ALT Linux Bugzilla
– Attachment 21262 Details for
Bug 59004
Поддержка свободного выбора шифров в диалоге расширенных настроек
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
[patch]
Ввод произвольного алгоритма HMAC-аутентификации
NetworkManager-openvpn-1.12.5-alt-hmac-auth-entry.patch (text/plain), 6.18 KB, created by
Alexey Volkov
on 2026-05-05 16:37:54 MSK
(
hide
)
Description:
Ввод произвольного алгоритма HMAC-аутентификации
Filename:
MIME Type:
Creator:
Alexey Volkov
Created:
2026-05-05 16:37:54 MSK
Size:
6.18 KB
patch
obsolete
>diff --git a/properties/nm-openvpn-dialog.ui b/properties/nm-openvpn-dialog.ui >index 3136669..f4b9089 100644 >--- a/properties/nm-openvpn-dialog.ui >+++ b/properties/nm-openvpn-dialog.ui >@@ -1662,6 +1662,8 @@ config: keysize <n></property> > <object class="GtkComboBox" id="hmacauth_combo"> > <property name="visible">True</property> > <property name="can_focus">False</property> >+ <property name="has-entry">True</property> >+ <property name="entry-text-column">0</property> > <property name="tooltip_text" translatable="yes">Authenticate packets with HMAC using message digest algorithm. The default is SHA1. > config: auth</property> > <property name="model">model4</property> >diff --git a/properties/nm-openvpn-editor.c b/properties/nm-openvpn-editor.c >index 0f86b7c..638f3f3 100644 >--- a/properties/nm-openvpn-editor.c >+++ b/properties/nm-openvpn-editor.c >@@ -1007,59 +1007,87 @@ populate_cipher_combo (GtkComboBox *box, const char *user_cipher) > #define HMACAUTH_COL_NAME 0 > #define HMACAUTH_COL_VALUE 1 > >-static void >+static gboolean >+query_digests (GtkListStore *store, const char *hmacauth, GtkTreeIter *found_iter) >+{ >+ const char *openvpn_binary = nm_find_openvpn (); >+ char *argv[3]; >+ gs_free gchar *tmp = NULL; >+ gchar **lines, **line; >+ GError *error = NULL; >+ gboolean found = FALSE; >+ >+ if (!openvpn_binary) >+ return FALSE; >+ >+ argv[0] = (char *) openvpn_binary; >+ argv[1] = "--show-digests"; >+ argv[2] = NULL; >+ >+ if (!g_spawn_sync ("/", argv, NULL, 0, NULL, NULL, &tmp, NULL, NULL, &error)) { >+ g_warning ("%s: couldn't determine digests: %s", __func__, error->message); >+ g_clear_error (&error); >+ return FALSE; >+ } >+ >+ lines = g_strsplit (tmp, "\n", 0); >+ for (line = lines; *line; line++) { >+ const char *name = *line; >+ const char *space; >+ const char *p; >+ gchar *digest; >+ GtkTreeIter iter; >+ >+ /* Data lines: "<NAME> <number> bit digest size" >+ * Skip header lines that don't have a number as second token. */ >+ space = strchr (name, ' '); >+ if (!space) >+ continue; >+ for (p = space + 1; *p && g_ascii_isdigit (*p); p++) >+ ; >+ if (p == space + 1 || *p != ' ') >+ continue; >+ >+ digest = g_strndup (name, space - name); >+ gtk_list_store_append (store, &iter); >+ gtk_list_store_set (store, &iter, >+ HMACAUTH_COL_NAME, digest, >+ HMACAUTH_COL_VALUE, digest, >+ -1); >+ if (!found && hmacauth && !g_ascii_strcasecmp (digest, hmacauth)) { >+ *found_iter = iter; >+ found = TRUE; >+ } >+ g_free (digest); >+ } >+ g_strfreev (lines); >+ return found; >+} >+ >+static gboolean > populate_hmacauth_combo (GtkComboBox *box, const char *hmacauth) > { > gs_unref_object GtkListStore *store = NULL; > GtkTreeIter iter; >- gboolean active_initialized = FALSE; >- int i; >- static const struct { >- const char *name; >- const