fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-04 14:30:18 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

ifcfg-rh: fix handling of WEP passphrases (rh #581718)

Browse source 
ifcfg-rh wasn't updated for WEP passphrases after that capability
got added.  Can't use KEY for passphrases since there's no way
to distinguish some WEP passphrases from some WEP Hex and ASCII
keys, so we use KEY_PASSPHRASE instead.
This commit is contained in:
Dan Williams 2010-04-23 14:20:10 -07:00
parent e46577ffe5
commit f20f7294f6
6 changed files with 403 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
system-settings/plugins/ifcfg-rh/reader.c
View file

@ -1578,6 +1578,7 @@ static gboolean
add_one_wep_key (shvarFile *ifcfg,
const char *shvar_key,
guint8 key_idx,
gboolean passphrase,
NMSettingWirelessSecurity *s_wsec,
GError **error)
{
@ -1597,42 +1598,51 @@ add_one_wep_key (shvarFile *ifcfg,
}
/* Validate keys */
if (strlen (value) == 10 || strlen (value) == 26) {
/* Hexadecimal WEP key */
char *p = value;
while (*p) {
if (!g_ascii_isxdigit (*p)) {
g_set_error (error, ifcfg_plugin_error_quark (), 0,
"Invalid hexadecimal WEP key.");
goto out;
}
p++;
if (passphrase) {
if (strlen (value) && strlen (value) < 64) {
key = g_strdup (value);
g_object_set (G_OBJECT (s_wsec),
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE,
NM_WEP_KEY_TYPE_PASSPHRASE,
NULL);
}
key = g_strdup (value);
} else if ( strncmp (value, "s:", 2)
&& (strlen (value) == 7 || strlen (value) == 15)) {
/* ASCII passphrase */
char *p = value + 2;
while (*p) {
if (!isascii ((int) (*p))) {
g_set_error (error, ifcfg_plugin_error_quark (), 0,
"Invalid ASCII WEP passphrase.");
goto out;
}
p++;
}
key = utils_bin2hexstr (value, strlen (value), strlen (value) * 2);
} else {
g_set_error (error, ifcfg_plugin_error_quark (), 0, "Invalid WEP key length.");
if (strlen (value) == 10 || strlen (value) == 26) {
/* Hexadecimal WEP key */
char *p = value;
while (*p) {
if (!g_ascii_isxdigit (*p)) {
g_set_error (error, ifcfg_plugin_error_quark (), 0,
"Invalid hexadecimal WEP key.");
goto out;
}
p++;
}
key = g_strdup (value);
} else if ( strncmp (value, "s:", 2)
&& (strlen (value) == 7 || strlen (value) == 15)) {
/* ASCII passphrase */
char *p = value + 2;
while (*p) {
if (!isascii ((int) (*p))) {
g_set_error (error, ifcfg_plugin_error_quark (), 0,
"Invalid ASCII WEP passphrase.");
goto out;
}
p++;
}
key = utils_bin2hexstr (value, strlen (value), strlen (value) * 2);
}
}
if (key) {
nm_setting_wireless_security_set_wep_key (s_wsec, key_idx, key);
success = TRUE;
}
} else
g_set_error (error, ifcfg_plugin_error_quark (), 0, "Invalid WEP key length.");
out:
g_free (value);
@ -1645,15 +1655,26 @@ read_wep_keys (shvarFile *ifcfg,
NMSettingWirelessSecurity *s_wsec,
GError **error)
{
if (!add_one_wep_key (ifcfg, "KEY1", 0, s_wsec, error))
/* Try hex/ascii keys first */
if (!add_one_wep_key (ifcfg, "KEY1", 0, FALSE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY2", 1, s_wsec, error))
if (!add_one_wep_key (ifcfg, "KEY2", 1, FALSE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY3", 2, s_wsec, error))
if (!add_one_wep_key (ifcfg, "KEY3", 2, FALSE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY4", 3, s_wsec, error))
if (!add_one_wep_key (ifcfg, "KEY4", 3, FALSE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY", def_idx, s_wsec, error))
if (!add_one_wep_key (ifcfg, "KEY", def_idx, FALSE, s_wsec, error))
return FALSE;
/* And then passphrases */
if (!add_one_wep_key (ifcfg, "KEY_PASSPHRASE1", 0, TRUE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY_PASSPHRASE2", 1, TRUE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY_PASSPHRASE3", 2, TRUE, s_wsec, error))
return FALSE;
if (!add_one_wep_key (ifcfg, "KEY_PASSPHRASE4", 3, TRUE, s_wsec, error))
return FALSE;
return TRUE;
@ -1701,6 +1722,7 @@ make_wep_setting (shvarFile *ifcfg,
goto error;
}
svCloseFile (keys_ifcfg);
g_assert (error == NULL || *error == NULL);
}
/* If there's a default key, ensure that key exists */

