From 2c4195bb74dcfa37c9a60e581b3b0cdf386f1329 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Fri, 4 Oct 2019 11:37:45 +0200
Subject: [PATCH] libnm/utils: add SAE security type

https://github.com/NetworkManager/NetworkManager/pull/354
(cherry picked from commit 0ff1cb556ca9b8a77a0b5b25522876c889b3835d)
---
 libnm-core/nm-utils.c | 24 ++++++++++++++++++++++++
 libnm-core/nm-utils.h |  4 +++-
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c
index c16c9004e7..62cf47f1fc 100644
--- a/libnm-core/nm-utils.c
+++ b/libnm-core/nm-utils.c
@@ -1121,6 +1121,7 @@ nm_utils_ap_mode_security_valid (NMUtilsSecurityType type,
 	case NMU_SEC_STATIC_WEP:
 	case NMU_SEC_WPA_PSK:
 	case NMU_SEC_WPA2_PSK:
+	case NMU_SEC_SAE:
 		return TRUE;
 	default:
 		break;
@@ -1294,6 +1295,29 @@ nm_utils_security_valid (NMUtilsSecurityType type,
 				return FALSE;
 		}
 		break;
+	case NMU_SEC_SAE:
+		if (!(wifi_caps & NM_WIFI_DEVICE_CAP_RSN))
+			return FALSE;
+		if (have_ap) {
+			if (adhoc) {
+				if (!(wifi_caps & NM_WIFI_DEVICE_CAP_IBSS_RSN))
+					return FALSE;
+				if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_CCMP)
+				    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
+					return TRUE;
+			} else {
+				if (ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_SAE) {
+					if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_TKIP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP))
+						return TRUE;
+					if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_CCMP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
+						return TRUE;
+				}
+			}
+			return FALSE;
+		}
+		break;
 	default:
 		good = FALSE;
 		break;
diff --git a/libnm-core/nm-utils.h b/libnm-core/nm-utils.h
index 3e54a33c1c..a0fa8d7f16 100644
--- a/libnm-core/nm-utils.h
+++ b/libnm-core/nm-utils.h
@@ -64,6 +64,7 @@ char *      nm_utils_ssid_to_utf8  (const guint8 *ssid, gsize len);
  * @NMU_SEC_WPA_ENTERPRISE: WPA1 is used with 802.1x authentication
  * @NMU_SEC_WPA2_PSK: WPA2/RSN is used with Pre-Shared Keys (PSK)
  * @NMU_SEC_WPA2_ENTERPRISE: WPA2 is used with 802.1x authentication
+ * @NMU_SEC_SAE: is used with WPA3 Enterprise
  *
  * Describes generic security mechanisms that 802.11 access points may offer.
  * Used with nm_utils_security_valid() for checking whether a given access
@@ -78,7 +79,8 @@ typedef enum {
 	NMU_SEC_WPA_PSK,
 	NMU_SEC_WPA_ENTERPRISE,
 	NMU_SEC_WPA2_PSK,
-	NMU_SEC_WPA2_ENTERPRISE
+	NMU_SEC_WPA2_ENTERPRISE,
+	NMU_SEC_SAE,
 } NMUtilsSecurityType;
 
 gboolean nm_utils_security_valid (NMUtilsSecurityType type,