fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-10 09:20:20 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

devices/wifi: Use wpa-psk key-mgmt for networks supporting WPA2 and WPA3

Browse source 
Networks offering WPA2 and WPA3/SAE at the same time are in WPA3 hybrid
mode. In this case the PSK passphrase rules that apply need to be the
WPA2 rules, so we shouldn't use "sae" as key-mgmt. Also our wifi card
might not support SAE and we want to make sure WPA2 eventually gets used
in that case.

So use "wpa-psk" as key-mgmt method in case an AP is in WPA3 hybrid
mode.
This commit is contained in:
Jonas Dreßler 2021-04-24 11:18:12 +02:00 committed by Thomas Haller
parent e019132033
commit 0e30a5256c
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
1 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/core/devices/wifi/nm-wifi-utils.c
View file

@ -814,15 +814,24 @@ nm_wifi_utils_complete_connection(GBytes * ap_ssid,
* setting. Since there's so much configuration required for it, there's
* no way it can be automatically completed.
*/
} else if ((key_mgmt && !strcmp(key_mgmt, "sae"))
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE)) {
} else if (nm_streq0(key_mgmt, "wpa-psk")
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE
&& (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK
|| ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK))) {
g_object_set(s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
"wpa-psk",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
"open",
NULL);
} else if (nm_streq0(key_mgmt, "sae") || (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE)) {
g_object_set(s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
"sae",
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
"open",
NULL);
} else if ((key_mgmt && !strcmp(key_mgmt, "owe"))
} else if (nm_streq0(key_mgmt, "owe")
|| NM_FLAGS_ANY(ap_rsn_flags,
NM_802_11_AP_SEC_KEY_MGMT_OWE | NM_802_11_AP_SEC_KEY_MGMT_OWE_TM)) {
g_object_set(s_wsec,
@ -831,9 +840,8 @@ nm_wifi_utils_complete_connection(GBytes * ap_ssid,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG,
"open",
NULL);
} else if ((key_mgmt && !strcmp(key_mgmt, "wpa-psk"))
|| (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)) {
} else if (ap_wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK
|| ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK) {
g_object_set(s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
"wpa-psk",
@ -843,7 +851,7 @@ nm_wifi_utils_complete_connection(GBytes * ap_ssid,
/* Leave proto/pairwise/group as client set them; if they are unset the
* supplicant will figure out the best combination at connect time.
*/
} else if ((key_mgmt && !strcmp(key_mgmt, "wpa-eap-suite-b-192"))
} else if (nm_streq0(key_mgmt, "wpa-eap-suite-b-192")
|| (ap_rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_EAP_SUITE_B_192)) {
g_object_set(s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,