Agreement to relicense NetworkManager under LGPL-2.1+

[Andrew Zaborowski via networkmanager-list]

Intel Corporation, by and through Mark Skarpness, Vice President and
GM of IAGS-OISA-System Software Engineering, hereby agrees to
relicense any contributions under Intel Corporation's copyright to
NetworkManager under GNU LGPL-2.1+ as proposed by Thomas Haller.
Specifically, this authorization applies to contributions of Intel
Corporation made by and through its employees, who have submitted
source code to Network Manager since 2011.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: What is needed for NetworkManager and WPA2 Enterprise?

[Andrew Zaborowski via networkmanager-list]

On Wed, 25 Sep 2019 at 13:16, Paul Menzel  wrote:
> On 25.09.19 12:54, Andrew Zaborowski wrote:
> > I believe there's now also an auto-configuration tool for eduroam
> > called CAT.  Maybe you should also address proposals to that project.
> > When I was an eduroam user myself I didn't use CAT, I actually used
> > the GNOME nm-applet's wifi dialog to configure access but it took me
> > many attempts and was far from the ideal way to do this.  I remember
> > the admins did provide mac-compatible config files and today I'd much
> > prefer to simply convert that using our script (in
> > tools/ios_convert.py) than to have to guess individual eap settings.
> >
> > I don't believe the script has been tested with eduroam yet.
>
> I can agree, but it’s not user friendly at all. So you want to teach the
> users again, how to copy a text file to `/var/lib/iwd`?

Optimally the UI would include a way to do this but we don't have a
specific proposal on how to do this or anyone working on it.  It's a
little complicated because the UI implementations are in separate
projects from NM and they talk to NM using a well established config
format and extending it needs changes in all of the projects and
documentation.  That's one DBus API, then NM talks to iwd using
another DBus API, although we have considered at one point NM
accessing iwd's config directory directly.  The UI processes
themselves shouldn't contain iwd-specific code and also shouldn't
touch system directories.

> What about if
> the user does not want to share that connection system wide?

Currently iwd has no per-user network configuration and as far as I
know this is only considered for after 1.x releases but
patches/proposals can be probably be sent at any time.

> The admin
> should not be able to read the password, as it’s often shared.
>
> Configuration files would be useful, but the GUI program should load
> them, and use them to configure the system.
>
> I can only urge you to take the view point from a ignorant user. Please
> test your suggestions with your parents or even grand parents and see if
> it works. I doubt it. Please work together with the GUI folks how to
> integrate this properly. Managed devices are not always a reality.
>
> (I second, that a missing common configuration file format for WiFi is a
> problem.)
>
> >> Also it looks like, the password is stored in plain text in the iwd
> >> configuration file (in some examples).
> >
> > While this is not recommended the password can be stored in the config
> > file so that you don't have to type it through the secrets dialog
> > every time, it's your or the admin's choice.
>
> Every time, or would it be stored in some keyring?

There is code in NM to use gnome keyrings but I don't know how it works.

Yes, the passwords may be sensitive but there are also setups where
the private key is not even encrypted or the passwords are well known
so we need to account for that scenario too.  As for the machine's
admin the users are assumed to always trust the admin independent of
how the secrets are stored.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: What is needed for NetworkManager and WPA2 Enterprise?

[Andrew Zaborowski via networkmanager-list]

On Wed, 25 Sep 2019 at 12:33, Paul Menzel  wrote:
> On 25.09.19 12:27, Andrew Zaborowski wrote:
> > I replied to that issue but provisioning EAP networks other than
> > through the config files is not currently on IWD's todo list.  You
> > didn't really explain your use case.  The logic is that the user
> > shouldn't have to touch that configuration, it should be enough for
> > them or their admin to drop the network's configuration file into
> > /var/lib/iwd.  There is specific code in the NM iwd-backend to make
> > sure no extra NM-side configuration is required after this is done
> > correctly.
> >
> > ...
>
> There are self-managed devices. In our case these are scientists using
> the Eduroam net. It was possible to configure such a network before
> using the GNOME WiFi dialog, and I think it should continue to be supported.

So I know Eduroam admins may not be very cooperative but they still
have to provide users with the certificate file, the private key and
hopefully some instructions on the site's Eduroam configuration (the
EAP methods and other details vary between campuses) so it'd actually
be easier for them to provide the config file directly, and it'd also
be easier for their users.  This can also be done by one your users
provided everyone has their certificate and private key already.

I believe there's now also an auto-configuration tool for eduroam
called CAT.  Maybe you should also address proposals to that project.
When I was an eduroam user myself I didn't use CAT, I actually used
the GNOME nm-applet's wifi dialog to configure access but it took me
many attempts and was far from the ideal way to do this.  I remember
the admins did provide mac-compatible config files and today I'd much
prefer to simply convert that using our script (in
tools/ios_convert.py) than to have to guess individual eap settings.

I don't believe the script has been tested with eduroam yet.

>
> Also it looks like, the password is stored in plain text in the iwd
> configuration file (in some examples).

While this is not recommended the password can be stored in the config
file so that you don't have to type it through the secrets dialog
every time, it's your or the admin's choice.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: What is needed for NetworkManager and WPA2 Enterprise?

[Andrew Zaborowski via networkmanager-list]

Hi Paul,

On Wed, 25 Sep 2019 at 11:43, Paul Menzel  wrote:
> Could you please talk to the NetworkManager folks, what you need? I
> created the issue *Extend D-Bus API for iwd and WPA2 Enterprise* in
> their GitLab instance [2] for that.

I replied to that issue but provisioning EAP networks other than
through the config files is not currently on IWD's todo list.  You
didn't really explain your use case.  The logic is that the user
shouldn't have to touch that configuration, it should be enough for
them or their admin to drop the network's configuration file into
/var/lib/iwd.  There is specific code in the NM iwd-backend to make
sure no extra NM-side configuration is required after this is done
correctly.

Note that IWD config files currently contain paths to other files,
specifically the certificates and private keys.  There is intention to
allow our config files to directly encode the contents of those files
instead, so you network admin can generate just that one file or
provide a way for you to generate it.  We also do already have a way
to use mac/iphone-compatible network config files.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [RFC PATCH 0/8] Export IWD known networks as Connections

[Andrew Zaborowski via networkmanager-list]

On 21 June 2018 at 15:17, Thomas Haller via networkmanager-list
 wrote:
> First of all, I think that the NetworkManager profile (in NM's D-Bus
> API) must abstract the Wi-Fi backend. Otherwise, all clients would need
> to learn how to handle iwd-typed profiles. So, this hard work of
> abstracting iwd and supplicant must be done by NetworkManager.
>
>
>
> Maybe a iwd settings plugin is not the right approach, because:
>
> - it would mean, a profile can only be handled by the iwd backend,
> if it is also stored in iwd settings plugin (otherwise, if the iwd
> device plugin can handle profiles in keyfile format, why would we need
> the iwd settings plugin in the first place?).

Yes, that's not optimal but that's also the current situation with
profiles that only the wpa_supplicant can handle.

>
> - it would mean, an existing profile in keyfile format cannot be
> activated with iwd backend. You can no longer deploy profiles in
> keyfile format and have them handled by iwd.

This is also true now for 802.1x wifi profiles.

>
> - it would mean, when switching the backend, you have to migrate the
> profiles. If such a migration needs to be done manually, it's bad user
> expirience. If such a migration can be done automatically by NM's iwd
> plugin, then we don't need an settings plugin, because this kind of
> "migration" should be the regular modus operandi of the device plugin
> and always do it transparently.

So switching backends is not an operation that the majority of users
should ever need and, while it'd be nice if it worked, there are a
number of rare features that will simply not work with the IWD backend
because IWD does not support them.  There are also things that don't
currently work, like connecting (easily) to 802.1x networks, but which
could be made to work although without the added benefit that the
networks will keep working after switching backends.

>
>
>
> Note that the device plugin can create profiles automatically. See for
> example
>   
> https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/devices/bluetooth/nm-bluez-device.c?id=3b1b6427d14473433dadd9b673dcfaab6dc19e25#n182
>

Yes, I considered this, I have put the code that creates networks
under src/settings/plugins/ as a proposal, to start this discussion
and see what ideas you, the NM developers, may have... but it could
equally well live in src/devices/wifi/.  You'll notice that the
NMSIwdConnection class doesn't do much except in the constructor.

One thing that a plugin allows us to do though is react to the network
being deleted (forgotten) or modified (not supported in the patchset).
This could also be done through a new mechanism that is not a settings
plugin.

>
> The iwd device plugin could compare the list of available profiles with
> the known networks in iwd daemon. If
>   - a profile only exists in iwd, create an in-memory profile in NM
> representing it.

Since IWD keeps the EAP authentication settings internal this would
still need to be an "incomplete" (from wpa_supplicant's point of view)
profile, although that would work for us.

>   - the same profile exists in iwd and NM, update iwd's profile with
> the settings from NM
>   - if the profile only exists in NM, create it in iwd.

So updating or adding 802.1x profiles from the Network Manager is not
something that we want to support initially so these two situations
are not our current concern and they'd need NM to understand the IWD
config file syntax similarly to the ifcfg-rh plugin, and write the IWD
config files directly.

>
>
> I think, settings plugins have a limited use. Indeed, few settings-
> plugins exists, and most of them are read-only. The only extensive
> plugin is ifcfg-rh, which is a huge management burden. But with ifcfg-
> rh, NM only uses the ifcfg file format to persist a profile. The
> profile is still fully handled by NetworkManager. By using the same
> file format and actual files, the user can run `ifup` (with NM
> disabled) and `nmcli con up` (with NM enabled). In practice, this only
> works well to a certain point, because initscripts and NM support
> different features and behave differntly in many aspects.

Right, and the concept of the plugin I proposed is a little different
as it would need to effectively handle all wifi connections while IWD
is the active backend.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 8/8] iwd: Register the IWD settings plugin

[Andrew Zaborowski]

Add the IWD plugin to the build and use nm_settings_add_plugin to add
its instance.  The plugin is built into the wifi plugin's binary because
with an independent binary it's difficult to cleanly listen to
NMIwdManager's signals and call its methods.  The meson configuration is
not in this patch.

Note the plugin is added as just another plugin in the list in the
NMSettings object, which means that for any operation it's tried along
with the other plugins until one succeeds.  Instead it would be better
if the plugin gets some sort of exclusivity on wireless connections so
that no other plugin can create duplicate connections for the ones
already added by this plugin.

The plugin is effectively registered whenever the IWD backend is enabled
for at least one device.  NM still allows IWD-managed devices to coexist
with wpa_supplicant devices.  The plugin makes no sense in those
situations because the IWD connections (specifically WPA-Enterprise)
can't be activated on wpa_supplicant devices and normal NM
WPA-Enterprise connections can't be activated on IWD-managed devices.
We are considering eventually allowing the IWD plugin to access IWD's
WPA-Enterprise network config files directly so that they can be
read/written/edited through the NM clients, without going through the
IWD DBus interface.
---
 Makefile.am   |  6 +-
 src/devices/wifi/nm-iwd-manager.c | 11 +++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index 79b046280..6fe8fb9a1 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2757,7 +2757,11 @@ src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
src/devices/wifi/nm-device-iwd.c \
src/devices/wifi/nm-device-iwd.h \
src/devices/wifi/nm-iwd-manager.c \
-   src/devices/wifi/nm-iwd-manager.h
+   src/devices/wifi/nm-iwd-manager.h \
+   src/settings/plugins/iwd/nms-iwd-connection.c \
+   src/settings/plugins/iwd/nms-iwd-connection.h \
+   src/settings/plugins/iwd/nms-iwd-plugin.c \
+   src/settings/plugins/iwd/nms-iwd-plugin.h
 endif
 
 src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index d785c1100..bd508f151 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -30,6 +30,8 @@
 #include "nm-manager.h"
 #include "nm-device-iwd.h"
 #include "nm-utils/nm-random-utils.h"
+#include "settings/nm-settings.h"
+#include "settings/plugins/iwd/nms-iwd-plugin.h"
 
 /*/
 
@@ -49,6 +51,7 @@ typedef struct {
guint agent_id;
gchar *agent_path;
GSList *known_networks;
+   gboolean settings_added;
 } NMIwdManagerPrivate;
 
 struct _NMIwdManager {
@@ -589,6 +592,14 @@ got_object_manager (GObject *object, GAsyncResult *result, 
gpointer user_data)
 
update_known_networks (self);
}
+
+   if (!priv->settings_added) {
+   NMSIwdPlugin *settings = nms_iwd_plugin_get ();
+
+   nm_settings_add_plugin (NM_SETTINGS_GET, NM_SETTINGS_PLUGIN 
(settings));
+
+   priv->settings_added = TRUE;
+   }
 }
 
 static void
-- 
2.14.1

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 7/8] settings: Add an IWD plugin

[Andrew Zaborowski]

The plugin listens to NMIwdManager signals to add and remove connections
for IWD's KnownNetworks.  The connections are currently read-only and
contain the minimum settings to mirror the information provided by IWD:
the SSID and the security type.

