mirror of
https://git.kernel.org/pub/scm/network/wireless/iwd.git
synced 2025-01-05 12:52:37 +01:00
eap: Use l_settings_get_string where needed
Replace usages of l_settings_get_value with l_settings_get_string, which will make sure the returned strings are unescaped but also allocates memeory and forces us to use l_free on most of the strings. Some of these strings we explicitly set with l_settings_set_string() in our code so when we retrieved them with l_settings_get_value() we would receive a different string if there were any escapable characters in the string. I didn't replace any of the l_settings_get_value() uses where we're just checking whether a setting is present, or those which are hexstrings or EAP method names assuming that they can't have any special characters, although this isn't future proof. I did use l_settings_get_string() for file paths though.
This commit is contained in:
parent
b8fde0c166
commit
66e332fd4a
@ -96,7 +96,7 @@ static bool eap_gtc_load_settings(struct eap_state *eap,
|
|||||||
char *secret;
|
char *secret;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sGTC-Secret", prefix);
|
snprintf(setting, sizeof(setting), "%sGTC-Secret", prefix);
|
||||||
secret = l_strdup(l_settings_get_value(settings, "Security", setting));
|
secret = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
gtc = l_new(struct eap_gtc_state, 1);
|
gtc = l_new(struct eap_gtc_state, 1);
|
||||||
gtc->secret = secret;
|
gtc->secret = secret;
|
||||||
|
@ -112,7 +112,7 @@ static bool eap_md5_load_settings(struct eap_state *eap,
|
|||||||
char *secret;
|
char *secret;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sMD5-Secret", prefix);
|
snprintf(setting, sizeof(setting), "%sMD5-Secret", prefix);
|
||||||
secret = l_strdup(l_settings_get_value(settings, "Security", setting));
|
secret = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
md5 = l_new(struct eap_md5_state, 1);
|
md5 = l_new(struct eap_md5_state, 1);
|
||||||
md5->secret = secret;
|
md5->secret = secret;
|
||||||
|
@ -662,22 +662,26 @@ static int eap_mschapv2_check_settings(struct l_settings *settings,
|
|||||||
const char *prefix,
|
const char *prefix,
|
||||||
struct l_queue **out_missing)
|
struct l_queue **out_missing)
|
||||||
{
|
{
|
||||||
const char *identity, *password = NULL, *password_hash;
|
const char *password_hash;
|
||||||
|
L_AUTO_FREE_VAR(char *, password);
|
||||||
|
L_AUTO_FREE_VAR(char *, identity);
|
||||||
const struct eap_secret_info *secret;
|
const struct eap_secret_info *secret;
|
||||||
char setting[64], setting2[64];
|
char setting[64], setting2[64];
|
||||||
uint8_t hash[16];
|
uint8_t hash[16];
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
||||||
identity = l_settings_get_value(settings, "Security", setting);
|
identity = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
snprintf(setting2, sizeof(setting2), "%sPassword", prefix);
|
snprintf(setting2, sizeof(setting2), "%sPassword", prefix);
|
||||||
password = l_settings_get_value(settings, "Security", setting2);
|
password = l_settings_get_string(settings, "Security", setting2);
|
||||||
|
|
||||||
if (!identity) {
|
if (!identity) {
|
||||||
secret = l_queue_find(secrets, eap_secret_info_match, setting);
|
secret = l_queue_find(secrets, eap_secret_info_match, setting);
|
||||||
if (secret) {
|
if (secret) {
|
||||||
identity = secret->value;
|
l_free(password);
|
||||||
password = secret->value + strlen(secret->value) + 1;
|
identity = l_strdup(secret->value);
|
||||||
|
password = l_strdup(secret->value +
|
||||||
|
strlen(secret->value) + 1);
|
||||||
|
|
||||||
goto validate;
|
goto validate;
|
||||||
}
|
}
|
||||||
@ -721,7 +725,7 @@ static int eap_mschapv2_check_settings(struct l_settings *settings,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
