colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ifcfg-rh: fix writing TTLS-TLS connections and add testcases

Browse Source 
Fixes memory leak where ifcfg structure wouldn't be closed on write error too.
This commit is contained in:
Dan Williams
2009-04-14 06:47:51 -04:00
parent 583dd00fc1
commit 5c3fe78d4b
2 changed files with 1057 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

899
system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
View File

@@ -38,6 +38,12 @@
#include <nm-setting-wireless-security.h> #include <nm-setting-wireless-security.h>
#include <nm-setting-ip4-config.h> #include <nm-setting-ip4-config.h>
#include <nm-setting-8021x.h> #include <nm-setting-8021x.h>
#include <nm-setting-pppoe.h>
#include <nm-setting-ppp.h>
#include <nm-setting-vpn.h>
#include <nm-setting-gsm.h>
#include <nm-setting-cdma.h>
#include <nm-setting-serial.h>
#include "nm-test-helpers.h" #include "nm-test-helpers.h"
@@ -3964,14 +3970,14 @@ test_write_wifi_wep (void)
unlink (testfile); unlink (testfile);
ASSERT (keyfile != NULL, ASSERT (keyfile != NULL,
"wifi-open-write-reread", "expected keyfile for '%s'", testfile); "wifi-wep-write-reread", "expected keyfile for '%s'", testfile);
ASSERT (stat (keyfile, &statbuf) == 0, ASSERT (stat (keyfile, &statbuf) == 0,
"wifi-open-write-reread", "couldn't stat() '%s'", keyfile); "wifi-wep-write-reread", "couldn't stat() '%s'", keyfile);
ASSERT (S_ISREG (statbuf.st_mode), ASSERT (S_ISREG (statbuf.st_mode),
"wifi-open-write-reread", "keyfile '%s' wasn't a normal file", keyfile); "wifi-wep-write-reread", "keyfile '%s' wasn't a normal file", keyfile);
ASSERT ((statbuf.st_mode & 0077) == 0, ASSERT ((statbuf.st_mode & 0077) == 0,
"wifi-open-write-reread", "keyfile '%s' wasn't readable only by its owner", keyfile); "wifi-wep-write-reread", "keyfile '%s' wasn't readable only by its owner", keyfile);
unlink (keyfile); unlink (keyfile);
@@ -3989,6 +3995,150 @@ test_write_wifi_wep (void)
g_object_unref (reread); g_object_unref (reread);
} }
static void
test_write_wifi_wep_adhoc (void)
{
NMConnection *connection;
NMConnection *reread;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
gboolean unmanaged = FALSE;
char *keyfile = NULL;
gboolean ignore_error = FALSE;
GByteArray *ssid;
const unsigned char ssid_data[] = "blahblah";
struct stat statbuf;
NMIP4Address *addr;
const guint32 ip1 = htonl (0x01010103);
const guint32 gw = htonl (0x01010101);
const guint32 dns1 = htonl (0x04020201);
const guint32 prefix = 24;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wifi-wep-adhoc-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wifi-wep-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wifi WEP AdHoc",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
"wifi-wep-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (sizeof (ssid_data));
g_byte_array_append (ssid, ssid_data, sizeof (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_MODE, "adhoc",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
/* Wireless security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
"wifi-wep-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none", NULL);
nm_setting_wireless_security_set_wep_key (s_wsec, 0, "0123456789abcdef0123456789");
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wifi-wep-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_MANUAL, NULL);
/* IP Address */
addr = nm_ip4_address_new ();
nm_ip4_address_set_address (addr, ip1);
nm_ip4_address_set_prefix (addr, prefix);
nm_ip4_address_set_gateway (addr, gw);
nm_setting_ip4_config_add_address (s_ip4, addr);
nm_ip4_address_unref (addr);
nm_setting_ip4_config_add_dns (s_ip4, dns1);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wifi-wep-adhoc-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == TRUE,
"wifi-wep-adhoc-write", "failed to write connection to disk: %s",
(error && error->message) ? error->message : "(unknown)");
ASSERT (testfile != NULL,
