A new value for NM80211Mode is introduced (NM_802_11_MODE_AP) and the
new mode is passed to wpa_supplicant analogous to adhoc-mode.
The places which need to know the interface mode have been extended to
handle the new mode.
If the configuration does not contain a fixed frequency, a channel is
selected the same way as with adhoc-mode before.
If D-Bus fails to spawn the supplicant it sometimes returns a method
timeout error instead of a spawn error. We've seen that happen on
F18 when systemd is used to autolaunch the supplicant. That causes
NM to assume that the supplicant crashed and thus never try to talk
to it again, on the assumption that (a) it crashed and (b) it will
crash again if we try to use it, and thus we'll be in a spawn loop.
First, (a) is not necessarily the case, and second, the supplicant
doesn't crash like that anymore. So we're pretty safe to just talk
to the supplicant if it starts later instead of ignoring it if
we detect the timeout error.
Recent versions of wpa_supplicant have a "DisconnectReason" property
that, upon a deauthentication event, contains an IEEE 802.11
"Reason Code" for why the disconnect may have occurred. We may
want to use this in the future, so add the infrastructure to pass it
around to supplicant listeners.
WiMAX failed distcheck if the iwmxsdk devel files were installed but
--enable-wimax=no was used, since the distcheck configure bits found
the iwmxsdk headers, defaulted WiMAX support to 'on', and then proceeded
to use the generated headers from the top srcdir, where of course
wimax was turned off (due to --enable-wimax=no). Instead, everything
should use the headers from the builddir, which reflects the options
that 'make distcheck' actually selects.
At the same time, re-order various includes everywhere to ensure that
the builddir paths come before the srcdir paths to prevent this from
happening in the future.
NMDeviceWifi and a few other things expect the interface will
move from STARTING to READY and then on to other states. But the
state was getting set to the actual supplicant interface state
immediately when the first properties were read (which include
the State property) and thus the READY state got bypassed. But
we also want to read stuff like the capabilities before letting
the interface be used.
So first, ensure the supplicant interface object actually uses the
READY state like its callers expect, and second, don't set the
READY state until we actually know what we need to know about it.
Because the supplicant doesn't have a BSS property for "last seen"
we have to fake that by listening to PropertiesChanged events for
stuff like signal strength, which usually changes a bit from scan
to scan. But in case it doesn't change, we'll never get that PC
signal, and thus we'll never update our internal 'last seen'
timestamp, and thus the AP will get removed from the NM scan list
even if it was in the supplicant's last scan results.
So, if the AP if we haven't receieved a BssRemoved signal for the
AP yet don't remove it from the NM scan list. One caveat is that
if the supplicant's DEFAULT_BSS_EXPIRATION_AGE value is greater
than NM's AP expiration age, NM will by consequence use the
supplicant's value instead. At the moment the supplicant sets
DEFAULT_BSS_EXPIRATION_AGE to 180 seconds while NM's is 360.
This message was printed:
GLib-GObject-CRITICAL **: g_value_get_string: assertion `G_VALUE_HOLDS_STRING (value)' failed
It showed out it came from g_cclosure_marshal_VOID__STRING() in BSSRemoved signal.
The signal parameter is object path, so use g_cclosure_marshal_VOID__BOXED instead.
The standard D-Bus PropertiesChanged signals are only in 1.0 and
later, so we also have to listen to the deprecated signals for
older supplicant versions. We can revert this commit when we
drop support for wpa_supplicant 0.7.x.
The port to the new supplicant D-Bus API for NM 0.9 had one unfinished
piece, which was to remove old APs from the scan list when the
supplicant returned no scan results or there was a scan error. In
this case, the removal code would not be called. This wasn't much
of a problem until 836f7d177e which
began removing APs from the scan list correctly in this case.
This uncovered a bug in NM's wpa_supplicant management code, which
was that NM only updates its internal AP object 'last seen' timestamp
when the AP is reported by the supplicant as a completely new BSS
(in merge_scanned_ap()). But the new supplicant D-Bus interface
only reports the BSS as "new" when the supplicant doesn't know about
the BSS, either because it is a new BSS or because it's been removed
from the supplicant's scan list at some point in the past.
