fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-05-05 04:08:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

wifi: drop support for wpa-none key-mgmt

Browse source 
NM didn't support wpa-none for years because kernel drivers used to be
broken. Note that it wasn't even possible to *add* a connection with
wpa-none because it was rejected in nm_settings_add_connection_dbus().
Given that wpa-none is also deprecated in wpa_supplicant and is
considered insecure, drop altogether any reference to it.
This commit is contained in:
Beniamino Galvani 2019-08-19 15:32:42 +02:00
parent 73b3806228
commit c97e0ce30b
17 changed files with 23 additions and 258 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
clients/common/nm-meta-setting-desc.c
View file

@ -7311,7 +7311,7 @@ static const NMMetaPropertyInfo *const property_infos_WIRELESS_SECURITY[] = {
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
.property_type = &_pt_gobject_string,
.property_typ_data = DEFINE_PROPERTY_TYP_DATA (
.values_static = NM_MAKE_STRV ("none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", "sae"),
.values_static = NM_MAKE_STRV ("none", "ieee8021x", "wpa-psk", "wpa-eap", "sae"),
),
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX,

2
clients/common/nm-secret-agent-simple.c
View file

@ -317,7 +317,7 @@ add_wireless_secrets (RequestData *request,
if (!key_mgmt)
return FALSE;
if (NM_IN_STRSET (key_mgmt, "wpa-none", "wpa-psk", "sae")) {
if (NM_IN_STRSET (key_mgmt, "wpa-psk", "sae")) {
secret = _secret_real_new_plain (NM_SECRET_AGENT_SECRET_TYPE_SECRET,
_("Password"),
NM_SETTING (s_wsec),

2
clients/common/settings-docs.h.in
View file

@ -24,7 +24,7 @@
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_AUTH_ALG N_("When WEP is used (ie, key-mgmt = \"none\" or \"ieee8021x\") indicate the 802.11 authentication algorithm required by the AP here. One of \"open\" for Open System, \"shared\" for Shared Key, or \"leap\" for Cisco LEAP. When using Cisco LEAP (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\") the \"leap-username\" and \"leap-password\" properties must be specified.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_FILS N_("Indicates whether Fast Initial Link Setup (802.11ai) must be enabled for the connection. One of NM_SETTING_WIRELESS_SECURITY_FILS_DEFAULT (0) (use global default value), NM_SETTING_WIRELESS_SECURITY_FILS_DISABLE (1) (disable FILS), NM_SETTING_WIRELESS_SECURITY_FILS_OPTIONAL (2) (enable FILS if the supplicant and the access point support it) or NM_SETTING_WIRELESS_SECURITY_FILS_REQUIRED (3) (enable FILS and fail if not supported). When set to NM_SETTING_WIRELESS_SECURITY_FILS_DEFAULT (0) and no global default is set, FILS will be optionally enabled.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_GROUP N_("A list of group/broadcast encryption algorithms which prevents connections to Wi-Fi networks that do not utilize one of the algorithms in the list. For maximum compatibility leave this property empty. Each list element may be one of \"wep40\", \"wep104\", \"tkip\", or \"ccmp\".")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_KEY_MGMT N_("Key management used for the connection. One of \"none\" (WEP), \"ieee8021x\" (Dynamic WEP), \"wpa-none\" (Ad-Hoc WPA-PSK), \"wpa-psk\" (infrastructure WPA-PSK), \"sae\" (SAE) or \"wpa-eap\" (WPA-Enterprise). This property must be set for any Wi-Fi connection that uses security.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_KEY_MGMT N_("Key management used for the connection. One of \"none\" (WEP), \"ieee8021x\" (Dynamic WEP), \"wpa-psk\" (infrastructure WPA-PSK), \"sae\" (SAE) or \"wpa-eap\" (WPA-Enterprise). This property must be set for any Wi-Fi connection that uses security.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD N_("The login password for legacy LEAP connections (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\").")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS N_("Flags indicating how to handle the \"leap-password\" property.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME N_("The login username for legacy LEAP connections (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\").")

3
clients/tui/nm-editor-bindings.c
View file

@ -601,8 +601,7 @@ get_security_type (NMEditorWirelessSecurityMethodBinding *binding)
return "dynamic-wep";
}
if ( !strcmp (key_mgmt, "wpa-none")
|| !strcmp (key_mgmt, "wpa-psk"))
if (!strcmp (key_mgmt, "wpa-psk"))
return "wpa-personal";
if (!strcmp (key_mgmt, "wpa-eap"))

43
libnm-core/nm-setting-wireless-security.c
View file

@ -849,9 +849,8 @@ need_secrets (NMSetting *setting)
goto no_secrets;
}
/* WPA-PSK infrastructure and adhoc */
if ( (strcmp (priv->key_mgmt, "wpa-none") == 0)
|| (strcmp (priv->key_mgmt, "wpa-psk") == 0)) {
/* WPA-PSK infrastructure */
if (strcmp (priv->key_mgmt, "wpa-psk") == 0) {
if (!nm_utils_wpa_psk_valid (priv->psk)) {
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PSK);
return secrets;
@ -899,7 +898,7 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
{
NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY (setting);
NMSettingWirelessSecurityPrivate *priv = NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self);
const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", "sae", NULL };
const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-psk", "wpa-eap", "sae", NULL };
const char *valid_auth_algs[] = { "open", "shared", "leap", NULL };
const char *valid_protos[] = { "wpa", "rsn", NULL };
const char *valid_pairwise[] = { "tkip", "ccmp", NULL };
@ -1024,33 +1023,7 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
}
if (priv->pairwise) {
const char *wpa_none[] = { "wpa-none", NULL };
/* For ad-hoc connections, pairwise must be "none" */
if (g_strv_contains (wpa_none, priv->key_mgmt)) {
GSList *iter;
gboolean found = FALSE;
for (iter = priv->pairwise; iter; iter = g_slist_next (iter)) {
if (!strcmp ((char *) iter->data, "none")) {
found = TRUE;
break;
}
}
/* pairwise cipher list didn't contain "none", which is invalid
* for WPA adhoc connections.
*/
if (!found) {
g_set_error (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("'%s' connections require '%s' in this property"),
NM_SETTING_WIRELESS_MODE_ADHOC, "none");
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
return FALSE;
}
} else if (!_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) {
if (!_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
@ -1468,10 +1441,10 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *klass)
/**
* NMSettingWirelessSecurity:key-mgmt:
*
* Key management used for the connection. One of "none" (WEP), "ieee8021x"
* (Dynamic WEP), "wpa-none" (Ad-Hoc WPA-PSK), "wpa-psk" (infrastructure
* WPA-PSK), "sae" (SAE) or "wpa-eap" (WPA-Enterprise).
* This property must be set for any Wi-Fi connection that uses security.
* Key management used for the connection. One of "none" (WEP),
* "ieee8021x" (Dynamic WEP), "wpa-psk" (infrastructure WPA-PSK), "sae"
* (SAE) or "wpa-eap" (WPA-Enterprise). This property must be set for
* any Wi-Fi connection that uses security.
**/
/* ---ifcfg-rh---
* property: key-mgmt

8
libnm-core/nm-setting-wireless.c
View file

@ -157,14 +157,6 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
return TRUE;
}
/* Adhoc WPA */
if (!strcmp (key_mgmt, "wpa-none")) {
if (ap_mode != NM_802_11_MODE_ADHOC)
return FALSE;
/* FIXME: validate ciphers if they're in the beacon */
return TRUE;
}
/* Adhoc WPA2 (ie, RSN IBSS) */
if (ap_mode == NM_802_11_MODE_ADHOC) {
if (strcmp (key_mgmt, "wpa-psk"))

