summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiří Klimeš <jklimes@redhat.com>2014-10-30 09:27:01 +0100
committerJiří Klimeš <jklimes@redhat.com>2014-10-30 09:27:01 +0100
commit85fcfd1fa7cc135e40f8818243fc8a6566da3634 (patch)
tree48e96d61c9f16a0b2d86353ce2b21d12f2ab6bb4
parentab81e9b8261ba35db0aefb658e81b31288039584 (diff)
parent45590f809addf82531616a55a30d4f4656f128e6 (diff)
downloadNetworkManager-85fcfd1fa7cc135e40f8818243fc8a6566da3634.tar.gz
merge: show connection secrets in nmcli when required (bgo #737415)
Secrets will be displayed when '--show-secrets' is used for 'nmcli con show', or nmcli> nmcli show-secrets yes in the editor.
Diffstat
-rw-r--r--clients/cli/connections.c78
-rw-r--r--clients/cli/nmcli-completion7
-rw-r--r--clients/cli/nmcli.c1
-rw-r--r--clients/cli/nmcli.h3
-rw-r--r--clients/cli/settings.c95
-rw-r--r--clients/cli/settings.h2
-rw-r--r--man/nmcli.1.in15
7 files changed, 130 insertions, 71 deletions
diff --git a/clients/cli/connections.c b/clients/cli/connections.c
index f5656ab26d..329012a1fd 100644
--- a/clients/cli/connections.c
+++ b/clients/cli/connections.c
@@ -248,7 +248,7 @@ usage (void)
{
g_printerr (_("Usage: nmcli connection { COMMAND | help }\n\n"
"COMMAND := { show | up | down | add | modify | edit | delete | reload | load }\n\n"
- " show [--active] [[id | uuid | path | apath] <ID>] ...\n\n"
+ " show [--active] [[--show-secrets] [id | uuid | path | apath] <ID>] ...\n\n"
#if WITH_WIMAX
" up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [nsp <name>]\n\n"
#else
@@ -276,13 +276,13 @@ usage_connection_show (void)
"profiles are listed. When --active option is specified, only the active\n"
"profiles are shown.\n"
"\n"
- "ARGUMENTS := [--active] [id | uuid | path | apath] <ID> ...\n"
+ "ARGUMENTS := [--active] [--show-secrets] [id | uuid | path | apath] <ID> ...\n"
"\n"
"Show details for specified connections. By default, both static configuration\n"
"and active connection data are displayed. It is possible to filter the output\n"
"using global '--fields' option. Refer to the manual page for more information.\n"
"When --active option is specified, only the active profiles are taken into\n"
- "account.\n"));
+ "account. --show-secrets option will reveal associated secrets as well.\n"));
}
static void
@@ -615,8 +615,23 @@ get_ac_for_connection (const GPtrArray *active_cons, NMConnection *connection)
return ac;
}
+static void
+update_secrets_in_connection (NMRemoteConnection *con)
+{
+ GVariant *secrets;
+ int i;
+
+ for (i = 0; nmc_fields_settings_names[i].name; i++) {
+ secrets = nm_remote_connection_get_secrets (con, nmc_fields_settings_names[i].name, NULL, NULL);
+ if (secrets) {
+ (void) nm_connection_update_secrets (NM_CONNECTION (con), NULL, secrets, NULL);
+ g_variant_unref (secrets);
+ }
+ }
+}
+
static gboolean
-nmc_connection_profile_details (NMConnection *connection, NmCli *nmc)
+nmc_connection_profile_details (NMConnection *connection, NmCli *nmc, gboolean secrets)
{
GError *error = NULL;
GArray *print_settings_array;
@@ -668,7 +683,7 @@ nmc_connection_profile_details (NMConnection *connection, NmCli *nmc)
setting = nm_connection_get_setting_by_name (connection, nmc_fields_settings_names[section_idx].name);
if (setting) {
- setting_details (setting, nmc, prop_name);
+ setting_details (setting, nmc, prop_name, secrets);
was_output = TRUE;
continue;
}
