2007-10-19 Dan Williams <dcbw@redhat.com>

Split the GetSecrets() call off to a separate D-Bus interface so that it can be more easily locked down with D-Bus policy. Only 'root' (ie, NM) should be able to call GetSecrets(). * include/NetworkManager.h - Define the connection secrets D-Bus interface * src/vpn-manager/nm-vpn-connection.c - (clear_need_auth): get the right proxy object for the connection secrets interface - (get_connection_secrets): use the connection secrets proxy; send empty hints in get secrets request * src/nm-activation-request.c - (nm_act_request_request_connection_secrets): use the connection secrets proxy; send empty hints in get secrets request * src/nm-manager.c src/nm-manager.h - (connection_get_settings_cb): set the connection secrets proxy on the connection object too - (internal_new_connection_cb): create the connection secrets proxy * introspection/nm-settings-connection.xml - Define Connection.Secrets interface and move GetSecrets there - Add a 'hints' argument to GetSecrets * libnm-glib/nm-settings.c libnm-glib/nm-settings.h - (impl_connection_settings_get_secrets): add 'hints' argument git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@2989 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2007-10-19 04:55:05 +00:00
parent c2f361392f
commit 42a732d9b9
9 changed files with 98 additions and 16 deletions
--- a/33
+++ b/33
@@ -1,3 +1,36 @@
 2007-10-19  Dan Williams  <dcbw@redhat.com>
 	Split the GetSecrets() call off to a separate D-Bus interface so that it
 	can be more easily locked down with D-Bus policy.  Only 'root' (ie, NM)
 	should be able to call GetSecrets().
 	* include/NetworkManager.h
 		- Define the connection secrets D-Bus interface
 	* src/vpn-manager/nm-vpn-connection.c
 		- (clear_need_auth): get the right proxy object for the connection
 			secrets interface
 		- (get_connection_secrets): use the connection secrets proxy; send
 			empty hints in get secrets request
 	* src/nm-activation-request.c
 		- (nm_act_request_request_connection_secrets): use the connection
 			secrets proxy; send empty hints in get secrets request
 	* src/nm-manager.c
 	  src/nm-manager.h
 		- (connection_get_settings_cb): set the connection secrets proxy on
 			the connection object too
 		- (internal_new_connection_cb): create the connection secrets proxy
 	* introspection/nm-settings-connection.xml
 		- Define Connection.Secrets interface and move GetSecrets there
 		- Add a 'hints' argument to GetSecrets
 	* libnm-glib/nm-settings.c
 	  libnm-glib/nm-settings.h
 		- (impl_connection_settings_get_secrets): add 'hints' argument
 2007-10-19  Dan Williams  <dcbw@redhat.com>
 	* src/nm-device.c
--- a/include/NetworkManager.h
+++ b/include/NetworkManager.h
@@ -43,6 +43,7 @@
 #define NM_DBUS_IFACE_SETTINGS_CONNECTION "org.freedesktop.NetworkManagerSettings.Connection"
 #define NM_DBUS_PATH_SETTINGS_CONNECTION  "/org/freedesktop/NetworkManagerSettings/Connection"
 #define NM_DBUS_IFACE_SETTINGS_CONNECTION_SECRETS "org.freedesktop.NetworkManagerSettings.Connection.Secrets"
 #define NMI_DBUS_USER_KEY_CANCELED_ERROR	"org.freedesktop.NetworkManagerInfo.CanceledError"
--- a/introspection/nm-settings-connection.xml
+++ b/introspection/nm-settings-connection.xml
@@ -14,14 +14,6 @@
      <arg name="settings" type="a{sa{sv}}" direction="out"/>
    </method>
    <method name="GetSecrets">
