| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
as comments in libnm-util/nm-setting-*.c files
The comments are parsed by generate-plugin-docs.pl script.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
clang warns:
make[4]: Entering directory `./NetworkManager/libnm-util'
CC nm-setting-8021x.lo
nm-setting-8021x.c:1824:17: error: implicit conversion from enumeration type 'NMCryptoFileFormat' to different enumeration type 'NMSetting8021xCKFormat' [-Werror,-Wenum-conversion]
*out_format = format;
~ ^~~~~~
nm-setting-8021x.c:2135:17: error: implicit conversion from enumeration type 'NMCryptoFileFormat' to different enumeration type 'NMSetting8021xCKFormat' [-Werror,-Wenum-conversion]
*out_format = format;
~ ^~~~~~
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
| |
Fix indentation, kill trailing whitespace, split some long lines.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Remove list of authors from files that had them; these serve no
purpose except to quickly get out of date (and were only used in
libnm-util and not libnm-glib anyway).
- Just say "Copyright", not "(C) Copyright" or "Copyright (C)"
- Put copyright statement after the license, not before
- Remove "NetworkManager - Network link manager" from the few files
that contained it, and "libnm_glib -- Access network status &
information from glib applications" from the many files that
contained it.
- Remove vim modeline from nm-device-olpc-mesh.[ch], add emacs modeline
to files that were missing it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Remove all the GParamSpec docs, since everything now uses the gtk-doc
docs instead, so there's no point in having two copies of each (which
are often out of sync anyway).
Since we're touching so many lines anyway, also fix up the indentation
of the remaining property-installing lines, and add
G_PARAM_STATIC_STRINGS to each paramspec (so the nick strings don't
get strduped). Also, be consistent about starting a new line between
"g_object_class_install_property" and its opening parenthesis.
|
| |
|
|
|
|
|
|
|
|
| |
Fix up various issues with the docs for the NMSetting properties, and
pull in text from the GParamSpec docs where the GParamSpec docs were
better (or contained information that is necessary in the context of
nm-settings.5).
Also, consistently wrap all of the doc comments to the same width (80
columns).
|
| |
|
|
|
|
|
|
| |
Fix misused gtk-doc annotations and incorrectly-identified properties.
In particular, the upcoming introspection-based generate-settings-spec
expands macro and enum values, so if you use '%' where you should have
used '#', it will fail to find an expansion, and error out.
|
| |
|
|
|
|
|
|
|
| |
"InfiniBand" in docs
We made the UIs consistent last year, but missed the documentation.
Fix the docs to also consistently use "Wi-Fi" rather than "WiFi",
"Wifi", "wifi", or "WiFI"; "Ethernet" rather than "ethernet"; and
"InfiniBand" rather than "Infiniband".
|
| | |
|
| |
|
|
|
|
| |
nm_setting_802_1x_remove_eap_method_by_value()
nm_setting_802_1x_remove_altsubject_match_by_value()
nm_setting_802_1x_remove_phase2_altsubject_match_by_value()
|
| |
|
|
| |
It was mixed up with 'altsubject-matches'.
|
| |
|
|
|
| |
We need to return FALSE on error, otherwise we pile GErrors and assert in
nm_setting_verify().
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- refactor register_settings to allow lookup by GType and
add the settings name to SettingInfo.
- setting NM_SETTING_NAME is deprecated and should not be set anymore.
Indeed it has always be a bug, to reset the name to a different value.
The only valid place to set the name was in the _init() function of
the derived class itself.
This is now no longer needed/possible. Instead the name get's
detected based on the registered setting types. This makes use of
the registered metadata that is available anyway since every
usable setting has to register itself.
