system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-07-21 18:24:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

2008-03-17 Dan Williams <dcbw@redhat.com>

Browse source 
Split the 802.1x bits out of the wireless-security setting so they are
	generalized enough for wired 802.1x to use too.

	* introspection/nm-exported-connection.xml
		- GetSecrets now returns 'a{sa{sv}}' (a hash of settings hashes) instead
			of just a hash of the secrets for one setting

	* libnm-util/nm-setting-wireless-security.c
	  libnm-util/nm-setting-wireless-security.h
		- Remove 802.1x-specific stuff
		- Added leap-username and leap-password properties for old-school LEAP

	* src/nm-device.c
	  src/nm-device.h
		- (connection_secrets_updated_cb): take a list of updated settings names,
			not just one

	* src/supplicant-manager/nm-supplicant-config.c
	  src/supplicant-manager/nm-supplicant-config.h
		- (nm_supplicant_config_add_setting_wireless_security): remove 802.1x
			specific stuff; fix for updated LEAP bits; punt 802.1x stuff
			to nm_supplicant_config_add_setting_8021x()
		- (nm_supplicant_config_add_setting_8021x): add an 802-1x setting to
			the supplicant config

	* src/nm-device-802-11-wireless.c
		- (build_supplicant_config): pass in the 802.1x setting too, if any
		- (real_connection_secrets_updated): take a list of updated settings
			names, not just one

	* src/nm-device-802-3-ethernet.c
	  src/nm-cdma-device.c
	  src/nm-gsm-device.c
		- (real_connection_secrets_updated_cb): take a list of updated settings
			names, not just one

	* src/nm-activation-request.c
	  src/nm-activation-request.h
		- (nm_act_request_class_init): the 'connection-secrets-updated' signal
			now passes a list of updated settings names, not just one
		- (update_one_setting): new function; handle one updated setting
		- (get_secrets_cb): handle multiple settings returned from the
			settings service; have to be careful of ordering here as there are
			some dependencies between settings (ex. wireless-security and 802.1x
			in some cases)

	* src/marshallers/nm-marshal.list
		- new marshaller for connection-secrets-updated signal

	* libnm-util/nm-setting-8021x.c
		- Add back the 'pin' and 'psk' settings, for EAP-SIM and EAP-PSK auth
			methods
		- (verify): a valid 'eap' property is now required

	* libnm-util/nm-connection.c
		- (register_default_settings): add priorities to settings; there are
			some dependencies between settings, and during the need_secrets
			calls this priority needs to be respected.  For example, only the
			wireless-security setting knows whether or not the connection is
			going to use 802.1x or now, so it must be asked for secrets before
			any existing 802.1x setting is
		- (nm_connection_lookup_setting_type): expose

	* libnm-util/nm-setting-wireless.c
		- (verify): should verify even if all_settings is NULL; otherwise won't
			catch the case where there is missing security

	* libnm-util/nm-setting-wireless-security.c
		- Remove everything to do with 802.1x
		- Add old-school LEAP specific properties for username and password
		- (need_secrets): rework LEAP secrets checking
		- (verify): rework for LEAP and 802.1x verification



git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3470 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
This commit is contained in:
Dan Williams 2008-03-17 19:37:23 +00:00
parent 50fb976d6a
commit 70e79d60dd
20 changed files with 556 additions and 811 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
ChangeLog
View file

@ -1,3 +1,78 @@
2008-03-17 Dan Williams <dcbw@redhat.com>
Split the 802.1x bits out of the wireless-security setting so they are
generalized enough for wired 802.1x to use too.
* introspection/nm-exported-connection.xml
- GetSecrets now returns 'a{sa{sv}}' (a hash of settings hashes) instead
of just a hash of the secrets for one setting
* libnm-util/nm-setting-wireless-security.c
libnm-util/nm-setting-wireless-security.h
- Remove 802.1x-specific stuff
- Added leap-username and leap-password properties for old-school LEAP
* src/nm-device.c
src/nm-device.h
- (connection_secrets_updated_cb): take a list of updated settings names,
not just one
* src/supplicant-manager/nm-supplicant-config.c
src/supplicant-manager/nm-supplicant-config.h
- (nm_supplicant_config_add_setting_wireless_security): remove 802.1x
specific stuff; fix for updated LEAP bits; punt 802.1x stuff
to nm_supplicant_config_add_setting_8021x()
- (nm_supplicant_config_add_setting_8021x): add an 802-1x setting to
the supplicant config
* src/nm-device-802-11-wireless.c
- (build_supplicant_config): pass in the 802.1x setting too, if any
- (real_connection_secrets_updated): take a list of updated settings
names, not just one
* src/nm-device-802-3-ethernet.c
src/nm-cdma-device.c
src/nm-gsm-device.c
- (real_connection_secrets_updated_cb): take a list of updated settings
names, not just one
* src/nm-activation-request.c
src/nm-activation-request.h
- (nm_act_request_class_init): the 'connection-secrets-updated' signal
now passes a list of updated settings names, not just one
- (update_one_setting): new function; handle one updated setting
- (get_secrets_cb): handle multiple settings returned from the
settings service; have to be careful of ordering here as there are
some dependencies between settings (ex. wireless-security and 802.1x
in some cases)
* src/marshallers/nm-marshal.list
- new marshaller for connection-secrets-updated signal
* libnm-util/nm-setting-8021x.c
- Add back the 'pin' and 'psk' settings, for EAP-SIM and EAP-PSK auth
methods
- (verify): a valid 'eap' property is now required
* libnm-util/nm-connection.c
- (register_default_settings): add priorities to settings; there are
some dependencies between settings, and during the need_secrets
calls this priority needs to be respected. For example, only the
wireless-security setting knows whether or not the connection is
going to use 802.1x or now, so it must be asked for secrets before
any existing 802.1x setting is
- (nm_connection_lookup_setting_type): expose
* libnm-util/nm-setting-wireless.c
- (verify): should verify even if all_settings is NULL; otherwise won't
catch the case where there is missing security
* libnm-util/nm-setting-wireless-security.c
- Remove everything to do with 802.1x
- Add old-school LEAP specific properties for username and password
- (need_secrets): rework LEAP secrets checking
- (verify): rework for LEAP and 802.1x verification
2008-03-17 Dan Williams <dcbw@redhat.com>
* src/NetworkManagerPolicy.c

6
introspection/nm-exported-connection.xml
View file

@ -68,7 +68,7 @@
<arg name="hints" type="as" direction="in">
<tp:docstring>
Array of strings of key names in the Setting for which NM thinks
a secrets may be required.A
a secrets may be required.
</tp:docstring>
</arg>
<arg name="request_new" type="b" direction="in">
@ -77,9 +77,9 @@
</tp:docstring>
</arg>
<arg name="secrets" type="a{sv}" direction="out" tp:type="String_Variant_Map">
<arg name="secrets" type="a{sa{sv}}" direction="out" tp:type="String_String_Variant_Map_Map">
<tp:docstring>
Map of secrets.
Nested settings maps containing secrets. Each setting MUST contain at least the 'name' field, containing the name of the setting, and one or more secrets.
</tp:docstring>
</arg>
</method>

142
libnm-util/nm-connection.c
View file

@ -53,34 +53,63 @@ static guint signals[LAST_SIGNAL] = { 0 };
static GHashTable *registered_settings = NULL;
#define DEFAULT_MAP_SIZE 13
static struct SettingInfo {
const char *name;
GType type;
guint32 priority;
} default_map[DEFAULT_MAP_SIZE] = { { NULL } };
static void
register_one_setting (int i, const char *name, GType type, guint32 priority)
{
g_return_if_fail (i >= 0);
g_return_if_fail (i < DEFAULT_MAP_SIZE);
g_return_if_fail (default_map[i].name == NULL);
default_map[i].name = name;
default_map[i].type = type;
default_map[i].priority = priority;
nm_setting_register (name, type);
}
static void
register_default_settings (void)
{
int i;
const struct {
const char *name;
GType type;
} default_map[] = {
{ NM_SETTING_CONNECTION_SETTING_NAME, NM_TYPE_SETTING_CONNECTION },
{ NM_SETTING_802_1X_SETTING_NAME, NM_TYPE_SETTING_802_1X },
{ NM_SETTING_WIRED_SETTING_NAME, NM_TYPE_SETTING_WIRED },
{ NM_SETTING_WIRELESS_SETTING_NAME, NM_TYPE_SETTING_WIRELESS },
{ NM_SETTING_IP4_CONFIG_SETTING_NAME, NM_TYPE_SETTING_IP4_CONFIG },
{ NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_TYPE_SETTING_WIRELESS_SECURITY },
{ NM_SETTING_SERIAL_SETTING_NAME, NM_TYPE_SETTING_SERIAL },
{ NM_SETTING_GSM_SETTING_NAME, NM_TYPE_SETTING_GSM },
{ NM_SETTING_CDMA_SETTING_NAME, NM_TYPE_SETTING_CDMA },
{ NM_SETTING_PPP_SETTING_NAME, NM_TYPE_SETTING_PPP },
{ NM_SETTING_PPPOE_SETTING_NAME, NM_TYPE_SETTING_PPPOE },
{ NM_SETTING_VPN_SETTING_NAME, NM_TYPE_SETTING_VPN },
{ NM_SETTING_VPN_PROPERTIES_SETTING_NAME, NM_TYPE_SETTING_VPN_PROPERTIES },
{ NULL }
};
int i = 0;
nm_utils_register_value_transformations ();
for (i = 0; default_map[i].name; i++)
nm_setting_register (default_map[i].name, default_map[i].type);
if (G_LIKELY (default_map[0].name))
return;
register_one_setting (i++, NM_SETTING_CONNECTION_SETTING_NAME, NM_TYPE_SETTING_CONNECTION, 0);
register_one_setting (i++, NM_SETTING_WIRED_SETTING_NAME, NM_TYPE_SETTING_WIRED, 1);
register_one_setting (i++, NM_SETTING_WIRELESS_SETTING_NAME, NM_TYPE_SETTING_WIRELESS, 1);
register_one_setting (i++, NM_SETTING_GSM_SETTING_NAME, NM_TYPE_SETTING_GSM, 1);
register_one_setting (i++, NM_SETTING_CDMA_SETTING_NAME, NM_TYPE_SETTING_CDMA, 1);
register_one_setting (i++, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_TYPE_SETTING_WIRELESS_SECURITY, 2);
register_one_setting (i++, NM_SETTING_SERIAL_SETTING_NAME, NM_TYPE_SETTING_SERIAL, 2);
register_one_setting (i++, NM_SETTING_PPP_SETTING_NAME, NM_TYPE_SETTING_PPP, 3);
register_one_setting (i++, NM_SETTING_PPPOE_SETTING_NAME, NM_TYPE_SETTING_PPPOE, 3);
register_one_setting (i++, NM_SETTING_802_1X_SETTING_NAME, NM_TYPE_SETTING_802_1X, 3);
register_one_setting (i++, NM_SETTING_VPN_SETTING_NAME, NM_TYPE_SETTING_VPN, 4);
register_one_setting (i++, NM_SETTING_VPN_PROPERTIES_SETTING_NAME, NM_TYPE_SETTING_VPN_PROPERTIES, 5);
register_one_setting (i++, NM_SETTING_IP4_CONFIG_SETTING_NAME, NM_TYPE_SETTING_IP4_CONFIG, 6);
}
static guint32
get_priority_for_setting_type (GType type)
{
int i;
for (i = 0; default_map[i].name; i++) {
if (default_map[i].type == type)
return default_map[i].priority;
}
return G_MAXUINT32;
}
void
@ -107,7 +136,7 @@ nm_setting_unregister (const char *name)
g_hash_table_remove (registered_settings, name);
}
static GType
GType
nm_connection_lookup_setting_type (const char *name)
{
char *type_name;
@ -331,24 +360,27 @@ nm_connection_update_secrets (NMConnection *connection,
g_signal_emit (connection, signals[SECRETS_UPDATED], 0, setting_name);
}
typedef struct NeedSecretsInfo {
GPtrArray *secrets;
NMSetting *setting;
} NeedSecretsInfo;
static gint
setting_priority_compare (gconstpointer a, gconstpointer b)
{
guint32 prio_a, prio_b;
prio_a = get_priority_for_setting_type (G_OBJECT_TYPE (NM_SETTING (a)));
prio_b = get_priority_for_setting_type (G_OBJECT_TYPE (NM_SETTING (b)));
if (prio_a < prio_b)
return -1;
else if (prio_a == prio_b)
return 0;
return 1;
}
static void
need_secrets_check (gpointer key, gpointer data, gpointer user_data)
add_setting_to_list (gpointer key, gpointer data, gpointer user_data)
{
NMSetting *setting = NM_SETTING (data);
NeedSecretsInfo *info = (NeedSecretsInfo *) user_data;
GSList **list = (GSList **) user_data;
// FIXME: allow more than one setting to say it needs secrets
if (info->secrets)
return;
info->secrets = nm_setting_need_secrets (setting);
if (info->secrets)
info->setting = setting;
*list = g_slist_insert_sorted (*list, NM_SETTING (data), setting_priority_compare);
}
const char *
@ -356,26 +388,38 @@ nm_connection_need_secrets (NMConnection *connection,
GPtrArray **hints)
{
NMConnectionPrivate *priv;
NeedSecretsInfo info = { NULL, NULL };
GSList *settings = NULL;
GSList *iter;
char *name = NULL;
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
priv = NM_CONNECTION_GET_PRIVATE (connection);
g_hash_table_foreach (priv->settings, need_secrets_check, &info);
// FIXME: do something with requested secrets rather than asking for
// all of them. Maybe make info.secrets a hash table mapping
// settings name :: [list of secrets key names].
if (info.secrets) {
if (hints)
*hints = info.secrets;
else
g_ptr_array_free (info.secrets, TRUE);
/* Get list of settings in priority order */
g_hash_table_foreach (priv->settings, add_setting_to_list, &settings);
return nm_setting_get_name (info.setting);
for (iter = settings; iter; iter = g_slist_next (iter)) {
NMSetting *setting = NM_SETTING (iter->data);
GPtrArray *secrets;
// FIXME: do something with requested secrets rather than asking for
// all of them. Maybe make secrets a hash table mapping
// settings name :: [list of secrets key names].
secrets = nm_setting_need_secrets (setting);
if (secrets) {
if (hints)
*hints = secrets;
else
g_ptr_array_free (secrets, TRUE);
name = (char *) nm_setting_get_name (setting);
break;
}
}
return NULL;
g_slist_free (settings);
return name;
}
static void

2
libnm-util/nm-connection.h
View file

@ -92,6 +92,8 @@ void nm_setting_register (const char *name,
void nm_setting_unregister (const char *name);
GType nm_connection_lookup_setting_type (const char *name);
G_END_DECLS
#endif /* NM_CONNECTION_H */

52
libnm-util/nm-setting-8021x.c
View file

@ -28,6 +28,8 @@ enum {
PROP_PASSWORD,
PROP_PRIVATE_KEY,
PROP_PHASE2_PRIVATE_KEY,
PROP_PIN,
PROP_PSK,
LAST_PROP
};
@ -47,6 +49,15 @@ need_secrets_password (NMSetting8021x *self,
g_ptr_array_add (secrets, NM_SETTING_802_1X_PASSWORD);
}
static void
need_secrets_sim (NMSetting8021x *self,
GPtrArray *secrets,
gboolean phase2)
{
if (!self->pin || !strlen (self->pin))
g_ptr_array_add (secrets, NM_SETTING_802_1X_PIN);
}
static void
need_secrets_tls (NMSetting8021x *self,
GPtrArray *secrets,
@ -125,6 +136,7 @@ static EAPMethodsTable eap_methods_table[] = {
{ "tls", need_secrets_tls, verify_tls },
{ "peap", need_secrets_phase2, NULL },
{ "ttls", need_secrets_phase2, verify_ttls },
{ "sim", need_secrets_sim, NULL },
{ "gtc", NULL, NULL }, // FIXME: implement
{ "otp", NULL, NULL }, // FIXME: implement
{ NULL, NULL, NULL }
@ -206,32 +218,34 @@ static gboolean
verify (NMSetting *setting, GSList *all_settings)
{
NMSetting8021x *self = NM_SETTING_802_1X (setting);
const char *valid_eap[] = { "leap", "md5", "tls", "peap", "ttls", "fast", NULL };
const char *valid_eap[] = { "leap", "md5", "tls", "peap", "ttls", "sim", "fast", NULL };
const char *valid_phase1_peapver[] = { "0", "1", NULL };
const char *valid_phase2_auth[] = { "pap", "chap", "mschap", "mschapv2", "gtc", "otp", "md5", "tls", NULL };
const char *valid_phase2_autheap[] = { "md5", "mschapv2", "otp", "gtc", "tls", NULL };
GSList *iter;
if (self->eap) {
GSList *iter;
if (!self->eap) {
g_warning ("Missing eap method");
return FALSE;
}
if (!nm_utils_string_slist_validate (self->eap, valid_eap)) {
g_warning ("Invalid eap");
return FALSE;
}
if (!nm_utils_string_slist_validate (self->eap, valid_eap)) {
g_warning ("Invalid eap");
return FALSE;
}
/* Ask each configured EAP method if its valid */
for (iter = self->eap; iter; iter = g_slist_next (iter)) {
const char *method = (const char *) iter->data;
int i;
/* Ask each configured EAP method if its valid */
for (iter = self->eap; iter; iter = g_slist_next (iter)) {
const char *method = (const char *) iter->data;
int i;
for (i = 0; eap_methods_table[i].method; i++) {
if (eap_methods_table[i].v_func == NULL)
continue;
if (!strcmp (eap_methods_table[i].method, method)) {
if (!(*eap_methods_table[i].v_func) (self, FALSE))
return FALSE;
break;
}
for (i = 0; eap_methods_table[i].method; i++) {
if (eap_methods_table[i].v_func == NULL)
continue;
if (!strcmp (eap_methods_table[i].method, method)) {
if (!(*eap_methods_table[i].v_func) (self, FALSE))
return FALSE;
break;
}
}
}

