Hi Beniamino et al,

I have addressed your comments in the attached patches.

Cheers,
Matthias
>From 4c8233ef12eec9787536b9028618e76d188db372 Mon Sep 17 00:00:00 2001
From: Matthias Berndt <matthias.ber...@riskident.com>
Date: Fri, 22 Jan 2016 13:52:38 +0100
Subject: [PATCH 1/3] - allow comment lines inside blobs - prevent do_import
 from processing lines that   were already processed by handle_blob_item

---
 properties/import-export.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/properties/import-export.c b/properties/import-export.c
index d624b52..0ef037a 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -222,7 +222,7 @@ handle_blob_item (const char ***line,
 			p++; \
 			if (!*p) \
 				goto finish; \
-		} while (!*p[0]); \
+		} while (*p[0] == '\0' || *p[0] == '#' || *p[0] == ';'); \
 	} G_STMT_END
 
 	if (!strcmp (key, NM_OPENVPN_KEY_CA)) {
@@ -294,7 +294,7 @@ handle_blob_item (const char ***line,
 	nm_setting_vpn_add_data_item (s_vpn, key, path);
 
 finish:
-	line = &p;
+	*line = p;
 	g_free (filename);
 	g_free (dirname);
 	g_free (path);
-- 
2.5.0

>From 13b51bd8231081cc818da2294a00c86796715094 Mon Sep 17 00:00:00 2001
From: Matthias Berndt <matthias.ber...@riskident.com>
Date: Fri, 22 Jan 2016 13:58:28 +0100
Subject: [PATCH 2/3] handle tls-auth blobs correctly

---
 properties/import-export.c | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

diff --git a/properties/import-export.c b/properties/import-export.c
index 0ef037a..ce9cbef 100644
--- a/properties/import-export.c
+++ b/properties/import-export.c
@@ -105,6 +105,9 @@
 #define RPORT_TAG "rport "
 #define SECRET_TAG "secret "
 #define TLS_AUTH_TAG "tls-auth "
+#define TLS_AUTH_BLOB_START_TAG "<tls-auth>"
+#define TLS_AUTH_BLOB_END_TAG "</tls-auth>"
+#define KEY_DIRECTION_TAG "key-direction "
 #define TLS_CLIENT_TAG "tls-client"
 #define TLS_REMOTE_TAG "tls-remote "
 #define REMOTE_CERT_TLS_TAG "remote-cert-tls "
@@ -192,12 +195,17 @@ handle_path_item (const char *line,
 	return TRUE;
 }
 
+static void
+handle_direction (const char *tag, const char *key, char *leftover, NMSettingVpn *s_vpn);
+
 #define CERT_BEGIN  "-----BEGIN CERTIFICATE-----"
 #define CERT_END    "-----END CERTIFICATE-----"
 #define PRIV_KEY_BEGIN  "-----BEGIN PRIVATE KEY-----"
 #define PRIV_KEY_END    "-----END PRIVATE KEY-----"
 #define RSA_PRIV_KEY_BEGIN  "-----BEGIN RSA PRIVATE KEY-----"
 #define RSA_PRIV_KEY_END    "-----END RSA PRIVATE KEY-----"
+#define STATIC_KEY_BEGIN    "-----BEGIN OpenVPN Static key V1-----"
+#define STATIC_KEY_END    "-----END OpenVPN Static key V1-----"
 
 static gboolean
 handle_blob_item (const char ***line,
@@ -235,6 +243,11 @@ handle_blob_item (const char ***line,
 		end_tag = CERT_BLOB_END_TAG;
 		blob_mark_start = CERT_BEGIN;
 		blob_mark_end = CERT_END;
+	} else if (!strcmp (key, NM_OPENVPN_KEY_TA)) {
+		start_tag = TLS_AUTH_BLOB_START_TAG;
+		end_tag = TLS_AUTH_BLOB_END_TAG;
+		blob_mark_start = STATIC_KEY_BEGIN;
+		blob_mark_end = STATIC_KEY_END;
 	} else if (!strcmp (key, NM_OPENVPN_KEY_KEY)) {
 		start_tag = KEY_BLOB_START_TAG;
 		end_tag = KEY_BLOB_END_TAG;
@@ -244,10 +257,10 @@ handle_blob_item (const char ***line,
 		blob_mark_end2 = RSA_PRIV_KEY_END;
 	} else
 		g_return_val_if_reached (FALSE);
-
 	p = *line;
 	if (strncmp (*p, start_tag, strlen (start_tag)))
 		goto finish;
+
 	NEXT_LINE;
 
 	if (blob_mark_start2 && !strcmp (*p, blob_mark_start2)) {
@@ -286,7 +299,7 @@ handle_blob_item (const char ***line,
 	/* Write the new file */
 	g_string_prepend_c (in_file, '\n');
 	g_string_prepend (in_file, blob_mark_start);
-	g_string_append_printf (in_file, "%s", blob_mark_end);
+	g_string_append_printf (in_file, "%s\n", blob_mark_end);
 	success = g_file_set_contents (path, in_file->str, -1, error);
 	if (!success)
 		goto finish;
@@ -300,6 +313,7 @@ finish:
 	g_free (path);
 	if (in_file)
 		g_string_free (in_file, TRUE);
+
 	return success;
 
