libnm-gtk: set default 802.1x password flags to "agent-owned"

Imported 0.8 connections and VPN connects had password flags set for
the appropriate connection types, but we want to default 802.1x
passwords to "agent-owned" too.

4 files changed, 49 insertions, 2 deletions

diff --git a/src/wireless-security/eap-method-leap.c b/src/wireless-security/eap-method-leap.c
index 2f57e8aa..45cca987 100644
--- a/src/wireless-security/eap-method-leap.c
+++ b/src/wireless-security/eap-method-leap.c
@@ -30,6 +30,8 @@
 
 struct _EAPMethodLEAP {
 	EAPMethod parent;
+
+	gboolean new_connection;
 };
 
 static void
@@ -83,6 +85,7 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
 static void
 fill_connection (EAPMethod *parent, NMConnection *connection)
 {
+	EAPMethodLEAP *method = (EAPMethodLEAP *) parent;
 	NMSetting8021x *s_8021x;
 	GtkWidget *widget;
 
@@ -98,6 +101,13 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry"));
 	g_assert (widget);
 	g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
+
+	/* Default to agent-owned secrets for new connections */
+	if (method->new_connection) {
+		g_object_set (s_8021x,
+		              NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
+		              NULL);
+	}
 }
 
 static void
@@ -115,6 +125,7 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
                      NMConnection *connection,
                      gboolean secrets_only)
 {
+	EAPMethodLEAP *method;
 	EAPMethod *parent;
 	GtkWidget *widget;
 
@@ -131,6 +142,9 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
 	if (!parent)
 		return NULL;
 
+	method = (EAPMethodLEAP *) parent;
+	method->new_connection = secrets_only ? FALSE : TRUE;
+
 	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_username_entry"));
 	g_assert (widget);
 	g_signal_connect (G_OBJECT (widget), "changed",
@@ -163,6 +177,6 @@ eap_method_leap_new (WirelessSecurity *ws_parent,
 	                  (GCallback) show_toggled_cb,
 	                  parent);
 
-	return (EAPMethodLEAP *) parent;
+	return method;
 }
 
diff --git a/src/wireless-security/eap-method-simple.c b/src/wireless-security/eap-method-simple.c
index d814194e..abccafbe 100644
--- a/src/wireless-security/eap-method-simple.c
+++ b/src/wireless-security/eap-method-simple.c
@@ -34,6 +34,7 @@ struct _EAPMethodSimple {
 
 	EAPMethodSimpleType type;
 	gboolean is_editor;
+	gboolean new_connection;
 };
 
 static void
@@ -163,6 +164,13 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 		g_assert (widget);
 		g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
 	}
+
+	/* Default to agent-owned secrets for new connections */
+	if (method->new_connection && (not_saved == FALSE)) {
+		g_object_set (s_8021x,
+		              NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
+		              NULL);
+	}
 }
 
 static void
@@ -230,6 +238,7 @@ eap_method_simple_new (WirelessSecurity *ws_parent,
 	method = (EAPMethodSimple *) parent;
 	method->type = type;
 	method->is_editor = is_editor;
+	method->new_connection = secrets_only ? FALSE : TRUE;
 
 	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry"));
 	g_assert (widget);
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index 1ef042bb..2e5df578 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -35,6 +35,8 @@
 
 struct _EAPMethodTLS {
 	EAPMethod parent;
+
+	gboolean new_connection;
 };
 
 
@@ -117,12 +119,14 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
 static void
 fill_connection (EAPMethod *parent, NMConnection *connection)
 {
+	EAPMethodTLS *method = (EAPMethodTLS *) parent;
 	NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
 	NMSetting8021x *s_8021x;
 	GtkWidget *widget;
 	char *ca_filename, *pk_filename, *cc_filename;
 	const char *password = NULL;
 	GError *error = NULL;
+	const char *secret_flag_prop = NULL;
 
 	s_8021x = nm_connection_get_setting_802_1x (connection);
 	g_assert (s_8021x);
@@ -152,14 +156,20 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 			g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
 			g_clear_error (&error);
 		}
+		secret_flag_prop = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS;
 	} else {
 		if (!nm_setting_802_1x_set_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) {
 			g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)");
 			g_clear_error (&error);
 		}
+		secret_flag_prop = NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS;
 	}
 	g_free (pk_filename);
 
+	/* Default to agent-owned secrets for new connections */
+	if (method->new_connection)
+		g_object_set (s_8021x, secret_flag_prop, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL);
+
 	/* TLS client certificate */
 	if (format != NM_SETTING_802_1X_CK_FORMAT_PKCS12) {
 		/* If the key is pkcs#12 nm_setting_802_1x_set_private_key() already
@@ -376,6 +386,7 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
                     gboolean phase2,
                     gboolean secrets_only)
 {
+	EAPMethodTLS *method;
 	EAPMethod *parent;
 	GtkWidget *widget;
 	NMSetting8021x *s_8021x = NULL;
@@ -393,6 +404,9 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
 	if (!parent)
 		return NULL;
 
+	method = (EAPMethodTLS *) parent;
+	method->new_connection = secrets_only ? FALSE : TRUE;
+
 	eap_method_nag_init (parent, "eap_tls_ca_cert_button", connection);
 
 	if (connection)
@@ -458,6 +472,6 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
 		gtk_widget_hide (widget);
 	}
 
-	return (EAPMethodTLS *) parent;
+	return method;
 }
 
diff --git a/src/wireless-security/ws-leap.c b/src/wireless-security/ws-leap.c
index c5622ebd..f0ec6a27 100644
--- a/src/wireless-security/ws-leap.c
+++ b/src/wireless-security/ws-leap.c
@@ -28,6 +28,7 @@
 
 struct _WirelessSecurityLEAP {
 	WirelessSecurity parent;
+	gboolean new_connection;
 };
 
 static void
@@ -79,6 +80,7 @@ add_to_size_group (WirelessSecurity *parent, GtkSizeGroup *group)
 static void
 fill_connection (WirelessSecurity *parent, NMConnection *connection)
 {
+	WirelessSecurityLEAP *sec = (WirelessSecurityLEAP *) parent;
 	NMSettingWireless *s_wireless;
 	NMSettingWirelessSecurity *s_wireless_sec;
 	GtkWidget *widget;
@@ -105,6 +107,13 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection)
 	              NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME, leap_username,
 	              NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, leap_password,
 	              NULL);
+
+	/* Default to agent-owned secrets for new connections */
+	if (sec->new_connection) {
+		g_object_set (s_wireless_sec,
+		              NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED,
+		              NULL);
+	}
 }
 
 static void
@@ -151,6 +160,7 @@ ws_leap_new (NMConnection *connection, gboolean secrets_only)
 
 	parent->adhoc_compatible = FALSE;
 	sec = (WirelessSecurityLEAP *) parent;
+	sec->new_connection = secrets_only ? FALSE : TRUE;
 
 	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
 	g_assert (widget);