diff --git a/ChangeLog b/ChangeLog index 7f28d064f5..06808d2e6c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2006-01-30 Robert Love + + * gnome/applet/nm-gconf-wso-wpa-psk.c, gnome/applet/nm-gconf-wso.c, + gnome/applet/wireless-security-option.c, include/NetworkManager.h, + libnm-util/cipher-wpa-psk-hex.c, src/nm-ap-security-wpa-psk.c, + libnm-util/cipher-wpa-psk-passphrase.c, src/nm-ap-security.c: Add + support for "Automatic" pairwise and group cipher configuration by + letting wpa_supplicant handle the details. Add UI elements, new + cipher type NM_AUTH_CIPHER_AUTO, and backend support. Works like a + charm. Note this does more than add a nice feature, it fixes a bug. + Apparently, some people have AP's where the pairwise cipher does not + match the group cipher. Insane, but true. + 2006-01-30 Dan Williams * gnome/applet/applet-dbus-devices.c diff --git a/gnome/applet/nm-gconf-wso-wpa-psk.c b/gnome/applet/nm-gconf-wso-wpa-psk.c index d54a8ece8b..bb0b120afa 100644 --- a/gnome/applet/nm-gconf-wso-wpa-psk.c +++ b/gnome/applet/nm-gconf-wso-wpa-psk.c @@ -53,7 +53,7 @@ nm_gconf_wso_wpa_psk_new_deserialize_dbus (DBusMessageIter *iter, int we_cipher) int key_mgt; g_return_val_if_fail (iter != NULL, NULL); - g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); + g_return_val_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); if (!nmu_security_deserialize_wpa_psk (iter, &key, &key_len, &wpa_version, &key_mgt)) goto out; @@ -78,7 +78,7 @@ nm_gconf_wso_wpa_psk_new_deserialize_gconf (GConfClient *client, const char *net g_return_val_if_fail (client != NULL, NULL); g_return_val_if_fail (network != NULL, NULL); - g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); + g_return_val_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); if (!nm_gconf_get_int_helper (client, GCONF_PATH_WIRELESS_NETWORKS, diff --git a/gnome/applet/nm-gconf-wso.c b/gnome/applet/nm-gconf-wso.c index 1fdd8aba4d..cd6b7f01ee 100644 --- a/gnome/applet/nm-gconf-wso.c +++ b/gnome/applet/nm-gconf-wso.c @@ -84,6 +84,7 @@ nm_gconf_wso_new_deserialize_dbus (DBusMessageIter *iter) security = NM_GCONF_WSO (nm_gconf_wso_wep_new_deserialize_dbus (iter, we_cipher)); break; + case NM_AUTH_CIPHER_AUTO: case IW_AUTH_CIPHER_TKIP: case IW_AUTH_CIPHER_CCMP: security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_dbus (iter, we_cipher)); @@ -125,6 +126,7 @@ nm_gconf_wso_new_deserialize_gconf (GConfClient *client, security = NM_GCONF_WSO (nm_gconf_wso_wep_new_deserialize_gconf (client, network, we_cipher)); break; + case NM_AUTH_CIPHER_AUTO: case IW_AUTH_CIPHER_TKIP: case IW_AUTH_CIPHER_CCMP: security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_gconf (client, network, we_cipher)); @@ -174,7 +176,8 @@ nm_gconf_wso_set_we_cipher (NMGConfWSO *self, /* Ensure the cipher is valid */ g_return_if_fail ( - (we_cipher == IW_AUTH_CIPHER_NONE) + (we_cipher == NM_AUTH_CIPHER_AUTO) + || (we_cipher == IW_AUTH_CIPHER_NONE) || (we_cipher == IW_AUTH_CIPHER_WEP40) || (we_cipher == IW_AUTH_CIPHER_WEP104) || (we_cipher == IW_AUTH_CIPHER_TKIP) diff --git a/gnome/applet/wireless-security-option.c b/gnome/applet/wireless-security-option.c index f957e49992..92ef0c33d9 100644 --- a/gnome/applet/wireless-security-option.c +++ b/gnome/applet/wireless-security-option.c @@ -200,14 +200,21 @@ wso_wpa_create_key_type_model (int capabilities, GtkListStore * model; GtkTreeIter iter; int num = 0; + const char * name; g_return_val_if_fail (num_added != NULL, NULL); model = gtk_list_store_new (2, G_TYPE_STRING, G_TYPE_INT); + + name = _("Automatic (Default)"); + gtk_list_store_append (model, &iter); + gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name, + WPA_KEY_TYPE_CIPHER_COL, 0, -1); + num++; + if (capabilities & NM_802_11_CAP_CIPHER_TKIP) { - const char *name = _("TKIP (Default)"); - + name = _("TKIP"); gtk_list_store_append (model, &iter); gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name, WPA_KEY_TYPE_CIPHER_COL, IW_AUTH_CIPHER_TKIP, -1); @@ -215,8 +222,7 @@ wso_wpa_create_key_type_model (int capabilities, } if (capabilities & NM_802_11_CAP_CIPHER_CCMP) { - const char *name = _("AES-CCMP"); - + name = _("AES-CCMP"); gtk_list_store_append (model, &iter); gtk_list_store_set (model, &iter, WPA_KEY_TYPE_NAME_COL, name, WPA_KEY_TYPE_CIPHER_COL, IW_AUTH_CIPHER_CCMP, -1); diff --git a/include/NetworkManager.h b/include/NetworkManager.h index 532fde49d5..6ae4f41708 100644 --- a/include/NetworkManager.h +++ b/include/NetworkManager.h @@ -110,6 +110,8 @@ typedef enum NMDeviceType #define NM_802_11_CAP_CIPHER_TKIP 0x00004000 #define NM_802_11_CAP_CIPHER_CCMP 0x00008000 +/* Let wpa_supplicant figure out the cipher */ +#define NM_AUTH_CIPHER_AUTO 0x0 /* * Wireless network update types diff --git a/libnm-util/cipher-wpa-psk-hex.c b/libnm-util/cipher-wpa-psk-hex.c index 328389818c..f01cbf816a 100644 --- a/libnm-util/cipher-wpa-psk-hex.c +++ b/libnm-util/cipher-wpa-psk-hex.c @@ -22,6 +22,7 @@ #include #include +#include "NetworkManager.h" #include "cipher.h" #include "cipher-private.h" #include "cipher-wpa-psk-hex.h" @@ -36,7 +37,7 @@ IEEE_802_11_Cipher * cipher_wpa_psk_hex_new (void) IEEE_802_11_Cipher * cipher = g_malloc0 (sizeof (IEEE_802_11_Cipher)); cipher->refcount = 1; - cipher->we_cipher = IW_AUTH_CIPHER_TKIP; + cipher->we_cipher = NM_AUTH_CIPHER_AUTO; cipher->input_min = HEXSTR_WPA_PMK_LEN; cipher->input_max = HEXSTR_WPA_PMK_LEN; cipher->cipher_hash_func = cipher_wpa_psk_hex_hash_func; @@ -49,8 +50,8 @@ IEEE_802_11_Cipher * cipher_wpa_psk_hex_new (void) void cipher_wpa_psk_hex_set_we_cipher (IEEE_802_11_Cipher *cipher, int we_cipher) { g_return_if_fail (cipher != NULL); - g_return_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP)); - g_return_if_fail ((cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP)); + g_return_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP)); + g_return_if_fail ((cipher->we_cipher == NM_AUTH_CIPHER_AUTO || cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP)); cipher->we_cipher = we_cipher; } diff --git a/libnm-util/cipher-wpa-psk-passphrase.c b/libnm-util/cipher-wpa-psk-passphrase.c index eeea7fb99a..53e0719fc2 100644 --- a/libnm-util/cipher-wpa-psk-passphrase.c +++ b/libnm-util/cipher-wpa-psk-passphrase.c @@ -22,6 +22,7 @@ #include #include +#include "NetworkManager.h" #include "cipher.h" #include "cipher-private.h" #include "cipher-wpa-psk-hex.h" @@ -37,7 +38,7 @@ IEEE_802_11_Cipher * cipher_wpa_psk_passphrase_new (void) IEEE_802_11_Cipher * cipher = g_malloc0 (sizeof (IEEE_802_11_Cipher)); cipher->refcount = 1; - cipher->we_cipher = IW_AUTH_CIPHER_TKIP; + cipher->we_cipher = NM_AUTH_CIPHER_AUTO; /* Passphrase between 8 and 63 characters inclusive */ cipher->input_min = 8; cipher->input_max = (WPA_PMK_LEN * 2) - 1; @@ -51,8 +52,8 @@ IEEE_802_11_Cipher * cipher_wpa_psk_passphrase_new (void) void cipher_wpa_psk_passphrase_set_we_cipher (IEEE_802_11_Cipher *cipher, int we_cipher) { g_return_if_fail (cipher != NULL); - g_return_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP)); - g_return_if_fail ((cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP)); + g_return_if_fail ((we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP)); + g_return_if_fail ((cipher->we_cipher == NM_AUTH_CIPHER_AUTO || cipher->we_cipher == IW_AUTH_CIPHER_TKIP) || (cipher->we_cipher == IW_AUTH_CIPHER_CCMP)); cipher->we_cipher = we_cipher; } diff --git a/src/nm-ap-security-wpa-psk.c b/src/nm-ap-security-wpa-psk.c index 1528c2f1d1..4f2a5396fa 100644 --- a/src/nm-ap-security-wpa-psk.c +++ b/src/nm-ap-security-wpa-psk.c @@ -48,15 +48,19 @@ static void set_description (NMAPSecurityWPA_PSK *security) { if (we_cipher == IW_AUTH_CIPHER_TKIP) nm_ap_security_set_description (parent, _("WPA TKIP")); - else + else if (we_cipher == IW_AUTH_CIPHER_CCMP) nm_ap_security_set_description (parent, _("WPA CCMP")); + else + nm_ap_security_set_description (parent, _("WPA Automatic")); } else if (security->priv->wpa_version == IW_AUTH_WPA_VERSION_WPA2) { if (we_cipher == IW_AUTH_CIPHER_TKIP) nm_ap_security_set_description (parent, _("WPA2 TKIP")); - else + else if (we_cipher == IW_AUTH_CIPHER_CCMP) nm_ap_security_set_description (parent, _("WPA2 CCMP")); + else + nm_ap_security_set_description (parent, _("WPA2 Automatic")); } } @@ -70,7 +74,7 @@ nm_ap_security_wpa_psk_new_deserialize (DBusMessageIter *iter, int we_cipher) int key_mgt; g_return_val_if_fail (iter != NULL, NULL); - g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); + g_return_val_if_fail (we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP || we_cipher == IW_AUTH_CIPHER_CCMP, NULL); if (!nmu_security_deserialize_wpa_psk (iter, &key, &key_len, &wpa_version, &key_mgt)) goto out; @@ -96,7 +100,7 @@ nm_ap_security_wpa_psk_new_from_ap (NMAccessPoint *ap, int we_cipher) guint32 caps; g_return_val_if_fail (ap != NULL, NULL); - g_return_val_if_fail (we_cipher == IW_AUTH_CIPHER_TKIP || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); + g_return_val_if_fail (we_cipher == NM_AUTH_CIPHER_AUTO || we_cipher == IW_AUTH_CIPHER_TKIP || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); security = g_object_new (NM_TYPE_AP_SECURITY_WPA_PSK, NULL); nm_ap_security_set_we_cipher (NM_AP_SECURITY (security), we_cipher); @@ -173,22 +177,32 @@ real_write_supplicant_config (NMAPSecurity *instance, } g_free (msg); + /* + * FIXME: Technically, the pairwise cipher does not need to be the same as + * the group cipher. Fixing this requires changes in the UI. + */ if (cipher == IW_AUTH_CIPHER_TKIP) pairwise_cipher = group_cipher = "TKIP"; - else + else if (cipher == IW_AUTH_CIPHER_CCMP) pairwise_cipher = group_cipher = "CCMP"; + else if (cipher == IW_AUTH_CIPHER_NONE) + pairwise_cipher = group_cipher = "NONE"; /* Ad-Hoc requires pairwise cipher of NONE */ if (user_created) pairwise_cipher = "NONE"; - - if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL, - "SET_NETWORK %i pairwise %s", nwid, pairwise_cipher)) - goto out; - if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL, - "SET_NETWORK %i group %s", nwid, group_cipher)) - goto out; + /* If user selected "Automatic", we let wpa_supplicant sort it out */ + if (cipher != NM_AUTH_CIPHER_AUTO) + { + if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL, + "SET_NETWORK %i pairwise %s", nwid, pairwise_cipher)) + goto out; + + if (!nm_utils_supplicant_request_with_check (ctrl, "OK", __func__, NULL, + "SET_NETWORK %i group %s", nwid, group_cipher)) + goto out; + } success = TRUE; diff --git a/src/nm-ap-security.c b/src/nm-ap-security.c index 2f00c4526a..e212cab1bb 100644 --- a/src/nm-ap-security.c +++ b/src/nm-ap-security.c @@ -85,6 +85,7 @@ nm_ap_security_new_deserialize (DBusMessageIter *iter) security = NM_AP_SECURITY (nm_ap_security_wep_new_deserialize (iter, we_cipher)); break; + case NM_AUTH_CIPHER_AUTO: case IW_AUTH_CIPHER_TKIP: case IW_AUTH_CIPHER_CCMP: security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_deserialize (iter, we_cipher)); @@ -154,7 +155,8 @@ nm_ap_security_set_we_cipher (NMAPSecurity *self, int we_cipher) /* Ensure the cipher is valid */ g_return_if_fail ( - (we_cipher == IW_AUTH_CIPHER_NONE) + (we_cipher == NM_AUTH_CIPHER_AUTO) + || (we_cipher == IW_AUTH_CIPHER_NONE) || (we_cipher == IW_AUTH_CIPHER_WEP40) || (we_cipher == IW_AUTH_CIPHER_WEP104) || (we_cipher == IW_AUTH_CIPHER_TKIP) @@ -217,7 +219,7 @@ real_device_setup (NMAPSecurity *self, NMDevice80211Wireless * dev) int nm_ap_security_get_we_cipher (NMAPSecurity *self) { - g_return_val_if_fail (self != NULL, -1); + g_return_val_if_fail (self != NULL, NM_AUTH_CIPHER_AUTO); return self->priv->we_cipher; }