26
libnm-core/nm-utils.c
View file

@ -6084,29 +6084,3 @@ _nm_utils_bridge_vlan_verify_list (GPtrArray *vlans,
return TRUE;
}
gboolean
nm_utils_connection_is_adhoc_wpa (NMConnection *connection)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *key_mgmt;
const char *mode;
s_wifi = nm_connection_get_setting_wireless (connection);
if (!s_wifi)
return FALSE;
mode = nm_setting_wireless_get_mode (s_wifi);
if (!nm_streq0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC))
return FALSE;
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (!s_wsec)
return FALSE;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
if (!nm_streq0 (key_mgmt, "wpa-none"))
return FALSE;
return TRUE;
}

3
libnm/nm-device-wifi.c
View file

@ -636,8 +636,7 @@ connection_compatible (NMDevice *device, NMConnection *connection, GError **erro
if (s_wsec) {
/* Connection has security, verify it against the device's capabilities */
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
if ( !g_strcmp0 (key_mgmt, "wpa-none")
|| !g_strcmp0 (key_mgmt, "wpa-psk")
if ( !g_strcmp0 (key_mgmt, "wpa-psk")
|| !g_strcmp0 (key_mgmt, "wpa-eap")) {
wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));

59
src/devices/wifi/nm-device-wifi.c
View file

@ -644,36 +644,6 @@ deactivate_reset_hw_addr (NMDevice *device)
_hw_addr_set_scanning ((NMDeviceWifi *) device, TRUE);
}
static gboolean
is_adhoc_wpa (NMConnection *connection)
{
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
const char *mode, *key_mgmt;
/* The kernel doesn't support Ad-Hoc WPA connections well at this time,
* and turns them into open networks. It's been this way since at least
* 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
*/
s_wifi = nm_connection_get_setting_wireless (connection);
g_return_val_if_fail (s_wifi != NULL, FALSE);
mode = nm_setting_wireless_get_mode (s_wifi);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) != 0)
return FALSE;
s_wsec = nm_connection_get_setting_wireless_security (connection);
if (!s_wsec)
return FALSE;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
if (g_strcmp0 (key_mgmt, "wpa-none") != 0)
return FALSE;
return TRUE;
}
static gboolean
check_connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
@ -720,12 +690,6 @@ check_connection_compatible (NMDevice *device, NMConnection *connection, GError
return FALSE;
}
if (is_adhoc_wpa (connection)) {
nm_utils_error_set_literal (error, NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
"Ad-Hoc WPA networks are not supported");
return FALSE;
}
/* Early exit if supplicant or device doesn't support requested mode */
mode = nm_setting_wireless_get_mode (s_wireless);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) {
@ -953,19 +917,6 @@ complete_connection (NMDevice *device,
return FALSE;
}
/* The kernel doesn't support Ad-Hoc WPA connections well at this time,
* and turns them into open networks. It's been this way since at least
* 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
*/
if (is_adhoc_wpa (connection)) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_SETTING,
_("WPA Ad-Hoc disabled due to kernel bugs"));
g_prefix_error (error, "%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
return FALSE;
}
ssid_utf8 = _nm_utils_ssid_to_utf8 (ssid);
nm_utils_complete_generic (nm_device_get_platform (device),
connection,
@ -2703,16 +2654,6 @@ act_stage1_prepare (NMDevice *device, NMDeviceStateReason *out_failure_reason)
priv->mode = NM_802_11_MODE_MESH;
_notify (self, PROP_MODE);
/* The kernel doesn't support Ad-Hoc WPA connections well at this time,
* and turns them into open networks. It's been this way since at least
* 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
*/
if (is_adhoc_wpa (connection)) {
_LOGW (LOGD_WIFI, "Ad-Hoc WPA disabled due to kernel bugs");
NM_SET_OUT (out_failure_reason, NM_DEVICE_STATE_REASON_SUPPLICANT_CONFIG_FAILED);
return NM_ACT_STAGE_RETURN_FAILURE;
}
/* expire the temporary MAC address used during scanning */
priv->hw_addr_scan_expire = 0;