      <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_connection_settings_get_secrets"/>
      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
      <arg name="setting_name" type="s" direction="in"/>
      <arg name="request_new" type="b" direction="in"/>
      <arg name="secrets" type="a{sv}" direction="out"/>
    </method>
    <signal name="Updated">
      <arg name="settings" type="a{sa{sv}}"/>
    </signal>
@@ -31,4 +23,20 @@
  </interface>
  <!-- Secrets have a separate interface so that they can be locked down -->
  <interface name="org.freedesktop.NetworkManagerSettings.Connection.Secrets">
    <method name="GetSecrets">
      <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_connection_settings_get_secrets"/>
      <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
      <arg name="setting_name" type="s" direction="in"/>
      <!-- Array of strings of key names in the Setting for which NM thinks
           a secrets may be required. -->
      <arg name="hints" type="as" direction="in"/>
      <arg name="request_new" type="b" direction="in"/>
      <arg name="secrets" type="a{sv}" direction="out"/>
    </method>
  </interface>
 </node>
--- a/libnm-glib/nm-settings.c
+++ b/libnm-glib/nm-settings.c
@@ -119,6 +119,7 @@ static gboolean impl_connection_settings_get_settings (NMConnectionSettings *con
 						       GError **error);
 static void impl_connection_settings_get_secrets (NMConnectionSettings *connection,
 						      const gchar *setting_name,
 						      const gchar **hints,
 						      gboolean request_new,
 						      DBusGMethodInvocation *context);
@@ -178,6 +179,7 @@ impl_connection_settings_get_settings (NMConnectionSettings *connection,
 static void
 impl_connection_settings_get_secrets (NMConnectionSettings *connection,
                                      const gchar *setting_name,
                                      const gchar **hints,
                                      gboolean request_new,
                                      DBusGMethodInvocation *context)
 {
@@ -201,7 +203,7 @@ impl_connection_settings_get_secrets (NMConnectionSettings *connection,
 		return;
 	}
-	CONNECTION_SETTINGS_CLASS (connection)->get_secrets (connection, setting_name, request_new, context);
+	CONNECTION_SETTINGS_CLASS (connection)->get_secrets (connection, setting_name, hints, request_new, context);
 }
 static void
--- a/libnm-glib/nm-settings.h
+++ b/libnm-glib/nm-settings.h
@@ -29,6 +29,7 @@ typedef struct {
 	GHashTable * (* get_settings) (NMConnectionSettings *connection);
 	void         (* get_secrets) (NMConnectionSettings *connection,
 	                              const gchar *setting_name,
 	                              const gchar **hints,
 	                              gboolean request_new,
 	                              DBusGMethodInvocation *context);
--- a/src/nm-activation-request.c
+++ b/src/nm-activation-request.c
@@ -201,6 +201,8 @@ get_secrets_cb (DBusGProxy *proxy, DBusGProxyCall *call, gpointer user_data)
 	g_hash_table_destroy (secrets);
 }
 #define DBUS_TYPE_STRING_ARRAY   (dbus_g_type_get_collection ("GPtrArray", G_TYPE_STRING))
 gboolean
 nm_act_request_request_connection_secrets (NMActRequest *req,
                                           const char *setting_name,
@@ -210,12 +212,13 @@ nm_act_request_request_connection_secrets (NMActRequest *req,
 	DBusGProxyCall *call;
 	GetSecretsInfo *info = NULL;