password = secret->value;
|
password = l_strdup(secret->value);
|
||||||
|
|
||||||
validate:
|
validate:
|
||||||
if (!l_utf8_validate(password, strlen(password), NULL)) {
|
if (!l_utf8_validate(password, strlen(password), NULL)) {
|
||||||
@ -740,13 +744,14 @@ static bool eap_mschapv2_load_settings(struct eap_state *eap,
|
|||||||
const char *prefix)
|
const char *prefix)
|
||||||
{
|
{
|
||||||
struct eap_mschapv2_state *state;
|
struct eap_mschapv2_state *state;
|
||||||
const char *identity, *password;
|
L_AUTO_FREE_VAR(char *, identity);
|
||||||
|
L_AUTO_FREE_VAR(char *, password) = NULL;
|
||||||
char setting[64];
|
char setting[64];
|
||||||
|
|
||||||
state = l_new(struct eap_mschapv2_state, 1);
|
state = l_new(struct eap_mschapv2_state, 1);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
||||||
identity = l_settings_get_value(settings, "Security", setting);
|
identity = l_settings_get_string(settings, "Security", setting);
|
||||||
if (!identity)
|
if (!identity)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
@ -755,20 +760,21 @@ static bool eap_mschapv2_load_settings(struct eap_state *eap,
|
|||||||
|
|
||||||
/* Either read the password-hash from hexdump or password and hash it */
|
/* Either read the password-hash from hexdump or password and hash it */
|
||||||
snprintf(setting, sizeof(setting), "%sPassword", prefix);
|
snprintf(setting, sizeof(setting), "%sPassword", prefix);
|
||||||
password = l_settings_get_value(settings, "Security", setting);
|
password = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
if (password)
|
if (password)
|
||||||
set_password_from_string(state, password);
|
set_password_from_string(state, password);
|
||||||
|
else {
|
||||||
if (!password) {
|
|
||||||
unsigned char *tmp;
|
unsigned char *tmp;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
const char *hash_str;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sPassword-Hash", prefix);
|
snprintf(setting, sizeof(setting), "%sPassword-Hash", prefix);
|
||||||
password = l_settings_get_value(settings, "Security", setting);
|
hash_str = l_settings_get_value(settings, "Security", setting);
|
||||||
if (!password)
|
if (!hash_str)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
tmp = l_util_from_hexstring(password, &len);
|
tmp = l_util_from_hexstring(hash_str, &len);
|
||||||
memcpy(state->password_hash, tmp, 16);
|
memcpy(state->password_hash, tmp, 16);
|
||||||
l_free(tmp);
|
l_free(tmp);
|
||||||
}
|
}
|
||||||
|
@ -848,12 +848,14 @@ static int eap_peap_check_settings(struct l_settings *settings,
|
|||||||
struct l_queue **out_missing)
|
struct l_queue **out_missing)
|
||||||
{
|
{
|
||||||
char entry[64], client_cert_entry[64], passphrase_entry[64];
|
char entry[64], client_cert_entry[64], passphrase_entry[64];
|
||||||
const char *path, *client_cert, *passphrase;
|
L_AUTO_FREE_VAR(char *, path) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, client_cert) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, passphrase) = NULL;
|
||||||
uint8_t *cert;
|
uint8_t *cert;
|
||||||
size_t size;
|
size_t size;
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-CACert", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-CACert", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", entry);
|
path = l_settings_get_string(settings, "Security", entry);
|
||||||
if (path) {
|
if (path) {
|
||||||
cert = l_pem_load_certificate(path, &size);
|
cert = l_pem_load_certificate(path, &size);
|
||||||
if (!cert) {
|
if (!cert) {
|
||||||
@ -866,7 +868,7 @@ static int eap_peap_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(client_cert_entry, sizeof(client_cert_entry),
|
snprintf(client_cert_entry, sizeof(client_cert_entry),
|
||||||
