/**
* nm_setting_wireless_get_mtu:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:mtu property of the setting
**/
guint32
nm_setting_wireless_get_mtu (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), 0);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->mtu;
}
/**
* nm_setting_wireless_get_hidden:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:hidden property of the setting
**/
gboolean
nm_setting_wireless_get_hidden (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), FALSE);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->hidden;
}
/**
* nm_setting_wireless_get_mac_address_blacklist:
* @setting: the #NMSettingWireless
*
* Returns: (element-type GLib.ByteArray): the
* #NMSettingWireless:mac-address-blacklist property of the setting
**/
const GSList *
nm_setting_wireless_get_mac_address_blacklist (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->mac_address_blacklist;
}
/**
* nm_setting_wireless_add_seen_bssid:
* @setting: the #NMSettingWireless
* @bssid: the new BSSID to add to the list
*
* Adds a new Wi-Fi AP's BSSID to the previously seen BSSID list of the setting.
* NetworkManager now tracks previously seen BSSIDs internally so this function
* no longer has much use. Actually, changes you make using this function will
* not be preserved.
*
* Returns: %TRUE if @bssid was already known, %FALSE if not
**/
gboolean
nm_setting_wireless_add_seen_bssid (NMSettingWireless *setting,
const char *bssid)
{
NMSettingWirelessPrivate *priv;
char *lower_bssid;
GSList *iter;
gboolean found = FALSE;
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), FALSE);
g_return_val_if_fail (bssid != NULL, FALSE);
lower_bssid = g_ascii_strdown (bssid, -1);
if (!lower_bssid)
return FALSE;
priv = NM_SETTING_WIRELESS_GET_PRIVATE (setting);
for (iter = priv->seen_bssids; iter; iter = iter->next) {
if (!strcmp ((char *) iter->data, lower_bssid)) {
found = TRUE;
break;
}
}
if (!found) {
priv->seen_bssids = g_slist_prepend (priv->seen_bssids, lower_bssid);
g_object_notify (G_OBJECT (setting), NM_SETTING_WIRELESS_SEEN_BSSIDS);
} else
g_free (lower_bssid);
return !found;
}
/**
* nm_setting_wireless_get_num_mac_blacklist_items:
* @setting: the #NMSettingWireless
*
* Returns: the number of blacklisted MAC addresses
*
* Since: 0.9.10
**/
guint32
nm_setting_wireless_get_num_mac_blacklist_items (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), 0);
return g_slist_length (NM_SETTING_WIRELESS_GET_PRIVATE (setting)->mac_address_blacklist);
}
/**
* nm_setting_wireless_get_cloned_mac_address:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:cloned-mac-address property of the setting
**/
const GByteArray *
nm_setting_wireless_get_cloned_mac_address (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->cloned_mac_address;
}
/**
* nm_setting_wireless_get_bssid:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:bssid property of the setting
**/
const GByteArray *
nm_setting_wireless_get_bssid (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->bssid;
}
/**
* nm_setting_wireless_get_num_seen_bssids:
* @setting: the #NMSettingWireless
*
* Returns: the number of BSSIDs in the previously seen BSSID list
**/
guint32
nm_setting_wireless_get_num_seen_bssids (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), 0);
return g_slist_length (NM_SETTING_WIRELESS_GET_PRIVATE (setting)->seen_bssids);
}
/**
* nm_setting_wireless_get_security:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:security property of the setting
*
* Deprecated: 0.9.10: No longer used. Security rescrictions are recognized by
* the presence of NM_SETTING_WIRELESS_SECURITY_SETTING_NAME in the connection.
**/
const char *
nm_setting_wireless_get_security (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->security;
}
/**
* nm_setting_wireless_get_seen_bssid:
* @setting: the #NMSettingWireless
* @i: index of a BSSID in the previously seen BSSID list
*
* Returns: the BSSID at index @i
**/
const char *
nm_setting_wireless_get_seen_bssid (NMSettingWireless *setting,
guint32 i)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
return (const char *) g_slist_nth_data (NM_SETTING_WIRELESS_GET_PRIVATE (setting)->seen_bssids, i);
}
/**
* nm_setting_wireless_clear_mac_blacklist_items:
* @setting: the #NMSettingWireless
*
* Removes all blacklisted MAC addresses.