34
src/devices/wifi/nm-wifi-ap.c
View file

@ -1305,40 +1305,6 @@ nm_wifi_ap_new_fake_from_connection (NMConnection *connection)
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
} else if (!strcmp (key_mgmt, "wpa-none")) {
guint32 i;
/* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
* group=TKIP/CCMP (but not both).
*/
flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK;
/* Clear ciphers; pairwise must be unset anyway, and group gets set below */
flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
| NM_802_11_AP_SEC_PAIR_WEP104
| NM_802_11_AP_SEC_PAIR_TKIP
| NM_802_11_AP_SEC_PAIR_CCMP
| NM_802_11_AP_SEC_GROUP_WEP40
| NM_802_11_AP_SEC_GROUP_WEP104
| NM_802_11_AP_SEC_GROUP_TKIP
| NM_802_11_AP_SEC_GROUP_CCMP);
for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
flags |= NM_802_11_AP_SEC_GROUP_CCMP;
break;
}
}
/* Default to TKIP since not all WPA-capable cards can do CCMP */
if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
flags |= NM_802_11_AP_SEC_GROUP_TKIP;
nm_wifi_ap_set_wpa_flags (ap, flags);
/* Don't use Ad-Hoc RSN yet */
nm_wifi_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
}
done:

72
src/devices/wifi/nm-wifi-utils.c
View file

@ -297,14 +297,13 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
guint32 rsn_flags,
GError **error)
{
const char *key_mgmt, *auth_alg, *tmp;
int n;
const char *key_mgmt, *auth_alg;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (key_mgmt) {
if (!strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-none")) {
if (!strcmp (key_mgmt, "wpa-psk")) {
if (s_8021x) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
@ -326,55 +325,6 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
}
}
if (!strcmp (key_mgmt, "wpa-none")) {
if (!adhoc) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("WPA Ad-Hoc authentication requires an Ad-Hoc mode AP"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SETTING_NAME,
NM_SETTING_WIRELESS_MODE);
return FALSE;
}
/* Ad-Hoc WPA requires 'wpa' proto, 'none' pairwise, and 'tkip' group */
n = nm_setting_wireless_security_get_num_protos (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_proto (s_wsec, 0) : NULL;
if (n > 1 || !tmp || strcmp (tmp, "wpa")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("WPA Ad-Hoc authentication requires 'wpa' protocol"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_PROTO);
return FALSE;
}
n = nm_setting_wireless_security_get_num_pairwise (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_pairwise (s_wsec, 0) : NULL;
if (n > 1 || g_strcmp0 (tmp, "none")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("WPA Ad-Hoc authentication requires 'none' pairwise cipher"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
return FALSE;
}
n = nm_setting_wireless_security_get_num_groups (s_wsec);
tmp = (n > 0) ? nm_setting_wireless_security_get_group (s_wsec, 0) : NULL;
if (n > 1 || !tmp || strcmp (tmp, "tkip")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("WPA Ad-Hoc requires 'tkip' group cipher"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_GROUP);
return FALSE;
}
}
if (!strcmp (key_mgmt, "wpa-psk")) {
/* Make sure the AP's capabilities support WPA-PSK */
if ( !(wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
@ -470,7 +420,7 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
}
if (adhoc) {
if (key_mgmt && strcmp (key_mgmt, "wpa-none") && strcmp (key_mgmt, "none")) {
if (key_mgmt && !nm_streq (key_mgmt, "none")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
@ -508,16 +458,6 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
return FALSE;
}
} else {
if (key_mgmt && !strcmp (key_mgmt, "wpa-none")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("Access point mode is Infrastructure but setting requires Ad-Hoc security"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
return FALSE;
}
}
return TRUE;
@ -773,11 +713,7 @@ nm_wifi_utils_complete_connection (GBytes *ap_ssid,
return FALSE;
if (adhoc) {
g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
/* Ad-Hoc does not support RSN/WPA2 */
nm_setting_wireless_security_add_proto (s_wsec, "wpa");
nm_setting_wireless_security_add_pairwise (s_wsec, "none");
nm_setting_wireless_security_add_group (s_wsec, "tkip");
/* TODO */
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",

11
src/settings/nm-settings.c
View file

@ -2487,17 +2487,6 @@ nm_settings_add_connection_dbus (NMSettings *self,
goto done;
}
/* FIXME: The kernel doesn't support Ad-Hoc WPA connections well at this time,
* and turns them into open networks. It's been this way since at least
* 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
*/
if (nm_utils_connection_is_adhoc_wpa (connection)) {
error = g_error_new_literal (NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_CONNECTION,
"WPA Ad-Hoc disabled due to kernel bugs");
goto done;
}
if (!nm_auth_is_subject_in_acl_set_error (connection,
subject,
NM_SETTINGS_ERROR,

4
src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
View file

@ -3679,9 +3679,7 @@ make_wpa_setting (shvarFile *ifcfg,
}
}
if (adhoc)
g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
else if (wpa_psk)
if (wpa_psk)
g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
else {
nm_assert (wpa_sae);

2
src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
View file

@ -583,7 +583,7 @@ write_wireless_security_setting (NMConnection *connection,
svUnsetValue (ifcfg, "KEY_MGMT");
wep = TRUE;
*no_8021x = TRUE;
} else if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) {
} else if (!strcmp (key_mgmt, "wpa-psk")) {
svSetValueStr (ifcfg, "KEY_MGMT", "WPA-PSK");
wpa = TRUE;
*no_8021x = TRUE;

4
src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
View file

@ -3133,7 +3133,7 @@ test_read_wifi_wpa_psk_adhoc (void)
s_wsec = nm_connection_get_setting_wireless_security (connection);
g_assert (s_wsec);
g_assert_cmpstr (nm_setting_wireless_security_get_key_mgmt (s_wsec), ==, "wpa-none");
g_assert_cmpstr (nm_setting_wireless_security_get_key_mgmt (s_wsec), ==, "wpa-psk");
g_assert_cmpstr (nm_setting_wireless_security_get_psk (s_wsec), ==, "I wonder what the king is doing tonight?");
/* Pairwise cipher is unused in adhoc mode */
@ -6460,7 +6460,7 @@ test_write_wifi_wpa_psk_adhoc (void)
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none",
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_PSK, "7d308b11df1b4243b0f78e5f3fc68cdbb9a264ed0edf4c188edf329ff5b467f0",
NULL);

4
src/supplicant/nm-supplicant-config.c
View file

@ -897,8 +897,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
}
/* Only WPA-specific things when using WPA */
if ( !strcmp (key_mgmt, "wpa-none")
|| !strcmp (key_mgmt, "wpa-psk")
if ( !strcmp (key_mgmt, "wpa-psk")
|| !strcmp (key_mgmt, "wpa-eap")
|| !strcmp (key_mgmt, "sae")) {
if (!ADD_STRING_LIST_VAL (self, setting, wireless_security, proto, protos, "proto", ' ', TRUE, NULL, error))
@ -909,7 +908,6 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
return FALSE;
if ( set_pmf
&& !nm_streq (key_mgmt, "wpa-none")
&& NM_IN_SET (pmf,
NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE,
NM_SETTING_WIRELESS_SECURITY_PMF_REQUIRED)) {

2
src/supplicant/nm-supplicant-settings-verify.c
View file

@ -69,7 +69,7 @@ static const char *const proto_allowed[] = { "WPA", "RSN", NULL };
static const char *const key_mgmt_allowed[] = { "WPA-PSK", "WPA-PSK-SHA256", "FT-PSK",
"WPA-EAP", "WPA-EAP-SHA256", "FT-EAP", "FT-EAP-SHA384",
"FILS-SHA256", "FILS-SHA384",
"IEEE8021X", "WPA-NONE", "SAE",
"IEEE8021X", "SAE",
"NONE", NULL };
static const char *const auth_alg_allowed[] = { "OPEN", "SHARED", "LEAP", NULL };
static const char *const eap_allowed[] = { "LEAP", "MD5", "TLS", "PEAP", "TTLS", "SIM",