static gboolean add_wireless_secrets (NMSecretAgentSimpleRequest *request, GPtrArray *secrets) { NMSettingWirelessSecurity *s_wsec = nm_connection_get_setting_wireless_security (request->connection); const char *key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec); NMSecretAgentSimpleSecret *secret; if (!key_mgmt) return FALSE; if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) { secret = nm_secret_agent_simple_secret_new (_("Password"), NM_SETTING (s_wsec), NM_SETTING_WIRELESS_SECURITY_PSK, TRUE); g_ptr_array_add (secrets, secret); return TRUE; } if (!strcmp (key_mgmt, "none")) { int index; char *key; index = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec); key = g_strdup_printf ("wep-key%d", index); secret = nm_secret_agent_simple_secret_new (_("Key"), NM_SETTING (s_wsec), key, TRUE); g_free (key); g_ptr_array_add (secrets, secret); return TRUE; } if (!strcmp (key_mgmt, "iee8021x")) { if (!g_strcmp0 (nm_setting_wireless_security_get_auth_alg (s_wsec), "leap")) { secret = nm_secret_agent_simple_secret_new (_("Password"), NM_SETTING (s_wsec), NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD, TRUE); g_ptr_array_add (secrets, secret); return TRUE; } else return add_8021x_secrets (request, secrets); } if (!strcmp (key_mgmt, "wpa-eap")) return add_8021x_secrets (request, secrets); return FALSE; }
static gboolean verify_no_wep (NMSettingWirelessSecurity *s_wsec, const char *tag, GError **error) { if ( nm_setting_wireless_security_get_wep_key (s_wsec, 0) || nm_setting_wireless_security_get_wep_key (s_wsec, 1) || nm_setting_wireless_security_get_wep_key (s_wsec, 2) || nm_setting_wireless_security_get_wep_key (s_wsec, 3) || nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec) || nm_setting_wireless_security_get_wep_key_type (s_wsec)) { /* Dynamic WEP cannot have any WEP keys set */ g_set_error (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, "%s is incompatible with static WEP keys", tag); return FALSE; } return TRUE; }
static void wep_key_setting_changed (GObject *object, GParamSpec *pspec, gpointer user_data) { NMEditorWepKeyBinding *binding = user_data; const char *key; int index; if (binding->updating) return; index = nm_setting_wireless_security_get_wep_tx_keyidx (binding->s_wsec); key = nm_setting_wireless_security_get_wep_key (binding->s_wsec, index); binding->updating = TRUE; g_object_set (binding->key_selector, binding->key_selector_property, index, NULL); g_object_set (binding->entry, binding->entry_property, key, NULL); binding->updating = FALSE; }
gboolean nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self, NMSettingWirelessSecurity *setting, NMSetting8021x *setting_8021x, const char *con_uuid, guint32 mtu, GError **error) { const char *key_mgmt, *auth_alg; const char *psk; g_return_val_if_fail (NM_IS_SUPPLICANT_CONFIG (self), FALSE); g_return_val_if_fail (setting != NULL, FALSE); g_return_val_if_fail (con_uuid != NULL, FALSE); g_return_val_if_fail (!error || !*error, FALSE); key_mgmt = nm_setting_wireless_security_get_key_mgmt (setting); if (!add_string_val (self, key_mgmt, "key_mgmt", TRUE, FALSE, error)) return FALSE; auth_alg = nm_setting_wireless_security_get_auth_alg (setting); if (!add_string_val (self, auth_alg, "auth_alg", TRUE, FALSE, error)) return FALSE; psk = nm_setting_wireless_security_get_psk (setting); if (psk) { size_t psk_len = strlen (psk); if (psk_len == 64) { gs_unref_bytes GBytes *bytes = NULL; /* Hex PSK */ bytes = nm_utils_hexstr2bin (psk); if (!bytes) { g_set_error (error, NM_SUPPLICANT_ERROR, NM_SUPPLICANT_ERROR_CONFIG, "Cannot add psk to supplicant config due to invalid hex"); return FALSE; } if (!nm_supplicant_config_add_option (self, "psk", g_bytes_get_data (bytes, NULL), g_bytes_get_size (bytes), TRUE, error)) return FALSE; } else if (psk_len >= 8 && psk_len <= 63) { /* Use TYPE_STRING here so that it gets pushed to the * supplicant as a string, and therefore gets quoted, * and therefore the supplicant will interpret it as a * passphrase and not a hex key. */ if (!nm_supplicant_config_add_option_with_type (self, "psk", psk, -1, TYPE_STRING, TRUE, error)) return FALSE; } else { g_set_error (error, NM_SUPPLICANT_ERROR, NM_SUPPLICANT_ERROR_CONFIG, "Cannot add psk to supplicant config due to invalid PSK length %u (not between 8 and 63 characters)", (guint) psk_len); return FALSE; } } /* Only WPA-specific things when using WPA */ if ( !strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-eap")) { if (!ADD_STRING_LIST_VAL (self, setting, wireless_security, proto, protos, "proto", ' ', TRUE, FALSE, error)) return FALSE; if (!ADD_STRING_LIST_VAL (self, setting, wireless_security, pairwise, pairwise, "pairwise", ' ', TRUE, FALSE, error)) return