CEPage *
ce_page_wireless_security_new (NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageWirelessSecurity *self;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
const char *security;
s_wireless = nm_connection_get_setting_wireless (connection);
if (!s_wireless) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface; missing WiFi setting."));
return NULL;
}
self = CE_PAGE_WIRELESS_SECURITY (ce_page_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
connection,
parent_window,
client,
UIDIR "/ce-page-wireless-security.ui",
"WirelessSecurityPage",
_("Wireless Security")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface."));
return NULL;
}
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
s_wsec = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wsec = NULL;
if (s_wsec)
default_type = get_default_type_for_security (s_wsec);
/* Get secrets if the connection is not 802.1x enabled */
if ( default_type == NMU_SEC_STATIC_WEP
|| default_type == NMU_SEC_LEAP
|| default_type == NMU_SEC_WPA_PSK
|| default_type == NMU_SEC_WPA2_PSK) {
*out_secrets_setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
/* Or if it is 802.1x enabled */
if ( default_type == NMU_SEC_DYNAMIC_WEP
|| default_type == NMU_SEC_WPA_ENTERPRISE
|| default_type == NMU_SEC_WPA2_ENTERPRISE) {
*out_secrets_setting_name = NM_SETTING_802_1X_SETTING_NAME;
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
return CE_PAGE (self);
}
void
ws_802_1x_fill_connection (WirelessSecurity *sec,
const char *combo_name,
NMConnection *connection)
{
GtkWidget *widget;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x;
EAPMethod *eap = NULL;
GtkTreeModel *model;
GtkTreeIter iter;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old wireless security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
/* Blow away the old 802.1x setting by adding a clear one */
s_8021x = (NMSetting8021x *) nm_setting_802_1x_new ();
nm_connection_add_setting (connection, (NMSetting *) s_8021x);
widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name));
model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget));
gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter);
gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1);
g_assert (eap);
eap_method_fill_connection (eap, connection);
eap_method_unref (eap);
}
const char *
nm_utils_get_shared_wifi_permission (NMConnection *connection)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
const char *method = NULL;
s_ip4 = nm_connection_get_setting_ip4_config (connection);
if (s_ip4)
method = nm_setting_ip4_config_get_method (s_ip4);
if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0)
return NULL; /* Not shared */
s_wifi = nm_connection_get_setting_wireless (connection);
if (s_wifi) {
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (nm_setting_wireless_get_security (s_wifi) || s_wsec)
return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED;
else
return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN;
}
return NULL;
}
/* return value must be freed by caller with g_free() */
static gchar *
get_mac_address_of_connection (NMConnection *connection)
{
const GByteArray *mac = NULL;
if (!connection)
return NULL;
/* check the connection type */
if (nm_connection_is_type (connection,
NM_SETTING_WIRELESS_SETTING_NAME))
{
/* check wireless settings */
NMSettingWireless *s_wireless = nm_connection_get_setting_wireless (connection);
if (!s_wireless)
return NULL;
mac = nm_setting_wireless_get_mac_address (s_wireless);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_WIRED_SETTING_NAME))
{
/* check wired settings */
NMSettingWired *s_wired = nm_connection_get_setting_wired (connection);
if (!s_wired)
return NULL;
mac = nm_setting_wired_get_mac_address (s_wired);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_WIMAX_SETTING_NAME))
{
/* check wimax settings */
NMSettingWimax *s_wimax = nm_connection_get_setting_wimax (connection);
if (!s_wimax)
return NULL;
mac = nm_setting_wimax_get_mac_address (s_wimax);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER);
}
else if (nm_connection_is_type (connection,
NM_SETTING_INFINIBAND_SETTING_NAME))
{
/* check infiniband settings */
NMSettingInfiniband *s_infiniband = \
nm_connection_get_setting_infiniband (connection);
if (!s_infiniband)
return NULL;
mac = nm_setting_infiniband_get_mac_address (s_infiniband);
if (mac)
return nm_utils_hwaddr_ntoa (mac->data,
ARPHRD_INFINIBAND);
}
/* no MAC address found */
return NULL;
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWPAPSK *wpa_psk = (WirelessSecurityWPAPSK *) parent;
GtkWidget *widget, *passwd_entry;
const char *key;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSettingSecretFlags secret_flags;
const char *mode;
gboolean is_adhoc = FALSE;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
/* Blow away the old security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
passwd_entry = widget;
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);
/* Save PSK_FLAGS to the connection */
secret_flags = nma_utils_menu_to_secret_flags (passwd_entry);
nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK,
secret_flags, NULL);
/* Update secret flags and popup when editing the connection */
if (wpa_psk->editing_connection)
nma_utils_update_password_storage (passwd_entry, secret_flags,
NM_SETTING (s_wireless_sec), wpa_psk->password_flags_name);
wireless_security_clear_ciphers (connection);
if (is_adhoc) {
/* Ad-Hoc settings as specified by the supplicant */
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");
/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
* compatible for now. Maybe we'll support selecting CCMP later.
*/
nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
} else {
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
/* Just leave ciphers and protocol empty, the supplicant will
* figure that out magically based on the AP IEs and card capabilities.
*/
}
}
static gboolean
validate (CEPage *page, NMConnection *connection, GError **error)
{
CEPageWirelessSecurity *self = CE_PAGE_WIRELESS_SECURITY (page);
NMSettingWireless *s_wireless;
WirelessSecurity *sec;
gboolean valid = FALSE;
const char *mode;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
/* Kernel Ad-Hoc WPA support is busted; it creates open networks. Disable
* WPA when Ad-Hoc is selected. set_sensitive() will pick up self->adhoc
* and do the right thing.
*/
mode = nm_setting_wireless_get_mode (s_wireless);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
self->adhoc = TRUE;
else
self->adhoc = FALSE;
sec = wireless_security_combo_get_active (self);
if (sec) {
const GByteArray *ssid = nm_setting_wireless_get_ssid (s_wireless);
if (ssid) {
/* FIXME: get failed property and error out of wireless security objects */
valid = wireless_security_validate (sec, ssid);
if (valid)
wireless_security_fill_connection (sec, connection);
else
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Invalid wireless security");
} else {
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Missing SSID");
valid = FALSE;
}
if (self->adhoc) {
if (!wireless_security_adhoc_compatible (sec)) {
g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Security not compatible with Ad-Hoc mode");
valid = FALSE;
}
}
} else {
/* No security, unencrypted */
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NULL, NULL);
nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
valid = TRUE;
}
return valid;
}
static gboolean
validate (CEPage *page,
NMConnection *connection,
GError **error)
{
NMSettingWireless *sw;
NMSettingConnection *sc;
WirelessSecurity *sec;
gboolean valid = FALSE;
const char *mode;
sw = nm_connection_get_setting_wireless (connection);
mode = nm_setting_wireless_get_mode (sw);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
CE_PAGE_SECURITY (page)->adhoc = TRUE;
else
CE_PAGE_SECURITY (page)->adhoc = FALSE;
sec = security_combo_get_active (CE_PAGE_SECURITY (page));
if (sec) {
GBytes *ssid = nm_setting_wireless_get_ssid (sw);
if (ssid) {
/* FIXME: get failed property and error out of wifi security objects */
valid = wireless_security_validate (sec, error);
if (valid)
wireless_security_fill_connection (sec, connection);
} else {
g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_SETTING, "Missing SSID");
valid = FALSE;
}
if (CE_PAGE_SECURITY (page)->adhoc) {
if (!wireless_security_adhoc_compatible (sec)) {
g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_SETTING, "Security not compatible with Ad-Hoc mode");
valid = FALSE;
}
}
wireless_security_unref (sec);
} else {
/* No security, unencrypted */
nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
valid = TRUE;
}
sc = nm_connection_get_setting_connection (connection);
firewall_ui_to_setting (sc, GTK_WIDGET (CE_PAGE_SECURITY (page)->firewall_combo));
return valid;
}
static gboolean
validate (CEPage *page,
NMConnection *connection,
GError **error)
{
NMSettingWireless *sw;
WirelessSecurity *sec;
gboolean valid = FALSE;
const char *mode;
sw = nm_connection_get_setting_wireless (connection);
mode = nm_setting_wireless_get_mode (sw);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0)
CE_PAGE_SECURITY (page)->adhoc = TRUE;
else
CE_PAGE_SECURITY (page)->adhoc = FALSE;
sec = security_combo_get_active (CE_PAGE_SECURITY (page));
if (sec) {
const GByteArray *ssid = nm_setting_wireless_get_ssid (sw);
if (ssid) {
/* FIXME: get failed property and error out of wifi security objects */
valid = wireless_security_validate (sec, ssid);
if (valid)
wireless_security_fill_connection (sec, connection);
else
g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Invalid Wi-Fi security");
} else {
g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Missing SSID");
valid = FALSE;
}
if (CE_PAGE_SECURITY (page)->adhoc) {
if (!wireless_security_adhoc_compatible (sec)) {
g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Security not compatible with Ad-Hoc mode");
valid = FALSE;
}
}
wireless_security_unref (sec);
} else {
/* No security, unencrypted */
g_object_set (sw, NM_SETTING_WIRELESS_SEC, NULL, NULL);
nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X);
valid = TRUE;
}
return valid;
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
GtkWidget *widget;
const char *key;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const char *mode;
gboolean is_adhoc = FALSE;
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old security setting by adding a clear one */
s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
key = gtk_entry_get_text (GTK_ENTRY (widget));
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL);
wireless_security_clear_ciphers (connection);
if (is_adhoc) {
/* Ad-Hoc settings as specified by the supplicant */
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none");
/* Ad-hoc can only have _one_ group cipher... default to TKIP to be more
* compatible for now. Maybe we'll support selecting CCMP later.
*/
nm_setting_wireless_security_add_group (s_wireless_sec, "tkip");
} else {
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
/* Just leave ciphers and protocol empty, the supplicant will
* figure that out magically based on the AP IEs and card capabilities.
*/
}
}
static void
bind_device_to_connection (SCPluginIfupdown *self,
GUdevDevice *device,
NMIfupdownConnection *exported)
{
GByteArray *mac_address;
NMSettingWired *s_wired;
NMSettingWireless *s_wifi;
const char *iface, *address;
iface = g_udev_device_get_name (device);
if (!iface) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to get ifname for device.");
return;
}
address = g_udev_device_get_sysfs_attr (device, "address");
if (!address || !strlen (address)) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to get MAC address for %s", iface);
return;
}
mac_address = nm_utils_hwaddr_atoba (address, ARPHRD_ETHER);
if (!mac_address) {
PLUGIN_WARN ("SCPluginIfupdown", "failed to parse MAC address '%s' for %s",
address, iface);
return;
}
s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
if (s_wired) {
PLUGIN_PRINT ("SCPluginIfupdown", "locking wired connection setting");
g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, mac_address, NULL);
} else if (s_wifi) {
PLUGIN_PRINT ("SCPluginIfupdown", "locking wireless connection setting");
g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, mac_address, NULL);
}
g_byte_array_free (mac_address, TRUE);
nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL);
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
GtkWidget *widget;
gint auth_alg;
const char *key;
int i;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget));
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
key = gtk_entry_get_text (GTK_ENTRY (widget));
strcpy (sec->keys[sec->cur_index], key);
s_wireless = nm_connection_get_setting_wireless (connection);
g_assert (s_wireless);
g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL);
/* Blow away the old security setting by adding a clear one */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, (NMSetting *) s_wsec);
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, sec->cur_index,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, (auth_alg == 1) ? "shared" : "open",
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type,
NULL);
for (i = 0; i < 4; i++) {
if (strlen (sec->keys[i]))
nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]);
}
}
static void
bind_device_to_connection (SettingsPluginIfupdown *self,
GUdevDevice *device,
NMIfupdownConnection *exported)
{
NMSettingWired *s_wired;
NMSettingWireless *s_wifi;
const char *iface, *address;
iface = g_udev_device_get_name (device);
if (!iface) {
nm_log_warn (LOGD_SETTINGS, "failed to get ifname for device.");
return;
}
address = g_udev_device_get_sysfs_attr (device, "address");
if (!address || !strlen (address)) {
nm_log_warn (LOGD_SETTINGS, "failed to get MAC address for %s", iface);
return;
}
if (!nm_utils_hwaddr_valid (address, ETH_ALEN)) {
nm_log_warn (LOGD_SETTINGS, "failed to parse MAC address '%s' for %s",
address, iface);
return;
}
s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported));
s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported));
if (s_wired) {
nm_log_info (LOGD_SETTINGS, "locking wired connection setting");
g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, address, NULL);
} else if (s_wifi) {
nm_log_info (LOGD_SETTINGS, "locking wireless connection setting");
g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, address, NULL);
}
nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), NM_SETTINGS_CONNECTION_COMMIT_REASON_NONE, NULL, NULL);
}
CEPage *
ce_page_wifi_new (NMConnectionEditor *editor,
NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageWifi *self;
CEPageWifiPrivate *priv;
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
self = CE_PAGE_WIFI (ce_page_new (CE_TYPE_PAGE_WIFI,
editor,
connection,
parent_window,
client,
UIDIR "/ce-page-wifi.ui",
"WifiPage",
_("Wi-Fi")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load Wi-Fi user interface."));
return NULL;
}
wifi_private_init (self);
priv = CE_PAGE_WIFI_GET_PRIVATE (self);
priv->setting = nm_connection_get_setting_wireless (connection);
if (!priv->setting) {
priv->setting = NM_SETTING_WIRELESS (nm_setting_wireless_new ());
nm_connection_add_setting (connection, NM_SETTING (priv->setting));
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
return CE_PAGE (self);
}
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
NMConnection *connection)
{
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const char *mode;
const char *band;
const GByteArray *bssid;
guint32 channel;
g_return_val_if_fail (NM_IS_AP (self), FALSE);
g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);
priv = NM_AP_GET_PRIVATE (self);
s_wireless = nm_connection_get_setting_wireless (connection);
if (s_wireless == NULL)
return FALSE;
if (!nm_utils_same_ssid (nm_setting_wireless_get_ssid (s_wireless), priv->ssid, TRUE))
return FALSE;
bssid = nm_setting_wireless_get_bssid (s_wireless);
if (bssid && memcmp (bssid->data, &priv->address, ETH_ALEN))
return FALSE;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
return FALSE;
if ( !strcmp (mode, "ap")
&& (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
return FALSE;
}
band = nm_setting_wireless_get_band (s_wireless);
if (band) {
if (!strcmp (band, "a")) {
if (priv->freq < 4915 || priv->freq > 5825)
return FALSE;
} else if (!strcmp (band, "bg")) {
if (priv->freq < 2412 || priv->freq > 2484)
return FALSE;
}
}
channel = nm_setting_wireless_get_channel (s_wireless);
if (channel) {
guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);
if (channel != ap_chan)
return FALSE;
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
return nm_setting_wireless_ap_security_compatible (s_wireless,
s_wireless_sec,
nm_ap_get_flags (self),
nm_ap_get_wpa_flags (self),
nm_ap_get_rsn_flags (self),
nm_ap_get_mode (self));
}
static void
update_wireless_security_setting_from_if_block(NMConnection *connection,
if_block *block)
{
gint wpa_l= strlen("wpa-");
gint wireless_l= strlen("wireless-");
if_data *curr = block->info;
const gchar* value = ifparser_getkey (block, "inet");
struct _Mapping mapping[] = {
{"psk", "psk"},
{"identity", "leap-username"},
{"password", "leap-password"},
{"key", "wep-key0"},
{"key-mgmt", "key-mgmt"},
{"group", "group"},
{"pairwise", "pairwise"},
{"proto", "proto"},
{"pin", "pin"},
{"wep-key0", "wep-key0"},
{"wep-key1", "wep-key1"},
{"wep-key2", "wep-key2"},
{"wep-key3", "wep-key3"},
{"wep-tx-keyidx", "wep-tx-keyidx"},
{ NULL, NULL}
};
struct _Mapping dupe_mapping[] = {
{"psk", normalize_psk},
{"identity", normalize_dupe},
{"password", normalize_dupe},
{"key", normalize_dupe_wireless_key},
{"key-mgmt", normalize_tolower},
{"group", normalize_tolower},
{"pairwise", normalize_tolower},
{"proto", normalize_tolower},
{"pin", normalize_dupe},
{"wep-key0", normalize_dupe_wireless_key},
{"wep-key1", normalize_dupe_wireless_key},
{"wep-key2", normalize_dupe_wireless_key},
{"wep-key3", normalize_dupe_wireless_key},
{"wep-tx-keyidx", normalize_dupe},
{ NULL, NULL}
};
struct _Mapping type_mapping[] = {
{"group", string_to_glist_of_strings},
{"pairwise", string_to_glist_of_strings},
{"proto", string_to_glist_of_strings},
{"wep-tx-keyidx", string_to_gpointerint},
{ NULL, NULL}
};
struct _Mapping free_type_mapping[] = {
{"group", slist_free_all},
{"pairwise", slist_free_all},
{"proto", slist_free_all},
{ NULL, NULL}
};
NMSettingWirelessSecurity *wireless_security_setting;
NMSettingWireless *s_wireless;
gboolean security = FALSE;
if(value && !strcmp("ppp", value)) {
return;
}
s_wireless = nm_connection_get_setting_wireless(connection);
g_return_if_fail(s_wireless);
nm_log_info (LOGD_SETTINGS, "update wireless security settings (%s).", block->name);
wireless_security_setting =
NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new());
while(curr) {
if(strlen(curr->key) > wireless_l &&
!strncmp("wireless-", curr->key, wireless_l)) {
gchar *property_value = NULL;
gpointer typed_property_value = NULL;
const gchar* newkey = map_by_mapping(mapping, curr->key+wireless_l);
IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wireless_l);
IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wireless_l);
GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wireless_l);
if(!newkey || !dupe_func)
goto next;
property_value = (*dupe_func) (curr->data, connection);
nm_log_info (LOGD_SETTINGS, "setting wireless security key: %s=%s",
newkey, property_value);
if (type_map_func) {
errno = 0;
typed_property_value = (*type_map_func) (property_value);
if(errno)
goto wireless_next;
}
g_object_set(wireless_security_setting,
newkey, typed_property_value ? typed_property_value : property_value,
NULL);
security = TRUE;
wireless_next:
g_free(property_value);
if (typed_property_value && free_func)
(*free_func) (typed_property_value);
} else if(strlen(curr->key) > wpa_l &&
!strncmp("wpa-", curr->key, wpa_l)) {
gchar *property_value = NULL;
gpointer typed_property_value = NULL;
const gchar* newkey = map_by_mapping(mapping, curr->key+wpa_l);
IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wpa_l);
IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wpa_l);
GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wpa_l);
if(!newkey || !dupe_func)
goto next;
property_value = (*dupe_func) (curr->data, connection);
nm_log_info (LOGD_SETTINGS, "setting wpa security key: %s=%s",
newkey,
#ifdef DEBUG_SECRETS
property_value
#else /* DEBUG_SECRETS */
!strcmp("key", newkey) ||
!strcmp("leap-password", newkey) ||
!strcmp("pin", newkey) ||
!strcmp("psk", newkey) ||
!strcmp("wep-key0", newkey) ||
!strcmp("wep-key1", newkey) ||
!strcmp("wep-key2", newkey) ||
!strcmp("wep-key3", newkey) ||
NULL ?
"<omitted>" : property_value
#endif /* DEBUG_SECRETS */
);
if (type_map_func) {
errno = 0;
typed_property_value = (*type_map_func) (property_value);
if(errno)
goto wpa_next;
}
g_object_set(wireless_security_setting,
newkey, typed_property_value ? typed_property_value : property_value,
NULL);
security = TRUE;
wpa_next:
g_free(property_value);
if (free_func && typed_property_value)
(*free_func) (typed_property_value);
}
next:
curr = curr->next;
}
if (security)
nm_connection_add_setting (connection, NM_SETTING (wireless_security_setting));
}
gboolean
nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
const guint8 ap_bssid[ETH_ALEN],
NM80211Mode ap_mode,
guint32 ap_flags,
guint32 ap_wpa_flags,
guint32 ap_rsn_flags,
NMConnection *connection,
gboolean lock_bssid,
GError **error)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
const GByteArray *ssid;
const char *mode, *key_mgmt, *auth_alg, *leap_username;
gboolean adhoc = FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
g_assert (s_wifi);
s_wsec = nm_connection_get_setting_wireless_security (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
/* Fill in missing SSID */
ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!ssid)
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
else if ( ssid->len != ap_ssid->len
|| memcmp (ssid->data, ap_ssid->data, ssid->len)) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
"Setting SSID did not match AP SSID");
return FALSE;
}
if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) {
GByteArray *bssid;
bssid = g_byte_array_sized_new (ETH_ALEN);
g_byte_array_append (bssid, ap_bssid, ETH_ALEN);
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
g_byte_array_free (bssid, TRUE);
}
/* And mode */
mode = nm_setting_wireless_get_mode (s_wifi);
if (mode) {
gboolean valid = FALSE;
/* Make sure the supplied mode matches the AP's */
if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) {
if (ap_mode == NM_802_11_MODE_INFRA)
valid = TRUE;
} else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
if (ap_mode == NM_802_11_MODE_ADHOC)
valid = TRUE;
adhoc = TRUE;
}
if (valid == FALSE) {
g_set_error (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
NM_SETTING_WIRELESS_MODE);
return FALSE;
}
} else {
mode = NM_SETTING_WIRELESS_MODE_INFRA;
if (ap_mode == NM_802_11_MODE_ADHOC) {
mode = NM_SETTING_WIRELESS_MODE_ADHOC;
adhoc = TRUE;
}
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
}
/* Security */
/* Open */
if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
/* Make sure the connection doesn't specify security */
if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"AP is unencrypted but setting specifies security");
return FALSE;
}
return TRUE;
}
/* Everything else requires security */
g_object_set (G_OBJECT (s_wifi),
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
if (!s_wsec) {
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
}
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
leap_username = nm_setting_wireless_security_get_leap_username (s_wsec);
/* Ad-Hoc checks */
if (!verify_adhoc (s_wsec, s_8021x, adhoc, error))
return FALSE;
/* Static WEP, Dynamic WEP, or LEAP */
if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
const char *tag = "WEP";
gboolean is_dynamic_wep = FALSE;
if (!verify_leap (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (leap_username) {
tag = "LEAP";
} else {
/* Static or Dynamic WEP */
if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) {
is_dynamic_wep = TRUE;
tag = "Dynamic WEP";
}
}
/* Nothing WPA-related can be set */
if (!verify_no_wpa (s_wsec, tag, error))
return FALSE;
if (leap_username) {
/* LEAP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
NULL);
} else if (is_dynamic_wep) {
/* Dynamic WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
nm_setting_wireless_security_add_pairwise (s_wsec, "wep40");
nm_setting_wireless_security_add_pairwise (s_wsec, "wep104");
nm_setting_wireless_security_add_group (s_wsec, "wep40");
nm_setting_wireless_security_add_group (s_wsec, "wep104");
if (s_8021x) {
/* Dynamic WEP requires a valid 802.1x setting since we can't
* autocomplete 802.1x.
*/
if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error))
return FALSE;
}
} else {
/* Static WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NULL);
}
return TRUE;
}
/* WPA/RSN */
g_assert (ap_wpa_flags || ap_rsn_flags);
/* Ensure key management is valid for WPA */
if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with non-EAP (original) LEAP or Dynamic WEP");
return FALSE;
}
/* 'shared' auth incompatible with any type of WPA */
if (auth_alg && strcmp (auth_alg, "open")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with Shared Key authentication");
return FALSE;
}
if (!verify_no_wep (s_wsec, "WPA", error))
return FALSE;
if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (adhoc) {
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
/* Ad-Hoc does not support RSN/WPA2 */
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wsec, "none");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
/* 802.1x also requires the client to completely fill in the 8021x
* setting. Since there's so much configuration required for it, there's
* no way it can be automatically completed.
*/
} else if ( (key_mgmt && !strcmp (key_mgmt, "wpa-psk"))
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
} else {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"Failed to determine AP security information");
return FALSE;
}
return TRUE;
}
static void
nmt_page_wifi_constructed (GObject *object)
{
NmtPageWifiPrivate *priv = NMT_PAGE_WIFI_GET_PRIVATE (object);
NmtPageWifi *wifi = NMT_PAGE_WIFI (object);
NmtDeviceEntry *deventry;
NmtEditorSection *section;
NmtEditorGrid *grid;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
NmtNewtWidget *widget, *hbox, *subgrid;
NmtNewtWidget *mode, *band, *security, *entry;
NmtNewtStack *stack;
NMConnection *conn;
conn = nmt_editor_page_get_connection (NMT_EDITOR_PAGE (wifi));
s_wireless = nm_connection_get_setting_wireless (conn);
if (!s_wireless) {
nm_connection_add_setting (conn, nm_setting_wireless_new ());
s_wireless = nm_connection_get_setting_wireless (conn);
}
s_wsec = nm_connection_get_setting_wireless_security (conn);
if (!s_wsec) {
/* It makes things simpler if we always have a
* NMSettingWirelessSecurity; we'll hold a ref on one, and add
* it to and remove it from the connection as needed.
