-
Thomas Haller authored
The certificate setter function like nm_setting_802_1x_set_ca_cert() actually load the file from disk, and validate whether it is a valid certificate. That is very wrong to do. For one, the certificates are external files, which are not embedded into the NMConnection. That means, strongly validating the files while loading the ifcfg files, is wrong because: - if validation fails, loading the file fails in its entirety with a warning in the log. That is not helpful to the user, who now can no longer use nmcli to fix the path of the certificate (because the profile failed to load in the first place). - even if the certificate is valid at load-time, there is no guarantee that it is valid later on, when we actually try to use the file. What good does such a validation do? nm_setting_802_1x_set_ca_cert() might make sense during nmcli_connection_modify(). At the moment when we create or update the profile, we do want to validate the input and be helpful to the user. Validating the file later on, when reloading the profile from disk seems undesirable. - note how keyfile also does not perform such validations (for good reasons, I presume). Also, there is so much wrong with how ifcfg reader handles EAP files. There is a lot of duplication, and trying to be too smart. I find it wrong how the "eap_readers" are nested. E.g. both eap_peap_reader() and "tls" method call to eap_tls_reader(), making it look like that NMSetting8021x can handle multiple EAP profiles separately. But it cannot. The 802-1x profile is a flat set of properties like ca-cert and others. All EAP methods share these properties, so having this complex parsing is not only complicated, but also wrong. The reader should simply parse the shell variables, and let NMSetting8021x::verify() handle validation of the settings. Anyway, the patch does not address that. Also, the setting of the likes of NM_SETTING_802_1X_CLIENT_CERT_PASSWORD was awkwardly only done when privkey_format != NM_SETTING_802_1X_CK_FORMAT_PKCS12 && scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11 It is too smart. Just read it from file, if it contains invalid data, let verify() reject it. That is only partly addressed. Also note, how writer never actually writes the likes of IEEE_8021X_CLIENT_CERT_PASSWORD. That is another bug and not fixed either.
e3ac45c0