"%sPEAP-ClientCert", prefix);
|
"%sPEAP-ClientCert", prefix);
|
||||||
client_cert = l_settings_get_value(settings, "Security",
|
client_cert = l_settings_get_string(settings, "Security",
|
||||||
client_cert_entry);
|
client_cert_entry);
|
||||||
if (client_cert) {
|
if (client_cert) {
|
||||||
cert = l_pem_load_certificate(client_cert, &size);
|
cert = l_pem_load_certificate(client_cert, &size);
|
||||||
@ -878,8 +880,10 @@ static int eap_peap_check_settings(struct l_settings *settings,
|
|||||||
l_free(cert);
|
l_free(cert);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
l_free(path);
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-ClientKey", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-ClientKey", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", entry);
|
path = l_settings_get_string(settings, "Security", entry);
|
||||||
|
|
||||||
if (path && !client_cert) {
|
if (path && !client_cert) {
|
||||||
l_error("%s present but no client certificate (%s)",
|
l_error("%s present but no client certificate (%s)",
|
||||||
@ -889,7 +893,7 @@ static int eap_peap_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(passphrase_entry, sizeof(passphrase_entry),
|
snprintf(passphrase_entry, sizeof(passphrase_entry),
|
||||||
"%sPEAP-ClientKeyPassphrase", prefix);
|
"%sPEAP-ClientKeyPassphrase", prefix);
|
||||||
passphrase = l_settings_get_value(settings, "Security",
|
passphrase = l_settings_get_string(settings, "Security",
|
||||||
passphrase_entry);
|
passphrase_entry);
|
||||||
|
|
||||||
if (!passphrase) {
|
if (!passphrase) {
|
||||||
@ -963,20 +967,16 @@ static bool eap_peap_load_settings(struct eap_state *eap,
|
|||||||
peap->version = PEAP_VERSION_NOT_NEGOTIATED;
|
peap->version = PEAP_VERSION_NOT_NEGOTIATED;
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-CACert", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-CACert", prefix);
|
||||||
peap->ca_cert = l_strdup(l_settings_get_value(settings, "Security",
|
peap->ca_cert = l_settings_get_string(settings, "Security", entry);
|
||||||
entry));
|
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-ClientCert", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-ClientCert", prefix);
|
||||||
peap->client_cert = l_strdup(l_settings_get_value(settings, "Security",
|
peap->client_cert = l_settings_get_string(settings, "Security", entry);
|
||||||
entry));
|
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-ClientKey", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-ClientKey", prefix);
|
||||||
peap->client_key = l_strdup(l_settings_get_value(settings, "Security",
|
peap->client_key = l_settings_get_string(settings, "Security", entry);
|
||||||
entry));
|
|
||||||
|
|
||||||
snprintf(entry, sizeof(entry), "%sPEAP-ClientKeyPassphrase", prefix);
|
snprintf(entry, sizeof(entry), "%sPEAP-ClientKeyPassphrase", prefix);
|
||||||
peap->passphrase = l_strdup(l_settings_get_value(settings, "Security",
|
peap->passphrase = l_settings_get_string(settings, "Security", entry);
|
||||||
entry));
|
|
||||||
|
|
||||||
peap->phase2_eap = eap_new(eap_peap_phase2_send_response,
|
peap->phase2_eap = eap_new(eap_peap_phase2_send_response,
|
||||||
eap_peap_phase2_complete, eap);
|
eap_peap_phase2_complete, eap);
|
||||||
|
@ -721,12 +721,13 @@ static int eap_pwd_check_settings(struct l_settings *settings,
|
|||||||
const char *prefix,
|
const char *prefix,
|
||||||
struct l_queue **out_missing)
|
struct l_queue **out_missing)
|
||||||
{
|
{
|
||||||
const char *identity, *password = NULL;
|
const char *password;
|
||||||
|
L_AUTO_FREE_VAR(char *, identity);
|
||||||
const struct eap_secret_info *secret;
|
const struct eap_secret_info *secret;
|
||||||
char setting[64], setting2[64];
|
char setting[64], setting2[64];