char *pretty_name; >- } items[] = { >- { NM_OPENVPN_AUTH_NONE, N_("None") }, >- { NM_OPENVPN_AUTH_RSA_MD4, N_("RSA MD-4") }, >- { NM_OPENVPN_AUTH_MD5, N_("MD-5") }, >- { NM_OPENVPN_AUTH_SHA1, N_("SHA-1") }, >- { NM_OPENVPN_AUTH_SHA224, N_("SHA-224") }, >- { NM_OPENVPN_AUTH_SHA256, N_("SHA-256") }, >- { NM_OPENVPN_AUTH_SHA384, N_("SHA-384") }, >- { NM_OPENVPN_AUTH_SHA512, N_("SHA-512") }, >- { NM_OPENVPN_AUTH_RIPEMD160, N_("RIPEMD-160") }, >- }; >+ gboolean active_initialized; > >- store = gtk_list_store_new (3, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_BOOLEAN); >+ store = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_STRING); > gtk_combo_box_set_model (box, GTK_TREE_MODEL (store)); > > /* Add default option which won't pass --auth to openvpn */ > gtk_list_store_append (store, &iter); > gtk_list_store_set (store, &iter, > HMACAUTH_COL_NAME, _("Default"), >+ HMACAUTH_COL_VALUE, NULL, > -1); > >- for (i = 0; i < G_N_ELEMENTS (items); i++) { >- const char *name = items[i].name; >- >- gtk_list_store_append (store, &iter); >- gtk_list_store_set (store, &iter, >- HMACAUTH_COL_NAME, _(items[i].pretty_name), >- HMACAUTH_COL_VALUE, name, >- -1); >- if (hmacauth && !g_ascii_strcasecmp (name, hmacauth)) { >- gtk_combo_box_set_active_iter (box, &iter); >- active_initialized = TRUE; >- } >- } >- >- if (!active_initialized) { >- gtk_list_store_append (store, &iter); >- gtk_list_store_set (store, &iter, >- HMACAUTH_COL_NAME, hmacauth, >- HMACAUTH_COL_VALUE, hmacauth, >- -1); >+ active_initialized = query_digests (store, hmacauth, &iter); >+ if (active_initialized) > gtk_combo_box_set_active_iter (box, &iter); >- } >+ else >+ gtk_combo_box_set_active (box, hmacauth ? -1 : 0); >+ >+ return active_initialized; > } > > #define TLS_REMOTE_MODE_NONE "none" >@@ -1783,7 +1811,14 @@ advanced_dialog_new (GHashTable *hash, const char *contype) > > widget = GTK_WIDGET (gtk_builder_get_object (builder, "hmacauth_combo")); > value = g_hash_table_lookup (hash, NM_OPENVPN_KEY_AUTH); >- populate_hmacauth_combo (GTK_COMBO_BOX (widget), value); >+ if (!populate_hmacauth_combo (GTK_COMBO_BOX (widget), value) && value) { >+#if GTK_CHECK_VERSION(4,0,0) >+ entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget))); >+#else >+ entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget))); >+#endif >+ gtk_editable_set_text (GTK_EDITABLE (entry), value); >+ } > > entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_entry")); > combo = GTK_WIDGET (gtk_builder_get_object (builder, "tls_remote_mode_combo")); >@@ -2267,6 +2302,15 @@ advanced_dialog_new_hash_from_dialog (GtkWidget *dialog) > -1); > if (hmacauth) > g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, hmacauth); >+ } else { >+#if GTK_CHECK_VERSION(4,0,0) >+ entry = GTK_WIDGET (gtk_combo_box_get_child (GTK_COMBO_BOX (widget))); >+#else >+ entry = GTK_WIDGET (gtk_bin_get_child (GTK_BIN (widget))); >+#endif >+ value = gtk_editable_get_text (GTK_EDITABLE (entry)); >+ if (value && *value) >+ g_hash_table_insert (hash, NM_OPENVPN_KEY_AUTH, g_strdup (value)); > } > entry = GTK_WIDGET (gtk_builder_get_object (builder, "tls_version_min")); > value = gtk_editable_get_text (GTK_EDITABLE (entry));
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=21262">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 59004
:
21261
| 21262