If this approach is taken the connections will probably still need an
additional NM keyfile to save any settings related to proxies, dhcp,
autoconnect and more (autoconnect and dhcp may eventually end up being
managed by IWD)
---
 src/settings/plugins/iwd/nms-iwd-connection.c | 173 +
 src/settings/plugins/iwd/nms-iwd-connection.h |  43 +++
 src/settings/plugins/iwd/nms-iwd-plugin.c | 176 ++
 src/settings/plugins/iwd/nms-iwd-plugin.h |  37 ++
 4 files changed, 429 insertions(+)
 create mode 100644 src/settings/plugins/iwd/nms-iwd-connection.c
 create mode 100644 src/settings/plugins/iwd/nms-iwd-connection.h
 create mode 100644 src/settings/plugins/iwd/nms-iwd-plugin.c
 create mode 100644 src/settings/plugins/iwd/nms-iwd-plugin.h

diff --git a/src/settings/plugins/iwd/nms-iwd-connection.c 
b/src/settings/plugins/iwd/nms-iwd-connection.c
new file mode 100644
index 0..5f784de58
--- /dev/null
+++ b/src/settings/plugins/iwd/nms-iwd-connection.c
@@ -0,0 +1,173 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager system settings service - IWD plugin
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2018 Intel Corporation
+ */
+
+#include "nm-default.h"
+
+#include "nms-iwd-connection.h"
+
+#include "nm-setting-connection.h"
+#include "nm-core-internal.h"
+#include "nm-utils.h"
+#include "devices/wifi/nm-wifi-utils.h"
+
+#include "settings/nm-settings-plugin.h"
+
+/*/
+
+typedef struct {
+   NMIwdKnownNetworkData known_network_data;
+} NMSIwdConnectionPrivate;
+
+struct _NMSIwdConnection {
+   NMSettingsConnection parent;
+   NMSIwdConnectionPrivate _priv;
+};
+
+struct _NMSIwdConnectionClass {
+   NMSettingsConnectionClass parent;
+};
+
+G_DEFINE_TYPE (NMSIwdConnection, nms_iwd_connection, 
NM_TYPE_SETTINGS_CONNECTION)
+
+#define NMS_IWD_CONNECTION_GET_PRIVATE(self) _NM_GET_PRIVATE (self, 
NMSIwdConnection, NMS_IS_IWD_CONNECTION)
+
+/*/
+
+static gboolean
+delete (NMSettingsConnection *connection,
+GError **error)
+{
+   NMSettingWireless *s_wireless;
+   GBytes *ssid;
+   gs_free gchar *str_ssid = NULL;
+
+   s_wireless = nm_connection_get_setting_wireless (NM_CONNECTION 
(connection));
+   if (!s_wireless) {
+   g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+"Connection has no Wireless setting");
+   return FALSE;
+   }
+
+   ssid = nm_setting_wireless_get_ssid (s_wireless);
+   if (!ssid) {
+   g_set_error (error, NM_SETTINGS_ERROR, NM_SETTINGS_ERROR_FAILED,
+"Connection has no SSID in the Wireless setting");
+   return FALSE;
+   }
+
+   str_ssid = nm_utils_ssid_to_utf8 (g_bytes_get_data (ssid, NULL),
+ g_bytes_get_size (ssid));
+
+   nm_iwd_manager_forget_network (nm_iwd_manager_get (),
+  str_ssid,
+  nm_wifi_connection_get_iwd_security 
(NM_CONNECTION (connection)));
+
+   return TRUE;
+}
+
+/*/
+
+const NMIwdKnownNetworkData *
+nms_iwd_get_known_network_data (NMSIwdConnection *connection)
+{
+   NMSIwdConnectionPrivate *priv = NMS_IWD_CONNECTION_GET_PRIVATE 
(connection);
+
+   return >known_network_data;
+}
+
+/*/
+
+static void
+nms_iwd_connection_init (NMSIwdConnection *connection)
+{
+}
+
+NMSIwdConnection *
+nms_iwd_connection_new (const NMIwdKnownNetworkData *network)
+{
+   NMSIwdConnectionPrivate *priv;
+   GObject *object;
+   char uuid[37];
+   NMSetting *setting;
+   GBytes *ssid = g_bytes_new (network->name, strlen 

[RFC PATCH 6/8] libnm-core: 8021x: Allow a new eap value "extern"

[Andrew Zaborowski]

To allow connections that mirror IWD's configured WPA-Enterprise
networks to be seen as valid by NM, add a new value for the eap key in
802-1x settings.  802-1x.eap stores EAP method names.  In the IWD
connections we don't know what EAP method is configured and we don't
have any of the other 802-1x properties that would be required for the
settings to verify.

Alternatively I could use a new flag property on the general connection
setting object to signal that some other settings are not visible or
editable.

Obviously these connections can't be activated on devices not controlled
by IWD.  This change may also need the eap=extern value to be documented
and checks may be needed to prevent this value from being used in
connections created through DBus.
---
 libnm-core/nm-setting-8021x.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c
index 3b4240e64..eda85ed8a 100644
--- a/libnm-core/nm-setting-8021x.c
+++ b/libnm-core/nm-setting-8021x.c
@@ -3088,6 +3088,7 @@ static EAPMethodsTable eap_methods_table[] = {
{ "sim", need_secrets_sim, NULL },
{ "gtc", need_secrets_password, verify_identity },
{ "otp", NULL, NULL },  // FIXME: implement
+   { "extern", NULL, NULL },
{ NULL, NULL, NULL }
 };
 
@@ -3203,7 +3204,7 @@ verify (NMSetting *setting, NMConnection *connection, 
GError **error)
 {
NMSetting8021x *self = NM_SETTING_802_1X (setting);
NMSetting8021xPrivate *priv = NM_SETTING_802_1X_GET_PRIVATE (self);
-   const char *valid_eap[] = { "leap", "md5", "tls", "peap", "ttls", 
"sim", "fast", "pwd", NULL };
+   const char *valid_eap[] = { "leap", "md5", "tls", "peap", "ttls", 
"sim", "fast", "pwd", "extern", NULL };
const char *valid_phase1_peapver[] = { "0", "1", NULL };
const char *valid_phase1_peaplabel[] = { "0", "1", NULL };
const char *valid_phase1_fast_pac[] = { "0", "1", "2", "3", NULL };
-- 
2.14.1

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 4/8] iwd: Add nm_iwd_manager_forget_network API

[Andrew Zaborowski]

Add a function that maps to the
net.connman.iwd.KnownNetworks.ForgetNetwork DBus call and causes an IWD
Known Network to be forgotten with its config file removed.
---
 src/devices/wifi/nm-iwd-manager.c | 36 
 src/devices/wifi/nm-iwd-manager.h |  2 ++
 2 files changed, 38 insertions(+)

diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index 8897f43a4..d785c1100 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -639,6 +639,42 @@ nm_iwd_manager_network_connected (NMIwdManager *self, 
const gchar *name,
g_signal_emit (self, signals[KNOWN_NETWORKS_CHANGED], 0, 
priv->known_networks);
 }
 
+void
+nm_iwd_manager_forget_network (NMIwdManager *self, const gchar *name,
+   NMIwdNetworkSecurity security)
+{
+   NMIwdManagerPrivate *priv = NM_IWD_MANAGER_GET_PRIVATE (self);
+   gs_unref_object GDBusInterface *known_networks_if = NULL;
+   const char *security_str =
+   security == NM_IWD_NETWORK_SECURITY_NONE ? "open" :
+   security == NM_IWD_NETWORK_SECURITY_PSK ? "psk" : "8021x";
+   const GSList *iter;
+
+   known_networks_if = g_dbus_object_manager_get_interface 
(priv->object_manager,
+"/",
+
NM_IWD_KNOWN_NETWORKS_INTERFACE);
+
+   g_dbus_proxy_call (G_DBUS_PROXY (known_networks_if),
+  "ForgetNetwork",
+  g_variant_new ("(ss)", name, security_str),
+  G_DBUS_CALL_FLAGS_NONE, -1,
+  NULL, NULL, NULL);
+
+   g_object_unref (known_networks_if);
+
+   for (iter = priv->known_networks; iter; iter = g_slist_next (iter)) {
+   const NMIwdKnownNetworkData *network = iter->data;
+
+   if (strcmp (network->name, name) || network->security != 
security)
+   continue;
+
+   priv->known_networks = g_slist_remove (priv->known_networks, 
network);
+   break;
+   }
+
+   g_signal_emit (self, signals[KNOWN_NETWORKS_CHANGED], 0, 
priv->known_networks);
+}
+
 /*/
 
 NM_DEFINE_SINGLETON_GETTER (NMIwdManager, nm_iwd_manager_get,
diff --git a/src/devices/wifi/nm-iwd-manager.h 
b/src/devices/wifi/nm-iwd-manager.h
index 96b5e2c26..a4491286e 100644
--- a/src/devices/wifi/nm-iwd-manager.h
+++ b/src/devices/wifi/nm-iwd-manager.h
@@ -69,5 +69,7 @@ gboolean nm_iwd_manager_is_known_network (NMIwdManager *self, 
const gchar *name,
   NMIwdNetworkSecurity security);
 void nm_iwd_manager_network_connected (NMIwdManager *self, const gchar *name,
NMIwdNetworkSecurity security);
+void nm_iwd_manager_forget_network (NMIwdManager *self, const gchar *name,
+NMIwdNetworkSecurity security);
 
 #endif /* __NETWORKMANAGER_IWD_MANAGER_H__ */
-- 
2.14.1

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 2/8] wifi: Move KnownNetworkData to nm-iwd-manger.h

[Andrew Zaborowski]

---
 src/devices/wifi/nm-iwd-manager.c | 17 ++---
 src/devices/wifi/nm-iwd-manager.h |  5 +
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index 39db3a04c..2da6db0e4 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -33,11 +33,6 @@
 
 /*/
 
-typedef struct {
-   gchar *name;
-   NMIwdNetworkSecurity security;
-} KnownNetworkData;
-
 typedef struct {
NMManager *manager;
GCancellable *cancellable;
@@ -351,7 +346,7 @@ object_added (NMIwdManager *self, GDBusObject *object)
 }
 
 static void
-known_network_free (KnownNetworkData *network)
+known_network_free (NMIwdKnownNetworkData *network)
 {
g_free (network->name);
g_free (network);
@@ -384,7 +379,7 @@ list_known_networks_cb (GObject *source, GAsyncResult *res, 
gpointer user_data)
const gchar *name = NULL;
const gchar *type = NULL;
GVariant *val;
-   KnownNetworkData *network_data;
+   NMIwdKnownNetworkData *network_data;
 
while (g_variant_iter_next (props, "{}", , )) {
if (!strcmp (key, "Name"))
@@ -399,7 +394,7 @@ list_known_networks_cb (GObject *source, GAsyncResult *res, 
gpointer user_data)
if (!name || !type)
goto next;
 
-   network_data = g_new (KnownNetworkData, 1);
+   network_data = g_new (NMIwdKnownNetworkData, 1);
network_data->name = g_strdup (name);
if (!strcmp (type, "open"))
network_data->security = NM_IWD_NETWORK_SECURITY_NONE;
@@ -601,7 +596,7 @@ nm_iwd_manager_is_known_network (NMIwdManager *self, const 
gchar *name,
const GSList *iter;
 
for (iter = priv->known_networks; iter; iter = g_slist_next (iter)) {
-   const KnownNetworkData *network = iter->data;
+   const NMIwdKnownNetworkData *network = iter->data;
 
if (!strcmp (network->name, name) && network->security == 
security)
return true;
@@ -615,12 +610,12 @@ nm_iwd_manager_network_connected (NMIwdManager *self, 
const gchar *name,
   NMIwdNetworkSecurity security)
 {
NMIwdManagerPrivate *priv = NM_IWD_MANAGER_GET_PRIVATE (self);
-   KnownNetworkData *network_data;
+   NMIwdKnownNetworkData *network_data;
 
if (nm_iwd_manager_is_known_network (self, name, security))
return;
 