@@ -1312,7 +1327,8 @@ split_required_fields_for_con_show (const char *input,
}
static NMCResultCode
-do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv)
+do_connections_show (NmCli *nmc, gboolean active_only, gboolean show_secrets,
+ int argc, char **argv)
{
GError *err = NULL;
char *profile_flds = NULL, *active_flds = NULL;
@@ -1427,7 +1443,9 @@ do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv)
if (without_fields || profile_flds) {
if (con) {
nmc->required_fields = profile_flds;
- res = nmc_connection_profile_details (con, nmc);
+ if (show_secrets)
+ update_secrets_in_connection (NM_REMOTE_CONNECTION (con));
+ res = nmc_connection_profile_details (con, nmc, show_secrets);
nmc->required_fields = NULL;
if (!res)
goto finish;
@@ -5362,7 +5380,7 @@ gen_nmcli_cmds_submenu (const char *text, int state)
static char *
gen_cmd_nmcli (const char *text, int state)
{
- const char *words[] = { "status-line", "save-confirmation", "prompt-color", NULL };
+ const char *words[] = { "status-line", "save-confirmation", "show-secrets", "prompt-color", NULL };
return nmc_rl_gen_func_basic (text, state, words);
}
@@ -5594,6 +5612,8 @@ get_gen_func_cmd_nmcli (const char *str)
return gen_func_bool_values;
if (matches (str, "save-confirmation") == 0)
return gen_func_bool_values;
+ if (matches (str, "show-secrets") == 0)
+ return gen_func_bool_values;
if (matches (str, "prompt-color") == 0)
return gen_cmd_nmcli_prompt_color;
return NULL;
@@ -6005,7 +6025,7 @@ editor_show_connection (NMConnection *connection, NmCli *nmc)
/* Remove any previous data */
nmc_empty_output_fields (nmc);
- nmc_connection_profile_details (connection, nmc);
+ nmc_connection_profile_details (connection, nmc, nmc->editor_show_secrets);
}
static void
@@ -6021,7 +6041,7 @@ editor_show_setting (NMSetting *setting, NmCli *nmc)
/* Remove any previous data */
nmc_empty_output_fields (nmc);
- setting_details (setting, nmc, NULL);
+ setting_details (setting, nmc, NULL, nmc->editor_show_secrets);
}
typedef enum {
@@ -6186,6 +6206,7 @@ editor_main_help (const char *command)
"Configures nmcli. The following options are available:\n"
"status-line yes | no [default: no]\n"
"save-confirmation yes | no [default: yes]\n"
+ "show-secrets yes | no [default: no]\n"
"prompt-color <0-8> [default: 0]\n"
" 0 = normal\n"
" 1 = \33[30mblack\33[0m\n"
@@ -7008,6 +7029,12 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t
g_weak_ref_init (&weak, con_tmp);
rem_con = g_weak_ref_get (&weak);
+ /* Merge secrets into the connection */
+ if (rem_con) {
+ update_secrets_in_connection (rem_con);
+ nm_connection_replace_settings_from_connection (connection, NM_CONNECTION (rem_con));
+ }
+
while (cmd_loop) {
/* Connection is dirty? (not saved or differs from the saved) */
dirty = is_connection_dirty (connection, rem_con);
@@ -7615,6 +7642,14 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t
g_clear_error (&tmp_err);
} else
nmc->editor_save_confirmation = bb;
+ } else if (cmd_arg_p && matches (cmd_arg_p, "show-secrets") == 0) {
+ GError *tmp_err = NULL;
+ gboolean bb;
+ if (!nmc_string_to_bool (cmd_arg_v ? g_strstrip (cmd_arg_v) : "", &bb, &tmp_err)) {
+ g_print (_("Error: show-secrets: %s\n"), tmp_err->message);
+ g_clear_error (&tmp_err);
+ } else
+ nmc->editor_show_secrets = bb;
} else if (cmd_arg_p && matches (cmd_arg_p, "prompt-color") == 0) {
unsigned long color;
if (!nmc_string_to_uint (cmd_arg_v ? g_strstrip (cmd_arg_v) : "X",
@@ -7634,13 +7669,15 @@ editor_menu_main (NmCli *nmc, NMConnection *connection, const char *connection_t
g_print (_("Current nmcli configuration:\n"));
g_print ("status-line: %s\n"
"save-confirmation: %s\n"
+ "show-secrets: %s\n"
"prompt-color: %d\n",
nmc->editor_status_line ? "yes" : "no",
nmc->editor_save_confirmation ? "yes" : "no",
+ nmc->editor_show_secrets ? "yes" : "no",
nmc->editor_prompt_color);
} else
g_print (_("Invalid configuration option '%s'; allowed [%s]\n"),
- cmd_arg_v ? cmd_arg_v : "", "status-line, save-confirmation, prompt-color");
+ cmd_arg_v ? cmd_arg_v : "", "status-line, save-confirmation, show-secrets, prompt-color");
break;
@@ -8524,17 +8561,26 @@ do_connections (NmCli *nmc, int argc, char **argv)
if (argc == 0) {
if (!nmc_terse_option_check (nmc->print_output, nmc->required_fields, &error))
goto opt_error;
- nmc->return_value = do_connections_show (nmc, FALSE, argc, argv);
+ nmc->return_value = do_connections_show (nmc, FALSE, FALSE, argc, argv);
} else {
if (matches (*argv, "show") == 0) {
gboolean active = FALSE;
+ gboolean show_secrets = FALSE;
+ int i;
next_arg (&argc, &argv);
- if (nmc_arg_is_option (*argv, "active")) {
- active = TRUE;
- next_arg (&argc, &argv);
+ /* check connection show options [--active] [--show-secrets] */
+ for (i = 0; i < 2; i++) {
+ if (!active && nmc_arg_is_option (*argv, "active")) {
+ active = TRUE;
+ next_arg (&argc, &argv);
+ }
+ if (!show_secrets && nmc_arg_is_option (*argv, "show-secrets")) {
+ show_secrets = TRUE;
+ next_arg (&argc, &argv);
+ }
}
- nmc->return_value = do_connections_show (nmc, active, argc, argv);
+ nmc->return_value = do_connections_show (nmc, active, show_secrets, argc, argv);
} else if (matches(*argv, "up") == 0) {
nmc->return_value = do_connection_up (nmc, argc-1, argv+1);
} else if (matches(*argv, "down") == 0) {
diff --git a/clients/cli/nmcli-completion b/clients/cli/nmcli-completion
index 8c1cfaa713..3017dc40b3 100644
--- a/clients/cli/nmcli-completion
+++ b/clients/cli/nmcli-completion
@@ -170,6 +170,9 @@ _nmcli_compl_OPTIONS()
ask)
_nmcli_array_delete_at words 0
;;
+ show-secrets)
+ _nmcli_array_delete_at words 0
+ ;;
active)
_nmcli_array_delete_at words 0
;;
@@ -761,11 +764,11 @@ _nmcli()
case "$command" in
s|sh|sho|show)
if [[ ${#words[@]} -eq 3 ]]; then
- _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active
+ _nmcli_compl_COMMAND_nl "${words[2]}" "$(printf "id\nuuid\npath\napath\n%s" "$(_nmcli_con_show NAME)")" active show-secrets
elif [[ ${#words[@]} -gt 3 ]]; then
_nmcli_array_delete_at words 0 1
- LONG_OPTIONS=(help active)
+ LONG_OPTIONS=(help active show-secrets)
HELP_ONLY_AS_FIRST=1
_nmcli_compl_OPTIONS
i=$?
diff --git a/clients/cli/nmcli.c b/clients/cli/nmcli.c
index ca71abf936..b1a810ce7a 100644
--- a/clients/cli/nmcli.c
+++ b/clients/cli/nmcli.c
@@ -514,6 +514,7 @@ nmc_init (NmCli *nmc)
nmc->in_editor = FALSE;
nmc->editor_status_line = FALSE;
nmc->editor_save_confirmation = TRUE;
+ nmc->editor_show_secrets = FALSE;
nmc->editor_prompt_color = NMC_TERM_COLOR_NORMAL;
}
diff --git a/clients/cli/nmcli.h b/clients/cli/nmcli.h
index 34beb92298..0a87bd9147 100644
--- a/clients/cli/nmcli.h
+++ b/clients/cli/nmcli.h
@@ -14,7 +14,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
- * (C) Copyright 2010 - 2014 Red Hat, Inc.
+ * Copyright 2010 - 2014 Red Hat, Inc.
*/
#ifndef NMC_NMCLI_H
@@ -126,6 +126,7 @@ typedef struct _NmCli {
gboolean in_editor; /* Whether running the editor - nmcli con edit' */
gboolean editor_status_line; /* Whether to display status line in connection editor */
gboolean editor_save_confirmation; /* Whether to ask for confirmation on saving connections with 'autoconnect=yes' */
+ gboolean editor_show_secrets; /* Whether to display secrets in the editor' */
NmcTermColor editor_prompt_color; /* Color of prompt in connection editor */
} NmCli;
diff --git a/clients/cli/settings.c b/clients/cli/settings.c
index d00361897d..136c818641 100644
--- a/clients/cli/settings.c
+++ b/clients/cli/settings.c
@@ -14,7 +14,7 @@
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
- * (C) Copyright 2010 - 2014 Red Hat, Inc.
+ * Copyright 2010 - 2014 Red Hat, Inc.
*/
#include "config.h"
@@ -6524,8 +6524,11 @@ nmc_property_set_gvalue (NMSetting *setting, const char *prop, GValue *value)
/*----------------------------------------------------------------------------*/
+#define GET_SECRET(show, setting, func) \
+ (show ? func (setting) : g_strdup (_("<hidden>")))
+
static gboolean
-setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingConnection *s_con = NM_SETTING_CONNECTION (setting);
NmcOutputField *tmpl, *arr;
@@ -6564,7 +6567,7 @@ setting_connection_details (NMSetting *setting, NmCli *nmc, const char *one_prop
}
static gboolean
-setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingWired *s_wired = NM_SETTING_WIRED (setting);
NmcOutputField *tmpl, *arr;
@@ -6600,7 +6603,7 @@ setting_wired_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSetting8021x *s_8021x = NM_SETTING_802_1X (setting);
NmcOutputField *tmpl, *arr;
@@ -6636,17 +6639,17 @@ setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
set_val_str (arr, 17, nmc_property_802_1X_get_phase2_subject_match (setting));
set_val_str (arr, 18, nmc_property_802_1X_get_phase2_altsubject_matches (setting));
set_val_str (arr, 19, nmc_property_802_1X_get_phase2_client_cert (setting));
- set_val_str (arr, 20, nmc_property_802_1X_get_password (setting));
+ set_val_str (arr, 20, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password));
set_val_str (arr, 21, nmc_property_802_1X_get_password_flags (setting));
- set_val_str (arr, 22, nmc_property_802_1X_get_password_raw (setting));
+ set_val_str (arr, 22, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password_raw));
set_val_str (arr, 23, nmc_property_802_1X_get_password_raw_flags (setting));
set_val_str (arr, 24, nmc_property_802_1X_get_private_key (setting));
- set_val_str (arr, 25, nmc_property_802_1X_get_private_key_password (setting));
+ set_val_str (arr, 25, GET_SECRET (secrets, setting, nmc_property_802_1X_get_private_key_password));
set_val_str (arr, 26, nmc_property_802_1X_get_private_key_password_flags (setting));
set_val_str (arr, 27, nmc_property_802_1X_get_phase2_private_key (setting));
- set_val_str (arr, 28, nmc_property_802_1X_get_phase2_private_key_password (setting));
+ set_val_str (arr, 28, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_private_key_password));
set_val_str (arr, 29, nmc_property_802_1X_get_phase2_private_key_password_flags (setting));
- set_val_str (arr, 30, nmc_property_802_1X_get_pin (setting));
+ set_val_str (arr, 30, GET_SECRET (secrets, setting, nmc_property_802_1X_get_pin));
set_val_str (arr, 31, nmc_property_802_1X_get_pin_flags (setting));
set_val_str (arr, 32, nmc_property_802_1X_get_system_ca_certs (setting));
g_ptr_array_add (nmc->output_data, arr);
@@ -6657,7 +6660,7 @@ setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingWireless *s_wireless = NM_SETTING_WIRELESS (setting);
NmcOutputField *tmpl, *arr;
@@ -6695,7 +6698,7 @@ setting_wireless_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingWirelessSecurity *s_wireless_sec = NM_SETTING_WIRELESS_SECURITY (setting);
NmcOutputField *tmpl, *arr;
@@ -6719,15 +6722,15 @@ setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *o
set_val_str (arr, 5, nmc_property_wifi_sec_get_pairwise (setting));
set_val_str (arr, 6, nmc_property_wifi_sec_get_group (setting));
set_val_str (arr, 7, nmc_property_wifi_sec_get_leap_username (setting));
- set_val_str (arr, 8, nmc_property_wifi_sec_get_wep_key0 (setting));
- set_val_str (arr, 9, nmc_property_wifi_sec_get_wep_key1 (setting));
- set_val_str (arr, 10, nmc_property_wifi_sec_get_wep_key2 (setting));
- set_val_str (arr, 11, nmc_property_wifi_sec_get_wep_key3 (setting));
+ set_val_str (arr, 8, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key0));
+ set_val_str (arr, 9, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key1));
+ set_val_str (arr, 10, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key2));
+ set_val_str (arr, 11, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_wep_key3));
set_val_str (arr, 12, nmc_property_wifi_sec_get_wep_key_flags (setting));
set_val_str (arr, 13, nmc_property_wifi_sec_get_wep_key_type (setting));
- set_val_str (arr, 14, nmc_property_wifi_sec_get_psk (setting));
+ set_val_str (arr, 14, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_psk));
set_val_str (arr, 15, nmc_property_wifi_sec_get_psk_flags (setting));
- set_val_str (arr, 16, nmc_property_wifi_sec_get_leap_password (setting));
+ set_val_str (arr, 16, GET_SECRET (secrets, setting, nmc_property_wifi_sec_get_leap_password));
set_val_str (arr, 17, nmc_property_wifi_sec_get_leap_password_flags (setting));
g_ptr_array_add (nmc->output_data, arr);
@@ -6737,7 +6740,7 @@ setting_wireless_security_details (NMSetting *setting, NmCli *nmc, const char *o
}
static gboolean
-setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingIP4Config *s_ip4 = NM_SETTING_IP4_CONFIG (setting);
NmcOutputField *tmpl, *arr;
@@ -6774,7 +6777,7 @@ setting_ip4_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop
}
static gboolean
-setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingIP6Config *s_ip6 = NM_SETTING_IP6_CONFIG (setting);
NmcOutputField *tmpl, *arr;
@@ -6810,7 +6813,7 @@ setting_ip6_config_details (NMSetting *setting, NmCli *nmc, const char *one_prop
}
static gboolean
-setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingSerial *s_serial = NM_SETTING_SERIAL (setting);
NmcOutputField *tmpl, *arr;
@@ -6840,7 +6843,7 @@ setting_serial_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingPpp *s_ppp = NM_SETTING_PPP (setting);
NmcOutputField *tmpl, *arr;
@@ -6883,7 +6886,7 @@ setting_ppp_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingPppoe *s_pppoe = NM_SETTING_PPPOE (setting);
NmcOutputField *tmpl, *arr;
@@ -6902,7 +6905,7 @@ setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting)));
set_val_str (arr, 1, nmc_property_pppoe_get_service (setting));
set_val_str (arr, 2, nmc_property_pppoe_get_username (setting));
- set_val_str (arr, 3, nmc_property_pppoe_get_password (setting));
+ set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_pppoe_get_password));
set_val_str (arr, 4, nmc_property_pppoe_get_password_flags (setting));
g_ptr_array_add (nmc->output_data, arr);
@@ -6912,7 +6915,7 @@ setting_pppoe_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingGsm *s_gsm = NM_SETTING_GSM (setting);
NmcOutputField *tmpl, *arr;
@@ -6931,11 +6934,11 @@ setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting)));
set_val_str (arr, 1, nmc_property_gsm_get_number (setting));
set_val_str (arr, 2, nmc_property_gsm_get_username (setting));
- set_val_str (arr, 3, nmc_property_gsm_get_password (setting));
+ set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_gsm_get_password));
set_val_str (arr, 4, nmc_property_gsm_get_password_flags (setting));
set_val_str (arr, 5, nmc_property_gsm_get_apn (setting));
set_val_str (arr, 6, nmc_property_gsm_get_network_id (setting));
- set_val_str (arr, 7, nmc_property_gsm_get_pin (setting));
+ set_val_str (arr, 7, GET_SECRET (secrets, setting, nmc_property_gsm_get_pin));
set_val_str (arr, 8, nmc_property_gsm_get_pin_flags (setting));
set_val_str (arr, 9, nmc_property_gsm_get_home_only (setting));
g_ptr_array_add (nmc->output_data, arr);
@@ -6946,7 +6949,7 @@ setting_gsm_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingCdma *s_cdma = NM_SETTING_CDMA (setting);
NmcOutputField *tmpl, *arr;
@@ -6965,7 +6968,7 @@ setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting)));
set_val_str (arr, 1, nmc_property_cdma_get_number (setting));
set_val_str (arr, 2, nmc_property_cdma_get_username (setting));
- set_val_str (arr, 3, nmc_property_cdma_get_password (setting));
+ set_val_str (arr, 3, GET_SECRET (secrets, setting, nmc_property_cdma_get_password));
set_val_str (arr, 4, nmc_property_cdma_get_password_flags (setting));
g_ptr_array_add (nmc->output_data, arr);
@@ -6975,7 +6978,7 @@ setting_cdma_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingBluetooth *s_bluetooth = NM_SETTING_BLUETOOTH (setting);
NmcOutputField *tmpl, *arr;
@@ -7002,7 +7005,7 @@ setting_bluetooth_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingOlpcMesh *s_olpc_mesh = NM_SETTING_OLPC_MESH (setting);
NmcOutputField *tmpl, *arr;
@@ -7030,7 +7033,7 @@ setting_olpc_mesh_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingVpn *s_vpn = NM_SETTING_VPN (setting);
NmcOutputField *tmpl, *arr;
@@ -7050,7 +7053,7 @@ setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
set_val_str (arr, 1, nmc_property_vpn_get_service_type (setting));
set_val_str (arr, 2, nmc_property_vpn_get_user_name (setting));
set_val_str (arr, 3, nmc_property_vpn_get_data (setting));
- set_val_str (arr, 4, nmc_property_vpn_get_secrets (setting));
+ set_val_str (arr, 4, GET_SECRET (secrets, setting, nmc_property_vpn_get_secrets));
g_ptr_array_add (nmc->output_data, arr);
print_data (nmc); /* Print all data */
@@ -7059,7 +7062,7 @@ setting_vpn_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingWimax *s_wimax = NM_SETTING_WIMAX (setting);
NmcOutputField *tmpl, *arr;
@@ -7086,7 +7089,7 @@ setting_wimax_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingInfiniband *s_infiniband = NM_SETTING_INFINIBAND (setting);
NmcOutputField *tmpl, *arr;
@@ -7116,7 +7119,7 @@ setting_infiniband_details (NMSetting *setting, NmCli *nmc, const char *one_prop
}
static gboolean
-setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingBond *s_bond = NM_SETTING_BOND (setting);
NmcOutputField *tmpl, *arr;
@@ -7142,7 +7145,7 @@ setting_bond_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingVlan *s_vlan = NM_SETTING_VLAN (setting);
NmcOutputField *tmpl, *arr;
@@ -7172,7 +7175,7 @@ setting_vlan_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingAdsl *s_adsl = NM_SETTING_ADSL (setting);
NmcOutputField *tmpl, *arr;
@@ -7190,7 +7193,7 @@ setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
arr = nmc_dup_fields_array (tmpl, tmpl_len, NMC_OF_FLAG_SECTION_PREFIX);
set_val_str (arr, 0, g_strdup (nm_setting_get_name (setting)));
set_val_str (arr, 1, nmc_property_adsl_get_username (setting));
- set_val_str (arr, 2, nmc_property_adsl_get_password (setting));
+ set_val_str (arr, 2, GET_SECRET (secrets, setting, nmc_property_adsl_get_password));
set_val_str (arr, 3, nmc_property_adsl_get_password_flags (setting));
set_val_str (arr, 4, nmc_property_adsl_get_protocol (setting));
set_val_str (arr, 5, nmc_property_adsl_get_encapsulation (setting));
@@ -7204,7 +7207,7 @@ setting_adsl_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingBridge *s_bridge = NM_SETTING_BRIDGE (setting);
NmcOutputField *tmpl, *arr;
@@ -7236,7 +7239,7 @@ setting_bridge_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingBridgePort *s_bridge_port = NM_SETTING_BRIDGE_PORT (setting);
NmcOutputField *tmpl, *arr;
@@ -7264,7 +7267,7 @@ setting_bridge_port_details (NMSetting *setting, NmCli *nmc, const char *one_pro
}
static gboolean
-setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingTeam *s_team = NM_SETTING_TEAM (setting);
NmcOutputField *tmpl, *arr;
@@ -7290,7 +7293,7 @@ setting_team_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingTeamPort *s_team_port = NM_SETTING_TEAM_PORT (setting);
NmcOutputField *tmpl, *arr;
@@ -7316,7 +7319,7 @@ setting_team_port_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
}
static gboolean
-setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
NMSettingDcb *s_dcb = NM_SETTING_DCB (setting);
NmcOutputField *tmpl, *arr;
@@ -7357,7 +7360,7 @@ setting_dcb_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
typedef struct {
const char *sname;
- gboolean (*func) (NMSetting *setting, NmCli *nmc, const char *one_prop);
+ gboolean (*func) (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets);
} SettingDetails;
static const SettingDetails detail_printers[] = {
@@ -7390,7 +7393,7 @@ static const SettingDetails detail_printers[] = {
};
gboolean
-setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
+setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets)
{
const SettingDetails *iter = &detail_printers[0];
@@ -7398,7 +7401,7 @@ setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop)
while (iter->sname) {
if (nm_setting_lookup_type (iter->sname) == G_OBJECT_TYPE (setting))
- return iter->func (setting, nmc, one_prop);
+ return iter->func (setting, nmc, one_prop, secrets);
iter++;
}
diff --git a/clients/cli/settings.h b/clients/cli/settings.h
index d9e9483889..ad74fc9053 100644
--- a/clients/cli/settings.h
+++ b/clients/cli/settings.h
@@ -61,6 +61,6 @@ void nmc_property_set_default_value (NMSetting *setting, const char *prop);
gboolean nmc_property_get_gvalue (NMSetting *setting, const char *prop, GValue *value);
gboolean nmc_property_set_gvalue (NMSetting *setting, const char *prop, GValue *value);
-gboolean setting_details (NMSetting *ssetting, NmCli *nmc, const char *one_prop);
+gboolean setting_details (NMSetting *setting, NmCli *nmc, const char *one_prop, gboolean secrets);
#endif /* NMC_SETTINGS_H */
diff --git a/man/nmcli.1.in b/man/nmcli.1.in
index 308dbeccc2..b662c4a82e 100644
--- a/man/nmcli.1.in
+++ b/man/nmcli.1.in
@@ -19,9 +19,9 @@
.\" with this manual; if not, write to the Free Software Foundation, Inc.,
.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
.\"
-.\" Copyright (C) 2010 - 2014 Red Hat, Inc.
+.\" Copyright 2010 - 2014 Red Hat, Inc.
.\"
-.TH NMCLI "1" "11 July 2014"
+.TH NMCLI "1" "11 September 2014"
.SH NAME
nmcli \- command\(hyline tool for controlling NetworkManager
@@ -287,12 +287,12 @@ active if a device is using that connection profile. Without a parameter, all
profiles are listed. When --active option is specified, only the active profiles
are shown.
.TP
-.B show [--active] [ id | uuid | path | apath ] <ID> ...
+.B show [--active] [--show-secrets] [ id | uuid | path | apath ] <ID> ...
.br
Show details for specified connections. By default, both static configuration
and active connection data are displayed. When --active option is specified,
-only the active profiles are taken into
-account.
+only the active profiles are taken into account. When --show-secrets option is
+specified, secrets associated with the profile will be revealed too.
\fIid\fP, \fIuuid\fP, \fIpath\fP and \fIapath\fP keywords can be used if
\fI<ID>\fP is ambiguous.
.RS
@@ -859,6 +859,11 @@ shows all connection profile names and their auto-connect property.
.IP
shows details for "My default em1" connection profile.
+.IP "\fB\f(CWnmcli connection show --show-secrets \(dq\&My Home WiFi\(dq\&\fP\fP"
+.IP
+shows details for "My Home WiFi" connection profile with all passwords.
+Without \fI--show-secrets\fP option, secrets would not be displayed.
+
.IP "\fB\f(CWnmcli \-f active connection show \(dq\&My default em1\(dq\&\fP\fP"
.IP
shows details for "My default em1" active connection, like IP, DHCP
View Lorry Controller Status