Re: Getting WPS secrets saved



On Sun, 2015-08-16 at 18:39 -0500, Eric Schultz wrote:
All,

I've gotten back to my side-project to add WPS support to NetworkManager.

Great!

I'm stumbling understanding how I could save the wifi password returned
from WPS.

To simplify the process, I was going to implement a command in nmcli to add
a new connection. As part of adding the connection, I would contact the
supplicant to start a wps request and, if we received it, take the password
and save it to the connection and disk. Where I'm confused right now is
that I don't see where or how wifi passwords are saved anywhere. What code
is actually saving the Wifi passwords? And is there a single or primary
place where a wifi password is requested that we can wait for WPS response
if they choose not to enter a password?

Passwords can be passed to NM as part of the initial connection that you
pass to the AddConnection().

But I think it would be great to have this more embedded in
NetworkManager instead, which would work with all clients not just
nmcli.

Here's an idea; possibly not the best one.  In wifi_secrets_cb() we can
figure out if this is the first time the connection has been used with
nm_settings_connection_get_timestamp().  If timestamp is 0, and there
are no secrets, then we could check whether the AP has WPS IEs that we
can use.

If so, we could call nm_act_request_get_secrets(wifi_wps_secrets_cb) and
pass a hint (like "x-nm-wps-methods=<ssid>,pbc,pin" that clients could
use to display an alert that says "Please push the WPS button on the
access point or enter the PIN code for the network <ssid>".  If PBC then
I don't think we need to return any secrets, if PIN then we could just
stuff the PIN into the PSK secret.

Once the user has done that and hit "OK" the request would come back to
NetworkManager into a wifi_wps_secrets_cb().  If the request wasn't
canceled, assume that the AP is now available for WPS, and continue with
the connection but instead of sending the full config to the supplicant
NM would initiate WPS instead.  Once the the supplicant has figured out
the actual PSK, we'd grab that from the network block and save that in
the NM config.

Dan



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]