1. 17 Sep, 2018 1 commit
  2. 15 Sep, 2018 1 commit
  3. 14 Sep, 2018 2 commits
    • Thomas Haller's avatar
      libnm: drop API nm_connection_get_setting_{6lowpan,sriov,wpan}() · fe866fbe
      Thomas Haller authored
      Note that NMSettingEthtool and NMSettingMatch don't have such
      functions either.
      
      We have API
      
        nm_connection_get_setting (NMConnection *, GType)
        nm_connection_get_setting_by_name (NMConnection *, const char *)
      
      which can be used generically, meaning: the requested setting type
      is an argument to the function. That is generally more useful and
      flexible.
      
      Don't add API which duplicates existing functionality and is (arguably)
      inferiour. Drop it now. This is an ABI/API break for the current development
      cycle where the 1.14.0 API is still unstable. Indeed it's already after
      1.14-rc1, which is ugly. But it's also unlikely that somebody already uses
      this API/ABI and is badly impacted by this change.
      
      Note that nm_connection_get_setting() and nm_connection_get_setting_by_name()
      are slightly inconvenient in C still, because they usually require a cast.
      We should fix that by changing the return type to "void *". Such
      a change may be possibly any time without breaking API/ABI (almost, it'd
      be an API change when taking a function pointer without casting).
      
      (cherry picked from commit a10156f5)
      fe866fbe
    • Thomas Haller's avatar
      libnm: drop API nm_connection_get_setting_{6lowpan,sriov,wpan}() · a10156f5
      Thomas Haller authored
      Note that NMSettingEthtool and NMSettingMatch don't have such
      functions either.
      
      We have API
      
        nm_connection_get_setting (NMConnection *, GType)
        nm_connection_get_setting_by_name (NMConnection *, const char *)
      
      which can be used generically, meaning: the requested setting type
      is an argument to the function. That is generally more useful and
      flexible.
      
      Don't add API which duplicates existing functionality and is (arguably)
      inferiour. Drop it now. This is an ABI/API break for the current development
      cycle where the 1.14.0 API is still unstable. Indeed it's already after
      1.14-rc1, which is ugly. But it's also unlikely that somebody already uses
      this API/ABI and is badly impacted by this change.
      
      Note that nm_connection_get_setting() and nm_connection_get_setting_by_name()
      are slightly inconvenient in C still, because they usually require a cast.
      We should fix that by changing the return type to "void *". Such
      a change may be possibly any time without breaking API/ABI (almost, it'd
      be an API change when taking a function pointer without casting).
      a10156f5
  4. 13 Sep, 2018 2 commits
  5. 06 Sep, 2018 25 commits
  6. 05 Sep, 2018 2 commits
  7. 04 Sep, 2018 6 commits
    • Thomas Haller's avatar
      ifcfg-rh: don't use 802-1x certifcate setter functions · e3ac45c0
      Thomas Haller authored
      The certificate setter function like nm_setting_802_1x_set_ca_cert()
      actually load the file from disk, and validate whether it is a valid
      certificate. That is very wrong to do.
      
      For one, the certificates are external files, which are not embedded
      into the NMConnection. That means, strongly validating the files while
      loading the ifcfg files, is wrong because:
       - if validation fails, loading the file fails in its entirety with
         a warning in the log. That is not helpful to the user, who now
         can no longer use nmcli to fix the path of the certificate (because
         the profile failed to load in the first place).
       - even if the certificate is valid at load-time, there is no guarantee
         that it is valid later on, when we actually try to use the file. What
         good does such a validation do? nm_setting_802_1x_set_ca_cert() might
         make sense during nmcli_connection_modify(). At the moment when we
         create or update the profile, we do want to validate the input and
         be helpful to the user. Validating the file later on, when reloading
         the profile from disk seems undesirable.
       - note how keyfile also does not perform such validations (for good
         reasons, I presume).
      
      Also, there is so much wrong with how ifcfg reader handles EAP files.
      There is a lot of duplication, and trying to be too smart. I find it
      wrong how the "eap_readers" are nested. E.g. both eap_peap_reader() and
      "tls" method call to eap_tls_reader(), making it look like that
      NMSetting8021x can handle multiple EAP profiles separately. But it cannot. The
      802-1x profile is a flat set of properties like ca-cert and others. All
      EAP methods share these properties, so having this complex parsing
      is not only complicated, but also wrong. The reader should simply parse
      the shell variables, and let NMSetting8021x::verify() handle validation
      of the settings. Anyway, the patch does not address that.
      
      Also, the setting of the likes of NM_SETTING_802_1X_CLIENT_CERT_PASSWORD was
      awkwardly only done when
           privkey_format != NM_SETTING_802_1X_CK_FORMAT_PKCS12
        && scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11
      It is too smart. Just read it from file, if it contains invalid data, let
      verify() reject it. That is only partly addressed.
      
      Also note, how writer never actually writes the likes of
      IEEE_8021X_CLIENT_CERT_PASSWORD. That is another bug and not fixed
      either.
      e3ac45c0
    • Thomas Haller's avatar
      ifcfg-rh: rework parsing secrets · 6b763af1
      Thomas Haller authored
      - rename secret related functions to have a "_secret" prefix.
        Also, rename read_8021x_password() because it's not only useful
        for 802-1x.
      
      - In particular, this patch adds _secret_read_ifcfg() helper (formerly
        read_8021x_password()), which is smart enough to obtain secrets from
        the keys ifcfg file. We have other places where we don't get this
        right.
      
      - on a minor note, the patch also makes an effort to clear passwords
        and certifcate data from memory. Yes, there are countless places
        where we don't do that, but in this case, it's done and is as simple
        as replacing gs_free with nm_auto_free_secret, etc.
      6b763af1
    • Thomas Haller's avatar
      ifcfg-rh/trivial: rename variable for ifcfg keys file · 4b6aa207
      Thomas Haller authored
      The term "keys" is used ambigiously. Rename occurances which reference
      the "keys" ifcfg-rh file.
      
      While at it, rename the file "parsed" to "main_ifcfg". It follows the
      same pattern as the "keys_ifcfg" name.
      4b6aa207
    • Thomas Haller's avatar
      build: enable building both crypto backends for tests · e01f7f2c
      Thomas Haller authored
      If the library is available, let's at least compile both
      crypto backends.
      
      That is helpful when developing on crypto backends, so that
      one does not have to configure the build twice.
      
      With autotools, the build is only run during `make check`.
      Not for meson, but that is generally the case with our meson
      setup, that it also builds tests during the regular build step.
      e01f7f2c
    • Thomas Haller's avatar
      shared: move file-get-contents and file-set-contents helper to shared/ · ff163d9d
      Thomas Haller authored
      These functions are not specific to "src/". Also, they will be needed
      by outside of "src/" soon.
      ff163d9d
    • Thomas Haller's avatar
      core: extend nm_utils_*_get_contents() to zero temporary memory · 6b813b90
      Thomas Haller authored
      When reading a file, we may allocate intermediate buffers (realloc()).
      Also, reading might fail halfway through the process.
      
      Add a new flag that makes sure that this memory is cleared. The
      point is when reading secrets, that we don't accidentally leave
      private sensitive material in memory.
      6b813b90
  8. 30 Aug, 2018 1 commit