NM09 branch

Lamarque Vieira Souza lamarque at gmail.com
Wed May 25 02:29:40 CEST 2011


Em Tuesday 24 May 2011, Lamarque Vieira Souza escreveu:
> Em Thursday 19 May 2011, Ilia Kats escreveu:
> > Hey,
> > 
> > thanks a lot for this. Just one question: could you get it to save
> > secrets (I haven't compiled your source, just used it as reference)?
> > Somehow I get the feeling that the SaveSecrets method isn't called at
> > all when the connection is created. All kDebug which is in this method
> > and also other methods from different classes that are called by
> > SaveSecrets doesn't produce output at all. Also, I had a crash when
> > calling methods from another class, which is used by both GetSecrets and
> > SaveSecrets (the crash is fixed now), and kded crashed only when trying
> > to edit the connection (GetSecrets got called), but not when the
> > connection was created.
> > 
> > Or am I misunderstanding something? My understanding is that we pass the
> > complete connection with secrets and secret flags to NM when creating the
> > connection, and NM will then call SaveSecrets on the secret agent. Or do
> > we have to call it ourselves?

	I think we should call SaveSecret when creating a connection, but then we 
have a problem: Plasma NM is divided into four process: the kded module, the 
plasmoid (in plasma-desktop process), the kcm module and 
networkmanagement_configshell. Connections are created in the last two, but 
the agent run on behalf of the kded module. The kcm module and 
networkmanagementconfig_shell must call the kded module to save secrets. To 
make things worse NM guys deciced that the agent should not have a name on the 
bus, so we cannot call it directly. We can add another DBus interface in the 
kded module just to call the agent. This way we can avoid the secrets double 
saving problem in kcm module.

	What seems to be happening is that after creating the connection the 
secrets are not being saved in the kwallet by us and neither by NM (by calling 
SaveSecrets). When activating the connection NM calls GetSecrets and that 
failed because the agent does not have the secrets. When we update the 
connection in kcm module NM finally calls SaveSecrets passing the secrets as 
parameters and the kded module saves them. We could also call updateConnection 
after creating it :-) That works, I have just tested it.
 
