CEPage *
ce_page_wireless_security_new (NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageWirelessSecurity *self;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
const char *security;
s_wireless = nm_connection_get_setting_wireless (connection);
if (!s_wireless) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface; missing WiFi setting."));
return NULL;
}
self = CE_PAGE_WIRELESS_SECURITY (ce_page_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
connection,
parent_window,
client,
UIDIR "/ce-page-wireless-security.ui",
"WirelessSecurityPage",
_("Wireless Security")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface."));
return NULL;
}
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
s_wsec = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wsec = NULL;
if (s_wsec)
default_type = get_default_type_for_security (s_wsec);
/* Get secrets if the connection is not 802.1x enabled */
if ( default_type == NMU_SEC_STATIC_WEP
|| default_type == NMU_SEC_LEAP
|| default_type == NMU_SEC_WPA_PSK
|| default_type == NMU_SEC_WPA2_PSK) {
*out_secrets_setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
/* Or if it is 802.1x enabled */
if ( default_type == NMU_SEC_DYNAMIC_WEP
|| default_type == NMU_SEC_WPA_ENTERPRISE
|| default_type == NMU_SEC_WPA2_ENTERPRISE) {
*out_secrets_setting_name = NM_SETTING_802_1X_SETTING_NAME;
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
return CE_PAGE (self);
}
const char *
nm_utils_get_shared_wifi_permission (NMConnection *connection)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
const char *method = NULL;
s_ip4 = nm_connection_get_setting_ip4_config (connection);
if (s_ip4)
method = nm_setting_ip4_config_get_method (s_ip4);
if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0)
return NULL; /* Not shared */
s_wifi = nm_connection_get_setting_wireless (connection);
if (s_wifi) {
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (nm_setting_wireless_get_security (s_wifi) || s_wsec)
return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED;
else
return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN;
}
return NULL;
}
static gboolean
add_wireless_secrets (NMSecretAgentSimpleRequest *request,
GPtrArray *secrets)
{
NMSettingWirelessSecurity *s_wsec = nm_connection_get_setting_wireless_security (request->connection);
const char *key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
NMSecretAgentSimpleSecret *secret;
if (!key_mgmt)
return FALSE;
if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) {
secret = nm_secret_agent_simple_secret_new (_("Password"),
NM_SETTING (s_wsec),
NM_SETTING_WIRELESS_SECURITY_PSK,
TRUE);
g_ptr_array_add (secrets, secret);
return TRUE;
}
if (!strcmp (key_mgmt, "none")) {
int index;
char *key;
index = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec);
key = g_strdup_printf ("wep-key%d", index);
secret = nm_secret_agent_simple_secret_new (_("Key"),
NM_SETTING (s_wsec),
key,
TRUE);
g_free (key);
g_ptr_array_add (secrets, secret);
return TRUE;
}
if (!strcmp (key_mgmt, "iee8021x")) {
if (!g_strcmp0 (nm_setting_wireless_security_get_auth_alg (s_wsec), "leap")) {
secret = nm_secret_agent_simple_secret_new (_("Password"),
NM_SETTING (s_wsec),
NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
TRUE);
g_ptr_array_add (secrets, secret);
return TRUE;
} else
return add_8021x_secrets (request, secrets);
}
if (!strcmp (key_mgmt, "wpa-eap"))
return add_8021x_secrets (request, secrets);
return FALSE;
}
static void
fill_connection (WirelessSecurity *parent, NMConnection *connection)
{
NMSettingWirelessSecurity *s_wireless_sec;
ws_802_1x_fill_connection (parent, "dynamic_wep_auth_combo", connection);
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
g_assert (s_wireless_sec);
g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x", NULL);
}
void
wireless_security_clear_ciphers (NMConnection *connection)
{
NMSettingWirelessSecurity *s_wireless_sec;
g_return_if_fail (connection != NULL);
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
g_assert (s_wireless_sec);
nm_setting_wireless_security_clear_protos (s_wireless_sec);
nm_setting_wireless_security_clear_pairwise (s_wireless_sec);
nm_setting_wireless_security_clear_groups (s_wireless_sec);
}
static void
wireless_connection_changed (NMConnection *connection,
gpointer user_data)
{
NMEditorWirelessSecurityMethodBinding *binding = user_data;
NMSettingWirelessSecurity *s_wsec;
if (binding->updating)
return;
s_wsec = nm_connection_get_setting_wireless_security (connection);
if ( (s_wsec && binding->s_wsec_in_use)
|| (!s_wsec && !binding->s_wsec_in_use))
return;
binding->s_wsec_in_use = !binding->s_wsec_in_use;
wireless_security_changed (NULL, NULL, binding);
}
static void
update_secrets (WirelessSecurity *parent, NMConnection *connection)
{
WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent;
NMSettingWirelessSecurity *s_wsec;
GtkWidget *widget;
const char *tmp;
int i;
s_wsec = nm_connection_get_setting_wireless_security (connection);
for (i = 0; s_wsec && i < 4; i++) {
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, i);
if (tmp)
g_strlcpy (sec->keys[i], tmp, sizeof (sec->keys[i]));
}
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
if (strlen (sec->keys[sec->cur_index]))
gtk_entry_set_text (GTK_ENTRY (widget), sec->keys[sec->cur_index]);
}
/**
* nm_editor_bind_wireless_security_method:
* @connection: an #NMConnection
* @s_wsec: an #NMSettingWirelessSecurity
* @target: the target widget
* @target_property: the string-valued property on @target to bind
* @flags: %GBindingFlags
*
* Binds the wireless security method on @connection to
* @target_property on @target (and vice versa if
* %G_BINDING_BIDIRECTIONAL).
*
* @target_property will be of the values "none", "wpa-personal",
* "wpa-enterprise", "wep-key", "wep-passphrase", "dynamic-wep", or
* "leap".
*
* If binding bidirectionally, @s_wsec will be automatically added to
* or removed from @connection as needed when @target_property
* changes.
*/
void
nm_editor_bind_wireless_security_method (NMConnection *connection,
NMSettingWirelessSecurity *s_wsec,
gpointer target,
const char *target_property,
GBindingFlags flags)
{
NMEditorWirelessSecurityMethodBinding *binding;
char *notify;
binding = g_slice_new0 (NMEditorWirelessSecurityMethodBinding);
binding->target = target;
binding->target_property = g_strdup (target_property);
if (flags & G_BINDING_BIDIRECTIONAL) {
notify = g_strdup_printf ("notify::%s", target_property);
g_signal_connect (target, notify, G_CALLBACK (wireless_security_target_changed), binding);
g_free (notify);
}
g_object_weak_ref (target, wireless_security_target_destroyed, binding);
binding->connection = g_object_ref (connection);
g_signal_connect (connection, NM_CONNECTION_CHANGED,
G_CALLBACK (wireless_connection_changed), binding);
binding->s_wsec_in_use = (nm_connection_get_setting_wireless_security (connection) != NULL);
binding->s_wsec = g_object_ref (s_wsec);
g_signal_connect (s_wsec, "notify::" NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
G_CALLBACK (wireless_security_changed), binding);
g_signal_connect (s_wsec, "notify::" NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
G_CALLBACK (wireless_security_changed), binding);
g_signal_connect (s_wsec, "notify::" NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE,
G_CALLBACK (wireless_security_changed), binding);
if (flags & G_BINDING_SYNC_CREATE)
wireless_security_changed (NULL, NULL, binding);
}
WirelessSecurityLEAP *
ws_leap_new (NMConnection *connection, gboolean secrets_only)
{
WirelessSecurity *parent;
WirelessSecurityLEAP *sec;
GtkWidget *widget;
NMSettingWirelessSecurity *wsec = NULL;
parent = wireless_security_init (sizeof (WirelessSecurityLEAP),
validate,
add_to_size_group,
fill_connection,
update_secrets,
NULL,
"/org/cinnamon/control-center/network/ws-leap.ui",
"leap_notebook",
"leap_username_entry");
if (!parent)
return NULL;
if (connection) {
wsec = nm_connection_get_setting_wireless_security (connection);
if (wsec) {
const char *auth_alg;
/* Ignore if wireless security doesn't specify LEAP */
auth_alg = nm_setting_wireless_security_get_auth_alg (wsec);
if (!auth_alg || strcmp (auth_alg, "leap"))
wsec = NULL;
}
}
parent->adhoc_compatible = FALSE;
parent->hotspot_compatible = FALSE;
sec = (WirelessSecurityLEAP *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_password_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
/* Create password-storage popup menu for password entry under entry's secondary icon */
nma_utils_setup_password_storage (widget, 0, (NMSetting *) wsec, sec->password_flags_name,
FALSE, secrets_only);
if (wsec)
update_secrets (WIRELESS_SECURITY (sec), connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "leap_username_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
if (wsec)
gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_wireless_security_get_leap_username (wsec));
if (secrets_only)
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_leap"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
sec);
return sec;
}
gboolean
nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
const guint8 ap_bssid[ETH_ALEN],
NM80211Mode ap_mode,
guint32 ap_flags,
guint32 ap_wpa_flags,
guint32 ap_rsn_flags,
NMConnection *connection,
gboolean lock_bssid,
GError **error)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
const GByteArray *ssid;
const char *mode, *key_mgmt, *auth_alg, *leap_username;
gboolean adhoc = FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
g_assert (s_wifi);
s_wsec = nm_connection_get_setting_wireless_security (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
/* Fill in missing SSID */
ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!ssid)