6
libnm-util/nm-setting-8021x.h
View file

@ -14,7 +14,7 @@ G_BEGIN_DECLS
#define NM_IS_SETTING_802_1X_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), NM_TYPE_SETTING_802_1X))
#define NM_SETTING_802_1X_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_SETTING_802_1X, NMSetting8021xClass))
#define NM_SETTING_802_1X_SETTING_NAME "802.1X"
#define NM_SETTING_802_1X_SETTING_NAME "802-1x"
#define NM_SETTING_802_1X_EAP "eap"
#define NM_SETTING_802_1X_IDENTITY "identity"
@ -33,6 +33,8 @@ G_BEGIN_DECLS
#define NM_SETTING_802_1X_PASSWORD "password"
#define NM_SETTING_802_1X_PRIVATE_KEY "private-key"
#define NM_SETTING_802_1X_PHASE2_PRIVATE_KEY "phase2-private-key"
#define NM_SETTING_802_1X_PIN "pin"
#define NM_SETTING_802_1X_PSK "psk"
typedef struct {
NMSetting parent;
@ -52,6 +54,8 @@ typedef struct {
char *phase2_ca_path;
GByteArray *phase2_client_cert;
char *password;
char *pin;
char *psk;
GByteArray *private_key;
GByteArray *phase2_private_key;
} NMSetting8021x;

