3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00
iwd/src
James Prestwood bea1d22a5c eap-tls-common: allow embedded PEMs in settings
Refactoring was required to allow for embedded certs. The existing
eap_tls_state object was changed to hold the cert types (l_queue,
l_certchain, l_key) rather than the file path, since there may not
actually be separate PEM files.

Care was taken to properly manage the memory of these objects.
Since the TLS object takes ownership when setting auth data or the
CA certs all error cases must be handled properly to free these
objects after they are loaded and in addition they must be set to
NULL so that the cleanup doesn't double free them.

If everything goes to plan, we load all the PEMs in settings_load,
provide these objects to the TLS APIs, and then NULL out the
pointers (TLS now owns this memory). If anything fails between
settings_load and l_tls_start we must free these objects.

A special format must be used to indicate that a PEM is embedded
inside the settings file. First, the l_settings format should be
followed for the PEM itself, e.g.

[@pem@my_ca_cert]
<CA Cert data>

This PEM can then be referenced by "embed:my_ca_cert", e.g.

EAP-TLS-CACert=embed:my_ca_cert

Any other value not starting with "embed:" will be treated as a file
path.
2019-10-07 11:39:30 -05:00
..
adhoc.c eapol: Remove eapol_sm_set_protocol_version 2019-07-15 21:45:58 -05:00
agent.c agent: Add new request types 2018-04-19 11:49:41 -05:00
agent.h agent: Add new request types 2018-04-19 11:49:41 -05:00
anqp.c anqp: Use nl80211_parse_attrs 2019-09-19 23:04:06 -05:00
anqp.h anqp: move ANQP parsers into anqputil 2019-07-15 14:53:44 -05:00
anqputil.c anqp: move ANQP parsers into anqputil 2019-07-15 14:53:44 -05:00
anqputil.h anqp: move ANQP parsers into anqputil 2019-07-15 14:53:44 -05:00
ap.c eapol: Remove eapol_sm_set_protocol_version 2019-07-15 21:45:58 -05:00
auth-proto.h auth-proto: introduce auth-proto concept 2019-05-03 13:53:50 -05:00
backtrace.c build: only enable backtrace(3) in maintainer mode 2018-11-26 14:32:04 -06:00
backtrace.h build: only enable backtrace(3) in maintainer mode 2018-11-26 14:32:04 -06:00
blacklist.c blacklist: Convert to use IWD_MODULE 2019-05-22 09:58:04 -05:00
blacklist.h blacklist: Convert to use IWD_MODULE 2019-05-22 09:58:04 -05:00
common.c ie: add IE_RSN_AKM_SUITE_OSEN 2019-06-07 16:15:07 -05:00
common.h scan: Move scan_get_security to common.c 2018-05-24 19:22:16 -05:00
crypto.c crypto: fix copy size causing overruns/crashing 2019-10-03 12:25:57 -05:00
crypto.h crypto: add crypto_passphrase_is_valid 2019-09-18 16:48:07 -05:00
dbus.c dbus: Add p2p iftypes in dbus_iftype_to_string 2019-04-11 11:01:09 -05:00
dbus.h main: Don't init nl80211 until dbus name is owned 2018-09-11 20:06:00 -05:00
device.c scan: Switch all uses of ifindex to wdev_id 2019-07-08 11:53:00 -05:00
device.h station: Move remaining connect/re-connect/roam logic 2018-09-04 23:57:14 -05:00
eap-aka.c eap-aka: derive Session-ID for ERP 2019-04-22 16:31:14 -05:00
eap-gtc.c build: Add support for including fallbacks for missing defines 2019-04-03 18:34:22 +02:00
eap-md5.c build: Add support for including fallbacks for missing defines 2019-04-03 18:34:22 +02:00
eap-mschapv2.c eap: export session ID as key materials 2019-04-10 16:55:29 -05:00
eap-mschapv2.h eap-mschapv2: Drop mschapv2_nt_password_hash, use mschap_nt_password_hash 2019-03-19 11:34:23 -05:00
eap-peap.c peap: Send cleartext ACK to tunneled EAP-Success 2019-09-11 15:27:02 -05:00
eap-private.h eap: export session ID as key materials 2019-04-10 16:55:29 -05:00
eap-pwd.c eap-pwd: remove old EAP-PWD-Password support 2019-09-17 11:46:19 -05:00
eap-sim.c eap-sim: derive session-ID for ERP 2019-04-22 16:31:19 -05:00
eap-tls-common.c eap-tls-common: allow embedded PEMs in settings 2019-10-07 11:39:30 -05:00
eap-tls-common.h eap-tls-common: Make databuf private 2018-12-11 17:09:51 -06:00
eap-tls.c eap-tls: add new EAP method for Anonymous TLS 2019-06-06 13:29:11 -05:00
eap-ttls.c eap: export session ID as key materials 2019-04-10 16:55:29 -05:00
eap-wsc.c eap-wsc: fix valgrind warning 2019-08-27 20:58:01 -05:00
eap-wsc.h eap-wsc: Send credential obtained events 2016-09-13 13:32:47 -05:00
eap.c eap: Make global variable static 2019-08-15 19:39:27 +02:00
eap.h eap: add eap_get_identity 2019-04-10 16:57:07 -05:00
eapol.c eapol: Propagate noencrypt and use it 2019-08-27 20:50:07 -05:00
eapol.h eapol: Propagate noencrypt and use it 2019-08-27 20:50:07 -05:00
eapolutil.c eapol: allow 16, 24 and 32 byte MIC lengths 2019-01-17 15:20:28 -06:00
eapolutil.h eapolutil: Add 2010 EAP protocol version 2019-07-15 21:24:05 -05:00
erp.c erp: Convert to using IWD_MODULE 2019-05-19 13:07:13 -05:00
erp.h erp: Convert to using IWD_MODULE 2019-05-19 13:07:13 -05:00
fils.c fils: Fix endianness issues 2019-05-23 16:59:14 -05:00
fils.h fils: netdev: update to use auth_proto concepts 2019-05-03 14:37:11 -05:00
ft.c ft: Fix endianness issues 2019-05-23 16:59:34 -05:00
ft.h ft: netdev: station: support FT-over-DS 2019-05-09 13:38:34 -05:00
genbuiltin make: plugin system for build 2017-11-28 13:20:33 -06:00
handshake.c handshake: Add handshake_state_set_protocol_version 2019-07-15 21:45:12 -05:00
handshake.h handshake: Add handshake_state_set_protocol_version 2019-07-15 21:45:12 -05:00
hotspot.c hotspot: implement get_file_path op 2019-09-12 11:28:20 -05:00
ie.c ie: Always include RSN Capabilities bytes 2019-09-11 15:28:10 -05:00
ie.h ie: add parser/builder for hotspot indication element 2019-07-24 00:13:27 -05:00
iwd-dbus.conf tools: Add configure option and D-Bus policy file for hwsim utility 2018-09-14 15:24:15 +02:00
iwd.conf.rst build: Add manual page for iwd configuration file 2019-10-03 22:36:39 +02:00
iwd.h module: Introduce a basic module dependency framework 2019-08-07 16:33:19 -05:00
iwd.rst doc: Add more detailed description for iwd daemon 2019-10-03 22:35:47 +02:00
iwd.service.in build: Add StateDirectoryMode=0700 option to systemd service 2019-09-09 06:55:22 +02:00
knownnetworks.c knownnetworks: add roam frequency getter 2019-09-17 11:39:12 -05:00
knownnetworks.h knownnetworks: add roam frequency getter 2019-09-17 11:39:12 -05:00
main.c main: Make rfkill an IWD_MODULE 2019-09-24 10:07:40 -05:00
manager.c wiphy: Remove wiphy_parse_id_and_name 2019-09-19 22:55:07 -05:00
missing.h build: Add support for including fallbacks for missing defines 2019-04-03 18:34:22 +02:00
module.c module: print module name/error if it fails to start 2019-09-09 15:42:09 -05:00
mpdu.c mpdu: Validate action frame minimum length 2019-07-08 13:42:22 -05:00
mpdu.h mpdu: add auth algorithms for FILS 2019-04-05 12:07:37 -05:00
mschaputil.c Revert "mschaputil: use util_get_username" 2019-04-18 10:46:56 -05:00
mschaputil.h mschaputil: Move generator of the hash of the pwd hash 2019-01-10 17:09:10 -06:00
net.connman.iwd.service net.connman.iwd.service: Change SystemdService name to iwd.service 2018-08-09 10:45:16 -05:00
