|
Packit Service |
5ffa24 |
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
|
Packit Service |
5ffa24 |
/*
|
|
Packit Service |
5ffa24 |
* Copyright (C) 2011 Red Hat, Inc.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
2bceb2 |
#include "src/core/nm-default-daemon.h"
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
#include "nm-wifi-utils.h"
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
#include <stdlib.h>
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
#include "nm-utils.h"
|
|
Packit Service |
5ffa24 |
#include "nm-core-internal.h"
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_no_wep(NMSettingWirelessSecurity *s_wsec, const char *tag, GError **error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_wep_key(s_wsec, 0)
|
|
Packit Service |
5ffa24 |
|| nm_setting_wireless_security_get_wep_key(s_wsec, 1)
|
|
Packit Service |
5ffa24 |
|| nm_setting_wireless_security_get_wep_key(s_wsec, 2)
|
|
Packit Service |
5ffa24 |
|| nm_setting_wireless_security_get_wep_key(s_wsec, 3)
|
|
Packit Service |
5ffa24 |
|| nm_setting_wireless_security_get_wep_tx_keyidx(s_wsec)
|
|
Packit Service |
5ffa24 |
|| nm_setting_wireless_security_get_wep_key_type(s_wsec)) {
|
|
Packit Service |
5ffa24 |
/* Dynamic WEP cannot have any WEP keys set */
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("%s is incompatible with static WEP keys"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_leap(NMSettingWirelessSecurity *s_wsec,
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x,
|
|
Packit Service |
5ffa24 |
gboolean adhoc,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt, *auth_alg, *leap_username;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
leap_username = nm_setting_wireless_security_get_leap_username(s_wsec);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* One (or both) of two things indicates we want LEAP:
|
|
Packit Service |
5ffa24 |
* 1) auth_alg == 'leap'
|
|
Packit Service |
5ffa24 |
* 2) valid leap_username
|
|
Packit Service |
5ffa24 |
*
|
|
Packit Service |
5ffa24 |
* LEAP always requires a LEAP username.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (auth_alg) {
|
|
Packit Service |
5ffa24 |
if (!strcmp(auth_alg, "leap")) {
|
|
Packit Service |
5ffa24 |
/* LEAP authentication requires at least a LEAP username */
|
|
Packit Service |
5ffa24 |
if (!leap_username) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_MISSING_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("LEAP authentication requires a LEAP username"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
} else if (leap_username) {
|
|
Packit Service |
5ffa24 |
/* Leap username requires 'leap' auth */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("LEAP username requires 'leap' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (leap_username) {
|
|
Packit Service |
5ffa24 |
if (key_mgmt && strcmp(key_mgmt, "ieee8021x")) {
|
|
Packit Service |
5ffa24 |
/* LEAP requires ieee8021x key management */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("LEAP authentication requires IEEE 802.1x key management"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* At this point if auth_alg is set it must be 'leap', and if key_mgmt
|
|
Packit Service |
5ffa24 |
* is set it must be 'ieee8021x'.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
if (leap_username) {
|
|
Packit Service |
5ffa24 |
if (auth_alg)
|
|
Packit Service |
5ffa24 |
g_assert(strcmp(auth_alg, "leap") == 0);
|
|
Packit Service |
5ffa24 |
if (key_mgmt)
|
|
Packit Service |
5ffa24 |
g_assert(strcmp(key_mgmt, "ieee8021x") == 0);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (adhoc) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("LEAP authentication is incompatible with Ad-Hoc mode"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!verify_no_wep(s_wsec, "LEAP", error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("LEAP authentication is incompatible with 802.1x setting"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_no_wpa(NMSettingWirelessSecurity *s_wsec, const char *tag, GError **error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt;
|
|
Packit Service |
5ffa24 |
int n, i;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
