[PATCH v3 6/6] supplicant: enable FILS only when wpa_supplicant supports it
- From: Masashi Honma <masashi honma gmail com>
- To: networkmanager-list gnome org
- Subject: [PATCH v3 6/6] supplicant: enable FILS only when wpa_supplicant supports it
- Date: Tue, 16 Jan 2018 06:28:37 +0900
Signed-off-by: Masashi Honma <masashi honma gmail com>
---
src/devices/wifi/nm-device-wifi.c | 14 ++++++++++++++
src/supplicant/nm-supplicant-interface.c | 33 +++++++++++++++++++++++++++++++-
src/supplicant/nm-supplicant-interface.h | 8 +++++++-
src/supplicant/nm-supplicant-manager.c | 15 +++++++++++++--
4 files changed, 66 insertions(+), 4 deletions(-)
diff --git a/src/devices/wifi/nm-device-wifi.c b/src/devices/wifi/nm-device-wifi.c
index 6d6c271..979f309 100644
--- a/src/devices/wifi/nm-device-wifi.c
+++ b/src/devices/wifi/nm-device-wifi.c
@@ -2467,6 +2467,20 @@ build_supplicant_config (NMDeviceWifi *self,
if (!NM_IN_STRSET (nm_setting_wireless_security_get_key_mgmt (s_wireless_sec), "wpa-eap"))
fils = NM_SETTING_WIRELESS_SECURITY_FILS_DISABLE;
+ /* Check if we actually support FILS */
+ if (nm_supplicant_interface_get_fils_support (priv->sup_iface) != NM_SUPPLICANT_FEATURE_YES) {
+ if (fils == NM_SETTING_WIRELESS_SECURITY_FILS_REQUIRED) {
+ g_set_error_literal (error, NM_SUPPLICANT_ERROR, NM_SUPPLICANT_ERROR_CONFIG,
+ "Supplicant does not support FILS");
+ goto error;
+ } else if (fils == NM_SETTING_WIRELESS_SECURITY_FILS_OPTIONAL) {
+ /* To be on the safe side, assume no support if we can't determine
+ * capabilities.
+ */
+ fils = NM_SETTING_WIRELESS_SECURITY_FILS_DISABLE;
+ }
+ }
+
s_8021x = nm_connection_get_setting_802_1x (connection);
if (!nm_supplicant_config_add_setting_wireless_security (config,
s_wireless_sec,
diff --git a/src/supplicant/nm-supplicant-interface.c b/src/supplicant/nm-supplicant-interface.c
index 5d33628..7f251bf 100644
--- a/src/supplicant/nm-supplicant-interface.c
+++ b/src/supplicant/nm-supplicant-interface.c
@@ -93,6 +93,7 @@ NM_GOBJECT_PROPERTIES_DEFINE (NMSupplicantInterface,
PROP_FAST_SUPPORT,
PROP_AP_SUPPORT,
PROP_PMF_SUPPORT,
+ PROP_FILS_SUPPORT,
);
typedef struct {
@@ -102,6 +103,7 @@ typedef struct {
NMSupplicantFeature fast_support;
NMSupplicantFeature ap_support; /* Lightweight AP mode support */
NMSupplicantFeature pmf_support;
+ NMSupplicantFeature fils_support;
guint32 max_scan_ssids;
guint32 ready_count;
@@ -565,6 +567,12 @@ nm_supplicant_interface_get_pmf_support (NMSupplicantInterface *self)
return NM_SUPPLICANT_INTERFACE_GET_PRIVATE (self)->pmf_support;
}
+NMSupplicantFeature
+nm_supplicant_interface_get_fils_support (NMSupplicantInterface *self)
+{
+ return NM_SUPPLICANT_INTERFACE_GET_PRIVATE (self)->fils_support;
+}
+
void
nm_supplicant_interface_set_ap_support (NMSupplicantInterface *self,
NMSupplicantFeature ap_support)
@@ -596,6 +604,15 @@ nm_supplicant_interface_set_pmf_support (NMSupplicantInterface *self,
priv->pmf_support = pmf_support;
}
+void
+nm_supplicant_interface_set_fils_support (NMSupplicantInterface *self,
+ NMSupplicantFeature fils_support)
+{
+ NMSupplicantInterfacePrivate *priv = NM_SUPPLICANT_INTERFACE_GET_PRIVATE (self);
+
+ priv->fils_support = fils_support;
+}
+