-   network_data = g_new (KnownNetworkData, 1);
+   network_data = g_new (NMIwdKnownNetworkData, 1);
network_data->name = g_strdup (name);
network_data->security = security;
priv->known_networks = g_slist_append (priv->known_networks, 
network_data);
diff --git a/src/devices/wifi/nm-iwd-manager.h 
b/src/devices/wifi/nm-iwd-manager.h
index 8e6b66ff2..80b430f0f 100644
--- a/src/devices/wifi/nm-iwd-manager.h
+++ b/src/devices/wifi/nm-iwd-manager.h
@@ -43,6 +43,11 @@ typedef enum {
NM_IWD_NETWORK_SECURITY_8021X,
 } NMIwdNetworkSecurity;
 
+typedef struct {
+   gchar *name;
+   NMIwdNetworkSecurity security;
+} NMIwdKnownNetworkData;
+
 #define NM_TYPE_IWD_MANAGER  (nm_iwd_manager_get_type ())
 #define NM_IWD_MANAGER(obj)  (G_TYPE_CHECK_INSTANCE_CAST ((obj), 
NM_TYPE_IWD_MANAGER, NMIwdManager))
 #define NM_IWD_MANAGER_CLASS(klass)  (G_TYPE_CHECK_CLASS_CAST ((klass),  
NM_TYPE_IWD_MANAGER, NMIwdManagerClass))
-- 
2.14.1

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 3/8] iwd: Emit known-networks-changed signals from NMIwdManager

[Andrew Zaborowski]

Emit a signal when NMIwdManager learns that a KnownNetwork has been
added or removed and when the list has been initially loaded.
---
 src/devices/wifi/nm-iwd-manager.c | 26 ++
 src/devices/wifi/nm-iwd-manager.h |  3 +++
 2 files changed, 29 insertions(+)

diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index 2da6db0e4..8897f43a4 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -33,6 +33,14 @@
 
 /*/
 
+enum {
+   KNOWN_NETWORKS_CHANGED,
+
+   LAST_SIGNAL
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
 typedef struct {
NMManager *manager;
GCancellable *cancellable;
@@ -412,6 +420,8 @@ next:
 
g_variant_iter_free (networks);
 
+   g_signal_emit (self, signals[KNOWN_NETWORKS_CHANGED], 0, 
priv->known_networks);
+
/* For completness we may want to call 
nm_device_emit_recheck_auto_activate
 * and nm_device_recheck_available_connections for all affected devices
 * now but the ListKnownNetworks call should have been really fast,
@@ -468,6 +478,12 @@ name_owner_changed (GObject *object, GParamSpec *pspec, 
gpointer user_data)
   NULL);
}
}
+
+   if (priv->known_networks) {
+   g_slist_free_full (priv->known_networks, 
(GDestroyNotify) known_network_free);
+   priv->known_networks = NULL;
+   g_signal_emit (self, signals[KNOWN_NETWORKS_CHANGED], 
0, NULL);
+   }
}
 }
 
@@ -619,6 +635,8 @@ nm_iwd_manager_network_connected (NMIwdManager *self, const 
gchar *name,
network_data->name = g_strdup (name);
network_data->security = security;
priv->known_networks = g_slist_append (priv->known_networks, 
network_data);
+
+   g_signal_emit (self, signals[KNOWN_NETWORKS_CHANGED], 0, 
priv->known_networks);
 }
 
 /*/
@@ -685,4 +703,12 @@ nm_iwd_manager_class_init (NMIwdManagerClass *klass)
GObjectClass *object_class = G_OBJECT_CLASS (klass);
 
object_class->dispose = dispose;
+
+   signals[KNOWN_NETWORKS_CHANGED] =
+   g_signal_new (NM_IWD_MANAGER_KNOWN_NETWORKS_CHANGED,
+ G_OBJECT_CLASS_TYPE (object_class),
+ G_SIGNAL_RUN_FIRST,
+ 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1,
+ G_TYPE_POINTER);
 }
diff --git a/src/devices/wifi/nm-iwd-manager.h 
b/src/devices/wifi/nm-iwd-manager.h
index 80b430f0f..96b5e2c26 100644
--- a/src/devices/wifi/nm-iwd-manager.h
+++ b/src/devices/wifi/nm-iwd-manager.h
@@ -55,6 +55,9 @@ typedef struct {
 #define NM_IS_IWD_MANAGER_CLASS(klass)   (G_TYPE_CHECK_CLASS_TYPE ((klass),  
NM_TYPE_IWD_MANAGER))
 #define NM_IWD_MANAGER_GET_CLASS(obj)(G_TYPE_INSTANCE_GET_CLASS ((obj),  
NM_TYPE_IWD_MANAGER, NMIwdManagerClass))
 
+/* signals */
+#define NM_IWD_MANAGER_KNOWN_NETWORKS_CHANGED "known-networks-changed"
+
 typedef struct _NMIwdManager NMIwdManager;
 typedef struct _NMIwdManagerClass NMIwdManagerClass;
 
-- 
2.14.1

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC PATCH 1/8] wifi: Move get_connection_iwd_security to nm-wifi-utils.c

[Andrew Zaborowski]

Make this function public.  I'm not sure if at this point it makes
much sense to add a new file for iwd-specific utilities.
---
 src/devices/wifi/nm-device-iwd.c | 35 ++-
 src/devices/wifi/nm-wifi-utils.c | 23 +++
 src/devices/wifi/nm-wifi-utils.h |  3 +++
 3 files changed, 32 insertions(+), 29 deletions(-)

diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
index d3c5ae9aa..c756f5d35 100644
--- a/src/devices/wifi/nm-device-iwd.c
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -452,29 +452,6 @@ deactivate_async (NMDevice *device,
   G_DBUS_CALL_FLAGS_NONE, -1, cancellable, 
disconnect_cb, ctx);
 }
 
-static NMIwdNetworkSecurity
-get_connection_iwd_security (NMConnection *connection)
-{
-   NMSettingWirelessSecurity *s_wireless_sec;
-   const char *key_mgmt = NULL;
-
-   s_wireless_sec = nm_connection_get_setting_wireless_security 
(connection);
-   if (!s_wireless_sec)
-   return NM_IWD_NETWORK_SECURITY_NONE;
-
-   key_mgmt = nm_setting_wireless_security_get_key_mgmt (s_wireless_sec);
-   nm_assert (key_mgmt);
-
-   if (!strcmp (key_mgmt, "none") || !strcmp (key_mgmt, "ieee8021x"))
-   return NM_IWD_NETWORK_SECURITY_WEP;
-
-   if (!strcmp (key_mgmt, "wpa-psk"))
-   return NM_IWD_NETWORK_SECURITY_PSK;
-
-   nm_assert (!strcmp (key_mgmt, "wpa-eap"));
-   return NM_IWD_NETWORK_SECURITY_8021X;
-}
-
 static gboolean
 is_connection_known_network (NMConnection *connection)
 {
@@ -495,7 +472,7 @@ is_connection_known_network (NMConnection *connection)
 
return nm_iwd_manager_is_known_network (nm_iwd_manager_get (),
str_ssid,
-   get_connection_iwd_security 
(connection));
+   
nm_wifi_connection_get_iwd_security (connection));
 }
 
 static gboolean
@@ -549,7 +526,7 @@ check_connection_compatible (NMDevice *device, NMConnection 
*connection)
/* 8021x networks can only be used if they've been provisioned on the 
IWD side and
 * thus are Known Networks.
 */
-   if (get_connection_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
+   if (nm_wifi_connection_get_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
if (!is_connection_known_network (connection))
return FALSE;
}
@@ -583,7 +560,7 @@ check_connection_available (NMDevice *device,
/* 8021x networks can only be used if they've been provisioned on the 
IWD side and
 * thus are Known Networks.
 */
-   if (get_connection_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
+   if (nm_wifi_connection_get_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
if (!is_connection_known_network (connection))
return FALSE;
}
@@ -718,7 +695,7 @@ complete_connection (NMDevice *device,
/* 8021x networks can only be used if they've been provisioned on the 
IWD side and
 * thus are Known Networks.
 */
-   if (get_connection_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
+   if (nm_wifi_connection_get_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
if (!is_connection_known_network (connection)) {
g_set_error_literal (error,
 NM_CONNECTION_ERROR,
@@ -819,7 +796,7 @@ can_auto_connect (NMDevice *device,
/* 8021x networks can only be used if they've been provisioned on the 
IWD side and
 * thus are Known Networks.
 */
-   if (get_connection_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
+   if (nm_wifi_connection_get_iwd_security (connection) == 
NM_IWD_NETWORK_SECURITY_8021X) {
if (!is_connection_known_network (connection))
return FALSE;
}
@@ -1160,7 +1137,7 @@ network_connect_cb (GObject *source, GAsyncResult *res, 
gpointer user_data)
nm_device_activate_schedule_stage3_ip_config_start (device);
 
nm_iwd_manager_network_connected (nm_iwd_manager_get (), str_ssid,
- get_connection_iwd_security 
(connection));
+ nm_wifi_connection_get_iwd_security 
(connection));
 
return;
 
diff --git a/src/devices/wifi/nm-wifi-utils.c b/src/devices/wifi/nm-wifi-utils.c
index 044bd392d..c7bb71963 100644
--- a/src/devices/wifi/nm-wifi-utils.c
+++ b/src/devices/wifi/nm-wifi-utils.c
@@ -814,3 +814,26 @@ nm_wifi_utils_is_manf_default_ssid (const GByteArray *ssid)
}
return FALSE;
 }
+
+NMIwdNetworkSecurity
+nm_wifi_connection_get_iwd_security (NMConnection *connection)
+{
+   NMSettingWirelessSecurity *s_wireless_sec;
+   

Re: How does IWD handle setting MAC address?

[Andrew Zaborowski]

Hi,

On 5 January 2018 at 14:58, Thomas Haller  wrote:
> For NM, at each moment not all its connection profiles are candidate
> for connecting automatically. The list of which profiles can be
> autoactivated depends on NM internal state, for example
>   - is the profile even configured to allow autoactivation?
>   - is the user owning the connection logged in (if it's restricted
> to a user)?
>   - if the profile requires secrets, is somebody previledged around
> to potentially provide them?
>   - was the connection previously manually disconnected by the user
> (which marks it as blocked from autoconnecting again)
>   - did a previous connection attempt fail, e.g. no DHCP lease. If
> it failed $configurable times, it will be blocked for a few
> minutes.
>
> With supplicant, NM intersects the list of autoconnect candidates with
> the list from the scan-list, and decides which to (auto) activate. As
> far as supplicant is concerned, this is not happening automatically,
> and there is no race.
>
> If I understand you, the reason to let iwd automatically pick a
> network, is because iwd knows better.
>
> But in case there are multiple autoconnect candidates that could be
> activated, then NM chooses the candidate which
>   - has the highest autoconnect priority (configurable)
>   - was used the least long ago.
> Indeed, NM doesn't consider the signal strength and other Wi-Fi
> properties. It's a missing feature.
>
> How is iwd choosing automatically? Choosing based on signal strength
> and encryption parameters would be a nice feature, but what about non-
> Wi-Fi related factors.
> How will iwd allow NM to contribute to that decision?

I have been thinking about actual ways this could be implemnted
because I talked to Denis about this as a long term goal for the
iwd-NM integration.  It would clearly require a major rework and
keeping wpa_supplicant as the other backend would be difficult too.
This stems from the fact that currently NM is the wifi daemon in the
sense that Marcel talks about.  All wpa_supplicant does is keep a
specific connection alive (including roaming if needed) and that is a
fair separation of duties.

I believe there are situations where the current approach with NM
managing all of the profiles at the same level has an advantage, for
example it allows roaming between wifi and 4G depending on the best
throughput -- not only based on the presence of wifi networks.  My
current android phone has this option in advanced wifi settings.

One way to keep the current NM user API mostly intact would be to
special-case wifi profiles and prevent NM from ever storing them.
They'd have to be pulled from iwd over DBus when the UI asks for them.
This would touch much more code in NM than just the src/devces/wifi/
and could be ugly.  NM would have to tell iwd the minimum parameters
it is expecting from a wifi connection based on what other connection
methods are available.  If iwd can locate an AP that is good enough it
is free to use its own autoconnect logic, otherwise it would have to
give it up for NM to use another radio access technology.

I don't like this idea for its complexity but I'm not sure if there's
a better way.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: How does IWD handle setting MAC address?