 }
@@ -507,6 +521,7 @@ do_import (const char *path, const char *contents, GError **error)
 	char *new_contents = NULL;
 	gboolean http_proxy = FALSE, socks_proxy = FALSE, proxy_set = FALSE;
 	int nitems;
+	char *last_seen_key_direction = NULL;
 
 	connection = nm_simple_connection_new ();
 	s_con = NM_SETTING_CONNECTION (nm_setting_connection_new ());
@@ -578,6 +593,9 @@ do_import (const char *path, const char *contents, GError **error)
 			continue;
 		}
 
+		if (!strncmp(*line, KEY_DIRECTION_TAG, strlen (KEY_DIRECTION_TAG)))
+			last_seen_key_direction = *line + strlen (KEY_DIRECTION_TAG);
+
 		if (!strncmp (*line, DEV_TAG, strlen (DEV_TAG))) {
 			items = get_args (*line + strlen (DEV_TAG), &nitems);
 			if (nitems == 1) {
@@ -868,6 +886,14 @@ do_import (const char *path, const char *contents, GError **error)
 		if (handle_blob_item ((const char ***)&line, NM_OPENVPN_KEY_KEY, s_vpn, basename, NULL))
 			continue;
 
+		if (handle_blob_item ((const char ***)&line, NM_OPENVPN_KEY_TA, s_vpn, basename, NULL)) {
+			handle_direction("tls-auth",
+			                 NM_OPENVPN_KEY_TA_DIR,
+			                 last_seen_key_direction,
+			                 s_vpn);
+			continue;
+		}
+
 		if (handle_path_item (*line, SECRET_TAG, NM_OPENVPN_KEY_STATIC_KEY,
 		                      s_vpn, default_path, &leftover)) {
 			handle_direction ("secret",
-- 
2.5.0

>From 82dca01d3901bbb9633cbfd9a4800eac46b38cbb Mon Sep 17 00:00:00 2001
From: Matthias Berndt <matthias.ber...@riskident.com>
Date: Fri, 22 Jan 2016 16:42:21 +0100
Subject: [PATCH 3/3] add test for blob item parsing

---
 properties/tests/conf/tls-inline-ca.pem   |  18 ++++
 properties/tests/conf/tls-inline-cert.pem |  22 +++++
 properties/tests/conf/tls-inline-key.pem  |  51 +++++++++++
 properties/tests/conf/tls-inline-ta.pem   |  18 ++++
 properties/tests/conf/tls-inline.ovpn     | 146 ++++++++++++++++++++++++++++++
 properties/tests/test-import-export.c     |  89 ++++++++++++++++++
 6 files changed, 344 insertions(+)
 create mode 100644 properties/tests/conf/tls-inline-ca.pem
 create mode 100644 properties/tests/conf/tls-inline-cert.pem
 create mode 100644 properties/tests/conf/tls-inline-key.pem
 create mode 100644 properties/tests/conf/tls-inline-ta.pem
 create mode 100644 properties/tests/conf/tls-inline.ovpn