"wifi-wep-adhoc-write", "didn't get ifcfg file path back after writing connection");
/* re-read the connection for comparison */
reread = connection_from_file (testfile,
NULL,
TYPE_WIRELESS,
&unmanaged,
&keyfile,
&error,
&ignore_error);
unlink (testfile);
ASSERT (keyfile != NULL,
"wifi-wep-adhoc-write-reread", "expected keyfile for '%s'", testfile);
ASSERT (stat (keyfile, &statbuf) == 0,
"wifi-wep-adhoc-write-reread", "couldn't stat() '%s'", keyfile);
ASSERT (S_ISREG (statbuf.st_mode),
"wifi-wep-adhoc-write-reread", "keyfile '%s' wasn't a normal file", keyfile);
ASSERT ((statbuf.st_mode & 0077) == 0,
"wifi-wep-adhoc-write-reread", "keyfile '%s' wasn't readable only by its owner", keyfile);
unlink (keyfile);
ASSERT (reread != NULL,
"wifi-wep-adhoc-write-reread", "failed to read %s: %s", testfile, error->message);
ASSERT (nm_connection_verify (reread, &error),
"wifi-wep-adhoc-write-reread-verify", "failed to verify %s: %s", testfile, error->message);
ASSERT (nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"wifi-wep-adhoc-write", "written and re-read connection weren't the same.");
g_free (testfile);
g_object_unref (connection);
g_object_unref (reread);
}
static void static void
test_write_wifi_wpa_psk (const char *name, test_write_wifi_wpa_psk (const char *name,
const char *test_name, const char *test_name,
@@ -4132,6 +4282,148 @@ test_write_wifi_wpa_psk (const char *name,
g_object_unref (reread); g_object_unref (reread);
} }
static void
test_write_wifi_wpa_psk_adhoc (void)
{
NMConnection *connection;
NMConnection *reread;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
gboolean unmanaged = FALSE;
char *keyfile = NULL;
gboolean ignore_error = FALSE;
GByteArray *ssid;
const unsigned char ssid_data[] = "blahblah";
NMIP4Address *addr;
const guint32 ip1 = htonl (0x01010103);
const guint32 gw = htonl (0x01010101);
const guint32 dns1 = htonl (0x04020201);
const guint32 prefix = 24;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wifi-wpa-psk-adhoc-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wifi-wpa-psk-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wifi WPA PSK",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
"wifi-wpa-psk-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (sizeof (ssid_data));
g_byte_array_append (ssid, ssid_data, sizeof (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_MODE, "adhoc",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_CHANNEL, 11,
NM_SETTING_WIRELESS_BAND, "bg",
NULL);
g_byte_array_free (ssid, TRUE);
/* Wireless security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
"wifi-wpa-psk-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none",
NM_SETTING_WIRELESS_SECURITY_PSK, "7d308b11df1b4243b0f78e5f3fc68cdbb9a264ed0edf4c188edf329ff5b467f0",
NULL);
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wifi-wpa-psk-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_MANUAL, NULL);
/* IP Address */
addr = nm_ip4_address_new ();
nm_ip4_address_set_address (addr, ip1);
nm_ip4_address_set_prefix (addr, prefix);
nm_ip4_address_set_gateway (addr, gw);
nm_setting_ip4_config_add_address (s_ip4, addr);
nm_ip4_address_unref (addr);
nm_setting_ip4_config_add_dns (s_ip4, dns1);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wifi-wpa-psk-adhoc-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == TRUE,
"wifi-wpa-psk-adhoc-write", "failed to write connection to disk: %s",
(error && error->message) ? error->message : "(unknown)");
ASSERT (testfile != NULL,
"wifi-wpa-psk-adhoc-write", "didn't get ifcfg file path back after writing connection");
/* re-read the connection for comparison */
reread = connection_from_file (testfile,
NULL,
TYPE_WIRELESS,
&unmanaged,
&keyfile,
&error,
&ignore_error);
unlink (testfile);
ASSERT (keyfile != NULL,
"wifi-wpa-psk-adhoc-write-reread", "expected keyfile for '%s'", testfile);
unlink (keyfile);
ASSERT (reread != NULL,
"wifi-wpa-psk-adhoc-write-reread", "failed to read %s: %s", testfile, error->message);
ASSERT (nm_connection_verify (reread, &error),
"wifi-wpa-psk-adhoc-write-reread", "failed to verify %s: %s", testfile, error->message);
ASSERT (nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"wifi-wpa-psk-adhoc-write", "written and re-read connection weren't the same.");
g_free (testfile);
g_object_unref (connection);
g_object_unref (reread);
}
static void static void
test_write_wifi_wpa_eap_tls (void) test_write_wifi_wpa_eap_tls (void)
{ {
@@ -4291,6 +4583,595 @@ test_write_wifi_wpa_eap_tls (void)
g_object_unref (reread); g_object_unref (reread);
} }
static void
test_write_wifi_wpa_eap_ttls_tls (void)
{
NMConnection *connection;
NMConnection *reread;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
NMSettingIP4Config *s_ip4;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
gboolean unmanaged = FALSE;
char *keyfile = NULL;
gboolean ignore_error = FALSE;
GByteArray *ssid;
const char *ssid_data = "blahblah";
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wifi WPA EAP-TTLS (TLS)",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (strlen (ssid_data));
g_byte_array_append (ssid, (const unsigned char *) ssid_data, strlen (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_MODE, "infrastructure",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
/* Wireless security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NULL);
nm_setting_wireless_security_add_proto (s_wsec, "rsn");
nm_setting_wireless_security_add_pairwise (s_wsec, "ccmp");
nm_setting_wireless_security_add_group (s_wsec, "ccmp");
/* Wireless security setting */
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
ASSERT (s_8021x != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new %s setting",
NM_SETTING_802_1X_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
nm_setting_802_1x_add_eap_method (s_8021x, "ttls");
g_object_set (s_8021x,
NM_SETTING_802_1X_IDENTITY, "Bill Smith",
NM_SETTING_802_1X_ANONYMOUS_IDENTITY, "foobar22",
NM_SETTING_802_1X_PHASE2_AUTHEAP, "tls",
NULL);
success = nm_setting_802_1x_set_ca_cert_from_file (s_8021x,
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT,
NULL,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to set CA certificate '%s': %s",
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT, error->message);
/* Phase 2 TLS stuff */
/* phase2 CA cert */
success = nm_setting_802_1x_set_phase2_ca_cert_from_file (s_8021x,
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT,
NULL,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to set inner CA certificate '%s': %s",
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT, error->message);
/* phase2 client cert */
success = nm_setting_802_1x_set_phase2_client_cert_from_file (s_8021x,
TEST_IFCFG_WIFI_WPA_EAP_TLS_CLIENT_CERT,
NULL,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to set inner client certificate '%s': %s",
TEST_IFCFG_WIFI_WPA_EAP_TLS_CLIENT_CERT, error->message);
/* phase2 private key */
success = nm_setting_802_1x_set_phase2_private_key_from_file (s_8021x,
TEST_IFCFG_WIFI_WPA_EAP_TLS_PRIVATE_KEY,
"test1",
NULL,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to set private key '%s': %s",
TEST_IFCFG_WIFI_WPA_EAP_TLS_PRIVATE_KEY, error->message);
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wifi-wpa-eap-ttls-tls-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-tls-write", "failed to write connection to disk: %s",
(error && error->message) ? error->message : "(unknown)");
ASSERT (testfile != NULL,
"wifi-wpa-eap-ttls-tls-write", "didn't get ifcfg file path back after writing connection");
/* re-read the connection for comparison */
reread = connection_from_file (testfile,
NULL,
TYPE_WIRELESS,
&unmanaged,
&keyfile,
&error,
&ignore_error);
unlink (testfile);
ASSERT (reread != NULL,
"wifi-wpa-eap-ttls-tls-write-reread", "failed to read %s: %s", testfile, error->message);
ASSERT (keyfile != NULL,
"wifi-wpa-eap-ttls-tls-write-reread", "expected keyfile for '%s'", testfile);
