network-manager-applet r726 - in trunk: . po src src/connection-editor src/gconf-helpers src/utils src/wireless-security
- From: tambeti svn gnome org
- To: svn-commits-list gnome org
- Subject: network-manager-applet r726 - in trunk: . po src src/connection-editor src/gconf-helpers src/utils src/wireless-security
- Date: Mon, 19 May 2008 07:46:48 +0000 (UTC)
Author: tambeti
Date: Mon May 19 07:46:48 2008
New Revision: 726
URL: http://svn.gnome.org/viewvc/network-manager-applet?rev=726&view=rev
Log:
2008-05-15 Tambet Ingo <tambet gmail com>
Move crypto functions from here to NetworkManager/libnm-util.
* src/utils/crypto.[ch]
* src/utils/crypto_gnutls.c
* src/utils/crypto_nss.c
* src/utils/test-crypto.c: Move to NetworkManager/libnm-util.
Removed:
trunk/src/utils/crypto.c
trunk/src/utils/crypto.h
trunk/src/utils/crypto_gnutls.c
trunk/src/utils/crypto_nss.c
trunk/src/utils/test-crypto.c
Modified:
trunk/ChangeLog
trunk/configure.ac
trunk/po/POTFILES.in
trunk/src/applet.c
trunk/src/connection-editor/main.c
trunk/src/gconf-helpers/gconf-helpers.c
trunk/src/utils/Makefile.am
trunk/src/utils/utils.c
trunk/src/utils/utils.h
trunk/src/wireless-security/eap-method-tls.c
trunk/src/wireless-security/eap-method.c
Modified: trunk/configure.ac
==============================================================================
--- trunk/configure.ac (original)
+++ trunk/configure.ac Mon May 19 07:46:48 2008
@@ -172,44 +172,6 @@
AC_MSG_ERROR(wireless-tools >= 28pre9 not installed or not functional)
fi
-AC_ARG_WITH(nss, AC_HELP_STRING([--with-nss], [Use NSS library for certificate and key operations]), ac_nss=$withval, ac_nss=auto)
-if test x"$ac_nss" != xno; then
- PKG_CHECK_MODULES(NSS, [nss >= 3.11])
- AC_DEFINE(HAVE_NSS, 1, [Define if you have NSS])
-fi
-AM_CONDITIONAL(WITH_NSS, test x"$ac_nss" != xno)
-
-AC_ARG_WITH(gnutls, AC_HELP_STRING([--with-gnutls], [Use gnutls and gcrypt libraries for certificate and key operations]), ac_gnutls=$withval, ac_gnutls=no)
-if test x"$ac_gnutls" != xno; then
- PKG_CHECK_MODULES(GNUTLS, [gnutls >= 1.2])
- AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no)
-else
- LIBGCRYPT_CONFIG=no
-fi
-if test x"$LIBGCRYPT_CONFIG" = xno; then
- if test x"$ac_gnutls" = xyes; then
- AC_MSG_ERROR([gnutls explicitly requested but gcrypt not found on system])
- fi
- ac_gnutls=no
-else
- if test x"$ac_gnutls" != xno; then
- AC_DEFINE(HAVE_GNUTLS, 1, [Define if you have libgnutls])
- LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags`
- LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs`
- AC_SUBST(LIBGCRYPT_CFLAGS)
- AC_SUBST(LIBGCRYPT_LIBS)
- fi
-fi
-AM_CONDITIONAL(WITH_GNUTLS, test x"$ac_gnutls" != xno)
-
-if test x"$ac_nss" = xno -a x"$ac_gnutls" = xno; then
- AC_MSG_ERROR([Please choose either NSS or gnutls for certificate and key operations])
-fi
-
-if test x"$ac_nss" = xyes -a x"$ac_gnutls" = xyes; then
- AC_MSG_ERROR([Please choose _one_ of NSS or gnutls for certificate and key operations])
-fi
-
AC_ARG_WITH(dbus-sys, AC_HELP_STRING([--with-dbus-sys=DIR], [where D-BUS system.d directory is]))
if ! test -z "$with_dbus_sys" ; then
Modified: trunk/po/POTFILES.in
==============================================================================
--- trunk/po/POTFILES.in (original)
+++ trunk/po/POTFILES.in Mon May 19 07:46:48 2008
@@ -32,9 +32,6 @@
src/connection-editor/nm-connection-list.c
src/keyring.png
src/main.c
-src/utils/crypto.c
-src/utils/crypto_gnutls.c
-src/utils/crypto_nss.c
src/vpn-properties/nm-vpn-properties.c
src/vpn-properties/nm-vpn-properties.glade
src/vpn-password-dialog.c
Modified: trunk/src/applet.c
==============================================================================
