mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2026-01-05 15:00:25 +01:00
merge branch 'th/8021x-auth-flags-tls-disable-bgo765059'
https://bugzilla.gnome.org/show_bug.cgi?id=765059
This commit is contained in:
Thomas Haller
commit
a184c25cb9
13 changed files with 417 additions and 124 deletions
|
|
@ -140,31 +140,32 @@ NmcOutputField nmc_fields_setting_8021X[] = {
|
|||
SETTING_FIELD (NM_SETTING_802_1X_PHASE1_PEAPVER), /* 15 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE1_PEAPLABEL), /* 16 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING), /* 17 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_AUTH), /* 18 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_AUTHEAP), /* 19 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT_PASSWORD), /* 20 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT_PASSWORD_FLAGS), /* 21 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT), /* 22 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_PATH), /* 23 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH), /* 24 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES), /* 25 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_DOMAIN_SUFFIX_MATCH), /* 26 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT), /* 27 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT_PASSWORD), /* 28 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT_PASSWORD_FLAGS), /* 29 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD), /* 30 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_FLAGS), /* 31 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_RAW), /* 32 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_RAW_FLAGS), /* 33 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY), /* 34 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD), /* 35 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS), /* 36 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY), /* 37 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD), /* 38 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS), /* 39 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PIN), /* 40 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PIN_FLAGS), /* 41 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_SYSTEM_CA_CERTS), /* 42 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE1_AUTH_FLAGS), /* 18 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_AUTH), /* 19 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_AUTHEAP), /* 20 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT_PASSWORD), /* 21 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT_PASSWORD_FLAGS), /* 22 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_CERT), /* 23 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CA_PATH), /* 24 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH), /* 25 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES), /* 26 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_DOMAIN_SUFFIX_MATCH), /* 27 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT), /* 28 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT_PASSWORD), /* 29 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_CLIENT_CERT_PASSWORD_FLAGS), /* 30 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD), /* 31 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_FLAGS), /* 32 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_RAW), /* 33 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PASSWORD_RAW_FLAGS), /* 34 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY), /* 35 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD), /* 36 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD_FLAGS), /* 37 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY), /* 38 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD), /* 39 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD_FLAGS), /* 40 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PIN), /* 41 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_PIN_FLAGS), /* 42 */
|
||||
SETTING_FIELD (NM_SETTING_802_1X_SYSTEM_CA_CERTS), /* 43 */
|
||||
{NULL, NULL, 0, NULL, FALSE, FALSE, 0}
|
||||
};
|
||||
#define NMC_FIELDS_SETTING_802_1X_ALL "name"","\
|
||||
|
|
@ -185,6 +186,7 @@ NmcOutputField nmc_fields_setting_8021X[] = {
|
|||
NM_SETTING_802_1X_PHASE1_PEAPVER","\
|
||||
NM_SETTING_802_1X_PHASE1_PEAPLABEL","\
|
||||
NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING","\
|
||||
NM_SETTING_802_1X_PHASE1_AUTH_FLAGS","\
|
||||
NM_SETTING_802_1X_PHASE2_AUTH","\
|
||||
NM_SETTING_802_1X_PHASE2_AUTHEAP","\
|
||||
NM_SETTING_802_1X_PHASE2_CA_CERT","\
|
||||
|
|
@ -2186,6 +2188,58 @@ nmc_property_802_1X_describe_password_raw (NMSetting *setting, const char *prop)
|
|||
" ab 4 55 0xa6 ea 3a 74 C2\n");
|
||||
}
|
||||
|
||||
static char *
|
||||
nmc_property_802_1X_get_phase1_auth_flags (NMSetting *setting, NmcPropertyGetType get_type)
|
||||
{
|
||||
NMSetting8021x *s_8021x = NM_SETTING_802_1X (setting);
|
||||
NMSetting8021xAuthFlags flags;
|
||||
char *tmp, *str;
|
||||
|
||||
flags = nm_setting_802_1x_get_phase1_auth_flags (s_8021x);
|
||||
tmp = nm_utils_enum_to_str (nm_setting_802_1x_auth_flags_get_type (), flags);
|
||||
if (get_type == NMC_PROPERTY_GET_PARSABLE)
|
||||
str = g_strdup_printf ("%s", tmp && *tmp ? tmp : "none");
|
||||
else
|
||||
str = g_strdup_printf ("%d (%s)", flags, tmp && *tmp ? tmp : "none");
|
||||
g_free (tmp);
|
||||
return str;
|
||||
}
|
||||
|
||||
static gboolean
|
||||
nmc_property_802_1X_set_phase1_auth_flags (NMSetting *setting, const char *prop,
|
||||
const char *val, GError **error)
|
||||
{
|
||||
NMSetting8021xAuthFlags flags;
|
||||
gs_free char *err_token = NULL;
|
||||
gboolean ret;
|
||||
long int t;
|
||||
|
||||
if (nmc_string_to_int_base (val, 0, TRUE,
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_NONE,
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_ALL,
|
||||
&t))
|
||||
flags = (NMSetting8021xAuthFlags) t;
|
||||
else {
|
||||
ret = nm_utils_enum_from_str (nm_setting_802_1x_auth_flags_get_type (), val,
|
||||
(int *) &flags, &err_token);
|
||||
|
||||
if (!ret) {
|
||||
if (g_ascii_strcasecmp (err_token, "none") == 0)
|
||||
flags = NM_SETTING_802_1X_AUTH_FLAGS_NONE;
|
||||
else {
|
||||
g_set_error (error, 1, 0, _("invalid option '%s', use a combination of [%s]"),
|
||||
err_token,
|
||||
nm_utils_enum_to_str (nm_setting_802_1x_auth_flags_get_type (),
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_ALL));
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
g_object_set (setting, prop, (guint) flags, NULL);
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/* --- NM_SETTING_ADSL_SETTING_NAME property functions --- */
|
||||
DEFINE_GETTER (nmc_property_adsl_get_username, NM_SETTING_ADSL_USERNAME)
|
||||
|
|
@ -6243,6 +6297,13 @@ nmc_properties_init (void)
|
|||
NULL,
|
||||
nmc_property_802_1X_allowed_phase1_fast_provisioning,
|
||||
NULL);
|
||||
nmc_add_prop_funcs (GLUE (802_1X, PHASE1_AUTH_FLAGS),
|
||||
nmc_property_802_1X_get_phase1_auth_flags,
|
||||
nmc_property_802_1X_set_phase1_auth_flags,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL);
|
||||
nmc_add_prop_funcs (GLUE (802_1X, PHASE2_AUTH),
|
||||
nmc_property_802_1X_get_phase2_auth,
|
||||
nmc_property_802_1X_set_phase2_auth,
|
||||
|
|
@ -8692,31 +8753,32 @@ setting_802_1X_details (NMSetting *setting, NmCli *nmc, const char *one_prop, g
|
|||
set_val_str (arr, 15, nmc_property_802_1X_get_phase1_peapver (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 16, nmc_property_802_1X_get_phase1_peaplabel (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 17, nmc_property_802_1X_get_phase1_fast_provisioning (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 18, nmc_property_802_1X_get_phase2_auth (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 19, nmc_property_802_1X_get_phase2_autheap (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 20, nmc_property_802_1X_get_phase2_ca_cert (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 21, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_ca_cert_password));
|
||||
set_val_str (arr, 22, nmc_property_802_1X_get_phase2_ca_cert_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 23, nmc_property_802_1X_get_phase2_ca_path (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 24, nmc_property_802_1X_get_phase2_subject_match (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 25, nmc_property_802_1X_get_phase2_altsubject_matches (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 26, nmc_property_802_1X_get_phase2_domain_suffix_match (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 27, nmc_property_802_1X_get_phase2_client_cert (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 28, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_client_cert_password));
|
||||
set_val_str (arr, 29, nmc_property_802_1X_get_phase2_client_cert_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 30, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password));
|
||||
set_val_str (arr, 31, nmc_property_802_1X_get_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 32, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password_raw));
|
||||
set_val_str (arr, 33, nmc_property_802_1X_get_password_raw_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 34, nmc_property_802_1X_get_private_key (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 35, GET_SECRET (secrets, setting, nmc_property_802_1X_get_private_key_password));
|
||||
set_val_str (arr, 36, nmc_property_802_1X_get_private_key_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 37, nmc_property_802_1X_get_phase2_private_key (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 38, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_private_key_password));
|
||||
set_val_str (arr, 39, nmc_property_802_1X_get_phase2_private_key_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 40, GET_SECRET (secrets, setting, nmc_property_802_1X_get_pin));
|
||||
set_val_str (arr, 41, nmc_property_802_1X_get_pin_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 42, nmc_property_802_1X_get_system_ca_certs (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 18, nmc_property_802_1X_get_phase1_auth_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 19, nmc_property_802_1X_get_phase2_auth (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 20, nmc_property_802_1X_get_phase2_autheap (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 21, nmc_property_802_1X_get_phase2_ca_cert (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 22, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_ca_cert_password));
|
||||
set_val_str (arr, 23, nmc_property_802_1X_get_phase2_ca_cert_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 24, nmc_property_802_1X_get_phase2_ca_path (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 25, nmc_property_802_1X_get_phase2_subject_match (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 26, nmc_property_802_1X_get_phase2_altsubject_matches (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 27, nmc_property_802_1X_get_phase2_domain_suffix_match (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 28, nmc_property_802_1X_get_phase2_client_cert (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 29, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_client_cert_password));
|
||||
set_val_str (arr, 30, nmc_property_802_1X_get_phase2_client_cert_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 31, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password));
|
||||
set_val_str (arr, 32, nmc_property_802_1X_get_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 33, GET_SECRET (secrets, setting, nmc_property_802_1X_get_password_raw));
|
||||
set_val_str (arr, 34, nmc_property_802_1X_get_password_raw_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 35, nmc_property_802_1X_get_private_key (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 36, GET_SECRET (secrets, setting, nmc_property_802_1X_get_private_key_password));
|
||||
set_val_str (arr, 37, nmc_property_802_1X_get_private_key_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 38, nmc_property_802_1X_get_phase2_private_key (setting, NMC_PROPERTY_GET_PRETTY, secrets));
|
||||
set_val_str (arr, 39, GET_SECRET (secrets, setting, nmc_property_802_1X_get_phase2_private_key_password));
|
||||
set_val_str (arr, 40, nmc_property_802_1X_get_phase2_private_key_password_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 41, GET_SECRET (secrets, setting, nmc_property_802_1X_get_pin));
|
||||
set_val_str (arr, 42, nmc_property_802_1X_get_pin_flags (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
set_val_str (arr, 43, nmc_property_802_1X_get_system_ca_certs (setting, NMC_PROPERTY_GET_PRETTY));
|
||||
g_ptr_array_add (nmc->output_data, arr);
|
||||
|
||||
print_data (nmc); /* Print all data */
|
||||
|
|
|
|||
|
|
@ -183,6 +183,8 @@ gboolean _nm_utils_check_module_file (const char *name,
|
|||
gpointer user_data,
|
||||
GError **error);
|
||||
|
||||
char *_nm_utils_enum_to_str_full (GType type, int value, const char *sep);
|
||||
|
||||
#define NM_UTILS_UUID_TYPE_LEGACY 0
|
||||
#define NM_UTILS_UUID_TYPE_VARIANT3 1
|
||||
|
||||
|
|
|
|||
|
|
@ -89,6 +89,7 @@ typedef struct {
|
|||
char *phase1_peapver;
|
||||
char *phase1_peaplabel;
|
||||
char *phase1_fast_provisioning;
|
||||
NMSetting8021xAuthFlags phase1_auth_flags;
|
||||
char *phase2_auth;
|
||||
char *phase2_autheap;
|
||||
GBytes *phase2_ca_cert;
|
||||
|
|
@ -135,6 +136,7 @@ enum {
|
|||
PROP_PHASE1_PEAPVER,
|
||||
PROP_PHASE1_PEAPLABEL,
|
||||
PROP_PHASE1_FAST_PROVISIONING,
|
||||
PROP_PHASE1_AUTH_FLAGS,
|
||||
PROP_PHASE2_AUTH,
|
||||
PROP_PHASE2_AUTHEAP,
|
||||
PROP_PHASE2_CA_CERT,
|
||||
|
|
@ -1258,6 +1260,22 @@ nm_setting_802_1x_get_phase1_fast_provisioning (NMSetting8021x *setting)
|
|||
return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase1_fast_provisioning;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_setting_802_1x_get_phase1_auth_flags:
|
||||
* @setting: the #NMSetting8021x
|
||||
*
|
||||
* Returns: the authentication flags for "phase 1".