643
libnm-util/nm-setting-wireless-security.c
View file

@ -4,6 +4,7 @@
#include <ctype.h>
#include <dbus/dbus-glib.h>
#include "nm-setting-wireless-security.h"
#include "nm-setting-8021x.h"
#include "nm-param-spec-specialized.h"
#include "nm-utils.h"
@ -17,31 +18,13 @@ enum {
PROP_PROTO,
PROP_PAIRWISE,
PROP_GROUP,
PROP_EAP,
PROP_IDENTITY,
PROP_ANONYMOUS_IDENTITY,
PROP_CA_CERT,
PROP_CA_PATH,
PROP_CLIENT_CERT,
PROP_PHASE1_PEAPVER,
PROP_PHASE1_PEAPLABEL,
PROP_PHASE1_FAST_PROVISIONING,
PROP_PHASE2_AUTH,
PROP_PHASE2_AUTHEAP,
PROP_PHASE2_CA_CERT,
PROP_PHASE2_CA_PATH,
PROP_PHASE2_CLIENT_CERT,
PROP_NAI,
PROP_LEAP_USERNAME,
PROP_WEP_KEY0,
PROP_WEP_KEY1,
PROP_WEP_KEY2,
PROP_WEP_KEY3,
PROP_PSK,
PROP_PASSWORD,
PROP_PIN,
PROP_EAPPSK,
PROP_PRIVATE_KEY,
PROP_PHASE2_PRIVATE_KEY,
PROP_LEAP_PASSWORD,
LAST_PROP
};
@ -92,159 +75,6 @@ verify_wpa_psk (const char *psk)
return TRUE;
}
static void
need_secrets_password (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2)
{
if (!self->password || !strlen (self->password))
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PASSWORD);
}
static void
need_secrets_eappsk (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2)
{
if (!self->eappsk || !strlen (self->eappsk))
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_EAPPSK);
}
static void
need_secrets_sim (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2)
{
if (!self->pin || !strlen (self->pin))
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PIN);
}
static void
need_secrets_tls (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2)
{
if (phase2) {
if ( self->phase2_client_cert
&& (!self->phase2_private_key || !self->phase2_private_key->len))
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PHASE2_PRIVATE_KEY);
} else {
if (self->client_cert
&& (!self->private_key || !self->private_key->len))
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PRIVATE_KEY);
}
}
static gboolean
verify_tls (NMSettingWirelessSecurity *self, gboolean phase2)
{
if (phase2) {
if (!self->phase2_client_cert || !self->phase2_client_cert->len)
return FALSE;
} else {
if (!self->client_cert || !self->client_cert->len)
return FALSE;
}
return TRUE;
}
static gboolean
verify_ttls (NMSettingWirelessSecurity *self, gboolean phase2)
{
if (!self->identity && !self->anonymous_identity)
return FALSE;
if (!self->phase2_auth && !self->phase2_autheap)
return FALSE;
return TRUE;
}
static gboolean
verify_identity (NMSettingWirelessSecurity *self, gboolean phase2)
{
return self->identity ? TRUE : FALSE;
}
static gboolean
verify_nai (NMSettingWirelessSecurity *self, gboolean phase2)
{
return self->nai ? TRUE : FALSE;
}
/* Implemented below... */
static void need_secrets_phase2 (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2);
typedef void (*EAPMethodNeedSecretsFunc) (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2);
typedef gboolean (*EAPMethodValidateFunc)(NMSettingWirelessSecurity *self,
gboolean phase2);
typedef struct {
const char *method;
EAPMethodNeedSecretsFunc ns_func;
EAPMethodValidateFunc v_func;
} EAPMethodsTable;
static EAPMethodsTable eap_methods_table[] = {
{ "leap", need_secrets_password, verify_identity },
{ "md5", need_secrets_password, verify_identity },
{ "pap", need_secrets_password, verify_identity },
{ "chap", need_secrets_password, verify_identity },
{ "mschap", need_secrets_password, verify_identity },
{ "mschapv2", need_secrets_password, verify_identity },
{ "fast", need_secrets_password, verify_identity },
{ "psk", need_secrets_eappsk, verify_nai },
{ "pax", need_secrets_eappsk, NULL },
{ "sake", need_secrets_eappsk, verify_nai },
{ "gpsk", need_secrets_eappsk, verify_nai },
{ "tls", need_secrets_tls, verify_tls },
{ "peap", need_secrets_phase2, NULL },
{ "ttls", need_secrets_phase2, verify_ttls },
{ "sim", need_secrets_sim, NULL },
{ "gtc", NULL, NULL }, // FIXME: implement
{ "otp", NULL, NULL }, // FIXME: implement
{ NULL, NULL, NULL }
};
static void
need_secrets_phase2 (NMSettingWirelessSecurity *self,
GPtrArray *secrets,
gboolean phase2)
{
char *method = NULL;
int i;
g_return_if_fail (phase2 == FALSE);
/* Check phase2_auth and phase2_autheap */
method = self->phase2_auth;
if (!method && self->phase2_autheap)
method = self->phase2_autheap;
if (!method) {
g_warning ("Couldn't find EAP method.");
g_assert_not_reached();
return;
}
/* Ask the configured phase2 method if it needs secrets */
for (i = 0; eap_methods_table[i].method; i++) {
if (eap_methods_table[i].ns_func == NULL)
continue;
if (strcmp (eap_methods_table[i].method, method)) {
(*eap_methods_table[i].ns_func) (self, secrets, TRUE);
break;
}
}
}
static GPtrArray *
need_secrets (NMSetting *setting)
@ -292,12 +122,11 @@ need_secrets (NMSetting *setting)
}
/* LEAP */
if ( (strcmp (self->key_mgmt, "ieee8021x") == 0)
&& self->auth_alg
&& (strcmp (self->auth_alg, "leap") == 0)
&& (nm_utils_string_list_contains (self->eap, "leap"))) {
if (!self->password || !strlen (self->password)) {
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PASSWORD);
if ( self->auth_alg
&& !strcmp (self->auth_alg, "leap")
&& !strcmp (self->key_mgmt, "ieee8021x")) {
if (!self->leap_password || !strlen (self->leap_password)) {
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD);
return secrets;
}
goto no_secrets;
@ -305,32 +134,7 @@ need_secrets (NMSetting *setting)
if ( (strcmp (self->key_mgmt, "ieee8021x") == 0)
|| (strcmp (self->key_mgmt, "wpa-eap") == 0)) {
GSList *iter;
gboolean eap_method_found = FALSE;
/* Ask each configured EAP method if it needs secrets */
for (iter = self->eap; iter && !eap_method_found; iter = g_slist_next (iter)) {
const char *method = (const char *) iter->data;
int i;
for (i = 0; eap_methods_table[i].method; i++) {
if (eap_methods_table[i].ns_func == NULL)
continue;
if (!strcmp (eap_methods_table[i].method, method)) {
(*eap_methods_table[i].ns_func) (self, secrets, FALSE);
/* Only break out of the outer loop if this EAP method
* needed secrets.
*/
if (secrets->len > 0)
eap_method_found = TRUE;
break;
}
}
}
if (secrets->len)
return secrets;
/* Let caller check the 802.1x setting for secrets */
goto no_secrets;
}
@ -343,6 +147,15 @@ no_secrets:
return NULL;
}
static gint
find_setting_by_name (gconstpointer a, gconstpointer b)
{
NMSetting *setting = NM_SETTING (a);
const char *str = (const char *) b;
return strcmp (nm_setting_get_name (setting), str);
}
static gboolean
verify (NMSetting *setting, GSList *all_settings)
{
@ -352,18 +165,33 @@ verify (NMSetting *setting, GSList *all_settings)
const char *valid_protos[] = { "wpa", "rsn", NULL };
const char *valid_pairwise[] = { "wep40", "wep104", "tkip", "ccmp", NULL };
const char *valid_groups[] = { "wep40", "wep104", "tkip", "ccmp", NULL };
const char *valid_phase1_peapver[] = { "0", "1", NULL };
/* Every time a method gets added to the following, add one to EAPMethodNeedSecretsTable */
const char *valid_eap[] = { "leap", "md5", "tls", "peap", "ttls", "sim", "psk", "fast", NULL };
const char *valid_phase2_auth[] = { "pap", "chap", "mschap", "mschapv2", "gtc", "otp", "md5", "tls", NULL };
const char *valid_phase2_autheap[] = { "md5", "mschapv2", "otp", "gtc", "tls", NULL };
if (!self->key_mgmt || !nm_utils_string_in_list (self->key_mgmt, valid_key_mgmt)) {
g_warning ("Missing or invalid key management");
return FALSE;
}
if (self->auth_alg && !strcmp (self->auth_alg, "leap")) {
/* LEAP must use ieee8021x key management */
if (strcmp (self->key_mgmt, "ieee8021x")) {
g_warning ("LEAP requires IEEE8021X key management.");
return FALSE;
}
if (!self->leap_username) {
g_warning ("LEAP requires a username.");
return FALSE;
}
} else {
if ( (strcmp (self->key_mgmt, "ieee8021x") == 0)
|| (strcmp (self->key_mgmt, "wpa-eap") == 0)) {
/* Need an 802.1x setting too */
if (!g_slist_find_custom (all_settings, NM_SETTING_802_1X_SETTING_NAME, find_setting_by_name)) {
g_warning ("Invalid or missing 802.1x setting");
return FALSE;
}
}
}
if (self->wep_tx_keyidx > 3) {
g_warning ("Invalid WEP key index");
return FALSE;
@ -389,58 +217,14 @@ verify (NMSetting *setting, GSList *all_settings)
return FALSE;
}
if (self->eap) {
GSList *iter;
if (!nm_utils_string_slist_validate (self->eap, valid_eap)) {
g_warning ("Invalid eap");
/* Shared Key auth can only be used with WEP */
if (self->auth_alg && !strcmp (self->auth_alg, "shared")) {
if (self->key_mgmt && strcmp (self->key_mgmt, "none")) {
g_warning ("Shared Key authentication can only be used with WEP.");
return FALSE;
}
/* Ask each configured EAP method if its valid */
for (iter = self->eap; iter; iter = g_slist_next (iter)) {
const char *method = (const char *) iter->data;
int i;
for (i = 0; eap_methods_table[i].method; i++) {
if (eap_methods_table[i].v_func == NULL)
continue;
if (!strcmp (eap_methods_table[i].method, method)) {
if (!(*eap_methods_table[i].v_func) (self, FALSE))
return FALSE;
break;
}
}
}
}
if (self->phase1_peapver && !nm_utils_string_in_list (self->phase1_peapver, valid_phase1_peapver)) {
g_warning ("Invalid phase1 peapver");
return FALSE;
}
if (self->phase1_peaplabel && strcmp (self->phase1_peaplabel, "1")) {
g_warning ("Invalid phase1 peaplabel");
return FALSE;
}
if (self->phase1_fast_provisioning && strcmp (self->phase1_fast_provisioning, "1")) {
g_warning ("Invalid phase1 fast provisioning");
return FALSE;
}
if (self->phase2_auth && !nm_utils_string_in_list (self->phase2_auth, valid_phase2_auth)) {
g_warning ("Invalid phase2 authentication");
return FALSE;
}
if (self->phase2_autheap && !nm_utils_string_in_list (self->phase2_autheap, valid_phase2_autheap)) {
g_warning ("Invalid phase2 autheap");
return FALSE;
}
/* FIXME: finish */
return TRUE;
}
@ -459,42 +243,17 @@ finalize (GObject *object)
g_free (self->key_mgmt);
g_free (self->auth_alg);
g_free (self->identity);
g_free (self->anonymous_identity);
g_free (self->ca_path);
g_free (self->phase1_peapver);
g_free (self->phase1_peaplabel);
g_free (self->phase1_fast_provisioning);
g_free (self->phase2_auth);
g_free (self->phase2_autheap);
g_free (self->phase2_ca_path);
g_free (self->nai);
g_free (self->leap_username);
g_free (self->wep_key0);
g_free (self->wep_key1);
g_free (self->wep_key2);
g_free (self->wep_key3);
g_free (self->psk);
g_free (self->password);
g_free (self->pin);
g_free (self->eappsk);
