Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:Update
gnome-control-center
control-center-complete-SAE-support.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File control-center-complete-SAE-support.patch of Package gnome-control-center
From 47f8fc02bfe11133d30f88ad99e0c6ccf8857989 Mon Sep 17 00:00:00 2001 From: Jonathan Kang <jonathankang@gnome.org> Date: Wed, 26 Aug 2020 09:28:25 +0800 Subject: [PATCH 1/2] add SAE support --- panels/network/cc-wifi-connection-row.c | 11 ++++++++- .../connection-editor/ce-page-details.c | 13 ++++++++-- .../connection-editor/ce-page-security.c | 24 +++++++++++++++++++ 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/panels/network/cc-wifi-connection-row.c b/panels/network/cc-wifi-connection-row.c index 88ca9dfdc..f331e1597 100644 --- a/panels/network/cc-wifi-connection-row.c +++ b/panels/network/cc-wifi-connection-row.c @@ -59,7 +59,8 @@ typedef enum NM_AP_SEC_NONE, NM_AP_SEC_WEP, NM_AP_SEC_WPA, - NM_AP_SEC_WPA2 + NM_AP_SEC_WPA2, + NM_AP_SEC_SAE } NMAccessPointSecurity; G_DEFINE_TYPE (CcWifiConnectionRow, cc_wifi_connection_row, GTK_TYPE_LIST_BOX_ROW) @@ -96,6 +97,12 @@ get_access_point_security (NMAccessPoint *ap) { type = NM_AP_SEC_WPA; } +#if NM_CHECK_VERSION(1,20,6) + else if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) + { + type = NM_AP_SEC_SAE; + } +#endif else { type = NM_AP_SEC_WPA2; @@ -128,6 +135,8 @@ get_connection_security (NMConnection *con) return NM_AP_SEC_WPA2; else if (strncmp (key_mgmt, "wpa-", 4) == 0) return NM_AP_SEC_WPA; + else if (g_str_equal (key_mgmt, "sae")) + return NM_AP_SEC_SAE; else return NM_AP_SEC_UNKNOWN; } diff --git a/panels/network/connection-editor/ce-page-details.c b/panels/network/connection-editor/ce-page-details.c index dbcc3d363..73a119b7e 100644 --- a/panels/network/connection-editor/ce-page-details.c +++ b/panels/network/connection-editor/ce-page-details.c @@ -60,8 +60,17 @@ get_ap_security_string (NMAccessPoint *ap) g_string_append_printf (str, "%s, ", _("WPA")); } if (rsn_flags != NM_802_11_AP_SEC_NONE) { - /* TRANSLATORS: this WPA WiFi security */ - g_string_append_printf (str, "%s, ", _("WPA2")); +#if NM_CHECK_VERSION(1,20,6) + if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) { + /* TRANSLATORS: this WPA3 WiFi security */ + g_string_append_printf (str, "%s, ", _("WPA3")); + } + else +#endif + { + /* TRANSLATORS: this WPA WiFi security */ + g_string_append_printf (str, "%s, ", _("WPA2")); + } } if ((wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X) || (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) { diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c index f22954a33..d6da0e927 100644 --- a/panels/network/connection-editor/ce-page-security.c +++ b/panels/network/connection-editor/ce-page-security.c @@ -69,6 +69,12 @@ get_default_type_for_security (NMSettingWirelessSecurity *sec) return NMU_SEC_DYNAMIC_WEP; } +#if NM_CHECK_VERSION(1,20,6) + if (!strcmp (key_mgmt, "sae")) { + return NMU_SEC_SAE; + } +#endif + if ( !strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) { if (find_proto (sec, "rsn")) @@ -337,6 +343,21 @@ finish_setup (CEPageSecurity *page) } } +#if NM_CHECK_VERSION(1,20,6) + if (nm_utils_security_valid (NMU_SEC_SAE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityWPAPSK *ws_wpa_psk; + + ws_wpa_psk = ws_wpa_psk_new (connection, FALSE); + if (ws_wpa_psk) { + add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model, + &iter, _("WPA3 Personal"), FALSE); + if ((active < 0) && ((default_type == NMU_SEC_SAE))) + active = item; + item++; + } + } +#endif + gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model)); gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo)); @@ -452,6 +473,9 @@ ce_page_security_new (NMConnection *connection, if (default_type == NMU_SEC_STATIC_WEP || default_type == NMU_SEC_LEAP || default_type == NMU_SEC_WPA_PSK || +#if NM_CHECK_VERSION(1,20,6) + default_type == NMU_SEC_SAE || +#endif default_type == NMU_SEC_WPA2_PSK) { CE_PAGE (page)->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME; } -- 2.26.2 From 19a65a84070cbb2e041b88ecce885ef4e0162b0e Mon Sep 17 00:00:00 2001 From: Jonathan Kang <jonathankang@gnome.org> Date: Sun, 27 Sep 2020 09:51:27 +0800 Subject: [PATCH 2/2] network: complet SAE Support --- .../connection-editor/ce-page-security.c | 8 +- panels/network/wireless-security/meson.build | 3 + .../wireless-security.gresource.xml | 1 + .../wireless-security/wireless-security.h | 1 + panels/network/wireless-security/ws-sae.c | 202 ++++++++++++++++++ panels/network/wireless-security/ws-sae.h | 13 ++ panels/network/wireless-security/ws-sae.ui | 98 +++++++++ 7 files changed, 322 insertions(+), 4 deletions(-) create mode 100644 panels/network/wireless-security/ws-sae.c create mode 100644 panels/network/wireless-security/ws-sae.h create mode 100644 panels/network/wireless-security/ws-sae.ui diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c index d6da0e927..12fc1ca76 100644 --- a/panels/network/connection-editor/ce-page-security.c +++ b/panels/network/connection-editor/ce-page-security.c @@ -345,11 +345,11 @@ finish_setup (CEPageSecurity *page) #if NM_CHECK_VERSION(1,20,6) if (nm_utils_security_valid (NMU_SEC_SAE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { - WirelessSecurityWPAPSK *ws_wpa_psk; + WirelessSecuritySAE *ws_sae; - ws_wpa_psk = ws_wpa_psk_new (connection, FALSE); - if (ws_wpa_psk) { - add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model, + ws_sae = ws_sae_new (connection, FALSE); + if (ws_sae) { + add_security_item (page, WIRELESS_SECURITY (ws_sae), sec_model, &iter, _("WPA3 Personal"), FALSE); if ((active < 0) && ((default_type == NMU_SEC_SAE))) active = item; diff --git a/panels/network/wireless-security/meson.build b/panels/network/wireless-security/meson.build index 47def7a63..6036f56af 100644 --- a/panels/network/wireless-security/meson.build +++ b/panels/network/wireless-security/meson.build @@ -14,6 +14,7 @@ nm_applet_headers = [ 'wireless-security.h', 'ws-leap.h', 'ws-dynamic-wep.h', + 'ws-sae.h', 'ws-wep-key.h', 'ws-wpa-eap.h', 'ws-wpa-psk.h' @@ -31,6 +32,7 @@ nm_applet_sources = [ 'wireless-security.c', 'ws-leap.c', 'ws-dynamic-wep.c', + 'ws-sae.c', 'ws-wep-key.c', 'ws-wpa-eap.c', 'ws-wpa-psk.c' @@ -47,6 +49,7 @@ nm_resource_data = [ 'eap-method-ttls.ui', 'ws-dynamic-wep.ui', 'ws-leap.ui', + 'ws-sae.ui', 'ws-wep-key.ui', 'ws-wpa-eap.ui', 'ws-wpa-psk.ui' diff --git a/panels/network/wireless-security/wireless-security.gresource.xml b/panels/network/wireless-security/wireless-security.gresource.xml index a483d06a0..fa1a965ad 100644 --- a/panels/network/wireless-security/wireless-security.gresource.xml +++ b/panels/network/wireless-security/wireless-security.gresource.xml @@ -9,6 +9,7 @@ <file preprocess="xml-stripblanks">eap-method-ttls.ui</file> <file preprocess="xml-stripblanks">ws-dynamic-wep.ui</file> <file preprocess="xml-stripblanks">ws-leap.ui</file> + <file preprocess="xml-stripblanks">ws-sae.ui</file> <file preprocess="xml-stripblanks">ws-wep-key.ui</file> <file preprocess="xml-stripblanks">ws-wpa-eap.ui</file> <file preprocess="xml-stripblanks">ws-wpa-psk.ui</file> diff --git a/panels/network/wireless-security/wireless-security.h b/panels/network/wireless-security/wireless-security.h index 975e750f6..e3b01c5c7 100644 --- a/panels/network/wireless-security/wireless-security.h +++ b/panels/network/wireless-security/wireless-security.h @@ -99,6 +99,7 @@ GType wireless_security_get_type (void); /* Below for internal use only */ +#include "ws-sae.h" #include "ws-wep-key.h" #include "ws-wpa-psk.h" #include "ws-leap.h" diff --git a/panels/network/wireless-security/ws-sae.c b/panels/network/wireless-security/ws-sae.c new file mode 100644 index 000000000..7fa95c687 --- /dev/null +++ b/panels/network/wireless-security/ws-sae.c @@ -0,0 +1,202 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2007 - 2019 Red Hat, Inc. + */ + +#include "nm-default.h" + +#include <ctype.h> +#include <string.h> + +#include "wireless-security.h" +#include "helpers.h" +#include "nma-ui-utils.h" +#include "utils.h" + +#define WPA_PMK_LEN 32 + +struct _WirelessSecuritySAE { + WirelessSecurity parent; + + gboolean editing_connection; + const char *password_flags_name; +}; + +static void +show_toggled_cb (GtkCheckButton *button, WirelessSecurity *sec) +{ + GtkWidget *widget; + gboolean visible; + + widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, "psk_entry")); + g_assert (widget); + + visible = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (button)); + gtk_entry_set_visibility (GTK_ENTRY (widget), visible); +} + +static gboolean +validate (WirelessSecurity *parent, GError **error) +{ + GtkWidget *entry; + NMSettingSecretFlags secret_flags; + const char *key; + + entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "psk_entry")); + g_assert (entry); + + secret_flags = nma_utils_menu_to_secret_flags (entry); + key = gtk_entry_get_text (GTK_ENTRY (entry)); + + if ( secret_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED + || secret_flags & NM_SETTING_SECRET_FLAG_NOT_REQUIRED) { + /* All good. */ + } else if (key == NULL || key[0] == '\0') { + widget_set_error (entry); + g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("missing password")); + return FALSE; + } + widget_unset_error (entry); + + return TRUE; +} + +static void +add_to_size_group (WirelessSecurity *parent, GtkSizeGroup *group) +{ + GtkWidget *widget; + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_label")); + gtk_size_group_add_widget (group, widget); + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_label")); + gtk_size_group_add_widget (group, widget); +} + +static void +fill_connection (WirelessSecurity *parent, NMConnection *connection) +{ + WirelessSecuritySAE *sae = (WirelessSecuritySAE *) parent; + GtkWidget *widget, *passwd_entry; + const char *key; + NMSettingWireless *s_wireless; + NMSettingWirelessSecurity *s_wireless_sec; + NMSettingSecretFlags secret_flags; + const char *mode; + gboolean is_adhoc = FALSE; + + s_wireless = nm_connection_get_setting_wireless (connection); + g_assert (s_wireless); + + mode = nm_setting_wireless_get_mode (s_wireless); + if (mode && !strcmp (mode, "adhoc")) + is_adhoc = TRUE; + + /* Blow away the old security setting by adding a clear one */ + s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); + nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec); + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "psk_entry")); + passwd_entry = widget; + key = gtk_entry_get_text (GTK_ENTRY (widget)); + g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); + + /* Save PSK_FLAGS to the connection */ + secret_flags = nma_utils_menu_to_secret_flags (passwd_entry); + nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK, + secret_flags, NULL); + + /* Update secret flags and popup when editing the connection */ + if (sae->editing_connection) + nma_utils_update_password_storage (passwd_entry, secret_flags, + NM_SETTING (s_wireless_sec), sae->password_flags_name); + + wireless_security_clear_ciphers (connection); + if (is_adhoc) { + /* Ad-Hoc settings as specified by the supplicant */ + g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "sae", NULL); + nm_setting_wireless_security_add_proto (s_wireless_sec, "rsn"); + nm_setting_wireless_security_add_pairwise (s_wireless_sec, "ccmp"); + nm_setting_wireless_security_add_group (s_wireless_sec, "ccmp"); + } else { + g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "sae", NULL); + + /* Just leave ciphers and protocol empty, the supplicant will + * figure that out magically based on the AP IEs and card capabilities. + */ + } +} + +static void +update_secrets (WirelessSecurity *parent, NMConnection *connection) +{ + helper_fill_secret_entry (connection, + parent->builder, + "psk_entry", + NM_TYPE_SETTING_WIRELESS_SECURITY, + (HelperSecretFunc) nm_setting_wireless_security_get_psk); +} + +WirelessSecuritySAE * +ws_sae_new (NMConnection *connection, gboolean secrets_only) +{ + WirelessSecurity *parent; + WirelessSecuritySAE *sec; + NMSetting *setting = NULL; + GtkWidget *widget; + + parent = wireless_security_init (sizeof (WirelessSecuritySAE), + validate, + add_to_size_group, + fill_connection, + update_secrets, + NULL, + "/org/freedesktop/network-manager-applet/ws-sae.ui", + "sae_notebook", + "psk_entry"); + if (!parent) + return NULL; + + parent->adhoc_compatible = TRUE; + sec = (WirelessSecuritySAE *) parent; + sec->editing_connection = secrets_only ? FALSE : TRUE; + sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_PSK; + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "psk_entry")); + g_assert (widget); + g_signal_connect (G_OBJECT (widget), "changed", + (GCallback) wireless_security_changed_cb, + sec); + gtk_entry_set_width_chars (GTK_ENTRY (widget), 28); + + /* Create password-storage popup menu for password entry under entry's secondary icon */ + if (connection) + setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection); + nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name, + FALSE, secrets_only); + + /* Fill secrets, if any */ + if (connection) + update_secrets (WIRELESS_SECURITY (sec), connection); + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_sae")); + g_assert (widget); + g_signal_connect (G_OBJECT (widget), "toggled", + (GCallback) show_toggled_cb, + sec); + + /* Hide WPA/RSN for now since this can be autodetected by NM and the + * supplicant when connecting to the AP. + */ + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_combo")); + g_assert (widget); + gtk_widget_hide (widget); + + widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_label")); + g_assert (widget); + gtk_widget_hide (widget); + + return sec; +} + diff --git a/panels/network/wireless-security/ws-sae.h b/panels/network/wireless-security/ws-sae.h new file mode 100644 index 000000000..1514e0b8c --- /dev/null +++ b/panels/network/wireless-security/ws-sae.h @@ -0,0 +1,13 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright 2007 - 2019 Red Hat, Inc. + */ + +#ifndef WS_SAE_H +#define WS_SAE_H + +typedef struct _WirelessSecuritySAE WirelessSecuritySAE; + +WirelessSecuritySAE * ws_sae_new (NMConnection *connection, gboolean secrets_only); + +#endif /* WS_SAE_H */ diff --git a/panels/network/wireless-security/ws-sae.ui b/panels/network/wireless-security/ws-sae.ui new file mode 100644 index 000000000..8f0d04133 --- /dev/null +++ b/panels/network/wireless-security/ws-sae.ui @@ -0,0 +1,98 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Generated with glade 3.20.0 --> +<interface domain="nm-applet"> + <requires lib="gtk+" version="3.10"/> + <object class="GtkNotebook" id="sae_notebook"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="show_tabs">False</property> + <property name="show_border">False</property> + <child> + <object class="GtkGrid" id="sae_table"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="row_spacing">6</property> + <property name="column_spacing">6</property> + <child> + <object class="GtkLabel" id="sae_label"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="label" translatable="yes">_Password</property> + <property name="use_underline">True</property> + <property name="mnemonic_widget">psk_entry</property> + <property name="xalign">1</property> + </object> + <packing> + <property name="left_attach">0</property> + <property name="top_attach">0</property> + </packing> + </child> + <child> + <object class="GtkEntry" id="psk_entry"> + <property name="visible">True</property> + <property name="can_focus">True</property> + <property name="hexpand">True</property> + <property name="max_length">64</property> + <property name="visibility">False</property> + <property name="activates_default">True</property> + </object> + <packing> + <property name="left_attach">1</property> + <property name="top_attach">0</property> + </packing> + </child> + <child> + <object class="GtkLabel" id="sae_type_label"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="label" translatable="yes">_Type</property> + <property name="use_underline">True</property> + <property name="mnemonic_widget">sae_type_combo</property> + <property name="xalign">1</property> + </object> + <packing> + <property name="left_attach">0</property> + <property name="top_attach">2</property> + </packing> + </child> + <child> + <object class="GtkCheckButton" id="show_checkbutton_sae"> + <property name="label" translatable="yes">Sho_w password</property> + <property name="visible">True</property> + <property name="can_focus">True</property> + <property name="receives_default">False</property> + <property name="hexpand">True</property> + <property name="use_underline">True</property> + <property name="draw_indicator">True</property> + </object> + <packing> + <property name="left_attach">1</property> + <property name="top_attach">1</property> + </packing> + </child> + <child> + <object class="GtkComboBox" id="sae_type_combo"> + <property name="visible">True</property> + <property name="can_focus">False</property> + </object> + <packing> + <property name="left_attach">1</property> + <property name="top_attach">2</property> + </packing> + </child> + <child> + <placeholder/> + </child> + </object> + </child> + <child type="tab"> + <object class="GtkLabel" id="GtkLabel2"> + <property name="visible">True</property> + <property name="can_focus">False</property> + </object> + <packing> + <property name="tab_fill">False</property> + </packing> + </child> + </object> +</interface> -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
