Commit 97cd51d3 authored by Jan Grulich's avatar Jan Grulich

Allow to set "domain-suffix-match" in Wi-Fi settings

Summary:
This concerns Wi-Fi settings of enterprise WPA/WPA2:
* TLS
* tunneled TLS
* PEAP

Requires commit `Support "domain-suffix-match" in Security8021xSetting` in `networkmanager-qt` (https://phabricator.kde.org/D8402).

Test Plan:
1. ApplySupport "domain-suffix-match" in Security8021xSetting` in `networkmanager-qt` as well
2. Open connection settings
3. Select Wi-Fi connection
4. Configure domain under enterprise security settings
5. Apply
5. Open related config file, eg. `/etc/NetworkManager/system-connections/eduroam`
6. Check whether "domain-suffix-match" is set correctly.

BTW: To use the development build of the kcm module one must set `QT_PLUGIN_PATH` to the directory where `kcm_networkmanagement.so` has been installed. Then it can be tested by executing eg. `kcmshell5 --desktopfile /devel/stuff/share/kservices5/plasma-applet-org.kde.plasma.networkmanagement.desktop kcm_networkmanagement`.

Reviewers: #plasma, jgrulich

Reviewed By: jgrulich

Subscribers: jgrulich, ngraham, plasma-devel

Tags: #plasma

Differential Revision: https://phabricator.kde.org/D8405
parent c7a6f013
......@@ -106,7 +106,6 @@ KCMNetworkmanagement::KCMNetworkmanagement(QWidget *parent, const QVariantList &
// Also check if the connection type is supported by KCM
const NetworkManager::ConnectionSettings::ConnectionType type = activeConnection->type();
if (UiUtils::isConnectionTypeSupported(type)) {
loadConnectionSettings(activeConnection->connection()->settings());
QMetaObject::invokeMethod(rootItem, "selectConnection", Q_ARG(QVariant, activeConnection->id()), Q_ARG(QVariant, activeConnection->connection()->path()));
}
} else {
......@@ -144,7 +143,6 @@ KCMNetworkmanagement::KCMNetworkmanagement(QWidget *parent, const QVariantList &
Q_FOREACH (const NetworkManager::Connection::Ptr &connection, connectionList) {
const NetworkManager::ConnectionSettings::ConnectionType type = connection->settings()->connectionType();
if (UiUtils::isConnectionTypeSupported(type)) {
loadConnectionSettings(connection->settings());
QMetaObject::invokeMethod(rootItem, "selectConnection", Q_ARG(QVariant, connection->settings()->id()), Q_ARG(QVariant, connection->path()));
break;
}
......
......@@ -146,6 +146,7 @@ void Security8021x::loadConfig(const NetworkManager::Setting::Ptr &setting)
QStringList servers;
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodTls));
m_ui->tlsIdentity->setText(securitySetting->identity());
m_ui->tlsDomain->setText(securitySetting->domainSuffixMatch());
m_ui->tlsUserCert->setUrl(QUrl::fromLocalFile(securitySetting->clientCertificate()));
m_ui->tlsCACert->setUrl(QUrl::fromLocalFile(securitySetting->caCertificate()));
m_ui->leTlsSubjectMatch->setText(securitySetting->subjectMatch());
......@@ -196,6 +197,7 @@ void Security8021x::loadConfig(const NetworkManager::Setting::Ptr &setting)
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodTtls)) {
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodTtls));
m_ui->ttlsAnonIdentity->setText(securitySetting->anonymousIdentity());
m_ui->ttlsDomain->setText(securitySetting->domainSuffixMatch());
m_ui->ttlsCACert->setUrl(QUrl::fromLocalFile(securitySetting->caCertificate()));
if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodPap) {
m_ui->ttlsInnerAuth->setCurrentIndex(0);
......@@ -217,6 +219,7 @@ void Security8021x::loadConfig(const NetworkManager::Setting::Ptr &setting)
} else if (eapMethods.contains(NetworkManager::Security8021xSetting::EapMethodPeap)) {
m_ui->auth->setCurrentIndex(m_ui->auth->findData(NetworkManager::Security8021xSetting::EapMethodPeap));
m_ui->peapAnonIdentity->setText(securitySetting->anonymousIdentity());
m_ui->peapDomain->setText(securitySetting->domainSuffixMatch());
m_ui->peapCACert->setUrl(QUrl::fromLocalFile(securitySetting->caCertificate()));
m_ui->peapVersion->setCurrentIndex(securitySetting->phase1PeapVersion() + 1);
if (phase2AuthMethod == NetworkManager::Security8021xSetting::AuthMethodMschapv2) {
......@@ -298,6 +301,10 @@ QVariantMap Security8021x::setting() const
setting.setIdentity(m_ui->tlsIdentity->text());
}
if (!m_ui->tlsDomain->text().isEmpty()) {
setting.setDomainSuffixMatch(m_ui->tlsDomain->text());
}
if (m_ui->tlsUserCert->url().isValid()) {
setting.setClientCertificate(m_ui->tlsUserCert->url().toString().toUtf8().append('\0'));
}
......@@ -400,6 +407,10 @@ QVariantMap Security8021x::setting() const