|
||||
*
|
||||
* Since: 1.8
|
||||
*/
|
||||
NMSetting8021xAuthFlags
|
||||
nm_setting_802_1x_get_phase1_auth_flags (NMSetting8021x *setting)
|
||||
{
|
||||
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), 0);
|
||||
|
||||
return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase1_auth_flags;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_setting_802_1x_get_phase2_auth:
|
||||
* @setting: the #NMSetting8021x
|
||||
|
|
@ -3244,6 +3262,15 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
if (NM_FLAGS_ANY (priv->phase1_auth_flags, ~NM_SETTING_802_1X_AUTH_FLAGS_ALL)) {
|
||||
g_set_error_literal (error,
|
||||
NM_CONNECTION_ERROR,
|
||||
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||
_("invalid auth flags"));
|
||||
g_prefix_error (error, "%s.%s: ", NM_SETTING_802_1X_SETTING_NAME, NM_SETTING_802_1X_PHASE1_AUTH_FLAGS);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (priv->phase2_auth && !g_strv_contains (valid_phase2_auth, priv->phase2_auth)) {
|
||||
g_set_error (error,
|
||||
NM_CONNECTION_ERROR,
|
||||
|
|
@ -3446,6 +3473,9 @@ set_property (GObject *object, guint prop_id,
|
|||
g_free (priv->phase1_fast_provisioning);
|
||||
priv->phase1_fast_provisioning = g_value_dup_string (value);
|
||||
break;
|
||||
case PROP_PHASE1_AUTH_FLAGS:
|
||||
priv->phase1_auth_flags = g_value_get_uint (value);
|
||||
break;
|
||||
case PROP_PHASE2_AUTH:
|
||||
g_free (priv->phase2_auth);
|
||||
priv->phase2_auth = g_value_dup_string (value);
|
||||
|
|
@ -3625,6 +3655,9 @@ get_property (GObject *object, guint prop_id,
|
|||
case PROP_PHASE1_FAST_PROVISIONING:
|
||||
g_value_set_string (value, priv->phase1_fast_provisioning);
|
||||
break;
|
||||
case PROP_PHASE1_AUTH_FLAGS:
|
||||
g_value_set_uint (value, priv->phase1_auth_flags);
|
||||
break;
|
||||
case PROP_PHASE2_AUTH:
|
||||
g_value_set_string (value, priv->phase2_auth);
|
||||
break;
|
||||
|
|
@ -4105,6 +4138,34 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
|
|||
G_PARAM_READWRITE |
|
||||
G_PARAM_STATIC_STRINGS));
|
||||
|
||||
/**
|
||||
* NMSetting8021x:phase1-auth-flags:
|
||||
*
|
||||
* Specifies authentication flags to use in "phase 1" outer
|
||||
* authentication using #NMSetting8021xAuthFlags options.
|
||||
* The invidual TLS versions can be explicitly disabled. If a certain
|
||||
* TLS disable flag is not set, it is up to the supplicant to allow
|
||||
* or forbid it. The TLS options map to tls_disable_tlsv1_x settings.
|
||||
* See the wpa_supplicant documentation for more details.
|
||||
*
|
||||
* Since: 1.8
|
||||
*/
|
||||
/* ---ifcfg-rh---
|
||||
* property: phase1-auth-flags
|
||||
* variable: IEEE_8021X_PHASE1_AUTH_FLAGS(+)
|
||||
* values: space-separated list of authentication flags names
|
||||
* description: Authentication flags for the supplicant
|
||||
* example: IEEE_8021X_PHASE1_AUTH_FLAGS="tls-1-0-disable tls-1-1-disable"
|
||||
* ---end---
|
||||
*/
|
||||
g_object_class_install_property
|
||||
(object_class, PROP_PHASE1_AUTH_FLAGS,
|
||||
g_param_spec_uint (NM_SETTING_802_1X_PHASE1_AUTH_FLAGS, "", "",
|
||||
0, G_MAXUINT32, NM_SETTING_802_1X_AUTH_FLAGS_NONE,
|
||||
G_PARAM_CONSTRUCT |
|
||||
G_PARAM_READWRITE |
|
||||
G_PARAM_STATIC_STRINGS));
|
||||
|
||||
/**
|
||||
* NMSetting8021x:phase2-auth:
|
||||
*
|
||||
|
|
|
|||
|
|
@ -75,6 +75,28 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_ck_scheme >*/
|
|||
NM_SETTING_802_1X_CK_SCHEME_PKCS11,
|
||||
} NMSetting8021xCKScheme;
|
||||
|
||||
/**
|
||||
* NMSetting8021xAuthFlags
|
||||
* @NM_SETTING_802_1X_AUTH_FLAGS_NONE: No flags
|
||||
* @NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_0_DISABLE: Disable TLSv1.0
|
||||
* @NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_1_DISABLE: Disable TLSv1.1
|
||||
* @NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_2_DISABLE: Disable TLSv1.2
|
||||
* @NM_SETTING_802_1X_AUTH_FLAGS_ALL: All supported flags
|
||||
*
|
||||
* #NMSetting8021xAuthFlags values indicate which authentication settings
|
||||
* should be used.
