2008-09-18 Dan Williams <dcbw@redhat.com>

* libnm-util/nm-setting-wireless.c
		- (nm_setting_wireless_ap_security_compatible): only verify pairwise and
			group ciphers if the wireless-security setting explicitly specified
			them, effectively making the default be "all ciphers"  (idea from
			Alexander Sack)



git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4076 4912f4e0-d625-0410-9fb7-b9a5a253dbdc

ChangeLog

@@ -1,3 +1,11 @@
+2008-09-18  Dan Williams  <dcbw@redhat.com>
+
+	* libnm-util/nm-setting-wireless.c
+		- (nm_setting_wireless_ap_security_compatible): only verify pairwise and
+			group ciphers if the wireless-security setting explicitly specified
+			them, effectively making the default be "all ciphers"  (idea from
+			Alexander Sack)
+
 2008-09-15  Dan Williams  <dcbw@redhat.com>
 
 	Patch from Alexander Sack <asac@ubuntu.com>

libnm-util/nm-setting-wireless.c

@@ -174,7 +174,10 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 			    || !(ap_wpa & (NM_802_11_AP_SEC_GROUP_WEP40 | NM_802_11_AP_SEC_GROUP_WEP104)))
 				return FALSE;
 
-			/* Match at least one pairwise cipher with AP's capability */
+			/* Match at least one pairwise cipher with AP's capability if the
+			 * wireless-security setting explicitly lists pairwise ciphers
+			 */
+			if (s_wireless_sec->pairwise) {
 				for (iter = s_wireless_sec->pairwise; iter; iter = g_slist_next (iter)) {
 					if ((found = match_cipher (iter->data, "wep40", ap_wpa, ap_wpa, NM_802_11_AP_SEC_PAIR_WEP40)))
 						break;
@@ -183,8 +186,12 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 				}
 				if (!found)
 					return FALSE;
+			}
 
-			/* Match at least one group cipher with AP's capability */
+			/* Match at least one group cipher with AP's capability if the
+			 * wireless-security setting explicitly lists group ciphers
+			 */
+			if (s_wireless_sec->group) {
 				for (iter = s_wireless_sec->group; iter; iter = g_slist_next (iter)) {
 					if ((found = match_cipher (iter->data, "wep40", ap_wpa, ap_wpa, NM_802_11_AP_SEC_GROUP_WEP40)))
 						break;
@@ -194,6 +201,7 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 				if (!found)
 					return FALSE;
 			}
+		}
 		return TRUE;
 	}
 
@@ -206,9 +214,6 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 		if (!(ap_flags & NM_802_11_AP_FLAGS_PRIVACY))
 			return FALSE;
 
-		if (!s_wireless_sec->pairwise || !s_wireless_sec->group)
-			return FALSE;
-
 		if (!strcmp (s_wireless_sec->key_mgmt, "wpa-psk")) {
 			if (   !(ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK)
 			    && !(ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK))
@@ -223,7 +228,10 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 		// if the Connection only uses WPA we don't match a cipher against
 		// the AP's RSN IE instead
 
-		/* Match at least one pairwise cipher with AP's capability */
+		/* Match at least one pairwise cipher with AP's capability if the
+		 * wireless-security setting explicitly lists pairwise ciphers
+		 */
+		if (s_wireless_sec->pairwise) {
 			for (elt = s_wireless_sec->pairwise; elt; elt = g_slist_next (elt)) {
 				if ((found = match_cipher (elt->data, "tkip", ap_wpa, ap_rsn, NM_802_11_AP_SEC_PAIR_TKIP)))
 					break;
@@ -232,8 +240,12 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 			}
 			if (!found)
 				return FALSE;
+		}
 
-		/* Match at least one group cipher with AP's capability */
+		/* Match at least one group cipher with AP's capability if the
+		 * wireless-security setting explicitly lists group ciphers
+		 */
+		if (s_wireless_sec->group) {
 			for (elt = s_wireless_sec->group; elt; elt = g_slist_next (elt)) {
 				if ((found = match_cipher (elt->data, "wep40", ap_wpa, ap_rsn, NM_802_11_AP_SEC_GROUP_WEP40)))
 					break;
@@ -246,6 +258,7 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
 			}
 			if (!found)
 				return FALSE;
+		}
 
 		return TRUE;
 	}