diff options
author | Masashi Honma <masashi.honma@gmail.com> | 2018-01-16 06:28:33 +0900 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2018-01-16 15:01:59 +0100 |
commit | b4bbe5179f37b3fac49aedf0cd47dddd3b9c8fdb (patch) | |
tree | d2316f92f948f0fb4d80f74ee795f51ad52bc624 /src/supplicant | |
parent | 87ec5e90fe79fcb2ac315cf1604e757dcab60bb9 (diff) | |
download | NetworkManager-b4bbe5179f37b3fac49aedf0cd47dddd3b9c8fdb.tar.gz |
wifi: add support for FILS
The FILS(Fast Initial Link Setup) is a specification defined by IEEE 802.11ai to
speed up roaming. This patch adds support of it.
I have tested with these cases.
+-----+-------------------------+----------------+
| STA | AP | |
|FILS | key-mgmt | result |
+-----+-------------------------+----------------+
| 1 | WPA-EAP | O |
+-----+-------------------------+----------------+
| 1 | WPA-EAP-SHA256 | O |
+-----+-------------------------+----------------+
| 1 | FILS-SHA256 | X |
+-----+-------------------------+----------------+
| 1 | FILS-SHA384 | X |
+-----+-------------------------+----------------+
| 1 | WPA-EAP WPA-EAP-SHA256 | O |
| | FILS-SHA256 FILS-SHA384 | WPA-EAP-SHA256 |
+-----+-------------------------+----------------+
| 2 | WPA-EAP | O |
+-----+-------------------------+----------------+
| 2 | WPA-EAP-SHA256 | O |
+-----+-------------------------+----------------+
| 2 | FILS-SHA256 | O |
+-----+-------------------------+----------------+
| 2 | FILS-SHA384 | O |
+-----+-------------------------+----------------+
| 2 | WPA-EAP WPA-EAP-SHA256 | O |
| | FILS-SHA256 FILS-SHA384 | FILS-SHA384 |
+-----+-------------------------+----------------+
| 3 | WPA-EAP | X |
+-----+-------------------------+----------------+
| 3 | WPA-EAP-SHA256 | X |
+-----+-------------------------+----------------+
| 3 | FILS-SHA256 | O |
+-----+-------------------------+----------------+
| 3 | FILS-SHA384 | O |
+-----+-------------------------+----------------+
| 3 | WPA-EAP WPA-EAP-SHA256 | O |
| | FILS-SHA256 FILS-SHA384 | FILS-SHA384 |
+-----+-------------------------+----------------+
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Diffstat (limited to 'src/supplicant')
-rw-r--r-- | src/supplicant/nm-supplicant-config.c | 13 | ||||
-rw-r--r-- | src/supplicant/nm-supplicant-config.h | 1 | ||||
-rw-r--r-- | src/supplicant/nm-supplicant-settings-verify.c | 1 | ||||
-rw-r--r-- | src/supplicant/tests/test-supplicant-config.c | 2 |
4 files changed, 16 insertions, 1 deletions
diff --git a/src/supplicant/nm-supplicant-config.c b/src/supplicant/nm-supplicant-config.c index e51e8ba4c6..a2502bd7bf 100644 --- a/src/supplicant/nm-supplicant-config.c +++ b/src/supplicant/nm-supplicant-config.c @@ -733,6 +733,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self, const char *con_uuid, guint32 mtu, NMSettingWirelessSecurityPmf pmf, + NMSettingWirelessSecurityFils fils, GError **error) { const char *key_mgmt, *key_mgmt_conf, *auth_alg; @@ -747,7 +748,17 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self, if (nm_streq (key_mgmt, "wpa-psk")) key_mgmt_conf = "wpa-psk wpa-psk-sha256"; else if (nm_streq (key_mgmt, "wpa-eap")) - key_mgmt_conf = "wpa-eap wpa-eap-sha256"; + switch (fils) { + case NM_SETTING_WIRELESS_SECURITY_FILS_OPTIONAL: + key_mgmt_conf = "wpa-eap wpa-eap-sha256 fils-sha256 fils-sha384"; + break; + case NM_SETTING_WIRELESS_SECURITY_FILS_REQUIRED: + key_mgmt_conf = "fils-sha256 fils-sha384"; + break; + default: + key_mgmt_conf = "wpa-eap wpa-eap-sha256"; + break; + } if (!add_string_val (self, key_mgmt_conf, "key_mgmt", TRUE, NULL, error)) return FALSE; diff --git a/src/supplicant/nm-supplicant-config.h b/src/supplicant/nm-supplicant-config.h index d90d82b818..39b8a9f2de 100644 --- a/src/supplicant/nm-supplicant-config.h +++ b/src/supplicant/nm-supplicant-config.h @@ -65,6 +65,7 @@ gboolean nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig const char *con_uuid, guint32 mtu, NMSettingWirelessSecurityPmf pmf, + NMSettingWirelessSecurityFils fils, GError **error); gboolean nm_supplicant_config_add_no_security (NMSupplicantConfig *self, diff --git a/src/supplicant/nm-supplicant-settings-verify.c b/src/supplicant/nm-supplicant-settings-verify.c index 14daf6938b..d53a13c4b6 100644 --- a/src/supplicant/nm-supplicant-settings-verify.c +++ b/src/supplicant/nm-supplicant-settings-verify.c @@ -73,6 +73,7 @@ const char * group_allowed[] = { "CCMP", "TKIP", "WEP104", "WEP40", NULL }; const char * proto_allowed[] = { "WPA", "RSN", NULL }; const char * key_mgmt_allowed[] = { "WPA-PSK", "WPA-PSK-SHA256", "WPA-EAP", "WPA-EAP-SHA256", + "FILS-SHA256", "FILS-SHA384", "IEEE8021X", "WPA-NONE", "NONE", NULL }; const char * auth_alg_allowed[] = { "OPEN", "SHARED", "LEAP", NULL }; diff --git a/src/supplicant/tests/test-supplicant-config.c b/src/supplicant/tests/test-supplicant-config.c index f85c137325..94208603fc 100644 --- a/src/supplicant/tests/test-supplicant-config.c +++ b/src/supplicant/tests/test-supplicant-config.c @@ -118,6 +118,7 @@ build_supplicant_config (NMConnection *connection, guint mtu, guint fixed_freq) s_wsec = nm_connection_get_setting_wireless_security (connection); if (s_wsec) { NMSettingWirelessSecurityPmf pmf = nm_setting_wireless_security_get_pmf (s_wsec); + NMSettingWirelessSecurityFils fils = nm_setting_wireless_security_get_fils (s_wsec); s_8021x = nm_connection_get_setting_802_1x (connection); success = nm_supplicant_config_add_setting_wireless_security (config, s_wsec, @@ -125,6 +126,7 @@ build_supplicant_config (NMConnection *connection, guint mtu, guint fixed_freq) nm_connection_get_uuid (connection), mtu, pmf, + fils, &error); } else { success = nm_supplicant_config_add_no_security (config, &error); |