unlink (keyfile);
ASSERT (nm_connection_verify (reread, &error),
"wifi-wpa-eap-ttls-tls-write-reread-verify", "failed to verify %s: %s", testfile, error->message);
ASSERT (nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"wifi-wpa-eap-ttls-tls-write", "written and re-read connection weren't the same.");
g_free (testfile);
g_object_unref (connection);
g_object_unref (reread);
}
static void
test_write_wifi_wpa_eap_ttls_mschapv2 (void)
{
NMConnection *connection;
NMConnection *reread;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
NMSettingIP4Config *s_ip4;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
gboolean unmanaged = FALSE;
char *keyfile = NULL;
gboolean ignore_error = FALSE;
GByteArray *ssid;
const char *ssid_data = "blahblah";
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wifi WPA EAP-TTLS (MSCHAPv2)",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (strlen (ssid_data));
g_byte_array_append (ssid, (const unsigned char *) ssid_data, strlen (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_MODE, "infrastructure",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
/* Wireless security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NULL);
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_proto (s_wsec, "rsn");
nm_setting_wireless_security_add_pairwise (s_wsec, "tkip");
nm_setting_wireless_security_add_pairwise (s_wsec, "ccmp");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
nm_setting_wireless_security_add_group (s_wsec, "ccmp");
/* Wireless security setting */
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
ASSERT (s_8021x != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new %s setting",
NM_SETTING_802_1X_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
nm_setting_802_1x_add_eap_method (s_8021x, "ttls");
g_object_set (s_8021x,
NM_SETTING_802_1X_IDENTITY, "Bill Smith",
NM_SETTING_802_1X_PASSWORD, ";alkdfja;dslkfjsad;lkfjsadf",
NM_SETTING_802_1X_ANONYMOUS_IDENTITY, "foobar22",
NM_SETTING_802_1X_PHASE2_AUTHEAP, "mschapv2",
NULL);
success = nm_setting_802_1x_set_ca_cert_from_file (s_8021x,
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT,
NULL,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to set CA certificate '%s': %s",
TEST_IFCFG_WIFI_WPA_EAP_TLS_CA_CERT, error->message);
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == TRUE,
"wifi-wpa-eap-ttls-mschapv2-write", "failed to write connection to disk: %s",
(error && error->message) ? error->message : "(unknown)");
ASSERT (testfile != NULL,
"wifi-wpa-eap-ttls-mschapv2-write", "didn't get ifcfg file path back after writing connection");
/* re-read the connection for comparison */
reread = connection_from_file (testfile,
NULL,
TYPE_WIRELESS,
&unmanaged,
&keyfile,
&error,
&ignore_error);
unlink (testfile);
ASSERT (reread != NULL,
"wifi-wpa-eap-ttls-mschapv2-write-reread", "failed to read %s: %s", testfile, error->message);
ASSERT (keyfile != NULL,
"wifi-wpa-eap-ttls-mschapv2-write-reread", "expected keyfile for '%s'", testfile);
unlink (keyfile);
ASSERT (nm_connection_verify (reread, &error),
"wifi-wpa-eap-ttls-mschapv2-write-reread-verify", "failed to verify %s: %s", testfile, error->message);
ASSERT (nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"wifi-wpa-eap-ttls-mschapv2-write", "written and re-read connection weren't the same.");
g_free (testfile);
g_object_unref (connection);
g_object_unref (reread);
}
static void
test_write_wired_pppoe (void)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWired *s_wired;
NMSettingIP4Config *s_ip4;
NMSettingPPPOE *s_pppoe;
NMSettingPPP *s_ppp;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wired-pppoe-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wired-pppoe-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wired PPPoE",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRED_SETTING_NAME,
NULL);
g_free (uuid);
/* Wired setting */
s_wired = (NMSettingWired *) nm_setting_wired_new ();
ASSERT (s_wired != NULL,
"wired-pppoe-write", "failed to allocate new %s setting",
NM_SETTING_WIRED_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wired));
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wired-pppoe-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4,
NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO,
NULL);
/* PPPoE setting */
s_pppoe = (NMSettingPPPOE *) nm_setting_pppoe_new ();
ASSERT (s_pppoe != NULL,
"wired-pppoe-write", "failed to allocate new %s setting",
NM_SETTING_PPPOE_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_pppoe));
g_object_set (G_OBJECT (s_pppoe),
NM_SETTING_PPPOE_SERVICE, "stupid-service",
NM_SETTING_PPPOE_USERNAME, "Bill Smith",
NM_SETTING_PPPOE_PASSWORD, "test1",
NULL);
/* PPP setting */
s_ppp = (NMSettingPPP *) nm_setting_ppp_new ();
ASSERT (s_ppp != NULL,
"wired-pppoe-write", "failed to allocate new %s setting",
NM_SETTING_PPP_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ppp));
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wired-pppoe-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == FALSE,
"wired-pppoe-write", "unexpected success writing connection to disk");
g_object_unref (connection);
}
static void
test_write_vpn (void)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingIP4Config *s_ip4;
NMSettingVPN *s_vpn;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"vpn-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"vpn-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write VPN",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_VPN_SETTING_NAME,
NULL);
g_free (uuid);
/* VPN setting */
s_vpn = (NMSettingVPN *) nm_setting_vpn_new ();
ASSERT (s_vpn != NULL,
"vpn-write", "failed to allocate new %s setting",
NM_SETTING_VPN_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_vpn));
g_object_set (s_vpn,
NM_SETTING_VPN_SERVICE_TYPE, "awesomevpn",
NM_SETTING_VPN_USER_NAME, "Bill Smith",
NULL);
nm_setting_vpn_add_data_item (s_vpn, "server", "vpn.somewhere.com");
nm_setting_vpn_add_secret (s_vpn, "password", "sup3rs3cr3t");
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"vpn-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4,
NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO,
NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"vpn-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == FALSE,
"vpn-write", "unexpected success writing connection to disk");
g_object_unref (connection);
}
static void
test_write_mobile_broadband (gboolean gsm)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingIP4Config *s_ip4;
NMSettingGsm *s_gsm;
NMSettingCdma *s_cdma;
NMSettingPPP *s_ppp;
NMSettingSerial *s_serial;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"mobile-broadband-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, gsm ? "Test Write GSM" : "Test Write CDMA",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, gsm ? NM_SETTING_GSM_SETTING_NAME : NM_SETTING_CDMA_SETTING_NAME,
NULL);
g_free (uuid);
if (gsm) {
/* GSM setting */
s_gsm = (NMSettingGsm *) nm_setting_gsm_new ();
ASSERT (s_gsm != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_GSM_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_gsm));
g_object_set (s_gsm, NM_SETTING_GSM_NUMBER, "*99#", NULL);
} else {
/* CDMA setting */
s_cdma = (NMSettingCdma *) nm_setting_cdma_new ();
ASSERT (s_cdma != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_CDMA_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_cdma));
g_object_set (s_cdma, NM_SETTING_CDMA_NUMBER, "#777", NULL);
}
/* Serial setting */
s_serial = (NMSettingSerial *) nm_setting_serial_new ();
ASSERT (s_serial != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_SERIAL_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_serial));
g_object_set (s_serial,
NM_SETTING_SERIAL_BAUD, 115200,
NM_SETTING_SERIAL_BITS, 8,
NM_SETTING_SERIAL_PARITY, 'n',
NM_SETTING_SERIAL_STOPBITS, 1,
NULL);
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4,
NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO,
NULL);
/* PPP setting */
s_ppp = (NMSettingPPP *) nm_setting_ppp_new ();
ASSERT (s_ppp != NULL,
"mobile-broadband-write", "failed to allocate new %s setting",
NM_SETTING_PPP_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ppp));
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"mobile-broadband-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == FALSE,
"mobile-broadband-write", "unexpected success writing connection to disk");
g_object_unref (connection);
}
#define TEST_IFCFG_WIFI_OPEN_SSID_BAD_HEX TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-bad-hex" #define TEST_IFCFG_WIFI_OPEN_SSID_BAD_HEX TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-bad-hex"
#define TEST_IFCFG_WIFI_OPEN_SSID_LONG_QUOTED TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-quoted" #define TEST_IFCFG_WIFI_OPEN_SSID_LONG_QUOTED TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-quoted"
#define TEST_IFCFG_WIFI_OPEN_SSID_LONG_HEX TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-hex" #define TEST_IFCFG_WIFI_OPEN_SSID_LONG_HEX TEST_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-hex"
@@ -4338,11 +5219,21 @@ int main (int argc, char **argv)
test_write_wifi_open (); test_write_wifi_open ();
test_write_wifi_open_hex_ssid (); test_write_wifi_open_hex_ssid ();
test_write_wifi_wep (); test_write_wifi_wep ();
test_write_wifi_wep_adhoc ();
test_write_wifi_wpa_psk ("Test Write Wifi WPA PSK", "wifi-wpa-psk-write", FALSE, TRUE, FALSE); test_write_wifi_wpa_psk ("Test Write Wifi WPA PSK", "wifi-wpa-psk-write", FALSE, TRUE, FALSE);
test_write_wifi_wpa_psk ("Test Write Wifi WPA2 PSK", "wifi-wpa2-psk-write", FALSE, FALSE, TRUE); test_write_wifi_wpa_psk ("Test Write Wifi WPA2 PSK", "wifi-wpa2-psk-write", FALSE, FALSE, TRUE);
test_write_wifi_wpa_psk ("Test Write Wifi WPA WPA2 PSK", "wifi-wpa-wpa2-psk-write", FALSE, TRUE, TRUE); test_write_wifi_wpa_psk ("Test Write Wifi WPA WPA2 PSK", "wifi-wpa-wpa2-psk-write", FALSE, TRUE, TRUE);
test_write_wifi_wpa_psk ("Test Write Wifi WEP WPA WPA2 PSK", "wifi-wep-wpa-wpa2-psk-write", TRUE, TRUE, TRUE); test_write_wifi_wpa_psk ("Test Write Wifi WEP WPA WPA2 PSK", "wifi-wep-wpa-wpa2-psk-write", TRUE, TRUE, TRUE);
test_write_wifi_wpa_psk_adhoc ();
test_write_wifi_wpa_eap_tls (); test_write_wifi_wpa_eap_tls ();
test_write_wifi_wpa_eap_ttls_tls ();
test_write_wifi_wpa_eap_ttls_mschapv2 ();
/* Stuff we expect to fail for now */
test_write_wired_pppoe ();
test_write_vpn ();
test_write_mobile_broadband (TRUE);
test_write_mobile_broadband (FALSE);
basename = g_path_get_basename (argv[0]); basename = g_path_get_basename (argv[0]);
fprintf (stdout, "%s: SUCCESS\n", basename); fprintf (stdout, "%s: SUCCESS\n", basename);

236
system-settings/plugins/ifcfg-rh/writer.c
View File

@@ -34,6 +34,7 @@
#include <nm-setting-wireless.h> #include <nm-setting-wireless.h>
#include <nm-setting-8021x.h> #include <nm-setting-8021x.h>
#include <nm-setting-ip4-config.h> #include <nm-setting-ip4-config.h>
#include <nm-setting-pppoe.h>
#include "common.h" #include "common.h"
#include "shvar.h" #include "shvar.h"
@@ -159,6 +160,14 @@ static const ObjectType ca_type = {
"ca-cert.der" "ca-cert.der"
}; };
static const ObjectType phase2_ca_type = {
NM_SETTING_802_1X_PHASE2_CA_CERT,
"IEEE_8021X_INNER_CA_CERT",
TAG_PHASE2_CA_CERT_PATH,
TAG_PHASE2_CA_CERT_HASH,
"inner-ca-cert.der"
};
static const ObjectType client_type = { static const ObjectType client_type = {
NM_SETTING_802_1X_CLIENT_CERT, NM_SETTING_802_1X_CLIENT_CERT,
"IEEE_8021X_CLIENT_CERT", "IEEE_8021X_CLIENT_CERT",
@@ -167,6 +176,14 @@ static const ObjectType client_type = {
"client-cert.der" "client-cert.der"
}; };
static const ObjectType phase2_client_type = {
NM_SETTING_802_1X_PHASE2_CLIENT_CERT,
"IEEE_8021X_INNER_CLIENT_CERT",
TAG_PHASE2_CLIENT_CERT_PATH,
TAG_PHASE2_CLIENT_CERT_HASH,
"inner-client-cert.der"
};
static const ObjectType pk_type = { static const ObjectType pk_type = {
