summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/nm-wifi-ap-utils.c47
-rw-r--r--src/nm-wifi-ap.c54
-rw-r--r--src/settings/plugins/ifcfg-rh/reader.c13
-rw-r--r--src/settings/plugins/ifcfg-rh/writer.c2
-rw-r--r--src/settings/plugins/ifnet/connection_parser.c48
-rw-r--r--src/settings/plugins/ifnet/tests/wpa_supplicant.conf10
-rw-r--r--src/supplicant-manager/nm-supplicant-config.c3
-rw-r--r--src/supplicant-manager/nm-supplicant-settings-verify.c2
-rw-r--r--src/wifi/wifi-utils-nl80211.c3
9 files changed, 67 insertions, 115 deletions
diff --git a/src/nm-wifi-ap-utils.c b/src/nm-wifi-ap-utils.c
index 51345a5ddd..9e5507ca56 100644
--- a/src/nm-wifi-ap-utils.c
+++ b/src/nm-wifi-ap-utils.c
@@ -271,7 +271,7 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (key_mgmt) {
- if (!strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-none")) {
+ if (!strcmp (key_mgmt, "wpa-psk")) {
if (s_8021x) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
@@ -290,43 +290,36 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
}
}
- if (!strcmp (key_mgmt, "wpa-none")) {
- if (!adhoc) {
- g_set_error_literal (error,
- NM_SETTING_WIRELESS_SECURITY_ERROR,
- NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
- "WPA Ad-Hoc requires an Ad-Hoc mode AP");
- return FALSE;
- }
+ if (adhoc && !strcmp(key_mgmt, "wpa-psk")) {
- /* Ad-Hoc WPA requires 'wpa' proto, 'none' pairwise, and 'tkip' group */
+ /* Ad-Hoc RSN requires 'rsn' proto, 'ccmp' pairwise, and 'ccmp' group */
n = nm_setting_wireless_security_get_num_protos (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_proto (s_wsec, 0) : NULL;
- if (n > 1 || strcmp (tmp, "wpa")) {
+ if (n > 1 || strcmp (tmp, "rsn")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
- "WPA Ad-Hoc requires 'wpa' proto");
+ "WPA Ad-Hoc requires 'rsn' proto");
return FALSE;
}
n = nm_setting_wireless_security_get_num_pairwise (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_pairwise (s_wsec, 0) : NULL;
- if (n > 1 || strcmp (tmp, "none")) {
+ if (n > 1 || strcmp (tmp, "ccmp")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
- "WPA Ad-Hoc requires 'none' pairwise cipher");
+ "WPA Ad-Hoc requires 'ccmp' pairwise cipher");
return FALSE;
}
n = nm_setting_wireless_security_get_num_groups (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_group (s_wsec, 0) : NULL;
- if (n > 1 || strcmp (tmp, "tkip")) {
+ if (n > 1 || strcmp (tmp, "ccmp")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
- "WPA Ad-Hoc requires 'tkip' group cipher");
+ "WPA Ad-Hoc requires 'ccmp' group cipher");
return FALSE;
}
}
@@ -419,7 +412,7 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
}
if (adhoc) {
- if (key_mgmt && strcmp (key_mgmt, "wpa-none") && strcmp (key_mgmt, "none")) {
+ if (key_mgmt && strcmp (key_mgmt, "wpa-psk") && strcmp (key_mgmt, "none")) {
g_set_error_literal (error,
NM_SETTING_WIRELESS_SECURITY_ERROR,
NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
@@ -450,14 +443,6 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
"Ad-Hoc mode requires 'open' authentication");
return FALSE;
}
- } else {
- if (key_mgmt && !strcmp (key_mgmt, "wpa-none")) {
- g_set_error_literal (error,
- NM_SETTING_WIRELESS_SECURITY_ERROR,
- NM_SETTING_WIRELESS_SECURITY_ERROR_INVALID_PROPERTY,
- "AP mode is Infrastructure but setting requires Ad-Hoc security");
- return FALSE;
- }
}
return TRUE;
@@ -670,11 +655,13 @@ nm_ap_utils_complete_connection (const GByteArray *ap_ssid,
return FALSE;
if (adhoc) {
- g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
