2007-11-09 Dan Williams <dcbw@redhat.com>

* src/supplicant-manager/nm-supplicant-config.c
		- (nm_supplicant_config_add_setting_wireless_security): private key
			passwords are never sent to wpa_supplicant, because the supplicant
			should never be reading random files from the disk.  Clients like
			the applet are required to decrypt the private keys and send NM
			the decrypted blobs.



git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3076 4912f4e0-d625-0410-9fb7-b9a5a253dbdc

ChangeLog

@@ -1,3 +1,12 @@
+2007-11-09  Dan Williams  <dcbw@redhat.com>
+
+	* src/supplicant-manager/nm-supplicant-config.c
+		- (nm_supplicant_config_add_setting_wireless_security): private key
+			passwords are never sent to wpa_supplicant, because the supplicant
+			should never be reading random files from the disk.  Clients like
+			the applet are required to decrypt the private keys and send NM
+			the decrypted blobs.
+
 2007-11-08  Dan Williams  <dcbw@redhat.com>
 
 	* libnm-util/nm-setting-wireless-security.h

src/supplicant-manager/nm-supplicant-config.c

@@ -469,8 +469,13 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig * self,
 	ADD_STRING_VAL (setting->password, "password", FALSE, FALSE, TRUE);
 	ADD_STRING_VAL (setting->pin, "pin", FALSE, FALSE, TRUE);
 	ADD_STRING_VAL (setting->eappsk, "eappsk", FALSE, TRUE, TRUE);
-	ADD_STRING_VAL (setting->private_key_passwd, "private_key_passwd", FALSE, FALSE, TRUE);
-	ADD_STRING_VAL (setting->phase2_private_key_passwd, "private_key2_passwd", FALSE, FALSE, TRUE);
+
+	/* Private key passwords are never passed to wpa_supplicant because the
+	 * user agent is responsible for decoding and decrypting the private key,
+	 * and file paths are never passed to wpa_supplicant to ensure that
+	 * the supplicant can be locked down and doesn't try to read stuff from
+	 * all over the drive.
+	 */
 
 	ADD_STRING_LIST_VAL (setting->eap, "eap", TRUE, FALSE);