From 04a45a57d4dcd378791d3db2618095b0ba0d37d3 Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Mon, 24 Sep 2012 16:05:47 -0500 Subject: asdfasdf --- include/NetworkManager.h | 4 +- libnm-glib/nm-device-wifi.c | 3 +- libnm-util/nm-setting-wireless-security.c | 49 +++++--------------- libnm-util/nm-setting-wireless.c | 8 ---- libnm-util/nm-utils.c | 29 ++++-------- src/nm-wifi-ap-utils.c | 47 +++++++------------ src/nm-wifi-ap.c | 54 ++++++---------------- src/settings/plugins/ifcfg-rh/reader.c | 13 ++---- src/settings/plugins/ifcfg-rh/writer.c | 2 +- src/settings/plugins/ifnet/connection_parser.c | 48 ++++++++----------- .../plugins/ifnet/tests/wpa_supplicant.conf | 10 ++-- src/supplicant-manager/nm-supplicant-config.c | 3 +- .../nm-supplicant-settings-verify.c | 2 +- src/wifi/wifi-utils-nl80211.c | 3 ++ 14 files changed, 92 insertions(+), 183 deletions(-) diff --git a/include/NetworkManager.h b/include/NetworkManager.h index 045cf2ce00..b78bce394d 100644 --- a/include/NetworkManager.h +++ b/include/NetworkManager.h @@ -155,6 +155,7 @@ typedef enum { * @NM_WIFI_DEVICE_CAP_WPA: device supports WPA1 authentication * @NM_WIFI_DEVICE_CAP_RSN: device supports WPA2/RSN authentication * @NM_WIFI_DEVICE_CAP_AP: device supports Access Point mode + * @NM_WIFI_DEVICE_CAP_IBSS_RSN: device supports WPA2/RSN in an IBSS network. * * 802.11 specific device encryption and authentication capabilities. **/ @@ -166,7 +167,8 @@ typedef enum { NM_WIFI_DEVICE_CAP_CIPHER_CCMP = 0x00000008, NM_WIFI_DEVICE_CAP_WPA = 0x00000010, NM_WIFI_DEVICE_CAP_RSN = 0x00000020, - NM_WIFI_DEVICE_CAP_AP = 0x00000040 + NM_WIFI_DEVICE_CAP_AP = 0x00000040, + NM_WIFI_DEVICE_CAP_IBSS_RSN = 0x00000080 } NMDeviceWifiCapabilities; diff --git a/libnm-glib/nm-device-wifi.c b/libnm-glib/nm-device-wifi.c index aab659f41e..dba7ebff69 100644 --- a/libnm-glib/nm-device-wifi.c +++ b/libnm-glib/nm-device-wifi.c @@ -463,8 +463,7 @@ connection_compatible (NMDevice *device, NMConnection *connection, GError **erro if (s_wsec) { /* Connection has security, verify it against the device's capabilities */ key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec); - if ( !g_strcmp0 (key_mgmt, "wpa-none") - || !g_strcmp0 (key_mgmt, "wpa-psk") + if ( !g_strcmp0 (key_mgmt, "wpa-psk") || !g_strcmp0 (key_mgmt, "wpa-eap")) { /* Is device only WEP capable? */ diff --git a/libnm-util/nm-setting-wireless-security.c b/libnm-util/nm-setting-wireless-security.c index 336773c88d..3372394f2d 100644 --- a/libnm-util/nm-setting-wireless-security.c +++ b/libnm-util/nm-setting-wireless-security.c @@ -785,8 +785,7 @@ need_secrets (NMSetting *setting) } /* WPA-PSK infrastructure and adhoc */ - if ( (strcmp (priv->key_mgmt, "wpa-none") == 0) - || (strcmp (priv->key_mgmt, "wpa-psk") == 0)) { + if (strcmp (priv->key_mgmt, "wpa-psk") == 0) { if (!verify_wpa_psk (priv->psk)) { g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PSK); return secrets; @@ -834,7 +833,7 @@ verify (NMSetting *setting, GSList *all_settings, GError **error) { NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY (setting); NMSettingWirelessSecurityPrivate *priv = NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self); - const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", NULL }; + const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-psk", "wpa-eap", NULL }; const char *valid_auth_algs[] = { "open", "shared", "leap", NULL }; const char *valid_protos[] = { "wpa", "rsn", NULL }; const char *valid_pairwise[] = { "wep40", "wep104", "tkip", "ccmp", NULL }; @@ -970,38 +969,12 @@ verify (NMSetting *setting, GSList *all_settings, GError **error) return FALSE; } - if (priv->pairwise) { - const char *wpa_none[] = { "wpa-none", NULL }; - - /* For ad-hoc connections, pairwise must be "none" */ - if (_nm_utils_string_in_list (priv->key_mgmt, wpa_none)) { - GSList *iter; - gboolean found = FALSE; - - for (iter = priv->pairwise; iter; iter = g_slist_next (iter)) { - if (!strcmp ((char *) iter->data, "none")) { - found = TRUE; - break; - } - } - - /* pairwise cipher list didn't contain "none", which is invalid - * for WPA adhoc connections. - */ - if (!found) { - g_set_error (error, - NM_SETTING_WIRELESS_SECURITY_ERROR, - NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - NM_SETTING_WIRELESS_SECURITY_PAIRWISE); - return FALSE; - } - } else if (!_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) { - g_set_error (error, - NM_SETTING_WIRELESS_SECURITY_ERROR, - NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - NM_SETTING_WIRELESS_SECURITY_PAIRWISE); - return FALSE; - } + if (priv->pairwise && !_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) { + g_set_error (error, + NM_SETTING_WIRELESS_SECURITY_ERROR, + NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, + NM_SETTING_WIRELESS_SECURITY_PAIRWISE); + return FALSE; } if (priv->group && !_nm_utils_string_slist_validate (priv->group, valid_groups)) { @@ -1273,7 +1246,7 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting * NMSettingWirelessSecurity:key-mgmt: * * Key management used for the connection. One of 'none' (WEP), 'ieee8021x' - * (Dynamic WEP), 'wpa-none' (Ad-Hoc WPA-PSK), 'wpa-psk' (infrastructure + * (Dynamic WEP), 'wpa-psk' (infrastructure or Ad-Hoc * WPA-PSK), or 'wpa-eap' (WPA-Enterprise). This property must be set for * any WiFi connection that uses security. **/ @@ -1282,8 +1255,8 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "Key management", "Key management used for the connection. One of " - "'none' (WEP), 'ieee8021x' (Dynamic WEP), 'wpa-none' " - "(WPA-PSK Ad-Hoc), 'wpa-psk' (infrastructure WPA-PSK), " + "'none' (WEP), 'ieee8021x' (Dynamic WEP), 'wpa-psk' " + "(infrastructure or Ad-Hoc WPA-PSK), " "or 'wpa-eap' (WPA-Enterprise). This property must " "be set for any WiFi connection that uses security.", NULL, diff --git a/libnm-util/nm-setting-wireless.c b/libnm-util/nm-setting-wireless.c index fb43ed1c83..8720f85998 100644 --- a/libnm-util/nm-setting-wireless.c +++ b/libnm-util/nm-setting-wireless.c @@ -183,14 +183,6 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless, return TRUE; } - /* Adhoc WPA */ - if (!strcmp (key_mgmt, "wpa-none")) { - if (ap_mode != NM_802_11_MODE_ADHOC) - return FALSE; - /* FIXME: validate ciphers if they're in the beacon */ - return TRUE; - } - /* Adhoc WPA2 (ie, RSN IBSS) */ if (ap_mode == NM_802_11_MODE_ADHOC) { if (strcmp (key_mgmt, "wpa-psk")) diff --git a/libnm-util/nm-utils.c b/libnm-util/nm-utils.c index 8c485d3145..67d8b5c585 100644 --- a/libnm-util/nm-utils.c +++ b/libnm-util/nm-utils.c @@ -1319,25 +1319,16 @@ nm_utils_wifi_security_valid (NMUtilsSecurityType type, case NMU_SEC_WPA_PSK: if (!(wifi_caps & NM_WIFI_DEVICE_CAP_WPA)) return FALSE; + if (adhoc) + return FALSE; if (flags_valid) { - /* Ad-Hoc WPA APs won't necessarily have the PSK flag set, and - * they don't have any pairwise ciphers. */ - if (adhoc) { - if ( (ap_wpa & NM_802_11_AP_SEC_GROUP_TKIP) + if (ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK) { + if ( (ap_wpa & NM_802_11_AP_SEC_PAIR_TKIP) && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP)) return TRUE; - if ( (ap_wpa & NM_802_11_AP_SEC_GROUP_CCMP) + if ( (ap_wpa & NM_802_11_AP_SEC_PAIR_CCMP) && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP)) return TRUE; - } else { - if (ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK) { - if ( (ap_wpa & NM_802_11_AP_SEC_PAIR_TKIP) - && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP)) - return TRUE; - if ( (ap_wpa & NM_802_11_AP_SEC_PAIR_CCMP) - && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP)) - return TRUE; - } } return FALSE; } @@ -1346,12 +1337,12 @@ nm_utils_wifi_security_valid (NMUtilsSecurityType type, if (!(wifi_caps & NM_WIFI_DEVICE_CAP_RSN)) return FALSE; if (flags_valid) { - /* Ad-Hoc WPA APs won't necessarily have the PSK flag set, and - * they don't have any pairwise ciphers, nor any RSA flags yet. */ if (adhoc) { - if (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP) - return TRUE; - if (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP) + if (!(wifi_caps & NM_WIFI_DEVICE_CAP_IBSS_RSN)) + return FALSE; + /* FIXME: Ad-Hoc RSN peers may support TKIP, but we don't. */ + if ( (ap_rsn & NM_802_11_AP_SEC_PAIR_CCMP) + && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP)) return TRUE; } else { if (ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK) { diff --git a/src/nm-wifi-ap-utils.c b/src/nm-wifi-ap-utils.c index 51345a5ddd..9e5507ca56 100644 --- a/src/nm-wifi-ap-utils.c +++ b/src/nm-wifi-ap-utils.c @@ -271,7 +271,7 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec, auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec); if (key_mgmt) { - if (!strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-none")) { + if (!strcmp (key_mgmt, "wpa-psk")) { if (s_8021x) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, @@ -290,43 +290,36 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec, } } - if (!strcmp (key_mgmt, "wpa-none")) { - if (!adhoc) { - g_set_error_literal (error, - NM_SETTING_WIRELESS_SECURITY_ERROR, - NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - "WPA Ad-Hoc requires an Ad-Hoc mode AP"); - return FALSE; - } + if (adhoc && !strcmp(key_mgmt, "wpa-psk")) { - /* Ad-Hoc WPA requires 'wpa' proto, 'none' pairwise, and 'tkip' group */ + /* Ad-Hoc RSN requires 'rsn' proto, 'ccmp' pairwise, and 'ccmp' group */ n = nm_setting_wireless_security_get_num_protos (s_wsec); tmp = (n > 0) ? nm_setting_wireless_security_get_proto (s_wsec, 0) : NULL; - if (n > 1 || strcmp (tmp, "wpa")) { + if (n > 1 || strcmp (tmp, "rsn")) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - "WPA Ad-Hoc requires 'wpa' proto"); + "WPA Ad-Hoc requires 'rsn' proto"); return FALSE; } n = nm_setting_wireless_security_get_num_pairwise (s_wsec); tmp = (n > 0) ? nm_setting_wireless_security_get_pairwise (s_wsec, 0) : NULL; - if (n > 1 || strcmp (tmp, "none")) { + if (n > 1 || strcmp (tmp, "ccmp")) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - "WPA Ad-Hoc requires 'none' pairwise cipher"); + "WPA Ad-Hoc requires 'ccmp' pairwise cipher"); return FALSE; } n = nm_setting_wireless_security_get_num_groups (s_wsec); tmp = (n > 0) ? nm_setting_wireless_security_get_group (s_wsec, 0) : NULL; - if (n > 1 || strcmp (tmp, "tkip")) { + if (n > 1 || strcmp (tmp, "ccmp")) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - "WPA Ad-Hoc requires 'tkip' group cipher"); + "WPA Ad-Hoc requires 'ccmp' group cipher"); return FALSE; } } @@ -419,7 +412,7 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec, } if (adhoc) { - if (key_mgmt && strcmp (key_mgmt, "wpa-none") && strcmp (key_mgmt, "none")) { + if (key_mgmt && strcmp (key_mgmt, "wpa-psk") && strcmp (key_mgmt, "none")) { g_set_error_literal (error, NM_SETTING_WIRELESS_SECURITY_ERROR, NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, @@ -450,14 +443,6 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec, "Ad-Hoc mode requires 'open' authentication"); return FALSE; } - } else { - if (key_mgmt && !strcmp (key_mgmt, "wpa-none")) { - g_set_error_literal (error, - NM_SETTING_WIRELESS_SECURITY_ERROR, - NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY, - "AP mode is Infrastructure but setting requires Ad-Hoc security"); - return FALSE; - } } return TRUE; @@ -670,11 +655,13 @@ nm_ap_utils_complete_connection (const GByteArray *ap_ssid, return FALSE; if (adhoc) { - g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL); - /* Ad-Hoc does not support RSN/WPA2 */ - nm_setting_wireless_security_add_proto (s_wsec, "wpa"); - nm_setting_wireless_security_add_pairwise (s_wsec, "none"); - nm_setting_wireless_security_add_group (s_wsec, "tkip"); + g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", + NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open", + NULL); + /* Ad-Hoc does not support WPA-none anymore */ + nm_setting_wireless_security_add_proto (s_wsec, "rsn"); + nm_setting_wireless_security_add_pairwise (s_wsec, "ccmp"); + nm_setting_wireless_security_add_group (s_wsec, "ccmp"); } else if (s_8021x) { g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap", diff --git a/src/nm-wifi-ap.c b/src/nm-wifi-ap.c index 0ded56e0f2..69cba63f5f 100644 --- a/src/nm-wifi-ap.c +++ b/src/nm-wifi-ap.c @@ -630,6 +630,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection) guint32 channel; NM80211ApSecurityFlags flags; gboolean psk = FALSE, eap = FALSE; + gboolean adhoc = FALSE; g_return_val_if_fail (connection != NULL, NULL); @@ -650,9 +651,10 @@ nm_ap_new_fake_from_connection (NMConnection *connection) if (mode) { if (!strcmp (mode, "infrastructure")) nm_ap_set_mode (ap, NM_802_11_MODE_INFRA); - else if (!strcmp (mode, "adhoc")) + else if (!strcmp (mode, "adhoc")) { nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC); - else if (!strcmp (mode, "ap")) + adhoc = TRUE; + } else if (!strcmp (mode, "ap")) nm_ap_set_mode (ap, NM_802_11_MODE_AP); else goto error; @@ -680,7 +682,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection) key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec); /* Everything below here uses encryption */ - nm_ap_set_flags (ap, nm_ap_get_flags (ap) | NM_802_11_AP_FLAGS_PRIVACY); + nm_ap_set_flags (ap, NM_802_11_AP_FLAGS_PRIVACY); /* Static & Dynamic WEP */ if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x")) @@ -688,7 +690,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection) psk = !strcmp (key_mgmt, "wpa-psk"); eap = !strcmp (key_mgmt, "wpa-eap"); - if (psk || eap) { + if (!adhoc && (psk || eap)) { if (has_proto (s_wireless_sec, PROTO_WPA)) { flags = nm_ap_get_wpa_flags (ap); flags |= eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK; @@ -702,42 +704,16 @@ nm_ap_new_fake_from_connection (NMConnection *connection) add_pair_ciphers (ap, s_wireless_sec); add_group_ciphers (ap, s_wireless_sec); - } else if (!strcmp (key_mgmt, "wpa-none")) { - guint32 i; - - /* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and - * group=TKIP/CCMP (but not both). + } else if (adhoc && psk) { + /* Ad-Hoc has special requirements: proto=RSN, pairwise=CCMP, and + * group=CCMP. So we can pretty much ignore what's in the + * NMSettingWirelessSecurity setting. */ - - flags = nm_ap_get_wpa_flags (ap); - flags |= NM_802_11_AP_SEC_KEY_MGMT_PSK; - - /* Clear ciphers; pairwise must be unset anyway, and group gets set below */ - flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40 - | NM_802_11_AP_SEC_PAIR_WEP104 - | NM_802_11_AP_SEC_PAIR_TKIP - | NM_802_11_AP_SEC_PAIR_CCMP - | NM_802_11_AP_SEC_GROUP_WEP40 - | NM_802_11_AP_SEC_GROUP_WEP104 - | NM_802_11_AP_SEC_GROUP_TKIP - | NM_802_11_AP_SEC_GROUP_CCMP); - - for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) { - if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) { - flags |= NM_802_11_AP_SEC_GROUP_CCMP; - break; - } - } - - /* Default to TKIP since not all WPA-capable cards can do CCMP */ - if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP)) - flags |= NM_802_11_AP_SEC_GROUP_TKIP; - - nm_ap_set_wpa_flags (ap, flags); - - /* Don't use Ad-Hoc RSN yet */ - nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE); - } + nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_KEY_MGMT_PSK + | NM_802_11_AP_SEC_GROUP_CCMP + | NM_802_11_AP_SEC_PAIR_CCMP); + } else + goto error; done: return ap; diff --git a/src/settings/plugins/ifcfg-rh/reader.c b/src/settings/plugins/ifcfg-rh/reader.c index 6aa97f1809..3fea7cd244 100644 --- a/src/settings/plugins/ifcfg-rh/reader.c +++ b/src/settings/plugins/ifcfg-rh/reader.c @@ -1920,8 +1920,8 @@ fill_wpa_ciphers (shvarFile *ifcfg, PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring group cipher '%s' (only one group cipher allowed in Ad-Hoc mode)", *iter); continue; - } else if (!group) { - PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring pairwise cipher '%s' (pairwise not used in Ad-Hoc mode)", + } else if (!group && (i > 0)) { + PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring pairwise cipher '%s' (only one pairwise cipher allowed in Ad-Hoc mode)", *iter); continue; } @@ -2707,8 +2707,8 @@ make_wpa_setting (shvarFile *ifcfg, /* WPA and/or RSN */ if (adhoc) { - /* Ad-Hoc mode only supports WPA proto for now */ - nm_setting_wireless_security_add_proto (wsec, "wpa"); + /* Ad-Hoc mode only supports RSN proto */ + nm_setting_wireless_security_add_proto (wsec, "rsn"); } else { char *allow_wpa, *allow_rsn; @@ -2747,10 +2747,7 @@ make_wpa_setting (shvarFile *ifcfg, } } - if (adhoc) - g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL); - else - g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL); + g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL); } else if (!strcmp (value, "WPA-EAP") || !strcmp (value, "IEEE8021X")) { /* Adhoc mode is mutually exclusive with any 802.1x-based authentication */ if (adhoc) { diff --git a/src/settings/plugins/ifcfg-rh/writer.c b/src/settings/plugins/ifcfg-rh/writer.c index 26a1585b04..e4e719d276 100644 --- a/src/settings/plugins/ifcfg-rh/writer.c +++ b/src/settings/plugins/ifcfg-rh/writer.c @@ -592,7 +592,7 @@ write_wireless_security_setting (NMConnection *connection, svSetValue (ifcfg, "KEY_MGMT", NULL, FALSE); wep = TRUE; *no_8021x = TRUE; - } else if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) { + } else if (!strcmp (key_mgmt, "wpa-psk")) { svSetValue (ifcfg, "KEY_MGMT", "WPA-PSK", FALSE); wpa = TRUE; *no_8021x = TRUE; diff --git a/src/settings/plugins/ifnet/connection_parser.c b/src/settings/plugins/ifnet/connection_parser.c index 78812f977f..36af48baed 100644 --- a/src/settings/plugins/ifnet/connection_parser.c +++ b/src/settings/plugins/ifnet/connection_parser.c @@ -1333,23 +1333,6 @@ fill_wpa_ciphers (const char *ssid, list = g_strsplit_set (value, " ", 0); for (iter = list; iter && *iter; iter++, i++) { - /* Ad-Hoc configurations cannot have pairwise ciphers, and can only - * have one group cipher. Ignore any additional group ciphers and - * any pairwise ciphers specified. - */ - if (adhoc) { - if (group && (i > 0)) { - PLUGIN_WARN (IFNET_PLUGIN_NAME, - " warning: ignoring group cipher '%s' (only one group cipher allowed in Ad-Hoc mode)", - *iter); - continue; - } else if (!group) { - PLUGIN_WARN (IFNET_PLUGIN_NAME, - " warning: ignoring pairwise cipher '%s' (pairwise not used in Ad-Hoc mode)", - *iter); - continue; - } - } if (!strcmp (*iter, "CCMP")) { if (group) @@ -1358,6 +1341,19 @@ fill_wpa_ciphers (const char *ssid, else nm_setting_wireless_security_add_pairwise (wsec, "ccmp"); + } else if (adhoc) { + /* Ad-Hoc configurations only support CCMP cipher for + * pairwise and group. + * Ignore any other group or pairwise ciphers specified. + */ + if (group) + PLUGIN_WARN (IFNET_PLUGIN_NAME, + " warning: ignoring group cipher '%s' (only ccmp cipher allowed in Ad-Hoc mode)", + eiter); + else if (!group) + PLUGIN_WARN (IFNET_PLUGIN_NAME, + " warning: ignoring pairwise cipher '%s' (only ccmp cipher allowed in Ad-Hoc mode)", + *iter); } else if (!strcmp (*iter, "TKIP")) { if (group) nm_setting_wireless_security_add_group (wsec, @@ -1498,8 +1494,8 @@ make_wpa_setting (const char *ssid, /* WPA and/or RSN */ if (adhoc) { - /* Ad-Hoc mode only supports WPA proto for now */ - nm_setting_wireless_security_add_proto (wsec, "wpa"); + /* Ad-Hoc mode only supports RSN proto */ + nm_setting_wireless_security_add_proto (wsec, "rsn"); } else { nm_setting_wireless_security_add_proto (wsec, "wpa"); nm_setting_wireless_security_add_proto (wsec, "rsn"); @@ -1515,14 +1511,9 @@ make_wpa_setting (const char *ssid, NULL); g_free (psk); - if (adhoc) - g_object_set (wsec, - NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, - "wpa-none", NULL); - else - g_object_set (wsec, - NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, - "wpa-psk", NULL); + g_object_set (wsec, + NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, + "wpa-psk", NULL); } else if (!strcmp (value, "WPA-EAP") || !strcmp (value, "IEEE8021X")) { if (adhoc) { g_set_error (error, ifnet_plugin_error_quark (), 0, @@ -2115,8 +2106,7 @@ write_wireless_security_setting (NMConnection * connection, wpa_set_data (conn_name, "key_mgmt", "NONE"); wep = TRUE; *no_8021x = TRUE; - } else if (!strcmp (key_mgmt, "wpa-none") - || !strcmp (key_mgmt, "wpa-psk")) { + } else if (!strcmp (key_mgmt, "wpa-psk")) { wpa_set_data (conn_name, "key_mgmt", "WPA-PSK"); wpa = TRUE; *no_8021x = TRUE; diff --git a/src/settings/plugins/ifnet/tests/wpa_supplicant.conf b/src/settings/plugins/ifnet/tests/wpa_supplicant.conf index 609ee0e103..3a9f167b86 100644 --- a/src/settings/plugins/ifnet/tests/wpa_supplicant.conf +++ b/src/settings/plugins/ifnet/tests/wpa_supplicant.conf @@ -752,15 +752,15 @@ network={ } -# IBSS/ad-hoc network with WPA-None/TKIP. +# IBSS/ad-hoc network with IBSS RSN. network={ ssid="test adhoc" mode=1 frequency=2412 - proto=WPA - key_mgmt=WPA-NONE - pairwise=NONE - group=TKIP + proto=RSN + key_mgmt=WPA-PSK + pairwise=CCMP + group=CCMP psk="secret passphrase" } diff --git a/src/supplicant-manager/nm-supplicant-config.c b/src/supplicant-manager/nm-supplicant-config.c index 950e4b7803..3dc0fce9c2 100644 --- a/src/supplicant-manager/nm-supplicant-config.c +++ b/src/supplicant-manager/nm-supplicant-config.c @@ -651,8 +651,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self, } /* Only WPA-specific things when using WPA */ - if ( !strcmp (key_mgmt, "wpa-none") - || !strcmp (key_mgmt, "wpa-psk") + if ( !strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-eap")) { ADD_STRING_LIST_VAL (setting, wireless_security, proto, protos, "proto", ' ', TRUE, FALSE); ADD_STRING_LIST_VAL (setting, wireless_security, pairwise, pairwise, "pairwise", ' ', TRUE, FALSE); diff --git a/src/supplicant-manager/nm-supplicant-settings-verify.c b/src/supplicant-manager/nm-supplicant-settings-verify.c index 143e51a360..eaaeec0319 100644 --- a/src/supplicant-manager/nm-supplicant-settings-verify.c +++ b/src/supplicant-manager/nm-supplicant-settings-verify.c @@ -70,7 +70,7 @@ static const struct validate_entry validate_table[] = { const char * pairwise_allowed[] = { "CCMP", "TKIP", "NONE", NULL }; const char * group_allowed[] = { "CCMP", "TKIP", "WEP104", "WEP40", NULL }; const char * proto_allowed[] = { "WPA", "RSN", NULL }; -const char * key_mgmt_allowed[] = { "WPA-PSK", "WPA-EAP", "IEEE8021X", "WPA-NONE", +const char * key_mgmt_allowed[] = { "WPA-PSK", "WPA-EAP", "IEEE8021X", "NONE", NULL }; const char * auth_alg_allowed[] = { "OPEN", "SHARED", "LEAP", NULL }; const char * eap_allowed[] = { "LEAP", "MD5", "TLS", "PEAP", "TTLS", "SIM", diff --git a/src/wifi/wifi-utils-nl80211.c b/src/wifi/wifi-utils-nl80211.c index f0db2d5eae..5d4711b068 100644 --- a/src/wifi/wifi-utils-nl80211.c +++ b/src/wifi/wifi-utils-nl80211.c @@ -708,6 +708,9 @@ static int nl80211_wiphy_info_handler (struct nl_msg *msg, void *arg) } } + if (tb[NL80211_ATTR_SUPPORT_IBSS_RSN]) + info->caps |= NM_WIFI_DEVICE_CAP_IBSS_RSN; + info->success = TRUE; return NL_SKIP; -- cgit v1.2.1