1
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
4
* Dan Williams <dcbw@redhat.com>
5
* Tambet Ingo <tambet@gmail.com>
7
* This library is free software; you can redistribute it and/or
8
* modify it under the terms of the GNU Lesser General Public
9
* License as published by the Free Software Foundation; either
10
* version 2 of the License, or (at your option) any later version.
12
* This library is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
* Lesser General Public License for more details.
17
* You should have received a copy of the GNU Lesser General Public
18
* License along with this library; if not, write to the
19
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
20
* Boston, MA 02110-1301 USA.
22
* (C) Copyright 2007 - 2009 Red Hat, Inc.
23
* (C) Copyright 2007 - 2008 Novell, Inc.
26
#ifndef NM_SETTING_8021X_H
27
#define NM_SETTING_8021X_H
29
#include <nm-setting.h>
34
NM_SETTING_802_1X_CK_FORMAT_UNKNOWN = 0,
35
NM_SETTING_802_1X_CK_FORMAT_X509,
36
NM_SETTING_802_1X_CK_FORMAT_RAW_KEY,
37
NM_SETTING_802_1X_CK_FORMAT_PKCS12
38
} NMSetting8021xCKFormat;
41
NM_SETTING_802_1X_CK_SCHEME_UNKNOWN = 0,
42
NM_SETTING_802_1X_CK_SCHEME_BLOB,
43
NM_SETTING_802_1X_CK_SCHEME_PATH
44
} NMSetting8021xCKScheme;
46
#define NM_TYPE_SETTING_802_1X (nm_setting_802_1x_get_type ())
47
#define NM_SETTING_802_1X(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_SETTING_802_1X, NMSetting8021x))
48
#define NM_SETTING_802_1X_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_SETTING_802_1X, NMSetting8021xClass))
49
#define NM_IS_SETTING_802_1X(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_SETTING_802_1X))
50
#define NM_IS_SETTING_802_1X_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), NM_TYPE_SETTING_802_1X))
51
#define NM_SETTING_802_1X_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_SETTING_802_1X, NMSetting8021xClass))
53
#define NM_SETTING_802_1X_SETTING_NAME "802-1x"
57
NM_SETTING_802_1X_ERROR_UNKNOWN = 0,
58
NM_SETTING_802_1X_ERROR_INVALID_PROPERTY,
59
NM_SETTING_802_1X_ERROR_MISSING_PROPERTY
60
} NMSetting8021xError;
62
#define NM_TYPE_SETTING_802_1X_ERROR (nm_setting_802_1x_error_get_type ())
63
GType nm_setting_802_1x_error_get_type (void);
65
#define NM_SETTING_802_1X_ERROR nm_setting_802_1x_error_quark ()
66
GQuark nm_setting_802_1x_error_quark (void);
69
#define NM_SETTING_802_1X_EAP "eap"
70
#define NM_SETTING_802_1X_IDENTITY "identity"
71
#define NM_SETTING_802_1X_ANONYMOUS_IDENTITY "anonymous-identity"
72
#define NM_SETTING_802_1X_CA_CERT "ca-cert"
73
#define NM_SETTING_802_1X_CA_PATH "ca-path"
74
#define NM_SETTING_802_1X_CLIENT_CERT "client-cert"
75
#define NM_SETTING_802_1X_PHASE1_PEAPVER "phase1-peapver"
76
#define NM_SETTING_802_1X_PHASE1_PEAPLABEL "phase1-peaplabel"
77
#define NM_SETTING_802_1X_PHASE1_FAST_PROVISIONING "phase1-fast-provisioning"
78
#define NM_SETTING_802_1X_PHASE2_AUTH "phase2-auth"
79
#define NM_SETTING_802_1X_PHASE2_AUTHEAP "phase2-autheap"
80
#define NM_SETTING_802_1X_PHASE2_CA_CERT "phase2-ca-cert"
81
#define NM_SETTING_802_1X_PHASE2_CA_PATH "phase2-ca-path"
82
#define NM_SETTING_802_1X_PHASE2_CLIENT_CERT "phase2-client-cert"
83
#define NM_SETTING_802_1X_PASSWORD "password"
84
#define NM_SETTING_802_1X_PRIVATE_KEY "private-key"
85
#define NM_SETTING_802_1X_PRIVATE_KEY_PASSWORD "private-key-password"
86
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY "phase2-private-key"
87
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY_PASSWORD "phase2-private-key-password"
88
#define NM_SETTING_802_1X_PIN "pin"
89
#define NM_SETTING_802_1X_PSK "psk"
90
#define NM_SETTING_802_1X_SYSTEM_CA_CERTS "system-ca-certs"
92
/* PRIVATE KEY NOTE: when setting PKCS#12 private keys directly via properties
93
* using the "blob" scheme, the data must be passed in PKCS#12 format. In this
94
* case, the private key password must also be passed to NetworkManager, and the
95
* appropriate "client-cert" (or "phase2-client-cert") property of the
96
* NMSetting8021x object must also contain the exact same PKCS#12 data that the
97
* private key will when NetworkManager requests secrets. This is because the
98
* PKCS#12 file contains both the private key and client certificate, so both
99
* properties need to be set to the same thing. When using the "path" scheme,
100
* just set both the private-key and client-cert properties to the same path,
101
* and set the private-key password correctly.
