diff options
| author | Thomas Haller <thaller@redhat.com> | 2019-06-15 11:26:14 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2019-06-17 12:12:02 +0200 |
| commit | a17453913c9f6f24235f1f60721c6028288e213b (patch) | |
| tree | 609aacebf94efe4481b6401839bdc2e43b0955ec | |
| parent | 396b188697770eca0c4c798ac3542bcb82524b21 (diff) | |
| download | NetworkManager-a17453913c9f6f24235f1f60721c6028288e213b.tar.gz | |
settings: add _nm_connection_clear_secrets_by_secret_flags() function to simplify clearing secrets
| -rw-r--r-- | libnm-core/nm-connection.c | 46 | ||||
| -rw-r--r-- | libnm-core/nm-core-internal.h | 3 | ||||
| -rw-r--r-- | src/settings/nm-settings-connection.c | 46 | ||||
| -rw-r--r-- | src/settings/nm-settings.c | 29 |
4 files changed, 64 insertions, 60 deletions
diff --git a/libnm-core/nm-connection.c b/libnm-core/nm-connection.c index f2e0acbcc4..a2bd72b0d9 100644 --- a/libnm-core/nm-connection.c +++ b/libnm-core/nm-connection.c @@ -2050,6 +2050,52 @@ nm_connection_clear_secrets_with_flags (NMConnection *connection, g_signal_emit (connection, signals[SECRETS_CLEARED], 0); } +static gboolean +_clear_secrets_by_secret_flags_cb (NMSetting *setting, + const char *secret, + NMSettingSecretFlags flags, + gpointer user_data) +{ + NMSettingSecretFlags filter_flags = GPOINTER_TO_UINT (user_data); + gboolean remove_secret; + + if (filter_flags == NM_SETTING_SECRET_FLAG_NONE) { + /* Can't use bitops with SECRET_FLAG_NONE so handle that specifically */ + remove_secret = (flags != NM_SETTING_SECRET_FLAG_NONE); + } else { + /* Otherwise if the secret has at least one of the desired flags keep it */ + remove_secret = !NM_FLAGS_ANY (flags, filter_flags); + } + + return remove_secret; +} + +/** + * _nm_connection_clear_secrets_by_secret_flags: + * @self: the #NMConnection to filter (will be modified) + * @filter_flags: the secret flags to control whether to drop/remove + * a secret or to keep it. The meaning of the filter flags is to + * preseve the secrets. The secrets that have matching (see below) + * flags are kept, the others are dropped. + * + * Removes/drops secrets from @self according to @filter_flags. + * If @filter_flags is %NM_SETTING_SECRET_NONE, then only secrets that + * have %NM_SETTING_SECRET_NONE flags are kept. + * Otherwise, only secrets with secret flags are kept that have at least + * one of the filter flags. + */ +void +_nm_connection_clear_secrets_by_secret_flags (NMConnection *self, + NMSettingSecretFlags filter_flags) +{ + nm_connection_clear_secrets_with_flags (self, + _clear_secrets_by_secret_flags_cb, + GUINT_TO_POINTER (filter_flags)); +} + +/*****************************************************************************/ + + /*****************************************************************************/ /* Returns always a non-NULL, floating variant that must diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h index c44c7abf2d..eb0767c7ea 100644 --- a/libnm-core/nm-core-internal.h +++ b/libnm-core/nm-core-internal.h @@ -806,6 +806,9 @@ GBytes *_nm_setting_802_1x_cert_value_to_bytes (NMSetting8021xCKScheme scheme, /*****************************************************************************/ +void _nm_connection_clear_secrets_by_secret_flags (NMConnection *self, + NMSettingSecretFlags filter_flags); + GVariant *_nm_connection_for_each_secret (NMConnection *self, GVariant *secrets, gboolean remove_non_secrets, diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index e684aab6ee..0883d5e7fd 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -312,25 +312,6 @@ nm_settings_connection_check_permission (NMSettingsConnection *self, /*****************************************************************************/ -static gboolean -secrets_filter_cb (NMSetting *setting, - const char *secret, - NMSettingSecretFlags flags, - gpointer user_data) -{ - NMSettingSecretFlags filter_flags = GPOINTER_TO_UINT (user_data); - - /* Returns TRUE to remove the secret */ - - /* Can't use bitops with SECRET_FLAG_NONE so handle that specifically */ - if ( (flags == NM_SETTING_SECRET_FLAG_NONE) - && (filter_flags == NM_SETTING_SECRET_FLAG_NONE)) - return FALSE; - - /* Otherwise if the secret has at least one of the desired flags keep it */ - return (flags & filter_flags) ? FALSE : TRUE; -} - static void update_system_secrets_cache (NMSettingsConnection *self) { @@ -341,16 +322,14 @@ update_system_secrets_cache (NMSettingsConnection *self) priv->system_secrets = nm_simple_connection_new_clone (nm_settings_connection_get_connection (self)); /* Clear out non-system-owned and not-saved secrets */ - nm_connection_clear_secrets_with_flags (priv->system_secrets, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_NONE)); + _nm_connection_clear_secrets_by_secret_flags (priv->system_secrets, + NM_SETTING_SECRET_FLAG_NONE); } static void update_agent_secrets_cache (NMSettingsConnection *self, NMConnection *new) { NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); - NMSettingSecretFlags filter_flags = NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_AGENT_OWNED; if (priv->agent_secrets) g_object_unref (priv->agent_secrets); @@ -358,9 +337,9 @@ update_agent_secrets_cache (NMSettingsConnection *self, NMConnection *new) ?: nm_settings_connection_get_connection (self)); /* Clear out non-system-owned secrets */ - nm_connection_clear_secrets_with_flags (priv->agent_secrets, - secrets_filter_cb, - GUINT_TO_POINTER (filter_flags)); + _nm_connection_clear_secrets_by_secret_flags (priv->agent_secrets, + NM_SETTING_SECRET_FLAG_NOT_SAVED + | NM_SETTING_SECRET_FLAG_AGENT_OWNED); } static void @@ -549,9 +528,8 @@ nm_settings_connection_update (NMSettingsConnection *self, /* Save agent-owned secrets from the new connection for later use */ if (new_connection) { simple = nm_simple_connection_new_clone (new_connection); - nm_connection_clear_secrets_with_flags (simple, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED)); + _nm_connection_clear_secrets_by_secret_flags (simple, + NM_SETTING_SECRET_FLAG_AGENT_OWNED); new_agent_secrets = nm_connection_to_dbus (simple, NM_CONNECTION_SERIALIZE_ONLY_SECRETS); g_clear_object (&simple); } @@ -576,9 +554,8 @@ nm_settings_connection_update (NMSettingsConnection *self, * the connection returned by plugins, as plugins return only what was * reread from the file. */ simple = nm_simple_connection_new_clone (nm_settings_connection_get_connection (self)); - nm_connection_clear_secrets_with_flags (simple, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED)); + _nm_connection_clear_secrets_by_secret_flags (simple, + NM_SETTING_SECRET_FLAG_AGENT_OWNED); con_agent_secrets = nm_connection_to_dbus (simple, NM_CONNECTION_SERIALIZE_ONLY_SECRETS); nm_connection_replace_settings_from_connection (nm_settings_connection_get_connection (self), replace_connection); @@ -1637,9 +1614,8 @@ update_auth_cb (NMSettingsConnection *self, * Only send secrets to agents of the same UID that called update too. */ for_agent = nm_simple_connection_new_clone (nm_settings_connection_get_connection (self)); - nm_connection_clear_secrets_with_flags (for_agent, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED)); + _nm_connection_clear_secrets_by_secret_flags (for_agent, + NM_SETTING_SECRET_FLAG_AGENT_OWNED); nm_agent_manager_save_secrets (info->agent_mgr, nm_dbus_object_get_path (NM_DBUS_OBJECT (self)), for_agent, diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c index 0b47dea29f..8229dbca86 100644 --- a/src/settings/nm-settings.c +++ b/src/settings/nm-settings.c @@ -539,25 +539,6 @@ claim_connection (NMSettings *self, NMSettingsConnection *sett_conn) /*****************************************************************************/ -static gboolean -secrets_filter_cb (NMSetting *setting, - const char *secret, - NMSettingSecretFlags flags, - gpointer user_data) -{ - NMSettingSecretFlags filter_flags = GPOINTER_TO_UINT (user_data); - - /* Returns TRUE to remove the secret */ - - /* Can't use bitops with SECRET_FLAG_NONE so handle that specifically */ - if ( (flags == NM_SETTING_SECRET_FLAG_NONE) - && (filter_flags == NM_SETTING_SECRET_FLAG_NONE)) - return FALSE; - - /* Otherwise if the secret has at least one of the desired flags keep it */ - return (flags & filter_flags) ? FALSE : TRUE; -} - /** * nm_settings_add_connection: * @self: the #NMSettings object @@ -615,9 +596,8 @@ nm_settings_add_connection (NMSettings *self, * the connection returned by plugins, as plugins return only what was * reread from the file. */ simple = nm_simple_connection_new_clone (connection); - nm_connection_clear_secrets_with_flags (simple, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED)); + _nm_connection_clear_secrets_by_secret_flags (simple, + NM_SETTING_SECRET_FLAG_AGENT_OWNED); secrets = nm_connection_to_dbus (simple, NM_CONNECTION_SERIALIZE_ONLY_SECRETS); added = nm_settings_plugin_add_connection (plugin, connection, save_to_disk, &add_error); @@ -657,9 +637,8 @@ send_agent_owned_secrets (NMSettings *self, * Only send secrets to agents of the same UID that called update too. */ for_agent = nm_simple_connection_new_clone (nm_settings_connection_get_connection (sett_conn)); - nm_connection_clear_secrets_with_flags (for_agent, - secrets_filter_cb, - GUINT_TO_POINTER (NM_SETTING_SECRET_FLAG_AGENT_OWNED)); + _nm_connection_clear_secrets_by_secret_flags (for_agent, + NM_SETTING_SECRET_FLAG_AGENT_OWNED); nm_agent_manager_save_secrets (priv->agent_mgr, nm_dbus_object_get_path (NM_DBUS_OBJECT (sett_conn)), for_agent, |