Re: WPA2 Enterprise (and other things)
- From: Jon Escombe <lists dresco co uk>
- To: Dan Williams <dcbw redhat com>, Robert Love <rml novell com>
- Cc: networkmanager-list gnome org
- Subject: Re: WPA2 Enterprise (and other things)
- Date: Fri, 24 Mar 2006 17:32:13 +0000
Dan Williams wrote:
On Fri, 2006-03-24 at 10:58 -0500, Robert Love wrote:
On Fri, 2006-03-24 at 14:37 +0000, Jon Escombe wrote:
Grr, let me try that again...
Nice work.
So you've posted three patches (well, two different sets). I think all
of the fixes look right, particularly the changes in the latest patch.
Would you mind rediffing a single patch (assuming you still want the
first fix), posting it, and confirming whether or not it fixes the
problem, for sure?
I can confirm that I've applied the attached patch against yesterdays
CVS, and tested successfully against WEP104 and WPA2-EAP networks (no
WPA-PSK here sorry).
It's worth noting that the WEP capability detection still isn't perfect.
My WEP104 AP also reports a full set of WEP40 capabilities which are
checked & matched first. Doesn't stop it connecting fine though...
So what happens though, if we don't have all the necessary settings for
a particular WPA mode? Does that get dealt with in error-checking in NM
itself? (I think this is the case)
Anyway, lets make sure we're not feeding incomplete values to
wpa_supplicant. If we're not, then it sounds good.
Dan
From memory, if I enter insufficient values into the WPA Enterprise
dialog, NM will happily launch wpa_supplicant with what it's been given.
Presumably if the connection isn't successful then the configuration
details aren't stored?
Anyway, full patch attached.
Regards,
Jon.
diff -urN NetworkManager.orig/gnome/applet/nm-gconf-wso.c NetworkManager.patched/gnome/applet/nm-gconf-wso.c
--- NetworkManager.orig/gnome/applet/nm-gconf-wso.c 2006-02-26 02:16:52.000000000 +0000
+++ NetworkManager.patched/gnome/applet/nm-gconf-wso.c 2006-03-24 16:10:31.000000000 +0000
@@ -137,6 +137,10 @@
security = NM_GCONF_WSO (nm_gconf_wso_wpa_psk_new_deserialize_gconf (client, network, we_cipher));
break;
+ case NM_AUTH_TYPE_WPA_EAP:
+ security = NM_GCONF_WSO (nm_gconf_wso_wpa_eap_new_deserialize_gconf (client, network, we_cipher));
+ break;
+
default:
break;
}
diff -urN NetworkManager.orig/gnome/applet/nm-gconf-wso-wpa-eap.c NetworkManager.patched/gnome/applet/nm-gconf-wso-wpa-eap.c
--- NetworkManager.orig/gnome/applet/nm-gconf-wso-wpa-eap.c 2006-03-22 19:52:40.000000000 +0000
+++ NetworkManager.patched/gnome/applet/nm-gconf-wso-wpa-eap.c 2006-03-24 16:10:31.000000000 +0000
@@ -106,90 +106,80 @@
char * private_key_file = NULL;
char * client_cert_file = NULL;
char * ca_cert_file = NULL;
- int wpa_version;
- int eap_method;
- int key_type;
- int key_mgmt;
+ int wpa_version = 0;
+ int eap_method = 0;
+ int key_type = 0;
+ int key_mgmt = 0;
g_return_val_if_fail (client != NULL, NULL);
g_return_val_if_fail (network != NULL, NULL);
g_return_val_if_fail ((we_cipher == NM_AUTH_TYPE_WPA_EAP), NULL);
- if (!nm_gconf_get_int_helper (client,
+ nm_gconf_get_int_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"eap_method",
network,
- &eap_method))
- goto out;
+ &eap_method);
- if (!nm_gconf_get_int_helper (client,
+ nm_gconf_get_int_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"key_type",
network,
- &key_type))
- goto out;
+ &key_type);
- if (!nm_gconf_get_int_helper (client,
+ nm_gconf_get_int_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"wpa_version",
network,
- &wpa_version))
- goto out;
+ &wpa_version);
- if (!nm_gconf_get_int_helper (client,
+ nm_gconf_get_int_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"key_mgt",
network,
- &key_mgmt))
+ &key_mgmt);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"identity",
network,
- &identity))
- goto out;
+ &identity);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"passwd",
network,
- &passwd))
- goto out;
+ &passwd);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"anon_identity",
network,
- &anon_identity))
- goto out;
+ &anon_identity);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"private_key_passwd",
network,
- &private_key_passwd))
- goto out;
+ &private_key_passwd);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"private_key_file",
network,
- &private_key_file))
- goto out;
+ &private_key_file);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"client_cert_file",
network,
- &client_cert_file))
- goto out;
+ &client_cert_file);
- if (!nm_gconf_get_string_helper (client,
+ nm_gconf_get_string_helper (client,
GCONF_PATH_WIRELESS_NETWORKS,
WPA_EAP_PREFIX"ca_cert_file",
network,
- &ca_cert_file))
- goto out;
+ &ca_cert_file);
/* Success, build up our security object */
security = g_object_new (NM_TYPE_GCONF_WSO_WPA_EAP, NULL);
@@ -214,7 +204,6 @@
g_free (client_cert_file);
g_free (ca_cert_file);
-out:
return security;
}
diff -urN NetworkManager.orig/src/nm-ap-security.c NetworkManager.patched/src/nm-ap-security.c
--- NetworkManager.orig/src/nm-ap-security.c 2006-03-08 18:33:44.000000000 +0000
+++ NetworkManager.patched/src/nm-ap-security.c 2006-03-24 17:28:48.000000000 +0000
@@ -125,15 +125,15 @@
/* Deteremine best encryption algorithm to use */
caps = nm_ap_get_capabilities (ap);
- if ((caps & WPA_CCMP_PSK) || (caps & WPA2_CCMP_PSK))
+ if (((caps & WPA_CCMP_PSK) == WPA_CCMP_PSK) || ((caps & WPA2_CCMP_PSK) == WPA2_CCMP_PSK))
security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_ap (ap, IW_AUTH_CIPHER_CCMP));
- else if ((caps & WPA_TKIP_PSK) || (caps & WPA2_TKIP_PSK))
+ else if (((caps & WPA_TKIP_PSK) == WPA_TKIP_PSK) || ((caps & WPA2_TKIP_PSK) == WPA2_TKIP_PSK))
security = NM_AP_SECURITY (nm_ap_security_wpa_psk_new_from_ap (ap, IW_AUTH_CIPHER_TKIP));
- else if ((caps & WPA_EAP) || (caps & WPA2_EAP))
+ else if (((caps & WPA_EAP) == WPA_EAP) || ((caps & WPA2_EAP) == WPA2_EAP))
security = NM_AP_SECURITY (nm_ap_security_wpa_eap_new_from_ap (ap));
- else if (caps & WEP_WEP104)
+ else if ((caps & WEP_WEP104) == WEP_WEP104)
security = NM_AP_SECURITY (nm_ap_security_wep_new_from_ap (ap, IW_AUTH_CIPHER_WEP104));
- else if (caps & WEP_WEP40)
+ else if ((caps & WEP_WEP40) == WEP_WEP40)
security = NM_AP_SECURITY (nm_ap_security_wep_new_from_ap (ap, IW_AUTH_CIPHER_WEP40));
else if (!nm_ap_get_encrypted (ap))
security = nm_ap_security_new (IW_AUTH_CIPHER_NONE);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]