diff options
author | Thomas Haller <thaller@redhat.com> | 2015-02-26 10:12:11 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2015-03-12 18:12:26 +0100 |
commit | 15926e9eb359d84a4bc039e4a5e3c20604a3d4f7 (patch) | |
tree | 4c3f389a11d80b556daf7a32ad888c004258cae9 /libnm-core/nm-setting-8021x.c | |
parent | 0f1fe6942253bfdfa35c1108049baeb2be048bb7 (diff) | |
download | NetworkManager-15926e9eb359d84a4bc039e4a5e3c20604a3d4f7.tar.gz |
libnm: add function nm_setting_802_1x_check_cert_scheme()
When setting the certificate glib properties directly,
we raise a g_warning() when the binary data is invalid.
But since the caller has no access to the validation function,
he cannot easily check whether his action will result
in a warning. Add nm_setting_802_1x_check_cert_scheme() for
that.
Diffstat (limited to 'libnm-core/nm-setting-8021x.c')
-rw-r--r-- | libnm-core/nm-setting-8021x.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c index dbead46253..6a54b575c9 100644 --- a/libnm-core/nm-setting-8021x.c +++ b/libnm-core/nm-setting-8021x.c @@ -416,7 +416,32 @@ get_cert_scheme (GBytes *bytes, GError **error) } data = g_bytes_get_data (bytes, &length); - if (!length) { + return nm_setting_802_1x_check_cert_scheme (data, length, error); +} + +/** + * nm_setting_802_1x_check_cert_scheme: + * @pdata: (allow-none): the data pointer + * @length: the length of the data + * @error: (allow-none): (out): validation reason + * + * Determines and verifies the blob type. + * When setting certificate properties of NMSetting8021x + * the blob must be not UNKNOWN (or NULL). + * + * Returns: the scheme of the blob or %NM_SETTING_802_1X_CK_SCHEME_UNKNOWN. + * For NULL it also returns NM_SETTING_802_1X_CK_SCHEME_UNKNOWN. + * + * Since: 1.2 + **/ +NMSetting8021xCKScheme +nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error) +{ + const char *data = pdata; + + g_return_val_if_fail (!length || data, NM_SETTING_802_1X_CK_SCHEME_UNKNOWN); + + if (!length || !data) { g_set_error_literal (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, @@ -484,11 +509,8 @@ load_and_verify_certificate (const char *cert_path, * file://. * If that's the case, coerce the format to UNKNOWN. The callers will take care * of that and not set the blob. */ - GBytes *bytes = g_bytes_new_static (array->data, array->len); - - if (get_cert_scheme (bytes, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB) + if (nm_setting_802_1x_check_cert_scheme (array->data, array->len, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB) format = NM_CRYPTO_FILE_FORMAT_UNKNOWN; - g_bytes_unref (bytes); } if (out_file_format) |