2005-12-14 Dan Williams <dcbw@redhat.com>

* src/nm-ap-security*.[ch] - Add AP security abstractions to NetworkManager * src/nm-dbus-device.c - Begin to parse new format dbus messages from the applet and construct an AP security object from the message * libnm-util/dbus-helpers.c - Use message iters so we can append the key as a fixed array of bytes, which actually works rather than using dbus_message_append_args() as we were before git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@1184 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2025-12-30 08:30:11 +01:00 · 2005-12-14 15:53:34 +00:00 · 2005-12-14 15:53:34 +00:00 · 503f55796b
commit 503f55796b
parent 5c91628f9f
12 changed files with 848 additions and 44 deletions
--- a/14
+++ b/14
@ -1,3 +1,17 @@
+2005-12-14  Dan Williams  <dcbw@redhat.com>
+
+	* src/nm-ap-security*.[ch]
+		- Add AP security abstractions to NetworkManager
+
+	* src/nm-dbus-device.c
+		- Begin to parse new format dbus messages from the applet
+			and construct an AP security object from the message
+
+	* libnm-util/dbus-helpers.c
+		- Use message iters so we can append the key as a fixed
+			array of bytes, which actually works rather than
+			using dbus_message_append_args() as we were before
+
 2005-12-14  Dan Williams  <dcbw@redhat.com>

 	* src/NetworkManagerDbus.c
--- a/gnome/applet/applet-dbus-devices.c
+++ b/gnome/applet/applet-dbus-devices.c
@ -1099,8 +1099,8 @@ void nmwa_dbus_set_device (DBusConnection *connection, NetworkDevice *dev, const
 			nm_info ("Forcing device '%s'\n", network_device_get_nm_path (dev));
 			dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &dev_path, DBUS_TYPE_INVALID);
 		}
-//		if (success)
-//			dbus_connection_send (connection, message, NULL);
+		if (success)
+			dbus_connection_send (connection, message, NULL);
 		dbus_message_unref (message);
 	}
 	else
--- a/libnm-util/dbus-helpers.c
+++ b/libnm-util/dbus-helpers.c
@ -28,27 +28,48 @@
 #include "cipher.h"


+static void key_append_helper (DBusMessageIter *iter, const char *key)
+{
+	DBusMessageIter	subiter;
+	int				key_len;
+
+	g_return_if_fail (iter != NULL);
+	g_return_if_fail (key != NULL);
+
+	key_len = strlen (key);
+	g_return_if_fail (key_len > 0);
+
+	if (!dbus_message_iter_open_container (iter, DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE_AS_STRING, &subiter))
+		return;	
+	dbus_message_iter_append_fixed_array (&subiter, DBUS_TYPE_BYTE, &key, key_len);
+	dbus_message_iter_close_container (iter, &subiter);
+}
+
 dbus_bool_t nmu_dbus_message_append_wep_args (DBusMessage *message, IEEE_802_11_Cipher *cipher,
 					const char *ssid, const char *input, int auth_alg)
 {
-	int			we_cipher = -1;
-	char *		hashed = NULL;
-	int			hashed_len;
-	dbus_bool_t	result;
+	int				we_cipher = -1;
+	char *			key = NULL;
+	dbus_bool_t		result = TRUE;
+	DBusMessageIter	iter;

 	g_return_val_if_fail (message != NULL, FALSE);
 	g_return_val_if_fail (cipher != NULL, FALSE);
 	g_return_val_if_fail ((auth_alg == IW_AUTH_ALG_OPEN_SYSTEM) || (auth_alg == IW_AUTH_ALG_SHARED_KEY), FALSE);

-	we_cipher = ieee_802_11_cipher_get_we_cipher (cipher);
-	hashed = ieee_802_11_cipher_hash (cipher, ssid, input);
-	hashed_len = strlen (hashed);
+	dbus_message_iter_init_append (message, &iter);