4
system-settings/plugins/ifcfg-rh/tests/network-scripts/Makefile.am
View file

@ -58,7 +58,9 @@ EXTRA_DIST = \
ifcfg-test-wired-static-no-prefix-8 \
ifcfg-test-wired-static-no-prefix-16 \
ifcfg-test-wired-static-no-prefix-24 \
ifcfg-test-wired-ipv6-only
ifcfg-test-wired-ipv6-only \
ifcfg-test-wifi-wep-passphrase \
keys-test-wifi-wep-passphrase
check-local:
@for f in $(EXTRA_DIST); do \

14
system-settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-wifi-wep-passphrase Normal file
View file

@ -0,0 +1,14 @@
TYPE=Wireless
DEVICE=eth2
HWADDR=00:16:41:11:22:33
NM_CONTROLLED=yes
BOOTPROTO=dhcp
ESSID=blahblah
CHANNEL=1
MODE=Managed
RATE=auto
ONBOOT=yes
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
SECURITYMODE=open

1
system-settings/plugins/ifcfg-rh/tests/network-scripts/keys-test-wifi-wep-passphrase Normal file
View file

@ -0,0 +1 @@
KEY_PASSPHRASE1="foobar222blahblah"

295
system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
View file

@ -3004,6 +3004,7 @@ test_read_wifi_wep (void)
const char *expected_mode = "infrastructure";
const guint32 expected_channel = 1;
const char *expected_wep_key0 = "0123456789abcdef0123456789";
NMWepKeyType key_type;
connection = connection_from_file (TEST_IFCFG_WIFI_WEP,
NULL,
@ -3175,6 +3176,13 @@ test_read_wifi_wep (void)
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX);
/* WEP key type */
key_type = nm_setting_wireless_security_get_wep_key_type (s_wsec);
ASSERT (key_type == NM_WEP_KEY_TYPE_UNKNOWN || key_type == NM_WEP_KEY_TYPE_KEY,
"wifi-wep-verify-wireless", "failed to verify %s: unexpected WEP key type %d",
TEST_IFCFG_WIFI_WEP,
key_type);
/* WEP key index 0 */
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, 0);
ASSERT (tmp != NULL,
@ -3508,6 +3516,142 @@ test_read_wifi_wep_adhoc (void)
g_object_unref (connection);
}
#define TEST_IFCFG_WIFI_WEP_PASSPHRASE TEST_IFCFG_DIR"/network-scripts/ifcfg-test-wifi-wep-passphrase"
static void
test_read_wifi_wep_passphrase (void)
{
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWireless *s_wireless;
NMSettingWirelessSecurity *s_wsec;
char *unmanaged = NULL;
char *keyfile = NULL;
char *routefile = NULL;
char *route6file = NULL;
gboolean ignore_error = FALSE;
GError *error = NULL;
const char *tmp;
const char *expected_wep_key0 = "foobar222blahblah";
NMWepKeyType key_type;
connection = connection_from_file (TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NULL,
TYPE_WIRELESS,
NULL,
&unmanaged,
&keyfile,
&routefile,
&route6file,
&error,
&ignore_error);
ASSERT (connection != NULL,
"wifi-wep-passphrase-read", "failed to read %s: %s",
TEST_IFCFG_WIFI_WEP_PASSPHRASE, error->message);
ASSERT (nm_connection_verify (connection, &error),
"wifi-wep-passphrase-verify", "failed to verify %s: %s",
TEST_IFCFG_WIFI_WEP_PASSPHRASE, error->message);
/* ===== CONNECTION SETTING ===== */
s_con = NM_SETTING_CONNECTION (nm_connection_get_setting (connection, NM_TYPE_SETTING_CONNECTION));
ASSERT (s_con != NULL,
"wifi-wep-passphrase-verify-connection", "failed to verify %s: missing %s setting",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_CONNECTION_SETTING_NAME);
/* ===== WIRELESS SETTING ===== */
s_wireless = NM_SETTING_WIRELESS (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS));
ASSERT (s_wireless != NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: missing %s setting",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SETTING_NAME);
/* Security */
tmp = nm_setting_wireless_get_security (s_wireless);
ASSERT (tmp != NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: missing %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SETTING_NAME,
NM_SETTING_WIRELESS_SEC);
ASSERT (strcmp (tmp, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME) == 0,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key value",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SETTING_NAME,
