1. 03 Apr, 2019 1 commit
  2. 19 Feb, 2019 1 commit
  3. 11 Jul, 2018 1 commit
    • Thomas Haller's avatar
      all: don't use gchar/gshort/gint/glong but C types · e1c7a2b5
      Thomas Haller authored
      We commonly don't use the glib typedefs for char/short/int/long,
      but their C types directly.
          $ git grep '\<g\(char\|short\|int\|long\|float\|double\)\>' | wc -l
          $ git grep '\<\(char\|short\|int\|long\|float\|double\)\>' | wc -l
      One could argue that using the glib typedefs is preferable in
      public API (of our glib based libnm library) or where it clearly
      is related to glib, like during
        g_object_set (obj, PROPERTY, (gint) value, NULL);
      However, that argument does not seem strong, because in practice we don't
      follow that argument today, and seldomly use the glib typedefs.
      Also, the style guide for this would be hard to formalize, because
      "using them where clearly related to a glib" is a very loose suggestion.
      Also note that glib typedefs will always just be typedefs of the
      underlying C types. There is no danger of glib changing the meaning
      of these typedefs (because that would be a major API break of glib).
      A simple style guide is instead: don't use these typedefs.
      No manual actions, I only ran the bash script:
        FILES=($(git ls-files '*.[hc]'))
        sed -i \
            -e 's/\<g\(char\|short\|int\|long\|float\|double\)\>\( [^ ]\)/\1\2/g' \
            -e 's/\<g\(char\|short\|int\|long\|float\|double\)\>  /\1   /g' \
            -e 's/\<g\(char\|short\|int\|long\|float\|double\)\>/\1/g' \
  4. 30 Apr, 2018 1 commit
  5. 02 Nov, 2017 1 commit
    • Thomas Haller's avatar
      all: move setting 802-1x.auth-retries to connection.auth-retries · 2730dc60
      Thomas Haller authored
      The number of authentication retires is useful also for passwords aside
      802-1x settings. For example, src/devices/wifi/nm-device-wifi.c also has
      a retry counter and uses a hard-coded value of 3.
      Move the setting, so that it can be used in general. Although it is still
      not implemented for other settings.
      This is an API and ABI break.
  6. 31 Oct, 2017 1 commit
  7. 06 Jun, 2017 1 commit
  8. 17 Mar, 2017 2 commits
  9. 09 Mar, 2017 1 commit
    • Thomas Haller's avatar
      include: use double-quotes to include our own headers · 831286df
      Thomas Haller authored
      In practice, this should only matter when there are multiple
      header files with the same name. That is something we try
      to avoid already, by giving headers a distinct name.
      When building NetworkManager itself, we clearly want to use
      double-quotes for including our own headers.
      But we also want to do that in our public headers. For example:
          #include <stdio.h>
          #include <nm-1.h>
          void main() {
              printf ("INCLUDED %s/nm-2.h\n", SYMB);
          #include <nm-2.h>
          #define SYMB "1"
          #define SYMB "2"
      $ cc -I./2 -I./1 ./a.c
      $ ./a.out
      INCLUDED 2/nm-2.h
      Exceptions to this are
        - headers in "shared/nm-utils" that include <NetworkManager.h>. These
          headers are copied into projects and hence used like headers owned by
          those projects.
        - examples/C
  10. 21 Feb, 2017 1 commit
  11. 20 Feb, 2017 2 commits
    • Thomas Haller's avatar
      libnm/wifi: rework NMSetting8021xAuthFlags to explicitly disable TLS version · 2a11c57c
      Thomas Haller authored
      The wpa_supplicant API supports to enable/disable each TLS version
      individually, or leave it at the default. Currently, the default
      means to enable a TLS version, thus, the only meaningful option
      for the momemnt means to explicitly disable it.
      In the future, supplicant may disable options by default, and
      the inverse option can become interesting to configure
      "tls_disable_tlsv1_0=0". When that happens, we can solve it by
      adding another flag NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_0_ENABLE.
      Change the previous behavior of the NMSetting8021xAuthFlags.
      Previously, when not specifying TLS_DISABLE_DEFAULT, all
      options were unspecified. On the other hand, when specifying
      a single TLS disable flag, all versions were explicitly enabled
      or disabled.
      Instead, change the meaning of the disable flags. When present,
      it explicitly disables an option. But it does not explicitly enable
    • Leorize's avatar
  12. 17 Feb, 2017 1 commit
  13. 12 Jan, 2017 1 commit
    • Beniamino Galvani's avatar
      libnm-core: fix documentation warnings · 334a8a54
      Beniamino Galvani authored
      libnm-core/nm-setting-8021x.c:658: Warning: NM: nm_setting_802_1x_set_ca_cert: unknown parameter 'value' in documentation comment, should be 'cert_path'
      libnm-core/nm-setting-8021x.c:1023: Warning: NM: nm_setting_802_1x_set_client_cert: unknown parameter 'value' in documentation comment, should be 'cert_path'
      libnm-core/nm-setting-8021x.c:1331: Warning: NM: nm_setting_802_1x_set_phase2_ca_cert: unknown parameter 'value' in documentation comment, should be 'cert_path'
      libnm-core/nm-setting-8021x.c:1702: Warning: NM: nm_setting_802_1x_set_phase2_client_cert: unknown parameter 'value' in documentation comment, should be 'cert_path'
      libnm-core/nm-setting-8021x.c:2027: Warning: NM: nm_setting_802_1x_set_private_key: unknown parameter 'value' in documentation comment, should be 'key_path'
      libnm-core/nm-setting-8021x.c:2374: Warning: NM: nm_setting_802_1x_set_phase2_private_key: unknown parameter 'value' in documentation comment, should be 'key_path'
      Fixes: 2b09cee6
  14. 06 Jan, 2017 1 commit
  15. 05 May, 2016 1 commit
  16. 16 Mar, 2016 1 commit
    • Beniamino Galvani's avatar
      libnm-core: add domain-suffix-match properties to NMSetting8021x · 64b76ba9
      Beniamino Galvani authored
      The new domain-suffix-match and phase2-domain-suffix-match properties
      can be used to match against a given server domain suffix in the
      dNSName elements or in the SubjectName CN of the server certificate.
      Also, add a comment to the old subject-match properties documentation
      to suggest that they are deprecated and should not be used anymore.
  17. 12 Mar, 2015 2 commits
  18. 07 Nov, 2014 1 commit
    • Dan Winship's avatar
      libnm, docs: docs fixes · cbabd135
      Dan Winship authored
      Update the docs build to include and exclude the correct files.
      Fill in some missing documentation, and fix problems in the existing
      docs. (In particular, "<" can't appear as a literal in documentation,
      so change it to "&lt;". Also, "PKCS#12" has to be written as
      "PKCS#<!-- -->12", or gtk-doc will think "#12" is a reference to a
      type named "12".)
  19. 28 Oct, 2014 1 commit
    • Dan Winship's avatar
      libnm-core: add nm-core-types.h, remove cross-includes · b1087908
      Dan Winship authored
      Add nm-core-types.h, typedefing all of the GObject types in
      libnm-core; this is needed so that nm-setting.h can reference
      NMConnection in addition to nm-connection.h referencing NMSetting.
      Removing the cross-includes from the various headers causes lots of
      fallout elsewhere. (In particular, nm-utils.h used to include
      nm-connection.h, which included every setting header, so any file that
      included nm-utils.h automatically got most of the rest of libnm-core
      without needing to pay attention to specifics.) Fix this up by
      including nm-core-internal.h from those files that are now missing
  20. 22 Oct, 2014 1 commit
    • Dan Winship's avatar
      libnm-core: merge NMSetting*Error into NMConnectionError · 2d8e7bd2
      Dan Winship authored
      Each setting type was defining its own error type, but most of them
      had exactly the same three errors ("unknown", "missing property", and
      "invalid property"), and none of the other values was of much use
      programmatically anyway.
      So, this commit merges NMSettingError, NMSettingAdslError, etc, all
      into NMConnectionError. (The reason for merging into NMConnectionError
      rather than NMSettingError is that we also already have
      "NMSettingsError", for errors related to the settings service, so
      "NMConnectionError" is a less-confusable name for settings/connection
      errors than "NMSettingError".)
      Also, make sure that all of the affected error messages are localized,
      and (where appropriate) prefix them with the relevant property name.
      Renamed error codes:
      Remapped error codes:
      Dropped error codes (were previously defined but unused):
  21. 04 Sep, 2014 1 commit
    • Dan Winship's avatar
      libnm-core: change DBUS_TYPE_G_UCHAR_ARRAY properties to G_TYPE_BYTES · c43f8890
      Dan Winship authored
      Change all DBUS_TYPE_G_UCHAR_ARRAY properties to G_TYPE_BYTES, and
      update corresponding APIs. Notably, this means they are now refcounted
      rather than being copied.
      Update the rest of NM for the changes. The daemon still converts SSIDs
      to GByteArrays internally, because changing it to use GBytes has lots
      of trickle-down effects. It can possibly be changed later.
  22. 16 Aug, 2014 1 commit
    • Dan Winship's avatar
      all: fix up multiple-include-guard defines · c81fb49a
      Dan Winship authored
      Previously, src/nm-ip4-config.h, libnm/nm-ip4-config.h, and
      libnm-glib/nm-ip4-config.h all used "NM_IP4_CONFIG_H" as an include
      guard, which meant that nm-test-utils.h could not tell which of them
      was being included (and so, eg, if you tried to include
      nm-ip4-config.h in a libnm test, it would fail to compile because
      nm-test-utils.h was referring to symbols in src/nm-ip4-config.h).
      Fix this by changing the include guards in the non-API-stable parts of
      the tree:
        - libnm-glib/nm-ip4-config.h remains   NM_IP4_CONFIG_H
        - libnm/nm-ip4-config.h now uses     __NM_IP4_CONFIG_H__
        - src/nm-ip4-config.h now uses       __NETWORKMANAGER_IP4_CONFIG_H__
      And likewise for all other headers.
      The two non-"nm"-prefixed headers, libnm/NetworkManager.h and
      src/NetworkManagerUtils.h are now __NETWORKMANAGER_H__ and
      __NETWORKMANAGER_UTILS_H__ respectively, which, while not entirely
      consistent with the general scheme, do still mostly make sense in
  23. 01 Aug, 2014 4 commits
    • Dan Winship's avatar
      libnm: add NetworkManager.h, disallow including individual headers · d0b05b34
      Dan Winship authored
      Add NetworkManager.h, which includes all of the other NM header, and
      require all external users of libnm to use that rather than the
      individual headers.
      (An exception is made for nm-dbus-interface.h,
      nm-vpn-dbus-interface.h, and nm-version.h, which can be included
    • Dan Winship's avatar
      libnm: fix up class struct reserved slots · 2fc55941
      Dan Winship authored
      Add reserved slots to those classes that were missing them (or had run
      out), and sync up the number of slots across classes:
        - 8 slots for "important" classes, abstract base classes, and
          classes we expect we might need to add new virtual methods or
          signals to later.
        - 4 for everything else
      Also, rearrange the class elements in a few places into standard order
      (signals first, then methods).
    • Dan Winship's avatar
      libnm: remove Since tags and NM_AVAILABLE_IN_* attributes · b4ae6eae
      Dan Winship authored
      Everything currently in libnm has always been there.
    • Dan Winship's avatar
      libnm: add libnm/libnm-core (part 1) · d595f784
      Dan Winship authored
      This commit begins creating the new "libnm", which will replace
      libnm-util and libnm-glib.
      The main reason for the libnm-util/libnm-glib split is that the daemon
      needs to link to libnm-util (to get NMSettings, NMConnection, etc),
      but can't link to libnm-glib (because it uses many of the same type
      names as the NetworkManager daemon. eg, NMDevice). So the daemon links
      to only libnm-util, but basically all clients link to both.
      With libnm, there will be only a single client-visible library, and
      NetworkManager will internally link against a private "libnm-core"
      containing the parts that used to be in libnm-util.
      (The "libnm-core" parts still need to be in their own directory so
      that the daemon can see those header files without also seeing the
      ones in libnm/ that conflict with its own headers.)
      [This commit just copies the source code from libnm-util/ to
      libnm-core/, and libnm-glib/ to libnm/:
        mkdir -p libnm-core/tests/
        mkdir -p libnm/tests/
        cp libnm-util/*.[ch] libnm-util/nm-version.h.in libnm-core/
        rm -f libnm-core/nm-version.h libnm-core/nm-setting-template.[ch] libnm-core/nm-utils-enum-types.[ch]
        cp libnm-util/tests/*.[ch] libnm-core/tests/
        cp libnm-glib/*.[ch] libnm/
        rm -f libnm/libnm_glib.[ch] libnm/libnm-glib-test.c libnm/nm-glib-enum-types.[ch]
        cp libnm-glib/tests/*.[ch] libnm/tests/
  24. 15 Jul, 2014 1 commit
    • Dan Winship's avatar
      libnm-util, libnm-glib: standardize copyright/license headers · cb7e1893
      Dan Winship authored
      - Remove list of authors from files that had them; these serve no
        purpose except to quickly get out of date (and were only used in
        libnm-util and not libnm-glib anyway).
