|
Packit Service |
639700 |
// SPDX-License-Identifier: GPL-2.0+
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/* NetworkManager Applet -- allow user control over networking
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Dan Williams <dcbw@redhat.com>
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Copyright 2007 - 2014 Red Hat, Inc.
|
|
Packit |
fabffb |
*/
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
#include "nm-default.h"
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
#include <string.h>
|
|
Packit |
fabffb |
#include <sys/types.h>
|
|
Packit |
fabffb |
#include <sys/stat.h>
|
|
Packit |
fabffb |
#include <fcntl.h>
|
|
Packit |
fabffb |
#include <unistd.h>
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
#include "eap-method.h"
|
|
Packit |
fabffb |
#include "nm-utils.h"
|
|
Packit |
fabffb |
#include "utils.h"
|
|
Packit |
fabffb |
#include "helpers.h"
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
G_DEFINE_BOXED_TYPE (EAPMethod, eap_method, eap_method_ref, eap_method_unref)
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
GtkWidget *
|
|
Packit |
fabffb |
eap_method_get_widget (EAPMethod *method)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_val_if_fail (method != NULL, NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
return method->ui_widget;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
gboolean
|
|
Packit |
fabffb |
eap_method_validate (EAPMethod *method, GError **error)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
gboolean result;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_val_if_fail (method != NULL, FALSE);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_assert (method->validate);
|
|
Packit |
fabffb |
result = (*(method->validate)) (method, error);
|
|
Packit |
fabffb |
if (!result && error && !*error)
|
|
Packit |
fabffb |
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("undefined error in 802.1X security (wpa-eap)"));
|
|
Packit |
fabffb |
return result;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_add_to_size_group (EAPMethod *method, GtkSizeGroup *group)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_if_fail (method != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (group != NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_assert (method->add_to_size_group);
|
|
Packit |
fabffb |
return (*(method->add_to_size_group)) (method, group);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_fill_connection (EAPMethod *method,
|
|
Packit |
fabffb |
NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_if_fail (method != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (connection != NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_assert (method->fill_connection);
|
|
Packit |
fabffb |
return (*(method->fill_connection)) (method, connection);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_update_secrets (EAPMethod *method, NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_if_fail (method != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (connection != NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
if (method->update_secrets)
|
|
Packit |
fabffb |
method->update_secrets (method, connection);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_phase2_update_secrets_helper (EAPMethod *method,
|
|
Packit |
fabffb |
NMConnection *connection,
|
|
Packit |
fabffb |
const char *combo_name,
|
|
Packit |
fabffb |
guint32 column)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
GtkWidget *combo;
|
|
Packit |
fabffb |
GtkTreeIter iter;
|
|
Packit |
fabffb |
GtkTreeModel *model;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_if_fail (method != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (connection != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (combo_name != NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
combo = GTK_WIDGET (gtk_builder_get_object (method->builder, combo_name));
|
|
Packit |
fabffb |
g_assert (combo);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/* Let each EAP phase2 method try to update its secrets */
|
|
Packit |
fabffb |
model = gtk_combo_box_get_model (GTK_COMBO_BOX (combo));
|
|
Packit |
fabffb |
if (gtk_tree_model_get_iter_first (model, &iter)) {
|
|
Packit |
fabffb |
do {
|
|
Packit |
fabffb |
EAPMethod *eap = NULL;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
gtk_tree_model_get (model, &iter, column, &eap, -1);
|
|
Packit |
fabffb |
if (eap) {
|
|
Packit |
fabffb |
eap_method_update_secrets (eap, connection);
|
|
Packit |
fabffb |
eap_method_unref (eap);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
} while (gtk_tree_model_iter_next (model, &iter));
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
EAPMethod *
|
|
Packit |
fabffb |
eap_method_init (gsize obj_size,
