colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

keyfile: merge branch 'th/keyfile-public-api' (part 1)

Browse Source 
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/517
This commit is contained in:
Thomas Haller
2020-06-05 09:18:00 +02:00
parent ccac506a8a e2f83d4e92
commit 21c96342e9
8 changed files with 685 additions and 268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libnm-core/tests/test-keyfile.c
View File

@@ -143,7 +143,7 @@ _nm_keyfile_write (NMConnection *connection,
g_assert (NM_IS_CONNECTION (connection));
kf = nm_keyfile_write (connection, handler, user_data, &error);
kf = nm_keyfile_write (connection, NM_KEYFILE_HANDLER_FLAGS_NONE, handler, user_data, &error);
g_assert_no_error (error);
g_assert (kf);
return kf;
@@ -167,7 +167,7 @@ _nm_keyfile_read (GKeyFile *keyfile,
base_dir = g_path_get_dirname (keyfile_name);
filename = g_path_get_basename (keyfile_name);
con = nm_keyfile_read (keyfile, base_dir, read_handler, read_data, &error);
con = nm_keyfile_read (keyfile, base_dir, NM_KEYFILE_HANDLER_FLAGS_NONE, read_handler, read_data, &error);
g_assert_no_error (error);
g_assert (NM_IS_CONNECTION (con));

16
libnm-core/tests/test-setting.c
View File

@@ -1593,11 +1593,12 @@ test_ethtool_features (void)
nmtst_assert_connection_equals (con, FALSE, con2, FALSE);
keyfile = nm_keyfile_write (con, NULL, NULL, &error);
keyfile = nm_keyfile_write (con, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (keyfile, error);
con3 = nm_keyfile_read (keyfile,
"/ignored/current/working/directory/for/loading/relative/paths",
NM_KEYFILE_HANDLER_FLAGS_NONE,
NULL,
NULL,
&error);
@@ -1662,11 +1663,12 @@ test_ethtool_coalesce (void)
nmtst_assert_connection_equals (con, FALSE, con2, FALSE);
keyfile = nm_keyfile_write (con, NULL, NULL, &error);
keyfile = nm_keyfile_write (con, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (keyfile, error);
con3 = nm_keyfile_read (keyfile,
"/ignored/current/working/directory/for/loading/relative/paths",
NM_KEYFILE_HANDLER_FLAGS_NONE,
NULL,
NULL,
&error);
@@ -1746,11 +1748,12 @@ test_ethtool_ring (void)
nmtst_assert_connection_equals (con, FALSE, con2, FALSE);
keyfile = nm_keyfile_write (con, NULL, NULL, &error);
keyfile = nm_keyfile_write (con, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (keyfile, error);
con3 = nm_keyfile_read (keyfile,
"/ignored/current/working/directory/for/loading/relative/paths",
NM_KEYFILE_HANDLER_FLAGS_NONE,
NULL,
NULL,
&error);
@@ -3266,7 +3269,7 @@ test_roundtrip_conversion (gconstpointer test_data)
{
gs_unref_keyfile GKeyFile *kf = NULL;
kf = nm_keyfile_write (con, NULL, NULL, &error);
kf = nm_keyfile_write (con, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (kf, error);
/* the first kf_data_arr entry is special: it must be what the writer would
@@ -3361,7 +3364,7 @@ test_roundtrip_conversion (gconstpointer test_data)
{
gs_unref_keyfile GKeyFile *kf = NULL;
kf = nm_keyfile_write (con2, NULL, NULL, &error);
kf = nm_keyfile_write (con2, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (kf, error);
nmtst_keyfile_assert_data (kf, kf_data_arr->pdata[0], -1);
}
@@ -3665,7 +3668,7 @@ test_empty_setting (void)
nmtst_assert_connection_verifies_without_normalization (con);
kf = nm_keyfile_write (con, NULL, NULL, &error);
kf = nm_keyfile_write (con, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (kf, error);
g_assert (g_key_file_has_group (kf, "gsm"));
@@ -3673,6 +3676,7 @@ test_empty_setting (void)
con2 = nm_keyfile_read (kf,
"/ignored/current/working/directory/for/loading/relative/paths",
NM_KEYFILE_HANDLER_FLAGS_NONE,
NULL,
NULL,
&error);

133
shared/nm-keyfile/nm-keyfile-internal.h
View File

@@ -31,9 +31,16 @@ char *nm_keyfile_detect_unqualified_path_scheme (const char *base_dir,
gboolean consider_exists,
gboolean *out_exists);
typedef enum { /*< flags >*/
NM_KEYFILE_HANDLER_FLAGS_NONE = 0,
} NMKeyfileHandlerFlags;
typedef enum {
NM_KEYFILE_READ_TYPE_WARN = 1,
} NMKeyfileReadType;
NM_KEYFILE_HANDLER_TYPE_WARN = 1,
NM_KEYFILE_HANDLER_TYPE_WRITE_CERT = 2,
} NMKeyfileHandlerType;
typedef struct _NMKeyfileHandlerData NMKeyfileHandlerData;
/**
* NMKeyfileReadHandler:
@@ -42,15 +49,14 @@ typedef enum {
* @error.
*
* Returns: should return TRUE, if the reading was handled. Otherwise,
* a default action will be performed that depends on the @type.
* For %NM_KEYFILE_READ_TYPE_WARN type, the default action is doing nothing.
* a default action will be performed that depends on the @handler_type.
* For %NM_KEYFILE_HANDLER_TYPE_WARN handler_type, the default action is doing nothing.
*/
typedef gboolean (*NMKeyfileReadHandler) (GKeyFile *keyfile,
NMConnection *connection,
NMKeyfileReadType type,
void *type_data,
void *user_data,
GError **error);
NMKeyfileHandlerType handler_type,
NMKeyfileHandlerData *handler_data,
void *user_data);
typedef enum {
NM_KEYFILE_WARN_SEVERITY_DEBUG = 1000,
@@ -59,28 +65,9 @@ typedef enum {
NM_KEYFILE_WARN_SEVERITY_WARN = 3000,
} NMKeyfileWarnSeverity;
/**
* NMKeyfileReadTypeDataWarn:
*
* this struct is passed as @type_data for the @NMKeyfileReadHandler of
* type %NM_KEYFILE_READ_TYPE_WARN.
*/
typedef struct {
/* might be %NULL, if the warning is not about a group. */
const char *group;
/* might be %NULL, if the warning is not about a setting. */
NMSetting *setting;
/* might be %NULL, if the warning is not about a property. */
const char *property_name;
NMKeyfileWarnSeverity severity;
const char *message;
} NMKeyfileReadTypeDataWarn;
NMConnection *nm_keyfile_read (GKeyFile *keyfile,
const char *base_dir,
NMKeyfileHandlerFlags handler_flags,
NMKeyfileReadHandler handler,
void *user_data,
GError **error);
@@ -93,21 +80,17 @@ gboolean nm_keyfile_read_ensure_uuid (NMConnection *connection,
/*****************************************************************************/
typedef enum {
NM_KEYFILE_WRITE_TYPE_CERT = 1,
} NMKeyfileWriteType;
/**
* NMKeyfileWriteHandler:
*
* This is a hook to tweak the serialization.
*
* Handler for certain properties or events that are not entirely contained
* within the keyfile or that might be serialized differently. The @type and
* @type_data arguments tell which kind of argument we have at hand.
* within the keyfile or that might be serialized differently. The @handler_type and
* @handler_data arguments tell which kind of argument we have at hand.
*
* Currently only the type %NM_KEYFILE_WRITE_TYPE_CERT is supported, which provides
* @type_data as %NMKeyfileWriteTypeDataCert. However, this handler should be generic enough
* Currently only the handler_type %NM_KEYFILE_HANDLER_TYPE_WRITE_CERT is supported, which provides
* @handler_data as %NMKeyfileHandlerDataWriteCert. However, this handler should be generic enough
* to support other types as well.
*
* This don't have to be only "properties". For example, nm_keyfile_read() uses
@@ -122,29 +105,77 @@ typedef enum {
*/
typedef gboolean (*NMKeyfileWriteHandler) (NMConnection *connection,
GKeyFile *keyfile,
NMKeyfileWriteType type,
void *type_data,
void *user_data,
GError **error);
/**
* NMKeyfileWriteTypeDataCert:
*
* this struct is passed as @type_data for the @NMKeyfileWriteHandler of
* type %NM_KEYFILE_WRITE_TYPE_CERT.
*/
typedef struct {
const NMSetting8021xSchemeVtable *vtable;
NMSetting8021x *setting;
} NMKeyfileWriteTypeDataCert;
NMKeyfileHandlerType handler_type,
NMKeyfileHandlerData *handler_data,
void *user_data);
GKeyFile *nm_keyfile_write (NMConnection *connection,
NMKeyfileHandlerFlags handler_flags,
NMKeyfileWriteHandler handler,
void *user_data,
GError **error);
/*****************************************************************************/
/**
* NMKeyfileHandlerDataWarn:
*
* this struct is passed as @handler_data for the @NMKeyfileReadHandler of
* handler_type %NM_KEYFILE_HANDLER_TYPE_WARN.
*/
typedef struct {
NMKeyfileWarnSeverity severity;
char *message;
const char *fmt;
va_list ap;
} NMKeyfileHandlerDataWarn;
/**
* NMKeyfileHandlerDataWriteCert:
*
* this struct is passed as @handler_data for the @NMKeyfileWriteHandler of
* handler_type %NM_KEYFILE_HANDLER_TYPE_WRITE_CERT.
*/
typedef struct {
const NMSetting8021xSchemeVtable *vtable;
} NMKeyfileHandlerDataWriteCert;
struct _NMKeyfileHandlerData {
NMKeyfileHandlerType type;
GError **p_error;
const char *kf_group_name;
const char *kf_key;
NMSetting *cur_setting;
const char *cur_property;
union {
NMKeyfileHandlerDataWarn warn;
NMKeyfileHandlerDataWriteCert write_cert;
};
};
/*****************************************************************************/
void nm_keyfile_handler_data_fail_with_error (NMKeyfileHandlerData *handler_data,
GError *src);
void nm_keyfile_handler_data_get_context (const NMKeyfileHandlerData *handler_data,
const char **out_kf_group_name,
const char **out_kf_key_name,
NMSetting **out_cur_setting,
const char **out_cur_property_name);
void nm_keyfile_handler_data_warn_get (const NMKeyfileHandlerData *handler_data,
const char **out_message,
NMKeyfileWarnSeverity *out_severity);
const char *_nm_keyfile_handler_data_warn_get_message (const NMKeyfileHandlerData *handler_data);
/*****************************************************************************/
char *nm_keyfile_plugin_kf_get_string (GKeyFile *kf, const char *group, const char *key, GError **error);
void nm_keyfile_plugin_kf_set_string (GKeyFile *kf, const char *group, const char *key, const char *value);