      - Just say "Copyright", not "(C) Copyright" or "Copyright (C)"
      - Put copyright statement after the license, not before
      - Remove "NetworkManager - Network link manager" from the few files
        that contained it, and "libnm_glib -- Access network status &
        information from glib applications" from the many files that
        contained it.
      - Remove vim modeline from nm-device-olpc-mesh.[ch], add emacs modeline
        to files that were missing it.
  25. 28 Feb, 2014 1 commit
  26. 27 Jul, 2012 1 commit
  27. 12 Mar, 2012 1 commit
    • Dan Winship's avatar
      Fix names of error enum values · 54ef8f32
      Dan Winship authored
      When NM was registering all of its enum types by hand, it was using
      NamesLikeThis rather than the default names-like-this for the "nick"
      values. When we switched to using glib-mkenums, this resulted in
      dbus-glib using different strings for the D-Bus error names, causing
      compatibility problems.
      Fix this by using glib-mkenums annotations to manually fix all the
      enum values back to what they were before. (This can't be done in a
      more automated way, because the old names aren't 100% consistent. Eg,
      "UNKNOWN" frequently becomes "UnknownError" rather than just
  28. 15 Feb, 2012 1 commit
    • Dan Winship's avatar
      Use glib-mkenums to generate enum types · 839eab55
      Dan Winship authored
      Rather than generating enum classes by hand (and complaining in each
      file that "this should really be standard"), use glib-mkenums.
      Unfortunately, we need a very new version of glib-mkenums in order to
      deal with NM's naming conventions and to fix a few other bugs, so just
      import that into the source tree temporarily.
      Also, to simplify the use of glib-mkenums, import Makefile.glib from
      To avoid having to run glib-mkenums for every subdirectory of src/,
      add a new "generated" directory, and put the generated enums files
      Finally, use Makefile.glib for marshallers too, and generate separate
      ones for libnm-glib and NetworkManager.
  29. 27 Jan, 2012 1 commit
  30. 22 Nov, 2011 1 commit
  31. 19 Aug, 2011 1 commit
    • Evan Broder's avatar
      settings: add 802.1X setting properties for subject and altsubject matches · 4f38f02a
      Evan Broder authored
      Includes subject_match and phase2_subject_match (string) parameters,
      and altsubject_matches and phase2_altsubject_matches (list of string)
      subject_match is matched against a substring of the subject from the
      certificate presented by the remote authentication server. If this
      option is unset, no subject verification is performed.
      altsubject_matches are each tested against the alternate subject name
      (altSubjectName) of the certificate presented by the remote
      authentication server. If this option is unset, no verification of the
      altSubjectName is performed.
  32. 02 Jul, 2011 1 commit
  33. 10 May, 2011 1 commit
    • Dan Williams's avatar
      libnm-util: clarify certificate and key argument names · ab56b8e9
      Dan Williams authored
      Clarify that these are supposed to be paths in the argument name;
      this shouldn't break API as it's just an argument rename.  Helps
      users figure out what the argument should be without as much trouble
      as 'value', which is what it was before.
  34. 02 Mar, 2011 1 commit
    • Dan Williams's avatar
      libnm-util: rework certificate and private key handling · 28e6523b
      Dan Williams authored
      First, it was not easily possible to set a private key without
      also providing a password.  This used to be OK, but now with
      secret flags it may be the case that when the connection is read,
      there's no private key password.  So functions that set the
      private key must account for NULL passwords.
      Unfortunately, the crytpo code did not handle this case well.
      We need to be able to independently (a) verify that a file looks
      like a certificate or private key and (b) that a given password
      decrypts a private key.  Previously the crypto code would fail
      to verify the file when the password was NULL.
      So this change fixes up the crytpo code for a more distinct
      split between these two operations, such that if no password is
      given, the file is still checked to ensure that it's a private
      key or a certificate.  If a password is given, the password is
      checked against the private key file.
      This commit also changes how private keys and certificates were
      handled with the BLOB scheme.  Previously only the first certificate
      or first private key was included in the property data, while now
      the entire file is encoded in the data.  This is intended to fix
      cases where multiple private keys or certificates are present in
      a PEM file.  It also allows clients to push certificate data to
      NetworkManager for storage in system settings locations, which was
      not as flexible before when only part of the certificate or key
      was sent as the data.