|
||||
*
|
||||
* Since: 1.8
|
||||
*/
|
||||
typedef enum { /*< underscore_name=nm_setting_802_1x_auth_flags >*/
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_NONE = 0,
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_0_DISABLE = (1 << 0),
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_1_DISABLE = (1 << 1),
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_2_DISABLE = (1 << 2),
|
||||
|
||||
_NM_SETTING_802_1X_AUTH_FLAGS_LAST, /*< skip >*/
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_ALL = (((_NM_SETTING_802_1X_AUTH_FLAGS_LAST - 1) << 1) - 1),
|
||||
} NMSetting8021xAuthFlags;
|
||||
|
||||
#define NM_TYPE_SETTING_802_1X (nm_setting_802_1x_get_type ())
|
||||
#define NM_SETTING_802_1X(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_SETTING_802_1X, NMSetting8021x))
|
||||
|
|
@ -102,6 +124,7 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_ck_scheme >*/
|
|||
#define NM_SETTING_802_1X_PHASE1_PEAPVER "phase1-peapver"
|
||||
#define NM_SETTING_802_1X_PHASE1_PEAPLABEL "phase1-peaplabel"
|
||||
#define NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING "phase1-fast-provisioning"
|
||||
#define NM_SETTING_802_1X_PHASE1_AUTH_FLAGS "phase1-auth-flags"
|
||||
#define NM_SETTING_802_1X_PHASE2_AUTH "phase2-auth"
|
||||
#define NM_SETTING_802_1X_PHASE2_AUTHEAP "phase2-autheap"
|
||||
#define NM_SETTING_802_1X_PHASE2_CA_CERT "phase2-ca-cert"
|
||||
|
|
@ -331,6 +354,8 @@ NMSettingSecretFlags nm_setting_802_1x_get_phase2_private_key_password_flags (
|
|||
|
||||
NMSetting8021xCKFormat nm_setting_802_1x_get_phase2_private_key_format (NMSetting8021x *setting);
|
||||
|
||||
NM_AVAILABLE_IN_1_8
|
||||
NMSetting8021xAuthFlags nm_setting_802_1x_get_phase1_auth_flags (NMSetting8021x *setting);
|
||||
|
||||
G_END_DECLS
|
||||
|
||||
|
|
|
|||
|
|
@ -4249,6 +4249,83 @@ int _nm_utils_dns_option_find_idx (GPtrArray *array, const char *option)
|
|||
return -1;
|
||||
}
|
||||
|
||||
#define IS_FLAGS_SEPARATOR(ch) (NM_IN_SET ((ch), ' ', '\t', ',', '\n', '\r'))
|
||||
|
||||
static gboolean
|
||||
_is_hex_string (const char *str)
|
||||
{
|
||||
return str[0] == '0'
|
||||
&& str[1] == 'x'
|
||||
&& str[2]
|
||||
&& NM_STRCHAR_ALL (&str[2], ch, g_ascii_isxdigit (ch));
|
||||
}
|
||||
|
||||
static gboolean
|
||||
_enum_is_valid_enum_nick (const char *str)
|
||||
{
|
||||
return str[0]
|
||||
&& !NM_STRCHAR_ANY (str, ch, g_ascii_isspace (ch))
|
||||
&& !NM_STRCHAR_ALL (str, ch, g_ascii_isdigit (ch));
|
||||
}
|
||||
|
||||
static gboolean
|
||||
_enum_is_valid_flags_nick (const char *str)
|
||||
{
|
||||
return str[0]
|
||||
&& !NM_STRCHAR_ANY (str, ch, IS_FLAGS_SEPARATOR (ch))
|
||||
&& !_is_hex_string (str);
|
||||
}
|
||||
|
||||
char *
|
||||
_nm_utils_enum_to_str_full (GType type,
|
||||
int value,
|
||||
const char *flags_separator)
|
||||
{
|
||||
GTypeClass *class;
|
||||
char *ret;
|
||||
|
||||
if ( flags_separator
|
||||
&& ( !flags_separator[0]
|
||||
|| NM_STRCHAR_ANY (flags_separator, ch, !IS_FLAGS_SEPARATOR (ch))))
|
||||
g_return_val_if_reached (NULL);
|
||||
|
||||
class = g_type_class_ref (type);
|
||||
|
||||
if (G_IS_ENUM_CLASS (class)) {
|
||||
GEnumValue *enum_value;
|
||||
|
||||
enum_value = g_enum_get_value (G_ENUM_CLASS (class), value);
|
||||
if ( !enum_value
|
||||
|| !_enum_is_valid_enum_nick (enum_value->value_nick))
|
||||
ret = g_strdup_printf ("%d", value);
|
||||
else
|
||||
ret = strdup (enum_value->value_nick);
|
||||
} else if (G_IS_FLAGS_CLASS (class)) {
|
||||
GFlagsValue *flags_value;
|
||||
GString *str = g_string_new ("");
|
||||
|
||||
flags_separator = flags_separator ?: " ";
|
||||
|
||||
while (value) {
|
||||
flags_value = g_flags_get_first_value (G_FLAGS_CLASS (class), value);
|
||||
if (str->len)
|
||||
g_string_append (str, flags_separator);
|
||||
if ( !flags_value
|
||||
|| !_enum_is_valid_flags_nick (flags_value->value_nick)) {
|
||||
g_string_append_printf (str, "0x%x", (unsigned) value);
|
||||
break;
|
||||
}
|
||||
g_string_append (str, flags_value->value_nick);
|
||||
value &= ~flags_value->value;
|
||||
}
|
||||
ret = g_string_free (str, FALSE);
|
||||
} else
|
||||
g_return_val_if_reached (NULL);