g_free (self->leap_password);
nm_utils_slist_free (self->proto, g_free);
nm_utils_slist_free (self->pairwise, g_free);
nm_utils_slist_free (self->group, g_free);
nm_utils_slist_free (self->eap, g_free);
if (self->ca_cert)
g_byte_array_free (self->ca_cert, TRUE);
if (self->client_cert)
g_byte_array_free (self->client_cert, TRUE);
if (self->private_key)
g_byte_array_free (self->private_key, TRUE);
if (self->phase2_ca_cert)
g_byte_array_free (self->phase2_ca_cert, TRUE);
if (self->phase2_client_cert)
g_byte_array_free (self->phase2_client_cert, TRUE);
if (self->phase2_private_key)
g_byte_array_free (self->phase2_private_key, TRUE);
G_OBJECT_CLASS (nm_setting_wireless_security_parent_class)->finalize (object);
}
@ -529,69 +288,9 @@ set_property (GObject *object, guint prop_id,
nm_utils_slist_free (setting->group, g_free);
setting->group = g_value_dup_boxed (value);
break;
case PROP_EAP:
nm_utils_slist_free (setting->eap, g_free);
setting->eap = g_value_dup_boxed (value);
break;
case PROP_IDENTITY:
g_free (setting->identity);
setting->identity = g_value_dup_string (value);
break;
case PROP_ANONYMOUS_IDENTITY:
g_free (setting->anonymous_identity);
setting->anonymous_identity = g_value_dup_string (value);
break;
case PROP_CA_CERT:
if (setting->ca_cert)
g_byte_array_free (setting->ca_cert, TRUE);
setting->ca_cert = g_value_dup_boxed (value);
break;
case PROP_CA_PATH:
g_free (setting->ca_path);
setting->ca_path = g_value_dup_string (value);
break;
case PROP_CLIENT_CERT:
if (setting->client_cert)
g_byte_array_free (setting->client_cert, TRUE);
setting->client_cert = g_value_dup_boxed (value);
break;
case PROP_PHASE1_PEAPVER:
g_free (setting->phase1_peapver);
setting->phase1_peapver = g_value_dup_string (value);
break;
case PROP_PHASE1_PEAPLABEL:
g_free (setting->phase1_peaplabel);
setting->phase1_peaplabel = g_value_dup_string (value);
break;
case PROP_PHASE1_FAST_PROVISIONING:
g_free (setting->phase1_fast_provisioning);
setting->phase1_fast_provisioning = g_value_dup_string (value);
break;
case PROP_PHASE2_AUTH:
g_free (setting->phase2_auth);
setting->phase2_auth = g_value_dup_string (value);
break;
case PROP_PHASE2_AUTHEAP:
g_free (setting->phase2_autheap);
setting->phase2_autheap = g_value_dup_string (value);
break;
case PROP_PHASE2_CA_CERT:
if (setting->phase2_ca_cert)
g_byte_array_free (setting->phase2_ca_cert, TRUE);
setting->phase2_ca_cert = g_value_dup_boxed (value);
break;
case PROP_PHASE2_CA_PATH:
g_free (setting->phase2_ca_path);
setting->phase2_ca_path = g_value_dup_string (value);
break;
case PROP_PHASE2_CLIENT_CERT:
if (setting->phase2_client_cert)
g_byte_array_free (setting->phase2_client_cert, TRUE);
setting->phase2_client_cert = g_value_dup_boxed (value);
break;
case PROP_NAI:
g_free (setting->nai);
setting->nai = g_value_dup_string (value);
case PROP_LEAP_USERNAME:
g_free (setting->leap_username);
setting->leap_username = g_value_dup_string (value);
break;
case PROP_WEP_KEY0:
g_free (setting->wep_key0);
@ -613,27 +312,9 @@ set_property (GObject *object, guint prop_id,
g_free (setting->psk);
setting->psk = g_value_dup_string (value);
break;
case PROP_PASSWORD:
g_free (setting->password);
setting->password = g_value_dup_string (value);
break;
case PROP_PIN:
g_free (setting->pin);
setting->pin = g_value_dup_string (value);
break;
case PROP_EAPPSK:
g_free (setting->eappsk);
setting->eappsk = g_value_dup_string (value);
break;
case PROP_PRIVATE_KEY:
if (setting->private_key)
g_byte_array_free (setting->private_key, TRUE);
setting->private_key = g_value_dup_boxed (value);
break;
case PROP_PHASE2_PRIVATE_KEY:
if (setting->phase2_private_key)
g_byte_array_free (setting->phase2_private_key, TRUE);
setting->phase2_private_key = g_value_dup_boxed (value);
case PROP_LEAP_PASSWORD:
g_free (setting->leap_password);
setting->leap_password = g_value_dup_string (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@ -666,50 +347,8 @@ get_property (GObject *object, guint prop_id,
case PROP_GROUP:
g_value_set_boxed (value, setting->group);
break;
case PROP_EAP:
g_value_set_boxed (value, setting->eap);
break;
case PROP_IDENTITY:
g_value_set_string (value, setting->identity);
break;
case PROP_ANONYMOUS_IDENTITY:
g_value_set_string (value, setting->anonymous_identity);
break;
case PROP_CA_CERT:
g_value_set_boxed (value, setting->ca_cert);
break;
case PROP_CA_PATH:
g_value_set_string (value, setting->ca_path);
break;
case PROP_CLIENT_CERT:
g_value_set_boxed (value, setting->client_cert);
break;
case PROP_PHASE1_PEAPVER:
g_value_set_string (value, setting->phase1_peapver);
break;
case PROP_PHASE1_PEAPLABEL:
g_value_set_string (value, setting->phase1_peaplabel);
break;
case PROP_PHASE1_FAST_PROVISIONING:
g_value_set_string (value, setting->phase1_fast_provisioning);
break;
case PROP_PHASE2_AUTH:
g_value_set_string (value, setting->phase2_auth);
break;
case PROP_PHASE2_AUTHEAP:
g_value_set_string (value, setting->phase2_autheap);
break;
case PROP_PHASE2_CA_CERT:
g_value_set_boxed (value, setting->phase2_ca_cert);
break;
case PROP_PHASE2_CA_PATH:
g_value_set_string (value, setting->phase2_ca_path);
break;
case PROP_PHASE2_CLIENT_CERT:
g_value_set_boxed (value, setting->phase2_client_cert);
break;
case PROP_NAI:
g_value_set_string (value, setting->nai);
case PROP_LEAP_USERNAME:
g_value_set_string (value, setting->leap_username);
break;
case PROP_WEP_KEY0:
g_value_set_string (value, setting->wep_key0);
@ -726,20 +365,8 @@ get_property (GObject *object, guint prop_id,
case PROP_PSK:
g_value_set_string (value, setting->psk);
break;
case PROP_PASSWORD:
g_value_set_string (value, setting->password);
break;
case PROP_PIN:
g_value_set_string (value, setting->pin);
break;
case PROP_EAPPSK:
g_value_set_string (value, setting->eappsk);
break;
case PROP_PRIVATE_KEY:
g_value_set_boxed (value, setting->private_key);
break;
case PROP_PHASE2_PRIVATE_KEY:
g_value_set_boxed (value, setting->phase2_private_key);
case PROP_LEAP_PASSWORD:
g_value_set_string (value, setting->leap_password);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@ -811,122 +438,10 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_EAP,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_EAP,
"EAP",
"EAP",
dbus_g_type_get_collection ("GSList", G_TYPE_STRING),
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_IDENTITY,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_IDENTITY,
"Identity",
"Identity",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_ANONYMOUS_IDENTITY,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_ANONYMOUS_IDENTITY,
"Anonymous identity",
"Anonymous identity",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_CA_CERT,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_CA_CERT,
"CA certificate",
"CA certificate",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_CA_PATH,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_CA_PATH,
"CA path",
"CA path",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_CLIENT_CERT,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_CLIENT_CERT,
"Client certificate",
"Client certificate",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE1_PEAPVER,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE1_PEAPVER,
"Phase1 PEAPVER",
"Phase1 PEAPVER",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE1_PEAPLABEL,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE1_PEAPLABEL,
"Phase1 PEAP label",
"Phase1 PEAP label",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE1_FAST_PROVISIONING,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE1_FAST_PROVISIONING,
"Phase1 fast provisioning",
"Phase1 fast provisioning",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE2_AUTH,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE2_AUTH,
"Phase2 auth",
"Phase2 auth",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE2_AUTHEAP,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE2_AUTHEAP,
"Phase2 autheap",
"Phase2 autheap",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE2_CA_CERT,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_PHASE2_CA_CERT,
"Phase2 CA certificate",
"Phase2 CA certificate",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE2_CA_PATH,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PHASE2_CA_PATH,
"Phase2 auth CA path",
"Phase2 auth CA path",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_PHASE2_CLIENT_CERT,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_PHASE2_CLIENT_CERT,
"Phase2 client certificate",
"Phase2 client certificate",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
g_object_class_install_property
(object_class, PROP_NAI,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_NAI,
"NAI",
"NAI",
(object_class, PROP_LEAP_USERNAME,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME,
"LEAP Username",
"LEAP Username",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE));
@ -971,42 +486,10 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *setting
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
g_object_class_install_property
(object_class, PROP_PASSWORD,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PASSWORD,
"Password",
"Password",
(object_class, PROP_LEAP_PASSWORD,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD,
"LEAP Password",
"LEAP Password",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
g_object_class_install_property
(object_class, PROP_PIN,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_PIN,
"PIN",
"PIN",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
g_object_class_install_property
(object_class, PROP_EAPPSK,
g_param_spec_string (NM_SETTING_WIRELESS_SECURITY_EAPPSK,
"EAPPSK",
"EAPPSK",
NULL,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
g_object_class_install_property
(object_class, PROP_PRIVATE_KEY,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_PRIVATE_KEY,
"Private key",
"Private key",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
g_object_class_install_property
(object_class, PROP_PHASE2_PRIVATE_KEY,
nm_param_spec_specialized (NM_SETTING_WIRELESS_SECURITY_PHASE2_PRIVATE_KEY,
"Phase2 private key",
"Phase2 private key",
DBUS_TYPE_G_UCHAR_ARRAY,
G_PARAM_READWRITE | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_SECRET));
}

