2006-01-30 Robert Love <rml@novell.com>
* gnome/applet/nm-gconf-wso-wpa-psk.c, gnome/applet/nm-gconf-wso.c, gnome/applet/wireless-security-option.c, include/NetworkManager.h, libnm-util/cipher-wpa-psk-hex.c, src/nm-ap-security-wpa-psk.c, libnm-util/cipher-wpa-psk-passphrase.c, src/nm-ap-security.c: Add support for "Automatic" pairwise and group cipher configuration by letting wpa_supplicant handle the details. Add UI elements, new cipher type NM_AUTH_CIPHER_AUTO, and backend support. Works like a charm. Note this does more than add a nice feature, it fixes a bug. Apparently, some people have AP's where the pairwise cipher does not match the group cipher. Insane, but true. git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@1407 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
This commit is contained in:
Robert Love
13
ChangeLog
13
ChangeLog
@@ -1,3 +1,16 @@
|
||||
2006-01-30 Robert Love <rml@novell.com>
|
||||
|
||||
* gnome/applet/nm-gconf-wso-wpa-psk.c, gnome/applet/nm-gconf-wso.c,
|
||||
gnome/applet/wireless-security-option.c, include/NetworkManager.h,
|
||||
libnm-util/cipher-wpa-psk-hex.c, src/nm-ap-security-wpa-psk.c,
|
||||
libnm-util/cipher-wpa-psk-passphrase.c, src/nm-ap-security.c: Add
|
||||
support for "Automatic" pairwise and group cipher configuration by
|
||||
letting wpa_supplicant handle the details. Add UI elements, new
|
||||
cipher type NM_AUTH_CIPHER_AUTO, and backend support. Works like a
|
||||
charm. Note this does more than add a nice feature, it fixes a bug.
|
||||
Apparently, some people have AP's where the pairwise cipher does not
|
||||
match the group cipher. Insane, but true.
|
||||
|
||||
2006-01-30 Dan Williams <dcbw@redhat.com>
|
||||
|
||||
* gnome/applet/applet-dbus-devices.c
|
||||
|
||||
@@ -53,7 +53,7 @@ nm_gconf_wso_wpa_psk_new_deserialize_dbus (DBusMessageIter *iter, int we_cipher)
|
||||
int key_mgt;
|
||||
|
||||
g_return_val_if_fail (iter != NULL, NULL);
|
||||
g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
g_return_val_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
|
||||
if (!nmu_security_deserialize_wpa_psk (iter, &key, &key_len, &wpa_version, &key_mgt))
|
||||
goto out;
|
||||
@@ -78,7 +78,7 @@ nm_gconf_wso_wpa_psk_new_deserialize_gconf (GConfClient *client, const char *net
|
||||
|
||||
g_return_val_if_fail (client != NULL, NULL);
|
||||
g_return_val_if_fail (network != NULL, NULL);
|
||||
g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
g_return_val_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
|
||||
if (!nm_gconf_get_int_helper (client,
|
||||
GCONF_PATH_WIRELESS_NETWORKS,
|
||||
|
||||
@@ -84,6 +84,7 @@ nm_gconf_wso_new_deserialize_dbus (DBusMessageIter *iter)
|
||||
security = NM_GCONF_WSO (nm_gconf_wso_wep_new_deserialize_dbus (iter, we_cipher));
|
||||
break;
|
||||
|
||||
case NM_AUTH_CIPHER_AUTO:
|
||||
case IW_AUTH_CIPHER_TKIP:
|
||||
case IW_AUTH_CIPHER_CCMP:
|
||||
security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_dbus (iter, we_cipher));
|
||||
@@ -125,6 +126,7 @@ nm_gconf_wso_new_deserialize_gconf (GConfClient *client,
|
||||
security = NM_GCONF_WSO (nm_gconf_wso_wep_new_deserialize_gconf (client, network, we_cipher));
|
||||
break;
|
||||
|
||||
case NM_AUTH_CIPHER_AUTO:
|
||||
case IW_AUTH_CIPHER_TKIP:
|