-	result = dbus_message_append_args (message, DBUS_TYPE_INT32, &we_cipher,
-								DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &hashed, hashed_len,
-								DBUS_TYPE_INT32, &auth_alg,
-								DBUS_TYPE_INVALID);
-	g_free (hashed);
+	/* First arg: WE Cipher (INT32) */
+	we_cipher = ieee_802_11_cipher_get_we_cipher (cipher);
+	dbus_message_iter_append_basic (&iter, DBUS_TYPE_INT32, &we_cipher);
+
+	/* Second arg: hashed key (ARRAY, BYTE) */
+	key = ieee_802_11_cipher_hash (cipher, ssid, input);
+	key_append_helper (&iter, key);
+	g_free (key);
+
+	/* Third arg: WEP authentication algorithm (INT32) */
+	dbus_message_iter_append_basic (&iter, DBUS_TYPE_INT32, &auth_alg);

 	return result;
 }
@ -57,26 +78,32 @@ dbus_bool_t nmu_dbus_message_append_wep_args (DBusMessage *message, IEEE_802_11_
 dbus_bool_t nmu_dbus_message_append_wpa_psk_args (DBusMessage *message, IEEE_802_11_Cipher *cipher,
 					const char *ssid, const char *input, int wpa_version, int key_mgt)
 {
-	int			we_cipher = -1;
-	char *		hashed = NULL;
-	int			hashed_len;
-	dbus_bool_t	result;
+	int				we_cipher = -1;
+	char *			key = NULL;
+	dbus_bool_t		result = TRUE;
+	DBusMessageIter	iter;

 	g_return_val_if_fail (message != NULL, FALSE);
 	g_return_val_if_fail (cipher != NULL, FALSE);
 	g_return_val_if_fail ((wpa_version == IW_AUTH_WPA_VERSION_WPA) || (wpa_version == IW_AUTH_WPA_VERSION_WPA2), FALSE);
 	g_return_val_if_fail ((key_mgt == IW_AUTH_KEY_MGMT_802_1X) || (key_mgt == IW_AUTH_KEY_MGMT_PSK), FALSE);

-	we_cipher = ieee_802_11_cipher_get_we_cipher (cipher);
-	hashed = ieee_802_11_cipher_hash (cipher, ssid, input);
-	hashed_len = strlen (hashed);
+	dbus_message_iter_init_append (message, &iter);

-	result = dbus_message_append_args (message, DBUS_TYPE_INT32, &we_cipher,
-								DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &hashed, hashed_len,
-								DBUS_TYPE_INT32, &wpa_version,
-								DBUS_TYPE_INT32, &key_mgt,
-								DBUS_TYPE_INVALID);
-	g_free (hashed);
+	/* First arg: WE Cipher (INT32) */
+	we_cipher = ieee_802_11_cipher_get_we_cipher (cipher);
+	dbus_message_iter_append_basic (&iter, DBUS_TYPE_INT32, &we_cipher);
+
+	/* Second arg: hashed key (ARRAY, BYTE) */
+	key = ieee_802_11_cipher_hash (cipher, ssid, input);
+	key_append_helper (&iter, key);
+	g_free (key);
+
+	/* Third arg: WPA version (INT32) */
+	dbus_message_iter_append_basic (&iter, DBUS_TYPE_INT32, &wpa_version);
+
+	/* Fourth arg: WPA key management (INT32) */
+	dbus_message_iter_append_basic (&iter, DBUS_TYPE_INT32, &key_mgt);

 	return result;
 }
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -47,7 +47,14 @@ NetworkManager_SOURCES =				\
 		nm-activation-request.c		\
 		nm-activation-request.h		\
 		autoip.c					\
-		autoip.h
+		autoip.h					\
+		nm-ap-security.c			\
+		nm-ap-security.h			\
+		nm-ap-security-private.h		\
+		nm-ap-security-wep.c		\
+		nm-ap-security-wep.h		\
+		nm-ap-security-wpa-psk.c		\
+		nm-ap-security-wpa-psk.h

 NetworkManager_CPPFLAGS = 			\
 	$(DBUS_CFLAGS)					\
--- a/src/nm-ap-security-private.h
+++ b/src/nm-ap-security-private.h
@ -0,0 +1,32 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#ifndef NM_AP_SECURITY_PRIVATE_H
+#define NM_AP_SECURITY_PRIVATE_H
+
+#include "nm-ap-security.h"
+
+void nm_ap_security_set_we_cipher (NMAPSecurity *self, int we_cipher);
+
+void nm_ap_security_set_key (NMAPSecurity *self, const char *key, int key_len);
+
+
+#endif	/* NM_AP_SECURITY_PRIVATE_H */
--- a/src/nm-ap-security-wep.c
+++ b/src/nm-ap-security-wep.c
@ -0,0 +1,127 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#include <glib.h>
+#include <dbus/dbus.h>
+#include <iwlib.h>
+
+#include "nm-ap-security.h"
+#include "nm-ap-security-wep.h"
+#include "nm-ap-security-private.h"
+
+#define NM_AP_SECURITY_WEP_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY_WEP, NMAPSecurityWEPPrivate))
+
+struct _NMAPSecurityWEPPrivate
+{
+	int		auth_algorithm;
+
+	gboolean	dispose_has_run;
+};
+
+NMAPSecurityWEP *
+nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher)
+{
+	NMAPSecurityWEP *	security = NULL;
+	char *			key;
+	int				key_len;
+	int				auth_algorithm;
+	DBusMessageIter	subiter;
+
+	g_return_val_if_fail (iter != NULL, NULL);
+	g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_WEP40) || (we_cipher == IW_AUTH_CIPHER_WEP104), NULL);
+
+	/* Next arg: key (DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE) */
+	if ((dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_ARRAY)
+			|| (dbus_message_iter_get_element_type (iter) != DBUS_TYPE_BYTE))
+		goto out;
+
+	dbus_message_iter_recurse (iter, &subiter);
+	dbus_message_iter_get_fixed_array (&subiter, &key, &key_len);
+	if (key_len <= 0)
+		goto out;
+
+	/* Next arg: authentication algorithm (DBUS_TYPE_INT32) */
+	if (!dbus_message_iter_next (iter))
+		goto out;
+	if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32)
+		goto out;
+
+	dbus_message_iter_get_basic (iter, &auth_algorithm);
+	if ((auth_algorithm != IW_AUTH_ALG_OPEN_SYSTEM) && (auth_algorithm != IW_AUTH_ALG_SHARED_KEY))
+		goto out;
+
+	/* Success, build up our security object */
+	security = g_object_new (NM_TYPE_AP_SECURITY_WEP, NULL);
+	nm_ap_security_set_we_cipher (NM_AP_SECURITY (security), we_cipher);
+	nm_ap_security_set_key (NM_AP_SECURITY (security), key, key_len);
+	security->priv->auth_algorithm = auth_algorithm;
+
+out:
+	return security;
+}
+
+static void 
+real_write_wpa_supplicant_config (NMAPSecurity *instance, int fd)
+{
+	NMAPSecurityWEP * self = NM_AP_SECURITY_WEP (instance);
+}
+
+static void
+nm_ap_security_wep_init (NMAPSecurityWEP * self)
+{
+	self->priv = NM_AP_SECURITY_WEP_GET_PRIVATE (self);
+	self->priv->auth_algorithm = IW_AUTH_ALG_OPEN_SYSTEM;
+	self->priv->dispose_has_run = FALSE;
+}
+
+static void
+nm_ap_security_wep_class_init (NMAPSecurityWEPClass *klass)
+{
+	GObjectClass *object_class = G_OBJECT_CLASS (klass);
+	NMAPSecurityClass *par_class = NM_AP_SECURITY_CLASS (klass);
+
+	par_class->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config;
+
+	g_type_class_add_private (object_class, sizeof (NMAPSecurityWEPPrivate));
+}
+
+GType
+nm_ap_security_wep_get_type (void)
+{
+	static GType type = 0;
+	if (type == 0) {
+		static const GTypeInfo info = {
+			sizeof (NMAPSecurityWEPClass),
+			NULL,   /* base_init */
+			NULL,   /* base_finalize */
+			(GClassInitFunc) nm_ap_security_wep_class_init,
+			NULL,   /* class_finalize */
+			NULL,   /* class_data */
+			sizeof (NMAPSecurityWEP),
+			0,      /* n_preallocs */
+			(GInstanceInitFunc) nm_ap_security_wep_init
+		};
+		type = g_type_register_static (NM_TYPE_AP_SECURITY,
+					       "NMAPSecurityWEP",
+					       &info, 0);
+	}
+	return type;
+}
--- a/src/nm-ap-security-wep.h
+++ b/src/nm-ap-security-wep.h
@ -0,0 +1,58 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#ifndef NM_AP_SECURITY_WEP_H
+#define NM_AP_SECURITY_WEP_H
+
+#include <glib-object.h>
+#include <dbus/dbus.h>
+#include "nm-ap-security.h"
+
+#define NM_TYPE_AP_SECURITY_WEP			(nm_ap_security_wep_get_type ())
+#define NM_AP_SECURITY_WEP(obj)			(G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_AP_SECURITY_WEP, NMAPSecurityWEP))
+#define NM_AP_SECURITY_WEP_CLASS(klass)		(G_TYPE_CHECK_CLASS_CAST ((klass),  NM_TYPE_AP_SECURITY_WEP, NMAPSecurityWEPClass))
+#define NM_IS_AP_SECURITY_WEP(obj)			(G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_AP_SECURITY_WEP))
+#define NM_IS_AP_SECURITY_WEP_CLASS(klass)	(G_TYPE_CHECK_CLASS_TYPE ((klass),  NM_TYPE_AP_SECURITY_WEP))
+#define NM_AP_SECURITY_WEP_GET_CLASS(obj)	(G_TYPE_INSTANCE_GET_CLASS ((obj),  NM_TYPE_AP_SECURITY_WEP, NMAPSecurityWEPClass))
+
+typedef struct _NMAPSecurityWEP NMAPSecurityWEP;
+typedef struct _NMAPSecurityWEPClass NMAPSecurityWEPClass;
+typedef struct _NMAPSecurityWEPPrivate NMAPSecurityWEPPrivate;
+
+struct _NMAPSecurityWEP
+{
+	NMAPSecurity parent;
+
+	/*< private >*/
+	NMAPSecurityWEPPrivate *priv;
+};
+
+struct _NMAPSecurityWEPClass
+{
+	NMAPSecurityClass parent;
+};
+
+
+GType nm_ap_security_wep_get_type (void);
+
+NMAPSecurityWEP * nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher);
+
+#endif	/* NM_AP_SECURITY_WEP_H */
--- a/src/nm-ap-security-wpa-psk.c
+++ b/src/nm-ap-security-wpa-psk.c
@ -0,0 +1,139 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#include <glib.h>
+#include <dbus/dbus.h>
+#include <iwlib.h>
+
+#include "nm-ap-security.h"
+#include "nm-ap-security-wpa-psk.h"
+#include "nm-ap-security-private.h"
+
+#define NM_AP_SECURITY_WPA_PSK_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY_WPA_PSK, NMAPSecurityWPA_PSKPrivate))
+
+struct _NMAPSecurityWPA_PSKPrivate
+{
+	int		wpa_version;
+	int		key_mgt;
+
+	gboolean	dispose_has_run;
+};
+
+NMAPSecurityWPA_PSK *
+nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_cipher)
+{
+	NMAPSecurityWPA_PSK *	security = NULL;
+	char *				key;
+	int					key_len;
+	int					wpa_version;
+	int					key_mgt;
+
+	g_return_val_if_fail (iter != NULL, NULL);
+	g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL);
+
+	/* Next arg: key (DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE) */
+	if ((dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_ARRAY)
+			|| (dbus_message_iter_get_element_type (iter) != DBUS_TYPE_BYTE))
+		goto out;
+
+	dbus_message_iter_get_fixed_array (iter, &key, &key_len);
+	if (key_len <= 0)
+		goto out;
+
+	/* Next arg: WPA version (DBUS_TYPE_INT32) */
+	if (!dbus_message_iter_next (iter))
+		goto out;
+	if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32)
+		goto out;
+
+	dbus_message_iter_get_basic (iter, &wpa_version);
+	if ((wpa_version != IW_AUTH_WPA_VERSION_WPA) && (wpa_version != IW_AUTH_WPA_VERSION_WPA2))
+		goto out;
+
+	/* Next arg: WPA key management (DBUS_TYPE_INT32) */
+	if (!dbus_message_iter_next (iter))
+		goto out;
+	if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32)
+		goto out;
+
+	dbus_message_iter_get_basic (iter, &key_mgt);
+	if ((key_mgt != IW_AUTH_KEY_MGMT_PSK) && (key_mgt != IW_AUTH_KEY_MGMT_802_1X))
+		goto out;
+
+	/* Success, build up our security object */
+	security = g_object_new (NM_TYPE_AP_SECURITY_WPA_PSK, NULL);
+	nm_ap_security_set_we_cipher (NM_AP_SECURITY (security), we_cipher);
+	nm_ap_security_set_key (NM_AP_SECURITY (security), key, key_len);
+	security->priv->wpa_version = wpa_version;
+	security->priv->key_mgt = key_mgt;
+
+out:
+	return security;
+}
+
+static void 
+real_write_wpa_supplicant_config (NMAPSecurity *instance, int fd)
+{
+	NMAPSecurityWPA_PSK * self = NM_AP_SECURITY_WPA_PSK (instance);
+}
+
+static void
+nm_ap_security_wpa_psk_init (NMAPSecurityWPA_PSK * self)
+{
+	self->priv = NM_AP_SECURITY_WPA_PSK_GET_PRIVATE (self);
+	self->priv->wpa_version = IW_AUTH_WPA_VERSION_WPA;
+	self->priv->key_mgt = IW_AUTH_KEY_MGMT_PSK;
+	self->priv->dispose_has_run = FALSE;
+}
+
+static void
+nm_ap_security_wpa_psk_class_init (NMAPSecurityWPA_PSKClass *klass)
+{
+	GObjectClass *object_class = G_OBJECT_CLASS (klass);
+	NMAPSecurityClass *par_class = NM_AP_SECURITY_CLASS (klass);
+
+	par_class->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config;
+
+	g_type_class_add_private (object_class, sizeof (NMAPSecurityWPA_PSKPrivate));
+}
+
+GType
+nm_ap_security_wpa_psk_get_type (void)
+{
+	static GType type = 0;
+	if (type == 0) {
+		static const GTypeInfo info = {
+			sizeof (NMAPSecurityWPA_PSKClass),
+			NULL,   /* base_init */
+			NULL,   /* base_finalize */
+			(GClassInitFunc) nm_ap_security_wpa_psk_class_init,
+			NULL,   /* class_finalize */
+			NULL,   /* class_data */
+			sizeof (NMAPSecurityWPA_PSK),
+			0,      /* n_preallocs */
+			(GInstanceInitFunc) nm_ap_security_wpa_psk_init
+		};
+		type = g_type_register_static (NM_TYPE_AP_SECURITY,
+					       "NMAPSecurityWPA_PSK",
+					       &info, 0);
+	}
+	return type;
+}
--- a/src/nm-ap-security-wpa-psk.h
+++ b/src/nm-ap-security-wpa-psk.h
@ -0,0 +1,58 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#ifndef NM_AP_SECURITY_WPA_PSK_H
+#define NM_AP_SECURITY_WPA_PSK_H
+
+#include <glib-object.h>
+#include <dbus/dbus.h>
+#include "nm-ap-security.h"
+
+#define NM_TYPE_AP_SECURITY_WPA_PSK			(nm_ap_security_wpa_psk_get_type ())
+#define NM_AP_SECURITY_WPA_PSK(obj)			(G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_AP_SECURITY_WPA_PSK, NMAPSecurityWPA_PSK))
+#define NM_AP_SECURITY_WPA_PSK_CLASS(klass)		(G_TYPE_CHECK_CLASS_CAST ((klass),  NM_TYPE_AP_SECURITY_WPA_PSK, NMAPSecurityWPA_PSKClass))
+#define NM_IS_AP_SECURITY_WPA_PSK(obj)			(G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_AP_SECURITY_WPA_PSK))
+#define NM_IS_AP_SECURITY_WPA_PSK_CLASS(klass)	(G_TYPE_CHECK_CLASS_TYPE ((klass),  NM_TYPE_AP_SECURITY_WPA_PSK))
+#define NM_AP_SECURITY_WPA_PSK_GET_CLASS(obj)	(G_TYPE_INSTANCE_GET_CLASS ((obj),  NM_TYPE_AP_SECURITY_WPA_PSK, NMAPSecurityWPA_PSKClass))
+
+typedef struct _NMAPSecurityWPA_PSK NMAPSecurityWPA_PSK;
+typedef struct _NMAPSecurityWPA_PSKClass NMAPSecurityWPA_PSKClass;
+typedef struct _NMAPSecurityWPA_PSKPrivate NMAPSecurityWPA_PSKPrivate;
+
+struct _NMAPSecurityWPA_PSK
+{
+	NMAPSecurity parent;
+
+	/*< private >*/
+	NMAPSecurityWPA_PSKPrivate *priv;
+};
+
+struct _NMAPSecurityWPA_PSKClass
+{
+	NMAPSecurityClass parent;
+};
+
+
+GType nm_ap_security_wpa_psk_get_type (void);
+
+NMAPSecurityWPA_PSK * nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_cipher);
+
+#endif	/* NM_AP_SECURITY_WPA_PSK_H */
--- a/src/nm-ap-security.c
+++ b/src/nm-ap-security.c
@ -0,0 +1,242 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#include <glib.h>
+#include <dbus/dbus.h>
+#include <iwlib.h>
+
+#include "nm-ap-security.h"
+#include "nm-ap-security-private.h"
