Re: WPA2 Enterprise (and other things)

From: Jon Escombe <lists dresco co uk>
To: Dan Williams <dcbw redhat com>, Robert Love <rml novell com>
Cc: networkmanager-list gnome org
Subject: Re: WPA2 Enterprise (and other things)
Date: Fri, 24 Mar 2006 17:32:13 +0000

Dan Williams wrote:

On Fri, 2006-03-24 at 10:58 -0500, Robert Love wrote:

On Fri, 2006-03-24 at 14:37 +0000, Jon Escombe wrote:

Grr, let me try that again...

Nice work.

So you've posted three patches (well, two different sets).  I think all
of the fixes look right, particularly the changes in the latest patch.

Would you mind rediffing a single patch (assuming you still want the
first fix), posting it, and confirming whether or not it fixes the
problem, for sure?

I can confirm that I've applied the attached patch against yesterdaysCVS, and tested successfully against WEP104 and WPA2-EAP networks (noWPA-PSK here sorry).

It's worth noting that the WEP capability detection still isn't perfect.My WEP104 AP also reports a full set of WEP40 capabilities which arechecked & matched first. Doesn't stop it connecting fine though...

So what happens though, if we don't have all the necessary settings for
a particular WPA mode?  Does that get dealt with in error-checking in NM
itself?  (I think this is the case)

Anyway, lets make sure we're not feeding incomplete values to
wpa_supplicant.  If we're not, then it sounds good.

Dan

From memory, if I enter insufficient values into the WPA Enterprisedialog, NM will happily launch wpa_supplicant with what it's been given.Presumably if the connection isn't successful then the configurationdetails aren't stored?


Anyway, full patch attached.

Regards,
Jon.

diff -urN NetworkManager.orig/gnome/applet/nm-gconf-wso.c NetworkManager.patched/gnome/applet/nm-gconf-wso.c
--- NetworkManager.orig/gnome/applet/nm-gconf-wso.c	2006-02-26 02:16:52.000000000 +0000
+++ NetworkManager.patched/gnome/applet/nm-gconf-wso.c	2006-03-24 16:10:31.000000000 +0000
@@ -137,6 +137,10 @@
 				security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_gconf (client, network, we_cipher));
 				break;
 
+			case NM_AUTH_TYPE_WPA_EAP:
+				security = NM_GCONF_WSO (nm_gconf_wso_wpa_eap_new_deserialize_gconf (client, network, we_cipher));
+				break;
+
 			default:
 				break;
 		}
diff -urN NetworkManager.orig/gnome/applet/nm-gconf-wso-wpa-eap.c NetworkManager.patched/gnome/applet/nm-gconf-wso-wpa-eap.c
--- NetworkManager.orig/gnome/applet/nm-gconf-wso-wpa-eap.c	2006-03-22 19:52:40.000000000 +0000
+++ NetworkManager.patched/gnome/applet/nm-gconf-wso-wpa-eap.c	2006-03-24 16:10:31.000000000 +0000
@@ -106,90 +106,80 @@
 	char *			private_key_file = NULL;
 	char *			client_cert_file = NULL;
 	char *			ca_cert_file = NULL;
-	int				wpa_version;
-	int				eap_method;
-	int				key_type;
-	int				key_mgmt;
+	int				wpa_version = 0;
+	int				eap_method = 0;
+	int				key_type = 0;
+	int				key_mgmt = 0;
 
 	g_return_val_if_fail (client != NULL, NULL);
 	g_return_val_if_fail (network != NULL, NULL);
 	g_return_val_if_fail ((we_cipher == NM_AUTH_TYPE_WPA_EAP), NULL);
 
-	if (!nm_gconf_get_int_helper (client,
+	nm_gconf_get_int_helper (client,
 							GCONF_PATH_WIRELESS_NETWORKS,
 							WPA_EAP_PREFIX"eap_method",
 							network,
-							&eap_method))
-		goto out;
+							&eap_method);
 
-	if (!nm_gconf_get_int_helper (client,
+	nm_gconf_get_int_helper (client,
 							GCONF_PATH_WIRELESS_NETWORKS,
 							WPA_EAP_PREFIX"key_type",
 							network,
-							&key_type))
-		goto out;
+							&key_type);
 
-	if (!nm_gconf_get_int_helper (client,
+	nm_gconf_get_int_helper (client,
 							GCONF_PATH_WIRELESS_NETWORKS,
 							WPA_EAP_PREFIX"wpa_version",
 							network,
-							&wpa_version))
-		goto out;
+							&wpa_version);
 
