CEPage *
ce_page_wireless_security_new (NMConnection *connection,
                               GtkWindow *parent_window,
                               NMClient *client,
                               const char **out_secrets_setting_name,
                               GError **error)
{
	CEPageWirelessSecurity *self;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wsec = NULL;
	NMUtilsSecurityType default_type = NMU_SEC_NONE;
	const char *security;

	s_wireless = nm_connection_get_setting_wireless (connection);
	if (!s_wireless) {
		g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface; missing WiFi setting."));
		return NULL;
	}

	self = CE_PAGE_WIRELESS_SECURITY (ce_page_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
	                                               connection,
	                                               parent_window,
	                                               client,
	                                               UIDIR "/ce-page-wireless-security.ui",
	                                               "WirelessSecurityPage",
	                                               _("Wireless Security")));
	if (!self) {
		g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface."));
		return NULL;
	}

	self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);

	s_wsec = nm_connection_get_setting_wireless_security (connection);

	security = nm_setting_wireless_get_security (s_wireless);
	if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
		s_wsec = NULL;
	if (s_wsec)
		default_type = get_default_type_for_security (s_wsec);

	/* Get secrets if the connection is not 802.1x enabled */
	if (   default_type == NMU_SEC_STATIC_WEP
	    || default_type == NMU_SEC_LEAP
	    || default_type == NMU_SEC_WPA_PSK
	    || default_type == NMU_SEC_WPA2_PSK) {
		*out_secrets_setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
	}

	/* Or if it is 802.1x enabled */
	if (   default_type == NMU_SEC_DYNAMIC_WEP
	    || default_type == NMU_SEC_WPA_ENTERPRISE
	    || default_type == NMU_SEC_WPA2_ENTERPRISE) {
		*out_secrets_setting_name = NM_SETTING_802_1X_SETTING_NAME;
	}

	g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);

	return CE_PAGE (self);
}
void
ws_802_1x_fill_connection (WirelessSecurity *sec,
                           const char *combo_name,
                           NMConnection *connection)
{
	GtkWidget *widget;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	NMSetting8021x *s_8021x;
	EAPMethod *eap = NULL;
	GtkTreeModel *model;
	GtkTreeIter iter;

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_assert (s_wireless);

	g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);

	/* Blow away the old wireless security setting by adding a clear one */
	s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
	nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);

	/* Blow away the old 802.1x setting by adding a clear one */
	s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
	nm_connection_add_setting (connection, (NMSetting *) s_8021x);

	widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
	model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
	gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
	gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
	g_assert (eap);

	eap_method_fill_connection (eap, connection);
	eap_method_unref (eap);
}
const char *
nm_utils_get_shared_wifi_permission (NMConnection *connection)
{
	NMSettingWireless *s_wifi;
	NMSettingWirelessSecurity *s_wsec;
	NMSettingIP4Config *s_ip4;
	const char *method = NULL;

	s_ip4 = nm_connection_get_setting_ip4_config (connection);
	if (s_ip4)
		method = nm_setting_ip4_config_get_method (s_ip4);

	if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0)
		return NULL;  /* Not shared */

	s_wifi = nm_connection_get_setting_wireless (connection);
	if (s_wifi) {
		s_wsec = nm_connection_get_setting_wireless_security (connection);
		if (nm_setting_wireless_get_security (s_wifi) || s_wsec)
			return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED;
		else
			return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN;
	}

	return NULL;
}
Beispiel #4
0
/* return value must be freed by caller with g_free() */
static gchar *
get_mac_address_of_connection (NMConnection *connection)
{
  const GByteArray *mac = NULL;

  if (!connection)
    return NULL;

  /* check the connection type */
  if (nm_connection_is_type (connection,
                             NM_SETTING_WIRELESS_SETTING_NAME))
    {
      /* check wireless settings */
      NMSettingWireless *s_wireless = nm_connection_get_setting_wireless (connection);
      if (!s_wireless)
        return NULL;
      mac = nm_setting_wireless_get_mac_address (s_wireless);
      if (mac)
        return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
    }
  else if (nm_connection_is_type (connection,
                                  NM_SETTING_WIRED_SETTING_NAME))
    {
      /* check wired settings */
      NMSettingWired *s_wired = nm_connection_get_setting_wired (connection);
      if (!s_wired)
        return NULL;
      mac = nm_setting_wired_get_mac_address (s_wired);
      if (mac)
        return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
    }
  else if (nm_connection_is_type (connection,
                                  NM_SETTING_WIMAX_SETTING_NAME))
    {
      /* check wimax settings */
      NMSettingWimax *s_wimax = nm_connection_get_setting_wimax (connection);
      if (!s_wimax)
        return NULL;
      mac = nm_setting_wimax_get_mac_address (s_wimax);
      if (mac)
        return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
    }
  else if (nm_connection_is_type (connection,
                                  NM_SETTING_INFINIBAND_SETTING_NAME))
    {
      /* check infiniband settings */
      NMSettingInfiniband *s_infiniband = \
        nm_connection_get_setting_infiniband (connection);
      if (!s_infiniband)
        return NULL;
      mac = nm_setting_infiniband_get_mac_address (s_infiniband);
      if (mac)
        return nm_utils_hwaddr_ntoa (mac->data,
                                     ARPHRD_INFINIBAND);
    }
  /* no MAC address found */
  return NULL;
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
	WirelessSecurityWPAPSK *wpa_psk = (WirelessSecurityWPAPSK *) parent;
	GtkWidget *widget, *passwd_entry;
	const char *key;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	NMSettingSecretFlags secret_flags;
	const char *mode;
	gboolean is_adhoc = FALSE;

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_assert (s_wireless);

	mode = nm_setting_wireless_get_mode (s_wireless);
	if (mode && !strcmp (mode, "adhoc"))
		is_adhoc = TRUE;

	/* Blow away the old security setting by adding a clear one */
	s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
	nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
	passwd_entry = widget;
	key = gtk_entry_get_text (GTK_ENTRY (widget));
	g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);

	/* Save PSK_FLAGS to the connection */
	secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
	nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK,
	                             secret_flags, NULL);

	/* Update secret flags and popup when editing the connection */
	if (wpa_psk->editing_connection)
		nma_utils_update_password_storage (passwd_entry, secret_flags,
		                                   NM_SETTING (s_wireless_sec), wpa_psk->password_flags_name);

	wireless_security_clear_ciphers (connection);
	if (is_adhoc) {
		/* Ad-Hoc settings as specified by the supplicant */
		g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
		nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
		nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");

		/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
		 * compatible for now.  Maybe we'll support selecting CCMP later.
		 */
		nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
	} else {
		g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);

		/* Just leave ciphers and protocol empty, the supplicant will
		 * figure that out magically based on the AP IEs and card capabilities.
		 */
	}
}
static gboolean
validate (CEPage *page, NMConnection *connection, GError **error)
{
	CEPageWirelessSecurity *self = CE_PAGE_WIRELESS_SECURITY (page);
	NMSettingWireless *s_wireless;
	WirelessSecurity *sec;
	gboolean valid = FALSE;
	const char *mode;

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_assert (s_wireless);