||||
case IW_AUTH_CIPHER_CCMP:
|
||||
security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_gconf (client, network, we_cipher));
|
||||
@@ -174,7 +176,8 @@ nm_gconf_wso_set_we_cipher (NMGConfWSO *self,
|
||||
|
||||
/* Ensure the cipher is valid */
|
||||
g_return_if_fail (
|
||||
(we_cipher == IW_AUTH_CIPHER_NONE)
|
||||
(we_cipher == NM_AUTH_CIPHER_AUTO)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_NONE)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_WEP40)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_WEP104)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_TKIP)
|
||||
|
||||
@@ -200,14 +200,21 @@ wso_wpa_create_key_type_model (int capabilities,
|
||||
GtkListStore * model;
|
||||
GtkTreeIter iter;
|
||||
int num = 0;
|
||||
const char * name;
|
||||
|
||||
g_return_val_if_fail (num_added != NULL, NULL);
|
||||
|
||||
model = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_INT);
|
||||
|
||||
name = _("Automatic (Default)");
|
||||
gtk_list_store_append (model, &iter);
|
||||
gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name,
|
||||
WPA_KEY_TYPE_CIPHER_COL, 0, -1);
|
||||
num++;
|
||||
|
||||
if (capabilities & NM_802_11_CAP_CIPHER_TKIP)
|
||||
{
|
||||
const char *name = _("TKIP (Default)");
|
||||
|
||||
name = _("TKIP");
|
||||
gtk_list_store_append (model, &iter);
|
||||
gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name,
|
||||
WPA_KEY_TYPE_CIPHER_COL, IW_AUTH_CIPHER_TKIP, -1);
|
||||
@@ -215,8 +222,7 @@ wso_wpa_create_key_type_model (int capabilities,
|
||||
}
|
||||
if (capabilities & NM_802_11_CAP_CIPHER_CCMP)
|
||||
{
|
||||
const char *name = _("AES-CCMP");
|
||||
|
||||
name = _("AES-CCMP");
|
||||
gtk_list_store_append (model, &iter);
|
||||
gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name,
|
||||
WPA_KEY_TYPE_CIPHER_COL, IW_AUTH_CIPHER_CCMP, -1);
|
||||
|
||||
@@ -110,6 +110,8 @@ typedef enum NMDeviceType
|
||||
#define NM_802_11_CAP_CIPHER_TKIP 0x00004000
|
||||
#define NM_802_11_CAP_CIPHER_CCMP 0x00008000
|
||||
|
||||
/* Let wpa_supplicant figure out the cipher */
|
||||
#define NM_AUTH_CIPHER_AUTO 0x0
|
||||
|
||||
/*
|
||||
* Wireless network update types
|
||||
|
||||
@@ -22,6 +22,7 @@
|
||||
#include <glib.h>
|
||||
#include <iwlib.h>
|
||||
|
||||
#include "NetworkManager.h"
|
||||
#include "cipher.h"
|
||||
#include "cipher-private.h"
|
||||
#include "cipher-wpa-psk-hex.h"
|
||||
@@ -36,7 +37,7 @@ IEEE_802_11_Cipher * cipher_wpa_psk_hex_new (void)
|
||||
IEEE_802_11_Cipher * cipher = g_malloc0 (sizeof (IEEE_802_11_Cipher));
|
||||
|
||||
cipher->refcount = 1;
|
||||
cipher->we_cipher = IW_AUTH_CIPHER_TKIP;
|
||||
cipher->we_cipher = NM_AUTH_CIPHER_AUTO;
|
||||
cipher->input_min = HEXSTR_WPA_PMK_LEN;
|
||||
cipher->input_max = HEXSTR_WPA_PMK_LEN;
|
||||
cipher->cipher_hash_func = cipher_wpa_psk_hex_hash_func;
|
||||
@@ -49,8 +50,8 @@ IEEE_802_11_Cipher * cipher_wpa_psk_hex_new (void)
|
||||
void cipher_wpa_psk_hex_set_we_cipher (IEEE_802_11_Cipher *cipher, int we_cipher)
|
||||
{
|
||||
g_return_if_fail (cipher != NULL);
|
||||
g_return_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((cipher->we_cipher == NM_AUTH_CIPHER_AUTO || cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
|
||||
cipher->we_cipher = we_cipher;
|
||||
}