Thus for BSSes that are consistently kept in the supplicant's scan
list, because the wifi driver is actually doing its job and reporting
them consistently in scan results, NM would not be updating the
'last seen' value for the corresponding NM AP objects. Due to
836f7d177e this would cause APs that
should be kept to be removed from the NM scan list.
To fix this, have the NMAccessPoint object track which supplicant
dbus object it came from, and have NMSupplicantInterface listen for
PropertyChanged signals for those APs the supplicant knows about.
When something changes (like signal strength as the result of updated
scan results) update the AP's 'last seen' timestamp since it clearly
still exists in the scan list. This way we update the timestamp both
when the supplicant finds a new AP and when it updates the properties
of existing APs.
Rather than generating enum classes by hand (and complaining in each
file that "this should really be standard"), use glib-mkenums.
Unfortunately, we need a very new version of glib-mkenums in order to
deal with NM's naming conventions and to fix a few other bugs, so just
import that into the source tree temporarily.
Also, to simplify the use of glib-mkenums, import Makefile.glib from
https://bugzilla.gnome.org/654395.
To avoid having to run glib-mkenums for every subdirectory of src/,
add a new "generated" directory, and put the generated enums files
there.
Finally, use Makefile.glib for marshallers too, and generate separate
ones for libnm-glib and NetworkManager.
EAP-FAST used to require some patches to OpenSSL which aren't always
applied. We can't depend on the supplicant supporting EAP-FAST like
we can for EAP methods that don't require any special support from
external libraries. To ensure the error gets reported correctly and
early, fail the configuration step if EAP-FAST isn't supported by
the supplicant but the connection requests it.
We do not want to break other methods, when EAP-FAST specific error condition
is detected: no PAC file provided and automatic PAC provisioning is disabled.
We'll use this to request identity and passwords in-band during
the connection attempt instead of sending them all at the
beginning. This should allow better handling of wrong
passwords (since we'll know we need to request them from the
user interactively) and better error codes when things fail.
The 802.1x password for MS-CHAPv2 can be up to 256 UCS-2 characters,
so we need to validate the password as UTF-8 to make sure we don't
reject valid passwords containing non-ASCII characters
The DBus signatures registered (via dbus_g_proxy_add_signal) for the
fi.w1.wpa_supplicant.Interface.{BSSAdded,ScanDone} signals were
incorrect. That prevented us from receiving wifi ap scan results, at
least in the case where wpa_supplicant has DBus introspection disabled.
There's two possibilities for errors from D-Bus when trying to
activate the supplicant; either we ignore the error and wait
for the supplicant to restart or be started, or it's a hard
error and we can't continue without risking worse behavior (ie
out of memory, supplicant spawns but exits immediately, etc).
This adds a few more harmless errors to the first category
which can happen if the supplicant's .service file exists
but the supplicant does not, in which case we just wait for
it to magically show up later.
Use a broader range of supplicant interface states to determine
when to tell the supplicant to idle; we want to allow the
disconnect in all of these states, not just some of them.
Second, allow the active network to be removed from the supplicant's
list in most of these states, even when the supplicant interface is
inactive or disconnected.
Enable the supplicant's optimized background scanning functionality
for WPA Enterprise setups so that roaming works correctly. Otherwise
there are issues pingponging between APs and having an up-to-date
scan list for roaming, since NM only scans every 2 minutes. The
supplicant can trigger optimized scans based on signal quality
thresholds and such and make these roaming decisions much better
than NM can.
We only want to prevent regression to > READY after READY has
been reached, since the interface state will track the supplicant
connection state which legitimately jumps around.
If the supplicant cannot be service activated, wait until it shows up
on the bus instead of sitting around doing nothing. This fixes a small
regression introduced when the _READY state was added to the supplicant
interface object.
