rpms/network-manager-applet
7
0
Fork 0
Code Issues Pull Requests Releases Activity

editor: fix a crash on connection save

Browse Source
This commit is contained in:
Lubomir Rintel 2017-06-22 12:46:27 +02:00
parent f6fd2a8538
commit 2067030f4b
3 changed files with 150 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
0001-wireless-security-acually-save-the-PKCS-11-PINs-for-.patch Normal file
View File

@ -0,0 +1,98 @@
From d7e873d91310203726b6e2472da3a94b4c8aac9d Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Thu, 22 Jun 2017 12:39:42 +0200
Subject: [PATCH 1/2] wireless-security: acually save the PKCS#11 PINs for
certificates
---
src/wireless-security/eap-method-peap.c | 5 ++++-
src/wireless-security/eap-method-tls.c | 10 ++++++++--
src/wireless-security/eap-method-ttls.c | 5 ++++-
3 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/src/wireless-security/eap-method-peap.c b/src/wireless-security/eap-method-peap.c
index 81bd2754..4be53762 100644
--- a/src/wireless-security/eap-method-peap.c
+++ b/src/wireless-security/eap-method-peap.c
@@ -174,7 +174,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
#if LIBNM_BUILD
/* libnm-glib doesn't support this. */
- /* Save CA certificate PIN password flags to the connection */
+ /* Save CA certificate PIN and its flags to the connection */
secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
nm_setting_set_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_CA_CERT_PASSWORD,
secret_flags, NULL);
@@ -183,6 +183,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
secret_flags, NM_SETTING (s_8021x),
NM_SETTING_802_1X_CA_CERT_PASSWORD);
+ g_object_set (s_8021x, NM_SETTING_802_1X_CA_CERT_PASSWORD,
+ nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+ NULL);
}
#endif
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index a740c114..0595fd06 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -160,7 +160,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
#if LIBNM_BUILD
/* libnm-glib doesn't support these. */
- /* Save CA certificate PIN password flags to the connection */
+ /* Save CA certificate PIN and its flags to the connection */
secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
nm_setting_set_secret_flags (NM_SETTING (s_8021x), method->ca_cert_password_flags_name,
secret_flags, NULL);
@@ -169,9 +169,12 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
secret_flags, NM_SETTING (s_8021x),
method->ca_cert_password_flags_name);
+ g_object_set (s_8021x, method->ca_cert_password_flags_name,
+ nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+ NULL);
}
- /* Save user certificate PIN password flags to the connection */
+ /* Save user certificate PIN and its flags flags to the connection */
secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->client_cert_chooser));
nm_setting_set_secret_flags (NM_SETTING (s_8021x), method->client_cert_password_flags_name,
secret_flags, NULL);
@@ -179,6 +182,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->client_cert_chooser),
secret_flags, NM_SETTING (s_8021x),
method->client_cert_password_flags_name);
+ g_object_set (s_8021x, method->client_cert_password_flags_name,
+ nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->client_cert_chooser)),
+ NULL);
}
#endif
diff --git a/src/wireless-security/eap-method-ttls.c b/src/wireless-security/eap-method-ttls.c
index 4e9201fb..71bede99 100644
--- a/src/wireless-security/eap-method-ttls.c
+++ b/src/wireless-security/eap-method-ttls.c
@@ -170,7 +170,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
#if LIBNM_BUILD
/* libnm-glib doesn't support this. */
- /* Save CA certificate PIN password flags to the connection */
+ /* Save CA certificate PIN and its flags to the connection */
secret_flags = nma_cert_chooser_get_cert_password_flags (NMA_CERT_CHOOSER (method->ca_cert_chooser));
nm_setting_set_secret_flags (NM_SETTING (s_8021x), NM_SETTING_802_1X_CA_CERT_PASSWORD,
secret_flags, NULL);
@@ -179,6 +179,9 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
nma_cert_chooser_update_cert_password_storage (NMA_CERT_CHOOSER (method->ca_cert_chooser),
secret_flags, NM_SETTING (s_8021x),
NM_SETTING_802_1X_CA_CERT_PASSWORD);
+ g_object_set (s_8021x, NM_SETTING_802_1X_CA_CERT_PASSWORD,
+ nma_cert_chooser_get_cert_password (NMA_CERT_CHOOSER (method->ca_cert_chooser)),
+ NULL);
}
#endif
--
2.13.0

44
0002-wireless-security-fix-some-crash-issues-on-connectio.patch Normal file
View File

@ -0,0 +1,44 @@
From b322931ea69583140b512803ccdc75f0a1671cc1 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 20 Jun 2017 17:19:04 +0200
Subject: [PATCH 2/2] wireless-security: fix some crash issues on connection
save
A use-after-free and a double-free.
---
src/wireless-security/eap-method-tls.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/wireless-security/eap-method-tls.c b/src/wireless-security/eap-method-tls.c
index 0595fd06..d3bbf66d 100644
--- a/src/wireless-security/eap-method-tls.c
+++ b/src/wireless-security/eap-method-tls.c
@@ -143,7 +143,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
#endif
/* TLS private key */
- password = g_strdup (nma_cert_chooser_get_key_password (NMA_CERT_CHOOSER (method->client_cert_chooser)));
+ password = nma_cert_chooser_get_key_password (NMA_CERT_CHOOSER (method->client_cert_chooser));
value = nma_cert_chooser_get_key (NMA_CERT_CHOOSER (method->client_cert_chooser), &scheme);
if (parent->phase2) {
@@ -157,6 +157,7 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
g_clear_error (&error);
}
}
+ g_free (value);
#if LIBNM_BUILD
/* libnm-glib doesn't support these. */
@@ -222,6 +223,8 @@ fill_connection (EAPMethod *parent, NMConnection *connection)
/* TLS CA certificate */
if (gtk_widget_get_sensitive (method->ca_cert_chooser))
value = nma_cert_chooser_get_cert (NMA_CERT_CHOOSER (method->ca_cert_chooser), &scheme);
+ else
+ value = NULL;
format = NM_SETTING_802_1X_CK_FORMAT_UNKNOWN;
if (parent->phase2) {
if (!nm_setting_802_1x_set_phase2_ca_cert (s_8021x, value, scheme, &format, &error)) {
--
2.13.0

9
network-manager-applet.spec
View File

@ -5,7 +5,7 @@
%global rpm_version 1.8.2
%global real_version 1.8.2
%global release_version 1
%global release_version 2
Name: network-manager-applet
Summary: A network control and status applet for NetworkManager
@ -18,6 +18,8 @@ Obsoletes: NetworkManager-gnome < %{obsoletes_ver}
Source: https://download.gnome.org/sources/network-manager-applet/1.8/%{name}-%{real_version}.tar.xz
Patch0: nm-applet-no-notifications.patch
Patch1: 0001-wireless-security-acually-save-the-PKCS-11-PINs-for-.patch
Patch2: 0002-wireless-security-fix-some-crash-issues-on-connectio.patch
Requires: NetworkManager >= %{nm_version}
Requires: NetworkManager-glib >= %{nm_version}
@ -118,6 +120,8 @@ This package deprecates libnm-gtk.
%prep
%setup -q -n "%{name}-%{real_version}"
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
autoreconf -i -f
@ -233,6 +237,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &>/dev/null || :
%changelog
* Thu Jun 22 2017 Lubomir Rintel <lkundrak@v3.sk> - 1.8.2-2
- editor: fix a crash on connection save
* Tue Jun 13 2017 Lubomir Rintel <lkundrak@v3.sk> - 1.8.2-1
- Update to network-manager-applet 1.8.2 release