Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
NetworkManager
nm-probe-ca-cert.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File nm-probe-ca-cert.patch of Package NetworkManager
diff --git a/introspection/nm-device-wifi.xml b/introspection/nm-device-wifi.xml index fb50762..ba3da8d 100644 --- a/introspection/nm-device-wifi.xml +++ b/introspection/nm-device-wifi.xml @@ -14,6 +14,18 @@ </tp:docstring> </method> + <method name="ProbeCaCert"> + <annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_device_probe_ca_cert"/> + <arg name="ssid" type="ay" direction="in"> + <tp:docstring> + The SSID of the AP to be probed + </tp:docstring> + </arg> + <tp:docstring> + Probe the CA certificate of the RADIUS server. + </tp:docstring> + </method> + <property name="HwAddress" type="s" access="read"> <tp:docstring> The active hardware address of the device. @@ -81,6 +93,17 @@ </tp:docstring> </signal> + <signal name="CaCertReceived"> + <arg name="cert" type="a{ss}" tp:type="String_String_Map"> + <tp:docstring> + The certificate of the RADIUS server + </tp:docstring> + </arg> + <tp:docstring> + Emitted when wpa_supplicant replies the CA certificate of the RADIUS server. + </tp:docstring> + </signal> + <tp:flags name="NM_802_11_DEVICE_CAP" type="u"> <tp:docstring> Flags describing the capabilities of a wireless device. diff --git a/libnm-glib/libnm-glib.ver b/libnm-glib/libnm-glib.ver index 1596afa..626d949 100644 --- a/libnm-glib/libnm-glib.ver +++ b/libnm-glib/libnm-glib.ver @@ -91,6 +91,7 @@ global: nm_device_wifi_get_mode; nm_device_wifi_get_type; nm_device_wifi_new; + nm_device_wifi_probe_ca_cert; nm_dhcp4_config_get_one_option; nm_dhcp4_config_get_options; nm_dhcp4_config_get_type; diff --git a/libnm-glib/nm-device-wifi.c b/libnm-glib/nm-device-wifi.c index 3d17023..bdb8737 100644 --- a/libnm-glib/nm-device-wifi.c +++ b/libnm-glib/nm-device-wifi.c @@ -78,6 +78,7 @@ enum { enum { ACCESS_POINT_ADDED, ACCESS_POINT_REMOVED, + CA_CERT_RECEIVED, LAST_SIGNAL }; @@ -370,6 +371,25 @@ nm_device_wifi_get_access_point_by_path (NMDeviceWifi *device, return ap; } +gboolean +nm_device_wifi_probe_ca_cert (NMDeviceWifi *device, + const GByteArray *ssid) +{ + NMDeviceWifiPrivate *priv; + GError *error = NULL; + + g_return_val_if_fail (NM_IS_DEVICE_WIFI (device), FALSE); + + priv = NM_DEVICE_WIFI_GET_PRIVATE (device); + + if (!org_freedesktop_NetworkManager_Device_Wireless_probe_ca_cert (priv->proxy, ssid, &error)) { + g_warning ("%s: error probe subject: %s", __func__, error->message); + return FALSE; + } + + return TRUE; +} + static void access_point_added_proxy (DBusGProxy *proxy, char *path, gpointer user_data) { @@ -426,6 +446,14 @@ access_point_removed_proxy (DBusGProxy *proxy, char *path, gpointer user_data) } static void +ca_cert_received_proxy (DBusGProxy *proxy, GHashTable *ca_cert, gpointer user_data) +{ + NMDeviceWifi *self = NM_DEVICE_WIFI (user_data); + + g_signal_emit (self, signals[CA_CERT_RECEIVED], 0, ca_cert); +} + +static void clean_up_aps (NMDeviceWifi *self, gboolean notify) { NMDeviceWifiPrivate *priv; @@ -635,6 +663,13 @@ constructor (GType type, G_CALLBACK (access_point_removed_proxy), object, NULL); + dbus_g_proxy_add_signal (priv->proxy, "CaCertReceived", + DBUS_TYPE_G_MAP_OF_STRING, + G_TYPE_INVALID); + dbus_g_proxy_connect_signal (priv->proxy, "CaCertReceived", + G_CALLBACK (ca_cert_received_proxy), + object, NULL); + register_for_property_changed (NM_DEVICE_WIFI (object)); g_signal_connect (NM_DEVICE (object), @@ -805,4 +840,22 @@ nm_device_wifi_class_init (NMDeviceWifiClass *device_class) g_cclosure_marshal_VOID__OBJECT, G_TYPE_NONE, 1, G_TYPE_OBJECT); + + /** + * NMDeviceWifi::ca-cert-received: + * @device: the wifi device that received the signal + * @subject: the subject of the RADIUS server + * @hash: the hash of the RADIUS server + * + * Notifies that a certificate of a RADIUS server is sent back. + **/ + signals[CA_CERT_RECEIVED] = + g_signal_new ("ca-cert-received", + G_OBJECT_CLASS_TYPE (object_class), + G_SIGNAL_RUN_FIRST, + G_STRUCT_OFFSET (NMDeviceWifiClass, ca_cert_received), + NULL, NULL, + g_cclosure_marshal_VOID__BOXED, + G_TYPE_NONE, 1, + G_TYPE_HASH_TABLE); } diff --git a/libnm-glib/nm-device-wifi.h b/libnm-glib/nm-device-wifi.h index 21f3558..fad2bb0 100644 --- a/libnm-glib/nm-device-wifi.h +++ b/libnm-glib/nm-device-wifi.h @@ -53,6 +53,7 @@ typedef struct { /* Signals */ void (*access_point_added) (NMDeviceWifi *device, NMAccessPoint *ap); void (*access_point_removed) (NMDeviceWifi *device, NMAccessPoint *ap); + void (*ca_cert_received) (NMDeviceWifi *device, GHashTable *ca_cert); /* Padding for future expansion */ void (*_reserved1) (void); @@ -60,7 +61,6 @@ typedef struct { void (*_reserved3) (void); void (*_reserved4) (void); void (*_reserved5) (void); - void (*_reserved6) (void); } NMDeviceWifiClass; GType nm_device_wifi_get_type (void); @@ -78,6 +78,8 @@ NMAccessPoint * nm_device_wifi_get_access_point_by_path (NMDeviceWifi *device, const char *path); const GPtrArray *nm_device_wifi_get_access_points (NMDeviceWifi *device); +gboolean nm_device_wifi_probe_ca_cert (NMDeviceWifi *device, + const GByteArray *ssid); G_END_DECLS diff --git a/libnm-util/libnm-util.ver b/libnm-util/libnm-util.ver index d477381..c5e09f2 100644 --- a/libnm-util/libnm-util.ver +++ b/libnm-util/libnm-util.ver @@ -40,6 +40,7 @@ global: nm_setting_802_1x_get_ca_cert_blob; nm_setting_802_1x_set_ca_cert_from_file; nm_setting_802_1x_get_ca_cert_path; + nm_setting_802_1x_get_ca_cert_hash; nm_setting_802_1x_get_ca_cert_scheme; nm_setting_802_1x_set_ca_cert; nm_setting_802_1x_get_ca_path; diff --git a/libnm-util/nm-setting-8021x.c b/libnm-util/nm-setting-8021x.c index a322aa7..a251a37 100644 --- a/libnm-util/nm-setting-8021x.c +++ b/libnm-util/nm-setting-8021x.c @@ -63,6 +63,7 @@ **/ #define SCHEME_PATH "file://" +#define SCHEME_HASH "hash://server/sha256/" /** * nm_setting_802_1x_error_quark: @@ -383,6 +384,9 @@ get_cert_scheme (GByteArray *array) if ( (array->len > strlen (SCHEME_PATH)) && !memcmp (array->data, SCHEME_PATH, strlen (SCHEME_PATH))) return NM_SETTING_802_1X_CK_SCHEME_PATH; + else if ( (array->len > strlen (SCHEME_HASH)) + && !memcmp (array->data, SCHEME_HASH, strlen (SCHEME_HASH))) + return NM_SETTING_802_1X_CK_SCHEME_HASH; return NM_SETTING_802_1X_CK_SCHEME_BLOB; } @@ -393,7 +397,8 @@ get_cert_scheme (GByteArray *array) * * Returns the scheme used to store the CA certificate. If the returned scheme * is %NM_SETTING_802_1X_CK_SCHEME_BLOB, use nm_setting_802_1x_get_ca_cert_blob(); - * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(). + * if %NM_SETTING_802_1X_CK_SCHEME_PATH, use nm_setting_802_1x_get_ca_cert_path(); + * if %NM_SETTING_802_1X_CK_SCHEME_HASH, use nm_setting_802_1x_get_ca_cert_hash(). * * Returns: scheme used to store the CA certificate (blob or path) **/ @@ -481,6 +486,32 @@ nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting) } /** + * nm_setting_802_1x_get_ca_cert_hash: + * @setting: the #NMSetting8021x + * + * Returns the CA certificate path if the CA certificate is stored using the + * %NM_SETTING_802_1X_CK_SCHEME_HASH scheme. Not all EAP methods use a + * CA certificate (LEAP for example), and those that can take advantage of the + * CA certificate allow it to be unset. Note that lack of a CA certificate + * reduces security by allowing man-in-the-middle attacks, because the identity + * of the network cannot be confirmed by the client. + * + * Returns: hash of the RADIUS server + **/ +const char * +nm_setting_802_1x_get_ca_cert_hash (NMSetting8021x *setting) +{ + NMSetting8021xCKScheme scheme; + + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); + + scheme = nm_setting_802_1x_get_ca_cert_scheme (setting); + g_return_val_if_fail (scheme == NM_SETTING_802_1X_CK_SCHEME_HASH, NULL); + + return (const char *) (NM_SETTING_802_1X_GET_PRIVATE (setting)->ca_cert->data); +} + +/** * nm_setting_802_1x_set_ca_cert: * @setting: the #NMSetting8021x * @value: when @scheme is set to either %NM_SETTING_802_1X_CK_SCHEME_PATH or @@ -515,7 +546,8 @@ nm_setting_802_1x_set_ca_cert (NMSetting8021x *self, if (value) { g_return_val_if_fail (g_utf8_validate (value, -1, NULL), FALSE); g_return_val_if_fail ( scheme == NM_SETTING_802_1X_CK_SCHEME_BLOB - || scheme == NM_SETTING_802_1X_CK_SCHEME_PATH, + || scheme == NM_SETTING_802_1X_CK_SCHEME_PATH + || scheme == NM_SETTING_802_1X_CK_SCHEME_HASH, FALSE); } @@ -533,6 +565,16 @@ nm_setting_802_1x_set_ca_cert (NMSetting8021x *self, if (!value) return TRUE; + if (scheme == NM_SETTING_802_1X_CK_SCHEME_HASH) { + int length = strlen (value); + if (!g_str_has_prefix (value, SCHEME_HASH)) + return FALSE; + data = g_byte_array_sized_new (length + 1); + g_byte_array_append (data, (guint8 *) value, length + 1); + priv->ca_cert = data; + return TRUE; + } + data = crypto_load_and_verify_certificate (value, &format, error); if (data) { /* wpa_supplicant can only use raw x509 CA certs */ @@ -2802,6 +2844,13 @@ verify_cert (GByteArray *array, const char *prop_name, GError **error) return TRUE; } break; + case NM_SETTING_802_1X_CK_SCHEME_HASH: + /* For hash-based schemes, verify that the has is zero-terminated */ + if (array->data[array->len - 1] == '\0') { + if (g_str_has_prefix ((char *)array->data, SCHEME_HASH)) + return TRUE; + } + break; default: break; } diff --git a/libnm-util/nm-setting-8021x.h b/libnm-util/nm-setting-8021x.h index 930c1da..151b309 100644 --- a/libnm-util/nm-setting-8021x.h +++ b/libnm-util/nm-setting-8021x.h @@ -40,7 +40,8 @@ typedef enum { typedef enum { NM_SETTING_802_1X_CK_SCHEME_UNKNOWN = 0, NM_SETTING_802_1X_CK_SCHEME_BLOB, - NM_SETTING_802_1X_CK_SCHEME_PATH + NM_SETTING_802_1X_CK_SCHEME_PATH, + NM_SETTING_802_1X_CK_SCHEME_HASH } NMSetting8021xCKScheme; #define NM_TYPE_SETTING_802_1X (nm_setting_802_1x_get_type ()) @@ -152,6 +153,7 @@ const char * nm_setting_802_1x_get_phase2_ca_path (NMSetting8 NMSetting8021xCKScheme nm_setting_802_1x_get_ca_cert_scheme (NMSetting8021x *setting); const GByteArray * nm_setting_802_1x_get_ca_cert_blob (NMSetting8021x *setting); const char * nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting); +const char * nm_setting_802_1x_get_ca_cert_hash (NMSetting8021x *setting); gboolean nm_setting_802_1x_set_ca_cert (NMSetting8021x *setting, const char *value, NMSetting8021xCKScheme scheme, diff --git a/marshallers/nm-marshal.list b/marshallers/nm-marshal.list index 359fbed..10efbe7 100644 --- a/marshallers/nm-marshal.list +++ b/marshallers/nm-marshal.list @@ -26,4 +26,5 @@ BOOLEAN:VOID VOID:STRING,BOOLEAN VOID:STRING,OBJECT,POINTER VOID:BOOLEAN,UINT - +VOID:INT,STRING,STRING +VOID:INT,STRING,STRING,BOXED diff --git a/src/nm-device-wifi.c b/src/nm-device-wifi.c index b09d112..48c8725 100644 --- a/src/nm-device-wifi.c +++ b/src/nm-device-wifi.c @@ -55,10 +55,14 @@ #include "nm-setting-ip4-config.h" #include "nm-setting-ip6-config.h" #include "nm-system.h" +#include "nm-dbus-glib-types.h" static gboolean impl_device_get_access_points (NMDeviceWifi *device, GPtrArray **aps, GError **err); +static gboolean impl_device_probe_ca_cert (NMDeviceWifi *device, + GByteArray *ssid, + GError **err); #include "nm-device-wifi-glue.h" @@ -98,6 +102,7 @@ enum { HIDDEN_AP_FOUND, PROPERTIES_CHANGED, SCANNING_ALLOWED, + CA_CERT_RECEIVED, LAST_SIGNAL }; @@ -108,6 +113,7 @@ typedef enum { NM_WIFI_ERROR_CONNECTION_NOT_WIRELESS = 0, NM_WIFI_ERROR_CONNECTION_INVALID, NM_WIFI_ERROR_CONNECTION_INCOMPATIBLE, + NM_WIFI_ERROR_INVALID_CA_PROBE, } NMWifiError; #define NM_WIFI_ERROR (nm_wifi_error_quark ()) @@ -134,6 +140,7 @@ typedef struct Supplicant { guint iface_scan_results_id; guint iface_con_state_id; guint iface_notify_scanning_id; + guint iface_cert_id; /* Timeouts and idles */ guint iface_con_error_cb_id; @@ -259,6 +266,8 @@ nm_wifi_error_get_type (void) ENUM_ENTRY (NM_WIFI_ERROR_CONNECTION_INVALID, "ConnectionInvalid"), /* Connection does not apply to this device. */ ENUM_ENTRY (NM_WIFI_ERROR_CONNECTION_INCOMPATIBLE, "ConnectionIncompatible"), + /* CA Probe was not valid. */ + ENUM_ENTRY (NM_WIFI_ERROR_INVALID_CA_PROBE, "InvalidCaProbe"), { 0, 0, 0 } }; etype = g_enum_register_static ("NMWifiError", values); @@ -1449,6 +1458,85 @@ impl_device_get_access_points (NMDeviceWifi *self, return TRUE; } +static void +supplicant_iface_certification_cb (NMSupplicantInterface * iface, + const gint depth, + const char * subject, + const char * hash, + NMDeviceWifi * self) +{ + NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self); + GHashTable *ca_cert; + char *data; + + nm_log_info (LOGD_WIFI_SCAN, "Got Server Certificate: depth %d, subject %s, hash %s", depth, subject, hash); + + if (depth != 0) + return; + + ca_cert = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, g_free); + if (subject) { + data = g_strdup (subject); + g_hash_table_insert (ca_cert, "subject", data); + } + if (hash) { + data = g_strdup (hash); + g_hash_table_insert (ca_cert, "hash", data); + } + + g_signal_emit (self, signals[CA_CERT_RECEIVED], 0, ca_cert); + + g_hash_table_destroy (ca_cert); + + if (priv->supplicant.iface_cert_id > 0) { + g_signal_handler_disconnect (priv->supplicant.iface, priv->supplicant.iface_cert_id); + priv->supplicant.iface_cert_id = 0; + } + + nm_supplicant_interface_disconnect (iface); +} + +static gboolean +impl_device_probe_ca_cert (NMDeviceWifi *self, + GByteArray *ssid, + GError **err) +{ + NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self); + NMSupplicantConfig *config = NULL; + guint id; + gboolean ret = FALSE; + + config = nm_supplicant_config_probe_new (ssid); + if (!config) + goto error; + + /* Hook up signal handler to capture certification signal */ + id = g_signal_connect (priv->supplicant.iface, + "certification", + G_CALLBACK (supplicant_iface_certification_cb), + self); + priv->supplicant.iface_cert_id = id; + + if (!nm_supplicant_interface_set_config (priv->supplicant.iface, config)) + goto error; + + ret = TRUE; + +error: + if (!ret) { + g_set_error_literal (err, + NM_WIFI_ERROR, + NM_WIFI_ERROR_INVALID_CA_PROBE, + "Couldn't probe CA Certificate"); + if (priv->supplicant.iface_cert_id) { + g_signal_handler_disconnect (priv->supplicant.iface, priv->supplicant.iface_cert_id); + priv->supplicant.iface_cert_id = 0; + } + } + + return ret; +} + /* * nm_device_get_mode * @@ -4084,6 +4172,16 @@ nm_device_wifi_class_init (NMDeviceWifiClass *klass) _nm_marshal_BOOLEAN__VOID, G_TYPE_BOOLEAN, 0); + signals[CA_CERT_RECEIVED] = + g_signal_new ("ca-cert-received", + G_OBJECT_CLASS_TYPE (object_class), + G_SIGNAL_RUN_FIRST, + G_STRUCT_OFFSET (NMDeviceWifiClass, ca_cert_received), + NULL, NULL, + g_cclosure_marshal_VOID__BOXED, + G_TYPE_NONE, 1, + DBUS_TYPE_G_MAP_OF_STRING); + dbus_g_object_type_install_info (G_TYPE_FROM_CLASS (klass), &dbus_glib_nm_device_wifi_object_info); dbus_g_error_domain_register (NM_WIFI_ERROR, NULL, NM_TYPE_WIFI_ERROR); diff --git a/src/nm-device-wifi.h b/src/nm-device-wifi.h index 31ac5ad..eb12f5e 100644 --- a/src/nm-device-wifi.h +++ b/src/nm-device-wifi.h @@ -77,6 +77,7 @@ struct _NMDeviceWifiClass void (*hidden_ap_found) (NMDeviceWifi *device, NMAccessPoint *ap); void (*properties_changed) (NMDeviceWifi *device, GHashTable *properties); gboolean (*scanning_allowed) (NMDeviceWifi *device); + void (*ca_cert_received) (NMDeviceWifi *device, GHashTable *ca_cert); }; diff --git a/src/supplicant-manager/nm-supplicant-config.c b/src/supplicant-manager/nm-supplicant-config.c index 4e3ecab..4512c3d 100644 --- a/src/supplicant-manager/nm-supplicant-config.c +++ b/src/supplicant-manager/nm-supplicant-config.c @@ -173,6 +173,25 @@ nm_supplicant_config_add_option (NMSupplicantConfig *self, return nm_supplicant_config_add_option_with_type (self, key, value, len, TYPE_INVALID, secret); } +NMSupplicantConfig * +nm_supplicant_config_probe_new (GByteArray *ssid) +{ + NMSupplicantConfig *probe_config; + + if (!ssid) + return NULL; + + probe_config = (NMSupplicantConfig *)g_object_new (NM_TYPE_SUPPLICANT_CONFIG, NULL); + + nm_supplicant_config_add_option (probe_config, "ssid", (char *)ssid->data, ssid->len, FALSE); + nm_supplicant_config_add_option (probe_config, "key_mgmt", "WPA-EAP", -1, FALSE); + nm_supplicant_config_add_option (probe_config, "eap", "TTLS PEAP TLS", -1, FALSE); + nm_supplicant_config_add_option (probe_config, "identity", " ", -1, FALSE); + nm_supplicant_config_add_option (probe_config, "ca_cert", "probe://", -1, FALSE); + + return probe_config; +} + static gboolean nm_supplicant_config_add_blob (NMSupplicantConfig *self, const char *key, @@ -836,6 +855,11 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, if (!add_string_val (self, path, "ca_cert", FALSE, FALSE)) return FALSE; break; + case NM_SETTING_802_1X_CK_SCHEME_HASH: + path = nm_setting_802_1x_get_ca_cert_hash (setting); + if (!add_string_val (self, path, "ca_cert", FALSE, FALSE)) + return FALSE; + break; default: break; } diff --git a/src/supplicant-manager/nm-supplicant-config.h b/src/supplicant-manager/nm-supplicant-config.h index dad23e2..135ed88 100644 --- a/src/supplicant-manager/nm-supplicant-config.h +++ b/src/supplicant-manager/nm-supplicant-config.h @@ -52,6 +52,8 @@ GType nm_supplicant_config_get_type (void); NMSupplicantConfig *nm_supplicant_config_new (void); +NMSupplicantConfig *nm_supplicant_config_probe_new (GByteArray *ssid); + guint32 nm_supplicant_config_get_ap_scan (NMSupplicantConfig *self); void nm_supplicant_config_set_ap_scan (NMSupplicantConfig *self, diff --git a/src/supplicant-manager/nm-supplicant-interface.c b/src/supplicant-manager/nm-supplicant-interface.c index a65a458..9c3ac52 100644 --- a/src/supplicant-manager/nm-supplicant-interface.c +++ b/src/supplicant-manager/nm-supplicant-interface.c @@ -80,6 +80,7 @@ enum { SCAN_RESULTS, /* scan results returned from supplicant */ CONNECTION_STATE, /* link state of the device's connection */ CONNECTION_ERROR, /* an error occurred during a connection request */ + CERTIFICATION, /* Got RADIUS server certificate */ LAST_SIGNAL }; static guint nm_supplicant_interface_signals[LAST_SIGNAL] = { 0 }; @@ -489,6 +490,14 @@ nm_supplicant_interface_class_init (NMSupplicantInterfaceClass *klass) NULL, NULL, _nm_marshal_VOID__STRING_STRING, G_TYPE_NONE, 2, G_TYPE_STRING, G_TYPE_STRING); + nm_supplicant_interface_signals[CERTIFICATION] = + g_signal_new ("certification", + G_OBJECT_CLASS_TYPE (object_class), + G_SIGNAL_RUN_LAST, + G_STRUCT_OFFSET (NMSupplicantInterfaceClass, certification), + NULL, NULL, + _nm_marshal_VOID__INT_STRING_STRING, + G_TYPE_NONE, 3, G_TYPE_INT, G_TYPE_STRING, G_TYPE_STRING); } static void @@ -784,6 +793,22 @@ nm_supplicant_interface_get_scanning (NMSupplicantInterface *self) } static void +wpas_iface_handle_certification (DBusGProxy *proxy, + const int depth, + const char *str_subject, + const char *str_hash, + const GPtrArray *cert_hex_array, + gpointer user_data) +{ + g_signal_emit (user_data, + nm_supplicant_interface_signals[CERTIFICATION], + 0, + depth, + str_subject, + str_hash); +} + +static void nm_supplicant_interface_add_cb (DBusGProxy *proxy, DBusGProxyCall *call_id, gpointer user_data) { NMSupplicantInfo *info = (NMSupplicantInfo *) user_data; @@ -843,6 +868,17 @@ nm_supplicant_interface_add_cb (DBusGProxy *proxy, DBusGProxyCall *call_id, gpoi info->interface, NULL); + dbus_g_object_register_marshaller (_nm_marshal_VOID__INT_STRING_STRING_BOXED, + G_TYPE_NONE, + G_TYPE_INT, G_TYPE_STRING, G_TYPE_STRING, DBUS_TYPE_G_UCHAR_ARRAY, + G_TYPE_INVALID); + dbus_g_proxy_add_signal (priv->iface_proxy, "Certification", G_TYPE_INT, G_TYPE_STRING, G_TYPE_STRING, DBUS_TYPE_G_UCHAR_ARRAY, G_TYPE_INVALID); + + dbus_g_proxy_connect_signal (priv->iface_proxy, "Certification", + G_CALLBACK (wpas_iface_handle_certification), + info->interface, + NULL); + /* Interface added to the supplicant; get its initial state. */ wpas_iface_get_state (info->interface); wpas_iface_get_scanning (info->interface); diff --git a/src/supplicant-manager/nm-supplicant-interface.h b/src/supplicant-manager/nm-supplicant-interface.h index bee5436..24cd261 100644 --- a/src/supplicant-manager/nm-supplicant-interface.h +++ b/src/supplicant-manager/nm-supplicant-interface.h @@ -112,6 +112,12 @@ typedef struct { void (*connection_error) (NMSupplicantInterface * iface, const char * name, const char * message); + + /* got the RADIUS server certificate */ + void (*certification) (NMSupplicantInterface * iface, + const gint depth, + const char * subject, + const char * hash); } NMSupplicantInterfaceClass;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor