libnm: add function nm_setting_802_1x_check_cert_scheme()

When setting the certificate glib properties directly, we raise a g_warning() when the binary data is invalid. But since the caller has no access to the validation function, he cannot easily check whether his action will result in a warning. Add nm_setting_802_1x_check_cert_scheme() for that. While backporting, hide public API from 1.2. (cherry picked from commit 15926e9eb3)
2026-01-24 02:50:25 +01:00 · 2015-02-26 10:12:11 +01:00 · 2015-02-26 10:12:11 +01:00 · 21849d73ee
commit 21849d73ee
parent 7c6da95f14
2 changed files with 27 additions and 5 deletions
--- a/libnm-core/nm-setting-8021x.c
+++ b/libnm-core/nm-setting-8021x.c
@ -416,7 +416,30 @@ get_cert_scheme (GBytes *bytes, GError **error)
 	}

 	data = g_bytes_get_data (bytes, &length);
-	if (!length) {
+	return nm_setting_802_1x_check_cert_scheme (data, length, error);
+}
+
+/**
+ * nm_setting_802_1x_check_cert_scheme:
+ * @pdata: (allow-none): the data pointer
+ * @length: the length of the data
+ * @error: (allow-none): (out): validation reason
+ *
+ * Determines and verifies the blob type.
+ * When setting certificate properties of NMSetting8021x
+ * the blob must be not UNKNOWN (or NULL).
+ *
+ * Returns: the scheme of the blob or %NM_SETTING_802_1X_CK_SCHEME_UNKNOWN.
+ * For NULL it also returns NM_SETTING_802_1X_CK_SCHEME_UNKNOWN.
+ **/
+NMSetting8021xCKScheme
+nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error)
+{
+	const char *data = pdata;
+
+	g_return_val_if_fail (!length || data, NM_SETTING_802_1X_CK_SCHEME_UNKNOWN);
+
+	if (!length || !data) {
 		g_set_error_literal (error,
 		                     NM_CONNECTION_ERROR,
 		                     NM_CONNECTION_ERROR_INVALID_PROPERTY,
@ -484,11 +507,8 @@ load_and_verify_certificate (const char *cert_path,
 		 * file://.
 		 * If that's the case, coerce the format to UNKNOWN. The callers will take care
 		 * of that and not set the blob. */
-		GBytes *bytes = g_bytes_new_static (array->data, array->len);
-
-		if (get_cert_scheme (bytes, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB)
+		if (nm_setting_802_1x_check_cert_scheme (array->data, array->len, NULL) != NM_SETTING_802_1X_CK_SCHEME_BLOB)
 			format = NM_CRYPTO_FILE_FORMAT_UNKNOWN;
-		g_bytes_unref (bytes);
 	}

 	if (out_file_format)
--- a/libnm-core/nm-setting-private.h
+++ b/libnm-core/nm-setting-private.h
@ -155,4 +155,6 @@ gboolean _nm_setting_use_legacy_property (NMSetting *setting,

 GPtrArray  *_nm_setting_need_secrets (NMSetting *setting);

+NMSetting8021xCKScheme nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error);
+
 #endif  /* NM_SETTING_PRIVATE_H */