|
||||
|
||||
g_type_class_unref (class);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_utils_enum_to_str:
|
||||
* @type: the %GType of the enum
|
||||
|
|
@ -4263,41 +4340,10 @@ int _nm_utils_dns_option_find_idx (GPtrArray *array, const char *option)
|
|||
*
|
||||
* Since: 1.2
|
||||
*/
|
||||
char *nm_utils_enum_to_str (GType type, int value)
|
||||
char *
|
||||
nm_utils_enum_to_str (GType type, int value)
|
||||
{
|
||||
GTypeClass *class;
|
||||
char *ret;
|
||||
|
||||
class = g_type_class_ref (type);
|
||||
|
||||
if (G_IS_ENUM_CLASS (class)) {
|
||||
GEnumValue *enum_value;
|
||||
|
||||
enum_value = g_enum_get_value (G_ENUM_CLASS (class), value);
|
||||
ret = enum_value ? strdup (enum_value->value_nick) : NULL;
|
||||
} else if (G_IS_FLAGS_CLASS (class)) {
|
||||
GFlagsValue *flags_value;
|
||||
GString *str = g_string_new ("");
|
||||
gboolean first = TRUE;
|
||||
|
||||
while (value) {
|
||||
flags_value = g_flags_get_first_value (G_FLAGS_CLASS (class), value);
|
||||
if (!flags_value)
|
||||
break;
|
||||
|
||||
if (!first)
|
||||
g_string_append (str, ", ");
|
||||
g_string_append (str, flags_value->value_nick);
|
||||
|
||||
value &= ~flags_value->value;
|
||||
first = FALSE;
|
||||
}
|
||||
ret = g_string_free (str, FALSE);
|
||||
} else
|
||||
g_return_val_if_reached (NULL);
|
||||
|
||||
g_type_class_unref (class);
|
||||
return ret;
|
||||
return _nm_utils_enum_to_str_full (type, value, ", ");
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -4305,7 +4351,7 @@ char *nm_utils_enum_to_str (GType type, int value)
|
|||
* @type: the %GType of the enum
|
||||
* @str: the input string
|
||||
* @out_value: (out) (allow-none): the output value
|
||||
* @err_token: (out) (allow-none): location to store the first unrecognized token
|
||||
* @err_token: (out) (allow-none) (transfer full): location to store the first unrecognized token
|
||||
*
|
||||
* Converts a string to the matching enum value.
|
||||
*
|
||||
|
|
@ -4318,55 +4364,83 @@ char *nm_utils_enum_to_str (GType type, int value)
|
|||
*
|
||||
* Since: 1.2
|
||||
*/
|
||||
gboolean nm_utils_enum_from_str (GType type, const char *str,
|
||||
int *out_value, char **err_token)
|
||||
gboolean
|
||||
nm_utils_enum_from_str (GType type, const char *str,
|
||||
int *out_value, char **err_token)
|
||||
{
|
||||
GTypeClass *class;
|
||||
gboolean ret = FALSE;
|
||||
int value = 0;
|
||||
gs_free char *stripped = NULL;
|
||||
gs_free char *str_clone = NULL;
|
||||
char *s;
|
||||
gint64 v64;
|
||||
|
||||
g_return_val_if_fail (str, FALSE);
|
||||
stripped = g_strstrip (strdup (str));
|
||||
|
||||
str_clone = strdup (str);
|
||||
s = nm_str_skip_leading_spaces (str_clone);
|
||||
g_strchomp (s);
|
||||
|
||||
class = g_type_class_ref (type);
|
||||
|
||||
if (G_IS_ENUM_CLASS (class)) {
|
||||
GEnumValue *enum_value;
|
||||
|
||||
enum_value = g_enum_get_value_by_nick (G_ENUM_CLASS (class), stripped);
|
||||
if (enum_value) {
|
||||
value = enum_value->value;
|
||||
ret = TRUE;
|
||||
if (s[0]) {
|
||||
if (NM_STRCHAR_ALL (s, ch, g_ascii_isdigit (ch))) {
|
||||
v64 = _nm_utils_ascii_str_to_int64 (s, 10, 0, G_MAXINT, -1);
|
||||
if (v64 != -1) {
|
||||
value = (int) v64;
|
||||
ret = TRUE;
|
||||
}
|
||||
} else {
|
||||
enum_value = g_enum_get_value_by_nick (G_ENUM_CLASS (class), s);
|
||||
if (enum_value) {
|
||||
value = enum_value->value;
|
||||
ret = TRUE;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if (G_IS_FLAGS_CLASS (class)) {
|
||||
GFlagsValue *flags_value;
|
||||
gs_strfreev char **strv = NULL;
|
||||
int i;
|
||||
|
||||
strv = g_strsplit_set (stripped, " \t,", 0);
|
||||
for (i = 0; strv[i]; i++) {
|
||||
if (!strv[i][0])
|
||||
continue;
|
||||
ret = TRUE;
|
||||
while (s[0]) {
|
||||
char *s_end;
|
||||
|
||||
flags_value = g_flags_get_value_by_nick (G_FLAGS_CLASS (class), strv[i]);
|
||||
if (!flags_value)
|
||||
break;
|
||||
for (s_end = s; s_end[0]; s_end++) {
|
||||
if (IS_FLAGS_SEPARATOR (s_end[0])) {
|
||||
s_end[0] = '\0';
|
||||
s_end++;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
value |= flags_value->value;
|
||||
if (s[0]) {
|
||||
if (_is_hex_string (s)) {
|