	/* Kernel Ad-Hoc WPA support is busted; it creates open networks.  Disable
	 * WPA when Ad-Hoc is selected.  set_sensitive() will pick up self->adhoc
	 * and do the right thing.
	 */
	mode = nm_setting_wireless_get_mode (s_wireless);
	if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
		self->adhoc = TRUE;
	else
		self->adhoc = FALSE;

	sec = wireless_security_combo_get_active (self);
	if (sec) {
		const GByteArray *ssid = nm_setting_wireless_get_ssid (s_wireless);

		if (ssid) {
			/* FIXME: get failed property and error out of wireless security objects */
			valid = wireless_security_validate (sec, ssid);
			if (valid)
				wireless_security_fill_connection (sec, connection);
			else
				g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Invalid wireless security");
		} else {
			g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Missing SSID");
			valid = FALSE;
		}

		if (self->adhoc) {
			if (!wireless_security_adhoc_compatible (sec)) {
				g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Security not compatible with Ad-Hoc mode");
				valid = FALSE;
			}
		}
	} else {
		/* No security, unencrypted */
		g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NULL, NULL);
		nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
		nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
		valid = TRUE;
	}

	return valid;
}
static gboolean
validate (CEPage        *page,
          NMConnection  *connection,
          GError       **error)
{
        NMSettingWireless *sw;
        NMSettingConnection *sc;
        WirelessSecurity *sec;
        gboolean valid = FALSE;
        const char *mode;

        sw = nm_connection_get_setting_wireless (connection);

        mode = nm_setting_wireless_get_mode (sw);
        if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
                CE_PAGE_SECURITY (page)->adhoc = TRUE;
        else
                CE_PAGE_SECURITY (page)->adhoc = FALSE;

        sec = security_combo_get_active (CE_PAGE_SECURITY (page));
        if (sec) {
                GBytes *ssid = nm_setting_wireless_get_ssid (sw);

                if (ssid) {
                        /* FIXME: get failed property and error out of wifi security objects */
                        valid = wireless_security_validate (sec, error);
                        if (valid)
                                wireless_security_fill_connection (sec, connection);
                } else {
                        g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_SETTING, "Missing SSID");
                        valid = FALSE;
                }

                if (CE_PAGE_SECURITY (page)->adhoc) {
                        if (!wireless_security_adhoc_compatible (sec)) {
                                g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_SETTING, "Security not compatible with Ad-Hoc mode");
                                valid = FALSE;
                        }
                }

                wireless_security_unref (sec);
        } else {
                /* No security, unencrypted */
                nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
                nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
                valid = TRUE;
        }

        sc = nm_connection_get_setting_connection (connection);
        firewall_ui_to_setting (sc, GTK_WIDGET (CE_PAGE_SECURITY (page)->firewall_combo));

        return valid;
}
static gboolean
validate (CEPage        *page,
          NMConnection  *connection,
          GError       **error)
{
        NMSettingWireless *sw;
        WirelessSecurity *sec;
        gboolean valid = FALSE;
        const char *mode;

        sw = nm_connection_get_setting_wireless (connection);

        mode = nm_setting_wireless_get_mode (sw);
        if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
                CE_PAGE_SECURITY (page)->adhoc = TRUE;
        else
                CE_PAGE_SECURITY (page)->adhoc = FALSE;

        sec = security_combo_get_active (CE_PAGE_SECURITY (page));
        if (sec) {
                const GByteArray *ssid = nm_setting_wireless_get_ssid (sw);

                if (ssid) {
                        /* FIXME: get failed property and error out of wifi security objects */
                        valid = wireless_security_validate (sec, ssid);
                        if (valid)
                                wireless_security_fill_connection (sec, connection);
                        else
                                g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Invalid Wi-Fi security");
                } else {
                        g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Missing SSID");
                        valid = FALSE;
                }

                if (CE_PAGE_SECURITY (page)->adhoc) {
                        if (!wireless_security_adhoc_compatible (sec)) {
                                g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Security not compatible with Ad-Hoc mode");
                                valid = FALSE;
                        }
                }

                wireless_security_unref (sec);
        } else {
                /* No security, unencrypted */
                g_object_set (sw, NM_SETTING_WIRELESS_SEC, NULL, NULL);
                nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
                nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
                valid = TRUE;
        }

        return valid;
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
	GtkWidget *widget;
	const char *key;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	const char *mode;
	gboolean is_adhoc = FALSE;

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_assert (s_wireless);

	mode = nm_setting_wireless_get_mode (s_wireless);
	if (mode && !strcmp (mode, "adhoc"))
		is_adhoc = TRUE;

	g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);

	/* Blow away the old security setting by adding a clear one */
	s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
	nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
	key = gtk_entry_get_text (GTK_ENTRY (widget));
	g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);

	wireless_security_clear_ciphers (connection);
	if (is_adhoc) {
		/* Ad-Hoc settings as specified by the supplicant */
		g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
		nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
		nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");

		/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
		 * compatible for now.  Maybe we'll support selecting CCMP later.
		 */
		nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
	} else {
		g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);

		/* Just leave ciphers and protocol empty, the supplicant will
		 * figure that out magically based on the AP IEs and card capabilities.
		 */
	}
}
Beispiel #10
0
static void
bind_device_to_connection (SCPluginIfupdown *self,
                           GUdevDevice *device,
                           NMIfupdownConnection *exported)
{
	GByteArray *mac_address;
	NMSettingWired *s_wired;
	NMSettingWireless *s_wifi;
	const char *iface, *address;

	iface = g_udev_device_get_name (device);
	if (!iface) {
		PLUGIN_WARN ("SCPluginIfupdown", "failed to get ifname for device.");
		return;
	}

	address = g_udev_device_get_sysfs_attr (device, "address");
	if (!address || !strlen (address)) {
		PLUGIN_WARN ("SCPluginIfupdown", "failed to get MAC address for %s", iface);
		return;
	}

	mac_address = nm_utils_hwaddr_atoba (address, ARPHRD_ETHER);
	if (!mac_address) {
		PLUGIN_WARN ("SCPluginIfupdown", "failed to parse MAC address '%s' for %s",
		             address, iface);
		return;
	}

	s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
	s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
	if (s_wired) {
		PLUGIN_PRINT ("SCPluginIfupdown", "locking wired connection setting");
		g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, mac_address, NULL);
	} else if (s_wifi) {
		PLUGIN_PRINT ("SCPluginIfupdown", "locking wireless connection setting");
		g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, mac_address, NULL);
	}
	g_byte_array_free (mac_address, TRUE);

	nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL);
}    
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
	WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wsec;
	GtkWidget *widget;
	gint auth_alg;
	const char *key;
	int i;

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
	auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
	key = gtk_entry_get_text (GTK_ENTRY (widget));
	strcpy (sec->keys[sec->cur_index], key);

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_assert (s_wireless);

	g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);

	/* Blow away the old security setting by adding a clear one */
	s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
	nm_connection_add_setting (connection, (NMSetting *) s_wsec);

	g_object_set (s_wsec,
	              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
	              NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, sec->cur_index,
	              NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, (auth_alg == 1) ? "shared" : "open",
	              NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type,
	              NULL);

	for (i = 0; i < 4; i++) {
		if (strlen (sec->keys[i]))
			nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]);
	}
}
Beispiel #12
0
static void
bind_device_to_connection (SettingsPluginIfupdown *self,
                           GUdevDevice *device,
                           NMIfupdownConnection *exported)
{
	NMSettingWired *s_wired;
	NMSettingWireless *s_wifi;
	const char *iface, *address;

	iface = g_udev_device_get_name (device);
	if (!iface) {
		nm_log_warn (LOGD_SETTINGS, "failed to get ifname for device.");
		return;
	}

	address = g_udev_device_get_sysfs_attr (device, "address");
	if (!address || !strlen (address)) {
		nm_log_warn (LOGD_SETTINGS, "failed to get MAC address for %s", iface);
		return;
	}

	if (!nm_utils_hwaddr_valid (address, ETH_ALEN)) {
		nm_log_warn (LOGD_SETTINGS, "failed to parse MAC address '%s' for %s",
		             address, iface);
		return;
	}

	s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
	s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
	if (s_wired) {
		nm_log_info (LOGD_SETTINGS, "locking wired connection setting");
		g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, address, NULL);
	} else if (s_wifi) {
		nm_log_info (LOGD_SETTINGS, "locking wireless connection setting");
		g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, address, NULL);
	}

	nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), NM_SETTINGS_CONNECTION_COMMIT_REASON_NONE, NULL, NULL);
}    
CEPage *
ce_page_wifi_new (NMConnectionEditor *editor,
                  NMConnection *connection,
                  GtkWindow *parent_window,
                  NMClient *client,
                  const char **out_secrets_setting_name,
                  GError **error)
{
	CEPageWifi *self;
	CEPageWifiPrivate *priv;

	g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);

	self = CE_PAGE_WIFI (ce_page_new (CE_TYPE_PAGE_WIFI,
	                                  editor,
	                                  connection,
	                                  parent_window,
	                                  client,
	                                  UIDIR "/ce-page-wifi.ui",
	                                  "WifiPage",
	                                  _("Wi-Fi")));
	if (!self) {
		g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load Wi-Fi user interface."));
		return NULL;
	}