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
else if ( ssid->len != ap_ssid->len
|| memcmp (ssid->data, ap_ssid->data, ssid->len)) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
"Setting SSID did not match AP SSID");
return FALSE;
}
if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) {
GByteArray *bssid;
bssid = g_byte_array_sized_new (ETH_ALEN);
g_byte_array_append (bssid, ap_bssid, ETH_ALEN);
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
g_byte_array_free (bssid, TRUE);
}
/* And mode */
mode = nm_setting_wireless_get_mode (s_wifi);
if (mode) {
gboolean valid = FALSE;
/* Make sure the supplied mode matches the AP's */
if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) {
if (ap_mode == NM_802_11_MODE_INFRA)
valid = TRUE;
} else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
if (ap_mode == NM_802_11_MODE_ADHOC)
valid = TRUE;
adhoc = TRUE;
}
if (valid == FALSE) {
g_set_error (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
NM_SETTING_WIRELESS_MODE);
return FALSE;
}
} else {
mode = NM_SETTING_WIRELESS_MODE_INFRA;
if (ap_mode == NM_802_11_MODE_ADHOC) {
mode = NM_SETTING_WIRELESS_MODE_ADHOC;
adhoc = TRUE;
}
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
}
/* Security */
/* Open */
if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
/* Make sure the connection doesn't specify security */
if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"AP is unencrypted but setting specifies security");
return FALSE;
}
return TRUE;
}
/* Everything else requires security */
g_object_set (G_OBJECT (s_wifi),
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
if (!s_wsec) {
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
}
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
leap_username = nm_setting_wireless_security_get_leap_username (s_wsec);
/* Ad-Hoc checks */
if (!verify_adhoc (s_wsec, s_8021x, adhoc, error))
return FALSE;
/* Static WEP, Dynamic WEP, or LEAP */
if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
const char *tag = "WEP";
gboolean is_dynamic_wep = FALSE;
if (!verify_leap (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (leap_username) {
tag = "LEAP";
} else {
/* Static or Dynamic WEP */
if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) {
is_dynamic_wep = TRUE;
tag = "Dynamic WEP";
}
}
/* Nothing WPA-related can be set */
if (!verify_no_wpa (s_wsec, tag, error))
return FALSE;
if (leap_username) {
/* LEAP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
NULL);
} else if (is_dynamic_wep) {
/* Dynamic WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
nm_setting_wireless_security_add_pairwise (s_wsec, "wep40");
nm_setting_wireless_security_add_pairwise (s_wsec, "wep104");
nm_setting_wireless_security_add_group (s_wsec, "wep40");
nm_setting_wireless_security_add_group (s_wsec, "wep104");
if (s_8021x) {
/* Dynamic WEP requires a valid 802.1x setting since we can't
* autocomplete 802.1x.
*/
if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error))
return FALSE;
}
} else {
/* Static WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NULL);
}
return TRUE;
}
/* WPA/RSN */
g_assert (ap_wpa_flags || ap_rsn_flags);
/* Ensure key management is valid for WPA */
if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with non-EAP (original) LEAP or Dynamic WEP");
return FALSE;
}
/* 'shared' auth incompatible with any type of WPA */
if (auth_alg && strcmp (auth_alg, "open")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with Shared Key authentication");
return FALSE;
}
if (!verify_no_wep (s_wsec, "WPA", error))
return FALSE;
if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (adhoc) {
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
/* Ad-Hoc does not support RSN/WPA2 */
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wsec, "none");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
/* 802.1x also requires the client to completely fill in the 8021x
* setting. Since there's so much configuration required for it, there's
* no way it can be automatically completed.
