diff --git a/man/nmcli.xml b/man/nmcli.xml
index fad874f6a9..fabb590f24 100644
--- a/man/nmcli.xml
+++ b/man/nmcli.xml
@@ -1880,6 +1880,13 @@
+
+
+
+ Connection that uses deprecated settings. It might not be possible to activate it.
+
+
+
@@ -2104,6 +2111,13 @@
+
+
+
+ Wi-Fi network that might be impossible to connect to due to use of deprecated functionality.
+
+
+
diff --git a/src/libnmc-setting/nm-meta-setting-desc.h b/src/libnmc-setting/nm-meta-setting-desc.h
index 9190525304..b08d4c08c9 100644
--- a/src/libnmc-setting/nm-meta-setting-desc.h
+++ b/src/libnmc-setting/nm-meta-setting-desc.h
@@ -91,6 +91,7 @@ typedef enum {
NM_META_COLOR_CONNECTION_INVISIBLE,
NM_META_COLOR_CONNECTION_EXTERNAL,
NM_META_COLOR_CONNECTION_UNKNOWN,
+ NM_META_COLOR_CONNECTION_DEPRECATED,
NM_META_COLOR_CONNECTIVITY_FULL,
NM_META_COLOR_CONNECTIVITY_LIMITED,
NM_META_COLOR_CONNECTIVITY_NONE,
@@ -126,6 +127,7 @@ typedef enum {
NM_META_COLOR_WIFI_SIGNAL_GOOD,
NM_META_COLOR_WIFI_SIGNAL_POOR,
NM_META_COLOR_WIFI_SIGNAL_UNKNOWN,
+ NM_META_COLOR_WIFI_DEPRECATED,
NM_META_COLOR_DISABLED,
NM_META_COLOR_ENABLED,
_NM_META_COLOR_NUM
diff --git a/src/nmcli/connections.c b/src/nmcli/connections.c
index a045fff0bc..bb73bb4918 100644
--- a/src/nmcli/connections.c
+++ b/src/nmcli/connections.c
@@ -513,6 +513,40 @@ _con_show_fcn_get_type(NMConnection *c, NMActiveConnection *ac, NMMetaAccessorGe
return connection_type_to_display(s, get_type);
}
+static const char *
+_connection_check_deprecated(NMConnection *c)
+{
+ NMSettingWirelessSecurity *s_wsec;
+ const char *key_mgmt;
+ const char *type;
+
+ type = nm_connection_get_connection_type(c);
+
+ if (strcmp(type, NM_SETTING_WIMAX_SETTING_NAME) == 0)
+ return _("WiMax is no longer supported");
+
+ s_wsec = nm_connection_get_setting_wireless_security(c);
+ if (s_wsec) {
+ key_mgmt = nm_setting_wireless_security_get_key_mgmt(s_wsec);
+ if (NM_IN_STRSET(key_mgmt, "ieee8021x", "none"))
+ return _("WEP encryption is known to be insecure");
+ }
+
+ return NULL;
+}
+
+static NMMetaColor
+_connection_to_color(NMConnection *c, NMActiveConnection *ac)
+{
+ if (ac)
+ return nmc_active_connection_state_to_color(ac);
+
+ if (_connection_check_deprecated(c))
+ return NM_META_COLOR_CONNECTION_DEPRECATED;
+
+ return NM_META_COLOR_CONNECTION_UNKNOWN;
+}
+
static gconstpointer
_metagen_con_show_get_fcn(NMC_META_GENERIC_INFO_GET_FCN_ARGS)
{
@@ -523,7 +557,7 @@ _metagen_con_show_get_fcn(NMC_META_GENERIC_INFO_GET_FCN_ARGS)
const char *s;
char *s_mut;
- NMC_HANDLE_COLOR(nmc_active_connection_state_to_color(ac));
+ NMC_HANDLE_COLOR(_connection_to_color(c, ac));
if (c)
s_con = nm_connection_get_setting_connection(c);
@@ -1478,9 +1512,6 @@ nmc_active_connection_state_to_color(NMActiveConnection *ac)
{
NMActiveConnectionState state;
- if (!ac)
- return NM_META_COLOR_CONNECTION_UNKNOWN;
-
if (NM_FLAGS_HAS(nm_active_connection_get_state_flags(ac), NM_ACTIVATION_STATE_FLAG_EXTERNAL))
return NM_META_COLOR_CONNECTION_EXTERNAL;
@@ -1881,6 +1912,7 @@ con_show_get_items_cmp(gconstpointer pa, gconstpointer pb, gpointer user_data)
}
}
+ NM_CMP_DIRECT(!!_connection_check_deprecated(c_a), !!_connection_check_deprecated(c_b));
NM_CMP_DIRECT_STRCMP0(nm_connection_get_uuid(c_a), nm_connection_get_uuid(c_b));
NM_CMP_DIRECT_STRCMP0(nm_connection_get_path(c_a), nm_connection_get_path(c_b));
}
@@ -5208,6 +5240,46 @@ nmc_process_connection_properties(NmCli *nmc,
return TRUE;
}
+static void
+connection_warnings(NmCli *nmc, NMConnection *connection)
+{
+ const GPtrArray *connections;
+ guint i, found;
+ const char *id;
+ const char *deprecated;
+
+ deprecated = _connection_check_deprecated(NM_CONNECTION(connection));
+ if (deprecated)
+ g_printerr(_("Warning: %s.\n"), deprecated);
+
+ connections = nm_client_get_connections(nmc->client);
+ if (!connections)
+ return;
+
+ id = nm_connection_get_id(connection);
+ found = 0;
+ for (i = 0; i < connections->len; i++) {
+ NMConnection *candidate = NM_CONNECTION(connections->pdata[i]);
+
+ if ((NMConnection *) connection == candidate)
+ continue;
+ if (nm_streq0(nm_connection_get_id(candidate), id))
+ found++;
+ }
+
+ if (found > 0) {
+ g_printerr(g_dngettext(GETTEXT_PACKAGE,
+ "Warning: There is another connection with the name '%1$s'. "
+ "Reference the connection by its uuid '%2$s'\n",
+ "Warning: There are %3$u other connections with the name "
+ "'%1$s'. Reference the connection by its uuid '%2$s'\n",
+ found),
+ id,
+ nm_connection_get_uuid(NM_CONNECTION(connection)),
+ found);
+ }
+}
+
static void
add_connection_cb(GObject *client, GAsyncResult *result, gpointer user_data)
{
@@ -5215,8 +5287,6 @@ add_connection_cb(GObject *client, GAsyncResult *result, gpointer user_data)
NmCli *nmc = info->nmc;
NMRemoteConnection *connection;
GError *error = NULL;
- const GPtrArray *connections;
- guint i, found;
connection = nm_client_add_connection2_finish(NM_CLIENT(client), result, NULL, &error);
if (error) {
@@ -5227,29 +5297,7 @@ add_connection_cb(GObject *client, GAsyncResult *result, gpointer user_data)
g_error_free(error);
nmc->return_value = NMC_RESULT_ERROR_CON_ACTIVATION;
} else {
- connections = nm_client_get_connections(nmc->client);
- if (connections) {
- found = 0;
- for (i = 0; i < connections->len; i++) {
- NMConnection *candidate = NM_CONNECTION(connections->pdata[i]);
-
- if ((NMConnection *) connection == candidate)
- continue;
- if (nm_streq0(nm_connection_get_id(candidate), info->new_id))
- found++;
- }
- if (found > 0) {
- g_printerr(g_dngettext(GETTEXT_PACKAGE,
- "Warning: There is another connection with the name '%1$s'. "
- "Reference the connection by its uuid '%2$s'\n",
- "Warning: There are %3$u other connections with the name "
- "'%1$s'. Reference the connection by its uuid '%2$s'\n",
- found),
- info->new_id,
- nm_connection_get_uuid(NM_CONNECTION(connection)),
- found);
- }
- }
+ connection_warnings(nmc, NM_CONNECTION(connection));
/* We print here human readable text, but as scripts might parse this output
* (with LANG=C), this is important to not change in the future. At least
@@ -8854,6 +8902,8 @@ modify_connection_cb(GObject *connection, GAsyncResult *result, gpointer user_da
error->message);
nmc->return_value = NMC_RESULT_ERROR_UNKNOWN;
} else {
+ connection_warnings(nmc, NM_CONNECTION(connection));
+
if (nmc->nmc_config.print_output == NMC_PRINT_PRETTY) {
g_print(_("Connection '%s' (%s) successfully modified.\n"),
nm_connection_get_id(NM_CONNECTION(connection)),
diff --git a/src/nmcli/devices.c b/src/nmcli/devices.c
index ded2a9eb8c..2bfc4cece3 100644
--- a/src/nmcli/devices.c
+++ b/src/nmcli/devices.c
@@ -1216,12 +1216,30 @@ get_device(NmCli *nmc, int *argc, const char *const **argv, GError **error)
return devices[i];
}
+static bool
+_ap_is_wep(NMAccessPoint *ap)
+{
+ NM80211ApFlags flags = nm_access_point_get_flags(ap);
+ NM80211ApSecurityFlags wpa_flags = nm_access_point_get_wpa_flags(ap);
+ NM80211ApSecurityFlags rsn_flags = nm_access_point_get_rsn_flags(ap);
+
+ if ((flags & NM_802_11_AP_FLAGS_PRIVACY) && (wpa_flags == NM_802_11_AP_SEC_NONE)
+ && (rsn_flags == NM_802_11_AP_SEC_NONE)) {
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
static int
compare_aps(gconstpointer a, gconstpointer b, gpointer user_data)
{
NMAccessPoint *apa = *(NMAccessPoint **) a;
NMAccessPoint *apb = *(NMAccessPoint **) b;
+ /* Sort the deprecated WEP connections last. */
+ NM_CMP_DIRECT(_ap_is_wep(apb), _ap_is_wep(apa));
+
NM_CMP_DIRECT(nm_access_point_get_strength(apb), nm_access_point_get_strength(apa));
NM_CMP_DIRECT(nm_access_point_get_frequency(apa), nm_access_point_get_frequency(apb));
NM_CMP_DIRECT(nm_access_point_get_max_bitrate(apb), nm_access_point_get_max_bitrate(apa));
@@ -1262,7 +1280,6 @@ fill_output_access_point(NMAccessPoint *ap, const APInfo *info)
{
NmcOutputField *arr;
gboolean active;
- NM80211ApFlags flags;
NM80211ApSecurityFlags wpa_flags, rsn_flags;
guint32 freq, bitrate;
guint8 strength;
@@ -1285,7 +1302,6 @@ fill_output_access_point(NMAccessPoint *ap, const APInfo *info)
active = (info->active_ap == ap);
/* Get AP properties */
- flags = nm_access_point_get_flags(ap);
wpa_flags = nm_access_point_get_wpa_flags(ap);
rsn_flags = nm_access_point_get_rsn_flags(ap);
ssid = nm_access_point_get_ssid(ap);
@@ -1314,26 +1330,27 @@ fill_output_access_point(NMAccessPoint *ap, const APInfo *info)
security_str = g_string_new(NULL);
- if ((flags & NM_802_11_AP_FLAGS_PRIVACY) && (wpa_flags == NM_802_11_AP_SEC_NONE)
- && (rsn_flags == NM_802_11_AP_SEC_NONE)) {
+ if (_ap_is_wep(ap)) {
g_string_append(security_str, "WEP ");
- }
- if (wpa_flags != NM_802_11_AP_SEC_NONE) {
- g_string_append(security_str, "WPA1 ");
- }
- if ((rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
- || (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
- g_string_append(security_str, "WPA2 ");
- }
- if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) {
- g_string_append(security_str, "WPA3 ");
- }
- if (NM_FLAGS_ANY(rsn_flags, NM_802_11_AP_SEC_KEY_MGMT_OWE | NM_802_11_AP_SEC_KEY_MGMT_OWE_TM)) {
- g_string_append(security_str, "OWE ");
- }
- if ((wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
- || (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
- g_string_append(security_str, "802.1X ");
+ } else {
+ if (wpa_flags != NM_802_11_AP_SEC_NONE) {
+ g_string_append(security_str, "WPA1 ");
+ }
+ if ((rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
+ || (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
+ g_string_append(security_str, "WPA2 ");
+ }
+ if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) {
+ g_string_append(security_str, "WPA3 ");
+ }
+ if (NM_FLAGS_ANY(rsn_flags,
+ NM_802_11_AP_SEC_KEY_MGMT_OWE | NM_802_11_AP_SEC_KEY_MGMT_OWE_TM)) {
+ g_string_append(security_str, "OWE ");
+ }
+ if ((wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)
+ || (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
+ g_string_append(security_str, "802.1X ");
+ }
}
if (security_str->len > 0)
@@ -1368,6 +1385,8 @@ fill_output_access_point(NMAccessPoint *ap, const APInfo *info)
/* Set colors */
color = wifi_signal_to_color(strength);
+ if (_ap_is_wep(ap))
+ color = NM_META_COLOR_WIFI_DEPRECATED;
set_val_color_all(arr, color);
if (active)
arr[15].color = NM_META_COLOR_CONNECTION_ACTIVATED;
diff --git a/src/nmcli/nmcli.c b/src/nmcli/nmcli.c
index fa5ce42687..96b8ec4a13 100644
--- a/src/nmcli/nmcli.c
+++ b/src/nmcli/nmcli.c
@@ -43,6 +43,7 @@
[NM_META_COLOR_CONNECTION_DISCONNECTING] = "31", \
[NM_META_COLOR_CONNECTION_INVISIBLE] = "2", \
[NM_META_COLOR_CONNECTION_EXTERNAL] = "32;2", \
+ [NM_META_COLOR_CONNECTION_DEPRECATED] = "2", \
[NM_META_COLOR_CONNECTIVITY_FULL] = "32", \
[NM_META_COLOR_CONNECTIVITY_LIMITED] = "33", \
[NM_META_COLOR_CONNECTIVITY_NONE] = "31", \
@@ -73,6 +74,7 @@
[NM_META_COLOR_WIFI_SIGNAL_GOOD] = "33", \
[NM_META_COLOR_WIFI_SIGNAL_POOR] = "36", \
[NM_META_COLOR_WIFI_SIGNAL_UNKNOWN] = "2", \
+ [NM_META_COLOR_WIFI_DEPRECATED] = "2", \
[NM_META_COLOR_ENABLED] = "32", \
[NM_META_COLOR_DISABLED] = "31", \
}, \
@@ -549,6 +551,7 @@ static NM_UTILS_STRING_TABLE_LOOKUP_DEFINE(
{"connection-external", NM_META_COLOR_CONNECTION_EXTERNAL},
{"connection-invisible", NM_META_COLOR_CONNECTION_INVISIBLE},
{"connection-unknown", NM_META_COLOR_CONNECTION_UNKNOWN},
+ {"connection-deprecated", NM_META_COLOR_CONNECTION_DEPRECATED},
{"connectivity-full", NM_META_COLOR_CONNECTIVITY_FULL},
{"connectivity-limited", NM_META_COLOR_CONNECTIVITY_LIMITED},
{"connectivity-none", NM_META_COLOR_CONNECTIVITY_NONE},
@@ -585,7 +588,8 @@ static NM_UTILS_STRING_TABLE_LOOKUP_DEFINE(
{"wifi-signal-fair", NM_META_COLOR_WIFI_SIGNAL_FAIR},
{"wifi-signal-good", NM_META_COLOR_WIFI_SIGNAL_GOOD},
{"wifi-signal-poor", NM_META_COLOR_WIFI_SIGNAL_POOR},
- {"wifi-signal-unknown", NM_META_COLOR_WIFI_SIGNAL_UNKNOWN}, );
+ {"wifi-signal-unknown", NM_META_COLOR_WIFI_SIGNAL_UNKNOWN},
+ {"wifi-deprecated", NM_META_COLOR_WIFI_DEPRECATED}, );
static gboolean
parse_color_scheme(char *palette_buffer, NmcColorPalette *out_palette, GError **error)