diff --git a/vpn/strongswan/nm-strongswan-service.h b/vpn/strongswan/nm-strongswan-service.h
index 3a8ce45d..5c2cad14 100644
--- a/vpn/strongswan/nm-strongswan-service.h
+++ b/vpn/strongswan/nm-strongswan-service.h
@@ -1,50 +1,53 @@
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
/* NetworkManager -- Network link manager
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*
* (C) Copyright 2005 - 2008 Red Hat, Inc. //krazy:exclude=copyright
* (C) Copyright 2007 - 2008 Novell, Inc. //krazy:exclude=copyright
*/
#ifndef NM_STRONGSWAN_SERVICE_H
#define NM_STRONGSWAN_SERVICE_H
#define NM_DBUS_SERVICE_STRONGSWAN "org.freedesktop.NetworkManager.strongswan"
#define NM_DBUS_INTERFACE_STRONGSWAN "org.freedesktop.NetworkManager.strongswan"
#define NM_DBUS_PATH_STRONGSWAN "/org/freedesktop/NetworkManager/strongswan"
#define NM_STRONGSWAN_GATEWAY "address"
#define NM_STRONGSWAN_CERTIFICATE "certificate"
#define NM_STRONGSWAN_USER "user"
#define NM_STRONGSWAN_METHOD "method"
#define NM_STRONGSWAN_USERKEY "userkey"
#define NM_STRONGSWAN_USERCERT "usercert"
#define NM_STRONGSWAN_SECRET "password"
#define NM_STRONGSWAN_SECRET_TYPE "secret_type"
#define NM_STRONGSWAN_INNERIP "virtual"
#define NM_STRONGSWAN_ENCAP "encap"
#define NM_STRONGSWAN_IPCOMP "ipcomp"
+#define NM_STRONGSWAN_PROPOSAL "proposal"
+#define NM_STRONGSWAN_IKE "ike"
+#define NM_STRONGSWAN_ESP "esp"
#define NM_STRONGSWAN_AUTH_KEY "key"
#define NM_STRONGSWAN_AUTH_AGENT "agent"
#define NM_STRONGSWAN_AUTH_SMARTCARD "smartcard"
#define NM_STRONGSWAN_AUTH_EAP "eap"
#define NM_STRONGSWAN_PW_TYPE_SAVE "save"
#define NM_STRONGSWAN_PW_TYPE_ASK "ask"
#define NM_STRONGSWAN_PW_TYPE_UNUSED "unused"
#endif /* NM_Strongswan_PLUGIN_H */
diff --git a/vpn/strongswan/strongswanprop.ui b/vpn/strongswan/strongswanprop.ui
index a109cb5c..c4922ba7 100644
--- a/vpn/strongswan/strongswanprop.ui
+++ b/vpn/strongswan/strongswanprop.ui
@@ -1,353 +1,400 @@
StrongswanProp
0
0
- 490
- 460
+ 518
+ 581
Strong Swan VPN
-
Gateway
0
-
Gateway:
false
leGateway
-
true
-
Certificate:
-
-
Authentication
-
0
0
false
-
Certificate/private key
-
Certificate/ssh-agent
-
Smartcard
-
EAP
-
0
0
0
QFormLayout::ExpandingFieldsGrow
0
-
Certificate:
-
-
Private key:
-
-
Private Key Password:
-
-
true
0
-
Certificate:
-
0
-
PIN:
-
-
true
QFormLayout::ExpandingFieldsGrow
0
-
Username:
leUserName
-
true
-
-
true
-
User Password:
leUserPassword
-
Options
-
false
Request an inner IP address
true
false
-
Enforce UDP encapsulation
-
Use IP compression
+ -
+
+
+ Enable Custom Cipher Proposals
+
+
+ true
+
+
+ false
+
+
+
-
+
+
-
+
+
+ IKE:
+
+
+
+ -
+
+
+ A list of proposals for IKE separated by ";"
+
+
+
+ -
+
+
+ ESP:
+
+
+
+ -
+
+
+ A list of proposals for ESP separated by ";"
+
+
+
+
+
+
+
+
-
Qt::Vertical
20
0
KUrlRequester
QWidget
PasswordField
QLineEdit
leGateway
leGatewayCertificate
cmbMethod
leAuthPrivatekeyCertificate
leAuthPrivatekeyKey
lePrivateKeyPassword
leAuthSshCertificate
lePin