NM_SETTING_WIRELESS_SEC);
/* ===== WIRELESS SECURITY SETTING ===== */
s_wsec = NM_SETTING_WIRELESS_SECURITY (nm_connection_get_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY));
ASSERT (s_wsec != NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: missing %s setting",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
/* Key management */
ASSERT (strcmp (nm_setting_wireless_security_get_key_mgmt (s_wsec), "none") == 0,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: missing %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
/* WEP key index */
ASSERT (nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec) == 0,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key value",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX);
/* WEP key type */
key_type = nm_setting_wireless_security_get_wep_key_type (s_wsec);
ASSERT (key_type == NM_WEP_KEY_TYPE_PASSPHRASE,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected WEP key type %d",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
key_type);
/* WEP key index 0 */
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, 0);
ASSERT (tmp != NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: missing %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY0);
ASSERT (strcmp (tmp, expected_wep_key0) == 0,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key value",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY0);
/* WEP key index 1 */
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, 1);
ASSERT (tmp == NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY1);
/* WEP key index 2 */
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, 2);
ASSERT (tmp == NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY2);
/* WEP key index 3 */
tmp = nm_setting_wireless_security_get_wep_key (s_wsec, 3);
ASSERT (tmp == NULL,
"wifi-wep-passphrase-verify-wireless", "failed to verify %s: unexpected %s / %s key",
TEST_IFCFG_WIFI_WEP_PASSPHRASE,
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NM_SETTING_WIRELESS_SECURITY_WEP_KEY3);
g_object_unref (connection);
}
#define TEST_IFCFG_WIFI_LEAP TEST_IFCFG_DIR"/network-scripts/ifcfg-test-wifi-leap"
static void
@ -6419,6 +6563,155 @@ test_write_wifi_wep_adhoc (void)
g_object_unref (reread);
}
static void
test_write_wifi_wep_passphrase (void)
{
NMConnection *connection;
NMConnection *reread;
NMSettingConnection *s_con;
NMSettingWireless *s_wifi;
NMSettingWirelessSecurity *s_wsec;
NMSettingIP4Config *s_ip4;
NMSettingIP6Config *s_ip6;
char *uuid;
gboolean success;
GError *error = NULL;
char *testfile = NULL;
char *unmanaged = NULL;
char *keyfile = NULL;
char *routefile = NULL;
char *route6file = NULL;
gboolean ignore_error = FALSE;
GByteArray *ssid;
const unsigned char ssid_data[] = "blahblah";
struct stat statbuf;
connection = nm_connection_new ();
ASSERT (connection != NULL,
"wifi-wep-passphrase-write", "failed to allocate new connection");
/* Connection setting */
s_con = (NMSettingConnection *) nm_setting_connection_new ();
ASSERT (s_con != NULL,
"wifi-wep-passphrase-write", "failed to allocate new %s setting",
NM_SETTING_CONNECTION_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_con));
uuid = nm_utils_uuid_generate ();
g_object_set (s_con,
NM_SETTING_CONNECTION_ID, "Test Write Wifi WEP Passphrase",
NM_SETTING_CONNECTION_UUID, uuid,
NM_SETTING_CONNECTION_AUTOCONNECT, TRUE,
NM_SETTING_CONNECTION_TYPE, NM_SETTING_WIRELESS_SETTING_NAME,
NULL);
g_free (uuid);
/* Wifi setting */
s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
ASSERT (s_wifi != NULL,
"wifi-wep-passphrase-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wifi));
ssid = g_byte_array_sized_new (sizeof (ssid_data));
g_byte_array_append (ssid, ssid_data, sizeof (ssid_data));
