ifcfg-rh: reuse file-suffix from NMSetting8021xSchemeVtablelr/pkcs11-pin

Keyfile writer computes the file extension and only uses
the file suffix from the vtable.

Do that for ifcfg-rh too. No change in behavior.

7 files changed, 29 insertions, 36 deletions

diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h
index 0b244545ca..26827d0f37 100644
--- a/libnm-core/nm-core-internal.h
+++ b/libnm-core/nm-core-internal.h
@@ -353,7 +353,7 @@ typedef struct {
 	const char *           (*uri_func)    (NMSetting8021x *setting);
 	const char *           (*passwd_func) (NMSetting8021x *setting);
 	NMSettingSecretFlags   (*pwflag_func) (NMSetting8021x *setting);
-	const char *keyfile_suffix;
+	const char *file_suffix;
 } NMSetting8021xSchemeVtable;
 
 enum {
diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c
index b0e45f1e26..e64769e42d 100644
--- a/libnm-core/nm-setting-8021x.c
+++ b/libnm-core/nm-setting-8021x.c
@@ -189,7 +189,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_ca_cert_uri,
 		.passwd_func            = nm_setting_802_1x_get_ca_cert_password,
 		.pwflag_func            = nm_setting_802_1x_get_ca_cert_password_flags,
-		.keyfile_suffix         = "ca-cert",
+		.file_suffix            = "ca-cert",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT] = {
@@ -201,7 +201,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_phase2_ca_cert_uri,
 		.passwd_func            = nm_setting_802_1x_get_phase2_ca_cert_password,
 		.pwflag_func            = nm_setting_802_1x_get_phase2_ca_cert_password_flags,
-		.keyfile_suffix         = "inner-ca-cert",
+		.file_suffix            = "inner-ca-cert",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT] = {
@@ -213,7 +213,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_client_cert_uri,
 		.passwd_func            = nm_setting_802_1x_get_client_cert_password,
 		.pwflag_func            = nm_setting_802_1x_get_client_cert_password_flags,
-		.keyfile_suffix         = "client-cert",
+		.file_suffix            = "client-cert",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT] = {
@@ -225,7 +225,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_phase2_client_cert_uri,
 		.passwd_func            = nm_setting_802_1x_get_phase2_client_cert_password,
 		.pwflag_func            = nm_setting_802_1x_get_phase2_client_cert_password_flags,
-		.keyfile_suffix         = "inner-client-cert",
+		.file_suffix            = "inner-client-cert",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY] = {
@@ -237,7 +237,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_private_key_uri,
 		.passwd_func            = nm_setting_802_1x_get_private_key_password,
 		.pwflag_func            = nm_setting_802_1x_get_private_key_password_flags,
-		.keyfile_suffix         = "private-key",
+		.file_suffix            = "private-key",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY] = {
@@ -249,7 +249,7 @@ const NMSetting8021xSchemeVtable nm_setting_8021x_scheme_vtable[] = {
 		.uri_func               = nm_setting_802_1x_get_phase2_private_key_uri,
 		.passwd_func            = nm_setting_802_1x_get_phase2_private_key_password,
 		.pwflag_func            = nm_setting_802_1x_get_phase2_private_key_password_flags,
-		.keyfile_suffix         = "inner-private-key",
+		.file_suffix            = "inner-private-key",
 	},
 
 	[NM_SETTING_802_1X_SCHEME_TYPE_UNKNOWN] = { NULL },
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
index d1c0097649..0a6b16947a 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
@@ -100,19 +100,20 @@ utils_should_ignore_file (const char *filename, gboolean only_ifcfg)
 }
 
 char *
-utils_cert_path (const char *parent, const char *suffix)
+utils_cert_path (const char *parent, const char *suffix, const char *extension)
 {
+	gs_free char *dir = NULL;
 	const char *name;
-	char *dir, *path;
 
-	g_return_val_if_fail (parent != NULL, NULL);
-	g_return_val_if_fail (suffix != NULL, NULL);
+	g_return_val_if_fail (parent, NULL);
+	g_return_val_if_fail (suffix, NULL);
+	g_return_val_if_fail (extension, NULL);
 
 	name = utils_get_ifcfg_name (parent, FALSE);
+	g_return_val_if_fail (name, NULL);
+
 	dir = g_path_get_dirname (parent);
-	path = g_strdup_printf ("%s/%s-%s", dir, name, suffix);
-	g_free (dir);
-	return path;
+	return g_strdup_printf ("%s/%s-%s.%s", dir, name, suffix, extension);
 }
 
 const char *
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
index af0469e66f..d209a0673c 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
@@ -31,7 +31,7 @@
 #define NM_IFCFG_CONNECTION_LOG_FMTD        "%s (%s,\"%s\",%p)"
 #define NM_IFCFG_CONNECTION_LOG_ARGD(con)   NM_IFCFG_CONNECTION_LOG_PATH (nm_settings_connection_get_filename ((NMSettingsConnection *) (con))), nm_connection_get_uuid ((NMConnection *) (con)), nm_connection_get_id ((NMConnection *) (con)), (con)
 
-char *utils_cert_path (const char *parent, const char *suffix);
+char *utils_cert_path (const char *parent, const char *suffix, const char *extension);
 
 const char *utils_get_ifcfg_name (const char *file, gboolean only_ifcfg);
 