*/
} else if ( (key_mgmt && !strcmp (key_mgmt, "wpa-psk"))
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
} else {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"Failed to determine AP security information");
return FALSE;
}
return TRUE;
}
static gboolean
connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *ctype;
const char *hwaddr, *setting_hwaddr;
NMDeviceWifiCapabilities wifi_caps;
const char *key_mgmt;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_NOT_WIFI_CONNECTION,
"The connection was not a Wi-Fi connection.");
return FALSE;
}
s_wifi = nm_connection_get_setting_wireless (connection);
if (!s_wifi) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_WIFI_CONNECTION,
"The connection was not a valid Wi-Fi connection.");
return FALSE;
}
/* Check MAC address */
hwaddr = nm_device_wifi_get_permanent_hw_address (NM_DEVICE_WIFI (device));
if (hwaddr) {
if (!nm_utils_hwaddr_valid (hwaddr, ETH_ALEN)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_DEVICE_MAC,
"Invalid device MAC address.");
return FALSE;
}
setting_hwaddr = nm_setting_wireless_get_mac_address (s_wifi);
if (setting_hwaddr && !nm_utils_hwaddr_matches (setting_hwaddr, -1, hwaddr, -1)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MAC_MISMATCH,
"The MACs of the device and the connection didn't match.");
return FALSE;
}
}
/* Check device capabilities; we assume all devices can do WEP at least */
wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (s_wsec) {
/* Connection has security, verify it against the device's capabilities */
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
if ( !g_strcmp0 (key_mgmt, "wpa-none")
|| !g_strcmp0 (key_mgmt, "wpa-psk")
|| !g_strcmp0 (key_mgmt, "wpa-eap")) {
/* Is device only WEP capable? */
if (!(wifi_caps & WPA_CAPS)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_WPA_CAPS,
"The device missed WPA capabilities required by the connection.");
return FALSE;
}
/* Make sure WPA2/RSN-only connections don't get chosen for WPA-only cards */
if (has_proto (s_wsec, "rsn") && !has_proto (s_wsec, "wpa") && !(wifi_caps & RSN_CAPS)) {
g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_RSN_CAPS,
"The device missed WPA2/RSN capabilities required by the connection.");
return FALSE;
}
}
}
return NM_DEVICE_CLASS (nm_device_wifi_parent_class)->connection_compatible (device, connection, error);
}
/**
* nm_access_point_connection_valid:
* @ap: an #NMAccessPoint to validate @connection against
* @connection: an #NMConnection to validate against @ap
*
* Validates a given connection against a given Wi-Fi access point to ensure that
* the connection may be activated with that AP. The connection must match the
* @ap's SSID, (if given) BSSID, and other attributes like security settings,
* channel, band, etc.
*
* Returns: %TRUE if the connection may be activated with this Wi-Fi AP,
* %FALSE if it cannot be.
**/
gboolean
nm_access_point_connection_valid (NMAccessPoint *ap, NMConnection *connection)
{
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *ctype, *ap_bssid_str;
const GByteArray *setting_ssid;
const GByteArray *ap_ssid;
const GByteArray *setting_bssid;
struct ether_addr *ap_bssid;
const char *setting_mode;
NM80211Mode ap_mode;
const char *setting_band;
guint32 ap_freq, setting_chan, ap_chan;
s_con = nm_connection_get_setting_connection (connection);
g_assert (s_con);
ctype = nm_setting_connection_get_connection_type (s_con);
if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0)
return FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
if (!s_wifi)
return FALSE;
/* SSID checks */
ap_ssid = nm_access_point_get_ssid (ap);
g_warn_if_fail (ap_ssid != NULL);
setting_ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!setting_ssid || !ap_ssid || (setting_ssid->len != ap_ssid->len))
return FALSE;
if (memcmp (setting_ssid->data, ap_ssid->data, ap_ssid->len) != 0)
return FALSE;
/* BSSID checks */
ap_bssid_str = nm_access_point_get_bssid (ap);
g_warn_if_fail (ap_bssid_str);
setting_bssid = nm_setting_wireless_get_bssid (s_wifi);
if (setting_bssid && ap_bssid_str) {
g_assert (setting_bssid->len == ETH_ALEN);
ap_bssid = ether_aton (ap_bssid_str);
g_warn_if_fail (ap_bssid);
if (ap_bssid) {
if (memcmp (ap_bssid->ether_addr_octet, setting_bssid->data, ETH_ALEN) != 0)
return FALSE;
}
}
/* Mode */
ap_mode = nm_access_point_get_mode (ap);
g_warn_if_fail (ap_mode != NM_802_11_MODE_UNKNOWN);
setting_mode = nm_setting_wireless_get_mode (s_wifi);
if (setting_mode && ap_mode) {
if (!strcmp (setting_mode, "infrastructure") && (ap_mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (setting_mode, "adhoc") && (ap_mode != NM_802_11_MODE_ADHOC))
return FALSE;
/* Hotspot never matches against APs as it's a device-specific mode. */
if (!strcmp (setting_mode, "ap"))
return FALSE;
}
/* Band and Channel/Frequency */
ap_freq = nm_access_point_get_frequency (ap);
if (ap_freq) {
setting_band = nm_setting_wireless_get_band (s_wifi);
if (g_strcmp0 (setting_band, "a") == 0) {
if (ap_freq < 4915 || ap_freq > 5825)
return FALSE;
} else if (g_strcmp0 (setting_band, "bg") == 0) {
if (ap_freq < 2412 || ap_freq > 2484)
return FALSE;
}
setting_chan = nm_setting_wireless_get_channel (s_wifi);
if (setting_chan) {
ap_chan = nm_utils_wifi_freq_to_channel (ap_freq);
if (setting_chan != ap_chan)
return FALSE;
}
}
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (!nm_setting_wireless_ap_security_compatible (s_wifi,
s_wsec,
nm_access_point_get_flags (ap),
