diff --git a/ChangeLog b/ChangeLog index 664ae2738c..2c0c9518d6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2005-12-15 Dan Williams + + * Exorcise encryption key hashing on APs + * Use libnm-util's serialization/deserialization in both the + applet and NM + * Random other stuff + 2005-12-15 Robert Love * gnome/applet/menu-items.c: A new icon, "network-wireless-encrypted" diff --git a/gnome/applet/wso-wep-ascii.c b/gnome/applet/wso-wep-ascii.c index 8561eb099f..71a231578a 100644 --- a/gnome/applet/wso-wep-ascii.c +++ b/gnome/applet/wso-wep-ascii.c @@ -111,7 +111,7 @@ static gboolean append_dbus_params_func (WirelessSecurityOption *opt, const char auth_combo = glade_xml_get_widget (opt->uixml, opt->data->auth_combo_name); auth_alg = wso_wep_auth_combo_get_auth_alg (opt, GTK_COMBO_BOX (auth_combo)); - nmu_dbus_message_append_wep_args (message, cipher, ssid, input, auth_alg); + nmu_security_serialize_wep_with_cipher (message, cipher, ssid, input, auth_alg); return TRUE; } diff --git a/gnome/applet/wso-wep-hex.c b/gnome/applet/wso-wep-hex.c index f85711af89..67d963d500 100644 --- a/gnome/applet/wso-wep-hex.c +++ b/gnome/applet/wso-wep-hex.c @@ -108,7 +108,7 @@ static gboolean append_dbus_params_func (WirelessSecurityOption *opt, const char auth_combo = glade_xml_get_widget (opt->uixml, opt->data->auth_combo_name); auth_alg = wso_wep_auth_combo_get_auth_alg (opt, GTK_COMBO_BOX (auth_combo)); - nmu_dbus_message_append_wep_args (message, cipher, ssid, input, auth_alg); + nmu_security_serialize_wep_with_cipher (message, cipher, ssid, input, auth_alg); return TRUE; } diff --git a/gnome/applet/wso-wep-passphrase.c b/gnome/applet/wso-wep-passphrase.c index aceb0a7426..77a2e02521 100644 --- a/gnome/applet/wso-wep-passphrase.c +++ b/gnome/applet/wso-wep-passphrase.c @@ -108,7 +108,7 @@ static gboolean append_dbus_params_func (WirelessSecurityOption *opt, const char auth_combo = glade_xml_get_widget (opt->uixml, opt->data->auth_combo_name); auth_alg = wso_wep_auth_combo_get_auth_alg (opt, GTK_COMBO_BOX (auth_combo)); - nmu_dbus_message_append_wep_args (message, cipher, ssid, input, auth_alg); + nmu_security_serialize_wep_with_cipher (message, cipher, ssid, input, auth_alg); return TRUE; } diff --git a/gnome/applet/wso-wpa-psk-passphrase.c b/gnome/applet/wso-wpa-psk-passphrase.c index 8e35cb58a1..65b81c4f5a 100644 --- a/gnome/applet/wso-wpa-psk-passphrase.c +++ b/gnome/applet/wso-wpa-psk-passphrase.c @@ -94,7 +94,7 @@ static gboolean append_dbus_params_func (WirelessSecurityOption *opt, const char if (!wso_validate_helper (opt, ssid, input, &cipher) || !cipher) return FALSE; - nmu_dbus_message_append_wpa_psk_args (message, cipher, ssid, input, + nmu_security_serialize_wpa_psk_with_cipher (message, cipher, ssid, input, IW_AUTH_WPA_VERSION_WPA, IW_AUTH_KEY_MGMT_PSK); return TRUE; diff --git a/src/Makefile.am b/src/Makefile.am index b0414c5573..3f33c7a777 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -5,7 +5,8 @@ INCLUDES = -I${top_srcdir} \ -I${top_srcdir}/src/named-manager \ -I${top_srcdir}/src/vpn-manager \ -I${top_srcdir}/src/dhcp-manager \ - -I${top_srcdir}/utils + -I${top_srcdir}/utils \ + -I${top_srcdir}/libnm-util bin_PROGRAMS = NetworkManager @@ -70,15 +71,8 @@ NetworkManager_CPPFLAGS = \ -DDATADIR=\"$(datadir)\" \ -DSYSCONFDIR=\"$(sysconfdir)\" \ -DARP_DEBUG -if WITH_GCRYPT -NetworkManager_CPPFLAGS += $(LIBGCRYPT_CFLAGS) -endif -if !WITH_GCRYPT -NetworkManager_SOURCES += gnome-keyring-md5.c gnome-keyring-md5.h -endif - NetworkManager_LDADD = \ $(DBUS_LIBS) \ $(GTHREAD_LIBS) \ @@ -89,11 +83,8 @@ NetworkManager_LDADD = \ ./named-manager/libnamed-manager.la \ ./vpn-manager/libvpn-manager.la \ ./dhcp-manager/libdhcp-manager.la \ - ./backends/libnmbackend.la - -if WITH_GCRYPT -NetworkManager_LDADD += $(LIBGCRYPT_LIBS) -endif + ./backends/libnmbackend.la \ + $(top_builddir)/libnm-util/libnm-util.la dbusservicedir = $(DBUS_SYS_DIR) dbusservice_DATA = NetworkManager.conf diff --git a/src/NetworkManagerAP.c b/src/NetworkManagerAP.c index e4771f3df4..f0da86dac4 100644 --- a/src/NetworkManagerAP.c +++ b/src/NetworkManagerAP.c @@ -163,10 +163,14 @@ void nm_ap_unref (NMAccessPoint *ap) g_slist_foreach (ap->user_addresses, (GFunc)g_free, NULL); g_slist_free (ap->user_addresses); + if (ap->security) + g_object_unref (G_OBJECT (ap->security)); + ap->essid = NULL; ap->enc_key = NULL; g_free (ap); + memset (ap, 0, sizeof (NMAccessPoint)); } } @@ -217,64 +221,6 @@ void nm_ap_set_essid (NMAccessPoint *ap, const char * essid) } -/* - * Get/set functions for encryption key - * - */ -const char * nm_ap_get_enc_key_source (const NMAccessPoint *ap) -{ - g_return_val_if_fail (ap != NULL, NULL); - - return (ap->enc_key); -} - -void nm_ap_set_enc_key_source (NMAccessPoint *ap, const char * key, NMEncKeyType type) -{ - g_return_if_fail (ap != NULL); - - if (ap->enc_key) - g_free (ap->enc_key); - - ap->enc_key = g_strdup (key); - ap->enc_type = type; -} - -char *nm_ap_get_enc_key_hashed (const NMAccessPoint *ap) -{ - char * hashed = NULL; - const char * source_key; - - g_return_val_if_fail (ap != NULL, NULL); - - source_key = nm_ap_get_enc_key_source (ap); - switch (ap->enc_type) - { - case (NM_ENC_TYPE_128_BIT_PASSPHRASE): - if (source_key) - hashed = nm_wireless_128bit_key_from_passphrase (source_key); - break; - case (NM_ENC_TYPE_ASCII_KEY): - if (source_key){ - if(strlen(source_key)<=5) - hashed = nm_wireless_64bit_ascii_to_hex (source_key); - else - hashed = nm_wireless_128bit_ascii_to_hex (source_key); - } - break; - case (NM_ENC_TYPE_HEX_KEY): - case (NM_ENC_TYPE_UNKNOWN): - if (source_key) - hashed = g_strdup (source_key); - break; - - default: - break; - } - - return (hashed); -} - - /* * Get/set functions for encrypted flag * @@ -328,6 +274,35 @@ void nm_ap_set_auth_method (NMAccessPoint *ap, int auth_method) } +/* + * Accessorts for AP security info + * + */ +NMAPSecurity * nm_ap_get_security (const NMAccessPoint *ap) +{ + g_return_val_if_fail (ap != NULL, NULL); + + return ap->security; +} + +void nm_ap_set_security (NMAccessPoint *ap, NMAPSecurity *security) +{ + g_return_if_fail (ap != NULL); + + if (ap->security) + { + g_object_unref (G_OBJECT (ap->security)); + ap->security = NULL; + } + + if (security) + { + g_object_ref (G_OBJECT (security)); + ap->security = security; + } +} + + /* * Get/set functions for address * @@ -591,11 +566,7 @@ void nm_ap_set_user_addresses (NMAccessPoint *ap, GSList *list) g_return_if_fail (ap != NULL); /* Free existing list */ - for (elt = ap->user_addresses; elt; elt = g_slist_next (elt)) - { - if (elt->data) - g_free (elt->data); - } + g_slist_foreach (ap->user_addresses, (GFunc) g_free, NULL); /* Copy new list and set as our own */ for (elt = list; elt; elt = g_slist_next (elt)) @@ -608,33 +579,6 @@ void nm_ap_set_user_addresses (NMAccessPoint *ap, GSList *list) } -gboolean nm_ap_is_enc_key_valid (NMAccessPoint *ap) -{ - const char *key; - NMEncKeyType key_type; - - g_return_val_if_fail (ap != NULL, FALSE); - - key = nm_ap_get_enc_key_source (ap); - key_type = nm_ap_get_enc_type (ap); - - if (nm_is_enc_key_valid (key, key_type)) - return TRUE; - - return FALSE; -} - -gboolean nm_is_enc_key_valid (const char *key, NMEncKeyType key_type) -{ - if ( key - && strlen (key) - && (key_type != NM_ENC_TYPE_UNKNOWN) - && (key_type != NM_ENC_TYPE_NONE)) - return TRUE; - - return FALSE; -} - gboolean nm_ap_has_manufacturer_default_essid (NMAccessPoint *ap) { int i; diff --git a/src/NetworkManagerAP.h b/src/NetworkManagerAP.h index da3cbd8b06..daea7cdd02 100644 --- a/src/NetworkManagerAP.h +++ b/src/NetworkManagerAP.h @@ -26,6 +26,7 @@ #include #include "NetworkManager.h" #include "wpa.h" +#include "nm-ap-security.h" typedef struct NMAccessPoint NMAccessPoint; @@ -42,9 +43,6 @@ void nm_ap_set_timestamp (NMAccessPoint *ap, const GTimeVal *timestamp); char * nm_ap_get_essid (const NMAccessPoint *ap); void nm_ap_set_essid (NMAccessPoint *ap, const char *essid); -const char * nm_ap_get_enc_key_source (const NMAccessPoint *ap); -char * nm_ap_get_enc_key_hashed (const NMAccessPoint *ap); -void nm_ap_set_enc_key_source (NMAccessPoint *ap, const char *key, NMEncKeyType type); NMEncKeyType nm_ap_get_enc_type (const NMAccessPoint *ap); int nm_ap_get_auth_method (const NMAccessPoint *ap); @@ -53,6 +51,9 @@ void nm_ap_set_auth_method (NMAccessPoint *ap, int auth_method); gboolean nm_ap_get_encrypted (const NMAccessPoint *ap); void nm_ap_set_encrypted (NMAccessPoint *ap, gboolean privacy); +NMAPSecurity * nm_ap_get_security (const NMAccessPoint *ap); +void nm_ap_set_security (NMAccessPoint *ap, NMAPSecurity *security); + const struct ether_addr * nm_ap_get_address (const NMAccessPoint *ap); void nm_ap_set_address (NMAccessPoint *ap, const struct ether_addr *addr); @@ -89,10 +90,6 @@ void nm_ap_set_user_created (NMAccessPoint *ap, gboolean user_created); GSList * nm_ap_get_user_addresses (const NMAccessPoint *ap); void nm_ap_set_user_addresses (NMAccessPoint *ap, GSList *list); -/* Helper */ -gboolean nm_ap_is_enc_key_valid (NMAccessPoint *ap); -gboolean nm_is_enc_key_valid (const char *key, NMEncKeyType key_type); - void nm_ap_set_capabilities_from_wpa_ie (NMAccessPoint *ap, const guint8 *wpa_ie, guint32 length); /* diff --git a/src/NetworkManagerAPList.c b/src/NetworkManagerAPList.c index 9f46d37d8e..e2e8652d36 100644 --- a/src/NetworkManagerAPList.c +++ b/src/NetworkManagerAPList.c @@ -528,17 +528,7 @@ void nm_ap_list_copy_properties (NMAccessPointList *dest, NMAccessPointList *sou if ((src_ap = nm_ap_list_get_ap_by_essid (source, nm_ap_get_essid (dest_ap)))) { nm_ap_set_invalid (dest_ap, nm_ap_get_invalid (src_ap)); - nm_ap_set_enc_key_source (dest_ap, nm_ap_get_enc_key_source (src_ap), nm_ap_get_enc_type (src_ap)); - if (nm_ap_get_auth_method (src_ap) != -1) - { - /* Ensure that we don't set the NONE auth method from the src_ap - * if the dest_ap has encryption enabled. - */ - if (nm_ap_get_encrypted (dest_ap) && (nm_ap_get_auth_method (src_ap) != 0)) - nm_ap_set_auth_method (dest_ap, nm_ap_get_auth_method (src_ap)); - else if (!nm_ap_get_encrypted (dest_ap)) - nm_ap_set_auth_method (dest_ap, 0); - } + nm_ap_set_security (dest_ap, nm_ap_get_security (src_ap)); nm_ap_set_timestamp (dest_ap, nm_ap_get_timestamp (src_ap)); } } @@ -789,10 +779,11 @@ void nm_ap_list_print_members (NMAccessPointList *list, const char *name) nm_warning ("AP_LIST_PRINT: printing members of '%s'", name); while ((ap = nm_ap_list_iter_next (iter))) { - const GTimeVal *timestamp = nm_ap_get_timestamp (ap); - const GTimeVal *seen = nm_ap_get_last_seen (ap); + const GTimeVal * timestamp = nm_ap_get_timestamp (ap); + const GTimeVal * seen = nm_ap_get_last_seen (ap); + NMAPSecurity * security = nm_ap_get_security (ap); nm_warning ("\t%d)\tobj=%p, essid='%s', timestamp=%ld, key='%s', enc=%d, addr=%p, strength=%d, %s=%f, rate=%d, inval=%d, mode=%d, seen=%ld", - i, ap, nm_ap_get_essid (ap), timestamp->tv_sec, nm_ap_get_enc_key_source (ap), nm_ap_get_encrypted (ap), + i, ap, nm_ap_get_essid (ap), timestamp->tv_sec, nm_ap_security_get_key (security), nm_ap_get_encrypted (ap), nm_ap_get_address (ap), nm_ap_get_strength (ap), (nm_ap_get_freq (ap) < 20) ? "channel" : "freq", nm_ap_get_freq (ap), nm_ap_get_rate (ap), nm_ap_get_invalid (ap), nm_ap_get_mode (ap), seen->tv_sec); i++; diff --git a/src/NetworkManagerDbus.c b/src/NetworkManagerDbus.c index 40018095a9..95ed9101bd 100644 --- a/src/NetworkManagerDbus.c +++ b/src/NetworkManagerDbus.c @@ -605,45 +605,48 @@ void nm_dbus_cancel_get_user_key_for_network (DBusConnection *connection, NMActR * Tell NetworkManagerInfo the updated info of the AP * */ -gboolean nm_dbus_update_network_info (DBusConnection *connection, NMAccessPoint *ap, const gboolean user_requested) +gboolean nm_dbus_update_network_info (DBusConnection *connection, NMAccessPoint *ap, const gboolean automatic) { - DBusMessage * message; - gboolean success = FALSE; - dbus_int32_t auth_method; - const char * essid; - const char * enc_key_source; - dbus_int32_t enc_key_type; + DBusMessage * message; + gboolean success = FALSE; + const char * essid; + NMAPSecurity * security; + DBusMessageIter iter; g_return_val_if_fail (connection != NULL, FALSE); g_return_val_if_fail (ap != NULL, FALSE); - auth_method = nm_ap_get_auth_method (ap); - if (auth_method == -1) - return FALSE; - essid = nm_ap_get_essid (ap); - if (!(enc_key_source = nm_ap_get_enc_key_source (ap))) - enc_key_source = ""; - enc_key_type = nm_ap_get_enc_type (ap); if (!(message = dbus_message_new_method_call (NMI_DBUS_SERVICE, NMI_DBUS_PATH, NMI_DBUS_INTERFACE, "updateNetworkInfo"))) { nm_warning ("nm_dbus_update_network_info(): Couldn't allocate the dbus message"); - return FALSE; + goto out; } - dbus_message_append_args (message, DBUS_TYPE_STRING, &essid, - DBUS_TYPE_STRING, &enc_key_source, - DBUS_TYPE_INT32, &enc_key_type, - DBUS_TYPE_INT32, &auth_method, - DBUS_TYPE_BOOLEAN, &user_requested, - DBUS_TYPE_INVALID); - if (!dbus_connection_send (connection, message, NULL)) - nm_warning ("nm_dbus_update_network_info(): failed to send dbus message."); - else - success = TRUE; + dbus_message_iter_init_append (message, &iter); + /* First argument: ESSID (STRING) */ + dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &essid); + + /* Second argument: Automatic (BOOLEAN) */ + dbus_message_iter_append_basic (&iter, DBUS_TYPE_BOOLEAN, &automatic); + + /* Serialize the AP's security info into the message */ + security = nm_ap_get_security (ap); + g_assert (security); + if (nm_ap_security_serialize (security, &iter) != 0) + goto unref; + + if (dbus_connection_send (connection, message, NULL)) + success = TRUE; + else + nm_warning ("nm_dbus_update_network_info(): failed to send dbus message."); + +unref: dbus_message_unref (message); + +out: return success; } @@ -741,15 +744,17 @@ static void free_get_networks_cb_data (GetNetworksCBData *data) static void nm_dbus_get_network_data_cb (DBusPendingCall *pcall, void *user_data) { GetOneNetworkCBData * cb_data = (GetOneNetworkCBData *)user_data; - DBusMessage * reply; - DBusError error; + DBusMessage * reply = NULL; + DBusMessageIter iter; + DBusMessageIter subiter; const char * essid = NULL; gint timestamp_secs = -1; - NMEncKeyType key_type = -1; gboolean trusted = FALSE; - int auth_method = -1; - char ** addresses; - int num_addresses; + GSList * addr_list = NULL; + NMAPSecurity * security; + NMAccessPoint * ap; + NMAccessPoint * list_ap; + GTimeVal * timestamp; g_return_if_fail (pcall != NULL); g_return_if_fail (cb_data != NULL); @@ -759,79 +764,101 @@ static void nm_dbus_get_network_data_cb (DBusPendingCall *pcall, void *user_data dbus_pending_call_ref (pcall); - if (!dbus_pending_call_get_completed (pcall)) - goto out; - if (!(reply = dbus_pending_call_steal_reply (pcall))) goto out; if (dbus_message_is_error (reply, "BadNetworkData")) { - dbus_message_unref (reply); nm_ap_list_remove_ap_by_essid (cb_data->list, cb_data->network); goto out; } - dbus_error_init (&error); - if (dbus_message_get_args (reply, &error, DBUS_TYPE_STRING, &essid, - DBUS_TYPE_INT32, ×tamp_secs, - DBUS_TYPE_INT32, &key_type, - DBUS_TYPE_INT32, &auth_method, - DBUS_TYPE_BOOLEAN, &trusted, - DBUS_TYPE_ARRAY, DBUS_TYPE_STRING, &addresses, &num_addresses, - DBUS_TYPE_INVALID)) + if (message_is_error (reply)) { - if (timestamp_secs > 0) - { - NMAccessPoint * ap; - NMAccessPoint * list_ap; - GTimeVal * timestamp = g_new0 (GTimeVal, 1); - GSList * addr_list = NULL; - int i; + DBusError err; - ap = nm_ap_new (); - nm_ap_set_essid (ap, essid); - - timestamp->tv_sec = timestamp_secs; - timestamp->tv_usec = 0; - nm_ap_set_timestamp (ap, timestamp); - g_free (timestamp); - - nm_ap_set_trusted (ap, trusted); - nm_ap_set_auth_method (ap, auth_method); - - /* We get the actual key when we try to connect, use NULL for now. */ - nm_ap_set_enc_key_source (ap, NULL, key_type); - - for (i = 0; i < num_addresses; i++) - if (strlen (addresses[i]) >= 11) - addr_list = g_slist_append (addr_list, g_strdup (addresses[i])); - nm_ap_set_user_addresses (ap, addr_list); - - if ((list_ap = nm_ap_list_get_ap_by_essid (cb_data->list, essid))) - { - nm_ap_set_essid (list_ap, nm_ap_get_essid (ap)); - nm_ap_set_timestamp (list_ap, nm_ap_get_timestamp (ap)); - nm_ap_set_trusted (list_ap, nm_ap_get_trusted (ap)); - nm_ap_set_enc_key_source (list_ap, nm_ap_get_enc_key_source (ap), nm_ap_get_enc_type (ap)); - nm_ap_set_auth_method (list_ap, nm_ap_get_auth_method (ap)); - nm_ap_set_user_addresses (list_ap, nm_ap_get_user_addresses (ap)); - } - else - { - /* New AP, just add it to the list */ - nm_ap_list_append_ap (cb_data->list, ap); - } - nm_ap_unref (ap); - - /* Ensure all devices get new information copied into their device lists */ - nm_policy_schedule_device_ap_lists_update_from_allowed (cb_data->data); - } - dbus_free_string_array (addresses); + dbus_error_init (&err); + dbus_set_error_from_message (&err, reply); + nm_warning ("nm_dbus_get_network_data_cb(): dbus returned an error.\n (%s) %s\n", err.name, err.message); + dbus_error_free (&err); + goto out; } - dbus_message_unref (reply); + + dbus_message_iter_init (reply, &iter); + + /* First arg: ESSID (STRING) */ + if (!dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_STRING) + goto out; + dbus_message_iter_get_basic (&iter, &essid); + + /* Second arg: Timestamp (INT32) */ + if (!dbus_message_iter_next (&iter) + || (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_INT32)) + goto out; + dbus_message_iter_get_basic (&iter, ×tamp_secs); + + /* Third arg: trusted (BOOLEAN) */ + if (!dbus_message_iter_next (&iter) + || (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_BOOLEAN)) + goto out; + dbus_message_iter_get_basic (&iter, &trusted); + + /* Fourth arg: BSSID addresses (ARRAY, STRING) */ + if (!dbus_message_iter_next (&iter) + || (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_ARRAY) + || (dbus_message_iter_get_element_type (&iter) != DBUS_TYPE_STRING)) + goto out; + dbus_message_iter_recurse (&iter, &subiter); + while (dbus_message_iter_get_arg_type (&subiter) == DBUS_TYPE_STRING) + { + char *address; + dbus_message_iter_get_basic (&subiter, &address); + if (address && strlen (address) >= 11) + addr_list = g_slist_append (addr_list, address); + dbus_message_iter_next (&subiter); + } + + /* Unserialize access point security info */ + if (!(security = nm_ap_security_new_deserialize (&iter))) + goto out; + + /* Construct the new access point */ + ap = nm_ap_new (); + nm_ap_set_essid (ap, essid); + nm_ap_set_security (ap, security); + + timestamp = g_malloc0 (sizeof (GTimeVal)); + timestamp->tv_sec = timestamp_secs; + timestamp->tv_usec = 0; + nm_ap_set_timestamp (ap, timestamp); + g_free (timestamp); + + nm_ap_set_trusted (ap, trusted); + nm_ap_set_user_addresses (ap, addr_list); + + if ((list_ap = nm_ap_list_get_ap_by_essid (cb_data->list, essid))) + { + nm_ap_set_essid (list_ap, nm_ap_get_essid (ap)); + nm_ap_set_timestamp (list_ap, nm_ap_get_timestamp (ap)); + nm_ap_set_trusted (list_ap, nm_ap_get_trusted (ap)); + nm_ap_set_security (list_ap, nm_ap_get_security (ap)); + nm_ap_set_user_addresses (list_ap, nm_ap_get_user_addresses (ap)); + } + else + { + /* New AP, just add it to the list */ + nm_ap_list_append_ap (cb_data->list, ap); + } + nm_ap_unref (ap); + + /* Ensure all devices get new information copied into their device lists */ + nm_policy_schedule_device_ap_lists_update_from_allowed (cb_data->data); out: + if (addr_list) + g_slist_free (addr_list); + if (reply) + dbus_message_unref (reply); dbus_pending_call_unref (pcall); } diff --git a/src/NetworkManagerDevice.c b/src/NetworkManagerDevice.c index 4d0ec530cd..9e944dd5a4 100644 --- a/src/NetworkManagerDevice.c +++ b/src/NetworkManagerDevice.c @@ -2124,37 +2124,6 @@ NMActRequest *nm_device_get_act_request (NMDevice *dev) } -/* - * get_initial_auth_method - * - * Update the auth method of the AP from the last-known-good one saved in the allowed list - * (which is found from NMI) and ensure that its valid with the encryption status of the AP. - * - */ -static int get_initial_auth_method (NMAccessPoint *ap, NMAccessPointList *allowed_list) -{ - g_return_val_if_fail (ap != NULL, IW_AUTH_ALG_OPEN_SYSTEM); - - if (nm_ap_get_encrypted (ap)) - { - int auth = nm_ap_get_auth_method (ap); - NMAccessPoint *allowed_ap = nm_ap_list_get_ap_by_essid (allowed_list, nm_ap_get_essid (ap)); - - /* Prefer default auth method if we found one for this AP in our allowed list. */ - if (allowed_ap) - auth = nm_ap_get_auth_method (allowed_ap); - - if ( (auth == IW_AUTH_ALG_OPEN_SYSTEM) - || (auth == IW_AUTH_ALG_SHARED_KEY)) - return (auth); - else - return (IW_AUTH_ALG_OPEN_SYSTEM); - } - - return 0; -} - - /* * nm_device_activate_stage1_device_prepare * @@ -2163,9 +2132,10 @@ static int get_initial_auth_method (NMAccessPoint *ap, NMAccessPointList *allowe */ static gboolean nm_device_activate_stage1_device_prepare (NMActRequest *req) { - NMDevice * dev; - NMData * data; - NMAccessPoint * ap; + NMDevice * dev; + NMData * data; + NMAccessPoint *ap; + NMAPSecurity * security; g_return_val_if_fail (req != NULL, FALSE); @@ -2177,28 +2147,6 @@ static gboolean nm_device_activate_stage1_device_prepare (NMActRequest *req) nm_info ("Activation (%s) Stage 1 (Device Prepare) started...", nm_device_get_iface (dev)); - if (nm_device_is_802_11_wireless (dev)) - { - ap = nm_act_request_get_ap (req); - g_assert (ap); - - if (nm_ap_get_artificial (ap)) - { - /* Some Cisco cards (340/350 PCMCIA) don't return non-broadcasting APs - * in their scan results, so we can't know beforehand whether or not the - * AP was encrypted. We have to update their encryption status on the fly. - */ - if (nm_ap_get_encrypted (ap) || nm_ap_is_enc_key_valid (ap)) - { - nm_ap_set_encrypted (ap, TRUE); - nm_ap_set_auth_method (ap, IW_AUTH_ALG_OPEN_SYSTEM); - } - } - - /* Initial authentication method */ - nm_ap_set_auth_method (ap, get_initial_auth_method (ap, data->allowed_ap_list)); - } - if (nm_device_activation_should_cancel (dev)) nm_device_schedule_activation_handle_cancel (req); else @@ -2279,14 +2227,17 @@ static gboolean nm_device_is_up_and_associated_wait (NMDevice *dev, int timeout, */ static gboolean nm_device_set_wireless_config (NMDevice *dev, NMAccessPoint *ap) { - int auth; - const char *essid = NULL; + const char * essid = NULL; + NMAPSecurity * security; + int we_cipher; g_return_val_if_fail (dev != NULL, FALSE); g_return_val_if_fail (nm_device_is_802_11_wireless (dev), FALSE); g_return_val_if_fail (ap != NULL, FALSE); g_return_val_if_fail (nm_ap_get_essid (ap) != NULL, FALSE); - g_return_val_if_fail (nm_ap_get_auth_method (ap) != -1, FALSE); + + security = nm_ap_get_security (ap); + g_return_val_if_fail (security != NULL, FALSE); dev->options.wireless.failed_link_count = 0; @@ -2297,7 +2248,6 @@ static gboolean nm_device_set_wireless_config (NMDevice *dev, NMAccessPoint *ap) nm_device_set_mode (dev, IW_MODE_INFRA); essid = nm_ap_get_essid (ap); - auth = nm_ap_get_auth_method (ap); nm_device_set_mode (dev, nm_ap_get_mode (ap)); nm_device_set_bitrate (dev, 0); @@ -2307,29 +2257,13 @@ static gboolean nm_device_set_wireless_config (NMDevice *dev, NMAccessPoint *ap) else nm_device_set_frequency (dev, 0); /* auto */ - if (nm_ap_get_encrypted (ap) && nm_ap_is_enc_key_valid (ap)) - { - char * hashed_key = nm_ap_get_enc_key_hashed (ap); - - if (auth == 0) - { - nm_ap_set_auth_method (ap, IW_AUTH_ALG_OPEN_SYSTEM); - nm_warning ("Activation (%s/wireless): AP '%s' said it was encrypted, but had " - "'none' for authentication method. Using Open System authentication method.", - nm_device_get_iface (dev), nm_ap_get_essid (ap)); - } - nm_device_set_enc_key (dev, hashed_key, auth); - g_free (hashed_key); - } - else - nm_device_set_enc_key (dev, NULL, 0); + /* FIXME: set card's config using wpa_supplicant, not ourselves */ + nm_ap_security_device_setup (security, dev); nm_device_set_essid (dev, essid); - nm_info ("Activation (%s/wireless): using essid '%s', with %s authentication.", - nm_device_get_iface (dev), essid, (auth == 0) ? "no" : - ((auth == IW_AUTH_ALG_OPEN_SYSTEM) ? "Open System" : - ((auth == IW_AUTH_ALG_SHARED_KEY) ? "Shared Key" : "unknown"))); + nm_info ("Activation (%s/wireless): using essid '%s', with '%s' security.", + nm_device_get_iface (dev), essid, nm_ap_security_get_description (security)); /* Bring the device up and pause to allow card to associate. After we set the ESSID * on the card, the card has to scan all channels to find our requested AP (which can @@ -2557,6 +2491,7 @@ static gboolean nm_device_wireless_wait_for_link (NMDevice *dev, const char *ess } +#if 0 static gboolean ap_need_key (NMDevice *dev, NMAccessPoint *ap) { char *essid; @@ -2591,6 +2526,7 @@ static gboolean ap_need_key (NMDevice *dev, NMAccessPoint *ap) return need_key; } +#endif /* @@ -2621,11 +2557,14 @@ static void nm_device_wireless_configure (NMActRequest *req) nm_info ("Activation (%s/wireless) Stage 2 (Device Configure) will connect to access point '%s'.", nm_device_get_iface (dev), nm_ap_get_essid (ap)); +#if 0 +// FIXME if (ap_need_key (dev, ap)) { nm_dbus_get_user_key_for_network (data->dbus_connection, req, FALSE); return; } +#endif while (success == FALSE) { @@ -3461,16 +3400,7 @@ void nm_device_set_user_key_for_network (NMActRequest *req, const char *key, con } else { - NMAccessPoint * allowed_ap; - - /* Start off at Open System auth mode with the new key */ - nm_ap_set_auth_method (ap, IW_AUTH_ALG_OPEN_SYSTEM); - nm_ap_set_enc_key_source (ap, key, enc_type); - - /* Be sure to update NMI with the new auth mode */ - if ((allowed_ap = nm_ap_list_get_ap_by_essid (data->allowed_ap_list, nm_ap_get_essid (ap)))) - nm_ap_set_auth_method (allowed_ap, IW_AUTH_ALG_OPEN_SYSTEM); - + /* nm_ap_set_security (ap, security) */ nm_device_activate_schedule_stage1_device_prepare (req); } } @@ -3718,6 +3648,9 @@ NMAccessPoint * nm_device_get_best_ap (NMDevice *dev) { const GTimeVal *curtime = nm_ap_get_timestamp (tmp_ap); + /* Only connect to a blacklisted AP if the user has connected + * to this specific AP before. + */ gboolean blacklisted = nm_ap_has_manufacturer_default_essid (scan_ap); if (blacklisted) { @@ -3748,15 +3681,13 @@ NMAccessPoint * nm_device_get_best_ap (NMDevice *dev) { trusted_latest_timestamp = *nm_ap_get_timestamp (tmp_ap); trusted_best_ap = scan_ap; - /* Merge access point data (mainly to get updated WEP