Commit Graph

69 Commits

Author SHA1 Message Date
Dan Williams
77e50740a8 libnm-util: add Data Center Bridging (DCB) setting
Includes various fixes & cleanups from Thomas Haller.
2013-10-31 13:28:42 -05:00
Jiří Klimeš
2e8746aab2 core: remove 'wep40' and 'wep104' from several places in NM
wep40 and wep104 are not valid values for 'pairwise' property and they are not
used for dynamic WEP as 'group' ciphers as well.

See https://bugzilla.redhat.com/show_bug.cgi?id=1005171 for some details.
2013-09-18 12:07:29 +02:00
Daniel Drake
3f4811be22 libnm-util: accept old-style UUIDs as valid
Old versions such as 0.9.4 generated 40-character UUIDs with no
hashes, but libnm-util regards them as invalid. That means that
existing connections stop working when upgrading from 0.9.4.

Continue accepting such UUIDs as valid, and add a test so that
we don't forget in future.
2013-09-09 08:20:37 -05:00
Jiří Klimeš
284cce0405 test: remove deprecated 'security' property from tests
Adjust tests not to use deprecated 'security' property.
2013-09-02 09:46:31 +02:00
Dan Winship
bfce3f7dc8 build: switch from $(INCLUDES) to $(AM_CPPFLAGS) to make automake happy
Unfortunately, $(AM_CPPFLAGS) gets overridden by per-target _CPPFLAGS
variables, which $(INCLUDES) did not, so this requires some additional
changes.

In most places, I have just gotten rid of the per-target _CPPFLAGS
variables; in directories with a single target, the per-target
variable is unnecessary, and in directories with multiple targets, the
per-target variable is often undesirable, since it forces some files
to be compiled twice, even though there ends up being no difference
between the two files.
2013-08-22 11:49:16 -04:00
Jiří Klimeš
2cc42bad06 libnm-util: fix tests after 'gateway-ping-timeout' addition 2013-06-24 12:24:17 +02:00
Dan Williams
f6064e7b74 libnm-util: implement connection changed signal
Emitted whenever settings are added or removed from the connection,
and whenever any property of any setting in the connection is changed.
2013-05-28 12:26:55 -05:00
Dan Williams
1d8ab72a60 libnm-util: fix hashing of secrets broken by 4d326182
4d326182 changed connection hashing slightly such that now base type settings
are always returned even if they are empty. Unfortunately a bunch of code in
the settings hashed connections with the ONLY_SECRETS flag and then checked
whether the returned hash was NULL or not to determine whether there were
any secrets, and then called nm_connection_update_secrets() with the hash.

