part of #288. depends on the ovpn parser.
changes
new file: util/cert_store.rs
when an .ovpn file has inline certs (<ca>...</ca>), they need to be written to disk so NM can reference them by path.
pub fn store_inline_cert(
connection_name: &str,
cert_type: &str, // "ca", "cert", "key", "ta"
pem_data: &str,
) -> Result<PathBuf, ConnectionError>;
pub fn cleanup_certs(connection_name: &str) -> Result<(), ConnectionError>;storage: $XDG_DATA_HOME/nmrs/certs/<connection-name>/
permissions: 0600 for all cert/key files.
wire forget_vpn to call cleanup_certs when deleting an openvpn connection that was imported from .ovpn.
tests
write/read/cleanup cycle, permission checks, cleanup of nonexistent dirs.
part of #288. depends on the ovpn parser.
changes
new file:
util/cert_store.rswhen an
.ovpnfile has inline certs (<ca>...</ca>), they need to be written to disk so NM can reference them by path.storage:
$XDG_DATA_HOME/nmrs/certs/<connection-name>/permissions:
0600for all cert/key files.wire
forget_vpnto callcleanup_certswhen deleting an openvpn connection that was imported from.ovpn.tests
write/read/cleanup cycle, permission checks, cleanup of nonexistent dirs.