CEPage * ce_page_wireless_security_new (NMConnection *connection, GtkWindow *parent_window, NMClient *client, const char **out_secrets_setting_name, GError **error) { CEPageWirelessSecurity *self; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wsec = NULL; NMUtilsSecurityType default_type = NMU_SEC_NONE; const char *security; s_wireless = nm_connection_get_setting_wireless (connection); if (!s_wireless) { g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface; missing WiFi setting.")); return NULL; } self = CE_PAGE_WIRELESS_SECURITY (ce_page_new (CE_TYPE_PAGE_WIRELESS_SECURITY, connection, parent_window, client, UIDIR "/ce-page-wireless-security.ui", "WirelessSecurityPage", _("Wireless Security"))); if (!self) { g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load WiFi security user interface.")); return NULL; } self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL); s_wsec = nm_connection_get_setting_wireless_security (connection); security = nm_setting_wireless_get_security (s_wireless); if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME)) s_wsec = NULL; if (s_wsec) default_type = get_default_type_for_security (s_wsec); /* Get secrets if the connection is not 802.1x enabled */ if ( default_type == NMU_SEC_STATIC_WEP || default_type == NMU_SEC_LEAP || default_type == NMU_SEC_WPA_PSK || default_type == NMU_SEC_WPA2_PSK) { *out_secrets_setting_name = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME; } /* Or if it is 802.1x enabled */ if ( default_type == NMU_SEC_DYNAMIC_WEP || default_type == NMU_SEC_WPA_ENTERPRISE || default_type == NMU_SEC_WPA2_ENTERPRISE) { *out_secrets_setting_name = NM_SETTING_802_1X_SETTING_NAME; } g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL); return CE_PAGE (self); }
void ws_802_1x_fill_connection (WirelessSecurity *sec, const char *combo_name, NMConnection *connection) { GtkWidget *widget; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; NMSetting8021x *s_8021x; EAPMethod *eap = NULL; GtkTreeModel *model; GtkTreeIter iter; s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL); /* Blow away the old wireless security setting by adding a clear one */ s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec); /* Blow away the old 802.1x setting by adding a clear one */ s_8021x = (NMSetting8021x *) nm_setting_802_1x_new (); nm_connection_add_setting (connection, (NMSetting *) s_8021x); widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, combo_name)); model = gtk_combo_box_get_model (GTK_COMBO_BOX (widget)); gtk_combo_box_get_active_iter (GTK_COMBO_BOX (widget), &iter); gtk_tree_model_get (model, &iter, AUTH_METHOD_COLUMN, &eap, -1); g_assert (eap); eap_method_fill_connection (eap, connection); eap_method_unref (eap); }
const char * nm_utils_get_shared_wifi_permission (NMConnection *connection) { NMSettingWireless *s_wifi; NMSettingWirelessSecurity *s_wsec; NMSettingIP4Config *s_ip4; const char *method = NULL; s_ip4 = nm_connection_get_setting_ip4_config (connection); if (s_ip4) method = nm_setting_ip4_config_get_method (s_ip4); if (g_strcmp0 (method, NM_SETTING_IP4_CONFIG_METHOD_SHARED) != 0) return NULL; /* Not shared */ s_wifi = nm_connection_get_setting_wireless (connection); if (s_wifi) { s_wsec = nm_connection_get_setting_wireless_security (connection); if (nm_setting_wireless_get_security (s_wifi) || s_wsec) return NM_AUTH_PERMISSION_WIFI_SHARE_PROTECTED; else return NM_AUTH_PERMISSION_WIFI_SHARE_OPEN; } return NULL; }
/* return value must be freed by caller with g_free() */ static gchar * get_mac_address_of_connection (NMConnection *connection) { const GByteArray *mac = NULL; if (!connection) return NULL; /* check the connection type */ if (nm_connection_is_type (connection, NM_SETTING_WIRELESS_SETTING_NAME)) { /* check wireless settings */ NMSettingWireless *s_wireless = nm_connection_get_setting_wireless (connection); if (!s_wireless) return NULL; mac = nm_setting_wireless_get_mac_address (s_wireless); if (mac) return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER); } else if (nm_connection_is_type (connection, NM_SETTING_WIRED_SETTING_NAME)) { /* check wired settings */ NMSettingWired *s_wired = nm_connection_get_setting_wired (connection); if (!s_wired) return NULL; mac = nm_setting_wired_get_mac_address (s_wired); if (mac) return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER); } else if (nm_connection_is_type (connection, NM_SETTING_WIMAX_SETTING_NAME)) { /* check wimax settings */ NMSettingWimax *s_wimax = nm_connection_get_setting_wimax (connection); if (!s_wimax) return NULL; mac = nm_setting_wimax_get_mac_address (s_wimax); if (mac) return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_ETHER); } else if (nm_connection_is_type (connection, NM_SETTING_INFINIBAND_SETTING_NAME)) { /* check infiniband settings */ NMSettingInfiniband *s_infiniband = \ nm_connection_get_setting_infiniband (connection); if (!s_infiniband) return NULL; mac = nm_setting_infiniband_get_mac_address (s_infiniband); if (mac) return nm_utils_hwaddr_ntoa (mac->data, ARPHRD_INFINIBAND); } /* no MAC address found */ return NULL; }
static void fill_connection (WirelessSecurity *parent, NMConnection *connection) { WirelessSecurityWPAPSK *wpa_psk = (WirelessSecurityWPAPSK *) parent; GtkWidget *widget, *passwd_entry; const char *key; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; NMSettingSecretFlags secret_flags; const char *mode; gboolean is_adhoc = FALSE; s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); mode = nm_setting_wireless_get_mode (s_wireless); if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; /* Blow away the old security setting by adding a clear one */ s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry")); passwd_entry = widget; key = gtk_entry_get_text (GTK_ENTRY (widget)); g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); /* Save PSK_FLAGS to the connection */ secret_flags = nma_utils_menu_to_secret_flags (passwd_entry); nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK, secret_flags, NULL); /* Update secret flags and popup when editing the connection */ if (wpa_psk->editing_connection) nma_utils_update_password_storage (passwd_entry, secret_flags, NM_SETTING (s_wireless_sec), wpa_psk->password_flags_name); wireless_security_clear_ciphers (connection); if (is_adhoc) { /* Ad-Hoc settings as specified by the supplicant */ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL); nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa"); nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none"); /* Ad-hoc can only have _one_ group cipher... default to TKIP to be more * compatible for now. Maybe we'll support selecting CCMP later. */ nm_setting_wireless_security_add_group (s_wireless_sec, "tkip"); } else { g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL); /* Just leave ciphers and protocol empty, the supplicant will * figure that out magically based on the AP IEs and card capabilities. */ } }
