summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBeniamino Galvani <bgalvani@redhat.com>2019-08-19 15:32:42 +0200
committerBeniamino Galvani <bgalvani@redhat.com>2019-08-26 10:25:00 +0200
commitc97e0ce30b8b9b118d47d0e02e6ebe7556e9f0c4 (patch)
treefe8ecb3e1694be0e67dbf95b710283ab73b29d18
parent73b380622840b12ab417528894172c7172301936 (diff)
wifi: drop support for wpa-none key-mgmt
NM didn't support wpa-none for years because kernel drivers used to be broken. Note that it wasn't even possible to *add* a connection with wpa-none because it was rejected in nm_settings_add_connection_dbus(). Given that wpa-none is also deprecated in wpa_supplicant and is considered insecure, drop altogether any reference to it.
-rw-r--r--clients/common/nm-meta-setting-desc.c2
-rw-r--r--clients/common/nm-secret-agent-simple.c2
-rw-r--r--clients/common/settings-docs.h.in2
-rw-r--r--clients/tui/nm-editor-bindings.c3
-rw-r--r--libnm-core/nm-setting-wireless-security.c43
-rw-r--r--libnm-core/nm-setting-wireless.c8
-rw-r--r--libnm-core/nm-utils.c26
-rw-r--r--libnm/nm-device-wifi.c3
-rw-r--r--src/devices/wifi/nm-device-wifi.c59
-rw-r--r--src/devices/wifi/nm-wifi-ap.c34
-rw-r--r--src/devices/wifi/nm-wifi-utils.c72
-rw-r--r--src/settings/nm-settings.c11
-rw-r--r--src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c4
-rw-r--r--src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c2
-rw-r--r--src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c4
-rw-r--r--src/supplicant/nm-supplicant-config.c4
-rw-r--r--src/supplicant/nm-supplicant-settings-verify.c2
17 files changed, 23 insertions, 258 deletions
diff --git a/clients/common/nm-meta-setting-desc.c b/clients/common/nm-meta-setting-desc.c
index bdeb2026e..6febb49fd 100644
--- a/clients/common/nm-meta-setting-desc.c
+++ b/clients/common/nm-meta-setting-desc.c
@@ -7311,7 +7311,7 @@ static const NMMetaPropertyInfo *const property_infos_WIRELESS_SECURITY[] = {
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_SECURITY_KEY_MGMT,
.property_type = &_pt_gobject_string,
.property_typ_data = DEFINE_PROPERTY_TYP_DATA (
- .values_static = NM_MAKE_STRV ("none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", "sae"),
+ .values_static = NM_MAKE_STRV ("none", "ieee8021x", "wpa-psk", "wpa-eap", "sae"),
),
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX,
diff --git a/clients/common/nm-secret-agent-simple.c b/clients/common/nm-secret-agent-simple.c
index 52059f952..e31431466 100644
--- a/clients/common/nm-secret-agent-simple.c
+++ b/clients/common/nm-secret-agent-simple.c
@@ -317,7 +317,7 @@ add_wireless_secrets (RequestData *request,
if (!key_mgmt)
return FALSE;
- if (NM_IN_STRSET (key_mgmt, "wpa-none", "wpa-psk", "sae")) {
+ if (NM_IN_STRSET (key_mgmt, "wpa-psk", "sae")) {
secret = _secret_real_new_plain (NM_SECRET_AGENT_SECRET_TYPE_SECRET,
_("Password"),
NM_SETTING (s_wsec),
diff --git a/clients/common/settings-docs.h.in b/clients/common/settings-docs.h.in
index 789083059..f828a5f2c 100644
--- a/clients/common/settings-docs.h.in
+++ b/clients/common/settings-docs.h.in
@@ -24,7 +24,7 @@
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_AUTH_ALG N_("When WEP is used (ie, key-mgmt = \"none\" or \"ieee8021x\") indicate the 802.11 authentication algorithm required by the AP here. One of \"open\" for Open System, \"shared\" for Shared Key, or \"leap\" for Cisco LEAP. When using Cisco LEAP (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\") the \"leap-username\" and \"leap-password\" properties must be specified.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_FILS N_("Indicates whether Fast Initial Link Setup (802.11ai) must be enabled for the connection. One of NM_SETTING_WIRELESS_SECURITY_FILS_DEFAULT (0) (use global default value), NM_SETTING_WIRELESS_SECURITY_FILS_DISABLE (1) (disable FILS), NM_SETTING_WIRELESS_SECURITY_FILS_OPTIONAL (2) (enable FILS if the supplicant and the access point support it) or NM_SETTING_WIRELESS_SECURITY_FILS_REQUIRED (3) (enable FILS and fail if not supported). When set to NM_SETTING_WIRELESS_SECURITY_FILS_DEFAULT (0) and no global default is set, FILS will be optionally enabled.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_GROUP N_("A list of group/broadcast encryption algorithms which prevents connections to Wi-Fi networks that do not utilize one of the algorithms in the list. For maximum compatibility leave this property empty. Each list element may be one of \"wep40\", \"wep104\", \"tkip\", or \"ccmp\".")
-#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_KEY_MGMT N_("Key management used for the connection. One of \"none\" (WEP), \"ieee8021x\" (Dynamic WEP), \"wpa-none\" (Ad-Hoc WPA-PSK), \"wpa-psk\" (infrastructure WPA-PSK), \"sae\" (SAE) or \"wpa-eap\" (WPA-Enterprise). This property must be set for any Wi-Fi connection that uses security.")
+#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_KEY_MGMT N_("Key management used for the connection. One of \"none\" (WEP), \"ieee8021x\" (Dynamic WEP), \"wpa-psk\" (infrastructure WPA-PSK), \"sae\" (SAE) or \"wpa-eap\" (WPA-Enterprise). This property must be set for any Wi-Fi connection that uses security.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD N_("The login password for legacy LEAP connections (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\").")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD_FLAGS N_("Flags indicating how to handle the \"leap-password\" property.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME N_("The login username for legacy LEAP connections (ie, key-mgmt = \"ieee8021x\" and auth-alg = \"leap\").")
diff --git a/clients/tui/nm-editor-bindings.c b/clients/tui/nm-editor-bindings.c
index f9c07ccdb..e294fe8a0 100644
--- a/clients/tui/nm-editor-bindings.c
+++ b/clients/tui/nm-editor-bindings.c
@@ -601,8 +601,7 @@ get_security_type (NMEditorWirelessSecurityMethodBinding *binding)
return "dynamic-wep";
}
- if ( !strcmp (key_mgmt, "wpa-none")
- || !strcmp (key_mgmt, "wpa-psk"))
+ if (!strcmp (key_mgmt, "wpa-psk"))
return "wpa-personal";
if (!strcmp (key_mgmt, "wpa-eap"))
diff --git a/libnm-core/nm-setting-wireless-security.c b/libnm-core/nm-setting-wireless-security.c
index efb4860be..a3eb8a7ff 100644
--- a/libnm-core/nm-setting-wireless-security.c
+++ b/libnm-core/nm-setting-wireless-security.c
@@ -849,9 +849,8 @@ need_secrets (NMSetting *setting)
goto no_secrets;
}
- /* WPA-PSK infrastructure and adhoc */
- if ( (strcmp (priv->key_mgmt, "wpa-none") == 0)
- || (strcmp (priv->key_mgmt, "wpa-psk") == 0)) {
+ /* WPA-PSK infrastructure */
+ if (strcmp (priv->key_mgmt, "wpa-psk") == 0) {
if (!nm_utils_wpa_psk_valid (priv->psk)) {
g_ptr_array_add (secrets, NM_SETTING_WIRELESS_SECURITY_PSK);
return secrets;
@@ -899,7 +898,7 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
{
NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY (setting);
NMSettingWirelessSecurityPrivate *priv = NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self);
- const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", "wpa-psk", "wpa-eap", "sae", NULL };
+ const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-psk", "wpa-eap", "sae", NULL };
const char *valid_auth_algs[] = { "open", "shared", "leap", NULL };
const char *valid_protos[] = { "wpa", "rsn", NULL };
const char *valid_pairwise[] = { "tkip", "ccmp", NULL };
@@ -1024,33 +1023,7 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
}
if (priv->pairwise) {
- const char *wpa_none[] = { "wpa-none", NULL };
-
- /* For ad-hoc connections, pairwise must be "none" */
- if (g_strv_contains (wpa_none, priv->key_mgmt)) {
- GSList *iter;
- gboolean found = FALSE;
-
- for (iter = priv->pairwise; iter; iter = g_slist_next (iter)) {
- if (!strcmp ((char *) iter->data, "none")) {
- found = TRUE;
- break;
- }
- }
-
- /* pairwise cipher list didn't contain "none", which is invalid
- * for WPA adhoc connections.
