diff options
author | Thomas Haller <thaller@redhat.com> | 2017-02-16 13:13:45 +0100 |
---|---|---|
committer | Lubomir Rintel <lkundrak@v3.sk> | 2017-02-17 14:24:34 +0100 |
commit | 6627fef1a6e263a65ac12927989a654b7a1bea4a (patch) | |
tree | 5e00f43bfecf741e9500bc7923d9647aa7d7dd3b /src/settings/plugins | |
parent | a77e6f1f5d9c65d1d2488cdf262f799c1e8ddcbc (diff) | |
download | NetworkManager-6627fef1a6e263a65ac12927989a654b7a1bea4a.tar.gz |
ifcfg-rh: refactor duplicate ObjectType instance to handle PKCS#12 types
If one property has multiple ways to be handled, we should not create
two ObjectType instances, instead let the ObjectType have enough
information to act accordingly.
Diffstat (limited to 'src/settings/plugins')
-rw-r--r-- | src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 61 |
1 files changed, 22 insertions, 39 deletions
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c index dd5f7a4758..0f8b0fd517 100644 --- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c +++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c @@ -149,6 +149,7 @@ error: typedef struct ObjectType { const char *setting_key; NMSetting8021xCKScheme (*scheme_func)(NMSetting8021x *setting); + NMSetting8021xCKFormat (*format_func) (NMSetting8021x *setting); const char * (*path_func) (NMSetting8021x *setting); GBytes * (*blob_func) (NMSetting8021x *setting); const char * (*uri_func) (NMSetting8021x *setting); @@ -156,11 +157,13 @@ typedef struct ObjectType { NMSettingSecretFlags (*pwflag_func)(NMSetting8021x *setting); const char *ifcfg_rh_key; const char *ifcfg_rh_suffix; + const char *ifcfg_rh_suffix_p12; } ObjectType; static const ObjectType ca_type = { .setting_key = NM_SETTING_802_1X_CA_CERT, .scheme_func = nm_setting_802_1x_get_ca_cert_scheme, + .format_func = NULL, .path_func = nm_setting_802_1x_get_ca_cert_path, .blob_func = nm_setting_802_1x_get_ca_cert_blob, .uri_func = nm_setting_802_1x_get_ca_cert_uri, @@ -173,6 +176,7 @@ static const ObjectType ca_type = { static const ObjectType phase2_ca_type = { .setting_key = NM_SETTING_802_1X_PHASE2_CA_CERT, .scheme_func = nm_setting_802_1x_get_phase2_ca_cert_scheme, + .format_func = NULL, .path_func = nm_setting_802_1x_get_phase2_ca_cert_path, .blob_func = nm_setting_802_1x_get_phase2_ca_cert_blob, .uri_func = nm_setting_802_1x_get_phase2_ca_cert_uri, @@ -185,6 +189,7 @@ static const ObjectType phase2_ca_type = { static const ObjectType client_type = { .setting_key = NM_SETTING_802_1X_CLIENT_CERT, .scheme_func = nm_setting_802_1x_get_client_cert_scheme, + .format_func = NULL, .path_func = nm_setting_802_1x_get_client_cert_path, .blob_func = nm_setting_802_1x_get_client_cert_blob, .uri_func = nm_setting_802_1x_get_client_cert_uri, @@ -197,6 +202,7 @@ static const ObjectType client_type = { static const ObjectType phase2_client_type = { .setting_key = NM_SETTING_802_1X_PHASE2_CLIENT_CERT, .scheme_func = nm_setting_802_1x_get_phase2_client_cert_scheme, + .format_func = NULL, .path_func = nm_setting_802_1x_get_phase2_client_cert_path, .blob_func = nm_setting_802_1x_get_phase2_client_cert_blob, .uri_func = nm_setting_802_1x_get_phase2_client_cert_uri, @@ -209,6 +215,7 @@ static const ObjectType phase2_client_type = { static const ObjectType pk_type = { .setting_key = NM_SETTING_802_1X_PRIVATE_KEY, .scheme_func = nm_setting_802_1x_get_private_key_scheme, + .format_func = nm_setting_802_1x_get_private_key_format, .path_func = nm_setting_802_1x_get_private_key_path, .blob_func = nm_setting_802_1x_get_private_key_blob, .uri_func = nm_setting_802_1x_get_private_key_uri, @@ -216,11 +223,13 @@ static const ObjectType pk_type = { .pwflag_func = nm_setting_802_1x_get_private_key_password_flags, .ifcfg_rh_key = "IEEE_8021X_PRIVATE_KEY", .ifcfg_rh_suffix = "private-key.pem", + .ifcfg_rh_suffix_p12 = "private-key.p12", }; static const ObjectType phase2_pk_type = { .setting_key = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY, .scheme_func = nm_setting_802_1x_get_phase2_private_key_scheme, + .format_func = nm_setting_802_1x_get_phase2_private_key_format, .path_func = nm_setting_802_1x_get_phase2_private_key_path, .blob_func = nm_setting_802_1x_get_phase2_private_key_blob, .uri_func = nm_setting_802_1x_get_phase2_private_key_uri, @@ -228,30 +237,7 @@ static const ObjectType phase2_pk_type = { .pwflag_func = nm_setting_802_1x_get_phase2_private_key_password_flags, .ifcfg_rh_key = "IEEE_8021X_INNER_PRIVATE_KEY", .ifcfg_rh_suffix = "inner-private-key.pem", -}; - -static const ObjectType p12_type = { - .setting_key = NM_SETTING_802_1X_PRIVATE_KEY, - .scheme_func = nm_setting_802_1x_get_private_key_scheme, - .path_func = nm_setting_802_1x_get_private_key_path, - .blob_func = nm_setting_802_1x_get_private_key_blob, - .uri_func = nm_setting_802_1x_get_private_key_uri, - .passwd_func = nm_setting_802_1x_get_private_key_password, - .pwflag_func = nm_setting_802_1x_get_private_key_password_flags, - .ifcfg_rh_key = "IEEE_8021X_PRIVATE_KEY", - .ifcfg_rh_suffix = "private-key.p12", -}; - -static const ObjectType phase2_p12_type = { - .setting_key = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY, - .scheme_func = nm_setting_802_1x_get_phase2_private_key_scheme, - .path_func = nm_setting_802_1x_get_phase2_private_key_path, - .blob_func = nm_setting_802_1x_get_phase2_private_key_blob, - .uri_func = nm_setting_802_1x_get_phase2_private_key_uri, - .passwd_func = nm_setting_802_1x_get_phase2_private_key_password, - .pwflag_func = nm_setting_802_1x_get_phase2_private_key_password_flags, - .ifcfg_rh_key = "IEEE_8021X_INNER_PRIVATE_KEY", - .ifcfg_rh_suffix = "inner-private-key.p12", + .ifcfg_rh_suffix_p12 = "inner-private-key.p12", }; static gboolean @@ -266,6 +252,7 @@ write_object (NMSetting8021x *s_8021x, const char *password = NULL; NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE; char *secret_name, *secret_flags; + const char *suffix; g_return_val_if_fail (ifcfg != NULL, FALSE); g_return_val_if_fail (objtype != NULL, FALSE); @@ -298,6 +285,11 @@ write_object (NMSetting8021x *s_8021x, g_free (secret_name); g_free (secret_flags); + suffix = objtype->ifcfg_rh_suffix; + if ( objtype->format_func + && objtype->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12) + suffix = objtype->ifcfg_rh_suffix_p12; + /* If certificate/private key wasn't sent, the connection may no longer be * 802.1x and thus we clear out the paths and certs. */ @@ -311,7 +303,7 @@ write_object (NMSetting8021x *s_8021x, * /etc/sysconfig/network-scripts/ca-cert-Test_Write_Wifi_WPA_EAP-TLS.der * will be deleted, but /etc/pki/tls/cert.pem will not. */ - standard_file = utils_cert_path (svFileGetName (ifcfg), objtype->ifcfg_rh_suffix); + standard_file = utils_cert_path (svFileGetName (ifcfg), suffix); if (g_file_test (standard_file, G_FILE_TEST_EXISTS)) ignored = unlink (standard_file); g_free (standard_file); @@ -334,7 +326,7 @@ write_object (NMSetting8021x *s_8021x, char *new_file; GError *write_error = NULL; - new_file = utils_cert_path (svFileGetName (ifcfg), objtype->ifcfg_rh_suffix); + new_file = utils_cert_path (svFileGetName (ifcfg), suffix); if (!new_file) { g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED, "Could not create file path for %s / %s", @@ -374,7 +366,7 @@ write_8021x_certs (NMSetting8021x *s_8021x, shvarFile *ifcfg, GError **error) { - gboolean success = FALSE, is_pkcs12 = FALSE; + gboolean success = FALSE; const ObjectType *otype = NULL; /* CA certificate */ @@ -382,26 +374,17 @@ write_8021x_certs (NMSetting8021x *s_8021x, return FALSE; /* Private key */ - if (phase2) { + if (phase2) otype = &phase2_pk_type; - if (nm_setting_802_1x_get_phase2_private_key_format (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12) { - otype = &phase2_p12_type; - is_pkcs12 = TRUE; - } - } else { + else otype = &pk_type; - if (nm_setting_802_1x_get_private_key_format (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12) { - otype = &p12_type; - is_pkcs12 = TRUE; - } - } /* Save the private key */ if (!write_object (s_8021x, ifcfg, otype, error)) goto out; /* Client certificate */ - if (is_pkcs12) { + if (otype->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12) { /* Don't need a client certificate with PKCS#12 since the file is both * the client certificate and the private key in one file. */ |