Hello community, here is the log from the commit of package NetworkManager for openSUSE:11.4 checked in at Fri Nov 4 10:44:27 CET 2011.
-------- --- old-versions/11.4/UPDATES/all/NetworkManager/NetworkManager.changes 2011-10-21 09:56:45.000000000 +0200 +++ 11.4/NetworkManager/NetworkManager.changes 2011-11-03 09:33:40.000000000 +0100 @@ -1,0 +2,6 @@ +Thu Nov 3 08:32:20 UTC 2011 - g...@suse.com + +- Add nm-check-for-shared-wifi-authorization.patch to check whether + the shared wifi connection is authorized or not. (bnc#702016) + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- nm-check-for-shared-wifi-authorization.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ NetworkManager.spec ++++++ --- /var/tmp/diff_new_pack.cXQCGd/_old 2011-11-04 10:44:11.000000000 +0100 +++ /var/tmp/diff_new_pack.cXQCGd/_new 2011-11-04 10:44:11.000000000 +0100 @@ -20,7 +20,7 @@ Name: NetworkManager Url: http://www.gnome.org/projects/NetworkManager/ Version: 0.8.2 -Release: 15.<RELEASE26> +Release: 15.<RELEASE28> License: GPLv2+ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: dbus-1-devel dbus-1-glib-devel gtk-doc intltool iptables libgcrypt-devel libgudev-1_0-devel libiw-devel libnl-devel libtool libuuid-devel mozilla-nss-devel polkit-devel ppp-devel translation-update-upstream wireless-tools @@ -55,6 +55,8 @@ Patch9: nm-settings-subject-match.patch # PATCH-FIX-UPSTREAM nm-probe-ca-cert.patch bnc#574266 g...@suse.com -- Probe the RADIUS server certificate Patch10: nm-probe-ca-cert.patch +# PATCH-FIX-UPSTREAM nm-check-for-shared-wifi-authorization.patch bnc#702016 g...@suse.com -- Check whether the shared wifi is authorized or not +Patch11: nm-check-for-shared-wifi-authorization.patch Requires: %{name}-glib = %{version} Requires: dhcp-client Requires: iproute2 @@ -134,6 +136,7 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 translation-update-upstream %build ++++++ nm-check-for-shared-wifi-authorization.patch ++++++ >From f5dac84c35dc690cfcf025884c10945ac1006e9f Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <chingp...@gmail.com> Date: Wed, 26 Oct 2011 16:08:52 +0800 Subject: [PATCH] check for authorization when activating shared wifi connections Based on core: check for authorization when activating shared wifi connections http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=NM_0_8&id=e7273c1609ac267e1d77ff03c97c8929f15e3737 policy: don't auto-activate unauthorized shared wifi connections http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=NM_0_8&id=287fe10c40ae9b90ce703b79f3479b755f0956c0 core: adjust shared wifi connections permission handling for a few cases http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?h=NM_0_8&id=e5085f950730b1e2e68645231e2042127c29a82e --- src/nm-manager-auth.c | 6 + src/nm-manager-auth.h | 4 + src/nm-manager.c | 272 +++++++++++++++++++++++++++++++----------------- src/nm-manager.h | 4 +- src/nm-policy.c | 8 +- 5 files changed, 193 insertions(+), 101 deletions(-) diff --git a/src/nm-manager-auth.c b/src/nm-manager-auth.c index 44c82c2..246fa95 100644 --- a/src/nm-manager-auth.c +++ b/src/nm-manager-auth.c @@ -142,6 +142,12 @@ nm_auth_chain_get_data (NMAuthChain *self, const char *tag) return tmp ? tmp->data : NULL; } +NMAuthCallResult +nm_auth_chain_get_result (NMAuthChain *chain, const char *permission) +{ + return GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, permission)); +} + void nm_auth_chain_set_data (NMAuthChain *self, const char *tag, diff --git a/src/nm-manager-auth.h b/src/nm-manager-auth.h index 6682f91..dde084a 100644 --- a/src/nm-manager-auth.h +++ b/src/nm-manager-auth.h @@ -33,6 +33,8 @@ #define NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN "org.freedesktop.NetworkManager.enable-disable-wwan" #define NM_AUTH_PERMISSION_USE_USER_CONNECTIONS "org.freedesktop.NetworkManager.use-user-connections" #define NM_AUTH_PERMISSION_NETWORK_CONTROL "org.freedesktop.NetworkManager.network-control" +#define NM_AUTH_PERMISSION_WIFI_SHARE_OPEN "org.freedesktop.network-manager-settings.system.wifi.share.open" +#define NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED "org.freedesktop.network-manager-settings.system.wifi.share.protected" typedef struct NMAuthChain NMAuthChain; @@ -68,6 +70,8 @@ NMAuthChain *nm_auth_chain_new_raw_message (PolkitAuthority *authority, gpointer nm_auth_chain_get_data (NMAuthChain *chain, const char *tag); +NMAuthCallResult nm_auth_chain_get_result (NMAuthChain *chain, const char *permission); + void nm_auth_chain_set_data (NMAuthChain *chain, const char *tag, gpointer data, diff --git a/src/nm-manager.c b/src/nm-manager.c index 976bbbb..f67b87c 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -178,6 +178,7 @@ struct PendingActivation { gboolean have_connection; gboolean authorized; + const char *wifi_shared_permission; NMConnectionScope scope; char *connection_path; @@ -213,6 +214,8 @@ typedef struct { DBusGProxy *user_proxy; NMAuthCallResult user_con_perm; NMAuthCallResult user_net_perm; + NMAuthCallResult user_wifi_share_open_perm; + NMAuthCallResult user_wifi_share_enc_perm; GHashTable *system_connections; NMSysconfigSettings *sys_settings; @@ -701,88 +704,56 @@ pending_activation_new (NMManager *manager, } static void -pending_auth_user_done (NMAuthChain *chain, - GError *error, - DBusGMethodInvocation *context, - gpointer user_data) +pending_auth_done (NMAuthChain *chain, + GError *error, + DBusGMethodInvocation *context, + gpointer user_data) { PendingActivation *pending = user_data; NMAuthCallResult result; - - pending->chain = NULL; + GError *auth_error = NULL; if (error) { pending->callback (pending, error); - goto out; + return; } /* Caller has had a chance to obtain authorization, so we only need to * check for 'yes' here. */ - result = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS)); + result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL); if (result != NM_AUTH_CALL_RESULT_YES) { - error = g_error_new_literal (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "Not authorized to use user connections."); - pending->callback (pending, error); - g_error_free (error); - } else - pending->callback (pending, NULL); - -out: - nm_auth_chain_unref (chain); -} - -static void -pending_auth_net_done (NMAuthChain *chain, - GError *error, - DBusGMethodInvocation *context, - gpointer user_data) -{ - PendingActivation *pending = user_data; - NMAuthCallResult result; - - pending->chain = NULL; - - if (error) { - pending->callback (pending, error); + auth_error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_PERMISSION_DENIED, + "Not authorized to control networking."); goto out; } - /* Caller has had a chance to obtain authorization, so we only need to - * check for 'yes' here. - */ - result = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL)); - if (result != NM_AUTH_CALL_RESULT_YES) { - error = g_error_new_literal (NM_MANAGER_ERROR, - NM_MANAGER_ERROR_PERMISSION_DENIED, - "Not authorized to control networking."); - pending->callback (pending, error); - g_error_free (error); - goto out; + if (pending->scope == NM_CONNECTION_SCOPE_USER) { + result = nm_auth_chain_get_result (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS); + if (result != NM_AUTH_CALL_RESULT_YES) { + auth_error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_PERMISSION_DENIED, + "Not authorized to use user connections."); + goto out; + } } - if (pending->scope == NM_CONNECTION_SCOPE_SYSTEM) { - /* System connection and the user is authorized for that if they have - * the network-control permission. - */ - pending->callback (pending, NULL); - } else { - g_assert (pending->scope == NM_CONNECTION_SCOPE_USER); - - /* User connection, check the 'use-user-connections' permission */ - pending->chain = nm_auth_chain_new (pending->authority, - pending->context, - NULL, - pending_auth_user_done, - pending); - nm_auth_chain_add_call (pending->chain, - NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, - TRUE); + if (pending->wifi_shared_permission) { + result = nm_auth_chain_get_result (chain, pending->wifi_shared_permission); + if (result != NM_AUTH_CALL_RESULT_YES) { + auth_error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_PERMISSION_DENIED, + "Not authorized to share connections via wifi."); + goto out; + } } + /* Otherwise authorized and available to activate */ + out: - nm_auth_chain_unref (chain); + pending->callback (pending, auth_error); + g_clear_error (&auth_error); } static gboolean @@ -809,17 +780,59 @@ check_user_authorized (NMDBusManager *dbus_mgr, return TRUE; /* Check whether the UID is authorized for user connections */ - if ( scope == NM_CONNECTION_SCOPE_USER - && !nm_auth_uid_authorized (*out_sender_uid, + if (scope == NM_CONNECTION_SCOPE_USER) { + if (nm_auth_uid_authorized (*out_sender_uid, dbus_mgr, user_proxy, - out_error_desc)) - return FALSE; + out_error_desc) == FALSE) + return FALSE; + } return TRUE; } static void +get_shared_wifi_type (NMConnection *connection, + gboolean *out_wifi_share_open, + gboolean *out_wifi_share_enc) +{ + NMSettingWireless *s_wifi; + NMSettingWirelessSecurity *s_wsec; + NMSettingIP4Config *s_ip4; + const char *method = NULL; + + s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP4_CONFIG); + if (s_ip4) + method = nm_setting_ip4_config_get_method (s_ip4); + + if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0) + return; /* Not shared */ + + s_wsec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY); + s_wifi = (NMSettingWireless *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS); + if (s_wifi) { + if (nm_setting_wireless_get_security (s_wifi) || s_wsec) + *out_wifi_share_enc = TRUE; + else + *out_wifi_share_open = TRUE; + } +} + +static const char * +get_shared_wifi_permission (NMConnection *connection) +{ + gboolean wifi_share_open = FALSE, wifi_share_enc = FALSE; + + get_shared_wifi_type (connection, &wifi_share_open, &wifi_share_enc); + if (wifi_share_open) + return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN; + else if (wifi_share_enc) + return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED; + + return NULL; +} + +static void pending_activation_check_authorized (PendingActivation *pending, NMDBusManager *dbus_mgr, DBusGProxy *user_proxy) @@ -827,6 +840,8 @@ pending_activation_check_authorized (PendingActivation *pending, const char *error_desc = NULL; gulong sender_uid = G_MAXULONG; GError *error; + const char *wifi_permission = NULL; + NMConnection *connection; g_return_if_fail (pending != NULL); g_return_if_fail (dbus_mgr != NULL); @@ -851,18 +866,39 @@ pending_activation_check_authorized (PendingActivation *pending, return; } + /* By this point we need the connection */ + connection = nm_manager_get_connection_by_object_path (pending->manager, + pending->scope, + pending->connection_path); + if (!connection) { + error = g_error_new_literal (NM_MANAGER_ERROR, + NM_MANAGER_ERROR_UNKNOWN_CONNECTION, + "Connection could not be found."); + pending->callback (pending, error); + return; + } + /* First check if the user is allowed to use networking at all, giving * the user a chance to authenticate to gain the permission. */ pending->chain = nm_auth_chain_new (pending->authority, pending->context, NULL, - pending_auth_net_done, + pending_auth_done, pending); g_assert (pending->chain); - nm_auth_chain_add_call (pending->chain, - NM_AUTH_PERMISSION_NETWORK_CONTROL, - TRUE); + nm_auth_chain_add_call (pending->chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, TRUE); + + /* User connections require the 'use-user-connections' permission */ + if (pending->scope == NM_CONNECTION_SCOPE_USER) + nm_auth_chain_add_call (pending->chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, TRUE); + + /* Shared wifi connections require special permissions too */ + wifi_permission = get_shared_wifi_permission (connection); + if (wifi_permission) { + pending->wifi_shared_permission = wifi_permission; + nm_auth_chain_add_call (pending->chain, wifi_permission, TRUE); + } } static void @@ -958,6 +994,8 @@ user_proxy_cleanup (NMManager *self, gboolean resync_bt) priv->user_net_perm = NM_AUTH_CALL_RESULT_UNKNOWN; priv->user_con_perm = NM_AUTH_CALL_RESULT_UNKNOWN; + priv->user_wifi_share_open_perm = NM_AUTH_CALL_RESULT_UNKNOWN; + priv->user_wifi_share_enc_perm = NM_AUTH_CALL_RESULT_UNKNOWN; if (priv->user_proxy) { g_object_unref (priv->user_proxy); @@ -1263,17 +1301,26 @@ user_settings_authorized (NMManager *self, NMAuthChain *chain) NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self); NMAuthCallResult old_net_perm = priv->user_net_perm; NMAuthCallResult old_con_perm = priv->user_con_perm; + NMAuthCallResult old_wifi_share_open_perm = priv->user_wifi_share_open_perm; + NMAuthCallResult old_wifi_share_enc_perm = priv->user_wifi_share_enc_perm; /* If the user could potentially get authorization to use networking and/or * to use user connections, the user settings service is authorized. */ priv->user_net_perm = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL)); priv->user_con_perm = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS)); + priv->user_wifi_share_open_perm = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN)); + priv->user_wifi_share_enc_perm = GPOINTER_TO_UINT (nm_auth_chain_get_data (chain, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED)); nm_log_dbg (LOGD_USER_SET, "User connections permissions: net %d, con %d", priv->user_net_perm, priv->user_con_perm); + nm_log_dbg (LOGD_USER_SET, "User shared wifi permissions: open %d, protected %d", + priv->user_wifi_share_open_perm, priv->user_wifi_share_enc_perm); - if (old_net_perm != priv->user_net_perm || old_con_perm != priv->user_con_perm) + if ( (old_net_perm != priv->user_net_perm) + || (old_con_perm != priv->user_con_perm) + || (old_wifi_share_open_perm != priv->user_wifi_share_open_perm) + || (old_wifi_share_enc_perm != priv->user_wifi_share_enc_perm)) g_signal_emit (self, signals[USER_PERMISSIONS_CHANGED], 0); /* If the user can't control the network they certainly aren't allowed @@ -1388,6 +1435,8 @@ user_proxy_init (NMManager *self) nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED, FALSE); } /*******************************************************************/ @@ -1693,8 +1742,8 @@ manager_hidden_ap_found (NMDeviceInterface *device, /* Look for this AP's BSSID in the seen-bssids list of a connection, * and if a match is found, copy over the SSID */ - connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM); - connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER)); + connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM, FALSE); + connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER, FALSE)); for (iter = connections; iter && !done; iter = g_slist_next (iter)) { NMConnection *connection = NM_CONNECTION (iter->data); @@ -2225,8 +2274,8 @@ bluez_manager_find_connection (NMManager *manager, NMConnection *found = NULL; GSList *connections, *l; - connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM); - connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER)); + connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM, FALSE); + connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER, FALSE)); for (l = connections; l != NULL; l = l->next) { NMConnection *candidate = NM_CONNECTION (l->data); @@ -2984,8 +3033,7 @@ check_pending_ready (NMManager *self, PendingActivation *pending) if (!pending->have_connection || !pending->authorized) return; - /* Ok, we're authorized and the connection is available */ - + /* Ok, we're authorized and the connection is available, continue with activation */ nm_manager_pending_activation_remove (self, pending); connection = nm_manager_get_connection_by_object_path (self, @@ -3016,6 +3064,18 @@ out: } static void +pending_activation_have_connection (NMManager *self, PendingActivation *pending) +{ + NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self); + + if (pending->have_connection == FALSE) { + /* Kick off authorization checks when the connection becomes available */ + pending->have_connection = TRUE; + pending_activation_check_authorized (pending, priv->dbus_mgr, priv->user_proxy); + } +} + +static void connection_added_default_handler (NMManager *self, NMConnection *connection, NMConnectionScope scope) @@ -3025,10 +3085,8 @@ connection_added_default_handler (NMManager *self, pending = nm_manager_pending_activation_find (self, nm_connection_get_path (connection), scope); - if (pending) { - pending->have_connection = TRUE; - check_pending_ready (self, pending); - } + if (pending) + pending_activation_have_connection (self, pending); } static void @@ -3093,9 +3151,7 @@ impl_manager_activate_connection (NMManager *self, priv->pending_activations = g_slist_prepend (priv->pending_activations, pending); if (nm_manager_get_connection_by_object_path (self, scope, connection_path)) - pending->have_connection = TRUE; - - pending_activation_check_authorized (pending, priv->dbus_mgr, priv->user_proxy); + pending_activation_have_connection (self, pending); } gboolean @@ -3718,6 +3774,8 @@ pk_authority_changed_cb (GObject *object, gpointer user_data) nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED, FALSE); } /* Let clients know they should re-check their authorization */ @@ -3769,6 +3827,8 @@ get_permissions_done_cb (NMAuthChain *chain, get_perm_add_result (chain, results, NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN); get_perm_add_result (chain, results, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS); get_perm_add_result (chain, results, NM_AUTH_PERMISSION_NETWORK_CONTROL); + get_perm_add_result (chain, results, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN); + get_perm_add_result (chain, results, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED); dbus_g_method_return (context, results); g_hash_table_destroy (results); } @@ -3796,6 +3856,8 @@ impl_manager_get_permissions (NMManager *self, nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_ENABLE_DISABLE_WWAN, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_USE_USER_CONNECTIONS, FALSE); nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_NETWORK_CONTROL, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_OPEN, FALSE); + nm_auth_chain_add_call (chain, NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED, FALSE); } /* Legacy 0.6 compatibility interface */ @@ -3877,33 +3939,51 @@ connection_sort (gconstpointer pa, gconstpointer pb) return 1; } -static void -connections_to_slist (gpointer key, gpointer value, gpointer user_data) -{ - GSList **list = (GSList **) user_data; - - *list = g_slist_insert_sorted (*list, g_object_ref (value), connection_sort); -} - /* Returns a GSList of referenced NMConnection objects, caller must * unref the connections in the list and destroy the list. */ GSList * nm_manager_get_connections (NMManager *manager, - NMConnectionScope scope) + NMConnectionScope scope, + gboolean only_authorized) { NMManagerPrivate *priv; GSList *list = NULL; + GHashTable *table = NULL; + GHashTableIter iter; + NMConnection *connection; g_return_val_if_fail (NM_IS_MANAGER (manager), NULL); priv = NM_MANAGER_GET_PRIVATE (manager); + if (scope == NM_CONNECTION_SCOPE_USER) - g_hash_table_foreach (priv->user_connections, connections_to_slist, &list); + table = priv->user_connections; else if (scope == NM_CONNECTION_SCOPE_SYSTEM) - g_hash_table_foreach (priv->system_connections, connections_to_slist, &list); - else + table = priv->system_connections; + else { nm_log_err (LOGD_CORE, "unknown NMConnectionScope %d", scope); + return NULL; + } + + g_hash_table_iter_init (&iter, table); + while (g_hash_table_iter_next (&iter, NULL, (gpointer) &connection)) { + if (scope == NM_CONNECTION_SCOPE_USER && only_authorized) { + gboolean wifi_share_open = FALSE, wifi_share_enc = FALSE; + + /* If requested, exclude shared wifi user connections when the user + * is not authorized to create them. + */ + get_shared_wifi_type (connection, &wifi_share_open, &wifi_share_enc); + if (wifi_share_open && (priv->user_wifi_share_open_perm != NM_AUTH_CALL_RESULT_YES)) + continue; + if (wifi_share_enc && (priv->user_wifi_share_enc_perm != NM_AUTH_CALL_RESULT_YES)) + continue; + } + + list = g_slist_insert_sorted (list, g_object_ref (connection), connection_sort); + } + return list; } diff --git a/src/nm-manager.h b/src/nm-manager.h index 280d554..e8a37ea 100644 --- a/src/nm-manager.h +++ b/src/nm-manager.h @@ -110,7 +110,9 @@ NMState nm_manager_get_state (NMManager *manager); /* Connections */ -GSList *nm_manager_get_connections (NMManager *manager, NMConnectionScope scope); +GSList *nm_manager_get_connections (NMManager *manager, + NMConnectionScope scope, + gboolean only_authorized); gboolean nm_manager_auto_user_connections_allowed (NMManager *manager); diff --git a/src/nm-policy.c b/src/nm-policy.c index 709be09..2bb4c9b 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -700,9 +700,9 @@ auto_activate_device (gpointer user_data) goto out; /* System connections first, then user connections */ - connections = nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_SYSTEM); + connections = nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_SYSTEM, FALSE); if (nm_manager_auto_user_connections_allowed (policy->manager)) - connections = g_slist_concat (connections, nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_USER)); + connections = g_slist_concat (connections, nm_manager_get_connections (policy->manager, NM_CONNECTION_SCOPE_USER, TRUE)); /* Remove connections that are in the invalid list. */ iter = connections; @@ -793,8 +793,8 @@ sleeping_changed (NMManager *manager, GParamSpec *pspec, gpointer user_data) /* Clear the invalid flag on all connections so they'll get retried on wakeup */ if (sleeping || !enabled) { - connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM); - connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER)); + connections = nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_SYSTEM, FALSE); + connections = g_slist_concat (connections, nm_manager_get_connections (manager, NM_CONNECTION_SCOPE_USER, FALSE)); for (iter = connections; iter; iter = g_slist_next (iter)) g_object_set_data (G_OBJECT (iter->data), INVALID_TAG, NULL); g_slist_free (connections); -- 1.7.3.4 continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
