This patch adds error and info messages in case connman detects
missing parameters when doing a TLS or a PEAP/TTLS authentication.
---
plugins/supplicant.c | 66 ++++++++++++++++++++++++++++++++++++++-----------
1 files changed, 51 insertions(+), 15 deletions(-)
diff --git a/plugins/supplicant.c b/plugins/supplicant.c
index 7e2a2e5..ba312b0 100644
--- a/plugins/supplicant.c
+++ b/plugins/supplicant.c
@@ -1075,29 +1075,44 @@ static int set_network_tls(struct connman_network
*network,
const char *private_key_password;
/*
- * For TLS, we at least need a key, the client cert,
- * and a passhprase.
- * Server cert is optional.
+ * For TLS, we at least need:
+ * The client certificate
+ * The client private key file
+ * The client private key file password
+ *
+ * The Authority certificate is optional.
*/
client_cert = connman_network_get_string(network,
"WiFi.ClientCertFile");
- if (client_cert == NULL)
+ if (client_cert == NULL) {
+ connman_error("Error in TLS authentication: "
+ "a ClientCertFile must be defined\n");
return -EINVAL;
+ }
private_key = connman_network_get_string(network,
"WiFi.PrivateKeyFile");
- if (private_key == NULL)
+ if (private_key == NULL) {
+ connman_error("Error in TLS authentication: "
+ "a PrivateKeyFile must be defined\n");
return -EINVAL;
+ }
private_key_password = connman_network_get_string(network,
"WiFi.PrivateKeyPassphrase");
- if (private_key_password == NULL)
+ if (private_key_password == NULL) {
+ connman_error("Error in TLS authentication: "
+ "a PrivateKeyPassphrase must be defined\n");
return -EINVAL;
+ }
ca_cert = connman_network_get_string(network, "WiFi.CACertFile");
if (ca_cert)
connman_dbus_dict_append_basic(dict, "ca_cert",
DBUS_TYPE_STRING, &ca_cert);
+ else
+ connman_info("No CACertFile has been provided "
+ "to do the TLS authentication\n");
DBG("client cert %s private key %s", client_cert, private_key);
@@ -1119,19 +1134,29 @@ static int set_network_peap(struct connman_network
*network,
char *phase2_auth;
/*
- * For PEAP, we at least need the sever cert, a 2nd
- * phase authentication and a passhprase.
- * Client cert is optional although strongly required
- * When setting the client cert, we then need a private
- * key as well.
+ * For PEAP/TTLS, we at least need
+ * The authority certificate
+ * The 2nd phase authentication method
+ * The 2nd phase passphrase
+ *
+ * The Client certificate is optional although strongly required
+ * When setting it, we need in addition
+ * The Client private key file
+ * The Client private key file password
*/
ca_cert = connman_network_get_string(network, "WiFi.CACertFile");
- if (ca_cert == NULL)
+ if (ca_cert == NULL) {
+ connman_error("Error in PEAP/TTLS authentication: "
+ "CACertFile must be defined\n");
return -EINVAL;
+ }
phase2 = connman_network_get_string(network, "WiFi.Phase2");
- if (phase2 == NULL)
+ if (phase2 == NULL) {
+ connman_error("Error in PEAP/TTLS authentication: "
+ "Phase2 must be defined\n");
return -EINVAL;
+ }
DBG("CA cert %s phase2 auth %s", ca_cert, phase2);
@@ -1142,14 +1167,22 @@ static int set_network_peap(struct connman_network
*network,
private_key = connman_network_get_string(network,
"WiFi.PrivateKeyFile");
- if (private_key == NULL)
+ if (private_key == NULL) {
+ connman_error("Error in PEAP/TTLS authentication: "
+ "with ClientCertFile, "
+ "PrivateKeyFile must be defined\n");
return -EINVAL;
+ }
private_key_password =
connman_network_get_string(network,
"WiFi.PrivateKeyPassphrase");
- if (private_key_password == NULL)
+ if (private_key_password == NULL) {
+ connman_error("Error in PEAP/TTLS authentication: "
+ "with ClientCertFile, "
+ "PrivateKeyPassphrase must be defined\n");
return -EINVAL;
+ }
connman_dbus_dict_append_basic(dict, "client_cert",
DBUS_TYPE_STRING, &client_cert);
@@ -1163,6 +1196,9 @@ static int set_network_peap(struct connman_network
*network,
DBG("client cert %s private key %s", client_cert, private_key);
}
+ else
+ connman_info("No client certificate has been provided "
+ "to do the PEAP/TTLS authentication\n");
phase2_auth = g_strdup_printf("\"auth=%s\"", phase2);
--
1.7.0.4
---------------------------------------------------------------------
Intel Corporation SAS (French simplified joint stock company)
Registered headquarters: "Les Montalets"- 2, rue de Paris,
92196 Meudon Cedex, France
Registration Number: 302 456 199 R.C.S. NANTERRE
Capital: 4,572,000 Euros
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
