diff options
author | Thomas Haller <thaller@redhat.com> | 2015-02-26 10:12:11 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2015-03-12 18:12:26 +0100 |
commit | 15926e9eb359d84a4bc039e4a5e3c20604a3d4f7 (patch) | |
tree | 4c3f389a11d80b556daf7a32ad888c004258cae9 | |
parent | 0f1fe6942253bfdfa35c1108049baeb2be048bb7 (diff) | |
download | NetworkManager-15926e9eb359d84a4bc039e4a5e3c20604a3d4f7.tar.gz |
libnm: add function nm_setting_802_1x_check_cert_scheme()
When setting the certificate glib properties directly,
we raise a g_warning() when the binary data is invalid.
But since the caller has no access to the validation function,
he cannot easily check whether his action will result
in a warning. Add nm_setting_802_1x_check_cert_scheme() for
that.
-rw-r--r-- | libnm-core/nm-setting-8021x.c | 32 | ||||
-rw-r--r-- | libnm-core/nm-setting-8021x.h | 3 | ||||
-rw-r--r-- | libnm/libnm.ver | 1 |
3 files changed, 31 insertions, 5 deletions
diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c index dbead46253..6a54b575c9 100644 --- a/libnm-core/nm-setting-8021x.c +++ b/libnm-core/nm-setting-8021x.c @@ -416,7 +416,32 @@ get_cert_scheme (GBytes *bytes, GError **error) } data = g_bytes_get_data (bytes, &length); - if (!length) { + return nm_setting_802_1x_check_cert_scheme (data, length, error); +} + +/** + * nm_setting_802_1x_check_cert_scheme: + * @pdata: (allow-none): the data pointer + * @length: the length of the data + * @error: (allow-none): (out): validation reason + * + * Determines and verifies the blob type. + * When setting certificate properties of NMSetting8021x + * the blob must be not UNKNOWN (or NULL). + * + * Returns: the scheme of the blob or %NM_SETTING_802_1X_CK_SCHEME_UNKNOWN. + * For NULL it also returns NM_SETTING_802_1X_CK_SCHEME_UNKNOWN. + * + * Since: 1.2 + **/ +NMSetting8021xCKScheme +nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error) +{ + const char *data = pdata; + + g_return_val_if_fail (!length || data, NM_SETTING_802_1X_CK_SCHEME_UNKNOWN); + + if (!length || !data) { g_set_error_literal (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, @@ -484,11 +509,8 @@ load_and_verify_certificate (const char *cert_path, * file://. * If that's the case, coerce the format to UNKNOWN. The callers will take care * of that and not set the blob. */ - GBytes *bytes = g_bytes_new_static (array->data, array->len); - - if (get_cert_scheme (bytes, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB) + if (nm_setting_802_1x_check_cert_scheme (array->data, array->len, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB) format = NM_CRYPTO_FILE_FORMAT_UNKNOWN; - g_bytes_unref (bytes); } if (out_file_format) diff --git a/libnm-core/nm-setting-8021x.h b/libnm-core/nm-setting-8021x.h index 43885daaa3..326165aa59 100644 --- a/libnm-core/nm-setting-8021x.h +++ b/libnm-core/nm-setting-8021x.h @@ -147,6 +147,9 @@ GType nm_setting_802_1x_get_type (void); NMSetting *nm_setting_802_1x_new (void); +NM_AVAILABLE_IN_1_2 +NMSetting8021xCKScheme nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error); + guint32 nm_setting_802_1x_get_num_eap_methods (NMSetting8021x *setting); const char * nm_setting_802_1x_get_eap_method (NMSetting8021x *setting, guint32 i); gboolean nm_setting_802_1x_add_eap_method (NMSetting8021x *setting, const char *eap); diff --git a/libnm/libnm.ver b/libnm/libnm.ver index 258336ae3d..44b83f6ecb 100644 --- a/libnm/libnm.ver +++ b/libnm/libnm.ver @@ -847,6 +847,7 @@ local: libnm_1_2_0 { global: + nm_setting_802_1x_check_cert_scheme; nm_setting_bridge_get_multicast_snooping; nm_setting_wireless_get_powersave; nm_utils_bond_mode_int_to_string; |