NMConnection * connection_from_file (const char *filename, GError **error) { GKeyFile *key_file; struct stat statbuf; gboolean bad_owner, bad_permissions; NMConnection *connection = NULL; NMSettingConnection *s_con; NMSettingBluetooth *s_bt; NMSetting *setting; gchar **groups; gsize length; int i; gboolean vpn_secrets = FALSE; const char *ctype, *tmp; GError *verify_error = NULL; if (stat (filename, &statbuf) != 0 || !S_ISREG (statbuf.st_mode)) { g_set_error_literal (error, KEYFILE_PLUGIN_ERROR, 0, "File did not exist or was not a regular file"); return NULL; } bad_owner = getuid () != statbuf.st_uid; bad_permissions = statbuf.st_mode & 0077; if (bad_owner || bad_permissions) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "File permissions (%o) or owner (%d) were insecure", statbuf.st_mode, statbuf.st_uid); return NULL; } key_file = g_key_file_new (); if (!g_key_file_load_from_file (key_file, filename, G_KEY_FILE_NONE, error)) goto out; connection = nm_connection_new (); groups = g_key_file_get_groups (key_file, &length); for (i = 0; i < length; i++) { /* Only read out secrets when needed */ if (!strcmp (groups[i], VPN_SECRETS_GROUP)) { vpn_secrets = TRUE; continue; } setting = read_setting (key_file, groups[i]); if (setting) nm_connection_add_setting (connection, setting); } /* Make sure that we have the base device type setting even if * the keyfile didn't include it, which can happen when the base * device type setting is all default values (like ethernet). */ s_con = (NMSettingConnection *) nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION); if (s_con) { ctype = nm_setting_connection_get_connection_type (s_con); setting = nm_connection_get_setting_by_name (connection, ctype); if (ctype) { gboolean add_serial = FALSE; NMSetting *new_setting = NULL; if (!setting && !strcmp (ctype, NM_SETTING_WIRED_SETTING_NAME)) new_setting = nm_setting_wired_new (); else if (!strcmp (ctype, NM_SETTING_BLUETOOTH_SETTING_NAME)) { s_bt = (NMSettingBluetooth *) nm_connection_get_setting (connection, NM_TYPE_SETTING_BLUETOOTH); if (s_bt) { tmp = nm_setting_bluetooth_get_connection_type (s_bt); if (tmp && !strcmp (tmp, NM_SETTING_BLUETOOTH_TYPE_DUN)) add_serial = TRUE; } } else if (!strcmp (ctype, NM_SETTING_GSM_SETTING_NAME)) add_serial = TRUE; else if (!strcmp (ctype, NM_SETTING_CDMA_SETTING_NAME)) add_serial = TRUE; /* Bluetooth DUN, GSM, and CDMA connections require a serial setting */ if (add_serial && !nm_connection_get_setting (connection, NM_TYPE_SETTING_SERIAL)) new_setting = nm_setting_serial_new (); if (new_setting) nm_connection_add_setting (connection, new_setting); } } /* Serial connections require a PPP setting too */ if (nm_connection_get_setting (connection, NM_TYPE_SETTING_SERIAL)) { if (!nm_connection_get_setting (connection, NM_TYPE_SETTING_PPP)) nm_connection_add_setting (connection, nm_setting_ppp_new ()); } /* Handle vpn secrets after the 'vpn' setting was read */ if (vpn_secrets) { NMSettingVPN *s_vpn; s_vpn = (NMSettingVPN *) nm_connection_get_setting (connection, NM_TYPE_SETTING_VPN); if (s_vpn) read_vpn_secrets (key_file, s_vpn); } g_strfreev (groups); /* Verify the connection */ if (!nm_connection_verify (connection, &verify_error)) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "invalid or missing connection property '%s'", (verify_error && verify_error->message) ? verify_error->message : "(unknown)"); g_clear_error (&verify_error); g_object_unref (connection); connection = NULL; } out: g_key_file_free (key_file); return connection; }
static void test_wifi_open (void) { NMConnection *connection; NMSettingConnection *s_con; NMSettingWireless *s_wifi; NMSettingIPConfig *s_ip4; NMSupplicantConfig *config; GHashTable *hash; char *uuid; gboolean success; GError *error = NULL; GBytes *ssid; const unsigned char ssid_data[] = { 0x54, 0x65, 0x73, 0x74, 0x20, 0x53, 0x53, 0x49, 0x44 }; const char *bssid_str = "11:22:33:44:55:66"; connection = nm_simple_connection_new (); /* Connection setting */ s_con = (NMSettingConnection *) nm_setting_connection_new (); nm_connection_add_setting (connection, NM_SETTING (s_con)); uuid = nm_utils_uuid_generate (); g_object_set (s_con, NM_SETTING_CONNECTION_ID, "Test Wifi Open", NM_SETTING_CONNECTION_UUID, uuid, NM_SETTING_CONNECTION_AUTOCONNECT, TRUE, NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME, NULL); g_free (uuid); /* Wifi setting */ s_wifi = (NMSettingWireless *) nm_setting_wireless_new (); nm_connection_add_setting (connection, NM_SETTING (s_wifi)); ssid = g_bytes_new (ssid_data, sizeof (ssid_data)); g_object_set (s_wifi, NM_SETTING_WIRELESS_SSID, ssid, NM_SETTING_WIRELESS_BSSID, bssid_str, NM_SETTING_WIRELESS_MODE, "infrastructure", NM_SETTING_WIRELESS_BAND, "bg", NULL); g_bytes_unref (ssid); /* IP4 setting */ s_ip4 = (NMSettingIPConfig *) nm_setting_ip4_config_new (); nm_connection_add_setting (connection, NM_SETTING (s_ip4)); g_object_set (s_ip4, NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL); ASSERT (nm_connection_verify (connection, &error) == TRUE, "wifi-open", "failed to verify connection: %s", (error && error->message) ? error->message : "(unknown)"); config = nm_supplicant_config_new (); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE, "*added 'ssid' value 'Test SSID'*"); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE, "*added 'scan_ssid' value '1'*"); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE, "*added 'bssid' value '11:22:33:44:55:66'*"); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE, "*added 'freq_list' value *"); success = nm_supplicant_config_add_setting_wireless (config, s_wifi, 0); ASSERT (success == TRUE, "wifi-open", "failed to add wireless setting to supplicant config."); g_test_assert_expected_messages (); g_test_expect_message ("NetworkManager", G_LOG_LEVEL_MESSAGE, "*added 'key_mgmt' value 'NONE'"); success = nm_supplicant_config_add_no_security (config); ASSERT (success == TRUE, "wifi-open", "failed to add wireless security to supplicant config."); g_test_assert_expected_messages (); hash = nm_supplicant_config_get_hash (config); ASSERT (hash != NULL, "wifi-open", "failed to hash supplicant config options."); validate_opt ("wifi-open", hash, "scan_ssid", TYPE_INT, GINT_TO_POINTER (1), -1); validate_opt ("wifi-open", hash, "ssid", TYPE_BYTES, ssid_data, sizeof (ssid_data)); validate_opt ("wifi-open", hash, "bssid", TYPE_KEYWORD, bssid_str, -1); validate_opt ("wifi-open", hash, "key_mgmt", TYPE_KEYWORD, "NONE", -1); g_object_unref (connection); }
NMConnection * nm_keyfile_plugin_connection_from_file (const char *filename, GError **error) { GKeyFile *key_file; struct stat statbuf; gboolean bad_owner, bad_permissions; NMConnection *connection = NULL; NMSettingConnection *s_con; NMSetting *setting; gchar **groups; gsize length; int i; gboolean vpn_secrets = FALSE; const char *ctype; GError *verify_error = NULL; if (stat (filename, &statbuf) != 0 || !S_ISREG (statbuf.st_mode)) { g_set_error_literal (error, KEYFILE_PLUGIN_ERROR, 0, "File did not exist or was not a regular file"); return NULL; } bad_owner = getuid () != statbuf.st_uid; bad_permissions = statbuf.st_mode & 0077; if (bad_owner || bad_permissions) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "File permissions (%o) or owner (%d) were insecure", statbuf.st_mode, statbuf.st_uid); return NULL; } key_file = g_key_file_new (); if (!g_key_file_load_from_file (key_file, filename, G_KEY_FILE_NONE, error)) goto out; connection = nm_connection_new (); groups = g_key_file_get_groups (key_file, &length); for (i = 0; i < length; i++) { /* Only read out secrets when needed */ if (!strcmp (groups[i], VPN_SECRETS_GROUP)) { vpn_secrets = TRUE; continue; } setting = read_setting (key_file, filename, groups[i]); if (setting) nm_connection_add_setting (connection, setting); } /* Make sure that we have the base device type setting even if * the keyfile didn't include it, which can happen when the base * device type setting is all default values (like ethernet where * the MAC address isn't given, or VLAN when the VLAN ID is zero). */ s_con = nm_connection_get_setting_connection (connection); if (s_con) { ctype = nm_setting_connection_get_connection_type (s_con); setting = nm_connection_get_setting_by_name (connection, ctype); if (ctype && !setting) { NMSetting *base_setting; GType base_setting_type; base_setting_type = nm_connection_lookup_setting_type (ctype); if (base_setting_type != G_TYPE_INVALID) { base_setting = (NMSetting *) g_object_new (base_setting_type, NULL); g_assert (base_setting); nm_connection_add_setting (connection, base_setting); } } } /* Handle vpn secrets after the 'vpn' setting was read */ if (vpn_secrets) { NMSettingVPN *s_vpn; s_vpn = nm_connection_get_setting_vpn (connection); if (s_vpn) read_vpn_secrets (key_file, s_vpn); } g_strfreev (groups); /* Verify the connection */ if (!nm_connection_verify (connection, &verify_error)) { g_set_error (error, KEYFILE_PLUGIN_ERROR, 0, "invalid or missing connection property '%s/%s'", verify_error ? g_type_name (nm_connection_lookup_setting_type_by_quark (verify_error->domain)) : "(unknown)", (verify_error && verify_error->message) ? verify_error->message : "(unknown)"); g_clear_error (&verify_error); g_object_unref (connection); connection = NULL; g_warning ("Connection failed to verify: %s", verify_error ? g_type_name (nm_connection_lookup_setting_type_by_quark (verify_error->domain)) : "(unknown)"); } out: g_key_file_free (key_file); return connection; }