- /* Ad-Hoc does not support RSN/WPA2 */
- nm_setting_wireless_security_add_proto (s_wsec, "wpa");
- nm_setting_wireless_security_add_pairwise (s_wsec, "none");
- nm_setting_wireless_security_add_group (s_wsec, "tkip");
+ g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
+ NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "open",
+ NULL);
+ /* Ad-Hoc does not support WPA-none anymore */
+ nm_setting_wireless_security_add_proto (s_wsec, "rsn");
+ nm_setting_wireless_security_add_pairwise (s_wsec, "ccmp");
+ nm_setting_wireless_security_add_group (s_wsec, "ccmp");
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
diff --git a/src/nm-wifi-ap.c b/src/nm-wifi-ap.c
index 0ded56e0f2..69cba63f5f 100644
--- a/src/nm-wifi-ap.c
+++ b/src/nm-wifi-ap.c
@@ -630,6 +630,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection)
guint32 channel;
NM80211ApSecurityFlags flags;
gboolean psk = FALSE, eap = FALSE;
+ gboolean adhoc = FALSE;
g_return_val_if_fail (connection != NULL, NULL);
@@ -650,9 +651,10 @@ nm_ap_new_fake_from_connection (NMConnection *connection)
if (mode) {
if (!strcmp (mode, "infrastructure"))
nm_ap_set_mode (ap, NM_802_11_MODE_INFRA);
- else if (!strcmp (mode, "adhoc"))
+ else if (!strcmp (mode, "adhoc")) {
nm_ap_set_mode (ap, NM_802_11_MODE_ADHOC);
- else if (!strcmp (mode, "ap"))
+ adhoc = TRUE;
+ } else if (!strcmp (mode, "ap"))
nm_ap_set_mode (ap, NM_802_11_MODE_AP);
else
goto error;
@@ -680,7 +682,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
/* Everything below here uses encryption */
- nm_ap_set_flags (ap, nm_ap_get_flags (ap) | NM_802_11_AP_FLAGS_PRIVACY);
+ nm_ap_set_flags (ap, NM_802_11_AP_FLAGS_PRIVACY);
/* Static & Dynamic WEP */
if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
@@ -688,7 +690,7 @@ nm_ap_new_fake_from_connection (NMConnection *connection)
psk = !strcmp (key_mgmt, "wpa-psk");
eap = !strcmp (key_mgmt, "wpa-eap");
- if (psk || eap) {
+ if (!adhoc && (psk || eap)) {
if (has_proto (s_wireless_sec, PROTO_WPA)) {
flags = nm_ap_get_wpa_flags (ap);
flags |= eap ? NM_802_11_AP_SEC_KEY_MGMT_802_1X : NM_802_11_AP_SEC_KEY_MGMT_PSK;
@@ -702,42 +704,16 @@ nm_ap_new_fake_from_connection (NMConnection *connection)
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
- } else if (!strcmp (key_mgmt, "wpa-none")) {
- guint32 i;
-
- /* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
- * group=TKIP/CCMP (but not both).
+ } else if (adhoc && psk) {
+ /* Ad-Hoc has special requirements: proto=RSN, pairwise=CCMP, and
+ * group=CCMP. So we can pretty much ignore what's in the
+ * NMSettingWirelessSecurity setting.
*/
-
- flags = nm_ap_get_wpa_flags (ap);
- flags |= NM_802_11_AP_SEC_KEY_MGMT_PSK;
-
- /* Clear ciphers; pairwise must be unset anyway, and group gets set below */
- flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
- | NM_802_11_AP_SEC_PAIR_WEP104
- | NM_802_11_AP_SEC_PAIR_TKIP
- | NM_802_11_AP_SEC_PAIR_CCMP
- | NM_802_11_AP_SEC_GROUP_WEP40
- | NM_802_11_AP_SEC_GROUP_WEP104
- | NM_802_11_AP_SEC_GROUP_TKIP
- | NM_802_11_AP_SEC_GROUP_CCMP);
-
- for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
- if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
- flags |= NM_802_11_AP_SEC_GROUP_CCMP;
- break;
- }
- }
-
- /* Default to TKIP since not all WPA-capable cards can do CCMP */
- if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
- flags |= NM_802_11_AP_SEC_GROUP_TKIP;
-
- nm_ap_set_wpa_flags (ap, flags);
-
- /* Don't use Ad-Hoc RSN yet */
- nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