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index 96f8d062f3..bdfb641fb2 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -149,42 +149,32 @@ error:
 typedef struct {
 	const NMSetting8021xSchemeVtable *vtable;
 	const char *ifcfg_rh_key;
-	const char *ifcfg_rh_suffix;
-	const char *ifcfg_rh_suffix_p12;
 } Setting8021xSchemeVtable;
 
 static const Setting8021xSchemeVtable setting_8021x_scheme_vtable[] = {
 	[NM_SETTING_802_1X_SCHEME_TYPE_CA_CERT] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_CA_CERT],
 		.ifcfg_rh_key           = "IEEE_8021X_CA_CERT",
-		.ifcfg_rh_suffix        = "ca-cert.der",
 	},
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CA_CERT],
 		.ifcfg_rh_key           = "IEEE_8021X_INNER_CA_CERT",
-		.ifcfg_rh_suffix        = "inner-ca-cert.der",
 	},
 	[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_CLIENT_CERT],
 		.ifcfg_rh_key           = "IEEE_8021X_CLIENT_CERT",
-		.ifcfg_rh_suffix        = "client-cert.der",
 	},
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_CLIENT_CERT],
 		.ifcfg_rh_key           = "IEEE_8021X_INNER_CLIENT_CERT",
-		.ifcfg_rh_suffix        = "inner-client-cert.der",
 	},
 	[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PRIVATE_KEY],
 		.ifcfg_rh_key           = "IEEE_8021X_PRIVATE_KEY",
-		.ifcfg_rh_suffix        = "private-key.pem",
-		.ifcfg_rh_suffix_p12    = "private-key.p12",
 	},
 	[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY] = {
 		.vtable                 = &nm_setting_8021x_scheme_vtable[NM_SETTING_802_1X_SCHEME_TYPE_PHASE2_PRIVATE_KEY],
 		.ifcfg_rh_key           = "IEEE_8021X_INNER_PRIVATE_KEY",
-		.ifcfg_rh_suffix        = "inner-private-key.pem",
-		.ifcfg_rh_suffix_p12    = "inner-private-key.p12",
 	},
 };
 
@@ -200,7 +190,7 @@ write_object (NMSetting8021x *s_8021x,
 	const char *password = NULL;
 	NMSettingSecretFlags flags = NM_SETTING_SECRET_FLAG_NONE;
 	char *secret_name, *secret_flags;
-	const char *suffix;
+	const char *extension;
 
 	g_return_val_if_fail (ifcfg != NULL, FALSE);
 	g_return_val_if_fail (objtype != NULL, FALSE);
@@ -233,10 +223,12 @@ write_object (NMSetting8021x *s_8021x,
 	g_free (secret_name);
 	g_free (secret_flags);
 
-	suffix = objtype->ifcfg_rh_suffix;
-	if (   objtype->vtable->format_func
-	    && objtype->vtable->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12)
-		suffix = objtype->ifcfg_rh_suffix_p12;
+	if (!objtype->vtable->format_func)
+		extension = "der";
+	else if (objtype->vtable->format_func (s_8021x) == NM_SETTING_802_1X_CK_FORMAT_PKCS12)
+		extension = "p12";
+	else
+		extension = "pem";
 
 	/* If certificate/private key wasn't sent, the connection may no longer be
 	 * 802.1x and thus we clear out the paths and certs.
@@ -251,7 +243,7 @@ write_object (NMSetting8021x *s_8021x,
 		 * /etc/sysconfig/network-scripts/ca-cert-Test_Write_Wifi_WPA_EAP-TLS.der
 		 * will be deleted, but /etc/pki/tls/cert.pem will not.
 		 */
-		standard_file = utils_cert_path (svFileGetName (ifcfg), suffix);
+		standard_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
 		if (g_file_test (standard_file, G_FILE_TEST_EXISTS))
 			ignored = unlink (standard_file);
 		g_free (standard_file);
@@ -274,7 +266,7 @@ write_object (NMSetting8021x *s_8021x,
 		char *new_file;
 		GError *write_error = NULL;
 
-		new_file = utils_cert_path (svFileGetName (ifcfg), suffix);
+		new_file = utils_cert_path (svFileGetName (ifcfg), objtype->vtable->file_suffix, extension);
 		if (!new_file) {
 			g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
 			             "Could not create file path for %s / %s",
diff --git a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
index f467d864cc..11c412edca 100644
--- a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
+++ b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
@@ -4486,15 +4486,15 @@ test_write_wired_8021x_tls (gconstpointer test_data)
 	}
 
 	/* Clean up created certs and keys */
-	tmp = utils_cert_path (testfile, "ca-cert.der");
+	tmp = utils_cert_path (testfile, "ca-cert", "der");
 	nmtst_file_unlink_if_exists (tmp);
 	g_free (tmp);
 
-	tmp = utils_cert_path (testfile, "client-cert.der");
+	tmp = utils_cert_path (testfile, "client-cert", "der");
 	nmtst_file_unlink_if_exists (tmp);
 	g_free (tmp);
 
-	tmp = utils_cert_path (testfile, "private-key.pem");
+	tmp = utils_cert_path (testfile, "private-key", "pem");
 	nmtst_file_unlink_if_exists (tmp);
 	g_free (tmp);
 }
diff --git a/src/settings/plugins/keyfile/nms-keyfile-writer.c b/src/settings/plugins/keyfile/nms-keyfile-writer.c
index 50b4113649..a673742050 100644
--- a/src/settings/plugins/keyfile/nms-keyfile-writer.c
+++ b/src/settings/plugins/keyfile/nms-keyfile-writer.c
@@ -124,7 +124,7 @@ cert_writer (NMConnection *connection,
 		 * from now on instead of pushing around the certificate data.
 		 */
 		new_path = g_strdup_printf ("%s/%s-%s.%s", info->keyfile_dir, nm_connection_get_uuid (connection),
-		                            cert_data->vtable->keyfile_suffix, ext);
+		                            cert_data->vtable->file_suffix, ext);
 
 		success = nm_utils_file_set_contents (new_path, (const gchar *) blob_data,
 		                                      blob_len, 0600, &local);