+#include "nm-ap-security-wep.h"
+#include "nm-ap-security-wpa-psk.h"
+
+#define NM_AP_SECURITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY, NMAPSecurityPrivate))
+
+struct _NMAPSecurityPrivate
+{
+	int		we_cipher;
+	char *	key;
+
+	gboolean	dispose_has_run;
+};
+
+static GObjectClass *parent_class = NULL;
+
+static NMAPSecurity *
+nm_ap_security_new (int we_cipher)
+{
+	NMAPSecurity * security;
+
+	security = g_object_new (NM_TYPE_AP_SECURITY, NULL);
+	security->priv->we_cipher = we_cipher;
+	return security;
+}
+
+
+NMAPSecurity *
+nm_ap_security_new_from_dbus_message (DBusMessageIter *iter)
+{
+	NMAPSecurity * security = NULL;
+	int we_cipher;
+
+	g_return_val_if_fail (iter != NULL, NULL);
+	/* We require the WE cipher (an INT32) first */
+	g_return_val_if_fail (dbus_message_iter_get_arg_type (iter) == DBUS_TYPE_INT32, NULL);
+
+	/* Get and validate WE cipher */
+	dbus_message_iter_get_basic (iter, &we_cipher);
+
+	if (we_cipher == IW_AUTH_CIPHER_NONE)
+		security = nm_ap_security_new (we_cipher);
+	else
+	{
+		/* Advance to start of cipher-dependent options */
+		if (!dbus_message_iter_next (iter))
+			goto out;
+
+		switch (we_cipher)
+		{
+			case IW_AUTH_CIPHER_WEP40:
+			case IW_AUTH_CIPHER_WEP104:
+				security = NM_AP_SECURITY (nm_ap_security_wep_new_from_dbus_message (iter, we_cipher));
+				break;
+
+			case IW_AUTH_CIPHER_TKIP:
+			case IW_AUTH_CIPHER_CCMP:
+				security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_dbus_message (iter, we_cipher));
+				break;
+
+			default:
+				break;
+		}
+	}
+
+out:
+	return security;
+}
+
+void nm_ap_security_write_wpa_supplicant_config (NMAPSecurity *self, int fd)
+{
+	g_return_if_fail (self != NULL);
+	g_return_if_fail (fd >= 0);
+
+	if (self->priv->dispose_has_run)
+		return;
+
+	NM_AP_SECURITY_GET_CLASS (self)->write_wpa_supplicant_config_func (self, fd);
+}
+
+void
+nm_ap_security_set_we_cipher (NMAPSecurity *self, int we_cipher)
+{
+	g_return_if_fail (self != NULL);
+
+	/* Ensure the cipher is valid */
+	g_return_if_fail (
+		   (we_cipher == IW_AUTH_CIPHER_NONE)
+		|| (we_cipher == IW_AUTH_CIPHER_WEP40)
+		|| (we_cipher == IW_AUTH_CIPHER_WEP104)
+		|| (we_cipher == IW_AUTH_CIPHER_TKIP)
+		|| (we_cipher == IW_AUTH_CIPHER_CCMP));
+
+	self->priv->we_cipher = we_cipher;
+}
+
+void
+nm_ap_security_set_key (NMAPSecurity *self, const char *key, int key_len)
+{
+	g_return_if_fail (self != NULL);
+	g_return_if_fail (key != NULL);
+	g_return_if_fail (key_len > 0);
+
+	if (self->priv->key)
+		g_free (self->priv->key);
+	self->priv->key = g_malloc0 (key_len + 1);
+	memcpy (self->priv->key, key, key_len);
+}
+
+static void 
+real_write_wpa_supplicant_config (NMAPSecurity *self, int fd)
+{
+}
+
+int nm_ap_security_get_we_cipher (NMAPSecurity *self)
+{
+	NMAPSecurityPrivate *priv;
+
+	g_return_val_if_fail (self != NULL, -1);
+
+	priv = NM_AP_SECURITY_GET_PRIVATE (self);
+
+	return priv->we_cipher;
+}
+
+const char * nm_ap_security_get_key (NMAPSecurity *self)
+{
+	NMAPSecurityPrivate *priv;
+
+	g_return_val_if_fail (self != NULL, NULL);
+
+	priv = NM_AP_SECURITY_GET_PRIVATE (self);
+
+	return priv->key;
+}
+
+static void
+nm_ap_security_init (NMAPSecurity * self)
+{
+	self->priv = NM_AP_SECURITY_GET_PRIVATE (self);
+	self->priv->dispose_has_run = FALSE;
+	self->priv->we_cipher = IW_AUTH_CIPHER_NONE;
+	self->priv->key = NULL;
+}
+
+static void
+nm_ap_security_dispose (GObject *object)
+{
+	NMAPSecurity *self = (NMAPSecurity *) object;
+
+	if (self->priv->dispose_has_run)
+		/* If dispose did already run, return. */
+		return;
+