- */
- if (!found) {
- g_set_error (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("'%s' connections require '%s' in this property"),
- NM_SETTING_WIRELESS_MODE_ADHOC, "none");
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME, NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
- return FALSE;
- }
- } else if (!_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) {
+ if (!_nm_utils_string_slist_validate (priv->pairwise, valid_pairwise)) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
@@ -1468,10 +1441,10 @@ nm_setting_wireless_security_class_init (NMSettingWirelessSecurityClass *klass)
/**
* NMSettingWirelessSecurity:key-mgmt:
*
- * Key management used for the connection. One of "none" (WEP), "ieee8021x"
- * (Dynamic WEP), "wpa-none" (Ad-Hoc WPA-PSK), "wpa-psk" (infrastructure
- * WPA-PSK), "sae" (SAE) or "wpa-eap" (WPA-Enterprise).
- * This property must be set for any Wi-Fi connection that uses security.
+ * Key management used for the connection. One of "none" (WEP),
+ * "ieee8021x" (Dynamic WEP), "wpa-psk" (infrastructure WPA-PSK), "sae"
+ * (SAE) or "wpa-eap" (WPA-Enterprise). This property must be set for
+ * any Wi-Fi connection that uses security.
**/
/* ---ifcfg-rh---
* property: key-mgmt
diff --git a/libnm-core/nm-setting-wireless.c b/libnm-core/nm-setting-wireless.c
index cc04e1a00..818b2657b 100644
--- a/libnm-core/nm-setting-wireless.c
+++ b/libnm-core/nm-setting-wireless.c
@@ -157,14 +157,6 @@ nm_setting_wireless_ap_security_compatible (NMSettingWireless *s_wireless,
return TRUE;
}
- /* Adhoc WPA */
- if (!strcmp (key_mgmt, "wpa-none")) {
- if (ap_mode != NM_802_11_MODE_ADHOC)
- return FALSE;
- /* FIXME: validate ciphers if they're in the beacon */
- return TRUE;
- }
-
/* Adhoc WPA2 (ie, RSN IBSS) */
if (ap_mode == NM_802_11_MODE_ADHOC) {
if (strcmp (key_mgmt, "wpa-psk"))
diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c
index c16c9004e..a39b6f87e 100644
--- a/libnm-core/nm-utils.c
+++ b/libnm-core/nm-utils.c
@@ -6084,29 +6084,3 @@ _nm_utils_bridge_vlan_verify_list (GPtrArray *vlans,
return TRUE;
}
-gboolean
-nm_utils_connection_is_adhoc_wpa (NMConnection *connection)
-{
- NMSettingWireless *s_wifi;
- NMSettingWirelessSecurity *s_wsec;
- const char *key_mgmt;
- const char *mode;
-
- s_wifi = nm_connection_get_setting_wireless (connection);
- if (!s_wifi)
- return FALSE;
-
- mode = nm_setting_wireless_get_mode (s_wifi);
- if (!nm_streq0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC))
- return FALSE;
-
- s_wsec = nm_connection_get_setting_wireless_security (connection);
- if (!s_wsec)
- return FALSE;
-
- key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
- if (!nm_streq0 (key_mgmt, "wpa-none"))
- return FALSE;
-
- return TRUE;
-}
diff --git a/libnm/nm-device-wifi.c b/libnm/nm-device-wifi.c
index 3b1c00a4c..bb774361f 100644
--- a/libnm/nm-device-wifi.c
+++ b/libnm/nm-device-wifi.c
@@ -636,8 +636,7 @@ connection_compatible (NMDevice *device, NMConnection *connection, GError **erro
if (s_wsec) {
/* Connection has security, verify it against the device's capabilities */
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
- if ( !g_strcmp0 (key_mgmt, "wpa-none")
- || !g_strcmp0 (key_mgmt, "wpa-psk")
+ if ( !g_strcmp0 (key_mgmt, "wpa-psk")
|| !g_strcmp0 (key_mgmt, "wpa-eap")) {
wifi_caps = nm_device_wifi_get_capabilities (NM_DEVICE_WIFI (device));
diff --git a/src/devices/wifi/nm-device-wifi.c b/src/devices/wifi/nm-device-wifi.c
index 2ffba47a2..4fa3f18a4 100644