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
||||||
identity = l_settings_get_value(settings, "Security", setting);
|
identity = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
snprintf(setting2, sizeof(setting2), "%sPWD-Password", prefix);
|
snprintf(setting2, sizeof(setting2), "%sPWD-Password", prefix);
|
||||||
password = l_settings_get_value(settings, "Security", setting2);
|
password = l_settings_get_value(settings, "Security", setting2);
|
||||||
@ -766,8 +767,7 @@ static bool eap_pwd_load_settings(struct eap_state *eap,
|
|||||||
pwd->state = EAP_PWD_STATE_INIT;
|
pwd->state = EAP_PWD_STATE_INIT;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
||||||
pwd->identity = l_strdup(l_settings_get_value(settings, "Security",
|
pwd->identity = l_settings_get_string(settings, "Security", setting);
|
||||||
setting));
|
|
||||||
|
|
||||||
if (!pwd->identity) {
|
if (!pwd->identity) {
|
||||||
l_error("EAP-Identity is missing");
|
l_error("EAP-Identity is missing");
|
||||||
@ -775,8 +775,7 @@ static bool eap_pwd_load_settings(struct eap_state *eap,
|
|||||||
}
|
}
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sPWD-Password", prefix);
|
snprintf(setting, sizeof(setting), "%sPWD-Password", prefix);
|
||||||
pwd->password = l_strdup(l_settings_get_value(settings, "Security",
|
pwd->password = l_settings_get_string(settings, "Security", setting);
|
||||||
setting));
|
|
||||||
|
|
||||||
if (!pwd->password) {
|
if (!pwd->password) {
|
||||||
l_error("EAP-PWD password is missing");
|
l_error("EAP-PWD password is missing");
|
||||||
|
@ -393,12 +393,14 @@ static int eap_tls_check_settings(struct l_settings *settings,
|
|||||||
struct l_queue **out_missing)
|
struct l_queue **out_missing)
|
||||||
{
|
{
|
||||||
char setting[64], client_cert_setting[64], passphrase_setting[64];
|
char setting[64], client_cert_setting[64], passphrase_setting[64];
|
||||||
const char *path, *client_cert, *passphrase;
|
L_AUTO_FREE_VAR(char *, path) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, client_cert) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, passphrase) = NULL;
|
||||||
uint8_t *cert;
|
uint8_t *cert;
|
||||||
size_t size;
|
size_t size;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-CACert", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-CACert", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", setting);
|
path = l_settings_get_string(settings, "Security", setting);
|
||||||
if (path) {
|
if (path) {
|
||||||
cert = l_pem_load_certificate(path, &size);
|
cert = l_pem_load_certificate(path, &size);
|
||||||
if (!cert) {
|
if (!cert) {
|
||||||
@ -411,7 +413,7 @@ static int eap_tls_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(client_cert_setting, sizeof(client_cert_setting),
|
snprintf(client_cert_setting, sizeof(client_cert_setting),
|
||||||
"%sTLS-ClientCert", prefix);
|
"%sTLS-ClientCert", prefix);
|
||||||
client_cert = l_settings_get_value(settings, "Security",
|
client_cert = l_settings_get_string(settings, "Security",
|
||||||
client_cert_setting);
|
client_cert_setting);
|
||||||
if (client_cert) {
|
if (client_cert) {
|
||||||
cert = l_pem_load_certificate(client_cert, &size);
|
cert = l_pem_load_certificate(client_cert, &size);
|
||||||
@ -423,8 +425,10 @@ static int eap_tls_check_settings(struct l_settings *settings,
|
|||||||
l_free(cert);
|
l_free(cert);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
l_free(path);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-ClientKey", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-ClientKey", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", setting);
|
path = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
if (path && !client_cert) {
|
if (path && !client_cert) {
|
||||||
l_error("%s present but no client certificate (%s)",
|
l_error("%s present but no client certificate (%s)",
|
||||||
@ -434,7 +438,7 @@ static int eap_tls_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(passphrase_setting, sizeof(passphrase_setting),
|
snprintf(passphrase_setting, sizeof(passphrase_setting),
|
||||||
"%sTLS-ClientKeyPassphrase", prefix);
|
"%sTLS-ClientKeyPassphrase", prefix);
|
||||||
passphrase = l_settings_get_value(settings, "Security",
|
passphrase = l_settings_get_string(settings, "Security",
|
||||||
passphrase_setting);
|
passphrase_setting);
|
||||||
|
|
||||||
if (!passphrase) {
|
if (!passphrase) {
|
||||||
@ -443,7 +447,7 @@ static int eap_tls_check_settings(struct l_settings *settings,
|
|||||||
secret = l_queue_find(secrets, eap_secret_info_match,
|
secret = l_queue_find(secrets, eap_secret_info_match,
|
||||||
passphrase_setting);
|
passphrase_setting);
|
||||||
if (secret)
|
if (secret)
|
||||||
passphrase = secret->value;
|
passphrase = l_strdup(secret->value);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (path) {
|
if (path) {
|
||||||
@ -504,20 +508,16 @@ static bool eap_tls_load_settings(struct eap_state *eap,
|
|||||||
tls = l_new(struct eap_tls_state, 1);
|
tls = l_new(struct eap_tls_state, 1);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-CACert", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-CACert", prefix);
|
||||||
tls->ca_cert = l_strdup(l_settings_get_value(settings,
|
tls->ca_cert = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-ClientCert", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-ClientCert", prefix);
|
||||||
tls->client_cert = l_strdup(l_settings_get_value(settings,
|
tls->client_cert = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-ClientKey", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-ClientKey", prefix);
|
||||||
tls->client_key = l_strdup(l_settings_get_value(settings,
|
tls->client_key = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTLS-ClientKeyPassphrase", prefix);
|
snprintf(setting, sizeof(setting), "%sTLS-ClientKeyPassphrase", prefix);
|
||||||
tls->passphrase = l_strdup(l_settings_get_value(settings,
|
tls->passphrase = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
eap_set_data(eap, tls);
|
eap_set_data(eap, tls);
|
||||||
|
|
||||||
|
@ -660,12 +660,14 @@ static int eap_ttls_check_settings(struct l_settings *settings,
|
|||||||
struct l_queue **out_missing)
|
struct l_queue **out_missing)
|
||||||
{
|
{
|
||||||
char setting[64], client_cert_setting[64], passphrase_setting[64];
|
char setting[64], client_cert_setting[64], passphrase_setting[64];
|
||||||
const char *path, *client_cert, *passphrase;
|
L_AUTO_FREE_VAR(char *, path) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, client_cert) = NULL;
|
||||||
|
L_AUTO_FREE_VAR(char *, passphrase) = NULL;
|
||||||
uint8_t *cert;
|
uint8_t *cert;
|
||||||
size_t size;
|
size_t size;
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-CACert", prefix);
|
snprintf(setting, sizeof(setting), "%sTTLS-CACert", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", setting);
|
path = l_settings_get_string(settings, "Security", setting);
|
||||||
if (path) {
|
if (path) {
|
||||||
cert = l_pem_load_certificate(path, &size);
|
cert = l_pem_load_certificate(path, &size);
|
||||||
if (!cert) {
|
if (!cert) {
|
||||||
@ -678,7 +680,7 @@ static int eap_ttls_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(client_cert_setting, sizeof(client_cert_setting),
|
snprintf(client_cert_setting, sizeof(client_cert_setting),
|
||||||
"%sTTLS-ClientCert", prefix);
|
"%sTTLS-ClientCert", prefix);
|
||||||
client_cert = l_settings_get_value(settings, "Security",
|
client_cert = l_settings_get_string(settings, "Security",
