supplicant: merge branch 'bg/issue638-wpa2-sae'

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/638
2025-12-27 15:10:09 +01:00 · 2021-02-23 10:24:55 +01:00 · 2021-02-23 10:24:55 +01:00 · 09c943b9a7
commit 09c943b9a7
parent 5747bdb8b8 f5d78c2d28
4 changed files with 53 additions and 24 deletions
--- a/src/core/supplicant/nm-supplicant-config.c
+++ b/src/core/supplicant/nm-supplicant-config.c
@ -841,6 +841,11 @@ nm_supplicant_config_add_setting_wireless_security(NMSupplicantConfig *
            g_string_append(key_mgmt_conf, " wpa-psk-sha256");
        if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT))
            g_string_append(key_mgmt_conf, " ft-psk");
+        if (_get_capability(priv, NM_SUPPL_CAP_TYPE_SAE)) {
+            g_string_append(key_mgmt_conf, " sae");
+            if (_get_capability(priv, NM_SUPPL_CAP_TYPE_FT))
+                g_string_append(key_mgmt_conf, " ft-sae");
+        }
    } else if (nm_streq(key_mgmt, "wpa-eap")) {
        if (_get_capability(priv, NM_SUPPL_CAP_TYPE_PMF)) {
            g_string_append(key_mgmt_conf, " wpa-eap-sha256");
--- a/src/core/supplicant/nm-supplicant-interface.c
+++ b/src/core/supplicant/nm-supplicant-interface.c
@ -1171,19 +1171,24 @@ parse_capabilities(NMSupplicantInterface *self, GVariant *capabilities)
    const gboolean                old_prop_scan_ssid   = priv->prop_scan_ssid;
    const guint32                 old_max_scan_ssids   = priv->max_scan_ssids;
    gboolean                      have_ft              = FALSE;
+    gboolean                      have_sae             = FALSE;
    gint32                        max_scan_ssids;
    const char **                 array;

    nm_assert(capabilities && g_variant_is_of_type(capabilities, G_VARIANT_TYPE_VARDICT));

    if (g_variant_lookup(capabilities, "KeyMgmt", "^a&s", &array)) {
-        have_ft = g_strv_contains(array, "wpa-ft-psk");
+        have_ft  = g_strv_contains(array, "wpa-ft-psk");
+        have_sae = g_strv_contains(array, "sae");
        g_free(array);
    }

    priv->iface_capabilities = NM_SUPPL_CAP_MASK_SET(priv->iface_capabilities,
                                                     NM_SUPPL_CAP_TYPE_FT,
                                                     have_ft ? NM_TERNARY_TRUE : NM_TERNARY_FALSE);
+    priv->iface_capabilities = NM_SUPPL_CAP_MASK_SET(priv->iface_capabilities,
+                                                     NM_SUPPL_CAP_TYPE_SAE,
+                                                     have_sae ? NM_TERNARY_TRUE : NM_TERNARY_FALSE);

    if (g_variant_lookup(capabilities, "Modes", "^a&s", &array)) {
        /* Setting p2p_capable might toggle _prop_p2p_available_get(). However,
@ -1255,6 +1260,15 @@ _starting_check_ready(NMSupplicantInterface *self)
        return;
    }

+    _LOGD("interface supported features:"
+          " AP%c"
+          " FT%c"
+          " SAE%c"
+          "",
+          NM_SUPPL_CAP_TO_CHAR(priv->iface_capabilities, NM_SUPPL_CAP_TYPE_AP),
+          NM_SUPPL_CAP_TO_CHAR(priv->iface_capabilities, NM_SUPPL_CAP_TYPE_FT),
+          NM_SUPPL_CAP_TO_CHAR(priv->iface_capabilities, NM_SUPPL_CAP_TYPE_SAE));
+
    set_state(self, priv->supp_state);
 }

@ -1278,6 +1292,10 @@ _get_capability(NMSupplicantInterfacePrivate *priv, NMSupplCapType type)
                value = iface_value;
        }
        break;
+    case NM_SUPPL_CAP_TYPE_SAE:
+        nm_assert(NM_SUPPL_CAP_MASK_GET(priv->global_capabilities, type) == NM_TERNARY_DEFAULT);
+        value = NM_SUPPL_CAP_MASK_GET(priv->iface_capabilities, type);
+        break;
    default:
        nm_assert(NM_SUPPL_CAP_MASK_GET(priv->iface_capabilities, type) == NM_TERNARY_DEFAULT);
        value = NM_SUPPL_CAP_MASK_GET(priv->global_capabilities, type);
@ -1305,9 +1323,13 @@ nm_supplicant_interface_get_capabilities(NMSupplicantInterface *self)
    caps = NM_SUPPL_CAP_MASK_SET(caps,
                                 NM_SUPPL_CAP_TYPE_FT,
                                 _get_capability(priv, NM_SUPPL_CAP_TYPE_FT));
+    caps = NM_SUPPL_CAP_MASK_SET(caps,
+                                 NM_SUPPL_CAP_TYPE_SAE,
+                                 _get_capability(priv, NM_SUPPL_CAP_TYPE_SAE));