diff --git a/properties/tests/conf/tls-inline-ca.pem b/properties/tests/conf/tls-inline-ca.pem
new file mode 100644
index 0000000..f051ebe
--- /dev/null
+++ b/properties/tests/conf/tls-inline-ca.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC9zCCAd+gAwIBAgIJAMiKuqrHoqE2MA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV
+BAMMB3Rlc3QtY2EwHhcNMTYwMTIyMTMxNzQ5WhcNMTgxMTExMTMxNzQ5WjASMRAw
+DgYDVQQDDAd0ZXN0LWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+pg9t+Tuwi6yU+rGz+TkNMwYMvyAAxImfcclrLDoUxL6pA8qdAEqxtLqeoJaY5pzX
+cxBbr6ZgXuBvWF3D6la8D86vLOfP7mJxSiktEVae3Z/RrPuwqX1x/wkQRK4e1o9w
+VwTNVka0p2phJUOtALGfufIsHkL54iushxwVJ9NWDrObA9fPIJTfsAyTpBuQgIzm
+qb91nn50aF/shSdzRDhvs/BIRh+IIqUtgm5LbwDNz4gZnQRpkL2Ta5wUVc8/+iH9
+EY60AbbCtAnji278YT2IeFLCjezH1JwEiccbC3+g4mn2oHsd48cgppDV/tENWAzP
+yBjdPxikDYOSg7F4UuA8fQIDAQABo1AwTjAdBgNVHQ4EFgQUIbmxkSfwBRkbgiAM
+w+H9ccZnStQwHwYDVR0jBBgwFoAUIbmxkSfwBRkbgiAMw+H9ccZnStQwDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAjTsHpzg1zOI9z7CxYy66XLOMA/tO
+Vy6i1lqtwHsOn540y91W1dkpNe1DxI3qbWedAsEvgjCwgmBNI5Za6d48ot4vqx7j
+ItWtfJFCtX6LRKkLR97yR6ZeqdcnuZuc0hnofo0NDhbUa8RAaHuVLIgMqn3L/ET4
+HmO3GpQ81Y4pWqQCPbWbQIwGQ3gBBcfn8+g3Q5GZ0r2oCYGl7QlDvZnbLn1frDrV
+ALPX6sA/1Fzx+VFMdwJFuhupZYXTA+NSiPu4mqGkedQwzdeQRyStlYo51hi5Af2B
+LZR3iq5pNe7DW2YaqcSdQsrFVl3y5btaw/+R2lyZtiStTMGA+SphvLn4/w==
+-----END CERTIFICATE-----
diff --git a/properties/tests/conf/tls-inline-cert.pem b/properties/tests/conf/tls-inline-cert.pem
new file mode 100644
index 0000000..352a2fe
--- /dev/null
+++ b/properties/tests/conf/tls-inline-cert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDojCCAooCCQCu+mQn9w/PJDANBgkqhkiG9w0BAQ0FADASMRAwDgYDVQQDDAd0
+ZXN0LWNhMB4XDTE2MDEyMjEzMjAwNFoXDTE3MDEyMTEzMjAwNFowFDESMBAGA1UE
+AwwJdGVzdC1jZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/dC
+/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjUD03kJJBzrzAnV+EOCg94
+5Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCqcOv+BCMKovuqavlzmN/o
+yO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9fdaXb+/DuOlqvLQNHrfm
+VnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuYdtarJIcMoOzXN7BmO2XZ
+EI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz2R66l3MLCng6dI+2f6sM
+duFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTawEnMTW7fvHdZtK7Geqsc
+/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHlsVvDPBk2UBiXicL45jaD
+xARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+ZmDm1mfVdGseBjTcrBFbi
+ZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/cTV/+SEpzv+o6lROycN/+
+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuNmo6KfNujcqRqZInkk6HS
+BPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEAATANBgkqhkiG9w0BAQ0F
+AAOCAQEAkUVsxyanQN1iPW3d17hfZ3o0lmSihZkw396FXP34tGUeIvk2EbFHS1Jy
+3Gh4r1adB5bil0X1GYU8AFPKaM+CqWagyBAYXwX6YaXb1pzFn8Ixw6t0gRoAW9ex
+MW4Eduh8JOYi+KkJaXj5SAVDd3ZDCIwW3rN+jIMy2tvnuWW07UW5HvOZ4qRXyOlZ
+mqUBgft97uOiVEor8KEhrBzgGzT72ELOykzZGWEuWWy0ytbPrAc+XyodvylvAGzR
+lj74pDerwl/oUl80vRgEl8M1o4nGdoe17SfaGhD7MP+YD2HmY2kTCw8ks70KBpxJ