if (key_mgmt && !strncmp(key_mgmt, "wpa", 3)) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("a connection using '%s' authentication cannot use WPA key management"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_num_protos(s_wsec)) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("a connection using '%s' authentication cannot specify WPA protocols"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_PROTO);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
n = nm_setting_wireless_security_get_num_pairwise(s_wsec);
|
|
Packit Service |
5ffa24 |
for (i = 0; i < n; i++) {
|
|
Packit Service |
5ffa24 |
const char *pw;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
pw = nm_setting_wireless_security_get_pairwise(s_wsec, i);
|
|
Packit Service |
5ffa24 |
if (!strcmp(pw, "tkip") || !strcmp(pw, "ccmp")) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("a connection using '%s' authentication cannot specify WPA ciphers"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
n = nm_setting_wireless_security_get_num_groups(s_wsec);
|
|
Packit Service |
5ffa24 |
for (i = 0; i < n; i++) {
|
|
Packit Service |
5ffa24 |
const char *gr;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
gr = nm_setting_wireless_security_get_group(s_wsec, i);
|
|
Packit Service |
5ffa24 |
if (strcmp(gr, "wep40") && strcmp(gr, "wep104")) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("a connection using '%s' authentication cannot specify WPA ciphers"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_GROUP);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_psk(s_wsec)) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("a connection using '%s' authentication cannot specify a WPA password"),
|
|
Packit Service |
5ffa24 |
tag);
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_PSK);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_dynamic_wep(NMSettingWirelessSecurity *s_wsec,
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x,
|
|
Packit Service |
5ffa24 |
gboolean adhoc,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt, *auth_alg, *leap_username;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
leap_username = nm_setting_wireless_security_get_leap_username(s_wsec);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
g_return_val_if_fail(leap_username == NULL, TRUE);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (key_mgmt) {
|
|
Packit Service |
5ffa24 |
if (!strcmp(key_mgmt, "ieee8021x")) {
|
|
Packit Service |
5ffa24 |
if (!s_8021x) {
|
|
Packit Service |
5ffa24 |
/* 802.1x key management requires an 802.1x setting */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_MISSING_SETTING,
|
|
Packit Service |
5ffa24 |
_("Dynamic WEP requires an 802.1x setting"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (auth_alg && strcmp(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
/* 802.1x key management must use "open" authentication */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Dynamic WEP requires 'open' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Dynamic WEP incompatible with anything static WEP related */
|
|
Packit Service |
5ffa24 |
if (!verify_no_wep(s_wsec, "Dynamic WEP", error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
} else if (!strcmp(key_mgmt, "none")) {
|
|
Packit Service |
5ffa24 |
if (s_8021x) {
|
|
Packit Service |
5ffa24 |
/* 802.1x setting requires 802.1x key management */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Dynamic WEP requires 'ieee8021x' key management"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
} else if (s_8021x) {
|
|
Packit Service |
5ffa24 |
/* 802.1x setting incompatible with anything but 'open' auth */
|
|
Packit Service |
5ffa24 |
if (auth_alg && strcmp(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
/* 802.1x key management must use "open" authentication */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Dynamic WEP requires 'open' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Dynamic WEP incompatible with anything static WEP related */
|
|
Packit Service |
5ffa24 |
if (!verify_no_wep(s_wsec, "Dynamic WEP", error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_wpa_psk(NMSettingWirelessSecurity *s_wsec,
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x,
|
|
Packit Service |
5ffa24 |
gboolean adhoc,
|
|
Packit Service |
5ffa24 |
guint32 wpa_flags,
|
|
Packit Service |
5ffa24 |
guint32 rsn_flags,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt, *auth_alg;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!nm_streq0(key_mgmt, "wpa-psk"))