--- a/src/devices/wifi/nm-device-wifi.c
+++ b/src/devices/wifi/nm-device-wifi.c
@@ -645,36 +645,6 @@ deactivate_reset_hw_addr (NMDevice *device)
}
static gboolean
-is_adhoc_wpa (NMConnection *connection)
-{
- NMSettingWireless *s_wifi;
- NMSettingWirelessSecurity *s_wsec;
- const char *mode, *key_mgmt;
-
- /* The kernel doesn't support Ad-Hoc WPA connections well at this time,
- * and turns them into open networks. It's been this way since at least
- * 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
- */
-
- s_wifi = nm_connection_get_setting_wireless (connection);
- g_return_val_if_fail (s_wifi != NULL, FALSE);
-
- mode = nm_setting_wireless_get_mode (s_wifi);
- if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) != 0)
- return FALSE;
-
- s_wsec = nm_connection_get_setting_wireless_security (connection);
- if (!s_wsec)
- return FALSE;
-
- key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
- if (g_strcmp0 (key_mgmt, "wpa-none") != 0)
- return FALSE;
-
- return TRUE;
-}
-
-static gboolean
check_connection_compatible (NMDevice *device, NMConnection *connection, GError **error)
{
NMDeviceWifi *self = NM_DEVICE_WIFI (device);
@@ -720,12 +690,6 @@ check_connection_compatible (NMDevice *device, NMConnection *connection, GError
return FALSE;
}
- if (is_adhoc_wpa (connection)) {
- nm_utils_error_set_literal (error, NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
- "Ad-Hoc WPA networks are not supported");
- return FALSE;
- }
-
/* Early exit if supplicant or device doesn't support requested mode */
mode = nm_setting_wireless_get_mode (s_wireless);
if (g_strcmp0 (mode, NM_SETTING_WIRELESS_MODE_ADHOC) == 0) {
@@ -953,19 +917,6 @@ complete_connection (NMDevice *device,
return FALSE;
}
- /* The kernel doesn't support Ad-Hoc WPA connections well at this time,
- * and turns them into open networks. It's been this way since at least
- * 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
- */
- if (is_adhoc_wpa (connection)) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_SETTING,
- _("WPA Ad-Hoc disabled due to kernel bugs"));
- g_prefix_error (error, "%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME);
- return FALSE;
- }
-
ssid_utf8 = _nm_utils_ssid_to_utf8 (ssid);
nm_utils_complete_generic (nm_device_get_platform (device),
connection,
@@ -2703,16 +2654,6 @@ act_stage1_prepare (NMDevice *device, NMDeviceStateReason *out_failure_reason)
priv->mode = NM_802_11_MODE_MESH;
_notify (self, PROP_MODE);
- /* The kernel doesn't support Ad-Hoc WPA connections well at this time,
- * and turns them into open networks. It's been this way since at least
- * 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
- */
- if (is_adhoc_wpa (connection)) {
- _LOGW (LOGD_WIFI, "Ad-Hoc WPA disabled due to kernel bugs");
- NM_SET_OUT (out_failure_reason, NM_DEVICE_STATE_REASON_SUPPLICANT_CONFIG_FAILED);
- return NM_ACT_STAGE_RETURN_FAILURE;
- }
-
/* expire the temporary MAC address used during scanning */
priv->hw_addr_scan_expire = 0;
diff --git a/src/devices/wifi/nm-wifi-ap.c b/src/devices/wifi/nm-wifi-ap.c
index c7ab7f046..f4ad7e864 100644
--- a/src/devices/wifi/nm-wifi-ap.c
+++ b/src/devices/wifi/nm-wifi-ap.c
@@ -1305,40 +1305,6 @@ nm_wifi_ap_new_fake_from_connection (NMConnection *connection)
add_pair_ciphers (ap, s_wireless_sec);
add_group_ciphers (ap, s_wireless_sec);
- } else if (!strcmp (key_mgmt, "wpa-none")) {
- guint32 i;
-
- /* Ad-Hoc has special requirements: proto=WPA, pairwise=(none), and
- * group=TKIP/CCMP (but not both).
