diff options
author | Jiří Klimeš <jklimes@redhat.com> | 2012-01-20 15:21:32 +0100 |
---|---|---|
committer | Jiří Klimeš <jklimes@redhat.com> | 2012-01-27 14:29:24 +0100 |
commit | 8679f350e901282c22c7b0da5841588f4d3306e5 (patch) | |
tree | b8d7ec33ef08581591e4bc6dd160cb91b359daaf | |
parent | 91a58738622c30130a2f6dfa68da3a971a596534 (diff) | |
download | NetworkManager-8679f350e901282c22c7b0da5841588f4d3306e5.tar.gz |
supplicant: handle parameters for EAP-FAST authentication
-rw-r--r-- | src/supplicant-manager/nm-supplicant-config.c | 35 | ||||
-rw-r--r-- | src/supplicant-manager/nm-supplicant-settings-verify.c | 7 |
2 files changed, 38 insertions, 4 deletions
diff --git a/src/supplicant-manager/nm-supplicant-config.c b/src/supplicant-manager/nm-supplicant-config.c index 4dd704d18e..7d306dde30 100644 --- a/src/supplicant-manager/nm-supplicant-config.c +++ b/src/supplicant-manager/nm-supplicant-config.c @@ -15,7 +15,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * Copyright (C) 2006 - 2010 Red Hat, Inc. + * Copyright (C) 2006 - 2012 Red Hat, Inc. * Copyright (C) 2007 - 2008 Novell, Inc. */ @@ -713,6 +713,7 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, const GByteArray *array; gboolean peap = FALSE; guint32 i, num_eap; + gboolean fast_provisoning_allowed = FALSE; g_return_val_if_fail (NM_IS_SUPPLICANT_CONFIG (self), FALSE); g_return_val_if_fail (setting != NULL, FALSE); @@ -777,6 +778,16 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, g_string_append_printf (phase1, "peaplabel=%s", nm_setting_802_1x_get_phase1_peaplabel (setting)); } + value = nm_setting_802_1x_get_phase1_fast_provisioning (setting); + if (value) { + if (phase1->len) + g_string_append_c (phase1, ' '); + g_string_append_printf (phase1, "fast_provisioning=%s", value); + + if (strcmp (value, "0") != 0) + fast_provisoning_allowed = TRUE; + } + if (phase1->len) { if (!add_string_val (self, phase1->str, "phase1", FALSE, FALSE)) { g_string_free (phase1, TRUE); @@ -786,7 +797,7 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, g_string_free (phase1, TRUE); phase2 = g_string_new (NULL); - if (nm_setting_802_1x_get_phase2_auth (setting)) { + if (nm_setting_802_1x_get_phase2_auth (setting) && !fast_provisoning_allowed) { tmp = g_ascii_strup (nm_setting_802_1x_get_phase2_auth (setting), -1); g_string_append_printf (phase2, "auth=%s", tmp); g_free (tmp); @@ -808,6 +819,26 @@ nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self, } g_string_free (phase2, TRUE); + /* PAC file */ + path = nm_setting_802_1x_get_pac_file (setting); + if (path) { + if (!add_string_val (self, path, "pac_file", FALSE, FALSE)) + return FALSE; + } else { + /* PAC file is not specified. + * If provisioning is allowed, use an blob format. + */ + if (fast_provisoning_allowed) { + char *blob_name = g_strdup_printf ("blob://pac-blob-%s", connection_uid); + if (!add_string_val (self, blob_name, "pac_file", FALSE, FALSE)) { + g_free (blob_name); + return FALSE; + } + g_free (blob_name); + } else + return FALSE; + } + /* CA path */ path = nm_setting_802_1x_get_ca_path (setting); if (nm_setting_802_1x_get_system_ca_certs (setting)) diff --git a/src/supplicant-manager/nm-supplicant-settings-verify.c b/src/supplicant-manager/nm-supplicant-settings-verify.c index 2336ad7f05..de38346497 100644 --- a/src/supplicant-manager/nm-supplicant-settings-verify.c +++ b/src/supplicant-manager/nm-supplicant-settings-verify.c @@ -15,7 +15,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * - * Copyright (C) 2006 - 2008 Red Hat, Inc. + * Copyright (C) 2006 - 2012 Red Hat, Inc. */ #include <glib.h> @@ -73,7 +73,9 @@ const char * eap_allowed[] = { "LEAP", "MD5", "TLS", "PEAP", "TTLS", "SIM", const char * phase1_allowed[] = {"peapver=0", "peapver=1", "peaplabel=1", "peap_outer_success=0", "include_tls_length=1", - "sim_min_num_chal=3", NULL }; + "sim_min_num_chal=3", "fast_provisioning=0", + "fast_provisioning=1", "fast_provisioning=2", + "fast_provisioning=3", NULL }; const char * phase2_allowed[] = {"auth=PAP", "auth=CHAP", "auth=MSCHAP", "auth=MSCHAPV2", "auth=GTC", "auth=OTP", "auth=MD5", "auth=TLS", "autheap=MD5", @@ -128,6 +130,7 @@ static const struct Opt opt_table[] = { { "key_id", TYPE_BYTES, 0, 0, FALSE, NULL }, { "fragment_size", TYPE_INT, 1, 2000, FALSE, NULL }, { "proactive_key_caching", TYPE_INT, 0, 1, FALSE, NULL }, + { "pac_file", TYPE_BYTES, 0, 1024, FALSE, NULL }, }; |