key) */ - nm_ap_set_enc_key_source (trusted_best_ap, nm_ap_get_enc_key_source (tmp_ap), nm_ap_get_enc_type (tmp_ap)); + nm_ap_set_security (trusted_best_ap, nm_ap_get_security (tmp_ap)); } else if (!blacklisted && !nm_ap_get_trusted (tmp_ap) && (curtime->tv_sec > untrusted_latest_timestamp.tv_sec)) { untrusted_latest_timestamp = *nm_ap_get_timestamp (tmp_ap); untrusted_best_ap = scan_ap; - /* Merge access point data (mainly to get updated WEP key) */ - nm_ap_set_enc_key_source (untrusted_best_ap, nm_ap_get_enc_key_source (tmp_ap), nm_ap_get_enc_type (tmp_ap)); + nm_ap_set_security (untrusted_best_ap, nm_ap_get_security (tmp_ap)); } } } @@ -3786,16 +3717,10 @@ NMAccessPoint * nm_device_wireless_get_activation_ap (NMDevice *dev, const char g_return_val_if_fail (dev != NULL, NULL); g_return_val_if_fail (dev->app_data != NULL, NULL); g_return_val_if_fail (essid != NULL, NULL); + g_return_val_if_fail (security != NULL, NULL); nm_debug ("Forcing AP '%s'", essid); -#if 0 - if ( key - && strlen (key) - && (key_type != NM_ENC_TYPE_UNKNOWN) - && (key_type != NM_ENC_TYPE_NONE)) - encrypted = TRUE; - /* Find the AP in our card's scan list first. * If its not there, create an entirely new AP. */ @@ -3806,11 +3731,6 @@ NMAccessPoint * nm_device_wireless_get_activation_ap (NMDevice *dev, const char */ ap = nm_ap_new (); nm_ap_set_essid (ap, essid); - nm_ap_set_encrypted (ap, encrypted); - if (encrypted) - nm_ap_set_auth_method (ap, IW_AUTH_ALG_OPEN_SYSTEM); - else - nm_ap_set_auth_method (ap, 0); nm_ap_set_artificial (ap, TRUE); nm_ap_list_append_ap (nm_device_ap_list_get (dev), ap); nm_ap_unref (ap); @@ -3822,20 +3742,7 @@ NMAccessPoint * nm_device_wireless_get_activation_ap (NMDevice *dev, const char */ nm_ap_list_remove_ap_by_essid (dev->app_data->invalid_ap_list, nm_ap_get_essid (ap)); } - - /* Now that this AP has an essid, copy over encryption keys and whatnot */ - if ((tmp_ap = nm_ap_list_get_ap_by_essid (dev->app_data->allowed_ap_list, nm_ap_get_essid (ap)))) - { - nm_ap_set_enc_key_source (ap, nm_ap_get_enc_key_source (tmp_ap), nm_ap_get_enc_type (tmp_ap)); - nm_ap_set_auth_method (ap, nm_ap_get_auth_method (tmp_ap)); - nm_ap_set_invalid (ap, nm_ap_get_invalid (tmp_ap)); - nm_ap_set_timestamp (ap, nm_ap_get_timestamp (tmp_ap)); - } - - /* Use the encryption key and type the user sent us if its valid */ - if (encrypted) - nm_ap_set_enc_key_source (ap, key, key_type); -#endif + nm_ap_set_security (ap, security); return ap; } @@ -3889,7 +3796,7 @@ static void nm_device_fake_ap_list (NMDevice *dev) if ((list_ap = nm_ap_list_get_ap_by_essid (dev->app_data->allowed_ap_list, nm_ap_get_essid (nm_ap)))) { nm_ap_set_timestamp (nm_ap, nm_ap_get_timestamp (list_ap)); - nm_ap_set_enc_key_source (nm_ap, nm_ap_get_enc_key_source (list_ap), nm_ap_get_enc_type (list_ap)); + nm_ap_set_security (nm_ap, nm_ap_get_security (list_ap)); } /* Add the AP to the device's AP list */ diff --git a/src/NetworkManagerWireless.c b/src/NetworkManagerWireless.c index b4bbad2ff3..60ceb389ba 100644 --- a/src/NetworkManagerWireless.c +++ b/src/NetworkManagerWireless.c @@ -22,11 +22,6 @@ #include #include #include "config.h" -#ifdef HAVE_GCRYPT -#include -#else -#include "gnome-keyring-md5.h" -#endif #include "NetworkManager.h" #include "NetworkManagerDevice.h" #include "NetworkManagerWireless.h" @@ -34,96 +29,6 @@ #include "NetworkManagerUtils.h" #include "utils/nm-utils.h" -/* - * nm_wireless_64bit_ascii_to_hex - * - * Convert an ASCII string into a suitable WEP key. - * - */ -char *nm_wireless_64bit_ascii_to_hex (const char *ascii) -{ - static char hex_digits[] = "0123456789abcdef"; - char *res; - int i; - - res = g_malloc (33); - for (i = 0; i < 16; i++) - { - res[2*i] = hex_digits[(ascii[i] >> 4) & 0xf]; - res[2*i+1] = hex_digits[ascii[i] & 0xf]; - } - - /* We chomp it at byte 10, since WEP keys only use 40 bits */ - res[10] = 0; - return (res); -} - - -/* - * nm_wireless_128bit_ascii_to_hex - * - * Convert an ascii string into a suitable string for use - * as a WEP key. - * - * Code originally by Alex Larsson and - * copyright Red Hat, Inc. under terms of the LGPL. - * - */ -char *nm_wireless_128bit_ascii_to_hex (const char *ascii) -{ - static char hex_digits[] = "0123456789abcdef"; - char *res; - int i; - - res = g_malloc (33); - for (i = 0; i < 16; i++) - { - res[2*i] = hex_digits[(ascii[i] >> 4) & 0xf]; - res[2*i+1] = hex_digits[ascii[i] & 0xf]; - } - /* We chomp it at byte 26, since WEP keys only use 104 bits */ - res[26] = 0; - - return (res); -} - - -/* - * nm_wireless_128bit_key_from_passphrase - * - * From a passphrase, generate a standard 128-bit WEP key using - * MD5 algorithm. - * - */ -char *nm_wireless_128bit_key_from_passphrase (const char *passphrase) -{ - char md5_data[65]; - char digest[16]; - int passphrase_len; - int i; - - g_return_val_if_fail (passphrase != NULL, NULL); - - passphrase_len = strlen (passphrase); - if (passphrase_len < 1) - return (NULL); - - /* Get at least 64 bits */ - for (i = 0; i < 64; i++) - md5_data [i] = passphrase [i % passphrase_len]; - - /* Null terminate md5 data-to-hash and hash it */ - md5_data[64] = 0; -#ifdef HAVE_GCRYPT - gcry_md_hash_buffer (GCRY_MD_MD5, digest, md5_data, 64); -#else - gnome_keyring_md5_string (md5_data, digest); -#endif - - return (nm_wireless_128bit_ascii_to_hex (digest)); -} - - /* * nm_wireless_stats_to_percent * diff --git a/src/NetworkManagerWireless.h b/src/NetworkManagerWireless.h index 7c3db3e73b..54670de09c 100644 --- a/src/NetworkManagerWireless.h +++ b/src/NetworkManagerWireless.h @@ -28,10 +28,6 @@ #include "NetworkManagerAPList.h" -char * nm_wireless_64bit_ascii_to_hex (const char *ascii); -char * nm_wireless_128bit_ascii_to_hex (const char *ascii); -char * nm_wireless_128bit_key_from_passphrase (const char *passphrase); - int nm_wireless_qual_to_percent (const struct iw_quality *qual, const struct iw_quality *max_qual, const struct iw_quality *avg_qual); diff --git a/src/nm-ap-security-private.h b/src/nm-ap-security-private.h index 8964b6eec0..b675fb7a64 100644 --- a/src/nm-ap-security-private.h +++ b/src/nm-ap-security-private.h @@ -28,5 +28,6 @@ void nm_ap_security_set_we_cipher (NMAPSecurity *self, int we_cipher); void nm_ap_security_set_key (NMAPSecurity *self, const char *key, int key_len); +void nm_ap_security_set_description (NMAPSecurity *self, const char *desc); #endif /* NM_AP_SECURITY_PRIVATE_H */ diff --git a/src/nm-ap-security-wep.c b/src/nm-ap-security-wep.c index e43fd25b09..069eea86d2 100644 --- a/src/nm-ap-security-wep.c +++ b/src/nm-ap-security-wep.c @@ -20,12 +20,15 @@ */ #include +#include #include #include #include "nm-ap-security.h" #include "nm-ap-security-wep.h" #include "nm-ap-security-private.h" +#include "dbus-helpers.h" +#include "NetworkManagerDevice.h" #define NM_AP_SECURITY_WEP_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY_WEP, NMAPSecurityWEPPrivate)) @@ -37,10 +40,10 @@ struct _NMAPSecurityWEPPrivate }; NMAPSecurityWEP * -nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher) +nm_ap_security_wep_new_deserialize (DBusMessageIter *iter, int we_cipher) { NMAPSecurityWEP * security = NULL; - char * key; + char * key = NULL; int key_len; int auth_algorithm; DBusMessageIter subiter; @@ -48,24 +51,7 @@ nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher) g_return_val_if_fail (iter != NULL, NULL); g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_WEP40) || (we_cipher == IW_AUTH_CIPHER_WEP104), NULL); - /* Next arg: key (DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE) */ - if ((dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_ARRAY) - || (dbus_message_iter_get_element_type (iter) != DBUS_TYPE_BYTE)) - goto out; - - dbus_message_iter_recurse (iter, &subiter); - dbus_message_iter_get_fixed_array (&subiter, &key, &key_len); - if (key_len <= 0) - goto out; - - /* Next arg: authentication algorithm (DBUS_TYPE_INT32) */ - if (!dbus_message_iter_next (iter)) - goto out; - if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32) - goto out; - - dbus_message_iter_get_basic (iter, &auth_algorithm); - if ((auth_algorithm != IW_AUTH_ALG_OPEN_SYSTEM) && (auth_algorithm != IW_AUTH_ALG_SHARED_KEY)) + if (!nmu_security_deserialize_wep (iter, &key, &key_len, &auth_algorithm)) goto out; /* Success, build up our security object */ @@ -74,16 +60,43 @@ nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher) nm_ap_security_set_key (NM_AP_SECURITY (security), key, key_len); security->priv->auth_algorithm = auth_algorithm; + if (we_cipher == IW_AUTH_CIPHER_WEP40) + nm_ap_security_set_description (NM_AP_SECURITY (security), _("40-bit WEP")); + else + nm_ap_security_set_description (NM_AP_SECURITY (security), _("104-bit WEP")); + out: return security; } +static int +real_serialize (NMAPSecurity *instance, DBusMessageIter *iter) +{ + NMAPSecurityWEP * self = NM_AP_SECURITY_WEP (instance); + + if (!nmu_security_serialize_wep (iter, + nm_ap_security_get_key (instance), + self->priv->auth_algorithm)) + return -1; + return 0; +} + static void real_write_wpa_supplicant_config (NMAPSecurity *instance, int fd) { NMAPSecurityWEP * self = NM_AP_SECURITY_WEP (instance); } +static int +real_device_setup (NMAPSecurity *instance, NMDevice * dev) +{ + NMAPSecurityWEP * self = NM_AP_SECURITY_WEP (instance); + + nm_device_set_enc_key (dev, nm_ap_security_get_key (instance), + self->priv->auth_algorithm); + return 0; +} + static void nm_ap_security_wep_init (NMAPSecurityWEP * self) { @@ -98,7 +111,9 @@ nm_ap_security_wep_class_init (NMAPSecurityWEPClass *klass) GObjectClass *object_class = G_OBJECT_CLASS (klass); NMAPSecurityClass *par_class = NM_AP_SECURITY_CLASS (klass); + par_class->serialize_func = real_serialize; par_class->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config; + par_class->device_setup_func = real_device_setup; g_type_class_add_private (object_class, sizeof (NMAPSecurityWEPPrivate)); } diff --git a/src/nm-ap-security-wep.h b/src/nm-ap-security-wep.h index c3c73c3aa0..0908b155c6 100644 --- a/src/nm-ap-security-wep.h +++ b/src/nm-ap-security-wep.h @@ -53,6 +53,6 @@ struct _NMAPSecurityWEPClass GType nm_ap_security_wep_get_type (void); -NMAPSecurityWEP * nm_ap_security_wep_new_from_dbus_message (DBusMessageIter *iter, int we_cipher); +NMAPSecurityWEP * nm_ap_security_wep_new_deserialize (DBusMessageIter *iter, int we_cipher); #endif /* NM_AP_SECURITY_WEP_H */ diff --git a/src/nm-ap-security-wpa-psk.c b/src/nm-ap-security-wpa-psk.c index 494d367f2c..8401be6dd7 100644 --- a/src/nm-ap-security-wpa-psk.c +++ b/src/nm-ap-security-wpa-psk.c @@ -20,12 +20,15 @@ */ #include +#include #include #include #include "nm-ap-security.h" #include "nm-ap-security-wpa-psk.h" #include "nm-ap-security-private.h" +#include "dbus-helpers.h" +#include "NetworkManagerDevice.h" #define NM_AP_SECURITY_WPA_PSK_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY_WPA_PSK, NMAPSecurityWPA_PSKPrivate)) @@ -38,7 +41,7 @@ struct _NMAPSecurityWPA_PSKPrivate }; NMAPSecurityWPA_PSK * -nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_cipher) +nm_ap_security_wpa_psk_new_deserialize (DBusMessageIter *iter, int we_cipher) { NMAPSecurityWPA_PSK * security = NULL; char * key; @@ -49,33 +52,7 @@ nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_ciph g_return_val_if_fail (iter != NULL, NULL); g_return_val_if_fail ((we_cipher == IW_AUTH_CIPHER_TKIP) || (we_cipher == IW_AUTH_CIPHER_CCMP), NULL); - /* Next arg: key (DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE) */ - if ((dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_ARRAY) - || (dbus_message_iter_get_element_type (iter) != DBUS_TYPE_BYTE)) - goto out; - - dbus_message_iter_get_fixed_array (iter, &key, &key_len); - if (key_len <= 0) - goto out; - - /* Next arg: WPA version (DBUS_TYPE_INT32) */ - if (!dbus_message_iter_next (iter)) - goto out; - if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32) - goto out; - - dbus_message_iter_get_basic (iter, &wpa_version); - if ((wpa_version != IW_AUTH_WPA_VERSION_WPA) && (wpa_version != IW_AUTH_WPA_VERSION_WPA2)) - goto out; - - /* Next arg: WPA key management (DBUS_TYPE_INT32) */ - if (!dbus_message_iter_next (iter)) - goto out; - if (dbus_message_iter_get_arg_type (iter) != DBUS_TYPE_INT32) - goto out; - - dbus_message_iter_get_basic (iter, &key_mgt); - if ((key_mgt != IW_AUTH_KEY_MGMT_PSK) && (key_mgt != IW_AUTH_KEY_MGMT_802_1X)) + if (!nmu_security_deserialize_wpa_psk (iter, &key, &key_len, &wpa_version, &key_mgt)) goto out; /* Success, build up our security object */ @@ -85,16 +62,41 @@ nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_ciph security->priv->wpa_version = wpa_version; security->priv->key_mgt = key_mgt; + if (we_cipher == IW_AUTH_CIPHER_TKIP) + nm_ap_security_set_description (NM_AP_SECURITY (security), _("WPA TKIP")); + else + nm_ap_security_set_description (NM_AP_SECURITY (security), _("WPA CCMP")); + out: return security; } +static int +real_serialize (NMAPSecurity *instance, DBusMessageIter *iter) +{ + NMAPSecurityWPA_PSK * self = NM_AP_SECURITY_WPA_PSK (instance); + + if (!nmu_security_serialize_wpa_psk (iter, + nm_ap_security_get_key (instance), + self->priv->wpa_version, + self->priv->key_mgt)) + return -1; + return 0; +} + static void real_write_wpa_supplicant_config (NMAPSecurity *instance, int fd) { NMAPSecurityWPA_PSK * self = NM_AP_SECURITY_WPA_PSK (instance); } +static int +real_device_setup (NMAPSecurity *self, NMDevice * dev) +{ + /* Stub; should be farmed out to wpa_supplicant eventually */ + return 0; +} + static void nm_ap_security_wpa_psk_init (NMAPSecurityWPA_PSK * self) { @@ -111,6 +113,7 @@ nm_ap_security_wpa_psk_class_init (NMAPSecurityWPA_PSKClass *klass) NMAPSecurityClass *par_class = NM_AP_SECURITY_CLASS (klass); par_class->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config; + par_class->device_setup_func = real_device_setup; g_type_class_add_private (object_class, sizeof (NMAPSecurityWPA_PSKPrivate)); } diff --git a/src/nm-ap-security-wpa-psk.h b/src/nm-ap-security-wpa-psk.h index bf0eb270f1..f8c146e27f 100644 --- a/src/nm-ap-security-wpa-psk.h +++ b/src/nm-ap-security-wpa-psk.h @@ -53,6 +53,6 @@ struct _NMAPSecurityWPA_PSKClass GType nm_ap_security_wpa_psk_get_type (void); -NMAPSecurityWPA_PSK * nm_ap_security_wpa_psk_new_from_dbus_message (DBusMessageIter *iter, int we_cipher); +NMAPSecurityWPA_PSK * nm_ap_security_wpa_psk_new_deserialize (DBusMessageIter *iter, int we_cipher); #endif /* NM_AP_SECURITY_WPA_PSK_H */ diff --git a/src/nm-ap-security.c b/src/nm-ap-security.c index f57e5cde63..b75138fe8b 100644 --- a/src/nm-ap-security.c +++ b/src/nm-ap-security.c @@ -20,6 +20,7 @@ */ #include +#include #include #include @@ -27,6 +28,7 @@ #include "nm-ap-security-private.h" #include "nm-ap-security-wep.h" #include "nm-ap-security-wpa-psk.h" +#include "NetworkManagerDevice.h" #define NM_AP_SECURITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_AP_SECURITY, NMAPSecurityPrivate)) @@ -34,6 +36,7 @@ struct _NMAPSecurityPrivate { int we_cipher; char * key; + char * description; gboolean dispose_has_run; }; @@ -47,12 +50,13 @@ nm_ap_security_new (int we_cipher) security = g_object_new (NM_TYPE_AP_SECURITY, NULL); security->priv->we_cipher = we_cipher; + security->priv->key = NULL; return security; } NMAPSecurity * -nm_ap_security_new_from_dbus_message (DBusMessageIter *iter) +nm_ap_security_new_deserialize (DBusMessageIter *iter) { NMAPSecurity * security = NULL; int we_cipher; @@ -76,12 +80,12 @@ nm_ap_security_new_from_dbus_message (DBusMessageIter *iter) { case IW_AUTH_CIPHER_WEP40: case IW_AUTH_CIPHER_WEP104: - security = NM_AP_SECURITY (nm_ap_security_wep_new_from_dbus_message (iter, we_cipher)); + security = NM_AP_SECURITY (nm_ap_security_wep_new_deserialize (iter, we_cipher)); break; case IW_AUTH_CIPHER_TKIP: case IW_AUTH_CIPHER_CCMP: - security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_dbus_message (iter, we_cipher)); + security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_deserialize (iter, we_cipher)); break; default: @@ -93,7 +97,8 @@ out: return security; } -void nm_ap_security_write_wpa_supplicant_config (NMAPSecurity *self, int fd) +void +nm_ap_security_write_wpa_supplicant_config (NMAPSecurity *self, int fd) { g_return_if_fail (self != NULL); g_return_if_fail (fd >= 0); @@ -133,33 +138,90 @@ nm_ap_security_set_key (NMAPSecurity *self, const char *key, int key_len) memcpy (self->priv->key, key, key_len); } +static int +real_serialize (NMAPSecurity *self, DBusMessageIter *iter) +{ + /* Nothing to do */ + return 0; +} + static void real_write_wpa_supplicant_config (NMAPSecurity *self, int fd) { } -int nm_ap_security_get_we_cipher (NMAPSecurity *self) +static int +real_device_setup (NMAPSecurity *self, NMDevice * dev) { - NMAPSecurityPrivate *priv; + /* unencrypted */ + nm_device_set_enc_key (dev, NULL, 0); + return 0; +} +int +nm_ap_security_get_we_cipher (NMAPSecurity *self) +{ g_return_val_if_fail (self != NULL, -1); - priv = NM_AP_SECURITY_GET_PRIVATE (self); - - return priv->we_cipher; + return self->priv->we_cipher; } -const char * nm_ap_security_get_key (NMAPSecurity *self) +const char * +nm_ap_security_get_key (NMAPSecurity *self) { - NMAPSecurityPrivate *priv; - g_return_val_if_fail (self != NULL, NULL); - priv = NM_AP_SECURITY_GET_PRIVATE (self); - - return priv->key; + return self->priv->key; } +const char * +nm_ap_security_get_description (NMAPSecurity *self) +{ + g_return_val_if_fail (self != NULL, NULL); + + return self->priv->description; +} + +void +nm_ap_security_set_description (NMAPSecurity *self, const char *desc) +{ + g_return_if_fail (self != NULL); + g_return_if_fail (desc != NULL); + + self->priv->description = (char *) desc; +} + +int +nm_ap_security_device_setup (NMAPSecurity *self, NMDevice *dev) +{ + g_return_val_if_fail (self != NULL, -1); + g_return_val_if_fail (dev != NULL, -1); + + if (self->priv->dispose_has_run) + return -1; + + return NM_AP_SECURITY_GET_CLASS (self)->device_setup_func (self, dev); +} + +int +nm_ap_security_serialize (NMAPSecurity *self, DBusMessageIter *iter) +{ + dbus_int32_t dbus_we_cipher; + + g_return_val_if_fail (self != NULL, -1); + g_return_val_if_fail (iter != NULL, -1); + + if (self->priv->dispose_has_run) + return -1; + + /* First arg: WE cipher (INT32) */ + dbus_we_cipher = (dbus_int32_t) self->priv->we_cipher; + dbus_message_iter_append_basic (iter, DBUS_TYPE_INT32, &dbus_we_cipher); + + return NM_AP_SECURITY_GET_CLASS (self)->serialize_func (self, iter); +} + + static void nm_ap_security_init (NMAPSecurity * self) { @@ -167,6 +229,7 @@ nm_ap_security_init (NMAPSecurity * self) self->priv->dispose_has_run = FALSE; self->priv->we_cipher = IW_AUTH_CIPHER_NONE; self->priv->key = NULL; + self->priv->description = _("none"); } static void @@ -213,7 +276,9 @@ nm_ap_security_class_init (NMAPSecurityClass *klass) object_class->dispose = nm_ap_security_dispose; object_class->finalize = nm_ap_security_finalize; + klass->serialize_func = real_serialize; klass->write_wpa_supplicant_config_func = real_write_wpa_supplicant_config; + klass->device_setup_func = real_device_setup; g_type_class_add_private (object_class, sizeof (NMAPSecurityPrivate)); } diff --git a/src/nm-ap-security.h b/src/nm-ap-security.h index 10c3471098..001879a410 100644 --- a/src/nm-ap-security.h +++ b/src/nm-ap-security.h @@ -44,23 +44,35 @@ struct _NMAPSecurity NMAPSecurityPrivate *priv; }; +struct NMDevice; + struct _NMAPSecurityClass { GObjectClass parent; /* class members */ - void (*write_wpa_supplicant_config_func) (NMAPSecurity *self, int fd); + int (*serialize_func) (NMAPSecurity *self, DBusMessageIter *iter); + + void (*write_wpa_supplicant_config_func)(NMAPSecurity *self, int fd); + + int (*device_setup_func) (NMAPSecurity *self, struct NMDevice * dev); }; GType