*
* Since: 0.9.10
**/
void
nm_setting_wireless_clear_mac_blacklist_items (NMSettingWireless *setting)
{
g_return_if_fail (NM_IS_SETTING_WIRELESS (setting));
g_slist_free_full (NM_SETTING_WIRELESS_GET_PRIVATE (setting)->mac_address_blacklist, g_free);
NM_SETTING_WIRELESS_GET_PRIVATE (setting)->mac_address_blacklist = NULL;
g_object_notify (G_OBJECT (setting), NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST);
}
/**
* nm_setting_wireless_get_mac_blacklist_item:
* @setting: the #NMSettingWireless
* @idx: the zero-based index of the MAC address entry
*
* Returns: the blacklisted MAC address string (hex-digits-and-colons notation)
* at index @idx
*
* Since: 0.9.10
**/
const char *
nm_setting_wireless_get_mac_blacklist_item (NMSettingWireless *setting, guint32 idx)
{
NMSettingWirelessPrivate *priv;
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NULL);
priv = NM_SETTING_WIRELESS_GET_PRIVATE (setting);
g_return_val_if_fail (idx <= g_slist_length (priv->mac_address_blacklist), NULL);
return (const char *) g_slist_nth_data (priv->mac_address_blacklist, idx);
}
/**
* nm_setting_wireless_remove_mac_blacklist_item:
* @setting: the #NMSettingWireless
* @idx: index number of the MAC address
*
* Removes the MAC address at index @idx from the blacklist.
*
* Since: 0.9.10
**/
void
nm_setting_wireless_remove_mac_blacklist_item (NMSettingWireless *setting, guint32 idx)
{
NMSettingWirelessPrivate *priv;
GSList *elt;
g_return_if_fail (NM_IS_SETTING_WIRELESS (setting));
priv = NM_SETTING_WIRELESS_GET_PRIVATE (setting);
elt = g_slist_nth (priv->mac_address_blacklist, idx);
g_return_if_fail (elt != NULL);
g_free (elt->data);
priv->mac_address_blacklist = g_slist_delete_link (priv->mac_address_blacklist, elt);
g_object_notify (G_OBJECT (setting), NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST);
}
static gboolean
is_connection_always_ask (NMConnection *connection)
{
NMSettingConnection *s_con;
const char *ctype;
NMSetting *setting;
/* For the given connection type, check if the secrets for that connection
* are always-ask or not.
*/
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
setting = nm_connection_get_setting_by_name (connection, ctype);
g_return_val_if_fail (setting != NULL, FALSE);
if (has_always_ask (setting))
return TRUE;
/* Try type-specific settings too; be a bit paranoid and only consider
* secrets from settings relevant to the connection type.
*/
if (NM_IS_SETTING_WIRELESS (setting)) {
setting = nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
if (setting && has_always_ask (setting))
return TRUE;
setting = nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (setting && has_always_ask (setting))
return TRUE;
} else if (NM_IS_SETTING_WIRED (setting)) {
setting = nm_connection_get_setting (connection, NM_TYPE_SETTING_PPPOE);
if (setting && has_always_ask (setting))
return TRUE;
setting = nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (setting && has_always_ask (setting))
return TRUE;
}
return FALSE;
}
/**
* nm_setting_wireless_remove_mac_blacklist_item_by_value:
* @setting: the #NMSettingWireless
* @mac: the MAC address string (hex-digits-and-colons notation) to remove from
* the blacklist
*
* Removes the MAC address @mac from the blacklist.
*
* Returns: %TRUE if the MAC address was found and removed; %FALSE if it was not.