> > Ilia
> > 
> > -------- Original Message --------
> > Subject: Re: NM09 branch
> > Date: 18.05.2011 17:14:02 +0200
> > From: Lukáš Tinkl <ltinkl at redhat.com>
> > To: ilia-kats at gmx.net, kde-networkmanager at kde.org
> > 
> > Lukáš Tinkl schrieb am 18.05.2011 17:14:
> > > Dne St 18. května 2011 16:33:56 Ilia Kats napsal(a):
> > >> Hey,
> > >> 
> > >> I am using the ifupdown and keyfile plug-ins, and this works here too.
> > >> The thing is: In order to work, we must have secrets available.
> > >> Secrets can either be stored internally by NM or by a user agent. The
> > >> current implementation is that secrets for system-wide connections
> > >> (meaning the "System connection" checkbox is checked, so no
> > >> permissions are set for the connection, meaning NM will let all users
> > >> connect with it) are stored by NM, all other by the
> > >> yet-to-be-implemented user agent. If you want this to work _right
> > >> now_ you have to change
> > >> libs/internals/connection.cpp lines 210-218 to:
> > >> 
> > >> type |= Setting::None;
> > >> 
> > >> That way, even for connections restricted to a single user, secrets
> > >> will be stored by NM internally. (As said in the commit message, this
> > >> still doesn't work for 802-1x settings. I could not find any errors,
> > >> but it would be great if someone could double-check the code)
> > >> 
> > >> I am going to work on the secrets agent now, but due to the lack of
> > >> documentation for the to-be-implemented
> > >> org.freedesktop.NetworkManager.SecretAgent interface and lack of time
> > >> this could take a while (if someone knows something about the
> > >> interface, please contact me)
> > >> 
> > >> Ilia
> > >> 
> > >> 
> > >> -------- Original-Nachricht --------
> > >> Betreff: Re: NM09 branch
> > >> Datum: 18.05.2011 10:39:21 -0300
> > >> Von: Lamarque Vieira Souza <lamarque at gmail.com>
> > >> An: kde-networkmanager at kde.org
> > >> 
> > >>> Hi,
> > >>> 
> > >>> 
> > >>> The old user connections were still listed but they do not work
> > >>> because NM does not recognise them, I have just commit a change to
> > >>> prevent user connections from being listed. Creating connection by
> > >>> clicking on the wireless network works for me. I can cannot usind my
> > >>> etherent, WPA wifi, and 3G/Gsm connections. I have not tested my
> > >>> bluetooth connections but since bluetooth and 3G/Gsm are very alike
> > >>> it probably works too. Only VPN is not working because we need a
> > >>> secrets agent to store the secrets.
> > >>> 
> > >>> 
> > >>> Well, I can add/edit/delete any connection here (ethernet, wifi, gsm,
> > >>> bluetooth, vpn). Maybe that feature depends on which plugin NM is
> > >>> using. I use ifnet as default in
> > >>> /etc/NetworkManager/nm-system-settings.conf, which one you use?
> > >>> 
> > >>> 
> > >>> I am going to say offline most part of day, only in about 10 hours I
> > >>> will be back online.
> > >>> 
> > >>> Em Wednesday 18 May 2011, Raymond Wooninck escreveu:
> > >>>> Dear Lamarque,
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> I am very sorry, but this issue is not fixed in the NM09 branch of
> > >>>> 
> > >>>> networkmanagement. I took a new snapshot from this morning and
> > >>>> compiled
> > >>>> 
> > >>>> this against the KDE trunk from last night. I removed all the
> > >>>> patches for
> > >>>> 
> > >>>> working with NM 0.9, so that I am sure to use the new
> > >>>> networkmanagement
> > >>>> 
> > >>>> functionality.
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> The plasmoid shows the connections, etc. However I can can click on
> > >>>> any
> > >>>> 
> > >>>> connection I see, but nothing happens. I can't disconnect through
> > >>>> the
> > >>>> 
> > >>>> plasmoid nor can I connect to any available connection. The only
> > >>>> buttons
> > >>>> 
> > >>>> that are working are to disable networking, disable wireless and the
> > >>>> two
> > >>>> 
> > >>>> buttons for show more/less and to get into the KCM module.
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> I can create a new connection, which works fine. However trying to
> > >>>> edit
> > >>>> 
> > >>>> that one again gives me the error that I am missing an agent. (I
> > >>>> also
> > >>>> 
> > >>>> remember seeing a commit for Ilia about changing the error and
> > >>>> indicating
> > >>>> 
> > >>>> that this is in preparation of a new securityagent.).
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> To me it seems that either networkmanagement is currently depending
> > >>>> on
> > >>>> 
> > >>>> kSecretService or that certain things have not been commited yet.
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> Please let me know if you need some more information from me.
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> Regards
> > >>>> 
> > >>>> 
> > >>>> 
> > >>>> Raymond
> > > 
> > > Hi,
> > > you can have a look at my proof-of-concept code here:
> > > https://bitbucket.org/caybro/knm9
> > > 
> > > The interesting parts are in:
> > > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/backend/NMSecretAgen
> > > t. cpp
> > > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/backend/NMSecretAgen
> > > t .h (just a very simple implementation of the agent, the real stuff
> > > should use KWallet as the backend for storing the secrets)
> > > 
> > > and the most tricky part, the creation of the agent:
> > > https://bitbucket.org/caybro/knm9/src/ac430c8136dd/gui/mainwindow.cpp#c
> > > l- 100 (lines 100 - 105)
> > > 
> > > HTH,
> > 
> > _______________________________________________
> > kde-networkmanager mailing list
> > kde-networkmanager at kde.org
> > https://mail.kde.org/mailman/listinfo/kde-networkmanager
> 
> 	This also explains some things, like wifi keys being stored in plain text
> by NM:
> 
> http://mail.gnome.org/archives/networkmanager-list/2011-March/msg00122.html
> 
> 	I think we should change Plasma NM to always change secrets to agent-
> owned when creating a connection to prevent NM storing secrets in plain
> text.














-- 
Lamarque V. Souza
http://www.geographicguide.com/brazil.htm
Linux User #57137 - http://counter.li.org/
http://planetkde.org/pt-br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kde-networkmanager/attachments/20110524/ae847cc6/attachment-0001.htm 


More information about the kde-networkmanager mailing list