||||
v64 = _nm_utils_ascii_str_to_int64 (&s[2], 16, 0, G_MAXUINT, -1);
|
||||
if (v64 == -1) {
|
||||
ret = FALSE;
|
||||
break;
|
||||
}
|
||||
value |= (int) v64;
|
||||
} else {
|
||||
flags_value = g_flags_get_value_by_nick (G_FLAGS_CLASS (class), s);
|
||||
if (!flags_value) {
|
||||
ret = FALSE;
|
||||
break;
|
||||
}
|
||||
value |= flags_value->value;
|
||||
}
|
||||
}
|
||||
|
||||
s = s_end;
|
||||
}
|
||||
|
||||
if (strv[i]) {
|
||||
if (err_token)
|
||||
*err_token = strdup (strv[i]);
|
||||
value = 0;
|
||||
} else
|
||||
ret = TRUE;
|
||||
} else
|
||||
g_return_val_if_reached (FALSE);
|
||||
|
||||
if (out_value)
|
||||
*out_value = value;
|
||||
|
||||
NM_SET_OUT (err_token, !ret && s[0] ? g_strdup (s) : NULL);
|
||||
NM_SET_OUT (out_value, ret ? value : 0);
|
||||
g_type_class_unref (class);
|
||||
return ret;
|
||||
}
|
||||
|
|
@ -4389,6 +4463,7 @@ const char **nm_utils_enum_get_values (GType type, gint from, gint to)
|
|||
GTypeClass *class;
|
||||
GPtrArray *array;
|
||||
gint i;
|
||||
char sbuf[64];
|
||||
|
||||
class = g_type_class_ref (type);
|
||||
array = g_ptr_array_new ();
|
||||
|
|
@ -4399,8 +4474,12 @@ const char **nm_utils_enum_get_values (GType type, gint from, gint to)
|
|||
|
||||
for (i = 0; i < enum_class->n_values; i++) {
|
||||
enum_value = &enum_class->values[i];
|
||||
if (enum_value->value >= from && enum_value->value <= to)
|
||||
g_ptr_array_add (array, (gpointer) enum_value->value_nick);
|
||||
if (enum_value->value >= from && enum_value->value <= to) {
|
||||
if (_enum_is_valid_enum_nick (enum_value->value_nick))
|
||||
g_ptr_array_add (array, (gpointer) enum_value->value_nick);
|
||||
else
|
||||
g_ptr_array_add (array, (gpointer) g_intern_string (nm_sprintf_buf (sbuf, "%d", enum_value->value)));
|
||||
}
|
||||
}
|
||||
} else if (G_IS_FLAGS_CLASS (class)) {
|
||||
GFlagsClass *flags_class = G_FLAGS_CLASS (class);
|
||||
|
|
@ -4408,8 +4487,12 @@ const char **nm_utils_enum_get_values (GType type, gint from, gint to)
|
|||
|
||||
for (i = 0; i < flags_class->n_values; i++) {
|
||||
flags_value = &flags_class->values[i];
|
||||
if (flags_value->value >= from && flags_value->value <= to)
|
||||
g_ptr_array_add (array, (gpointer) flags_value->value_nick);
|
||||
if (flags_value->value >= from && flags_value->value <= to) {
|
||||
if (_enum_is_valid_flags_nick (flags_value->value_nick))
|
||||
g_ptr_array_add (array, (gpointer) flags_value->value_nick);
|
||||
else
|
||||
g_ptr_array_add (array, (gpointer) g_intern_string (nm_sprintf_buf (sbuf, "0x%x", (unsigned) flags_value->value)));
|
||||
}
|
||||
}
|
||||
} else {
|
||||
g_type_class_unref (class);
|
||||
|
|
|
|||
|
|
@ -27,6 +27,8 @@ typedef enum {
|
|||
NM_TEST_GENERAL_BOOL_ENUM_MAYBE = 2,
|
||||
NM_TEST_GENERAL_BOOL_ENUM_UNKNOWN = 3,
|
||||
NM_TEST_GENERAL_BOOL_ENUM_INVALID = 4, /*< skip >*/
|
||||
NM_TEST_GENERAL_BOOL_ENUM_67 = 67,
|
||||
NM_TEST_GENERAL_BOOL_ENUM_46 = 64,
|
||||
} NMTestGeneralBoolEnum;
|
||||
|
||||
typedef enum {
|
||||
|
|
@ -34,6 +36,8 @@ typedef enum {
|
|||
NM_TEST_GENERAL_META_FLAGS_FOO = (1 << 0),
|
||||
NM_TEST_GENERAL_META_FLAGS_BAR = (1 << 1),
|
||||
NM_TEST_GENERAL_META_FLAGS_BAZ = (1 << 2),
|
||||
NM_TEST_GENERAL_META_FLAGS_0x8 = (1 << 3),
|
||||
NM_TEST_GENERAL_META_FLAGS_0x4 = (1 << 4),
|
||||
} NMTestGeneralMetaFlags;
|
||||
|
||||
typedef enum { /*< flags >*/
|
||||
|
|
|
|||
|
|
@ -5142,25 +5142,30 @@ static void test_nm_utils_enum (void)
|
|||
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_YES, "yes");
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_UNKNOWN, "unknown");
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_INVALID, NULL);
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_INVALID, "4");
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_67, "67");
|
||||
test_nm_utils_enum_to_str_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_46, "64");
|
||||
|
||||
test_nm_utils_enum_to_str_do (meta_flags, NM_TEST_GENERAL_META_FLAGS_NONE, "");
|
||||
test_nm_utils_enum_to_str_do (meta_flags, NM_TEST_GENERAL_META_FLAGS_BAZ, "baz");
|
||||
test_nm_utils_enum_to_str_do (meta_flags, NM_TEST_GENERAL_META_FLAGS_FOO |
