+static int set_network_tls(struct connman_network *network,
+ DBusMessageIter *dict)
+{
+ const char *private_key, *client_cert, *ca_cert;
+ const char *private_key_password;
+
+ /*
+ * For TLS, we at least need a key, the client cert,
+ * and a passhprase.
+ * Server cert is optional.
+ */
+ client_cert = connman_network_get_string(network,
+ "WiFi.ClientCertFile");
+ if (client_cert == NULL)
+ return -EINVAL;
+
+ private_key = connman_network_get_string(network,
+ "WiFi.PrivateKeyFile");
+ if (private_key == NULL)
+ return -EINVAL;
+
+ private_key_password = connman_network_get_string(network,
+ "WiFi.PrivateKeyPassphrase");
+ if (private_key_password == NULL)
+ return -EINVAL;
+
+ ca_cert = connman_network_get_string(network, "WiFi.CACertFile");
+ if (ca_cert)
+ connman_dbus_dict_append_basic(dict, "ca_cert",
+ DBUS_TYPE_STRING, &ca_cert);
+
+ DBG("client cert %s private key %s", client_cert, private_key);
+
+ connman_dbus_dict_append_basic(dict, "private_key",
+ DBUS_TYPE_STRING, &private_key);
+ connman_dbus_dict_append_basic(dict, "private_key_passwd",
+ DBUS_TYPE_STRING,
+ &private_key_password);
+ connman_dbus_dict_append_basic(dict, "client_cert",
+ DBUS_TYPE_STRING, &client_cert);
+
+ return 0;
+}
+
+static int set_network_peap(struct connman_network *network,
+ DBusMessageIter *dict, const char *passphrase)
+{
+ const char *client_cert, *ca_cert, *phase2;
+ char *phase2_auth;
+
+ /*
+ * For PEAP, we at least need the sever cert, a 2nd
+ * phase authentication and a passhprase.
+ * Client cert is optional although strongly required
+ * When setting the client cert, we then need a private
+ * key as well.
+ */
+ ca_cert = connman_network_get_string(network, "WiFi.CACertFile");
+ if (ca_cert == NULL)
+ return -EINVAL;
+
+ phase2 = connman_network_get_string(network, "WiFi.Phase2");
+ if (phase2 == NULL)
+ return -EINVAL;
+
+ DBG("CA cert %s phase2 auth %s", ca_cert, phase2);
+
+ client_cert = connman_network_get_string(network,
+ "WiFi.ClientCertFile");
+ if (client_cert) {
+ const char *private_key, *private_key_password;
+
+ private_key = connman_network_get_string(network,
+ "WiFi.PrivateKeyFile");
+ if (private_key == NULL)
+ return -EINVAL;
+
+ private_key_password =
+ connman_network_get_string(network,
+ "WiFi.PrivateKeyPassphrase");
+ if (private_key_password == NULL)
+ return -EINVAL;
+
+ connman_dbus_dict_append_basic(dict, "client_cert",
+ DBUS_TYPE_STRING, &client_cert);
+
+ connman_dbus_dict_append_basic(dict, "private_key",
+ DBUS_TYPE_STRING, &private_key);
+
+ connman_dbus_dict_append_basic(dict, "private_key_passwd",
+ DBUS_TYPE_STRING,
+ &private_key_password);
+
+ DBG("client cert %s private key %s", client_cert, private_key);
+ }
+
+ phase2_auth = g_strdup_printf("\"auth=%s\"", phase2);
+
+ connman_dbus_dict_append_basic(dict, "password",
+ DBUS_TYPE_STRING, &passphrase);
+
+ connman_dbus_dict_append_basic(dict, "ca_cert",
+ DBUS_TYPE_STRING, &ca_cert);
+
+ connman_dbus_dict_append_basic(dict, "phase2",
+ DBUS_TYPE_STRING, &phase2_auth);
+
+ g_free(phase2_auth);
+
+ return 0;
+}
+