Instead of requiring applets to hash passphrases, just do it in NM instead.
This should fix confusion where people don't understand that they are seeing
their hashed passphrase.
0.7 requires dbus 1.1 or greater (for system bus activation), so make that
explicit, and remove compat code for D-Bus 0.6 and earlier. Consolidate
the various glib pkgconfig checks into one, since most anything will require
gthread, glib, and gobject anyway. Fixup the docs makefile to be more
automake-compatible and let 'make clean' actually work correctly when
docs are built.
While broadcasting WPA and RSN IEs with the Privacy bit set to 0 is
technically illegal, some networks using older Cisco equipment do it
(I'm looking at you, Eduroam) and there's no reason not to support
it. Since the AP is broadcasting WPA/RSN IEs, assume that means
WPA and RSN is supported (duh).
This caused the 'autoconnect' property of NMSettingConnection to not
get updated in some cases (as when a system setting plugin noticed a
change to autoconnect=true and emitted the Updated signal, which wouldn't
contain the new value). Add a testcase for setting default values too.
MPPE has nothing to do with noauth, since auth/noauth is for asking
the remote server to authenticate itself to the local pppd, which is
pointless. Default 'noauth' to true.
* libnm-util/libnm-util.ver
libnm-util/nm-setting-ip4-config.c
libnm-util/nm-setting-ip4-config.h
- Add 'never-default' property, which when true indicates that a
connection should never be the default connection
* src/nm-ip4-config.c
src/nm-ip4-config.h
- (nm_ip4_config_get_never_default, nm_ip4_config_set_never_default):
Add never-default helpers
* src/NetworkManagerUtils.c
- (nm_utils_merge_ip4_config): update never-default when merging the
IP4 setting to the IP4 config
* src/NetworkManagerSystem.c
- (nm_system_apply_ip4_config): if the connection is never-default,
don't add routes without a gateway
* src/NetworkManagerPolicy.c
- (get_best_device): don't let never-default connections be the best
- (update_routing_and_dns): handle never-default for VPN connections
* system-settings/plugins/ifcfg-rh/reader.c
- (make_ip4_setting): handle never-default by checking GATEWAYDEV
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/branches/NETWORKMANAGER_0_7@4378 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Patch from Tambet Ingo <tambet@gmail.com>
* configure.in
libnm-util/libnm-util.ver
libnm-util/nm-setting-8021x.c
libnm-util/nm-setting-8021x.h
- Add configure-time option for the system CA path
- Add 'system-ca-certs' option to 802.1x setting, which directs
NetworkManager to use system CA certificates instead of any
connection-defined CA certificates
* src/supplicant-manager/nm-supplicant-config.c
src/supplicant-manager/nm-supplicant-settings-verify.c
- Use system CA certificates if the connection says to do so
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4326 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Patch from Tambet Ingo <tambet@gmail.com>
* libnm-util/nm-setting.c
libnm-util/nm-setting.h
- (NMSettingValueIterFn): instead of just a gboolean for secrets, take
all the GParamSpec flags of the property
* system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/plugins/keyfile/reader.c
system-settings/plugins/keyfile/writer.c
- Update for NMSettingValueIterFn change
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4322 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/Makefile.am
libnm-util/nm-utils-private.h
- New header for internal utils private functions
* libnm-util/libnm-util.ver
libnm-util/nm-utils.c
libnm-util/nm-utils.h
- Document some functions
- (nm_utils_string_in_list, nm_utils_string_list_contains,
nm_utils_string_slist_validate): un-export, only used within
libnm-util or of limited use in general, and very easy to
re-implement by apps if needed
* libnm-util/nm-setting-8021x.c
libnm-util/nm-setting-wired.c
libnm-util/nm-setting-wireless-security.c
libnm-util/nm-setting-wireless.c
- Update for private nm_utils_string_* functions
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4319 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/libnm-util.ver
libnm-util/nm-connection.c
- (nm_setting_register, nm_setting_unregister): unexport; they are
private and don't have a use outside libnm-util
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4297 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Add support for PKCS#12 private keys (bgo #558982)
* libnm-util/crypto.c
libnm-util/crypto.h
- (parse_old_openssl_key_file): rename from parse_key_file(); adapt to
take a GByteArray instead of a filename
- (file_to_g_byte_array): handle private key files too
- (decrypt_key): take a GByteArray rather than data + len
- (crypto_get_private_key_data): refactor crypto_get_private_key() into
one function that takes a filename, and one that takes raw data;
detect pkcs#12 files as well
- (crypto_load_and_verify_certificate): detect file type
- (crypto_is_pkcs12_data, crypto_is_pkcs12_file): add pkcs#12 detection
functions
* libnm-util/crypto_gnutls.c
- (crypto_decrypt): take GByteArray rather than data + len; fix a bug
whereby tail padding was incorrectly handled, leading to erroneous
successes when trying to decrypt the data
- (crypto_verify_cert): rework somewhat
- (crypto_verify_pkcs12): validate pkcs#12 keys
* libnm-util/crypto_nss.c
- (crypto_init): enable various pkcs#12 ciphers
- (crypto_decrypt): take a GByteArray rather than data + len
- (crypto_verify_cert): clean up
- (crypto_verify_pkcs12): validate pkcs#12 keys
* libnm-util/test-crypto.c
- Handle pkcs#12 keys
* libnm-util/nm-setting-8021x.c
libnm-util/nm-setting-8021x.h
libnm-util/libnm-util.ver
- Add two new properties, 'private-key-password' and
'phase2-private-key-password', to be used in conjunction with
pkcs#12 keys
- (nm_setting_802_1x_set_ca_cert_from_file,
nm_setting_802_1x_set_client_cert_from_file,
nm_setting_802_1x_set_phase2_ca_cert_from_file,
nm_setting_802_1x_set_phase2_client_from_file): return certificate
type
- (nm_setting_802_1x_get_private_key_password,
nm_setting_802_1x_get_phase2_private_key_password): return private
key passwords
- (nm_setting_802_1x_set_private_key_from_file,
nm_setting_802_1x_set_phase2_private_key_from_file): set the private
key from a file, and update the private key password at the same time
- (nm_setting_802_1x_get_private_key_type,
nm_setting_802_1x_get_phase2_private_key_type): return the private
key type
* src/supplicant-manager/nm-supplicant-settings-verify.c
- Whitelist private key passwords
* src/supplicant-manager/nm-supplicant-config.c
- (nm_supplicant_config_add_setting_8021x): for pkcs#12 private keys,
add the private key password to the supplicant config, but do not
add the client certificate (as required by wpa_supplicant)
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4280 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-wireless.c
- (nm_setting_wireless_get_seen_bssid): fix bug from accessor conversion
that cased this function to return garbage, breaking hidden AP
detection
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4278 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