|
||||
|
||||
@@ -22,6 +22,7 @@
|
||||
#include <glib.h>
|
||||
#include <iwlib.h>
|
||||
|
||||
#include "NetworkManager.h"
|
||||
#include "cipher.h"
|
||||
#include "cipher-private.h"
|
||||
#include "cipher-wpa-psk-hex.h"
|
||||
@@ -37,7 +38,7 @@ IEEE_802_11_Cipher * cipher_wpa_psk_passphrase_new (void)
|
||||
IEEE_802_11_Cipher * cipher = g_malloc0 (sizeof (IEEE_802_11_Cipher));
|
||||
|
||||
cipher->refcount = 1;
|
||||
cipher->we_cipher = IW_AUTH_CIPHER_TKIP;
|
||||
cipher->we_cipher = NM_AUTH_CIPHER_AUTO;
|
||||
/* Passphrase between 8 and 63 characters inclusive */
|
||||
cipher->input_min = 8;
|
||||
cipher->input_max = (WPA_PMK_LEN * 2) - 1;
|
||||
@@ -51,8 +52,8 @@ IEEE_802_11_Cipher * cipher_wpa_psk_passphrase_new (void)
|
||||
void cipher_wpa_psk_passphrase_set_we_cipher (IEEE_802_11_Cipher *cipher, int we_cipher)
|
||||
{
|
||||
g_return_if_fail (cipher != NULL);
|
||||
g_return_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
g_return_if_fail ((cipher->we_cipher == NM_AUTH_CIPHER_AUTO || cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP));
|
||||
|
||||
cipher->we_cipher = we_cipher;
|
||||
}
|
||||
|
||||
@@ -48,15 +48,19 @@ static void set_description (NMAPSecurityWPA_PSK *security)
|
||||
{
|
||||
if (we_cipher == IW_AUTH_CIPHER_TKIP)
|
||||
nm_ap_security_set_description (parent, _("WPA TKIP"));
|
||||
else
|
||||
else if (we_cipher == IW_AUTH_CIPHER_CCMP)
|
||||
nm_ap_security_set_description (parent, _("WPA CCMP"));
|
||||
else
|
||||
nm_ap_security_set_description (parent, _("WPA Automatic"));
|
||||
}
|
||||
else if (security->priv->wpa_version == IW_AUTH_WPA_VERSION_WPA2)
|
||||
{
|
||||
if (we_cipher == IW_AUTH_CIPHER_TKIP)
|
||||
nm_ap_security_set_description (parent, _("WPA2 TKIP"));
|
||||
else
|
||||
else if (we_cipher == IW_AUTH_CIPHER_CCMP)
|
||||
nm_ap_security_set_description (parent, _("WPA2 CCMP"));
|
||||
else
|
||||
nm_ap_security_set_description (parent, _("WPA2 Automatic"));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -70,7 +74,7 @@ nm_ap_security_wpa_psk_new_deserialize (DBusMessageIter *iter, int we_cipher)
|
||||
int key_mgt;
|
||||
|
||||
g_return_val_if_fail (iter != NULL, NULL);
|
||||
g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
g_return_val_if_fail (we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP || we_cipher == IW_AUTH_CIPHER_CCMP, NULL);
|
||||
|
||||
if (!nmu_security_deserialize_wpa_psk (iter, &key, &key_len, &wpa_version, &key_mgt))
|
||||
goto out;
|
||||
@@ -96,7 +100,7 @@ nm_ap_security_wpa_psk_new_from_ap (NMAccessPoint *ap, int we_cipher)
|
||||
guint32 caps;
|
||||
|
||||
g_return_val_if_fail (ap != NULL, NULL);
|
||||
g_return_val_if_fail (we_cipher == IW_AUTH_CIPHER_TKIP || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
g_return_val_if_fail (we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
|
||||
|
||||
security = g_object_new (NM_TYPE_AP_SECURITY_WPA_PSK, NULL);
|
||||
nm_ap_security_set_we_cipher (NM_AP_SECURITY (security), we_cipher);
|
||||
@@ -173,22 +177,32 @@ real_write_supplicant_config (NMAPSecurity *instance,
|
||||
}
|
||||
g_free (msg);
|
||||
|
||||
/*
|
||||
* FIXME: Technically, the pairwise cipher does not need to be the same as
|
||||
* the group cipher. Fixing this requires changes in the UI.