 	NMActRequestPrivate *priv = NULL;
 	GPtrArray *hints = NULL;
 	g_return_val_if_fail (NM_IS_ACT_REQUEST (req), FALSE);
 	g_return_val_if_fail (setting_name != NULL, FALSE);
 	priv = NM_ACT_REQUEST_GET_PRIVATE (req);
-	proxy = g_object_get_data (G_OBJECT (priv->connection), NM_MANAGER_CONNECTION_PROXY_TAG);
+	proxy = g_object_get_data (G_OBJECT (priv->connection), NM_MANAGER_CONNECTION_SECRETS_PROXY_TAG);
 	if (!DBUS_IS_G_PROXY (proxy)) {
 		nm_warning ("Couldn't get dbus proxy for connection.");
 		goto error;
@@ -233,6 +236,9 @@ nm_act_request_request_connection_secrets (NMActRequest *req,
 		goto error;
 	}
 	/* Empty for now */
 	hints = g_ptr_array_new ();
 	info->req = req;
 	call = dbus_g_proxy_begin_call_with_timeout (proxy, "GetSecrets",
 	                                             get_secrets_cb,
@@ -240,8 +246,10 @@ nm_act_request_request_connection_secrets (NMActRequest *req,
 	                                             free_get_secrets_info,
 	                                             G_MAXINT32,
 	                                             G_TYPE_STRING, setting_name,
 	                                             DBUS_TYPE_STRING_ARRAY, hints,
 	                                             G_TYPE_BOOLEAN, request_new,
 	                                             G_TYPE_INVALID);
 	g_ptr_array_free (hints, TRUE);
 	if (!call) {
 		nm_warning ("Could not call GetSecrets");
 		goto error;
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -378,6 +378,7 @@ typedef struct GetSettingsInfo {
 	NMConnection *connection;
 	DBusGProxy *proxy;
 	DBusGProxyCall *call;
 	DBusGProxy *secrets_proxy;
 	GSList **calls;
 } GetSettingsInfo;
@@ -449,6 +450,11 @@ connection_get_settings_cb  (DBusGProxy *proxy,
 		                        proxy,
 		                        (GDestroyNotify) g_object_unref);
 		g_object_set_data_full (G_OBJECT (connection),
 		                        NM_MANAGER_CONNECTION_SECRETS_PROXY_TAG,
 		                        info->secrets_proxy,
 		                        (GDestroyNotify) g_object_unref);
 		priv = NM_MANAGER_GET_PRIVATE (manager);
 		type = get_type_for_proxy (proxy);
 		switch (type) {
@@ -595,6 +601,7 @@ internal_new_connection_cb (DBusGProxy *proxy,
 	NMDBusManager * dbus_mgr;
 	DBusGConnection * g_connection;
 	DBusGProxyCall *call;
 	DBusGProxy *secrets_proxy;
 	dbus_mgr = nm_dbus_manager_get ();
 	g_connection = nm_dbus_manager_get_connection (dbus_mgr);
@@ -602,9 +609,20 @@ internal_new_connection_cb (DBusGProxy *proxy,
 	                                       dbus_g_proxy_get_bus_name (proxy),
 	                                       path,
 	                                       NM_DBUS_IFACE_SETTINGS_CONNECTION);
 	g_object_unref (dbus_mgr);
 	if (!con_proxy) {
 		nm_warning ("Error: could not init user connection proxy");
 		g_object_unref (dbus_mgr);
 		return;
 	}
 	secrets_proxy = dbus_g_proxy_new_for_name (g_connection,
 	                                           dbus_g_proxy_get_bus_name (proxy),
 	                                           path,
 	                                           NM_DBUS_IFACE_SETTINGS_CONNECTION_SECRETS);
 	g_object_unref (dbus_mgr);
 	if (!secrets_proxy) {
 		nm_warning ("Error: could not init user connection secrets proxy");
 		g_object_unref (con_proxy);
 		return;
 	}
@@ -632,6 +650,7 @@ internal_new_connection_cb (DBusGProxy *proxy,