NM_SETTING_802_1X_PRIVATE_KEY, NM_SETTING_802_1X_PRIVATE_KEY,
"IEEE_8021X_PRIVATE_KEY", "IEEE_8021X_PRIVATE_KEY",
@@ -175,6 +192,14 @@ static const ObjectType pk_type = {
"private-key.pem" "private-key.pem"
}; };
static const ObjectType phase2_pk_type = {
NM_SETTING_802_1X_PHASE2_PRIVATE_KEY,
"IEEE_8021X_INNER_PRIVATE_KEY",
TAG_PHASE2_PRIVATE_KEY_PATH,
TAG_PHASE2_PRIVATE_KEY_HASH,
"inner-private-key.pem"
};
static const ObjectType p12_type = { static const ObjectType p12_type = {
NM_SETTING_802_1X_PRIVATE_KEY, NM_SETTING_802_1X_PRIVATE_KEY,
"IEEE_8021X_PRIVATE_KEY", "IEEE_8021X_PRIVATE_KEY",
@@ -183,6 +208,14 @@ static const ObjectType p12_type = {
"private-key.p12" "private-key.p12"
}; };
static const ObjectType phase2_p12_type = {
NM_SETTING_802_1X_PHASE2_PRIVATE_KEY,
"IEEE_8021X_INNER_PRIVATE_KEY",
TAG_PHASE2_PRIVATE_KEY_PATH,
TAG_PHASE2_PRIVATE_KEY_HASH,
"inner-private-key.p12"
};
static gboolean static gboolean
write_object (NMSetting8021x *s_8021x, write_object (NMSetting8021x *s_8021x,
shvarFile *ifcfg, shvarFile *ifcfg,
@@ -258,6 +291,120 @@ out:
return success; return success;
} }
static gboolean
write_8021x_certs (NMSetting8021x *s_8021x,
gboolean phase2,
shvarFile *ifcfg,
GError **error)
{
const GByteArray *data;
GByteArray *enc_key = NULL;
const char *password = NULL;
char *generated_pw = NULL;
gboolean success = FALSE, is_pkcs12 = FALSE, wrote;
const ObjectType *otype = NULL;
const char *prop;
/* CA certificate */
data = NULL;
if (phase2) {
prop = NM_SETTING_802_1X_PHASE2_CA_CERT;
otype = &phase2_ca_type;
} else {
prop = NM_SETTING_802_1X_CA_CERT;
otype = &ca_type;
}
g_object_get (G_OBJECT (s_8021x), prop, &data, NULL);
if (!write_object (s_8021x, ifcfg, data, otype, &wrote, error))
return FALSE;
/* Private key */
if (phase2) {
if (nm_setting_802_1x_get_phase2_private_key (s_8021x)) {
if (nm_setting_802_1x_get_phase2_private_key_type (s_8021x) == NM_SETTING_802_1X_CK_TYPE_PKCS12)
is_pkcs12 = TRUE;
}
prop = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY;
password = nm_setting_802_1x_get_phase2_private_key_password (s_8021x);
} else {
if (nm_setting_802_1x_get_private_key (s_8021x)) {
if (nm_setting_802_1x_get_private_key_type (s_8021x) == NM_SETTING_802_1X_CK_TYPE_PKCS12)
is_pkcs12 = TRUE;
}
prop = NM_SETTING_802_1X_PRIVATE_KEY;
password = nm_setting_802_1x_get_private_key_password (s_8021x);
}
if (is_pkcs12)
otype = phase2 ? &phase2_p12_type : &p12_type;
else
otype = phase2 ? &phase2_pk_type : &pk_type;
data = NULL;
g_object_get (G_OBJECT (s_8021x), prop, &data, NULL);
if (data && !is_pkcs12) {
GByteArray *array;
if (!password) {
/* Create a random private key */
array = crypto_random (32, error);
if (!array)
goto out;
password = generated_pw = utils_bin2hexstr ((const char *) array->data, array->len, -1);
memset (array->data, 0, array->len);
g_byte_array_free (array, TRUE);
}
/* Re-encrypt the private key if it's not PKCS#12 (which never decrypted by NM) */
enc_key = crypto_key_to_pem (data, password, error);
if (!enc_key)
goto out;
}
if (!write_object (s_8021x, ifcfg, enc_key ? enc_key : data, otype, &wrote, error))
goto out;
/* Private key password */
if (phase2)
set_secret (ifcfg, "IEEE_8021X_INNER_PRIVATE_KEY_PASSWORD", password);
else
set_secret (ifcfg, "IEEE_8021X_PRIVATE_KEY_PASSWORD", password);
if (enc_key) {
memset (enc_key->data, 0, enc_key->len);
g_byte_array_free (enc_key, TRUE);
}
/* Client certificate */
if (is_pkcs12) {
svSetValue (ifcfg,
phase2 ? "IEEE_8021X_INNER_CLIENT_CERT" : "IEEE_8021X_CLIENT_CERT",
NULL, FALSE);
} else {
if (phase2) {
prop = NM_SETTING_802_1X_PHASE2_CLIENT_CERT;
otype = &phase2_client_type;
} else {
prop = NM_SETTING_802_1X_CLIENT_CERT;
otype = &client_type;
}
data = NULL;
g_object_get (G_OBJECT (s_8021x), prop, &data, NULL);
if (!write_object (s_8021x, ifcfg, data, otype, &wrote, error))
goto out;
}
success = TRUE;
out:
if (generated_pw) {
memset (generated_pw, 0, strlen (generated_pw));
g_free (generated_pw);
