Add some rudamentary ipsec support

properties/Makefile.am

@@ -4,6 +4,8 @@ plugin_LTLIBRARIES = libnm-l2tp-properties.la
 libnm_l2tp_properties_la_SOURCES = \
 	nm-l2tp.c \
 	nm-l2tp.h \
+	ipsec-dialog.c \
+	ipsec-dialog.h \
 	advanced-dialog.c \
 	advanced-dialog.h \
 	import-export.c \

properties/ipsec-dialog.c

+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ *
+ * Copyright (C) 2011 Geo Carncross, <geocar@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <string.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+
+#include <glib.h>
+#include <glib/gi18n-lib.h>
+
+#include <nm-connection.h>
+#include <nm-setting-vpn.h>
+
+#include "ipsec-dialog.h"
+#include "nm-l2tp.h"
+#include "../src/nm-l2tp-service.h"
+
+static const char *ipsec_keys[] = {
+	NM_L2TP_KEY_IPSEC_ENABLE,
+	NM_L2TP_KEY_IPSEC_GROUP_NAME,
+	NM_L2TP_KEY_IPSEC_GATEWAY_ID,
+	NM_L2TP_KEY_IPSEC_PSK,
+	NULL
+};
+
+static void
+copy_values (const char *key, const char *value, gpointer user_data)
+{
+	GHashTable *hash = (GHashTable *) user_data;
+	const char **i;
+
+	for (i = &ipsec_keys[0]; *i; i++) {
+		if (strcmp (key, *i))
+			continue;
+		g_hash_table_insert (hash, g_strdup (key), g_strdup (value));
+	}
+}
+
+GHashTable *
+ipsec_dialog_new_hash_from_connection (NMConnection *connection,
+                                          GError **error)
+{
+	GHashTable *hash;
+	NMSettingVPN *s_vpn;
+
+	hash = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
+
+	s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN);
+	nm_setting_vpn_foreach_data_item (s_vpn, copy_values, hash);
+	return hash;
+}
+
+static void
+handle_enable_changed (GtkWidget *check, gboolean is_init, GtkBuilder *builder)
+{
+	GtkWidget *widget;
+	gboolean enabledp;
+	GtkTreeModel *model;
+	GtkTreeIter iter;
+	gboolean valid;
+
+	enabledp = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (check));
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_psk"));
+	gtk_widget_set_sensitive (widget, enabledp);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_gateway_id"));
+	gtk_widget_set_sensitive (widget, enabledp);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_group_name"));
+	gtk_widget_set_sensitive (widget, enabledp);
+}
+
+static void
+enable_toggled_cb (GtkWidget *check, gpointer user_data)
+{
+	handle_enable_changed (check, FALSE, (GtkBuilder *) user_data);
+}
+
+GtkWidget *
+ipsec_dialog_new (GHashTable *hash)
+{
+	GtkBuilder *builder;
+	GtkWidget *dialog = NULL;
+	char *ui_file = NULL;
+	GtkWidget *widget;
+	const char *value;
+	GError *error = NULL;
+
+	g_return_val_if_fail (hash != NULL, NULL);
+
+	ui_file = g_strdup_printf ("%s/%s", UIDIR, "nm-l2tp-dialog.ui");
+	builder = gtk_builder_new ();
+
+	if (!gtk_builder_add_from_file(builder, ui_file, &error)) {
+		g_warning("Couldn't load builder file: %s", error ? error->message
+				: "(unknown)");
+		g_clear_error(&error);
+		g_object_unref(G_OBJECT(builder));
+		goto out;
+	}
+	gtk_builder_set_translation_domain(builder, GETTEXT_PACKAGE);
+
+
+	dialog = GTK_WIDGET (gtk_builder_get_object (builder, "l2tp-ipsec-dialog"));
+	if (!dialog) {
+		g_object_unref (G_OBJECT (builder));
+		goto out;
+	}
+	gtk_window_set_modal (GTK_WINDOW (dialog), TRUE);
+
+	g_object_set_data_full (G_OBJECT (dialog), "gtkbuilder-xml",
+			builder, (GDestroyNotify) g_object_unref);
+
+	value = g_hash_table_lookup (hash, NM_L2TP_KEY_IPSEC_ENABLE);
+	if (value && !strcmp (value, "yes")) {
+		widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_enable"));
+		gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), TRUE);
+	}
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_group_name"));
+	value = g_hash_table_lookup (hash, NM_L2TP_KEY_IPSEC_GROUP_NAME);
+	if (!value) value="GroupVPN";
+	gtk_entry_set_text(GTK_ENTRY(widget), value);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_gateway_id"));
+	if((value = g_hash_table_lookup (hash, NM_L2TP_KEY_IPSEC_GATEWAY_ID)))
+		gtk_entry_set_text(GTK_ENTRY(widget), value);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_psk"));
+	if((value = g_hash_table_lookup (hash, NM_L2TP_KEY_IPSEC_PSK)))
+		gtk_entry_set_text(GTK_ENTRY(widget), value);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder,"ipsec_enable"));
+	handle_enable_changed (widget, TRUE, builder);
+	g_signal_connect (G_OBJECT (widget), "toggled", G_CALLBACK (enable_toggled_cb), builder);
+
+out:
+	g_free (ui_file);
+	return dialog;
+}
+
+GHashTable *
+ipsec_dialog_new_hash_from_dialog (GtkWidget *dialog, GError **error)
+{
+	GHashTable *hash;
+	GtkWidget *widget;
+	GtkBuilder *builder;
+	GtkTreeModel *model;
+	GtkTreeIter iter;
+	gboolean valid;
+
+	g_return_val_if_fail (dialog != NULL, NULL);
+	if (error)
+		g_return_val_if_fail (*error == NULL, NULL);
+
+	builder = g_object_get_data (G_OBJECT (dialog), "gtkbuilder-xml");
+	g_return_val_if_fail (builder != NULL, NULL);
+
+
+	hash = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_enable"));
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget))) {
+		g_hash_table_insert(hash, g_strdup(NM_L2TP_KEY_IPSEC_ENABLE), g_strdup("yes"));
+	} else {
+		g_hash_table_insert(hash, g_strdup(NM_L2TP_KEY_IPSEC_ENABLE), g_strdup("no"));
+	}
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_gateway_id"));
+	g_hash_table_insert(hash, g_strdup(NM_L2TP_KEY_IPSEC_GATEWAY_ID),
+			g_strdup(gtk_entry_get_text(GTK_ENTRY(widget))));
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_group_name"));
+	g_hash_table_insert(hash, g_strdup(NM_L2TP_KEY_IPSEC_GROUP_NAME),
+			g_strdup(gtk_entry_get_text(GTK_ENTRY(widget))));
+
+	widget = GTK_WIDGET (gtk_builder_get_object (builder, "ipsec_psk"));
+	g_hash_table_insert(hash, g_strdup(NM_L2TP_KEY_IPSEC_PSK),
+			g_strdup(gtk_entry_get_text(GTK_ENTRY(widget))));
+
+	return hash;
+}
+