setting.setAnonymousIdentity(m_ui->ttlsAnonIdentity->text());
}
if (!m_ui->ttlsDomain->text().isEmpty()) {
setting.setDomainSuffixMatch(m_ui->ttlsDomain->text());
}
if (m_ui->ttlsCACert->url().isValid()) {
setting.setCaCertificate(m_ui->ttlsCACert->url().toString().toUtf8().append('\0'));
}
......@@ -435,6 +446,10 @@ QVariantMap Security8021x::setting() const
setting.setAnonymousIdentity(m_ui->peapAnonIdentity->text());
}
if (!m_ui->peapDomain->text().isEmpty()) {
setting.setDomainSuffixMatch(m_ui->peapDomain->text());
}
if (m_ui->peapCACert->url().isValid()) {
setting.setCaCertificate(m_ui->peapCACert->url().toString().toUtf8().append('\0'));
}
......
......@@ -120,6 +120,16 @@
<widget class="KLineEdit" name="tlsIdentity"/>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_32">
<property name="text">
<string>Domain:</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="KLineEdit" name="tlsDomain"/>
</item>
<item row="2" column="0">
<widget class="QLabel" name="label_5">
<property name="text">
<string>User certificate:</string>
......@@ -129,14 +139,14 @@
</property>
</widget>
</item>
<item row="1" column="1">
<item row="2" column="1">
<widget class="KUrlRequester" name="tlsUserCert">
<property name="filter">
<string notr="true">*.der *.pem *.crt *.cer</string>
</property>
</widget>
</item>
<item row="2" column="0">
<item row="3" column="0">
<widget class="QLabel" name="label_6">
<property name="text">
<string>CA certificate:</string>
......@@ -146,14 +156,14 @@
</property>
</widget>
</item>
<item row="2" column="1">
<item row="3" column="1">
<widget class="KUrlRequester" name="tlsCACert">
<property name="filter">
<string notr="true">*.der *.pem *.crt *.cer</string>
</property>
</widget>
</item>
<item row="3" column="0">
<item row="4" column="0">
<widget class="QLabel" name="label_27">
<property name="text">
<string>Subject match:</string>
......@@ -163,14 +173,14 @@
</property>
</widget>
</item>
<item row="3" column="1">
<item row="4" column="1">
<widget class="QLineEdit" name="leTlsSubjectMatch">
<property name="text">
<string/>
</property>
</widget>
</item>
<item row="4" column="0">
<item row="5" column="0">
<widget class="QLabel" name="label_28">
<property name="text">
<string>Alternative subject matches:</string>
......@@ -180,7 +190,7 @@
</property>
</widget>
</item>
<item row="4" column="1">
<item row="5" column="1">
<layout class="QHBoxLayout" name="horizontalLayout">
<item>
<widget class="QLineEdit" name="leTlsAlternativeSubjectMatches"/>
......@@ -194,7 +204,7 @@
</item>
</layout>
</item>
<item row="5" column="0">
<item row="6" column="0">
<widget class="QLabel" name="label_29">
<property name="text">
<string>Connect to these servers:</string>
......@@ -204,7 +214,7 @@
</property>
</widget>
</item>
<item row="5" column="1">
<item row="6" column="1">
<layout class="QHBoxLayout" name="horizontalLayout_2">
<item>
<widget class="QLineEdit" name="leTlsConnectToServers"/>
......@@ -218,7 +228,7 @@
</item>
</layout>
</item>
<item row="6" column="0">
<item row="7" column="0">
<widget class="QLabel" name="label_7">
<property name="text">
<string>Private key:</string>
......@@ -228,14 +238,14 @@
</property>
</widget>
</item>
<item row="6" column="1">
<item row="7" column="1">
<widget class="KUrlRequester" name="tlsPrivateKey">
<property name="filter">
<string notr="true">*.der *.pem *.p12 *.key</string>
</property>
</widget>
</item>
<item row="7" column="0">
<item row="8" column="0">
<widget class="QLabel" name="label_8">
<property name="text">
<string>Private key password:</string>
......@@ -245,7 +255,7 @@
</property>
</widget>
</item>
<item row="7" column="1">
<item row="8" column="1">
<widget class="PasswordField" name="tlsPrivateKeyPassword">
<property name="passwordModeEnabled" stdset="0">
<bool>true</bool>
......@@ -432,7 +442,7 @@
<item row="0" column="1">
<widget class="KLineEdit" name="ttlsAnonIdentity"/>
</item>
<item row="1" column="0">
<item row="3" column="0">
<widget class="QLabel" name="label_20">
<property name="text">
<string>CA certificate:</string>
......@@ -442,14 +452,14 @@
</property>
</widget>
</item>
<item row="1" column="1">
<item row="3" column="1">
<widget class="KUrlRequester" name="ttlsCACert">
<property name="filter">
<string notr="true">*.der *.pem *.crt *.cer</string>
</property>
</widget>
</item>
<item row="2" column="0">
<item row="5" column="0">
<widget class="QLabel" name="label_16">
<property name="text">
<string>Inner authentication:</string>
......@@ -459,7 +469,7 @@
</property>
</widget>
</item>
<item row="2" column="1">
