libnm: add define for cert scheme prefix file:// for NMSetting8021x
This commit is contained in:
Thomas Haller
@@ -29,6 +29,7 @@
|
|||||||
#include "common.h"
|
#include "common.h"
|
||||||
#include "settings.h"
|
#include "settings.h"
|
||||||
#include "nm-glib-compat.h"
|
#include "nm-glib-compat.h"
|
||||||
|
#include "nm-utils-internal.h"
|
||||||
|
|
||||||
/* Forward declarations */
|
/* Forward declarations */
|
||||||
static char *wep_key_type_to_string (NMWepKeyType type);
|
static char *wep_key_type_to_string (NMWepKeyType type);
|
||||||
@@ -2691,13 +2692,12 @@ nmc_property_connection_describe_secondaries (NMSetting *setting, const char *pr
|
|||||||
static gboolean \
|
static gboolean \
|
||||||
def_func (NMSetting *setting, const char *prop, const char *val, GError **error) \
|
def_func (NMSetting *setting, const char *prop, const char *val, GError **error) \
|
||||||
{ \
|
{ \
|
||||||
const char *SCHEME_PATH = "file://"; \
|
|
||||||
char *val_strip = g_strstrip (g_strdup (val)); \
|
char *val_strip = g_strstrip (g_strdup (val)); \
|
||||||
char *p = val_strip; \
|
char *p = val_strip; \
|
||||||
gboolean success; \
|
gboolean success; \
|
||||||
\
|
\
|
||||||
if (strncmp (val_strip, SCHEME_PATH, strlen (SCHEME_PATH)) == 0) \
|
if (strncmp (val_strip, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) == 0) \
|
||||||
p += strlen (SCHEME_PATH); \
|
p += STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH); \
|
||||||
\
|
\
|
||||||
success = set_func (NM_SETTING_802_1X (setting), \
|
success = set_func (NM_SETTING_802_1X (setting), \
|
||||||
p, \
|
p, \
|
||||||
@@ -2713,14 +2713,13 @@ nmc_property_connection_describe_secondaries (NMSetting *setting, const char *pr
|
|||||||
def_func (NMSetting *setting, const char *prop, const char *val, GError **error) \
|
def_func (NMSetting *setting, const char *prop, const char *val, GError **error) \
|
||||||
{ \
|
{ \
|
||||||
char **strv = NULL; \
|
char **strv = NULL; \
|
||||||
const char *SCHEME_PATH = "file://"; \
|
|
||||||
char *val_strip = g_strstrip (g_strdup (val)); \
|
char *val_strip = g_strstrip (g_strdup (val)); \
|
||||||
char *p = val_strip; \
|
char *p = val_strip; \
|
||||||
const char *path, *password; \
|
const char *path, *password; \
|
||||||
gboolean success; \
|
gboolean success; \
|
||||||
\
|
\
|
||||||
if (strncmp (val_strip, SCHEME_PATH, strlen (SCHEME_PATH)) == 0) \
|
if (strncmp (val_strip, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) == 0) \
|
||||||
p += strlen (SCHEME_PATH); \
|
p += STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH); \
|
||||||
\
|
\
|
||||||
strv = nmc_strsplit_set (p, " \t,", 2); \
|
strv = nmc_strsplit_set (p, " \t,", 2); \
|
||||||
path = strv[0]; \
|
path = strv[0]; \
|
||||||
|
|||||||
@@ -31,6 +31,9 @@
|
|||||||
|
|
||||||
/*********************************************************/
|
/*********************************************************/
|
||||||
|
|
||||||
|
#define NM_KEYFILE_CERT_SCHEME_PREFIX_BLOB "data:;base64,"
|
||||||
|
#define NM_KEYFILE_CERT_SCHEME_PREFIX_PATH "file://"
|
||||||
|
|
||||||
typedef enum {
|
typedef enum {
|
||||||
NM_KEYFILE_READ_TYPE_WARN = 1,
|
NM_KEYFILE_READ_TYPE_WARN = 1,
|
||||||
} NMKeyfileReadType;
|
} NMKeyfileReadType;
|
||||||
|
|||||||
@@ -823,8 +823,6 @@ get_cert_path (const char *base_dir, const guint8 *cert_path, gsize cert_path_le
|
|||||||
return tmp;
|
return tmp;
|
||||||
}
|
}
|
||||||
|
|
||||||