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("WPA-PSK authentication is incompatible with 802.1x"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (auth_alg && !nm_streq(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
/* WPA must use "open" authentication */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA-PSK requires 'open' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Make sure the AP's capabilities support WPA-PSK */
|
|
Packit Service |
5ffa24 |
if (!(wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|
|
Packit Service |
5ffa24 |
&& !(rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Access point does not support PSK but setting requires it"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (adhoc) {
|
|
Packit Service |
5ffa24 |
/* Ad-Hoc RSN requires 'rsn' proto, 'ccmp' pairwise, and 'ccmp' group */
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_num_protos(s_wsec) != 1
|
|
Packit Service |
5ffa24 |
|| !nm_streq0(nm_setting_wireless_security_get_proto(s_wsec, 0), "rsn")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA Ad-Hoc authentication requires 'rsn' protocol"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_PROTO);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_num_pairwise(s_wsec) != 1
|
|
Packit Service |
5ffa24 |
|| !nm_streq0(nm_setting_wireless_security_get_pairwise(s_wsec, 0), "ccmp")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA Ad-Hoc authentication requires 'ccmp' pairwise cipher"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (nm_setting_wireless_security_get_num_groups(s_wsec) != 1
|
|
Packit Service |
5ffa24 |
|| !nm_streq0(nm_setting_wireless_security_get_group(s_wsec, 0), "ccmp")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA Ad-Hoc requires 'ccmp' group cipher"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_GROUP);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_wpa_eap(NMSettingWirelessSecurity *s_wsec,
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x,
|
|
Packit Service |
5ffa24 |
guint32 wpa_flags,
|
|
Packit Service |
5ffa24 |
guint32 rsn_flags,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt, *auth_alg;
|
|
Packit Service |
5ffa24 |
gboolean is_wpa_eap = FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (key_mgmt) {
|
|
Packit Service |
5ffa24 |
if (NM_IN_STRSET(key_mgmt, "wpa-eap", "wpa-eap-suite-b-192")) {
|
|
Packit Service |
5ffa24 |
if (!s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_MISSING_SETTING,
|
|
Packit Service |
5ffa24 |
_("WPA-EAP authentication requires an 802.1x setting"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (auth_alg && strcmp(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
/* WPA must use "open" authentication */
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA-EAP requires 'open' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
is_wpa_eap = TRUE;
|
|
Packit Service |
5ffa24 |
} else if (s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("802.1x setting requires 'wpa-eap' key management"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (is_wpa_eap || s_8021x) {
|
|
Packit Service |
5ffa24 |
/* Make sure the AP's capabilities support WPA-EAP */
|
|
Packit Service |
5ffa24 |
if (!(wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
|
|
Packit Service |
5ffa24 |
&& !(rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
|
|
Packit Service |
5ffa24 |
&& !(rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_EAP_SUITE_B_192)) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("Access point does not support 802.1x but setting requires it"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
static gboolean
|
|
Packit Service |
5ffa24 |
verify_adhoc(NMSettingWirelessSecurity *s_wsec,
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x,
|
|
Packit Service |
5ffa24 |
gboolean adhoc,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const char *key_mgmt = NULL, *leap_username = NULL, *auth_alg = NULL;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!adhoc)
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_wsec) {
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
leap_username = nm_setting_wireless_security_get_leap_username(s_wsec);