*/
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_setting_wireless_security_new ());
}
priv->s_wsec = g_object_ref_sink (s_wsec);
deventry = nmt_editor_page_device_get_device_entry (NMT_EDITOR_PAGE_DEVICE (object));
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MAC_ADDRESS,
deventry, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
section = nmt_editor_section_new (_("WI-FI"), NULL, TRUE);
grid = nmt_editor_section_get_body (section);
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
g_object_bind_property_full (s_wireless, NM_SETTING_WIRELESS_SSID,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE,
ssid_transform_to_entry,
ssid_transform_from_entry,
s_wireless, NULL);
nmt_editor_grid_append (grid, _("SSID"), widget, NULL);
widget = nmt_newt_popup_new (wifi_mode);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MODE,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Mode"), widget, NULL);
mode = widget;
hbox = nmt_newt_grid_new ();
widget = nmt_newt_popup_new (wifi_band);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BAND,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 0, 0);
band = widget;
widget = nmt_newt_entry_numeric_new (10, 0, 255);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CHANNEL,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 1, 0);
nmt_newt_widget_set_padding (widget, 1, 0, 0, 0);
g_object_bind_property_full (band, "active-id", widget, "visible",
G_BINDING_SYNC_CREATE,
band_transform_to_channel_visibility,
NULL, NULL, NULL);
g_object_bind_property_full (mode, "active-id", hbox, "visible",
G_BINDING_SYNC_CREATE,
mode_transform_to_band_visibility,
NULL, NULL, NULL);
nmt_editor_grid_append (grid, _("Channel"), hbox, NULL);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_newt_popup_new (wifi_security);
nmt_editor_grid_append (grid, _("Security"), widget, NULL);
security = widget;
widget = nmt_newt_stack_new ();
stack = NMT_NEWT_STACK (widget);
/* none */
subgrid = nmt_editor_grid_new ();
nmt_newt_stack_add (stack, "none", subgrid);
/* wpa-personal */
subgrid = nmt_editor_grid_new ();
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "wpa-personal", subgrid);
/* "wpa-enterprise" */
// FIXME
widget = nmt_newt_label_new (_("(No support for wpa-enterprise yet...)"));
nmt_newt_stack_add (stack, "wpa-enterprise", widget);
/* wep-key */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Key"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-key", subgrid);
/* wep-passphrase */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-passphrase", subgrid);
/* "dynamic-wep" */
// FIXME
widget = nmt_newt_label_new (_("(No support for dynamic-wep yet...)"));
nmt_newt_stack_add (stack, "dynamic-wep", widget);
/* leap */
subgrid = nmt_editor_grid_new ();
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Username"), widget, NULL);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME,
widget, "text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "leap", subgrid);
nmt_editor_grid_append (grid, NULL, NMT_NEWT_WIDGET (stack), NULL);
g_object_bind_property (security, "active-id",
stack, "active-id",
G_BINDING_SYNC_CREATE);
nm_editor_bind_wireless_security_method (conn, s_wsec, security, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BSSID,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("BSSID"), widget, NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Cloned MAC address"), widget, NULL);
widget = nmt_mtu_entry_new ();
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MTU,
widget, "mtu",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("MTU"), widget, NULL);
nmt_editor_page_add_section (NMT_EDITOR_PAGE (wifi), section);
G_OBJECT_CLASS (nmt_page_wifi_parent_class)->constructed (object);
}
static void
finish_setup (CEPageSecurity *page)
{
NMConnection *connection = CE_PAGE (page)->connection;
NMSettingWireless *sw;
NMSettingWirelessSecurity *sws;
gboolean is_adhoc = FALSE;
GtkListStore *sec_model;
GtkTreeIter iter;
const gchar *mode;
const gchar *security;
guint32 dev_caps = 0;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
int active = -1;
int item = 0;
GtkComboBox *combo;
GtkCellRenderer *renderer;
sw = nm_connection_get_setting_wireless (connection);
g_assert (sw);
page->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
page->security_heading = GTK_WIDGET (gtk_builder_get_object (CE_PAGE (page)->builder, "heading_sec"));
page->security_combo = combo = GTK_COMBO_BOX (gtk_builder_get_object (CE_PAGE (page)->builder, "combo_sec"));
dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
| NM_WIFI_DEVICE_CAP_CIPHER_WEP104
| NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
mode = nm_setting_wireless_get_mode (sw);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
page->adhoc = is_adhoc;
sws = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (sw);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0)
sws = NULL;
if (sws)
default_type = get_default_type_for_security (sws);
sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_g_type (), G_TYPE_BOOLEAN);
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
gtk_list_store_insert_with_values (sec_model, &iter, -1,
S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"),
S_ADHOC_VALID_COLUMN, TRUE,
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWEPKey *ws_wep;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
if (default_type == NMU_SEC_STATIC_WEP) {
sws = nm_connection_get_setting_wireless_security (connection);
if (sws)
wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"), TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (connection, FALSE);
if (ws_leap) {
add_security_item (page, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (connection, TRUE, FALSE);
if (ws_dynamic_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (connection, FALSE);
if (ws_wpa_psk) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (connection, TRUE, FALSE);
if (ws_wpa_eap) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo));
renderer = gtk_cell_renderer_text_new ();
gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (combo), renderer, TRUE);
gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (combo), renderer, "text", S_NAME_COLUMN, NULL);
gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (combo), renderer, set_sensitive, &page->adhoc, NULL);
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
page->security_combo = combo;
security_combo_changed (combo, page);
g_signal_connect (combo, "changed",
G_CALLBACK (security_combo_changed), page);
}
static void
request_secrets_from_ui (NMSecretAgentSimpleRequest *request)
{
GPtrArray *secrets;
NMSecretAgentSimpleSecret *secret;
const char *title;
char *msg;
gboolean ok = TRUE;
secrets = g_ptr_array_new_with_free_func ((GDestroyNotify) nm_secret_agent_simple_secret_free);
if (nm_connection_is_type (request->connection, NM_SETTING_WIRELESS_SETTING_NAME)) {
NMSettingWireless *s_wireless;
GBytes *ssid;
char *ssid_utf8;
s_wireless = nm_connection_get_setting_wireless (request->connection);
ssid = nm_setting_wireless_get_ssid (s_wireless);
ssid_utf8 = nm_utils_ssid_to_utf8 (g_bytes_get_data (ssid, NULL),
g_bytes_get_size (ssid));
title = _("Authentication required by wireless network");
msg = g_strdup_printf (_("Passwords or encryption keys are required to access the wireless network '%s'."), ssid_utf8);
ok = add_wireless_secrets (request, secrets);
} else if (nm_connection_is_type (request->connection, NM_SETTING_WIRED_SETTING_NAME)) {
NMSettingConnection *s_con;
s_con = nm_connection_get_setting_connection (request->connection);
title = _("Wired 802.1X authentication");
msg = NULL;
secret = nm_secret_agent_simple_secret_new (_("Network name"),
NM_SETTING (s_con),
NM_SETTING_CONNECTION_ID,
FALSE);
g_ptr_array_add (secrets, secret);
ok = add_8021x_secrets (request, secrets);
} else if (nm_connection_is_type (request->connection, NM_SETTING_PPPOE_SETTING_NAME)) {
title = _("DSL authentication");
msg = NULL;
ok = add_pppoe_secrets (request, secrets);
} else if (nm_connection_is_type (request->connection, NM_SETTING_GSM_SETTING_NAME)) {
NMSettingGsm *s_gsm = nm_connection_get_setting_gsm (request->connection);
if (strv_has (request->hints, "pin")) {
title = _("PIN code required");
msg = g_strdup (_("PIN code is needed for the mobile broadband device"));
secret = nm_secret_agent_simple_secret_new (_("PIN"),
NM_SETTING (s_gsm),
NM_SETTING_GSM_PIN,
FALSE);
g_ptr_array_add (secrets, secret);
} else {
title = _("Mobile broadband network password");
msg = g_strdup_printf (_("A password is required to connect to '%s'."),
nm_connection_get_id (request->connection));
secret = nm_secret_agent_simple_secret_new (_("Password"),
NM_SETTING (s_gsm),
NM_SETTING_GSM_PASSWORD,
TRUE);
g_ptr_array_add (secrets, secret);
}
} else if (nm_connection_is_type (request->connection, NM_SETTING_CDMA_SETTING_NAME)) {
NMSettingCdma *s_cdma = nm_connection_get_setting_cdma (request->connection);
title = _("Mobile broadband network password");
msg = g_strdup_printf (_("A password is required to connect to '%s'."),
nm_connection_get_id (request->connection));
secret = nm_secret_agent_simple_secret_new (_("Password"),
NM_SETTING (s_cdma),
NM_SETTING_CDMA_PASSWORD,
TRUE);
g_ptr_array_add (secrets, secret);
} else if (nm_connection_is_type (request->connection, NM_SETTING_BLUETOOTH_SETTING_NAME)) {
NMSetting *setting;
setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_GSM_SETTING_NAME);
if (!setting)
setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_CDMA_SETTING_NAME);
title = _("Mobile broadband network password");
msg = g_strdup_printf (_("A password is required to connect to '%s'."),
nm_connection_get_id (request->connection));
secret = nm_secret_agent_simple_secret_new (_("Password"),
setting,
"password",
TRUE);
g_ptr_array_add (secrets, secret);
} else
ok = FALSE;
if (!ok) {
g_ptr_array_unref (secrets);
return;
}
g_signal_emit (request->self, signals[REQUEST_SECRETS], 0,
request->request_id, title, msg, secrets);
}
NMAccessPoint *
nm_ap_new_fake_from_connection (NMConnection *connection)
{
NMAccessPoint *ap;
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
GBytes *ssid;
const char *mode, *band, *key_mgmt;
guint32 channel;
NM80211ApSecurityFlags flags;
gboolean psk = FALSE, eap = FALSE;
g_return_val_if_fail (connection != NULL, NULL);
s_wireless = nm_connection_get_setting_wireless (connection);
g_return_val_if_fail (s_wireless != NULL, NULL);
ssid = nm_setting_wireless_get_ssid (s_wireless);
g_return_val_if_fail (ssid != NULL, NULL);
g_return_val_if_fail (g_bytes_get_size (ssid) > 0, NULL);
ap = (NMAccessPoint *) g_object_new (NM_TYPE_AP, NULL);
priv = NM_AP_GET_PRIVATE (ap);
priv->fake = TRUE;
nm_ap_set_ssid (ap, g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid));
// FIXME: bssid too?
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure"))
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
else if (!strcmp (mode, "adhoc"))
nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC);
else if (!strcmp (mode, "ap")) {
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
NM_AP_GET_PRIVATE (ap)->hotspot = TRUE;
} else
goto error;
} else {
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
}
band = nm_setting_wireless_get_band (s_wireless);
channel = nm_setting_wireless_get_channel (s_wireless);
if (band && channel) {
guint32 freq = nm_utils_wifi_channel_to_freq (channel, band);
if (freq == 0)
goto error;
nm_ap_set_freq (ap, freq);
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
/* Assume presence of a security setting means the AP is encrypted */
if (!s_wireless_sec)
goto done;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
/* Everything below here uses encryption */
nm_ap_set_flags (ap, priv->flags | NM_802_11_AP_FLAGS_PRIVACY);
/* Static & Dynamic WEP */
if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
goto done;
psk = !strcmp (key_mgmt, "wpa-psk");
eap = !strcmp (key_mgmt, "wpa-eap");
if (psk || eap) {
if (has_proto (s_wireless_sec, PROTO_WPA)) {
flags = priv->wpa_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
nm_ap_set_wpa_flags (ap, flags);
}
if (has_proto (s_wireless_sec, PROTO_RSN)) {
flags = priv->rsn_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
nm_ap_set_rsn_flags (ap, flags);
}
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
} else if (!strcmp (key_mgmt, "wpa-none")) {
guint32 i;
/* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
* group=TKIP/CCMP (but not both).
