Hello community, here is the log from the commit of package NetworkManager for openSUSE:Factory checked in at Tue Oct 18 13:55:47 CEST 2011. -------- --- openSUSE:Factory/NetworkManager/NetworkManager.changes 2011-10-03 19:59:36.000000000 +0200 +++ /mounts/work_src_done/STABLE/NetworkManager/NetworkManager.changes 2011-10-14 14:42:59.000000000 +0200 @@ -1,0 +2,8 @@ +Fri Oct 14 10:02:06 UTC 2011 - lnussel@suse.de + +- avoid annoying polkit popups when connecting to 802.11x networks + that are supposed to ask for passwords (bnc#713639) +- also avoid asking for a password (and thereore polkit auth) when + an AP goes of range. + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- nm-don-t-consider-not-needed-secrets-for-has_system_secr.diff nm-remove-AP-always-on-device-disconnect.diff nm-treat-not-saved-secrets-just-like-agent-owned-when-cl.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ NetworkManager.spec ++++++ --- /var/tmp/diff_new_pack.0pAsIt/_old 2011-10-18 13:55:42.000000000 +0200 +++ /var/tmp/diff_new_pack.0pAsIt/_new 2011-10-18 13:55:42.000000000 +0200 @@ -33,6 +33,12 @@ Patch0: systemd-network-config.patch # PATCH-FIX-UPSTREAM nm-udev-rfkill-handling.patch bnc709733,bgo655773 glin@suse.com -- improve the rfkill handling to avoid some false-positive case Patch1: nm-udev-rfkill-handling.patch +# PATCH-UGLY-HACK-OPENSUSE nm-remove-AP-always-on-device-disconnect.diff lnussel@suse.com -- avoid pw dialog if AP out of range +Patch2: nm-remove-AP-always-on-device-disconnect.diff +# PATCH-HACK-OPENSUSE nm-don-t-consider-not-needed-secrets-for-has_system_secr.diff lnussel@suse.com -- avoid polkit popups for 802.11x +Patch3: nm-don-t-consider-not-needed-secrets-for-has_system_secr.diff +# PATCH-HACK-OPENSUSE nm-treat-not-saved-secrets-just-like-agent-owned-when-cl.diff lnussel@suse.com -- avoid polkit popups for 802.11x +Patch4: nm-treat-not-saved-secrets-just-like-agent-owned-when-cl.diff BuildRequires: fdupes BuildRequires: gobject-introspection-devel BuildRequires: gtk-doc @@ -130,10 +136,12 @@ translation-update-upstream %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build -#needed by patch0 -autoreconf +#NOCONFIGURE=1 ./autogen.sh pppddir=`ls -1d /usr/%_lib/pppd/2*` test -n "$pppddir" || exit 1 export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" ++++++ nm-don-t-consider-not-needed-secrets-for-has_system_secr.diff ++++++
From 7e3c0930ff594c3e6b08c221dedadc9235006d9f Mon Sep 17 00:00:00 2001 From: Ludwig Nussel
Date: Fri, 7 Oct 2011 13:58:48 +0200 Subject: [PATCH 3/3] don't consider not needed secrets for has_system_secrets()
--- src/settings/nm-agent-manager.c | 56 +++++++++++++++++++++++++++++++++++--- 1 files changed, 51 insertions(+), 5 deletions(-) diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c index 5ccbdc6..f3519c3 100644 --- a/src/settings/nm-agent-manager.c +++ b/src/settings/nm-agent-manager.c @@ -889,6 +889,11 @@ get_agent_modify_auth_cb (NMAuthChain *chain, nm_auth_chain_unref (chain); } +struct system_secrets_cb_data { + GHashTable *hash; + gboolean *has_system; +}; + static void check_system_secrets_cb (NMSetting *setting, const char *key, @@ -897,11 +902,17 @@ check_system_secrets_cb (NMSetting *setting, gpointer user_data) { NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE; - gboolean *has_system = user_data; + struct system_secrets_cb_data *data = user_data; + gboolean has_system = FALSE; if (!(flags & NM_SETTING_PARAM_SECRET)) return; + if (!g_hash_table_lookup(data->hash, key)) { + nm_log_dbg (LOGD_AGENTS, "%s: %s not needed", __FUNCTION__, key); + return; + } + /* Clear out system-owned or always-ask secrets */ if (NM_IS_SETTING_VPN (setting) && !strcmp (key, NM_SETTING_VPN_SECRETS)) { GHashTableIter iter; @@ -913,21 +924,44 @@ check_system_secrets_cb (NMSetting *setting, secret_flags = NM_SETTING_SECRET_FLAG_NONE; nm_setting_get_secret_flags (setting, secret_name, &secret_flags, NULL); if (secret_flags == NM_SETTING_SECRET_FLAG_NONE) - *has_system = TRUE; + has_system = TRUE; } } else { nm_setting_get_secret_flags (setting, key, &secret_flags, NULL); if (secret_flags == NM_SETTING_SECRET_FLAG_NONE) - *has_system = TRUE; + has_system = TRUE; } + nm_log_dbg (LOGD_AGENTS, "%s: %s has_system=%d", __FUNCTION__, key, has_system); + *data->has_system = has_system; } static gboolean has_system_secrets (NMConnection *connection) { gboolean has_system = FALSE; + GPtrArray *hints = NULL; + const char *setting_name; + unsigned i; + struct system_secrets_cb_data data = { + NULL, + &has_system, + }; + + setting_name = nm_connection_need_secrets (connection, &hints); + /* some secrets should be needed at this point */ + g_return_val_if_fail(setting_name != NULL, has_system); + g_return_val_if_fail(hints != NULL, has_system); + + data.hash = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); + for (i = 0; i < hints->len; i++) { + g_hash_table_insert (data.hash, g_strdup ((const char*)g_ptr_array_index(hints, i)), (void*)(long)1); + } + + nm_connection_for_each_setting_value (connection, check_system_secrets_cb, &data); + + g_hash_table_destroy (data.hash); + g_ptr_array_free(hints, TRUE); - nm_connection_for_each_setting_value (connection, check_system_secrets_cb, &has_system); return has_system; } @@ -936,20 +970,32 @@ get_next_cb (Request *req) { NMSettingConnection *s_con; const char *agent_dbus_owner, *perm; + gboolean has_system = FALSE; if (!next_generic (req, "getting")) return; agent_dbus_owner = nm_secret_agent_get_dbus_owner (NM_SECRET_AGENT (req->current)); + has_system = has_system_secrets (req->connection); + nm_log_dbg (LOGD_AGENTS, "flags %d, existing %p, has_system %d", + req->flags, req->existing_secrets, has_system); + /* If the request flags allow user interaction, and there are existing * system secrets (or blank secrets that are supposed to be system-owned), * check whether the agent has the 'modify' permission before sending those * secrets to the agent. We shouldn't leak system-owned secrets to * unprivileged users. */ + /* XXX: there needs to be a way to determine whether there + * are missing system secrets (ie user clicked on a network + * and wants to connect for the first time). Later we should + * not ask for modifying system secrets. The connection + * should simply fail then. Setting new secrets is a job for + * the connection edit dialog. + */ if ( (req->flags != NM_SETTINGS_GET_SECRETS_FLAG_NONE) - && (req->existing_secrets || has_system_secrets (req->connection))) { + && (req->existing_secrets || has_system)) { nm_log_dbg (LOGD_AGENTS, "(%p/%s) request has system secrets; checking agent %s for MODIFY", req, req->setting_name, agent_dbus_owner); -- 1.7.3.4 ++++++ nm-remove-AP-always-on-device-disconnect.diff ++++++
From 3fca6c951b4db9de7c5337c5a36832b5ac1fe4e8 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel
Date: Fri, 7 Oct 2011 14:48:26 +0200 Subject: [PATCH 1/3] remove AP always on device disconnect
This avoids immediate reconnect after link timeout to an AP that may no longer exist (down/out of range). This also avoids needless prompting for a password for the no longer existing AP. --- src/nm-device-wifi.c | 12 +++--------- 1 files changed, 3 insertions(+), 9 deletions(-) diff --git a/src/nm-device-wifi.c b/src/nm-device-wifi.c index 42080ae..e73ab92 100644 --- a/src/nm-device-wifi.c +++ b/src/nm-device-wifi.c @@ -1285,15 +1285,9 @@ real_deactivate (NMDevice *dev) set_current_ap (self, NULL); priv->rate = 0; - /* If the AP is 'fake', i.e. it wasn't actually found from - * a scan but the user tried to connect to it manually (maybe it - * was non-broadcasting or something) get rid of it, because 'fake' - * APs should only live for as long as we're connected to them. Fixes - * a bug where user-created Ad-Hoc APs are never removed from the scan - * list, because scanning is disabled while in Ad-Hoc mode (for stability), - * and thus the AP culling never happens. (bgo #569241) - */ - if (orig_ap && nm_ap_get_fake (orig_ap)) { + /* remove ap always. If it's still there it will re-appear on next + * scan. Avoids reconnect when is no longer available */ + if (orig_ap /* && nm_ap_get_fake (orig_ap) */) { access_point_removed (self, orig_ap); priv->ap_list = g_slist_remove (priv->ap_list, orig_ap); g_object_unref (orig_ap); -- 1.7.3.4 ++++++ nm-treat-not-saved-secrets-just-like-agent-owned-when-cl.diff ++++++
From b4ccaf268f1c32d09df8f678dcf4c296f9b2b213 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel
Date: Tue, 27 Sep 2011 12:34:11 +0200 Subject: [PATCH 2/3] treat not saved secrets just like agent owned when cleaning
--- src/settings/nm-settings-connection.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index cdad832..4cd9395 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -592,7 +592,7 @@ clear_nonagent_secrets (GHashTableIter *iter, NMSettingSecretFlags flags, gpointer user_data) { - if (flags != NM_SETTING_SECRET_FLAG_AGENT_OWNED) + if (!(flags & (NM_SETTING_SECRET_FLAG_AGENT_OWNED | NM_SETTING_SECRET_FLAG_NOT_SAVED))) g_hash_table_iter_remove (iter); return TRUE; } -- 1.7.3.4 continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org