Signed-off-by: Thomas Haller <thaller@redhat.com>
|
| |
|
|
|
| |
The only property that is not serializes is each settings' 'name'
property, so the flag serves no purpose.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Emitted whenever settings are added or removed from the connection,
and whenever any property of any setting in the connection is changed.
|
| | |
|
| |
|
|
|
|
| |
Mass-converted "NULL" to "%NULL" in docstrings with
find -name '*.c'| xargs sed -i '/^ \*.*[^%]NULL/ s/NULL\b/%NULL/g'
|
| |
|
|
|
| |
GLib-GObject-WARNING **: g_object_get_property: object class `NMSetting8021x' has no property named `pin'
GLib-GObject-WARNING **: g_object_get_property: object class `NMSetting8021x' has no property named `pin-flags'
|
| |
|
|
|
|
| |
- fix g_set_error()/g_set_error_literal() usage
- make the error messages translatable
- use g_prefix_error() to prepend property name
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NM_SETTING_802_1X_CK_SCHEME_PATH
If the certificate's format was valid, but we're asked to refer to it by
paths instead of using the raw data, 'data' would be leaked.
==23089== 8,232 (40 direct, 8,192 indirect) bytes in 1 blocks are definitely lost in loss record 5,109 of 5,123
==23089== at 0x4A0881C: malloc (vg_replace_malloc.c:270)
==23089== by 0x39B905488E: g_malloc (gmem.c:159)
==23089== by 0x39B9068CA1: g_slice_alloc (gslice.c:1003)
==23089== by 0x39B9024539: g_array_sized_new (garray.c:195)
==23089== by 0x31FC0146EA: file_to_g_byte_array (crypto.c:319)
==23089== by 0x31FC01543B: crypto_load_and_verify_certificate (crypto.c:606)
==23089== by 0x31FC01ED26: nm_setting_802_1x_set_client_cert (nm-setting-8021x.c:819)
==23089== by 0xC6944A4: eap_tls_reader (reader.c:2316)
==23089== by 0xC692756: fill_8021x (reader.c:2714)
==23089== by 0xC696151: wireless_connection_from_ifcfg (reader.c:2832)
==23089== by 0xC698E3A: connection_from_file (reader.c:4316)
==23089== by 0xC69135C: nm_ifcfg_connection_new (nm-ifcfg-connection.c:119)
==23089==
==23089== 8,352 (160 direct, 8,192 indirect) bytes in 4 blocks are definitely lost in loss record 5,110 of 5,123
==23089== at 0x4A0881C: malloc (vg_replace_malloc.c:270)
==23089== by 0x39B905488E: g_malloc (gmem.c:159)
==23089== by 0x39B9068CA1: g_slice_alloc (gslice.c:1003)
==23089== by 0x39B9024539: g_array_sized_new (garray.c:195)
==23089== by 0x31FC0146EA: file_to_g_byte_array (crypto.c:319)
==23089== by 0x31FC01543B: crypto_load_and_verify_certificate (crypto.c:606)
==23089== by 0x31FC01E5E6: nm_setting_802_1x_set_ca_cert (nm-setting-8021x.c:538)
==23089== by 0xC694DD8: eap_peap_reader (reader.c:2358)
==23089== by 0xC692756: fill_8021x (reader.c:2714)
==23089== by 0xC696151: wireless_connection_from_ifcfg (reader.c:2832)
==23089== by 0xC698E3A: connection_from_file (reader.c:4316)
==23089== by 0xC69135C: nm_ifcfg_connection_new (nm-ifcfg-connection.c:119)
|
| |
|
|
|
|
|
|
|
|
|
| |
g_malloc(), etc, never return NULL, by API contract. Likewise, by
extension, no other glib function ever returns NULL due to lack of
memory. So remove lots of unnecessary checks (the vast majority of
which would have immediately crashed had they ever run anyway, since
g_set_error(), g_warning(), and nm_log_*() all need to allocate
memory).
https://bugzilla.gnome.org/show_bug.cgi?id=693678
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Make setting type registration less icky; instead of having the
connection register all the settings, have the settings themselves
register that information at library load time. Putting this sort
of thing in G_DEFINE_TYPE_WITH_CODE is apparently more standard
than the home-rolled stuff we had before. Also document the
priority stuff so when adding new settings, people know what
priority to use.
(cleanups by jklimes)
|
| |
|
|
|
|
|
|
|
| |
The ctype macros (eg, isalnum(), tolower()) are locale-dependent. Use
glib's ASCII-only versions instead.