static gboolean validate (CEPage *page, NMConnection *connection, GError **error) { CEPageWirelessSecurity *self = CE_PAGE_WIRELESS_SECURITY (page); NMSettingWireless *s_wireless; WirelessSecurity *sec; gboolean valid = FALSE; const char *mode; s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); /* Kernel Ad-Hoc WPA support is busted; it creates open networks. Disable * WPA when Ad-Hoc is selected. set_sensitive() will pick up self->adhoc * and do the right thing. */ mode = nm_setting_wireless_get_mode (s_wireless); if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) self->adhoc = TRUE; else self->adhoc = FALSE; sec = wireless_security_combo_get_active (self); if (sec) { const GByteArray *ssid = nm_setting_wireless_get_ssid (s_wireless); if (ssid) { /* FIXME: get failed property and error out of wireless security objects */ valid = wireless_security_validate (sec, ssid); if (valid) wireless_security_fill_connection (sec, connection); else g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Invalid wireless security"); } else { g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Missing SSID"); valid = FALSE; } if (self->adhoc) { if (!wireless_security_adhoc_compatible (sec)) { g_set_error (error, NMA_ERROR, NMA_ERROR_GENERIC, "Security not compatible with Ad-Hoc mode"); valid = FALSE; } } } else { /* No security, unencrypted */ g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NULL, NULL); nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY); nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X); valid = TRUE; } return valid; }
static gboolean validate (CEPage *page, NMConnection *connection, GError **error) { NMSettingWireless *sw; NMSettingConnection *sc; WirelessSecurity *sec; gboolean valid = FALSE; const char *mode; sw = nm_connection_get_setting_wireless (connection); mode = nm_setting_wireless_get_mode (sw); if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) CE_PAGE_SECURITY (page)->adhoc = TRUE; else CE_PAGE_SECURITY (page)->adhoc = FALSE; sec = security_combo_get_active (CE_PAGE_SECURITY (page)); if (sec) { GBytes *ssid = nm_setting_wireless_get_ssid (sw); if (ssid) { /* FIXME: get failed property and error out of wifi security objects */ valid = wireless_security_validate (sec, error); if (valid) wireless_security_fill_connection (sec, connection); } else { g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_SETTING, "Missing SSID"); valid = FALSE; } if (CE_PAGE_SECURITY (page)->adhoc) { if (!wireless_security_adhoc_compatible (sec)) { g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_SETTING, "Security not compatible with Ad-Hoc mode"); valid = FALSE; } } wireless_security_unref (sec); } else { /* No security, unencrypted */ nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY); nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X); valid = TRUE; } sc = nm_connection_get_setting_connection (connection); firewall_ui_to_setting (sc, GTK_WIDGET (CE_PAGE_SECURITY (page)->firewall_combo)); return valid; }
static gboolean validate (CEPage *page, NMConnection *connection, GError **error) { NMSettingWireless *sw; WirelessSecurity *sec; gboolean valid = FALSE; const char *mode; sw = nm_connection_get_setting_wireless (connection); mode = nm_setting_wireless_get_mode (sw); if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) CE_PAGE_SECURITY (page)->adhoc = TRUE; else CE_PAGE_SECURITY (page)->adhoc = FALSE; sec = security_combo_get_active (CE_PAGE_SECURITY (page)); if (sec) { const GByteArray *ssid = nm_setting_wireless_get_ssid (sw); if (ssid) { /* FIXME: get failed property and error out of wifi security objects */ valid = wireless_security_validate (sec, ssid); if (valid) wireless_security_fill_connection (sec, connection); else g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Invalid Wi-Fi security"); } else { g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Missing SSID"); valid = FALSE; } if (CE_PAGE_SECURITY (page)->adhoc) { if (!wireless_security_adhoc_compatible (sec)) { g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_UNKNOWN, "Security not compatible with Ad-Hoc mode"); valid = FALSE; } } wireless_security_unref (sec); } else { /* No security, unencrypted */ g_object_set (sw, NM_SETTING_WIRELESS_SEC, NULL, NULL); nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY); nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X); valid = TRUE; } return valid; }
static void fill_connection (WirelessSecurity *parent, NMConnection *connection) { GtkWidget *widget; const char *key; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; const char *mode; gboolean is_adhoc = FALSE; s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); mode = nm_setting_wireless_get_mode (s_wireless); if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL); /* Blow away the old security setting by adding a clear one */ s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wpa_psk_entry")); key = gtk_entry_get_text (GTK_ENTRY (widget)); g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); wireless_security_clear_ciphers (connection); if (is_adhoc) { /* Ad-Hoc settings as specified by the supplicant */ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL); nm_setting_wireless_security_add_proto (s_wireless_sec, "wpa"); nm_setting_wireless_security_add_pairwise (s_wireless_sec, "none"); /* Ad-hoc can only have _one_ group cipher... default to TKIP to be more * compatible for now. Maybe we'll support selecting CCMP later. */ nm_setting_wireless_security_add_group (s_wireless_sec, "tkip"); } else { g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL); /* Just leave ciphers and protocol empty, the supplicant will * figure that out magically based on the AP IEs and card capabilities. */ } }
static void bind_device_to_connection (SCPluginIfupdown *self, GUdevDevice *device, NMIfupdownConnection *exported) { GByteArray *mac_address; NMSettingWired *s_wired; NMSettingWireless *s_wifi; const char *iface, *address; iface = g_udev_device_get_name (device); if (!iface) { PLUGIN_WARN ("SCPluginIfupdown", "failed to get ifname for device."); return; } address = g_udev_device_get_sysfs_attr (device, "address"); if (!address || !strlen (address)) { PLUGIN_WARN ("SCPluginIfupdown", "failed to get MAC address for %s", iface); return; } mac_address = nm_utils_hwaddr_atoba (address, ARPHRD_ETHER); if (!mac_address) { PLUGIN_WARN ("SCPluginIfupdown", "failed to parse MAC address '%s' for %s", address, iface); return; } s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported)); s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported)); if (s_wired) { PLUGIN_PRINT ("SCPluginIfupdown", "locking wired connection setting"); g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, mac_address, NULL); } else if (s_wifi) { PLUGIN_PRINT ("SCPluginIfupdown", "locking wireless connection setting"); g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, mac_address, NULL); } g_byte_array_free (mac_address, TRUE); nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), ignore_cb, NULL); }
static void fill_connection (WirelessSecurity *parent, NMConnection *connection) { WirelessSecurityWEPKey *sec = (WirelessSecurityWEPKey *) parent; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wsec; GtkWidget *widget; gint auth_alg; const char *key; int i; widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo")); auth_alg = gtk_combo_box_get_active (GTK_COMBO_BOX (widget)); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry")); key = gtk_entry_get_text (GTK_ENTRY (widget)); strcpy (sec->keys[sec->cur_index], key); s_wireless = nm_connection_get_setting_wireless (connection); g_assert (s_wireless); g_object_set (s_wireless, NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL); /* Blow away the old security setting by adding a clear one */ s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); nm_connection_add_setting (connection, (NMSetting *) s_wsec); g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none", NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, sec->cur_index, NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, (auth_alg == 1) ? "shared" : "open", NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, sec->type, NULL); for (i = 0; i < 4; i++) { if (strlen (sec->keys[i])) nm_setting_wireless_security_set_wep_key (s_wsec, i, sec->keys[i]); } }
