Hi list, would it be possible to add a default secret flag property to the VPN setting? The rationale behind it is such: The OpenConnect plugin does not know in advance what and how many secrets it will be storing, this information is available only to the auth-dialog, which can not modify the VPN data map. Thus, all secrets that need to be saved by the auth-dialog, will be saved in plain text. Saving the password to encrypted user storage is only possible by directly interfacing with the storage backend, like the OpenConnect GNOME auth dialog does with GNOME-keyring, or hacking a special case for some specific OpenConnect server configuration. I would like to avoid that approach in KDE, since it kind of goes against the whole secret agent scheme (also, the KDE agent can be configured to save secrets to plain text or encrypted storage, saving the OpenConnect password always to encrypted storage would be inconsistent, while reading the agent configuration in the auth dialog would be an even uglier hack). Hence my proposal to add a VPN property "default-secret-flags" (or something like that), which would mark the default flag for this connection if no flag is provided in the data map. It would have the same values as the secret flag types, with the same default, but could be set by the OpenConnect plugin (and others in a similar situation) upon connection creation to agent-owned.
I would be happy to try to write a patch, but I need to know if this would be considered for inclusion (also, pointers on the patch would be appreciated, I am not very familiar with NM source). Ilia Kats _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