    nm_assert(!NM_FLAGS_ANY(priv->iface_capabilities,
-                            ~(NM_SUPPL_CAP_MASK_T_AP_MASK | NM_SUPPL_CAP_MASK_T_FT_MASK)));
+                            ~(NM_SUPPL_CAP_MASK_T_AP_MASK | NM_SUPPL_CAP_MASK_T_FT_MASK
+                              | NM_SUPPL_CAP_MASK_T_SAE_MASK)));

 #if NM_MORE_ASSERTS > 10
    {
--- a/src/core/supplicant/nm-supplicant-manager.c
+++ b/src/core/supplicant/nm-supplicant-manager.c
@ -168,19 +168,6 @@ _caps_set(NMSupplicantManagerPrivate *priv, NMSupplCapType type, NMTernary value
    priv->capabilities = NM_SUPPL_CAP_MASK_SET(priv->capabilities, type, value);
 }

-static char
-_caps_to_char(NMSupplicantManagerPrivate *priv, NMSupplCapType type)
-{
-    NMTernary val;
-
-    val = NM_SUPPL_CAP_MASK_GET(priv->capabilities, type);
-    if (val == NM_TERNARY_TRUE)
-        return '+';
-    if (val == NM_TERNARY_FALSE)
-        return '-';
-    return '?';
-}
-
 /*****************************************************************************/

 static void
@ -1008,15 +995,15 @@ _dbus_get_capabilities_cb(GVariant *res, GError *error, gpointer user_data)
          " FAST%c"
          " WFD%c"
          "",
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_AP),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_PMF),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_FILS),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_P2P),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_FT),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_SHA384),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_MESH),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_FAST),
-          _caps_to_char(priv, NM_SUPPL_CAP_TYPE_WFD));
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_AP),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_PMF),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_FILS),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_P2P),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_FT),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_SHA384),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_MESH),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_FAST),
+          NM_SUPPL_CAP_TO_CHAR(priv->capabilities, NM_SUPPL_CAP_TYPE_WFD));

    nm_assert(g_hash_table_size(priv->supp_ifaces) == 0);
    nm_assert(c_list_is_empty(&priv->supp_lst_head));
--- a/src/core/supplicant/nm-supplicant-types.h
+++ b/src/core/supplicant/nm-supplicant-types.h
@ -41,6 +41,7 @@ typedef enum {
    NM_SUPPL_CAP_TYPE_FILS,
    NM_SUPPL_CAP_TYPE_P2P,
    NM_SUPPL_CAP_TYPE_FT,
+    NM_SUPPL_CAP_TYPE_SAE,
    NM_SUPPL_CAP_TYPE_SHA384,
    NM_SUPPL_CAP_TYPE_MESH,
    NM_SUPPL_CAP_TYPE_FAST,
@ -71,6 +72,7 @@ typedef enum {
    _NM_SUPPL_CAP_MASK_DEFINE(MESH),
    _NM_SUPPL_CAP_MASK_DEFINE(WFD),
    _NM_SUPPL_CAP_MASK_DEFINE(FT),
+    _NM_SUPPL_CAP_MASK_DEFINE(SAE),
    _NM_SUPPL_CAP_MASK_DEFINE(SHA384),
 #undef _NM_SUPPL_CAP_MASK_DEFINE
 } NMSupplCapMask;
@ -114,6 +116,19 @@ NM_SUPPL_CAP_MASK_GET(NMSupplCapMask features, NMSupplCapType type)
    return (NMTernary)(f - 1);
 }

+static inline char
+NM_SUPPL_CAP_TO_CHAR(NMSupplCapMask features, NMSupplCapType type)
+{
+    NMTernary val;
+
+    val = NM_SUPPL_CAP_MASK_GET(features, type);
+    if (val == NM_TERNARY_TRUE)
+        return '+';
+    if (val == NM_TERNARY_FALSE)
+        return '-';
+    return '?';
+}
+
 /*****************************************************************************/

 /**