|
||||||
client_cert_setting);
|
client_cert_setting);
|
||||||
if (client_cert) {
|
if (client_cert) {
|
||||||
cert = l_pem_load_certificate(client_cert, &size);
|
cert = l_pem_load_certificate(client_cert, &size);
|
||||||
@ -690,8 +692,10 @@ static int eap_ttls_check_settings(struct l_settings *settings,
|
|||||||
l_free(cert);
|
l_free(cert);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
l_free(path);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-ClientKey", prefix);
|
snprintf(setting, sizeof(setting), "%sTTLS-ClientKey", prefix);
|
||||||
path = l_settings_get_value(settings, "Security", setting);
|
path = l_settings_get_string(settings, "Security", setting);
|
||||||
|
|
||||||
if (path && !client_cert) {
|
if (path && !client_cert) {
|
||||||
l_error("%s present but no client certificate (%s)",
|
l_error("%s present but no client certificate (%s)",
|
||||||
@ -701,7 +705,7 @@ static int eap_ttls_check_settings(struct l_settings *settings,
|
|||||||
|
|
||||||
snprintf(passphrase_setting, sizeof(passphrase_setting),
|
snprintf(passphrase_setting, sizeof(passphrase_setting),
|
||||||
"%sTTLS-ClientKeyPassphrase", prefix);
|
"%sTTLS-ClientKeyPassphrase", prefix);
|
||||||
passphrase = l_settings_get_value(settings, "Security",
|
passphrase = l_settings_get_string(settings, "Security",
|
||||||
passphrase_setting);
|
passphrase_setting);
|
||||||
|
|
||||||
if (!passphrase) {
|
if (!passphrase) {
|
||||||
@ -774,21 +778,18 @@ static bool eap_ttls_load_settings(struct eap_state *eap,
|
|||||||
ttls = l_new(struct eap_ttls_state, 1);
|
ttls = l_new(struct eap_ttls_state, 1);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-CACert", prefix);
|
snprintf(setting, sizeof(setting), "%sTTLS-CACert", prefix);
|
||||||
ttls->ca_cert = l_strdup(l_settings_get_value(settings,
|
ttls->ca_cert = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-ClientCert", prefix);
|
snprintf(setting, sizeof(setting), "%sTTLS-ClientCert", prefix);
|
||||||
ttls->client_cert = l_strdup(l_settings_get_value(settings,
|
ttls->client_cert = l_settings_get_string(settings,
|
||||||
"Security", setting));
|
"Security", setting);
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-ClientKey", prefix);
|
snprintf(setting, sizeof(setting), "%sTTLS-ClientKey", prefix);
|
||||||
ttls->client_key = l_strdup(l_settings_get_value(settings,
|
ttls->client_key = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
snprintf(setting, sizeof(setting), "%sTTLS-ClientKeyPassphrase",
|
snprintf(setting, sizeof(setting), "%sTTLS-ClientKeyPassphrase",
|
||||||
prefix);
|
prefix);
|
||||||
ttls->passphrase = l_strdup(l_settings_get_value(settings,
|
ttls->passphrase = l_settings_get_string(settings, "Security", setting);
|
||||||
"Security", setting));
|
|
||||||
|
|
||||||
ttls->eap = eap_new(eap_ttls_eap_tx_packet,
|
ttls->eap = eap_new(eap_ttls_eap_tx_packet,
|
||||||
eap_ttls_eap_complete, eap);
|
eap_ttls_eap_complete, eap);
|
||||||
|
@ -509,8 +509,8 @@ bool eap_load_settings(struct eap_state *eap, struct l_settings *settings,
|
|||||||
/* get identity from settings or from EAP method */
|
/* get identity from settings or from EAP method */
|
||||||
if (!eap->method->get_identity) {
|
if (!eap->method->get_identity) {
|
||||||
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
snprintf(setting, sizeof(setting), "%sIdentity", prefix);
|
||||||
eap->identity = l_strdup(l_settings_get_value(settings,
|
eap->identity = l_settings_get_string(settings,
|
||||||
"Security", setting));
|
"Security", setting);
|
||||||
} else {
|
} else {
|
||||||
eap->identity = l_strdup(eap->method->get_identity(eap));
|
eap->identity = l_strdup(eap->method->get_identity(eap));
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user