On Sat, Dec 23, 2017 at 07:26:03AM +0900, Masashi Honma wrote:
> The FILS(Fast Initial Link Setup) is a specification defined by IEEE 802.11ai
> to
> speed up roaming. This patch adds support of it. I have tested with both
> FILS-SHA256 and FILS-SHA384 by PEAP.
>
> Signed-off-by: Masashi Honma
> ---
> libnm-core/nm-setting-wireless-security.c | 9 ++---
> libnm-core/nm-setting-wireless.c| 5 +++--
> src/devices/wifi/nm-wifi-ap.c | 6 --
> src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 2 +-
> src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 3 +++
> src/supplicant/nm-supplicant-config.c | 13 +
> src/supplicant/nm-supplicant-settings-verify.c | 1 +
> 7 files changed, 27 insertions(+), 12 deletions(-)
>
> diff --git a/libnm-core/nm-setting-wireless-security.c
> b/libnm-core/nm-setting-wireless-security.c
> index de77a49..eea0581 100644
> --- a/libnm-core/nm-setting-wireless-security.c
> +++ b/libnm-core/nm-setting-wireless-security.c
> @@ -868,7 +868,8 @@ need_secrets (NMSetting *setting)
> }
>
> if ( (strcmp (priv->key_mgmt, "ieee8021x") == 0)
> - || (strcmp (priv->key_mgmt, "wpa-eap") == 0)) {
> + || (strcmp (priv->key_mgmt, "wpa-eap") == 0)
> + || (strcmp (priv->key_mgmt, "wpa-fils") == 0)) {
> /* Let caller check the 802.1x setting for secrets */
> goto no_secrets;
> }
> @@ -887,7 +888,8 @@ verify (NMSetting *setting, NMConnection *connection,
> GError **error)
> {
> NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY
> (setting);
> NMSettingWirelessSecurityPrivate *priv =
> NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self);
> - const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none",
> "wpa-psk", "wpa-eap", NULL };
> + const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none",
> + "wpa-psk", "wpa-eap", "wpa-fils", NULL };
Hi,
please also update the documentation comment of the key-mgmt property
at the end of the file.
I have found little information about FILS, but I guess a valid use
case would be to optionally enable it by passing "key_mgmt=FILS-SHA256
FILS-SHA384 WPA-EAP" to wpa_supplicant, so that the supplicant will
fall back to WPA-EAP if the AP doesn't support FILS. Do you think this
configuration is useful at all? If so, we shouldn't have a new
key-mgmt value 'wpa-fils' but perhaps we should add a new
wifi-sec.fils boolean (or tristate) property.
Beniamino
signature.asc
Description: PGP signature
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list