summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libnm-core/nm-core-internal.h2
-rw-r--r--libnm-core/nm-setting-8021x.c12
-rw-r--r--src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c15
-rw-r--r--src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h2
-rw-r--r--src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c26
-rw-r--r--src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c6
-rw-r--r--src/settings/plugins/keyfile/nms-keyfile-writer.c2
7 files changed, 29 insertions, 36 deletions
diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h
index 0b244545ca..26827d0f37 100644
--- a/libnm-core/nm-core-internal.h
+++ b/libnm-core/nm-core-internal.h
@@ -353,7 +353,7 @@ typedef struct {
const char * (*uri_func) (NMSetting8021x *setting);
const char * (*passwd_func) (NMSetting8021x *setting);
NMSettingSecretFlags (*pwflag_func) (NMSetting8021x *setting);
- const char *keyfile_suffix;
+ const char *file_suffix;
} NMSetting8021xSchemeVtable;
enum {
diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c
index b0e45f1e26..e64769e42d 100644
--- a/libnm-core/nm-setting-8021x.c
+++ b/libnm-core/nm-setting-8021x.c
@@ -189,7 +189,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_ca_cert_uri,
.passwd_func = nm_setting_802_1x_get_ca_cert_password,
.pwflag_func = nm_setting_802_1x_get_ca_cert_password_flags,
- .keyfile_suffix = "ca-cert",
+ .file_suffix = "ca-cert",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT] = {
@@ -201,7 +201,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_phase2_ca_cert_uri,
.passwd_func = nm_setting_802_1x_get_phase2_ca_cert_password,
.pwflag_func = nm_setting_802_1x_get_phase2_ca_cert_password_flags,
- .keyfile_suffix = "inner-ca-cert",
+ .file_suffix = "inner-ca-cert",
},
[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT] = {
@@ -213,7 +213,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_client_cert_uri,
.passwd_func = nm_setting_802_1x_get_client_cert_password,
.pwflag_func = nm_setting_802_1x_get_client_cert_password_flags,
- .keyfile_suffix = "client-cert",
+ .file_suffix = "client-cert",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT] = {
@@ -225,7 +225,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_phase2_client_cert_uri,
.passwd_func = nm_setting_802_1x_get_phase2_client_cert_password,
.pwflag_func = nm_setting_802_1x_get_phase2_client_cert_password_flags,
- .keyfile_suffix = "inner-client-cert",
+ .file_suffix = "inner-client-cert",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY] = {
@@ -237,7 +237,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_private_key_uri,
.passwd_func = nm_setting_802_1x_get_private_key_password,
.pwflag_func = nm_setting_802_1x_get_private_key_password_flags,
- .keyfile_suffix = "private-key",
+ .file_suffix = "private-key",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY] = {
@@ -249,7 +249,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
.uri_func = nm_setting_802_1x_get_phase2_private_key_uri,
.passwd_func = nm_setting_802_1x_get_phase2_private_key_password,
.pwflag_func = nm_setting_802_1x_get_phase2_private_key_password_flags,
- .keyfile_suffix = "inner-private-key",
+ .file_suffix = "inner-private-key",
},
[NM_SETTING_802_1X_SCHEME_TYPE_UNKNOWN] = { NULL },
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
index d1c0097649..0a6b16947a 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
@@ -100,19 +100,20 @@ utils_should_ignore_file (const char *filename, gboolean only_ifcfg)
}
char *
-utils_cert_path (const char *parent, const char *suffix)
+utils_cert_path (const char *parent, const char *suffix, const char *extension)
{
+ gs_free char *dir = NULL;
const char *name;
- char *dir, *path;
- g_return_val_if_fail (parent != NULL, NULL);
- g_return_val_if_fail (suffix != NULL, NULL);
+ g_return_val_if_fail (parent, NULL);
+ g_return_val_if_fail (suffix, NULL);
+ g_return_val_if_fail (extension, NULL);
name = utils_get_ifcfg_name (parent, FALSE);
+ g_return_val_if_fail (name, NULL);
+
dir = g_path_get_dirname (parent);
- path = g_strdup_printf ("%s/%s-%s", dir, name, suffix);
- g_free (dir);
- return path;
+ return g_strdup_printf ("%s/%s-%s.%s", dir, name, suffix, extension);
}
const char *
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
index af0469e66f..d209a0673c 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
@@ -31,7 +31,7 @@
#define NM_IFCFG_CONNECTION_LOG_FMTD "%s (%s,\"%s\",%p)"
#define NM_IFCFG_CONNECTION_LOG_ARGD(con) NM_IFCFG_CONNECTION_LOG_PATH (nm_settings_connection_get_filename ((NMSettingsConnection *) (con))), nm_connection_get_uuid ((NMConnection *) (con)), nm_connection_get_id ((NMConnection *) (con)), (con)
-char *utils_cert_path (const char *parent, const char *suffix);
+char *utils_cert_path (const char *parent, const char *suffix, const char *extension);
