diff options
author | Jonas Dreßler <verdre@v0yd.nl> | 2021-04-23 15:17:07 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2021-05-06 22:23:28 +0200 |
commit | 5f146b40f3f48c4bd52f4678a4ccda5d32c58f4f (patch) | |
tree | 8214df660f5b92693f8f5aa133fc803b12d65a72 /src/core/supplicant/nm-supplicant-config.c | |
parent | a6cf94cfc4d99119d06702d89b16c0e83bfcf07c (diff) | |
download | NetworkManager-5f146b40f3f48c4bd52f4678a4ccda5d32c58f4f.tar.gz |
supplicant/config: Refactor key_mgmt config generation
Refactor the generation of the key_mgmt option of the wpa_supplicant
config we generate. The goal of this is to lay out all the cases we
support more obviously and to make it a bit clearer that our key-mgmt
property of NMSettingsWirelessSecurity is not the same as the "key_mgmt"
config we set in wpa_supplicant.
Diffstat (limited to 'src/core/supplicant/nm-supplicant-config.c')
-rw-r--r-- | src/core/supplicant/nm-supplicant-config.c | 72 |
1 files changed, 45 insertions, 27 deletions
diff --git a/src/core/supplicant/nm-supplicant-config.c b/src/core/supplicant/nm-supplicant-config.c index bb6cb6c44a..494274ae33 100644 --- a/src/core/supplicant/nm-supplicant-config.c +++ b/src/core/supplicant/nm-supplicant-config.c @@ -834,55 +834,73 @@ nm_supplicant_config_add_setting_wireless_security(NMSupplicantConfig * } key_mgmt = nm_setting_wireless_security_get_key_mgmt(setting); - key_mgmt_conf = g_string_new(key_mgmt); - if (nm_streq(key_mgmt, "wpa-psk")) { + key_mgmt_conf = g_string_new(""); + + if (nm_streq(key_mgmt, "none")) { + g_string_append(key_mgmt_conf, "NONE"); + + } else if (nm_streq(key_mgmt, "ieee8021x")) { + g_string_append(key_mgmt_conf, "IEEE8021X"); + + } else if (nm_streq(key_mgmt, "owe")) { + g_string_append(key_mgmt_conf, "OWE"); + + } else if (nm_streq(key_mgmt, "wpa-psk")) { + g_string_append(key_mgmt_conf, "WPA-PSK"); if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) - g_string_append(key_mgmt_conf, " wpa-psk-sha256"); + g_string_append(key_mgmt_conf, " WPA-PSK-SHA256"); if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) - g_string_append(key_mgmt_conf, " ft-psk"); + g_string_append(key_mgmt_conf, " FT-PSK"); if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SAE)) { - g_string_append(key_mgmt_conf, " sae"); + g_string_append(key_mgmt_conf, " SAE"); if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) - g_string_append(key_mgmt_conf, " ft-sae"); + g_string_append(key_mgmt_conf, " FT-SAE"); } + + } else if (nm_streq(key_mgmt, "sae")) { + g_string_append(key_mgmt_conf, "SAE"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) + g_string_append(key_mgmt_conf, " FT-SAE"); + } else if (nm_streq(key_mgmt, "wpa-eap")) { + g_string_append(key_mgmt_conf, "WPA-EAP"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) { + g_string_append(key_mgmt_conf, " FT-EAP"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SHA384)) + g_string_append(key_mgmt_conf, " FT-EAP-SHA384"); + } if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) { - g_string_append(key_mgmt_conf, " wpa-eap-sha256"); - + g_string_append(key_mgmt_conf, " WPA-EAP-SHA256"); if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SUITEB192) && pmf == NM_SETTING_WIRELESS_SECURITY_PMF_REQUIRED) - g_string_append(key_mgmt_conf, " wpa-eap-suite-b-192"); + g_string_append(key_mgmt_conf, " WPA-EAP-SUITE-B-192"); } - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) - g_string_append(key_mgmt_conf, " ft-eap"); - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT) - && _get_capability(priv, NM_SUPPL_CAP_TYPE_SHA384)) - g_string_append(key_mgmt_conf, " ft-eap-sha384"); + switch (fils) { case NM_SETTING_WIRELESS_SECURITY_FILS_REQUIRED: g_string_truncate(key_mgmt_conf, 0); if (!_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) - g_string_assign(key_mgmt_conf, "fils-sha256 fils-sha384"); + g_string_assign(key_mgmt_conf, "FILS-SHA256 FILS-SHA384"); /* fall-through */ case NM_SETTING_WIRELESS_SECURITY_FILS_OPTIONAL: - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) - g_string_append(key_mgmt_conf, " fils-sha256 fils-sha384"); - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF) - && _get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) - g_string_append(key_mgmt_conf, " ft-fils-sha256"); - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF) - && _get_capability(priv, NM_SUPPL_CAP_TYPE_FT) - && _get_capability(priv, NM_SUPPL_CAP_TYPE_SHA384)) - g_string_append(key_mgmt_conf, " ft-fils-sha384"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) { + g_string_append(key_mgmt_conf, " FILS-SHA256 FILS-SHA384"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) { + g_string_append(key_mgmt_conf, " FT-FILS-SHA256"); + if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SHA384)) + g_string_append(key_mgmt_conf, " FT-FILS-SHA384"); + } + } break; + default: break; } - } else if (nm_streq(key_mgmt, "sae")) { - if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT)) - g_string_append(key_mgmt_conf, " ft-sae"); + } else if (nm_streq(key_mgmt, "wpa-eap-suite-b-192")) { pmf = NM_SETTING_WIRELESS_SECURITY_PMF_REQUIRED; + + g_string_append(key_mgmt_conf, "WPA-EAP-SUITE-B-192"); } if (!add_string_val(self, key_mgmt_conf->str, "key_mgmt", TRUE, NULL, error)) |