Also, replace isascii() with g_ascii_isprint(), since isascii()
accepts control characters, which isn't what the code wanted in any of
the places where it was using it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than generating enum classes by hand (and complaining in each
file that "this should really be standard"), use glib-mkenums.
Unfortunately, we need a very new version of glib-mkenums in order to
deal with NM's naming conventions and to fix a few other bugs, so just
import that into the source tree temporarily.
Also, to simplify the use of glib-mkenums, import Makefile.glib from
https://bugzilla.gnome.org/654395.
To avoid having to run glib-mkenums for every subdirectory of src/,
add a new "generated" directory, and put the generated enums files
there.
Finally, use Makefile.glib for marshallers too, and generate separate
ones for libnm-glib and NetworkManager.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
In cases where the actual password is non-ASCII, it may not be
possible to deliver the 802.1x password as a D-Bus string. Instead
provide an alternate field holding the password as a byte array.
In cases where both a password and password-raw are supplied,
password is preferred.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Includes subject_match and phase2_subject_match (string) parameters,
and altsubject_matches and phase2_altsubject_matches (list of string)
parameters.
subject_match is matched against a substring of the subject from the
certificate presented by the remote authentication server. If this
option is unset, no subject verification is performed.
altsubject_matches are each tested against the alternate subject name
(altSubjectName) of the certificate presented by the remote
authentication server. If this option is unset, no verification of the
altSubjectName is performed.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Clarify that these are supposed to be paths in the argument name;
this shouldn't break API as it's just an argument rename. Helps
users figure out what the argument should be without as much trouble
as 'value', which is what it was before.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
First, it was not easily possible to set a private key without
also providing a password. This used to be OK, but now with
secret flags it may be the case that when the connection is read,
there's no private key password. So functions that set the
private key must account for NULL passwords.
Unfortunately, the crytpo code did not handle this case well.
We need to be able to independently (a) verify that a file looks
like a certificate or private key and (b) that a given password
decrypts a private key. Previously the crypto code would fail
to verify the file when the password was NULL.
So this change fixes up the crytpo code for a more distinct
split between these two operations, such that if no password is
given, the file is still checked to ensure that it's a private
key or a certificate. If a password is given, the password is
checked against the private key file.
This commit also changes how private keys and certificates were
handled with the BLOB scheme. Previously only the first certificate
or first private key was included in the property data, while now
the entire file is encoded in the data. This is intended to fix
cases where multiple private keys or certificates are present in
a PEM file. It also allows clients to push certificate data to
NetworkManager for storage in system settings locations, which was
not as flexible before when only part of the certificate or key
was sent as the data.
|
| |
|
|
|
| |
Make it a bit clearer that this value is not actually a value that
can be used as a flag, since its 0x00.
|
| |
|
|
|
| |
Since private keys are no longer secret, they must be given in the
connection itself.
|
| |
|
|
|
| |
It's a bitfield, not a single value. Update GObject property
max accordingly.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows the necessary flexibility when handling secrets; otherwise
it wouldn't be known when NM should save secrets returned from agents
to backing storage, or when the agents should store the secrets. We
can't simply use lack of a secret in persistent storage as the indicator
of this, as (for example) when creating a new connection without
secrets the storage method would be abmiguous.
At the same time, fold in "always ask" functionality for OTP tokens
so user agents don't have to store that attribute themselves out-of-band.
|
| |
|
|
|
|
| |
There was never a property for it anyway, so it never got serialized
across D-Bus, because it was folded into the "password" property in
wpa_supplicant between 0.5 and 0.6.
|
| | |
|
| |
|
|
|
|
|
| |
(bgo #585570)
Not sure what I was thinking originally; there's no way this was
correct in the first place.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Two errors here; first, need_secrets_tls() was not updated correctly
for the certificate paths changes that landed recently, and would
have incorrectly returned "no secrets required" for the PATH scheme.
Second, an incorrect strcmp() comparison in need_secrets_phase2()
meant that the wrong TTLS phase2 method would get asked if it
required secrets.
|
| | |
|
| | |
|
| | |
|
