diff options
Diffstat (limited to 'panels/network/connection-editor/ce-page-security.c')
-rw-r--r-- | panels/network/connection-editor/ce-page-security.c | 553 |
1 files changed, 553 insertions, 0 deletions
diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c new file mode 100644 index 0000000..c7cd7d9 --- /dev/null +++ b/panels/network/connection-editor/ce-page-security.c @@ -0,0 +1,553 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- + * + * Copyright (C) 2012 Red Hat, Inc + * + * Licensed under the GNU General Public License Version 2 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "config.h" + +#include <glib/gi18n.h> + +#include <NetworkManager.h> + +#include "ce-page.h" +#include "ce-page-security.h" +#include "wireless-security.h" +#include "ws-dynamic-wep.h" +#include "ws-leap.h" +#include "ws-sae.h" +#include "ws-wep-key.h" +#include "ws-wpa-eap.h" +#include "ws-wpa-psk.h" + +struct _CEPageSecurity +{ + GtkGrid parent; + + GtkBox *box; + GtkComboBox *security_combo; + GtkLabel *security_label; + + NMConnection *connection; + const gchar *security_setting; + GtkSizeGroup *group; + gboolean adhoc; +}; + +static void ce_page_iface_init (CEPageInterface *); + +G_DEFINE_TYPE_WITH_CODE (CEPageSecurity, ce_page_security, GTK_TYPE_GRID, + G_IMPLEMENT_INTERFACE (ce_page_get_type (), ce_page_iface_init)) + +enum { + S_NAME_COLUMN, + S_SEC_COLUMN, + S_ADHOC_VALID_COLUMN +}; + +static gboolean +find_proto (NMSettingWirelessSecurity *sec, const char *item) +{ + guint32 i; + + for (i = 0; i < nm_setting_wireless_security_get_num_protos (sec); i++) { + if (!strcmp (item, nm_setting_wireless_security_get_proto (sec, i))) + return TRUE; + } + return FALSE; +} + +static NMUtilsSecurityType +get_default_type_for_security (NMSettingWirelessSecurity *sec) +{ + const char *key_mgmt, *auth_alg; + + g_return_val_if_fail (sec != NULL, NMU_SEC_NONE); + + key_mgmt = nm_setting_wireless_security_get_key_mgmt (sec); + auth_alg = nm_setting_wireless_security_get_auth_alg (sec); + + /* No IEEE 802.1x */ + if (!strcmp (key_mgmt, "none")) + return NMU_SEC_STATIC_WEP; + + if (!strcmp (key_mgmt, "ieee8021x")) { + if (auth_alg && !strcmp (auth_alg, "leap")) + return NMU_SEC_LEAP; + return NMU_SEC_DYNAMIC_WEP; + } + +#if NM_CHECK_VERSION(1,24,0) + if (!strcmp (key_mgmt, "owe")) { + return NMU_SEC_OWE; + } +#endif + +#if NM_CHECK_VERSION(1,20,6) + if (!strcmp (key_mgmt, "sae")) { + return NMU_SEC_SAE; + } +#endif + + if ( !strcmp (key_mgmt, "wpa-none") + || !strcmp (key_mgmt, "wpa-psk")) { + if (find_proto (sec, "rsn")) + return NMU_SEC_WPA2_PSK; + else if (find_proto (sec, "wpa")) + return NMU_SEC_WPA_PSK; + else + return NMU_SEC_WPA_PSK; + } + + if (!strcmp (key_mgmt, "wpa-eap")) { + if (find_proto (sec, "rsn")) + return NMU_SEC_WPA2_ENTERPRISE; + else if (find_proto (sec, "wpa")) + return NMU_SEC_WPA_ENTERPRISE; + else + return NMU_SEC_WPA_ENTERPRISE; + } + + return NMU_SEC_INVALID; +} + +static WirelessSecurity * +security_combo_get_active (CEPageSecurity *self) +{ + GtkTreeIter iter; + GtkTreeModel *model; + WirelessSecurity *sec = NULL; + + model = gtk_combo_box_get_model (self->security_combo); + if (!gtk_combo_box_get_active_iter (self->security_combo, &iter)) + return NULL; + gtk_tree_model_get (model, &iter, S_SEC_COLUMN, &sec, -1); + + return sec; +} + +static void +wsec_size_group_clear (GtkSizeGroup *group) +{ + GSList *children; + GSList *iter; + + g_return_if_fail (group != NULL); + + children = gtk_size_group_get_widgets (group); + for (iter = children; iter; iter = g_slist_next (iter)) + gtk_size_group_remove_widget (group, GTK_WIDGET (iter->data)); +} + +static void +security_combo_changed (CEPageSecurity *self) +{ + g_autoptr(WirelessSecurity) sec = NULL; + GtkWidget *child; + + wsec_size_group_clear (self->group); + + while ((child = gtk_widget_get_first_child (GTK_WIDGET (self->box))) != NULL) + gtk_box_remove (self->box, child); + + sec = security_combo_get_active (self); + if (sec) { + if (gtk_widget_get_parent (GTK_WIDGET (sec))) + gtk_box_remove (self->box, GTK_WIDGET (sec)); + + gtk_size_group_add_widget (self->group, GTK_WIDGET (self->security_label)); + wireless_security_add_to_size_group (sec, self->group); + + gtk_box_append (self->box, g_object_ref (GTK_WIDGET (sec))); + } + + ce_page_changed (CE_PAGE (self)); +} + +static void +security_item_changed_cb (CEPageSecurity *self) +{ + ce_page_changed (CE_PAGE (self)); +} + +static void +add_security_item (CEPageSecurity *self, + WirelessSecurity *sec, + GtkListStore *model, + GtkTreeIter *iter, + const char *text, + gboolean adhoc_valid) +{ + g_signal_connect_object (sec, "changed", G_CALLBACK (security_item_changed_cb), self, G_CONNECT_SWAPPED); + gtk_list_store_append (model, iter); + gtk_list_store_set (model, iter, + S_NAME_COLUMN, text, + S_SEC_COLUMN, sec, + S_ADHOC_VALID_COLUMN, adhoc_valid, + -1); + g_object_unref (sec); +} + +static void +set_sensitive (GtkCellLayout *cell_layout, + GtkCellRenderer *cell, + GtkTreeModel *tree_model, + GtkTreeIter *iter, + gpointer data) +{ + gboolean *adhoc = data; + gboolean sensitive = TRUE, adhoc_valid = TRUE; + + gtk_tree_model_get (tree_model, iter, S_ADHOC_VALID_COLUMN, &adhoc_valid, -1); + if (*adhoc && !adhoc_valid) + sensitive = FALSE; + + g_object_set (cell, "sensitive", sensitive, NULL); +} + +static void +finish_setup (CEPageSecurity *self) +{ + NMSettingWireless *sw; + NMSettingWirelessSecurity *sws; + gboolean is_adhoc = FALSE; + g_autoptr(GtkListStore) sec_model = NULL; + GtkTreeIter iter; + const gchar *mode; + guint32 dev_caps = 0; + NMUtilsSecurityType default_type = NMU_SEC_NONE; + int active = -1; + int item = 0; + GtkCellRenderer *renderer; + + sw = nm_connection_get_setting_wireless (self->connection); + g_assert (sw); + + self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL); + + dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40 + | NM_WIFI_DEVICE_CAP_CIPHER_WEP104 + | NM_WIFI_DEVICE_CAP_CIPHER_TKIP + | NM_WIFI_DEVICE_CAP_CIPHER_CCMP + | NM_WIFI_DEVICE_CAP_WPA + | NM_WIFI_DEVICE_CAP_RSN; + + mode = nm_setting_wireless_get_mode (sw); + if (mode && !strcmp (mode, "adhoc")) + is_adhoc = TRUE; + self->adhoc = is_adhoc; + + sws = nm_connection_get_setting_wireless_security (self->connection); + if (sws) + default_type = get_default_type_for_security (sws); + + sec_model = gtk_list_store_new (3, G_TYPE_STRING, wireless_security_get_type (), G_TYPE_BOOLEAN); + + if (nm_utils_security_valid (NMU_SEC_NONE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + gtk_list_store_insert_with_values (sec_model, &iter, -1, + S_NAME_COLUMN, C_("Wi-Fi/Ethernet security", "None"), + S_ADHOC_VALID_COLUMN, TRUE, + -1); + if (default_type == NMU_SEC_NONE) + active = item; + item++; + } + +#if NM_CHECK_VERSION(1,24,0) + if (nm_utils_security_valid (NMU_SEC_OWE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + gtk_list_store_insert_with_values (sec_model, &iter, -1, + S_NAME_COLUMN, _("Enhanced Open"), + S_ADHOC_VALID_COLUMN, FALSE, + -1); + if (active < 0 && default_type == NMU_SEC_OWE) + active = item; + item++; + } +#endif + + if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityWEPKey *ws_wep; + NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY; + + if (default_type == NMU_SEC_STATIC_WEP) { + sws = nm_connection_get_setting_wireless_security (self->connection); + if (sws) + wep_type = nm_setting_wireless_security_get_wep_key_type (sws); + if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN) + wep_type = NM_WEP_KEY_TYPE_KEY; + } + + ws_wep = ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_KEY); + if (ws_wep) { + add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model, + &iter, _("WEP 40/128-bit Key (Hex or