wireless-security/tls: add domain suffix match entry

https://bugzilla.redhat.com/show_bug.cgi?id=1457542
author: Lubomir Rintel <lkundrak@v3.sk> 2017-06-09 17:48:50 +0200
committer: Lubomir Rintel <lkundrak@v3.sk> 2017-06-13 15:02:26 +0200
commit: f38d12fec9a54c88b85df4d69f233814bd5f57c5 (patch)
tree: 3505942a6b6a9e353ac4efd0d373e5e078c5bd6a /src/wireless-security
parent: e9cb7074f1f1a4ad08d564a4c085ff8e80ab9e92 (diff)
download: network-manager-applet-f38d12fec9a54c88b85df4d69f233814bd5f57c5.tar.gz
2 files changed, 89 insertions, 36 deletions
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index b22357d3..a740c114 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -100,6 +100,10 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group)
 	g_assert (widget);
 	gtk_size_group_add_widget (group, widget);
 
+	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_label"));
+	g_assert (widget);
+	gtk_size_group_add_widget (group, widget);
+
 	nma_cert_chooser_add_to_size_group (NMA_CERT_CHOOSER (method->client_cert_chooser), group);
 	nma_cert_chooser_add_to_size_group (NMA_CERT_CHOOSER (method->ca_cert_chooser), group);
 }
@@ -130,6 +134,14 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
 	g_assert (widget);
 	g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
 
+#if LIBNM_BUILD
+	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_entry"));
+	g_assert (widget);
+	g_object_set (s_8021x,
+	              parent->phase2 ? NM_SETTING_802_1X_PHASE2_DOMAIN_SUFFIX_MATCH : NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH,
+	              gtk_entry_get_text (GTK_ENTRY (widget)), NULL);
+#endif
+
 	/* TLS private key */
 	password = g_strdup (nma_cert_chooser_get_key_password (NMA_CERT_CHOOSER (method->client_cert_chooser)));
 	value = nma_cert_chooser_get_key (NMA_CERT_CHOOSER (method->client_cert_chooser), &scheme);
@@ -397,43 +409,27 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
 	if (s_8021x && nm_setting_802_1x_get_identity (s_8021x))
 		gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_identity (s_8021x));
 
-	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_grid"));
+	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_entry"));
 	g_assert (widget);
-
-	method->client_cert_chooser = nma_cert_chooser_new ("User",
-	                                                    secrets_only ? NMA_CERT_CHOOSER_FLAG_PASSWORDS : 0);
-	gtk_grid_attach (GTK_GRID (widget), method->client_cert_chooser, 0, 1, 2, 1);
-	gtk_widget_show (method->client_cert_chooser);
-
-	g_signal_connect (method->client_cert_chooser, "cert-validate",
-	                  G_CALLBACK (client_cert_validate_cb),
-	                  NULL);
-	g_signal_connect (method->client_cert_chooser,
-	                  "key-validate",
-	                  G_CALLBACK (client_key_validate_cb),
-	                  NULL);
-	g_signal_connect (method->client_cert_chooser,
-	                  "key-password-validate",
-	                  G_CALLBACK (client_key_password_validate_cb),
-	                  NULL);
-	g_signal_connect (method->client_cert_chooser,
-	                  "changed",
-	                  G_CALLBACK (client_cert_fixup_pkcs12),
-	                  ws_parent);
-	g_signal_connect (method->client_cert_chooser,
-	                  "changed",
-	                  G_CALLBACK (wireless_security_changed_cb),
+#if LIBNM_BUILD
+	g_signal_connect (G_OBJECT (widget), "changed",
+	                  (GCallback) wireless_security_changed_cb,
 	                  ws_parent);
+	if (phase2) {
+		if (s_8021x && nm_setting_802_1x_get_phase2_domain_suffix_match (s_8021x))
+			gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_phase2_domain_suffix_match (s_8021x));
+	} else {
+		if (s_8021x && nm_setting_802_1x_get_domain_suffix_match (s_8021x))
+			gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_domain_suffix_match (s_8021x));
+	}
+#else
+	gtk_widget_hide (widget);
+	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_domain_label"));
+	gtk_widget_hide (widget);
+#endif
 