leUserName
leUserPassword
innerIP
udpEncap
ipComp
cmbMethod
currentIndexChanged(int)
swMethods
setCurrentIndex(int)
231
129
231
186
diff --git a/vpn/strongswan/strongswanwidget.cpp b/vpn/strongswan/strongswanwidget.cpp
index 02469cb7..f42a491e 100644
--- a/vpn/strongswan/strongswanwidget.cpp
+++ b/vpn/strongswan/strongswanwidget.cpp
@@ -1,163 +1,173 @@
/*
Copyright 2008 Will Stephenson
Copyright 2010 Maurus Rohrer
Copyright 2013 Lukas Tinkl
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of
the License or (at your option) version 3 or any later version
accepted by the membership of KDE e.V. (or its successor approved
by the membership of KDE e.V.), which shall act as a proxy
defined in Section 14 of version 3 of the license.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
#include "strongswanwidget.h"
#include "nm-strongswan-service.h"
#include "ui_strongswanprop.h"
#include
#include
class StrongswanSettingWidgetPrivate
{
public:
Ui_StrongswanProp ui;
NetworkManager::VpnSetting::Ptr setting;
enum AuthType {PrivateKey = 0, SshAgent, Smartcard, Eap};
};
StrongswanSettingWidget::StrongswanSettingWidget(const NetworkManager::VpnSetting::Ptr &setting, QWidget *parent)
: SettingWidget(setting, parent)
, d_ptr(new StrongswanSettingWidgetPrivate)
{
Q_D(StrongswanSettingWidget);
d->ui.setupUi(this);
d->setting = setting;
// Connect for setting check
watchChangedSetting();
// Connect for validity check
connect(d->ui.leGateway, &QLineEdit::textChanged, this, &StrongswanSettingWidget::slotWidgetChanged);
+ connect(d->ui.proposal, &QGroupBox::toggled, this, &SettingWidget::settingChanged);
KAcceleratorManager::manage(this);
if (d->setting && !d->setting->isNull()) {
loadConfig(d->setting);
}
}
StrongswanSettingWidget::~StrongswanSettingWidget()
{
delete d_ptr;
}
void StrongswanSettingWidget::loadConfig(const NetworkManager::Setting::Ptr &setting)
{
Q_UNUSED(setting)
Q_D(StrongswanSettingWidget);
// General settings
const NMStringMap dataMap = d->setting->data();
// Gateway Address
const QString gateway = dataMap[NM_STRONGSWAN_GATEWAY];
if (!gateway.isEmpty()) {
d->ui.leGateway->setText(gateway);
}
// Certificate
d->ui.leGatewayCertificate->setUrl(QUrl::fromLocalFile(dataMap[NM_STRONGSWAN_CERTIFICATE]) );
// Authentication
const QString method = dataMap[NM_STRONGSWAN_METHOD];
if (method == QLatin1String(NM_STRONGSWAN_AUTH_KEY)) {
d->ui.cmbMethod->setCurrentIndex(StrongswanSettingWidgetPrivate::PrivateKey);
d->ui.leAuthPrivatekeyCertificate->setUrl(QUrl::fromLocalFile(dataMap[NM_STRONGSWAN_USERCERT]));
d->ui.leAuthPrivatekeyKey->setUrl(QUrl::fromLocalFile(dataMap[NM_STRONGSWAN_USERKEY]));
} else if (method == QLatin1String(NM_STRONGSWAN_AUTH_AGENT)) {
d->ui.cmbMethod->setCurrentIndex(StrongswanSettingWidgetPrivate::SshAgent);
d->ui.leAuthSshCertificate->setUrl(QUrl::fromLocalFile(dataMap[NM_STRONGSWAN_USERCERT]));
} else if (method == QLatin1String(NM_STRONGSWAN_AUTH_SMARTCARD)) {