+nCtKkguacJwDtUeh2jpbXZKBQAgqkw==
+-----END CERTIFICATE-----
diff --git a/properties/tests/conf/tls-inline-key.pem b/properties/tests/conf/tls-inline-key.pem
new file mode 100644
index 0000000..d9956fd
--- /dev/null
+++ b/properties/tests/conf/tls-inline-key.pem
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKgIBAAKCAgEAv/dC/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjU
+D03kJJBzrzAnV+EOCg945Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCq
+cOv+BCMKovuqavlzmN/oyO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9
+fdaXb+/DuOlqvLQNHrfmVnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuY
+dtarJIcMoOzXN7BmO2XZEI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz
+2R66l3MLCng6dI+2f6sMduFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTa
+wEnMTW7fvHdZtK7Geqsc/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHl
+sVvDPBk2UBiXicL45jaDxARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+Z
+mDm1mfVdGseBjTcrBFbiZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/c
+TV/+SEpzv+o6lROycN/+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuN
+mo6KfNujcqRqZInkk6HSBPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEA
+AQKCAgAlSagvYjiA7vgl5wK5MwWgwGSLc/6jYp3w0t0dRQlSQ4sIlVWLq3uXRp/R
+9a6OuV56wcqf2c9QYSRAxNKOXkWr6HleEOYLWCcY0NzR6sOsRWSvESbKTGzI7O2R
+/wR5Rv8XQNb8wJV4uofSVBtZhG3V+j5ZSqHoOCvo1iYXdgPVwUiOPlf264n66j3A
+W0aqZObvgpUxUfZkafqUkyKJZQgaUxZxefsQc6rP7Twa8AamSKOjBB53ZvdTXxAq
+6hZb8N3Kx9vEBV7tzmF9KNi+D5NoMZv55X86xQfZoBvodV9cpeKL/5CLKhbgeC46
+2GOyZH/0iIshRF2kgF1UGzkQqsjzF2YPAgIXYA5nCSln/qf9Xt9/iXzMvkEsD94J
+SGxPrjoNpcd0JXsQRiEuxJnQUZrFlP1egFC1sHmGDt9NJ2T1nGFGeaX0yfpjwo8o
+wSqYC4/fzFwED80OFNujWQBKeposBztzmYviSh/ls+lAXFPSki+UTld9XmI5Ju/6
+6yMiORUVGNa+/Swc5ymXcbgD0x5lZtDtx7pAkkZJE7apdUTZWo9xgi9/WnBzZozE
+PEVVZjmnU7xfcxK2YQbgS5eAAScuh6T+Np4wBJinqdZpoTy33cNu4hquGMAvtfhZ
+MHQJ9mQb0ZzrYKYTqC/dCJmHcKozpoRlXExtkKKS1Uu6wCJmsQKCAQEA+L2M2Pb7
+O4vyJle0TVRi6T4s337T9JLXbyPXlD5KBF3VD3S4Wc1eks7oeORE20JeI4WdWbbI
+5lF+fZCo7Uwok2SZDbdgVK5NeBl7P2eDWAOTTR+mcZ7XWhR5TD2Nu1fU1AagSnIH
+ac+q94vltojt8bGd0+wGPVr1jsUr/uWzS8dCuAttuXl2cgKO2rc1c6AkWGXX1W7d
+H283HoFHwbpeulTL0pULD5pFQtDwS1NI+T4Rr/E9lmm3V2/XZS06UklFA/C0ZpE4
+atVXWNPWkObeZP8U84h66jUisO40cHTSQRj6+0dqEYECmmDX1bOIkxGAPfdjhOgd
+VNYMQljpyIaKNQKCAQEAxZGGCgn/Ab6oX77R89/8QlJJlJcz5zl+qmKfdVCV2d+p
+B7TIlXEMwgxyGzmYQrmPGpLcolRGn+JHi43/8hkGegjhS9jCh5ndRoTQVlMxczR7
+aJH/fh9YVuvIl7hTiIUbuEklbYnuh9tSfGJtZG7gSICjx3YnKgMNbpMRrA00NX0h
+qtQS6kE1X4CjNIi4i6uUHziFJ3127kBN9WTzph1DhO5F9IfH91j+qnuzkQlKLoDP
+DTnv9dXuhAjOy87ugdNYrgfdlt9Jm36lY9x+WLiuRg1gdCj+6hGxZpgkAO+Hsqcc
+0aRyVevBFGk8eiMSkHmMN1XeT/gb0w+DCO90iuCahwKCAQEAvQX2oe5WjzLTSrX9
+i4JkRBF+sjzEP6jTVF8tdTc8skLIJZ2ydnPtuazI1w3JEcJGncHtCH8x/mzRrgQf
+i20DrLaW5OiEqPVoY6shkNZN5rWY29QAfXmS9551ay2fpk2hq5p5dvlejtdEeify
+4hr+j1xFrwU+3KNh1iQaQfM2pJCBMDFnKbqW+x7chnMRiJOa6x5Bva0pFrlCbskZ
+yauiTwEffyDKLgozNgpngSaCXv3/HPA7uDEQJb8VNYsANgX+D3d88DDNacpEPXmG
+Jcl8Gc4KkuMVXSQR/9iVOxxbpyKfoBLuFO0wGDcd7gUn9XMoPG7iTt7BY3XiDQ1a
+Y4tyPQKCAQEAjDySj1evGdbyfxvcvaX00kLEleOJ5QwLm/frRgOQiplWyvCJHIKl
