The 802.1x password for MS-CHAPv2 can be up to 256 UCS-2 characters,
so we need to validate the password as UTF-8 to make sure we don't
reject valid passwords containing non-ASCII characters
The DBus signatures registered (via dbus_g_proxy_add_signal) for the
fi.w1.wpa_supplicant.Interface.{BSSAdded,ScanDone} signals were
incorrect. That prevented us from receiving wifi ap scan results, at
least in the case where wpa_supplicant has DBus introspection disabled.
There's two possibilities for errors from D-Bus when trying to
activate the supplicant; either we ignore the error and wait
for the supplicant to restart or be started, or it's a hard
error and we can't continue without risking worse behavior (ie
out of memory, supplicant spawns but exits immediately, etc).
This adds a few more harmless errors to the first category
which can happen if the supplicant's .service file exists
but the supplicant does not, in which case we just wait for
it to magically show up later.
Use a broader range of supplicant interface states to determine
when to tell the supplicant to idle; we want to allow the
disconnect in all of these states, not just some of them.
Second, allow the active network to be removed from the supplicant's
list in most of these states, even when the supplicant interface is
inactive or disconnected.
Enable the supplicant's optimized background scanning functionality
for WPA Enterprise setups so that roaming works correctly. Otherwise
there are issues pingponging between APs and having an up-to-date
scan list for roaming, since NM only scans every 2 minutes. The
supplicant can trigger optimized scans based on signal quality
thresholds and such and make these roaming decisions much better
than NM can.
We only want to prevent regression to > READY after READY has
been reached, since the interface state will track the supplicant
connection state which legitimately jumps around.
If the supplicant cannot be service activated, wait until it shows up
on the bus instead of sitting around doing nothing. This fixes a small
regression introduced when the _READY state was added to the supplicant
interface object.
If the supplicant dies a number of times within a short period of
time, make it go sit in the corner for a bit instead of continuously
trying to start it and have it die again.
Instead of just exposing a "running" value, instead make a meta
"available" value that's a combination of whether the supplicant
is actually running plus whether we want to talk to it right now
or not.
interface_add() could get called from two places: by the wifi/eth
device class when activating (which if the supplicant isn't yet
running will D-Bus activate it) and from the NameOwnerChanged
handler for the wpa_supplicant dbus service smgr_running_cb().
So if the supplicant wasn't running, nm_supplicant_interface_new()
would call interface_add() to bring the supplicant to life via
activation, then go on and create priv->iface_proxy. When the
supplicant appeared and D-Bus sent the NameOwnerChanged,
smgr_running_cb() would also call interface_add(), creating a
second priv->iface_proxy. The first one got lost and lived after
its parent NMSupplicantInterface was killed, and could still
respond to signals over the bus.
Prevent that by adding another state, STARTING, that indicates
that we've already started talking to the supplicant. Also be
extra paranoid about disconnecting signal handlers on the proxy.
We only really need one state for the supplicant interface which
simplifies handling in the Wifi and Wired device classes quite a
bit. It also simplifies the supplicant interface class too.
One behavioral change in the device classes is not running the
supplicant interface state changes from an idle; we'll have to
see if that causes problems. ISTR long ago that processing the
state change signals directly caused some issues, but we've
significantly reworked somethings since then so we may be able
to get away with this now.
Move GObject stuff to the bottom to reduce prototype abuse and
remove unneeded prefixes from stuff that's private to the class
itself. We also don't need the 'supplicant-manager' or 'device'
properties since they weren't used anywhere.
Move GObject stuff to the bottom to reduce prototype abuse and
remove unneeded prefixes from stuff that's private to the class
itself. We also don't need the 'supplicant-manager' or 'device'
properties since they weren't used anywhere.
We don't want to require a full 802.1x reauth when using OTP tokens
and roaming between APs in the same ESS, since that takes a long time
(user has to find the token and type in the code).
This has been around a long time, but is very hard to trigger. It appears
to happen mostly if the supplicant segfaults on resume but has been seen
in other cases as well.
For whatever reason, the DBusGProxy's refcount reaches 0 and the proxy gets
disposed of. That in turn disposes of all the pending calls that are
in-progress on the proxy. Since we give the pending calls a closure, that
closure (nm_supplicant_info_destroy) gets called when the pending calls
are destroyed. That closure unrefs the proxy again.
Since DBusGProxy doesn't have any protection in its dispose() handler
against re-entrant disposes (which is arguably a bug of the client)
we end up infinite looping in nm_supplicant_info_destroy().
Fix that by ensuring we return early if we detect that we are already
freeing the NMSupplicantInfo object, and thus don't try to dispose
of the proxy yet again.