- */
-
- flags = priv->wpa_flags | NM_802_11_AP_SEC_KEY_MGMT_PSK;
-
- /* Clear ciphers; pairwise must be unset anyway, and group gets set below */
- flags &= ~( NM_802_11_AP_SEC_PAIR_WEP40
- | NM_802_11_AP_SEC_PAIR_WEP104
- | NM_802_11_AP_SEC_PAIR_TKIP
- | NM_802_11_AP_SEC_PAIR_CCMP
- | NM_802_11_AP_SEC_GROUP_WEP40
- | NM_802_11_AP_SEC_GROUP_WEP104
- | NM_802_11_AP_SEC_GROUP_TKIP
- | NM_802_11_AP_SEC_GROUP_CCMP);
-
- for (i = 0; i < nm_setting_wireless_security_get_num_groups (s_wireless_sec); i++) {
- if (!strcmp (nm_setting_wireless_security_get_group (s_wireless_sec, i), "ccmp")) {
- flags |= NM_802_11_AP_SEC_GROUP_CCMP;
- break;
- }
- }
-
- /* Default to TKIP since not all WPA-capable cards can do CCMP */
- if (!(flags & NM_802_11_AP_SEC_GROUP_CCMP))
- flags |= NM_802_11_AP_SEC_GROUP_TKIP;
-
- nm_wifi_ap_set_wpa_flags (ap, flags);
-
- /* Don't use Ad-Hoc RSN yet */
- nm_wifi_ap_set_rsn_flags (ap, NM_802_11_AP_SEC_NONE);
}
done:
diff --git a/src/devices/wifi/nm-wifi-utils.c b/src/devices/wifi/nm-wifi-utils.c
index 426eeea83..abebc0d7d 100644
--- a/src/devices/wifi/nm-wifi-utils.c
+++ b/src/devices/wifi/nm-wifi-utils.c
@@ -297,14 +297,13 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
guint32 rsn_flags,
GError **error)
{
- const char *key_mgmt, *auth_alg, *tmp;
- int n;
+ const char *key_mgmt, *auth_alg;
key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wsec);
auth_alg = nm_setting_wireless_security_get_auth_alg (s_wsec);
if (key_mgmt) {
- if (!strcmp (key_mgmt, "wpa-psk") || !strcmp (key_mgmt, "wpa-none")) {
+ if (!strcmp (key_mgmt, "wpa-psk")) {
if (s_8021x) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
@@ -326,55 +325,6 @@ verify_wpa_psk (NMSettingWirelessSecurity *s_wsec,
}
}
- if (!strcmp (key_mgmt, "wpa-none")) {
- if (!adhoc) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("WPA Ad-Hoc authentication requires an Ad-Hoc mode AP"));
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SETTING_NAME,
- NM_SETTING_WIRELESS_MODE);
- return FALSE;
- }
-
- /* Ad-Hoc WPA requires 'wpa' proto, 'none' pairwise, and 'tkip' group */
- n = nm_setting_wireless_security_get_num_protos (s_wsec);
- tmp = (n > 0) ? nm_setting_wireless_security_get_proto (s_wsec, 0) : NULL;
- if (n > 1 || !tmp || strcmp (tmp, "wpa")) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("WPA Ad-Hoc authentication requires 'wpa' protocol"));
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
- NM_SETTING_WIRELESS_SECURITY_PROTO);
- return FALSE;
- }
-
- n = nm_setting_wireless_security_get_num_pairwise (s_wsec);
- tmp = (n > 0) ? nm_setting_wireless_security_get_pairwise (s_wsec, 0) : NULL;