nm_connection_update_secrets() would fail in the case where a setting
name was given, but the passed-in secrets hash did not contain any secrets
for the requested setting.  Instead, the function should return success
to match the semantics of passing in an entire connection hash which may
not have any secrets either.
2013-05-20 13:56:48 -05:00
Dan Williams
bafd0d557d libnm-util: add nm_connection_replace_settings_from_connection() (bgo #696387)
Convenience function to replace settings in one conneciton with settings
from another, without having to go through the nm_connection_to_hash()
steps, which are just inefficient and kinda pointless.
2013-04-17 12:23:34 -05:00
Dan Winship
5fec30d98e Revert :carrier-detect properties and associated code
Ignoring carrier is generally something you want at the machine level
(eg, for a server), not at the connection level.
2013-04-03 10:23:49 -04:00
Dan Williams
a492d29ceb libnm-util: convert remaining NMConnection users to GHashTableIter 2013-04-01 17:18:54 -05:00
Dan Williams
6c7c2b874d libnm-util: convert nm_setting_new_from_hash() to GHashTableIter 2013-04-01 17:18:54 -05:00
Dan Williams
df02e7324c libnm-util: convert nm_connection_compare() to GHashTableIter
And finally add some testcases for it too.
2013-04-01 17:18:54 -05:00
Dan Williams
c00e2f1d9d libnm-util: fix some memory leaks in testcases
Helps suppress valgrind false positives.
2013-04-01 17:18:53 -05:00
Jiří Klimeš
82fb1978a4 all: use G_VALUE_INIT to initialize GValue variables
It makes the initializations more explicit.
G_VALUE_INIT is available since glib 2.30, and NM now require glib >= 2.32
2013-03-25 08:41:18 +01:00
Dan Winship
2d668d763e libnm-util: add NMSettingConnection:interface-name
https://bugzilla.gnome.org/show_bug.cgi?id=693684
2013-03-13 16:45:18 -04:00
Dan Winship
ed9e2d8377 build: avoid GValueArray deprecation warnings
Avoid warnings about GValueArray being deprecated by adding macros
that wrap G_GNUC_BEGIN_IGNORE_DEPRECATIONS /
G_GNUC_END_IGNORE_DEPRECATIONS around the GValueArray calls.
2013-02-26 13:07:33 +01:00
Dan Williams
4b863a4b72 trivial: fix up test-general.c after carrier-detect changes 2013-02-18 15:51:33 -06:00
Dan Winship
08f04466e8 all: remove more pointless NULL checks
GObject creation cannot normally fail, except for types that implement
GInitable and take a GError in their _new() method. Some NM types
override constructor() and return NULL in some cases, but these
generally only happen in the case of programmer error (eg, failing to
set a mandatory property), and so crashing is reasonable (and most
likely inevitable anyway).

So, remove all NULL checks after calls to g_object_new() and its
myriad wrappers.

https://bugzilla.gnome.org/show_bug.cgi?id=693678
2013-02-13 13:38:36 -05:00
Dan Winship
d04f286327 all: remove pointless NULL checks
g_malloc(), etc, never return NULL, by API contract. Likewise, by
extension, no other glib function ever returns NULL due to lack of
memory. So remove lots of unnecessary checks (the vast majority of
which would have immediately crashed had they ever run anyway, since
g_set_error(), g_warning(), and nm_log_*() all need to allocate
memory).

https://bugzilla.gnome.org/show_bug.cgi?id=693678
2013-02-13 13:38:13 -05:00
Pavel Šimerda
faa1bcb540 build: improve documentation and test configure options
Use --enable-doc and --enable-tests instead of --with-docs and
--with-tests. This is consistent with other features and with
--enable-gtk-doc option. Support current variants as fallback.

Don't build tests unless --enable-tests is specified.
2012-11-13 20:23:06 +01:00
Dan Winship
7005762f50 build: "make check" fixes 2012-10-04 09:07:49 -04:00
Dan Williams
ad72966169 tests: fix libnm-util testcase on 32-bit platforms
On 32-bit, gulong is 32-bits, so we need to use guint64 here,
which we should have been using anyway.
2012-06-03 15:48:35 -05:00
Colin Walters
74ec56d956 build: fix srcdir != builddir for new generated headers 2012-02-22 16:27:28 -06:00
Thomas Bechtold
3dc965a2cb libnm-util: allow empty number for gsm settings
The documentation said they were allowed, and that's clearly the
correct behavior.
2012-02-02 12:02:10 -06:00
Colin Walters
dab7dfaf35 build: fix srcdir != builddir
nm-version.h is in ${top_builddir}/include.
2012-01-09 14:20:36 -06:00
Thomas Graf
5b7503e95e core: use nm_connection_get_setting_<type>() whenever possible
Leads to shorter, easier to read code and improves type casting safety.