|
||||
NM_TEST_GENERAL_META_FLAGS_BAR |
|
||||
NM_TEST_GENERAL_META_FLAGS_BAZ, "foo, bar, baz");
|
||||
test_nm_utils_enum_to_str_do (meta_flags, 0xFF, "foo, bar, baz, 0xf8");
|
||||
test_nm_utils_enum_to_str_do (meta_flags, NM_TEST_GENERAL_META_FLAGS_0x8, "0x8");
|
||||
test_nm_utils_enum_to_str_do (meta_flags, NM_TEST_GENERAL_META_FLAGS_0x4, "0x10");
|
||||
|
||||
test_nm_utils_enum_to_str_do (color_flags, NM_TEST_GENERAL_COLOR_FLAGS_RED, "red");
|
||||
test_nm_utils_enum_to_str_do (color_flags, NM_TEST_GENERAL_COLOR_FLAGS_WHITE, "");
|
||||
test_nm_utils_enum_to_str_do (color_flags, NM_TEST_GENERAL_COLOR_FLAGS_WHITE, "0x1");
|
||||
test_nm_utils_enum_to_str_do (color_flags, NM_TEST_GENERAL_COLOR_FLAGS_RED |
|
||||
NM_TEST_GENERAL_COLOR_FLAGS_GREEN, "red, green");
|
||||
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "", FALSE, 0, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, " ", FALSE, 0, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "invalid", FALSE, 0, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "invalid", FALSE, 0, "invalid");
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "yes", TRUE, NM_TEST_GENERAL_BOOL_ENUM_YES, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "no", TRUE, NM_TEST_GENERAL_BOOL_ENUM_NO, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "yes,no", FALSE, 0, NULL);
|
||||
test_nm_utils_enum_from_str_do (bool_enum, "yes,no", FALSE, 0, "yes,no");
|
||||
|
||||
test_nm_utils_enum_from_str_do (meta_flags, "", TRUE, 0, NULL);
|
||||
test_nm_utils_enum_from_str_do (meta_flags, " ", TRUE, 0, NULL);
|
||||
|
|
@ -5172,16 +5177,18 @@ static void test_nm_utils_enum (void)
|
|||
test_nm_utils_enum_from_str_do (meta_flags, "foo,,bar", TRUE, NM_TEST_GENERAL_META_FLAGS_FOO |
|
||||
NM_TEST_GENERAL_META_FLAGS_BAR, NULL);
|
||||
test_nm_utils_enum_from_str_do (meta_flags, "foo,baz,quux,bar", FALSE, 0, "quux");
|
||||
test_nm_utils_enum_from_str_do (meta_flags, "foo,0x6", TRUE, NM_TEST_GENERAL_META_FLAGS_FOO | 0x6, NULL);
|
||||
test_nm_utils_enum_from_str_do (meta_flags, "0x30,0x08,foo", TRUE, 0x39, NULL);
|
||||
|
||||
test_nm_utils_enum_from_str_do (color_flags, "green", TRUE, NM_TEST_GENERAL_COLOR_FLAGS_GREEN, NULL);
|
||||
test_nm_utils_enum_from_str_do (color_flags, "blue,red", TRUE, NM_TEST_GENERAL_COLOR_FLAGS_BLUE |
|
||||
NM_TEST_GENERAL_COLOR_FLAGS_RED, NULL);
|
||||
test_nm_utils_enum_from_str_do (color_flags, "blue,white", FALSE, 0, "white");
|
||||
|
||||
test_nm_utils_enum_get_values_do (bool_enum, 0, G_MAXINT, "no,yes,maybe,unknown");
|
||||
test_nm_utils_enum_get_values_do (bool_enum, 0, G_MAXINT, "no,yes,maybe,unknown,67,64");
|
||||
test_nm_utils_enum_get_values_do (bool_enum, NM_TEST_GENERAL_BOOL_ENUM_YES,
|
||||
NM_TEST_GENERAL_BOOL_ENUM_MAYBE, "yes,maybe");
|
||||
test_nm_utils_enum_get_values_do (meta_flags, 0, G_MAXINT, "none,foo,bar,baz");
|
||||
test_nm_utils_enum_get_values_do (meta_flags, 0, G_MAXINT, "none,foo,bar,baz,0x8,0x10");
|
||||
test_nm_utils_enum_get_values_do (color_flags, 0, G_MAXINT, "blue,red,green");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1146,10 +1146,12 @@ global:
|
|||
|
||||
libnm_1_8_0 {
|
||||
global:
|
||||
nm_setting_802_1x_auth_flags_get_type;
|
||||
nm_setting_802_1x_get_ca_cert_password;
|
||||
nm_setting_802_1x_get_ca_cert_password_flags;
|
||||
nm_setting_802_1x_get_client_cert_password;
|
||||
nm_setting_802_1x_get_client_cert_password_flags;
|
||||
nm_setting_802_1x_get_phase1_auth_flags;
|
||||
nm_setting_802_1x_get_phase2_ca_cert_password;
|
||||
nm_setting_802_1x_get_phase2_ca_cert_password_flags;
|
||||
nm_setting_802_1x_get_phase2_client_cert_password;
|
||||
|
|
|
|||
|
|
@ -3151,6 +3151,24 @@ fill_8021x (shvarFile *ifcfg,
|
|||
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH, value, NULL);
|
||||
g_free (value);
|
||||
|
||||
value = svGetValueString (ifcfg, "IEEE_8021X_PHASE1_AUTH_FLAGS");
|
||||
if (value) {
|
||||
NMSetting8021xAuthFlags flags;
|
||||
char *token;
|
||||
|
||||
if (nm_utils_enum_from_str (nm_setting_802_1x_auth_flags_get_type (), value,
|
||||
(int *) &flags, &token)) {
|
||||
g_object_set (s_8021x, NM_SETTING_802_1X_PHASE1_AUTH_FLAGS, flags, NULL);
