fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-06-05 21:48:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/libnm-util
History
Thomas Haller e59e68c528 libnm: combine get_cert_scheme() and verify_cert() and ensure valid paths for NMSetting8021x 
get_cert_scheme() would return PATH scheme for binary data that
later will be rejected by verify_cert(). Even worse, get_cert_scheme()
would not check whether the path is NUL terminated, hence the following
can crash for an invalid connection:

  if (nm_setting_802_1x_get_ca_cert_scheme (s_8021x) == NM_SETTING_802_1X_CK_SCHEME_PATH)
      g_print ("path: %s", nm_setting_802_1x_get_ca_cert_path (s_8021x))

Combine the two functions so that already get_cert_scheme() does
the same validation as verify_cert().

Also change behavior and be more strict about invalid paths:

 - Now, the value is considered a PATH candidate if it starts with "file://",
   (sans NUL character).
   A change is that before, the "file://" (without NUL) would have
   been treated as BLOB, now it is an invalid PATH (UNKNOWN).

 - If the binary starts with "file://" it is considered as PATH but it
   is only valid, if all the fllowing is true:
   (a) the last character must be NUL.
   (b) there is no other intermediate NUL character.
       Before, an intermediate NUL character would have been accepted
       and the remainder would be ignored.
   (c) there is at least one non-NUL character after "file://".
   (d) the string must be fully valid utf8.