<item row="5" column="1">
<widget class="KComboBox" name="ttlsInnerAuth">
<property name="sizePolicy">
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
......@@ -489,7 +499,7 @@
</item>
</widget>
</item>
<item row="3" column="0">
<item row="6" column="0">
<widget class="QLabel" name="label_17">
<property name="text">
<string>Username:</string>
......@@ -499,10 +509,10 @@
</property>
</widget>
</item>
<item row="3" column="1">
<item row="6" column="1">
<widget class="KLineEdit" name="ttlsUsername"/>
</item>
<item row="4" column="0">
<item row="7" column="0">
<widget class="QLabel" name="label_18">
<property name="text">
<string>Password:</string>
......@@ -512,18 +522,28 @@
</property>
</widget>
</item>
<item row="4" column="1">
<item row="7" column="1">
<widget class="PasswordField" name="ttlsPassword">
<property name="passwordModeEnabled" stdset="0">
<bool>true</bool>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="label_30">
<property name="text">
<string>Domain:</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="KLineEdit" name="ttlsDomain"/>
</item>
</layout>
</widget>
<widget class="QWidget" name="peapPage">
<layout class="QFormLayout" name="formLayout_6">
<item row="0" column="0">
<item row="2" column="0">
<widget class="QLabel" name="label_24">
<property name="text">
<string>Anonymous identity:</string>
......@@ -533,10 +553,10 @@
</property>
</widget>
</item>
<item row="0" column="1">
<item row="2" column="1">
<widget class="KLineEdit" name="peapAnonIdentity"/>
</item>
<item row="1" column="0">
<item row="6" column="0">
<widget class="QLabel" name="label_23">
<property name="text">
<string>CA certificate:</string>
......@@ -546,14 +566,14 @@
</property>
</widget>
</item>
<item row="1" column="1">
<item row="6" column="1">
<widget class="KUrlRequester" name="peapCACert">
<property name="filter">
<string notr="true">*.der *.pem *.crt *.cer</string>
</property>
</widget>
</item>
<item row="2" column="0">
<item row="7" column="0">
<widget class="QLabel" name="label_26">
<property name="text">
<string>PEAP version:</string>
......@@ -563,7 +583,7 @@
</property>
</widget>
</item>
<item row="2" column="1">
<item row="7" column="1">
<widget class="KComboBox" name="peapVersion">
<property name="sizePolicy">
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
......@@ -588,7 +608,7 @@
</item>
</widget>
</item>
<item row="3" column="0">
<item row="8" column="0">
<widget class="QLabel" name="label_22">
<property name="text">
<string>Inner authentication:</string>
......@@ -598,7 +618,7 @@
</property>
</widget>
</item>
<item row="3" column="1">
<item row="8" column="1">
<widget class="KComboBox" name="peapInnerAuth">
<property name="sizePolicy">
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
......@@ -623,7 +643,7 @@
</item>
</widget>
</item>
<item row="4" column="0">
<item row="9" column="0">
<widget class="QLabel" name="label_25">
<property name="text">
<string>Username:</string>
......@@ -633,10 +653,10 @@
</property>
</widget>
</item>
<item row="4" column="1">
<item row="9" column="1">
<widget class="KLineEdit" name="peapUsername"/>
</item>
<item row="5" column="0">
<item row="10" column="0">
<widget class="QLabel" name="label_21">
<property name="text">
<string>Password:</string>
......@@ -646,13 +666,23 @@
</property>
</widget>
</item>
<item row="5" column="1">
<item row="10" column="1">
<widget class="PasswordField" name="peapPassword">
<property name="passwordModeEnabled" stdset="0">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="0">
<widget class="QLabel" name="label_31">
<property name="text">
<string>Domain:</string>
</property>
</widget>
</item>
<item row="4" column="1">
<widget class="KLineEdit" name="peapDomain"/>
</item>
</layout>
</widget>
</widget>
......@@ -686,6 +716,7 @@
<tabstop>md5UserName</tabstop>
<tabstop>md5Password</tabstop>
<tabstop>tlsIdentity</tabstop>
<tabstop>tlsDomain</tabstop>
<tabstop>tlsUserCert</tabstop>
<tabstop>tlsCACert</tabstop>
<tabstop>leTlsSubjectMatch</tabstop>
......@@ -705,11 +736,13 @@
<tabstop>fastUsername</tabstop>
<tabstop>fastPassword</tabstop>
<tabstop>ttlsAnonIdentity</tabstop>
<tabstop>ttlsDomain</tabstop>
<tabstop>ttlsCACert</tabstop>
<tabstop>ttlsInnerAuth</tabstop>
<tabstop>ttlsUsername</tabstop>
<tabstop>ttlsPassword</tabstop>
<tabstop>peapAnonIdentity</tabstop>
<tabstop>peapDomain</tabstop>
<tabstop>peapCACert</tabstop>
<tabstop>peapVersion</tabstop>
<tabstop>peapInnerAuth</tabstop>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment