- don't include "nm-default.h" in header files. Every source file must
include as first header "nm-default.h", thus our headers get the
default include already implicitly.
- we don't support compiling NetworkManager itself with a C++ compiler. Remove
G_BEGIN_DECLS/G_END_DECLS from internal headers. We do however support
users of libnm to use C++, thus they stay in public headers.
(cherry picked from commit f19aff8909)
Rather than randomly including one or more of <glib.h>,
<glib-object.h>, and <gio/gio.h> everywhere (and forgetting to include
"nm-glib-compat.h" most of the time), rename nm-glib-compat.h to
nm-glib.h, include <gio/gio.h> from there, and then change all .c
files in NM to include "nm-glib.h" rather than including the glib
headers directly.
(Public headers files still have to include the real glib headers,
since nm-glib.h isn't installed...)
Also, remove glib includes from header files that are already
including a base object header file (which must itself already include
the glib headers).
crypto_md5_hash() only has two users:
(a) crypto_make_des_aes_key()
(b) nm_utils_uuid_generate_from_string()
For (b) it is just a complicated way to compute the MD5 hash. The
restrictions on salt and password don't matter. Actually they
are harmful because we cannot compute the MD5 hash of the empty
word.
For (a), the caller should make sure to pass whatever restrictions
he wants to enforce on the data.
For example, it is counterintuitive, that crypto_md5_hash() would
require @salt_len, enforce it to be at least 8 bytes, and then just
use the first 8 bytes. If the caller (a) wants that behavior, he
should make sure that he passes in 8 bytes.
Likewise for the empty word. If the caller does not want to compute
the hash of empty passwords, he must not hash them.
Indeed, all of this was enforced by assertions, any caller already
did the right thing.
Rather than requiring crypto_init() to have been called beforehand,
just have every method that depends on it call it itself.
This required adding a GError argument to crypto_is_pkcs12_data(),
which in turn required a few other changes elsewhere.
Update crypto_verify_private_key() and
crypto_verify_private_key_data() to indicate whether the key was
encrypted or not.
Rename crypto_decrypt_private_key() and
crypto_decrypt_private_key_data() to
crypto_decrypt_openssl_private_key*, since that's the only private key
format they deal with, and the old names made them sound more generic
than they were. Also, update the openssl private key parsing code to
recognize unencrypted private keys as well. (Previously we accepted
unencrypted PKCS#8 keys, but not unencrypted openssl-style keys.)
Add nm-errors.[ch], and move libnm-core's two error domains
(NMConnectionError and NMCryptoError) there.
NMCryptoError wasn't previously visible, but it can be returned from
some public API, so it should be.
Many of NMCryptoError's codes would basically never be useful for
programs to distinguish between. Streamline the codes, and fix the
enumeration member names to start with "NM_CRYPTO_ERROR_" rather than
"NM_CRYPTO_ERR_".
APIs that take arbitrary data should take it in the form of a pointer
and length, not a GByteArray, so that you can use them regardless of
what format you have the data in (GByteArray, GBytes, plain array,
etc).
This commit begins creating the new "libnm", which will replace
libnm-util and libnm-glib.
The main reason for the libnm-util/libnm-glib split is that the daemon
needs to link to libnm-util (to get NMSettings, NMConnection, etc),
but can't link to libnm-glib (because it uses many of the same type
names as the NetworkManager daemon. eg, NMDevice). So the daemon links
to only libnm-util, but basically all clients link to both.
With libnm, there will be only a single client-visible library, and
NetworkManager will internally link against a private "libnm-core"
containing the parts that used to be in libnm-util.
(The "libnm-core" parts still need to be in their own directory so
that the daemon can see those header files without also seeing the
ones in libnm/ that conflict with its own headers.)
[This commit just copies the source code from libnm-util/ to
libnm-core/, and libnm-glib/ to libnm/:
mkdir -p libnm-core/tests/
mkdir -p libnm/tests/
cp libnm-util/*.[ch] libnm-util/nm-version.h.in libnm-core/
rm -f libnm-core/nm-version.h libnm-core/nm-setting-template.[ch] libnm-core/nm-utils-enum-types.[ch]
cp libnm-util/tests/*.[ch] libnm-core/tests/
cp libnm-glib/*.[ch] libnm/
rm -f libnm/libnm_glib.[ch] libnm/libnm-glib-test.c libnm/nm-glib-enum-types.[ch]
cp libnm-glib/tests/*.[ch] libnm/tests/
]