/*****************************************************************************/
static void
@@ -1898,6 +1915,10 @@ set_property (GObject *object,
/* construct-only */
priv->pmf_support = g_value_get_int (value);
break;
+ case PROP_FILS_SUPPORT:
+ /* construct-only */
+ priv->fils_support = g_value_get_int (value);
+ break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@@ -1918,7 +1939,8 @@ nm_supplicant_interface_new (const char *ifname,
NMSupplicantDriver driver,
NMSupplicantFeature fast_support,
NMSupplicantFeature ap_support,
- NMSupplicantFeature pmf_support)
+ NMSupplicantFeature pmf_support,
+ NMSupplicantFeature fils_support)
{
g_return_val_if_fail (ifname != NULL, NULL);
@@ -1928,6 +1950,7 @@ nm_supplicant_interface_new (const char *ifname,
NM_SUPPLICANT_INTERFACE_FAST_SUPPORT, (int) fast_support,
NM_SUPPLICANT_INTERFACE_AP_SUPPORT, (int) ap_support,
NM_SUPPLICANT_INTERFACE_PMF_SUPPORT, (int) pmf_support,
+ NM_SUPPLICANT_INTERFACE_FILS_SUPPORT, (int) fils_support,
NULL);
}
@@ -2027,6 +2050,14 @@ nm_supplicant_interface_class_init (NMSupplicantInterfaceClass *klass)
G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY |
G_PARAM_STATIC_STRINGS);
+ obj_properties[PROP_FILS_SUPPORT] =
+ g_param_spec_int (NM_SUPPLICANT_INTERFACE_FILS_SUPPORT, "", "",
+ NM_SUPPLICANT_FEATURE_UNKNOWN,
+ NM_SUPPLICANT_FEATURE_YES,
+ NM_SUPPLICANT_FEATURE_UNKNOWN,
+ G_PARAM_WRITABLE |
+ G_PARAM_CONSTRUCT_ONLY |
+ G_PARAM_STATIC_STRINGS);
g_object_class_install_properties (object_class, _PROPERTY_ENUMS_LAST, obj_properties);
diff --git a/src/supplicant/nm-supplicant-interface.h b/src/supplicant/nm-supplicant-interface.h
index 567cf96..f32ad8d 100644
--- a/src/supplicant/nm-supplicant-interface.h
+++ b/src/supplicant/nm-supplicant-interface.h
@@ -61,6 +61,7 @@ typedef enum {
#define NM_SUPPLICANT_INTERFACE_FAST_SUPPORT "fast-support"
#define NM_SUPPLICANT_INTERFACE_AP_SUPPORT "ap-support"
#define NM_SUPPLICANT_INTERFACE_PMF_SUPPORT "pmf-support"
+#define NM_SUPPLICANT_INTERFACE_FILS_SUPPORT "fils-support"
/* Signals */
#define NM_SUPPLICANT_INTERFACE_STATE "state"
@@ -79,7 +80,8 @@ NMSupplicantInterface * nm_supplicant_interface_new (const char *ifname,
NMSupplicantDriver driver,
NMSupplicantFeature fast_support,
NMSupplicantFeature ap_support,
- NMSupplicantFeature pmf_support);
+ NMSupplicantFeature pmf_support,
+ NMSupplicantFeature fils_support);
void nm_supplicant_interface_set_supplicant_available (NMSupplicantInterface *self,
gboolean available);
@@ -123,6 +125,7 @@ gboolean nm_supplicant_interface_credentials_reply (NMSupplicantInterface *self,
NMSupplicantFeature nm_supplicant_interface_get_ap_support (NMSupplicantInterface *self);
NMSupplicantFeature nm_supplicant_interface_get_pmf_support (NMSupplicantInterface *self);
+NMSupplicantFeature nm_supplicant_interface_get_fils_support (NMSupplicantInterface *self);
void nm_supplicant_interface_set_ap_support (NMSupplicantInterface *self,
NMSupplicantFeature apmode);
@@ -133,6 +136,9 @@ void nm_supplicant_interface_set_fast_support (NMSupplicantInterface *self,
void nm_supplicant_interface_set_pmf_support (NMSupplicantInterface *self,
NMSupplicantFeature pmf_support);
+void nm_supplicant_interface_set_fils_support (NMSupplicantInterface *self,