703
shared/nm-keyfile/nm-keyfile.c
View File

File diff suppressed because it is too large Load Diff

6
shared/nm-utils/nm-test-utils.h
View File

@@ -1924,8 +1924,8 @@ nmtst_assert_connection_equals (NMConnection *a, gboolean normalize_a, NMConnect
gs_unref_keyfile GKeyFile *kf_a = NULL, *kf_b = NULL;
gs_free char *str_a = NULL, *str_b = NULL;
kf_a = nm_keyfile_write (a, NULL, NULL, NULL);
kf_b = nm_keyfile_write (b, NULL, NULL, NULL);
kf_a = nm_keyfile_write (a, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, NULL);
kf_b = nm_keyfile_write (b, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, NULL);
if (kf_a)
str_a = g_key_file_to_data (kf_a, NULL, NULL);
@@ -2262,7 +2262,7 @@ nmtst_create_connection_from_keyfile (const char *keyfile_str, const char *full_
success = g_key_file_load_from_data (keyfile, keyfile_str, strlen (keyfile_str), G_KEY_FILE_NONE, &error);
nmtst_assert_success (success, error);
con = nm_keyfile_read (keyfile, base_dir, NULL, NULL, &error);
con = nm_keyfile_read (keyfile, base_dir, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
nmtst_assert_success (NM_IS_CONNECTION (con), error);
nm_keyfile_read_ensure_id (con, filename);

2
src/initrd/nm-initrd-generator.c
View File

@@ -33,7 +33,7 @@ output_conn (gpointer key, gpointer value, gpointer user_data)
if (!nm_connection_normalize (connection, NULL, NULL, &error))
goto err_out;
file = nm_keyfile_write (connection, NULL, NULL, &error);
file = nm_keyfile_write (connection, NM_KEYFILE_HANDLER_FLAGS_NONE, NULL, NULL, &error);
if (file == NULL)
goto err_out;