[Andrew Zaborowski]

Hi,

On 3 January 2018 at 20:58, Marcel Holtmann  wrote:
>> I think a valueable feature with NetworkManager + Wi-Fi +
>> wpa_supplicant is that MAC address options.
>>
>> I tried to explain how that works here:
>>  
>> https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/
>> and some ideas here:
>>  
>> https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/nm-conf.d/30-anon.conf?id=b936ccd2837199d5851388122c2e44951bf20012
>>
>>
>> Basically, NM changes the current MAC address of the Wi-Fi device under the 
>> hood.
>> But only while scanning, early when activation starts, or after deactivation.
>>
>> Grep the sources for nm_device_hw_addr_set() and 
>> nm_device_hw_addr_set_cloned().
>>
>> There were/are a few issues with supplicant, where it would cope badly with 
>> NM
>> externally changing the MAC address:
>> E.g. 
>> https://w1.fi/cgit/hostap/commit/?id=290834df69556b903b49f2a45671cc62b44f13bb
>> http://lists.infradead.org/pipermail/hostap/2017-October/038035.html
>>
>> Also, some drivers don't support changing the MAC address at all. In the 
>> past,
>> NM would fail badly in that case, nowadays, it should just log a warning
>> and otherwise work fine.
>>
>>
>> Anyway, how does iwd cope with NM externally changing the MAC address (via 
>> netlink)?
>> Otherwise, could/does iwd provide a SetMacAddress() D-Bus method?
>> I don't think iwd should contain the logic for selecting a MAC address. NM 
>> knows which
>> profile is active, and it knows how to generate the desired MAC address. iwd 
>> could contain
>> some MAC address randomization schemes, I don't care as long as there is a 
>> way for NM
>> to explicitly set the desired MAC address.
>
> I think that MAC address randomization should be done inside the kernel at 
> cfg80211 level or to some level via nl80211 level from iwd. Doing that the 
> hard way via RTNL and behind the back of a WiFi daemon is really a bad idea.

That said iwd should cope Ok with the MAC address changing behind its
back if it receives the RTNL notification (RTM_NEWLINK) if it isn't
connected.  It always updates it's copy of the address on a
RTM_NEWLINK so the race condition shouldn't be present I suppose.  It
will come out in testing I'm sure, I'll try to have the mac
randomization enabled to see how well it handles the interface down-up
cycles.  Ideally this too should be done through iwd device's
"Powered" property over dbus but it should still work if not.

I'm not an iwd architect but often the answer is that if something is
a "power user" feature then it won't be supported (iwd currently
mostly wants to provide an android phone type of configurability) and
if it's a good idea for everyone then it should be always enabled and
done within iwd or the kernel.  There are a few things that
wpa_supplicant and NetworkManager support that I suspect will be
considered too specialized for iwd.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [PATCH 3/4] devices/wifi: Add the wifi-backend config option

[Andrew Zaborowski]

On 13 December 2017 at 17:21, Thomas Haller  wrote:
> there is a patch for review to do that:
>
> on https://github.com/NetworkManager/NetworkManager/pull/41

Great, I'll remove that from my own tasks then.  The patches look
good, I only added a small comment, in fact I had a similar fix to the
nm-wifi-factory.c debug message which I probably left there
inadvertently.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 3/6] devices/wifi: Add NMDeviceIwd class to support IWD backend

[Andrew Zaborowski]

This is very similar to NMDeviceWifi but simplified to remove the things
currently unsupported and with calls to nm_platform_wifi_* and
nm_supplicant_* replaced with IWD DBus API calls.  Only unsecured
infrastructure-mode networks are supported here.
---
 Makefile.am  |6 +
 configure.ac |   21 +
 src/devices/wifi/nm-device-iwd.c | 1776 ++
 src/devices/wifi/nm-device-iwd.h |   56 ++
 4 files changed, 1859 insertions(+)
 create mode 100644 src/devices/wifi/nm-device-iwd.c
 create mode 100644 src/devices/wifi/nm-device-iwd.h

diff --git a/Makefile.am b/Makefile.am
index 7bce597e9..7bde983a6 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2641,6 +2641,12 @@ src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
src/devices/wifi/nm-device-olpc-mesh.c \
src/devices/wifi/nm-device-olpc-mesh.h
 
+if WITH_IWD
+src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
+   src/devices/wifi/nm-device-iwd.c \
+   src/devices/wifi/nm-device-iwd.h
+endif
+
 src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
-I$(srcdir)/src \
-I$(builddir)/src \
diff --git a/configure.ac b/configure.ac
index 79791ab76..b99f05376 100644
--- a/configure.ac
+++ b/configure.ac
@@ -264,6 +264,26 @@ else
 fi
 
 dnl
+dnl Default to using wpa_supplicant but allow IWD as wifi backend
+dnl
+AC_ARG_WITH(iwd,
+AS_HELP_STRING([--with-iwd=yes],
+   [Support IWD as wifi-backend in addition to 
wpa_supplicant (experimental)]),
+ac_with_iwd=$withval, ac_with_iwd="no")
+if test "$ac_with_iwd" != 'no'; then
+   ac_with_iwd='yes'
+fi
+if test x"$ac_with_iwd" = x"yes"; then
+   if test "$enable_wifi" != "yes"; then
+   AC_MSG_ERROR(Enabling IWD support and disabling Wi-Fi makes no 
sense)
+   fi
+   AC_DEFINE(WITH_IWD, 1, [Define to compile with the IWD wifi-backend])
+else
+   AC_DEFINE(WITH_IWD, 0, [Define to compile without the IWD wifi-backend])
+fi
+AM_CONDITIONAL(WITH_IWD, test x"${ac_with_iwd}" = x"yes")
+
+dnl
 dnl Check for newer VLAN flags
 dnl
 AC_MSG_CHECKING([Linux kernel VLAN_FLAG_LOOSE_BINDING enum value])
@@ -1326,6 +1346,7 @@ echo "  libteamdctl: $enable_teamdctl"
 echo "  libnm-glib: $with_libnm_glib"
 echo "  nmcli: $build_nmcli"
 echo "  nmtui: $build_nmtui"
+echo "  iwd: $ac_with_iwd"
 echo
 
 echo "Configuration plugins (main.plugins=${config_plugins_default})"
diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
new file mode 100644
index 0..e672cfcde
--- /dev/null
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -0,0 +1,1776 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager -- Network link manager
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Intel Corporation
+ */
+
+#include "nm-default.h"
+
+#include "nm-device-iwd.h"
+
+#include 
+
+#include "nm-common-macros.h"
+#include "devices/nm-device.h"
+#include "devices/nm-device-private.h"
+#include "nm-utils.h"
+#include "nm-act-request.h"
+#include "nm-setting-connection.h"
+#include "nm-setting-wireless.h"
+#include "nm-setting-wireless-security.h"
+#include "nm-setting-8021x.h"
+#include "settings/nm-settings-connection.h"
+#include "settings/nm-settings.h"
+#include "nm-wifi-utils.h"
+#include "nm-core-internal.h"
+#include "nm-config.h"
+#include "nm-iwd-manager.h"
+
+#include "introspection/org.freedesktop.NetworkManager.Device.Wireless.h"
+
+#include "devices/nm-device-logging.h"
+_LOG_DECLARE_SELF(NMDeviceIwd);
+
+static NM_CACHED_QUARK_FCN ("wireless-secrets-tries", 
wireless_secrets_tries_quark)
+
+/*/
+
+NM_GOBJECT_PROPERTIES_DEFINE (NMDeviceIwd,
+   PROP_MODE,
+   PROP_BITRATE,
+   PROP_ACCESS_POINTS,
+   PROP_ACTIVE_ACCESS_POINT,
+   PROP_CAPABILITIES,
+   PROP_SCANNING,
+);
+
+enum {
+   ACCESS_POINT_ADDED,
+   ACCESS_POINT_REMOVED,
+   SCANNING_PROHIBITED,
+
+   LAST_SIGNAL
+};
+
+static guint signals[LAST_SIGNAL] = { 0 };
+
+typedef struct {
+   GDBusObject *   dbus_obj;
+   GDBusProxy *dbus_proxy;
+   GHashTable *aps;
+   GHashTable *new_aps;
+

[PATCH 6/6] devices/wifi: Register an IWD PSK agent on dbus

[Andrew Zaborowski]

Add the PSK agent support to support PSK networks.  Note that the PSK
itself will be saved by IWD on the first successful connection to the
network and will not be updated when it is changed by the user on the NM
side, this still needs fixing like a bunch of other problems.
---
 src/devices/wifi/nm-device-iwd.c  |  27 +
 src/devices/wifi/nm-device-iwd.h  |   2 +
 src/devices/wifi/nm-iwd-manager.c | 205 +-
 3 files changed, 233 insertions(+), 1 deletion(-)

diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
index 1714a4bf2..0d1832787 100644
--- a/src/devices/wifi/nm-device-iwd.c
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -1651,6 +1651,33 @@ nm_device_iwd_set_dbus_object (NMDeviceIwd *self, 
GDBusObject *object)
send_disconnect (self);
 }
 
+const gchar *
+nm_device_iwd_agent_psk_query (NMDeviceIwd *self)
+{
+   NMActRequest *req;
+   NMConnection *connection;
+   NMSettingWireless *s_wireless;
+   NMSettingWirelessSecurity *s_wireless_sec;
+
+   req = nm_device_get_act_request (NM_DEVICE (self));
+   if (!req)
+   return NULL;
+
+   connection = nm_act_request_get_applied_connection (req);
+   if (!connection)
+   return NULL;
+
+   s_wireless = nm_connection_get_setting_wireless (connection);
+   if (!s_wireless)
+   return NULL;
+
+   s_wireless_sec = nm_connection_get_setting_wireless_security 
(connection);
+   if (!s_wireless_sec)
+   return NULL;
+
+   return nm_setting_wireless_security_get_psk (s_wireless_sec);
+}
+
 /*/
 
 static void
diff --git a/src/devices/wifi/nm-device-iwd.h b/src/devices/wifi/nm-device-iwd.h
index 34cdad0d0..332f4282c 100644
--- a/src/devices/wifi/nm-device-iwd.h
+++ b/src/devices/wifi/nm-device-iwd.h
@@ -55,4 +55,6 @@ NMDevice *nm_device_iwd_new (const char *iface, 
NMDeviceWifiCapabilities capabil
 
 void nm_device_iwd_set_dbus_object (NMDeviceIwd *device, GDBusObject *object);
 
+const gchar *nm_device_iwd_agent_psk_query (NMDeviceIwd *device);
+
 #endif /* __NETWORKMANAGER_DEVICE_IWD_H__ */
diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index 15f1767f4..9f83c9fd3 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -35,6 +35,8 @@ typedef struct {
GCancellable *cancellable;
gboolean running;
GDBusObjectManager *object_manager;
+   guint agent_id;
+   gchar *agent_path;
 } NMIwdManagerPrivate;
 
 struct _NMIwdManager {
@@ -73,6 +75,165 @@ G_DEFINE_TYPE (NMIwdManager, nm_iwd_manager, G_TYPE_OBJECT)
 /*/
 
 static void
+psk_agent_dbus_method_cb (GDBusConnection *connection,
+  const gchar *sender, const gchar *object_path,
+  const gchar *interface_name, const gchar 
*method_name,
+  GVariant *parameters,
+  GDBusMethodInvocation *invocation,
+  gpointer user_data)
+{
+   NMIwdManager *self = user_data;
+   NMIwdManagerPrivate *priv = NM_IWD_MANAGER_GET_PRIVATE (self);
+   GDBusObjectManagerClient *omc = G_DBUS_OBJECT_MANAGER_CLIENT 
(priv->object_manager);
+   const gchar *network_path, *device_path, *ifname;
+   gs_unref_object GDBusInterface *network = NULL, *device_obj = NULL;
+   gs_unref_variant GVariant *value = NULL;
+   gint ifindex;
+   NMManager *manager;
+   NMDevice *device;
+   const gchar *psk;
+
+   /* Be paranoid and check the sender address */
+   if (!nm_streq0 (g_dbus_object_manager_client_get_name_owner (omc), 
sender))
+   goto return_error;
+
+   g_variant_get (parameters, "()", _path);
+
+   network = g_dbus_object_manager_get_interface (priv->object_manager,
+  network_path,
+  
NM_IWD_NETWORK_INTERFACE);
+   value = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (network), 
"Device");
+   device_path = g_variant_get_string (value, NULL);
+
+   if (!device_path) {
+   _LOGE ("Device not cached for network %s in IWD Agent request",
+  network_path);
+   goto return_error;
+   }
+
+   device_obj = g_dbus_object_manager_get_interface (priv->object_manager,
+ device_path,
+ NM_IWD_DEVICE_INTERFACE);
+   g_variant_unref (value);
+   value = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (device_obj), 
"Name");
+   ifname = g_variant_get_string (value, NULL);
+
+   if (!ifname) {
+   _LOGE ("Name not cached for device %s in IWD Agent request",
+   

[PATCH 4/6] devices/wifi: Track IWD devices, match to NMDeviceIwd objects

[Andrew Zaborowski]