+	/* Make sure dispose does not run twice. */
+	self->priv->dispose_has_run = TRUE;
+
+	/* 
+	 * In dispose, you are supposed to free all types referenced from this
+	 * object which might themselves hold a reference to self. Generally,
+	 * the most simple solution is to unref all members on which you own a 
+	 * reference.
+	 */
+
+	/* Chain up to the parent class */
+	G_OBJECT_CLASS (parent_class)->dispose (object);
+}
+
+static void
+nm_ap_security_finalize (GObject *object)
+{
+	NMAPSecurity *self = (NMAPSecurity *) object;
+
+	/* Complete object destruction */
+	g_free (self->priv->key);
+
+	/* Chain up to the parent class */
+	G_OBJECT_CLASS (parent_class)->finalize (object);
+}
+
+
+static void
+nm_ap_security_class_init (NMAPSecurityClass *klass)
+{
+	GObjectClass *object_class = G_OBJECT_CLASS (klass);
+
+	object_class->dispose = nm_ap_security_dispose;
+	object_class->finalize = nm_ap_security_finalize;
+
+	klass->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config;
+
+	g_type_class_add_private (object_class, sizeof (NMAPSecurityPrivate));
+}
+
+GType
+nm_ap_security_get_type (void)
+{
+	static GType type = 0;
+	if (type == 0) {
+		static const GTypeInfo info = {
+			sizeof (NMAPSecurityClass),
+			NULL,   /* base_init */
+			NULL,   /* base_finalize */
+			(GClassInitFunc) nm_ap_security_class_init,
+			NULL,   /* class_finalize */
+			NULL,   /* class_data */
+			sizeof (NMAPSecurity),
+			0,      /* n_preallocs */
+			(GInstanceInitFunc) nm_ap_security_init
+		};
+		type = g_type_register_static (G_TYPE_OBJECT,
+					       "NMAPSecurity",
+					       &info, 0);
+	}
+	return type;
+}
--- a/src/nm-ap-security.h
+++ b/src/nm-ap-security.h
@ -0,0 +1,66 @@
+/* NetworkManager -- Network link manager
+ *
+ * Dan Williams <dcbw@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * (C) Copyright 2005 Red Hat, Inc.
+ */
+
+#ifndef NM_AP_SECURITY_H
+#define NM_AP_SECURITY_H
+
+#include <glib-object.h>
+#include <dbus/dbus.h>
+
+#define NM_TYPE_AP_SECURITY			(nm_ap_security_get_type ())
+#define NM_AP_SECURITY(obj)			(G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_AP_SECURITY, NMAPSecurity))
+#define NM_AP_SECURITY_CLASS(klass)	(G_TYPE_CHECK_CLASS_CAST ((klass),  NM_TYPE_AP_SECURITY, NMAPSecurityClass))
+#define NM_IS_AP_SECURITY(obj)		(G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_AP_SECURITY))
+#define NM_IS_AP_SECURITY_CLASS(klass)	(G_TYPE_CHECK_CLASS_TYPE ((klass),  NM_TYPE_AP_SECURITY))
+#define NM_AP_SECURITY_GET_CLASS(obj)	(G_TYPE_INSTANCE_GET_CLASS ((obj),  NM_TYPE_AP_SECURITY, NMAPSecurityClass))
+
+typedef struct _NMAPSecurity NMAPSecurity;
+typedef struct _NMAPSecurityClass NMAPSecurityClass;
+typedef struct _NMAPSecurityPrivate NMAPSecurityPrivate;
+
+struct _NMAPSecurity
+{
+	GObject parent;
+
+	/*< private >*/
+	NMAPSecurityPrivate *priv;
+};
+
+struct _NMAPSecurityClass
+{
+	GObjectClass parent;
+
+	/* class members */
+	void (*write_wpa_supplicant_config_func) (NMAPSecurity *self, int fd);
+};
+
+
+GType nm_ap_security_get_type (void);
+
+NMAPSecurity * nm_ap_security_new_from_dbus_message (DBusMessageIter *iter);
+
+int nm_ap_security_get_we_cipher (NMAPSecurity *self);
+
+const char * nm_ap_security_get_key (NMAPSecurity *self);
+
+void nm_ap_security_write_wpa_supplicant_config (NMAPSecurity *self, int fd);
+
+#endif	/* NM_AP_SECURITY_H */
--- a/src/nm-dbus-nm.c
+++ b/src/nm-dbus-nm.c
@ -34,6 +34,7 @@
 #include "NetworkManagerDialup.h"
 #include "NetworkManagerSystem.h"
 #include "NetworkManager.h"
+#include "nm-ap-security.h"


