1/*
2 SPDX-FileCopyrightText: 2012-2013 Jan Grulich <jgrulich@redhat.com>
3
4 SPDX-License-Identifier: LGPL-2.1-only OR LGPL-3.0-only OR LicenseRef-KDE-Accepted-LGPL
5*/
6
7#include "security8021xsetting.h"
8#include "security8021xsetting_p.h"
9
10#include <QDebug>
11
12NetworkManager::Security8021xSettingPrivate::Security8021xSettingPrivate()
13 : name(NM_SETTING_802_1X_SETTING_NAME)
14 , phase1PeapVer(Security8021xSetting::PeapVersionUnknown)
15 , phase1PeapLabel(Security8021xSetting::PeapLabelUnknown)
16 , phase1FastProvisioning(Security8021xSetting::FastProvisioningUnknown)
17 , phase2AuthMethod(Security8021xSetting::AuthMethodUnknown)
18 , phase2AuthEapMethod(Security8021xSetting::AuthEapMethodUnknown)
19 , passwordFlags(NetworkManager::Setting::None)
20 , passwordRawFlags(NetworkManager::Setting::None)
21 , privateKeyPasswordFlags(NetworkManager::Setting::None)
22 , phase2PrivateKeyPasswordFlags(NetworkManager::Setting::None)
23 , pinFlags(NetworkManager::Setting::None)
24 , systemCaCerts(false)
25{
26}
27
28NetworkManager::Security8021xSetting::Security8021xSetting()
29 : Setting(Setting::Security8021x)
30 , d_ptr(new Security8021xSettingPrivate())
31{
32}
33
34NetworkManager::Security8021xSetting::Security8021xSetting(const Ptr &other)
35 : Setting(other)
36 , d_ptr(new Security8021xSettingPrivate())
37{
38 setEapMethods(other->eapMethods());
39 setIdentity(other->identity());
40 setDomainSuffixMatch(other->domainSuffixMatch());
41 setAnonymousIdentity(other->anonymousIdentity());
42 setPacFile(other->pacFile());
43 setCaCertificate(other->caCertificate());
44 setCaPath(other->caPath());
45 setSubjectMatch(other->subjectMatch());
46 setAltSubjectMatches(other->altSubjectMatches());
47 setClientCertificate(other->clientCertificate());
48 setPhase1PeapVersion(other->phase1PeapVersion());
49 setPhase1PeapLabel(other->phase1PeapLabel());
50 setPhase1FastProvisioning(other->phase1FastProvisioning());
51 setPhase2AuthMethod(other->phase2AuthMethod());
52 setPhase2AuthEapMethod(other->phase2AuthEapMethod());
53 setPhase2CaCertificate(other->phase2CaCertificate());
54 setPhase2CaPath(other->phase2CaPath());
55 setPhase2SubjectMatch(other->phase2SubjectMatch());
56 setPhase2AltSubjectMatches(other->phase2AltSubjectMatches());
57 setPassword(other->password());
58 setPasswordFlags(other->passwordFlags());
59 setPasswordRaw(other->passwordRaw());
60 setPasswordRawFlags(other->passwordRawFlags());
61 setPrivateKey(other->privateKey());
62 setPrivateKeyPassword(other->privateKeyPassword());
63 setPrivateKeyPasswordFlags(other->privateKeyPasswordFlags());
64 setPhase2PrivateKey(other->phase2PrivateKey());
65 setPhase2PrivateKeyPassword(other->phase2PrivateKeyPassword());
66 setPhase2PrivateKeyPasswordFlags(other->phase2PrivateKeyPasswordFlags());
67 setSystemCaCertificates(other->systemCaCertificates());
68}
69
70NetworkManager::Security8021xSetting::~Security8021xSetting()
71{
72 delete d_ptr;
73}
74
75QString NetworkManager::Security8021xSetting::name() const
76{
77 Q_D(const Security8021xSetting);
78
79 return d->name;
80}
81
82void NetworkManager::Security8021xSetting::setEapMethods(const QList<NetworkManager::Security8021xSetting::EapMethod> &methods)
83{
84 Q_D(Security8021xSetting);
85
86 d->eap = methods;
87}
88
89QList<NetworkManager::Security8021xSetting::EapMethod> NetworkManager::Security8021xSetting::eapMethods() const
90{
91 Q_D(const Security8021xSetting);
92
93 return d->eap;
94}
95
96void NetworkManager::Security8021xSetting::setIdentity(const QString &identity)
97{
98 Q_D(Security8021xSetting);
99
100 d->identity = identity;
101}
102
103QString NetworkManager::Security8021xSetting::identity() const
104{
105 Q_D(const Security8021xSetting);
106
107 return d->identity;
108}
109
110void NetworkManager::Security8021xSetting::setAnonymousIdentity(const QString &identity)
111{
112 Q_D(Security8021xSetting);
113
114 d->anonymousIdentity = identity;
115}
116
117QString NetworkManager::Security8021xSetting::anonymousIdentity() const
118{
119 Q_D(const Security8021xSetting);
120
121 return d->anonymousIdentity;
122}
123
124void NetworkManager::Security8021xSetting::setDomainSuffixMatch(const QString &domain)
125{
126 Q_D(Security8021xSetting);
127
128 d->domainSuffixMatch = domain;
129}
130
131QString NetworkManager::Security8021xSetting::domainSuffixMatch() const
132{
133 Q_D(const Security8021xSetting);
134
135 return d->domainSuffixMatch;
136}
137
138void NetworkManager::Security8021xSetting::setPacFile(const QString &filePath)
139{
140 Q_D(Security8021xSetting);
141
142 d->pacFile = filePath;
143}
144
145QString NetworkManager::Security8021xSetting::pacFile() const
146{
147 Q_D(const Security8021xSetting);
148
149 return d->pacFile;
150}
151