|
|
Packit |
fabffb |
EMValidateFunc validate,
|
|
Packit |
fabffb |
EMAddToSizeGroupFunc add_to_size_group,
|
|
Packit |
fabffb |
EMFillConnectionFunc fill_connection,
|
|
Packit |
fabffb |
EMUpdateSecretsFunc update_secrets,
|
|
Packit |
fabffb |
EMDestroyFunc destroy,
|
|
Packit |
fabffb |
const char *ui_resource,
|
|
Packit |
fabffb |
const char *ui_widget_name,
|
|
Packit |
fabffb |
const char *default_field,
|
|
Packit |
fabffb |
gboolean phase2)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
EAPMethod *method;
|
|
Packit |
fabffb |
GError *error = NULL;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_val_if_fail (obj_size > 0, NULL);
|
|
Packit |
fabffb |
g_return_val_if_fail (ui_resource != NULL, NULL);
|
|
Packit |
fabffb |
g_return_val_if_fail (ui_widget_name != NULL, NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method = g_slice_alloc0 (obj_size);
|
|
Packit |
fabffb |
g_assert (method);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->refcount = 1;
|
|
Packit |
fabffb |
method->obj_size = obj_size;
|
|
Packit |
fabffb |
method->validate = validate;
|
|
Packit |
fabffb |
method->add_to_size_group = add_to_size_group;
|
|
Packit |
fabffb |
method->fill_connection = fill_connection;
|
|
Packit |
fabffb |
method->update_secrets = update_secrets;
|
|
Packit |
fabffb |
method->default_field = default_field;
|
|
Packit |
fabffb |
method->phase2 = phase2;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->builder = gtk_builder_new ();
|
|
Packit |
fabffb |
if (!gtk_builder_add_from_resource (method->builder, ui_resource, &error)) {
|
|
Packit |
fabffb |
g_warning ("Couldn't load UI builder resource %s: %s",
|
|
Packit |
fabffb |
ui_resource, error->message);
|
|
Packit |
fabffb |
eap_method_unref (method);
|
|
Packit |
fabffb |
return NULL;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->ui_widget = GTK_WIDGET (gtk_builder_get_object (method->builder, ui_widget_name));
|
|
Packit |
fabffb |
if (!method->ui_widget) {
|
|
Packit |
fabffb |
g_warning ("Couldn't load UI widget '%s' from UI file %s",
|
|
Packit |
fabffb |
ui_widget_name, ui_resource);
|
|
Packit |
fabffb |
eap_method_unref (method);
|
|
Packit |
fabffb |
return NULL;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
g_object_ref_sink (method->ui_widget);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->destroy = destroy;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
return method;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
EAPMethod *
|
|
Packit |
fabffb |
eap_method_ref (EAPMethod *method)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_val_if_fail (method != NULL, NULL);
|
|
Packit |
fabffb |
g_return_val_if_fail (method->refcount > 0, NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->refcount++;
|
|
Packit |
fabffb |
return method;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_unref (EAPMethod *method)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
g_return_if_fail (method != NULL);
|
|
Packit |
fabffb |
g_return_if_fail (method->refcount > 0);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
method->refcount--;
|
|
Packit |
fabffb |
if (method->refcount == 0) {
|
|
Packit |
fabffb |
if (method->destroy)
|
|
Packit |
fabffb |
method->destroy (method);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
if (method->builder)
|
|
Packit |
fabffb |
g_object_unref (method->builder);
|
|
Packit |
fabffb |
if (method->ui_widget)
|
|
Packit |
fabffb |
g_object_unref (method->ui_widget);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_slice_free1 (method->obj_size, method);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/* Used as both GSettings keys and GObject data tags */
|
|
Packit |
fabffb |
#define IGNORE_CA_CERT_TAG "ignore-ca-cert"
|
|
Packit |
fabffb |
#define IGNORE_PHASE2_CA_CERT_TAG "ignore-phase2-ca-cert"
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/**
|
|
Packit |
fabffb |
* eap_method_ca_cert_ignore_set:
|
|
Packit |
fabffb |
* @method: the #EAPMethod object
|
|
Packit |
fabffb |
* @connection: the #NMConnection
|
|
Packit |
fabffb |
* @filename: the certificate file, if any
|
|
Packit |
fabffb |
* @ca_cert_error: %TRUE if an error was encountered loading the given CA
|
|
Packit |
fabffb |
* certificate, %FALSE if not or if a CA certificate is not present
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Updates the connection's CA cert ignore value to %TRUE if the "CA certificate
|
|
Packit |
fabffb |
* not required" checkbox is checked. If @ca_cert_error is %TRUE, then the
|
|
Packit |
fabffb |
* connection's CA cert ignore value will always be set to %FALSE, because it
|
|
Packit |
fabffb |
* means that the user selected an invalid certificate (thus he does not want to
|
|
Packit |
fabffb |
* ignore the CA cert)..