44
libnm-util/nm-setting-wireless-security.h
View file

@ -22,31 +22,13 @@ G_BEGIN_DECLS
#define NM_SETTING_WIRELESS_SECURITY_PROTO "proto"
#define NM_SETTING_WIRELESS_SECURITY_PAIRWISE "pairwise"
#define NM_SETTING_WIRELESS_SECURITY_GROUP "group"
#define NM_SETTING_WIRELESS_SECURITY_EAP "eap"
#define NM_SETTING_WIRELESS_SECURITY_IDENTITY "identity"
#define NM_SETTING_WIRELESS_SECURITY_ANONYMOUS_IDENTITY "anonymous-identity"
#define NM_SETTING_WIRELESS_SECURITY_CA_CERT "ca-cert"
#define NM_SETTING_WIRELESS_SECURITY_CA_PATH "ca-path"
#define NM_SETTING_WIRELESS_SECURITY_CLIENT_CERT "client-cert"
#define NM_SETTING_WIRELESS_SECURITY_PHASE1_PEAPVER "phase1-peapver"
#define NM_SETTING_WIRELESS_SECURITY_PHASE1_PEAPLABEL "phase1-peaplabel"
#define NM_SETTING_WIRELESS_SECURITY_PHASE1_FAST_PROVISIONING "phase1-fast-provisioning"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_AUTH "phase2-auth"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_AUTHEAP "phase2-autheap"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_CA_CERT "phase2-ca-cert"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_CA_PATH "phase2-ca-path"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_CLIENT_CERT "phase2-client-cert"
#define NM_SETTING_WIRELESS_SECURITY_NAI "nai"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME "leap-username"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY0 "wep-key0"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY1 "wep-key1"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY2 "wep-key2"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY3 "wep-key3"
#define NM_SETTING_WIRELESS_SECURITY_PSK "psk"
#define NM_SETTING_WIRELESS_SECURITY_PASSWORD "password"
#define NM_SETTING_WIRELESS_SECURITY_PIN "pin"
#define NM_SETTING_WIRELESS_SECURITY_EAPPSK "eappsk"
#define NM_SETTING_WIRELESS_SECURITY_PRIVATE_KEY "private-key"
#define NM_SETTING_WIRELESS_SECURITY_PHASE2_PRIVATE_KEY "phase2-private-key"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD "leap-password"
typedef struct {
NMSetting parent;
@ -57,31 +39,13 @@ typedef struct {
GSList *proto; /* GSList of strings */
GSList *pairwise; /* GSList of strings */
GSList *group; /* GSList of strings */
GSList *eap; /* GSList of strings */
char *identity;
char *anonymous_identity;
GByteArray *ca_cert;
char *ca_path;
GByteArray *client_cert;
char *phase1_peapver;
char *phase1_peaplabel;
char *phase1_fast_provisioning;
char *phase2_auth;
char *phase2_autheap;
GByteArray *phase2_ca_cert;
char *phase2_ca_path;
GByteArray *phase2_client_cert;
char *nai;
char *leap_username;
char *wep_key0;
char *wep_key1;
char *wep_key2;
char *wep_key3;
char *psk;
char *password;
char *pin;
char *eappsk;
GByteArray *private_key;
GByteArray *phase2_private_key;
char *leap_password;
} NMSettingWirelessSecurity;
typedef struct {

5
libnm-util/nm-setting-wireless.c
View file

@ -279,9 +279,8 @@ verify (NMSetting *setting, GSList *all_settings)
}
}
if (self->security &&
all_settings &&
!g_slist_find_custom (all_settings, self->security, find_setting_by_name)) {
if ( self->security
&& !g_slist_find_custom (all_settings, self->security, find_setting_by_name)) {
g_warning ("Invalid or missing security");
return FALSE;
}

1
src/marshallers/nm-marshal.list
View file

@ -1,6 +1,7 @@
VOID:OBJECT
VOID:OBJECT,STRING
VOID:OBJECT,UINT
VOID:OBJECT,POINTER
VOID:POINTER
VOID:STRING,STRING,STRING
VOID:UINT,UINT

144
src/nm-activation-request.c
View file

@ -21,10 +21,12 @@
#include <string.h>
#include <dbus/dbus-glib.h>
#include "nm-activation-request.h"
#include "nm-marshal.h"
#include "nm-utils.h"
#include "nm-setting-wireless.h"
#include "nm-setting-wireless-security.h"
#include "nm-setting-8021x.h"
#include "nm-manager.h" /* FIXME! */
@ -108,9 +110,9 @@ nm_act_request_class_init (NMActRequestClass *req_class)
G_SIGNAL_RUN_FIRST,
G_STRUCT_OFFSET (NMActRequestClass, connection_secrets_updated),
NULL, NULL,
nm_marshal_VOID__OBJECT_STRING,
nm_marshal_VOID__OBJECT_POINTER,
G_TYPE_NONE, 2,
G_TYPE_OBJECT, G_TYPE_STRING);
G_TYPE_OBJECT, G_TYPE_POINTER);
signals[CONNECTION_SECRETS_FAILED] =
g_signal_new ("connection-secrets-failed",
@ -158,17 +160,93 @@ free_get_secrets_info (gpointer data)
GetSecretsInfo *info = (GetSecretsInfo *) data;
g_free (info->setting_name);
g_slice_free (GetSecretsInfo, info);
g_free (info);
}
static void
update_one_setting (const char* key,
GHashTable *setting_hash,
NMConnection *connection,
GSList **updated)
{
GType type;
NMSetting *setting = NULL;
/* Check whether a complete & valid NMSetting object was returned. If
* yes, replace the setting object in the connection. If not, just try
* updating the secrets.
*/
type = nm_connection_lookup_setting_type (key);
if (type == 0)
return;
setting = nm_setting_from_hash (type, setting_hash);
if (setting) {
NMSetting *s_8021x = NULL;
GSList *all_settings = NULL;
/* The wireless-security setting might need the 802.1x setting in
* the all_settings argument of the verify function. Ugh.
*/
s_8021x = nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (s_8021x)
all_settings = g_slist_append (all_settings, s_8021x);
if (!nm_setting_verify (setting, all_settings)) {
/* Just try updating secrets */
g_object_unref (setting);
setting = NULL;
}
g_slist_free (all_settings);
}
if (setting)
nm_connection_add_setting (connection, setting);
else
nm_connection_update_secrets (connection, key, setting_hash);
*updated = g_slist_append (*updated, (gpointer) key);
}
static void
add_one_key_to_list (gpointer key, gpointer data, gpointer user_data)
{
GSList **list = (GSList **) user_data;
*list = g_slist_append (*list, key);
}
static gint
settings_order_func (gconstpointer a, gconstpointer b)
{
/* Just ensure the 802.1x setting gets processed _before_ the
* wireless-security one.
*/
if ( !strcmp (a, NM_SETTING_802_1X_SETTING_NAME)
&& !strcmp (b, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
return -1;
if ( !strcmp (a, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME)
&& !strcmp (b, NM_SETTING_802_1X_SETTING_NAME))
return 1;
return 0;
}
#define DBUS_TYPE_G_STRING_VARIANT_HASHTABLE (dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_VALUE))
#define DBUS_TYPE_G_DICT_OF_DICTS (dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, DBUS_TYPE_G_STRING_VARIANT_HASHTABLE))
static void
get_secrets_cb (DBusGProxy *proxy, DBusGProxyCall *call, gpointer user_data)
{
GetSecretsInfo *info = (GetSecretsInfo *) user_data;
GError *err = NULL;
GHashTable *secrets = NULL;
GHashTable *settings = NULL;
NMActRequestPrivate *priv = NULL;
NMSetting *setting = NULL;
GSList *keys = NULL, *iter;
GSList *updated = NULL;
g_return_if_fail (info != NULL);
g_return_if_fail (info->req);
@ -178,7 +256,7 @@ get_secrets_cb (DBusGProxy *proxy, DBusGProxyCall *call, gpointer user_data)
g_object_set_data (G_OBJECT (priv->connection), CONNECTION_GET_SECRETS_CALL_TAG, NULL);
if (!dbus_g_proxy_end_call (proxy, call, &err,
dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_VALUE), &secrets,
DBUS_TYPE_G_DICT_OF_DICTS, &settings,
G_TYPE_INVALID)) {
nm_warning ("Couldn't get connection secrets: %s.", err->message);
g_error_free (err);
@ -190,39 +268,41 @@ get_secrets_cb (DBusGProxy *proxy, DBusGProxyCall *call, gpointer user_data)
return;
}
if (g_hash_table_size (secrets) == 0) {
if (g_hash_table_size (settings) == 0) {
// FIXME: some better way to handle invalid message?
nm_warning ("GetSecrets call returned but no secrets were found.");
goto out;
}
/* Check whether a complete & valid NMSetting object was returned. If
* yes, replace the setting object in the connection. If not, just try
* updating the secrets.
*/
if (!strcmp (info->setting_name, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME))
setting = nm_setting_from_hash (NM_TYPE_SETTING_WIRELESS_SECURITY, secrets);
g_hash_table_foreach (settings, add_one_key_to_list, &keys);
keys = g_slist_sort (keys, settings_order_func);
for (iter = keys; iter; iter = g_slist_next (iter)) {
GHashTable *setting_hash;
if (setting) {
if (!nm_setting_verify (setting, NULL)) {
g_object_unref (setting);
setting = NULL;
}
setting_hash = g_hash_table_lookup (settings, iter->data);
if (setting_hash) {
update_one_setting ((const char *) iter->data,
setting_hash,
priv->connection,
&updated);
} else
nm_warning ("Couldn't get setting secrets for '%s'", (const char *) iter->data);
}
g_slist_free (keys);
if (g_slist_length (updated)) {
g_signal_emit (info->req,
signals[CONNECTION_SECRETS_UPDATED],
0,
priv->connection,
updated);
} else {
nm_warning ("No secrets updated because not valid settings were received!");
}
if (setting)
nm_connection_add_setting (priv->connection, setting);
else
nm_connection_update_secrets (priv->connection, info->setting_name, secrets);
g_signal_emit (info->req,
signals[CONNECTION_SECRETS_UPDATED],
0,
priv->connection,
info->setting_name);
out:
g_hash_table_destroy (secrets);
g_slist_free (updated);
g_hash_table_destroy (settings);
}
#define DBUS_TYPE_STRING_ARRAY (dbus_g_type_get_collection ("GPtrArray", G_TYPE_STRING))
@ -248,7 +328,7 @@ nm_act_request_request_connection_secrets (NMActRequest *req,
goto error;
}
info = g_slice_new0 (GetSecretsInfo);
info = g_malloc0 (sizeof (GetSecretsInfo));
if (!info) {
nm_warning ("Not enough memory to get secrets");
goto error;

