Attachment #21262 for bug #59004

View | Details | Raw Unified | Return to bug 59004
Collapse All | Expand All

Lines 1662-1667 config: keysize <n></property> Link Here

(-)a/properties/nm-openvpn-dialog.ui (+2 lines)
1662	<object class="GtkComboBox" id="hmacauth_combo">	1662	<object class="GtkComboBox" id="hmacauth_combo">
1663	<property name="visible">True</property>	1663	<property name="visible">True</property>
1664	<property name="can_focus">False</property>	1664	<property name="can_focus">False</property>
		1665	<property name="has-entry">True</property>
		1666	<property name="entry-text-column">0</property>
1665	<property name="tooltip_text" translatable="yes">Authenticate packets with HMAC using message digest algorithm. The default is SHA1.	1667	<property name="tooltip_text" translatable="yes">Authenticate packets with HMAC using message digest algorithm. The default is SHA1.
1666	config: auth</property>	1668	config: auth</property>
1667	<property name="model">model4</property>	1669	<property name="model">model4</property>




#define HMACAUTH_COL_NAME 0
#define HMACAUTH_COL_VALUE 1

static gboolean
query_digests (GtkListStore *store, const char *hmacauth, GtkTreeIter *found_iter)
{
	const char *openvpn_binary = nm_find_openvpn ();
	char *argv[3];
	gs_free gchar *tmp = NULL;
	gchar **lines, **line;
	GError *error = NULL;
	gboolean found = FALSE;

	if (!openvpn_binary)
		return FALSE;

	argv[0] = (char *) openvpn_binary;
	argv[1] = "--show-digests";
	argv[2] = NULL;

	if (!g_spawn_sync ("/", argv, NULL, 0, NULL, NULL, &tmp, NULL, NULL, &error)) {
		g_warning ("%s: couldn't determine digests: %s", __func__, error->message);
		g_clear_error (&error);
		return FALSE;
	}

	lines = g_strsplit (tmp, "\n", 0);
	for (line = lines; *line; line++) {
		const char *name = *line;
		const char *space;
		const char *p;
		gchar *digest;
		GtkTreeIter iter;

		/* Data lines: "<NAME> <number> bit digest size"
		 * Skip header lines that don't have a number as second token. */
		space = strchr (name, ' ');
		if (!space)
			continue;
		for (p = space + 1; *p && g_ascii_isdigit (*p); p++)
			;
		if (p == space + 1 || *p != ' ')
			continue;

		digest = g_strndup (name, space - name);
		gtk_list_store_append (store, &iter);
		gtk_list_store_set (store, &iter,
		                    HMACAUTH_COL_NAME, digest,
		                    HMACAUTH_COL_VALUE, digest,
		                    -1);
		if (!found && hmacauth && !g_ascii_strcasecmp (digest, hmacauth)) {
			*found_iter = iter;
			found = TRUE;
		}
		g_free (digest);
	}
	g_strfreev (lines);
	return found;
}

static gboolean
populate_hmacauth_combo (GtkComboBox *box, const char *hmacauth)
{
	gs_unref_object GtkListStore *store = NULL;
	GtkTreeIter iter;
	gboolean active_initialized;
	int i;
	static const struct {
		const char *name;
		const char *pretty_name;
	} items[] = {
		{ NM_OPENVPN_AUTH_NONE,      N_("None") },
		{ NM_OPENVPN_AUTH_RSA_MD4,   N_("RSA MD-4") },
		{ NM_OPENVPN_AUTH_MD5,       N_("MD-5") },
		{ NM_OPENVPN_AUTH_SHA1,      N_("SHA-1") },
		{ NM_OPENVPN_AUTH_SHA224,    N_("SHA-224") },
		{ NM_OPENVPN_AUTH_SHA256,    N_("SHA-256") },
		{ NM_OPENVPN_AUTH_SHA384,    N_("SHA-384") },
		{ NM_OPENVPN_AUTH_SHA512,    N_("SHA-512") },
		{ NM_OPENVPN_AUTH_RIPEMD160, N_("RIPEMD-160") },
	};

	store = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_STRING);
	gtk_combo_box_set_model (box, GTK_TREE_MODEL (store));

