Sorry, my git-send-email-fu is apparently not what I hoped it was. This is my patchset for the 0.8.x branch.
Thanks, - Evan On Sun, Aug 21, 2011 at 10:45 AM, Evan Broder <[email protected]> wrote: > Includes subject_match and phase2_subject_match (string) parameters, > and altsubject_matches and phase2_altsubject_matches (list of string) > parameters. > > subject_match is matched against a substring of the subject from the > certificate presented by the remote authentication server. If this > option is unset, no subject verification is performed. > > altsubject_matches are each tested against the alternate subject name > (altSubjectName) of the certificate presented by the remote > authentication server. If this option is unset, no verification of the > altSubjectName is performed. > --- > libnm-util/libnm-util.ver | 12 ++ > libnm-util/nm-setting-8021x.c | 386 > +++++++++++++++++++++++++++++++++++++++++ > libnm-util/nm-setting-8021x.h | 26 +++ > 3 files changed, 424 insertions(+), 0 deletions(-) > > diff --git a/libnm-util/libnm-util.ver b/libnm-util/libnm-util.ver > index b348fd6..809c1d1 100644 > --- a/libnm-util/libnm-util.ver > +++ b/libnm-util/libnm-util.ver > @@ -75,10 +75,15 @@ global: > nm_ip6_route_set_next_hop; > nm_ip6_route_set_prefix; > nm_ip6_route_unref; > + nm_setting_802_1x_add_altsubject_match; > nm_setting_802_1x_add_eap_method; > + nm_setting_802_1x_add_phase2_altsubject_match; > + nm_setting_802_1x_clear_altsubject_matches; > nm_setting_802_1x_clear_eap_methods; > + nm_setting_802_1x_clear_phase2_altsubject_matches; > nm_setting_802_1x_error_get_type; > nm_setting_802_1x_error_quark; > + nm_setting_802_1x_get_altsubject_match; > nm_setting_802_1x_get_anonymous_identity; > nm_setting_802_1x_get_ca_cert; > nm_setting_802_1x_get_ca_cert_blob; > @@ -91,11 +96,14 @@ global: > nm_setting_802_1x_get_client_cert_scheme; > nm_setting_802_1x_get_eap_method; > nm_setting_802_1x_get_identity; > + nm_setting_802_1x_get_num_altsubject_matches; > nm_setting_802_1x_get_num_eap_methods; > + nm_setting_802_1x_get_num_phase2_altsubject_matches; > nm_setting_802_1x_get_password; > nm_setting_802_1x_get_phase1_fast_provisioning; > nm_setting_802_1x_get_phase1_peaplabel; > nm_setting_802_1x_get_phase1_peapver; > + nm_setting_802_1x_get_phase2_altsubject_match; > nm_setting_802_1x_get_phase2_auth; > nm_setting_802_1x_get_phase2_autheap; > nm_setting_802_1x_get_phase2_ca_cert; > @@ -114,6 +122,7 @@ global: > nm_setting_802_1x_get_phase2_private_key_path; > nm_setting_802_1x_get_phase2_private_key_scheme; > nm_setting_802_1x_get_phase2_private_key_type; > + nm_setting_802_1x_get_phase2_subject_match; > nm_setting_802_1x_get_pin; > nm_setting_802_1x_get_private_key; > nm_setting_802_1x_get_private_key_blob; > @@ -123,10 +132,13 @@ global: > nm_setting_802_1x_get_private_key_scheme; > nm_setting_802_1x_get_private_key_type; > nm_setting_802_1x_get_psk; > + nm_setting_802_1x_get_subject_match; > nm_setting_802_1x_get_system_ca_certs; > nm_setting_802_1x_get_type; > nm_setting_802_1x_new; > + nm_setting_802_1x_remove_altsubject_match; > nm_setting_802_1x_remove_eap_method; > + nm_setting_802_1x_remove_phase2_altsubject_match; > nm_setting_802_1x_set_ca_cert; > nm_setting_802_1x_set_ca_cert_from_file; > nm_setting_802_1x_set_client_cert; > diff --git a/libnm-util/nm-setting-8021x.c b/libnm-util/nm-setting-8021x.c > index eea6ba5..a322aa7 100644 > --- a/libnm-util/nm-setting-8021x.c > +++ b/libnm-util/nm-setting-8021x.c > @@ -115,6 +115,8 @@ typedef struct { > char *anonymous_identity; > GByteArray *ca_cert; > char *ca_path; > + char *subject_match; > + GSList *altsubject_matches; > GByteArray *client_cert; > char *phase1_peapver; > char *phase1_peaplabel; > @@ -123,6 +125,8 @@ typedef struct { > char *phase2_autheap; > GByteArray *phase2_ca_cert; > char *phase2_ca_path; > + char *phase2_subject_match; > + GSList *phase2_altsubject_matches; > GByteArray *phase2_client_cert; > char *password; > char *pin; > @@ -141,6 +145,8 @@ enum { > PROP_ANONYMOUS_IDENTITY, > PROP_CA_CERT, > PROP_CA_PATH, > + PROP_SUBJECT_MATCH, > + PROP_ALTSUBJECT_MATCHES, > PROP_CLIENT_CERT, > PROP_PHASE1_PEAPVER, > PROP_PHASE1_PEAPLABEL, > @@ -149,6 +155,8 @@ enum { > PROP_PHASE2_AUTHEAP, > PROP_PHASE2_CA_CERT, > PROP_PHASE2_CA_PATH, > + PROP_PHASE2_SUBJECT_MATCH, > + PROP_PHASE2_ALTSUBJECT_MATCHES, > PROP_PHASE2_CLIENT_CERT, > PROP_PASSWORD, > PROP_PRIVATE_KEY, > @@ -616,6 +624,135 @@ nm_setting_802_1x_set_ca_cert_from_file (NMSetting8021x > *setting, > } > > /** > + * nm_setting_802_1x_get_subject_match: > + * @setting: the #NMSetting8021x > + * > + * Returns: the #NMSetting8021x:subject-match property. This is the > + * substring to be matched against the subject of the authentication > + * server certificate, or NULL no subject verification is to be > + * performed. > + **/ > +const char * > +nm_setting_802_1x_get_subject_match (NMSetting8021x *setting) > +{ > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); > + > + return NM_SETTING_802_1X_GET_PRIVATE (setting)->subject_match; > +} > + > +/** > + * nm_setting_802_1x_get_num_altsubject_matches: > + * @setting: the #NMSetting8021x > + * > + * Returns the number of entries in the > + * #NMSetting8021x:altsubject-matches property of this setting. > + * > + * Returns: the number of altsubject-matches entries. > + **/ > +guint32 > +nm_setting_802_1x_get_num_altsubject_matches (NMSetting8021x *setting) > +{ > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), 0); > + > + return g_slist_length (NM_SETTING_802_1X_GET_PRIVATE > (setting)->altsubject_matches); > +} > + > +/** > + * nm_setting_802_1x_get_altsubject_match: > + * @setting: the #NMSettingConnection > + * @i: the zero-based index of the array of altSubjectName matches > + * > + * Returns the altSubjectName match at index @i. > + * > + * Returns: the altSubjectName match at index @i > + **/ > +const char * > +nm_setting_802_1x_get_altsubject_match (NMSetting8021x *setting, guint32 i) > +{ > + NMSetting8021xPrivate *priv; > + > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + g_return_val_if_fail (i <= g_slist_length (priv->altsubject_matches), > NULL); > + > + return (const char *) g_slist_nth_data (priv->altsubject_matches, i); > +} > + > +/** > + * nm_setting_802_1x_add_altsubject_match: > + * @setting: the #NMSetting8021x > + * @altsubject_match: the altSubjectName to allow for this connection > + * > + * Adds an allowed alternate subject name match. Until at least one > + * match is added, the altSubjectName of the remote authentication > + * server is not verified. > + * > + * Returns: TRUE if the alternative subject name match was > + * successfully added, FALSE if it was already allowed. > + **/ > +gboolean > +nm_setting_802_1x_add_altsubject_match (NMSetting8021x *setting, > + > const char *altsubject_match) > +{ > + NMSetting8021xPrivate *priv; > + GSList *iter; > + > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), FALSE); > + g_return_val_if_fail (altsubject_match != NULL, FALSE); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + for (iter = priv->altsubject_matches; iter; iter = g_slist_next > (iter)) { > + if (!strcmp (altsubject_match, (char *) iter->data)) > + return FALSE; > + } > + > + priv->altsubject_matches = g_slist_append (priv->altsubject_matches, > g_strdup (altsubject_match)); > + return TRUE; > +} > + > +/** > + * nm_setting_802_1x_remove_altsubject_match: > + * @setting: the #NMSetting8021x > + * @i: the index of the altSubjectName match to remove > + * > + * Removes the allowed altSubjectName at the specified index. > + **/ > +void > +nm_setting_802_1x_remove_altsubject_match (NMSetting8021x *setting, guint32 > i) > +{ > + NMSetting8021xPrivate *priv; > + GSList *elt; > + > + g_return_if_fail (NM_IS_SETTING_802_1X (setting)); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + elt = g_slist_nth (priv->altsubject_matches, i); > + g_return_if_fail (elt != NULL); > + > + g_free (elt->data); > + priv->altsubject_matches = g_slist_delete_link > (priv->altsubject_matches, elt); > +} > + > +/** > + * nm_setting_802_1x_clear_altsubject_matches: > + * @setting: the #NMSetting8021x > + * > + * Clears all altSubjectName matches. > + **/ > +void > +nm_setting_802_1x_clear_altsubject_matches (NMSetting8021x *setting) > +{ > + NMSetting8021xPrivate *priv; > + > + g_return_if_fail (NM_IS_SETTING_802_1X (setting)); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + nm_utils_slist_free (priv->altsubject_matches, g_free); > + priv->altsubject_matches = NULL; > +} > + > +/** > * nm_setting_802_1x_get_client_cert_scheme: > * @setting: the #NMSetting8021x > * > @@ -1156,6 +1293,137 @@ nm_setting_802_1x_set_phase2_ca_cert_from_file > (NMSetting8021x *setting, > return success; > } > > +/* > + * nm_setting_802_1x_get_phase2_subject_match: > + * @setting: the #NMSetting8021x > + * > + * Returns: the #NMSetting8021x:phase2-subject-match property. This is > + * the substring to be matched against the subject of the "phase 2" > + * authentication server certificate, or NULL no subject verification > + * is to be performed. > + **/ > +const char * > +nm_setting_802_1x_get_phase2_subject_match (NMSetting8021x *setting) > +{ > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); > + > + return NM_SETTING_802_1X_GET_PRIVATE (setting)->phase2_subject_match; > +} > + > +/** > + * nm_setting_802_1x_get_num_phase2_altsubject_matches: > + * @setting: the #NMSetting8021x > + * > + * Returns the number of entries in the > + * #NMSetting8021x:phase2-altsubject-matches property of this setting. > + * > + * Returns: the number of phase2-altsubject-matches entries. > + **/ > +guint32 > +nm_setting_802_1x_get_num_phase2_altsubject_matches (NMSetting8021x *setting) > +{ > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), 0); > + > + return g_slist_length (NM_SETTING_802_1X_GET_PRIVATE > (setting)->phase2_altsubject_matches); > +} > + > +/** > + * nm_setting_802_1x_get_phase2_altsubject_match: > + * @setting: the #NMSettingConnection > + * @i: the zero-based index of the array of "phase 2" altSubjectName matches > + * > + * Returns the "phase 2" altSubjectName match at index @i. > + * > + * Returns: the "phase 2" altSubjectName match at index @i > + **/ > +const char * > +nm_setting_802_1x_get_phase2_altsubject_match (NMSetting8021x *setting, > guint32 i) > +{ > + NMSetting8021xPrivate *priv; > + > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), NULL); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + g_return_val_if_fail (i <= g_slist_length > (priv->phase2_altsubject_matches), NULL); > + > + return (const char *) g_slist_nth_data > (priv->phase2_altsubject_matches, i); > +} > + > +/** > + * nm_setting_802_1x_add_phase2_altsubject_match: > + * @setting: the #NMSetting8021x > + * @altsubject_match: the "phase 2" altSubjectName to allow for this > + * connection > + * > + * Adds an allowed alternate subject name match for "phase 2". Until > + * at least one match is added, the altSubjectName of the "phase 2" > + * remote authentication server is not verified. > + * > + * Returns: TRUE if the "phase 2" alternative subject name match was > + * successfully added, FALSE if it was already allowed. > + **/ > +gboolean > +nm_setting_802_1x_add_phase2_altsubject_match (NMSetting8021x *setting, > + > const char *phase2_altsubject_match) > +{ > + NMSetting8021xPrivate *priv; > + GSList *iter; > + > + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), FALSE); > + g_return_val_if_fail (phase2_altsubject_match != NULL, FALSE); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + for (iter = priv->phase2_altsubject_matches; iter; iter = > g_slist_next (iter)) { > + if (!strcmp (phase2_altsubject_match, (char *) iter->data)) > + return FALSE; > + } > + > + priv->phase2_altsubject_matches = g_slist_append > (priv->altsubject_matches, > + > g_strdup (phase2_altsubject_match)); > + return TRUE; > +} > + > +/** > + * nm_setting_802_1x_remove_phase2_altsubject_match: > + * @setting: the #NMSetting8021x > + * @i: the index of the "phase 2" altSubjectName match to remove > + * > + * Removes the allowed "phase 2" altSubjectName at the specified index. > + **/ > +void > +nm_setting_802_1x_remove_phase2_altsubject_match (NMSetting8021x *setting, > guint32 i) > +{ > + NMSetting8021xPrivate *priv; > + GSList *elt; > + > + g_return_if_fail (NM_IS_SETTING_802_1X (setting)); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + elt = g_slist_nth (priv->phase2_altsubject_matches, i); > + g_return_if_fail (elt != NULL); > + > + g_free (elt->data); > + priv->phase2_altsubject_matches = g_slist_delete_link > (priv->phase2_altsubject_matches, elt); > +} > + > +/** > + * nm_setting_802_1x_clear_phase2_altsubject_matches: > + * @setting: the #NMSetting8021x > + * > + * Clears all "phase 2" altSubjectName matches. > + **/ > +void > +nm_setting_802_1x_clear_phase2_altsubject_matches (NMSetting8021x *setting) > +{ > + NMSetting8021xPrivate *priv; > + > + g_return_if_fail (NM_IS_SETTING_802_1X (setting)); > + > + priv = NM_SETTING_802_1X_GET_PRIVATE (setting); > + nm_utils_slist_free (priv->phase2_altsubject_matches, g_free); > + priv->phase2_altsubject_matches = NULL; > +} > + > /** > * nm_setting_802_1x_get_phase2_client_cert_scheme: > * @setting: the #NMSetting8021x > @@ -2670,15 +2938,19 @@ finalize (GObject *object) > g_free (priv->identity); > g_free (priv->anonymous_identity); > g_free (priv->ca_path); > + g_free (priv->subject_match); > g_free (priv->phase1_peapver); > g_free (priv->phase1_peaplabel); > g_free (priv->phase1_fast_provisioning); > g_free (priv->phase2_auth); > g_free (priv->phase2_autheap); > g_free (priv->phase2_ca_path); > + g_free (priv->phase2_subject_match); > g_free (priv->password); > > nm_utils_slist_free (priv->eap, g_free); > + nm_utils_slist_free (priv->altsubject_matches, g_free); > + nm_utils_slist_free (priv->phase2_altsubject_matches, g_free); > > if (priv->ca_cert) > g_byte_array_free (priv->ca_cert, TRUE); > @@ -2753,6 +3025,14 @@ set_property (GObject *object, guint prop_id, > g_free (priv->ca_path); > priv->ca_path = g_value_dup_string (value); > break; > + case PROP_SUBJECT_MATCH: > + g_free (priv->subject_match); > + priv->subject_match = g_value_dup_string (value); > + break; > + case PROP_ALTSUBJECT_MATCHES: > + nm_utils_slist_free (priv->altsubject_matches, g_free); > + priv->altsubject_matches = g_value_dup_boxed (value); > + break; > case PROP_CLIENT_CERT: > if (priv->client_cert) { > g_byte_array_free (priv->client_cert, TRUE); > @@ -2801,6 +3081,14 @@ set_property (GObject *object, guint prop_id, > g_free (priv->phase2_ca_path); > priv->phase2_ca_path = g_value_dup_string (value); > break; > + case PROP_PHASE2_SUBJECT_MATCH: > + g_free (priv->phase2_subject_match); > + priv->phase2_subject_match = g_value_dup_string (value); > + break; > + case PROP_PHASE2_ALTSUBJECT_MATCHES: > + nm_utils_slist_free (priv->phase2_altsubject_matches, g_free); > + priv->phase2_altsubject_matches = g_value_dup_boxed (value); > + break; > case PROP_PHASE2_CLIENT_CERT: > if (priv->phase2_client_cert) { > g_byte_array_free (priv->phase2_client_cert, TRUE); > @@ -2881,6 +3169,12 @@ get_property (GObject *object, guint prop_id, > case PROP_CA_PATH: > g_value_set_string (value, priv->ca_path); > break; > + case PROP_SUBJECT_MATCH: > + g_value_set_string (value, priv->subject_match); > + break; > + case PROP_ALTSUBJECT_MATCHES: > + g_value_set_boxed (value, priv->altsubject_matches); > + break; > case PROP_CLIENT_CERT: > g_value_set_boxed (value, priv->client_cert); > break; > @@ -2905,6 +3199,12 @@ get_property (GObject *object, guint prop_id, > case PROP_PHASE2_CA_PATH: > g_value_set_string (value, priv->phase2_ca_path); > break; > + case PROP_PHASE2_SUBJECT_MATCH: > + g_value_set_string (value, priv->phase2_subject_match); > + break; > + case PROP_PHASE2_ALTSUBJECT_MATCHES: > + g_value_set_boxed (value, priv->phase2_altsubject_matches); > + break; > case PROP_PHASE2_CLIENT_CERT: > g_value_set_boxed (value, priv->phase2_client_cert); > break; > @@ -3054,6 +3354,47 @@ nm_setting_802_1x_class_init (NMSetting8021xClass > *setting_class) > G_PARAM_READWRITE | > NM_SETTING_PARAM_SERIALIZE)); > > /** > + * NMSetting8021x:subject-match: > + * > + * Substring to be matched against the subject of the certificate > + * presented by the authentication server. When unset, no > + * verification of the authentication server certificate's subject > + * is performed. > + **/ > + g_object_class_install_property > + (object_class, PROP_SUBJECT_MATCH, > + g_param_spec_string (NM_SETTING_802_1X_SUBJECT_MATCH, > + "Subject match", > + "Substring to be > matched against the subject of " > + "the certificate > presented by the authentication " > + "server. When > unset, no verification of the " > + "authentication > server certificate's subject is " > + "performed.", > + NULL, > + G_PARAM_READWRITE | > NM_SETTING_PARAM_SERIALIZE)); > + > + /** > + * NMSetting8021x:altsubject-matches: > + * > + * List of strings to be matched against the altSubjectName of the > + * certificate presented by the authentication server. If the list > + * is empty, no verification of the server certificate's > + * altSubjectName is performed. > + **/ > + g_object_class_install_property > + (object_class, PROP_ALTSUBJECT_MATCHES, > + _nm_param_spec_specialized > (NM_SETTING_802_1X_ALTSUBJECT_MATCHES, > + > "altSubjectName matches", > + > "List of strings to be matched against " > + > "the altSubjectName of the certificate " > + > "presented by the authentication server. " > + "If > the list is empty, no verification " > + "of > the server certificate's " > + > "altSubjectName is performed.", > + > DBUS_TYPE_G_LIST_OF_STRING, > + > G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE)); > + > + /** > * NMSetting8021x:client-cert: > * > * Contains the client certificate if used by the EAP method specified > in > @@ -3246,6 +3587,51 @@ nm_setting_802_1x_class_init (NMSetting8021xClass > *setting_class) > G_PARAM_READWRITE | > NM_SETTING_PARAM_SERIALIZE)); > > /** > + * NMSetting8021x:phase2-subject-match: > + * > + * Substring to be matched against the subject of the certificate > + * presented by the authentication server during the inner "phase > + * 2" authentication. When unset, no verification of the > + * authentication server certificate's subject is performed. > + **/ > + g_object_class_install_property > + (object_class, PROP_PHASE2_SUBJECT_MATCH, > + g_param_spec_string (NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH, > + "Phase2 subject > match", > + "Substring to be > matched against the subject of " > + "the certificate > presented by the authentication " > + "server during the > inner 'phase2' " > + "authentication. > When unset, no verification of " > + "the authentication > server certificate's subject " > + "is performed.", > + NULL, > + G_PARAM_READWRITE | > NM_SETTING_PARAM_SERIALIZE)); > + > + /** > + * NMSetting8021x:phase2-altsubject-matches: > + * > + * List of strings to be matched against the altSubjectName of the > + * certificate presented by the authentication server during the > + * inner "phase 2" authentication. If the list is empty, no > + * verification of the server certificate's altSubjectName is > + * performed. > + **/ > + g_object_class_install_property > + (object_class, PROP_PHASE2_ALTSUBJECT_MATCHES, > + _nm_param_spec_specialized > (NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES, > + > "altSubjectName matches", > + > "List of strings to be matched against " > + > "List of strings to be matched against " > + > "the altSubjectName of