103
* When setting OpenSSL-derived "traditional" format (ie S/MIME style, not
104
* PKCS#8) RSA and DSA keys directly via properties with the "blob" scheme, they
105
* must passed to NetworkManager completely decrypted because the OpenSSL
106
* "traditional" format is non-standard and is not complete enough for all
107
* crypto libraries to use. Thus, for OpenSSL "traditional" format keys, the
108
* private key password is not passed to NetworkManager (because the data is
109
* already decrypted by the client), and the appropriate "client-cert" (or
110
* "phase2-client-cert") property of the NMSetting8021x object must be a valid
111
* client certificate. When using the "path" scheme, just set the private-key
112
* and client-cert properties to the paths to their respective objects, and
113
* set the private-key password correctly.
121
NMSettingClass parent;
123
/* Padding for future expansion */
124
void (*_reserved1) (void);
125
void (*_reserved2) (void);
126
void (*_reserved3) (void);
127
void (*_reserved4) (void);
128
} NMSetting8021xClass;
130
GType nm_setting_802_1x_get_type (void);
132
NMSetting *nm_setting_802_1x_new (void);
134
guint32 nm_setting_802_1x_get_num_eap_methods (NMSetting8021x *setting);
135
const char * nm_setting_802_1x_get_eap_method (NMSetting8021x *setting, guint32 i);
136
gboolean nm_setting_802_1x_add_eap_method (NMSetting8021x *setting, const char *eap);
137
void nm_setting_802_1x_remove_eap_method (NMSetting8021x *setting, guint32 i);
138
void nm_setting_802_1x_clear_eap_methods (NMSetting8021x *setting);
140
const char * nm_setting_802_1x_get_identity (NMSetting8021x *setting);
142
const char * nm_setting_802_1x_get_anonymous_identity (NMSetting8021x *setting);
144
gboolean nm_setting_802_1x_get_system_ca_certs (NMSetting8021x *setting);
145
const char * nm_setting_802_1x_get_ca_path (NMSetting8021x *setting);
146
const char * nm_setting_802_1x_get_phase2_ca_path (NMSetting8021x *setting);
148
NMSetting8021xCKScheme nm_setting_802_1x_get_ca_cert_scheme (NMSetting8021x *setting);
149
const GByteArray * nm_setting_802_1x_get_ca_cert_blob (NMSetting8021x *setting);
150
const char * nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting);
151
gboolean nm_setting_802_1x_set_ca_cert (NMSetting8021x *setting,
153
NMSetting8021xCKScheme scheme,
154
NMSetting8021xCKFormat *out_format,
157
NMSetting8021xCKScheme nm_setting_802_1x_get_client_cert_scheme (NMSetting8021x *setting);
158
const GByteArray * nm_setting_802_1x_get_client_cert_blob (NMSetting8021x *setting);
159
const char * nm_setting_802_1x_get_client_cert_path (NMSetting8021x *setting);
160
gboolean nm_setting_802_1x_set_client_cert (NMSetting8021x *setting,
162
NMSetting8021xCKScheme scheme,
163
NMSetting8021xCKFormat *out_format,
166
const char * nm_setting_802_1x_get_phase1_peapver (NMSetting8021x *setting);
168
const char * nm_setting_802_1x_get_phase1_peaplabel (NMSetting8021x *setting);
170
const char * nm_setting_802_1x_get_phase1_fast_provisioning (NMSetting8021x *setting);
172
const char * nm_setting_802_1x_get_phase2_auth (NMSetting8021x *setting);
174
const char * nm_setting_802_1x_get_phase2_autheap (NMSetting8021x *setting);
176
NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_ca_cert_scheme (NMSetting8021x *setting);
177
const GByteArray * nm_setting_802_1x_get_phase2_ca_cert_blob (NMSetting8021x *setting);
178
const char * nm_setting_802_1x_get_phase2_ca_cert_path (NMSetting8021x *setting);
179
gboolean nm_setting_802_1x_set_phase2_ca_cert (NMSetting8021x *setting,
181
NMSetting8021xCKScheme scheme,
182
NMSetting8021xCKFormat *out_format,
185
NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_client_cert_scheme (NMSetting8021x *setting);
186