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (key_mgmt && !NM_IN_STRSET(key_mgmt, "none", "wpa-psk")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Ad-Hoc mode requires 'none' or 'wpa-psk' key management"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("Ad-Hoc mode is incompatible with 802.1x security"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (leap_username) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Ad-Hoc mode is incompatible with LEAP security"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (auth_alg && !nm_streq(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("Ad-Hoc mode requires 'open' authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
gboolean
|
|
Packit Service |
5ffa24 |
nm_wifi_utils_complete_connection(GBytes * ap_ssid,
|
|
Packit Service |
5ffa24 |
const char * bssid,
|
|
Packit Service |
5ffa24 |
NM80211Mode ap_mode,
|
|
Packit Service |
5ffa24 |
guint32 ap_freq,
|
|
Packit Service |
5ffa24 |
guint32 ap_flags,
|
|
Packit Service |
5ffa24 |
guint32 ap_wpa_flags,
|
|
Packit Service |
5ffa24 |
guint32 ap_rsn_flags,
|
|
Packit Service |
5ffa24 |
NMConnection *connection,
|
|
Packit Service |
5ffa24 |
gboolean lock_bssid,
|
|
Packit Service |
5ffa24 |
GError ** error)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
NMSettingWireless * s_wifi;
|
|
Packit Service |
5ffa24 |
NMSettingWirelessSecurity *s_wsec;
|
|
Packit Service |
5ffa24 |
NMSetting8021x * s_8021x;
|
|
Packit Service |
5ffa24 |
GBytes * ssid;
|
|
Packit Service |
5ffa24 |
const char * mode, *key_mgmt, *auth_alg, *leap_username;
|
|
Packit Service |
5ffa24 |
gboolean adhoc = FALSE;
|
|
Packit Service |
5ffa24 |
gboolean mesh = FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
s_wifi = nm_connection_get_setting_wireless(connection);
|
|
Packit Service |
5ffa24 |
g_assert(s_wifi);
|
|
Packit Service |
5ffa24 |
s_wsec = nm_connection_get_setting_wireless_security(connection);
|
|
Packit Service |
5ffa24 |
s_8021x = nm_connection_get_setting_802_1x(connection);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Fill in missing SSID */
|
|
Packit Service |
5ffa24 |
ssid = nm_setting_wireless_get_ssid(s_wifi);
|
|
Packit Service |
5ffa24 |
if (!ssid)
|
|
Packit Service |
5ffa24 |
g_object_set(G_OBJECT(s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
|
|
Packit Service |
5ffa24 |
else if (!ap_ssid || !g_bytes_equal(ssid, ap_ssid)) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("connection does not match access point"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SSID);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (lock_bssid && !nm_setting_wireless_get_bssid(s_wifi))
|
|
Packit Service |
5ffa24 |
g_object_set(G_OBJECT(s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* And mode */
|
|
Packit Service |
5ffa24 |
mode = nm_setting_wireless_get_mode(s_wifi);
|
|
Packit Service |
5ffa24 |
if (mode) {
|
|
Packit Service |
5ffa24 |
gboolean valid = FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Make sure the supplied mode matches the AP's */
|
|
Packit Service |
5ffa24 |
if (!strcmp(mode, NM_SETTING_WIRELESS_MODE_INFRA)
|
|
Packit Service |
5ffa24 |
|| !strcmp(mode, NM_SETTING_WIRELESS_MODE_AP)) {
|
|
Packit Service |
5ffa24 |
if (ap_mode == NM_802_11_MODE_INFRA)
|
|
Packit Service |
5ffa24 |
valid = TRUE;
|
|
Packit Service |
5ffa24 |
} else if (!strcmp(mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
|
|
Packit Service |
5ffa24 |
if (ap_mode == NM_802_11_MODE_ADHOC)
|
|
Packit Service |
5ffa24 |
valid = TRUE;
|
|
Packit Service |
5ffa24 |
adhoc = TRUE;
|
|
Packit Service |
5ffa24 |
} else if (!strcmp(mode, NM_SETTING_WIRELESS_MODE_MESH)) {
|
|
Packit Service |
5ffa24 |
if (ap_mode == NM_802_11_MODE_MESH)
|
|
Packit Service |
5ffa24 |
valid = TRUE;
|
|
Packit Service |
5ffa24 |
mesh = TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (valid == FALSE) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("connection does not match access point"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_MODE);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
mode = NM_SETTING_WIRELESS_MODE_INFRA;
|
|
Packit Service |
5ffa24 |
if (ap_mode == NM_802_11_MODE_ADHOC) {
|
|
Packit Service |
5ffa24 |
mode = NM_SETTING_WIRELESS_MODE_ADHOC;
|
|
Packit Service |
5ffa24 |
adhoc = TRUE;
|
|
Packit Service |
5ffa24 |
} else if (ap_mode == NM_802_11_MODE_MESH) {
|
|
Packit Service |
5ffa24 |
mode = NM_SETTING_WIRELESS_MODE_MESH;
|
|
Packit Service |
5ffa24 |
mesh = TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
g_object_set(G_OBJECT(s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* For now mesh requires channel and band, fill them only if both not present.