nm_access_point_get_wpa_flags (ap),
nm_access_point_get_rsn_flags (ap),
ap_mode))
return FALSE;
return TRUE;
}
static void
finish_setup (CEPageSecurity *page)
{
NMConnection *connection = CE_PAGE (page)->connection;
NMSettingWireless *sw;
NMSettingWirelessSecurity *sws;
gboolean is_adhoc = FALSE;
GtkListStore *sec_model;
GtkTreeIter iter;
const gchar *mode;
const gchar *security;
guint32 dev_caps = 0;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
int active = -1;
int item = 0;
GtkComboBox *combo;
GtkCellRenderer *renderer;
sw = nm_connection_get_setting_wireless (connection);
g_assert (sw);
page->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
page->security_heading = GTK_WIDGET (gtk_builder_get_object (CE_PAGE (page)->builder, "heading_sec"));
page->security_combo = combo = GTK_COMBO_BOX (gtk_builder_get_object (CE_PAGE (page)->builder, "combo_sec"));
dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
| NM_WIFI_DEVICE_CAP_CIPHER_WEP104
| NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
mode = nm_setting_wireless_get_mode (sw);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
page->adhoc = is_adhoc;
sws = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (sw);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0)
sws = NULL;
if (sws)
default_type = get_default_type_for_security (sws);
sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_g_type (), G_TYPE_BOOLEAN);
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
gtk_list_store_insert_with_values (sec_model, &iter, -1,
S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"),
S_ADHOC_VALID_COLUMN, TRUE,
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWEPKey *ws_wep;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
if (default_type == NMU_SEC_STATIC_WEP) {
sws = nm_connection_get_setting_wireless_security (connection);
if (sws)
wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"), TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (connection, FALSE);
if (ws_leap) {
add_security_item (page, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (connection, TRUE, FALSE);
if (ws_dynamic_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (connection, FALSE);
if (ws_wpa_psk) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (connection, TRUE, FALSE);
if (ws_wpa_eap) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo));
renderer = gtk_cell_renderer_text_new ();
gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (combo), renderer, TRUE);
gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (combo), renderer, "text", S_NAME_COLUMN, NULL);
gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (combo), renderer, set_sensitive, &page->adhoc, NULL);
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
page->security_combo = combo;
security_combo_changed (combo, page);
g_signal_connect (combo, "changed",
G_CALLBACK (security_combo_changed), page);
}
WirelessSecurityWEPKey *
ws_wep_key_new (NMConnection *connection,
NMWepKeyType type,
gboolean adhoc_create,
gboolean secrets_only)
{
WirelessSecurity *parent;
WirelessSecurityWEPKey *sec;
GtkWidget *widget;
NMSettingWirelessSecurity *s_wsec = NULL;
NMSetting *setting = NULL;
guint8 default_key_idx = 0;
gboolean is_adhoc = adhoc_create;
gboolean is_shared_key = FALSE;
parent = wireless_security_init (sizeof (WirelessSecurityWEPKey),
validate,
add_to_size_group,
fill_connection,
update_secrets,
destroy,
UIDIR "/ws-wep-key.ui",
"wep_key_notebook",
"wep_key_entry");
if (!parent)
return NULL;
sec = (WirelessSecurityWEPKey *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0;
sec->type = type;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry"));
g_assert (widget);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
FALSE, secrets_only);
if (connection) {
NMSettingWireless *s_wireless;
const char *mode, *auth_alg;
s_wireless = nm_connection_get_setting_wireless (connection);
mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL;
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (s_wsec) {
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (auth_alg && !strcmp (auth_alg, "shared"))
is_shared_key = TRUE;
}
}
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
g_signal_connect (G_OBJECT (widget), "insert-text",
(GCallback) wep_entry_filter_cb,
sec);
if (sec->type == NM_WEP_KEY_TYPE_KEY)
gtk_entry_set_max_length (GTK_ENTRY (widget), 26);
else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE)
gtk_entry_set_max_length (GTK_ENTRY (widget), 64);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_combo"));
if (connection && s_wsec)
default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec);
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx);
sec->cur_index = default_key_idx;
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) key_index_combo_changed_cb,
sec);
/* Key index is useless with adhoc networks */
if (is_adhoc || secrets_only) {
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_label"));
gtk_widget_hide (widget);
}
/* Fill the key entry with the key for that index */
if (connection)
update_secrets (WIRELESS_SECURITY (sec), connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wep"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
sec);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo"));
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
/* Don't show auth method for adhoc (which always uses open-system) or
* when in "simple" mode.