152void NetworkManager::Security8021xSetting::setCaCertificate(const QByteArray &certificate)
153{
154 Q_D(Security8021xSetting);
155
156 d->caCert = certificate;
157}
158
159QByteArray NetworkManager::Security8021xSetting::caCertificate() const
160{
161 Q_D(const Security8021xSetting);
162
163 return d->caCert;
164}
165
166void NetworkManager::Security8021xSetting::setCaPath(const QString &path)
167{
168 Q_D(Security8021xSetting);
169
170 d->caPath = path;
171}
172
173QString NetworkManager::Security8021xSetting::caPath() const
174{
175 Q_D(const Security8021xSetting);
176
177 return d->caPath;
178}
179
180void NetworkManager::Security8021xSetting::setSubjectMatch(const QString &substring)
181{
182 Q_D(Security8021xSetting);
183
184 d->subjectMatch = substring;
185}
186
187QString NetworkManager::Security8021xSetting::subjectMatch() const
188{
189 Q_D(const Security8021xSetting);
190
191 return d->subjectMatch;
192}
193
194void NetworkManager::Security8021xSetting::setAltSubjectMatches(const QStringList &strings)
195{
196 Q_D(Security8021xSetting);
197
198 d->altSubjectMatches = strings;
199}
200
201QStringList NetworkManager::Security8021xSetting::altSubjectMatches() const
202{
203 Q_D(const Security8021xSetting);
204
205 return d->altSubjectMatches;
206}
207
208void NetworkManager::Security8021xSetting::setClientCertificate(const QByteArray &certificate)
209{
210 Q_D(Security8021xSetting);
211
212 d->clientCert = certificate;
213}
214
215QByteArray NetworkManager::Security8021xSetting::clientCertificate() const
216{
217 Q_D(const Security8021xSetting);
218
219 return d->clientCert;
220}
221
222void NetworkManager::Security8021xSetting::setPhase1PeapVersion(NetworkManager::Security8021xSetting::PeapVersion version)
223{
224 Q_D(Security8021xSetting);
225
226 d->phase1PeapVer = version;
227}
228
229NetworkManager::Security8021xSetting::PeapVersion NetworkManager::Security8021xSetting::phase1PeapVersion() const
230{
231 Q_D(const Security8021xSetting);
232
233 return d->phase1PeapVer;
234}
235
236void NetworkManager::Security8021xSetting::setPhase1PeapLabel(NetworkManager::Security8021xSetting::PeapLabel label)
237{
238 Q_D(Security8021xSetting);
239
240 d->phase1PeapLabel = label;
241}
242
243NetworkManager::Security8021xSetting::PeapLabel NetworkManager::Security8021xSetting::phase1PeapLabel() const
244{
245 Q_D(const Security8021xSetting);
246
247 return d->phase1PeapLabel;
248}
249
250void NetworkManager::Security8021xSetting::setPhase1FastProvisioning(NetworkManager::Security8021xSetting::FastProvisioning provisioning)
251{
252 Q_D(Security8021xSetting);
253
254 d->phase1FastProvisioning = provisioning;
255}
256
257NetworkManager::Security8021xSetting::FastProvisioning NetworkManager::Security8021xSetting::phase1FastProvisioning() const
258{
259 Q_D(const Security8021xSetting);
260
261 return d->phase1FastProvisioning;
262}
263
264void NetworkManager::Security8021xSetting::setPhase2AuthMethod(NetworkManager::Security8021xSetting::AuthMethod method)
265{
266 Q_D(Security8021xSetting);
267
268 d->phase2AuthMethod = method;
269}
270
271NetworkManager::Security8021xSetting::AuthMethod NetworkManager::Security8021xSetting::phase2AuthMethod() const
272{
273 Q_D(const Security8021xSetting);
274
275 return d->phase2AuthMethod;
276}
277
278void NetworkManager::Security8021xSetting::setPhase2AuthEapMethod(NetworkManager::Security8021xSetting::AuthEapMethod method)
279{
280 Q_D(Security8021xSetting);
281
282 d->phase2AuthEapMethod = method;
283}
284
285NetworkManager::Security8021xSetting::AuthEapMethod NetworkManager::Security8021xSetting::phase2AuthEapMethod() const
286{
287 Q_D(const Security8021xSetting);
288
289 return d->phase2AuthEapMethod;
290}
291
292void NetworkManager::Security8021xSetting::setPhase2CaCertificate(const QByteArray &certificate)
293{
294 Q_D(Security8021xSetting);
295
296 d->phase2CaCert = certificate;
297}
298
299QByteArray NetworkManager::Security8021xSetting::phase2CaCertificate() const
300{
301 Q_D(const Security8021xSetting);
302
303 return d->phase2CaCert;
304}
305
306void NetworkManager::Security8021xSetting::setPhase2CaPath(const QString &path)
307{
308 Q_D(Security8021xSetting);
309
310 d->phase2CaPath = path;
311}
312
313QString NetworkManager::Security8021xSetting::phase2CaPath() const
314{
315 Q_D(const Security8021xSetting);
316
317 return d->phase2CaPath;
318}
319
320void NetworkManager::Security8021xSetting::setPhase2SubjectMatch(const QString &substring)
321{
322 Q_D(Security8021xSetting);
323
324 d->phase2SubjectMatch = substring;
325}
326
327QString NetworkManager::Security8021xSetting::phase2SubjectMatch() const
328{
329 Q_D(const Security8021xSetting);
330
331 return d->phase2SubjectMatch;
332}
333