- }
+ nm_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_KEY_MGMT_PSK
+ | NM_802_11_AP_SEC_GROUP_CCMP
+ | NM_802_11_AP_SEC_PAIR_CCMP);
+ } else
+ goto error;
done:
return ap;
diff --git a/src/settings/plugins/ifcfg-rh/reader.c b/src/settings/plugins/ifcfg-rh/reader.c
index 6aa97f1809..3fea7cd244 100644
--- a/src/settings/plugins/ifcfg-rh/reader.c
+++ b/src/settings/plugins/ifcfg-rh/reader.c
@@ -1920,8 +1920,8 @@ fill_wpa_ciphers (shvarFile *ifcfg,
PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring group cipher '%s' (only one group cipher allowed in Ad-Hoc mode)",
*iter);
continue;
- } else if (!group) {
- PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring pairwise cipher '%s' (pairwise not used in Ad-Hoc mode)",
+ } else if (!group && (i > 0)) {
+ PLUGIN_WARN (IFCFG_PLUGIN_NAME, " warning: ignoring pairwise cipher '%s' (only one pairwise cipher allowed in Ad-Hoc mode)",
*iter);
continue;
}
@@ -2707,8 +2707,8 @@ make_wpa_setting (shvarFile *ifcfg,
/* WPA and/or RSN */
if (adhoc) {
- /* Ad-Hoc mode only supports WPA proto for now */
- nm_setting_wireless_security_add_proto (wsec, "wpa");
+ /* Ad-Hoc mode only supports RSN proto */
+ nm_setting_wireless_security_add_proto (wsec, "rsn");
} else {
char *allow_wpa, *allow_rsn;
@@ -2747,10 +2747,7 @@ make_wpa_setting (shvarFile *ifcfg,
}
}
- if (adhoc)
- g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
- else
- g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
+ g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
} else if (!strcmp (value, "WPA-EAP") || !strcmp (value, "IEEE8021X")) {
/* Adhoc mode is mutually exclusive with any 802.1x-based authentication */
if (adhoc) {
diff --git a/src/settings/plugins/ifcfg-rh/writer.c b/src/settings/plugins/ifcfg-rh/writer.c
index 26a1585b04..e4e719d276 100644
--- a/src/settings/plugins/ifcfg-rh/writer.c
+++ b/src/settings/plugins/ifcfg-rh/writer.c
@@ -592,7 +592,7 @@ write_wireless_security_setting (NMConnection *connection,
svSetValue (ifcfg, "KEY_MGMT", NULL, FALSE);
wep = TRUE;
*no_8021x = TRUE;
- } else if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) {
+ } else if (!strcmp (key_mgmt, "wpa-psk")) {
svSetValue (ifcfg, "KEY_MGMT", "WPA-PSK", FALSE);
wpa = TRUE;
*no_8021x = TRUE;
diff --git a/src/settings/plugins/ifnet/connection_parser.c b/src/settings/plugins/ifnet/connection_parser.c
index 78812f977f..36af48baed 100644
--- a/src/settings/plugins/ifnet/connection_parser.c
+++ b/src/settings/plugins/ifnet/connection_parser.c
@@ -1333,23 +1333,6 @@ fill_wpa_ciphers (const char *ssid,
list = g_strsplit_set (value, " ", 0);
for (iter = list; iter && *iter; iter++, i++) {
- /* Ad-Hoc configurations cannot have pairwise ciphers, and can only
- * have one group cipher. Ignore any additional group ciphers and
- * any pairwise ciphers specified.
- */
- if (adhoc) {
- if (group && (i > 0)) {
- PLUGIN_WARN (IFNET_PLUGIN_NAME,
- " warning: ignoring group cipher '%s' (only one group cipher allowed in Ad-Hoc mode)",
- *iter);
- continue;
- } else if (!group) {
- PLUGIN_WARN (IFNET_PLUGIN_NAME,
- " warning: ignoring pairwise cipher '%s' (pairwise not used in Ad-Hoc mode)",
- *iter);
- continue;
- }
- }
if (!strcmp (*iter, "CCMP")) {
if (group)
@@ -1358,6 +1341,19 @@ fill_wpa_ciphers (const char *ssid,
else
nm_setting_wireless_security_add_pairwise (wsec,
"ccmp");
+ } else if (adhoc) {
+ /* Ad-Hoc configurations only support CCMP cipher for
+ * pairwise and group.
+ * Ignore any other group or pairwise ciphers specified.