Add the NMIwdManager singleton to be responsible for matching
NMDeviceIwd objects created from platform devices, to IWD Device dbus
objects when they appear/disappear.
---
 Makefile.am   |   4 +-
 src/devices/wifi/nm-device-iwd.c  |  41 +
 src/devices/wifi/nm-device-iwd.h  |   2 +
 src/devices/wifi/nm-iwd-manager.c | 348 ++
 src/devices/wifi/nm-iwd-manager.h |  53 ++
 5 files changed, 447 insertions(+), 1 deletion(-)
 create mode 100644 src/devices/wifi/nm-iwd-manager.c
 create mode 100644 src/devices/wifi/nm-iwd-manager.h

diff --git a/Makefile.am b/Makefile.am
index 7bde983a6..e836f9e12 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2644,7 +2644,9 @@ src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
 if WITH_IWD
 src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
src/devices/wifi/nm-device-iwd.c \
-   src/devices/wifi/nm-device-iwd.h
+   src/devices/wifi/nm-device-iwd.h \
+   src/devices/wifi/nm-iwd-manager.c \
+   src/devices/wifi/nm-iwd-manager.h
 endif
 
 src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
index e672cfcde..1714a4bf2 100644
--- a/src/devices/wifi/nm-device-iwd.c
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -1610,6 +1610,47 @@ properties_changed (GDBusProxy *proxy, GVariant 
*changed_properties,
g_variant_iter_free (iter);
 }
 
+void
+nm_device_iwd_set_dbus_object (NMDeviceIwd *self, GDBusObject *object)
+{
+   NMDeviceIwdPrivate *priv = NM_DEVICE_IWD_GET_PRIVATE (self);
+   GDBusInterface *interface;
+
+   if (!nm_g_object_ref_set ((GObject **) >dbus_obj, (GObject *) 
object))
+   return;
+
+   if (priv->dbus_proxy) {
+   g_signal_handlers_disconnect_by_func (priv->dbus_proxy,
+ properties_changed, self);
+
+   g_clear_object (>dbus_proxy);
+   }
+
+   if (priv->enabled)
+   nm_device_queue_recheck_available (NM_DEVICE (self),
+  
NM_DEVICE_STATE_REASON_SUPPLICANT_AVAILABLE,
+  
NM_DEVICE_STATE_REASON_SUPPLICANT_FAILED);
+
+   if (!object) {
+   priv->can_scan = FALSE;
+
+   cleanup_association_attempt (self, FALSE);
+   return;
+   }
+
+   interface = g_dbus_object_get_interface (object, 
NM_IWD_DEVICE_INTERFACE);
+   priv->dbus_proxy = G_DBUS_PROXY (interface);
+
+   g_signal_connect (priv->dbus_proxy, "g-properties-changed",
+ G_CALLBACK (properties_changed), self);
+
+   /* Call Disconnect to make sure IWD's autoconnect is disabled.  We've
+* most likely just brought the device UP so it would be in
+* autoconnect by default.
+*/
+   send_disconnect (self);
+}
+
 /*/
 
 static void
diff --git a/src/devices/wifi/nm-device-iwd.h b/src/devices/wifi/nm-device-iwd.h
index 0cfdcd6ee..34cdad0d0 100644
--- a/src/devices/wifi/nm-device-iwd.h
+++ b/src/devices/wifi/nm-device-iwd.h
@@ -53,4 +53,6 @@ GType nm_device_iwd_get_type (void);
 
 NMDevice *nm_device_iwd_new (const char *iface, NMDeviceWifiCapabilities 
capabilities);
 
+void nm_device_iwd_set_dbus_object (NMDeviceIwd *device, GDBusObject *object);
+
 #endif /* __NETWORKMANAGER_DEVICE_IWD_H__ */
diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
new file mode 100644
index 0..15f1767f4
--- /dev/null
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -0,0 +1,348 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager -- Network link manager
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Intel Corporation
+ */
+
+#include "nm-default.h"
+
+#include "nm-iwd-manager.h"
+
+#include 
+#include 
+
+#include "nm-logging.h"
+#include "nm-manager.h"
+#include "nm-device-iwd.h"
+
+/*/
+
+typedef struct {
+   GCancellable *cancellable;
+   gboolean running;
+   GDBusObjectManager *object_manager;

[PATCH 2/6] devices/wifi: Move is_manf_default_ssid to nm-wifi-utils.c

[Andrew Zaborowski]

Move the function for easier code reuse.
---
 src/devices/wifi/nm-device-wifi.c | 36 ++--
 src/devices/wifi/nm-wifi-utils.c  | 32 
 src/devices/wifi/nm-wifi-utils.h  |  2 ++
 3 files changed, 36 insertions(+), 34 deletions(-)

diff --git a/src/devices/wifi/nm-device-wifi.c 
b/src/devices/wifi/nm-device-wifi.c
index 23777ae60..b3c1269b4 100644
--- a/src/devices/wifi/nm-device-wifi.c
+++ b/src/devices/wifi/nm-device-wifi.c
@@ -48,6 +48,7 @@
 #include "nm-auth-utils.h"
 #include "settings/nm-settings-connection.h"
 #include "settings/nm-settings.h"
+#include "nm-wifi-utils.h"
 #include "nm-core-internal.h"
 #include "nm-config.h"
 
@@ -730,39 +731,6 @@ check_connection_available (NMDevice *device,
 }
 
 static gboolean
-is_manf_default_ssid (const GByteArray *ssid)
-{
-   int i;
-   /*
-* List of manufacturer default SSIDs that are often unchanged by users.
-*
-* NOTE: this list should *not* contain networks that you would like to
-* automatically roam to like "Starbucks" or "AT" or "T-Mobile 
HotSpot".
-*/
-   static const char *manf_defaults[] = {
-   "linksys",
-   "linksys-a",
-   "linksys-g",
-   "default",
-   "belkin54g",
-   "NETGEAR",
-   "o2DSL",
-   "WLAN",
-   "ALICE-WLAN",
-   "Speedport W 501V",
-   "TURBONETT",
-   };
-
-   for (i = 0; i < G_N_ELEMENTS (manf_defaults); i++) {
-   if (ssid->len == strlen (manf_defaults[i])) {
-   if (memcmp (manf_defaults[i], ssid->data, ssid->len) == 
0)
-   return TRUE;
-   }
-   }
-   return FALSE;
-}
-
-static gboolean
 complete_connection (NMDevice *device,
  NMConnection *connection,
  const char *specific_object,
@@ -882,7 +850,7 @@ complete_connection (NMDevice *device,
 */
if (!nm_wifi_ap_complete_connection (ap,
 connection,
-is_manf_default_ssid 
(ssid),
+
nm_wifi_utils_is_manf_default_ssid (ssid),
 error)) {
if (tmp_ssid)
g_byte_array_unref (tmp_ssid);
diff --git a/src/devices/wifi/nm-wifi-utils.c b/src/devices/wifi/nm-wifi-utils.c
index 06da92cec..d85f62381 100644
--- a/src/devices/wifi/nm-wifi-utils.c
+++ b/src/devices/wifi/nm-wifi-utils.c
@@ -784,3 +784,35 @@ nm_wifi_utils_level_to_quality (gint val)
return (guint32) val;
 }
 
+gboolean
+nm_wifi_utils_is_manf_default_ssid (const GByteArray *ssid)
+{
+   int i;
+   /*
+* List of manufacturer default SSIDs that are often unchanged by users.
+*
+* NOTE: this list should *not* contain networks that you would like to
+* automatically roam to like "Starbucks" or "AT" or "T-Mobile 
HotSpot".
+*/
+   static const char *manf_defaults[] = {
+   "linksys",
+   "linksys-a",
+   "linksys-g",
+   "default",
+   "belkin54g",
+   "NETGEAR",
+   "o2DSL",
+   "WLAN",
+   "ALICE-WLAN",
+   "Speedport W 501V",
+   "TURBONETT",
+   };
+
+   for (i = 0; i < G_N_ELEMENTS (manf_defaults); i++) {
+   if (ssid->len == strlen (manf_defaults[i])) {
+   if (memcmp (manf_defaults[i], ssid->data, ssid->len) == 
0)
+   return TRUE;
+   }
+   }
+   return FALSE;
+}
diff --git a/src/devices/wifi/nm-wifi-utils.h b/src/devices/wifi/nm-wifi-utils.h
index 1b6c2f4bf..def64dd6f 100644
--- a/src/devices/wifi/nm-wifi-utils.h
+++ b/src/devices/wifi/nm-wifi-utils.h
@@ -39,4 +39,6 @@ gboolean nm_wifi_utils_complete_connection (const GByteArray 
*ssid,
 
 guint32 nm_wifi_utils_level_to_quality (gint val);
 
+gboolean nm_wifi_utils_is_manf_default_ssid (const GByteArray *ssid);
+
 #endif  /* __NM_WIFI_UTILS_H__ */
-- 
2.11.0

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 5/6] devices/wifi: Add the wifi-backend config option

[Andrew Zaborowski]

Let the config file select between creating classes of NMDeviceWifi
(for the usual wpa_supplicant based devices) and NMDeviceIwd depending
on the new NetworkManager.conf setting.
---
 src/devices/wifi/nm-wifi-factory.c | 23 ---
 src/nm-config.h|  1 +
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/src/devices/wifi/nm-wifi-factory.c 
b/src/devices/wifi/nm-wifi-factory.c
index a1752634b..6c6984eab 100644
--- a/src/devices/wifi/nm-wifi-factory.c
+++ b/src/devices/wifi/nm-wifi-factory.c
@@ -27,8 +27,10 @@
 #include "nm-setting-olpc-mesh.h"
 #include "nm-device-wifi.h"
 #include "nm-device-olpc-mesh.h"
+#include "nm-device-iwd.h"
 #include "settings/nm-settings-connection.h"
 #include "platform/nm-platform.h"
+#include "nm-config.h"
 
 /*/
 
@@ -75,6 +77,7 @@ create_device (NMDeviceFactory *factory,
 {
NMDeviceWifiCapabilities capabilities;
NM80211Mode mode;
+   const char *backend;
 
g_return_val_if_fail (iface != NULL, NULL);
g_return_val_if_fail (plink != NULL, NULL);
@@ -98,10 +101,24 @@ create_device (NMDeviceFactory *factory,
return NULL;
}
 
-   if (plink->type == NM_LINK_TYPE_WIFI)
-   return nm_device_wifi_new (iface, capabilities);
-   else
+   if (plink->type != NM_LINK_TYPE_WIFI)
return nm_device_olpc_mesh_new (iface);
+
+   backend = nm_config_data_get_value (NM_CONFIG_GET_DATA_ORIG,
+   NM_CONFIG_KEYFILE_GROUP_MAIN,
+   
NM_CONFIG_KEYFILE_KEY_MAIN_WIFI_BACKEND,
+   NM_CONFIG_GET_VALUE_STRIP);
+
+   nm_log_warn (LOGD_PLATFORM | LOGD_WIFI, "(%s) config: backend is %s, 
%i", iface, backend, WITH_IWD);
+   if (!backend || !strcasecmp (backend, "wpa_supplicant"))
+   return nm_device_wifi_new (iface, capabilities);
+#if WITH_IWD
+   else if (!strcasecmp (backend, "iwd"))
+   return nm_device_iwd_new (iface, capabilities);
+#endif
+
+   nm_log_warn (LOGD_PLATFORM | LOGD_WIFI, "(%s) config: unknown or 
unsupported wifi-backend %s", iface, backend);
+   return NULL;
 }
 
 /*/
diff --git a/src/nm-config.h b/src/nm-config.h
index 47e929884..d94a279ca 100644
--- a/src/nm-config.h
+++ b/src/nm-config.h
@@ -64,6 +64,7 @@
 #define NM_CONFIG_KEYFILE_KEY_MAIN_DEBUG"debug"
 #define NM_CONFIG_KEYFILE_KEY_MAIN_HOSTNAME_MODE"hostname-mode"
 #define NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER "slaves-order"
+#define NM_CONFIG_KEYFILE_KEY_MAIN_WIFI_BACKEND "wifi-backend"
 #define NM_CONFIG_KEYFILE_KEY_LOGGING_BACKEND   "backend"
 #define NM_CONFIG_KEYFILE_KEY_CONFIG_ENABLE "enable"
 #define NM_CONFIG_KEYFILE_KEY_ATOMIC_SECTION_WAS".was"
-- 
2.11.0

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 1/6] devices/wifi: Move AP list utilities to nm-wifi-ap.c

[Andrew Zaborowski]