334void NetworkManager::Security8021xSetting::setPhase2AltSubjectMatches(const QStringList &strings)
335{
336 Q_D(Security8021xSetting);
337
338 d->phase2AltSubjectMatches = strings;
339}
340
341QStringList NetworkManager::Security8021xSetting::phase2AltSubjectMatches() const
342{
343 Q_D(const Security8021xSetting);
344
345 return d->phase2AltSubjectMatches;
346}
347
348void NetworkManager::Security8021xSetting::setPhase2ClientCertificate(const QByteArray &certificate)
349{
350 Q_D(Security8021xSetting);
351
352 d->phase2ClientCert = certificate;
353}
354
355QByteArray NetworkManager::Security8021xSetting::phase2ClientCertificate() const
356{
357 Q_D(const Security8021xSetting);
358
359 return d->phase2ClientCert;
360}
361
362void NetworkManager::Security8021xSetting::setPassword(const QString &password)
363{
364 Q_D(Security8021xSetting);
365
366 d->password = password;
367}
368
369QString NetworkManager::Security8021xSetting::password() const
370{
371 Q_D(const Security8021xSetting);
372
373 return d->password;
374}
375
376void NetworkManager::Security8021xSetting::setPasswordFlags(NetworkManager::Setting::SecretFlags flags)
377{
378 Q_D(Security8021xSetting);
379
380 d->passwordFlags = flags;
381}
382
383NetworkManager::Setting::SecretFlags NetworkManager::Security8021xSetting::passwordFlags() const
384{
385 Q_D(const Security8021xSetting);
386
387 return d->passwordFlags;
388}
389
390void NetworkManager::Security8021xSetting::setPasswordRaw(const QByteArray &password)
391{
392 Q_D(Security8021xSetting);
393
394 d->passwordRaw = password;
395}
396
397QByteArray NetworkManager::Security8021xSetting::passwordRaw() const
398{
399 Q_D(const Security8021xSetting);
400
401 return d->passwordRaw;
402}
403
404void NetworkManager::Security8021xSetting::setPasswordRawFlags(NetworkManager::Setting::SecretFlags flags)
405{
406 Q_D(Security8021xSetting);
407
408 d->passwordRawFlags = flags;
409}
410
411NetworkManager::Setting::SecretFlags NetworkManager::Security8021xSetting::passwordRawFlags() const
412{
413 Q_D(const Security8021xSetting);
414
415 return d->passwordRawFlags;
416}
417
418void NetworkManager::Security8021xSetting::setPrivateKey(const QByteArray &key)
419{
420 Q_D(Security8021xSetting);
421
422 d->privateKey = key;
423}
424
425QByteArray NetworkManager::Security8021xSetting::privateKey() const
426{
427 Q_D(const Security8021xSetting);
428
429 return d->privateKey;
430}
431
432void NetworkManager::Security8021xSetting::setPrivateKeyPassword(const QString &password)
433{
434 Q_D(Security8021xSetting);
435
436 d->privateKeyPassword = password;
437}
438
439QString NetworkManager::Security8021xSetting::privateKeyPassword() const
440{
441 Q_D(const Security8021xSetting);
442
443 return d->privateKeyPassword;
444}
445
446void NetworkManager::Security8021xSetting::setPrivateKeyPasswordFlags(NetworkManager::Setting::SecretFlags flags)
447{
448 Q_D(Security8021xSetting);
449
450 d->privateKeyPasswordFlags = flags;
451}
452
453NetworkManager::Setting::SecretFlags NetworkManager::Security8021xSetting::privateKeyPasswordFlags() const
454{
455 Q_D(const Security8021xSetting);
456
457 return d->privateKeyPasswordFlags;
458}
459
460void NetworkManager::Security8021xSetting::setPhase2PrivateKey(const QByteArray &key)
461{
462 Q_D(Security8021xSetting);
463
464 d->phase2PrivateKey = key;
465}
466
467QByteArray NetworkManager::Security8021xSetting::phase2PrivateKey() const
468{
469 Q_D(const Security8021xSetting);
470
471 return d->phase2PrivateKey;
472}
473
474void NetworkManager::Security8021xSetting::setPhase2PrivateKeyPassword(const QString &password)
475{
476 Q_D(Security8021xSetting);
477
478 d->phase2PrivateKeyPassword = password;
479}
480
481QString NetworkManager::Security8021xSetting::phase2PrivateKeyPassword() const
482{
483 Q_D(const Security8021xSetting);
484
485 return d->phase2PrivateKeyPassword;
486}
487
488void NetworkManager::Security8021xSetting::setPhase2PrivateKeyPasswordFlags(NetworkManager::Setting::SecretFlags flags)
489{
490 Q_D(Security8021xSetting);
491
492 d->phase2PrivateKeyPasswordFlags = flags;
493}
494
495NetworkManager::Setting::SecretFlags NetworkManager::Security8021xSetting::phase2PrivateKeyPasswordFlags() const
496{
497 Q_D(const Security8021xSetting);
498
499 return d->phase2PrivateKeyPasswordFlags;
500}
501
502void NetworkManager::Security8021xSetting::setSystemCaCertificates(bool use)
503{
504 Q_D(Security8021xSetting);
505
506 d->systemCaCerts = use;
507}
508
509void NetworkManager::Security8021xSetting::setPin(const QString &pin)
510{
511 Q_D(Security8021xSetting);
512
513 d->pin = pin;
514}
515
516QString NetworkManager::Security8021xSetting::pin() const
517{
518 Q_D(const Security8021xSetting);
519
520 return d->pin;
521}
522
523void NetworkManager::Security8021xSetting::setPinFlags(NetworkManager::Setting::SecretFlags flags)
524{
525 Q_D(Security8021xSetting);
526
527 d->pinFlags = flags;
528}
529
530NetworkManager::Setting::SecretFlags NetworkManager::Security8021xSetting::pinFlags() const
531{
532 Q_D(const Security8021xSetting);
533
534 return d->pinFlags;
535}
536
537bool NetworkManager::Security8021xSetting::systemCaCertificates() const
538{
539 Q_D(const Security8021xSetting);
540
541 return d->systemCaCerts;
542}
543
544QStringList NetworkManager::Security8021xSetting::needSecrets(bool requestNew) const
545{
546 QStringList secrets;
547
548 /* clang-format off */
549 if (eapMethods().contains(t: EapMethodTls)
550 && (privateKeyPassword().isEmpty() || requestNew)
551 && !privateKeyPasswordFlags().testFlag(flag: NotRequired)) {
552 secrets << QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD);
553 } else if ((eapMethods().contains(t: EapMethodTtls)
554 || eapMethods().contains(t: EapMethodPeap)
555 || eapMethods().contains(t: EapMethodLeap)
556 || eapMethods().contains(t: EapMethodFast)
557 || eapMethods().contains(t: EapMethodPwd))
558 && (password().isEmpty() || requestNew)
559 && !passwordFlags().testFlag(flag: NotRequired)) {
560 secrets << QLatin1String(NM_SETTING_802_1X_PASSWORD);
561 secrets << QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW);
562 } else if (eapMethods().contains(t: EapMethodSim)
563 && (pin().isEmpty() || requestNew)
564 && !pinFlags().testFlag(flag: NotRequired)) { /* clang-format on */
565 secrets << QLatin1String(NM_SETTING_802_1X_PIN);
566 }
567
568 /* clang-format off */
569 if ((phase2AuthMethod() == AuthMethodTls || phase2AuthEapMethod() == AuthEapMethodTls)
570 && (phase2PrivateKeyPassword().isEmpty() || requestNew)
571 && !phase2PrivateKeyPasswordFlags().testFlag(flag: NotRequired)) { /* clang-format on */
572 secrets << QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD);
573 }
574
575 return secrets;
576}
577
578void NetworkManager::Security8021xSetting::secretsFromMap(const QVariantMap &secrets)
579{
580 if (secrets.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD))) {
581 setPassword(secrets.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD)).toString());
582 }
583
584 if (secrets.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW))) {
585 setPasswordRaw(secrets.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW)).toByteArray());
586 }
587
588 if (secrets.contains(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD))) {
589 setPrivateKeyPassword(secrets.value(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD)).toString());
590 }
591
592 if (secrets.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD))) {
593 setPhase2PrivateKeyPassword(secrets.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD)).toString());
594 }
595
596 if (secrets.contains(key: QLatin1String(NM_SETTING_802_1X_PIN))) {
597 setPin(secrets.value(key: QLatin1String(NM_SETTING_802_1X_PIN)).toString());
598 }
599}
600
601QVariantMap NetworkManager::Security8021xSetting::secretsToMap() const
602{
603 QVariantMap secrets;
604
605 if (!password().isEmpty()) {
606 secrets.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD), value: password());
607 }
608
609 if (!passwordRaw().isEmpty()) {
610 secrets.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW), value: passwordRaw());
611 }
612
613 if (!privateKeyPassword().isEmpty()) {
614 secrets.insert(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD), value: privateKeyPassword());
615 }
616
617 if (!phase2PrivateKeyPassword().isEmpty()) {
618 secrets.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD), value: phase2PrivateKeyPassword());
619 }
620
621 if (!pin().isEmpty()) {
622 secrets.insert(key: QLatin1String(NM_SETTING_802_1X_PIN), value: pin());
623 }
624
625 return secrets;
626}
627
628void NetworkManager::Security8021xSetting::fromMap(const QVariantMap &setting)
629{
630 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_EAP))) {
631 const QStringList methods = setting.value(key: QLatin1String(NM_SETTING_802_1X_EAP)).toStringList();
632 QList<EapMethod> eapMethods;
633 for (const QString &method : methods) {
634 if (method == "leap") {
635 eapMethods << EapMethodLeap;
636 } else if (method == "md5") {
637 eapMethods << EapMethodMd5;
638 } else if (method == "tls") {
639 eapMethods << EapMethodTls;
640 } else if (method == "peap") {
641 eapMethods << EapMethodPeap;
642 } else if (method == "ttls") {
643 eapMethods << EapMethodTtls;
644 } else if (method == "sim") {
645 eapMethods << EapMethodSim;
646 } else if (method == "fast") {
647 eapMethods << EapMethodFast;
648 } else if (method == "pwd") {
649 eapMethods << EapMethodPwd;
650 }
651 }
652