|
|
Packit Service |
5ffa24 |
* Do not check existing values against an existing ap/mesh point,
|
|
Packit Service |
5ffa24 |
* mesh join will start a new network if required */
|
|
Packit Service |
5ffa24 |
if (mesh) {
|
|
Packit Service |
5ffa24 |
const char *band;
|
|
Packit Service |
5ffa24 |
guint32 channel;
|
|
Packit Service |
5ffa24 |
gboolean band_valid = TRUE;
|
|
Packit Service |
5ffa24 |
gboolean chan_valid = TRUE;
|
|
Packit Service |
5ffa24 |
gboolean valid;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
band = nm_setting_wireless_get_band(s_wifi);
|
|
Packit Service |
5ffa24 |
channel = nm_setting_wireless_get_channel(s_wifi);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
valid = ((band == NULL) && (channel == 0)) || ((band != NULL) && (channel != 0));
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if ((band == NULL) && (channel == 0)) {
|
|
Packit Service |
5ffa24 |
channel = nm_utils_wifi_freq_to_channel(ap_freq);
|
|
Packit Service |
5ffa24 |
if (channel) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wifi, NM_SETTING_WIRELESS_CHANNEL, channel, NULL);
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
chan_valid = FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
band = nm_utils_wifi_freq_to_band(ap_freq);
|
|
Packit Service |
5ffa24 |
if (band) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wifi, NM_SETTING_WIRELESS_BAND, band, NULL);
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
band_valid = FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!valid || !chan_valid || !band_valid) {
|
|
Packit Service |
5ffa24 |
g_set_error(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("connection does not match mesh point"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_MODE);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Security */
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Open */
|
|
Packit Service |
5ffa24 |
if (!(ap_flags & NM_802_11_AP_FLAGS_PRIVACY) && (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
|
|
Packit Service |
5ffa24 |
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
|
|
Packit Service |
5ffa24 |
/* Make sure the connection doesn't specify security */
|
|
Packit Service |
5ffa24 |
if (s_wsec || s_8021x) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_SETTING,
|
|
Packit Service |
5ffa24 |
_("Access point is unencrypted but setting specifies security"));
|
|
Packit Service |
5ffa24 |
if (s_wsec)
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
else
|
|
Packit Service |
5ffa24 |
g_prefix_error(error, "%s: ", NM_SETTING_802_1X_SETTING_NAME);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Everything else requires security */
|
|
Packit Service |
5ffa24 |
if (!s_wsec) {
|
|
Packit Service |
5ffa24 |
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new();
|
|
Packit Service |
5ffa24 |
nm_connection_add_setting(connection, NM_SETTING(s_wsec));
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
|
|
Packit Service |
5ffa24 |
auth_alg = nm_setting_wireless_security_get_auth_alg(s_wsec);
|
|
Packit Service |
5ffa24 |
leap_username = nm_setting_wireless_security_get_leap_username(s_wsec);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Ad-Hoc checks */
|
|
Packit Service |
5ffa24 |
if (!verify_adhoc(s_wsec, s_8021x, adhoc, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Static WEP, Dynamic WEP, or LEAP */
|
|
Packit Service |
5ffa24 |
if ((ap_flags & NM_802_11_AP_FLAGS_PRIVACY) && (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
|
|
Packit Service |
5ffa24 |
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
|
|
Packit Service |
5ffa24 |
const char *tag = "WEP";
|
|
Packit Service |
5ffa24 |
gboolean is_dynamic_wep = FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!verify_leap(s_wsec, s_8021x, adhoc, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (leap_username) {
|
|
Packit Service |
5ffa24 |
tag = "LEAP";
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
/* Static or Dynamic WEP */
|
|
Packit Service |
5ffa24 |
if (!verify_dynamic_wep(s_wsec, s_8021x, adhoc, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_8021x || (key_mgmt && !strcmp(key_mgmt, "ieee8021x"))) {
|
|
Packit Service |
5ffa24 |
is_dynamic_wep = TRUE;
|
|
Packit Service |
5ffa24 |
tag = "Dynamic WEP";
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Nothing WPA-related can be set */
|
|
Packit Service |
5ffa24 |
if (!verify_no_wpa(s_wsec, tag, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (leap_username) {
|
|
Packit Service |
5ffa24 |
/* LEAP */
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"ieee8021x",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"leap",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
} else if (is_dynamic_wep) {
|
|
Packit Service |
5ffa24 |
/* Dynamic WEP */
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"ieee8021x",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (s_8021x) {
|
|
Packit Service |
5ffa24 |
/* Dynamic WEP requires a valid 802.1x setting since we can't
|
|
Packit Service |
5ffa24 |