	wifi_private_init (self);
	priv = CE_PAGE_WIFI_GET_PRIVATE (self);

	priv->setting = nm_connection_get_setting_wireless (connection);
	if (!priv->setting) {
		priv->setting = NM_SETTING_WIRELESS (nm_setting_wireless_new ());
		nm_connection_add_setting (connection, NM_SETTING (priv->setting));
	}

	g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);

	return CE_PAGE (self);
}
Beispiel #14
0
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
                        NMConnection *connection)
{
	NMAccessPointPrivate *priv;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	const char *mode;
	const char *band;
	const GByteArray *bssid;
	guint32 channel;

	g_return_val_if_fail (NM_IS_AP (self), FALSE);
	g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);

	priv = NM_AP_GET_PRIVATE (self);

	s_wireless = nm_connection_get_setting_wireless (connection);
	if (s_wireless == NULL)
		return FALSE;
	
	if (!nm_utils_same_ssid (nm_setting_wireless_get_ssid (s_wireless), priv->ssid, TRUE))
		return FALSE;

	bssid = nm_setting_wireless_get_bssid (s_wireless);
	if (bssid && memcmp (bssid->data, &priv->address, ETH_ALEN))
		return FALSE;

	mode = nm_setting_wireless_get_mode (s_wireless);
	if (mode) {
		if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
			return FALSE;
		if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
			return FALSE;
		if (   !strcmp (mode, "ap")
		    && (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
			return FALSE;
	}

	band = nm_setting_wireless_get_band (s_wireless);
	if (band) {
		if (!strcmp (band, "a")) {
			if (priv->freq < 4915 || priv->freq > 5825)
				return FALSE;
		} else if (!strcmp (band, "bg")) {
			if (priv->freq < 2412 || priv->freq > 2484)
				return FALSE;
		}
	}

	channel = nm_setting_wireless_get_channel (s_wireless);
	if (channel) {
		guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);

		if (channel != ap_chan)
			return FALSE;
	}

	s_wireless_sec = nm_connection_get_setting_wireless_security (connection);

	return nm_setting_wireless_ap_security_compatible (s_wireless,
	                                                   s_wireless_sec,
	                                                   nm_ap_get_flags (self),
	                                                   nm_ap_get_wpa_flags (self),
	                                                   nm_ap_get_rsn_flags (self),
	                                                   nm_ap_get_mode (self));
}
Beispiel #15
0
static void
update_wireless_security_setting_from_if_block(NMConnection *connection,
									  if_block *block)
{
	gint wpa_l= strlen("wpa-");
	gint wireless_l= strlen("wireless-");
	if_data *curr = block->info;
	const gchar* value = ifparser_getkey (block, "inet");
	struct _Mapping mapping[] = {
		{"psk", "psk"},
		{"identity", "leap-username"},
		{"password", "leap-password"},
		{"key", "wep-key0"},
		{"key-mgmt", "key-mgmt"},
		{"group", "group"},
		{"pairwise", "pairwise"},
		{"proto", "proto"},
		{"pin", "pin"},
		{"wep-key0", "wep-key0"},
		{"wep-key1", "wep-key1"},
		{"wep-key2", "wep-key2"},
		{"wep-key3", "wep-key3"},
		{"wep-tx-keyidx", "wep-tx-keyidx"},
		{ NULL, NULL}
	};

	struct _Mapping dupe_mapping[] = {
		{"psk", normalize_psk},
		{"identity", normalize_dupe},
		{"password", normalize_dupe},
		{"key", normalize_dupe_wireless_key},
		{"key-mgmt", normalize_tolower},
		{"group", normalize_tolower},
		{"pairwise", normalize_tolower},
		{"proto", normalize_tolower},
		{"pin", normalize_dupe},
		{"wep-key0", normalize_dupe_wireless_key},
		{"wep-key1", normalize_dupe_wireless_key},
		{"wep-key2", normalize_dupe_wireless_key},
		{"wep-key3", normalize_dupe_wireless_key},
		{"wep-tx-keyidx", normalize_dupe},
		{ NULL, NULL}
	};

	struct _Mapping type_mapping[] = {
		{"group", string_to_glist_of_strings},
		{"pairwise", string_to_glist_of_strings},
		{"proto", string_to_glist_of_strings},
		{"wep-tx-keyidx", string_to_gpointerint},
		{ NULL, NULL}
	};

	struct _Mapping free_type_mapping[] = {
		{"group", slist_free_all},
		{"pairwise", slist_free_all},
		{"proto", slist_free_all},
		{ NULL, NULL}
	};

	NMSettingWirelessSecurity *wireless_security_setting;
	NMSettingWireless *s_wireless;
	gboolean security = FALSE;

	if(value && !strcmp("ppp", value)) {
		return;
	}

	s_wireless = nm_connection_get_setting_wireless(connection);
	g_return_if_fail(s_wireless);

	nm_log_info (LOGD_SETTINGS, "update wireless security settings (%s).", block->name);
	wireless_security_setting =
		NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new());

	while(curr) {
		if(strlen(curr->key) > wireless_l &&
		   !strncmp("wireless-", curr->key, wireless_l)) {

			gchar *property_value = NULL;
			gpointer typed_property_value = NULL;
			const gchar* newkey = map_by_mapping(mapping, curr->key+wireless_l);
			IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wireless_l);
			IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wireless_l);
			GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wireless_l);
			if(!newkey || !dupe_func)
				goto next;

			property_value = (*dupe_func) (curr->data, connection);
			nm_log_info (LOGD_SETTINGS, "setting wireless security key: %s=%s",
			             newkey, property_value);

			if (type_map_func) {
				errno = 0;
				typed_property_value = (*type_map_func) (property_value);
				if(errno)
					goto wireless_next;
			}
		    
			g_object_set(wireless_security_setting,
					   newkey, typed_property_value ? typed_property_value : property_value,
					   NULL);
			security = TRUE;

		wireless_next:
			g_free(property_value);
			if (typed_property_value && free_func)
				(*free_func) (typed_property_value);

		} else if(strlen(curr->key) > wpa_l &&
				!strncmp("wpa-", curr->key, wpa_l)) {

			gchar *property_value = NULL;
			gpointer typed_property_value = NULL;
			const gchar* newkey = map_by_mapping(mapping, curr->key+wpa_l);
			IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wpa_l);
			IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wpa_l);
			GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wpa_l);
			if(!newkey || !dupe_func)
				goto next;

			property_value = (*dupe_func) (curr->data, connection);
			nm_log_info (LOGD_SETTINGS, "setting wpa security key: %s=%s",
			             newkey,
#ifdef DEBUG_SECRETS
			             property_value
#else /* DEBUG_SECRETS */
			             !strcmp("key", newkey) ||
			             !strcmp("leap-password", newkey) ||
			             !strcmp("pin", newkey) ||
			             !strcmp("psk", newkey) ||
			             !strcmp("wep-key0", newkey) ||
			             !strcmp("wep-key1", newkey) ||
			             !strcmp("wep-key2", newkey) ||
			             !strcmp("wep-key3", newkey) ||
			             NULL ?
			             "<omitted>" : property_value
#endif /* DEBUG_SECRETS */
			             );

			if (type_map_func) {
				errno = 0;
				typed_property_value = (*type_map_func) (property_value);
				if(errno)
					goto wpa_next;
			}
		    
			g_object_set(wireless_security_setting,
					   newkey, typed_property_value ? typed_property_value : property_value,
					   NULL);
			security = TRUE;

		wpa_next:
			g_free(property_value);
			if (free_func && typed_property_value)
				(*free_func) (typed_property_value);
		}
	next:
		curr = curr->next;
	}


	if (security)
		nm_connection_add_setting (connection, NM_SETTING (wireless_security_setting));
}
gboolean
nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
                                 const guint8 ap_bssid[ETH_ALEN],
                                 NM80211Mode ap_mode,
                                 guint32 ap_flags,
                                 guint32 ap_wpa_flags,
                                 guint32 ap_rsn_flags,
                                 NMConnection *connection,
                                 gboolean lock_bssid,
                                 GError **error)
{
	NMSettingWireless *s_wifi;
	NMSettingWirelessSecurity *s_wsec;
	NMSetting8021x *s_8021x;
	const GByteArray *ssid;
	const char *mode, *key_mgmt, *auth_alg, *leap_username;
	gboolean adhoc = FALSE;

	s_wifi = nm_connection_get_setting_wireless (connection);
	g_assert (s_wifi);
	s_wsec = nm_connection_get_setting_wireless_security (connection);
	s_8021x = nm_connection_get_setting_802_1x (connection);