	/* Add default option which won't pass --auth to openvpn */
	gtk_list_store_append (store, &iter);
	gtk_list_store_set (store, &iter,
	                    HMACAUTH_COL_NAME, _("Default"),
	                    HMACAUTH_COL_VALUE, NULL,
	                    -1);

	active_initialized = query_digests (store, hmacauth, &iter);
	if (active_initialized)

		gtk_list_store_append (store, &iter);
		gtk_list_store_set (store, &iter,
		                    HMACAUTH_COL_NAME, _(items[i].pretty_name),
		                    HMACAUTH_COL_VALUE, name,
		                    -1);
		if (hmacauth && !g_ascii_strcasecmp (name, hmacauth)) {
			gtk_combo_box_set_active_iter (box, &iter);
			active_initialized = TRUE;
		}
	}

	if (!active_initialized) {
		gtk_list_store_append (store, &iter);
		gtk_list_store_set (store, &iter,
		                    HMACAUTH_COL_NAME, hmacauth,
		                    HMACAUTH_COL_VALUE, hmacauth,
		                    -1);
		gtk_combo_box_set_active_iter (box, &iter);
	else
		gtk_combo_box_set_active (box, hmacauth ? -1 : 0);

	return active_initialized;
}

#define TLS_REMOTE_MODE_NONE        "none"


	widget = GTK_WIDGET (gtk_builder_get_object (builder, "hmacauth_combo"));
	value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_AUTH);
	if (!populate_hmacauth_combo (GTK_COMBO_BOX (widget), value) && value) {
#if GTK_CHECK_VERSION(4,0,0)
		entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget)));
#else
		entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget)));
#endif
		gtk_editable_set_text (GTK_EDITABLE (entry), value);
	}

	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_entry"));
	combo = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_mode_combo"));

		                    -1);
		if (hmacauth)
			g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, hmacauth);
	} else {
#if GTK_CHECK_VERSION(4,0,0)
		entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget)));
#else
		entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget)));
#endif
		value = gtk_editable_get_text (GTK_EDITABLE (entry));
		if (value && *value)
			g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, g_strdup (value));
	}
	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_version_min"));
	value = gtk_editable_get_text (GTK_EDITABLE (entry));

Return to bug 59004

Lines 1007-1065 populate_cipher_combo (GtkComboBox box, const char user_cipher) Link Here