#define SCHEME_PATH "file://"
|
|
||||||
|
|
||||||
static const char *certext[] = { ".pem", ".cert", ".crt", ".cer", ".p12", ".der", ".key" };
|
static const char *certext[] = { ".pem", ".cert", ".crt", ".cer", ".p12", ".der", ".key" };
|
||||||
|
|
||||||
static gboolean
|
static gboolean
|
||||||
@@ -848,8 +846,8 @@ handle_as_scheme (GBytes *bytes, NMSetting *setting, const char *key)
|
|||||||
data = g_bytes_get_data (bytes, &data_len);
|
data = g_bytes_get_data (bytes, &data_len);
|
||||||
|
|
||||||
/* It's the PATH scheme, can just set plain data */
|
/* It's the PATH scheme, can just set plain data */
|
||||||
if ( (data_len > strlen (SCHEME_PATH))
|
if ( (data_len > strlen (NM_KEYFILE_CERT_SCHEME_PREFIX_PATH))
|
||||||
&& g_str_has_prefix ((const char *) data, SCHEME_PATH)
|
&& g_str_has_prefix ((const char *) data, NM_KEYFILE_CERT_SCHEME_PREFIX_PATH)
|
||||||
&& (data[data_len - 1] == '\0')) {
|
&& (data[data_len - 1] == '\0')) {
|
||||||
g_object_set (setting, key, bytes, NULL);
|
g_object_set (setting, key, bytes, NULL);
|
||||||
return TRUE;
|
return TRUE;
|
||||||
@@ -899,8 +897,8 @@ handle_as_path (KeyfileReaderInfo *info,
|
|||||||
GBytes *val;
|
GBytes *val;
|
||||||
|
|
||||||
/* Construct the proper value as required for the PATH scheme */
|
/* Construct the proper value as required for the PATH scheme */
|
||||||
tmp = g_byte_array_sized_new (strlen (SCHEME_PATH) + strlen (path) + 1);
|
tmp = g_byte_array_sized_new (strlen (NM_KEYFILE_CERT_SCHEME_PREFIX_PATH) + strlen (path) + 1);
|
||||||
g_byte_array_append (tmp, (const guint8 *) SCHEME_PATH, strlen (SCHEME_PATH));
|
g_byte_array_append (tmp, (const guint8 *) NM_KEYFILE_CERT_SCHEME_PREFIX_PATH, strlen (NM_KEYFILE_CERT_SCHEME_PREFIX_PATH));
|
||||||
g_byte_array_append (tmp, (const guint8 *) path, strlen (path));
|
g_byte_array_append (tmp, (const guint8 *) path, strlen (path));
|
||||||
g_byte_array_append (tmp, (const guint8 *) "\0", 1);
|
g_byte_array_append (tmp, (const guint8 *) "\0", 1);
|
||||||
val = g_byte_array_free_to_bytes (tmp);
|
val = g_byte_array_free_to_bytes (tmp);
|
||||||
|
|||||||
@@ -62,8 +62,6 @@
|
|||||||
* ISBN: 978-1587051548
|
* ISBN: 978-1587051548
|
||||||
**/
|
**/
|
||||||
|
|
||||||
#define SCHEME_PATH "file://"
|
|
||||||
|
|
||||||
G_DEFINE_TYPE_WITH_CODE (NMSetting8021x, nm_setting_802_1x, NM_TYPE_SETTING,
|
G_DEFINE_TYPE_WITH_CODE (NMSetting8021x, nm_setting_802_1x, NM_TYPE_SETTING,
|
||||||
_nm_register_setting (802_1X, 2))
|
_nm_register_setting (802_1X, 2))
|
||||||
NM_SETTING_REGISTER_TYPE (NM_TYPE_SETTING_802_1X)
|
NM_SETTING_REGISTER_TYPE (NM_TYPE_SETTING_802_1X)
|
||||||
@@ -450,8 +448,8 @@ nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError *
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* interpret the blob as PATH if it starts with "file://". */
|
/* interpret the blob as PATH if it starts with "file://". */
|
||||||
if ( length >= STRLEN (SCHEME_PATH)
|
if ( length >= STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)
|
||||||
&& !memcmp (data, SCHEME_PATH, STRLEN (SCHEME_PATH))) {
|
&& !memcmp (data, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH))) {
|
||||||
/* But it must also be NUL terminated, contain at least
|
/* But it must also be NUL terminated, contain at least
|
||||||
* one non-NUL character, and contain only one trailing NUL
|
* one non-NUL character, and contain only one trailing NUL
|
||||||
* chracter.
|
* chracter.
