[network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 6/21] properties: fail import of files that have no "conn" section
- From: Thomas Haller <thaller src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 6/21] properties: fail import of files that have no "conn" section
- Date: Tue, 14 Jun 2016 09:54:00 +0000 (UTC)
commit 722e9aaaca7fc4c1e67777b33705a1d6dfd77833
Author: Thomas Haller <thaller redhat com>
Date: Thu May 26 11:02:52 2016 +0200
properties: fail import of files that have no "conn" section
Previously, import would only consider the lines that it understands,
ignoring any invalid line.
That means, a completely bogus file was still accepted and a
NMConnection witout ID was created (which later fails validation).
Do a minimum of validation and require a "conn" section.
Also, there could be multiple "conn" sections within a file.
Only consider the first and ignore the following.
properties/nm-libreswan-editor-plugin.c | 23 +++++++++++++++++++----
shared/nm-default.h | 2 ++
2 files changed, 21 insertions(+), 4 deletions(-)
---
diff --git a/properties/nm-libreswan-editor-plugin.c b/properties/nm-libreswan-editor-plugin.c
index dcc3308..fd74e4a 100644
--- a/properties/nm-libreswan-editor-plugin.c
+++ b/properties/nm-libreswan-editor-plugin.c
@@ -69,8 +69,9 @@ import_from_file (NMVpnEditorPlugin *self,
NMSettingConnection *s_con;
NMSettingVpn *s_vpn;
GIOChannel *chan;
- gchar *str;
+ char *str_tmp;
int fd, errsv;
+ gboolean has_conn = FALSE;
fd = g_open (path, O_RDONLY, 0777);
if (fd == -1) {
@@ -88,10 +89,18 @@ import_from_file (NMVpnEditorPlugin *self,
g_object_set (s_vpn, NM_SETTING_VPN_SERVICE_TYPE, NM_VPN_SERVICE_TYPE_LIBRESWAN, NULL);
chan = g_io_channel_unix_new (fd);
- while (g_io_channel_read_line (chan, &str, NULL, NULL, NULL) == G_IO_STATUS_NORMAL) {
+ while (g_io_channel_read_line (chan, &str_tmp, NULL, NULL, NULL) == G_IO_STATUS_NORMAL) {
+ gs_free char *str = str_tmp;
+
g_strstrip (str);
- if (g_str_has_prefix (str, "conn "))
+ if (g_str_has_prefix (str, "conn ")) {
+ if (has_conn) {
+ /* only accept the frist connection section */
+ break;
+ }
+ has_conn = TRUE;
g_object_set (s_con, NM_SETTING_CONNECTION_ID, &str[5], NULL);
+ }
else if (g_str_has_prefix (str, "leftid=@"))
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_LEFTID, &str[8]);
else if (g_str_has_prefix (str, "leftxauthusername="))
@@ -107,12 +116,18 @@ import_from_file (NMVpnEditorPlugin *self,
else {
/* unknown tokens are silently ignored. */
}
- g_free (str);
}
g_io_channel_unref (chan);
g_close (fd, NULL);
+ if( !has_conn) {
+ g_set_error (error, NMV_EDITOR_PLUGIN_ERROR, NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_VPN,
+ _("Missing \"conn\" section in \"%s\""), path);
+ g_object_unref (connection);
+ return NULL;
+ }
+
return connection;
}
diff --git a/shared/nm-default.h b/shared/nm-default.h
index 299a51a..c46de33 100644
--- a/shared/nm-default.h
+++ b/shared/nm-default.h
@@ -77,6 +77,7 @@
#define nm_simple_connection_new nm_connection_new
#define NMV_EDITOR_PLUGIN_ERROR NM_SETTING_VPN_ERROR
#define NMV_EDITOR_PLUGIN_ERROR_INVALID_PROPERTY NM_SETTING_VPN_ERROR_INVALID_PROPERTY
+#define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_VPN NM_SETTING_VPN_ERROR_UNKNOWN
#else /* !NM_VPN_OLD */
@@ -84,6 +85,7 @@
#define NMV_EDITOR_PLUGIN_ERROR NM_CONNECTION_ERROR
#define NMV_EDITOR_PLUGIN_ERROR_INVALID_PROPERTY NM_CONNECTION_ERROR_INVALID_PROPERTY
+#define NMV_EDITOR_PLUGIN_ERROR_FILE_NOT_VPN NM_CONNECTION_ERROR_FAILED
#endif /* NM_VPN_OLD */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