(-)a/properties/nm-openvpn-editor.c (-40 / +84 lines)
1007	#define HMACAUTH_COL_NAME 0	1007	#define HMACAUTH_COL_NAME 0
1008	#define HMACAUTH_COL_VALUE 1	1008	#define HMACAUTH_COL_VALUE 1
1009		1009
1010	static void	1010	static gboolean
		1011	query_digests (GtkListStore store, const char hmacauth, GtkTreeIter *found_iter)
		1012	{
		1013	const char *openvpn_binary = nm_find_openvpn ();
		1014	char *argv[3];
		1015	gs_free gchar *tmp = NULL;
		1016	gchar lines, line;
		1017	GError *error = NULL;
		1018	gboolean found = FALSE;
		1019
		1020	if (!openvpn_binary)
		1021	return FALSE;
		1022
		1023	argv[0] = (char *) openvpn_binary;
		1024	argv[1] = "--show-digests";
		1025	argv[2] = NULL;
		1026
		1027	if (!g_spawn_sync ("/", argv, NULL, 0, NULL, NULL, &tmp, NULL, NULL, &error)) {
		1028	g_warning ("%s: couldn't determine digests: %s", __func__, error->message);
		1029	g_clear_error (&error);
		1030	return FALSE;
		1031	}
		1032
		1033	lines = g_strsplit (tmp, "\n", 0);
		1034	for (line = lines; *line; line++) {
		1035	const char name = line;
		1036	const char *space;
		1037	const char *p;
		1038	gchar *digest;
		1039	GtkTreeIter iter;
		1040
		1041	/* Data lines: "<NAME> <number> bit digest size"
		1042	* Skip header lines that don't have a number as second token. */
		1043	space = strchr (name, ' ');
		1044	if (!space)
		1045	continue;
		1046	for (p = space + 1; p && g_ascii_isdigit (p); p++)
		1047	;
		1048	if (p == space + 1 \|\| *p != ' ')
		1049	continue;
		1050
		1051	digest = g_strndup (name, space - name);
		1052	gtk_list_store_append (store, &iter);
		1053	gtk_list_store_set (store, &iter,
		1054	HMACAUTH_COL_NAME, digest,
		1055	HMACAUTH_COL_VALUE, digest,
		1056	-1);
		1057	if (!found && hmacauth && !g_ascii_strcasecmp (digest, hmacauth)) {
		1058	*found_iter = iter;
		1059	found = TRUE;
		1060	}
		1061	g_free (digest);
		1062	}
		1063	g_strfreev (lines);
		1064	return found;
		1065	}
		1066
		1067	static gboolean
1011	populate_hmacauth_combo (GtkComboBox box, const char hmacauth)	1068	populate_hmacauth_combo (GtkComboBox box, const char hmacauth)
1012	{	1069	{
1013	gs_unref_object GtkListStore *store = NULL;	1070	gs_unref_object GtkListStore *store = NULL;
1014	GtkTreeIter iter;	1071	GtkTreeIter iter;
1015	gboolean active_initialized = FALSE;	1072	gboolean active_initialized;
1016	int i;
1017	static const struct {
1018	const char *name;
1019	const char *pretty_name;
1020	} items[] = {
1021	{ NM_OPENVPN_AUTH_NONE, N_("None") },
1022	{ NM_OPENVPN_AUTH_RSA_MD4, N_("RSA MD-4") },
1023	{ NM_OPENVPN_AUTH_MD5, N_("MD-5") },
1024	{ NM_OPENVPN_AUTH_SHA1, N_("SHA-1") },
1025	{ NM_OPENVPN_AUTH_SHA224, N_("SHA-224") },
1026	{ NM_OPENVPN_AUTH_SHA256, N_("SHA-256") },
1027	{ NM_OPENVPN_AUTH_SHA384, N_("SHA-384") },
1028	{ NM_OPENVPN_AUTH_SHA512, N_("SHA-512") },
1029	{ NM_OPENVPN_AUTH_RIPEMD160, N_("RIPEMD-160") },
1030	};
1031		1073
1032	store = gtk_list_store_new (3, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_BOOLEAN);	1074	store = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_STRING);
1033	gtk_combo_box_set_model (box, GTK_TREE_MODEL (store));	1075	gtk_combo_box_set_model (box, GTK_TREE_MODEL (store));
1034		1076
1035	/* Add default option which won't pass --auth to openvpn */	1077	/* Add default option which won't pass --auth to openvpn */
1036	gtk_list_store_append (store, &iter);	1078	gtk_list_store_append (store, &iter);
1037	gtk_list_store_set (store, &iter,	1079	gtk_list_store_set (store, &iter,
1038	HMACAUTH_COL_NAME, _("Default"),	1080	HMACAUTH_COL_NAME, _("Default"),
		1081	HMACAUTH_COL_VALUE, NULL,
1039	-1);	1082	-1);
1040		1083
1041	for (i = 0; i < G_N_ELEMENTS (items); i++) {	1084	active_initialized = query_digests (store, hmacauth, &iter);
1042	const char *name = items[i].name;	1085	if (active_initialized)
1043
1044	gtk_list_store_append (store, &iter);
1045	gtk_list_store_set (store, &iter,
1046	HMACAUTH_COL_NAME, _(items[i].pretty_name),
1047	HMACAUTH_COL_VALUE, name,
1048	-1);
1049	if (hmacauth && !g_ascii_strcasecmp (name, hmacauth)) {
1050	gtk_combo_box_set_active_iter (box, &iter);
1051	active_initialized = TRUE;
1052	}
1053	}
1054
1055	if (!active_initialized) {
1056	gtk_list_store_append (store, &iter);
1057	gtk_list_store_set (store, &iter,
1058	HMACAUTH_COL_NAME, hmacauth,
1059	HMACAUTH_COL_VALUE, hmacauth,
1060	-1);
1061	gtk_combo_box_set_active_iter (box, &iter);	1086	gtk_combo_box_set_active_iter (box, &iter);
1062	}	1087	else
		1088	gtk_combo_box_set_active (box, hmacauth ? -1 : 0);
		1089
		1090	return active_initialized;
1063	}	1091	}
1064		1092
1065	#define TLS_REMOTE_MODE_NONE "none"	1093	#define TLS_REMOTE_MODE_NONE "none"
Lines 1783-1789 advanced_dialog_new (GHashTable hash, const char contype) Link Here
1783		1811
1784	widget = GTK_WIDGET (gtk_builder_get_object (builder, "hmacauth_combo"));	1812	widget = GTK_WIDGET (gtk_builder_get_object (builder, "hmacauth_combo"));
1785	value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_AUTH);	1813	value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_AUTH);
1786	populate_hmacauth_combo (GTK_COMBO_BOX (widget), value);	1814	if (!populate_hmacauth_combo (GTK_COMBO_BOX (widget), value) && value) {
		1815	#if GTK_CHECK_VERSION(4,0,0)
		1816	entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget)));
		1817	#else
		1818	entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget)));
		1819	#endif
		1820	gtk_editable_set_text (GTK_EDITABLE (entry), value);
		1821	}
1787		1822
1788	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_entry"));	1823	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_entry"));
1789	combo = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_mode_combo"));	1824	combo = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_mode_combo"));
Lines 2267-2272 advanced_dialog_new_hash_from_dialog (GtkWidget *dialog) Link Here
2267	-1);	2302	-1);
2268	if (hmacauth)	2303	if (hmacauth)
2269	g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, hmacauth);	2304	g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, hmacauth);
		2305	} else {
		2306	#if GTK_CHECK_VERSION(4,0,0)
		2307	entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget)));
		2308	#else
		2309	entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget)));
		2310	#endif
		2311	value = gtk_editable_get_text (GTK_EDITABLE (entry));
		2312	if (value && *value)
		2313	g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, g_strdup (value));
2270	}	2314	}
2271	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_version_min"));	2315	entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_version_min"));
2272	value = gtk_editable_get_text (GTK_EDITABLE (entry));	2316	value = gtk_editable_get_text (GTK_EDITABLE (entry));