Signed-off-by: Thomas Graf <tgraf@redhat.com>
2011-12-06 16:06:43 -06:00
Dan Williams
6e4eb4902e libnm-util: fix nm_utils_hwaddr_aton() for input with no leading zeros
ether_aton() allows addresses like "0:1:2:3:4:5" which was casusing
some problems when reading connections after switching callers of
ether_aton() to nm_utils_hwaddr_aton().
2011-12-02 13:09:16 -06:00
Dan Williams
c15dea298f core: make testcases work after bonding merge 2011-11-09 23:40:04 -06:00
Dan Williams
bc628da16b libnm-util: fix up connection diff test 2011-11-09 22:06:36 -06:00
Dan Williams
e2d88f59e6 settings: preserve agent secrets over Update operation
The core problem was that the Update would trigger a write to
disk to save the connection's new settings, which called
nm_settings_connection_replace_settings().  Which saved existing
transient (agent/unsaved) secrets, replaced settings with the
new ones from Update(), then copied back the old transient
secrets.  This was to ensure that changes triggered from getting
agent secrets during activation (which might write the connection
out to disk if new system secrets were provided, which triggered
an inotify read-back of the connection, which blew away the
transient secrets just returned from the agent) didn't blow away
transient secrets.  Unfortunately that fix was too general.

As a quick hack for now, copy the new secrets and re-apply them
after nm_connection_replace_settings() has run.  We'll do the
actual fix later, but it's more involved and needs more testing
so we don't want to apply it this close to release.
2011-08-16 15:48:38 -05:00
Jiří Klimeš
a6733c8b4f core: add MAC address blacklisting feature for WiFi and ethernet connections
"mac-address-blacklist" property is added to the ethernet and WiFi connections.
It is the MAC addresses list of devices on which the connection won't be
activated.

Original patch (NM_0_8 branch) from Thomas Bechtold <thomasbechtold@jpberlin.de>
2011-06-30 16:46:26 +02:00
Jiří Klimeš
c32914fa3b libnm-util: remove unused D-Bus dbus_g_bus_get() call from test-secrets.c 2011-06-14 16:22:09 +02:00
Jiří Klimeš
80df1e3aca libnm-util: remove unused D-Bus dbus_g_bus_get() call from test-secrets.c 2011-06-14 16:17:05 +02:00
Jiří Klimeš
31f8b65931 libnm-util: remove unused D-Bus dbus_g_bus_get() call from test-setting-8021x.c 2011-06-14 16:14:40 +02:00
Jiří Klimeš
28b5809cbe libnm-util: remove unused D-Bus dbus_g_bus_get() call from test-settings-defaults.c 2011-06-14 16:10:40 +02:00
Dan Williams
864db9f9e8 libnm-util: add new compare flags for ignoring various types of secrets
It turns out we need a way to ignore transient (agent-owned or unsaved)
secrets during connection comparison.  For example, if the user is
connecting to a network where the password is not saved, other
changes could trigger a writeout of that connection to disk when
connecting, which would the connection back in due to inotify, and the
re-read connection would then no longer be recognized as the same as
the in-memory connection due to the transient secret which obviously
wasn't read in from disk.

Adding these compare flags allows the code to not bother writing the
connection out to disk when the only difference between the on-disk
and in-memory connections are secrets that shouldn't get written to
disk anyway.
2011-06-07 18:22:48 -05:00
Dan Williams
ef71c5cca1 libnm-util: make VPN secret and data iterators change-safe
Let callbacks add/remove data items and secrets during iteration.
2011-05-20 18:58:35 -05:00
Dan Williams
7b41be489c libnm-util: allow _ as a valid character for GSM APNs
The ETSI specs state that valid characters are only ASCII alphanumeric
characters, but then state that APNs should generally follow DNS
naming rules.  Well, that means a lot more characters are allowed,
but modems don't like many of them.  So let's slowly allow more
characters as people find ones that actually are used.  The restriction
was originally put in place to disallow spaces, because they
certainly aren't allowed APN characters and modems and the
network puke when they see spaces.
2011-05-17 10:49:44 -05:00
Dan Williams
5deb993ff6 libnm-util: recognize PKCS#8 private keys and check passwords (bgo #649326)
Neither gnutls nor NSS fully support PKCS#8 so we don't have complete
support here, but at least recognize the keys and make an attempt to
check the private key if we can.
2011-05-13 14:22:06 -05:00
Jiří Klimeš
08fda12858 libnm-util: fix loading/verifying certificates to allow DER format (rh #699591)
The start and end tags '-----BEGIN/END CERTIFICATE-----' was checked first,
which ruled out DER format. This is fixed now and a test is added.
2011-04-28 05:31:15 -04:00
Dan Williams
74a0b1d9d1 libnm-util: verify connection's 'type' setting is actually a base type
By 'base type' I mean a hardware-related type that can actually be used
to activate the connection, like wifi, wired, gsm, cdma, wimax, bluetooth,
etc, but not ipv4, ipv6, 8021x, etc.
2011-03-28 10:40:38 -05:00
Dan Williams
72dac886a7 libnm-util: allow setting-only hashes with nm_connection_update_secrets()
It's easier to be able to pass both a whole hashed connection, or just
a hashed setting to the function, and have it figure out what needs
to be updated based on the given setting_name.