const GByteArray * nm_setting_802_1x_get_phase2_client_cert_blob (NMSetting8021x *setting);
187
const char * nm_setting_802_1x_get_phase2_client_cert_path (NMSetting8021x *setting);
188
gboolean nm_setting_802_1x_set_phase2_client_cert (NMSetting8021x *setting,
190
NMSetting8021xCKScheme scheme,
191
NMSetting8021xCKFormat *out_format,
194
const char * nm_setting_802_1x_get_password (NMSetting8021x *setting);
196
const char * nm_setting_802_1x_get_pin (NMSetting8021x *setting);
198
const char * nm_setting_802_1x_get_psk (NMSetting8021x *setting);
200
NMSetting8021xCKScheme nm_setting_802_1x_get_private_key_scheme (NMSetting8021x *setting);
201
const GByteArray * nm_setting_802_1x_get_private_key_blob (NMSetting8021x *setting);
202
const char * nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting);
203
gboolean nm_setting_802_1x_set_private_key (NMSetting8021x *setting,
205
const char *password,
206
NMSetting8021xCKScheme scheme,
207
NMSetting8021xCKFormat *out_format,
209
const char * nm_setting_802_1x_get_private_key_password (NMSetting8021x *setting);
211
NMSetting8021xCKFormat nm_setting_802_1x_get_private_key_format (NMSetting8021x *setting);
213
NMSetting8021xCKScheme nm_setting_802_1x_get_phase2_private_key_scheme (NMSetting8021x *setting);
214
const GByteArray * nm_setting_802_1x_get_phase2_private_key_blob (NMSetting8021x *setting);
215
const char * nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting);
216
gboolean nm_setting_802_1x_set_phase2_private_key (NMSetting8021x *setting,
218
const char *password,
219
NMSetting8021xCKScheme scheme,
220
NMSetting8021xCKFormat *out_format,
222
const char * nm_setting_802_1x_get_phase2_private_key_password (NMSetting8021x *setting);
224
NMSetting8021xCKFormat nm_setting_802_1x_get_phase2_private_key_format (NMSetting8021x *setting);
227
/***** DEPRECATED; anything below will be removed in version 0.9 *****/
230
NM_SETTING_802_1X_CK_TYPE_UNKNOWN = 0,
231
NM_SETTING_802_1X_CK_TYPE_X509,
232
NM_SETTING_802_1X_CK_TYPE_RAW_KEY,
233
NM_SETTING_802_1X_CK_TYPE_PKCS12
234
} NMSetting8021xCKType;
236
const GByteArray *nm_setting_802_1x_get_ca_cert (NMSetting8021x *setting);
237
gboolean nm_setting_802_1x_set_ca_cert_from_file (NMSetting8021x *setting,
238
const char *filename,
239
NMSetting8021xCKType *out_ck_type,
242
const GByteArray *nm_setting_802_1x_get_client_cert (NMSetting8021x *setting);
243
gboolean nm_setting_802_1x_set_client_cert_from_file (NMSetting8021x *setting,
244
const char *filename,
245
NMSetting8021xCKType *out_ck_type,
248
const GByteArray *nm_setting_802_1x_get_phase2_ca_cert (NMSetting8021x *setting);
249
gboolean nm_setting_802_1x_set_phase2_ca_cert_from_file (NMSetting8021x *setting,
250
const char *filename,
251
NMSetting8021xCKType *out_ck_type,
254
const GByteArray *nm_setting_802_1x_get_phase2_client_cert (NMSetting8021x *setting);
255
gboolean nm_setting_802_1x_set_phase2_client_cert_from_file (NMSetting8021x *setting,
256
const char *filename,
257
NMSetting8021xCKType *out_ck_type,
260
const GByteArray *nm_setting_802_1x_get_private_key (NMSetting8021x *setting);
261
gboolean nm_setting_802_1x_set_private_key_from_file (NMSetting8021x *setting,
262
const char *filename,
263
const char *password,
264
NMSetting8021xCKType *out_ck_type,
267
NMSetting8021xCKType nm_setting_802_1x_get_private_key_type (NMSetting8021x *setting);
269
const GByteArray *nm_setting_802_1x_get_phase2_private_key (NMSetting8021x *setting);
270
gboolean nm_setting_802_1x_set_phase2_private_key_from_file (NMSetting8021x *setting,
271
const char *filename,
272
const char *password,
273
NMSetting8021xCKType *out_ck_type,
276
NMSetting8021xCKType nm_setting_802_1x_get_phase2_private_key_type (NMSetting8021x *setting);
280
#endif /* NM_SETTING_8021X_H */