const char *utils_get_ifcfg_name (const char *file, gboolean only_ifcfg);
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index 96f8d062f3..bdfb641fb2 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -149,42 +149,32 @@ error:
typedef struct {
const NMSetting8021xSchemeVtable *vtable;
const char *ifcfg_rh_key;
- const char *ifcfg_rh_suffix;
- const char *ifcfg_rh_suffix_p12;
} Setting8021xSchemeVtable;
static const Setting8021xSchemeVtable setting_8021x_scheme_vtable[] = {
[NM_SETTING_802_1X_SCHEME_TYPE_CA_CERT] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_CA_CERT],
.ifcfg_rh_key = "IEEE_8021X_CA_CERT",
- .ifcfg_rh_suffix = "ca-cert.der",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT],
.ifcfg_rh_key = "IEEE_8021X_INNER_CA_CERT",
- .ifcfg_rh_suffix = "inner-ca-cert.der",
},
[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT],
.ifcfg_rh_key = "IEEE_8021X_CLIENT_CERT",
- .ifcfg_rh_suffix = "client-cert.der",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT],
.ifcfg_rh_key = "IEEE_8021X_INNER_CLIENT_CERT",
- .ifcfg_rh_suffix = "inner-client-cert.der",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY],
.ifcfg_rh_key = "IEEE_8021X_PRIVATE_KEY",
- .ifcfg_rh_suffix = "private-key.pem",
- .ifcfg_rh_suffix_p12 = "private-key.p12",
},
[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY] = {
.vtable = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY],
.ifcfg_rh_key = "IEEE_8021X_INNER_PRIVATE_KEY",
- .ifcfg_rh_suffix = "inner-private-key.pem",
- .ifcfg_rh_suffix_p12 = "inner-private-key.p12",
},
};
@@ -200,7 +190,7 @@ write_object (NMSetting8021x *s_8021x,
const char *password = NULL;
NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
char *secret_name, *secret_flags;
- const char *suffix;
+ const char *extension;
g_return_val_if_fail (ifcfg != NULL, FALSE);
g_return_val_if_fail (objtype != NULL, FALSE);
@@ -233,10 +223,12 @@ write_object (NMSetting8021x *s_8021x,
g_free (secret_name);
g_free (secret_flags);
- suffix = objtype->ifcfg_rh_suffix;
- if ( objtype->vtable->format_func
- && objtype->vtable->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12)
- suffix = objtype->ifcfg_rh_suffix_p12;
+ if (!objtype->vtable->format_func)
+ extension = "der";
+ else if (objtype->vtable->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12)
+ extension = "p12";
+ else
+ extension = "pem";
/* If certificate/private key wasn't sent, the connection may no longer be
* 802.1x and thus we clear out the paths and certs.
@@ -251,7 +243,7 @@ write_object (NMSetting8021x *s_8021x,
* /etc/sysconfig/network-scripts/ca-cert-Test_Write_Wifi_WPA_EAP-TLS.der
* will be deleted, but /etc/pki/tls/cert.pem will not.
*/
- standard_file = utils_cert_path (svFileGetName (ifcfg), suffix);
+ standard_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
if (g_file_test (standard_file, G_FILE_TEST_EXISTS))
ignored = unlink (standard_file);
g_free (standard_file);
@@ -274,7 +266,7 @@ write_object (NMSetting8021x *s_8021x,
char *new_file;
GError *write_error = NULL;
- new_file = utils_cert_path (svFileGetName (ifcfg), suffix);
+ new_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
if (!new_file) {
g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
"Could not create file path for %s / %s",
diff --git a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
index f467d864cc..11c412edca 100644
--- a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
+++ b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
@@ -4486,15 +4486,15 @@ test_write_wired_8021x_tls (gconstpointer test_data)
}
/* Clean up created certs and keys */
- tmp = utils_cert_path (testfile, "ca-cert.der");
+ tmp = utils_cert_path (testfile, "ca-cert", "der");
nmtst_file_unlink_if_exists (tmp);
g_free (tmp);
- tmp = utils_cert_path (testfile, "client-cert.der");
+ tmp = utils_cert_path (testfile, "client-cert", "der");
nmtst_file_unlink_if_exists (tmp);
g_free (tmp);
- tmp = utils_cert_path (testfile, "private-key.pem");
+ tmp = utils_cert_path (testfile, "private-key", "pem");
nmtst_file_unlink_if_exists (tmp);
g_free (tmp);
}
diff --git a/src/settings/plugins/keyfile/nms-keyfile-writer.c b/src/settings/plugins/keyfile/nms-keyfile-writer.c
index 50b4113649..a673742050 100644
--- a/src/settings/plugins/keyfile/nms-keyfile-writer.c
+++ b/src/settings/plugins/keyfile/nms-keyfile-writer.c
@@ -124,7 +124,7 @@ cert_writer (NMConnection *connection,
* from now on instead of pushing around the certificate data.
*/
new_path = g_strdup_printf ("%s/%s-%s.%s", info->keyfile_dir, nm_connection_get_uuid (connection),
- cert_data->vtable->keyfile_suffix, ext);
+ cert_data->vtable->file_suffix, ext);
success = nm_utils_file_set_contents (new_path, (const gchar *) blob_data,
blob_len, 0600, &local);