+Uqww5qBIMryyFmO+lr8Jbn3Y2PdPgNJApajd+s9+rXAK//5QP6ZHyIWtP3m6iBTJ
+yNEOjps5OAN7vKC3H3yzwt1sPHxFN+/35Z7iIjf87rZB94YPGjg5IeqTVkW4s2zb
+7NFLh4Owsvt0ZYDiCzjkjZM5gwFIbVYCUj4ri7pBt5IFGpA50q5saHvn/HRunupe
+pnv2Bfb5l0+kd8t/f5M5FVWdIjgluuZEVdcy6uEaqJ0sdi1yCPP9N1Olgi2fNtvk
+Lo/QbMWubLzKSZD6/3qWjYdKNLJ74AQzywKCAQEAxHLfZajXY4YYz1BXbsSQrzqq
+7bgnZaXIsgK03McCrt5XQY7ghLF9j2w/rQLrvFA5pMZ8x6GKmoy95i6FGHm7i4rd
+Cu40r2tRUC5IugVxfa2/MUC4v94JjecwkozwgD0SPGwIQVyBDjewTeoQNXRUYZ/I
+hR/fOhfbcpPl9Z/EIkIy5qbCJxzNxG0L3sKMjSlywfC0yazyoaraNtdslHhHO+IP
+rwJTkcFBJ3zf3oYYfRJAzAs0IAfUL5XgQUnNarC8uExCjtcs6TAhNEkoopcvVwAM
+GV1Yd6yBQHcbi55KeCKYklG7YpX5nqTV5Sk3sTNeUPBcKMS+Mryry8yoTUtCQQ==
+-----END RSA PRIVATE KEY-----
diff --git a/properties/tests/conf/tls-inline-ta.pem b/properties/tests/conf/tls-inline-ta.pem
new file mode 100644
index 0000000..f13ac58
--- /dev/null
+++ b/properties/tests/conf/tls-inline-ta.pem
@@ -0,0 +1,18 @@
+-----BEGIN OpenVPN Static key V1-----
+378e209d0fe8efe398afa86bdb19b9a8
+f9cc3ae06e42f9468f97d81724101046
+1722e4888756212c05dd0e9341e28388
+aa6f1ea6fbb46779a2e1ce6db1fcef47
+69bd0266c9e14f02a2f19760e77d2f71
+59f6e96769bcc09eda1786adbbd51a50
+f027a829b0a71106b01a046972b1cd20
+41774be1515f81e8760da576077f543d
+75d6deb92c9bfd7760a12b0f05938e7d
+63fc0c663cdbb623d3f45fcfcbc2009c
+1fc36c7b8ecc147462fb7c8747676574
+3b7bd0d6a89aa90514d453b9f1b92e22
+57bb24180cd867357131ac9972f118b8
+d4cebc0da588fed8ec73b9b9be86962d
+1a28946996a012767fae84851c126bab
+65fee86c5e72d11c6d10c01728e33000
+-----END OpenVPN Static key V1-----
diff --git a/properties/tests/conf/tls-inline.ovpn b/properties/tests/conf/tls-inline.ovpn
new file mode 100644
index 0000000..373d6f3
--- /dev/null
+++ b/properties/tests/conf/tls-inline.ovpn
@@ -0,0 +1,146 @@
+remote 173.8.149.245 1194
+resolv-retry infinite
+
+dev tun
+persist-key
+persist-tun
+link-mtu 1400
+proto udp
+nobind
+pull
+tls-client
+
+float
+
+<ca>
+# comments are allowed here!
+
+# and so are empty lines
+-----BEGIN CERTIFICATE-----
+MIIC9zCCAd+gAwIBAgIJAMiKuqrHoqE2MA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV
+BAMMB3Rlc3QtY2EwHhcNMTYwMTIyMTMxNzQ5WhcNMTgxMTExMTMxNzQ5WjASMRAw
+DgYDVQQDDAd0ZXN0LWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+pg9t+Tuwi6yU+rGz+TkNMwYMvyAAxImfcclrLDoUxL6pA8qdAEqxtLqeoJaY5pzX
+cxBbr6ZgXuBvWF3D6la8D86vLOfP7mJxSiktEVae3Z/RrPuwqX1x/wkQRK4e1o9w
+VwTNVka0p2phJUOtALGfufIsHkL54iushxwVJ9NWDrObA9fPIJTfsAyTpBuQgIzm
+qb91nn50aF/shSdzRDhvs/BIRh+IIqUtgm5LbwDNz4gZnQRpkL2Ta5wUVc8/+iH9
+EY60AbbCtAnji278YT2IeFLCjezH1JwEiccbC3+g4mn2oHsd48cgppDV/tENWAzP
+yBjdPxikDYOSg7F4UuA8fQIDAQABo1AwTjAdBgNVHQ4EFgQUIbmxkSfwBRkbgiAM
+w+H9ccZnStQwHwYDVR0jBBgwFoAUIbmxkSfwBRkbgiAMw+H9ccZnStQwDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAjTsHpzg1zOI9z7CxYy66XLOMA/tO
+Vy6i1lqtwHsOn540y91W1dkpNe1DxI3qbWedAsEvgjCwgmBNI5Za6d48ot4vqx7j
+ItWtfJFCtX6LRKkLR97yR6ZeqdcnuZuc0hnofo0NDhbUa8RAaHuVLIgMqn3L/ET4
+HmO3GpQ81Y4pWqQCPbWbQIwGQ3gBBcfn8+g3Q5GZ0r2oCYGl7QlDvZnbLn1frDrV
+ALPX6sA/1Fzx+VFMdwJFuhupZYXTA+NSiPu4mqGkedQwzdeQRyStlYo51hi5Af2B