2
src/nm-activation-request.h
View file

@ -43,7 +43,7 @@ typedef struct {
/* Signals */
void (*connection_secrets_updated) (NMActRequest *req,
NMConnection *connection,
const char * setting);
GSList *updated_settings);
void (*connection_secrets_failed) (NMActRequest *req,
NMConnection *connection,
const char * setting);

17
src/nm-cdma-device.c
View file

@ -198,18 +198,27 @@ real_get_generic_capabilities (NMDevice *dev)
static void
real_connection_secrets_updated (NMDevice *dev,
NMConnection *connection,
const char *setting_name)
GSList *updated_settings)
{
NMActRequest *req;
gboolean found = FALSE;
GSList *iter;
if (nm_device_get_state (dev) != NM_DEVICE_STATE_NEED_AUTH)
return;
if (strcmp (setting_name, NM_SETTING_CDMA_SETTING_NAME) != 0) {
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
return;
for (iter = updated_settings; iter; iter = g_slist_next (iter)) {
const char *setting_name = (const char *) iter->data;
if (!strcmp (setting_name, NM_SETTING_CDMA_SETTING_NAME))
found = TRUE;
else
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
}
if (!found)
return;
req = nm_device_get_act_request (dev);
g_assert (req);

21
src/nm-device-802-11-wireless.c
View file

@ -46,6 +46,8 @@
#include "nm-properties-changed-signal.h"
#include "nm-setting-connection.h"
#include "nm-setting-wireless.h"
#include "nm-setting-wireless-security.h"
#include "nm-setting-8021x.h"
static gboolean impl_device_get_access_points (NMDevice80211Wireless *device,
GPtrArray **aps,
@ -2454,9 +2456,12 @@ build_supplicant_config (NMDevice80211Wireless *self,
if (s_wireless_sec) {
DBusGProxy *proxy = g_object_get_data (G_OBJECT (connection), NM_MANAGER_CONNECTION_PROXY_TAG);
const char *con_path = dbus_g_proxy_get_path (proxy);
NMSetting8021x *s_8021x;
s_8021x = (NMSetting8021x *) nm_connection_get_setting (connection, NM_TYPE_SETTING_802_1X);
if (!nm_supplicant_config_add_setting_wireless_security (config,
s_wireless_sec,
s_8021x,
con_path)) {
nm_warning ("Couldn't add 802-11-wireless-security setting to "
"supplicant config.");
@ -2582,16 +2587,24 @@ real_act_stage1_prepare (NMDevice *dev)
static void
real_connection_secrets_updated (NMDevice *dev,
NMConnection *connection,
const char *setting_name)
GSList *updated_settings)
{
NMActRequest *req;
gboolean valid = FALSE;
GSList *iter;
if (nm_device_get_state (dev) != NM_DEVICE_STATE_NEED_AUTH)
return;
if (strcmp (setting_name, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) != 0) {
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
return;
for (iter = updated_settings; iter; iter = g_slist_next (iter)) {
const char *setting_name = (const char *) iter->data;
if ( !strcmp (setting_name, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME)
|| !strcmp (setting_name, NM_SETTING_802_1X_SETTING_NAME)) {
valid = TRUE;
} else {
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
}
}
req = nm_device_get_act_request (dev);

4
src/nm-device-802-3-ethernet.c
View file

@ -484,8 +484,8 @@ real_get_best_auto_connection (NMDevice *dev,
static void
real_connection_secrets_updated (NMDevice *dev,
NMConnection *connection,
const char *setting_name)
NMConnection *connection,
GSList *updated_settings)
{
NMDevice8023EthernetPrivate *priv = NM_DEVICE_802_3_ETHERNET_GET_PRIVATE (dev);

4
src/nm-device.c
View file

@ -1119,13 +1119,13 @@ nm_device_check_connection_conflicts (NMDeviceInterface *dev_iface,
static void
connection_secrets_updated_cb (NMActRequest *req,
NMConnection *connection,
const char *setting_name,
GSList *updated_settings,
gpointer user_data)
{
NMDevice *self = NM_DEVICE (user_data);
if (NM_DEVICE_GET_CLASS (self)->connection_secrets_updated)
NM_DEVICE_GET_CLASS (self)->connection_secrets_updated (self, connection, setting_name);
NM_DEVICE_GET_CLASS (self)->connection_secrets_updated (self, connection, updated_settings);
}
static void

2
src/nm-device.h
View file

@ -83,7 +83,7 @@ struct _NMDeviceClass
void (* connection_secrets_updated) (NMDevice *self,
NMConnection *connection,
const char *setting_name);
GSList *updated_settings);
gboolean (* check_connection_conflicts) (NMDevice *self,
NMConnection *connection,

17
src/nm-gsm-device.c
View file

@ -506,18 +506,27 @@ real_get_generic_capabilities (NMDevice *dev)
static void
real_connection_secrets_updated (NMDevice *dev,
NMConnection *connection,
const char *setting_name)
GSList *updated_settings)
{
NMActRequest *req;
gboolean found = FALSE;
GSList *iter;
if (nm_device_get_state (dev) != NM_DEVICE_STATE_NEED_AUTH)
return;
if (strcmp (setting_name, NM_SETTING_GSM_SETTING_NAME) != 0) {
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
return;
for (iter = updated_settings; iter; iter = g_slist_next (iter)) {
const char *setting_name = (const char *) iter->data;
if (!strcmp (setting_name, NM_SETTING_GSM_SETTING_NAME))
found = TRUE;
else
nm_warning ("Ignoring updated secrets for setting '%s'.", setting_name);
}
if (!found)
return;
req = nm_device_get_act_request (dev);
g_assert (req);