g_object_set (s_wifi,
NM_SETTING_WIRELESS_SSID, ssid,
NM_SETTING_WIRELESS_MODE, "infrastructure",
NM_SETTING_WIRELESS_SEC, NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
NULL);
g_byte_array_free (ssid, TRUE);
/* Wireless security setting */
s_wsec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new ();
ASSERT (s_wsec != NULL,
"wifi-wep-passphrase-write", "failed to allocate new %s setting",
NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "none",
NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX, 0,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG, "shared",
NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE, NM_WEP_KEY_TYPE_PASSPHRASE,
NULL);
nm_setting_wireless_security_set_wep_key (s_wsec, 0, "asdfdjaslfjasd;flasjdfl;aksdf");
/* IP4 setting */
s_ip4 = (NMSettingIP4Config *) nm_setting_ip4_config_new ();
ASSERT (s_ip4 != NULL,
"wifi-wep-passphrase-write", "failed to allocate new %s setting",
NM_SETTING_IP4_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip4));
g_object_set (s_ip4, NM_SETTING_IP4_CONFIG_METHOD, NM_SETTING_IP4_CONFIG_METHOD_AUTO, NULL);
/* IP6 setting */
s_ip6 = (NMSettingIP6Config *) nm_setting_ip6_config_new ();
ASSERT (s_ip6 != NULL,
"wifi-wep-adhoc-write", "failed to allocate new %s setting",
NM_SETTING_IP6_CONFIG_SETTING_NAME);
nm_connection_add_setting (connection, NM_SETTING (s_ip6));
g_object_set (s_ip6, NM_SETTING_IP6_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_IGNORE, NULL);
ASSERT (nm_connection_verify (connection, &error) == TRUE,
"wifi-wep-passphrase-write", "failed to verify connection: %s",
(error && error->message) ? error->message : "(unknown)");
/* Save the ifcfg */
success = writer_new_connection (connection,
TEST_SCRATCH_DIR "/network-scripts/",
&testfile,
&error);
ASSERT (success == TRUE,
"wifi-wep-passphrase-write", "failed to write connection to disk: %s",
(error && error->message) ? error->message : "(unknown)");
ASSERT (testfile != NULL,
"wifi-wep-passphrase-write", "didn't get ifcfg file path back after writing connection");
/* re-read the connection for comparison */
reread = connection_from_file (testfile,
NULL,
TYPE_WIRELESS,
NULL,
&unmanaged,
&keyfile,
&routefile,
&route6file,
&error,
&ignore_error);
unlink (testfile);
ASSERT (keyfile != NULL,
"wifi-wep-passphrase-write-reread", "expected keyfile for '%s'", testfile);
ASSERT (stat (keyfile, &statbuf) == 0,
"wifi-wep-passphrase-write-reread", "couldn't stat() '%s'", keyfile);
ASSERT (S_ISREG (statbuf.st_mode),
"wifi-wep-passphrase-write-reread", "keyfile '%s' wasn't a normal file", keyfile);
ASSERT ((statbuf.st_mode & 0077) == 0,
"wifi-wep-passphrase-write-reread", "keyfile '%s' wasn't readable only by its owner", keyfile);
unlink (keyfile);
ASSERT (reread != NULL,
"wifi-wep-passphrase-write-reread", "failed to read %s: %s", testfile, error->message);
ASSERT (nm_connection_verify (reread, &error),
"wifi-wep-passphrase-write-reread-verify", "failed to verify %s: %s", testfile, error->message);
ASSERT (nm_connection_compare (connection, reread, NM_SETTING_COMPARE_FLAG_EXACT) == TRUE,
"wifi-wep-passphrase-write", "written and re-read connection weren't the same.");
g_free (testfile);
g_object_unref (connection);
g_object_unref (reread);
}
static void
test_write_wifi_leap (void)
{
@ -8108,6 +8401,7 @@ int main (int argc, char **argv)
test_read_wifi_open_ssid_quoted ();
test_read_wifi_wep ();
test_read_wifi_wep_adhoc ();
test_read_wifi_wep_passphrase ();
test_read_wifi_leap ();
test_read_wifi_wpa_psk ();
test_read_wifi_wpa_psk_unquoted ();
@ -8128,6 +8422,7 @@ int main (int argc, char **argv)
test_write_wifi_open_hex_ssid ();
test_write_wifi_wep ();
test_write_wifi_wep_adhoc ();
test_write_wifi_wep_passphrase ();
test_write_wifi_leap ();
test_write_wifi_wpa_psk ("Test Write Wifi WPA PSK",
"wifi-wpa-psk-write",