- if (n > 1 || g_strcmp0 (tmp, "none")) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("WPA Ad-Hoc authentication requires 'none' pairwise cipher"));
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
- NM_SETTING_WIRELESS_SECURITY_PAIRWISE);
- return FALSE;
- }
-
- n = nm_setting_wireless_security_get_num_groups (s_wsec);
- tmp = (n > 0) ? nm_setting_wireless_security_get_group (s_wsec, 0) : NULL;
- if (n > 1 || !tmp || strcmp (tmp, "tkip")) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("WPA Ad-Hoc requires 'tkip' group cipher"));
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
- NM_SETTING_WIRELESS_SECURITY_GROUP);
- return FALSE;
- }
- }
-
if (!strcmp (key_mgmt, "wpa-psk")) {
/* Make sure the AP's capabilities support WPA-PSK */
if ( !(wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_PSK)
@@ -470,7 +420,7 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
}
if (adhoc) {
- if (key_mgmt && strcmp (key_mgmt, "wpa-none") && strcmp (key_mgmt, "none")) {
+ if (key_mgmt && !nm_streq (key_mgmt, "none")) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
@@ -508,16 +458,6 @@ verify_adhoc (NMSettingWirelessSecurity *s_wsec,
NM_SETTING_WIRELESS_SECURITY_AUTH_ALG);
return FALSE;
}
- } else {
- if (key_mgmt && !strcmp (key_mgmt, "wpa-none")) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _("Access point mode is Infrastructure but setting requires Ad-Hoc security"));
- g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SECURITY_SETTING_NAME,
- NM_SETTING_WIRELESS_SECURITY_KEY_MGMT);
- return FALSE;
- }
}
return TRUE;
@@ -773,11 +713,7 @@ nm_wifi_utils_complete_connection (GBytes *ap_ssid,
return FALSE;
if (adhoc) {
- g_object_set (s_wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
- /* Ad-Hoc does not support RSN/WPA2 */
- nm_setting_wireless_security_add_proto (s_wsec, "wpa");
- nm_setting_wireless_security_add_pairwise (s_wsec, "none");
- nm_setting_wireless_security_add_group (s_wsec, "tkip");
+ /* TODO */
} else if (s_8021x) {
g_object_set (s_wsec,
NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-eap",
diff --git a/src/settings/nm-settings.c b/src/settings/nm-settings.c
index 42a7bca07..fccc10be6 100644
--- a/src/settings/nm-settings.c
+++ b/src/settings/nm-settings.c
@@ -2487,17 +2487,6 @@ nm_settings_add_connection_dbus (NMSettings *self,
goto done;
}
- /* FIXME: The kernel doesn't support Ad-Hoc WPA connections well at this time,
- * and turns them into open networks. It's been this way since at least
- * 2.6.30 or so; until that's fixed, disable WPA-protected Ad-Hoc networks.