* autocomplete 802.1x.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
if (!nm_setting_verify(NM_SETTING(s_8021x), NULL, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
/* Static WEP */
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none", NULL);
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* WPA/RSN */
|
|
Packit Service |
5ffa24 |
g_assert(ap_wpa_flags || ap_rsn_flags);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* Ensure key management is valid for WPA */
|
|
Packit Service |
5ffa24 |
if ((key_mgmt && !strcmp(key_mgmt, "ieee8021x")) || leap_username) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(
|
|
Packit Service |
5ffa24 |
error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA authentication is incompatible with non-EAP (original) LEAP or Dynamic WEP"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* 'shared' auth incompatible with any type of WPA */
|
|
Packit Service |
5ffa24 |
if (auth_alg && strcmp(auth_alg, "open")) {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
|
Packit Service |
5ffa24 |
_("WPA authentication is incompatible with Shared Key authentication"));
|
|
Packit Service |
5ffa24 |
g_prefix_error(error,
|
|
Packit Service |
5ffa24 |
"%s.%s: ",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!verify_no_wep(s_wsec, "WPA", error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!verify_wpa_psk(s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!adhoc && !verify_wpa_eap(s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (adhoc) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"wpa-psk",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
nm_setting_wireless_security_add_proto(s_wsec, "rsn");
|
|
Packit Service |
5ffa24 |
nm_setting_wireless_security_add_pairwise(s_wsec, "ccmp");
|
|
Packit Service |
5ffa24 |
nm_setting_wireless_security_add_group(s_wsec, "ccmp");
|
|
Packit Service |
5ffa24 |
} else if (s_8021x) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"wpa-eap",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
/* Leave proto/pairwise/group as client set them; if they are unset the
|
|
Packit Service |
5ffa24 |
* supplicant will figure out the best combination at connect time.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* 802.1x also requires the client to completely fill in the 8021x
|
|
Packit Service |
5ffa24 |
* setting. Since there's so much configuration required for it, there's
|
|
Packit Service |
5ffa24 |
* no way it can be automatically completed.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
} else if ((key_mgmt && !strcmp(key_mgmt, "sae"))
|
|
Packit Service |
5ffa24 |
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE)) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"sae",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
} else if ((key_mgmt && !strcmp(key_mgmt, "owe"))
|
|
Packit Service |
5ffa24 |
|| NM_FLAGS_ANY(ap_rsn_flags,
|
|
Packit Service |
5ffa24 |
NM_802_11_AP_SEC_KEY_MGMT_OWE | NM_802_11_AP_SEC_KEY_MGMT_OWE_TM)) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"owe",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
} else if ((key_mgmt && !strcmp(key_mgmt, "wpa-psk"))
|
|
Packit Service |
5ffa24 |
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|
|
Packit Service |
5ffa24 |
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"wpa-psk",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
/* Leave proto/pairwise/group as client set them; if they are unset the
|
|
Packit Service |
5ffa24 |
* supplicant will figure out the best combination at connect time.
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
} else if ((key_mgmt && !strcmp(key_mgmt, "wpa-eap-suite-b-192"))
|
|
Packit Service |
5ffa24 |
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_EAP_SUITE_B_192)) {
|
|
Packit Service |
5ffa24 |
g_object_set(s_wsec,
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
|
|
Packit Service |
5ffa24 |
"wpa-eap-suite-b-192",
|
|
Packit Service |
5ffa24 |
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
|
|
Packit Service |
5ffa24 |
"open",
|
|
Packit Service |
5ffa24 |
NULL);
|
|
Packit Service |
5ffa24 |
} else {
|
|
Packit Service |
5ffa24 |
g_set_error_literal(error,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR,
|
|
Packit Service |
5ffa24 |
NM_CONNECTION_ERROR_FAILED,
|
|
Packit Service |
5ffa24 |
_("Failed to determine AP security information"));
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
gboolean
|
|
Packit Service |
5ffa24 |
nm_wifi_utils_is_manf_default_ssid(GBytes *ssid)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
const guint8 *ssid_p;
|
|
Packit Service |
5ffa24 |
gsize ssid_l;
|
|
Packit Service |
5ffa24 |
int i;
|
|
Packit Service |
5ffa24 |
/*
|
|
Packit Service |
5ffa24 |
* List of manufacturer default SSIDs that are often unchanged by users.
|
|
Packit Service |
5ffa24 |
*
|
|
Packit Service |
5ffa24 |
* NOTE: this list should *not* contain networks that you would like to
|
|
Packit Service |
5ffa24 |
* automatically roam to like "Starbucks" or "AT&T" or "T-Mobile HotSpot".