netconfig.c netconfig: Allow to override IPv6 DHCP DNSs with static addresses 2019-10-04 12:17:20 -05:00
netconfig.h netconfig: Decouple from station state 2019-09-30 14:57:18 -05:00
netdev.c netdev: handle QoS Map IE/Frame 2019-09-13 17:29:39 -05:00
netdev.h netdev: make vendor_ies const on netdev_connect() 2019-09-09 09:55:12 -05:00
network.c network: validate passphrase on _set_passphrase 2019-09-18 16:48:29 -05:00
network.h network: add network_set_passphrase 2019-09-17 16:20:28 -05:00
nl80211cmd.c nl80211cmd: Add additional commands 2019-08-15 15:06:59 -05:00
nl80211cmd.h nl80211cmd: Introduce new utility 2019-07-15 14:06:26 -05:00
nl80211util.c anqp: Use nl80211_parse_attrs 2019-09-19 23:04:06 -05:00
nl80211util.h nl80211util: Add skeleton of nl80211_parse_attrs 2019-09-19 22:41:54 -05:00
owe.c owe: Fix endianness issues 2019-05-23 16:58:59 -05:00
owe.h owe: netdev: update to use auth_proto concepts 2019-05-03 14:37:11 -05:00
p2putil.c p2putil: Builders for P2P action frames 2019-07-08 22:08:36 -05:00
p2putil.h p2putil: Builders for P2P action frames 2019-07-08 22:08:36 -05:00
pkcs8.conf build: Provide modules-load.d for loading pkcs8_key_parser module 2019-01-23 18:22:11 +01:00
plugin.c build: Add missing HAVE_CONFIG_H guards and include config.h 2019-04-04 14:02:38 +02:00
plugin.h plugins: module to load ell plugins 2017-11-28 13:30:06 -06:00
resolve.c resolve: Add a missing l_free 2019-08-07 11:13:10 -05:00
resolve.h resolve: Introduce resolve module 2019-07-02 19:09:57 -05:00
rfkill.c main: Make rfkill an IWD_MODULE 2019-09-24 10:07:40 -05:00
rfkill.h main: Make rfkill an IWD_MODULE 2019-09-24 10:07:40 -05:00
rtnlutil.c rtnlutil: Add IPv6 route deletion helper 2019-10-03 10:56:07 -05:00
rtnlutil.h rtnlutil: Add IPv6 route deletion helper 2019-10-03 10:56:07 -05:00
sae.c sae: check minimum anti-clogging token size 2019-07-18 23:34:03 -05:00
sae.h sae: netdev: update to use auth_proto concepts 2019-05-03 14:42:38 -05:00
scan.c scan: add scan_freq_set_isempty 2019-09-17 11:28:23 -05:00
scan.h scan: add scan_freq_set_isempty 2019-09-17 11:28:23 -05:00
simauth.c simauth: Convert to use IWD_MODULE 2019-05-22 10:20:08 -05:00
simauth.h main: Simplify sim_auth_init 2018-07-17 19:12:48 -05:00
simutil.c build: Add missing HAVE_CONFIG_H guards and include config.h 2019-04-04 14:02:38 +02:00
simutil.h eap: Separate private bits into eap-private.h 2018-06-14 20:01:19 -05:00
station.c station: don't reset/(re)configure/destroy NULL netconfig's 2019-10-03 12:34:56 -05:00
station.h station: introduce station_network_foreach 2019-08-19 12:40:18 -05:00
storage.c storage: fix hotspot dir creation 2019-09-09 15:42:09 -05:00
storage.h storage: Add support for utilizing STATE_DIRECTORY environment 2019-09-08 19:19:34 +02:00
util.c storage: util: remove unused APIs 2019-08-21 14:16:08 -05:00
util.h util: add util_set_bit 2019-08-21 17:24:16 -05:00
watchlist.c watchlist: Use full include path local includes 2018-10-26 21:33:01 +02:00
watchlist.h watchlist: fix stale watchlist item processing 2018-09-19 14:17:26 -05:00
wiphy.c wiphy: Remove wiphy_parse_id_and_name 2019-09-19 22:55:07 -05:00
wiphy.h wiphy: Remove wiphy_parse_id_and_name 2019-09-19 22:55:07 -05:00
wsc.c wsc: store plain text passphrase if available 2019-09-18 16:47:41 -05:00
wscutil.c wscutil: Add wsc_build_p2p_attrs 2019-07-08 13:46:53 -05:00
wscutil.h wscutil: Add wsc_build_p2p_attrs 2019-07-08 13:46:53 -05:00