the certificate " > + > "presented by the authentication server " > + > "during the inner 'phase 2' " > + > "authentication. If the list is empty, no " > + > "verification of the server certificate's " > + > "altSubjectName is performed.", > + > DBUS_TYPE_G_LIST_OF_STRING, > + > G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE)); > + > + /** > * NMSetting8021x:phase2-client-cert: > * > * Contains the client certificate if used by the EAP method specified > in > diff --git a/libnm-util/nm-setting-8021x.h b/libnm-util/nm-setting-8021x.h > index 7ee868a..930c1da 100644 > --- a/libnm-util/nm-setting-8021x.h > +++ b/libnm-util/nm-setting-8021x.h > @@ -71,6 +71,8 @@ GQuark nm_setting_802_1x_error_quark (void); > #define NM_SETTING_802_1X_ANONYMOUS_IDENTITY "anonymous-identity" > #define NM_SETTING_802_1X_CA_CERT "ca-cert" > #define NM_SETTING_802_1X_CA_PATH "ca-path" > +#define NM_SETTING_802_1X_SUBJECT_MATCH "subject-match" > +#define NM_SETTING_802_1X_ALTSUBJECT_MATCHES "altsubject-matches" > #define NM_SETTING_802_1X_CLIENT_CERT "client-cert" > #define NM_SETTING_802_1X_PHASE1_PEAPVER "phase1-peapver" > #define NM_SETTING_802_1X_PHASE1_PEAPLABEL "phase1-peaplabel" > @@ -79,6 +81,8 @@ GQuark nm_setting_802_1x_error_quark (void); > #define NM_SETTING_802_1X_PHASE2_AUTHEAP "phase2-autheap" > #define NM_SETTING_802_1X_PHASE2_CA_CERT "phase2-ca-cert" > #define NM_SETTING_802_1X_PHASE2_CA_PATH "phase2-ca-path" > +#define NM_SETTING_802_1X_PHASE2_SUBJECT_MATCH "phase2-subject-match" > +#define NM_SETTING_802_1X_PHASE2_ALTSUBJECT_MATCHES > "phase2-altsubject-matches" > #define NM_SETTING_802_1X_PHASE2_CLIENT_CERT "phase2-client-cert" > #define NM_SETTING_802_1X_PASSWORD "password" > #define NM_SETTING_802_1X_PRIVATE_KEY "private-key" > @@ -154,6 +158,17 @@ gboolean nm_setting_802_1x_set_ca_cert > (NMSetting8 > > NMSetting8021xCKFormat *out_format, > GError > **error); > > +const char * nm_setting_802_1x_get_subject_match > (NMSetting8021x *setting); > + > +guint32 nm_setting_802_1x_get_num_altsubject_matches > (NMSetting8021x *setting); > +const char * nm_setting_802_1x_get_altsubject_match > (NMSetting8021x *setting, > + > guint32 i); > +gboolean nm_setting_802_1x_add_altsubject_match > (NMSetting8021x *setting, > + > const char > *altsubject_match); > +void nm_setting_802_1x_remove_altsubject_match > (NMSetting8021x *setting, > + > guint32 i); > +void nm_setting_802_1x_clear_altsubject_matches > (NMSetting8021x *setting); > + > NMSetting8021xCKScheme nm_setting_802_1x_get_client_cert_scheme > (NMSetting8021x *setting); > const GByteArray * nm_setting_802_1x_get_client_cert_blob > (NMSetting8021x *setting); > const char * nm_setting_802_1x_get_client_cert_path > (NMSetting8021x *setting); > @@ -182,6 +197,17 @@ gboolean > nm_setting_802_1x_set_phase2_ca_cert (NMSetting8 > > NMSetting8021xCKFormat *out_format, > GError > **error); > > +const char * nm_setting_802_1x_get_phase2_subject_match > (NMSetting8021x *setting); > + > +guint32 nm_setting_802_1x_get_num_phase2_altsubject_matches > (NMSetting8021x *setting); > +const char * nm_setting_802_1x_get_phase2_altsubject_match > (NMSetting8021x *setting, > + > guint32 i); > +gboolean nm_setting_802_1x_add_phase2_altsubject_match > (NMSetting8021x *setting, > + > const char > *phase2_altsubject_match); > +void nm_setting_802_1x_remove_phase2_altsubject_match > (NMSetting8021x *setting, > + > guint32 i); > +void nm_setting_802_1x_clear_phase2_altsubject_matches > (NMSetting8021x *setting); > + > NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_client_cert_scheme > (NMSetting8021x *setting); > const GByteArray * nm_setting_802_1x_get_phase2_client_cert_blob > (NMSetting8021x *setting); > const char * nm_setting_802_1x_get_phase2_client_cert_path > (NMSetting8021x *setting); > -- > 1.7.4.1 > > _______________________________________________ networkmanager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