+LZR3iq5pNe7DW2YaqcSdQsrFVl3y5btaw/+R2lyZtiStTMGA+SphvLn4/w==
+-----END CERTIFICATE-----
+</ca>
+<cert>
+-----BEGIN CERTIFICATE-----
+MIIDojCCAooCCQCu+mQn9w/PJDANBgkqhkiG9w0BAQ0FADASMRAwDgYDVQQDDAd0
+ZXN0LWNhMB4XDTE2MDEyMjEzMjAwNFoXDTE3MDEyMTEzMjAwNFowFDESMBAGA1UE
+AwwJdGVzdC1jZXJ0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/dC
+/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjUD03kJJBzrzAnV+EOCg94
+5Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCqcOv+BCMKovuqavlzmN/o
+yO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9fdaXb+/DuOlqvLQNHrfm
+VnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuYdtarJIcMoOzXN7BmO2XZ
+EI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz2R66l3MLCng6dI+2f6sM
+duFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTawEnMTW7fvHdZtK7Geqsc
+/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHlsVvDPBk2UBiXicL45jaD
+xARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+ZmDm1mfVdGseBjTcrBFbi
+ZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/cTV/+SEpzv+o6lROycN/+
+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuNmo6KfNujcqRqZInkk6HS
+BPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEAATANBgkqhkiG9w0BAQ0F
+AAOCAQEAkUVsxyanQN1iPW3d17hfZ3o0lmSihZkw396FXP34tGUeIvk2EbFHS1Jy
+3Gh4r1adB5bil0X1GYU8AFPKaM+CqWagyBAYXwX6YaXb1pzFn8Ixw6t0gRoAW9ex
+MW4Eduh8JOYi+KkJaXj5SAVDd3ZDCIwW3rN+jIMy2tvnuWW07UW5HvOZ4qRXyOlZ
+mqUBgft97uOiVEor8KEhrBzgGzT72ELOykzZGWEuWWy0ytbPrAc+XyodvylvAGzR
+lj74pDerwl/oUl80vRgEl8M1o4nGdoe17SfaGhD7MP+YD2HmY2kTCw8ks70KBpxJ
+nCtKkguacJwDtUeh2jpbXZKBQAgqkw==
+-----END CERTIFICATE-----
+</cert>
+<key>
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKgIBAAKCAgEAv/dC/LXKu1V9OOTxznvvLvoxtXFsDvywO4qtWcYip9CloNjU
+D03kJJBzrzAnV+EOCg945Nw6SFMbbZ751H+or6S58pyy+9Iyxu1Uo3ION+1bbeCq
+cOv+BCMKovuqavlzmN/oyO4ll4Iz+0CqznwbE4IePG4bKmS2nm11CD9Kw6b/3qz9
+fdaXb+/DuOlqvLQNHrfmVnS2Z7HKzNWhac9dLTst0mYrZ/Fs8puSSI83BvGZgzuY
+dtarJIcMoOzXN7BmO2XZEI2iMMXeNLwv65MdJ6MYZ1CAtY7frSVlKiLTrZL83Elz
+2R66l3MLCng6dI+2f6sMduFKTb7Mzzlq3Lldt4EeA3vcmzPgH4W8Ihu4IgNSVMTa
+wEnMTW7fvHdZtK7Geqsc/mY9IJYpwrQkuDlGcB0Nzteg1v+w3kvU79/16lfuzWHl
+sVvDPBk2UBiXicL45jaDxARwPNdyFYAglURwcFrpOmq2GGml1qMB6s55K8dzqe+Z
+mDm1mfVdGseBjTcrBFbiZRZWhmY3MSkuQ5FhDDB55U59aGAIeSwv265GDNFv9M/c
+TV/+SEpzv+o6lROycN/+PGC74FT19f9E3nmZu+B0pV5ByP0NARc5tlvGQ2WnuHuN
+mo6KfNujcqRqZInkk6HSBPotLss3GZcJ97qkbw1A8oghx29pG8edJy52w/MCAwEA
+AQKCAgAlSagvYjiA7vgl5wK5MwWgwGSLc/6jYp3w0t0dRQlSQ4sIlVWLq3uXRp/R
+9a6OuV56wcqf2c9QYSRAxNKOXkWr6HleEOYLWCcY0NzR6sOsRWSvESbKTGzI7O2R
+/wR5Rv8XQNb8wJV4uofSVBtZhG3V+j5ZSqHoOCvo1iYXdgPVwUiOPlf264n66j3A
+W0aqZObvgpUxUfZkafqUkyKJZQgaUxZxefsQc6rP7Twa8AamSKOjBB53ZvdTXxAq
+6hZb8N3Kx9vEBV7tzmF9KNi+D5NoMZv55X86xQfZoBvodV9cpeKL/5CLKhbgeC46
+2GOyZH/0iIshRF2kgF1UGzkQqsjzF2YPAgIXYA5nCSln/qf9Xt9/iXzMvkEsD94J
+SGxPrjoNpcd0JXsQRiEuxJnQUZrFlP1egFC1sHmGDt9NJ2T1nGFGeaX0yfpjwo8o
+wSqYC4/fzFwED80OFNujWQBKeposBztzmYviSh/ls+lAXFPSki+UTld9XmI5Ju/6
+6yMiORUVGNa+/Swc5ymXcbgD0x5lZtDtx7pAkkZJE7apdUTZWo9xgi9/WnBzZozE
+PEVVZjmnU7xfcxK2YQbgS5eAAScuh6T+Np4wBJinqdZpoTy33cNu4hquGMAvtfhZ
+MHQJ9mQb0ZzrYKYTqC/dCJmHcKozpoRlXExtkKKS1Uu6wCJmsQKCAQEA+L2M2Pb7
+O4vyJle0TVRi6T4s337T9JLXbyPXlD5KBF3VD3S4Wc1eks7oeORE20JeI4WdWbbI
+5lF+fZCo7Uwok2SZDbdgVK5NeBl7P2eDWAOTTR+mcZ7XWhR5TD2Nu1fU1AagSnIH
+ac+q94vltojt8bGd0+wGPVr1jsUr/uWzS8dCuAttuXl2cgKO2rc1c6AkWGXX1W7d
+H283HoFHwbpeulTL0pULD5pFQtDwS1NI+T4Rr/E9lmm3V2/XZS06UklFA/C0ZpE4
+atVXWNPWkObeZP8U84h66jUisO40cHTSQRj6+0dqEYECmmDX1bOIkxGAPfdjhOgd
+VNYMQljpyIaKNQKCAQEAxZGGCgn/Ab6oX77R89/8QlJJlJcz5zl+qmKfdVCV2d+p
+B7TIlXEMwgxyGzmYQrmPGpLcolRGn+JHi43/8hkGegjhS9jCh5ndRoTQVlMxczR7
+aJH/fh9YVuvIl7hTiIUbuEklbYnuh9tSfGJtZG7gSICjx3YnKgMNbpMRrA00NX0h
+qtQS6kE1X4CjNIi4i6uUHziFJ3127kBN9WTzph1DhO5F9IfH91j+qnuzkQlKLoDP
+DTnv9dXuhAjOy87ugdNYrgfdlt9Jm36lY9x+WLiuRg1gdCj+6hGxZpgkAO+Hsqcc
+0aRyVevBFGk8eiMSkHmMN1XeT/gb0w+DCO90iuCahwKCAQEAvQX2oe5WjzLTSrX9
+i4JkRBF+sjzEP6jTVF8tdTc8skLIJZ2ydnPtuazI1w3JEcJGncHtCH8x/mzRrgQf
+i20DrLaW5OiEqPVoY6shkNZN5rWY29QAfXmS9551ay2fpk2hq5p5dvlejtdEeify
+4hr+j1xFrwU+3KNh1iQaQfM2pJCBMDFnKbqW+x7chnMRiJOa6x5Bva0pFrlCbskZ
+yauiTwEffyDKLgozNgpngSaCXv3/HPA7uDEQJb8VNYsANgX+D3d88DDNacpEPXmG
+Jcl8Gc4KkuMVXSQR/9iVOxxbpyKfoBLuFO0wGDcd7gUn9XMoPG7iTt7BY3XiDQ1a
+Y4tyPQKCAQEAjDySj1evGdbyfxvcvaX00kLEleOJ5QwLm/frRgOQiplWyvCJHIKl
+Uqww5qBIMryyFmO+lr8Jbn3Y2PdPgNJApajd+s9+rXAK//5QP6ZHyIWtP3m6iBTJ
+yNEOjps5OAN7vKC3H3yzwt1sPHxFN+/35Z7iIjf87rZB94YPGjg5IeqTVkW4s2zb
+7NFLh4Owsvt0ZYDiCzjkjZM5gwFIbVYCUj4ri7pBt5IFGpA50q5saHvn/HRunupe
+pnv2Bfb5l0+kd8t/f5M5FVWdIjgluuZEVdcy6uEaqJ0sdi1yCPP9N1Olgi2fNtvk
+Lo/QbMWubLzKSZD6/3qWjYdKNLJ74AQzywKCAQEAxHLfZajXY4YYz1BXbsSQrzqq
+7bgnZaXIsgK03McCrt5XQY7ghLF9j2w/rQLrvFA5pMZ8x6GKmoy95i6FGHm7i4rd
+Cu40r2tRUC5IugVxfa2/MUC4v94JjecwkozwgD0SPGwIQVyBDjewTeoQNXRUYZ/I
+hR/fOhfbcpPl9Z/EIkIy5qbCJxzNxG0L3sKMjSlywfC0yazyoaraNtdslHhHO+IP
+rwJTkcFBJ3zf3oYYfRJAzAs0IAfUL5XgQUnNarC8uExCjtcs6TAhNEkoopcvVwAM
+GV1Yd6yBQHcbi55KeCKYklG7YpX5nqTV5Sk3sTNeUPBcKMS+Mryry8yoTUtCQQ==
+-----END RSA PRIVATE KEY-----
+</key>
+
+key-direction 1
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+378e209d0fe8efe398afa86bdb19b9a8
+f9cc3ae06e42f9468f97d81724101046
+1722e4888756212c05dd0e9341e28388
+aa6f1ea6fbb46779a2e1ce6db1fcef47
+69bd0266c9e14f02a2f19760e77d2f71
+59f6e96769bcc09eda1786adbbd51a50
+f027a829b0a71106b01a046972b1cd20
+41774be1515f81e8760da576077f543d
+75d6deb92c9bfd7760a12b0f05938e7d
+63fc0c663cdbb623d3f45fcfcbc2009c
+1fc36c7b8ecc147462fb7c8747676574
+3b7bd0d6a89aa90514d453b9f1b92e22
+57bb24180cd867357131ac9972f118b8
+d4cebc0da588fed8ec73b9b9be86962d
+1a28946996a012767fae84851c126bab
+65fee86c5e72d11c6d10c01728e33000
+-----END OpenVPN Static key V1-----
+</tls-auth>
+
+remote-cert-tls server
+tls-remote "/CN=myvpn.company.com"
+
+comp-lzo
+verb 3
+
diff --git a/properties/tests/test-import-export.c b/properties/tests/test-import-export.c
index fb476ca..a04f9fc 100644
--- a/properties/tests/test-import-export.c
+++ b/properties/tests/test-import-export.c
@@ -294,6 +294,94 @@ test_tls_import (NMVpnEditorPlugin *plugin, const char *dir)
 	g_object_unref (connection);
 }
 
