From 2be0bb828717bf78a3d976eeecbeeead37903bf1 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Thu, 30 Aug 2018 15:38:47 +0200 Subject: libnm/crypto: fix loading certificates from file securely file_to_secure_bytes() tried to load the file from disk and ensure that the data will be cleared. It did so poorely, because g_file_get_contents() cannot be used for that. Add a helper function nm_crypto_read_file() to get this right. --- libnm-core/nm-crypto.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'libnm-core/nm-crypto.c') diff --git a/libnm-core/nm-crypto.c b/libnm-core/nm-crypto.c index e1235ccbbe..776a6d6858 100644 --- a/libnm-core/nm-crypto.c +++ b/libnm-core/nm-crypto.c @@ -359,6 +359,19 @@ file_read_contents (const char *filename, error) >= 0; } +GBytes * +nm_crypto_read_file (const char *filename, + GError **error) +{ + nm_auto_clear_secret_ptr NMSecretPtr contents = { 0 }; + + g_return_val_if_fail (filename, NULL); + + if (!file_read_contents (filename, &contents, error)) + return NULL; + return nm_secret_copy_to_gbytes (contents.bin, contents.len); +} + /* * Convert a hex string into bytes. */ -- cgit v1.2.1