Commit d101e802 authored by Jan Grulich's avatar Jan Grulich
Browse files

Don't store all secrets passed from the password dialog

Secrets from connections where we explicitly set that secrets should not
be saved or where secrets are not required should not be stored after we
pass them to the password dialog.
parent 7a1f9a1d
......@@ -26,7 +26,11 @@
#include <NetworkManagerQt/Settings>
#include <NetworkManagerQt/ConnectionSettings>
#include <NetworkManagerQt/GenericTypes>
#include <NetworkManagerQt/GsmSetting>
#include <NetworkManagerQt/Security8021xSetting>
#include <NetworkManagerQt/VpnSetting>
#include <NetworkManagerQt/WirelessSecuritySetting>
#include <NetworkManagerQt/WirelessSetting>
#include <QStringBuilder>
......@@ -147,13 +151,54 @@ void SecretAgent::dialogAccepted()
if (request.type == SecretsRequest::GetSecrets && request.dialog == m_dialog) {
NMVariantMapMap connection = request.dialog->secrets();
sendSecrets(connection, request.message);
NetworkManager::ConnectionSettings connectionSettings(connection);
if (request.saveSecretsWithoutReply && connectionSettings.connectionType() != NetworkManager::ConnectionSettings::Vpn) {
SecretsRequest requestOffline(SecretsRequest::SaveSecrets);
requestOffline.connection = connection;
requestOffline.connection_path = request.connection_path;
requestOffline.saveSecretsWithoutReply = true;
m_calls << requestOffline;
NetworkManager::ConnectionSettings::Ptr connectionSettings = NetworkManager::ConnectionSettings::Ptr(new NetworkManager::ConnectionSettings(connection));
NetworkManager::ConnectionSettings::Ptr completeConnectionSettings;
NetworkManager::Connection::Ptr con = NetworkManager::findConnectionByUuid(connectionSettings->uuid());
if (con) {
completeConnectionSettings = con->settings();
} else {
completeConnectionSettings = connectionSettings;
}
if (request.saveSecretsWithoutReply && completeConnectionSettings->connectionType() != NetworkManager::ConnectionSettings::Vpn) {
bool requestOffline = true;
if (completeConnectionSettings->connectionType() == NetworkManager::ConnectionSettings::Gsm) {
NetworkManager::GsmSetting::Ptr gsmSetting = completeConnectionSettings->setting(NetworkManager::Setting::Gsm).staticCast<NetworkManager::GsmSetting>();
if (gsmSetting) {
if (gsmSetting->passwordFlags().testFlag(NetworkManager::Setting::NotSaved) ||
gsmSetting->passwordFlags().testFlag(NetworkManager::Setting::NotRequired)) {
requestOffline = false;
} else if (gsmSetting->pinFlags().testFlag(NetworkManager::Setting::NotSaved) ||
gsmSetting->pinFlags().testFlag(NetworkManager::Setting::NotRequired)) {
requestOffline = false;
}
}
} else if (completeConnectionSettings->connectionType() == NetworkManager::ConnectionSettings::Wireless) {
NetworkManager::WirelessSetting::Ptr wirelessSetting = completeConnectionSettings->setting(NetworkManager::Setting::Wireless).staticCast<NetworkManager::WirelessSetting>();
if (wirelessSetting && !wirelessSetting->security().isEmpty()) {
NetworkManager::WirelessSecuritySetting::Ptr wirelessSecuritySetting = completeConnectionSettings->setting(NetworkManager::Setting::WirelessSecurity).staticCast<NetworkManager::WirelessSecuritySetting>();
if (wirelessSecuritySetting && wirelessSecuritySetting->keyMgmt() == NetworkManager::WirelessSecuritySetting::WpaEap) {
NetworkManager::Security8021xSetting::Ptr security8021xSetting = completeConnectionSettings->setting(NetworkManager::Setting::Security8021x).staticCast<NetworkManager::Security8021xSetting>();
if (security8021xSetting) {
if (security8021xSetting->eapMethods().contains(NetworkManager::Security8021xSetting::EapMethodFast) ||
security8021xSetting->eapMethods().contains(NetworkManager::Security8021xSetting::EapMethodTtls) ||
security8021xSetting->eapMethods().contains(NetworkManager::Security8021xSetting::EapMethodPeap)) {
if (security8021xSetting->passwordFlags().testFlag(NetworkManager::Setting::NotSaved) ||
security8021xSetting->passwordFlags().testFlag(NetworkManager::Setting::NotRequired)) {
requestOffline = false;
}
}
}
}
}
}
if (requestOffline) {
SecretsRequest requestOffline(SecretsRequest::SaveSecrets);
requestOffline.connection = connection;
requestOffline.connection_path = request.connection_path;
requestOffline.saveSecretsWithoutReply = true;
m_calls << requestOffline;
}
}
m_calls.removeAt(i);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment