From b3800183b434bbaf90d627a2e44c631cf04e8b71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
Date: Thu, 16 Dec 2010 13:49:28 +0100
Subject: [PATCH] libnm-util: fix nm_utils_security_valid() checks for Ad-Hoc
 APs (rh #632123)

Without the fix fake Ad-Hoc APs created by nm-applet's "Create New Wireless
Network..." don't pass the check and nm-applet can crash.
---
 libnm-util/nm-utils.c | 38 ++++++++++++++++++++++++++++----------
 1 file changed, 28 insertions(+), 10 deletions(-)

diff --git a/libnm-util/nm-utils.c b/libnm-util/nm-utils.c
index ce13da3c86..9c3662f47f 100644
--- a/libnm-util/nm-utils.c
+++ b/libnm-util/nm-utils.c
@@ -1269,14 +1269,24 @@ nm_utils_security_valid (NMUtilsSecurityType type,
 		if (!(wifi_caps & NM_WIFI_DEVICE_CAP_WPA))
 			return FALSE;
 		if (have_ap) {
-			/* Ad-Hoc WPA APs won't necessarily have the PSK flag set */
-			if ((ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK) || adhoc) {
-				if (   (ap_wpa & NM_802_11_AP_SEC_PAIR_TKIP)
+			/* Ad-Hoc WPA APs won't necessarily have the PSK flag set, and
+			 * they don't have any pairwise ciphers. */
+			if (adhoc) {
+				if (   (ap_wpa & NM_802_11_AP_SEC_GROUP_TKIP)
 				    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP))
 					return TRUE;
-				if (   (ap_wpa & NM_802_11_AP_SEC_PAIR_CCMP)
+				if (   (ap_wpa & NM_802_11_AP_SEC_GROUP_CCMP)
 				    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
 					return TRUE;
+			} else {
+				if (ap_wpa & NM_802_11_AP_SEC_KEY_MGMT_PSK) {
+					if (   (ap_wpa & NM_802_11_AP_SEC_PAIR_TKIP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP))
+						return TRUE;
+					if (   (ap_wpa & NM_802_11_AP_SEC_PAIR_CCMP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
+						return TRUE;
+				}
 			}
 			return FALSE;
 		}
@@ -1285,14 +1295,22 @@ nm_utils_security_valid (NMUtilsSecurityType type,
 		if (!(wifi_caps & NM_WIFI_DEVICE_CAP_RSN))
 			return FALSE;
 		if (have_ap) {
-			/* Ad-Hoc WPA APs won't necessarily have the PSK flag set */
-			if ((ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK) || adhoc) {
-				if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_TKIP)
-				    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP))
+			/* Ad-Hoc WPA APs won't necessarily have the PSK flag set, and
+			 * they don't have any pairwise ciphers, nor any RSA flags yet. */
+			if (adhoc) {
+				if (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP)
 					return TRUE;
-				if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_CCMP)
-				    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
+				if (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP)
 					return TRUE;
+			} else {
+				if (ap_rsn & NM_802_11_AP_SEC_KEY_MGMT_PSK) {
+					if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_TKIP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_TKIP))
+						return TRUE;
+					if (   (ap_rsn & NM_802_11_AP_SEC_PAIR_CCMP)
+					    && (wifi_caps & NM_WIFI_DEVICE_CAP_CIPHER_CCMP))
+						return TRUE;
+				}
 			}
 			return FALSE;
 		}