fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-25 21:10:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

wireless-security: ensure Mesh networks can't use anything but SAE

Browse source 
They must be either open or use SAE key management.
This commit is contained in:
Lubomir Rintel 2019-01-25 09:55:42 +01:00
parent 5874f4e4e9
commit 3ef3733c81
1 changed files with 26 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
libnm-core/nm-setting-wireless-security.c
View file

@ -904,6 +904,11 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
const char *valid_protos[] = { "wpa", "rsn", NULL };
const char *valid_pairwise[] = { "tkip", "ccmp", NULL };
const char *valid_groups[] = { "wep40", "wep104", "tkip", "ccmp", NULL };
NMSettingWireless *s_wifi;
const char *wifi_mode;
s_wifi = connection ? nm_connection_get_setting_wireless (connection) : NULL;
wifi_mode = s_wifi ? nm_setting_wireless_get_mode (s_wifi) : NULL;
if (!priv->key_mgmt) {
g_set_error_literal (error,
@ -914,14 +919,27 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
return FALSE;
}
if (!g_strv_contains (valid_key_mgmt, priv->key_mgmt)) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' is not a valid value for the property"),
priv->key_mgmt);
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
return FALSE;
if (g_strcmp0 (wifi_mode, NM_SETTING_WIRELESS_MODE_MESH) == 0) {
if ( (strcmp (priv->key_mgmt, "none") == 0)
|| (strcmp (priv->key_mgmt, "sae") == 0)) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' is not a valid value for '%s' mode connections"),
priv->key_mgmt, NM_SETTING_WIRELESS_MODE_MESH);
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
return FALSE;
}
} else {
if (!g_strv_contains (valid_key_mgmt, priv->key_mgmt)) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' is not a valid value for the property"),
priv->key_mgmt);
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
return FALSE;
}
}
if (priv->auth_alg && !strcmp (priv->auth_alg, "leap")) {