--- trunk/src/applet.c (original)
+++ trunk/src/applet.c Mon May 19 07:46:48 2008
@@ -67,7 +67,6 @@
#include "vpn-password-dialog.h"
#include "applet-dbus-manager.h"
#include "utils.h"
-#include "crypto.h"
#include "gconf-helpers.h"
@@ -2103,14 +2102,6 @@
{
NMApplet *applet;
AppletDBusManager * dbus_mgr;
- GError *error = NULL;
-
- if (!crypto_init (&error)) {
- g_warning ("Couldn't initilize crypto system: %d %s",
- error->code, error->message);
- g_error_free (error);
- return NULL;
- }
applet = NM_APPLET (G_OBJECT_CLASS (nma_parent_class)->constructor (type, n_props, construct_props));
@@ -2222,8 +2213,6 @@
g_object_unref (applet->nm_client);
- crypto_deinit ();
-
G_OBJECT_CLASS (nma_parent_class)->finalize (object);
}
Modified: trunk/src/connection-editor/main.c
==============================================================================
--- trunk/src/connection-editor/main.c (original)
+++ trunk/src/connection-editor/main.c Mon May 19 07:46:48 2008
@@ -33,7 +33,6 @@
#include <dbus/dbus-glib.h>
#include "nm-connection-list.h"
-#include "crypto.h"
static GMainLoop *loop = NULL;
@@ -71,7 +70,6 @@
{
NMConnectionList *list;
DBusGConnection *ignore;
- GError *error = NULL;
bindtextdomain (GETTEXT_PACKAGE, NMALOCALEDIR);
bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
@@ -85,12 +83,6 @@
ignore = dbus_g_bus_get (DBUS_BUS_SYSTEM, NULL);
dbus_g_connection_unref (ignore);
- if (!crypto_init (&error)) {
- g_warning ("Couldn't initilize crypto system: %d %s",
- error->code, error->message);
- return 1;
- }
-
loop = g_main_loop_new (NULL, FALSE);
list = nm_connection_list_new ();
@@ -106,6 +98,6 @@
g_main_loop_run (loop);
g_object_unref (list);
- crypto_deinit ();
+
return 0;
}
Modified: trunk/src/gconf-helpers/gconf-helpers.c
==============================================================================
--- trunk/src/gconf-helpers/gconf-helpers.c (original)
+++ trunk/src/gconf-helpers/gconf-helpers.c Mon May 19 07:46:48 2008
@@ -1331,7 +1331,7 @@
{
NMSettingConnection *s_con;
GByteArray *array = NULL;
- const char *privkey_tag;
+ const char *filename = NULL;
const char *secret_name;
gboolean success = FALSE;
@@ -1344,10 +1344,10 @@
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
if (!strcmp (tag, NMA_PRIVATE_KEY_PASSWORD_TAG)) {
- privkey_tag = NMA_PATH_PRIVATE_KEY_TAG;
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_PRIVATE_KEY_TAG);
secret_name = NM_SETTING_802_1X_PRIVATE_KEY;
} else if (!strcmp (tag, NMA_PHASE2_PRIVATE_KEY_PASSWORD_TAG)) {
- privkey_tag = NMA_PATH_PHASE2_PRIVATE_KEY_TAG;
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_PHASE2_PRIVATE_KEY_TAG);
secret_name = NM_SETTING_802_1X_PHASE2_PRIVATE_KEY;
} else {
g_set_error (error, NM_SETTINGS_ERROR, 1,
@@ -1356,7 +1356,19 @@
return FALSE;
}
- utils_fill_one_crypto_object (connection, privkey_tag, TRUE, password, &array, error);
+ if (filename) {
+ NMSetting8021x *setting;
+
+ setting = (NMSetting8021x *) nm_setting_802_1x_new ();
+ nm_setting_802_1x_set_private_key (setting, filename, password, error);
+
+ /* Steal the private key */
+ array = setting->private_key;
+ setting->private_key = NULL;
+
+ g_object_unref (setting);
+ }
+
if (*error) {
goto out;
} else if (!array || !array->len) {
Modified: trunk/src/utils/Makefile.am
==============================================================================
--- trunk/src/utils/Makefile.am (original)
+++ trunk/src/utils/Makefile.am Mon May 19 07:46:48 2008
@@ -4,9 +4,7 @@
gnome-keyring-md5.h \
gnome-keyring-md5.c \
utils.c \
- utils.h \
- crypto.c \
- crypto.h
+ utils.h
libutils_la_CPPFLAGS = \
$(NMA_CFLAGS) \
@@ -14,21 +12,3 @@
-I${top_srcdir}/src
