diff options
author | Lubomir Rintel <lkundrak@v3.sk> | 2016-12-19 12:47:15 +0100 |
---|---|---|
committer | Lubomir Rintel <lkundrak@v3.sk> | 2017-01-06 15:56:11 +0100 |
commit | 84c57c34bc8cb9b2d9291a9ad3ed74153fb23cb0 (patch) | |
tree | e8f96aa08a3e186a5976529ce72687577da669a5 | |
parent | afd281102879168f13fb4d1deff9535542ad6fc5 (diff) | |
download | NetworkManager-84c57c34bc8cb9b2d9291a9ad3ed74153fb23cb0.tar.gz |
libnm-core/8021x: add pkcs11: scheme for certificates and keys
The getters just return the whole URI as-is, without any mangling.
-rw-r--r-- | libnm-core/nm-setting-8021x.c | 246 | ||||
-rw-r--r-- | libnm-core/nm-setting-8021x.h | 18 | ||||
-rw-r--r-- | libnm/libnm.ver | 6 |
3 files changed, 251 insertions, 19 deletions
diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c index 12dc5a62a4..f0430b079e 100644 --- a/libnm-core/nm-setting-8021x.c +++ b/libnm-core/nm-setting-8021x.c @@ -438,6 +438,8 @@ NMSetting8021xCKScheme nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError **error) { const char *data = pdata; + NMSetting8021xCKScheme scheme; + gsize prefix_length; g_return_val_if_fail (!length || data, NM_SETTING_802_1X_CK_SCHEME_UNKNOWN); @@ -449,10 +451,21 @@ nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError * return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN; } - /* interpret the blob as PATH if it starts with "file://". */ if ( length >= NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH) && !memcmp (data, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH, NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH))) { - /* But it must also be NUL terminated, contain at least + scheme = NM_SETTING_802_1X_CK_SCHEME_PATH; + prefix_length = NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH); + } else if ( length >= NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11) + && !memcmp (data, NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11, NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11))) { + scheme = NM_SETTING_802_1X_CK_SCHEME_PKCS11; + prefix_length = NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11); + } else { + scheme = NM_SETTING_802_1X_CK_SCHEME_BLOB; + prefix_length = 0; + } + + if (scheme != NM_SETTING_802_1X_CK_SCHEME_BLOB) { + /* An actual URI must be NUL terminated, contain at least * one non-NUL character, and contain only one trailing NUL * chracter. * And ensure it's UTF-8 valid too so we can pass it through @@ -462,31 +475,29 @@ nm_setting_802_1x_check_cert_scheme (gconstpointer pdata, gsize length, GError * g_set_error_literal (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, - _("file:// URI not NUL terminated")); + _("URI not NUL terminated")); return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN; } length--; - if (length <= NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH)) { + if (length <= prefix_length) { g_set_error_literal (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, - _("file:// URI is empty")); + _("URI is empty")); return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN; } - if (!g_utf8_validate (data + NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH), length - NM_STRLEN (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH), NULL)) { + if (!g_utf8_validate (data + prefix_length, length - prefix_length, NULL)) { g_set_error_literal (error, - NM_CONNECTION_ERROR, - NM_CONNECTION_ERROR_INVALID_PROPERTY, - _("file:// URI is not valid UTF-8")); + NM_CONNECTION_ERROR, + NM_CONNECTION_ERROR_INVALID_PROPERTY, + _("URI is not valid UTF-8")); return NM_SETTING_802_1X_CK_SCHEME_UNKNOWN; } - - return NM_SETTING_802_1X_CK_SCHEME_PATH; } - return NM_SETTING_802_1X_CK_SCHEME_BLOB; + return scheme; } static GByteArray * @@ -524,7 +535,8 @@ load_and_verify_certificate (const char *cert_path, * * Returns the scheme used to store the CA certificate. If the returned scheme * is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_ca_cert_blob(); - * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(). + * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(); + * if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_ca_cert_uri(). * * Returns: scheme used to store the CA certificate (blob or path) **/ @@ -590,6 +602,37 @@ nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting) return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH); } +/** + * nm_setting_802_1x_get_ca_cert_uri: + * @setting: the #NMSetting8021x + * + * Returns the CA certificate URI analogously to + * nm_setting_802_1x_get_ca_cert_blob() and + * nm_setting_802_1x_get_ca_cert_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_ca_cert_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_ca_cert_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->ca_cert, NULL); + return (const char *)data; +} + static GBytes * path_to_scheme_value (const char *path) { @@ -875,7 +918,8 @@ nm_setting_802_1x_get_domain_suffix_match (NMSetting8021x *setting) * * Returns the scheme used to store the client certificate. If the returned scheme * is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_client_cert_blob(); - * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(). + * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_client_cert_path(); + * if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use nm_setting_802_1x_get_client_cert_uri(). * * Returns: scheme used to store the client certificate (blob or path) **/ @@ -936,6 +980,37 @@ nm_setting_802_1x_get_client_cert_path (NMSetting8021x *setting) } /** + * nm_setting_802_1x_get_client_cert_uri: + * @setting: the #NMSetting8021x + * + * Returns the client certificate URI analogously to + * nm_setting_802_1x_get_client_cert_blob() and + * nm_setting_802_1x_get_client_cert_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_client_cert_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_client_cert_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->client_cert, NULL); + return (const char *)data; +} + +/** * nm_setting_802_1x_set_client_cert: * @setting: the #NMSetting8021x * @cert_path: when @scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH @@ -1138,7 +1213,8 @@ nm_setting_802_1x_get_phase2_ca_path (NMSetting8021x *setting) * Returns the scheme used to store the "phase 2" CA certificate. If the * returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use * nm_setting_802_1x_get_ca_cert_blob(); if %NM_SETTING_802_1X_CK_SCHEME_PATH, - * use nm_setting_802_1x_get_ca_cert_path(). + * use nm_setting_802_1x_get_ca_cert_path(); if %NM_SETTING_802_1X_CK_SCHEME_PKCS11, + * use nm_setting_802_1x_get_ca_cert_uri(). * * Returns: scheme used to store the "phase 2" CA certificate (blob or path) **/ @@ -1205,6 +1281,37 @@ nm_setting_802_1x_get_phase2_ca_cert_path (NMSetting8021x *setting) } /** + * nm_setting_802_1x_get_phase2_ca_cert_uri: + * @setting: the #NMSetting8021x + * + * Returns the "phase 2" CA certificate URI analogously to + * nm_setting_802_1x_get_phase2_ca_cert_blob() and + * nm_setting_802_1x_get_phase2_ca_cert_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_phase2_ca_cert_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_phase2_ca_cert_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_ca_cert, NULL); + return (const char *)data; +} + +/** * nm_setting_802_1x_set_phase2_ca_cert: * @setting: the #NMSetting8021x * @cert_path: when @scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH @@ -1474,7 +1581,9 @@ nm_setting_802_1x_clear_phase2_altsubject_matches (NMSetting8021x *setting) * returned scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use * nm_setting_802_1x_get_client_cert_blob(); if * %NM_SETTING_802_1X_CK_SCHEME_PATH, use - * nm_setting_802_1x_get_client_cert_path(). + * nm_setting_802_1x_get_client_cert_path(); if + * %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use + * nm_setting_802_1x_get_client_cert_uri(). * * Returns: scheme used to store the "phase 2" client certificate (blob or path) **/ @@ -1535,6 +1644,37 @@ nm_setting_802_1x_get_phase2_client_cert_path (NMSetting8021x *setting) } /** + * nm_setting_802_1x_get_phase2_client_cert_uri: + * @setting: the #NMSetting8021x + * + * Returns the "phase 2" client certificate URI analogously to + * nm_setting_802_1x_get_phase2_ca_cert_blob() and + * nm_setting_802_1x_get_phase2_ca_cert_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_phase2_client_cert_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_phase2_client_cert_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_client_cert, NULL); + return (const char *)data; +} + +/** * nm_setting_802_1x_set_phase2_client_cert: * @setting: the #NMSetting8021x * @cert_path: when @scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH @@ -1729,7 +1869,9 @@ nm_setting_802_1x_get_pin_flags (NMSetting8021x *setting) * %NM_SETTING_802_1X_CK_SCHEME_BLOB, use * nm_setting_802_1x_get_client_cert_blob(); if * %NM_SETTING_802_1X_CK_SCHEME_PATH, use - * nm_setting_802_1x_get_client_cert_path(). + * nm_setting_802_1x_get_client_cert_path(); if + * %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use + * nm_setting_802_1x_get_client_cert_uri(). * * Returns: scheme used to store the private key (blob or path) **/ @@ -1793,6 +1935,37 @@ nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting) return (const char *)data + strlen (NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH); } +/** + * nm_setting_802_1x_get_private_key_uri: + * @setting: the #NMSetting8021x + * + * Returns the private key URI analogously to + * nm_setting_802_1x_get_private_key_blob() and + * nm_setting_802_1x_get_private_key_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_private_key_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_private_key_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->private_key, NULL); + return (const char *)data; +} + static void free_secure_bytes (gpointer data) { @@ -2067,7 +2240,9 @@ nm_setting_802_1x_get_phase2_private_key_password_flags (NMSetting8021x *setting * scheme is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use * nm_setting_802_1x_get_client_cert_blob(); if * %NM_SETTING_802_1X_CK_SCHEME_PATH, use - * nm_setting_802_1x_get_client_cert_path(). + * nm_setting_802_1x_get_client_cert_path(); if + * %NM_SETTING_802_1X_CK_SCHEME_PKCS11, use + * nm_setting_802_1x_get_client_cert_uri(). * * Returns: scheme used to store the "phase 2" private key (blob or path) **/ @@ -2132,6 +2307,37 @@ nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting) } /** + * nm_setting_802_1x_get_phase2_private_key_uri: + * @setting: the #NMSetting8021x + * + * Returns the "phase 2" private key URI analogously to + * nm_setting_802_1x_get_phase2_private_key_blob() and + * nm_setting_802_1x_get_phase2_private_key_path(). + * + * Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC + * 7512), but may be extended to other schemes in future (such as 'file' URIs + * for local files and 'data' URIs for inline certificate data). + * + * Returns: the URI string + * + * Since: 1.6 + **/ +const char * +nm_setting_802_1x_get_phase2_private_key_uri (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + gconstpointer data; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_phase2_private_key_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11, NULL); + + data = g_bytes_get_data (NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_private_key, NULL); + return (const char *)data; +} + +/** * nm_setting_802_1x_set_phase2_private_key: * @setting: the #NMSetting8021x * @key_path: when @scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or @@ -2371,6 +2577,8 @@ need_secrets_tls (NMSetting8021x *self, scheme = nm_setting_802_1x_get_phase2_private_key_scheme (self); if (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH) path = nm_setting_802_1x_get_phase2_private_key_path (self); + else if (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11) + return; else if (scheme == NM_SETTING_802_1X_CK_SCHEME_BLOB) blob = nm_setting_802_1x_get_phase2_private_key_blob (self); else { @@ -2385,6 +2593,8 @@ need_secrets_tls (NMSetting8021x *self, scheme = nm_setting_802_1x_get_private_key_scheme (self); if (scheme == NM_SETTING_802_1X_CK_SCHEME_PATH) path = nm_setting_802_1x_get_private_key_path (self); + else if (scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11) + return; else if (scheme == NM_SETTING_802_1X_CK_SCHEME_BLOB) blob = nm_setting_802_1x_get_private_key_blob (self); else { diff --git a/libnm-core/nm-setting-8021x.h b/libnm-core/nm-setting-8021x.h index 5cdcb3d5bc..393a2d35de 100644 --- a/libnm-core/nm-setting-8021x.h +++ b/libnm-core/nm-setting-8021x.h @@ -32,6 +32,7 @@ G_BEGIN_DECLS #define NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PATH "file://" +#define NM_SETTING_802_1X_CERT_SCHEME_PREFIX_PKCS11 "pkcs11:" /** * NMSetting8021xCKFormat: @@ -60,6 +61,8 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_ck_format >*/ * item data * @NM_SETTING_802_1X_CK_SCHEME_PATH: certificate or key is stored as a path * to a file containing the certificate or key data + * @NM_SETTING_802_1X_CK_SCHEME_PKCS11: certificate or key is stored as a + * URI of an object on a PKCS#11 token * * #NMSetting8021xCKScheme values indicate how a certificate or private key is * stored in the setting properties, either as a blob of the item's data, or as @@ -68,7 +71,8 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_ck_format >*/ typedef enum { /*< underscore_name=nm_setting_802_1x_ck_scheme >*/ NM_SETTING_802_1X_CK_SCHEME_UNKNOWN = 0, NM_SETTING_802_1X_CK_SCHEME_BLOB, - NM_SETTING_802_1X_CK_SCHEME_PATH + NM_SETTING_802_1X_CK_SCHEME_PATH, + NM_SETTING_802_1X_CK_SCHEME_PKCS11, } NMSetting8021xCKScheme; @@ -177,6 +181,8 @@ const char * nm_setting_802_1x_get_phase2_ca_path (NMSetting8 NMSetting8021xCKScheme nm_setting_802_1x_get_ca_cert_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_ca_cert_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_ca_cert_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_ca_cert (NMSetting8021x *setting, const char *cert_path, NMSetting8021xCKScheme scheme, @@ -201,6 +207,8 @@ const char * nm_setting_802_1x_get_domain_suffix_match (NMSetting8 NMSetting8021xCKScheme nm_setting_802_1x_get_client_cert_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_client_cert_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_client_cert_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_client_cert_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_client_cert (NMSetting8021x *setting, const char *cert_path, NMSetting8021xCKScheme scheme, @@ -220,6 +228,8 @@ const char * nm_setting_802_1x_get_phase2_autheap (NMSetting8 NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_ca_cert_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_phase2_ca_cert_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_phase2_ca_cert_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_phase2_ca_cert_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_phase2_ca_cert (NMSetting8021x *setting, const char *cert_path, NMSetting8021xCKScheme scheme, @@ -244,6 +254,8 @@ const char * nm_setting_802_1x_get_phase2_domain_suffix_match (NMS NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_client_cert_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_phase2_client_cert_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_phase2_client_cert_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_phase2_client_cert_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_phase2_client_cert (NMSetting8021x *setting, const char *cert_path, NMSetting8021xCKScheme scheme, @@ -261,6 +273,8 @@ NMSettingSecretFlags nm_setting_802_1x_get_pin_flags (NMSetting8 NMSetting8021xCKScheme nm_setting_802_1x_get_private_key_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_private_key_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_private_key_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_private_key (NMSetting8021x *setting, const char *key_path, const char *password, @@ -275,6 +289,8 @@ NMSetting8021xCKFormat nm_setting_802_1x_get_private_key_format (NMSett NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_private_key_scheme (NMSetting8021x *setting); GBytes * nm_setting_802_1x_get_phase2_private_key_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_6 +const char * nm_setting_802_1x_get_phase2_private_key_uri (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_phase2_private_key (NMSetting8021x *setting, const char *key_path, const char *password, diff --git a/libnm/libnm.ver b/libnm/libnm.ver index 309c4b82d8..cc39286564 100644 --- a/libnm/libnm.ver +++ b/libnm/libnm.ver @@ -1106,6 +1106,12 @@ global: nm_setting_proxy_get_browser_only; nm_setting_proxy_get_pac_url; nm_setting_proxy_get_pac_script; + nm_setting_802_1x_get_ca_cert_uri; + nm_setting_802_1x_get_phase2_ca_cert_uri; + nm_setting_802_1x_get_client_cert_uri; + nm_setting_802_1x_get_phase2_client_cert_uri; + nm_setting_802_1x_get_private_key_uri; + nm_setting_802_1x_get_phase2_private_key_uri; nm_utils_is_json_object; nm_utils_version; nm_utils_is_valid_iface_name; |