Your message dated Sun, 6 Jan 2013 23:11:40 +0100 with message-id <20130106221140.GP5676@radis.cristau.org> and subject line Re: Bug#697529: unblock: network-manager-applet/0.9.4.1-3 has caused the Debian Bug report #697529, regarding unblock: network-manager-applet/0.9.4.1-3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 697529: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697529 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: network-manager-applet/0.9.4.1-3
- From: Michael Biebl <biebl@debian.org>
- Date: Sun, 06 Jan 2013 16:43:05 +0100
- Message-id: <20130106154305.29215.81180.reportbug@pluto.milchstrasse.xx>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package network-manager-applet The handling of system wide connections caused a lot of grieve among users and admins since it requires admin privileges. For the simple cases (like single-user laptop), the pkla file we ship in network-manager_0.9.4.0-7 is sufficient. There are other use cases though, where you don't want to grant every user the right to create and modify system connections like e.g. a shared-laptop with untrusted users. That's what this patch in nm-applet is for: In such a case giving the user the root passwort or adding them to group netdev/sudo is not wanted. So we automatically fall back to user connections. A similar patch will be written for gnome-shell, which ships its own NM client. Once that is ready I'll file a separate unblock request. The changelog reads: network-manager-applet (0.9.4.1-3) unstable; urgency=low [ Michael Biebl ] * Add Build-Depends on gnome-common which is required for autoreconf. [ Josselin Mouette ] * debian/patches/05-8021x-passwords-user.patch: patch from upstream git. Correctly set 802.1x passwords as agent-owned, so that they are stored in the user’s keyring. * debian/patches/11-user-connections.patch: new patch. Set passwords as agent-owned when they need to, to allow users without root permissions to easily configure their connections. (Closes: #696256) The logic is: - Bluetooth, CDMA and GSM connections: always user-owned - WEP/WPA connections: system-owned if user has the permissions (with NM’s config, that is netdev or sudo membership), user-owned otherwise. The password is stored in the keyring for WPA, not for WEP. - WiMax / Wired connections: always system-owned (with 802.1x passwords in the keyring). -- Michael Biebl <biebl@debian.org> Sun, 06 Jan 2013 09:57:29 +0100 Full debdiff is attached. Cheers, Michael unblock network-manager-applet/0.9.4.1-3 [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696256#148 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (200, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dashdiff --git a/debian/changelog b/debian/changelog index dded885..a3b75c0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,26 @@ +network-manager-applet (0.9.4.1-3) unstable; urgency=low + + [ Michael Biebl ] + * Add Build-Depends on gnome-common which is required for autoreconf. + + [ Josselin Mouette ] + * debian/patches/05-8021x-passwords-user.patch: patch from upstream git. + Correctly set 802.1x passwords as agent-owned, so that they are stored + in the user’s keyring. + * debian/patches/11-user-connections.patch: new patch. Set passwords as + agent-owned when they need to, to allow users without root permissions + to easily configure their connections. (Closes: #696256) + The logic is: + - Bluetooth, CDMA and GSM connections: always user-owned + - WEP/WPA connections: system-owned if user has the permissions + (with NM’s config, that is netdev or sudo membership), user-owned + otherwise. The password is stored in the keyring for WPA, not for + WEP. + - WiMax / Wired connections: always system-owned (with 802.1x + passwords in the keyring). + + -- Michael Biebl <biebl@debian.org> Sun, 06 Jan 2013 09:57:29 +0100 + network-manager-applet (0.9.4.1-2) unstable; urgency=low * debian/rules: Use xz compression for binary packages. diff --git a/debian/control b/debian/control index f82a5a9..b3ef725 100644 --- a/debian/control +++ b/debian/control @@ -8,6 +8,7 @@ Build-Depends: dpkg-dev (>= 1.16.1), autotools-dev, dh-autoreconf, + gnome-common, intltool, libdbus-glib-1-dev (>= 0.74), libgnome-keyring-dev, diff --git a/debian/patches/05-8021x-passwords-user.patch b/debian/patches/05-8021x-passwords-user.patch new file mode 100644 index 0000000..d40538c --- /dev/null +++ b/debian/patches/05-8021x-passwords-user.patch @@ -0,0 +1,223 @@ +From 2d666bc7aa6f0b731d131319b36f07b0f2bdce16 Mon Sep 17 00:00:00 2001 +From: Dan Williams <dcbw@redhat.com> +Date: Mon, 05 Nov 2012 21:26:17 +0000 +Subject: libnm-gtk: set default 802.1x password flags to "agent-owned" + +Imported 0.8 connections and VPN connects had password flags set for +the appropriate connection types, but we want to default 802.1x +passwords to "agent-owned" too. +--- +diff --git a/src/wireless-security/eap-method-leap.c b/src/wireless-security/eap-method-leap.c +index 7e1d7bf..3a1545e 100644 +--- a/src/wireless-security/eap-method-leap.c ++++ b/src/wireless-security/eap-method-leap.c +@@ -30,6 +30,8 @@ + + struct _EAPMethodLEAP { + EAPMethod parent; ++ ++ gboolean new_connection; + }; + + static void +@@ -83,6 +85,7 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group) + static void + fill_connection (EAPMethod *parent, NMConnection *connection) + { ++ EAPMethodLEAP *method = (EAPMethodLEAP *) parent; + NMSetting8021x *s_8021x; + GtkWidget *widget; + +@@ -98,6 +101,13 @@ fill_connection (EAPMethod *parent, NMConnection *connection) + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_password_entry")); + g_assert (widget); + g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL); ++ ++ /* Default to agent-owned secrets for new connections */ ++ if (method->new_connection) { ++ g_object_set (s_8021x, ++ NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, ++ NULL); ++ } + } + + static void +@@ -115,6 +125,7 @@ eap_method_leap_new (WirelessSecurity *ws_parent, + NMConnection *connection, + gboolean secrets_only) + { ++ EAPMethodLEAP *method; + EAPMethod *parent; + GtkWidget *widget; + +@@ -131,6 +142,9 @@ eap_method_leap_new (WirelessSecurity *ws_parent, + if (!parent) + return NULL; + ++ method = (EAPMethodLEAP *) parent; ++ method->new_connection = secrets_only ? FALSE : TRUE; ++ + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_leap_username_entry")); + g_assert (widget); + g_signal_connect (G_OBJECT (widget), "changed", +@@ -163,6 +177,6 @@ eap_method_leap_new (WirelessSecurity *ws_parent, + (GCallback) show_toggled_cb, + parent); + +- return (EAPMethodLEAP *) parent; ++ return method; + } + +diff --git a/src/wireless-security/eap-method-simple.c b/src/wireless-security/eap-method-simple.c +index ab5719d..6463c46 100644 +--- a/src/wireless-security/eap-method-simple.c ++++ b/src/wireless-security/eap-method-simple.c +@@ -34,6 +34,7 @@ struct _EAPMethodSimple { + + EAPMethodSimpleType type; + gboolean is_editor; ++ gboolean new_connection; + }; + + static void +@@ -163,6 +164,13 @@ fill_connection (EAPMethod *parent, NMConnection *connection) + g_assert (widget); + g_object_set (s_8021x, NM_SETTING_802_1X_PASSWORD, gtk_entry_get_text (GTK_ENTRY (widget)), NULL); + } ++ ++ /* Default to agent-owned secrets for new connections */ ++ if (method->new_connection && (not_saved == FALSE)) { ++ g_object_set (s_8021x, ++ NM_SETTING_802_1X_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, ++ NULL); ++ } + } + + static void +@@ -230,6 +238,7 @@ eap_method_simple_new (WirelessSecurity *ws_parent, + method = (EAPMethodSimple *) parent; + method->type = type; + method->is_editor = is_editor; ++ method->new_connection = secrets_only ? FALSE : TRUE; + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "eap_simple_username_entry")); + g_assert (widget); +diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c +index 9128e42..d4efd5a 100644 +--- a/src/wireless-security/eap-method-tls.c ++++ b/src/wireless-security/eap-method-tls.c +@@ -35,6 +35,8 @@ + + struct _EAPMethodTLS { + EAPMethod parent; ++ ++ gboolean new_connection; + }; + + +@@ -117,12 +119,14 @@ add_to_size_group (EAPMethod *parent, GtkSizeGroup *group) + static void + fill_connection (EAPMethod *parent, NMConnection *connection) + { ++ EAPMethodTLS *method = (EAPMethodTLS *) parent; + NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN; + NMSetting8021x *s_8021x; + GtkWidget *widget; + char *ca_filename, *pk_filename, *cc_filename; + const char *password = NULL; + GError *error = NULL; ++ const char *secret_flag_prop = NULL; + + s_8021x = nm_connection_get_setting_802_1x (connection); + g_assert (s_8021x); +@@ -152,14 +156,20 @@ fill_connection (EAPMethod *parent, NMConnection *connection) + g_warning ("Couldn't read phase2 private key '%s': %s", pk_filename, error ? error->message : "(unknown)"); + g_clear_error (&error); + } ++ secret_flag_prop = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS; + } else { + if (!nm_setting_802_1x_set_private_key (s_8021x, pk_filename, password, NM_SETTING_802_1X_CK_SCHEME_PATH, &format, &error)) { + g_warning ("Couldn't read private key '%s': %s", pk_filename, error ? error->message : "(unknown)"); + g_clear_error (&error); + } ++ secret_flag_prop = NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS; + } + g_free (pk_filename); + ++ /* Default to agent-owned secrets for new connections */ ++ if (method->new_connection) ++ g_object_set (s_8021x, secret_flag_prop, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); ++ + /* TLS client certificate */ + if (format != NM_SETTING_802_1X_CK_FORMAT_PKCS12) { + /* If the key is pkcs#12 nm_setting_802_1x_set_private_key() already +@@ -376,6 +386,7 @@ eap_method_tls_new (WirelessSecurity *ws_parent, + gboolean phase2, + gboolean secrets_only) + { ++ EAPMethodTLS *method; + EAPMethod *parent; + GtkWidget *widget; + NMSetting8021x *s_8021x = NULL; +@@ -393,6 +404,9 @@ eap_method_tls_new (WirelessSecurity *ws_parent, + if (!parent) + return NULL; + ++ method = (EAPMethodTLS *) parent; ++ method->new_connection = secrets_only ? FALSE : TRUE; ++ + eap_method_nag_init (parent, "eap_tls_ca_cert_button", connection); + + if (connection) +@@ -458,6 +472,6 @@ eap_method_tls_new (WirelessSecurity *ws_parent, + gtk_widget_hide (widget); + } + +- return (EAPMethodTLS *) parent; ++ return method; + } + +diff --git a/src/wireless-security/ws-leap.c b/src/wireless-security/ws-leap.c +index 1f0fdaf..16327cb 100644 +--- a/src/wireless-security/ws-leap.c ++++ b/src/wireless-security/ws-leap.c +@@ -28,6 +28,7 @@ + + struct _WirelessSecurityLEAP { + WirelessSecurity parent; ++ gboolean new_connection; + }; + + static void +@@ -79,6 +80,7 @@ add_to_size_group (WirelessSecurity *parent, GtkSizeGroup *group) + static void + fill_connection (WirelessSecurity *parent, NMConnection *connection) + { ++ WirelessSecurityLEAP *sec = (WirelessSecurityLEAP *) parent; + NMSettingWireless *s_wireless; + NMSettingWirelessSecurity *s_wireless_sec; + GtkWidget *widget; +@@ -105,6 +107,13 @@ fill_connection (WirelessSecurity *parent, NMConnection *connection) + NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME, leap_username, + NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, leap_password, + NULL); ++ ++ /* Default to agent-owned secrets for new connections */ ++ if (sec->new_connection) { ++ g_object_set (s_wireless_sec, ++ NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, ++ NULL); ++ } + } + + static void +@@ -151,6 +160,7 @@ ws_leap_new (NMConnection *connection, gboolean secrets_only) + + parent->adhoc_compatible = FALSE; + sec = (WirelessSecurityLEAP *) parent; ++ sec->new_connection = secrets_only ? FALSE : TRUE; + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry")); + g_assert (widget); +-- +cgit v0.9.0.2 diff --git a/debian/patches/11-user-connections.patch b/debian/patches/11-user-connections.patch new file mode 100644 index 0000000..3001763 --- /dev/null +++ b/debian/patches/11-user-connections.patch @@ -0,0 +1,427 @@ +Index: network-manager-applet-0.9.4.1/src/applet-device-wifi.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/applet-device-wifi.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/applet-device-wifi.c 2012-12-17 19:19:20.727158212 +0100 +@@ -462,6 +462,23 @@ _do_new_auto_connection (NMApplet *apple + nm_connection_add_setting (connection, NM_SETTING (s_8021x)); + } + ++ if (utils_default_to_private_connection (applet->nm_client)) { ++ if (!s_con) { ++ s_con = (NMSettingConnection *) nm_setting_connection_new (); ++ nm_connection_add_setting (connection, NM_SETTING (s_con)); ++ } ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); ++ ++ if ((rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK) || ++ (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) { ++ if (!s_wsec) { ++ s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); ++ nm_connection_add_setting (connection, NM_SETTING (s_wsec)); ++ } ++ g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); ++ } ++ } ++ + /* If it's an 802.1x connection, we need more information, so pop up the + * Dialog Of Doom. + */ +Index: network-manager-applet-0.9.4.1/src/applet-device-gsm.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/applet-device-gsm.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/applet-device-gsm.c 2012-12-17 17:42:33.054765947 +0100 +@@ -147,6 +147,7 @@ mobile_wizard_done (NMAMobileWizard *wiz + NM_SETTING_GSM_NUMBER, "*99#", + NM_SETTING_GSM_USERNAME, method->username, + NM_SETTING_GSM_PASSWORD, method->password, ++ NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NM_SETTING_GSM_APN, method->gsm_apn, + NULL); + nm_connection_add_setting (connection, setting); +@@ -177,6 +178,7 @@ mobile_wizard_done (NMAMobileWizard *wiz + NULL); + g_free (uuid); + g_free (id); ++ nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, setting); + } + +Index: network-manager-applet-0.9.4.1/src/libnm-gtk/nm-wireless-dialog.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/libnm-gtk/nm-wireless-dialog.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/libnm-gtk/nm-wireless-dialog.c 2012-12-17 19:23:20.988332793 +0100 +@@ -1219,6 +1219,9 @@ nma_wireless_dialog_get_connection (NMAW + NM_SETTING_CONNECTION_UUID, uuid, + NULL); + g_free (uuid); ++ if (utils_default_to_private_connection (priv->client)) { ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); ++ } + nm_connection_add_setting (connection, (NMSetting *) s_con); + + s_wireless = (NMSettingWireless *) nm_setting_wireless_new (); +Index: network-manager-applet-0.9.4.1/src/applet-device-cdma.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/applet-device-cdma.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/applet-device-cdma.c 2012-12-17 17:42:33.054765947 +0100 +@@ -119,6 +119,7 @@ mobile_wizard_done (NMAMobileWizard *wiz + NM_SETTING_CDMA_NUMBER, "#777", + NM_SETTING_CDMA_USERNAME, method->username, + NM_SETTING_CDMA_PASSWORD, method->password, ++ NM_SETTING_CDMA_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NULL); + nm_connection_add_setting (connection, setting); + +@@ -148,6 +149,7 @@ mobile_wizard_done (NMAMobileWizard *wiz + NULL); + g_free (uuid); + g_free (id); ++ nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, setting); + } + +Index: network-manager-applet-0.9.4.1/src/gnome-bluetooth/bt-widget.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/gnome-bluetooth/bt-widget.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/gnome-bluetooth/bt-widget.c 2012-12-17 17:42:33.058765971 +0100 +@@ -256,6 +256,7 @@ add_pan_connection (PluginInfo *info) + NULL); + g_free (id); + g_free (uuid); ++ nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, setting); + + /* The Bluetooth settings */ +@@ -392,6 +393,7 @@ dun_new_cdma (NMAMobileWizardAccessMetho + NM_SETTING_CDMA_NUMBER, "#777", + NM_SETTING_CDMA_USERNAME, method->username, + NM_SETTING_CDMA_PASSWORD, method->password, ++ NM_SETTING_CDMA_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NULL); + nm_connection_add_setting (connection, setting); + +@@ -421,6 +423,7 @@ dun_new_cdma (NMAMobileWizardAccessMetho + NULL); + g_free (uuid); + g_free (id); ++ nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, setting); + + return connection; +@@ -440,6 +443,7 @@ dun_new_gsm (NMAMobileWizardAccessMethod + NM_SETTING_GSM_NUMBER, "*99#", + NM_SETTING_GSM_USERNAME, method->username, + NM_SETTING_GSM_PASSWORD, method->password, ++ NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NM_SETTING_GSM_APN, method->gsm_apn, + NULL); + nm_connection_add_setting (connection, setting); +@@ -470,6 +474,7 @@ dun_new_gsm (NMAMobileWizardAccessMethod + NULL); + g_free (uuid); + g_free (id); ++ nm_setting_connection_add_permission ((NMSettingConnection *) setting, "user", g_get_user_name (), NULL); + nm_connection_add_setting (connection, setting); + + return connection; +Index: network-manager-applet-0.9.4.1/src/utils/utils.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/utils/utils.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/utils/utils.c 2012-12-17 19:45:35.022854558 +0100 +@@ -390,3 +390,10 @@ utils_show_error_dialog (const char *tit + } + } + ++gboolean ++utils_default_to_private_connection (NMClient *client) ++{ ++ NMClientPermissionResult perms; ++ perms = nm_client_get_permission_result (client, NM_CLIENT_PERMISSION_SETTINGS_MODIFY_SYSTEM); ++ return (perms != NM_CLIENT_PERMISSION_RESULT_YES); ++} +Index: network-manager-applet-0.9.4.1/src/utils/utils.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/utils/utils.h 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/utils/utils.h 2012-12-17 19:20:42.087555979 +0100 +@@ -27,6 +27,7 @@ + #include <gtk/gtk.h> + #include <nm-connection.h> + #include <nm-device.h> ++#include <nm-client.h> + #include <net/ethernet.h> + #include <nm-access-point.h> + #include <gnome-keyring.h> +@@ -64,6 +65,8 @@ void utils_show_error_dialog (const char + gboolean modal, + GtkWindow *parent); + ++gboolean utils_default_to_private_connection (NMClient *client); ++ + #define NMA_ERROR (g_quark_from_static_string ("nma-error-quark")) + + typedef enum { +Index: network-manager-applet-0.9.4.1/src/connection-editor/nm-connection-list.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/nm-connection-list.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/nm-connection-list.c 2012-12-17 21:25:44.500233404 +0100 +@@ -605,6 +605,7 @@ add_clicked (GtkButton *button, gpointer + info->new_func (GTK_WINDOW (list->dialog), + really_add_connection, + page_get_connections, ++ info->list->nm_client, + info); + } + +@@ -1577,6 +1578,7 @@ nm_connection_list_create (NMConnectionL + info->new_func (GTK_WINDOW (info->list->dialog), + really_add_connection, + page_get_connections, ++ info->list->nm_client, + info); + } + } +Index: network-manager-applet-0.9.4.1/src/wireless-security/ws-wpa-psk.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/wireless-security/ws-wpa-psk.c 2012-12-17 17:42:31.554758617 +0100 ++++ network-manager-applet-0.9.4.1/src/wireless-security/ws-wpa-psk.c 2012-12-17 19:35:09.479796428 +0100 +@@ -92,11 +92,13 @@ fill_connection (WirelessSecurity *paren + { + GtkWidget *widget; + const char *key; ++ NMSettingConnection *s_con; + NMSettingWireless *s_wireless; + NMSettingWirelessSecurity *s_wireless_sec; + const char *mode; + gboolean is_adhoc = FALSE; + ++ s_con = nm_connection_get_setting_connection (connection); + s_wireless = nm_connection_get_setting_wireless (connection); + g_assert (s_wireless); + +@@ -113,6 +115,9 @@ fill_connection (WirelessSecurity *paren + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry")); + key = gtk_entry_get_text (GTK_ENTRY (widget)); + g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); ++ if (s_con && nm_setting_connection_get_num_permissions (s_con)) { ++ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, NULL); ++ } + + wireless_security_clear_ciphers (connection); + if (is_adhoc) { +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-mobile.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-mobile.c 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-mobile.c 2012-12-17 21:16:37.749560464 +0100 +@@ -554,6 +554,7 @@ new_connection_mobile_wizard_done (NMAMo + NMConnection *connection = NULL; + + if (!canceled && method) { ++ NMSettingConnection *s_con; + NMSetting *type_setting; + const char *ctype = NULL; + char *detail = NULL; +@@ -567,6 +568,7 @@ new_connection_mobile_wizard_done (NMAMo + NM_SETTING_GSM_NUMBER, "*99#", + NM_SETTING_GSM_USERNAME, method->username, + NM_SETTING_GSM_PASSWORD, method->password, ++ NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NM_SETTING_GSM_APN, method->gsm_apn, + NULL); + break; +@@ -578,6 +580,7 @@ new_connection_mobile_wizard_done (NMAMo + NM_SETTING_CDMA_NUMBER, "#777", + NM_SETTING_GSM_USERNAME, method->username, + NM_SETTING_GSM_PASSWORD, method->password, ++ NM_SETTING_GSM_PASSWORD_FLAGS, NM_SETTING_SECRET_FLAG_AGENT_OWNED, + NULL); + break; + default: +@@ -592,6 +595,13 @@ new_connection_mobile_wizard_done (NMAMo + connection = ce_page_new_connection (detail, ctype, FALSE, info->get_connections_func, info->user_data); + g_free (detail); + ++ s_con = nm_connection_get_setting_connection (connection); ++ if (!s_con) { ++ s_con = (NMSettingConnection *) nm_setting_connection_new (); ++ nm_connection_add_setting (connection, NM_SETTING (s_con)); ++ } ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); ++ + nm_connection_add_setting (connection, type_setting); + add_default_serial_setting (connection); + nm_connection_add_setting (connection, nm_setting_ppp_new ()); +@@ -614,6 +624,7 @@ void + mobile_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data) + { + NMAMobileWizard *wizard; +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-vpn.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-vpn.c 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-vpn.c 2012-12-17 21:17:31.889825149 +0100 +@@ -186,10 +186,12 @@ void + vpn_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data) + { + char *service = NULL; + NMConnection *connection; ++ NMSettingConnection *s_con; + NMSetting *s_vpn; + + service = vpn_ask_connection_type (parent); +@@ -203,6 +205,14 @@ vpn_connection_new (GtkWindow *parent, + FALSE, + get_connections_func, + user_data); ++ ++ s_con = nm_connection_get_setting_connection (connection); ++ if (!s_con) { ++ s_con = (NMSettingConnection *) nm_setting_connection_new (); ++ nm_connection_add_setting (connection, NM_SETTING (s_con)); ++ } ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); ++ + s_vpn = nm_setting_vpn_new (); + g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, service, NULL); + g_free (service); +Index: network-manager-applet-0.9.4.1/src/connection-editor/ce-page.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/ce-page.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/ce-page.h 2012-12-17 21:12:11.904260821 +0100 +@@ -43,6 +43,7 @@ typedef GSList * (*PageGetConnectionsFun + typedef void (*PageNewConnectionFunc) (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #define CE_TYPE_PAGE (ce_page_get_type ()) +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-dsl.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-dsl.c 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-dsl.c 2012-12-17 21:15:30.873233525 +0100 +@@ -224,6 +224,7 @@ void + dsl_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data) + { + NMConnection *connection; +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-dsl.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-dsl.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-dsl.h 2012-12-17 21:15:51.177332808 +0100 +@@ -56,6 +56,7 @@ CEPage *ce_page_dsl_new (NMConnection *c + void dsl_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc callback, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #endif /* __PAGE_DSL_H__ */ +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-mobile.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-mobile.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-mobile.h 2012-12-17 21:16:52.353631835 +0100 +@@ -56,6 +56,7 @@ CEPage *ce_page_mobile_new (NMConnection + void mobile_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #endif /* __PAGE_MOBILE_H__ */ +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-vpn.