 	                                G_TYPE_INVALID);
 	info->call = call;
 	info->proxy = con_proxy;
 	info->secrets_proxy = secrets_proxy;
 	if (info->calls)
 		*(info->calls) = g_slist_prepend (*(info->calls), call);
 }
--- a/src/nm-manager.h
+++ b/src/nm-manager.h
@@ -20,6 +20,7 @@
 #define NM_MANAGER_CONNECTION_PROXY_TAG "dbus-proxy"
 #define NM_MANAGER_CONNECTION_TYPE_TAG "service-type"
 #define NM_MANAGER_CONNECTION_SECRETS_PROXY_TAG "dbus-secrets-proxy"
 typedef enum {
 	NM_CONNECTION_TYPE_UNKNOWN = 0,
--- a/src/vpn-manager/nm-vpn-connection.c
+++ b/src/vpn-manager/nm-vpn-connection.c
@@ -510,7 +510,7 @@ clear_need_auth (NMVPNConnection *vpn_connection)
 	priv = NM_VPN_CONNECTION_GET_PRIVATE (vpn_connection);
 	g_assert (priv->connection);
-	proxy = g_object_get_data (G_OBJECT (priv->connection), NM_MANAGER_CONNECTION_PROXY_TAG);
+	proxy = g_object_get_data (G_OBJECT (priv->connection), NM_MANAGER_CONNECTION_SECRETS_PROXY_TAG);
 	if (!proxy || !DBUS_IS_G_PROXY (proxy))
 		return;
@@ -576,15 +576,18 @@ error:
 	nm_vpn_connection_fail (info->vpn_connection, NM_VPN_CONNECTION_STATE_REASON_NO_SECRETS);
 }
 #define DBUS_TYPE_STRING_ARRAY   (dbus_g_type_get_collection ("GPtrArray", G_TYPE_STRING))
 static gboolean
 get_connection_secrets (NMVPNConnection *vpn_connection,
                        const char *setting_name,
                        gboolean request_new)
 {
 	NMVPNConnectionPrivate *priv;
-	DBusGProxy *con_proxy;
+	DBusGProxy *secrets_proxy;
 	GetSecretsInfo *info = NULL;
 	DBusGProxyCall *call;
 	GPtrArray *hints;
 	g_return_val_if_fail (vpn_connection != NULL, FALSE);
 	g_return_val_if_fail (NM_IS_VPN_CONNECTION (vpn_connection), FALSE);
@@ -593,8 +596,9 @@ get_connection_secrets (NMVPNConnection *vpn_connection,
 	priv = NM_VPN_CONNECTION_GET_PRIVATE (vpn_connection);
 	g_assert (priv->connection);
-	con_proxy = g_object_get_data (G_OBJECT (priv->connection), NM_MANAGER_CONNECTION_PROXY_TAG);
+	secrets_proxy = g_object_get_data (G_OBJECT (priv->connection),
-	g_return_val_if_fail (con_proxy && DBUS_IS_G_PROXY (con_proxy), FALSE);
+	                                   NM_MANAGER_CONNECTION_SECRETS_PROXY_TAG);
 	g_return_val_if_fail (secrets_proxy && DBUS_IS_G_PROXY (secrets_proxy), FALSE);
 	info = g_slice_new0 (GetSecretsInfo);
 	g_return_val_if_fail (info != NULL, FALSE);
@@ -607,15 +611,20 @@ get_connection_secrets (NMVPNConnection *vpn_connection,
 	info->vpn_connection = g_object_ref (vpn_connection);
 	/* Empty for now... */
 	hints = g_ptr_array_new ();
 	/* use ..._with_timeout to give the user time to enter secrets */
-	call = dbus_g_proxy_begin_call_with_timeout (con_proxy, "GetSecrets",
+	call = dbus_g_proxy_begin_call_with_timeout (secrets_proxy, "GetSecrets",
 	                                             get_secrets_cb,
 	                                             info,
 	                                             free_get_secrets_info,
 	                                             G_MAXINT32,
 	                                             G_TYPE_STRING, setting_name,
 	                                             DBUS_TYPE_STRING_ARRAY, hints,
 	                                             G_TYPE_BOOLEAN, request_new,
 	                                             G_TYPE_INVALID);
 	g_ptr_array_free (hints, TRUE);
 	if (!call) {
 		nm_warning ("Could not call GetSecrets");
 		goto error;