properties/ipsec-dialog.h

+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/***************************************************************************
+ *
+ * Copyright (C) 2011 Geo Carncross, <geocar@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ **************************************************************************/
+
+#ifndef _IPSEC_DIALOG_H_
+#define _IPSEC_DIALOG_H_
+
+#include <glib.h>
+#include <gtk/gtk.h>
+
+#include <nm-connection.h>
+
+GtkWidget *ipsec_dialog_new (GHashTable *hash);
+
+GHashTable *ipsec_dialog_new_hash_from_connection (NMConnection *connection, GError **error);
+
+GHashTable *ipsec_dialog_new_hash_from_dialog (GtkWidget *dialog, GError **error);
+
+#endif

properties/nm-l2tp.c

@@ -45,6 +45,7 @@
 #include "nm-l2tp.h"
 #include "import-export.h"
 #include "advanced-dialog.h"
+#include "ipsec-dialog.h"
 
 #define L2TP_PLUGIN_NAME    _("Layer 2 Tunneling Protocol (L2TP)")
 #define L2TP_PLUGIN_DESC    _("Compatible with L2TP VPN servers.")
@@ -78,6 +79,7 @@ typedef struct {
 	GtkWindowGroup *window_group;
 	gboolean window_added;
 	GHashTable *advanced;
+	GHashTable *ipsec;
 } L2tpPluginUiWidgetPrivate;
 
 
@@ -155,6 +157,14 @@ advanced_dialog_close_cb (GtkWidget *dialog, gpointer user_data)
 	gtk_widget_destroy (dialog);
 }
 
+static void
+ipsec_dialog_close_cb (GtkWidget *dialog, gpointer user_data)
+{
+	gtk_widget_hide (dialog);
+	/* gtk_widget_destroy() will remove the window from the window group */
+	gtk_widget_destroy (dialog);
+}
+
 static void
 advanced_dialog_response_cb (GtkWidget *dialog, gint response, gpointer user_data)
 {
@@ -179,6 +189,30 @@ advanced_dialog_response_cb (GtkWidget *dialog, gint response, gpointer user_dat
 	stuff_changed_cb (NULL, self);
 }
 
+static void
+ipsec_dialog_response_cb (GtkWidget *dialog, gint response, gpointer user_data)
+{
+	L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (user_data);
+	L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
+	GError *error = NULL;
+
+	if (response != GTK_RESPONSE_OK) {
+		ipsec_dialog_close_cb (dialog, self);
+		return;
+	}
+
+	if (priv->ipsec)
+		g_hash_table_destroy (priv->ipsec);
+	priv->ipsec = ipsec_dialog_new_hash_from_dialog (dialog, &error);
+	if (!priv->ipsec) {
+		g_message ("%s: error reading ipsec settings: %s", __func__, error->message);
+		g_error_free (error);
+	}
+	ipsec_dialog_close_cb (dialog, self);
+
+	stuff_changed_cb (NULL, self);
+}
+
 static void
 advanced_button_clicked_cb (GtkWidget *button, gpointer user_data)
 {
@@ -208,6 +242,36 @@ advanced_button_clicked_cb (GtkWidget *button, gpointer user_data)
 	gtk_widget_show_all (dialog);
 }
 
+static void
+ipsec_button_clicked_cb (GtkWidget *button, gpointer user_data)
+{
+	L2tpPluginUiWidget *self = L2TP_PLUGIN_UI_WIDGET (user_data);
+	L2tpPluginUiWidgetPrivate *priv = L2TP_PLUGIN_UI_WIDGET_GET_PRIVATE (self);
+	GtkWidget *dialog, *toplevel;
+
+	toplevel = gtk_widget_get_toplevel (priv->widget);
+	g_return_if_fail (GTK_WIDGET_TOPLEVEL (toplevel));
+
+	dialog = ipsec_dialog_new (priv->ipsec);
+	if (!dialog) {
+		g_warning ("%s: failed to create the IPSEC dialog!", __func__);
+		return;
+	}
+
+	gtk_window_group_add_window (priv->window_group, GTK_WINDOW (dialog));
+	if (!priv->window_added) {
+		gtk_window_group_add_window (priv->window_group, GTK_WINDOW (toplevel));
+		priv->window_added = TRUE;
+	}
+
+	gtk_window_set_transient_for (GTK_WINDOW (dialog), GTK_WINDOW (toplevel));
+	g_signal_connect (G_OBJECT (dialog), "response", G_CALLBACK (ipsec_dialog_response_cb), self);
+	g_signal_connect (G_OBJECT (dialog), "close", G_CALLBACK (ipsec_dialog_close_cb), self);
+
+	gtk_widget_show_all (dialog);
+}
+
+
 static void
 show_toggled_cb (GtkCheckButton *button, L2tpPluginUiWidget *self)
 {
@@ -330,6 +394,9 @@ init_plugin_ui (L2tpPluginUiWidget *self, NMConnection *connection, GError **err
 	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "advanced_button"));
 	g_signal_connect (G_OBJECT (widget), "clicked", G_CALLBACK (advanced_button_clicked_cb), self);
 
+	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "ipsec_button"));
+	g_signal_connect (G_OBJECT (widget), "clicked", G_CALLBACK (ipsec_button_clicked_cb), self);
+
 	widget = GTK_WIDGET (gtk_builder_get_object (priv->builder,  "show_passwords_checkbutton"));
 	g_return_val_if_fail (widget != NULL, FALSE);
 	g_signal_connect (G_OBJECT (widget), "toggled",
@@ -351,7 +418,7 @@ get_widget (NMVpnPluginUiWidgetInterface *iface)
 }
 
 static void
-hash_copy_advanced (gpointer key, gpointer data, gpointer user_data)
+hash_copy_pair (gpointer key, gpointer data, gpointer user_data)
 {
 	NMSettingVPN *s_vpn = NM_SETTING_VPN (user_data);
 
@@ -395,7 +462,9 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
 		nm_setting_vpn_add_data_item (s_vpn, NM_L2TP_KEY_DOMAIN, str);
 
 	if (priv->advanced)
-		g_hash_table_foreach (priv->advanced, hash_copy_advanced, s_vpn);
+		g_hash_table_foreach (priv->advanced, hash_copy_pair, s_vpn);
+	if (priv->ipsec)
+		g_hash_table_foreach (priv->ipsec, hash_copy_pair, s_vpn);
 
 	nm_connection_add_setting (connection, NM_SETTING (s_vpn));
 	valid = TRUE;
@@ -497,6 +566,11 @@ nm_vpn_plugin_ui_widget_interface_new (NMConnection *connection, GError **error)
 		g_object_unref (object);
 		return NULL;
 	}
+	priv->ipsec = ipsec_dialog_new_hash_from_connection (connection, error);
+	if (!priv->ipsec) {
+		g_object_unref (object);
+		return NULL;
+	}
 
 	return object;
 }
@@ -522,6 +596,9 @@ dispose (GObject *object)
 	if (priv->advanced)
 		g_hash_table_destroy (priv->advanced);
 
+	if (priv->ipsec)
+		g_hash_table_destroy (priv->ipsec);
+
 	G_OBJECT_CLASS (l2tp_plugin_ui_widget_parent_class)->dispose (object);
 }
 

src/nm-l2tp-service.h

@@ -68,6 +68,11 @@
 #define NM_L2TP_KEY_LCP_ECHO_FAILURE  "lcp-echo-failure"
 #define NM_L2TP_KEY_LCP_ECHO_INTERVAL "lcp-echo-interval"
 
+#define NM_L2TP_KEY_IPSEC_ENABLE      "ipsec-enabled"
+#define NM_L2TP_KEY_IPSEC_GATEWAY_ID  "ipsec-gateway-id"
+#define NM_L2TP_KEY_IPSEC_GROUP_NAME  "ipsec-group-name"
+#define NM_L2TP_KEY_IPSEC_PSK         "ipsec-psk"
+
 
 typedef struct {
 	NMVPNPlugin parent;