nm_ap_security_get_type (void); -NMAPSecurity * nm_ap_security_new_from_dbus_message (DBusMessageIter *iter); +NMAPSecurity * nm_ap_security_new_deserialize (DBusMessageIter *iter); int nm_ap_security_get_we_cipher (NMAPSecurity *self); const char * nm_ap_security_get_key (NMAPSecurity *self); +int nm_ap_security_serialize (NMAPSecurity *self, DBusMessageIter *iter); + void nm_ap_security_write_wpa_supplicant_config (NMAPSecurity *self, int fd); +int nm_ap_security_device_setup (NMAPSecurity *self, struct NMDevice *dev); + +const char *nm_ap_security_get_description (NMAPSecurity *self); + #endif /* NM_AP_SECURITY_H */ diff --git a/src/nm-dbus-nm.c b/src/nm-dbus-nm.c index 2939717ba9..1a994e7670 100644 --- a/src/nm-dbus-nm.c +++ b/src/nm-dbus-nm.c @@ -184,8 +184,8 @@ out: */ static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DBusMessage *message, NMDbusCBData *data) { -#define INVALID_ARGS_ERROR "InvalidArguments" -#define INVALID_ARGS_MESSAGE "NetworkManager::setActiveDevice called with invalid arguments." + const char * INVALID_ARGS_ERROR = "InvalidArguments"; + const char * INVALID_ARGS_MESSAGE = "NetworkManager::setActiveDevice called with invalid arguments."; NMDevice * dev = NULL; DBusMessage * reply = NULL; char * dev_path; @@ -224,7 +224,7 @@ static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DB NMAPSecurity * security = NULL; char * essid = NULL; - if (!dbus_message_iter_next (&iter)) + if (!dbus_message_iter_next (&iter) || (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_STRING)) { reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); goto out; @@ -232,19 +232,13 @@ static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DB /* grab ssid and ensure validity */ dbus_message_iter_get_basic (&iter, &essid); - if (!essid || (strlen (essid) <= 0)) + if (!essid || (strlen (essid) <= 0) || !dbus_message_iter_next (&iter)) { reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); goto out; } - if (!dbus_message_iter_next (&iter)) - { - reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); - goto out; - } - - if (!(security = nm_ap_security_new_from_dbus_message (&iter))) + if (!(security = nm_ap_security_new_deserialize (&iter))) { reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); goto out; @@ -252,6 +246,7 @@ static DBusMessage *nm_dbus_nm_set_active_device (DBusConnection *connection, DB /* Set up the wireless-specific activation request properties */ ap = nm_device_wireless_get_activation_ap (dev, essid, security); + g_object_unref (G_OBJECT (security)); nm_info ("User Switch: %s / %s", dev_path, essid); } @@ -276,68 +271,76 @@ out: */ static DBusMessage *nm_dbus_nm_create_wireless_network (DBusConnection *connection, DBusMessage *message, NMDbusCBData *data) { + const char * INVALID_ARGS_ERROR = "InvalidArguments"; + const char * INVALID_ARGS_MESSAGE = "NetworkManager::createWirelessNetwork called with invalid arguments."; NMDevice * dev = NULL; DBusMessage * reply = NULL; char * dev_path = NULL; + char * unescaped_dev_path = NULL; NMAccessPoint * new_ap = NULL; - char * network = NULL; - char * key = NULL; - int key_type = -1; - DBusError error; + NMAPSecurity * security = NULL; + char * essid = NULL; + DBusMessageIter iter; g_return_val_if_fail (connection != NULL, NULL); g_return_val_if_fail (message != NULL, NULL); g_return_val_if_fail (data != NULL, NULL); g_return_val_if_fail (data->data != NULL, NULL); - /* Try to grab both device _and_ network first, and if that fails then just the device. */ - dbus_error_init (&error); - if (!dbus_message_get_args (message, &error, DBUS_TYPE_OBJECT_PATH, &dev_path, - DBUS_TYPE_STRING, &network, - DBUS_TYPE_STRING, &key, - DBUS_TYPE_INT32, &key_type, DBUS_TYPE_INVALID)) - { - reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "InvalidArguments", - "NetworkManager::createWirelessNetwork called with invalid arguments."); - return reply; - } else nm_info ("Creating network '%s' on device '%s'.", network, dev_path); + dbus_message_iter_init (message, &iter); - dev_path = nm_dbus_unescape_object_path (dev_path); - dev = nm_dbus_get_device_from_object_path (data->data, dev_path); - g_free (dev_path); + if (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_OBJECT_PATH) + { + reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); + goto out; + } + + dbus_message_iter_get_basic (&iter, &dev_path); + unescaped_dev_path = nm_dbus_unescape_object_path (dev_path); + dev = nm_dbus_get_device_from_object_path (data->data, unescaped_dev_path); + g_free (unescaped_dev_path); + + /* Ensure the device exists in our list and is supported */ if (!dev || !(nm_device_get_capabilities (dev) & NM_DEVICE_CAP_NM_SUPPORTED)) { reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "DeviceNotFound", "The requested network device does not exist."); - return reply; - } - nm_device_ref (dev); - - /* Make sure network is valid and device is wireless */ - if (!nm_device_is_802_11_wireless (dev) || !network) - { - reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, "InvalidArguments", - "NetworkManager::createWirelessNetwork called with invalid arguments."); goto out; } - new_ap = nm_ap_new (); - - /* Fill in the description of the network to create */ - nm_ap_set_essid (new_ap, network); - if (nm_is_enc_key_valid (key, (NMEncKeyType)key_type)) + if ( !nm_device_is_802_11_wireless (dev) + || !dbus_message_iter_next (&iter) + || (dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_STRING)) { - nm_ap_set_encrypted (new_ap, TRUE); - nm_ap_set_enc_key_source (new_ap, key, (NMEncKeyType)key_type); - nm_ap_set_auth_method (new_ap, IW_AUTH_ALG_OPEN_SYSTEM); + reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); + goto out; } - nm_ap_set_mode (new_ap, IW_MODE_ADHOC); + + /* grab ssid and ensure validity */ + dbus_message_iter_get_basic (&iter, &essid); + if (!essid || (strlen (essid) <= 0) || !dbus_message_iter_next (&iter)) + { + reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); + goto out; + } + + if (!(security = nm_ap_security_new_deserialize (&iter))) + { + reply = nm_dbus_create_error_message (message, NM_DBUS_INTERFACE, INVALID_ARGS_ERROR, INVALID_ARGS_MESSAGE); + goto out; + } + + nm_info ("Creating network '%s' on device '%s'.", essid, dev_path); + + new_ap = nm_ap_new (); + nm_ap_set_essid (new_ap, essid); + nm_ap_set_security (new_ap, security); + g_object_unref (G_OBJECT (security)); nm_ap_set_user_created (new_ap, TRUE); nm_policy_schedule_device_activation (nm_act_request_new (data->data, dev, new_ap, TRUE)); out: - nm_device_unref (dev); return reply; }