42
system-settings/plugins/ifcfg-rh/writer.c
View file

@ -579,20 +579,46 @@ write_wireless_security_setting (NMConnection *connection,
}
}
/* WEP keys */
/* Clear existing keys */
set_secret (ifcfg, "KEY", NULL, FALSE); /* Clear any default key */
for (i = 0; i < 4; i++) {
tmp = g_strdup_printf ("KEY_PASSPHRASE%d", i + 1);
set_secret (ifcfg, tmp, NULL, FALSE);
g_free (tmp);
tmp = g_strdup_printf ("KEY%d", i + 1);
set_secret (ifcfg, tmp, NULL, FALSE);
g_free (tmp);
}
/* And write the new ones out */
if (wep) {
/* Default WEP TX key index */
tmp = g_strdup_printf ("%d", nm_setting_wireless_security_get_wep_tx_keyidx (s_wsec) + 1);
svSetValue (ifcfg, "DEFAULTKEY", tmp, FALSE);
g_free (tmp);
}
/* WEP keys */
set_secret (ifcfg, "KEY", NULL, FALSE); /* Clear any default key */
for (i = 0; i < 4; i++) {
key = nm_setting_wireless_security_get_wep_key (s_wsec, i);
tmp = g_strdup_printf ("KEY%d", i + 1);
set_secret (ifcfg, tmp, (wep && key) ? key : NULL, FALSE);
g_free (tmp);
for (i = 0; i < 4; i++) {
NMWepKeyType key_type;
key = nm_setting_wireless_security_get_wep_key (s_wsec, i);
if (key) {
/* Passphrase needs a different ifcfg key since with WEP, there
* are some passphrases that are indistinguishable from WEP hex
* keys.
*/
key_type = nm_setting_wireless_security_get_wep_key_type (s_wsec);
if (key_type == NM_WEP_KEY_TYPE_PASSPHRASE)
tmp = g_strdup_printf ("KEY_PASSPHRASE%d", i + 1);
else
tmp = g_strdup_printf ("KEY%d", i + 1);
set_secret (ifcfg, tmp, key, FALSE);
g_free (tmp);
}
}
}
/* WPA protos */