static void bind_device_to_connection (SettingsPluginIfupdown *self, GUdevDevice *device, NMIfupdownConnection *exported) { NMSettingWired *s_wired; NMSettingWireless *s_wifi; const char *iface, *address; iface = g_udev_device_get_name (device); if (!iface) { nm_log_warn (LOGD_SETTINGS, "failed to get ifname for device."); return; } address = g_udev_device_get_sysfs_attr (device, "address"); if (!address || !strlen (address)) { nm_log_warn (LOGD_SETTINGS, "failed to get MAC address for %s", iface); return; } if (!nm_utils_hwaddr_valid (address, ETH_ALEN)) { nm_log_warn (LOGD_SETTINGS, "failed to parse MAC address '%s' for %s", address, iface); return; } s_wired = nm_connection_get_setting_wired (NM_CONNECTION (exported)); s_wifi = nm_connection_get_setting_wireless (NM_CONNECTION (exported)); if (s_wired) { nm_log_info (LOGD_SETTINGS, "locking wired connection setting"); g_object_set (s_wired, NM_SETTING_WIRED_MAC_ADDRESS, address, NULL); } else if (s_wifi) { nm_log_info (LOGD_SETTINGS, "locking wireless connection setting"); g_object_set (s_wifi, NM_SETTING_WIRELESS_MAC_ADDRESS, address, NULL); } nm_settings_connection_commit_changes (NM_SETTINGS_CONNECTION (exported), NM_SETTINGS_CONNECTION_COMMIT_REASON_NONE, NULL, NULL); }
CEPage * ce_page_wifi_new (NMConnectionEditor *editor, NMConnection *connection, GtkWindow *parent_window, NMClient *client, const char **out_secrets_setting_name, GError **error) { CEPageWifi *self; CEPageWifiPrivate *priv; g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL); self = CE_PAGE_WIFI (ce_page_new (CE_TYPE_PAGE_WIFI, editor, connection, parent_window, client, UIDIR "/ce-page-wifi.ui", "WifiPage", _("Wi-Fi"))); if (!self) { g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Could not load Wi-Fi user interface.")); return NULL; } wifi_private_init (self); priv = CE_PAGE_WIFI_GET_PRIVATE (self); priv->setting = nm_connection_get_setting_wireless (connection); if (!priv->setting) { priv->setting = NM_SETTING_WIRELESS (nm_setting_wireless_new ()); nm_connection_add_setting (connection, NM_SETTING (priv->setting)); } g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL); return CE_PAGE (self); }
gboolean nm_ap_check_compatible (NMAccessPoint *self, NMConnection *connection) { NMAccessPointPrivate *priv; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; const char *mode; const char *band; const GByteArray *bssid; guint32 channel; g_return_val_if_fail (NM_IS_AP (self), FALSE); g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE); priv = NM_AP_GET_PRIVATE (self); s_wireless = nm_connection_get_setting_wireless (connection); if (s_wireless == NULL) return FALSE; if (!nm_utils_same_ssid (nm_setting_wireless_get_ssid (s_wireless), priv->ssid, TRUE)) return FALSE; bssid = nm_setting_wireless_get_bssid (s_wireless); if (bssid && memcmp (bssid->data, &priv->address, ETH_ALEN)) return FALSE; mode = nm_setting_wireless_get_mode (s_wireless); if (mode) { if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA)) return FALSE; if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC)) return FALSE; if ( !strcmp (mode, "ap") && (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE)) return FALSE; } band = nm_setting_wireless_get_band (s_wireless); if (band) { if (!strcmp (band, "a")) { if (priv->freq < 4915 || priv->freq > 5825) return FALSE; } else if (!strcmp (band, "bg")) { if (priv->freq < 2412 || priv->freq > 2484) return FALSE; } } channel = nm_setting_wireless_get_channel (s_wireless); if (channel) { guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq); if (channel != ap_chan) return FALSE; } s_wireless_sec = nm_connection_get_setting_wireless_security (connection); return nm_setting_wireless_ap_security_compatible (s_wireless, s_wireless_sec, nm_ap_get_flags (self), nm_ap_get_wpa_flags (self), nm_ap_get_rsn_flags (self), nm_ap_get_mode (self)); }
static void update_wireless_security_setting_from_if_block(NMConnection *connection, if_block *block) { gint wpa_l= strlen("wpa-"); gint wireless_l= strlen("wireless-"); if_data *curr = block->info; const gchar* value = ifparser_getkey (block, "inet"); struct _Mapping mapping[] = { {"psk", "psk"}, {"identity", "leap-username"}, {"password", "leap-password"}, {"key", "wep-key0"}, {"key-mgmt", "key-mgmt"}, {"group", "group"}, {"pairwise", "pairwise"}, {"proto", "proto"}, {"pin", "pin"}, {"wep-key0", "wep-key0"}, {"wep-key1", "wep-key1"}, {"wep-key2", "wep-key2"}, {"wep-key3", "wep-key3"}, {"wep-tx-keyidx", "wep-tx-keyidx"}, { NULL, NULL} }; struct _Mapping dupe_mapping[] = { {"psk", normalize_psk}, {"identity", normalize_dupe}, {"password", normalize_dupe}, {"key", normalize_dupe_wireless_key}, {"key-mgmt", normalize_tolower}, {"group", normalize_tolower}, {"pairwise", normalize_tolower}, {"proto", normalize_tolower}, {"pin", normalize_dupe}, {"wep-key0", normalize_dupe_wireless_key}, {"wep-key1", normalize_dupe_wireless_key}, {"wep-key2", normalize_dupe_wireless_key}, {"wep-key3", normalize_dupe_wireless_key}, {"wep-tx-keyidx", normalize_dupe}, { NULL, NULL} }; struct _Mapping type_mapping[] = { {"group", string_to_glist_of_strings}, {"pairwise", string_to_glist_of_strings}, {"proto", string_to_glist_of_strings}, {"wep-tx-keyidx", string_to_gpointerint}, { NULL, NULL} }; struct _Mapping free_type_mapping[] = { {"group", slist_free_all}, {"pairwise", slist_free_all}, {"proto", slist_free_all}, { NULL, NULL} }; NMSettingWirelessSecurity *wireless_security_setting; NMSettingWireless *s_wireless; gboolean security = FALSE; if(value && !strcmp("ppp", value)) { return; } s_wireless = nm_connection_get_setting_wireless(connection); g_return_if_fail(s_wireless); nm_log_info (LOGD_SETTINGS, "update wireless security settings (%s).", block->name); wireless_security_setting = NM_SETTING_WIRELESS_SECURITY(nm_setting_wireless_security_new()); while(curr) { if(strlen(curr->key) > wireless_l && !strncmp("wireless-", curr->key, wireless_l)) { gchar *property_value = NULL; gpointer typed_property_value = NULL; const gchar* newkey = map_by_mapping(mapping, curr->key+wireless_l); IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wireless_l); IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wireless_l); GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wireless_l); if(!newkey || !dupe_func) goto next; property_value = (*dupe_func) (curr->data, connection); nm_log_info (LOGD_SETTINGS, "setting wireless security key: %s=%s", newkey, property_value); if (type_map_func) { errno = 0; typed_property_value = (*type_map_func) (property_value); if(errno) goto wireless_next; } g_object_set(wireless_security_setting, newkey, typed_property_value ? typed_property_value : property_value, NULL); security = TRUE; wireless_next: g_free(property_value); if (typed_property_value && free_func) (*free_func) (typed_property_value); } else if(strlen(curr->key) > wpa_l && !strncmp("wpa-", curr->key, wpa_l)) { gchar *property_value = NULL; gpointer typed_property_value = NULL; const gchar* newkey = map_by_mapping(mapping, curr->key+wpa_l); IfupdownStrDupeFunc dupe_func = map_by_mapping (dupe_mapping, curr->key+wpa_l); IfupdownStrToTypeFunc type_map_func = map_by_mapping (type_mapping, curr->key+wpa_l); GFreeFunc free_func = map_by_mapping (free_type_mapping, curr->key+wpa_l); if(!newkey || !dupe_func) goto next; property_value = (*dupe_func) (curr->data, connection); nm_log_info (LOGD_SETTINGS, "setting wpa security key: %s=%s", newkey, #ifdef DEBUG_SECRETS property_value #else /* DEBUG_SECRETS */ !strcmp("key", newkey) || !strcmp("leap-password", newkey) || !strcmp("pin", newkey) || !strcmp("psk", newkey) || !strcmp("wep-key0", newkey) || !strcmp("wep-key1", newkey) || !strcmp("wep-key2", newkey) || !strcmp("wep-key3", newkey) || NULL ? "<omitted>" : property_value #endif /* DEBUG_SECRETS */ ); if (type_map_func) { errno = 0; typed_property_value = (*type_map_func) (property_value); if(errno) goto wpa_next; } g_object_set(wireless_security_setting, newkey, typed_property_value ? typed_property_value : property_value, NULL); security = TRUE; wpa_next: g_free(property_value); if (free_func && typed_property_value) (*free_func) (typed_property_value); } next: curr = curr->next; } if (security) nm_connection_add_setting (connection, NM_SETTING (wireless_security_setting)); }
gboolean nm_ap_utils_complete_connection (const GByteArray *ap_ssid, const guint8 ap_bssid[ETH_ALEN], NM80211Mode ap_mode, guint32 ap_flags, guint32 ap_wpa_flags, guint32 ap_rsn_flags, NMConnection *connection, gboolean lock_bssid, GError **error) { NMSettingWireless *s_wifi; NMSettingWirelessSecurity *s_wsec; NMSetting8021x *s_8021x; const GByteArray *ssid; const char *mode, *key_mgmt, *auth_alg, *leap_username; gboolean adhoc = FALSE; s_wifi = nm_connection_get_setting_wireless (connection); g_assert (s_wifi); s_wsec = nm_connection_get_setting_wireless_security (connection); s_8021x = nm_connection_get_setting_802_1x (connection); /* Fill in missing SSID */ ssid = nm_setting_wireless_get_ssid (s_wifi); if (!ssid) g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SSID, ap_ssid, NULL); else if ( ssid->len != ap_ssid->len || memcmp (ssid->data, ap_ssid->data, ssid->len)) { g_set_error_literal (error, NM_SETTING_WIRELESS_ERROR, NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY, "Setting SSID did not match AP SSID"); return FALSE; } if (lock_bssid && !nm_setting_wireless_get_bssid (s_wifi)) { GByteArray *bssid; bssid = g_byte_array_sized_new (ETH_ALEN); g_byte_array_append (bssid, ap_bssid, ETH_ALEN); g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_BSSID, bssid, NULL); g_byte_array_free (bssid, TRUE); } /* And mode */ mode = nm_setting_wireless_get_mode (s_wifi); if (mode) { gboolean valid = FALSE; /* Make sure the supplied mode matches the AP's */ if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_INFRA)) { if (ap_mode == NM_802_11_MODE_INFRA) valid = TRUE; } else if (!strcmp (mode, NM_SETTING_WIRELESS_MODE_ADHOC)) { if (ap_mode == NM_802_11_MODE_ADHOC) valid = TRUE; adhoc = TRUE; } if (valid == FALSE) { g_set_error (error, NM_SETTING_WIRELESS_ERROR, NM_SETTING_WIRELESS_ERROR_INVALID_PROPERTY, NM_SETTING_WIRELESS_MODE); return FALSE; } } else { mode = NM_SETTING_WIRELESS_MODE_INFRA; if (ap_mode == NM_802_11_MODE_ADHOC) { mode = NM_SETTING_WIRELESS_MODE_ADHOC; adhoc = TRUE; } g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_MODE, mode, NULL); } /* Security */ /* Open */ if ( !(ap_flags & NM_802_11_AP_FLAGS_PRIVACY) && (ap_wpa_flags == NM_802_11_AP_SEC_NONE) && (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) { /* Make sure the connection doesn't specify security */ if (nm_setting_wireless_get_security (s_wifi) || s_wsec || s_8021x) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, "AP is unencrypted but setting specifies security"); return FALSE; } return TRUE; } /* Everything else requires security */ g_object_set (G_OBJECT (s_wifi), NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NULL); if (!s_wsec) { s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); nm_connection_add_setting (connection, NM_SETTING (s_wsec)); } key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec); auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec); leap_username = nm_setting_wireless_security_get_leap_username (s_wsec); /* Ad-Hoc checks */ if (!verify_adhoc (s_wsec, s_8021x, adhoc, error)) return FALSE; /* Static WEP, Dynamic WEP, or LEAP */ if ( (ap_flags & NM_802_11_AP_FLAGS_PRIVACY) && (ap_wpa_flags == NM_802_11_AP_SEC_NONE) && (ap_rsn_flags == NM_802_11_AP_SEC_NONE)) { const char *tag = "WEP"; gboolean is_dynamic_wep = FALSE; if (!verify_leap (s_wsec, s_8021x, adhoc, error)) return FALSE; if (leap_username) { tag = "LEAP"; } else { /* Static or Dynamic WEP */ if (!verify_dynamic_wep (s_wsec, s_8021x, adhoc, error)) return FALSE; if (s_8021x || (key_mgmt && !strcmp (key_mgmt, "ieee8021x"))) { is_dynamic_wep = TRUE; tag = "Dynamic WEP"; } } /* Nothing WPA-related can be set */ if (!verify_no_wpa (s_wsec, tag, error)) return FALSE; if (leap_username) { /* LEAP */ g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x", NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "leap", NULL); } else if (is_dynamic_wep) { /* Dynamic WEP */ g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "ieee8021x", NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open", NULL); nm_setting_wireless_security_add_pairwise (s_wsec, "wep40"); nm_setting_wireless_security_add_pairwise (s_wsec, "wep104"); nm_setting_wireless_security_add_group (s_wsec, "wep40"); nm_setting_wireless_security_add_group (s_wsec, "wep104"); if (s_8021x) { /* Dynamic WEP requires a valid 802.1x setting since we can't * autocomplete 802.1x. */ if (!nm_setting_verify (NM_SETTING (s_8021x), NULL, error)) return FALSE; } } else { /* Static WEP */ g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none", NULL); } return TRUE; } /* WPA/RSN */ g_assert (ap_wpa_flags || ap_rsn_flags); /* Ensure key management is valid for WPA */ if ((key_mgmt && !strcmp (key_mgmt, "ieee8021x")) || leap_username) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, "WPA incompatible with non-EAP (original) LEAP or Dynamic WEP"); return FALSE; } /* 'shared' auth incompatible with any type of WPA */ if (auth_alg && strcmp (auth_alg, "open")) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, "WPA incompatible with Shared Key authentication"); return FALSE; } if (!verify_no_wep (s_wsec, "WPA", error)) return FALSE; if (!verify_wpa_psk (s_wsec, s_8021x, adhoc, ap_wpa_flags, ap_rsn_flags, error)) return FALSE; if (!adhoc && !verify_wpa_eap (s_wsec, s_8021x, ap_wpa_flags, ap_rsn_flags, error)) return FALSE; if (adhoc) { g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL); /* Ad-Hoc does not support RSN/WPA2 */ nm_setting_wireless_security_add_proto (s_wsec, "wpa"); nm_setting_wireless_security_add_pairwise (s_wsec, "none"); nm_setting_wireless_security_add_group (s_wsec, "tkip"); } else if (s_8021x) { g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open", NULL); /* Leave proto/pairwise/group as client set them; if they are unset the * supplicant will figure out the best combination at connect time. */ /* 802.1x also requires the client to completely fill in the 8021x * setting. Since there's so much configuration required for it, there's * no way it can be automatically completed. */ } else if ( (key_mgmt && !strcmp (key_mgmt, "wpa-psk")) || (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK) || (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) { g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open", NULL); /* Leave proto/pairwise/group as client set them; if they are unset the * supplicant will figure out the best combination at connect time. */ } else { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, "Failed to determine AP security information"); return FALSE; } return TRUE; }