- */
- if (nm_utils_connection_is_adhoc_wpa (connection)) {
- error = g_error_new_literal (NM_SETTINGS_ERROR,
- NM_SETTINGS_ERROR_INVALID_CONNECTION,
- "WPA Ad-Hoc disabled due to kernel bugs");
- goto done;
- }
-
if (!nm_auth_is_subject_in_acl_set_error (connection,
subject,
NM_SETTINGS_ERROR,
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index 9205de864..d7385d31a 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -3679,9 +3679,7 @@ make_wpa_setting (shvarFile *ifcfg,
}
}
- if (adhoc)
- g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none", NULL);
- else if (wpa_psk)
+ if (wpa_psk)
g_object_set (wsec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk", NULL);
else {
nm_assert (wpa_sae);
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index e424aeccf..62ccc33cc 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -583,7 +583,7 @@ write_wireless_security_setting (NMConnection *connection,
svUnsetValue (ifcfg, "KEY_MGMT");
wep = TRUE;
*no_8021x = TRUE;
- } else if (!strcmp (key_mgmt, "wpa-none") || !strcmp (key_mgmt, "wpa-psk")) {
+ } else if (!strcmp (key_mgmt, "wpa-psk")) {
svSetValueStr (ifcfg, "KEY_MGMT", "WPA-PSK");
wpa = TRUE;
*no_8021x = TRUE;
diff --git a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
index db394d8fa..998c86f79 100644
--- a/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
+++ b/src/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
@@ -3133,7 +3133,7 @@ test_read_wifi_wpa_psk_adhoc (void)
s_wsec = nm_connection_get_setting_wireless_security (connection);
g_assert (s_wsec);
- g_assert_cmpstr (nm_setting_wireless_security_get_key_mgmt (s_wsec), ==, "wpa-none");
+ g_assert_cmpstr (nm_setting_wireless_security_get_key_mgmt (s_wsec), ==, "wpa-psk");
g_assert_cmpstr (nm_setting_wireless_security_get_psk (s_wsec), ==, "I wonder what the king is doing tonight?");
/* Pairwise cipher is unused in adhoc mode */
@@ -6460,7 +6460,7 @@ test_write_wifi_wpa_psk_adhoc (void)
nm_connection_add_setting (connection, NM_SETTING (s_wsec));
g_object_set (s_wsec,
- NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-none",
+ NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
NM_SETTING_WIRELESS_SECURITY_PSK, "7d308b11df1b4243b0f78e5f3fc68cdbb9a264ed0edf4c188edf329ff5b467f0",
NULL);
diff --git a/src/supplicant/nm-supplicant-config.c b/src/supplicant/nm-supplicant-config.c
index f6e3c7da5..48005ba87 100644
--- a/src/supplicant/nm-supplicant-config.c
+++ b/src/supplicant/nm-supplicant-config.c
@@ -897,8 +897,7 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
}
/* Only WPA-specific things when using WPA */
- if ( !strcmp (key_mgmt, "wpa-none")
- || !strcmp (key_mgmt, "wpa-psk")
+ if ( !strcmp (key_mgmt, "wpa-psk")
|| !strcmp (key_mgmt, "wpa-eap")
|| !strcmp (key_mgmt, "sae")) {
if (!ADD_STRING_LIST_VAL (self, setting, wireless_security, proto, protos, "proto", ' ', TRUE, NULL, error))
@@ -909,7 +908,6 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
return FALSE;
if ( set_pmf
- && !nm_streq (key_mgmt, "wpa-none")
&& NM_IN_SET (pmf,
NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE,
NM_SETTING_WIRELESS_SECURITY_PMF_REQUIRED)) {
diff --git a/src/supplicant/nm-supplicant-settings-verify.c b/src/supplicant/nm-supplicant-settings-verify.c
index b37fae9ed..2952e8c73 100644
--- a/src/supplicant/nm-supplicant-settings-verify.c
+++ b/src/supplicant/nm-supplicant-settings-verify.c
@@ -69,7 +69,7 @@ static const char *const proto_allowed[] = { "WPA", "RSN", NULL };
static const char *const key_mgmt_allowed[] = { "WPA-PSK", "WPA-PSK-SHA256", "FT-PSK",
"WPA-EAP", "WPA-EAP-SHA256", "FT-EAP", "FT-EAP-SHA384",
"FILS-SHA256", "FILS-SHA384",
- "IEEE8021X", "WPA-NONE", "SAE",
+ "IEEE8021X", "SAE",
"NONE", NULL };
static const char *const auth_alg_allowed[] = { "OPEN", "SHARED", "LEAP", NULL };
static const char *const eap_allowed[] = { "LEAP", "MD5", "TLS", "PEAP", "TTLS", "SIM",