   The conditions (b) and (c) are new and some invalid(?) paths
   might no longer validate.
   Checking (d) moved from verify_cert() to get_cert_scheme().
   As set_cert_prop_helper() already called verify_cert(), this
   causes no additional change beyond (b).
2015-03-12 18:12:25 +01:00
..
tests test: initialize auto-destructed pointers 2015-02-09 15:19:30 +01:00
COPYING doc: fix FSF address (bgo #575625) 2009-09-10 21:03:30 -04:00
crypto.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
crypto.h libnm-util: Note that nm_utils_deinit() is a no-op 2014-12-04 08:39:54 -05:00
crypto_gnutls.c libnm-util: Note that nm_utils_deinit() is a no-op 2014-12-04 08:39:54 -05:00
crypto_nss.c libnm-util: Note that nm_utils_deinit() is a no-op 2014-12-04 08:39:54 -05:00
libnm-util.pc.in libnm-glib,libnm-util: -glib requires -util, -util requires NetworkManager 2013-03-14 10:23:19 -05:00
libnm-util.ver libnm/libnm-util: add Wi-Fi 'powersave' property 2015-01-21 14:31:04 -06:00
Makefile.am libnm-util, libnm-glib: bump sonames for 1.0 2014-12-18 13:47:08 -05:00
NetworkManager.h include: add NM_DEVICE_CAP_IS_SOFTWARE capability 2014-07-22 14:24:42 +02:00
NetworkManagerVPN.h vpn: allow plugins to indicate 'can-persist' capability 2014-11-06 21:17:34 -06:00
nm-connection.c libnm-util: only unref and don't destroy hash in nm_connection_to_hash() 2015-02-09 11:51:05 +01:00
nm-connection.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-param-spec-specialized.c all: consistently include config.h 2014-11-13 17:18:42 -05:00
nm-param-spec-specialized.h libnm-util, libnm-glib: whitespace fixes 2014-07-15 09:44:55 -04:00
nm-setting-8021x.c libnm: combine get_cert_scheme() and verify_cert() and ensure valid paths for NMSetting8021x 2015-03-12 18:12:25 +01:00
nm-setting-8021x.h docs: misc small fixes 2014-12-18 13:47:03 -05:00
nm-setting-adsl.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-adsl.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-bluetooth.c docs: misc small fixes 2014-12-18 13:47:03 -05:00
nm-setting-bluetooth.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-bond.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-bond.h libnm: add bonding option "lacp_rate" to NMSettingBond 2014-10-02 16:36:03 +02:00
nm-setting-bridge-port.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-bridge-port.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-bridge.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-bridge.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-cdma.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-cdma.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-connection.c translations: avoid preprocessor strings inside translation macro 2015-02-24 14:29:39 +01:00
nm-setting-connection.h libnm-util, libnm-glib: whitespace fixes 2014-07-15 09:44:55 -04:00
nm-setting-dcb.c libnm: fix memleak for app_fcoe_mode in NMSettingDcb 2015-02-09 11:51:04 +01:00
nm-setting-dcb.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-generic.c libnm-util: refactor NMSetting name and register_settings 2013-12-12 21:47:13 +01:00
nm-setting-generic.h libnm-util, libnm-glib: add versioned deprecation/availability macros 2014-02-13 11:24:37 -05:00
nm-setting-gsm.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-gsm.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-infiniband.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-infiniband.h libnm-util: add P_Key support to NMSettingInfiniband 2013-06-13 15:52:51 -03:00
nm-setting-ip4-config.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-ip4-config.h libnm: add NMSettingIPConfig:route-metric 2014-11-07 15:19:06 +01:00
nm-setting-ip6-config.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-ip6-config.h libnm: add NMSettingIPConfig:route-metric 2014-11-07 15:19:06 +01:00
nm-setting-olpc-mesh.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-olpc-mesh.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-ppp.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-ppp.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-pppoe.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-pppoe.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-private.h libnm-util: add _nm_setting_get_property() function 2014-10-12 21:17:17 +02:00
nm-setting-serial.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-serial.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-team-port.c libnm: fix memleak for config in NMSettingTeamPort 2015-02-09 11:51:05 +01:00
nm-setting-team-port.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-team.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-team.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-template.c all: consistently include config.h 2014-11-13 17:18:42 -05:00
nm-setting-template.h core: fix NM_IS_*_CLASS(klass) macros 2012-07-27 13:15:54 +02:00
nm-setting-vlan.c libnm-core: mute coverity for RESOURCE_LEAK (CWE-772) in g_return_val_if_fail() 2014-12-15 14:10:55 +01:00
nm-setting-vlan.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-vpn.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-vpn.h libnm/libnm-util: add VPN 'persistent' property 2014-11-06 21:16:57 -06:00
nm-setting-wimax.c libnm*: fix library gettext usage 2014-11-13 17:18:42 -05:00
nm-setting-wimax.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-wired.c libnm: fix memleak in nm_setting_wired_get_s390_option() and refactor 2015-02-09 11:51:05 +01:00
nm-setting-wired.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-wireless-security.c libnm, libnm-util: move settings doc generation to libnm-core 2014-11-19 09:24:09 -05:00
nm-setting-wireless-security.h libnm-util, libnm-glib: standardize copyright/license headers 2014-07-15 09:44:54 -04:00
nm-setting-wireless.c libnm/libnm-util: add Wi-Fi 'powersave' property 2015-01-21 14:31:04 -06:00
nm-setting-wireless.h libnm/libnm-util: add Wi-Fi 'powersave' property 2015-01-21 14:31:04 -06:00
nm-setting.c libnm-util: return empty hash, not NULL in nm_setting_to_hash() (bgo #740681) 2014-11-25 18:35:41 +01:00
nm-setting.h libnm-util: let nm_setting_diff() be symetric not to return properties that are set to default 2014-10-12 21:17:17 +02:00
nm-utils-private.h libnm-util: remove NM_UTIL_PRIVATE_CALL, NMSettingIP4Config:address-labels 2014-08-01 14:34:05 -04:00
nm-utils.c libnm: fix documentation for nm_utils_file_search_in_paths() 2015-01-08 13:08:56 +01:00
nm-utils.h libnm: add function nm_utils_file_search_in_paths() 2014-12-05 11:07:42 +01:00
nm-value-transforms.c libnm-util, core: fix warning about signed integer overflow (-Wstrict-overflow) 2014-08-01 13:17:01 +02:00
nm-version.h.in libnm-core, libnm-util: belatedly update version macros 2015-01-21 12:54:36 -05:00