ASCII)"), + TRUE); + if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY)) + active = item; + item++; + } + + ws_wep = ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_PASSPHRASE); + if (ws_wep) { + add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model, + &iter, _("WEP 128-bit Passphrase"), TRUE); + if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE)) + active = item; + item++; + } + } + + if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityLEAP *ws_leap; + + ws_leap = ws_leap_new (self->connection); + if (ws_leap) { + add_security_item (self, WIRELESS_SECURITY (ws_leap), sec_model, + &iter, _("LEAP"), FALSE); + if ((active < 0) && (default_type == NMU_SEC_LEAP)) + active = item; + item++; + } + } + + if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityDynamicWEP *ws_dynamic_wep; + + ws_dynamic_wep = ws_dynamic_wep_new (self->connection); + if (ws_dynamic_wep) { + add_security_item (self, WIRELESS_SECURITY (ws_dynamic_wep), sec_model, + &iter, _("Dynamic WEP (802.1x)"), FALSE); + if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP)) + active = item; + item++; + } + } + + if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) || + nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityWPAPSK *ws_wpa_psk; + + ws_wpa_psk = ws_wpa_psk_new (self->connection); + if (ws_wpa_psk) { + add_security_item (self, WIRELESS_SECURITY (ws_wpa_psk), sec_model, + &iter, _("WPA & WPA2 Personal"), FALSE); + if ((active < 0) && ((default_type == NMU_SEC_WPA_PSK) || (default_type == NMU_SEC_WPA2_PSK))) + active = item; + item++; + } + } + + if (nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0) || + nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityWPAEAP *ws_wpa_eap; + + ws_wpa_eap = ws_wpa_eap_new (self->connection); + if (ws_wpa_eap) { + add_security_item (self, WIRELESS_SECURITY (ws_wpa_eap), sec_model, + &iter, _("WPA & WPA2 Enterprise"), FALSE); + if ((active < 0) && ((default_type == NMU_SEC_WPA_ENTERPRISE) || (default_type == NMU_SEC_WPA2_ENTERPRISE))) + active = item; + item++; + } + } + +#if NM_CHECK_VERSION(1,20,6) + if (nm_utils_security_valid (NMU_SEC_SAE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecuritySAE *ws_sae; + + ws_sae = ws_sae_new (self->connection); + if (ws_sae) { + add_security_item (self, WIRELESS_SECURITY (ws_sae), sec_model, + &iter, _("WPA3 Personal"), FALSE); + if ((active < 0) && ((default_type == NMU_SEC_SAE))) + active = item; + item++; + } + } +#endif + + gtk_combo_box_set_model (self->security_combo, GTK_TREE_MODEL (sec_model)); + gtk_cell_layout_clear (GTK_CELL_LAYOUT (self->security_combo)); + + renderer = gtk_cell_renderer_text_new (); + gtk_cell_layout_pack_start (GTK_CELL_LAYOUT (self->security_combo), renderer, TRUE); + gtk_cell_layout_set_attributes (GTK_CELL_LAYOUT (self->security_combo), renderer, "text", S_NAME_COLUMN, NULL); + gtk_cell_layout_set_cell_data_func (GTK_CELL_LAYOUT (self->security_combo), renderer, set_sensitive, &self->adhoc, NULL); + + gtk_combo_box_set_active (self->security_combo, active < 0 ? 0 : (guint32) active); + + security_combo_changed (self); + g_signal_connect_object (self->security_combo, "changed", + G_CALLBACK (security_combo_changed), self, G_CONNECT_SWAPPED); +} + +static void +ce_page_security_dispose (GObject *object) +{ + CEPageSecurity *self = CE_PAGE_SECURITY (object); + + g_clear_object (&self->connection); + g_clear_object (&self->group); + + G_OBJECT_CLASS (ce_page_security_parent_class)->dispose (object); +} + +static const gchar * +ce_page_security_get_security_setting (CEPage *page) +{ + return CE_PAGE_SECURITY (page)->security_setting; +} + +static const gchar * +ce_page_security_get_title (CEPage *page) +{ + return _("Security"); +} + +static gboolean +ce_page_security_validate (CEPage *page, + NMConnection *connection, + GError **error) +{ + CEPageSecurity *self = CE_PAGE_SECURITY (page); + NMSettingWireless *sw; + g_autoptr(WirelessSecurity) sec = NULL; + gboolean valid = FALSE; + const char *mode; + + sw = nm_connection_get_setting_wireless (connection); + + mode = nm_setting_wireless_get_mode (sw); + if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) + CE_PAGE_SECURITY (self)->adhoc = TRUE; + else + CE_PAGE_SECURITY (self)->adhoc = FALSE; + + sec = security_combo_get_active (CE_PAGE_SECURITY (self)); + if (sec) { + GBytes *ssid = nm_setting_wireless_get_ssid (sw); + + if (ssid) { + /* FIXME: get failed property and error out of wifi security objects */ + valid = wireless_security_validate (sec, error); + if (valid) + wireless_security_fill_connection (sec, connection); + } else { + g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_SETTING, "Missing SSID"); + valid = FALSE; + } + + if (self->adhoc) { + if (!wireless_security_adhoc_compatible (sec)) { + if (valid) + g_set_error (error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_SETTING, "Security not compatible with Ad-Hoc mode"); + valid = FALSE; + } + } + } else { + + if (gtk_combo_box_get_active ((CE_PAGE_SECURITY (self))->security_combo) == 0) { + /* No security, unencrypted */ + nm_connection_remove_setting (connection, NM_TYPE_SETTING_WIRELESS_SECURITY); + nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X); + valid = TRUE; + } else { + /* owe case: + * fill the connection manually until libnma implements OWE wireless security + */ + NMSetting *sws; + + sws = nm_setting_wireless_security_new (); + g_object_set (sws, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "owe", NULL); + nm_connection_add_setting (connection, sws); + nm_connection_remove_setting (connection, NM_TYPE_SETTING_802_1X); + valid = TRUE; + } + + } + + return valid; +} + +static void +ce_page_security_init (CEPageSecurity *self) +{ + gtk_widget_init_template (GTK_WIDGET (self)); +} + +static void +ce_page_security_class_init (CEPageSecurityClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS (klass); + GtkWidgetClass *widget_class = GTK_WIDGET_CLASS (klass); + + object_class->dispose = ce_page_security_dispose; + + gtk_widget_class_set_template_from_resource (widget_class, "/org/gnome/control-center/network/security-page.ui"); + + gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, box); + gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, security_label); + gtk_widget_class_bind_template_child (widget_class, CEPageSecurity, security_combo); +} + +static void +ce_page_iface_init (CEPageInterface *iface) +{ + iface->get_security_setting = ce_page_security_get_security_setting; + iface->get_title = ce_page_security_get_title; + iface->validate = ce_page_security_validate; +} + +CEPageSecurity * +ce_page_security_new (NMConnection *connection) +{ + CEPageSecurity *self; + NMUtilsSecurityType default_type = NMU_SEC_NONE; + NMSettingWirelessSecurity *sws; + + self = CE_PAGE_SECURITY (g_object_new (ce_page_security_get_type (), NULL)); + + self->connection = g_object_ref (connection); + + sws = nm_connection_get_setting_wireless_security (connection); + if (sws) + default_type = get_default_type_for_security (sws); + + if (default_type == NMU_SEC_STATIC_WEP || + default_type == NMU_SEC_LEAP || + default_type == NMU_SEC_WPA_PSK || +#if NM_CHECK_VERSION(1,20,6) + default_type == NMU_SEC_SAE || +#endif +#if NM_CHECK_VERSION(1,24,0) + default_type == NMU_SEC_OWE || +#endif + default_type == NMU_SEC_WPA2_PSK) { + self->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME; + } + + if (default_type == NMU_SEC_DYNAMIC_WEP || + default_type == NMU_SEC_WPA_ENTERPRISE || + default_type == NMU_SEC_WPA2_ENTERPRISE) { + self->security_setting = NM_SETTING_802_1X_SETTING_NAME; + } + + g_signal_connect (self, "initialized", G_CALLBACK (finish_setup), NULL); + + return self; +} |