Move three functions for easier code reuse.
---
 src/devices/wifi/nm-device-wifi.c | 111 ++
 src/devices/wifi/nm-wifi-ap.c |  85 +
 src/devices/wifi/nm-wifi-ap.h |   8 +++
 3 files changed, 108 insertions(+), 96 deletions(-)

diff --git a/src/devices/wifi/nm-device-wifi.c 
b/src/devices/wifi/nm-device-wifi.c
index ebd5317a5..23777ae60 100644
--- a/src/devices/wifi/nm-device-wifi.c
+++ b/src/devices/wifi/nm-device-wifi.c
@@ -682,35 +682,14 @@ check_connection_compatible (NMDevice *device, 
NMConnection *connection)
return TRUE;
 }
 
-static NMWifiAP *
-find_first_compatible_ap (NMDeviceWifi *self,
-  NMConnection *connection,
-  gboolean allow_unstable_order)
-{
-   GHashTableIter iter;
-   NMWifiAP *ap;
-   NMWifiAP *cand_ap = NULL;
-
-   g_return_val_if_fail (connection != NULL, NULL);
-
-   g_hash_table_iter_init (, NM_DEVICE_WIFI_GET_PRIVATE (self)->aps);
-   while (g_hash_table_iter_next (, NULL, (gpointer) )) {
-   if (!nm_wifi_ap_check_compatible (ap, connection))
-   continue;
-   if (allow_unstable_order)
-   return ap;
-   if (!cand_ap || (nm_wifi_ap_get_id (cand_ap) < 
nm_wifi_ap_get_id (ap)))
-   cand_ap = ap;
-   }
-   return cand_ap;
-}
-
 static gboolean
 check_connection_available (NMDevice *device,
 NMConnection *connection,
 NMDeviceCheckConAvailableFlags flags,
 const char *specific_object)
 {
+   NMDeviceWifi *self = NM_DEVICE_WIFI (device);
+   NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self);
NMSettingWireless *s_wifi;
const char *mode;
 
@@ -723,7 +702,7 @@ check_connection_available (NMDevice *device,
if (specific_object) {
NMWifiAP *ap;
 
-   ap = get_ap_by_path (NM_DEVICE_WIFI (device), specific_object);
+   ap = get_ap_by_path (self, specific_object);
return ap ? nm_wifi_ap_check_compatible (ap, connection) : 
FALSE;
}
 
@@ -747,7 +726,7 @@ check_connection_available (NMDevice *device,
return TRUE;
 
/* check at least one AP is compatible with this connection */
-   return !!find_first_compatible_ap (NM_DEVICE_WIFI (device), connection, 
TRUE);
+   return !!nm_wifi_aps_find_first_compatible (priv->aps, connection, 
TRUE);
 }
 
 static gboolean
@@ -791,6 +770,7 @@ complete_connection (NMDevice *device,
  GError **error)
 {
NMDeviceWifi *self = NM_DEVICE_WIFI (device);
+   NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self);
NMSettingWireless *s_wifi;
const char *setting_mac;
char *str_ssid = NULL;
@@ -827,7 +807,7 @@ complete_connection (NMDevice *device,
 
if (!nm_streq0 (mode, NM_SETTING_WIRELESS_MODE_AP)) {
/* Find a compatible AP in the scan list */
-   ap = find_first_compatible_ap (self, connection, FALSE);
+   ap = nm_wifi_aps_find_first_compatible (priv->aps, 
connection, FALSE);
 
/* If we still don't have an AP, then the WiFI settings 
needs to be
 * fully specified by the client.  Might not be able to 
find an AP
@@ -1012,6 +992,7 @@ can_auto_connect (NMDevice *device,
   char **specific_object)
 {
NMDeviceWifi *self = NM_DEVICE_WIFI (device);
+   NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self);
NMSettingWireless *s_wifi;
NMWifiAP *ap;
const char *method, *mode;
@@ -1043,7 +1024,7 @@ can_auto_connect (NMDevice *device,
return FALSE;
}
 
-   ap = find_first_compatible_ap (self, connection, FALSE);
+   ap = nm_wifi_aps_find_first_compatible (priv->aps, connection, FALSE);
if (ap) {
/* All good; connection is usable */
NM_SET_OUT (specific_object, g_strdup 
(nm_exported_object_get_path (NM_EXPORTED_OBJECT (ap;
@@ -1053,78 +1034,15 @@ can_auto_connect (NMDevice *device,
return FALSE;
 }
 
-static int
-ap_id_compare (gconstpointer p_a, gconstpointer p_b, gpointer user_data)
-{
-   guint64 a_id = nm_wifi_ap_get_id (*((NMWifiAP **) p_a));
-   guint64 b_id = nm_wifi_ap_get_id (*((NMWifiAP **) p_b));
-
-   return a_id < b_id ? -1 : (a_id == b_id ? 0 : 1);
-}
-
-static NMWifiAP **
-ap_list_get_sorted (NMDeviceWifi *self, gboolean include_without_ssid)
-{
-   NMDeviceWifiPrivate *priv;
-   NMWifiAP **list;
-   GHashTableIter iter;
-   NMWifiAP *ap;
-   gsize i, n;
-
-   priv = NM_DEVICE_WIFI_GET_PRIVATE (self);
-
-   n = g_hash_table_size (priv->aps);
-   list = g_new (NMWifiAP *, n + 1);
-
-   i = 0;
-   if (n > 

Re: [PATCH 3/4] devices/wifi: Add the wifi-backend config option

[Andrew Zaborowski]

Hi,

On 7 December 2017 at 08:22, Thomas Haller  wrote:
> Maybe the documentation should not say:
> wpa_supplicant is also the default backend.
> but instead: "if the setting is missing, it is autodetected.".
>
> -- although for now, it means to always ~detect~ supplicant.
>
>
>
>
> Would it ever make sense that one device is managed by supplicant and
> another by iwd? I think it would.

I'm not sure, multiple real wifi devices in one system is generally a
rare situation and it's hard to tell what is expected from the
software.

> Maybe this should hence be configured
> via
>
> [device]
> wifi.backend=
>
> the [device] section allows to configure settings per-device, like
>
> /etc/NetworkManager/conf.d/10-wifi-backend.conf:
>
>   [device-wifi-backend-wlan0]
>   match-device=interface-name:wlan0
>   wifi.backend=iwd
>
>   [device-wifi-backend-default]
>   wifi.backend=wpa_supplicant
>
> We currently lookup such configuration via
> nm_config_data_get_device_config(). But inside the device-factory you
> don't have a NMDevice instance at hand, to make that decision. We would
> need a new "nm_config_data_get_device_config_by_ifindex()", to get the
> matching parameters from NMPlatform.
>
> We can do this later -- but before 1.12.0 release.

Ok, let's do this in separate patches.  I left the wifi-backend option
in my patches but dropped the documentation piece because it's going
to be temporary.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [PATCH 1/4] devices/wifi: Add NMDeviceIwd class to support IWD backend

[Andrew Zaborowski]

On 7 December 2017 at 08:22, Thomas Haller <thal...@redhat.com> wrote:
> On Tue, 2017-12-05 at 16:25 +0100, Andrew Zaborowski wrote:
>> +
>> +typedef struct {
>> + GDBusObject *   dbus_obj;
>> + GDBusProxy *dbus_proxy;
>> + GHashTable *aps;
>> + GHashTable *new_aps;
>> + NMWifiAP *  current_ap;
>> + GCancellable *  cancellable;
>> + NMDeviceWifiCapabilities capabilities;
>> + NMActRequestGetSecretsCallId wifi_secrets_id;
>> + gbooleanenabled:1;
>> + gbooleancan_scan:1;
>> + gbooleanscanning:1;
>
> gboolean is a typedef for (signed) int.
> Hence, a bitfield :1 of int has values -1 and 0.
> Which is ugly, our boolean values should be strictly
> 1 and 0.
>
> This is simply avoided by using
>
>   bool   field:1;

Ok, good point.

>
>
>
>
>> +} NMDeviceIwdPrivate;
>> +
>> +struct _NMDeviceIwd
>> +{
>
> for structs we don't break newline before {
>
>> + NMDevice parent;
>> + NMDeviceIwdPrivate _priv;
>> +};
>> +
>> +struct _NMDeviceIwdClass
>> +{
>
> for structs we don't break newline before {

Ok.

>
>> + NMDeviceClass parent;
>> +
>> + /* Signals */
>> + gboolean (*scanning_prohibited) (NMDeviceIwd *device,
>> gboolean periodic);
>> +};
>> +
>> +/***
>> **/
>> +
>> +G_DEFINE_TYPE (NMDeviceIwd, nm_device_iwd, NM_TYPE_DEVICE)
>> +
>> +#define NM_DEVICE_IWD_GET_PRIVATE(self) _NM_GET_PRIVATE(self,
>> NMDeviceIwd, NM_IS_DEVICE_IWD)
>> +
>> +/***
>> **/
>> +
>> +static void
>> +_ap_dump (NMDeviceIwd *self,
>> +  NMLogLevel log_level,
>> +  const NMWifiAP *ap,
>> +  const char *prefix,
>> +  gint32 now_s)
>> +{
>> + char buf[1024];
>> +
>> + buf[0] = '\0';
>> + _NMLOG (log_level, LOGD_WIFI_SCAN, "wifi-ap: %-7s %s",
>> + prefix,
>> + nm_wifi_ap_to_string (ap, buf, sizeof (buf),
>> now_s));
>> +}
>> +
>> +/* Callers ensure we're not removing current_ap */
>> +static void
>> +ap_add_remove (NMDeviceIwd *self,
>> +   guint signum,
>> +   NMWifiAP *ap,
>> +   gboolean recheck_available_connections)
>> +{
>> + NMDeviceIwdPrivate *priv = NM_DEVICE_IWD_GET_PRIVATE (self);
>> +
>> + nm_assert (NM_IN_SET (signum, ACCESS_POINT_ADDED,
>> ACCESS_POINT_REMOVED));
>> +
>> + if (signum == ACCESS_POINT_ADDED) {
>> + g_hash_table_insert (priv->aps,
>> +  (gpointer)
>> nm_exported_object_export ((NMExportedObject *) ap),
>> +  g_object_ref (ap));
>> + _ap_dump (self, LOGL_DEBUG, ap, "added", 0);
>> + } else
>> + _ap_dump (self, LOGL_DEBUG, ap, "removed", 0);
>> +
>> + g_signal_emit (self, signals[signum], 0, ap);
>> +
>> + if (signum == ACCESS_POINT_REMOVED) {
>> + g_hash_table_remove (priv->aps,
>> nm_exported_object_get_path ((NMExportedObject *) ap));
>> + nm_exported_object_unexport ((NMExportedObject *)
>> ap);
>> + g_object_unref (ap);
>> + }
>> +
>> + _notify (self, PROP_ACCESS_POINTS);
>> +
>> + nm_device_emit_recheck_auto_activate (NM_DEVICE (self));
>> + if (recheck_available_connections)
>> + nm_device_recheck_available_connections (NM_DEVICE
>> (self));
>> +}
>> +
>> +static void
>> +set_current_ap (NMDeviceIwd *self, NMWifiAP *new_ap, gboolean
>> recheck_available_connections)
>> +{
>> + NMDeviceIwdPrivate *priv;
>> + NMWifiAP *old_ap;
>> +
>> + g_return_if_fail (NM_IS_DEVICE_IWD (self));
>> +
>> + priv = NM_DEVICE_IWD_GET_PRIVATE (self);
>> + old_ap = priv->current_ap;
>> +
>> + if (old_ap == new_ap)
>> + return;
>> +
>> + if (new_ap)
>> + priv->current_ap = g_object_ref (new_ap);
>> + else
>> + priv->current_ap = NULL;
>> +
>> + if (old_ap) {
>> + if (nm_wifi_ap_get_fake (old_ap))
>> + ap_add_remove (self, ACCESS_POINT_REMOVED,
>> old_ap, recheck_available_conne

Re: [PATCH 3/4] devices/wifi: Add the wifi-backend config option

[Andrew Zaborowski]

Hi Dan,

On 5 December 2017 at 17:47, Dan Williams <d...@redhat.com> wrote:
> On Tue, 2017-12-05 at 16:26 +0100, Andrew Zaborowski wrote:
>> Let the config file select between creating classes of NMDeviceWifi
>> (for the usual wpa_supplicant based devices) and NMDeviceIwd
>> depending
>> on the new NetworkManager.conf setting.
>
> This seems wrong to me.  We usually try to keep things runtime enabled
> rather than add config options like this.  Is there any reason you
> would have both wpa_supplicant and iwd running on the same system at
> the same time?

No, you'd want to avoid that for wifi devices.  That's why I think
even separate (conflicting) plugins would be fine in this case but I'm
not sure if this is possible with NM's current plugin system.

> Could we check whether the iwd dbus service is claimed
> and just use iwd if it's running?