|
||||
*/
|
||||
if (cipher == IW_AUTH_CIPHER_TKIP)
|
||||
pairwise_cipher = group_cipher = "TKIP";
|
||||
else
|
||||
else if (cipher == IW_AUTH_CIPHER_CCMP)
|
||||
pairwise_cipher = group_cipher = "CCMP";
|
||||
else if (cipher == IW_AUTH_CIPHER_NONE)
|
||||
pairwise_cipher = group_cipher = "NONE";
|
||||
|
||||
/* Ad-Hoc requires pairwise cipher of NONE */
|
||||
if (user_created)
|
||||
pairwise_cipher = "NONE";
|
||||
|
||||
if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL,
|
||||
"SET_NETWORK %i pairwise %s", nwid, pairwise_cipher))
|
||||
goto out;
|
||||
|
||||
if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL,
|
||||
"SET_NETWORK %i group %s", nwid, group_cipher))
|
||||
goto out;
|
||||
/* If user selected "Automatic", we let wpa_supplicant sort it out */
|
||||
if (cipher != NM_AUTH_CIPHER_AUTO)
|
||||
{
|
||||
if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL,
|
||||
"SET_NETWORK %i pairwise %s", nwid, pairwise_cipher))
|
||||
goto out;
|
||||
|
||||
if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL,
|
||||
"SET_NETWORK %i group %s", nwid, group_cipher))
|
||||
goto out;
|
||||
}
|
||||
|
||||
success = TRUE;
|
||||
|
||||
|
||||
@@ -85,6 +85,7 @@ nm_ap_security_new_deserialize (DBusMessageIter *iter)
|
||||
security = NM_AP_SECURITY (nm_ap_security_wep_new_deserialize (iter, we_cipher));
|
||||
break;
|
||||
|
||||
case NM_AUTH_CIPHER_AUTO:
|
||||
case IW_AUTH_CIPHER_TKIP:
|
||||
case IW_AUTH_CIPHER_CCMP:
|
||||
security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_deserialize (iter, we_cipher));
|
||||
@@ -154,7 +155,8 @@ nm_ap_security_set_we_cipher (NMAPSecurity *self, int we_cipher)
|
||||
|
||||
/* Ensure the cipher is valid */
|
||||
g_return_if_fail (
|
||||
(we_cipher == IW_AUTH_CIPHER_NONE)
|
||||
(we_cipher == NM_AUTH_CIPHER_AUTO)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_NONE)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_WEP40)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_WEP104)
|
||||
|| (we_cipher == IW_AUTH_CIPHER_TKIP)
|
||||
@@ -217,7 +219,7 @@ real_device_setup (NMAPSecurity *self, NMDevice80211Wireless * dev)
|
||||
int
|
||||
nm_ap_security_get_we_cipher (NMAPSecurity *self)
|
||||
{
|
||||
g_return_val_if_fail (self != NULL, -1);
|
||||
g_return_val_if_fail (self != NULL, NM_AUTH_CIPHER_AUTO);
|
||||
|
||||
return self->priv->we_cipher;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user