diff --git a/libnm-core/nm-connection.c b/libnm-core/nm-connection.c index c2b2ae0b5..006eaf6ac 100644 --- a/libnm-core/nm-connection.c +++ b/libnm-core/nm-connection.c @@ -1832,26 +1832,14 @@ nm_connection_need_secrets (NMConnection *connection, void nm_connection_clear_secrets (NMConnection *connection) { - GHashTableIter iter; - NMSetting *setting; - - g_return_if_fail (NM_IS_CONNECTION (connection)); - - g_hash_table_iter_init (&iter, NM_CONNECTION_GET_PRIVATE (connection)->settings); - while (g_hash_table_iter_next (&iter, NULL, (gpointer) &setting)) { - g_signal_handlers_block_by_func (setting, (GCallback) setting_changed_cb, connection); - _nm_setting_clear_secrets (setting); - g_signal_handlers_unblock_by_func (setting, (GCallback) setting_changed_cb, connection); - } - - g_signal_emit (connection, signals[SECRETS_CLEARED], 0); + return nm_connection_clear_secrets_with_flags (connection, NULL, NULL); } /** * nm_connection_clear_secrets_with_flags: * @connection: the #NMConnection - * @func: (scope call): function to be called to determine whether a - * specific secret should be cleared or not + * @func: (scope call): (allow-none): function to be called to determine whether a + * specific secret should be cleared or not. If %NULL, all secrets are cleared. * @user_data: caller-supplied data passed to @func * * Clears and frees secrets determined by @func. @@ -1869,7 +1857,7 @@ nm_connection_clear_secrets_with_flags (NMConnection *connection, g_hash_table_iter_init (&iter, NM_CONNECTION_GET_PRIVATE (connection)->settings); while (g_hash_table_iter_next (&iter, NULL, (gpointer) &setting)) { g_signal_handlers_block_by_func (setting, (GCallback) setting_changed_cb, connection); - _nm_setting_clear_secrets_with_flags (setting, func, user_data); + _nm_setting_clear_secrets (setting, func, user_data); g_signal_handlers_unblock_by_func (setting, (GCallback) setting_changed_cb, connection); } diff --git a/libnm-core/nm-setting-private.h b/libnm-core/nm-setting-private.h index 2f46bc677..8f61b0ff9 100644 --- a/libnm-core/nm-setting-private.h +++ b/libnm-core/nm-setting-private.h @@ -48,10 +48,9 @@ typedef enum NMSettingUpdateSecretResult { NMSettingUpdateSecretResult _nm_setting_update_secrets (NMSetting *setting, GVariant *secrets, GError **error); -gboolean _nm_setting_clear_secrets (NMSetting *setting); -gboolean _nm_setting_clear_secrets_with_flags (NMSetting *setting, - NMSettingClearSecretsWithFlagsFn func, - gpointer user_data); +gboolean _nm_setting_clear_secrets (NMSetting *setting, + NMSettingClearSecretsWithFlagsFn func, + gpointer user_data); /* The property of the #NMSetting should be considered during comparisons that * use the %NM_SETTING_COMPARE_FLAG_INFERRABLE flag. Properties that don't have diff --git a/libnm-core/nm-setting.c b/libnm-core/nm-setting.c index 7f2d4d2af..b00f0ab98 100644 --- a/libnm-core/nm-setting.c +++ b/libnm-core/nm-setting.c @@ -1840,48 +1840,6 @@ _nm_setting_aggregate (NMSetting *setting, return FALSE; } -/** - * _nm_setting_clear_secrets: - * @setting: the #NMSetting - * - * Resets and clears any secrets in the setting. Secrets should be added to the - * setting only when needed, and cleared immediately after use to prevent - * leakage of information. - * - * Returns: %TRUE if the setting changed at all - **/ -gboolean -_nm_setting_clear_secrets (NMSetting *setting) -{ - const NMSettInfoSetting *sett_info; - gboolean changed = FALSE; - guint i; - - g_return_val_if_fail (NM_IS_SETTING (setting), FALSE); - - sett_info = _nm_setting_class_get_sett_info (NM_SETTING_GET_CLASS (setting)); - for (i = 0; i < sett_info->property_infos_len; i++) { - GParamSpec *prop_spec = sett_info->property_infos[i].param_spec; - - if (!prop_spec) - continue; - - if (prop_spec->flags & NM_SETTING_PARAM_SECRET) { - GValue value = G_VALUE_INIT; - - g_value_init (&value, prop_spec->value_type); - g_object_get_property (G_OBJECT (setting), prop_spec->name, &value); - if (!g_param_value_defaults (prop_spec, &value)) { - g_param_value_set_default (prop_spec, &value); - g_object_set_property (G_OBJECT (setting), prop_spec->name, &value); - changed = TRUE; - } - g_value_unset (&value); - } - } - return changed; -} - static gboolean clear_secrets_with_flags (NMSetting *setting, GParamSpec *pspec, @@ -1914,7 +1872,7 @@ clear_secrets_with_flags (NMSetting *setting, } /** - * _nm_setting_clear_secrets_with_flags: + * _nm_setting_clear_secrets: * @setting: the #NMSetting * @func: (scope call): function to be called to determine whether a * specific secret should be cleared or not @@ -1925,16 +1883,15 @@ clear_secrets_with_flags (NMSetting *setting, * Returns: %TRUE if the setting changed at all **/ gboolean -_nm_setting_clear_secrets_with_flags (NMSetting *setting, - NMSettingClearSecretsWithFlagsFn func, - gpointer user_data) +_nm_setting_clear_secrets (NMSetting *setting, + NMSettingClearSecretsWithFlagsFn func, + gpointer user_data) { const NMSettInfoSetting *sett_info; gboolean changed = FALSE; guint i; g_return_val_if_fail (NM_IS_SETTING (setting), FALSE); - g_return_val_if_fail (func != NULL, FALSE); sett_info = _nm_setting_class_get_sett_info (NM_SETTING_GET_CLASS (setting)); for (i = 0; i < sett_info->property_infos_len; i++) { @@ -1946,10 +1903,23 @@ _nm_setting_clear_secrets_with_flags (NMSetting *setting, if (!NM_FLAGS_HAS (prop_spec->flags, NM_SETTING_PARAM_SECRET)) continue; - changed |= NM_SETTING_GET_CLASS (setting)->clear_secrets_with_flags (setting, - prop_spec, - func, - user_data); + if (func) { + changed |= NM_SETTING_GET_CLASS (setting)->clear_secrets_with_flags (setting, + prop_spec, + func, + user_data); + } else { + GValue value = G_VALUE_INIT; + + g_value_init (&value, prop_spec->value_type); + g_object_get_property (G_OBJECT (setting), prop_spec->name, &value); + if (!g_param_value_defaults (prop_spec, &value)) { + g_param_value_set_default (prop_spec, &value); + g_object_set_property (G_OBJECT (setting), prop_spec->name, &value); + changed = TRUE; + } + g_value_unset (&value); + } } return changed; }