|
|
Packit Service |
5ffa24 |
*/
|
|
Packit Service |
5ffa24 |
static const char *manf_defaults[] = {
|
|
Packit Service |
5ffa24 |
"linksys",
|
|
Packit Service |
5ffa24 |
"linksys-a",
|
|
Packit Service |
5ffa24 |
"linksys-g",
|
|
Packit Service |
5ffa24 |
"default",
|
|
Packit Service |
5ffa24 |
"belkin54g",
|
|
Packit Service |
5ffa24 |
"NETGEAR",
|
|
Packit Service |
5ffa24 |
"o2DSL",
|
|
Packit Service |
5ffa24 |
"WLAN",
|
|
Packit Service |
5ffa24 |
"ALICE-WLAN",
|
|
Packit Service |
5ffa24 |
"Speedport W 501V",
|
|
Packit Service |
5ffa24 |
"TURBONETT",
|
|
Packit Service |
5ffa24 |
};
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
ssid_p = g_bytes_get_data(ssid, &ssid_l);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
for (i = 0; i < G_N_ELEMENTS(manf_defaults); i++) {
|
|
Packit Service |
5ffa24 |
if (ssid_l == strlen(manf_defaults[i])) {
|
|
Packit Service |
5ffa24 |
if (memcmp(manf_defaults[i], ssid_p, ssid_l) == 0)
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
/* To be used for connections where the SSID has been validated before */
|
|
Packit Service |
5ffa24 |
gboolean
|
|
Packit Service |
5ffa24 |
nm_wifi_connection_get_iwd_ssid_and_security(NMConnection * connection,
|
|
Packit Service |
5ffa24 |
char ** ssid,
|
|
Packit Service |
5ffa24 |
NMIwdNetworkSecurity *security)
|
|
Packit Service |
5ffa24 |
{
|
|
Packit Service |
5ffa24 |
NMSettingWireless * s_wireless;
|
|
Packit Service |
5ffa24 |
NMSettingWirelessSecurity *s_wireless_sec;
|
|
Packit Service |
5ffa24 |
const char * key_mgmt = NULL;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
s_wireless = nm_connection_get_setting_wireless(connection);
|
|
Packit Service |
5ffa24 |
if (!s_wireless)
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (ssid) {
|
|
Packit Service |
5ffa24 |
GBytes * bytes = nm_setting_wireless_get_ssid(s_wireless);
|
|
Packit Service |
5ffa24 |
gsize ssid_len;
|
|
Packit Service |
5ffa24 |
const char *ssid_str = (const char *) g_bytes_get_data(bytes, &ssid_len);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
nm_assert(bytes && g_utf8_validate(ssid_str, ssid_len, NULL));
|
|
Packit Service |
5ffa24 |
NM_SET_OUT(ssid, g_strndup(ssid_str, ssid_len));
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (!security)
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
s_wireless_sec = nm_connection_get_setting_wireless_security(connection);
|
|
Packit Service |
5ffa24 |
if (!s_wireless_sec) {
|
|
Packit Service |
2bceb2 |
NM_SET_OUT(security, NM_IWD_NETWORK_SECURITY_OPEN);
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wireless_sec);
|
|
Packit Service |
5ffa24 |
nm_assert(key_mgmt);
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
if (NM_IN_STRSET(key_mgmt, "none", "ieee8021x"))
|
|
Packit Service |
5ffa24 |
NM_SET_OUT(security, NM_IWD_NETWORK_SECURITY_WEP);
|
|
Packit Service |
2bceb2 |
else if (nm_streq(key_mgmt, "owe"))
|
|
Packit Service |
2bceb2 |
NM_SET_OUT(security, NM_IWD_NETWORK_SECURITY_OPEN);
|
|
Packit Service |
2bceb2 |
else if (NM_IN_STRSET(key_mgmt, "wpa-psk", "sae"))
|
|
Packit Service |
5ffa24 |
NM_SET_OUT(security, NM_IWD_NETWORK_SECURITY_PSK);
|
|
Packit Service |
5ffa24 |
else if (nm_streq(key_mgmt, "wpa-eap"))
|
|
Packit Service |
5ffa24 |
NM_SET_OUT(security, NM_IWD_NETWORK_SECURITY_8021X);
|
|
Packit Service |
5ffa24 |
else
|
|
Packit Service |
5ffa24 |
return FALSE;
|
|
Packit Service |
5ffa24 |
|
|
Packit Service |
5ffa24 |
return TRUE;
|
|
Packit Service |
5ffa24 |
}
|