	/* Fill in missing SSID */
	ssid = nm_setting_wireless_get_ssid (s_wifi);
	if (!ssid)
		g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
	else if (   ssid->len != ap_ssid->len
	         || memcmp (ssid->data, ap_ssid->data, ssid->len)) {
		g_set_error_literal (error,
		                     NM_SETTING_WIRELESS_ERROR,
		                     NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
		                     "Setting SSID did not match AP SSID");
		return FALSE;
	}

	if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) {
		GByteArray *bssid;

		bssid = g_byte_array_sized_new (ETH_ALEN);
		g_byte_array_append (bssid, ap_bssid, ETH_ALEN);
		g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
		g_byte_array_free (bssid, TRUE);
	}

	/* And mode */
	mode = nm_setting_wireless_get_mode (s_wifi);
	if (mode) {
		gboolean valid = FALSE;

		/* Make sure the supplied mode matches the AP's */
		if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) {
			if (ap_mode == NM_802_11_MODE_INFRA)
				valid = TRUE;
		} else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
			if (ap_mode == NM_802_11_MODE_ADHOC)
				valid = TRUE;
			adhoc = TRUE;
		}

		if (valid == FALSE) {
			g_set_error (error,
			             NM_SETTING_WIRELESS_ERROR,
			             NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
			             NM_SETTING_WIRELESS_MODE);
			return FALSE;
		}
	} else {
		mode = NM_SETTING_WIRELESS_MODE_INFRA;
		if (ap_mode == NM_802_11_MODE_ADHOC) {
			mode = NM_SETTING_WIRELESS_MODE_ADHOC;
			adhoc = TRUE;
		}
		g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
	}

	/* Security */

	/* Open */
	if (   !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
	    && (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
	    && (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
		/* Make sure the connection doesn't specify security */
		if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) {
			g_set_error_literal (error,
			                     NM_SETTING_WIRELESS_SECURITY_ERROR,
			                     NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
			                     "AP is unencrypted but setting specifies security");
			return FALSE;
		}
		return TRUE;
	}

	/* Everything else requires security */
	g_object_set (G_OBJECT (s_wifi),
	              NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
	              NULL);
	if (!s_wsec) {
		s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
		nm_connection_add_setting (connection, NM_SETTING (s_wsec));
	}

	key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
	auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
	leap_username = nm_setting_wireless_security_get_leap_username (s_wsec);

	/* Ad-Hoc checks */
	if (!verify_adhoc (s_wsec, s_8021x, adhoc, error))
		return FALSE;

	/* Static WEP, Dynamic WEP, or LEAP */
	if (   (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
	    && (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
	    && (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
		const char *tag = "WEP";
		gboolean is_dynamic_wep = FALSE;

		if (!verify_leap (s_wsec, s_8021x, adhoc, error))
			return FALSE;

		if (leap_username) {
			tag = "LEAP";
		} else {
			/* Static or Dynamic WEP */
			if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error))
				return FALSE;

			if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) {
				is_dynamic_wep = TRUE;
				tag = "Dynamic WEP";
			}
		}

		/* Nothing WPA-related can be set */
		if (!verify_no_wpa (s_wsec, tag, error))
			return FALSE;

		if (leap_username) {
			/* LEAP */
			g_object_set (s_wsec,
			              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
			              NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
			              NULL);
		} else if (is_dynamic_wep) {
			/* Dynamic WEP */
			g_object_set (s_wsec,
			              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
			              NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
			              NULL);
			nm_setting_wireless_security_add_pairwise (s_wsec, "wep40");
			nm_setting_wireless_security_add_pairwise (s_wsec, "wep104");
			nm_setting_wireless_security_add_group (s_wsec, "wep40");
			nm_setting_wireless_security_add_group (s_wsec, "wep104");

			if (s_8021x) {
				/* Dynamic WEP requires a valid 802.1x setting since we can't
				 * autocomplete 802.1x.
				 */
				if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error))
					return FALSE;
			}
		} else {
			/* Static WEP */
			g_object_set (s_wsec,
			              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
			              NULL);
		}

		return TRUE;
	}

	/* WPA/RSN */
	g_assert (ap_wpa_flags || ap_rsn_flags);

	/* Ensure key management is valid for WPA */
	if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) {
		g_set_error_literal (error,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
		                     "WPA incompatible with non-EAP (original) LEAP or Dynamic WEP");
		return FALSE;
	}

	/* 'shared' auth incompatible with any type of WPA */
	if (auth_alg && strcmp (auth_alg, "open")) {
		g_set_error_literal (error,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
		                     "WPA incompatible with Shared Key authentication");
		return FALSE;
	}

	if (!verify_no_wep (s_wsec, "WPA", error))
		return FALSE;

	if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
		return FALSE;

	if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
		return FALSE;

	if (adhoc) {
		g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
		/* Ad-Hoc does not support RSN/WPA2 */
		nm_setting_wireless_security_add_proto (s_wsec, "wpa");
		nm_setting_wireless_security_add_pairwise (s_wsec, "none");
		nm_setting_wireless_security_add_group (s_wsec, "tkip");
	} else if (s_8021x) {
		g_object_set (s_wsec,
		              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
		              NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
		              NULL);
		/* Leave proto/pairwise/group as client set them; if they are unset the
		 * supplicant will figure out the best combination at connect time.
		 */

		/* 802.1x also requires the client to completely fill in the 8021x
		 * setting.  Since there's so much configuration required for it, there's
		 * no way it can be automatically completed.
		 */
	} else if (   (key_mgmt && !strcmp (key_mgmt, "wpa-psk"))
	           || (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
	           || (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
		g_object_set (s_wsec,
		              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
		              NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
		              NULL);
		/* Leave proto/pairwise/group as client set them; if they are unset the
		 * supplicant will figure out the best combination at connect time.
		 */
	} else {
		g_set_error_literal (error,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR,
		                     NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
		                     "Failed to determine AP security information");
		return FALSE;
	}

	return TRUE;
}
static void
nmt_page_wifi_constructed (GObject *object)
{
	NmtPageWifiPrivate *priv = NMT_PAGE_WIFI_GET_PRIVATE (object);
	NmtPageWifi *wifi = NMT_PAGE_WIFI (object);
	NmtDeviceEntry *deventry;
	NmtEditorSection *section;
	NmtEditorGrid *grid;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wsec;
	NmtNewtWidget *widget, *hbox, *subgrid;
	NmtNewtWidget *mode, *band, *security, *entry;
	NmtNewtStack *stack;
	NMConnection *conn;

	conn = nmt_editor_page_get_connection (NMT_EDITOR_PAGE (wifi));
	s_wireless = nm_connection_get_setting_wireless (conn);
	if (!s_wireless) {
		nm_connection_add_setting (conn, nm_setting_wireless_new ());
		s_wireless = nm_connection_get_setting_wireless (conn);
	}

	s_wsec = nm_connection_get_setting_wireless_security (conn);
	if (!s_wsec) {
		/* It makes things simpler if we always have a
		 * NMSettingWirelessSecurity; we'll hold a ref on one, and add
		 * it to and remove it from the connection as needed.
		 */
		s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_setting_wireless_security_new ());
	}
	priv->s_wsec = g_object_ref_sink (s_wsec);

	deventry = nmt_editor_page_device_get_device_entry (NMT_EDITOR_PAGE_DEVICE (object));
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MAC_ADDRESS,
	                        deventry, "mac-address",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);

	section = nmt_editor_section_new (_("WI-FI"), NULL, TRUE);
	grid = nmt_editor_section_get_body (section);

	widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
	g_object_bind_property_full (s_wireless, NM_SETTING_WIRELESS_SSID,
	                             widget, "text",
	                             G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE,
	                             ssid_transform_to_entry,
	                             ssid_transform_from_entry,
	                             s_wireless, NULL);
	nmt_editor_grid_append (grid, _("SSID"), widget, NULL);

	widget = nmt_newt_popup_new (wifi_mode);
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MODE,
	                        widget, "active-id",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_editor_grid_append (grid, _("Mode"), widget, NULL);
	mode = widget;

	hbox = nmt_newt_grid_new ();
	widget = nmt_newt_popup_new (wifi_band);
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BAND,
	                        widget, "active-id",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 0, 0);
	band = widget;

	widget = nmt_newt_entry_numeric_new (10, 0, 255);
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CHANNEL,
	                        widget, "text",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 1, 0);
	nmt_newt_widget_set_padding (widget, 1, 0, 0, 0);

	g_object_bind_property_full (band, "active-id", widget, "visible",
	                             G_BINDING_SYNC_CREATE,
	                             band_transform_to_channel_visibility,
	                             NULL, NULL, NULL);
	g_object_bind_property_full (mode, "active-id", hbox, "visible",
	                             G_BINDING_SYNC_CREATE,
	                             mode_transform_to_band_visibility,
	                             NULL, NULL, NULL);
	nmt_editor_grid_append (grid, _("Channel"), hbox, NULL);

	nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);

	widget = nmt_newt_popup_new (wifi_security);
	nmt_editor_grid_append (grid, _("Security"), widget, NULL);
	security = widget;

	widget = nmt_newt_stack_new ();
	stack = NMT_NEWT_STACK (widget);

	/* none */
	subgrid = nmt_editor_grid_new ();
	nmt_newt_stack_add (stack, "none", subgrid);

	/* wpa-personal */
	subgrid = nmt_editor_grid_new ();
	widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
	g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK,
	                        widget, "password",
	                        G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
	nmt_newt_stack_add (stack, "wpa-personal", subgrid);

	/* "wpa-enterprise" */
	// FIXME
	widget = nmt_newt_label_new (_("(No support for wpa-enterprise yet...)"));
	nmt_newt_stack_add (stack, "wpa-enterprise", widget);

	/* wep-key */
	subgrid = nmt_editor_grid_new ();

	widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Key"), widget, NULL);

	widget = nmt_newt_popup_new (wep_index);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);

	nm_editor_bind_wireless_security_wep_key (s_wsec,
	                                          entry, "password",
	                                          widget, "active",
	                                          G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);

	widget = nmt_newt_popup_new (wep_auth);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);

	nmt_newt_stack_add (stack, "wep-key", subgrid);

	/* wep-passphrase */
	subgrid = nmt_editor_grid_new ();

	widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);

	widget = nmt_newt_popup_new (wep_index);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);

	nm_editor_bind_wireless_security_wep_key (s_wsec,
	                                          entry, "password",
	                                          widget, "active",
	                                          G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);

	widget = nmt_newt_popup_new (wep_auth);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);

	nmt_newt_stack_add (stack, "wep-passphrase", subgrid);

	/* "dynamic-wep" */
	// FIXME
	widget = nmt_newt_label_new (_("(No support for dynamic-wep yet...)"));
	nmt_newt_stack_add (stack, "dynamic-wep", widget);

	/* leap */
	subgrid = nmt_editor_grid_new ();

	widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Username"), widget, NULL);
	g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME,
	                        widget, "text",
	                        G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);

	widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
	g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
	                        widget, "password",
	                        G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
	nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);

	nmt_newt_stack_add (stack, "leap", subgrid);

	nmt_editor_grid_append (grid, NULL, NMT_NEWT_WIDGET (stack), NULL);
	g_object_bind_property (security, "active-id",
	                        stack, "active-id",
	                        G_BINDING_SYNC_CREATE);
	nm_editor_bind_wireless_security_method (conn, s_wsec, security, "active-id",
	                                         G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);

	nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);

	widget = nmt_mac_entry_new (40, ETH_ALEN);
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BSSID,
	                        widget, "mac-address",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_editor_grid_append (grid, _("BSSID"), widget, NULL);

	widget = nmt_mac_entry_new (40, ETH_ALEN);
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS,
	                        widget, "mac-address",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_editor_grid_append (grid, _("Cloned MAC address"), widget, NULL);

	widget = nmt_mtu_entry_new ();
	g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MTU,
	                        widget, "mtu",
	                        G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
	nmt_editor_grid_append (grid, _("MTU"), widget, NULL);

	nmt_editor_page_add_section (NMT_EDITOR_PAGE (wifi), section);

	G_OBJECT_CLASS (nmt_page_wifi_parent_class)->constructed (object);
}
static void
finish_setup (CEPageSecurity *page)
{
        NMConnection *connection = CE_PAGE (page)->connection;
        NMSettingWireless *sw;
        NMSettingWirelessSecurity *sws;
        gboolean is_adhoc = FALSE;
        GtkListStore *sec_model;
        GtkTreeIter iter;
        const gchar *mode;
        const gchar *security;
        guint32 dev_caps = 0;
        NMUtilsSecurityType default_type = NMU_SEC_NONE;
        int active = -1;
        int item = 0;
        GtkComboBox *combo;
        GtkCellRenderer *renderer;

        sw = nm_connection_get_setting_wireless (connection);
        g_assert (sw);

        page->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);

        page->security_heading = GTK_WIDGET (gtk_builder_get_object (CE_PAGE (page)->builder, "heading_sec"));
        page->security_combo = combo = GTK_COMBO_BOX (gtk_builder_get_object (CE_PAGE (page)->builder, "combo_sec"));

        dev_caps =   NM_WIFI_DEVICE_CAP_CIPHER_WEP40
                   | NM_WIFI_DEVICE_CAP_CIPHER_WEP104
                   | NM_WIFI_DEVICE_CAP_CIPHER_TKIP
                   | NM_WIFI_DEVICE_CAP_CIPHER_CCMP
                   | NM_WIFI_DEVICE_CAP_WPA
                   | NM_WIFI_DEVICE_CAP_RSN;

        mode = nm_setting_wireless_get_mode (sw);
        if (mode && !strcmp (mode, "adhoc"))
                is_adhoc = TRUE;
        page->adhoc = is_adhoc;

        sws = nm_connection_get_setting_wireless_security (connection);
        security = nm_setting_wireless_get_security (sw);
        if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0)
                sws = NULL;
        if (sws)
                default_type = get_default_type_for_security (sws);

        sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_g_type (), G_TYPE_BOOLEAN);

        if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                gtk_list_store_insert_with_values (sec_model, &iter, -1,
                                                   S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"),
                                                   S_ADHOC_VALID_COLUMN, TRUE,
                                                   -1);
                if (default_type == NMU_SEC_NONE)
                        active = item;
                item++;
        }

        if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                WirelessSecurityWEPKey *ws_wep;
                NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;

                if (default_type == NMU_SEC_STATIC_WEP) {
                        sws = nm_connection_get_setting_wireless_security (connection);
                        if (sws)
                                wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
                        if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
                                wep_type = NM_WEP_KEY_TYPE_KEY;
                }

                ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
                if (ws_wep) {
                        add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
                                           &iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
                                           TRUE);
                        if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
                                active = item;
                        item++;
                }

                ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
                if (ws_wep) {
                        add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
                                           &iter, _("WEP 128-bit Passphrase"), TRUE);
                        if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
                                active = item;
                        item++;
                }
        }

        if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                WirelessSecurityLEAP *ws_leap;

                ws_leap = ws_leap_new (connection, FALSE);
                if (ws_leap) {
                        add_security_item (page, WIRELESS_SECURITY (ws_leap), sec_model,
                                           &iter, _("LEAP"), FALSE);
                        if ((active < 0) && (default_type == NMU_SEC_LEAP))
                                active = item;
                        item++;
                }
        }

        if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                WirelessSecurityDynamicWEP *ws_dynamic_wep;

                ws_dynamic_wep = ws_dynamic_wep_new (connection, TRUE, FALSE);
                if (ws_dynamic_wep) {
                        add_security_item (page, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
                                           &iter, _("Dynamic WEP (802.1x)"), FALSE);
                        if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
                                active = item;
                        item++;
                }
        }

        if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
            nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                WirelessSecurityWPAPSK *ws_wpa_psk;

                ws_wpa_psk = ws_wpa_psk_new (connection, FALSE);
                if (ws_wpa_psk) {
                        add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
                                           &iter, _("WPA & WPA2 Personal"), FALSE);
                        if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
                                active = item;
                        item++;
                }
        }

        if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
            nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
                WirelessSecurityWPAEAP *ws_wpa_eap;

                ws_wpa_eap = ws_wpa_eap_new (connection, TRUE, FALSE);
                if (ws_wpa_eap) {
                        add_security_item (page, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
                                           &iter, _("WPA & WPA2 Enterprise"), FALSE);
                        if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
                                active = item;
                        item++;
                }
        }

        gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
        gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo));

        renderer = gtk_cell_renderer_text_new ();
        gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (combo), renderer, TRUE);
        gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (combo), renderer, "text", S_NAME_COLUMN, NULL);
        gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (combo), renderer, set_sensitive, &page->adhoc, NULL);

        gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
        g_object_unref (G_OBJECT (sec_model));

        page->security_combo = combo;

        security_combo_changed (combo, page);
        g_signal_connect (combo, "changed",
                          G_CALLBACK (security_combo_changed), page);
}
static void
request_secrets_from_ui (NMSecretAgentSimpleRequest *request)
{
	GPtrArray *secrets;
	NMSecretAgentSimpleSecret *secret;
	const char *title;
	char *msg;
	gboolean ok = TRUE;

	secrets = g_ptr_array_new_with_free_func ((GDestroyNotify) nm_secret_agent_simple_secret_free);

	if (nm_connection_is_type (request->connection, NM_SETTING_WIRELESS_SETTING_NAME)) {
		NMSettingWireless *s_wireless;
		GBytes *ssid;
		char *ssid_utf8;

		s_wireless = nm_connection_get_setting_wireless (request->connection);
		ssid = nm_setting_wireless_get_ssid (s_wireless);
		ssid_utf8 = nm_utils_ssid_to_utf8 (g_bytes_get_data (ssid, NULL),
		                                   g_bytes_get_size (ssid));

		title = _("Authentication required by wireless network");
		msg = g_strdup_printf (_("Passwords or encryption keys are required to access the wireless network '%s'."), ssid_utf8);

		ok = add_wireless_secrets (request, secrets);
	} else if (nm_connection_is_type (request->connection, NM_SETTING_WIRED_SETTING_NAME)) {
		NMSettingConnection *s_con;

		s_con = nm_connection_get_setting_connection (request->connection);

		title = _("Wired 802.1X authentication");
		msg = NULL;

		secret = nm_secret_agent_simple_secret_new (_("Network name"),
		                                            NM_SETTING (s_con),
		                                            NM_SETTING_CONNECTION_ID,
		                                            FALSE);
		g_ptr_array_add (secrets, secret);
		ok = add_8021x_secrets (request, secrets);
	} else if (nm_connection_is_type (request->connection, NM_SETTING_PPPOE_SETTING_NAME)) {
		title = _("DSL authentication");
		msg = NULL;

		ok = add_pppoe_secrets (request, secrets);
	} else if (nm_connection_is_type (request->connection, NM_SETTING_GSM_SETTING_NAME)) {
		NMSettingGsm *s_gsm = nm_connection_get_setting_gsm (request->connection);

		if (strv_has (request->hints, "pin")) {
			title = _("PIN code required");
			msg = g_strdup (_("PIN code is needed for the mobile broadband device"));

			secret = nm_secret_agent_simple_secret_new (_("PIN"),
			                                            NM_SETTING (s_gsm),
			                                            NM_SETTING_GSM_PIN,
			                                            FALSE);
			g_ptr_array_add (secrets, secret);
		} else {
			title = _("Mobile broadband network password");
			msg = g_strdup_printf (_("A password is required to connect to '%s'."),
			                       nm_connection_get_id (request->connection));

			secret = nm_secret_agent_simple_secret_new (_("Password"),
			                                            NM_SETTING (s_gsm),
			                                            NM_SETTING_GSM_PASSWORD,
			                                            TRUE);
			g_ptr_array_add (secrets, secret);
		}
	} else if (nm_connection_is_type (request->connection, NM_SETTING_CDMA_SETTING_NAME)) {
		NMSettingCdma *s_cdma = nm_connection_get_setting_cdma (request->connection);

		title = _("Mobile broadband network password");
		msg = g_strdup_printf (_("A password is required to connect to '%s'."),
		                       nm_connection_get_id (request->connection));

		secret = nm_secret_agent_simple_secret_new (_("Password"),
		                                            NM_SETTING (s_cdma),
		                                            NM_SETTING_CDMA_PASSWORD,
		                                            TRUE);
		g_ptr_array_add (secrets, secret);
	} else if (nm_connection_is_type (request->connection, NM_SETTING_BLUETOOTH_SETTING_NAME)) {
		NMSetting *setting;

		setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_GSM_SETTING_NAME);
		if (!setting)
			setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_CDMA_SETTING_NAME);

		title = _("Mobile broadband network password");
		msg = g_strdup_printf (_("A password is required to connect to '%s'."),
		                       nm_connection_get_id (request->connection));

		secret = nm_secret_agent_simple_secret_new (_("Password"),
		                                            setting,
		                                            "password",
		                                            TRUE);
		g_ptr_array_add (secrets, secret);
	} else
		ok = FALSE;

	if (!ok) {
		g_ptr_array_unref (secrets);
		return;
	}

	g_signal_emit (request->self, signals[REQUEST_SECRETS], 0,
	               request->request_id, title, msg, secrets);
}
Beispiel #20
0
NMAccessPoint *
nm_ap_new_fake_from_connection (NMConnection *connection)
{
	NMAccessPoint *ap;
	NMAccessPointPrivate *priv;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	GBytes *ssid;
	const char *mode, *band, *key_mgmt;
	guint32 channel;
	NM80211ApSecurityFlags flags;
	gboolean psk = FALSE, eap = FALSE;

	g_return_val_if_fail (connection != NULL, NULL);

	s_wireless = nm_connection_get_setting_wireless (connection);
	g_return_val_if_fail (s_wireless != NULL, NULL);

	ssid = nm_setting_wireless_get_ssid (s_wireless);
	g_return_val_if_fail (ssid != NULL, NULL);
	g_return_val_if_fail (g_bytes_get_size (ssid) > 0, NULL);

	ap = (NMAccessPoint *) g_object_new (NM_TYPE_AP, NULL);
	priv = NM_AP_GET_PRIVATE (ap);
	priv->fake = TRUE;
	nm_ap_set_ssid (ap, g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid));

	// FIXME: bssid too?

	mode = nm_setting_wireless_get_mode (s_wireless);
	if (mode) {
		if (!strcmp (mode, "infrastructure"))
			nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
		else if (!strcmp (mode, "adhoc"))
			nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC);
		else if (!strcmp (mode, "ap")) {
			nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
			NM_AP_GET_PRIVATE (ap)->hotspot = TRUE;
		} else
			goto error;
	} else {
		nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
	}

	band = nm_setting_wireless_get_band (s_wireless);
	channel = nm_setting_wireless_get_channel (s_wireless);

	if (band && channel) {
		guint32 freq = nm_utils_wifi_channel_to_freq (channel, band);

		if (freq == 0)
			goto error;

		nm_ap_set_freq (ap, freq);
	}

	s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
	/* Assume presence of a security setting means the AP is encrypted */
	if (!s_wireless_sec)
		goto done;

	key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);

	/* Everything below here uses encryption */
	nm_ap_set_flags (ap, priv->flags | NM_802_11_AP_FLAGS_PRIVACY);

	/* Static & Dynamic WEP */
	if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
		goto done;

	psk = !strcmp (key_mgmt, "wpa-psk");
	eap = !strcmp (key_mgmt, "wpa-eap");
	if (psk || eap) {
		if (has_proto (s_wireless_sec, PROTO_WPA)) {
			flags = priv->wpa_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
			nm_ap_set_wpa_flags (ap, flags);
		}
		if (has_proto (s_wireless_sec, PROTO_RSN)) {
			flags = priv->rsn_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
			nm_ap_set_rsn_flags (ap, flags);
		}

		add_pair_ciphers (ap, s_wireless_sec);
		add_group_ciphers (ap, s_wireless_sec);
	} else if (!strcmp (key_mgmt, "wpa-none")) {
		guint32 i;