}
return success;
}
static gboolean static gboolean
write_8021x_setting (NMConnection *connection, write_8021x_setting (NMConnection *connection,
shvarFile *ifcfg, shvarFile *ifcfg,
@@ -267,12 +414,8 @@ write_8021x_setting (NMConnection *connection,
NMSetting8021x *s_8021x; NMSetting8021x *s_8021x;
const char *value; const char *value;
char *tmp = NULL; char *tmp = NULL;
gboolean success = FALSE, is_pkcs12 = FALSE, wrote; gboolean success = FALSE;
GString *phase2_auth; GString *phase2_auth;
const GByteArray *data;
GByteArray *enc_key = NULL;
const char *password = NULL;
char *generated_pw = NULL;
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X); s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (!s_8021x) { if (!s_8021x) {
@@ -344,73 +487,10 @@ write_8021x_setting (NMConnection *connection,
g_string_free (phase2_auth, TRUE); g_string_free (phase2_auth, TRUE);
/* CA certificate */ success = write_8021x_certs (s_8021x, FALSE, ifcfg, error);
data = NULL; if (success) {
g_object_get (G_OBJECT (s_8021x), NM_SETTING_802_1X_CA_CERT, &data, NULL); /* phase2/inner certs */
if (!write_object (s_8021x, ifcfg, data, &ca_type, &wrote, error)) success = write_8021x_certs (s_8021x, TRUE, ifcfg, error);
goto out;
/* Private key */
if (nm_setting_802_1x_get_private_key (s_8021x)) {
if (nm_setting_802_1x_get_private_key_type (s_8021x) == NM_SETTING_802_1X_CK_TYPE_PKCS12)
is_pkcs12 = TRUE;
}
data = NULL;
g_object_get (G_OBJECT (s_8021x), NM_SETTING_802_1X_PRIVATE_KEY, &data, NULL);
password = nm_setting_802_1x_get_private_key_password (s_8021x);
if (data && !is_pkcs12) {
GByteArray *array;
if (!password) {
/* Create a random private key */
array = crypto_random (32, error);
if (!array)
goto out;
password = generated_pw = utils_bin2hexstr ((const char *) array->data, array->len, -1);
memset (array->data, 0, array->len);
g_byte_array_free (array, TRUE);
}
/* Re-encrypt the private key if it's not PKCS#12 (which never decrypted by NM) */
enc_key = crypto_key_to_pem (data, password, error);
if (!enc_key)
goto out;
}
if (!write_object (s_8021x,
ifcfg,
enc_key ? enc_key : data,
is_pkcs12 ? &p12_type : &pk_type,
&wrote,
error))
goto out;
/* Private key password */
set_secret (ifcfg, "IEEE_8021X_PRIVATE_KEY_PASSWORD", password);
if (enc_key) {
memset (enc_key->data, 0, enc_key->len);
g_byte_array_free (enc_key, TRUE);
}
/* Client certificate */
if (is_pkcs12)
svSetValue (ifcfg, "IEEE_8021X_CLIENT_CERT", NULL, FALSE);
else {
data = NULL;
g_object_get (G_OBJECT (s_8021x), NM_SETTING_802_1X_CLIENT_CERT, &data, NULL);
if (!write_object (s_8021x, ifcfg, data, &client_type, &wrote, error))
goto out;
}
success = TRUE;
out:
if (generated_pw) {
memset (generated_pw, 0, strlen (generated_pw));
g_free (generated_pw);
} }
return success; return success;
@@ -921,6 +1001,14 @@ write_connection (NMConnection *connection,
} }
if (!strcmp (type, NM_SETTING_WIRED_SETTING_NAME)) { if (!strcmp (type, NM_SETTING_WIRED_SETTING_NAME)) {
// FIXME: can't write PPPoE at this time
if (nm_connection_get_setting (connection, NM_TYPE_SETTING_PPPOE)) {
g_set_error (error, ifcfg_plugin_error_quark (), 0,
"Can't write connection type '%s'",
NM_SETTING_PPPOE_SETTING_NAME);
goto out;
}
if (!write_wired_setting (connection, ifcfg, error)) if (!write_wired_setting (connection, ifcfg, error))
goto out; goto out;
wired = TRUE; wired = TRUE;
@@ -949,8 +1037,6 @@ write_connection (NMConnection *connection,
goto out; goto out;
} }
svCloseFile (ifcfg);
/* Only return the filename if this was a newly written ifcfg */ /* Only return the filename if this was a newly written ifcfg */
if (out_filename && !filename) if (out_filename && !filename)
*out_filename = g_strdup (ifcfg_name); *out_filename = g_strdup (ifcfg_name);
@@ -958,6 +1044,8 @@ write_connection (NMConnection *connection,
success = TRUE; success = TRUE;
out: out:
if (ifcfg)
svCloseFile (ifcfg);
g_free (ifcfg_name); g_free (ifcfg_name);
return success; return success;
} }