r--r-- | src/nmtui/nm-editor-bindings.h | 11 | ||||
-rw-r--r-- | src/nmtui/nm-editor-utils.c | 8 | ||||
-rw-r--r-- | src/nmtui/nmt-8021x-fields.c | 693 | ||||
-rw-r--r-- | src/nmtui/nmt-8021x-fields.h | 29 | ||||
-rw-r--r-- | src/nmtui/nmt-connect-connection-list.c | 1 | ||||
-rw-r--r-- | src/nmtui/nmt-editor.c | 3 | ||||
-rw-r--r-- | src/nmtui/nmt-page-ethernet.c | 90 | ||||
-rw-r--r-- | src/nmtui/nmt-page-ethernet.h | 11 | ||||
-rw-r--r-- | src/nmtui/nmt-page-macsec.c | 196 | ||||
-rw-r--r-- | src/nmtui/nmt-page-macsec.h | 28 | ||||
-rw-r--r-- | src/nmtui/nmt-page-wifi.c | 17 | ||||
-rw-r--r-- | src/nmtui/nmt-password-fields.c | 130 | ||||
-rw-r--r-- | src/nmtui/nmt-password-fields.h | 5 |
18 files changed, 1241 insertions, 82 deletions
diff --git a/Makefile.am b/Makefile.am index 41f55300a7..58c99be085 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5058,6 +5058,8 @@ src_nmtui_nmtui_SOURCES = \ src/nmtui/nm-editor-utils.c \ src/nmtui/nm-editor-utils.h \ \ + src/nmtui/nmt-8021x-fields.c \ + src/nmtui/nmt-8021x-fields.h \ src/nmtui/nmt-address-list.c \ src/nmtui/nmt-address-list.h \ src/nmtui/nmt-connect-connection-list.c \ @@ -5068,10 +5070,10 @@ src_nmtui_nmtui_SOURCES = \ src/nmtui/nmt-edit-connection-list.h \ src/nmtui/nmt-editor-grid.c \ src/nmtui/nmt-editor-grid.h \ - src/nmtui/nmt-editor-page.c \ - src/nmtui/nmt-editor-page.h \ src/nmtui/nmt-editor-page-device.c \ src/nmtui/nmt-editor-page-device.h \ + src/nmtui/nmt-editor-page.c \ + src/nmtui/nmt-editor-page.h \ src/nmtui/nmt-editor-section.c \ src/nmtui/nmt-editor-section.h \ src/nmtui/nmt-editor.c \ @@ -5102,6 +5104,8 @@ src_nmtui_nmtui_SOURCES = \ src/nmtui/nmt-page-ip4.h \ src/nmtui/nmt-page-ip6.c \ src/nmtui/nmt-page-ip6.h \ + src/nmtui/nmt-page-macsec.c \ + src/nmtui/nmt-page-macsec.h \ src/nmtui/nmt-page-ppp.c \ src/nmtui/nmt-page-ppp.h \ src/nmtui/nmt-page-team-port.c \ @@ -5128,12 +5132,12 @@ src_nmtui_nmtui_SOURCES = \ src/nmtui/nmt-slave-list.h \ src/nmtui/nmt-utils.c \ src/nmtui/nmt-utils.h \ + src/nmtui/nmt-widget-list.c \ + src/nmtui/nmt-widget-list.h \ src/nmtui/nmt-wireguard-peer-editor.c \ src/nmtui/nmt-wireguard-peer-editor.h \ src/nmtui/nmt-wireguard-peer-list.c \ src/nmtui/nmt-wireguard-peer-list.h \ - src/nmtui/nmt-widget-list.c \ - src/nmtui/nmt-widget-list.h \ $(NULL) src_nmtui_nmtui_CPPFLAGS = \ @@ -10,6 +10,8 @@ USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE! * nmcli: allow changing "connection.uuid" and "connection.type" in offline mode and setting the UUID when creating a connection. +* nmtui now supports editing Wi-Fi WPA-Enterprise, Ethernet with 802.1X + authentication and MACsec connection profiles. ============================================= NetworkManager-1.40 diff --git a/src/libnmt-newt/nmt-newt-stack.c b/src/libnmt-newt/nmt-newt-stack.c index bb05e51b98..ef7454f586 100644 --- a/src/libnmt-newt/nmt-newt-stack.c +++ b/src/libnmt-newt/nmt-newt-stack.c @@ -166,8 +166,7 @@ nmt_newt_stack_child_validity_changed(NmtNewtContainer *container, NmtNewtWidget return; if (priv->children->pdata[priv->active] == (gpointer) widget) { - NMT_NEWT_CONTAINER_CLASS(nmt_newt_stack_parent_class) - ->child_validity_changed(container, widget); + nmt_newt_widget_set_valid(NMT_NEWT_WIDGET(container), nmt_newt_widget_get_valid(widget)); } } @@ -190,6 +189,7 @@ nmt_newt_stack_set_active(NmtNewtStack *stack, guint active) g_object_notify(G_OBJECT(stack), "active"); g_object_notify(G_OBJECT(stack), "active-id"); nmt_newt_widget_needs_rebuild(NMT_NEWT_WIDGET(stack)); + nmt_newt_stack_child_validity_changed(NMT_NEWT_CONTAINER(stack), priv->children->pdata[active]); } /** @@ -230,6 +230,8 @@ nmt_newt_stack_set_active_id(NmtNewtStack *stack, const char *id) g_object_notify(G_OBJECT(stack), "active"); g_object_notify(G_OBJECT(stack), "active-id"); nmt_newt_widget_needs_rebuild(NMT_NEWT_WIDGET(stack)); + nmt_newt_stack_child_validity_changed(NMT_NEWT_CONTAINER(stack), + priv->children->pdata[i]); return; } } diff --git a/src/nmtui/meson.build b/src/nmtui/meson.build index e6cac26846..48f2fbf47e 100644 --- a/src/nmtui/meson.build +++ b/src/nmtui/meson.build @@ -5,6 +5,7 @@ executable( files( 'nm-editor-bindings.c', 'nm-editor-utils.c', + 'nmt-8021x-fields.c', 'nmt-address-list.c', 'nmt-connect-connection-list.c', 'nmt-device-entry.c', @@ -27,6 +28,7 @@ executable( 'nmt-page-ip4.c', 'nmt-page-ip6.c', 'nmt-page-ip-tunnel.c', + 'nmt-page-macsec.c', 'nmt-page-ppp.c', 'nmt-page-team.c', 'nmt-page-team-port.c', diff --git a/src/nmtui/nm-editor-bindings.c b/src/nmtui/nm-editor-bindings.c index f1d92adebc..360cf3ad97 100644 --- a/src/nmtui/nm-editor-bindings.c +++ b/src/nmtui/nm-editor-bindings.c @@ -54,6 +54,51 @@ nm_editor_bindings_init(void) g_value_register_transform_func(G_TYPE_STRING, G_TYPE_UINT, value_transform_string_uint); } +gboolean +certificate_to_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data) +{ + GBytes *bytes; + char *utf8; + + bytes = g_value_get_boxed(source_value); + if (bytes) + utf8 = nm_utils_ssid_to_utf8(g_bytes_get_data(bytes, NULL), g_bytes_get_size(bytes)); + else + utf8 = g_strdup(""); + g_value_take_string(target_value, utf8); + return TRUE; +} + +gboolean +certificate_from_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data) +{ + const char *text; + gs_free char *cert = NULL; + GBytes *bytes = NULL; + + text = g_value_get_string(source_value); + + if (text[0]) { + /* Consider anything without a scheme prefix as an absolute path */ + if (!g_str_has_prefix(text, "file://") && !g_str_has_prefix(text, "blob://") + && !g_str_has_prefix(text, "pkcs11://")) { + cert = g_strdup_printf("file://%s%s", text[0] == '/' ? "" : "/", text); + text = cert; + } + + bytes = g_bytes_new(text, strlen(text) + 1); + } + g_value_take_boxed(target_value, bytes); + + return TRUE; +} + static gboolean ip_addresses_with_prefix_to_strv(GBinding *binding, const GValue *source_value, @@ -803,7 +848,9 @@ peer_transform_from_persistent_keepalive_string(GBinding *binding, typedef struct { NMConnection *connection; NMSettingWirelessSecurity *s_wsec; + NMSetting8021x *s_8021x; gboolean s_wsec_in_use; + gboolean s_8021x_in_use; GObject *target; char *target_property; @@ -891,6 +938,7 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us { NMEditorWirelessSecurityMethodBinding *binding = user_data; char *method; + gboolean need_8021x = FALSE; if (binding->updating) return; @@ -900,11 +948,14 