libutils_la_LIBADD = $(NMA_LIBS)
-
-if WITH_GNUTLS
-libutils_la_SOURCES += crypto_gnutls.c
-libutils_la_CPPFLAGS += $(LIBGCRYPT_CFLAGS) $(GNUTLS_CFLAGS)
-libutils_la_LIBADD += $(LIBGCRYPT_LIBS) $(GNUTLS_LIBS)
-endif
-
-if WITH_NSS
-libutils_la_SOURCES += crypto_nss.c
-libutils_la_CPPFLAGS += $(NSS_CFLAGS)
-libutils_la_LIBADD += $(NSS_LIBS)
-endif
-
-noinst_PROGRAMS = test-crypto
-
-test_crypto_SOURCES = test-crypto.c
-test_crypto_CPPFLAGS = $(NMA_CFLAGS) -D_GNU_SOURCE
-test_crypto_LDADD = $(NMA_LIBS) ${top_builddir}/src/utils/libutils.la
Modified: trunk/src/utils/utils.c
==============================================================================
--- trunk/src/utils/utils.c (original)
+++ trunk/src/utils/utils.c Mon May 19 07:46:48 2008
@@ -41,7 +41,6 @@
#include <nm-setting-pppoe.h>
#include <nm-utils.h>
-#include "crypto.h"
#include "utils.h"
#include "gconf-helpers.h"
@@ -183,52 +182,11 @@
*field = NULL;
}
-gboolean
-utils_fill_one_crypto_object (NMConnection *connection,
- const char *key_name,
- gboolean is_private_key,
- const char *password,
- GByteArray **field,
- GError **error)
-{
- const char *filename;
- NMSettingConnection *s_con;
- guint32 ignore;
-
- g_return_val_if_fail (key_name != NULL, FALSE);
- g_return_val_if_fail (field != NULL, FALSE);
-
- clear_one_byte_array_field (field);
-
- s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
- g_return_val_if_fail (s_con != NULL, FALSE);
-
- filename = g_object_get_data (G_OBJECT (connection), key_name);
- if (!filename)
- return TRUE;
-
- if (is_private_key)
- g_return_val_if_fail (password != NULL, FALSE);
-
- if (is_private_key) {
- *field = crypto_get_private_key (filename, password, &ignore, error);
- if (error && *error)
- clear_one_byte_array_field (field);
- } else {
- *field = crypto_load_and_verify_certificate (filename, error);
- if (error && *error)
- clear_one_byte_array_field (field);
- }
-
- if (error && *error)
- return FALSE;
- return TRUE;
-}
-
void
utils_fill_connection_certs (NMConnection *connection)
{
NMSetting8021x *s_8021x;
+ const char *filename;
g_return_if_fail (connection != NULL);
@@ -236,30 +194,21 @@
if (!s_8021x)
return;
- utils_fill_one_crypto_object (connection,
- NMA_PATH_CA_CERT_TAG,
- FALSE,
- NULL,
- &s_8021x->ca_cert,
- NULL);
- utils_fill_one_crypto_object (connection,
- NMA_PATH_CLIENT_CERT_TAG,
- FALSE,
- NULL,
- &s_8021x->client_cert,
- NULL);
- utils_fill_one_crypto_object (connection,
- NMA_PATH_PHASE2_CA_CERT_TAG,
- FALSE,
- NULL,
- &s_8021x->phase2_ca_cert,
- NULL);
- utils_fill_one_crypto_object (connection,
- NMA_PATH_PHASE2_CLIENT_CERT_TAG,
- FALSE,
- NULL,
- &s_8021x->phase2_client_cert,
- NULL);
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_CA_CERT_TAG);
+ if (filename)
+ nm_setting_802_1x_set_ca_cert (s_8021x, filename, NULL);
+
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_CLIENT_CERT_TAG);
+ if (filename)
+ nm_setting_802_1x_set_client_cert (s_8021x, filename, NULL);
+
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_PHASE2_CA_CERT_TAG);
+ if (filename)
+ nm_setting_802_1x_set_phase2_ca_cert (s_8021x, filename, NULL);
+
+ filename = g_object_get_data (G_OBJECT (connection), NMA_PATH_PHASE2_CLIENT_CERT_TAG);
+ if (filename)
+ nm_setting_802_1x_set_phase2_client_cert (s_8021x, filename, NULL);
}
void
Modified: trunk/src/utils/utils.h
==============================================================================
--- trunk/src/utils/utils.h (original)
+++ trunk/src/utils/utils.h Mon May 19 07:46:48 2008
@@ -32,13 +32,6 @@
const char * utils_get_device_description (NMDevice *device);
-gboolean utils_fill_one_crypto_object (NMConnection *connection,