653 setEapMethods(eapMethods);
654 }
655
656 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_IDENTITY))) {
657 setIdentity(setting.value(key: QLatin1String(NM_SETTING_802_1X_IDENTITY)).toString());
658 }
659
660 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_ANONYMOUS_IDENTITY))) {
661 setAnonymousIdentity(setting.value(key: QLatin1String(NM_SETTING_802_1X_ANONYMOUS_IDENTITY)).toString());
662 }
663
664 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH))) {
665 setDomainSuffixMatch(setting.value(key: QLatin1String(NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH)).toString());
666 }
667
668 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PAC_FILE))) {
669 setPacFile(setting.value(key: QLatin1String(NM_SETTING_802_1X_PAC_FILE)).toString());
670 }
671
672 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_CA_CERT))) {
673 setCaCertificate(setting.value(key: QLatin1String(NM_SETTING_802_1X_CA_CERT)).toByteArray());
674 }
675
676 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_CA_PATH))) {
677 setCaPath(setting.value(key: QLatin1String(NM_SETTING_802_1X_CA_PATH)).toString());
678 }
679
680 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_SUBJECT_MATCH))) {
681 setSubjectMatch(setting.value(key: QLatin1String(NM_SETTING_802_1X_SUBJECT_MATCH)).toString());
682 }
683
684 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_ALTSUBJECT_MATCHES))) {
685 setAltSubjectMatches(setting.value(key: QLatin1String(NM_SETTING_802_1X_ALTSUBJECT_MATCHES)).toStringList());
686 }
687
688 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_CLIENT_CERT))) {
689 setClientCertificate(setting.value(key: QLatin1String(NM_SETTING_802_1X_CLIENT_CERT)).toByteArray());
690 }
691
692 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPVER))) {
693 const QString version = setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPVER)).toString();
694
695 if (version == "0") {
696 setPhase1PeapVersion(PeapVersionZero);
697 } else if (version == "1") {
698 setPhase1PeapVersion(PeapVersionOne);
699 }
700 }
701
702 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPLABEL))) {
703 const QString label = setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPLABEL)).toString();
704
705 if (label == "1") {
706 setPhase1PeapLabel(PeapLabelForce);
707 }
708 }
709
710 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING))) {
711 const QString provisioning = setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING)).toString();
712
713 if (provisioning == "0") {
714 setPhase1FastProvisioning(FastProvisioningDisabled);
715 } else if (provisioning == "1") {
716 setPhase1FastProvisioning(FastProvisioningAllowUnauthenticated);
717 } else if (provisioning == "2") {
718 setPhase1FastProvisioning(FastProvisioningAllowAuthenticated);
719 } else if (provisioning == "3") {
720 setPhase1FastProvisioning(FastProvisioningAllowBoth);
721 }
722 }
723
724 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTH))) {
725 const QString authMethod = setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTH)).toString();
726
727 if (authMethod == "pap") {
728 setPhase2AuthMethod(AuthMethodPap);
729 } else if (authMethod == "chap") {
730 setPhase2AuthMethod(AuthMethodChap);
731 } else if (authMethod == "mschap") {
732 setPhase2AuthMethod(AuthMethodMschap);
733 } else if (authMethod == "mschapv2") {
734 setPhase2AuthMethod(AuthMethodMschapv2);
735 } else if (authMethod == "gtc") {
736 setPhase2AuthMethod(AuthMethodGtc);
737 } else if (authMethod == "otp") {
738 setPhase2AuthMethod(AuthMethodOtp);
739 } else if (authMethod == "md5") {
740 setPhase2AuthMethod(AuthMethodMd5);
741 } else if (authMethod == "tls") {
742 setPhase2AuthMethod(AuthMethodTls);
743 }
744 }
745
746 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTHEAP))) {
747 const QString authEapMethod = setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTHEAP)).toString();
748
749 if (authEapMethod == "md5") {
750 setPhase2AuthEapMethod(AuthEapMethodMd5);
751 } else if (authEapMethod == "mschapv2") {
752 setPhase2AuthEapMethod(AuthEapMethodMschapv2);
753 } else if (authEapMethod == "otp") {
754 setPhase2AuthEapMethod(AuthEapMethodOtp);
755 } else if (authEapMethod == "gtc") {
756 setPhase2AuthEapMethod(AuthEapMethodGtc);
757 } else if (authEapMethod == "tls") {
758 setPhase2AuthEapMethod(AuthEapMethodTls);
759 }
760 }
761
762 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_CERT))) {
763 setPhase2CaCertificate(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_CERT)).toByteArray());
764 }
765
766 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_PATH))) {
767 setPhase2CaPath(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_PATH)).toString());
768 }
769