*/
flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK;
/* Clear ciphers; pairwise must be unset anyway, and group gets set below */
flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
| NM_802_11_AP_SEC_PAIR_WEP104
| NM_802_11_AP_SEC_PAIR_TKIP
| NM_802_11_AP_SEC_PAIR_CCMP
| NM_802_11_AP_SEC_GROUP_WEP40
| NM_802_11_AP_SEC_GROUP_WEP104
| NM_802_11_AP_SEC_GROUP_TKIP
| NM_802_11_AP_SEC_GROUP_CCMP);
for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
flags |= NM_802_11_AP_SEC_GROUP_CCMP;
break;
}
}
/* Default to TKIP since not all WPA-capable cards can do CCMP */
if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
flags |= NM_802_11_AP_SEC_GROUP_TKIP;
nm_ap_set_wpa_flags (ap, flags);
/* Don't use Ad-Hoc RSN yet */
nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
}
done:
return ap;
error:
g_object_unref (ap);
return NULL;
}
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
NMConnection *connection)
{
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
GBytes *ssid;
const char *mode;
const char *band;
const char *bssid;
guint32 channel;
g_return_val_if_fail (NM_IS_AP (self), FALSE);
g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);
priv = NM_AP_GET_PRIVATE (self);
s_wireless = nm_connection_get_setting_wireless (connection);
if (s_wireless == NULL)
return FALSE;
ssid = nm_setting_wireless_get_ssid (s_wireless);
if ( (ssid && !priv->ssid)
|| (priv->ssid && !ssid))
return FALSE;
if ( ssid && priv->ssid &&
!nm_utils_same_ssid (g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid),
priv->ssid->data, priv->ssid->len,
TRUE))
return FALSE;
bssid = nm_setting_wireless_get_bssid (s_wireless);
if (bssid && (!priv->address || !nm_utils_hwaddr_matches (bssid, -1, priv->address, -1)))
return FALSE;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
return FALSE;
if ( !strcmp (mode, "ap")
&& (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
return FALSE;
}
band = nm_setting_wireless_get_band (s_wireless);
if (band) {
guint ap_band = freq_to_band (priv->freq);
if (!strcmp (band, "a") && ap_band != 5)
return FALSE;
else if (!strcmp (band, "bg") && ap_band != 2)
return FALSE;
}
channel = nm_setting_wireless_get_channel (s_wireless);
if (channel) {
guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);
if (channel != ap_chan)
return FALSE;
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
return nm_setting_wireless_ap_security_compatible (s_wireless,
s_wireless_sec,
priv->flags,
priv->wpa_flags,
priv->rsn_flags,
priv->mode);
}
WirelessSecurityWEPKey *
ws_wep_key_new (NMConnection *connection,
NMWepKeyType type,
gboolean adhoc_create,
gboolean secrets_only)
{
WirelessSecurity *parent;
WirelessSecurityWEPKey *sec;
GtkWidget *widget;
NMSettingWirelessSecurity *s_wsec = NULL;
NMSetting *setting = NULL;
guint8 default_key_idx = 0;
gboolean is_adhoc = adhoc_create;
gboolean is_shared_key = FALSE;
parent = wireless_security_init (sizeof (WirelessSecurityWEPKey),
validate,
add_to_size_group,
fill_connection,
update_secrets,
destroy,
UIDIR "/ws-wep-key.ui",
"wep_key_notebook",
"wep_key_entry");
if (!parent)
return NULL;
sec = (WirelessSecurityWEPKey *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0;
sec->type = type;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
g_assert (widget);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
FALSE, secrets_only);
if (connection) {
NMSettingWireless *s_wireless;
const char *mode, *auth_alg;
s_wireless = nm_connection_get_setting_wireless (connection);
mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL;
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (s_wsec) {
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (auth_alg && !strcmp (auth_alg, "shared"))
is_shared_key = TRUE;
}
}
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
g_signal_connect (G_OBJECT (widget), "insert-text",
(GCallback) wep_entry_filter_cb,
sec);
if (sec->type == NM_WEP_KEY_TYPE_KEY)
gtk_entry_set_max_length (GTK_ENTRY (widget), 26);
else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE)
gtk_entry_set_max_length (GTK_ENTRY (widget), 64);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_combo"));
if (connection && s_wsec)
default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec);
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx);
sec->cur_index = default_key_idx;
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) key_index_combo_changed_cb,
sec);
/* Key index is useless with adhoc networks */
if (is_adhoc || secrets_only) {
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_label"));
gtk_widget_hide (widget);
}
/* Fill the key entry with the key for that index */
if (connection)
update_secrets (WIRELESS_SECURITY (sec), connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wep"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
/* Don't show auth method for adhoc (which always uses open-system) or
* when in "simple" mode.