static void nmt_page_wifi_constructed (GObject *object) { NmtPageWifiPrivate *priv = NMT_PAGE_WIFI_GET_PRIVATE (object); NmtPageWifi *wifi = NMT_PAGE_WIFI (object); NmtDeviceEntry *deventry; NmtEditorSection *section; NmtEditorGrid *grid; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wsec; NmtNewtWidget *widget, *hbox, *subgrid; NmtNewtWidget *mode, *band, *security, *entry; NmtNewtStack *stack; NMConnection *conn; conn = nmt_editor_page_get_connection (NMT_EDITOR_PAGE (wifi)); s_wireless = nm_connection_get_setting_wireless (conn); if (!s_wireless) { nm_connection_add_setting (conn, nm_setting_wireless_new ()); s_wireless = nm_connection_get_setting_wireless (conn); } s_wsec = nm_connection_get_setting_wireless_security (conn); if (!s_wsec) { /* It makes things simpler if we always have a * NMSettingWirelessSecurity; we'll hold a ref on one, and add * it to and remove it from the connection as needed. */ s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_setting_wireless_security_new ()); } priv->s_wsec = g_object_ref_sink (s_wsec); deventry = nmt_editor_page_device_get_device_entry (NMT_EDITOR_PAGE_DEVICE (object)); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MAC_ADDRESS, deventry, "mac-address", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); section = nmt_editor_section_new (_("WI-FI"), NULL, TRUE); grid = nmt_editor_section_get_body (section); widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY); g_object_bind_property_full (s_wireless, NM_SETTING_WIRELESS_SSID, widget, "text", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE, ssid_transform_to_entry, ssid_transform_from_entry, s_wireless, NULL); nmt_editor_grid_append (grid, _("SSID"), widget, NULL); widget = nmt_newt_popup_new (wifi_mode); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MODE, widget, "active-id", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_editor_grid_append (grid, _("Mode"), widget, NULL); mode = widget; hbox = nmt_newt_grid_new (); widget = nmt_newt_popup_new (wifi_band); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BAND, widget, "active-id", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 0, 0); band = widget; widget = nmt_newt_entry_numeric_new (10, 0, 255); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CHANNEL, widget, "text", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_newt_grid_add (NMT_NEWT_GRID (hbox), widget, 1, 0); nmt_newt_widget_set_padding (widget, 1, 0, 0, 0); g_object_bind_property_full (band, "active-id", widget, "visible", G_BINDING_SYNC_CREATE, band_transform_to_channel_visibility, NULL, NULL, NULL); g_object_bind_property_full (mode, "active-id", hbox, "visible", G_BINDING_SYNC_CREATE, mode_transform_to_band_visibility, NULL, NULL, NULL); nmt_editor_grid_append (grid, _("Channel"), hbox, NULL); nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL); widget = nmt_newt_popup_new (wifi_security); nmt_editor_grid_append (grid, _("Security"), widget, NULL); security = widget; widget = nmt_newt_stack_new (); stack = NMT_NEWT_STACK (widget); /* none */ subgrid = nmt_editor_grid_new (); nmt_newt_stack_add (stack, "none", subgrid); /* wpa-personal */ subgrid = nmt_editor_grid_new (); widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_PSK, widget, "password", G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL); nmt_newt_stack_add (stack, "wpa-personal", subgrid); /* "wpa-enterprise" */ // FIXME widget = nmt_newt_label_new (_("(No support for wpa-enterprise yet...)")); nmt_newt_stack_add (stack, "wpa-enterprise", widget); /* wep-key */ subgrid = nmt_editor_grid_new (); widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Key"), widget, NULL); widget = nmt_newt_popup_new (wep_index); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL); nm_editor_bind_wireless_security_wep_key (s_wsec, entry, "password", widget, "active", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); widget = nmt_newt_popup_new (wep_auth); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL); nmt_newt_stack_add (stack, "wep-key", subgrid); /* wep-passphrase */ subgrid = nmt_editor_grid_new (); widget = entry = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL); widget = nmt_newt_popup_new (wep_index); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("WEP index"), widget, NULL); nm_editor_bind_wireless_security_wep_key (s_wsec, entry, "password", widget, "active", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); widget = nmt_newt_popup_new (wep_auth); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Authentication"), widget, NULL); nmt_newt_stack_add (stack, "wep-passphrase", subgrid); /* "dynamic-wep" */ // FIXME widget = nmt_newt_label_new (_("(No support for dynamic-wep yet...)")); nmt_newt_stack_add (stack, "dynamic-wep", widget); /* leap */ subgrid = nmt_editor_grid_new (); widget = nmt_newt_entry_new (40, NMT_NEWT_ENTRY_NONEMPTY); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Username"), widget, NULL); g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME, widget, "text", G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); widget = nmt_password_fields_new (40, NMT_PASSWORD_FIELDS_SHOW_PASSWORD); g_object_bind_property (s_wsec, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, widget, "password", G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL); nmt_editor_grid_append (NMT_EDITOR_GRID (subgrid), _("Password"), widget, NULL); nmt_newt_stack_add (stack, "leap", subgrid); nmt_editor_grid_append (grid, NULL, NMT_NEWT_WIDGET (stack), NULL); g_object_bind_property (security, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE); nm_editor_bind_wireless_security_method (conn, s_wsec, security, "active-id", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_editor_grid_append (grid, NULL, nmt_newt_separator_new (), NULL); widget = nmt_mac_entry_new (40, ETH_ALEN); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_BSSID, widget, "mac-address", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_editor_grid_append (grid, _("BSSID"), widget, NULL); widget = nmt_mac_entry_new (40, ETH_ALEN); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS, widget, "mac-address", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_editor_grid_append (grid, _("Cloned MAC address"), widget, NULL); widget = nmt_mtu_entry_new (); g_object_bind_property (s_wireless, NM_SETTING_WIRELESS_MTU, widget, "mtu", G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE); nmt_editor_grid_append (grid, _("MTU"), widget, NULL); nmt_editor_page_add_section (NMT_EDITOR_PAGE (wifi), section); G_OBJECT_CLASS (nmt_page_wifi_parent_class)->constructed (object); }
static void finish_setup (CEPageSecurity *page) { NMConnection *connection = CE_PAGE (page)->connection; NMSettingWireless *sw; NMSettingWirelessSecurity *sws; gboolean is_adhoc = FALSE; GtkListStore *sec_model; GtkTreeIter iter; const gchar *mode; const gchar *security; guint32 dev_caps = 0; NMUtilsSecurityType default_type = NMU_SEC_NONE; int active = -1; int item = 0; GtkComboBox *combo; GtkCellRenderer *renderer; sw = nm_connection_get_setting_wireless (connection); g_assert (sw); page->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL); page->security_heading = GTK_WIDGET (gtk_builder_get_object (CE_PAGE (page)->builder, "heading_sec")); page->security_combo = combo = GTK_COMBO_BOX (gtk_builder_get_object (CE_PAGE (page)->builder, "combo_sec")); dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40 | NM_WIFI_DEVICE_CAP_CIPHER_WEP104 | NM_WIFI_DEVICE_CAP_CIPHER_TKIP | NM_WIFI_DEVICE_CAP_CIPHER_CCMP | NM_WIFI_DEVICE_CAP_WPA | NM_WIFI_DEVICE_CAP_RSN; mode = nm_setting_wireless_get_mode (sw); if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; page->adhoc = is_adhoc; sws = nm_connection_get_setting_wireless_security (connection); security = nm_setting_wireless_get_security (sw); if (!security || strcmp (security, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0) sws = NULL; if (sws) default_type = get_default_type_for_security (sws); sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_g_type (), G_TYPE_BOOLEAN); if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { gtk_list_store_insert_with_values (sec_model, &iter, -1, S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"), S_ADHOC_VALID_COLUMN, TRUE, -1); if (default_type == NMU_SEC_NONE) active = item; item++; } if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { WirelessSecurityWEPKey *ws_wep; NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY; if (default_type == NMU_SEC_STATIC_WEP) { sws = nm_connection_get_setting_wireless_security (connection); if (sws) wep_type = nm_setting_wireless_security_get_wep_key_type (sws); if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN) wep_type = NM_WEP_KEY_TYPE_KEY; } ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE); if (ws_wep) { add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model, &iter, _("WEP 40/128-bit Key (Hex or ASCII)"), TRUE); if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY)) active = item; item++; } ws_wep = ws_wep_key_new (connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE); if (ws_wep) { add_security_item (page, WIRELESS_SECURITY (ws_wep), sec_model, &iter, _("WEP 128-bit Passphrase"), TRUE); if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE)) active = item; item++; } } if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { WirelessSecurityLEAP *ws_leap; ws_leap = ws_leap_new (connection, FALSE); if (ws_leap) { add_security_item (page, WIRELESS_SECURITY (ws_leap), sec_model, &iter, _("LEAP"), FALSE); if ((active < 0) && (default_type == NMU_SEC_LEAP)) active = item; item++; } } if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { WirelessSecurityDynamicWEP *ws_dynamic_wep; ws_dynamic_wep = ws_dynamic_wep_new (connection, TRUE, FALSE); if (ws_dynamic_wep) { add_security_item (page, WIRELESS_SECURITY (ws_dynamic_wep), sec_model, &iter, _("Dynamic WEP (802.1x)"), FALSE); if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP)) active = item; item++; } } if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) || nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { WirelessSecurityWPAPSK *ws_wpa_psk; ws_wpa_psk = ws_wpa_psk_new (connection, FALSE); if (ws_wpa_psk) { add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model, &iter, _("WPA & WPA2 Personal"), FALSE); if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK))) active = item; item++; } } if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) || nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { WirelessSecurityWPAEAP *ws_wpa_eap; ws_wpa_eap = ws_wpa_eap_new (connection, TRUE, FALSE); if (ws_wpa_eap) { add_security_item (page, WIRELESS_SECURITY (ws_wpa_eap), sec_model, &iter, _("WPA & WPA2 Enterprise"), FALSE); if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE))) active = item; item++; } } gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model)); gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo)); renderer = gtk_cell_renderer_text_new (); gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (combo), renderer, TRUE); gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (combo), renderer, "text", S_NAME_COLUMN, NULL); gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (combo), renderer, set_sensitive, &page->adhoc, NULL); gtk_combo_box_set_active (combo, active < 0 ? 0 : (guint32) active); g_object_unref (G_OBJECT (sec_model)); page->security_combo = combo; security_combo_changed (combo, page); g_signal_connect (combo, "changed", G_CALLBACK (security_combo_changed), page); }
static void request_secrets_from_ui (NMSecretAgentSimpleRequest *request) { GPtrArray *secrets; NMSecretAgentSimpleSecret *secret; const char *title; char *msg; gboolean ok = TRUE; secrets = g_ptr_array_new_with_free_func ((GDestroyNotify) nm_secret_agent_simple_secret_free); if (nm_connection_is_type (request->connection, NM_SETTING_WIRELESS_SETTING_NAME)) { NMSettingWireless *s_wireless; GBytes *ssid; char *ssid_utf8; s_wireless = nm_connection_get_setting_wireless (request->connection); ssid = nm_setting_wireless_get_ssid (s_wireless); ssid_utf8 = nm_utils_ssid_to_utf8 (g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid)); title = _("Authentication required by wireless network"); msg = g_strdup_printf (_("Passwords or encryption keys are required to access the wireless network '%s'."), ssid_utf8); ok = add_wireless_secrets (request, secrets); } else if (nm_connection_is_type (request->connection, NM_SETTING_WIRED_SETTING_NAME)) { NMSettingConnection *s_con; s_con = nm_connection_get_setting_connection (request->connection); title = _("Wired 802.1X authentication"); msg = NULL; secret = nm_secret_agent_simple_secret_new (_("Network name"), NM_SETTING (s_con), NM_SETTING_CONNECTION_ID, FALSE); g_ptr_array_add (secrets, secret); ok = add_8021x_secrets (request, secrets); } else if (nm_connection_is_type (request->connection, NM_SETTING_PPPOE_SETTING_NAME)) { title = _("DSL authentication"); msg = NULL; ok = add_pppoe_secrets (request, secrets); } else if (nm_connection_is_type (request->connection, NM_SETTING_GSM_SETTING_NAME)) { NMSettingGsm *s_gsm = nm_connection_get_setting_gsm (request->connection); if (strv_has (request->hints, "pin")) { title = _("PIN code required"); msg = g_strdup (_("PIN code is needed for the mobile broadband device")); secret = nm_secret_agent_simple_secret_new (_("PIN"), NM_SETTING (s_gsm), NM_SETTING_GSM_PIN, FALSE); g_ptr_array_add (secrets, secret); } else { title = _("Mobile broadband network password"); msg = g_strdup_printf (_("A password is required to connect to '%s'."), nm_connection_get_id (request->connection)); secret = nm_secret_agent_simple_secret_new (_("Password"), NM_SETTING (s_gsm), NM_SETTING_GSM_PASSWORD, TRUE); g_ptr_array_add (secrets, secret); } } else if (nm_connection_is_type (request->connection, NM_SETTING_CDMA_SETTING_NAME)) { NMSettingCdma *s_cdma = nm_connection_get_setting_cdma (request->connection); title = _("Mobile broadband network password"); msg = g_strdup_printf (_("A password is required to connect to '%s'."), nm_connection_get_id (request->connection)); secret = nm_secret_agent_simple_secret_new (_("Password"), NM_SETTING (s_cdma), NM_SETTING_CDMA_PASSWORD, TRUE); g_ptr_array_add (secrets, secret); } else if (nm_connection_is_type (request->connection, NM_SETTING_BLUETOOTH_SETTING_NAME)) { NMSetting *setting; setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_GSM_SETTING_NAME); if (!setting) setting = nm_connection_get_setting_by_name (request->connection, NM_SETTING_CDMA_SETTING_NAME); title = _("Mobile broadband network password"); msg = g_strdup_printf (_("A password is required to connect to '%s'."), nm_connection_get_id (request->connection)); secret = nm_secret_agent_simple_secret_new (_("Password"), setting, "password", TRUE); g_ptr_array_add (secrets, secret); } else ok = FALSE; if (!ok) { g_ptr_array_unref (secrets); return; } g_signal_emit (request->self, signals[REQUEST_SECRETS], 0, request->request_id, title, msg, secrets); }
NMAccessPoint * nm_ap_new_fake_from_connection (NMConnection *connection) { NMAccessPoint *ap; NMAccessPointPrivate *priv; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; GBytes *ssid; const char *mode, *band, *key_mgmt; guint32 channel; NM80211ApSecurityFlags flags; gboolean psk = FALSE, eap = FALSE; g_return_val_if_fail (connection != NULL, NULL); s_wireless = nm_connection_get_setting_wireless (connection); g_return_val_if_fail (s_wireless != NULL, NULL); ssid = nm_setting_wireless_get_ssid (s_wireless); g_return_val_if_fail (ssid != NULL, NULL); g_return_val_if_fail (g_bytes_get_size (ssid) > 0, NULL); ap = (NMAccessPoint *) g_object_new (NM_TYPE_AP, NULL); priv = NM_AP_GET_PRIVATE (ap); priv->fake = TRUE; nm_ap_set_ssid (ap, g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid)); // FIXME: bssid too? mode = nm_setting_wireless_get_mode (s_wireless); if (mode) { if (!strcmp (mode, "infrastructure")) nm_ap_set_mode (ap, NM_802_11_MODE_INFRA); else if (!strcmp (mode, "adhoc")) nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC); else if (!strcmp (mode, "ap")) { nm_ap_set_mode (ap, NM_802_11_MODE_INFRA); NM_AP_GET_PRIVATE (ap)->hotspot = TRUE; } else goto error; } else { nm_ap_set_mode (ap, NM_802_11_MODE_INFRA); } band = nm_setting_wireless_get_band (s_wireless); channel = nm_setting_wireless_get_channel (s_wireless); if (band && channel) { guint32 freq = nm_utils_wifi_channel_to_freq (channel, band); if (freq == 0) goto error; nm_ap_set_freq (ap, freq); } s_wireless_sec = nm_connection_get_setting_wireless_security (connection); /* Assume presence of a security setting means the AP is encrypted */ if (!s_wireless_sec) goto done; key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec); /* Everything below here uses encryption */ nm_ap_set_flags (ap, priv->flags | NM_802_11_AP_FLAGS_PRIVACY); /* Static & Dynamic WEP */ if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x")) goto done; psk = !strcmp (key_mgmt, "wpa-psk"); eap = !strcmp (key_mgmt, "wpa-eap"); if (psk || eap) { if (has_proto (s_wireless_sec, PROTO_WPA)) { flags = priv->wpa_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK); nm_ap_set_wpa_flags (ap, flags); } if (has_proto (s_wireless_sec, PROTO_RSN)) { flags = priv->rsn_flags | (eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK); nm_ap_set_rsn_flags (ap, flags); } add_pair_ciphers (ap, s_wireless_sec); add_group_ciphers (ap, s_wireless_sec); } else if (!strcmp (key_mgmt, "wpa-none")) { guint32 i; /* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and * group=TKIP/CCMP (but not both). */ flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK; /* Clear ciphers; pairwise must be unset anyway, and group gets set below */ flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40 | NM_802_11_AP_SEC_PAIR_WEP104 | NM_802_11_AP_SEC_PAIR_TKIP | NM_802_11_AP_SEC_PAIR_CCMP | NM_802_11_AP_SEC_GROUP_WEP40 | NM_802_11_AP_SEC_GROUP_WEP104 | NM_802_11_AP_SEC_GROUP_TKIP | NM_802_11_AP_SEC_GROUP_CCMP); for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) { if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) { flags |= NM_802_11_AP_SEC_GROUP_CCMP; break; } } /* Default to TKIP since not all WPA-capable cards can do CCMP */ if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP)) flags |= NM_802_11_AP_SEC_GROUP_TKIP; nm_ap_set_wpa_flags (ap, flags); /* Don't use Ad-Hoc RSN yet */ nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE); } done: return ap; error: g_object_unref (ap); return NULL; }
gboolean nm_ap_check_compatible (NMAccessPoint *self, NMConnection *connection) { NMAccessPointPrivate *priv; NMSettingWireless *s_wireless; NMSettingWirelessSecurity *s_wireless_sec; GBytes *ssid; const char *mode; const char *band; const char *bssid; guint32 channel; g_return_val_if_fail (NM_IS_AP (self), FALSE); g_return_val_if_fail (NM_IS_CONNECTION (connection), FALSE); priv = NM_AP_GET_PRIVATE (self); s_wireless = nm_connection_get_setting_wireless (connection); if (s_wireless == NULL) return FALSE; ssid = nm_setting_wireless_get_ssid (s_wireless); if ( (ssid && !priv->ssid) || (priv->ssid && !ssid)) return FALSE; if ( ssid && priv->ssid && !nm_utils_same_ssid (g_bytes_get_data (ssid, NULL), g_bytes_get_size (ssid), priv->ssid->data, priv->ssid->len, TRUE)) return FALSE; bssid = nm_setting_wireless_get_bssid (s_wireless); if (bssid && (!priv->address || !nm_utils_hwaddr_matches (bssid, -1, priv->address, -1))) return FALSE; mode = nm_setting_wireless_get_mode (s_wireless); if (mode) { if (!strcmp (mode, "infrastructure") && (priv->mode != NM_802_11_MODE_INFRA)) return FALSE; if (!strcmp (mode, "adhoc") && (priv->mode != NM_802_11_MODE_ADHOC)) return FALSE; if ( !strcmp (mode, "ap") && (priv->mode != NM_802_11_MODE_INFRA || priv->hotspot != TRUE)) return FALSE; } band = nm_setting_wireless_get_band (s_wireless); if (band) { guint ap_band = freq_to_band (priv->freq); if (!strcmp (band, "a") && ap_band != 5) return FALSE; else if (!strcmp (band, "bg") && ap_band != 2) return FALSE; } channel = nm_setting_wireless_get_channel (s_wireless); if (channel) { guint32 ap_chan = nm_utils_wifi_freq_to_channel (priv->freq); if (channel != ap_chan) return FALSE; } s_wireless_sec = nm_connection_get_setting_wireless_security (connection); return nm_setting_wireless_ap_security_compatible (s_wireless, s_wireless_sec, priv->flags, priv->wpa_flags, priv->rsn_flags, priv->mode); }
WirelessSecurityWEPKey * ws_wep_key_new (NMConnection *connection, NMWepKeyType type, gboolean adhoc_create, gboolean secrets_only) { WirelessSecurity *parent; WirelessSecurityWEPKey *sec; GtkWidget *widget; NMSettingWirelessSecurity *s_wsec = NULL; NMSetting *setting = NULL; guint8 default_key_idx = 0; gboolean is_adhoc = adhoc_create; gboolean is_shared_key = FALSE; parent = wireless_security_init (sizeof (WirelessSecurityWEPKey), validate, add_to_size_group, fill_connection, update_secrets, destroy, UIDIR "/ws-wep-key.ui", "wep_key_notebook", "wep_key_entry"); if (!parent) return NULL; sec = (WirelessSecurityWEPKey *) parent; sec->editing_connection = secrets_only ? FALSE : TRUE; sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0; sec->type = type; widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry")); g_assert (widget); gtk_entry_set_width_chars (GTK_ENTRY (widget), 28); /* Create password-storage popup menu for password entry under entry's secondary icon */ if (connection) setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection); nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name, FALSE, secrets_only); if (connection) { NMSettingWireless *s_wireless; const char *mode, *auth_alg; s_wireless = nm_connection_get_setting_wireless (connection); mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL; if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; s_wsec = nm_connection_get_setting_wireless_security (connection); if (s_wsec) { auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec); if (auth_alg && !strcmp (auth_alg, "shared")) is_shared_key = TRUE; } } g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); g_signal_connect (G_OBJECT (widget), "insert-text", (GCallback) wep_entry_filter_cb, sec); if (sec->type == NM_WEP_KEY_TYPE_KEY) gtk_entry_set_max_length (GTK_ENTRY (widget), 26); else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE) gtk_entry_set_max_length (GTK_ENTRY (widget), 64); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_combo")); if (connection && s_wsec) default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx); sec->cur_index = default_key_idx; g_signal_connect (G_OBJECT (widget), "changed", (GCallback) key_index_combo_changed_cb, sec); /* Key index is useless with adhoc networks */ if (is_adhoc || secrets_only) { gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_label")); gtk_widget_hide (widget); } /* Fill the key entry with the key for that index */ if (connection) update_secrets (WIRELESS_SECURITY (sec), connection); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wep")); g_assert (widget); g_signal_connect (G_OBJECT (widget), "toggled", (GCallback) show_toggled_cb, sec); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo")); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0); g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); /* Don't show auth method for adhoc (which always uses open-system) or * when in "simple" mode. */ if (is_adhoc || secrets_only) { /* Ad-Hoc connections can't use Shared Key auth */ if (is_adhoc) gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_label")); gtk_widget_hide (widget); } return sec; }
static void row_activated (GtkListBox *box, GtkListBoxRow *row, GisNetworkPage *page) { GisNetworkPagePrivate *priv = gis_network_page_get_instance_private (page); gchar *object_path; GSList *list, *filtered, *l; NMConnection *connection; NMConnection *connection_to_activate; NMSettingWireless *setting; const GByteArray *ssid_target; const GByteArray *ssid; GtkWidget *child; if (priv->refreshing) return; child = gtk_bin_get_child (GTK_BIN (row)); object_path = g_object_get_data (G_OBJECT (child), "object-path"); ssid_target = g_object_get_data (G_OBJECT (child), "ssid"); if (g_strcmp0 (object_path, "ap-other...") == 0) { connect_to_hidden_network (page); goto out; } list = nm_remote_settings_list_connections (priv->nm_settings); filtered = nm_device_filter_connections (priv->nm_device, list); connection_to_activate = NULL; for (l = filtered; l; l = l->next) { connection = NM_CONNECTION (l->data); setting = nm_connection_get_setting_wireless (connection); if (!NM_IS_SETTING_WIRELESS (setting)) continue; ssid = nm_setting_wireless_get_ssid (setting); if (ssid == NULL) continue; if (nm_utils_same_ssid (ssid, ssid_target, TRUE)) { connection_to_activate = connection; break; } } g_slist_free (list); g_slist_free (filtered); if (connection_to_activate != NULL) { nm_client_activate_connection (priv->nm_client, connection_to_activate, priv->nm_device, NULL, connection_activate_cb, page); goto out; } nm_client_add_and_activate_connection (priv->nm_client, NULL, priv->nm_device, object_path, connection_add_activate_cb, page); out: refresh_wireless_list (page); }
static gboolean connection_compatible (NMDevice *device, NMConnection *connection, GError **error) { NMSettingConnection *s_con; NMSettingWireless *s_wifi; NMSettingWirelessSecurity *s_wsec; const char *ctype; const char *hwaddr, *setting_hwaddr; NMDeviceWifiCapabilities wifi_caps; const char *key_mgmt; s_con = nm_connection_get_setting_connection (connection); g_assert (s_con); ctype = nm_setting_connection_get_connection_type (s_con); if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_NOT_WIFI_CONNECTION, "The connection was not a Wi-Fi connection."); return FALSE; } s_wifi = nm_connection_get_setting_wireless (connection); if (!s_wifi) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_WIFI_CONNECTION, "The connection was not a valid Wi-Fi connection."); return FALSE; } /* Check MAC address */ hwaddr = nm_device_wifi_get_permanent_hw_address (NM_DEVICE_WIFI (device)); if (hwaddr) { if (!nm_utils_hwaddr_valid (hwaddr, ETH_ALEN)) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_INVALID_DEVICE_MAC, "Invalid device MAC address."); return FALSE; } setting_hwaddr = nm_setting_wireless_get_mac_address (s_wifi); if (setting_hwaddr && !nm_utils_hwaddr_matches (setting_hwaddr, -1, hwaddr, -1)) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MAC_MISMATCH, "The MACs of the device and the connection didn't match."); return FALSE; } } /* Check device capabilities; we assume all devices can do WEP at least */ wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device)); s_wsec = nm_connection_get_setting_wireless_security (connection); if (s_wsec) { /* Connection has security, verify it against the device's capabilities */ key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec); if ( !g_strcmp0 (key_mgmt, "wpa-none") || !g_strcmp0 (key_mgmt, "wpa-psk") || !g_strcmp0 (key_mgmt, "wpa-eap")) { /* Is device only WEP capable? */ if (!(wifi_caps & WPA_CAPS)) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_WPA_CAPS, "The device missed WPA capabilities required by the connection."); return FALSE; } /* Make sure WPA2/RSN-only connections don't get chosen for WPA-only cards */ if (has_proto (s_wsec, "rsn") && !has_proto (s_wsec, "wpa") && !(wifi_caps & RSN_CAPS)) { g_set_error (error, NM_DEVICE_WIFI_ERROR, NM_DEVICE_WIFI_ERROR_MISSING_DEVICE_RSN_CAPS, "The device missed WPA2/RSN capabilities required by the connection."); return FALSE; } } } return NM_DEVICE_CLASS (nm_device_wifi_parent_class)->connection_compatible (device, connection, error); }
/** * nm_access_point_connection_valid: * @ap: an #NMAccessPoint to validate @connection against * @connection: an #NMConnection to validate against @ap * * Validates a given connection against a given Wi-Fi access point to ensure that * the connection may be activated with that AP. The connection must match the * @ap's SSID, (if given) BSSID, and other attributes like security settings, * channel, band, etc. * * Returns: %TRUE if the connection may be activated with this Wi-Fi AP, * %FALSE if it cannot be. **/ gboolean nm_access_point_connection_valid (NMAccessPoint *ap, NMConnection *connection) { NMSettingConnection *s_con; NMSettingWireless *s_wifi; NMSettingWirelessSecurity *s_wsec; const char *ctype, *ap_bssid_str; const GByteArray *setting_ssid; const GByteArray *ap_ssid; const GByteArray *setting_bssid; struct ether_addr *ap_bssid; const char *setting_mode; NM80211Mode ap_mode; const char *setting_band; guint32 ap_freq, setting_chan, ap_chan; s_con = nm_connection_get_setting_connection (connection); g_assert (s_con); ctype = nm_setting_connection_get_connection_type (s_con); if (strcmp (ctype, NM_SETTING_WIRELESS_SETTING_NAME) != 0) return FALSE; s_wifi = nm_connection_get_setting_wireless (connection); if (!s_wifi) return FALSE; /* SSID checks */ ap_ssid = nm_access_point_get_ssid (ap); g_warn_if_fail (ap_ssid != NULL); setting_ssid = nm_setting_wireless_get_ssid (s_wifi); if (!setting_ssid || !ap_ssid || (setting_ssid->len != ap_ssid->len)) return FALSE; if (memcmp (setting_ssid->data, ap_ssid->data, ap_ssid->len) != 0) return FALSE; /* BSSID checks */ ap_bssid_str = nm_access_point_get_bssid (ap); g_warn_if_fail (ap_bssid_str); setting_bssid = nm_setting_wireless_get_bssid (s_wifi); if (setting_bssid && ap_bssid_str) { g_assert (setting_bssid->len == ETH_ALEN); ap_bssid = ether_aton (ap_bssid_str); g_warn_if_fail (ap_bssid); if (ap_bssid) { if (memcmp (ap_bssid->ether_addr_octet, setting_bssid->data, ETH_ALEN) != 0) return FALSE; } } /* Mode */ ap_mode = nm_access_point_get_mode (ap); g_warn_if_fail (ap_mode != NM_802_11_MODE_UNKNOWN); setting_mode = nm_setting_wireless_get_mode (s_wifi); if (setting_mode && ap_mode) { if (!strcmp (setting_mode, "infrastructure") && (ap_mode != NM_802_11_MODE_INFRA)) return FALSE; if (!strcmp (setting_mode, "adhoc") && (ap_mode != NM_802_11_MODE_ADHOC)) return FALSE; /* Hotspot never matches against APs as it's a device-specific mode. */ if (!strcmp (setting_mode, "ap")) return FALSE; } /* Band and Channel/Frequency */ ap_freq = nm_access_point_get_frequency (ap); if (ap_freq) { setting_band = nm_setting_wireless_get_band (s_wifi); if (g_strcmp0 (setting_band, "a") == 0) { if (ap_freq < 4915 || ap_freq > 5825) return FALSE; } else if (g_strcmp0 (setting_band, "bg") == 0) { if (ap_freq < 2412 || ap_freq > 2484) return FALSE; } setting_chan = nm_setting_wireless_get_channel (s_wifi); if (setting_chan) { ap_chan = nm_utils_wifi_freq_to_channel (ap_freq); if (setting_chan != ap_chan) return FALSE; } } s_wsec = nm_connection_get_setting_wireless_security (connection); if (!nm_setting_wireless_ap_security_compatible (s_wifi, s_wsec, nm_access_point_get_flags (ap), nm_access_point_get_wpa_flags (ap), nm_access_point_get_rsn_flags (ap), ap_mode)) return FALSE; return TRUE; }