diff --git a/NetworkManager-openvpn.spec b/NetworkManager-openvpn.spec index ae0c30e..27faa8d 100644 --- a/NetworkManager-openvpn.spec +++ b/NetworkManager-openvpn.spec @@ -4,12 +4,14 @@ Summary: NetworkManager VPN plugin for OpenVPN Name: NetworkManager-openvpn Epoch: 1 Version: 0.9.9.0 -Release: 0.2%{snapshot}%{?dist} +Release: 2%{snapshot}%{?dist} License: GPLv2+ URL: http://www.gnome.org/projects/NetworkManager/ Group: System Environment/Base Source0: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.9/%{name}-%{version}%{snapshot}.tar.bz2 +Patch1: fix-gui-certs-selection.patch + BuildRequires: gtk3-devel BuildRequires: dbus-devel BuildRequires: NetworkManager-devel @@ -55,6 +57,8 @@ the OpenVPN server with NetworkManager (GNOME files). %prep %setup -q -n %{name}-%{version} +%patch1 -p1 -b .fix-gui-certs-selection.orig + %build if [ ! -f configure ]; then ./autogen.sh @@ -91,6 +95,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la %{_datadir}/gnome-vpn-properties/openvpn/nm-openvpn-dialog.ui %changelog +* Thu Jul 24 2014 Jiří Klimeš - 1:0.9.9.0-2 +- ui: correct selection of certificates in relation to p12/non-p12 files + * Fri Jun 06 2014 Fedora Release Engineering - 1:0.9.9.0-0.2.git20140128 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild diff --git a/fix-gui-certs-selection.patch b/fix-gui-certs-selection.patch new file mode 100644 index 0000000..3a97180 --- /dev/null +++ b/fix-gui-certs-selection.patch @@ -0,0 +1,160 @@ +From 62bf1c8875908d8550238009775eb31de4e4ebdc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= +Date: Wed, 23 Jul 2014 11:38:09 +0200 +Subject: [PATCH] auth-helpers: correct the selection of certificates +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The commit 522190ad916b301919535208193b9d69db0f5f8e fixed an endless loop. But +it didn't make the PKCS#12 vs. non-PKCS#12 file selection right. This commit +makes sure that either all or none of the certificates are in PKCS#12 format, +as it is required. + +Note: +The bug mentioned in the commit 522190ad (rh #997255) might not be the cause +of the endless loop problem. But rather it is a defect in Gtk: +https://bugzilla.redhat.com/show_bug.cgi?id=1091837 + +Signed-off-by: Jiří Klimeš +--- + properties/auth-helpers.c | 92 ++++++++++++++++++++++++++++++++--------------- + 1 file changed, 63 insertions(+), 29 deletions(-) + +diff --git a/properties/auth-helpers.c b/properties/auth-helpers.c +index becfee3..4a29dbb 100644 +--- a/properties/auth-helpers.c ++++ b/properties/auth-helpers.c +@@ -84,11 +84,25 @@ setup_secret_widget (GtkBuilder *builder, + return widget; + } + ++typedef struct { ++ GtkWidget *widget1; ++ GtkWidget *widget2; ++} TlsChooserSignalData; ++ + static void +-tls_cert_changed_cb (GtkWidget *widget, GtkWidget *next_widget) ++tls_chooser_signal_data_destroy (gpointer data, GClosure *closure) + { +- GtkFileChooser *this, *next; +- char *fname, *next_fname; ++ g_slice_free (TlsChooserSignalData, data); ++} ++ ++static void ++tls_cert_changed_cb (GtkWidget *widget, gpointer data) ++{ ++ GtkWidget *other_widgets[2] = { ((TlsChooserSignalData *) data)->widget1, ++ ((TlsChooserSignalData *) data)->widget2 }; ++ GtkFileChooser *this, *others[2]; ++ char *fname, *other_fnames[2]; ++ int i; + + /* If the just-changed file chooser is a PKCS#12 file, then all of the + * TLS filechoosers have to be PKCS#12. But if it just changed to something +@@ -100,36 +114,42 @@ tls_cert_changed_cb (GtkWidget *widget, GtkWidget *next_widget) + */ + + this = GTK_FILE_CHOOSER (widget); +- next = GTK_FILE_CHOOSER (next_widget); ++ others[0] = GTK_FILE_CHOOSER (other_widgets[0]); ++ others[1] = GTK_FILE_CHOOSER (other_widgets[1]); + + fname = gtk_file_chooser_get_filename (this); ++ other_fnames[0] = gtk_file_chooser_get_filename (others[0]); ++ other_fnames[1] = gtk_file_chooser_get_filename (others[1]); ++ + if (is_pkcs12 (fname)) { + /* Make sure all choosers have this PKCS#12 file */ +- next_fname = gtk_file_chooser_get_filename (next); +- if (!next_fname || strcmp (fname, next_fname)) { +- /* Next chooser was different, make it the same as the first */ +- gulong id = GPOINTER_TO_SIZE (g_object_get_data (G_OBJECT (next_widget), BLOCK_HANDLER_ID)); +- g_signal_handler_block (G_OBJECT (next_widget), id); +- gtk_file_chooser_set_filename (next, fname); +- g_signal_handler_unblock (G_OBJECT (next_widget), id); ++ for (i = 0; i < 2; i++) { ++ if (!other_fnames[i] || strcmp (fname, other_fnames[i])) { ++ /* Next chooser was different, make it the same as the first */ ++ gulong id = GPOINTER_TO_SIZE (g_object_get_data (G_OBJECT (other_widgets[i]), ++ BLOCK_HANDLER_ID)); ++ g_signal_handler_block (other_widgets[i], id); ++ gtk_file_chooser_set_filename (others[i], fname); ++ g_signal_handler_unblock (other_widgets[i], id); ++ } ++ } ++ } else { ++ /* Just-chosen file isn't PKCS#12 or no file was chosen, so clear out other ++ * file selectors that have PKCS#12 files in them. ++ */ ++ for (i = 0; i < 2; i++) { ++ if (is_pkcs12 (other_fnames[i])) { ++ gulong id = GPOINTER_TO_SIZE (g_object_get_data (G_OBJECT (other_widgets[i]), ++ BLOCK_HANDLER_ID)); ++ g_signal_handler_block (other_widgets[i], id); ++ gtk_file_chooser_unselect_all (others[i]); ++ g_signal_handler_unblock (other_widgets[i], id); ++ } + } +- g_free (fname); +- g_free (next_fname); +- return; + } + g_free (fname); +- +- /* Just-chosen file isn't PKCS#12 or no file was chosen, so clear out other +- * file selectors that have PKCS#12 files in them. +- */ +- next_fname = gtk_file_chooser_get_filename (next); +- if (is_pkcs12 (next_fname)) { +- gulong id = GPOINTER_TO_SIZE (g_object_get_data (G_OBJECT (next_widget), BLOCK_HANDLER_ID)); +- g_signal_handler_block (G_OBJECT (next_widget), id); +- gtk_file_chooser_set_filename (next, NULL); +- g_signal_handler_unblock (G_OBJECT (next_widget), id); +- } +- g_free (next_fname); ++ g_free (other_fnames[0]); ++ g_free (other_fnames[1]); + } + + static void +@@ -145,6 +165,7 @@ tls_setup (GtkBuilder *builder, + const char *value; + char *tmp; + GtkFileFilter *filter; ++ TlsChooserSignalData *ca_chooser_data, *cert_data, *key_data; + gulong id1, id2, id3; + + tmp = g_strdup_printf ("%s_user_cert_chooser", prefix); +@@ -183,10 +204,23 @@ tls_setup (GtkBuilder *builder, + gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (key), value); + } + ++ ca_chooser_data = g_slice_new0 (TlsChooserSignalData); ++ ca_chooser_data->widget1 = cert; ++ ca_chooser_data->widget2 = key; ++ cert_data = g_slice_new0 (TlsChooserSignalData); ++ cert_data->widget1 = ca_chooser; ++ cert_data->widget2 = key; ++ key_data = g_slice_new0 (TlsChooserSignalData); ++ key_data->widget1 = ca_chooser; ++ key_data->widget2 = cert; ++ + /* Link choosers to the PKCS#12 changer callback */ +- id1 = g_signal_connect (ca_chooser, "selection-changed", G_CALLBACK (tls_cert_changed_cb), cert); +- id2 = g_signal_connect (cert, "selection-changed", G_CALLBACK (tls_cert_changed_cb), key); +- id3 = g_signal_connect (key, "selection-changed", G_CALLBACK (tls_cert_changed_cb), ca_chooser); ++ id1 = g_signal_connect_data (ca_chooser, "selection-changed", G_CALLBACK (tls_cert_changed_cb), ++ ca_chooser_data, tls_chooser_signal_data_destroy, 0); ++ id2 = g_signal_connect_data (cert, "selection-changed", G_CALLBACK (tls_cert_changed_cb), ++ cert_data, tls_chooser_signal_data_destroy, 0); ++ id3 = g_signal_connect_data (key, "selection-changed", G_CALLBACK (tls_cert_changed_cb), ++ key_data, tls_chooser_signal_data_destroy, 0); + + /* Store handler id to be able to block the signal in tls_cert_changed_cb() */ + g_object_set_data (G_OBJECT (ca_chooser), BLOCK_HANDLER_ID, GSIZE_TO_POINTER (id1)); +-- +1.7.11.7 +