We could do that but it'd rely on iwd running before NetworkManager
starts, maybe that's not an issue.  I seem to remember a DBus design
guideline according to which clients should tolerate services coming
up and going away.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 2/4] devices/wifi: Track IWD devices, match to NMDeviceIwd objects

[Andrew Zaborowski]

Add the NMIwdManager singleton to be responsible for matching
NMDeviceIwd objects created from platform devices, to IWD Device dbus
objects when they appear/disappear.
---
 Makefile.am   |   4 +-
 src/devices/wifi/nm-device-iwd.c  |  41 +
 src/devices/wifi/nm-device-iwd.h  |   2 +
 src/devices/wifi/nm-iwd-manager.c | 348 ++
 src/devices/wifi/nm-iwd-manager.h |  53 ++
 5 files changed, 447 insertions(+), 1 deletion(-)
 create mode 100644 src/devices/wifi/nm-iwd-manager.c
 create mode 100644 src/devices/wifi/nm-iwd-manager.h

diff --git a/Makefile.am b/Makefile.am
index 7bde983a6..e836f9e12 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2644,7 +2644,9 @@ src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
 if WITH_IWD
 src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
src/devices/wifi/nm-device-iwd.c \
-   src/devices/wifi/nm-device-iwd.h
+   src/devices/wifi/nm-device-iwd.h \
+   src/devices/wifi/nm-iwd-manager.c \
+   src/devices/wifi/nm-iwd-manager.h
 endif
 
 src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
index 9a06604c2..e2be47bcb 100644
--- a/src/devices/wifi/nm-device-iwd.c
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -1725,6 +1725,47 @@ properties_changed (GDBusProxy *proxy, GVariant 
*changed_properties,
g_variant_iter_free (iter);
 }
 
+void
+nm_device_iwd_set_dbus_object (NMDeviceIwd *self, GDBusObject *object)
+{
+   NMDeviceIwdPrivate *priv = NM_DEVICE_IWD_GET_PRIVATE (self);
+   GDBusInterface *interface;
+
+   if (!nm_g_object_ref_set ((GObject **) >dbus_obj, (GObject *) 
object))
+   return;
+
+   if (priv->dbus_proxy) {
+   g_signal_handlers_disconnect_by_func (priv->dbus_proxy,
+ properties_changed, self);
+
+   g_clear_object (>dbus_proxy);
+   }
+
+   if (priv->enabled)
+   nm_device_queue_recheck_available (NM_DEVICE (self),
+  
NM_DEVICE_STATE_REASON_SUPPLICANT_AVAILABLE,
+  
NM_DEVICE_STATE_REASON_SUPPLICANT_FAILED);
+
+   if (!object) {
+   priv->can_scan = FALSE;
+
+   cleanup_association_attempt (self, FALSE);
+   return;
+   }
+
+   interface = g_dbus_object_get_interface (object, IWD_DEVICE_INTERFACE);
+   priv->dbus_proxy = G_DBUS_PROXY (interface);
+
+   g_signal_connect (priv->dbus_proxy, "g-properties-changed",
+ G_CALLBACK (properties_changed), self);
+
+   /* Call Disconnect to make sure IWD's autoconnect is disabled.  We've
+* most likely just brought the device UP so it would be in
+* autoconnect by default.
+*/
+   send_disconnect (self);
+}
+
 /*/
 
 static void
diff --git a/src/devices/wifi/nm-device-iwd.h b/src/devices/wifi/nm-device-iwd.h
index 0cfdcd6ee..34cdad0d0 100644
--- a/src/devices/wifi/nm-device-iwd.h
+++ b/src/devices/wifi/nm-device-iwd.h
@@ -53,4 +53,6 @@ GType nm_device_iwd_get_type (void);
 
 NMDevice *nm_device_iwd_new (const char *iface, NMDeviceWifiCapabilities 
capabilities);
 
+void nm_device_iwd_set_dbus_object (NMDeviceIwd *device, GDBusObject *object);
+
 #endif /* __NETWORKMANAGER_DEVICE_IWD_H__ */
diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
new file mode 100644
index 0..7561b17b3
--- /dev/null
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -0,0 +1,348 @@
+/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
+/* NetworkManager -- Network link manager
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Copyright (C) 2017 Intel Corporation
+ */
+
+#include "nm-default.h"
+
+#include "nm-iwd-manager.h"
+
+#include 
+#include 
+
+#include "nm-logging.h"
+#include "nm-manager.h"
+#include "nm-device-iwd.h"
+
+/*/
+
+typedef struct {
+   GCancellable *cancellable;
+   gboolean running;
+   GDBusObjectManager *object_manager;
+} 

[PATCH 4/4] devices/wifi: Register an IWD PSK agent on dbus

[Andrew Zaborowski]

Add the PSK agent support to support PSK networks.  Note that the PSK
itself will be saved by IWD on the first successful connection to the
network and will not be updated when it is changed by the user on the NM
side, this still needs fixing like a bunch of other problems.
---
 src/devices/wifi/nm-device-iwd.c  |  27 +
 src/devices/wifi/nm-device-iwd.h  |   2 +
 src/devices/wifi/nm-iwd-manager.c | 205 +-
 3 files changed, 233 insertions(+), 1 deletion(-)

diff --git a/src/devices/wifi/nm-device-iwd.c b/src/devices/wifi/nm-device-iwd.c
index e2be47bcb..b4cb87d14 100644
--- a/src/devices/wifi/nm-device-iwd.c
+++ b/src/devices/wifi/nm-device-iwd.c
@@ -1766,6 +1766,33 @@ nm_device_iwd_set_dbus_object (NMDeviceIwd *self, 
GDBusObject *object)
send_disconnect (self);
 }
 
+const gchar *
+nm_device_iwd_agent_psk_query (NMDeviceIwd *self)
+{
+   NMActRequest *req;
+   NMConnection *connection;
+   NMSettingWireless *s_wireless;
+   NMSettingWirelessSecurity *s_wireless_sec;
+
+   req = nm_device_get_act_request (NM_DEVICE (self));
+   if (!req)
+   return NULL;
+
+   connection = nm_act_request_get_applied_connection (req);
+   if (!connection)
+   return NULL;
+
+   s_wireless = nm_connection_get_setting_wireless (connection);
+   if (!s_wireless)
+   return NULL;
+
+   s_wireless_sec = nm_connection_get_setting_wireless_security 
(connection);
+   if (!s_wireless_sec)
+   return NULL;
+
+   return nm_setting_wireless_security_get_psk (s_wireless_sec);
+}
+
 /*/
 
 static void
diff --git a/src/devices/wifi/nm-device-iwd.h b/src/devices/wifi/nm-device-iwd.h
index 34cdad0d0..332f4282c 100644
--- a/src/devices/wifi/nm-device-iwd.h
+++ b/src/devices/wifi/nm-device-iwd.h
@@ -55,4 +55,6 @@ NMDevice *nm_device_iwd_new (const char *iface, 
NMDeviceWifiCapabilities capabil
 
 void nm_device_iwd_set_dbus_object (NMDeviceIwd *device, GDBusObject *object);
 
+const gchar *nm_device_iwd_agent_psk_query (NMDeviceIwd *device);
+
 #endif /* __NETWORKMANAGER_DEVICE_IWD_H__ */
diff --git a/src/devices/wifi/nm-iwd-manager.c 
b/src/devices/wifi/nm-iwd-manager.c
index 7561b17b3..a27ecd388 100644
--- a/src/devices/wifi/nm-iwd-manager.c
+++ b/src/devices/wifi/nm-iwd-manager.c
@@ -35,6 +35,8 @@ typedef struct {
GCancellable *cancellable;
gboolean running;
GDBusObjectManager *object_manager;
+   guint agent_id;
+   gchar *agent_path;
 } NMIwdManagerPrivate;
 
 struct _NMIWDManager {
@@ -73,6 +75,165 @@ G_DEFINE_TYPE (NMIwdManager, nm_iwd_manager, G_TYPE_OBJECT)
 /*/
 
 static void
+psk_agent_dbus_method_cb (GDBusConnection *connection,
+  const gchar *sender, const gchar *object_path,
+  const gchar *interface_name, const gchar 
*method_name,
+  GVariant *parameters,
+  GDBusMethodInvocation *invocation,
+  gpointer user_data)
+{
+   NMIwdManager *self = user_data;
+   NMIwdManagerPrivate *priv = NM_IWD_MANAGER_GET_PRIVATE (self);
+   GDBusObjectManagerClient *omc = G_DBUS_OBJECT_MANAGER_CLIENT 
(priv->object_manager);
+   const gchar *network_path, *device_path, *ifname;
+   gs_unref_object GDBusInterface *network = NULL, *device_obj = NULL;
+   gs_unref_variant GVariant *value = NULL;
+   gint ifindex;
+   NMManager *manager;
+   NMDevice *device;
+   const gchar *psk;
+
+   /* Be paranoid and check the sender address */
+   if (!nm_streq0 (g_dbus_object_manager_client_get_name_owner (omc), 
sender))
+   goto return_error;
+
+   g_variant_get (parameters, "()", _path);
+
+   network = g_dbus_object_manager_get_interface (priv->object_manager,
+  network_path,
+  IWD_NETWORK_INTERFACE);
+   value = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (network), 
"Device");
+   device_path = g_variant_get_string (value, NULL);
+
+   if (!device_path) {
+   _LOGE ("Device not cached for network %s in IWD Agent request",
+  network_path);
+   goto return_error;
+   }
+
+   device_obj = g_dbus_object_manager_get_interface (priv->object_manager,
+ device_path,
+ IWD_DEVICE_INTERFACE);
+   g_variant_unref (value);
+   value = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (device_obj), 
"Name");
+   ifname = g_variant_get_string (value, NULL);
+
+   if (!ifname) {
+   _LOGE ("Name not cached for device %s in IWD Agent request",
+  

[PATCH 3/4] devices/wifi: Add the wifi-backend config option

[Andrew Zaborowski]

Let the config file select between creating classes of NMDeviceWifi
(for the usual wpa_supplicant based devices) and NMDeviceIwd depending
on the new NetworkManager.conf setting.
---
 man/NetworkManager.conf.xml| 13 +
 src/devices/wifi/nm-wifi-factory.c | 23 ---
 src/nm-config.h|  1 +
 3 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml
index 94465a019..a7fa752e9 100644
--- a/man/NetworkManager.conf.xml
+++ b/man/NetworkManager.conf.xml
@@ -426,6 +426,19 @@ no-auto-default=*
   
 
   
+
+  
+wifi-backend
+
+  
+If present, specifies the WiFi backend to use. Allowed
+values are wpa_supplicant and, if
+enabled during compilation, iwd
+   (expermiental). wpa_supplicant is also
+the default backend.
+  
+
+  
 
   
 
diff --git a/src/devices/wifi/nm-wifi-factory.c 
b/src/devices/wifi/nm-wifi-factory.c
index a1752634b..6c6984eab 100644
--- a/src/devices/wifi/nm-wifi-factory.c
+++ b/src/devices/wifi/nm-wifi-factory.c
@@ -27,8 +27,10 @@
 #include "nm-setting-olpc-mesh.h"
 #include "nm-device-wifi.h"
 #include "nm-device-olpc-mesh.h"
+#include "nm-device-iwd.h"
 #include "settings/nm-settings-connection.h"
 #include "platform/nm-platform.h"
+#include "nm-config.h"
 
 /*/
 
@@ -75,6 +77,7 @@ create_device (NMDeviceFactory *factory,
 {
NMDeviceWifiCapabilities capabilities;
NM80211Mode mode;
+   const char *backend;
 
g_return_val_if_fail (iface != NULL, NULL);
g_return_val_if_fail (plink != NULL, NULL);
@@ -98,10 +101,24 @@ create_device (NMDeviceFactory *factory,
return NULL;
}
 
-   if (plink->type == NM_LINK_TYPE_WIFI)
-   return nm_device_wifi_new (iface, capabilities);
-   else
+   if (plink->type != NM_LINK_TYPE_WIFI)
return nm_device_olpc_mesh_new (iface);
+
+   backend = nm_config_data_get_value (NM_CONFIG_GET_DATA_ORIG,
+   NM_CONFIG_KEYFILE_GROUP_MAIN,
+   
NM_CONFIG_KEYFILE_KEY_MAIN_WIFI_BACKEND,
+   NM_CONFIG_GET_VALUE_STRIP);
+
+   nm_log_warn (LOGD_PLATFORM | LOGD_WIFI, "(%s) config: backend is %s, 
%i", iface, backend, WITH_IWD);
+   if (!backend || !strcasecmp (backend, "wpa_supplicant"))
+   return nm_device_wifi_new (iface, capabilities);
+#if WITH_IWD
+   else if (!strcasecmp (backend, "iwd"))
+   return nm_device_iwd_new (iface, capabilities);
+#endif
+
+   nm_log_warn (LOGD_PLATFORM | LOGD_WIFI, "(%s) config: unknown or 
unsupported wifi-backend %s", iface, backend);
+   return NULL;
 }
 
