diff options
author | Thomas Haller <thaller@redhat.com> | 2019-03-01 15:52:19 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-03-07 22:22:39 +0100 |
commit | 6452d2d0e54cbb4a4acb380d5f8a4a76326bb700 (patch) | |
tree | 9a35fd2061db2b46708678333600cd9627d873ec /libnm-core | |
parent | 76828262299729e718924d5c14a69cfdc5cf48fa (diff) | |
download | NetworkManager-6452d2d0e54cbb4a4acb380d5f8a4a76326bb700.tar.gz |
libnm: change nm_wireguard_peer_set_public_key() API to allow validation
This is an API break since 1.16-rc1.
Similar to previous commit.
(cherry picked from commit 7962653918fbfd66b549d389a1cb2cf96ae0d3eb)
Diffstat (limited to 'libnm-core')
-rw-r--r-- | libnm-core/nm-keyfile.c | 2 | ||||
-rw-r--r-- | libnm-core/nm-setting-wireguard.c | 33 | ||||
-rw-r--r-- | libnm-core/nm-setting-wireguard.h | 5 | ||||
-rw-r--r-- | libnm-core/tests/test-setting.c | 3 |
4 files changed, 29 insertions, 14 deletions
diff --git a/libnm-core/nm-keyfile.c b/libnm-core/nm-keyfile.c index b82b6bf020..4f5ec46260 100644 --- a/libnm-core/nm-keyfile.c +++ b/libnm-core/nm-keyfile.c @@ -2929,7 +2929,7 @@ _read_setting_wireguard_peer (KeyfileReaderInfo *info) info->group); return; } - nm_wireguard_peer_set_public_key (peer, cstr); + nm_wireguard_peer_set_public_key (peer, cstr, TRUE); nm_clear_g_free (&str); key = NM_WIREGUARD_PEER_ATTR_PRESHARED_KEY; diff --git a/libnm-core/nm-setting-wireguard.c b/libnm-core/nm-setting-wireguard.c index c1881240a0..154cc8a798 100644 --- a/libnm-core/nm-setting-wireguard.c +++ b/libnm-core/nm-setting-wireguard.c @@ -280,34 +280,48 @@ nm_wireguard_peer_get_public_key (const NMWireGuardPeer *self) * @self: the unsealed #NMWireGuardPeer instance * @public_key: (allow-none) (transfer none): the new public * key or %NULL to clear the public key. + * @accept_invalid: if %TRUE and @public_key is not %NULL and + * invalid, then do not modify the instance. * * Reset the public key. Note that if the public key is valid, it * will be normalized (which may or may not modify the set value). * * It is a bug trying to modify a sealed #NMWireGuardPeer instance. * + * Returns: %TRUE if the key was valid or %NULL. Returns + * %FALSE for invalid keys. Depending on @accept_invalid + * will an invalid key be set or not. + * * Since: 1.16 */ -void +gboolean nm_wireguard_peer_set_public_key (NMWireGuardPeer *self, - const char *public_key) + const char *public_key, + gboolean accept_invalid) { char *public_key_normalized = NULL; + gboolean is_valid; - g_return_if_fail (NM_IS_WIREGUARD_PEER (self, FALSE)); + g_return_val_if_fail (NM_IS_WIREGUARD_PEER (self, FALSE), FALSE); if (!public_key) { nm_clear_g_free (&self->public_key); - return; + return TRUE; } - self->public_key_valid = _nm_utils_wireguard_normalize_key (public_key, - NM_WIREGUARD_PUBLIC_KEY_LEN, - &public_key_normalized); - nm_assert (self->public_key_valid == (public_key_normalized != NULL)); + is_valid = _nm_utils_wireguard_normalize_key (public_key, + NM_WIREGUARD_PUBLIC_KEY_LEN, + &public_key_normalized); + nm_assert (is_valid == (public_key_normalized != NULL)); + + if ( !is_valid + && !accept_invalid) + return FALSE; + self->public_key_valid = is_valid; g_free (self->public_key); self->public_key = public_key_normalized ?: g_strdup (public_key); + return is_valid; } void @@ -1532,8 +1546,7 @@ _peers_dbus_only_set (NMSetting *setting, } peer = nm_wireguard_peer_new (); - nm_wireguard_peer_set_public_key (peer, cstr); - if (!peer->public_key_valid) { + if (!nm_wireguard_peer_set_public_key (peer, cstr, TRUE)) { if (NM_FLAGS_HAS (parse_flags, NM_SETTING_PARSE_FLAGS_STRICT)) { g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_PROPERTY, _("peer #%u has invalid public-key"), diff --git a/libnm-core/nm-setting-wireguard.h b/libnm-core/nm-setting-wireguard.h index 6f6fc0f0b4..5cf5c1f3c4 100644 --- a/libnm-core/nm-setting-wireguard.h +++ b/libnm-core/nm-setting-wireguard.h @@ -61,8 +61,9 @@ gboolean nm_wireguard_peer_is_sealed (const NMWireGuardPeer *self); NM_AVAILABLE_IN_1_16 const char *nm_wireguard_peer_get_public_key (const NMWireGuardPeer *self); NM_AVAILABLE_IN_1_16 -void nm_wireguard_peer_set_public_key (NMWireGuardPeer *self, - const char *public_key); +gboolean nm_wireguard_peer_set_public_key (NMWireGuardPeer *self, + const char *public_key, + gboolean accept_invalid); NM_AVAILABLE_IN_1_16 const char *nm_wireguard_peer_get_preshared_key (const NMWireGuardPeer *self); diff --git a/libnm-core/tests/test-setting.c b/libnm-core/tests/test-setting.c index 6d089f1ab8..bbcff8778f 100644 --- a/libnm-core/tests/test-setting.c +++ b/libnm-core/tests/test-setting.c @@ -2065,7 +2065,8 @@ _rndt_wg_peers_create (void) s_endpoint = _create_random_ipaddr (AF_UNSPEC, TRUE); peer = nm_wireguard_peer_new (); - nm_wireguard_peer_set_public_key (peer, public_key); + if (!nm_wireguard_peer_set_public_key (peer, public_key, TRUE)) + g_assert_not_reached (); if (!nm_wireguard_peer_set_preshared_key (peer, nmtst_rand_select (NULL, preshared_key), TRUE)) g_assert_not_reached (); |