		/* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
		 * group=TKIP/CCMP (but not both).
		 */

		flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK;

		/* Clear ciphers; pairwise must be unset anyway, and group gets set below */
		flags &= ~(  NM_802_11_AP_SEC_PAIR_WEP40
		           | NM_802_11_AP_SEC_PAIR_WEP104
		           | NM_802_11_AP_SEC_PAIR_TKIP
		           | NM_802_11_AP_SEC_PAIR_CCMP
		           | NM_802_11_AP_SEC_GROUP_WEP40
		           | NM_802_11_AP_SEC_GROUP_WEP104
		           | NM_802_11_AP_SEC_GROUP_TKIP
		           | NM_802_11_AP_SEC_GROUP_CCMP);

		for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
			if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
				flags |= NM_802_11_AP_SEC_GROUP_CCMP;
				break;
			}
		}

		/* Default to TKIP since not all WPA-capable cards can do CCMP */
		if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
			flags |= NM_802_11_AP_SEC_GROUP_TKIP;

		nm_ap_set_wpa_flags (ap, flags);

		/* Don't use Ad-Hoc RSN yet */
		nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
	}

done:
	return ap;

error:
	g_object_unref (ap);
	return NULL;
}
Beispiel #21
0
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
                        NMConnection *connection)
{
	NMAccessPointPrivate *priv;
	NMSettingWireless *s_wireless;
	NMSettingWirelessSecurity *s_wireless_sec;
	GBytes *ssid;
	const char *mode;
	const char *band;
	const char *bssid;
	guint32 channel;

	g_return_val_if_fail (NM_IS_AP (self), FALSE);
	g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);

	priv = NM_AP_GET_PRIVATE (self);

	s_wireless = nm_connection_get_setting_wireless (connection);
	if (s_wireless == NULL)
		return FALSE;
	
	ssid = nm_setting_wireless_get_ssid (s_wireless);
	if (   (ssid && !priv->ssid)
	    || (priv->ssid && !ssid))
		return FALSE;

	if (   ssid && priv->ssid &&
	    !nm_utils_same_ssid (g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid),
	                         priv->ssid->data, priv->ssid->len,
	                         TRUE))
		return FALSE;

	bssid = nm_setting_wireless_get_bssid (s_wireless);
	if (bssid && (!priv->address || !nm_utils_hwaddr_matches (bssid, -1, priv->address, -1)))
		return FALSE;

	mode = nm_setting_wireless_get_mode (s_wireless);
	if (mode) {
		if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
			return FALSE;
		if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
			return FALSE;
		if (   !strcmp (mode, "ap")
		    && (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
			return FALSE;
	}

	band = nm_setting_wireless_get_band (s_wireless);
	if (band) {
		guint ap_band = freq_to_band (priv->freq);

		if (!strcmp (band, "a") && ap_band != 5)
			return FALSE;
		else if (!strcmp (band, "bg") && ap_band != 2)
			return FALSE;
	}

	channel = nm_setting_wireless_get_channel (s_wireless);
	if (channel) {
		guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);

		if (channel != ap_chan)
			return FALSE;
	}

	s_wireless_sec = nm_connection_get_setting_wireless_security (connection);

	return nm_setting_wireless_ap_security_compatible (s_wireless,
	                                                   s_wireless_sec,
	                                                   priv->flags,
	                                                   priv->wpa_flags,
	                                                   priv->rsn_flags,
	                                                   priv->mode);
}
WirelessSecurityWEPKey *
ws_wep_key_new (NMConnection *connection,
                NMWepKeyType type,
                gboolean adhoc_create,
                gboolean secrets_only)
{
	WirelessSecurity *parent;
	WirelessSecurityWEPKey *sec;
	GtkWidget *widget;
	NMSettingWirelessSecurity *s_wsec = NULL;
	NMSetting *setting = NULL;
	guint8 default_key_idx = 0;
	gboolean is_adhoc = adhoc_create;
	gboolean is_shared_key = FALSE;

	parent = wireless_security_init (sizeof (WirelessSecurityWEPKey),
	                                 validate,
	                                 add_to_size_group,
	                                 fill_connection,
	                                 update_secrets,
	                                 destroy,
	                                 UIDIR "/ws-wep-key.ui",
	                                 "wep_key_notebook",
	                                 "wep_key_entry");
	if (!parent)
		return NULL;

	sec = (WirelessSecurityWEPKey *) parent;
	sec->editing_connection = secrets_only ? FALSE : TRUE;
	sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0;
	sec->type = type;

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
	g_assert (widget);
	gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);

	/* Create password-storage popup menu for password entry under entry's secondary icon */
	if (connection)
		setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
	nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
	                                  FALSE, secrets_only);

	if (connection) {
		NMSettingWireless *s_wireless;
		const char *mode, *auth_alg;

		s_wireless = nm_connection_get_setting_wireless (connection);
		mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL;
		if (mode && !strcmp (mode, "adhoc"))
			is_adhoc = TRUE;

		s_wsec = nm_connection_get_setting_wireless_security (connection);
		if (s_wsec) {
			auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
			if (auth_alg && !strcmp (auth_alg, "shared"))
				is_shared_key = TRUE;
		}
	}

	g_signal_connect (G_OBJECT (widget), "changed",
	                  (GCallback) wireless_security_changed_cb,
	                  sec);
	g_signal_connect (G_OBJECT (widget), "insert-text",
	                  (GCallback) wep_entry_filter_cb,
	                  sec);
	if (sec->type == NM_WEP_KEY_TYPE_KEY)
		gtk_entry_set_max_length (GTK_ENTRY (widget), 26);
	else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE)
		gtk_entry_set_max_length (GTK_ENTRY (widget), 64);

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_combo"));
	if (connection && s_wsec)
		default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec);

	gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx);
	sec->cur_index = default_key_idx;
	g_signal_connect (G_OBJECT (widget), "changed",
	                  (GCallback) key_index_combo_changed_cb,
	                  sec);

	/* Key index is useless with adhoc networks */
	if (is_adhoc || secrets_only) {
		gtk_widget_hide (widget);
		widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_label"));
		gtk_widget_hide (widget);
	}

	/* Fill the key entry with the key for that index */
	if (connection)
		update_secrets (WIRELESS_SECURITY (sec), connection);

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wep"));
	g_assert (widget);
	g_signal_connect (G_OBJECT (widget), "toggled",
	                  (GCallback) show_toggled_cb,
	                  sec);

	widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
	gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0);

	g_signal_connect (G_OBJECT (widget), "changed",
	                  (GCallback) wireless_security_changed_cb,
	                  sec);

	/* Don't show auth method for adhoc (which always uses open-system) or
	 * when in "simple" mode.
	 */
	if (is_adhoc || secrets_only) {
		/* Ad-Hoc connections can't use Shared Key auth */
		if (is_adhoc)
			gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
		gtk_widget_hide (widget);
		widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_label"));
		gtk_widget_hide (widget);
	}

	return sec;
}
Beispiel #23
0
static void
row_activated (GtkListBox *box,
               GtkListBoxRow *row,
               GisNetworkPage *page)
{
  GisNetworkPagePrivate *priv = gis_network_page_get_instance_private (page);
  gchar *object_path;
  GSList *list, *filtered, *l;
  NMConnection *connection;
  NMConnection *connection_to_activate;
  NMSettingWireless *setting;
  const GByteArray *ssid_target;
  const GByteArray *ssid;
  GtkWidget *child;

  if (priv->refreshing)
    return;

  child = gtk_bin_get_child (GTK_BIN (row));
  object_path = g_object_get_data (G_OBJECT (child), "object-path");
  ssid_target = g_object_get_data (G_OBJECT (child), "ssid");

  if (g_strcmp0 (object_path, "ap-other...") == 0) {
    connect_to_hidden_network (page);
    goto out;
  }

