NM09 branch

Lamarque Vieira Souza lamarque at gmail.com
Tue May 24 07:03:08 CEST 2011


Em Thursday 19 May 2011, Ilia Kats escreveu:
> Hey,
> 
> thanks a lot for this. Just one question: could you get it to save secrets
> (I haven't compiled your source, just used it as reference)? Somehow I get
> the feeling that the SaveSecrets method isn't called at all when the
> connection is created. All kDebug which is in this method and also other
> methods from different classes that are called by SaveSecrets doesn't
> produce output at all. Also, I had a crash when calling methods from
> another class, which is used by both GetSecrets and SaveSecrets (the crash
> is fixed now), and kded crashed only when trying to edit the connection
> (GetSecrets got called), but not when the connection was created.
> 
> Or am I misunderstanding something? My understanding is that we pass the
> complete connection with secrets and secret flags to NM when creating the
> connection, and NM will then call SaveSecrets on the secret agent. Or do
> we have to call it ourselves?
> 
> Ilia
> 
> -------- Original Message --------
> Subject: Re: NM09 branch
> Date: 18.05.2011 17:14:02 +0200
> From: Lukáš Tinkl <ltinkl at redhat.com>
> To: ilia-kats at gmx.net, kde-networkmanager at kde.org
> 
> Lukáš Tinkl schrieb am 18.05.2011 17:14:
> > Dne St 18. května 2011 16:33:56 Ilia Kats napsal(a):
> >> Hey,
> >> 
> >> I am using the ifupdown and keyfile plug-ins, and this works here too.
> >> The thing is: In order to work, we must have secrets available. Secrets
> >> can either be stored internally by NM or by a user agent. The current
> >> implementation is that secrets for system-wide connections (meaning the
> >> "System connection" checkbox is checked, so no permissions are set for
> >> the connection, meaning NM will let all users connect with it) are
> >> stored by NM, all other by the yet-to-be-implemented user agent. If you
> >> want this to work _right now_ you have to change
> >> libs/internals/connection.cpp lines 210-218 to:
> >> 
> >> type |= Setting::None;
> >> 
> >> That way, even for connections restricted to a single user, secrets will
> >> be stored by NM internally. (As said in the commit message, this still
> >> doesn't work for 802-1x settings. I could not find any errors, but it
> >> would be great if someone could double-check the code)
> >> 
> >> I am going to work on the secrets agent now, but due to the lack of
> >> documentation for the to-be-implemented
> >> org.freedesktop.NetworkManager.SecretAgent interface and lack of time
> >> this could take a while (if someone knows something about the
> >> interface, please contact me)
> >> 
> >> Ilia
> >> 
> >> 
> >> -------- Original-Nachricht --------
> >> Betreff: Re: NM09 branch
> >> Datum: 18.05.2011 10:39:21 -0300
> >> Von: Lamarque Vieira Souza <lamarque at gmail.com>
> >> An: kde-networkmanager at kde.org
> >> 
> >>> Hi,
> >>> 
> >>> 
> >>> The old user connections were still listed but they do not work because
> >>> NM does not recognise them, I have just commit a change to prevent user
> >>> connections from being listed. Creating connection by clicking on the
> >>> wireless network works for me. I can cannot usind my etherent, WPA
> >>> wifi, and 3G/Gsm connections. I have not tested my bluetooth
> >>> connections but since bluetooth and 3G/Gsm are very alike it probably
> >>> works too. Only VPN is not working because we need a secrets agent to
> >>> store the secrets.
> >>> 
> >>> 
> >>> Well, I can add/edit/delete any connection here (ethernet, wifi, gsm,
> >>> bluetooth, vpn). Maybe that feature depends on which plugin NM is
> >>> using. I use ifnet as default in
> >>> /etc/NetworkManager/nm-system-settings.conf, which one you use?
> >>> 
> >>> 
> >>> I am going to say offline most part of day, only in about 10 hours I
> >>> will be back online.
> >>> 
> >>> Em Wednesday 18 May 2011, Raymond Wooninck escreveu:
> >>>> Dear Lamarque,
> >>>> 
> >>>> 
> >>>> 
> >>>> I am very sorry, but this issue is not fixed in the NM09 branch of
> >>>> 
> >>>> networkmanagement. I took a new snapshot from this morning and
> >>>> compiled
> >>>> 
> >>>> this against the KDE trunk from last night. I removed all the patches
> >>>> for
> >>>> 
> >>>> working with NM 0.9, so that I am sure to use the new
> >>>> networkmanagement
> >>>> 
> >>>> functionality.
> >>>> 
> >>>> 
> >>>> 
> >>>> The plasmoid shows the connections, etc. However I can can click on
> >>>> any
> >>>> 
> >>>> connection I see, but nothing happens. I can't disconnect through the
> >>>> 
> >>>> plasmoid nor can I connect to any available connection. The only
> >>>> buttons
> >>>> 
> >>>> that are working are to disable networking, disable wireless and the
> >>>> two
> >>>> 
> >>>> buttons for show more/less and to get into the KCM module.
> >>>> 
> >>>> 
> >>>> 
> >>>> I can create a new connection, which works fine. However trying to
> >>>> edit
> >>>> 
> >>>> that one again gives me the error that I am missing an agent. (I also
> >>>> 
> >>>> remember seeing a commit for Ilia about changing the error and
> >>>> indicating
> >>>> 
> >>>> that this is in preparation of a new securityagent.).
> >>>> 
> >>>> 
> >>>> 
> >>>> To me it seems that either networkmanagement is currently depending on
> >>>> 
> >>>> kSecretService or that certain things have not been commited yet.
> >>>> 
> >>>> 
> >>>> 
> >>>> Please let me know if you need some more information from me.
> >>>> 
> >>>> 
> >>>> 
> >>>> Regards
> >>>> 
> >>>> 
> >>>> 
> >>>> Raymond
> > 
> > Hi,
> > you can have a look at my proof-of-concept code here:
> > https://bitbucket.org/caybro/knm9
> > 
> > The interesting parts are in:
> > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/backend/NMSecretAgent.
> > cpp
> > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/backend/NMSecretAgent
> > .h (just a very simple implementation of the agent, the real stuff should
> > use KWallet as the backend for storing the secrets)
> > 
> > and the most tricky part, the creation of the agent:
> > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/gui/mainwindow.cpp#cl-
> > 100 (lines 100 - 105)
> > 
> > HTH,
> 
> _______________________________________________
> kde-networkmanager mailing list
> kde-networkmanager at kde.org
> https://mail.kde.org/mailman/listinfo/kde-networkmanager

	This also explains some things, like wifi keys being stored in plain text 
by NM:

http://mail.gnome.org/archives/networkmanager-list/2011-March/msg00122.html

	I think we should change Plasma NM to always change secrets to agent-
owned when creating a connection to prevent NM storing secrets in plain text.

-- 
Lamarque V. Souza
http://www.geographicguide.com/brazil.htm
Linux User #57137 - http://counter.li.org/
http://planetkde.org/pt-br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kde-networkmanager/attachments/20110524/8e475d5a/attachment-0001.htm 


More information about the kde-networkmanager mailing list