-	eap_method_setup_cert_chooser (NMA_CERT_CHOOSER (method->client_cert_chooser), s_8021x,
-	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_scheme : nm_setting_802_1x_get_client_cert_scheme,
-	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_path : nm_setting_802_1x_get_client_cert_path,
-	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_uri : nm_setting_802_1x_get_client_cert_uri,
-	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_password : nm_setting_802_1x_get_client_cert_password,
-	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_scheme : nm_setting_802_1x_get_private_key_scheme,
-	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_path : nm_setting_802_1x_get_private_key_path,
-	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_uri : nm_setting_802_1x_get_private_key_uri,
-	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_password : nm_setting_802_1x_get_private_key_password);
+	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_grid"));
+	g_assert (widget);
 
 	method->ca_cert_chooser = nma_cert_chooser_new ("CA",
 	                                                  NMA_CERT_CHOOSER_FLAG_CERT
@@ -470,6 +466,42 @@ eap_method_tls_new (WirelessSecurity *ws_parent,
 		else
 			ca_not_required = TRUE;
 	}
+
+	method->client_cert_chooser = nma_cert_chooser_new ("User",
+	                                                    secrets_only ? NMA_CERT_CHOOSER_FLAG_PASSWORDS : 0);
+	gtk_grid_attach (GTK_GRID (widget), method->client_cert_chooser, 0, 4, 2, 1);
+	gtk_widget_show (method->client_cert_chooser);
+
+	g_signal_connect (method->client_cert_chooser, "cert-validate",
+	                  G_CALLBACK (client_cert_validate_cb),
+	                  NULL);
+	g_signal_connect (method->client_cert_chooser,
+	                  "key-validate",
+	                  G_CALLBACK (client_key_validate_cb),
+	                  NULL);
+	g_signal_connect (method->client_cert_chooser,
+	                  "key-password-validate",
+	                  G_CALLBACK (client_key_password_validate_cb),
+	                  NULL);
+	g_signal_connect (method->client_cert_chooser,
+	                  "changed",
+	                  G_CALLBACK (client_cert_fixup_pkcs12),
+	                  ws_parent);
+	g_signal_connect (method->client_cert_chooser,
+	                  "changed",
+	                  G_CALLBACK (wireless_security_changed_cb),
+	                  ws_parent);
+
+	eap_method_setup_cert_chooser (NMA_CERT_CHOOSER (method->client_cert_chooser), s_8021x,
+	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_scheme : nm_setting_802_1x_get_client_cert_scheme,
+	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_path : nm_setting_802_1x_get_client_cert_path,
+	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_uri : nm_setting_802_1x_get_client_cert_uri,
+	                               phase2 ? nm_setting_802_1x_get_phase2_client_cert_password : nm_setting_802_1x_get_client_cert_password,
+	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_scheme : nm_setting_802_1x_get_private_key_scheme,
+	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_path : nm_setting_802_1x_get_private_key_path,
+	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_uri : nm_setting_802_1x_get_private_key_uri,
+	                               phase2 ? nm_setting_802_1x_get_phase2_private_key_password : nm_setting_802_1x_get_private_key_password);
+
 	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_tls_ca_cert_not_required_checkbox"));
 	gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), ca_not_required);
 
diff --git a/src/wireless-security/eap-method-tls.ui b/src/wireless-security/eap-method-tls.ui
index 1e47d6f3..6a6ba025 100644
--- a/src/wireless-security/eap-method-tls.ui
+++ b/src/wireless-security/eap-method-tls.ui
@@ -56,10 +56,31 @@
           </packing>
         </child>
         <child>
-          <placeholder/>
+          <object class="GtkLabel" id="eap_tls_domain_label">
+            <property name="visible">True</property>
+            <property name="can_focus">False</property>
+            <property name="tooltip_text" translatable="yes">Suffix of the server certificate name.</property>
+            <property name="label" translatable="yes">_Domain:</property>
+            <property name="use_underline">True</property>
+            <property name="mnemonic_widget">eap_tls_domain_entry</property>
+            <property name="xalign">0</property>
+          </object>
+          <packing>
+            <property name="left_attach">0</property>
+            <property name="top_attach">1</property>
+          </packing>
         </child>
         <child>
-          <placeholder/>
+          <object class="GtkEntry" id="eap_tls_domain_entry">
+            <property name="visible">True</property>
+            <property name="can_focus">True</property>
+            <property name="hexpand">True</property>
+            <property name="activates_default">True</property>
+          </object>
+          <packing>
+            <property name="left_attach">1</property>
+            <property name="top_attach">1</property>
+          </packing>
         </child>
         <child>
           <placeholder/>
author	Lubomir Rintel <lkundrak@v3.sk>	2017-06-09 17:48:50 +0200
committer	Lubomir Rintel <lkundrak@v3.sk>	2017-06-13 15:02:26 +0200
commit	f38d12fec9a54c88b85df4d69f233814bd5f57c5 (patch)
tree	3505942a6b6a9e353ac4efd0d373e5e078c5bd6a /src/wireless-security
parent	e9cb7074f1f1a4ad08d564a4c085ff8e80ab9e92 (diff)
download	network-manager-applet-f38d12fec9a54c88b85df4d69f233814bd5f57c5.tar.gz