nm: Make global CA directory configurable
authorTobias Brunner <tobias@strongswan.org>
Wed, 31 Aug 2016 16:08:38 +0000 (18:08 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 4 Oct 2016 08:27:35 +0000 (10:27 +0200)
conf/Makefile.am
conf/options/charon-nm.opt [new file with mode: 0644]
src/charon-nm/nm/nm_service.c

index 146ccf1..4588b09 100644 (file)
@@ -13,6 +13,7 @@ options = \
        options/attest.opt \
        options/charon.opt \
        options/charon-logging.opt \
+       options/charon-nm.opt \
        options/charon-systemd.opt \
        options/imcv.opt \
        options/imv_policy_manager.opt \
diff --git a/conf/options/charon-nm.opt b/conf/options/charon-nm.opt
new file mode 100644 (file)
index 0000000..6372934
--- /dev/null
@@ -0,0 +1,3 @@
+charon-nm.ca_dir = <default>
+       Directory from which to load CA certificates if no certificate is
+       configured.
index 8248d36..c4dd9e0 100644 (file)
@@ -396,7 +396,8 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
        else
        {
                /* no certificate defined, fall back to system-wide CA certificates */
-               priv->creds->load_ca_dir(priv->creds, NM_CA_DIR);
+               priv->creds->load_ca_dir(priv->creds, lib->settings->get_str(
+                                                                lib->settings, "charon-nm.ca_dir", NM_CA_DIR));
        }
        if (!gateway)
        {