Commit a8288158 authored by Beniamino Galvani's avatar Beniamino Galvani

ifcfg-rh: don't check for 802.1x private key or client cert in reader

Let the setting check it in verify().

(cherry picked from commit d9b3b2b8)
(cherry picked from commit c28db67a)
parent 90517f1b
......@@ -3116,6 +3116,7 @@ eap_tls_reader (const char *eap_method,
svGetValueStr (ifcfg, "IEEE_8021X_IDENTITY", &identity_free),
NULL);
/* CA certificate */
if (!_cert_set_from_ifcfg (s_8021x,
ifcfg,
phase2 ? "IEEE_8021X_INNER_CA_CERT" : "IEEE_8021X_CA_CERT",
......@@ -3129,6 +3130,7 @@ eap_tls_reader (const char *eap_method,
phase2 ? "IEEE_8021X_INNER_CA_CERT_PASSWORD" : "IEEE_8021X_CA_CERT_PASSWORD",
phase2 ? NM_SETTING_802_1X_PHASE2_CA_CERT_PASSWORD : NM_SETTING_802_1X_CA_CERT_PASSWORD);
/* Private key */
if (!_cert_set_from_ifcfg (s_8021x,
ifcfg,
phase2 ? "IEEE_8021X_INNER_PRIVATE_KEY" : "IEEE_8021X_PRIVATE_KEY",
......@@ -3141,14 +3143,8 @@ eap_tls_reader (const char *eap_method,
keys_ifcfg,
phase2 ? "IEEE_8021X_INNER_PRIVATE_KEY_PASSWORD" : "IEEE_8021X_PRIVATE_KEY_PASSWORD",
phase2 ? NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD : NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD);
if (!privkey) {
g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION,
"Missing %s for EAP method '%s'.",
phase2 ? "IEEE_8021X_INNER_PRIVATE_KEY" : "IEEE_8021X_PRIVATE_KEY",
eap_method);
return FALSE;
}
/* Client certificate */
if (!_cert_set_from_ifcfg (s_8021x,
ifcfg,
phase2 ? "IEEE_8021X_INNER_CLIENT_CERT" : "IEEE_8021X_CLIENT_CERT",
......@@ -3161,12 +3157,6 @@ eap_tls_reader (const char *eap_method,
keys_ifcfg,
phase2 ? "IEEE_8021X_INNER_CLIENT_CERT_PASSWORD" : "IEEE_8021X_CLIENT_CERT_PASSWORD",
phase2 ? NM_SETTING_802_1X_PHASE2_CLIENT_CERT_PASSWORD : NM_SETTING_802_1X_CLIENT_CERT_PASSWORD);
if (!client_cert) {
g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION,
"Missing certificate for EAP method '%s'.",
eap_method);
return FALSE;
}
return TRUE;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment