static gboolean
validate (CEPage *page,
NMConnection *connection,
GError **error)
{
GtkWidget *entry;
GByteArray *ignore;
gboolean invalid;
gchar *security;
NMSettingWireless *setting;
gboolean ret = TRUE;
entry = gtk_bin_get_child (GTK_BIN (gtk_builder_get_object (page->builder, "combo_bssid")));
ignore = ce_page_entry_to_mac (GTK_ENTRY (entry), ARPHRD_ETHER, &invalid);
if (invalid) {
widget_set_error (entry);
ret = FALSE;
} else {
if (ignore)
g_byte_array_free (ignore, TRUE);
widget_unset_error (entry);
}
entry = gtk_bin_get_child (GTK_BIN (gtk_builder_get_object (page->builder, "combo_mac")));
ignore = ce_page_entry_to_mac (GTK_ENTRY (entry), ARPHRD_ETHER, &invalid);
if (invalid) {
widget_set_error (entry);
ret = FALSE;
} else {
if (ignore)
g_byte_array_free (ignore, TRUE);
widget_unset_error (entry);
}
entry = GTK_WIDGET (gtk_builder_get_object (page->builder, "entry_cloned_mac"));
ignore = ce_page_entry_to_mac (GTK_ENTRY (entry), ARPHRD_ETHER, &invalid);
if (invalid) {
widget_set_error (entry);
ret = FALSE;
} else {
if (ignore)
g_byte_array_free (ignore, TRUE);
widget_unset_error (entry);
}
if (!ret)
return ret;
ui_to_setting (CE_PAGE_WIFI (page));
/* A hack to not check the wifi security here */
setting = CE_PAGE_WIFI (page)->setting;
security = g_strdup (nm_setting_wireless_get_security (setting));
g_object_set (setting, NM_SETTING_WIRELESS_SEC, NULL, NULL);
ret = nm_setting_verify (NM_SETTING (setting), NULL, error);
g_object_set (setting, NM_SETTING_WIRELESS_SEC, security, NULL);
g_free (security);
return ret;
}
CEPage *
ce_page_wireless_security_new (NMConnection *connection,
GtkWindow *parent_window,
NMClient *client,
const char **out_secrets_setting_name,
GError **error)
{
CEPageWirelessSecurity *self;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
const char *security;
s_wireless = nm_connection_get_setting_wireless (connection);
if (!s_wireless) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface; missing WiFi setting."));
return NULL;
}
self = CE_PAGE_WIRELESS_SECURITY (ce_page_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
connection,
parent_window,
client,
UIDIR "/ce-page-wireless-security.ui",
"WirelessSecurityPage",
_("Wireless Security")));
if (!self) {
g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface."));
return NULL;
}
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
s_wsec = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wsec = NULL;
if (s_wsec)
default_type = get_default_type_for_security (s_wsec);
/* Get secrets if the connection is not 802.1x enabled */
if ( default_type == NMU_SEC_STATIC_WEP
|| default_type == NMU_SEC_LEAP
|| default_type == NMU_SEC_WPA_PSK
|| default_type == NMU_SEC_WPA2_PSK) {
*out_secrets_setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
/* Or if it is 802.1x enabled */
if ( default_type == NMU_SEC_DYNAMIC_WEP
|| default_type == NMU_SEC_WPA_ENTERPRISE
|| default_type == NMU_SEC_WPA2_ENTERPRISE) {
*out_secrets_setting_name = NM_SETTING_802_1X_SETTING_NAME;
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
return CE_PAGE (self);
}
const char *
nm_utils_get_shared_wifi_permission (NMConnection *connection)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
const char *method = NULL;
s_ip4 = nm_connection_get_setting_ip4_config (connection);
if (s_ip4)
method = nm_setting_ip4_config_get_method (s_ip4);
if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0)
return NULL; /* Not shared */
s_wifi = nm_connection_get_setting_wireless (connection);
if (s_wifi) {
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (nm_setting_wireless_get_security (s_wifi) || s_wsec)
return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED;
else
return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN;
}
return NULL;
}
static gboolean
validate (CEPage *page, NMConnection *connection, GError **error)
{
CEPageWireless *self = CE_PAGE_WIRELESS (page);
CEPageWirelessPrivate *priv = CE_PAGE_WIRELESS_GET_PRIVATE (self);
char *security;
gboolean success;
gboolean invalid = FALSE;
GByteArray *ignore;
ignore = ce_page_entry_to_mac (priv->bssid, &invalid);
if (invalid)
return FALSE;
ignore = ce_page_entry_to_mac (priv->mac, &invalid);
if (invalid)
return FALSE;
ui_to_setting (self);
/* A hack to not check the wireless security here */
security = g_strdup (nm_setting_wireless_get_security (priv->setting));
g_object_set (priv->setting, NM_SETTING_WIRELESS_SEC, NULL, NULL);
success = nm_setting_verify (NM_SETTING (priv->setting), NULL, error);
g_object_set (priv->setting, NM_SETTING_WIRELESS_SEC, security, NULL);
g_free (security);
return success;
}
static GtkWidget *
create_info_label_security (NMConnection *connection)
{
NMSettingConnection *s_con;
char *label = NULL;
GtkWidget *w;
const char *connection_type;
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
g_assert (s_con);
connection_type = nm_setting_connection_get_connection_type (s_con);
if (!strcmp (connection_type, NM_SETTING_WIRELESS_SETTING_NAME)) {
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMSetting8021x *s_8021x;
const char *security;
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
s_wireless_sec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY);
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
security = s_wireless ? nm_setting_wireless_get_security (s_wireless) : NULL;
if (security && !strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) && s_wireless_sec) {
const char *key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
if (!strcmp (key_mgmt, "none"))
label = g_strdup (_("WEP"));
else if (!strcmp (key_mgmt, "wpa-none"))
label = g_strdup (_("WPA/WPA2"));
else if (!strcmp (key_mgmt, "wpa-psk"))
label = g_strdup (_("WPA/WPA2"));
else
label = get_eap_label (s_wireless_sec, s_8021x);
} else {
label = g_strdup (_("None"));
}
} else if (!strcmp (connection_type, NM_SETTING_WIRED_SETTING_NAME)) {
NMSetting8021x *s_8021x;
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (s_8021x)
label = get_eap_label (NULL, s_8021x);
else
label = g_strdup (_("None"));
}
w = create_info_label (label ? label : _("Unknown"), TRUE);
g_free (label);
return w;
}
static void
get_property (GObject *object, guint prop_id,
GValue *value, GParamSpec *pspec)
{
NMSettingWireless *setting = NM_SETTING_WIRELESS (object);
switch (prop_id) {
case PROP_SSID:
g_value_set_boxed (value, nm_setting_wireless_get_ssid (setting));
break;
case PROP_MODE:
g_value_set_string (value, nm_setting_wireless_get_mode (setting));
break;
case PROP_BAND:
g_value_set_string (value, nm_setting_wireless_get_band (setting));
break;
case PROP_CHANNEL:
g_value_set_uint (value, nm_setting_wireless_get_channel (setting));
break;
case PROP_BSSID:
g_value_set_boxed (value, nm_setting_wireless_get_bssid (setting));
break;
case PROP_RATE:
g_value_set_uint (value, nm_setting_wireless_get_rate (setting));
break;
case PROP_TX_POWER:
g_value_set_uint (value, nm_setting_wireless_get_tx_power (setting));
break;
case PROP_MAC_ADDRESS:
g_value_set_boxed (value, nm_setting_wireless_get_mac_address (setting));
break;
case PROP_CLONED_MAC_ADDRESS:
g_value_set_boxed (value, nm_setting_wireless_get_cloned_mac_address (setting));
break;
case PROP_MAC_ADDRESS_BLACKLIST:
g_value_set_boxed (value, nm_setting_wireless_get_mac_address_blacklist (setting));
break;
case PROP_MTU:
g_value_set_uint (value, nm_setting_wireless_get_mtu (setting));
break;
case PROP_SEEN_BSSIDS:
g_value_set_boxed (value, NM_SETTING_WIRELESS_GET_PRIVATE (setting)->seen_bssids);
break;
case PROP_SEC:
g_value_set_string (value, nm_setting_wireless_get_security (setting));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
}
}
static gboolean
validate (CEPage *page, NMConnection *connection, GError **error)
{
CEPageWifi *self = CE_PAGE_WIFI (page);
CEPageWifiPrivate *priv = CE_PAGE_WIFI_GET_PRIVATE (self);
char *security;
gboolean success;
gboolean invalid = FALSE;
GByteArray *ignore;
GtkWidget *entry;
entry = gtk_bin_get_child (GTK_BIN (priv->bssid));
if (entry) {
ignore = ce_page_entry_to_mac (GTK_ENTRY (entry), ARPHRD_ETHER, &invalid);
if (invalid)
return FALSE;
if (ignore)
g_byte_array_free (ignore, TRUE);
}
entry = gtk_bin_get_child (GTK_BIN (priv->device_mac));
if (entry) {
ignore = ce_page_entry_to_mac (GTK_ENTRY (entry), ARPHRD_ETHER, &invalid);
if (invalid)
return FALSE;
if (ignore)
g_byte_array_free (ignore, TRUE);
}
ignore = ce_page_entry_to_mac (priv->cloned_mac, ARPHRD_ETHER, &invalid);
if (invalid)
return FALSE;
if (ignore)
g_byte_array_free (ignore, TRUE);
ui_to_setting (self);
/* A hack to not check the wifi security here */
security = g_strdup (nm_setting_wireless_get_security (priv->setting));
g_object_set (priv->setting, NM_SETTING_WIRELESS_SEC, NULL, NULL);
success = nm_setting_verify (NM_SETTING (priv->setting), NULL, error);
g_object_set (priv->setting, NM_SETTING_WIRELESS_SEC, security, NULL);
g_free (security);
return success;
}
CEPage *
ce_page_wireless_security_new (NMConnection *connection, GtkWindow *parent_window, GError **error)
{
CEPageWirelessSecurity *self;
CEPage *parent;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec = NULL;
const char *setting_name = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
const char *security;
self = CE_PAGE_WIRELESS_SECURITY (g_object_new (CE_TYPE_PAGE_WIRELESS_SECURITY,
CE_PAGE_CONNECTION, connection,
CE_PAGE_PARENT_WINDOW, parent_window,
NULL));
parent = CE_PAGE (self);
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
if (!s_wireless) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface; missing WiFi setting."));
g_object_unref (self);
return NULL;
}
parent->xml = glade_xml_new (GLADEDIR "/ce-page-wireless-security.glade", "WirelessSecurityPage", NULL);
if (!parent->xml) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface."));
g_object_unref (self);
return NULL;
}
parent->page = glade_xml_get_widget (parent->xml, "WirelessSecurityPage");
if (!parent->page) {
g_set_error (error, 0, 0, "%s", _("Could not load WiFi security user interface."));
g_object_unref (self);
return NULL;
}
g_object_ref_sink (parent->page);
parent->title = g_strdup (_("Wireless Security"));
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY));
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wsec = NULL;
if (s_wsec)
default_type = get_default_type_for_security (s_wsec);
/* Get secrets if the connection is not 802.1x enabled */
if ( default_type == NMU_SEC_STATIC_WEP
|| default_type == NMU_SEC_LEAP
|| default_type == NMU_SEC_WPA_PSK
|| default_type == NMU_SEC_WPA2_PSK) {
setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
/* Or if it is 802.1x enabled */
if ( default_type == NMU_SEC_DYNAMIC_WEP
|| default_type == NMU_SEC_WPA_ENTERPRISE
|| default_type == NMU_SEC_WPA2_ENTERPRISE) {
setting_name = NM_SETTING_802_1X_SETTING_NAME;
}
g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL);
if (!ce_page_initialize (parent, setting_name, error)) {
g_object_unref (self);
return NULL;
}
return CE_PAGE (self);
}
static void
finish_setup (CEPageWirelessSecurity *self, gpointer unused, GError *error, gpointer user_data)
{
CEPage *parent = CE_PAGE (self);
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wireless_sec;
NMConnection *connection = parent->connection;
gboolean is_adhoc = FALSE;
GtkListStore *sec_model;
GtkTreeIter iter;
const char *mode;
const char *security;
guint32 dev_caps = 0;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
int active = -1;
int item = 0;
const char *glade_file = GLADEDIR "/applet.glade";
GtkComboBox *combo;
if (error)
return;
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
g_assert (s_wireless);
combo = GTK_COMBO_BOX (glade_xml_get_widget (parent->xml, "wireless_security_combo"));
dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
| NM_WIFI_DEVICE_CAP_CIPHER_WEP104
| NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
s_wireless_sec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection,
NM_TYPE_SETTING_WIRELESS_SECURITY));
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
s_wireless_sec = NULL;
if (s_wireless_sec)
default_type = get_default_type_for_security (s_wireless_sec);
sec_model = gtk_list_store_new (2, G_TYPE_STRING, wireless_security_get_g_type ());
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
gtk_list_store_append (sec_model, &iter);
gtk_list_store_set (sec_model, &iter,
S_NAME_COLUMN, _("None"),
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWEPKey *ws_wep;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
if (default_type == NMU_SEC_STATIC_WEP) {
NMSettingWirelessSecurity *s_wsec;
s_wsec = (NMSettingWirelessSecurity *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY);
if (s_wsec)
wep_type = nm_setting_wireless_security_get_wep_key_type (s_wsec);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
ws_wep = ws_wep_key_new (glade_file, connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (glade_file, connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (glade_file, connection);
if (ws_leap) {
add_security_item (self, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"));
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (glade_file, connection);
if (ws_dynamic_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"));
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)
|| nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (glade_file, connection);
if (ws_wpa_psk) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)
|| nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (glade_file, connection);
if (ws_wpa_eap) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
self->security_combo = combo;
wireless_security_combo_changed (combo, self);
g_signal_connect (combo, "changed",
G_CALLBACK (wireless_security_combo_changed),
self);
}
static void
finish_setup (CEPageSecurity *page)
{
NMConnection *connection = CE_PAGE (page)->connection;
NMSettingWireless *sw;
NMSettingWirelessSecurity *sws;
gboolean is_adhoc = FALSE;
GtkListStore *sec_model;
GtkTreeIter iter;
const gchar *mode;
const gchar *security;
guint32 dev_caps = 0;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
int active = -1;
int item = 0;
GtkComboBox *combo;
GtkCellRenderer *renderer;
sw = nm_connection_get_setting_wireless (connection);
g_assert (sw);
page->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
page->security_heading = GTK_WIDGET (gtk_builder_get_object (CE_PAGE (page)->builder, "heading_sec"));
page->security_combo = combo = GTK_COMBO_BOX (gtk_builder_get_object (CE_PAGE (page)->builder, "combo_sec"));
dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
| NM_WIFI_DEVICE_CAP_CIPHER_WEP104
| NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
mode = nm_setting_wireless_get_mode (sw);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
page->adhoc = is_adhoc;
sws = nm_connection_get_setting_wireless_security (connection);
security = nm_setting_wireless_get_security (sw);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0)
sws = NULL;
if (sws)
default_type = get_default_type_for_security (sws);
sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_g_type (), G_TYPE_BOOLEAN);
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
gtk_list_store_insert_with_values (sec_model, &iter, -1,
S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"),
S_ADHOC_VALID_COLUMN, TRUE,
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWEPKey *ws_wep;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
if (default_type == NMU_SEC_STATIC_WEP) {
sws = nm_connection_get_setting_wireless_security (connection);
if (sws)
wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
if (ws_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"), TRUE);
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (connection, FALSE);
if (ws_leap) {
add_security_item (page, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (connection, TRUE, FALSE);
if (ws_dynamic_wep) {
add_security_item (page, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"), FALSE);
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (connection, FALSE);
if (ws_wpa_psk) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (connection, TRUE, FALSE);
if (ws_wpa_eap) {
add_security_item (page, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"), FALSE);
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model));
gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo));
renderer = gtk_cell_renderer_text_new ();
gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (combo), renderer, TRUE);
gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (combo), renderer, "text", S_NAME_COLUMN, NULL);
gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (combo), renderer, set_sensitive, &page->adhoc, NULL);
gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
page->security_combo = combo;
security_combo_changed (combo, page);
g_signal_connect (combo, "changed",
G_CALLBACK (security_combo_changed), page);
}
gboolean
nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
const guint8 ap_bssid[ETH_ALEN],
NM80211Mode ap_mode,
guint32 ap_flags,
guint32 ap_wpa_flags,
guint32 ap_rsn_flags,
NMConnection *connection,
gboolean lock_bssid,
GError **error)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSetting8021x *s_8021x;
const GByteArray *ssid;
const char *mode, *key_mgmt, *auth_alg, *leap_username;
gboolean adhoc = FALSE;
s_wifi = nm_connection_get_setting_wireless (connection);
g_assert (s_wifi);
s_wsec = nm_connection_get_setting_wireless_security (connection);
s_8021x = nm_connection_get_setting_802_1x (connection);
/* Fill in missing SSID */
ssid = nm_setting_wireless_get_ssid (s_wifi);
if (!ssid)
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL);
else if ( ssid->len != ap_ssid->len
|| memcmp (ssid->data, ap_ssid->data, ssid->len)) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
"Setting SSID did not match AP SSID");
return FALSE;
}
if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) {
GByteArray *bssid;
bssid = g_byte_array_sized_new (ETH_ALEN);
g_byte_array_append (bssid, ap_bssid, ETH_ALEN);
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL);
g_byte_array_free (bssid, TRUE);
}
/* And mode */
mode = nm_setting_wireless_get_mode (s_wifi);
if (mode) {
gboolean valid = FALSE;
/* Make sure the supplied mode matches the AP's */
if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) {
if (ap_mode == NM_802_11_MODE_INFRA)
valid = TRUE;
} else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) {
if (ap_mode == NM_802_11_MODE_ADHOC)
valid = TRUE;
adhoc = TRUE;
}
if (valid == FALSE) {
g_set_error (error,
NM_SETTING_WIRELESS_ERROR,
NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY,
NM_SETTING_WIRELESS_MODE);
return FALSE;
}
} else {
mode = NM_SETTING_WIRELESS_MODE_INFRA;
if (ap_mode == NM_802_11_MODE_ADHOC) {
mode = NM_SETTING_WIRELESS_MODE_ADHOC;
adhoc = TRUE;
}
g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL);
}
/* Security */
/* Open */
if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
/* Make sure the connection doesn't specify security */
if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"AP is unencrypted but setting specifies security");
return FALSE;
}
return TRUE;
}
/* Everything else requires security */
g_object_set (G_OBJECT (s_wifi),
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
if (!s_wsec) {
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
}
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
leap_username = nm_setting_wireless_security_get_leap_username (s_wsec);
/* Ad-Hoc checks */
if (!verify_adhoc (s_wsec, s_8021x, adhoc, error))
return FALSE;
/* Static WEP, Dynamic WEP, or LEAP */
if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY)
&& (ap_wpa_flags == NM_802_11_AP_SEC_NONE)
&& (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) {
const char *tag = "WEP";
gboolean is_dynamic_wep = FALSE;
if (!verify_leap (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (leap_username) {
tag = "LEAP";
} else {
/* Static or Dynamic WEP */
if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error))
return FALSE;
if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) {
is_dynamic_wep = TRUE;
tag = "Dynamic WEP";
}
}
/* Nothing WPA-related can be set */
if (!verify_no_wpa (s_wsec, tag, error))
return FALSE;
if (leap_username) {
/* LEAP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap",
NULL);
} else if (is_dynamic_wep) {
/* Dynamic WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
nm_setting_wireless_security_add_pairwise (s_wsec, "wep40");
nm_setting_wireless_security_add_pairwise (s_wsec, "wep104");
nm_setting_wireless_security_add_group (s_wsec, "wep40");
nm_setting_wireless_security_add_group (s_wsec, "wep104");
if (s_8021x) {
/* Dynamic WEP requires a valid 802.1x setting since we can't
* autocomplete 802.1x.
*/
if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error))
return FALSE;
}
} else {
/* Static WEP */
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NULL);
}
return TRUE;
}
/* WPA/RSN */
g_assert (ap_wpa_flags || ap_rsn_flags);
/* Ensure key management is valid for WPA */
if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with non-EAP (original) LEAP or Dynamic WEP");
return FALSE;
}
/* 'shared' auth incompatible with any type of WPA */
if (auth_alg && strcmp (auth_alg, "open")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"WPA incompatible with Shared Key authentication");
return FALSE;
}
if (!verify_no_wep (s_wsec, "WPA", error))
return FALSE;
if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error))
return FALSE;
if (adhoc) {
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
/* Ad-Hoc does not support RSN/WPA2 */
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wsec, "none");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
/* 802.1x also requires the client to completely fill in the 8021x
* setting. Since there's so much configuration required for it, there's
* no way it can be automatically completed.
*/
} else if ( (key_mgmt && !strcmp (key_mgmt, "wpa-psk"))
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
NULL);
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
} else {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
"Failed to determine AP security information");
return FALSE;
}
return TRUE;
}
static gboolean
security_combo_init (NMAWirelessDialog *self)
{
NMAWirelessDialogPrivate *priv;
GtkListStore *sec_model;
GtkTreeIter iter;
guint32 ap_flags = 0;
guint32 ap_wpa = 0;
guint32 ap_rsn = 0;
guint32 dev_caps;
NMSettingWirelessSecurity *wsec = NULL;
NMUtilsSecurityType default_type = NMU_SEC_NONE;
NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
int active = -1;
int item = 0;
NMSettingWireless *s_wireless = NULL;
gboolean is_adhoc;
g_return_val_if_fail (self != NULL, FALSE);
priv = NMA_WIRELESS_DIALOG_GET_PRIVATE (self);
g_return_val_if_fail (priv->device != NULL, FALSE);
g_return_val_if_fail (priv->sec_combo != NULL, FALSE);
is_adhoc = priv->adhoc_create;
/* The security options displayed are filtered based on device
* capabilities, and if provided, additionally by access point capabilities.
* If a connection is given, that connection's options should be selected
* by default.
*/
dev_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (priv->device));
if (priv->ap != NULL) {
ap_flags = nm_access_point_get_flags (priv->ap);
ap_wpa = nm_access_point_get_wpa_flags (priv->ap);
ap_rsn = nm_access_point_get_rsn_flags (priv->ap);
}
if (priv->connection) {
const char *mode;
const char *security;
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (priv->connection, NM_TYPE_SETTING_WIRELESS));
mode = nm_setting_wireless_get_mode (s_wireless);
if (mode && !strcmp (mode, "adhoc"))
is_adhoc = TRUE;
wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (priv->connection,
NM_TYPE_SETTING_WIRELESS_SECURITY));
security = nm_setting_wireless_get_security (s_wireless);
if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
wsec = NULL;
if (wsec) {
default_type = get_default_type_for_security (wsec, !!priv->ap, ap_flags, dev_caps);
if (default_type == NMU_SEC_STATIC_WEP)
wep_type = nm_setting_wireless_security_get_wep_key_type (wsec);
if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
wep_type = NM_WEP_KEY_TYPE_KEY;
}
} else if (is_adhoc) {
default_type = NMU_SEC_STATIC_WEP;
wep_type = NM_WEP_KEY_TYPE_PASSPHRASE;
}
sec_model = gtk_list_store_new (2, G_TYPE_STRING, wireless_security_get_g_type ());
if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)) {
gtk_list_store_append (sec_model, &iter);
gtk_list_store_set (sec_model, &iter,
S_NAME_COLUMN, _("None"),
-1);
if (default_type == NMU_SEC_NONE)
active = item;
item++;
}
/* Don't show Static WEP if both the AP and the device are capable of WPA,
* even though technically it's possible to have this configuration.
*/
if ( nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)
&& ((!ap_wpa && !ap_rsn) || !(dev_caps & (NM_WIFI_DEVICE_CAP_WPA | NM_WIFI_DEVICE_CAP_RSN)))) {
WirelessSecurityWEPKey *ws_wep;
ws_wep = ws_wep_key_new (priv->connection, NM_WEP_KEY_TYPE_KEY, priv->adhoc_create);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 40/128-bit Key"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
active = item;
item++;
}
ws_wep = ws_wep_key_new (priv->connection, NM_WEP_KEY_TYPE_PASSPHRASE, priv->adhoc_create);
if (ws_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
&iter, _("WEP 128-bit Passphrase"));
if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
active = item;
item++;
}
}
/* Don't show LEAP if both the AP and the device are capable of WPA,
* even though technically it's possible to have this configuration.
*/
if ( nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)
&& ((!ap_wpa && !ap_rsn) || !(dev_caps & (NM_WIFI_DEVICE_CAP_WPA | NM_WIFI_DEVICE_CAP_RSN)))) {
WirelessSecurityLEAP *ws_leap;
ws_leap = ws_leap_new (priv->connection);
if (ws_leap) {
add_security_item (self, WIRELESS_SECURITY (ws_leap), sec_model,
&iter, _("LEAP"));
if ((active < 0) && (default_type == NMU_SEC_LEAP))
active = item;
item++;
}
}
if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)) {
WirelessSecurityDynamicWEP *ws_dynamic_wep;
ws_dynamic_wep = ws_dynamic_wep_new (priv->connection);
if (ws_dynamic_wep) {
add_security_item (self, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
&iter, _("Dynamic WEP (802.1x)"));
if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)
|| nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
ws_wpa_psk = ws_wpa_psk_new (priv->connection);
if (ws_wpa_psk) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_psk), sec_model,
&iter, _("WPA & WPA2 Personal"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK)))
active = item;
item++;
}
}
if ( nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)
|| nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, !!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)) {
WirelessSecurityWPAEAP *ws_wpa_eap;
ws_wpa_eap = ws_wpa_eap_new (priv->connection);
if (ws_wpa_eap) {
add_security_item (self, WIRELESS_SECURITY (ws_wpa_eap), sec_model,
&iter, _("WPA & WPA2 Enterprise"));
if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE)))
active = item;
item++;
}
}
gtk_combo_box_set_model (GTK_COMBO_BOX (priv->sec_combo), GTK_TREE_MODEL (sec_model));
gtk_combo_box_set_active (GTK_COMBO_BOX (priv->sec_combo), active < 0 ? 0 : (guint32) active);
g_object_unref (G_OBJECT (sec_model));
return TRUE;
}