*
* Since: 0.9.10
**/
gboolean
nm_setting_wireless_remove_mac_blacklist_item_by_value (NMSettingWireless *setting, const char *mac)
{
NMSettingWirelessPrivate *priv;
GSList *iter;
guint8 buf[32];
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), FALSE);
g_return_val_if_fail (mac != NULL, FALSE);
if (!nm_utils_hwaddr_aton (mac, ARPHRD_ETHER, buf))
return FALSE;
priv = NM_SETTING_WIRELESS_GET_PRIVATE (setting);
for (iter = priv->mac_address_blacklist; iter; iter = g_slist_next (iter)) {
if (!strcasecmp (mac, (char *) iter->data)) {
priv->mac_address_blacklist = g_slist_delete_link (priv->mac_address_blacklist, iter);
g_object_notify (G_OBJECT (setting), NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST);
return TRUE;
}
}
return FALSE;
}
static void
row_activated (GtkListBox *box,
GtkListBoxRow *row,
GisNetworkPage *page)
{
GisNetworkPagePrivate *priv = gis_network_page_get_instance_private (page);
gchar *object_path;
GSList *list, *filtered, *l;
NMConnection *connection;
NMConnection *connection_to_activate;
NMSettingWireless *setting;
const GByteArray *ssid_target;
const GByteArray *ssid;
GtkWidget *child;
if (priv->refreshing)
return;
child = gtk_bin_get_child (GTK_BIN (row));
object_path = g_object_get_data (G_OBJECT (child), "object-path");
ssid_target = g_object_get_data (G_OBJECT (child), "ssid");
if (g_strcmp0 (object_path, "ap-other...") == 0) {
connect_to_hidden_network (page);
goto out;
}
list = nm_remote_settings_list_connections (priv->nm_settings);
filtered = nm_device_filter_connections (priv->nm_device, list);
connection_to_activate = NULL;
for (l = filtered; l; l = l->next) {
connection = NM_CONNECTION (l->data);
setting = nm_connection_get_setting_wireless (connection);
if (!NM_IS_SETTING_WIRELESS (setting))
continue;
ssid = nm_setting_wireless_get_ssid (setting);
if (ssid == NULL)
continue;
if (nm_utils_same_ssid (ssid, ssid_target, TRUE)) {
connection_to_activate = connection;
break;
}
}
g_slist_free (list);
g_slist_free (filtered);
if (connection_to_activate != NULL) {
nm_client_activate_connection (priv->nm_client,
connection_to_activate,
priv->nm_device, NULL,
connection_activate_cb, page);
goto out;
}
nm_client_add_and_activate_connection (priv->nm_client,
NULL,
priv->nm_device, object_path,
connection_add_activate_cb, page);
out:
refresh_wireless_list (page);
}
/**
* nm_setting_wireless_ap_security_compatible:
* @s_wireless: a #NMSettingWireless
* @s_wireless_sec: a #NMSettingWirelessSecurity or %NULL
* @ap_flags: the %NM80211ApFlags of the given access point
* @ap_wpa: the %NM80211ApSecurityFlags of the given access point's WPA
* capabilities
* @ap_rsn: the %NM80211ApSecurityFlags of the given access point's WPA2/RSN
* capabilities
* @ap_mode: the 802.11 mode of the AP, either Ad-Hoc or Infrastructure
*
* Given a #NMSettingWireless and an optional #NMSettingWirelessSecurity,
* determine if the configuration given by the settings is compatible with
* the security of an access point using that access point's capability flags
* and mode. Useful for clients that wish to filter a set of connections
* against a set of access points and determine which connections are
* compatible with which access points.
*
* Returns: %TRUE if the given settings are compatible with the access point's
* security flags and mode, %FALSE if they are not.
*/
gboolean
nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
NMSettingWirelessSecurity *s_wireless_sec,
NM80211ApFlags ap_flags,
NM80211ApSecurityFlags ap_wpa,
NM80211ApSecurityFlags ap_rsn,
NM80211Mode ap_mode)
{
const char *key_mgmt = NULL, *cipher;
guint32 num, i;
gboolean found = FALSE;
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (s_wireless), FALSE);
if (!s_wireless_sec) {
if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
|| (ap_wpa != NM_802_11_AP_SEC_NONE)
|| (ap_rsn != NM_802_11_AP_SEC_NONE))
return FALSE;
return TRUE;
}
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
if (!key_mgmt)
return FALSE;
/* Static WEP */
if (!strcmp (key_mgmt, "none")) {
if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
|| (ap_wpa != NM_802_11_AP_SEC_NONE)
|| (ap_rsn != NM_802_11_AP_SEC_NONE))
return FALSE;
return TRUE;
}
/* Adhoc WPA */
if (!strcmp (key_mgmt, "wpa-none")) {
if (ap_mode != NM_802_11_MODE_ADHOC)
return FALSE;
/* FIXME: validate ciphers if they're in the beacon */
return TRUE;
}
/* Adhoc WPA2 (ie, RSN IBSS) */
if (ap_mode == NM_802_11_MODE_ADHOC) {
if (strcmp (key_mgmt, "wpa-psk"))
return FALSE;
/* Ensure the AP has RSN PSK capability */
if (!(ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK))
return FALSE;
/* Fall through and check ciphers in generic WPA-PSK code */
}
/* Dynamic WEP or LEAP */
if (!strcmp (key_mgmt, "ieee8021x")) {
if (!(ap_flags & NM_802_11_AP_FLAGS_PRIVACY))
return FALSE;
/* If the AP is advertising a WPA IE, make sure it supports WEP ciphers */
if (ap_wpa != NM_802_11_AP_SEC_NONE) {
if (!(ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_802_1X))
return FALSE;
/* quick check; can't use AP if it doesn't support at least one
* WEP cipher in both pairwise and group suites.
*/
if ( !(ap_wpa & (NM_802_11_AP_SEC_PAIR_WEP40 | NM_802_11_AP_SEC_PAIR_WEP104))
|| !(ap_wpa & (NM_802_11_AP_SEC_GROUP_WEP40 | NM_802_11_AP_SEC_GROUP_WEP104)))
return FALSE;
/* Match at least one pairwise cipher with AP's capability if the
* wireless-security setting explicitly lists pairwise ciphers
*/
num = nm_setting_wireless_security_get_num_pairwise (s_wireless_sec);
for (i = 0, found = FALSE; i < num; i++) {
cipher = nm_setting_wireless_security_get_pairwise (s_wireless_sec, i);
if ((found = match_cipher (cipher, "wep40", ap_wpa, ap_wpa, NM_802_11_AP_SEC_PAIR_WEP40)))
break;
if ((found = match_cipher (cipher, "wep104", ap_wpa, ap_wpa, NM_802_11_AP_SEC_PAIR_WEP104)))
break;
}
if (!found && num)
return FALSE;
/* Match at least one group cipher with AP's capability if the
* wireless-security setting explicitly lists group ciphers
*/
num = nm_setting_wireless_security_get_num_groups (s_wireless_sec);
for (i = 0, found = FALSE; i < num; i++) {
cipher = nm_setting_wireless_security_get_group (s_wireless_sec, i);
if ((found = match_cipher (cipher, "wep40", ap_wpa, ap_wpa, NM_802_11_AP_SEC_GROUP_WEP40)))
break;
if ((found = match_cipher (cipher, "wep104", ap_wpa, ap_wpa, NM_802_11_AP_SEC_GROUP_WEP104)))
break;
}
if (!found && num)
return FALSE;
}
return TRUE;
}
/* WPA[2]-PSK and WPA[2] Enterprise */
if ( !strcmp (key_mgmt, "wpa-psk")
|| !strcmp (key_mgmt, "wpa-eap")) {
if (!strcmp (key_mgmt, "wpa-psk")) {
if ( !(ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK)
&& !(ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK))
return FALSE;
} else if (!strcmp (key_mgmt, "wpa-eap")) {
if ( !(ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
&& !(ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_802_1X))
return FALSE;
}
// FIXME: should handle WPA and RSN separately here to ensure that
// if the Connection only uses WPA we don't match a cipher against
// the AP's RSN IE instead
/* Match at least one pairwise cipher with AP's capability if the
* wireless-security setting explicitly lists pairwise ciphers
*/
num = nm_setting_wireless_security_get_num_pairwise (s_wireless_sec);
for (i = 0, found = FALSE; i < num; i++) {
cipher = nm_setting_wireless_security_get_pairwise (s_wireless_sec, i);
if ((found = match_cipher (cipher, "tkip", ap_wpa, ap_rsn, NM_802_11_AP_SEC_PAIR_TKIP)))
break;
if ((found = match_cipher (cipher, "ccmp", ap_wpa, ap_rsn, NM_802_11_AP_SEC_PAIR_CCMP)))
break;
}
if (!found && num)
return FALSE;
/* Match at least one group cipher with AP's capability if the
* wireless-security setting explicitly lists group ciphers
*/
num = nm_setting_wireless_security_get_num_groups (s_wireless_sec);
for (i = 0, found = FALSE; i < num; i++) {
cipher = nm_setting_wireless_security_get_group (s_wireless_sec, i);
if ((found = match_cipher (cipher, "wep40", ap_wpa, ap_rsn, NM_802_11_AP_SEC_GROUP_WEP40)))
break;
if ((found = match_cipher (cipher, "wep104", ap_wpa, ap_rsn, NM_802_11_AP_SEC_GROUP_WEP104)))
break;
if ((found = match_cipher (cipher, "tkip", ap_wpa, ap_rsn, NM_802_11_AP_SEC_GROUP_TKIP)))
break;
if ((found = match_cipher (cipher, "ccmp", ap_wpa, ap_rsn, NM_802_11_AP_SEC_GROUP_CCMP)))
break;
}
if (!found && num)
return FALSE;
return TRUE;
}
return FALSE;
}