+static void
+test_file_contents (const char *id,
+                    const char *dir,
+                    NMSettingVpn *s_vpn,
+                    char *item) {
+	const char *path;
+	char *path2;
+	char *contents;
+	char *expected_contents;
+	gsize length;
+	gsize expected_length;
+	char *test;
+
+	test = g_strdup_printf("%s-%s", id, item);
+
+	path = nm_setting_vpn_get_data_item(s_vpn, item);
+	ASSERT(g_file_get_contents(path, &contents, &length, NULL), test,
+		"failed to open file");
+	path2 = g_strdup_printf ("%s/%s-%s.pem", dir, id, item);
+	ASSERT(g_file_get_contents(path2, &expected_contents, &expected_length, NULL),
+		test, "failed to load test data?!");
+	g_free (path2);
+
+	ASSERT(length == expected_length && !memcmp(contents, expected_contents, length),
+		test, "file contents were not the same");
+	g_free (contents);
+	g_free (expected_contents);
+  g_free (test);
+}
+
+static void
+test_tls_inline_import (NMVpnEditorPlugin *plugin, const char *dir)
+{
+	NMConnection *connection;
+	NMSettingConnection *s_con;
+	NMSettingVpn *s_vpn;
+	const char *expected_id = "tls-inline";
+
+	connection = get_basic_connection ("tls-import", plugin, dir, "tls-inline.ovpn");
+	ASSERT (connection != NULL, "tls-import", "failed to import connection");
+
+	/* Connection setting */
+	s_con = nm_connection_get_setting_connection (connection);
+	ASSERT (s_con != NULL,
+	        "tls-import", "missing 'connection' setting");
+
+	ASSERT (strcmp (nm_setting_connection_get_id (s_con), expected_id) == 0,
+	        "tls-import", "unexpected connection ID");
+
+	ASSERT (nm_setting_connection_get_uuid (s_con) == NULL,
+	        "tls-import", "unexpected valid UUID");
+
+	/* VPN setting */
+	s_vpn = nm_connection_get_setting_vpn (connection);
+	ASSERT (s_vpn != NULL,
+	        "tls-import", "missing 'vpn' setting");
+
+	/* Data items */
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_CONNECTION_TYPE, NM_OPENVPN_CONTYPE_TLS);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_DEV, "tun");
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_PROTO_TCP, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_COMP_LZO, "yes");
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_FLOAT, "yes");
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_RENEG_SECONDS, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE, "173.8.149.245:1194");
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_PORT, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_STATIC_KEY_DIRECTION, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_CIPHER, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_LOCAL_IP, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_IP, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_AUTH, NULL);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_TLS_REMOTE, "/CN=myvpn.company.com");
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_REMOTE_CERT_TLS, "server");
+
+	test_file_contents (expected_id, dir, s_vpn, NM_OPENVPN_KEY_CA);
+	test_file_contents (expected_id, dir, s_vpn, NM_OPENVPN_KEY_CERT);
+	test_file_contents (expected_id, dir, s_vpn, NM_OPENVPN_KEY_KEY);
+	test_file_contents (expected_id, dir, s_vpn, NM_OPENVPN_KEY_TA);
+	test_item ("tls-import-data", s_vpn, NM_OPENVPN_KEY_TA_DIR, "1");
+
+	test_secret ("tls-import-secrets", s_vpn, NM_OPENVPN_KEY_PASSWORD, NULL);
+	test_secret ("tls-import-secrets", s_vpn, NM_OPENVPN_KEY_CERTPASS, NULL);
+
+	g_object_unref (connection);
+}
+
+
 #define TLS_EXPORTED_NAME "tls.ovpntest"
 static void
 test_tls_export (NMVpnEditorPlugin *plugin, const char *dir, const char *tmpdir)
@@ -1244,6 +1332,7 @@ int main (int argc, char **argv)
 	test_password_export (plugin, test_dir, argv[2]);
 
 	test_tls_import (plugin, test_dir);
+	test_tls_inline_import (plugin, test_dir);
 	test_tls_export (plugin, test_dir, argv[2]);
 
 	test_pkcs12_import (plugin, test_dir);
-- 
2.5.0

_______________________________________________
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Reply via email to