770 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH))) {
771 setPhase2SubjectMatch(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH)).toString());
772 }
773
774 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES))) {
775 setPhase2AltSubjectMatches(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES)).toStringList());
776 }
777
778 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CLIENT_CERT))) {
779 setPhase2ClientCertificate(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CLIENT_CERT)).toByteArray());
780 }
781
782 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD))) {
783 setPassword(setting.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD)).toString());
784 }
785
786 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_FLAGS))) {
787 setPasswordFlags((Setting::SecretFlags)setting.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_FLAGS)).toUInt());
788 }
789
790 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW))) {
791 setPasswordRaw(setting.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW)).toByteArray());
792 }
793
794 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW_FLAGS))) {
795 setPasswordRawFlags((Setting::SecretFlags)setting.value(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW_FLAGS)).toUInt());
796 }
797
798 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY))) {
799 setPrivateKey(setting.value(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY)).toByteArray());
800 }
801
802 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD))) {
803 setPrivateKeyPassword(setting.value(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD)).toString());
804 }
805
806 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS))) {
807 setPrivateKeyPasswordFlags((Setting::SecretFlags)setting.value(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS)).toUInt());
808 }
809
810 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY))) {
811 setPhase2PrivateKey(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY)).toByteArray());
812 }
813
814 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD))) {
815 setPhase2PrivateKeyPassword(setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD)).toString());
816 }
817
818 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS))) {
819 setPhase2PrivateKeyPasswordFlags((Setting::SecretFlags)setting.value(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS)).toUInt());
820 }
821
822 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PIN))) {
823 setPin(setting.value(key: QLatin1String(NM_SETTING_802_1X_PIN)).toString());
824 }
825
826 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_PIN_FLAGS))) {
827 setPinFlags((Setting::SecretFlags)setting.value(key: QLatin1String(NM_SETTING_802_1X_PIN_FLAGS)).toUInt());
828 }
829
830 if (setting.contains(key: QLatin1String(NM_SETTING_802_1X_SYSTEM_CA_CERTS))) {
831 setSystemCaCertificates(setting.value(key: QLatin1String(NM_SETTING_802_1X_SYSTEM_CA_CERTS)).toBool());
832 }
833}
834
835QVariantMap NetworkManager::Security8021xSetting::toMap() const
836{
837 QVariantMap setting;
838
839 if (!eapMethods().isEmpty()) {
840 QStringList methods;
841
842 const auto methodList = eapMethods();
843 for (const EapMethod &method : methodList) {
844 if (method == EapMethodLeap) {
845 methods << "leap";
846 } else if (method == EapMethodMd5) {
847 methods << "md5";
848 } else if (method == EapMethodTls) {
849 methods << "tls";
850 } else if (method == EapMethodPeap) {
851 methods << "peap";
852 } else if (method == EapMethodTtls) {
853 methods << "ttls";
854 } else if (method == EapMethodSim) {
855 methods << "sim";
856 } else if (method == EapMethodFast) {
857 methods << "fast";
858 } else if (method == EapMethodPwd) {
859 methods << "pwd";
860 }
861 }
862
863 setting.insert(key: QLatin1String(NM_SETTING_802_1X_EAP), value: methods);
864 }
865
866 if (!identity().isEmpty()) {
867 setting.insert(key: QLatin1String(NM_SETTING_802_1X_IDENTITY), value: identity());
868 }
869
870 if (!anonymousIdentity().isEmpty()) {
871 setting.insert(key: QLatin1String(NM_SETTING_802_1X_ANONYMOUS_IDENTITY), value: anonymousIdentity());
872 }
873
874 if (!domainSuffixMatch().isEmpty()) {
875 setting.insert(key: QLatin1String(NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH), value: domainSuffixMatch());
876 }
877
878 if (!pacFile().isEmpty()) {
879 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PAC_FILE), value: pacFile());
880 }
881
882 if (!caCertificate().isEmpty()) {
883 setting.insert(key: QLatin1String(NM_SETTING_802_1X_CA_CERT), value: caCertificate());
884 }
885
886 if (!caPath().isEmpty()) {
887 setting.insert(key: QLatin1String(NM_SETTING_802_1X_CA_PATH), value: caPath());
888 }
889
890 if (!subjectMatch().isEmpty()) {
