Review Request: Improve handling of 802.1x certificates
Lamarque Vieira Souza
lamarque at gmail.com
Thu May 5 00:35:00 CEST 2011
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/101275/#review3113
-----------------------------------------------------------
libs/internals/setting.h
<http://git.reviewboard.kde.org/r/101275/#comment2663>
I think you should change the int type here to Knm::Connection::Scope.
- Lamarque Vieira
On May 4, 2011, 9:20 p.m., Ilia Kats wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/101275/
> -----------------------------------------------------------
>
> (Updated May 4, 2011, 9:20 p.m.)
>
>
> Review request for Network Management.
>
>
> Summary
> -------
>
> Currently, KDE NM is not compatible with PEM certificates (base64-encoded), which are the most used format. Attached patch makes some improvements in certificate handling, namely:
> until now, the certificate was stored in the connection settings file, not base64-decoded or anything, and passed like that to NM. However, NM expects a binary DER certificate if using the blob scheme or a path to the certificate in the form of file://path_to_certificate if using the path scheme. Since a PEM file containing multiple certificates is possible, we would have to use the path scheme anyway, as a DER blob can only contain one certificate, so this patch also improves the certificate handling: Instead of just saving the path to the certificate, it is now being imported to $HOME/.kde/share/networkmanagement/certificates for user scope connections or /usr/share/kde4/apps/networkmanagement/certificates for systemscope connections. This allows the user to move or delete the original file without worrying about his connections. Certificates are deleted when they are no longer needed, e.g. the connection gets deleted, "Use system CA" is checked or another security method is selected.
>
> This is a major change in behavior, so I would like a public review.
>
>
> This addresses bug 209673.
> http://bugs.kde.org/show_bug.cgi?id=209673
>
>
> Diffs
> -----
>
> CMakeLists.txt 6748cee
> backends/NetworkManager/nmdbussettingsconnectionprovider.cpp 40a364f
> libs/internals/connection.h 60516dc
> libs/internals/connection.cpp e00c8ac
> libs/internals/connectionpersistence.cpp 2862250
> libs/internals/setting.h b43365b
> libs/internals/setting.cpp e66c65a
> libs/internals/settings/802-1x.h 971ef41
> libs/internals/settings/802-1x.cpp 245507e
> libs/internals/settings/802-1xpersistence.cpp b7b9c42
> libs/ui/security/eapmethodleap.cpp 199a8b8
> libs/ui/security/eapmethodpeapbase.ui 4b9c5fd
> libs/ui/security/eapmethodtlsbase.ui 80a5c1f
> libs/ui/security/eapmethodttlsbase.ui 4f2e1a9
> libs/ui/security/peapwidget.h 51ad781
> libs/ui/security/peapwidget.cpp 2fc502b
> libs/ui/security/tlswidget.h c71dcf3
> libs/ui/security/tlswidget.cpp 1d28636
> libs/ui/security/ttlswidget.h b1a9049
> libs/ui/security/ttlswidget.cpp c135b19
> settings/config/manageconnectionwidget.h 58afc12
> settings/config/manageconnectionwidget.cpp 3c0d4dc
>
> Diff: http://git.reviewboard.kde.org/r/101275/diff
>
>
> Testing
> -------
>
> Yes, see the bugzilla ticket.
>
>
> Thanks,
>
> Ilia
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kde-networkmanager/attachments/20110504/33046a96/attachment-0001.htm
More information about the kde-networkmanager
mailing list