+ NMSupplicantFeature fils_support);
+
void nm_supplicant_interface_enroll_wps (NMSupplicantInterface *self,
const char *const type,
const char *bssid,
diff --git a/src/supplicant/nm-supplicant-manager.c b/src/supplicant/nm-supplicant-manager.c
index 0f2eb63..5ab96f8 100644
--- a/src/supplicant/nm-supplicant-manager.c
+++ b/src/supplicant/nm-supplicant-manager.c
@@ -40,6 +40,7 @@ typedef struct {
NMSupplicantFeature fast_support;
NMSupplicantFeature ap_support;
NMSupplicantFeature pmf_support;
+ NMSupplicantFeature fils_support;
guint die_count_reset_id;
guint die_count;
} NMSupplicantManagerPrivate;
@@ -161,7 +162,8 @@ nm_supplicant_manager_create_interface (NMSupplicantManager *self,
driver,
priv->fast_support,
priv->ap_support,
- priv->pmf_support);
+ priv->pmf_support,
+ priv->fils_support);
priv->ifaces = g_slist_prepend (priv->ifaces, iface);
g_object_add_toggle_ref ((GObject *) iface, _sup_iface_last_ref, self);
@@ -196,6 +198,7 @@ update_capabilities (NMSupplicantManager *self)
*/
priv->ap_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
priv->pmf_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
+ priv->fils_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
value = g_dbus_proxy_get_cached_property (priv->proxy, "Capabilities");
if (value) {
@@ -203,21 +206,25 @@ update_capabilities (NMSupplicantManager *self)
array = g_variant_get_strv (value, NULL);
priv->ap_support = NM_SUPPLICANT_FEATURE_NO;
priv->pmf_support = NM_SUPPLICANT_FEATURE_NO;
+ priv->fils_support = NM_SUPPLICANT_FEATURE_NO;
if (array) {
if (g_strv_contains (array, "ap"))
priv->ap_support = NM_SUPPLICANT_FEATURE_YES;
if (g_strv_contains (array, "pmf"))
priv->pmf_support = NM_SUPPLICANT_FEATURE_YES;
+ if (g_strv_contains (array, "fils"))
+ priv->fils_support = NM_SUPPLICANT_FEATURE_YES;
g_free (array);
}
}
g_variant_unref (value);
}
- /* Tell all interfaces about results of the AP/PMF check */
+ /* Tell all interfaces about results of the AP/PMF/FILS check */
for (ifaces = priv->ifaces; ifaces; ifaces = ifaces->next) {
nm_supplicant_interface_set_ap_support (ifaces->data, priv->ap_support);
nm_supplicant_interface_set_pmf_support (ifaces->data, priv->pmf_support);
+ nm_supplicant_interface_set_fils_support (ifaces->data, priv->fils_support);
}
_LOGD ("AP mode is %ssupported",
@@ -226,6 +233,9 @@ update_capabilities (NMSupplicantManager *self)
_LOGD ("PMF is %ssupported",
(priv->pmf_support == NM_SUPPLICANT_FEATURE_YES) ? "" :
(priv->pmf_support == NM_SUPPLICANT_FEATURE_NO) ? "not " : "possibly ");
+ _LOGD ("FILS is %ssupported",
+ (priv->fils_support == NM_SUPPLICANT_FEATURE_YES) ? "" :
+ (priv->fils_support == NM_SUPPLICANT_FEATURE_NO) ? "not " : "possibly ");
/* EAP-FAST */
priv->fast_support = NM_SUPPLICANT_FEATURE_NO;
@@ -349,6 +359,7 @@ name_owner_cb (GDBusProxy *proxy, GParamSpec *pspec, gpointer user_data)
priv->ap_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
priv->fast_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
priv->pmf_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
+ priv->fils_support = NM_SUPPLICANT_FEATURE_UNKNOWN;
set_running (self, FALSE);
}
--
2.7.4
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