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-vpn.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-vpn.h 2012-12-17 21:17:45.065889589 +0100 +@@ -56,6 +56,7 @@ CEPage *ce_page_vpn_new (NMConnection *c + void vpn_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #endif /* __PAGE_VPN_H__ */ +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-wired.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-wired.c 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-wired.c 2012-12-17 21:18:53.906226101 +0100 +@@ -442,6 +442,7 @@ void + wired_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data) + { + NMConnection *connection; +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-wired.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-wired.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-wired.h 2012-12-17 21:19:04.122276042 +0100 +@@ -56,6 +56,7 @@ CEPage *ce_page_wired_new (NMConnection + void wired_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #endif /* __PAGE_WIRED_H__ */ +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-wireless.c +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-wireless.c 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-wireless.c 2012-12-17 21:21:16.646923928 +0100 +@@ -33,6 +33,8 @@ + #include <nm-device-wifi.h> + #include <nm-utils.h> + ++#include "utils.h" ++ + #include "page-wireless.h" + + G_DEFINE_TYPE (CEPageWireless, ce_page_wireless, CE_TYPE_PAGE) +@@ -655,6 +657,7 @@ void + wifi_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data) + { + NMConnection *connection; +@@ -665,6 +668,17 @@ wifi_connection_new (GtkWindow *parent, + TRUE, + get_connections_func, + user_data); ++ ++ if (utils_default_to_private_connection (client)) { ++ NMSettingConnection *s_con; ++ s_con = nm_connection_get_setting_connection (connection); ++ if (!s_con) { ++ s_con = (NMSettingConnection *) nm_setting_connection_new (); ++ nm_connection_add_setting (connection, NM_SETTING (s_con)); ++ } ++ nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL); ++ } ++ + s_wifi = nm_setting_wireless_new (); + g_object_set (s_wifi, NM_SETTING_WIRELESS_MODE, "infrastructure", NULL); + nm_connection_add_setting (connection, s_wifi); +Index: network-manager-applet-0.9.4.1/src/connection-editor/page-wireless.h +=================================================================== +--- network-manager-applet-0.9.4.1.orig/src/connection-editor/page-wireless.h 2012-03-14 00:03:59.000000000 +0100 ++++ network-manager-applet-0.9.4.1/src/connection-editor/page-wireless.h 2012-12-17 21:19:22.602366384 +0100 +@@ -60,6 +60,7 @@ GByteArray *ce_page_wireless_get_ssid (C + void wifi_connection_new (GtkWindow *parent, + PageNewConnectionResultFunc result_func, + PageGetConnectionsFunc get_connections_func, ++ NMClient *client, + gpointer user_data); + + #endif /* __PAGE_WIRELESS_H__ */ diff --git a/debian/patches/series b/debian/patches/series index 735c473..d987bc6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -3,3 +3,5 @@ 02-fix-shell-version-detecting-code.patch 03-dont-handle-VPN-secrets-with-GNOME-Shell-3.4.patch 04-gnome-bluetooth-3.4-support.patch +05-8021x-passwords-user.patch +11-user-connections.patch
--- End Message ---
--- Begin Message ---
- To: Michael Biebl <biebl@debian.org>, 697529-done@bugs.debian.org
- Subject: Re: Bug#697529: unblock: network-manager-applet/0.9.4.1-3
- From: Julien Cristau <jcristau@debian.org>
- Date: Sun, 6 Jan 2013 23:11:40 +0100
- Message-id: <20130106221140.GP5676@radis.cristau.org>
- In-reply-to: <20130106154305.29215.81180.reportbug@pluto.milchstrasse.xx>
- References: <20130106154305.29215.81180.reportbug@pluto.milchstrasse.xx>
On Sun, Jan 6, 2013 at 16:43:05 +0100, Michael Biebl wrote: > Package: release.debian.org > Severity: normal > User: release.debian.org@packages.debian.org > Usertags: unblock > > Please unblock package network-manager-applet > Unblocked, thanks. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---