168
src/supplicant-manager/nm-supplicant-config.c
View file

@ -464,8 +464,9 @@ get_blob_id (const char *name, const char *seed_uid)
}
gboolean
nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig * self,
NMSettingWirelessSecurity * setting,
nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
NMSettingWirelessSecurity *setting,
NMSetting8021x *setting_8021x,
const char *connection_uid)
{
NMSupplicantConfigPrivate *priv;
@ -480,20 +481,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig * self,
ADD_STRING_VAL (setting->key_mgmt, "key_mgmt", TRUE, FALSE, FALSE);
ADD_STRING_VAL (setting->auth_alg, "auth_alg", TRUE, FALSE, FALSE);
ADD_STRING_VAL (setting->nai, "nai", FALSE, FALSE, FALSE);
ADD_STRING_VAL (setting->psk, "psk", FALSE, TRUE, TRUE);
ADD_STRING_VAL (setting->password, "password", FALSE, FALSE, TRUE);
ADD_STRING_VAL (setting->pin, "pin", FALSE, FALSE, TRUE);
ADD_STRING_VAL (setting->eappsk, "eappsk", FALSE, TRUE, TRUE);
/* Private key passwords are never passed to wpa_supplicant because the
* user agent is responsible for decoding and decrypting the private key,
* and file paths are never passed to wpa_supplicant to ensure that
* the supplicant can be locked down and doesn't try to read stuff from
* all over the drive.
*/
ADD_STRING_LIST_VAL (setting->eap, "eap", TRUE, FALSE);
/* Only WPA-specific things when using WPA */
if ( !strcmp (setting->key_mgmt, "wpa-none")
@ -522,60 +510,112 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig * self,
}
}
/* 802.1 stuff for Dynamic WEP and WPA-Enterprise */
if ( (strcmp (setting->key_mgmt, "ieee8021x") == 0)
|| (strcmp (setting->key_mgmt, "wpa-eap") == 0)) {
GString *phase1, *phase2;
char *tmp;
/* Drop the fragment size a bit for better compatibility */
if (!nm_supplicant_config_add_option (self, "fragment_size", "1300", -1, FALSE))
if (setting->auth_alg && !strcmp (setting->auth_alg, "leap")) {
/* LEAP */
if (!strcmp (setting->key_mgmt, "ieee8021x")) {
ADD_STRING_VAL (setting->leap_username, "identity", FALSE, FALSE, FALSE);
ADD_STRING_VAL (setting->leap_password, "password", FALSE, FALSE, TRUE);
ADD_STRING_VAL ("leap", "eap", TRUE, FALSE, FALSE);
} else {
return FALSE;
phase1 = g_string_new (NULL);
if (setting->phase1_peapver)
g_string_append_printf (phase1, "peapver=%s", setting->phase1_peapver);
if (setting->phase1_peaplabel) {
if (phase1->len)
g_string_append_c (phase1, ' ');
g_string_append_printf (phase1, "peaplabel=%s", setting->phase1_peaplabel);
}
if (phase1->len)
ADD_STRING_VAL (phase1->str, "phase1", FALSE, FALSE, FALSE);
g_string_free (phase1, TRUE);
phase2 = g_string_new (NULL);
if (setting->phase2_auth) {
tmp = g_ascii_strup (setting->phase2_auth, -1);
g_string_append_printf (phase2, "auth=%s", tmp);
g_free (tmp);
} else {
/* 802.1x for Dynamic WEP and WPA-Enterprise */
if ( !strcmp (setting->key_mgmt, "ieee8021x")
|| !strcmp (setting->key_mgmt, "wpa-eap")) {
if (!setting_8021x)
return FALSE;
if (!nm_supplicant_config_add_setting_8021x (self, setting_8021x, connection_uid, FALSE))
return FALSE;
}
if (setting->phase2_autheap) {
if (phase2->len)
g_string_append_c (phase2, ' ');
tmp = g_ascii_strup (setting->phase2_autheap, -1);
g_string_append_printf (phase2, "autheap=%s", tmp);
g_free (tmp);
}
if (phase2->len)
ADD_STRING_VAL (phase2->str, "phase2", FALSE, FALSE, FALSE);
g_string_free (phase2, TRUE);
ADD_BLOB_VAL (setting->ca_cert, "ca_cert", connection_uid);
ADD_BLOB_VAL (setting->client_cert, "client_cert", connection_uid);
ADD_BLOB_VAL (setting->private_key, "private_key", connection_uid);
ADD_BLOB_VAL (setting->phase2_ca_cert, "ca_cert2", connection_uid);
ADD_BLOB_VAL (setting->phase2_client_cert, "client_cert2", connection_uid);
ADD_BLOB_VAL (setting->phase2_private_key, "private_key2", connection_uid);
ADD_STRING_VAL (setting->identity, "identity", FALSE, FALSE, FALSE);
ADD_STRING_VAL (setting->anonymous_identity, "anonymous_identity", FALSE, FALSE, FALSE);
}
return TRUE;
}
gboolean
nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self,
NMSetting8021x *setting,
const char *connection_uid,
gboolean wired)
{
NMSupplicantConfigPrivate *priv;
char * value;
gboolean success;
GString *phase1, *phase2;
char *tmp;
g_return_val_if_fail (NM_IS_SUPPLICANT_CONFIG (self), FALSE);
g_return_val_if_fail (setting != NULL, FALSE);
g_return_val_if_fail (connection_uid != NULL, FALSE);
priv = NM_SUPPLICANT_CONFIG_GET_PRIVATE (self);
ADD_STRING_VAL (setting->password, "password", FALSE, FALSE, TRUE);
ADD_STRING_VAL (setting->pin, "pin", FALSE, FALSE, TRUE);
if (wired) {
ADD_STRING_VAL ("IEEE8021X", "key_mgmt", TRUE, FALSE, FALSE);
/* Wired 802.1x must always use eapol_flags=0 */
ADD_STRING_VAL ("0", "eapol_flags", FALSE, FALSE, FALSE);
}
/* Private key passwords are never passed to wpa_supplicant because the
* user agent is responsible for decoding and decrypting the private key,
* and file paths are never passed to wpa_supplicant to ensure that
* the supplicant can be locked down and doesn't try to read stuff from
* all over the drive.
*/
ADD_STRING_LIST_VAL (setting->eap, "eap", TRUE, FALSE);
/* Drop the fragment size a bit for better compatibility */
if (!nm_supplicant_config_add_option (self, "fragment_size", "1300", -1, FALSE))
return FALSE;
phase1 = g_string_new (NULL);
if (setting->phase1_peapver)
g_string_append_printf (phase1, "peapver=%s", setting->phase1_peapver);
if (setting->phase1_peaplabel) {
if (phase1->len)
g_string_append_c (phase1, ' ');
g_string_append_printf (phase1, "peaplabel=%s", setting->phase1_peaplabel);
}
if (phase1->len)
ADD_STRING_VAL (phase1->str, "phase1", FALSE, FALSE, FALSE);
g_string_free (phase1, TRUE);
phase2 = g_string_new (NULL);
if (setting->phase2_auth) {
tmp = g_ascii_strup (setting->phase2_auth, -1);
g_string_append_printf (phase2, "auth=%s", tmp);
g_free (tmp);
}
if (setting->phase2_autheap) {
if (phase2->len)
g_string_append_c (phase2, ' ');
tmp = g_ascii_strup (setting->phase2_autheap, -1);
g_string_append_printf (phase2, "autheap=%s", tmp);
g_free (tmp);
}
if (phase2->len)
ADD_STRING_VAL (phase2->str, "phase2", FALSE, FALSE, FALSE);
g_string_free (phase2, TRUE);
ADD_BLOB_VAL (setting->ca_cert, "ca_cert", connection_uid);
ADD_BLOB_VAL (setting->client_cert, "client_cert", connection_uid);
ADD_BLOB_VAL (setting->private_key, "private_key", connection_uid);
ADD_BLOB_VAL (setting->phase2_ca_cert, "ca_cert2", connection_uid);
ADD_BLOB_VAL (setting->phase2_client_cert, "client_cert2", connection_uid);
ADD_BLOB_VAL (setting->phase2_private_key, "private_key2", connection_uid);
ADD_STRING_VAL (setting->identity, "identity", FALSE, FALSE, FALSE);
ADD_STRING_VAL (setting->anonymous_identity, "anonymous_identity", FALSE, FALSE, FALSE);
return TRUE;
}

12
src/supplicant-manager/nm-supplicant-config.h
View file

@ -24,6 +24,8 @@
#include <glib-object.h>
#include <nm-setting-wireless.h>
#include <nm-setting-wireless-security.h>
#include <nm-setting-8021x.h>
#include "nm-supplicant-types.h"
G_BEGIN_DECLS
@ -71,10 +73,16 @@ gboolean nm_supplicant_config_add_setting_wireless (NMSupplicantConfig * self,
guint32 adhoc_freq,
gboolean has_scan_capa_ssid);
gboolean nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig * self,
NMSettingWirelessSecurity * setting,
gboolean nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
NMSettingWirelessSecurity *setting,
NMSetting8021x *setting_8021x,
const char *connection_uid);
gboolean nm_supplicant_config_add_setting_8021x (NMSupplicantConfig *self,
NMSetting8021x *setting,
const char *connection_uid,
gboolean wired);
G_END_DECLS
#endif /* NM_SUPPLICANT_CONFIG_H */