|
||||||
@@ -467,7 +465,7 @@ nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError *
|
|||||||
}
|
}
|
||||||
length--;
|
length--;
|
||||||
|
|
||||||
if (length <= STRLEN (SCHEME_PATH)) {
|
if (length <= STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) {
|
||||||
g_set_error_literal (error,
|
g_set_error_literal (error,
|
||||||
NM_CONNECTION_ERROR,
|
NM_CONNECTION_ERROR,
|
||||||
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
@@ -475,7 +473,7 @@ nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError *
|
|||||||
return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
|
return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!g_utf8_validate (data + STRLEN (SCHEME_PATH), length - STRLEN (SCHEME_PATH), NULL)) {
|
if (!g_utf8_validate (data + STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH), length - STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH), NULL)) {
|
||||||
g_set_error_literal (error,
|
g_set_error_literal (error,
|
||||||
NM_CONNECTION_ERROR,
|
NM_CONNECTION_ERROR,
|
||||||
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
@@ -587,7 +585,7 @@ nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->ca_cert, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->ca_cert, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
static GBytes *
|
static GBytes *
|
||||||
@@ -601,8 +599,8 @@ path_to_scheme_value (const char *path)
|
|||||||
len = strlen (path);
|
len = strlen (path);
|
||||||
|
|
||||||
/* Add the path scheme tag to the front, then the filename */
|
/* Add the path scheme tag to the front, then the filename */
|
||||||
array = g_byte_array_sized_new (len + strlen (SCHEME_PATH) + 1);
|
array = g_byte_array_sized_new (len + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH) + 1);
|
||||||
g_byte_array_append (array, (const guint8 *) SCHEME_PATH, strlen (SCHEME_PATH));
|
g_byte_array_append (array, (const guint8 *) NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH));
|
||||||
g_byte_array_append (array, (const guint8 *) path, len);
|
g_byte_array_append (array, (const guint8 *) path, len);
|
||||||
g_byte_array_append (array, (const guint8 *) "\0", 1);
|
g_byte_array_append (array, (const guint8 *) "\0", 1);
|
||||||
|
|
||||||
@@ -916,7 +914,7 @@ nm_setting_802_1x_get_client_cert_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->client_cert, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->client_cert, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -1185,7 +1183,7 @@ nm_setting_802_1x_get_phase2_ca_cert_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_ca_cert, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_ca_cert, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -1499,7 +1497,7 @@ nm_setting_802_1x_get_phase2_client_cert_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_client_cert, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_client_cert, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -1758,7 +1756,7 @@ nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
@@ -2096,7 +2094,7 @@ nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting)
|
|||||||
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, NULL);
|
||||||
|
|
||||||
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key, NULL);
|
data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key, NULL);
|
||||||
return (const char *)data + strlen (SCHEME_PATH);
|
return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -31,6 +31,8 @@
|
|||||||
|
|
||||||
G_BEGIN_DECLS
|
G_BEGIN_DECLS
|
||||||
|
|
||||||
|
#define NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH "file://"
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* NMSetting8021xCKFormat:
|
* NMSetting8021xCKFormat:
|
||||||
* @NM_SETTING_802_1X_CK_FORMAT_UNKNOWN: unknown file format
|
* @NM_SETTING_802_1X_CK_FORMAT_UNKNOWN: unknown file format
|
||||||
|
|||||||
@@ -57,15 +57,13 @@ compare_blob_data (const char *test,
|
|||||||
g_free (contents);
|
g_free (contents);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define SCHEME_PATH "file://"
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
check_scheme_path (GBytes *value, const char *path)
|
check_scheme_path (GBytes *value, const char *path)
|
||||||
{
|
{
|
||||||
const guint8 *p = g_bytes_get_data (value, NULL);
|
const guint8 *p = g_bytes_get_data (value, NULL);
|
||||||
|
|
||||||
g_assert (memcmp (p, SCHEME_PATH, strlen (SCHEME_PATH)) == 0);
|
g_assert (memcmp (p, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) == 0);
|
||||||
p += strlen (SCHEME_PATH);
|
p += strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH);
|
||||||
g_assert (memcmp (p, path, strlen (path)) == 0);
|
g_assert (memcmp (p, path, strlen (path)) == 0);
|
||||||
p += strlen (path);
|
p += strlen (path);
|
||||||
g_assert (*p == '\0');
|
g_assert (*p == '\0');
|
||||||
|
|||||||
Reference in New Issue
Block a user