*/
if (is_adhoc || secrets_only) {
/* Ad-Hoc connections can't use Shared Key auth */
if (is_adhoc)
gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0);
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_label"));
gtk_widget_hide (widget);
}
return sec;
}
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
NMConnection *connection)
{
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
GBytes *ssid;
const char *mode;
const char *band;
const char *bssid;
guint32 channel;
g_return_val_if_fail (NM_IS_AP (self), FALSE);
g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);
priv = NM_AP_GET_PRIVATE (self);
s_wireless = nm_connection_get_setting_wireless (connection);
if (s_wireless == NULL)
return FALSE;
ssid = nm_setting_wireless_get_ssid (s_wireless);
if ( (ssid && !priv->ssid)
|| (priv->ssid && !ssid))
return FALSE;
if ( ssid && priv->ssid &&
!nm_utils_same_ssid (g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid),
priv->ssid->data, priv->ssid->len,
TRUE))
return FALSE;
bssid = nm_setting_wireless_get_bssid (s_wireless);
if (bssid && (!priv->address || !nm_utils_hwaddr_matches (bssid, -1, priv->address, -1)))
return FALSE;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
return FALSE;
if ( !strcmp (mode, "ap")
&& (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
return FALSE;
}
band = nm_setting_wireless_get_band (s_wireless);
if (band) {
guint ap_band = freq_to_band (priv->freq);
if (!strcmp (band, "a") && ap_band != 5)
return FALSE;
else if (!strcmp (band, "bg") && ap_band != 2)
return FALSE;
}
channel = nm_setting_wireless_get_channel (s_wireless);
if (channel) {
guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);
if (channel != ap_chan)
return FALSE;
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
return nm_setting_wireless_ap_security_compatible (s_wireless,
s_wireless_sec,
priv->flags,
priv->wpa_flags,
priv->rsn_flags,
priv->mode);
}
NMAccessPoint *
nm_ap_new_fake_from_connection (NMConnection *connection)
{
NMAccessPoint *ap;
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
GBytes *ssid;
const char *mode, *band, *key_mgmt;
guint32 channel;
NM80211ApSecurityFlags flags;
gboolean psk = FALSE, eap = FALSE;
g_return_val_if_fail (connection != NULL, NULL);
s_wireless = nm_connection_get_setting_wireless (connection);
g_return_val_if_fail (s_wireless != NULL, NULL);
ssid = nm_setting_wireless_get_ssid (s_wireless);
g_return_val_if_fail (ssid != NULL, NULL);
g_return_val_if_fail (g_bytes_get_size (ssid) > 0, NULL);
ap = (NMAccessPoint *) g_object_new (NM_TYPE_AP, NULL);
priv = NM_AP_GET_PRIVATE (ap);
priv->fake = TRUE;
nm_ap_set_ssid (ap, g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid));
// FIXME: bssid too?
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure"))
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
else if (!strcmp (mode, "adhoc"))
nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC);
else if (!strcmp (mode, "ap")) {
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
NM_AP_GET_PRIVATE (ap)->hotspot = TRUE;
} else
goto error;
} else {
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
}
band = nm_setting_wireless_get_band (s_wireless);
channel = nm_setting_wireless_get_channel (s_wireless);
if (band && channel) {
guint32 freq = nm_utils_wifi_channel_to_freq (channel, band);
if (freq == 0)
goto error;
nm_ap_set_freq (ap, freq);
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
/* Assume presence of a security setting means the AP is encrypted */
if (!s_wireless_sec)
goto done;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
/* Everything below here uses encryption */
nm_ap_set_flags (ap, priv->flags | NM_802_11_AP_FLAGS_PRIVACY);
/* Static & Dynamic WEP */
if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
goto done;
psk = !strcmp (key_mgmt, "wpa-psk");
eap = !strcmp (key_mgmt, "wpa-eap");
if (psk || eap) {
if (has_proto (s_wireless_sec, PROTO_WPA)) {
flags = priv->wpa_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
nm_ap_set_wpa_flags (ap, flags);
}
if (has_proto (s_wireless_sec, PROTO_RSN)) {
flags = priv->rsn_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK);
nm_ap_set_rsn_flags (ap, flags);
}
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
} else if (!strcmp (key_mgmt, "wpa-none")) {
guint32 i;
/* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
* group=TKIP/CCMP (but not both).
*/
flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK;
/* Clear ciphers; pairwise must be unset anyway, and group gets set below */
flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
| NM_802_11_AP_SEC_PAIR_WEP104
| NM_802_11_AP_SEC_PAIR_TKIP
| NM_802_11_AP_SEC_PAIR_CCMP
| NM_802_11_AP_SEC_GROUP_WEP40
| NM_802_11_AP_SEC_GROUP_WEP104
| NM_802_11_AP_SEC_GROUP_TKIP
| NM_802_11_AP_SEC_GROUP_CCMP);
for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
flags |= NM_802_11_AP_SEC_GROUP_CCMP;
break;
}
}
/* Default to TKIP since not all WPA-capable cards can do CCMP */
if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
flags |= NM_802_11_AP_SEC_GROUP_TKIP;
nm_ap_set_wpa_flags (ap, flags);
/* Don't use Ad-Hoc RSN yet */
nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
}
done:
return ap;
error:
g_object_unref (ap);
return NULL;
}
static void
nmt_page_wifi_constructed (GObject *object)
{
NmtPageWifiPrivate *priv = NMT_PAGE_WIFI_GET_PRIVATE (object);
NmtPageWifi *wifi = NMT_PAGE_WIFI (object);
NmtDeviceEntry *deventry;
NmtEditorSection *section;
NmtEditorGrid *grid;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
NmtNewtWidget *widget, *hbox, *subgrid;
NmtNewtWidget *mode, *band, *security, *entry;
NmtNewtStack *stack;
NMConnection *conn;
conn = nmt_editor_page_get_connection (NMT_EDITOR_PAGE (wifi));
s_wireless = nm_connection_get_setting_wireless (conn);
if (!s_wireless) {
nm_connection_add_setting (conn, nm_setting_wireless_new ());
s_wireless = nm_connection_get_setting_wireless (conn);
}
s_wsec = nm_connection_get_setting_wireless_security (conn);
if (!s_wsec) {
/* It makes things simpler if we always have a
* NMSettingWirelessSecurity; we'll hold a ref on one, and add
* it to and remove it from the connection as needed.
*/
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_setting_wireless_security_new ());
}
priv->s_wsec = g_object_ref_sink (s_wsec);
deventry = nmt_editor_page_device_get_device_entry (NMT_EDITOR_PAGE_DEVICE (object));
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MAC_ADDRESS,
deventry, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
section = nmt_editor_section_new (_("WI-FI"), NULL, TRUE);
grid = nmt_editor_section_get_body (section);
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
g_object_bind_property_full (s_wireless, NM_SETTING_WIRELESS_SSID,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE,
ssid_transform_to_entry,
ssid_transform_from_entry,
s_wireless, NULL);
nmt_editor_grid_append (grid, _("SSID"), widget, NULL);
widget = nmt_newt_popup_new (wifi_mode);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MODE,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Mode"), widget, NULL);
mode = widget;
hbox = nmt_newt_grid_new ();
widget = nmt_newt_popup_new (wifi_band);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BAND,
widget, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 0, 0);
band = widget;
widget = nmt_newt_entry_numeric_new (10, 0, 255);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CHANNEL,
widget, "text",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 1, 0);
nmt_newt_widget_set_padding (widget, 1, 0, 0, 0);
g_object_bind_property_full (band, "active-id", widget, "visible",
G_BINDING_SYNC_CREATE,
band_transform_to_channel_visibility,
NULL, NULL, NULL);
g_object_bind_property_full (mode, "active-id", hbox, "visible",
G_BINDING_SYNC_CREATE,
mode_transform_to_band_visibility,
NULL, NULL, NULL);
nmt_editor_grid_append (grid, _("Channel"), hbox, NULL);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_newt_popup_new (wifi_security);
nmt_editor_grid_append (grid, _("Security"), widget, NULL);
security = widget;
widget = nmt_newt_stack_new ();
stack = NMT_NEWT_STACK (widget);
/* none */
subgrid = nmt_editor_grid_new ();
nmt_newt_stack_add (stack, "none", subgrid);
/* wpa-personal */
subgrid = nmt_editor_grid_new ();
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "wpa-personal", subgrid);
/* "wpa-enterprise" */
// FIXME
widget = nmt_newt_label_new (_("(No support for wpa-enterprise yet...)"));
nmt_newt_stack_add (stack, "wpa-enterprise", widget);
/* wep-key */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Key"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-key", subgrid);
/* wep-passphrase */
subgrid = nmt_editor_grid_new ();
widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
widget = nmt_newt_popup_new (wep_index);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL);
nm_editor_bind_wireless_security_wep_key (s_wsec,
entry, "password",
widget, "active",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
widget = nmt_newt_popup_new (wep_auth);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL);
nmt_newt_stack_add (stack, "wep-passphrase", subgrid);
/* "dynamic-wep" */
// FIXME
widget = nmt_newt_label_new (_("(No support for dynamic-wep yet...)"));
nmt_newt_stack_add (stack, "dynamic-wep", widget);
/* leap */
subgrid = nmt_editor_grid_new ();
widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Username"), widget, NULL);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME,
widget, "text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD);
g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
widget, "password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL);
nmt_newt_stack_add (stack, "leap", subgrid);
nmt_editor_grid_append (grid, NULL, NMT_NEWT_WIDGET (stack), NULL);
g_object_bind_property (security, "active-id",
stack, "active-id",
G_BINDING_SYNC_CREATE);
nm_editor_bind_wireless_security_method (conn, s_wsec, security, "active-id",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BSSID,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("BSSID"), widget, NULL);
widget = nmt_mac_entry_new (40, ETH_ALEN);
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS,
widget, "mac-address",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("Cloned MAC address"), widget, NULL);
widget = nmt_mtu_entry_new ();
g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MTU,
widget, "mtu",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append (grid, _("MTU"), widget, NULL);
nmt_editor_page_add_section (NMT_EDITOR_PAGE (wifi), section);
G_OBJECT_CLASS (nmt_page_wifi_parent_class)->constructed (object);
}
WirelessSecurityWPAPSK *
ws_wpa_psk_new (NMConnection *connection, gboolean secrets_only)
{
WirelessSecurity *parent;
WirelessSecurityWPAPSK *sec;
NMSetting *setting = NULL;
GtkWidget *widget;
parent = wireless_security_init (sizeof (WirelessSecurityWPAPSK),
validate,
add_to_size_group,
fill_connection,
update_secrets,
NULL,
UIDIR "/ws-wpa-psk.ui",
"wpa_psk_notebook",
"wpa_psk_entry");
if (!parent)
return NULL;
parent->adhoc_compatible = FALSE;
sec = (WirelessSecurityWPAPSK *) parent;
sec->editing_connection = secrets_only ? FALSE : TRUE;
sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_PSK;
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "changed",
(GCallback) wireless_security_changed_cb,
sec);
gtk_entry_set_width_chars (GTK_ENTRY (widget), 28);
/* Create password-storage popup menu for password entry under entry's secondary icon */
if (connection)
setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection);
nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name,
FALSE, secrets_only);
/* Fill secrets, if any */
if (connection)
update_secrets (WIRELESS_SECURITY (sec), connection);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wpa"));
g_assert (widget);
g_signal_connect (G_OBJECT (widget), "toggled",
(GCallback) show_toggled_cb,
sec);
/* Hide WPA/RSN for now since this can be autodetected by NM and the
* supplicant when connecting to the AP.
*/
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_type_combo"));
g_assert (widget);
gtk_widget_hide (widget);
widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_type_label"));
g_assert (widget);
gtk_widget_hide (widget);
return sec;
}
gboolean
nm_ap_check_compatible (NMAccessPoint *self,
NMConnection *connection)
{
NMAccessPointPrivate *priv;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
const char *mode;
const char *band;
const GByteArray *bssid;
guint32 channel;
g_return_val_if_fail (NM_IS_AP (self), FALSE);
g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE);
priv = NM_AP_GET_PRIVATE (self);
s_wireless = nm_connection_get_setting_wireless (connection);
if (s_wireless == NULL)
return FALSE;
if (!nm_utils_same_ssid (nm_setting_wireless_get_ssid (s_wireless), priv->ssid, TRUE))
return FALSE;
bssid = nm_setting_wireless_get_bssid (s_wireless);
if (bssid && memcmp (bssid->data, &priv->address, ETH_ALEN))
return FALSE;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode) {
if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA))
return FALSE;
if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC))
return FALSE;
if ( !strcmp (mode, "ap")
&& (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE))
return FALSE;
}
band = nm_setting_wireless_get_band (s_wireless);
if (band) {
if (!strcmp (band, "a")) {
if (priv->freq < 4915 || priv->freq > 5825)
return FALSE;
} else if (!strcmp (band, "bg")) {
if (priv->freq < 2412 || priv->freq > 2484)
return FALSE;
}
}
channel = nm_setting_wireless_get_channel (s_wireless);
if (channel) {
guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq);
if (channel != ap_chan)
return FALSE;
}
s_wireless_sec = nm_connection_get_setting_wireless_security (connection);
return nm_setting_wireless_ap_security_compatible (s_wireless,
s_wireless_sec,
nm_ap_get_flags (self),
nm_ap_get_wpa_flags (self),
nm_ap_get_rsn_flags (self),
nm_ap_get_mode (self));
}
