summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLubomir Rintel <lkundrak@v3.sk>2019-01-25 09:55:42 +0100
committerLubomir Rintel <lkundrak@v3.sk>2019-07-15 15:15:59 +0000
commitbbaa17d54b8f81bc511481d78ac5e7e6f9d3c909 (patch)
treeb582679c1e12ec3dbd0ea2ae549a92c9e41ffe9d
parente4494be492d17b39d0217b6c8170c77a9a1d1dd0 (diff)
downloadNetworkManager-bbaa17d54b8f81bc511481d78ac5e7e6f9d3c909.tar.gz
wireless-security: ensure Mesh networks can't use anything but SAE
They must be either open or use SAE key management.
Diffstat
-rw-r--r--libnm-core/nm-setting-wireless-security.c33
1 files changed, 25 insertions, 8 deletions
diff --git a/libnm-core/nm-setting-wireless-security.c b/libnm-core/nm-setting-wireless-security.c
index 09f7bc69b4..bf6023bd88 100644
--- a/libnm-core/nm-setting-wireless-security.c
+++ b/libnm-core/nm-setting-wireless-security.c
@@ -904,6 +904,11 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
const char *valid_protos[] = { "wpa", "rsn", NULL };
const char *valid_pairwise[] = { "tkip", "ccmp", NULL };
const char *valid_groups[] = { "wep40", "wep104", "tkip", "ccmp", NULL };
+ NMSettingWireless *s_wifi;
+ const char *wifi_mode;
+
+ s_wifi = connection ? nm_connection_get_setting_wireless (connection) : NULL;
+ wifi_mode = s_wifi ? nm_setting_wireless_get_mode (s_wifi) : NULL;
if (!priv->key_mgmt) {
g_set_error_literal (error,
@@ -914,14 +919,26 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
return FALSE;
}
- if (!g_strv_contains (valid_key_mgmt, priv->key_mgmt)) {
- g_set_error (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("'%s' is not a valid value for the property"),
- priv->key_mgmt);
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
- return FALSE;
+ if (g_strcmp0 (wifi_mode, NM_SETTING_WIRELESS_MODE_MESH) == 0) {
+ if (strcmp (priv->key_mgmt, "sae") != 0) {
+ g_set_error (error,
+ NM_CONNECTION_ERROR,
+ NM_CONNECTION_ERROR_INVALID_PROPERTY,
+ _("'%s' is not a valid value for '%s' mode connections"),
+ priv->key_mgmt, NM_SETTING_WIRELESS_MODE_MESH);
+ g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
+ return FALSE;
+ }
+ } else {
+ if (!g_strv_contains (valid_key_mgmt, priv->key_mgmt)) {
+ g_set_error (error,
+ NM_CONNECTION_ERROR,
+ NM_CONNECTION_ERROR_INVALID_PROPERTY,
+ _("'%s' is not a valid value for the property"),
+ priv->key_mgmt);
+ g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
+ return FALSE;
+ }
}
if (priv->auth_alg && !strcmp (priv->auth_alg, "leap")) {
View Lorry Controller Status