|
|
Packit |
fabffb |
*/
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_ca_cert_ignore_set (EAPMethod *method,
|
|
Packit |
fabffb |
NMConnection *connection,
|
|
Packit |
fabffb |
const char *filename,
|
|
Packit |
fabffb |
gboolean ca_cert_error)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
NMSetting8021x *s_8021x;
|
|
Packit |
fabffb |
gboolean ignore;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
s_8021x = nm_connection_get_setting_802_1x (connection);
|
|
Packit |
fabffb |
if (s_8021x) {
|
|
Packit |
fabffb |
ignore = !ca_cert_error && filename == NULL;
|
|
Packit |
fabffb |
g_object_set_data (G_OBJECT (s_8021x),
|
|
Packit |
fabffb |
method->phase2 ? IGNORE_PHASE2_CA_CERT_TAG : IGNORE_CA_CERT_TAG,
|
|
Packit |
fabffb |
GUINT_TO_POINTER (ignore));
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/**
|
|
Packit |
fabffb |
* eap_method_ca_cert_ignore_get:
|
|
Packit |
fabffb |
* @method: the #EAPMethod object
|
|
Packit |
fabffb |
* @connection: the #NMConnection
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Returns: %TRUE if a missing CA certificate can be ignored, %FALSE if a CA
|
|
Packit |
fabffb |
* certificate should be required for the connection to be valid.
|
|
Packit |
fabffb |
*/
|
|
Packit |
fabffb |
gboolean
|
|
Packit |
fabffb |
eap_method_ca_cert_ignore_get (EAPMethod *method, NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
NMSetting8021x *s_8021x;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
s_8021x = nm_connection_get_setting_802_1x (connection);
|
|
Packit |
fabffb |
if (s_8021x) {
|
|
Packit |
fabffb |
return !!g_object_get_data (G_OBJECT (s_8021x),
|
|
Packit |
fabffb |
method->phase2 ? IGNORE_PHASE2_CA_CERT_TAG : IGNORE_CA_CERT_TAG);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
return FALSE;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
static GSettings *
|
|
Packit |
fabffb |
_get_ca_ignore_settings (NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
GSettings *settings;
|
|
Packit |
fabffb |
char *path = NULL;
|
|
Packit |
fabffb |
const char *uuid;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_val_if_fail (connection, NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
uuid = nm_connection_get_uuid (connection);
|
|
Packit |
fabffb |
g_return_val_if_fail (uuid && *uuid, NULL);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
path = g_strdup_printf ("/org/gnome/nm-applet/eap/%s/", uuid);
|
|
Packit |
fabffb |
settings = g_settings_new_with_path ("org.gnome.nm-applet.eap", path);
|
|
Packit |
fabffb |
g_free (path);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
return settings;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/**
|
|
Packit |
fabffb |
* eap_method_ca_cert_ignore_save:
|
|
Packit |
fabffb |
* @connection: the connection for which to save CA cert ignore values to GSettings
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Reads the CA cert ignore tags from the 802.1x setting GObject data and saves
|
|
Packit |
fabffb |
* then to GSettings if present, using the connection UUID as the index.