  list = nm_remote_settings_list_connections (priv->nm_settings);
  filtered = nm_device_filter_connections (priv->nm_device, list);

  connection_to_activate = NULL;

  for (l = filtered; l; l = l->next) {
    connection = NM_CONNECTION (l->data);
    setting = nm_connection_get_setting_wireless (connection);
    if (!NM_IS_SETTING_WIRELESS (setting))
      continue;

    ssid = nm_setting_wireless_get_ssid (setting);
    if (ssid == NULL)
      continue;

    if (nm_utils_same_ssid (ssid, ssid_target, TRUE)) {
      connection_to_activate = connection;
      break;
    }
  }
  g_slist_free (list);
  g_slist_free (filtered);

  if (connection_to_activate != NULL) {
    nm_client_activate_connection (priv->nm_client,
                                   connection_to_activate,
                                   priv->nm_device, NULL,
                                   connection_activate_cb, page);
    goto out;
  }

  nm_client_add_and_activate_connection (priv->nm_client,
                                         NULL,
                                         priv->nm_device, object_path,
                                         connection_add_activate_cb, page);

 out:
  refresh_wireless_list (page);
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
	NMSettingConnection *s_con;
	NMSettingWireless *s_wifi;
	NMSettingWirelessSecurity *s_wsec;
	const char *ctype;
	const char *hwaddr, *setting_hwaddr;
	NMDeviceWifiCapabilities wifi_caps;
	const char *key_mgmt;

	s_con = nm_connection_get_setting_connection (connection);
	g_assert (s_con);

	ctype = nm_setting_connection_get_connection_type (s_con);
	if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0) {
		g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_NOT_WIFI_CONNECTION,
		             "The connection was not a Wi-Fi connection.");
		return FALSE;
	}

	s_wifi = nm_connection_get_setting_wireless (connection);
	if (!s_wifi) {
		g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_WIFI_CONNECTION,
		             "The connection was not a valid Wi-Fi connection.");
		return FALSE;
	}

	/* Check MAC address */
	hwaddr = nm_device_wifi_get_permanent_hw_address (NM_DEVICE_WIFI (device));
	if (hwaddr) {
		if (!nm_utils_hwaddr_valid (hwaddr, ETH_ALEN)) {
			g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_DEVICE_MAC,
			             "Invalid device MAC address.");
			return FALSE;
		}
		setting_hwaddr = nm_setting_wireless_get_mac_address (s_wifi);
		if (setting_hwaddr && !nm_utils_hwaddr_matches (setting_hwaddr, -1, hwaddr, -1)) {
			g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MAC_MISMATCH,
			             "The MACs of the device and the connection didn't match.");
			return FALSE;
		}
	}

	/* Check device capabilities; we assume all devices can do WEP at least */
	wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));

	s_wsec = nm_connection_get_setting_wireless_security (connection);
	if (s_wsec) {
		/* Connection has security, verify it against the device's capabilities */
		key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
		if (   !g_strcmp0 (key_mgmt, "wpa-none")
		    || !g_strcmp0 (key_mgmt, "wpa-psk")
		    || !g_strcmp0 (key_mgmt, "wpa-eap")) {

			/* Is device only WEP capable? */
			if (!(wifi_caps & WPA_CAPS)) {
				g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_WPA_CAPS,
				             "The device missed WPA capabilities required by the connection.");
				return FALSE;
			}

			/* Make sure WPA2/RSN-only connections don't get chosen for WPA-only cards */
			if (has_proto (s_wsec, "rsn") && !has_proto (s_wsec, "wpa") && !(wifi_caps & RSN_CAPS)) {
				g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_RSN_CAPS,
				             "The device missed WPA2/RSN capabilities required by the connection.");
				return FALSE;
			}
		}
	}

	return NM_DEVICE_CLASS (nm_device_wifi_parent_class)->connection_compatible (device, connection, error);
}
/**
 * nm_access_point_connection_valid:
 * @ap: an #NMAccessPoint to validate @connection against
 * @connection: an #NMConnection to validate against @ap
 *
 * Validates a given connection against a given Wi-Fi access point to ensure that
 * the connection may be activated with that AP.  The connection must match the
 * @ap's SSID, (if given) BSSID, and other attributes like security settings,
 * channel, band, etc.
 *
 * Returns: %TRUE if the connection may be activated with this Wi-Fi AP,
 * %FALSE if it cannot be.
 **/
gboolean
nm_access_point_connection_valid (NMAccessPoint *ap, NMConnection *connection)
{
	NMSettingConnection *s_con;
	NMSettingWireless *s_wifi;
	NMSettingWirelessSecurity *s_wsec;
	const char *ctype, *ap_bssid_str;
	const GByteArray *setting_ssid;
	const GByteArray *ap_ssid;
	const GByteArray *setting_bssid;
	struct ether_addr *ap_bssid;
	const char *setting_mode;
	NM80211Mode ap_mode;
	const char *setting_band;
	guint32 ap_freq, setting_chan, ap_chan;

	s_con = nm_connection_get_setting_connection (connection);
	g_assert (s_con);
	ctype = nm_setting_connection_get_connection_type (s_con);
	if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0)
		return FALSE;

	s_wifi = nm_connection_get_setting_wireless (connection);
	if (!s_wifi)
		return FALSE;

	/* SSID checks */
	ap_ssid = nm_access_point_get_ssid (ap);
	g_warn_if_fail (ap_ssid != NULL);
	setting_ssid = nm_setting_wireless_get_ssid (s_wifi);
	if (!setting_ssid || !ap_ssid || (setting_ssid->len != ap_ssid->len))
		return FALSE;
	if (memcmp (setting_ssid->data, ap_ssid->data, ap_ssid->len) != 0)
		return FALSE;

	/* BSSID checks */
	ap_bssid_str = nm_access_point_get_bssid (ap);
	g_warn_if_fail (ap_bssid_str);
	setting_bssid = nm_setting_wireless_get_bssid (s_wifi);
	if (setting_bssid && ap_bssid_str) {
		g_assert (setting_bssid->len == ETH_ALEN);
		ap_bssid = ether_aton (ap_bssid_str);
		g_warn_if_fail (ap_bssid);
		if (ap_bssid) {
			if (memcmp (ap_bssid->ether_addr_octet, setting_bssid->data, ETH_ALEN) != 0)
				return FALSE;
		}
	}

	/* Mode */
	ap_mode = nm_access_point_get_mode (ap);
	g_warn_if_fail (ap_mode != NM_802_11_MODE_UNKNOWN);
	setting_mode = nm_setting_wireless_get_mode (s_wifi);
	if (setting_mode && ap_mode) {
		if (!strcmp (setting_mode, "infrastructure") && (ap_mode != NM_802_11_MODE_INFRA))
			return FALSE;
		if (!strcmp (setting_mode, "adhoc") && (ap_mode != NM_802_11_MODE_ADHOC))
			return FALSE;
		/* Hotspot never matches against APs as it's a device-specific mode. */
		if (!strcmp (setting_mode, "ap"))
			return FALSE;
	}

	/* Band and Channel/Frequency */
	ap_freq = nm_access_point_get_frequency (ap);
	if (ap_freq) {
		setting_band = nm_setting_wireless_get_band (s_wifi);
		if (g_strcmp0 (setting_band, "a") == 0) {
			if (ap_freq < 4915 || ap_freq > 5825)
				return FALSE;
		} else if (g_strcmp0 (setting_band, "bg") == 0) {
			if (ap_freq < 2412 || ap_freq > 2484)
				return FALSE;
		}

		setting_chan = nm_setting_wireless_get_channel (s_wifi);
		if (setting_chan) {
			ap_chan = nm_utils_wifi_freq_to_channel (ap_freq);
			if (setting_chan != ap_chan)
				return FALSE;
		}
	}

	s_wsec = nm_connection_get_setting_wireless_security (connection);
	if (!nm_setting_wireless_ap_security_compatible (s_wifi,
	                                                 s_wsec,
	                                                 nm_access_point_get_flags (ap),
	                                                 nm_access_point_get_wpa_flags (ap),
	                                                 nm_access_point_get_rsn_flags (ap),
	                                                 ap_mode))
		return FALSE;

	return TRUE;
}