+ */
+ if (group)
+ PLUGIN_WARN (IFNET_PLUGIN_NAME,
+ " warning: ignoring group cipher '%s' (only ccmp cipher allowed in Ad-Hoc mode)",
+ eiter);
+ else if (!group)
+ PLUGIN_WARN (IFNET_PLUGIN_NAME,
+ " warning: ignoring pairwise cipher '%s' (only ccmp cipher allowed in Ad-Hoc mode)",
+ *iter);
} else if (!strcmp (*iter, "TKIP")) {
if (group)
nm_setting_wireless_security_add_group (wsec,
@@ -1498,8 +1494,8 @@ make_wpa_setting (const char *ssid,
/* WPA and/or RSN */
if (adhoc) {
- /* Ad-Hoc mode only supports WPA proto for now */
- nm_setting_wireless_security_add_proto (wsec, "wpa");
+ /* Ad-Hoc mode only supports RSN proto */
+ nm_setting_wireless_security_add_proto (wsec, "rsn");
} else {
nm_setting_wireless_security_add_proto (wsec, "wpa");
nm_setting_wireless_security_add_proto (wsec, "rsn");
@@ -1515,14 +1511,9 @@ make_wpa_setting (const char *ssid,
NULL);
g_free (psk);
- if (adhoc)
- g_object_set (wsec,
- NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
- "wpa-none", NULL);
- else
- g_object_set (wsec,
- NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
- "wpa-psk", NULL);
+ g_object_set (wsec,
+ NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
+ "wpa-psk", NULL);
} else if (!strcmp (value, "WPA-EAP") || !strcmp (value, "IEEE8021X")) {
if (adhoc) {
g_set_error (error, ifnet_plugin_error_quark (), 0,
@@ -2115,8 +2106,7 @@ write_wireless_security_setting (NMConnection * connection,
wpa_set_data (conn_name, "key_mgmt", "NONE");
wep = TRUE;
*no_8021x = TRUE;
- } else if (!strcmp (key_mgmt, "wpa-none")
- || !strcmp (key_mgmt, "wpa-psk")) {
+ } else if (!strcmp (key_mgmt, "wpa-psk")) {
wpa_set_data (conn_name, "key_mgmt", "WPA-PSK");
wpa = TRUE;
*no_8021x = TRUE;
diff --git a/src/settings/plugins/ifnet/tests/wpa_supplicant.conf b/src/settings/plugins/ifnet/tests/wpa_supplicant.conf
index 609ee0e103..3a9f167b86 100644
--- a/src/settings/plugins/ifnet/tests/wpa_supplicant.conf
+++ b/src/settings/plugins/ifnet/tests/wpa_supplicant.conf
@@ -752,15 +752,15 @@ network={
}
-# IBSS/ad-hoc network with WPA-None/TKIP.
+# IBSS/ad-hoc network with IBSS RSN.
network={
ssid="test adhoc"
mode=1
frequency=2412
- proto=WPA
- key_mgmt=WPA-NONE
- pairwise=NONE
- group=TKIP
+ proto=RSN
+ key_mgmt=WPA-PSK
+ pairwise=CCMP
+ group=CCMP
psk="secret passphrase"
}
diff --git a/src/supplicant-manager/nm-supplicant-config.c b/src/supplicant-manager/nm-supplicant-config.c
index 950e4b7803..3dc0fce9c2 100644
--- a/src/supplicant-manager/nm-supplicant-config.c
+++ b/src/supplicant-manager/nm-supplicant-config.c
@@ -651,8 +651,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
}
/* Only WPA-specific things when using WPA */
- if ( !strcmp (key_mgmt, "wpa-none")
- || !strcmp (key_mgmt, "wpa-psk")
+ if ( !strcmp (key_mgmt, "wpa-psk")
|| !strcmp (key_mgmt, "wpa-eap")) {
ADD_STRING_LIST_VAL (setting, wireless_security, proto, protos, "proto", ' ', TRUE, FALSE);
ADD_STRING_LIST_VAL (setting, wireless_security, pairwise, pairwise, "pairwise", ' ', TRUE, FALSE);
diff --git a/src/supplicant-manager/nm-supplicant-settings-verify.c b/src/supplicant-manager/nm-supplicant-settings-verify.c
index 143e51a360..eaaeec0319 100644
--- a/src/supplicant-manager/nm-supplicant-settings-verify.c
+++ b/src/supplicant-manager/nm-supplicant-settings-verify.c
@@ -70,7 +70,7 @@ static const struct validate_entry validate_table[] = {
const char * pairwise_allowed[] = { "CCMP", "TKIP", "NONE", NULL };
const char * group_allowed[] = { "CCMP", "TKIP", "WEP104", "WEP40", NULL };
const char * proto_allowed[] = { "WPA", "RSN", NULL };
-const char * key_mgmt_allowed[] = { "WPA-PSK", "WPA-EAP", "IEEE8021X", "WPA-NONE",
+const char * key_mgmt_allowed[] = { "WPA-PSK", "WPA-EAP", "IEEE8021X",
"NONE", NULL };
const char * auth_alg_allowed[] = { "OPEN", "SHARED", "LEAP", NULL };
const char * eap_allowed[] = { "LEAP", "MD5", "TLS", "PEAP", "TTLS", "SIM",
diff --git a/src/wifi/wifi-utils-nl80211.c b/src/wifi/wifi-utils-nl80211.c
index f0db2d5eae..5d4711b068 100644
--- a/src/wifi/wifi-utils-nl80211.c
+++ b/src/wifi/wifi-utils-nl80211.c
@@ -708,6 +708,9 @@ static int nl80211_wiphy_info_handler (struct nl_msg *msg, void *arg)
}
}
+ if (tb[NL80211_ATTR_SUPPORT_IBSS_RSN])
+ info->caps |= NM_WIFI_DEVICE_CAP_IBSS_RSN;
+
info->success = TRUE;
return NL_SKIP;
View Lorry Controller Status