42
src/settings/plugins/keyfile/nms-keyfile-reader.c
View File

@@ -17,11 +17,15 @@
/*****************************************************************************/
static const char *
_fmt_warn (const char *group, NMSetting *setting, const char *property_name, const char *message, char **out_message)
_fmt_warn (const NMKeyfileHandlerData *handler_data, char **out_message)
{
const char *setting_name = setting ? nm_setting_get_name (setting) : NULL;
const char *group = handler_data->kf_group_name;
const char *message = _nm_keyfile_handler_data_warn_get_message (handler_data);
if (group) {
NMSetting *setting = handler_data->cur_setting;
const char *property_name = handler_data->cur_property;
const char *setting_name = setting ? nm_setting_get_name (setting) : NULL;
char *res;
if (setting_name) {
@@ -37,30 +41,30 @@ _fmt_warn (const char *group, NMSetting *setting, const char *property_name, con
res = g_strdup_printf ("%s: %s", group, message);
*out_message = res;
return res;
} else
return message;
}
return message;
}
typedef struct {
bool verbose;
} HandlerReadData;
} ReadInfo;
static gboolean
_handler_read (GKeyFile *keyfile,
NMConnection *connection,
NMKeyfileReadType type,
void *type_data,
void *user_data,
GError **error)
NMKeyfileHandlerType handler_type,
NMKeyfileHandlerData *handler_data,
void *user_data)
{
const HandlerReadData *handler_data = user_data;
const ReadInfo *read_info = user_data;
if (type == NM_KEYFILE_READ_TYPE_WARN) {
NMKeyfileReadTypeDataWarn *warn_data = type_data;
if (handler_type == NM_KEYFILE_HANDLER_TYPE_WARN) {
const NMKeyfileHandlerDataWarn *warn_data = &handler_data->warn;
NMLogLevel level;
char *message_free = NULL;
if (!handler_data->verbose)
if (!read_info->verbose)
return TRUE;
if (warn_data->severity > NM_KEYFILE_WARN_SEVERITY_WARN)
@@ -72,15 +76,17 @@ _handler_read (GKeyFile *keyfile,
else
level = LOGL_INFO;
nm_log (level, LOGD_SETTINGS, NULL,
nm_log (level,
LOGD_SETTINGS,
NULL,
nm_connection_get_uuid (connection),
"keyfile: %s",
_fmt_warn (warn_data->group, warn_data->setting,
warn_data->property_name, warn_data->message,
_fmt_warn (handler_data,
&message_free));
g_free (message_free);
return TRUE;
}
return FALSE;
}
@@ -93,7 +99,7 @@ nms_keyfile_reader_from_keyfile (GKeyFile *key_file,
GError **error)
{
NMConnection *connection;
HandlerReadData data = {
ReadInfo read_info = {
.verbose = verbose,
};
gs_free char *base_dir_free = NULL;
@@ -122,7 +128,7 @@ nms_keyfile_reader_from_keyfile (GKeyFile *key_file,
filename = &s[1];
}
connection = nm_keyfile_read (key_file, base_dir, _handler_read, &data, error);
connection = nm_keyfile_read (key_file, base_dir, NM_KEYFILE_HANDLER_FLAGS_NONE, _handler_read, &read_info, error);
if (!connection)
return NULL;