Add some testcases to make sure that all works correctly too.
2011-03-09 09:31:44 -06:00
Dan Williams
28e6523b8d libnm-util: rework certificate and private key handling
First, it was not easily possible to set a private key without
also providing a password.  This used to be OK, but now with
secret flags it may be the case that when the connection is read,
there's no private key password.  So functions that set the
private key must account for NULL passwords.

Unfortunately, the crytpo code did not handle this case well.
We need to be able to independently (a) verify that a file looks
like a certificate or private key and (b) that a given password
decrypts a private key.  Previously the crypto code would fail
to verify the file when the password was NULL.

So this change fixes up the crytpo code for a more distinct
split between these two operations, such that if no password is
given, the file is still checked to ensure that it's a private
key or a certificate.  If a password is given, the password is
checked against the private key file.

This commit also changes how private keys and certificates were
handled with the BLOB scheme.  Previously only the first certificate
or first private key was included in the property data, while now
the entire file is encoded in the data.  This is intended to fix
cases where multiple private keys or certificates are present in
a PEM file.  It also allows clients to push certificate data to
NetworkManager for storage in system settings locations, which was
not as flexible before when only part of the certificate or key
was sent as the data.
2011-03-02 12:00:47 -06:00
Dan Williams
54918e32e4 libnm-util: add nm_connection_diff()
Returns a list of keys that differ between the settings in each
connection.  nm_connection_compare() can't do that.
2011-02-22 23:36:43 -06:00
Dan Williams
d7a86ffd04 libnm-util: fix VPN update_one_secret()
The old function took a string value, which wasn't really correct as
the property type is a GHashTable of string:string.  For whatever
reason this is how nm-applet passed VPN secrets back to NM in the return
from the GetSecrets() D-Bus call.  This was probably easier or
something but it was a special case that's magic and quite unclear.

Since we use nm_connection_update_secrets() more these days, and we
depend on the GValue types we pass into it matching the property
types of the setting property the secret is for, we need to fix that
up for VPN connections.  But keep the old code for backwards
compatibility.

In the future secret agents should pass back VPN secrets in the same
form as the VPN setting specifies them for the "secrets" property:
a GHashTable of string:string.  But the old mechanism of just dumping
the key/value pairs into the returned VPN hash as string:string will
still work.
2011-02-08 20:12:55 -06:00
Dan Williams
1c97de837a libnm-util: rework permissions helpers to be more useful
Add add/remove helpers, and make get more useful by actually breaking
down the specifics for us.
2011-02-07 18:35:48 -06:00
Dan Williams
75a1ab9a43 libnm-util: add utility functions for adding/removing permissions 2011-02-07 17:24:50 -06:00
Dan Williams
2e0fb2ae4e libnm-util: private keys are now required for TLS connections to verify
Since private keys are no longer secret, they must be given in the
connection itself.
2011-02-02 19:32:30 -06:00
Dan Williams
37a9303c2e libnm-util: fix hashing connections and settings
The first-level hash table key should be the setting name itself,
not the GType name of the setting's GObject.  There's probably a
better way to do this to reduce that confusion.
2011-01-27 10:37:01 -06:00