 /*/
diff --git a/src/nm-config.h b/src/nm-config.h
index 47e929884..d94a279ca 100644
--- a/src/nm-config.h
+++ b/src/nm-config.h
@@ -64,6 +64,7 @@
 #define NM_CONFIG_KEYFILE_KEY_MAIN_DEBUG"debug"
 #define NM_CONFIG_KEYFILE_KEY_MAIN_HOSTNAME_MODE"hostname-mode"
 #define NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER "slaves-order"
+#define NM_CONFIG_KEYFILE_KEY_MAIN_WIFI_BACKEND "wifi-backend"
 #define NM_CONFIG_KEYFILE_KEY_LOGGING_BACKEND   "backend"
 #define NM_CONFIG_KEYFILE_KEY_CONFIG_ENABLE "enable"
 #define NM_CONFIG_KEYFILE_KEY_ATOMIC_SECTION_WAS".was"
-- 
2.11.0

___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [RFC] IWD as wifi backend

[Andrew Zaborowski]

Hi Thomas,

On 30 November 2017 at 17:20, Thomas Haller  wrote:
> Maybe it's simpler to have just two indpendent types NMDeviceWifi (for
> supplicant) and NMDeviceIwd.
>
> They both can implement the D-Bus interface
> org.freedesktop.NetworkManager.Device.Wireless, there is no strong
> requirement that they share a common parent class.
>
> I was thinking that "nm-wifi-factory.c"'s create_device() would either
> call nm_device_wifi_new() or nm_device_iwd_new(), depending on some
> nm_config_data_get_value (nm_config_get_data_orig (NM_CONFIG_GET),
>   "main",
>   "wifi-backend")
>
> Common code should be shared, but it's not clear that you need a common
> parent GObject type for that.

Sounds good, but eventually I think a common parent class would work
well because the functions that manage the AP list can all be common,
also most of the activation stages (act_stage1_prepare etc.) as the
wpa_supplicant-specific part is small, most of it is querying the
secrets and validation.

>
>> > Say " (experimental)"?
>> > Since the plugin doesn't include any new public API, every
>> > misbehavior
>> > is just a bug that we can fix later. We don't commit to new API
>> > here.
>> > So, "experimental" is just cosmetic to set user expectations
>> > straight.
>>
>> Ok, do you prefer that this be enabled by default so that it gets
>> build-tested and the iwd backend be guarded by the
>> NetworkManager.conf
>> setting (also with "experimental" comment)?
>
> I would disable it by default (at least initially).

Ok.

Best regards
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: [RFC] IWD as wifi backend

[Andrew Zaborowski]

Hi Thomas,

Thanks for the motivating response,

(sorry for breaking the threading, I only now confirmed subscription
to the list)

On Wed, 29 Nov 2017 09:12:20 +0100 Thomas Haller wrote:
> Can you shortly comment on the plan (timetable) for first release of
> iwd and whether there is an effort to package it for distributions?
>
> I think Lubomir might be willing to maintain it for Fedora.

So we still want a few features that will imply DBus API changes, but
I heard Denis Kenzior say "I see no reason why we can’t start making
iwd releases" yesterday.  I added Marcel Holtmann to CC to see if he
has a rough timetable.

>> ---
>>  Makefile.am   |   13 +-
>>  configure.ac  |   20 +
>>  src/devices/wifi/nm-device-iwd.c  | 1924
>> +
>>  src/devices/wifi/nm-device-iwd.h  |   58 ++
>>  src/devices/wifi/nm-iwd-manager.c |  343 +++
>>  src/devices/wifi/nm-iwd-manager.h |   53 +
>>  6 files changed, 2409 insertions(+), 2 deletions(-)
>>  create mode 100644 src/devices/wifi/nm-device-iwd.c
>>  create mode 100644 src/devices/wifi/nm-device-iwd.h
>>  create mode 100644 src/devices/wifi/nm-iwd-manager.c
>>  create mode 100644 src/devices/wifi/nm-iwd-manager.h
>>
>> diff --git a/Makefile.am b/Makefile.am
>> index 7bce597e9..dbe5a4e14 100644
>> --- a/Makefile.am
>> +++ b/Makefile.am
>> @@ -2632,8 +2632,6 @@ core_plugins += src/devices/wifi/libnm-device-
>> plugin-wifi.la
>>
>>  src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
>>  src/devices/wifi/nm-wifi-factory.c \
>> - src/devices/wifi/nm-device-wifi.c \
>> - src/devices/wifi/nm-device-wifi.h \
>>  src/devices/wifi/nm-wifi-ap.c \
>>  src/devices/wifi/nm-wifi-ap.h \
>>  src/devices/wifi/nm-wifi-utils.c \
>> @@ -2641,6 +2639,17 @@
>> src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
>>  src/devices/wifi/nm-device-olpc-mesh.c \
>>  src/devices/wifi/nm-device-olpc-mesh.h
>>
>> +if WITH_IWD
>> +src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
>> + src/devices/wifi/nm-device-iwd.c \
>> + src/devices/wifi/nm-device-iwd.h \
>> + src/devices/wifi/nm-iwd-manager.c \
>> + src/devices/wifi/nm-iwd-manager.h
>> +else
>> + src/devices/wifi/nm-device-wifi.c \
>> + src/devices/wifi/nm-device-wifi.h \
>> +endif
>
> Can we make it that IWD or SUPPLICANT can be both enabled (optionally)
> at configure time, and select the right backend via a configuration
> like main.wifi=iwd|wpa-supplicant in NetworkManager.conf?

That will probably require moving the wpa_supplicant support to a new
subclass of NMDeviceWifi so let me try to do that first.  I'll then
split the patch into pieces and send a new version.

> Also for
> developing and built-time-checks it's useful to build every part of the
> source, otherwise when refactoring you frequently might break the
> build, because you are unaware that you need to change something in the
> disabled Wi-Fi backend.

Yes, good point.

>
> I think it's right that there still is only one libnm-device-plugin-
> wifi.so, but it should (optionally) be able to handle both.
>
> Also, for a binary distribution that packages both wpa-supplicant and
> iwd, it would be bad if it would need ot build two (conflicting)
> versions of NetworkManager (of two versions of the Wi-Fi device
> plugins).
>
> Actually, the rest blow looks good enough for me for inital inclusion.
> I think it's better to merge it early and improve incrementally,
> instead of going back and forth with revisions. For me, there is clear
> that we eventually want to support it, so merge early seems a faster
> approach to me.

Great!

>
>> +
>>  src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
>>  -I$(srcdir)/src \
>>  -I$(builddir)/src \
>> diff --git a/configure.ac b/configure.ac
>> index 79791ab76..a6af48366 100644
>> --- a/configure.ac
>> +++ b/configure.ac
>> @@ -264,6 +264,26 @@ else
>>  fi
>>
>>  dnl
>> +dnl Default to using wpa_supplicant but allow IWD as wifi backend
>> +dnl
>> +AC_ARG_WITH(iwd,
>> +AS_HELP_STRING([--with-iwd=yes],
>> +   [Use IWD instead of wpa_supplicant as
>> wifi backend]),
>
> Say " (experimental)"?
> Since the plugin doesn't include any new public API, every misbehavior
> is just a bug that we can fix later. We don't commit to new API here.
> So, "experimental" is just cosmetic to set user expectations straight.

Ok, do you prefer that this be enabled by default so that it gets
build-tested and the iwd backend be guarded by the NetworkManager.conf
setting (also with "experimental" comment)?

Many thanks
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list

[RFC] IWD as wifi backend

[Andrew Zaborowski]

Hi,

I'd like to gather comments on integrating NetworkManager with IWD for
Wifi support.  IWD is a light-weight daemon that manages Wifi devices
and provides a DBus interface:
https://git.kernel.org/pub/scm/network/wireless/iwd.git/
It covers some wpa_supplicant functionality and some Network Manager
functionality (and adds some).  In the patch at the bottom I made a quick
attempt at using IWD to replace NetworkManager's supplicant part and the
platform code in src/platform/wifi/ so that NetworkManager doesn't need
to know about nl80211 for example.

In the patch nm-device-iwd.c duplicates some code in nm-device-wifi.c so
optimally I guess the shared code should in a generic NMDeviceWifi class
and the two backends should be subclasses.  BTW the patch doesn't
support PSK or EAP networks or AP mode, only basic unsecured networks
for now.  The IWD interface doesn't provide actual BSSIDs and other
details that wpa_supplicant does, but it provides what nm-applet cares
about (for that matter it doesn't provide individial BSS / AP
information but compiles that into networks but that's again what the UI
cares about.)

The trickier part is leveraging IWD functionality that is already in
NetworkManager core, specifically Access Point ranking/selection, storage
of network settings (secrets and whether a network is known/unknown) and
autoconnect.  Those parts are not provided by wpa_supplicant so there is
dissymmetry between the two potential backends.  Our goal is to allow
IWD to be used with NetworkManager and its desktop GUIs together with
network devices other than wifi, but we'd also like to be testing the
IWD functionality already provided by NM.  Our opinion is, for example,
that when Wifi is the preferred access technology on the machine (i.e.
ethernet is not plugged in), IWD can easily be given the task of
auto-selecting the wifi network as it can make more informed decisions.
This would require that IWD's known networks list be synchronised with
NM's known networks list or NM to pull the information from IWD instead
of storing it in /etc.  To add more complication, our DBus interface
does not handle EAP configuration because EAP networks are configured
through admin-provisioned files, which is the normal scenario today, but
since NM and nm-applet still have complete GUIs for EAP authentication
methods, those differences between IWD with wpa_supplicant would bleed
into the NM's DBus interface and the clients, and would upset potential
users who do configure their own EAP secrets.

Note that IWD is still rather new and we're open to changes needed on
the IWD side.  What are your opinions on the extent that IWD can be used
by NetworkManager?  What are your opinions on integrating just a basic
version where IWD can be selected instead of wpa_supplicant?  PSK and AP
modes can be supported easily and for EAP/8021x the backend can at least
support networks that it has checked (by SSID match only) that are also
provisioned with an IWD config file.

Best regards
---
 Makefile.am   |   13 +-
 configure.ac  |   20 +
 src/devices/wifi/nm-device-iwd.c  | 1924 +
 src/devices/wifi/nm-device-iwd.h  |   58 ++
 src/devices/wifi/nm-iwd-manager.c |  343 +++
 src/devices/wifi/nm-iwd-manager.h |   53 +
 6 files changed, 2409 insertions(+), 2 deletions(-)
 create mode 100644 src/devices/wifi/nm-device-iwd.c
 create mode 100644 src/devices/wifi/nm-device-iwd.h
 create mode 100644 src/devices/wifi/nm-iwd-manager.c
 create mode 100644 src/devices/wifi/nm-iwd-manager.h

diff --git a/Makefile.am b/Makefile.am
index 7bce597e9..dbe5a4e14 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2632,8 +2632,6 @@ core_plugins += 
src/devices/wifi/libnm-device-plugin-wifi.la
 
 src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
src/devices/wifi/nm-wifi-factory.c \
-   src/devices/wifi/nm-device-wifi.c \
-   src/devices/wifi/nm-device-wifi.h \
src/devices/wifi/nm-wifi-ap.c \
src/devices/wifi/nm-wifi-ap.h \
src/devices/wifi/nm-wifi-utils.c \
@@ -2641,6 +2639,17 @@ src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES = \
src/devices/wifi/nm-device-olpc-mesh.c \
src/devices/wifi/nm-device-olpc-mesh.h
 
+if WITH_IWD
+src_devices_wifi_libnm_device_plugin_wifi_la_SOURCES += \
+   src/devices/wifi/nm-device-iwd.c \
+   src/devices/wifi/nm-device-iwd.h \
+   src/devices/wifi/nm-iwd-manager.c \
+   src/devices/wifi/nm-iwd-manager.h
+else
+   src/devices/wifi/nm-device-wifi.c \
+   src/devices/wifi/nm-device-wifi.h \
+endif
+
 src_devices_wifi_libnm_device_plugin_wifi_la_CPPFLAGS = \
-I$(srcdir)/src \
-I$(builddir)/src \
diff --git a/configure.ac b/configure.ac
index 79791ab76..a6af48366 100644
--- a/configure.ac
+++ b/configure.ac
@@ -264,6 +264,26 @@ else
 fi
 
 dnl
+dnl Default to using wpa_supplicant but allow IWD as wifi backend
+dnl
+AC_ARG_WITH(iwd,
+