On Sun, 2014-02-23 at 18:45 +0100, Thomas Haller wrote:
When secret providers return the connection hash in GetSecrets(), this hash also contains non-secret properties. for_each_secret() iterated over all entries of the @secrets hash and triggered the assertion in nm_setting_get_secret_flags() (see below). NM should not assert against user provided input. Change nm_setting_get_secret_flags() to silently return FALSE, if the property is not a secret. This makes nm_setting_get_secret_flags() useful to check whether a property is actually a secret property. Adjust all calls to nm_setting_get_secret_flags(), so that we assert where appropriate. Also, agent_secrets_done_cb() clears now all non-secrets properties from the hash, using the new argument @remove_non_secrets when calling for_each_secret().
This patch needs some more thinking, because NMSettingVpn expects nm_setting_get_secret_flags() to be called with secret names but not with g_object property names. So this change will trigger some asserts... v2 will follow... Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part