47
src/settings/plugins/keyfile/nms-keyfile-writer.c
View File

@@ -28,21 +28,22 @@ typedef struct {
static void
cert_writer (NMConnection *connection,
GKeyFile *file,
NMKeyfileWriteTypeDataCert *cert_data,
NMSetting8021x *setting,
const NMSetting8021xSchemeVtable *vtable,
WriteInfo *info,
GError **error)
{
const char *setting_name = nm_setting_get_name (NM_SETTING (cert_data->setting));
const char *setting_name = nm_setting_get_name (NM_SETTING (setting));
NMSetting8021xCKScheme scheme;
NMSetting8021xCKFormat format;
const char *path = NULL, *ext = "pem";
scheme = cert_data->vtable->scheme_func (cert_data->setting);
scheme = vtable->scheme_func (setting);
if (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH) {
char *tmp = NULL;
const char *accepted_path = NULL;
path = cert_data->vtable->path_func (cert_data->setting);
path = vtable->path_func (setting);
g_assert (path);
if (g_str_has_prefix (path, info->keyfile_dir)) {
@@ -78,11 +79,11 @@ cert_writer (NMConnection *connection,
if (!accepted_path)
accepted_path = tmp = g_strconcat (NM_KEYFILE_CERT_SCHEME_PREFIX_PATH, path, NULL);
nm_keyfile_plugin_kf_set_string (file, setting_name, cert_data->vtable->setting_key, accepted_path);
nm_keyfile_plugin_kf_set_string (file, setting_name, vtable->setting_key, accepted_path);
g_free (tmp);
} else if (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11) {
nm_keyfile_plugin_kf_set_string (file, setting_name, cert_data->vtable->setting_key,
cert_data->vtable->uri_func (cert_data->setting));
nm_keyfile_plugin_kf_set_string (file, setting_name, vtable->setting_key,
vtable->uri_func (setting));
} else if (scheme == NM_SETTING_802_1X_CK_SCHEME_BLOB) {
GBytes *blob;
const guint8 *blob_data;
@@ -91,13 +92,13 @@ cert_writer (NMConnection *connection,
GError *local = NULL;
char *new_path;
blob = cert_data->vtable->blob_func (cert_data->setting);
blob = vtable->blob_func (setting);
g_assert (blob);
blob_data = g_bytes_get_data (blob, &blob_len);
if (cert_data->vtable->format_func) {
if (vtable->format_func) {
/* Get the extension for a private key */
format = cert_data->vtable->format_func (cert_data->setting);
format = vtable->format_func (setting);
if (format == NM_SETTING_802_1X_CK_FORMAT_PKCS12)
ext = "p12";
} else {
@@ -110,7 +111,7 @@ cert_writer (NMConnection *connection,
* from now on instead of pushing around the certificate data.
*/
new_path = g_strdup_printf ("%s/%s-%s.%s", info->keyfile_dir, nm_connection_get_uuid (connection),
cert_data->vtable->file_suffix, ext);
vtable->file_suffix, ext);
/* FIXME(keyfile-parse-in-memory): writer must not access/write to the file system before
* being sure that the entire profile can be written and all circumstances are good to
@@ -125,10 +126,10 @@ cert_writer (NMConnection *connection,
if (success) {
/* Write the path value to the keyfile.
* We know, that basename(new_path) starts with a UUID, hence no conflict with "data:;base64," */
nm_keyfile_plugin_kf_set_string (file, setting_name, cert_data->vtable->setting_key, strrchr (new_path, '/') + 1);
nm_keyfile_plugin_kf_set_string (file, setting_name, vtable->setting_key, strrchr (new_path, '/') + 1);
} else {
nm_log_warn (LOGD_SETTINGS, "keyfile: %s.%s: failed to write certificate to file %s: %s",
setting_name, cert_data->vtable->setting_key, new_path, local->message);
setting_name, vtable->setting_key, new_path, local->message);
g_error_free (local);
}
g_free (new_path);
@@ -146,15 +147,17 @@ cert_writer (NMConnection *connection,
static gboolean
_handler_write (NMConnection *connection,
GKeyFile *keyfile,
NMKeyfileWriteType type,
void *type_data,
void *user_data,
GError **error)
NMKeyfileHandlerType type,
NMKeyfileHandlerData *type_data,
void *user_data)
{
if (type == NM_KEYFILE_WRITE_TYPE_CERT) {
cert_writer (connection, keyfile,
(NMKeyfileWriteTypeDataCert *) type_data,
(WriteInfo *) user_data, error);
if (type == NM_KEYFILE_HANDLER_TYPE_WRITE_CERT) {
cert_writer (connection,
keyfile,
NM_SETTING_802_1X (type_data->cur_setting),
type_data->write_cert.vtable,
user_data,
type_data->p_error);
return TRUE;
}
return FALSE;
@@ -211,7 +214,7 @@ _internal_write_connection (NMConnection *connection,
info.keyfile_dir = keyfile_dir;
kf_file = nm_keyfile_write (connection, _handler_write, &info, error);
kf_file = nm_keyfile_write (connection, NM_KEYFILE_HANDLER_FLAGS_NONE, _handler_write, &info, error);
if (!kf_file)
return FALSE;