|
||||
} else {
|
||||
g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_INVALID_CONNECTION,
|
||||
"Invalid IEEE_8021X_PHASE1_AUTH_FLAGS flag '%s'", token);
|
||||
g_free (token);
|
||||
g_free (value);
|
||||
goto error;
|
||||
}
|
||||
g_free (value);
|
||||
}
|
||||
|
||||
read_8021x_list_value (ifcfg, "IEEE_8021X_ALTSUBJECT_MATCHES",
|
||||
s_8021x, NM_SETTING_802_1X_ALTSUBJECT_MATCHES);
|
||||
read_8021x_list_value (ifcfg, "IEEE_8021X_PHASE2_ALTSUBJECT_MATCHES",
|
||||
|
|
|
|||
|
|
@ -359,6 +359,7 @@ write_8021x_setting (NMConnection *connection,
|
|||
GError **error)
|
||||
{
|
||||
NMSetting8021x *s_8021x;
|
||||
NMSetting8021xAuthFlags auth_flags;
|
||||
const char *value, *match;
|
||||
char *tmp = NULL;
|
||||
gboolean success = FALSE;
|
||||
|
|
@ -450,6 +451,17 @@ write_8021x_setting (NMConnection *connection,
|
|||
g_free (tmp);
|
||||
}
|
||||
|
||||
auth_flags = nm_setting_802_1x_get_phase1_auth_flags (s_8021x);
|
||||
if (auth_flags == NM_SETTING_802_1X_AUTH_FLAGS_NONE) {
|
||||
svUnsetValue (ifcfg, "IEEE_8021X_PHASE1_AUTH_FLAGS");
|
||||
} else {
|
||||
gs_free char *flags_str = NULL;
|
||||
|
||||
flags_str = _nm_utils_enum_to_str_full (nm_setting_802_1x_auth_flags_get_type (),
|
||||
auth_flags, " ");
|
||||
svSetValueString (ifcfg, "IEEE_8021X_PHASE1_AUTH_FLAGS", flags_str);
|
||||
}
|
||||
|
||||
svSetValueString (ifcfg, "IEEE_8021X_INNER_AUTH_METHODS",
|
||||
phase2_auth->len ? phase2_auth->str : NULL);
|
||||
|
||||
|
|
|
|||
|
|
@ -5701,6 +5701,11 @@ test_write_wifi_wpa_eap_tls (void)
|
|||
nm_connection_add_setting (connection, NM_SETTING (s_8021x));
|
||||
|
||||
g_object_set (s_8021x, NM_SETTING_802_1X_IDENTITY, "Bill Smith", NULL);
|
||||
g_object_set (s_8021x,
|
||||
NM_SETTING_802_1X_PHASE1_AUTH_FLAGS,
|
||||
(guint) (NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_0_DISABLE |
|
||||
NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_1_DISABLE),
|
||||
NULL);
|
||||
|
||||
nm_setting_802_1x_add_eap_method (s_8021x, "tls");
|
||||
|
||||
|
|
|
|||
|
|
@ -896,6 +896,7 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self,
|
|||
const char *ca_path_override = NULL, *ca_cert_override = NULL;
|
||||
guint32 frag, hdrs;
|
||||
gs_free char *frag_str = NULL;
|
||||
NMSetting8021xAuthFlags phase1_auth_flags;
|
||||
|
||||
g_return_val_if_fail (NM_IS_SUPPLICANT_CONFIG (self), FALSE);
|
||||
g_return_val_if_fail (setting != NULL, FALSE);
|
||||
|
|
@ -982,6 +983,14 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self,
|
|||
fast_provisoning_allowed = TRUE;
|
||||
}
|
||||
|
||||
phase1_auth_flags = nm_setting_802_1x_get_phase1_auth_flags (setting);
|
||||
if (NM_FLAGS_HAS (phase1_auth_flags, NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_0_DISABLE))
|
||||
g_string_append_printf (phase1, "%stls_disable_tlsv1_0=1", (phase1->len ? " " : ""));
|
||||
if (NM_FLAGS_HAS (phase1_auth_flags, NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_1_DISABLE))
|
||||
g_string_append_printf (phase1, "%stls_disable_tlsv1_1=1", (phase1->len ? " " : ""));
|
||||
if (NM_FLAGS_HAS (phase1_auth_flags, NM_SETTING_802_1X_AUTH_FLAGS_TLS_1_2_DISABLE))
|
||||
g_string_append_printf (phase1, "%stls_disable_tlsv1_2=1", (phase1->len ? " " : ""));
|
||||
|
||||
if (phase1->len) {
|
||||
if (!add_string_val (self, phase1->str, "phase1", FALSE, NULL, error)) {
|
||||
g_string_free (phase1, TRUE);
|
||||
|
|
|
|||
|
|
@ -81,7 +81,10 @@ const char * phase1_allowed[] = {"peapver=0", "peapver=1", "peaplabel=1",
|
|||
"peap_outer_success=0", "include_tls_length=1",
|
||||
"sim_min_num_chal=3", "fast_provisioning=0",
|
||||
"fast_provisioning=1", "fast_provisioning=2",
|
||||
"fast_provisioning=3", NULL };
|
||||
"fast_provisioning=3", "tls_disable_tlsv1_0=0",
|
||||
"tls_disable_tlsv1_0=1", "tls_disable_tlsv1_1=0",
|
||||
"tls_disable_tlsv1_1=1", "tls_disable_tlsv1_2=0",
|
||||
"tls_disable_tlsv1_2=1", NULL };
|
||||
const char * phase2_allowed[] = {"auth=PAP", "auth=CHAP", "auth=MSCHAP",
|
||||
"auth=MSCHAPV2", "auth=GTC", "auth=OTP",
|
||||
"auth=MD5", "auth=TLS", "autheap=MD5",
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue