cli: add '--show-secrets' option for 'nmcli connection show'

It can be used to display connection secrets (passwords).  When used, it will
get secrets for the connection profile and merge it into the connection's
settings before displaying it.

Example:
nmcli con show -s hotel-wifi

2 files changed, 46 insertions, 14 deletions

diff --git a/clients/cli/connections.c b/clients/cli/connections.c
index f5656ab26d..fd4ad4330a 100644
--- a/clients/cli/connections.c
+++ b/clients/cli/connections.c
@@ -248,7 +248,7 @@ usage (void)
 {
 	g_printerr (_("Usage: nmcli connection { COMMAND | help }\n\n"
 	              "COMMAND := { show | up | down | add | modify | edit | delete | reload | load }\n\n"
-	              "  show [--active] [[id | uuid | path | apath] <ID>] ...\n\n"
+	              "  show [--active] [[--show-secrets] [id | uuid | path | apath] <ID>] ...\n\n"
 #if WITH_WIMAX
 	              "  up [[id | uuid | path] <ID>] [ifname <ifname>] [ap <BSSID>] [nsp <name>]\n\n"
 #else
@@ -276,13 +276,13 @@ usage_connection_show (void)
 	              "profiles are listed. When --active option is specified, only the active\n"
 	              "profiles are shown.\n"
 	              "\n"
-	              "ARGUMENTS := [--active] [id | uuid | path | apath] <ID> ...\n"
+	              "ARGUMENTS := [--active] [--show-secrets] [id | uuid | path | apath] <ID> ...\n"
 	              "\n"
 	              "Show details for specified connections. By default, both static configuration\n"
 	              "and active connection data are displayed. It is possible to filter the output\n"
 	              "using global '--fields' option. Refer to the manual page for more information.\n"
 	              "When --active option is specified, only the active profiles are taken into\n"
-	              "account.\n"));
+	              "account. --show-secrets option will reveal associated secrets as well.\n"));
 }
 
 static void
@@ -615,6 +615,21 @@ get_ac_for_connection (const GPtrArray *active_cons, NMConnection *connection)
 	return ac;
 }
 
+static void
+update_secrets_in_connection (NMRemoteConnection *con)
+{
+	GVariant *secrets;
+	int i;
+
+	for (i = 0; nmc_fields_settings_names[i].name; i++) {
+		secrets = nm_remote_connection_get_secrets (con, nmc_fields_settings_names[i].name, NULL, NULL);
+		if (secrets) {
+			(void) nm_connection_update_secrets (NM_CONNECTION (con), NULL, secrets, NULL);
+			g_variant_unref (secrets);
+		}
+	}
+}
+
 static gboolean
 nmc_connection_profile_details (NMConnection *connection, NmCli *nmc)
 {
@@ -1312,7 +1327,8 @@ split_required_fields_for_con_show (const char *input,
 }
 
 static NMCResultCode
-do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv)
+do_connections_show (NmCli *nmc, gboolean active_only, gboolean show_secrets,
+                     int argc, char **argv)
 {
 	GError *err = NULL;
 	char *profile_flds = NULL, *active_flds = NULL;
@@ -1427,6 +1443,8 @@ do_connections_show (NmCli *nmc, gboolean active_only, int argc, char **argv)
 			if (without_fields || profile_flds) {
 				if (con) {
 					nmc->required_fields = profile_flds;
+					if (show_secrets)
+						update_secrets_in_connection (NM_REMOTE_CONNECTION (con));
 					res = nmc_connection_profile_details (con, nmc);
 					nmc->required_fields = NULL;
 					if (!res)
@@ -8524,17 +8542,26 @@ do_connections (NmCli *nmc, int argc, char **argv)
 	if (argc == 0) {
 		if (!nmc_terse_option_check (nmc->print_output, nmc->required_fields, &error))
 			goto opt_error;
-		nmc->return_value = do_connections_show (nmc, FALSE, argc, argv);
+		nmc->return_value = do_connections_show (nmc, FALSE, FALSE, argc, argv);
 	} else {
 		if (matches (*argv, "show") == 0) {
 			gboolean active = FALSE;
+			gboolean show_secrets = FALSE;
+			int i;
 
 			next_arg (&argc, &argv);
-			if (nmc_arg_is_option (*argv, "active")) {
-				active = TRUE;
-				next_arg (&argc, &argv);
+			/* check connection show options [--active] [--show-secrets] */
+			for (i = 0; i < 2; i++) {
+				if (!active && nmc_arg_is_option (*argv, "active")) {
+					active = TRUE;
+					next_arg (&argc, &argv);
+				}
+				if (!show_secrets && nmc_arg_is_option (*argv, "show-secrets")) {
+					show_secrets = TRUE;
+					next_arg (&argc, &argv);
+				}
 			}
-			nmc->return_value = do_connections_show (nmc, active, argc, argv);
+			nmc->return_value = do_connections_show (nmc, active, show_secrets, argc, argv);
 		} else if (matches(*argv, "up") == 0) {
 			nmc->return_value = do_connection_up (nmc, argc-1, argv+1);
 		} else if (matches(*argv, "down") == 0) {
diff --git a/man/nmcli.1.in b/man/nmcli.1.in
index 308dbeccc2..b662c4a82e 100644
--- a/man/nmcli.1.in
+++ b/man/nmcli.1.in
@@ -19,9 +19,9 @@
 .\" with this manual; if not, write to the Free Software Foundation, Inc.,
 .\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 .\"
-.\" Copyright (C) 2010 - 2014 Red Hat, Inc.
+.\" Copyright 2010 - 2014 Red Hat, Inc.
 .\"
-.TH NMCLI "1" "11 July 2014"
+.TH NMCLI "1" "11 September 2014"
 
 .SH NAME
 nmcli \- command\(hyline tool for controlling NetworkManager
@@ -287,12 +287,12 @@ active if a device is using that connection profile. Without a parameter, all
 profiles are listed. When --active option is specified, only the active profiles
 are shown.
 .TP
-.B show [--active] [ id | uuid | path | apath ] <ID> ...
+.B show [--active] [--show-secrets] [ id | uuid | path | apath ] <ID> ...
 .br
 Show details for specified connections. By default, both static configuration
 and active connection data are displayed.  When --active option is specified,
-only the active profiles are taken into
-account.
+only the active profiles are taken into account. When --show-secrets option is
+specified, secrets associated with the profile will be revealed too.
 \fIid\fP, \fIuuid\fP, \fIpath\fP and \fIapath\fP keywords can be used if
 \fI<ID>\fP is ambiguous.
 .RS
@@ -859,6 +859,11 @@ shows all connection profile names and their auto-connect property.
 .IP
 shows details for "My default em1" connection profile.
 
+.IP "\fB\f(CWnmcli connection show --show-secrets \(dq\&My Home WiFi\(dq\&\fP\fP"
+.IP
+shows details for "My Home WiFi" connection profile with all passwords.
+Without \fI--show-secrets\fP option, secrets would not be displayed.
+
 .IP "\fB\f(CWnmcli \-f active connection show \(dq\&My default em1\(dq\&\fP\fP"
 .IP
 shows details for "My default em1" active connection, like IP, DHCP