d->ui.cmbMethod->setCurrentIndex(StrongswanSettingWidgetPrivate::Smartcard);
} else if (method == QLatin1String(NM_STRONGSWAN_AUTH_EAP)) {
d->ui.cmbMethod->setCurrentIndex(StrongswanSettingWidgetPrivate::Eap);
d->ui.leUserName->setText(dataMap[NM_STRONGSWAN_USER]);
}
// Settings
d->ui.innerIP->setChecked(dataMap[NM_STRONGSWAN_INNERIP] == "yes");
d->ui.udpEncap->setChecked(dataMap[NM_STRONGSWAN_ENCAP] == "yes");
d->ui.ipComp->setChecked(dataMap[NM_STRONGSWAN_IPCOMP] == "yes");
+ d->ui.proposal->setChecked(dataMap[NM_STRONGSWAN_PROPOSAL] == "yes");
+ d->ui.ike->setText(dataMap[NM_STRONGSWAN_IKE]);
+ d->ui.esp->setText(dataMap[NM_STRONGSWAN_ESP]);
}
void StrongswanSettingWidget::loadSecrets(const NetworkManager::Setting::Ptr &setting)
{
Q_D(StrongswanSettingWidget);
Q_UNUSED(setting);
}
QVariantMap StrongswanSettingWidget::setting() const
{
Q_D(const StrongswanSettingWidget);
NetworkManager::VpnSetting setting;
setting.setServiceType(QLatin1String(NM_DBUS_SERVICE_STRONGSWAN));
NMStringMap data;
NMStringMap secretData;
// General settings
// Gateway
if (!d->ui.leGateway->text().isEmpty()) {
data.insert(NM_STRONGSWAN_GATEWAY, d->ui.leGateway->text());
}
data.insert( NM_STRONGSWAN_CERTIFICATE, d->ui.leGatewayCertificate->url().toLocalFile());
// Authentication
switch (d->ui.cmbMethod->currentIndex()) {
case StrongswanSettingWidgetPrivate::PrivateKey:
data.insert(NM_STRONGSWAN_METHOD, NM_STRONGSWAN_AUTH_KEY);
data.insert(NM_STRONGSWAN_USERCERT, d->ui.leAuthPrivatekeyCertificate->url().toLocalFile());
data.insert(NM_STRONGSWAN_USERKEY, d->ui.leAuthPrivatekeyKey->url().toLocalFile());
break;
case StrongswanSettingWidgetPrivate::SshAgent:
data.insert(NM_STRONGSWAN_METHOD, NM_STRONGSWAN_AUTH_AGENT);
data.insert(NM_STRONGSWAN_USERCERT, d->ui.leAuthSshCertificate->url().toLocalFile());
break;
case StrongswanSettingWidgetPrivate::Smartcard:
data.insert(NM_STRONGSWAN_METHOD, NM_STRONGSWAN_AUTH_SMARTCARD);
break;
case StrongswanSettingWidgetPrivate::Eap:
data.insert(NM_STRONGSWAN_METHOD, NM_STRONGSWAN_AUTH_EAP);
if (!d->ui.leUserName->text().isEmpty()) {
data.insert(NM_STRONGSWAN_USER, d->ui.leUserName->text());
}
//StrongSwan-nm 1.2 does not appear to be able to save secrets, the must be entered through the auth dialog
}
//Options
data.insert(NM_STRONGSWAN_INNERIP, d->ui.innerIP->isChecked() ? "yes" : "no");
data.insert(NM_STRONGSWAN_ENCAP, d->ui.udpEncap->isChecked() ? "yes" : "no");
data.insert(NM_STRONGSWAN_IPCOMP, d->ui.ipComp->isChecked() ? "yes" : "no");
+ if (d->ui.proposal->isChecked()) {
+ data.insert(NM_STRONGSWAN_PROPOSAL, "yes");
+ data.insert(NM_STRONGSWAN_IKE, d->ui.ike->text());
+ data.insert(NM_STRONGSWAN_ESP, d->ui.esp->text());
+ } else
+ data.insert(NM_STRONGSWAN_PROPOSAL, "no");
// save it all
setting.setData(data);
setting.setSecrets(secretData);
return setting.toMap();
}
bool StrongswanSettingWidget::isValid() const
{
Q_D(const StrongswanSettingWidget);
return !d->ui.leGateway->text().isEmpty();
}