- const char *key_name,
- gboolean is_private_key,
- const char *password,
- GByteArray **field,
- GError **error);
-
void utils_fill_connection_certs (NMConnection *connection);
void utils_clear_filled_connection_certs (NMConnection *connection);
Modified: trunk/src/wireless-security/eap-method-tls.c
==============================================================================
--- trunk/src/wireless-security/eap-method-tls.c (original)
+++ trunk/src/wireless-security/eap-method-tls.c Mon May 19 07:46:48 2008
@@ -1,3 +1,5 @@
+/* -*- Mode: C; tab-width: 5; indent-tabs-mode: t; c-basic-offset: 5 -*- */
+
/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
*
* Dan Williams <dcbw redhat com>
@@ -198,24 +200,22 @@
method->phase2 ? NMA_PATH_PHASE2_PRIVATE_KEY_TAG : NMA_PATH_PRIVATE_KEY_TAG,
g_strdup (filename),
(GDestroyNotify) g_free);
- g_free (filename);
-
if (method->phase2) {
- utils_fill_one_crypto_object (connection, NMA_PATH_PHASE2_PRIVATE_KEY_TAG,
- TRUE, password, &s_8021x->phase2_private_key, &error);
+ nm_setting_802_1x_set_phase2_private_key (s_8021x, filename, password, &error);
if (error) {
g_warning ("Couldn't read phase2 private key: %s", error->message);
g_clear_error (&error);
}
} else {
- utils_fill_one_crypto_object (connection, NMA_PATH_PRIVATE_KEY_TAG,
- TRUE, password, &s_8021x->private_key, &error);
+ nm_setting_802_1x_set_private_key (s_8021x, filename, password, &error);
if (error) {
g_warning ("Couldn't read private key: %s", error->message);
g_clear_error (&error);
}
}
+ g_free (filename);
+
if (method->ignore_ca_cert) {
g_object_set_data (G_OBJECT (connection),
method->phase2 ? NMA_PHASE2_CA_CERT_IGNORE_TAG : NMA_CA_CERT_IGNORE_TAG,
Modified: trunk/src/wireless-security/eap-method.c
==============================================================================
--- trunk/src/wireless-security/eap-method.c (original)
+++ trunk/src/wireless-security/eap-method.c Mon May 19 07:46:48 2008
@@ -1,3 +1,5 @@
+/* -*- Mode: C; tab-width: 5; indent-tabs-mode: t; c-basic-offset: 5 -*- */
+
/* NetworkManager Wireless Applet -- Display wireless access points and allow user control
*
* Dan Williams <dcbw redhat com>
@@ -29,8 +31,9 @@
#include <fcntl.h>
#include <unistd.h>
+#include <nm-setting-8021x.h>
#include "eap-method.h"
-#include "crypto.h"
+
GType
eap_method_get_g_type (void)
@@ -149,6 +152,7 @@
{
GtkWidget *widget;
char *filename;
+ NMSetting8021x *setting;
gboolean success = FALSE;
GError *error = NULL;
@@ -164,10 +168,10 @@
if (!g_file_test (filename, G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))
goto out;
+ setting = (NMSetting8021x *) nm_setting_802_1x_new ();
+
if (is_private_key) {
- GByteArray *key;
const char *pw;
- guint32 key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
if (!pw_entry_name)
goto out;
@@ -179,31 +183,18 @@
if (!pw || !strlen (pw))
goto out;
- key = crypto_get_private_key (filename, pw, &key_type, &error);
- if (error != NULL)
- g_clear_error (&error);
-
- if (key) {
- memset (key->data, 0, key->len);
- g_byte_array_free (key, TRUE);
- success = TRUE;
- }
+ success = nm_setting_802_1x_set_private_key (setting, filename, pw, NULL);
} else {
- GByteArray *cert;
-
- cert = crypto_load_and_verify_certificate (filename, &error);
- if (error != NULL) {
+ success = nm_setting_802_1x_set_ca_cert (setting, filename, &error);
+ if (error) {
g_warning ("Error: couldn't verify certificate: %d %s",
error->code, error->message);
g_clear_error (&error);
}
-
- if (cert) {
- g_byte_array_free (cert, TRUE);
- success = TRUE;
- }
}
+ g_object_unref (setting);
+
out:
g_free (filename);
return success;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