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us binding->updating = TRUE; if (!strcmp(method, "none")) { - if (!binding->s_wsec_in_use) - return; - binding->s_wsec_in_use = FALSE; - nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_WIRELESS_SECURITY); - + if (binding->s_wsec_in_use) { + binding->s_wsec_in_use = FALSE; + nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_WIRELESS_SECURITY); + } + if (binding->s_8021x_in_use) { + binding->s_8021x_in_use = FALSE; + nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_802_1X); + } binding->updating = FALSE; return; } @@ -985,10 +1036,21 @@ wireless_security_target_changed(GObject *object, GParamSpec *pspec, gpointer us NULL, NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, NM_WEP_KEY_TYPE_UNKNOWN, + NM_SETTING_WIRELESS_SECURITY_PSK, + NULL, NULL); + need_8021x = TRUE; } else g_warn_if_reached(); + if (need_8021x != binding->s_8021x_in_use) { + binding->s_8021x_in_use = need_8021x; + if (need_8021x) + nm_connection_add_setting(binding->connection, NM_SETTING(binding->s_8021x)); + else + nm_connection_remove_setting(binding->connection, NM_TYPE_SETTING_802_1X); + } + binding->updating = FALSE; } @@ -1031,6 +1093,7 @@ wireless_security_target_destroyed(gpointer user_data, GObject *ex_target) void nm_editor_bind_wireless_security_method(NMConnection *connection, NMSettingWirelessSecurity *s_wsec, + NMSetting8021x *s_8021x, gpointer target, const char *target_property, GBindingFlags flags) @@ -1054,9 +1117,11 @@ nm_editor_bind_wireless_security_method(NMConnection *connection, NM_CONNECTION_CHANGED, G_CALLBACK(wireless_connection_changed), binding); - binding->s_wsec_in_use = (nm_connection_get_setting_wireless_security(connection) != NULL); + binding->s_wsec_in_use = (nm_connection_get_setting_wireless_security(connection) != NULL); + binding->s_wsec = g_object_ref(s_wsec); + binding->s_8021x_in_use = (nm_connection_get_setting_802_1x(connection) != NULL); + binding->s_8021x = g_object_ref(s_8021x); - binding->s_wsec = g_object_ref(s_wsec); g_signal_connect(s_wsec, "notify::" NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, G_CALLBACK(wireless_security_changed), diff --git a/src/nmtui/nm-editor-bindings.h b/src/nmtui/nm-editor-bindings.h index ef2f36f2d1..bbd5622a14 100644 --- a/src/nmtui/nm-editor-bindings.h +++ b/src/nmtui/nm-editor-bindings.h @@ -8,6 +8,16 @@ void nm_editor_bindings_init(void); +gboolean certificate_from_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data); + +gboolean certificate_to_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data); + void nm_editor_bind_ip_addresses_with_prefix_to_strv(int family, gpointer source, const char *source_property, @@ -41,6 +51,7 @@ void nm_editor_bind_ip_route_to_strings(int family, void nm_editor_bind_wireless_security_method(NMConnection *connection, NMSettingWirelessSecurity *s_wsec, + NMSetting8021x *s_8021x, gpointer target, const char *target_property, GBindingFlags flags); diff --git a/src/nmtui/nm-editor-utils.c b/src/nmtui/nm-editor-utils.c index a3ee7a75de..0f69c9627d 100644 --- a/src/nmtui/nm-editor-utils.c +++ b/src/nmtui/nm-editor-utils.c @@ -235,6 +235,14 @@ nm_editor_utils_get_connection_type_list(void) item->id_format = _("IP tunnel connection %d"); g_ptr_array_add(array, item); + item = g_new0(NMEditorConnectionTypeDataReal, 1); + item->data.name = _("MACsec"); + item->data.setting_type = NM_TYPE_SETTING_MACSEC; + item->data.device_type = NM_TYPE_DEVICE_MACSEC; + item->data.virtual = TRUE; + item->id_format = _("MACsec connection %d"); + g_ptr_array_add(array, item); + #if 0 /* Add "VPN" only if there are plugins */ vpn_plugins_hash = nm_vpn_get_plugin_infos (); diff --git a/src/nmtui/nmt-8021x-fields.c b/src/nmtui/nmt-8021x-fields.c new file mode 100644 index 0000000000..e52598ca80 --- /dev/null +++ b/src/nmtui/nmt-8021x-fields.c @@ -0,0 +1,693 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* + * Copyright (C) 2022 Red Hat, Inc. + */ +/** + * SECTION:nmt-8021x-fields + * @short_description: Widgets for 802.1X setting + * + * #Nmt8021xFields provides widgets to configure the 802.1X setting + */ + +#include "libnm-client-aux-extern/nm-default-client.h" + +#include "nmt-8021x-fields.h" +#include "nmt-editor-grid.h" +#include "nmt-password-fields.h" +#include "nm-editor-bindings.h" + +typedef struct _EapMethod EapMethod; + +typedef struct { + const char *id; + const char *label; + gboolean only_for_wired; + void (*populate)(EapMethod *method, NmtNewtWidget *grid); + void (*selected)(EapMethod *method); +} EapMethodDesc; + +struct _EapMethod { + const EapMethodDesc *desc; + NMSetting8021x *setting; + NmtNewtWidget *inner_popup; +}; + +typedef struct { + NMSetting8021x *setting; + NmtNewtWidget *authentication; + NmtNewtWidget *phase2_auth; + gboolean is_wired; + gboolean is_updating; + EapMethod *eap_methods; +} Nmt8021xFieldsPrivate; + +struct _Nmt8021xFields { + NmtNewtGrid parent; + Nmt8021xFieldsPrivate _priv; +}; + +struct _Nmt8021xFieldsClass { + NmtNewtGridClass parent; +}; + +G_DEFINE_TYPE(Nmt8021xFields, nmt_8021x_fields, NMT_TYPE_EDITOR_GRID) + +#define NMT_8021X_FIELDS_GET_PRIVATE(self) \ + _NM_GET_PRIVATE(self, Nmt8021xFields, NMT_IS_8021X_FIELDS) + +enum { + PROP_0, + PROP_IS_WIRED, + PROP_SETTING, + + LAST_PROP +}; + +static void +nmt_8021x_fields_init(Nmt8021xFields *fields) +{} + +/** + * nmt_8021x_fields_new: + * @setting: the backing 802.1X setting + * @is_wired: whether the setting is for a wired connection or wireless + * + * Creates a new #Nmt8021xFields + * + * Returns: a new #Nmt8021xFields + */ +NmtNewtWidget * +nmt_8021x_fields_new(NMSetting8021x *setting, gboolean is_wired) +{ + return g_object_new(NMT_TYPE_8021X_FIELDS, "setting", setting, "is-wired", is_wired, NULL); +} + +static gboolean +eap_methods_to_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data) +{ + char **strv; + + strv = g_value_get_boxed(source_value); + if (!strv) + return FALSE; + + /* The API allows multiple EAP methods. The UI to + * support this would be complicate, only allow + * one for now. */ + g_value_set_string(target_value, strv[0]); + return TRUE; +} + +static gboolean +eap_methods_from_string(GBinding *binding, + const GValue *source_value, + GValue *target_value, + gpointer user_data) +{ + const char *text; + char **strv = g_new(char *, 2); + + text = g_value_get_string(source_value); + strv[0] = g_strdup(text); + strv[1] = NULL; + + g_value_take_boxed(target_value, strv); + return TRUE; +} + +static gboolean +cert_validate(NmtNewtEntry *entry, const char *text, gpointer user_data) +{ + NMSetting8021xCKScheme scheme; + + scheme = nm_setting_802_1x_check_cert_scheme(text, strlen(text) + 1, NULL); + return scheme != NM_SETTING_802_1X_CK_SCHEME_UNKNOWN; +} + +static void +phase2_auth_widget_changed(GObject *object, GParamSpec *pspec, gpointer user_data) +{ + NmtNewtWidget *widget = NMT_NEWT_WIDGET(object); + NMSetting8021x *setting = user_data; + const char *active_id; + const char *auth_eap; + const char *auth; + + active_id = nmt_newt_popup_get_active_id(NMT_NEWT_POPUP(widget)); + + if (g_str_has_prefix(active_id, "eap-")) { + auth_eap = &active_id[NM_STRLEN("eap-")]; + auth = NULL; + } else { + auth_eap = NULL; + auth = active_id; + } + + if (!nm_streq0(auth, nm_setting_802_1x_get_phase2_auth(setting))) + g_object_set(setting, NM_SETTING_802_1X_PHASE2_AUTH, auth, NULL); + if (!nm_streq0(auth_eap, nm_setting_802_1x_get_phase2_autheap(setting))) + g_object_set(setting, NM_SETTING_802_1X_PHASE2_AUTHEAP, auth_eap, NULL); +} + +static void +phase2_auth_setting_changed(GObject *object, GParamSpec *pspec, gpointer user_data) +{ + NMSetting8021x *setting = NM_SETTING_802_1X(object); + NmtNewtWidget *widget = user_data; + gs_free char *active_id = NULL; + const char *auth; + + auth = nm_setting_802_1x_get_phase2_auth(setting); + if (auth) { + active_id = g_strdup(auth); + } else { + auth = nm_setting_802_1x_get_phase2_autheap(setting); + if (auth) + active_id = g_strdup_printf("eap-%s", auth); + } + + if (active_id) + nmt_newt_popup_set_active_id(NMT_NEWT_POPUP(widget), active_id); +} + +static void +eap_method_populate_simple(EapMethod *method, NmtNewtWidget *subgrid) +{ + NmtNewtWidget *widget; + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_password_fields_new(40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL); +} + +static void +eap_method_populate_tls(EapMethod *method, NmtNewtWidget *subgrid) +{ + NmtNewtWidget *widget; + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Identity"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Domain"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL); + nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL); + g_object_bind_property_full(method->setting, + NM_SETTING_802_1X_CA_CERT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL, + certificate_to_string, + certificate_from_string, + NULL, + NULL); + + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_CA_CERT_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL); + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User cert"), widget, NULL); + nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL); + g_object_bind_property_full(method->setting, + NM_SETTING_802_1X_CLIENT_CERT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL, + certificate_to_string, + certificate_from_string, + NULL, + NULL); + + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_CLIENT_CERT_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User cert password"), widget, NULL); + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User private key"), widget, NULL); + nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL); + g_object_bind_property_full(method->setting, + NM_SETTING_802_1X_PRIVATE_KEY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL, + certificate_to_string, + certificate_from_string, + NULL, + NULL); + + widget = nmt_password_fields_new(40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("User privkey password"), widget, NULL); +} + +static void +eap_method_populate_ttls(EapMethod *method, NmtNewtWidget *subgrid) +{ + NmtNewtWidget *widget; + NmtNewtPopupEntry ttls_inner_methods[] = {{N_("PAP"), "pap"}, + {N_("MSCHAP"), "mschap"}, + {N_("MSCHAPv2"), "eap-mschapv2"}, + {N_("MSCHAPv2 (no EAP)"), "mschapv2"}, + {N_("CHAP"), "chap"}, + {N_("MD5"), "eap-md5"}, + {N_("GTC"), "eap-gtc"}, + {NULL, NULL}}; + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Anonymous identity"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_ANONYMOUS_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL); + nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL); + g_object_bind_property_full(method->setting, + NM_SETTING_802_1X_CA_CERT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL, + certificate_to_string, + certificate_from_string, + NULL, + NULL); + + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_CA_CERT_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL); + + widget = nmt_newt_popup_new(ttls_inner_methods); + method->inner_popup = widget; + g_signal_connect(widget, + "notify::active-id", + G_CALLBACK(phase2_auth_widget_changed), + method->setting); + g_signal_connect(method->setting, + "notify::" NM_SETTING_802_1X_PHASE2_AUTH, + G_CALLBACK(phase2_auth_setting_changed), + widget); + g_signal_connect(method->setting, + "notify::" NM_SETTING_802_1X_PHASE2_AUTHEAP, + G_CALLBACK(phase2_auth_setting_changed), + widget); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Inner authentication"), widget, NULL); + + if (nm_setting_802_1x_get_num_eap_methods(method->setting) > 0 + && nm_streq0(nm_setting_802_1x_get_eap_method(method->setting, 0), "ttls")) { + phase2_auth_setting_changed(G_OBJECT(method->setting), NULL, widget); + } + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD + | NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PASSWORD_FLAGS, + widget, + "secret-flags", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL); +} + +static void +eap_method_populate_peap(EapMethod *method, NmtNewtWidget *subgrid) +{ + NmtNewtWidget *widget; + static NmtNewtPopupEntry peap_version_entries[] = {{N_("Automatic"), NULL}, + {N_("Version 0"), "0"}, + {N_("Version 1"), "1"}, + {NULL, NULL}}; + static NmtNewtPopupEntry peap_inner_methods[] = {{N_("MSCHAPv2"), "mschapv2"}, + {N_("MD5"), "md5"}, + {N_("GTC"), "gtc"}, + {NULL, NULL}}; + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Anonymous identity"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_ANONYMOUS_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Domain"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert"), widget, NULL); + nmt_newt_entry_set_validator(NMT_NEWT_ENTRY(widget), cert_validate, NULL); + g_object_bind_property_full(method->setting, + NM_SETTING_802_1X_CA_CERT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL, + certificate_to_string, + certificate_from_string, + NULL, + NULL); + + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_CA_CERT_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CA cert password"), widget, NULL); + + widget = nmt_newt_popup_new(peap_version_entries); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PHASE1_PEAPVER, + widget, + "active-id", + G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("PEAP version"), widget, NULL); + + widget = nmt_newt_popup_new(peap_inner_methods); + method->inner_popup = widget; + g_signal_connect(widget, + "notify::active-id", + G_CALLBACK(phase2_auth_widget_changed), + method->setting); + g_signal_connect(method->setting, + "notify::" NM_SETTING_802_1X_PHASE2_AUTH, + G_CALLBACK(phase2_auth_setting_changed), + widget); + g_signal_connect(method->setting, + "notify::" NM_SETTING_802_1X_PHASE2_AUTHEAP, + G_CALLBACK(phase2_auth_setting_changed), + widget); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Inner authentication"), widget, NULL); + + if (nm_setting_802_1x_get_num_eap_methods(method->setting) > 0 + && nm_streq0(nm_setting_802_1x_get_eap_method(method->setting, 0), "peap")) { + phase2_auth_setting_changed(G_OBJECT(method->setting), NULL, widget); + } + + widget = nmt_newt_entry_new(40, NMT_NEWT_ENTRY_NONEMPTY); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Username"), widget, NULL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_IDENTITY, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD + | NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PASSWORD, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + g_object_bind_property(method->setting, + NM_SETTING_802_1X_PASSWORD_FLAGS, + widget, + "secret-flags", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("Password"), widget, NULL); +} + +static void +eap_method_selected_tunneled(EapMethod *method) +{ + phase2_auth_widget_changed(G_OBJECT(method->inner_popup), NULL, method->setting); +} + +static const EapMethodDesc eap_method_descs[] = { + { + .id = "md5", + .label = N_("MD5"), + .only_for_wired = TRUE, + .populate = eap_method_populate_simple, + }, + { + .id = "pwd", + .label = N_("PWD"), + .populate = eap_method_populate_simple, + }, + { + .id = "tls", + .label = N_("TLS"), + .populate = eap_method_populate_tls, + }, + { + .id = "ttls", + .label = N_("TTLS"), + .populate = eap_method_populate_ttls, + .selected = eap_method_selected_tunneled, + }, + { + .id = "peap", + .label = N_("PEAP"), + .populate = eap_method_populate_peap, + .selected = eap_method_selected_tunneled, + }, + {}, +}; + +static void +eap_method_changed(GObject *object, GParamSpec *pspec, gpointer user_data) +{ + Nmt8021xFields *self = user_data; + Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self); + int active; + + active = nmt_newt_popup_get_active(NMT_NEWT_POPUP(priv->authentication)); + if (priv->eap_methods[active].desc->selected) + priv->eap_methods[active].desc->selected(&priv->eap_methods[active]); +} + +static void +nmt_8021x_fields_constructed(GObject *object) +{ + Nmt8021xFields *self = NMT_8021X_FIELDS(object); + Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self); + NmtEditorGrid *grid = NMT_EDITOR_GRID(object); + gs_unref_array GArray *entries = NULL; + NmtNewtStack *stack; + NmtNewtWidget *subgrid; + NmtNewtWidget *widget; + guint i, j; + EapMethod *method; + + /* Create the EAP methods popup */ + entries = g_array_new(TRUE, TRUE, sizeof(NmtNewtPopupEntry)); + for (i = 0; eap_method_descs[i].id; i++) { + NmtNewtPopupEntry entry; + + if (eap_method_descs[i].only_for_wired && !priv->is_wired) + continue; + + entry.label = (char *) eap_method_descs[i].label; + entry.id = (char *) eap_method_descs[i].id; + g_array_append_val(entries, entry); + } + priv->authentication = nmt_newt_popup_new((NmtNewtPopupEntry *) entries->data); + nmt_editor_grid_append(grid, "Authentication", NMT_NEWT_WIDGET(priv->authentication), NULL); + + widget = nmt_newt_stack_new(); + stack = NMT_NEWT_STACK(widget); + + /* Instantiate EAP methods and populate widgets */ + priv->eap_methods = g_new0(EapMethod, G_N_ELEMENTS(eap_method_descs)); + for (i = 0, j = 0; eap_method_descs[i].id; i++) { + if (eap_method_descs[i].only_for_wired && !priv->is_wired) + continue; + + method = &priv->eap_methods[j++]; + method->desc = &eap_method_descs[i]; + method->setting = priv->setting; + + subgrid = nmt_editor_grid_new(); + method->desc->populate(method, subgrid); + nmt_newt_stack_add(stack, method->desc->id, subgrid); + } + + g_object_bind_property(priv->authentication, + "active-id", + stack, + "active-id", + G_BINDING_SYNC_CREATE); + g_object_bind_property_full(priv->setting, + NM_SETTING_802_1X_EAP, + priv->authentication, + "active-id", + G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE, + eap_methods_to_string, + eap_methods_from_string, + NULL, + NULL); + + /* When the popup value changes, in addition to updating the stack and the setting, + * we need to refresh the selected EAP method's widget to ensure the setting and + * the widget are in sync. */ + g_signal_connect(priv->authentication, + "notify::active-id", + G_CALLBACK(eap_method_changed), + self); + + nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL); + + G_OBJECT_CLASS(nmt_8021x_fields_parent_class)->constructed(object); +} + +static void +nmt_8021x_fields_finalize(GObject *object) +{ + Nmt8021xFields *self = NMT_8021X_FIELDS(object); + Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self); + + nm_clear_g_free(&priv->eap_methods); + g_clear_object(&priv->authentication); + + G_OBJECT_CLASS(nmt_8021x_fields_parent_class)->finalize(object); +} + +static void +nmt_8021x_fields_set_property(GObject *object, + guint prop_id, + const GValue *value, + GParamSpec *pspec) +{ + Nmt8021xFields *self = NMT_8021X_FIELDS(object); + Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self); + + switch (prop_id) { + case PROP_SETTING: + priv->setting = g_object_ref(g_value_get_object(value)); + break; + case PROP_IS_WIRED: + priv->is_wired = g_value_get_boolean(value); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); + break; + } +} + +static void +nmt_8021x_fields_get_property(GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) +{ + Nmt8021xFields *self = NMT_8021X_FIELDS(object); + Nmt8021xFieldsPrivate *priv = NMT_8021X_FIELDS_GET_PRIVATE(self); + + switch (prop_id) { + case PROP_SETTING: + g_value_set_object(value, priv->setting); + break; + case PROP_IS_WIRED: + g_value_set_boolean(value, priv->is_wired); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); + break; + } +} + +static void +nmt_8021x_fields_class_init(Nmt8021xFieldsClass *entry_class) +{ + GObjectClass *object_class = G_OBJECT_CLASS(entry_class); + + object_class->constructed = nmt_8021x_fields_constructed; + object_class->finalize = nmt_8021x_fields_finalize; + object_class->set_property = nmt_8021x_fields_set_property; + object_class->get_property = nmt_8021x_fields_get_property; + + /** + * Nmt8021xFields:setting: + * + * The backing 802.1X setting + */ + g_object_class_install_property( + object_class, + PROP_SETTING, + g_param_spec_object("setting", + "", + "", + NM_TYPE_SETTING_802_1X, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS)); + /** + * Nmt8021xFields:is-wired + * + * Whether the setting is for a wired connection + */ + g_object_class_install_property( + object_class, + PROP_IS_WIRED, + g_param_spec_boolean("is-wired", + "", + "", + FALSE, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS)); +} diff --git a/src/nmtui/nmt-8021x-fields.h b/src/nmtui/nmt-8021x-fields.h new file mode 100644 index 0000000000..815de313cf --- /dev/null +++ b/src/nmtui/nmt-8021x-fields.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* + * Copyright (C) 2022 Red Hat, Inc. + */ + +#ifndef NMT_8021X_FIELDS_H +#define NMT_8021X_FIELDS_H + +#include "libnmt-newt/nmt-newt.h" + +#define NMT_TYPE_8021X_FIELDS (nmt_8021x_fields_get_type()) +#define NMT_8021X_FIELDS(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_8021X_FIELDS, Nmt8021xFields)) +#define NMT_8021X_FIELDS_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_8021X_FIELDS, Nmt8021xFieldsClass)) +#define NMT_IS_8021X_FIELDS(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_8021X_FIELDS)) +#define NMT_IS_8021X_FIELDS_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_8021X_FIELDS)) +#define NMT_8021X_FIELDS_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_8021X_FIELDS, Nmt8021xFieldsClass)) + +typedef struct _Nmt8021xFields Nmt8021xFields; + +typedef struct _Nmt8021xFieldsClass Nmt8021xFieldsClass; + +GType nmt_8021x_fields_get_type(void); + +NmtNewtWidget *nmt_8021x_fields_new(NMSetting8021x *setting, gboolean is_wired); + +#endif /* NMT_8021X_FIELDS_H */ diff --git a/src/nmtui/nmt-connect-connection-list.c b/src/nmtui/nmt-connect-connection-list.c index f111e6572b..5d771b618e 100644 --- a/src/nmtui/nmt-connect-connection-list.c +++ b/src/nmtui/nmt-connect-connection-list.c @@ -100,6 +100,7 @@ static const char *device_sort_order[] = {"NMDeviceEthernet", NM_SETTING_TEAM_SETTING_NAME, NM_SETTING_BRIDGE_SETTING_NAME, NM_SETTING_IP_TUNNEL_SETTING_NAME, + NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_WIREGUARD_SETTING_NAME, NM_SETTING_TUN_SETTING_NAME, "NMDeviceModem", diff --git a/src/nmtui/nmt-editor.c b/src/nmtui/nmt-editor.c index 427ac0178b..9a64333afc 100644 --- a/src/nmtui/nmt-editor.c +++ b/src/nmtui/nmt-editor.c @@ -35,6 +35,7 @@ #include "nmt-page-ip-tunnel.h" #include "nmt-page-ip4.h" #include "nmt-page-ip6.h" +#include "nmt-page-macsec.h" #include "nmt-page-ppp.h" #include "nmt-page-team.h" #include "nmt-page-team-port.h" @@ -362,6 +363,8 @@ nmt_editor_constructed(GObject *object) page = nmt_page_bridge_new(priv->edit_connection, deventry); else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_INFINIBAND_SETTING_NAME)) page = nmt_page_infiniband_new(priv->edit_connection, deventry); + else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_MACSEC_SETTING_NAME)) + page = nmt_page_macsec_new(priv->edit_connection, deventry); else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_PPPOE_SETTING_NAME)) page = nmt_page_dsl_new(priv->edit_connection, deventry); else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_TEAM_SETTING_NAME)) diff --git a/src/nmtui/nmt-page-ethernet.c b/src/nmtui/nmt-page-ethernet.c index 89026d0f6a..77abbb405e 100644 --- a/src/nmtui/nmt-page-ethernet.c +++ b/src/nmtui/nmt-page-ethernet.c @@ -18,9 +18,27 @@ #include "libnm-core-aux-intern/nm-libnm-core-utils.h" #include "nmt-mac-entry.h" #include "nmt-mtu-entry.h" +#include "nmt-8021x-fields.h" + +typedef struct { + NMSetting8021x *s_8021x; + NmtNewtWidget *dot1x_fields; +} NmtPageEthernetPrivate; + +struct _NmtPageEthernet { + NmtEditorPageDevice parent; + NmtPageEthernetPrivate _priv; +}; + +struct _NmtPageEthernetClass { + NmtEditorPageDeviceClass parent; +}; G_DEFINE_TYPE(NmtPageEthernet, nmt_page_ethernet, NMT_TYPE_EDITOR_PAGE_DEVICE) +#define NMT_PAGE_ETHERNET_GET_PRIVATE(self) \ + _NM_GET_PRIVATE(self, NmtPageEthernet, NMT_IS_PAGE_ETHERNET) + NmtEditorPage * nmt_page_ethernet_new(NMConnection *conn, NmtDeviceEntry *deventry) { @@ -32,19 +50,53 @@ nmt_page_ethernet_init(NmtPageEthernet *ethernet) {} static void +checkbox_8021x_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data) +{ + NMConnection *conn; + NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(user_data); + NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(ethernet); + gboolean active; + gboolean has; + + conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(ethernet)); + active = nmt_newt_checkbox_get_active(NMT_NEWT_CHECKBOX(widget)); + has = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X); + + if (active != has) { + if (active) + nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x)); + else + nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X); + } + + nmt_newt_widget_set_visible(NMT_NEWT_WIDGET(priv->dot1x_fields), active); +} + +static void nmt_page_ethernet_constructed(GObject *object) { - NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(object); - NmtDeviceEntry *deventry; - NmtEditorSection *section; - NmtEditorGrid *grid; - NMSettingWired *s_wired; - NmtNewtWidget *widget; - NMConnection *conn; + NmtPageEthernet *ethernet = NMT_PAGE_ETHERNET(object); + NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(object); + NmtDeviceEntry *deventry; + NmtEditorSection *section; + NmtEditorGrid *grid; + NMSettingWired *s_wired; + NMSetting8021x *s_8021x; + NmtNewtWidget *widget; + NMConnection *conn; + gboolean has_8021x; conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(ethernet)); s_wired = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_WIRED); + s_8021x = nm_connection_get_setting_802_1x(conn); + has_8021x = !!s_8021x; + if (!s_8021x) { + s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new()); + nm_setting_802_1x_add_eap_method(s_8021x, "TLS"); + } + priv->s_8021x = g_object_ref(s_8021x); + deventry = nmt_editor_page_device_get_device_entry(NMT_EDITOR_PAGE_DEVICE(object)); g_object_bind_property(s_wired, NM_SETTING_WIRED_MAC_ADDRESS, @@ -73,13 +125,37 @@ nmt_page_ethernet_constructed(GObject *object) nmt_editor_page_add_section(NMT_EDITOR_PAGE(ethernet), section); + /* 802.1X security */ + section = nmt_editor_section_new(_("802.1X SECURITY"), NULL, has_8021x); + grid = nmt_editor_section_get_body(section); + widget = nmt_newt_checkbox_new(_("Enable 802.1X security")); + + nmt_newt_checkbox_set_active(NMT_NEWT_CHECKBOX(widget), has_8021x); + g_signal_connect(widget, "notify::active", G_CALLBACK(checkbox_8021x_changed), ethernet); + nmt_editor_grid_append(grid, NULL, widget, NULL); + priv->dot1x_fields = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE)); + checkbox_8021x_changed(widget, NULL, ethernet); + nmt_editor_grid_append(grid, NULL, priv->dot1x_fields, NULL); + nmt_editor_page_add_section(NMT_EDITOR_PAGE(ethernet), section); + G_OBJECT_CLASS(nmt_page_ethernet_parent_class)->constructed(object); } static void +nmt_page_ethernet_finalize(GObject *object) +{ + NmtPageEthernetPrivate *priv = NMT_PAGE_ETHERNET_GET_PRIVATE(object); + + g_clear_object(&priv->s_8021x); + + G_OBJECT_CLASS(nmt_page_ethernet_parent_class)->finalize(object); +} + +static void nmt_page_ethernet_class_init(NmtPageEthernetClass *ethernet_class) { GObjectClass *object_class = G_OBJECT_CLASS(ethernet_class); object_class->constructed = nmt_page_ethernet_constructed; + object_class->finalize = nmt_page_ethernet_finalize; } diff --git a/src/nmtui/nmt-page-ethernet.h b/src/nmtui/nmt-page-ethernet.h index f7e6cf15c5..d5f4c8d1ca 100644 --- a/src/nmtui/nmt-page-ethernet.h +++ b/src/nmtui/nmt-page-ethernet.h @@ -18,15 +18,8 @@ #define NMT_PAGE_ETHERNET_GET_CLASS(obj) \ (G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_ETHERNET, NmtPageEthernetClass)) -typedef struct { - NmtEditorPageDevice parent; - -} NmtPageEthernet; - -typedef struct { - NmtEditorPageDeviceClass parent; - -} NmtPageEthernetClass; +typedef struct _NmtPageEthernet NmtPageEthernet; +typedef struct _NmtPageEthernetClass NmtPageEthernetClass; GType nmt_page_ethernet_get_type(void); diff --git a/src/nmtui/nmt-page-macsec.c b/src/nmtui/nmt-page-macsec.c new file mode 100644 index 0000000000..6a0174868c --- /dev/null +++ b/src/nmtui/nmt-page-macsec.c @@ -0,0 +1,196 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* + * Copyright (C) 2022 Red Hat, Inc. + */ +/** + * SECTION:nmt-page-macsec + * @short_description: The editor page for MACsec connections + */ + +#include "libnm-client-aux-extern/nm-default-client.h" + +#include "nmt-page-macsec.h" + +#include "libnm-core-aux-intern/nm-libnm-core-utils.h" +#include "nmt-device-entry.h" +#include "nmt-password-fields.h" +#include "nmt-8021x-fields.h" + +typedef struct { + NMSetting8021x *s_8021x; +} NmtPageMacsecPrivate; + +struct _NmtPageMacsec { + NmtEditorPageDevice parent; + NmtPageMacsecPrivate _priv; +}; + +struct _NmtPageMacsecClass { + NmtEditorPageDeviceClass parent; +}; + +G_DEFINE_TYPE(NmtPageMacsec, nmt_page_macsec, NMT_TYPE_EDITOR_PAGE_DEVICE) + +#define NMT_PAGE_MACSEC_GET_PRIVATE(self) _NM_GET_PRIVATE(self, NmtPageMacsec, NMT_IS_PAGE_MACSEC) + +static void +nmt_page_macsec_init(NmtPageMacsec *macsec) +{} + +NmtEditorPage * +nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry) +{ + return g_object_new(NMT_TYPE_PAGE_MACSEC, "connection", conn, "device-entry", deventry, NULL); +} + +static void +macsec_mode_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data) +{ + NmtPageMacsec *macsec = user_data; + NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec); + NMConnection *conn; + gboolean mode_eap; + gboolean has_setting; + + conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec)); + has_setting = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X); + mode_eap = nmt_newt_popup_get_active(NMT_NEWT_POPUP(widget)) == NM_SETTING_MACSEC_MODE_EAP; + + if (mode_eap != has_setting) { + if (mode_eap) + nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x)); + else + nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X); + } +} + +static NmtNewtPopupEntry macsec_mode[] = {{N_("PSK"), "psk"}, {N_("EAP"), "eap"}, {NULL, NULL}}; + +static NmtNewtPopupEntry macsec_validation[] = {{N_("Disabled"), "disabled"}, + {N_("Check"), "check"}, + {N_("Strict"), "strict"}, + {NULL, NULL}}; + +static void +nmt_page_macsec_constructed(GObject *object) +{ + NmtPageMacsec *macsec = NMT_PAGE_MACSEC(object); + NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec); + NMConnection *conn; + NMSettingMacsec *s_macsec; + NMSetting8021x *s_8021x; + NmtNewtStack *stack; + NmtEditorSection *section; + NmtEditorGrid *grid; + NmtNewtWidget *subgrid; + NmtNewtWidget *widget; + NmtNewtWidget *mode; + + conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec)); + s_macsec = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_MACSEC); + + s_8021x = nm_connection_get_setting_802_1x(conn); + if (!s_8021x) { + s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new()); + nm_setting_802_1x_add_eap_method(s_8021x, "MD5"); + } + priv->s_8021x = g_object_ref(s_8021x); + + section = nmt_editor_section_new(_("MACsec"), NULL, TRUE); + grid = nmt_editor_section_get_body(section); + + widget = nmt_device_entry_new(_("Parent device"), 40, G_TYPE_NONE); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_PARENT, + widget, + "interface-name", + G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); + nmt_editor_grid_append(grid, NULL, widget, NULL); + + nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL); + + widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_mode); + nmt_editor_grid_append(grid, _("Mode"), widget, NULL); + mode = widget; + + widget = nmt_newt_stack_new(); + stack = NMT_NEWT_STACK(widget); + + /* PSK stack grid */ + subgrid = nmt_editor_grid_new(); + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MKA_CAK, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CAK"), widget, NULL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CKN"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MKA_CKN, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + nmt_newt_stack_add(stack, "psk", subgrid); + + /* EAP stack grid */ + subgrid = nmt_editor_grid_new(); + widget = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE)); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), NULL, widget, NULL); + nmt_newt_stack_add(stack, "eap", subgrid); + + g_object_bind_property(mode, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE); + nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL); + + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MODE, + mode, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + g_signal_connect(mode, "notify::active", G_CALLBACK(macsec_mode_changed), macsec); + macsec_mode_changed(mode, NULL, macsec); + + nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL); + + /* Other MACsec options */ + widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_validation); + nmt_editor_grid_append(grid, _("Validation"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_VALIDATION, + widget, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(grid, _("SCI port"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_PORT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_checkbox_new(_("Encrypt traffic")); + nmt_editor_grid_append(grid, NULL, widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_ENCRYPT, + widget, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + nmt_editor_page_add_section(NMT_EDITOR_PAGE(macsec), section); + + G_OBJECT_CLASS(nmt_page_macsec_parent_class)->constructed(object); +} + +static void +nmt_page_macsec_class_init(NmtPageMacsecClass *macsec_class) +{ + GObjectClass *object_class = G_OBJECT_CLASS(macsec_class); + + object_class->constructed = nmt_page_macsec_constructed; +} diff --git a/src/nmtui/nmt-page-macsec.h b/src/nmtui/nmt-page-macsec.h new file mode 100644 index 0000000000..5427c71571 --- /dev/null +++ b/src/nmtui/nmt-page-macsec.h @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* + * Copyright (C) 2022 Red Hat, Inc. + */ + +#ifndef NMT_PAGE_MACSEC_H +#define NMT_PAGE_MACSEC_H + +#include "nmt-editor-page-device.h" + +#define NMT_TYPE_PAGE_MACSEC (nmt_page_macsec_get_type()) +#define NMT_PAGE_MACSEC(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsec)) +#define NMT_PAGE_MACSEC_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass)) +#define NMT_IS_PAGE_MACSEC(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_PAGE_MACSEC)) +#define NMT_IS_PAGE_MACSEC_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_PAGE_MACSEC)) +#define NMT_PAGE_MACSEC_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass)) + +typedef struct _NmtPageMacsec NmtPageMacsec; +typedef struct _NmtPageMacsecClass NmtPageMacsecClass; + +GType nmt_page_macsec_get_type(void); + +NmtEditorPage *nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry); + +#endif /* NMT_PAGE_MACSEC_H */ diff --git a/src/nmtui/nmt-page-wifi.c b/src/nmtui/nmt-page-wifi.c index b76463445a..55feaee256 100644 --- a/src/nmtui/nmt-page-wifi.c +++ b/src/nmtui/nmt-page-wifi.c @@ -23,6 +23,7 @@ #include "nmt-mac-entry.h" #include "nmt-mtu-entry.h" #include "nmt-password-fields.h" +#include "nmt-8021x-fields.h" #include "nm-editor-bindings.h" @@ -33,6 +34,7 @@ G_DEFINE_TYPE(NmtPageWifi, nmt_page_wifi, NMT_TYPE_EDITOR_PAGE_DEVICE) typedef struct { NMSettingWirelessSecurity *s_wsec; + NMSetting8021x *s_8021x; } NmtPageWifiPrivate; @@ -166,6 +168,7 @@ nmt_page_wifi_constructed(GObject *object) NmtEditorGrid *grid; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wsec; + NMSetting8021x *s_8021x; NmtNewtWidget *widget, *hbox, *subgrid; NmtNewtWidget *mode, *band, *security, *entry; NmtNewtStack *stack; @@ -181,7 +184,14 @@ nmt_page_wifi_constructed(GObject *object) */ s_wsec = NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new()); } - priv->s_wsec = g_object_ref_sink(s_wsec); + priv->s_wsec = g_object_ref(s_wsec); + + s_8021x = nm_connection_get_setting_802_1x(conn); + if (!s_8021x) { + s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new()); + nm_setting_802_1x_add_eap_method(s_8021x, "TLS"); + } + priv->s_8021x = g_object_ref(s_8021x); deventry = nmt_editor_page_device_get_device_entry(NMT_EDITOR_PAGE_DEVICE(object)); g_object_bind_property(s_wireless, @@ -279,9 +289,7 @@ nmt_page_wifi_constructed(GObject *object) nmt_newt_stack_add(stack, "wpa3-personal", subgrid); /* "wpa-enterprise" */ - // FIXME - widget = nmt_newt_label_new(_("(No support for wpa-enterprise yet...)")); - nmt_newt_stack_add(stack, "wpa-enterprise", widget); + nmt_newt_stack_add(stack, "wpa-enterprise", nmt_8021x_fields_new(s_8021x, FALSE)); /* wep-key */ subgrid = nmt_editor_grid_new(); @@ -355,6 +363,7 @@ nmt_page_wifi_constructed(GObject *object) g_object_bind_property(security, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE); nm_editor_bind_wireless_security_method(conn, s_wsec, + s_8021x, security, "active-id", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); diff --git a/src/nmtui/nmt-password-fields.c b/src/nmtui/nmt-password-fields.c index 09573c727f..2aad77ecf6 100644 --- a/src/nmtui/nmt-password-fields.c +++ b/src/nmtui/nmt-password-fields.c @@ -25,7 +25,7 @@ typedef struct { NmtPasswordFieldsExtras extras; NmtNewtEntry *entry; - NmtNewtCheckbox *always_ask; + NmtNewtPopup *secret_flags; NmtNewtCheckbox *show_password; char *init_password; @@ -37,7 +37,7 @@ enum { PROP_WIDTH, PROP_EXTRAS, PROP_PASSWORD, - PROP_ALWAYS_ASK, + PROP_SECRET_FLAGS, PROP_SHOW_PASSWORD, LAST_PROP @@ -45,8 +45,9 @@ enum { /** * NmtPasswordFieldsExtras: - * @NMT_PASSWORD_FIELDS_ALWAYS_ASK: show an "Always ask" checkbox + * @NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS: show the secret flags popup * @NMT_PASSWORD_FIELDS_SHOW_PASSWORD: show a "Show password" checkbox + * @NMT_PASSWORD_FIELDS_NOT_EMPTY: return NULL instead of empty string * * Extra widgets to include in an #NmtPasswordFields */ @@ -82,30 +83,64 @@ static const char * nmt_password_fields_get_password(NmtPasswordFields *fields) { NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields); + const char *text; - return nmt_newt_entry_get_text(priv->entry); + text = nmt_newt_entry_get_text(priv->entry); + if (priv->extras & NMT_PASSWORD_FIELDS_NOT_EMPTY) + return nm_str_not_empty(text); + + return text; } static void -always_ask_changed(GObject *object, GParamSpec *pspec, gpointer fields) +show_password_changed(GObject *object, GParamSpec *pspec, gpointer fields) { - g_object_notify(fields, "always-ask"); + g_object_notify(fields, "show-password"); } static void -show_password_changed(GObject *object, GParamSpec *pspec, gpointer fields) +secret_flags_changed(GObject *object, GParamSpec *pspec, gpointer fields) { - g_object_notify(fields, "show-password"); + g_object_notify(fields, "secret-flags"); +} + +static guint +secret_flags_from_popup_idx(guint idx) +{ + switch (idx) { + case 1: + return NM_SETTING_SECRET_FLAG_AGENT_OWNED; + case 2: + return NM_SETTING_SECRET_FLAG_NOT_SAVED; + default: + case 0: + return NM_SETTING_SECRET_FLAG_NONE; + } +} + +static guint +secret_flags_to_popup_idx(guint flags) +{ + if (flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) + return 1; + if (flags & NM_SETTING_SECRET_FLAG_NOT_SAVED) + return 2; + return 0; } static void nmt_password_fields_init(NmtPasswordFields *fields) { - NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields); - - priv->entry = NMT_NEWT_ENTRY(nmt_newt_entry_new(-1, 0)); - priv->always_ask = - NMT_NEWT_CHECKBOX(nmt_newt_checkbox_new(_("Ask for this password every time"))); + NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(fields); + NmtNewtPopupEntry entries[] = { + {_("Store password for all users"), NULL}, + {_("Store password only for this user"), NULL}, + {_("Ask password every time"), NULL}, + {}, + }; + + priv->entry = NMT_NEWT_ENTRY(nmt_newt_entry_new(-1, 0)); + priv->secret_flags = NMT_NEWT_POPUP(nmt_newt_popup_new(entries)); priv->show_password = NMT_NEWT_CHECKBOX(nmt_newt_checkbox_new(_("Show password"))); } @@ -114,20 +149,12 @@ nmt_password_fields_constructed(GObject *object) { NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(object); NmtNewtGrid *grid = NMT_NEWT_GRID(object); + guint row = 0; - nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->entry), 0, 0); - - if (priv->extras & NMT_PASSWORD_FIELDS_ALWAYS_ASK) { - nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->always_ask), 0, 1); - g_signal_connect(priv->always_ask, - "notify::active", - G_CALLBACK(always_ask_changed), - object); - } else - g_clear_object(&priv->always_ask); + nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->entry), 0, row++); if (priv->extras & NMT_PASSWORD_FIELDS_SHOW_PASSWORD) { - nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->show_password), 0, 2); + nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->show_password), 0, row++); g_signal_connect(priv->show_password, "notify::active", G_CALLBACK(show_password_changed), @@ -140,6 +167,15 @@ nmt_password_fields_constructed(GObject *object) } else g_clear_object(&priv->show_password); + if (priv->extras & NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS) { + nmt_newt_grid_add(grid, NMT_NEWT_WIDGET(priv->secret_flags), 0, row++); + g_signal_connect(priv->secret_flags, + "notify::active-id", + G_CALLBACK(secret_flags_changed), + object); + } else + g_clear_object(&priv->secret_flags); + g_object_bind_property(priv->entry, "text", object, @@ -154,9 +190,9 @@ nmt_password_fields_finalize(GObject *object) { NmtPasswordFieldsPrivate *priv = NMT_PASSWORD_FIELDS_GET_PRIVATE(object); - if (priv->always_ask) { - g_signal_handlers_disconnect_by_func(priv->always_ask, - G_CALLBACK(always_ask_changed), + if (priv->secret_flags) { + g_signal_handlers_disconnect_by_func(priv->secret_flags, + G_CALLBACK(secret_flags_changed), object); } if (priv->show_password) { @@ -188,13 +224,12 @@ nmt_password_fields_set_property(GObject *object, case PROP_PASSWORD: nmt_password_fields_set_password(fields, g_value_get_string(value)); break; - case PROP_ALWAYS_ASK: - if (priv->always_ask) - nmt_newt_checkbox_set_active(priv->always_ask, g_value_get_boolean(value)); + case PROP_SECRET_FLAGS: + nmt_newt_popup_set_active(priv->secret_flags, + secret_flags_to_popup_idx(g_value_get_uint(value))); break; case PROP_SHOW_PASSWORD: - if (priv->show_password) - nmt_newt_checkbox_set_active(priv->show_password, g_value_get_boolean(value)); + nmt_newt_checkbox_set_active(priv->show_password, g_value_get_boolean(value)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); @@ -218,13 +253,13 @@ nmt_password_fields_get_property(GObject *object, guint prop_id, GValue *value, case PROP_PASSWORD: g_value_set_string(value, nmt_password_fields_get_password(entry)); break; - case PROP_ALWAYS_ASK: - if (priv->always_ask) - g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->always_ask)); + case PROP_SECRET_FLAGS: + g_value_set_uint( + value, + secret_flags_from_popup_idx(nmt_newt_popup_get_active(priv->secret_flags))); break; case PROP_SHOW_PASSWORD: - if (priv->show_password) - g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->show_password)); + g_value_set_boolean(value, nmt_newt_checkbox_get_active(priv->show_password)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); @@ -279,18 +314,19 @@ nmt_password_fields_class_init(NmtPasswordFieldsClass *entry_class) PROP_PASSWORD, g_param_spec_string("password", "", "", NULL, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); /** - * NmtPasswordFields:always-ask: + * NmtPasswordFields:secret-flags: * - * The current state of the "Always ask" checkbox. + * The current state of the "Secret flags" popup. */ - g_object_class_install_property( - object_class, - PROP_ALWAYS_ASK, - g_param_spec_boolean("always-ask", - "", - "", - FALSE, - G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); + g_object_class_install_property(object_class, + PROP_SECRET_FLAGS, + g_param_spec_uint("secret-flags", + "", + "", + 0, + G_MAXUINT, + 0, + G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS)); /** * NmtPasswordFields:show-password: * diff --git a/src/nmtui/nmt-password-fields.h b/src/nmtui/nmt-password-fields.h index 3e3d8145bd..7fd0d94203 100644 --- a/src/nmtui/nmt-password-fields.h +++ b/src/nmtui/nmt-password-fields.h @@ -32,8 +32,9 @@ typedef struct { GType nmt_password_fields_get_type(void); typedef enum { - NMT_PASSWORD_FIELDS_ALWAYS_ASK = (1 << 0), - NMT_PASSWORD_FIELDS_SHOW_PASSWORD = (1 << 1), + NMT_PASSWORD_FIELDS_SHOW_SECRET_FLAGS = (1 << 0), + NMT_PASSWORD_FIELDS_SHOW_PASSWORD = (1 << 1), + NMT_PASSWORD_FIELDS_NOT_EMPTY = (1 << 2), /* Return NULL instead of empty string */ } NmtPasswordFieldsExtras; NmtNewtWidget *nmt_password_fields_new(int width, NmtPasswordFieldsExtras extras); |