|
|
Packit |
fabffb |
*/
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_ca_cert_ignore_save (NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
NMSetting8021x *s_8021x;
|
|
Packit |
fabffb |
GSettings *settings;
|
|
Packit |
fabffb |
gboolean ignore = FALSE, phase2_ignore = FALSE;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_if_fail (connection);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
s_8021x = nm_connection_get_setting_802_1x (connection);
|
|
Packit |
fabffb |
if (s_8021x) {
|
|
Packit |
fabffb |
ignore = !!g_object_get_data (G_OBJECT (s_8021x), IGNORE_CA_CERT_TAG);
|
|
Packit |
fabffb |
phase2_ignore = !!g_object_get_data (G_OBJECT (s_8021x), IGNORE_PHASE2_CA_CERT_TAG);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
settings = _get_ca_ignore_settings (connection);
|
|
Packit |
fabffb |
if (!settings)
|
|
Packit |
fabffb |
return;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_settings_set_boolean (settings, IGNORE_CA_CERT_TAG, ignore);
|
|
Packit |
fabffb |
g_settings_set_boolean (settings, IGNORE_PHASE2_CA_CERT_TAG, phase2_ignore);
|
|
Packit |
fabffb |
g_object_unref (settings);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
/**
|
|
Packit |
fabffb |
* eap_method_ca_cert_ignore_load:
|
|
Packit |
fabffb |
* @connection: the connection for which to load CA cert ignore values to GSettings
|
|
Packit |
fabffb |
*
|
|
Packit |
fabffb |
* Reads the CA cert ignore tags from the 802.1x setting GObject data and saves
|
|
Packit |
fabffb |
* then to GSettings if present, using the connection UUID as the index.
|
|
Packit |
fabffb |
*/
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_ca_cert_ignore_load (NMConnection *connection)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
GSettings *settings;
|
|
Packit |
fabffb |
NMSetting8021x *s_8021x;
|
|
Packit |
fabffb |
gboolean ignore, phase2_ignore;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_return_if_fail (connection);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
s_8021x = nm_connection_get_setting_802_1x (connection);
|
|
Packit |
fabffb |
if (!s_8021x)
|
|
Packit |
fabffb |
return;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
settings = _get_ca_ignore_settings (connection);
|
|
Packit |
fabffb |
if (!settings)
|
|
Packit |
fabffb |
return;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
ignore = g_settings_get_boolean (settings, IGNORE_CA_CERT_TAG);
|
|
Packit |
fabffb |
phase2_ignore = g_settings_get_boolean (settings, IGNORE_PHASE2_CA_CERT_TAG);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
g_object_set_data (G_OBJECT (s_8021x),
|
|
Packit |
fabffb |
IGNORE_CA_CERT_TAG,
|
|
Packit |
fabffb |
GUINT_TO_POINTER (ignore));
|
|
Packit |
fabffb |
g_object_set_data (G_OBJECT (s_8021x),
|
|
Packit |
fabffb |
IGNORE_PHASE2_CA_CERT_TAG,
|
|
Packit |
fabffb |
GUINT_TO_POINTER (phase2_ignore));
|
|
Packit |
fabffb |
g_object_unref (settings);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
GError *
|
|
Packit |
fabffb |
eap_method_ca_cert_validate_cb (NMACertChooser *cert_chooser, gpointer user_data)
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
NMSetting8021xCKScheme scheme;
|
|
Packit |
fabffb |
NMSetting8021xCKFormat format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
|
|
Packit |
fabffb |
gs_unref_object NMSetting8021x *setting = NULL;
|
|
Packit |
fabffb |
gs_free char *value = NULL;
|
|
Packit |
fabffb |
GError *local = NULL;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
setting = (NMSetting8021x *) nm_setting_802_1x_new ();
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
value = nma_cert_chooser_get_cert (cert_chooser, &scheme);
|
|
Packit |
fabffb |
if (!value) {
|
|
Packit |
fabffb |
return g_error_new_literal (NMA_ERROR, NMA_ERROR_GENERIC,
|
|
Packit |
fabffb |
_("no CA certificate selected"));
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
if (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH) {
|
|
Packit |
fabffb |
if (!g_file_test (value, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR)) {
|
|
Packit |
fabffb |
return g_error_new_literal (NMA_ERROR, NMA_ERROR_GENERIC,
|
|
Packit |
fabffb |
_("selected CA certificate file does not exist"));
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
if (!nm_setting_802_1x_set_ca_cert (setting, value, scheme, &format, &local))
|
|
Packit |
fabffb |
return local;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
return NULL;
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
void
|
|
Packit |
fabffb |
eap_method_setup_cert_chooser (NMACertChooser *cert_chooser,
|
|
Packit |
fabffb |
NMSetting8021x *s_8021x,
|
|
Packit |
fabffb |
NMSetting8021xCKScheme (*cert_scheme_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*cert_path_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*cert_uri_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*cert_password_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
NMSetting8021xCKScheme (*key_scheme_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*key_path_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*key_uri_func) (NMSetting8021x *setting),
|
|
Packit |
fabffb |
const char *(*key_password_func) (NMSetting8021x *setting))
|
|
Packit |
fabffb |
{
|
|
Packit |
fabffb |
NMSetting8021xCKScheme scheme = NM_SETTING_802_1X_CK_SCHEME_UNKNOWN;
|
|
Packit |
fabffb |
const char *value = NULL;
|
|
Packit |
fabffb |
const char *password = NULL;
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
if (s_8021x && cert_path_func && cert_uri_func && cert_scheme_func) {
|
|
Packit |
fabffb |
scheme = cert_scheme_func (s_8021x);
|
|
Packit |
fabffb |
switch (scheme) {
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_PATH:
|
|
Packit |
fabffb |
value = cert_path_func (s_8021x);
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_PKCS11:
|
|
Packit |
fabffb |
value = cert_uri_func (s_8021x);
|
|
Packit |
fabffb |
password = cert_password_func ? cert_password_func (s_8021x) : NULL;
|
|
Packit |
fabffb |
if (password)
|
|
Packit |
fabffb |
nma_cert_chooser_set_cert_password (cert_chooser, password);
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_UNKNOWN:
|
|
Packit |
fabffb |
/* No CA set. */
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
default:
|
|
Packit |
fabffb |
g_warning ("unhandled certificate scheme %d", scheme);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
nma_cert_chooser_set_cert (cert_chooser, value, scheme);
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
if (s_8021x && key_path_func && key_uri_func && key_scheme_func) {
|
|
Packit |
fabffb |
scheme = key_scheme_func (s_8021x);
|
|
Packit |
fabffb |
switch (scheme) {
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_PATH:
|
|
Packit |
fabffb |
value = key_path_func (s_8021x);
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_PKCS11:
|
|
Packit |
fabffb |
value = key_uri_func (s_8021x);
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
case NM_SETTING_802_1X_CK_SCHEME_UNKNOWN:
|
|
Packit |
fabffb |
/* No certificate set. */
|
|
Packit |
fabffb |
break;
|
|
Packit |
fabffb |
default:
|
|
Packit |
fabffb |
g_warning ("unhandled key scheme %d", scheme);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
nma_cert_chooser_set_key (cert_chooser, value, scheme);
|
|
Packit |
fabffb |
}
|
|
Packit |
fabffb |
|
|
Packit |
fabffb |
password = s_8021x && key_password_func ? key_password_func (s_8021x) : NULL;
|
|
Packit |
fabffb |
if (password)
|
|
Packit |
fabffb |
nma_cert_chooser_set_key_password (cert_chooser, key_password_func (s_8021x));
|
|
Packit |
fabffb |
}
|