891 setting.insert(key: QLatin1String(NM_SETTING_802_1X_SUBJECT_MATCH), value: subjectMatch());
892 }
893
894 if (!altSubjectMatches().isEmpty()) {
895 setting.insert(key: QLatin1String(NM_SETTING_802_1X_ALTSUBJECT_MATCHES), value: altSubjectMatches());
896 }
897
898 if (!clientCertificate().isEmpty()) {
899 setting.insert(key: QLatin1String(NM_SETTING_802_1X_CLIENT_CERT), value: clientCertificate());
900 }
901
902 QString version;
903 switch (phase1PeapVersion()) {
904 case PeapVersionZero:
905 version = '0';
906 break;
907 case PeapVersionOne:
908 version = '1';
909 break;
910 case PeapVersionUnknown:
911 break;
912 }
913
914 if (!version.isEmpty()) {
915 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPVER), value: version);
916 }
917
918 QString peapLabel;
919 switch (phase1PeapLabel()) {
920 case PeapLabelForce:
921 peapLabel = '1';
922 break;
923 case PeapLabelUnknown:
924 break;
925 }
926
927 if (!peapLabel.isEmpty()) {
928 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE1_PEAPLABEL), value: peapLabel);
929 }
930
931 QString provisioning;
932 switch (phase1FastProvisioning()) {
933 case FastProvisioningDisabled:
934 provisioning = '0';
935 break;
936 case FastProvisioningAllowUnauthenticated:
937 provisioning = '1';
938 break;
939 case FastProvisioningAllowAuthenticated:
940 provisioning = '2';
941 break;
942 case FastProvisioningAllowBoth:
943 provisioning = '3';
944 break;
945 case FastProvisioningUnknown:
946 break;
947 }
948
949 if (!provisioning.isEmpty()) {
950 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING), value: provisioning);
951 }
952
953 QString authMethod;
954 switch (phase2AuthMethod()) {
955 case AuthMethodPap:
956 authMethod = "pap";
957 break;
958 case AuthMethodChap:
959 authMethod = "chap";
960 break;
961 case AuthMethodMschap:
962 authMethod = "mschap";
963 break;
964 case AuthMethodMschapv2:
965 authMethod = "mschapv2";
966 break;
967 case AuthMethodGtc:
968 authMethod = "gtc";
969 break;
970 case AuthMethodOtp:
971 authMethod = "otp";
972 break;
973 case AuthMethodMd5:
974 authMethod = "md5";
975 break;
976 case AuthMethodTls:
977 authMethod = "tls";
978 break;
979 case AuthMethodUnknown:
980 break;
981 }
982
983 if (!authMethod.isEmpty()) {
984 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTH), value: authMethod);
985 }
986
987 QString authEapMethod;
988 switch (phase2AuthEapMethod()) {
989 case AuthEapMethodMd5:
990 authEapMethod = "md5";
991 break;
992 case AuthEapMethodMschapv2:
993 authEapMethod = "mschapv2";
994 break;
995 case AuthEapMethodOtp:
996 authEapMethod = "otp";
997 break;
998 case AuthEapMethodGtc:
999 authEapMethod = "gtc";
1000 break;
1001 case AuthEapMethodTls:
1002 authEapMethod = "tls";
1003 break;
1004 case AuthEapMethodUnknown:
1005 break;
1006 }
1007
1008 if (!authEapMethod.isEmpty()) {
1009 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_AUTHEAP), value: authEapMethod);
1010 }
1011
1012 if (!phase2CaCertificate().isEmpty()) {
1013 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_CERT), value: phase2CaCertificate());
1014 }
1015
1016 if (!phase2CaPath().isEmpty()) {
1017 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CA_PATH), value: phase2CaPath());
1018 }
1019
1020 if (!phase2SubjectMatch().isEmpty()) {
1021 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH), value: phase2SubjectMatch());
1022 }
1023
1024 if (!phase2AltSubjectMatches().isEmpty()) {
1025 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES), value: phase2AltSubjectMatches());
1026 }
1027
1028 if (!phase2ClientCertificate().isEmpty()) {
1029 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_CLIENT_CERT), value: phase2ClientCertificate());
1030 }
1031
1032 if (!password().isEmpty()) {
1033 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD), value: password());
1034 }
1035
1036 if (passwordFlags() != None) {
1037 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_FLAGS), value: (int)passwordFlags());
1038 }
1039
1040 if (!passwordRaw().isEmpty()) {
1041 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW), value: passwordRaw());
1042 }
1043
1044 if (passwordRawFlags() != None) {
1045 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PASSWORD_RAW_FLAGS), value: (int)passwordRawFlags());
1046 }
1047
1048 if (!privateKey().isEmpty()) {
1049 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY), value: privateKey());
1050 }
1051
1052 if (!privateKeyPassword().isEmpty()) {
1053 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD), value: privateKeyPassword());
1054 }
1055
1056 if (privateKeyPasswordFlags() != None) {
1057 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS), value: (int)privateKeyPasswordFlags());
1058 }
1059
1060 if (!phase2PrivateKey().isEmpty()) {
