diff options
| author | Thomas Haller <thaller@redhat.com> | 2018-12-29 21:23:09 +0100 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2019-01-07 10:27:03 +0100 |
| commit | 49fd140493680ef4bef4b51a1682def35d67ef56 (patch) | |
| tree | 9383c44e038a39f619ddab0ef95146f3b1348a50 | |
| parent | 46ef278c200e0b4c2a96492fd46966ce96322b51 (diff) | |
| download | NetworkManager-th/keyfile-fixes.tar.gz | |
libnm-core: add _nm_setting_secret_flags_valid() helperth/keyfile-fixes
Secret-flags are flags, but most combinations don't actually make sense
and maybe should be rejected. Anyway, that is not done, and most places
just check that there are no unknown flags set.
Add _nm_setting_secret_flags_valid() to perform the check at one place
instead of having the implementation at various places.
| -rw-r--r-- | libnm-core/nm-core-internal.h | 18 | ||||
| -rw-r--r-- | libnm-core/nm-setting-vpn.c | 3 | ||||
| -rw-r--r-- | libnm-core/nm-setting.c | 2 |
3 files changed, 17 insertions, 6 deletions
diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h index f7abfb6c43..1e7ec9bcbc 100644 --- a/libnm-core/nm-core-internal.h +++ b/libnm-core/nm-core-internal.h @@ -121,11 +121,21 @@ */ #define NM_SETTING_COMPARE_FLAG_NONE ((NMSettingCompareFlags) 0) +/*****************************************************************************/ + #define NM_SETTING_SECRET_FLAGS_ALL \ - (NM_SETTING_SECRET_FLAG_NONE | \ - NM_SETTING_SECRET_FLAG_AGENT_OWNED | \ - NM_SETTING_SECRET_FLAG_NOT_SAVED | \ - NM_SETTING_SECRET_FLAG_NOT_REQUIRED) + ((NMSettingSecretFlags) ( NM_SETTING_SECRET_FLAG_NONE \ + | NM_SETTING_SECRET_FLAG_AGENT_OWNED \ + | NM_SETTING_SECRET_FLAG_NOT_SAVED \ + | NM_SETTING_SECRET_FLAG_NOT_REQUIRED)) + +static inline gboolean +_nm_setting_secret_flags_valid (NMSettingSecretFlags flags) +{ + return !NM_FLAGS_ANY (flags, ~NM_SETTING_SECRET_FLAGS_ALL); +} + +/*****************************************************************************/ typedef enum { /*< skip >*/ NM_SETTING_PARSE_FLAGS_NONE = 0, diff --git a/libnm-core/nm-setting-vpn.c b/libnm-core/nm-setting-vpn.c index 5d488e7f07..d485b2a802 100644 --- a/libnm-core/nm-setting-vpn.c +++ b/libnm-core/nm-setting-vpn.c @@ -730,7 +730,8 @@ get_secret_flags (NMSetting *setting, } i64 = _nm_utils_ascii_str_to_int64 (flags_val, 10, 0, NM_SETTING_SECRET_FLAGS_ALL, -1); - if (i64 == -1) { + if ( i64 == -1 + || !_nm_setting_secret_flags_valid (i64)) { /* The flags keys is set to an unexpected value. That is a configuration * error. Note that keys named "*-flags" are reserved for secrets. The user * must not use this for anything but secret flags. Hence, we cannot fail diff --git a/libnm-core/nm-setting.c b/libnm-core/nm-setting.c index be3ade3af4..282d1123b4 100644 --- a/libnm-core/nm-setting.c +++ b/libnm-core/nm-setting.c @@ -2157,7 +2157,7 @@ nm_setting_set_secret_flags (NMSetting *setting, { g_return_val_if_fail (NM_IS_SETTING (setting), FALSE); g_return_val_if_fail (secret_name != NULL, FALSE); - g_return_val_if_fail (flags <= NM_SETTING_SECRET_FLAGS_ALL, FALSE); + g_return_val_if_fail (_nm_setting_secret_flags_valid (flags), FALSE); return NM_SETTING_GET_CLASS (setting)->set_secret_flags (setting, secret_name, flags, error); } |