*/
if (is_adhoc || secrets_only) {
/* Ad-Hoc connections can't use Shared Key auth */
if (is_adhoc)
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_label"));
gtk_widget_hide (widget);
}
return sec;
}
static void
row_activated (GtkListBox *box,
GtkListBoxRow *row,
GisNetworkPage *page)
{
GisNetworkPagePrivate *priv = gis_network_page_get_instance_private (page);
gchar *object_path;
GSList *list, *filtered, *l;
NMConnection *connection;
NMConnection *connection_to_activate;
NMSettingWireless *setting;
const GByteArray *ssid_target;
const GByteArray *ssid;
GtkWidget *child;
if (priv->refreshing)
return;
child = gtk_bin_get_child (GTK_BIN (row));
object_path = g_object_get_data (G_OBJECT (child), "object-path");
ssid_target = g_object_get_data (G_OBJECT (child), "ssid");
if (g_strcmp0 (object_path, "ap-other...") == 0) {
connect_to_hidden_network (page);
goto out;
}
list = nm_remote_settings_list_connections (priv->nm_settings);
filtered = nm_device_filter_connections (priv->nm_device, list);
connection_to_activate = NULL;
for (l = filtered; l; l = l->next) {
connection = NM_CONNECTION (l->data);
setting = nm_connection_get_setting_wireless (connection);
if (!NM_IS_SETTING_WIRELESS (setting))
continue;
ssid = nm_setting_wireless_get_ssid (setting);
if (ssid == NULL)
continue;
if (nm_utils_same_ssid (ssid, ssid_target, TRUE)) {
connection_to_activate = connection;
break;
}
}
g_slist_free (list);
g_slist_free (filtered);
if (connection_to_activate != NULL) {
nm_client_activate_connection (priv->nm_client,
connection_to_activate,
priv->nm_device, NULL,
connection_activate_cb, page);
goto out;
}
nm_client_add_and_activate_connection (priv->nm_client,
NULL,
priv->nm_device, object_path,
connection_add_activate_cb, page);
out:
refresh_wireless_list (page);
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *ctype;
const char *hwaddr, *setting_hwaddr;
NMDeviceWifiCapabilities wifi_caps;
const char *key_mgmt;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_NOT_WIFI_CONNECTION,
"The connection was not a Wi-Fi connection.");
return FALSE;
}
s_wifi = nm_connection_get_setting_wireless (connection);
if (!s_wifi) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_WIFI_CONNECTION,
"The connection was not a valid Wi-Fi connection.");
return FALSE;
}
/* Check MAC address */
hwaddr = nm_device_wifi_get_permanent_hw_address (NM_DEVICE_WIFI (device));
if (hwaddr) {
if (!nm_utils_hwaddr_valid (hwaddr, ETH_ALEN)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_DEVICE_MAC,
"Invalid device MAC address.");
return FALSE;
}
setting_hwaddr = nm_setting_wireless_get_mac_address (s_wifi);
if (setting_hwaddr && !nm_utils_hwaddr_matches (setting_hwaddr, -1, hwaddr, -1)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MAC_MISMATCH,
"The MACs of the device and the connection didn't match.");
return FALSE;
}
}
/* Check device capabilities; we assume all devices can do WEP at least */
wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (s_wsec) {
/* Connection has security, verify it against the device's capabilities */
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
if ( !g_strcmp0 (key_mgmt, "wpa-none")
|| !g_strcmp0 (key_mgmt, "wpa-psk")
|| !g_strcmp0 (key_mgmt, "wpa-eap")) {
/* Is device only WEP capable? */
if (!(wifi_caps & WPA_CAPS)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_WPA_CAPS,
"The device missed WPA capabilities required by the connection.");
return FALSE;
}
/* Make sure WPA2/RSN-only connections don't get chosen for WPA-only cards */
if (has_proto (s_wsec, "rsn") && !has_proto (s_wsec, "wpa") && !(wifi_caps & RSN_CAPS)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_RSN_CAPS,
"The device missed WPA2/RSN capabilities required by the connection.");
return FALSE;
}
}
}
return NM_DEVICE_CLASS (nm_device_wifi_parent_class)->connection_compatible (device, connection, error);
}
/**
* nm_access_point_connection_valid:
* @ap: an #NMAccessPoint to validate @connection against
* @connection: an #NMConnection to validate against @ap
*
* Validates a given connection against a given Wi-Fi access point to ensure that
* the connection may be activated with that AP. The connection must match the
* @ap's SSID, (if given) BSSID, and other attributes like security settings,
* channel, band, etc.
*
* Returns: %TRUE if the connection may be activated with this Wi-Fi AP,
* %FALSE if it cannot be.
**/
gboolean
nm_access_point_connection_valid (NMAccessPoint *ap, NMConnection *connection)
{
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *ctype, *ap_bssid_str;
const GByteArray *setting_ssid;
const GByteArray *ap_ssid;
const GByteArray *setting_bssid;
struct ether_addr *ap_bssid;
const char *setting_mode;
NM80211Mode ap_mode;
const char *setting_band;
guint32 ap_freq, setting_chan, ap_chan;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0)
return FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
if (!s_wifi)
return FALSE;
/* SSID checks */
ap_ssid = nm_access_point_get_ssid (ap);
g_warn_if_fail (ap_ssid != NULL);
setting_ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!setting_ssid || !ap_ssid || (setting_ssid->len != ap_ssid->len))
return FALSE;
if (memcmp (setting_ssid->data, ap_ssid->data, ap_ssid->len) != 0)
return FALSE;
/* BSSID checks */
ap_bssid_str = nm_access_point_get_bssid (ap);
g_warn_if_fail (ap_bssid_str);
setting_bssid = nm_setting_wireless_get_bssid (s_wifi);
if (setting_bssid && ap_bssid_str) {
g_assert (setting_bssid->len == ETH_ALEN);
ap_bssid = ether_aton (ap_bssid_str);
g_warn_if_fail (ap_bssid);
if (ap_bssid) {
if (memcmp (ap_bssid->ether_addr_octet, setting_bssid->data, ETH_ALEN) != 0)
return FALSE;
}
}
/* Mode */
ap_mode = nm_access_point_get_mode (ap);
g_warn_if_fail (ap_mode != NM_802_11_MODE_UNKNOWN);
setting_mode = nm_setting_wireless_get_mode (s_wifi);
if (setting_mode && ap_mode) {
if (!strcmp (setting_mode, "infrastructure") && (ap_mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (setting_mode, "adhoc") && (ap_mode != NM_802_11_MODE_ADHOC))
return FALSE;
/* Hotspot never matches against APs as it's a device-specific mode. */
if (!strcmp (setting_mode, "ap"))
return FALSE;
}
/* Band and Channel/Frequency */
ap_freq = nm_access_point_get_frequency (ap);
if (ap_freq) {
setting_band = nm_setting_wireless_get_band (s_wifi);
if (g_strcmp0 (setting_band, "a") == 0) {
if (ap_freq < 4915 || ap_freq > 5825)
return FALSE;
} else if (g_strcmp0 (setting_band, "bg") == 0) {
if (ap_freq < 2412 || ap_freq > 2484)
return FALSE;
}
setting_chan = nm_setting_wireless_get_channel (s_wifi);
if (setting_chan) {
ap_chan = nm_utils_wifi_freq_to_channel (ap_freq);
if (setting_chan != ap_chan)
return FALSE;
}
}
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (!nm_setting_wireless_ap_security_compatible (s_wifi,
s_wsec,
nm_access_point_get_flags (ap),
nm_access_point_get_wpa_flags (ap),
nm_access_point_get_rsn_flags (ap),
ap_mode))
return FALSE;
return TRUE;
}