1061 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY), value: phase2PrivateKey());
1062 }
1063
1064 if (!phase2PrivateKeyPassword().isEmpty()) {
1065 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD), value: phase2PrivateKeyPassword());
1066 }
1067
1068 if (phase2PrivateKeyPasswordFlags() != None) {
1069 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS), value: (int)phase2PrivateKeyPasswordFlags());
1070 }
1071
1072 if (!pin().isEmpty()) {
1073 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PIN), value: pin());
1074 }
1075
1076 if (pinFlags() != None) {
1077 setting.insert(key: QLatin1String(NM_SETTING_802_1X_PIN_FLAGS), value: (int)pinFlags());
1078 }
1079
1080 if (systemCaCertificates()) {
1081 setting.insert(key: QLatin1String(NM_SETTING_802_1X_SYSTEM_CA_CERTS), value: systemCaCertificates());
1082 }
1083
1084 return setting;
1085}
1086
1087QDebug NetworkManager::operator<<(QDebug dbg, const NetworkManager::Security8021xSetting &setting)
1088{
1089 dbg.nospace() << "type: " << setting.typeAsString(type: setting.type()) << '\n';
1090 dbg.nospace() << "initialized: " << !setting.isNull() << '\n';
1091
1092 dbg.nospace() << NM_SETTING_802_1X_EAP << ": " << setting.eapMethods() << '\n';
1093 dbg.nospace() << NM_SETTING_802_1X_IDENTITY << ": " << setting.identity() << '\n';
1094 dbg.nospace() << NM_SETTING_802_1X_ANONYMOUS_IDENTITY << ": " << setting.anonymousIdentity() << '\n';
1095 dbg.nospace() << NM_SETTING_802_1X_PAC_FILE << ": " << setting.pacFile() << '\n';
1096 dbg.nospace() << NM_SETTING_802_1X_CA_CERT << ": " << setting.caCertificate() << '\n';
1097 dbg.nospace() << NM_SETTING_802_1X_CA_PATH << ": " << setting.caPath() << '\n';
1098 dbg.nospace() << NM_SETTING_802_1X_DOMAIN_SUFFIX_MATCH << ": " << setting.domainSuffixMatch() << '\n';
1099 dbg.nospace() << NM_SETTING_802_1X_SUBJECT_MATCH << ": " << setting.subjectMatch() << '\n';
1100 dbg.nospace() << NM_SETTING_802_1X_ALTSUBJECT_MATCHES << ": " << setting.altSubjectMatches() << '\n';
1101 dbg.nospace() << NM_SETTING_802_1X_CLIENT_CERT << ": " << setting.clientCertificate() << '\n';
1102 dbg.nospace() << NM_SETTING_802_1X_PHASE1_PEAPVER << ": " << setting.phase1PeapVersion() << '\n';
1103 dbg.nospace() << NM_SETTING_802_1X_PHASE1_PEAPLABEL << ": " << setting.phase1PeapLabel() << '\n';
1104 dbg.nospace() << NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING << ": " << setting.phase1FastProvisioning() << '\n';
1105 dbg.nospace() << NM_SETTING_802_1X_PHASE2_AUTH << ": " << setting.phase2AuthMethod() << '\n';
1106 dbg.nospace() << NM_SETTING_802_1X_PHASE2_AUTHEAP << ": " << setting.phase2AuthEapMethod() << '\n';
1107 dbg.nospace() << NM_SETTING_802_1X_PHASE2_CA_CERT << ": " << setting.phase2CaCertificate() << '\n';
1108 dbg.nospace() << NM_SETTING_802_1X_PHASE2_CA_PATH << ": " << setting.phase2CaPath() << '\n';
1109 dbg.nospace() << NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH << ": " << setting.phase2SubjectMatch() << '\n';
1110 dbg.nospace() << NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES << ": " << setting.phase2AltSubjectMatches() << '\n';
1111 dbg.nospace() << NM_SETTING_802_1X_PHASE2_CLIENT_CERT << ": " << setting.phase2ClientCertificate() << '\n';
1112 dbg.nospace() << NM_SETTING_802_1X_PASSWORD << ": " << setting.password() << '\n';
1113 dbg.nospace() << NM_SETTING_802_1X_PASSWORD_FLAGS << ": " << setting.passwordFlags() << '\n';
1114 dbg.nospace() << NM_SETTING_802_1X_PASSWORD_RAW << ": " << setting.passwordRaw() << '\n';
1115 dbg.nospace() << NM_SETTING_802_1X_PASSWORD_RAW_FLAGS << ": " << setting.passwordRawFlags() << '\n';
1116 dbg.nospace() << NM_SETTING_802_1X_PRIVATE_KEY << ": " << setting.privateKey() << '\n';
1117 dbg.nospace() << NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD << ": " << setting.privateKeyPassword() << '\n';
1118 dbg.nospace() << NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS << ": " << setting.privateKeyPasswordFlags() << '\n';
1119 dbg.nospace() << NM_SETTING_802_1X_PHASE2_PRIVATE_KEY << ": " << setting.phase2PrivateKey() << '\n';
1120 dbg.nospace() << NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD << ": " << setting.phase2PrivateKeyPassword() << '\n';
1121 dbg.nospace() << NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS << ": " << setting.phase2PrivateKeyPasswordFlags() << '\n';
1122 dbg.nospace() << NM_SETTING_802_1X_PIN << ": " << setting.pin() << '\n';
1123 dbg.nospace() << NM_SETTING_802_1X_PIN_FLAGS << ": " << setting.pinFlags() << '\n';
1124 dbg.nospace() << NM_SETTING_802_1X_SYSTEM_CA_CERTS << ": " << setting.systemCaCertificates() << '\n';
1125
1126 return dbg.maybeSpace();
1127}
1128

source code of networkmanager-qt/src/settings/security8021xsetting.cpp