diff options
Diffstat (limited to 'src/nmtui/nmt-page-macsec.c')
-rw-r--r-- | src/nmtui/nmt-page-macsec.c | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/src/nmtui/nmt-page-macsec.c b/src/nmtui/nmt-page-macsec.c new file mode 100644 index 0000000000..6a0174868c --- /dev/null +++ b/src/nmtui/nmt-page-macsec.c @@ -0,0 +1,196 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* + * Copyright (C) 2022 Red Hat, Inc. + */ +/** + * SECTION:nmt-page-macsec + * @short_description: The editor page for MACsec connections + */ + +#include "libnm-client-aux-extern/nm-default-client.h" + +#include "nmt-page-macsec.h" + +#include "libnm-core-aux-intern/nm-libnm-core-utils.h" +#include "nmt-device-entry.h" +#include "nmt-password-fields.h" +#include "nmt-8021x-fields.h" + +typedef struct { + NMSetting8021x *s_8021x; +} NmtPageMacsecPrivate; + +struct _NmtPageMacsec { + NmtEditorPageDevice parent; + NmtPageMacsecPrivate _priv; +}; + +struct _NmtPageMacsecClass { + NmtEditorPageDeviceClass parent; +}; + +G_DEFINE_TYPE(NmtPageMacsec, nmt_page_macsec, NMT_TYPE_EDITOR_PAGE_DEVICE) + +#define NMT_PAGE_MACSEC_GET_PRIVATE(self) _NM_GET_PRIVATE(self, NmtPageMacsec, NMT_IS_PAGE_MACSEC) + +static void +nmt_page_macsec_init(NmtPageMacsec *macsec) +{} + +NmtEditorPage * +nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry) +{ + return g_object_new(NMT_TYPE_PAGE_MACSEC, "connection", conn, "device-entry", deventry, NULL); +} + +static void +macsec_mode_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data) +{ + NmtPageMacsec *macsec = user_data; + NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec); + NMConnection *conn; + gboolean mode_eap; + gboolean has_setting; + + conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec)); + has_setting = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X); + mode_eap = nmt_newt_popup_get_active(NMT_NEWT_POPUP(widget)) == NM_SETTING_MACSEC_MODE_EAP; + + if (mode_eap != has_setting) { + if (mode_eap) + nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x)); + else + nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X); + } +} + +static NmtNewtPopupEntry macsec_mode[] = {{N_("PSK"), "psk"}, {N_("EAP"), "eap"}, {NULL, NULL}}; + +static NmtNewtPopupEntry macsec_validation[] = {{N_("Disabled"), "disabled"}, + {N_("Check"), "check"}, + {N_("Strict"), "strict"}, + {NULL, NULL}}; + +static void +nmt_page_macsec_constructed(GObject *object) +{ + NmtPageMacsec *macsec = NMT_PAGE_MACSEC(object); + NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec); + NMConnection *conn; + NMSettingMacsec *s_macsec; + NMSetting8021x *s_8021x; + NmtNewtStack *stack; + NmtEditorSection *section; + NmtEditorGrid *grid; + NmtNewtWidget *subgrid; + NmtNewtWidget *widget; + NmtNewtWidget *mode; + + conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec)); + s_macsec = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_MACSEC); + + s_8021x = nm_connection_get_setting_802_1x(conn); + if (!s_8021x) { + s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new()); + nm_setting_802_1x_add_eap_method(s_8021x, "MD5"); + } + priv->s_8021x = g_object_ref(s_8021x); + + section = nmt_editor_section_new(_("MACsec"), NULL, TRUE); + grid = nmt_editor_section_get_body(section); + + widget = nmt_device_entry_new(_("Parent device"), 40, G_TYPE_NONE); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_PARENT, + widget, + "interface-name", + G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); + nmt_editor_grid_append(grid, NULL, widget, NULL); + + nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL); + + widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_mode); + nmt_editor_grid_append(grid, _("Mode"), widget, NULL); + mode = widget; + + widget = nmt_newt_stack_new(); + stack = NMT_NEWT_STACK(widget); + + /* PSK stack grid */ + subgrid = nmt_editor_grid_new(); + widget = + nmt_password_fields_new(40, + NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MKA_CAK, + widget, + "password", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CAK"), widget, NULL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CKN"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MKA_CKN, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + nmt_newt_stack_add(stack, "psk", subgrid); + + /* EAP stack grid */ + subgrid = nmt_editor_grid_new(); + widget = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE)); + nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), NULL, widget, NULL); + nmt_newt_stack_add(stack, "eap", subgrid); + + g_object_bind_property(mode, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE); + nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL); + + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_MODE, + mode, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + g_signal_connect(mode, "notify::active", G_CALLBACK(macsec_mode_changed), macsec); + macsec_mode_changed(mode, NULL, macsec); + + nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL); + + /* Other MACsec options */ + widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_validation); + nmt_editor_grid_append(grid, _("Validation"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_VALIDATION, + widget, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_entry_new(40, 0); + nmt_editor_grid_append(grid, _("SCI port"), widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_PORT, + widget, + "text", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + widget = nmt_newt_checkbox_new(_("Encrypt traffic")); + nmt_editor_grid_append(grid, NULL, widget, NULL); + g_object_bind_property(s_macsec, + NM_SETTING_MACSEC_ENCRYPT, + widget, + "active", + G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); + + nmt_editor_page_add_section(NMT_EDITOR_PAGE(macsec), section); + + G_OBJECT_CLASS(nmt_page_macsec_parent_class)->constructed(object); +} + +static void +nmt_page_macsec_class_init(NmtPageMacsecClass *macsec_class) +{ + GObjectClass *object_class = G_OBJECT_CLASS(macsec_class); + + object_class->constructed = nmt_page_macsec_constructed; +} |