FALSE; if (!ADD_STRING_LIST_VAL (self, setting, wireless_security, group, groups, "group", ' ', TRUE, FALSE, error)) return FALSE; } /* WEP keys if required */ if (!strcmp (key_mgmt, "none")) { NMWepKeyType wep_type = nm_setting_wireless_security_get_wep_key_type (setting); const char *wep0 = nm_setting_wireless_security_get_wep_key (setting, 0); const char *wep1 = nm_setting_wireless_security_get_wep_key (setting, 1); const char *wep2 = nm_setting_wireless_security_get_wep_key (setting, 2); const char *wep3 = nm_setting_wireless_security_get_wep_key (setting, 3); if (!add_wep_key (self, wep0, "wep_key0", wep_type, error)) return FALSE; if (!add_wep_key (self, wep1, "wep_key1", wep_type, error)) return FALSE; if (!add_wep_key (self, wep2, "wep_key2", wep_type, error)) return FALSE; if (!add_wep_key (self, wep3, "wep_key3", wep_type, error)) return FALSE; if (wep0 || wep1 || wep2 || wep3) { gs_free char *value = NULL; value = g_strdup_printf ("%d", nm_setting_wireless_security_get_wep_tx_keyidx (setting)); if (!nm_supplicant_config_add_option (self, "wep_tx_keyidx", value, -1, FALSE, error)) return FALSE; } } if (auth_alg && !strcmp (auth_alg, "leap")) { /* LEAP */ if (!strcmp (key_mgmt, "ieee8021x")) { const char *tmp; tmp = nm_setting_wireless_security_get_leap_username (setting); if (!add_string_val (self, tmp, "identity", FALSE, FALSE, error)) return FALSE; tmp = nm_setting_wireless_security_get_leap_password (setting); if (!add_string_val (self, tmp, "password", FALSE, TRUE, error)) return FALSE; if (!add_string_val (self, "leap", "eap", TRUE, FALSE, error)) return FALSE; } else { g_set_error (error, NM_SUPPLICANT_ERROR, NM_SUPPLICANT_ERROR_CONFIG, "Invalid key-mgmt \"%s\" for leap", key_mgmt); return FALSE; } } else { /* 802.1x for Dynamic WEP and WPA-Enterprise */ if (!strcmp (key_mgmt, "ieee8021x") || !strcmp (key_mgmt, "wpa-eap")) { if (!setting_8021x) { g_set_error (error, NM_SUPPLICANT_ERROR, NM_SUPPLICANT_ERROR_CONFIG, "Cannot set key-mgmt %s with missing 8021x setting", key_mgmt); return FALSE; } if (!nm_supplicant_config_add_setting_8021x (self, setting_8021x, con_uuid, mtu, FALSE, error)) return FALSE; } if (!strcmp (key_mgmt, "wpa-eap")) { /* If using WPA Enterprise, enable optimized background scanning * to ensure roaming within an ESS works well. */ if (!nm_supplicant_config_add_option (self, "bgscan", "simple:30:-65:300", -1, FALSE, error)) return FALSE; /* When using WPA-Enterprise, we want to use Proactive Key Caching (also * called Opportunistic Key Caching) to avoid full EAP exchanges when * roaming between access points in the same mobility group. */ if (!nm_supplicant_config_add_option (self, "proactive_key_caching", "1", -1, FALSE, error)) return FALSE; } } return TRUE; }
WirelessSecurityWEPKey * ws_wep_key_new (NMConnection *connection, NMWepKeyType type, gboolean adhoc_create, gboolean secrets_only) { WirelessSecurity *parent; WirelessSecurityWEPKey *sec; GtkWidget *widget; NMSettingWirelessSecurity *s_wsec = NULL; NMSetting *setting = NULL; guint8 default_key_idx = 0; gboolean is_adhoc = adhoc_create; gboolean is_shared_key = FALSE; parent = wireless_security_init (sizeof (WirelessSecurityWEPKey), validate, add_to_size_group, fill_connection, update_secrets, destroy, UIDIR "/ws-wep-key.ui", "wep_key_notebook", "wep_key_entry"); if (!parent) return NULL; sec = (WirelessSecurityWEPKey *) parent; sec->editing_connection = secrets_only ? FALSE : TRUE; sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_WEP_KEY0; sec->type = type; widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "wep_key_entry")); g_assert (widget); gtk_entry_set_width_chars (GTK_ENTRY (widget), 28); /* Create password-storage popup menu for password entry under entry's secondary icon */ if (connection) setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection); nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name, FALSE, secrets_only); if (connection) { NMSettingWireless *s_wireless; const char *mode, *auth_alg; s_wireless = nm_connection_get_setting_wireless (connection); mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL; if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; s_wsec = nm_connection_get_setting_wireless_security (connection); if (s_wsec) { auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec); if (auth_alg && !strcmp (auth_alg, "shared")) is_shared_key = TRUE; } } g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); g_signal_connect (G_OBJECT (widget), "insert-text", (GCallback) wep_entry_filter_cb, sec); if (sec->type == NM_WEP_KEY_TYPE_KEY) gtk_entry_set_max_length (GTK_ENTRY (widget), 26); else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE) gtk_entry_set_max_length (GTK_ENTRY (widget), 64); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_combo")); if (connection && s_wsec) default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx); sec->cur_index = default_key_idx; g_signal_connect (G_OBJECT (widget), "changed", (GCallback) key_index_combo_changed_cb, sec); /* Key index is useless with adhoc networks */ if (is_adhoc || secrets_only) { gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "key_index_label")); gtk_widget_hide (widget); } /* Fill the key entry with the key for that index */ if (connection) update_secrets (WIRELESS_SECURITY (sec), connection); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wep")); g_assert (widget); g_signal_connect (G_OBJECT (widget), "toggled", (GCallback) show_toggled_cb, sec); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_combo")); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0); g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); /* Don't show auth method for adhoc (which always uses open-system) or * when in "simple" mode. */ if (is_adhoc || secrets_only) { /* Ad-Hoc connections can't use Shared Key auth */ if (is_adhoc) gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); gtk_widget_hide (widget); widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "auth_method_label")); gtk_widget_hide (widget); } return sec; }
WirelessSecurityWEPKey * ws_wep_key_new (const char *glade_file, NMConnection *connection, NMWepKeyType type, gboolean adhoc_create, gboolean simple) { WirelessSecurityWEPKey *sec; GtkWidget *widget; GladeXML *xml; NMSettingWirelessSecurity *s_wsec = NULL; guint8 default_key_idx = 0; gboolean is_adhoc = adhoc_create; gboolean is_shared_key = FALSE; g_return_val_if_fail (glade_file != NULL, NULL); xml = glade_xml_new (glade_file, "wep_key_notebook", NULL); if (xml == NULL) { g_warning ("Couldn't get wep_key_widget from glade xml"); return NULL; } widget = glade_xml_get_widget (xml, "wep_key_notebook"); g_assert (widget); g_object_ref_sink (widget); sec = g_slice_new0 (WirelessSecurityWEPKey); if (!sec) { g_object_unref (xml); g_object_unref (widget); return NULL; } wireless_security_init (WIRELESS_SECURITY (sec), validate, add_to_size_group, fill_connection, update_secrets, destroy, xml, widget, "wep_key_entry"); sec->type = type; widget = glade_xml_get_widget (xml, "wep_key_entry"); g_assert (widget); gtk_entry_set_width_chars (GTK_ENTRY (widget), 28); if (connection) { NMSettingWireless *s_wireless; const char *mode, *auth_alg; s_wireless = (NMSettingWireless *) nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS); mode = s_wireless ? nm_setting_wireless_get_mode (s_wireless) : NULL; if (mode && !strcmp (mode, "adhoc")) is_adhoc = TRUE; s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY)); if (s_wsec) { auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec); if (auth_alg && !strcmp (auth_alg, "shared")) is_shared_key = TRUE; } } g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); g_signal_connect (G_OBJECT (widget), "insert-text", (GCallback) wep_entry_filter_cb, sec); if (sec->type == NM_WEP_KEY_TYPE_KEY) gtk_entry_set_max_length (GTK_ENTRY (widget), 26); else if (sec->type == NM_WEP_KEY_TYPE_PASSPHRASE) gtk_entry_set_max_length (GTK_ENTRY (widget), 64); widget = glade_xml_get_widget (xml, "key_index_combo"); if (connection && s_wsec) default_key_idx = nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), default_key_idx); sec->cur_index = default_key_idx; g_signal_connect (G_OBJECT (widget), "changed", (GCallback) key_index_combo_changed_cb, sec); /* Key index is useless with adhoc networks */ if (is_adhoc || simple) { gtk_widget_hide (widget); widget = glade_xml_get_widget (xml, "key_index_label"); gtk_widget_hide (widget); } /* Fill the key entry with the key for that index */ if (connection) update_secrets (WIRELESS_SECURITY (sec), connection); widget = glade_xml_get_widget (xml, "show_checkbutton"); g_assert (widget); g_signal_connect (G_OBJECT (widget), "toggled", (GCallback) show_toggled_cb, sec); widget = glade_xml_get_widget (xml, "auth_method_combo"); gtk_combo_box_set_active (GTK_COMBO_BOX (widget), is_shared_key ? 1 : 0); g_signal_connect (G_OBJECT (widget), "changed", (GCallback) wireless_security_changed_cb, sec); /* Don't show auth method for adhoc (which always uses open-system) or * when in "simple" mode. */ if (is_adhoc || simple) { /* Ad-Hoc connections can't use Shared Key auth */ if (is_adhoc) gtk_combo_box_set_active (GTK_COMBO_BOX (widget), 0); gtk_widget_hide (widget); widget = glade_xml_get_widget (xml, "auth_method_label"); gtk_widget_hide (widget); } return sec; }