 /*
@ -183,19 +184,65 @@ out:
 */
 static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DBusMessage *message, NMDbusCBData *data)
 {
+#define INVALID_ARGS_ERROR	"InvalidArguments"
+#define INVALID_ARGS_MESSAGE	"NetworkManager::setActiveDevice called with invalid arguments."
 	NMDevice *		dev = NULL;
 	DBusMessage *		reply = NULL;
-	char *			dev_path = NULL;
+	char *			dev_path;
+	char *			unescaped_dev_path = NULL;
 	char *			essid = NULL;
 	char *			key = NULL;
 	int				key_type = -1;
 	NMAccessPoint *	ap = NULL;
+	DBusMessageIter	iter;

 	g_return_val_if_fail (connection != NULL, NULL);
 	g_return_val_if_fail (message != NULL, NULL);
 	g_return_val_if_fail (data != NULL, NULL);
 	g_return_val_if_fail (data->data != NULL, NULL);

+	dbus_message_iter_init (message, &iter);
+
+	if (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_OBJECT_PATH)
+	{
+		reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "InvalidArguments",
+							"NetworkManager::setActiveDevice called with invalid arguments.");
+		goto out;
+	}
+
+	dbus_message_iter_get_basic (&iter, &dev_path);
+	unescaped_dev_path = nm_dbus_unescape_object_path (dev_path);
+	dev = nm_dbus_get_device_from_object_path (data->data, unescaped_dev_path);
+	g_free (unescaped_dev_path);
+
+	/* Ensure the device exists in our list and is supported */
+	if (!dev || !(nm_device_get_capabilities (dev) & NM_DEVICE_CAP_NM_SUPPORTED))
+	{
+		reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "DeviceNotFound",
+						"The requested network device does not exist.");
+		goto out;
+	}
+
+	if (nm_device_is_802_11_wireless (dev))
+	{
+		NMAPSecurity * security = NULL;
+
+		if (dbus_message_iter_next (&iter))
+		{
+			dbus_message_iter_get_basic (&iter, &essid);
+
+			if (dbus_message_iter_next (&iter))
+			{
+				security = nm_ap_security_new_from_dbus_message (&iter);
+			}
+		}
+	}
+	else if (nm_device_is_802_3_ethernet (dev))
+	{
+	}
+// DEBUG
+return reply;
+
 	/* Try to grab both device _and_ network first, and if that fails then just the device. */
 	if (!dbus_message_get_args (message, NULL,	DBUS_TYPE_OBJECT_PATH, &dev_path,
 										DBUS_TYPE_STRING, &essid,
@ -205,28 +252,15 @@ static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DB
 		/* So if that failed, try getting just the device */
 		if (!dbus_message_get_args (message, NULL, DBUS_TYPE_OBJECT_PATH, &dev_path, DBUS_TYPE_INVALID))
 		{
-			reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "InvalidArguments",
-							"NetworkManager::setActiveDevice called with invalid arguments.");
+			reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE);
 			goto out;
 		} else nm_info ("FORCE: device '%s'", dev_path);
 	} else nm_info ("FORCE: device '%s', network '%s'", dev_path, essid);

-	/* So by now we have a valid device and possibly a network as well */
-	dev_path = nm_dbus_unescape_object_path (dev_path);
-	dev = nm_dbus_get_device_from_object_path (data->data, dev_path);
-	g_free (dev_path);
-	if (!dev || !(nm_device_get_capabilities (dev) & NM_DEVICE_CAP_NM_SUPPORTED))
-	{
-		reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "DeviceNotFound",
-						"The requested network device does not exist.");
-		goto out;
-	}
-
 	/* Make sure network is valid and device is wireless */
 	if (nm_device_is_802_11_wireless (dev) && !essid)
 	{
-		reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "InvalidArguments",
-							"NetworkManager::setActiveDevice called with invalid arguments.");
+		reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE);
 		goto out;
 	}