-	if (!nm_gconf_get_int_helper (client,
+	nm_gconf_get_int_helper (client,
 							GCONF_PATH_WIRELESS_NETWORKS,
 							WPA_EAP_PREFIX"key_mgt",
 							network,
-							&key_mgmt))
+							&key_mgmt);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"identity",
 							   network,
-							   &identity))
-		goto out;
+							   &identity);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"passwd",
 							   network,
-							   &passwd))
-		goto out;
+							   &passwd);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"anon_identity",
 							   network,
-							   &anon_identity))
-		goto out;
+							   &anon_identity);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"private_key_passwd",
 							   network,
-							   &private_key_passwd))
-		goto out;
+							   &private_key_passwd);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"private_key_file",
 							   network,
-							   &private_key_file))
-		goto out;
+							   &private_key_file);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"client_cert_file",
 							   network,
-							   &client_cert_file))
-		goto out;
+							   &client_cert_file);
 
-	if (!nm_gconf_get_string_helper (client,
+	nm_gconf_get_string_helper (client,
 							   GCONF_PATH_WIRELESS_NETWORKS,
 							   WPA_EAP_PREFIX"ca_cert_file",
 							   network,
-							   &ca_cert_file))
-		goto out;
+							   &ca_cert_file);
 
 	/* Success, build up our security object */
 	security = g_object_new (NM_TYPE_GCONF_WSO_WPA_EAP, NULL);
@@ -214,7 +204,6 @@
 	g_free (client_cert_file);
 	g_free (ca_cert_file);
 
-out:
 	return security;
 }
 
diff -urN NetworkManager.orig/src/nm-ap-security.c NetworkManager.patched/src/nm-ap-security.c
--- NetworkManager.orig/src/nm-ap-security.c	2006-03-08 18:33:44.000000000 +0000
+++ NetworkManager.patched/src/nm-ap-security.c	2006-03-24 17:28:48.000000000 +0000
@@ -125,15 +125,15 @@
 
 	/* Deteremine best encryption algorithm to use */
 	caps = nm_ap_get_capabilities (ap);
-	if ((caps & WPA_CCMP_PSK) || (caps & WPA2_CCMP_PSK))
+	if (((caps & WPA_CCMP_PSK) == WPA_CCMP_PSK) || ((caps & WPA2_CCMP_PSK) == WPA2_CCMP_PSK))
 		security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_ap (ap, IW_AUTH_CIPHER_CCMP));
-	else if ((caps & WPA_TKIP_PSK) || (caps & WPA2_TKIP_PSK))
+	else if (((caps & WPA_TKIP_PSK) == WPA_TKIP_PSK) || ((caps & WPA2_TKIP_PSK) == WPA2_TKIP_PSK))
 		security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_ap (ap, IW_AUTH_CIPHER_TKIP));
-	else if ((caps & WPA_EAP) || (caps & WPA2_EAP))
+	else if (((caps & WPA_EAP) == WPA_EAP) || ((caps & WPA2_EAP) == WPA2_EAP))
 		security = NM_AP_SECURITY (nm_ap_security_wpa_eap_new_from_ap (ap));
-	else if (caps & WEP_WEP104)
+	else if ((caps & WEP_WEP104) == WEP_WEP104)
 		security = NM_AP_SECURITY (nm_ap_security_wep_new_from_ap (ap, IW_AUTH_CIPHER_WEP104));
-	else if (caps & WEP_WEP40)
+	else if ((caps & WEP_WEP40) == WEP_WEP40)
 		security = NM_AP_SECURITY (nm_ap_security_wep_new_from_ap (ap, IW_AUTH_CIPHER_WEP40));
 	else if (!nm_ap_get_encrypted (ap))
 		security = nm_ap_security_new (IW_AUTH_CIPHER_NONE);

Follow-Ups:
- Re: WPA2 Enterprise (and other things)
  - From: Robert Love
- Re: WPA2 Enterprise (and other things)
  - From: Robert Love

References:
- Re: WPA2 Enterprise (and other things)
  - From: Jon Escombe
- Re: WPA2 Enterprise (and other things)
  - From: Jon Escombe
- Re: WPA2 Enterprise (and other things)
  - From: Dan Williams
- Re: WPA2 Enterprise (and other things)
  - From: Jon Escombe
- Re: WPA2 Enterprise (and other things)
  - From: Jon Escombe
- Re: WPA2 Enterprise (and other things)
  - From: Robert Love
- Re: WPA2 Enterprise (and other things)
  - From: Dan Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]