diff --git a/SOURCES/0001-network-Populate-AP-list-from-idle-handler.patch b/SOURCES/0001-network-Populate-AP-list-from-idle-handler.patch new file mode 100644 index 0000000..c2b8ce9 --- /dev/null +++ b/SOURCES/0001-network-Populate-AP-list-from-idle-handler.patch @@ -0,0 +1,73 @@ +From 1a7953a72419342437c7c6ca90cccc31f2658757 Mon Sep 17 00:00:00 2001 +From: Benjamin Berg +Date: Wed, 28 Jul 2021 22:16:21 +0200 +Subject: [PATCH 1/5] network: Populate AP list from idle handler + +Doing this should prevent the UI from becoming completely unusable as +updates of the AP list should be batched up rather than processed +sequentially. +--- + panels/network/net-device-wifi.c | 19 +++++++++++++++++-- + 1 file changed, 17 insertions(+), 2 deletions(-) + +diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c +index 313e9ab8c..1f0e4832e 100644 +--- a/panels/network/net-device-wifi.c ++++ b/panels/network/net-device-wifi.c +@@ -64,6 +64,7 @@ struct _NetDeviceWifiPrivate + gchar *selected_connection_id; + gchar *selected_ap_id; + guint scan_id; ++ guint populate_ap_list_idle_id; + GCancellable *cancellable; + }; + +@@ -1619,6 +1620,7 @@ net_device_wifi_finalize (GObject *object) + g_clear_object (&priv->cancellable); + } + disable_scan_timeout (device_wifi); ++ g_clear_handle_id (&priv->populate_ap_list_idle_id, g_source_remove); + + g_clear_pointer (&priv->details_dialog, gtk_widget_destroy); + g_object_unref (priv->builder); +@@ -2145,8 +2147,8 @@ open_history (NetDeviceWifi *device_wifi) + gtk_window_present (GTK_WINDOW (dialog)); + } + +-static void +-populate_ap_list (NetDeviceWifi *device_wifi) ++static gboolean ++populate_ap_list_idle (NetDeviceWifi *device_wifi) + { + GtkWidget *list; + GtkSizeGroup *rows; +@@ -2162,6 +2164,8 @@ populate_ap_list (NetDeviceWifi *device_wifi) + GtkWidget *button; + GList *children, *child; + ++ device_wifi->priv->populate_ap_list_idle_id = 0; ++ + list = GTK_WIDGET (gtk_builder_get_object (device_wifi->priv->builder, "listbox")); + + children = gtk_container_get_children (GTK_CONTAINER (list)); +@@ -2217,6 +2221,17 @@ populate_ap_list (NetDeviceWifi *device_wifi) + + g_slist_free (connections); + g_ptr_array_free (aps_unique, TRUE); ++ ++ return G_SOURCE_REMOVE; ++} ++ ++static void ++populate_ap_list (NetDeviceWifi *device_wifi) ++{ ++ if (device_wifi->priv->populate_ap_list_idle_id != 0) ++ return; ++ ++ device_wifi->priv->populate_ap_list_idle_id = g_idle_add (populate_ap_list_idle, device_wifi); + } + + static void +-- +2.31.1 + diff --git a/SOURCES/0002-ce-page-security-add-SAE-support.patch b/SOURCES/0002-ce-page-security-add-SAE-support.patch new file mode 100644 index 0000000..95b92de --- /dev/null +++ b/SOURCES/0002-ce-page-security-add-SAE-support.patch @@ -0,0 +1,61 @@ +From 8fe7fd50d06066952e21c92f37eaa4359af6d8bf Mon Sep 17 00:00:00 2001 +From: David Bauer +Date: Fri, 20 Dec 2019 19:54:01 +0100 +Subject: [PATCH 2/5] ce-page-security: add SAE support + +(cherry picked from commit 2e79c531942cf88051498c962116c010835ab7e1) +--- + .../connection-editor/ce-page-security.c | 23 +++++++++++++++++++ + 1 file changed, 23 insertions(+) + +diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c +index d06e3aeb1..5104d7442 100644 +--- a/panels/network/connection-editor/ce-page-security.c ++++ b/panels/network/connection-editor/ce-page-security.c +@@ -68,6 +68,11 @@ get_default_type_for_security (NMSettingWirelessSecurity *sec) + return NMU_SEC_LEAP; + return NMU_SEC_DYNAMIC_WEP; + } ++#if NM_CHECK_VERSION(1,20,6) ++ if (!strcmp (key_mgmt, "sae")) { ++ return NMU_SEC_SAE; ++ } ++#endif + + if ( !strcmp (key_mgmt, "wpa-none") + || !strcmp (key_mgmt, "wpa-psk")) { +@@ -336,6 +341,21 @@ finish_setup (CEPageSecurity *page) + } + } + ++#if NM_CHECK_VERSION(1,20,6) ++ if (nm_utils_security_valid (NMU_SEC_SAE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { ++ WirelessSecurityWPAPSK *ws_wpa_psk; ++ ++ ws_wpa_psk = ws_wpa_psk_new (connection, FALSE); ++ if (ws_wpa_psk) { ++ add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model, ++ &iter, _("WPA3 Personal"), FALSE); ++ if ((active < 0) && ((default_type == NMU_SEC_SAE))) ++ active = item; ++ item++; ++ } ++ } ++#endif ++ + gtk_combo_box_set_model (combo, GTK_TREE_MODEL (sec_model)); + gtk_cell_layout_clear (GTK_CELL_LAYOUT (combo)); + +@@ -451,6 +471,9 @@ ce_page_security_new (NMConnection *connection, + if (default_type == NMU_SEC_STATIC_WEP || + default_type == NMU_SEC_LEAP || + default_type == NMU_SEC_WPA_PSK || ++#if NM_CHECK_VERSION(1,20,6) ++ default_type == NMU_SEC_SAE || ++#endif + default_type == NMU_SEC_WPA2_PSK) { + CE_PAGE (page)->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME; + } +-- +2.31.1 + diff --git a/SOURCES/0003-ce-page-details-add-SAE-support.patch b/SOURCES/0003-ce-page-details-add-SAE-support.patch new file mode 100644 index 0000000..a70f9b7 --- /dev/null +++ b/SOURCES/0003-ce-page-details-add-SAE-support.patch @@ -0,0 +1,37 @@ +From f94d461b61e4c95b71234d24d86d13a35c9bf485 Mon Sep 17 00:00:00 2001 +From: David Bauer +Date: Sat, 21 Dec 2019 17:39:02 +0100 +Subject: [PATCH 3/5] ce-page-details: add SAE support + +(cherry picked from commit 97f6c8f53c15c7ccb9dd7a65ce1ac02ebc18a724) +--- + panels/network/connection-editor/ce-page-details.c | 13 +++++++++++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/panels/network/connection-editor/ce-page-details.c b/panels/network/connection-editor/ce-page-details.c +index c972c0e5b..f0c594dd4 100644 +--- a/panels/network/connection-editor/ce-page-details.c ++++ b/panels/network/connection-editor/ce-page-details.c +@@ -60,8 +60,17 @@ get_ap_security_string (NMAccessPoint *ap) + g_string_append_printf (str, "%s, ", _("WPA")); + } + if (rsn_flags != NM_802_11_AP_SEC_NONE) { +- /* TRANSLATORS: this WPA WiFi security */ +- g_string_append_printf (str, "%s, ", _("WPA2")); ++#if NM_CHECK_VERSION(1,20,6) ++ if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) { ++ /* TRANSLATORS: this WPA3 WiFi security */ ++ g_string_append_printf (str, "%s, ", _("WPA3")); ++ } ++ else ++#endif ++ { ++ /* TRANSLATORS: this WPA WiFi security */ ++ g_string_append_printf (str, "%s, ", _("WPA2")); ++ } + } + if ((wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X) || + (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) { +-- +2.31.1 + diff --git a/SOURCES/0004-net-device-wifi-Decode-SAE-AP-security.patch b/SOURCES/0004-net-device-wifi-Decode-SAE-AP-security.patch new file mode 100644 index 0000000..651ebfc --- /dev/null +++ b/SOURCES/0004-net-device-wifi-Decode-SAE-AP-security.patch @@ -0,0 +1,42 @@ +From 2fe515d0ac3ba9f7ebe0de180a949de8a7cc0d2b Mon Sep 17 00:00:00 2001 +From: Benjamin Berg +Date: Tue, 2 Feb 2021 17:27:05 +0100 +Subject: [PATCH 4/5] net-device-wifi: Decode SAE AP security + +Decode this information for the wireless row. Note that we don't really +need this, as it would incorrectly select WPA2 which results in the same +icon. + +Based on upstream commit da0c45f2ab2b7b78695cfff9d6b7a2b045340ac7 +--- + panels/network/net-device-wifi.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c +index 1f0e4832e..af0e89733 100644 +--- a/panels/network/net-device-wifi.c ++++ b/panels/network/net-device-wifi.c +@@ -46,7 +46,8 @@ typedef enum { + NM_AP_SEC_NONE, + NM_AP_SEC_WEP, + NM_AP_SEC_WPA, +- NM_AP_SEC_WPA2 ++ NM_AP_SEC_WPA2, ++ NM_AP_SEC_SAE + } NMAccessPointSecurity; + + static void nm_device_wifi_refresh_ui (NetDeviceWifi *device_wifi); +@@ -146,6 +147,10 @@ get_access_point_security (NMAccessPoint *ap) + wpa_flags != NM_802_11_AP_SEC_NONE && + rsn_flags != NM_802_11_AP_SEC_NONE) + type = NM_AP_SEC_WPA; ++#if NM_CHECK_VERSION(1,20,6) ++ else if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) ++ type = NM_AP_SEC_SAE; ++#endif + else + type = NM_AP_SEC_WPA2; + +-- +2.31.1 + diff --git a/SOURCES/0005-network-complete-SAE-support.patch b/SOURCES/0005-network-complete-SAE-support.patch new file mode 100644 index 0000000..8976fa1 --- /dev/null +++ b/SOURCES/0005-network-complete-SAE-support.patch @@ -0,0 +1,479 @@ +From 52420680c5fda5e672aab614bfa7b8d5e2ab85c8 Mon Sep 17 00:00:00 2001 +From: Jonathan Kang +Date: Wed, 9 Sep 2020 14:58:06 +0800 +Subject: [PATCH 5/5] network: complete SAE support + +Added WirelessSecuritySAE class to fully implement SAE support. + +Heavily modifid and based on the 3.28.2 version of the WPA PSK widget. + +(cherry picked from commit 918838f567740172591ff1f2c32d8227c348be72) +--- + .../connection-editor/ce-page-security.c | 8 +- + panels/network/wireless-security/meson.build | 3 + + .../wireless-security.gresource.xml | 1 + + .../wireless-security/wireless-security.h | 1 + + panels/network/wireless-security/ws-sae.c | 216 ++++++++++++++++++ + panels/network/wireless-security/ws-sae.h | 30 +++ + panels/network/wireless-security/ws-sae.ui | 117 ++++++++++ + 7 files changed, 372 insertions(+), 4 deletions(-) + create mode 100644 panels/network/wireless-security/ws-sae.c + create mode 100644 panels/network/wireless-security/ws-sae.h + create mode 100644 panels/network/wireless-security/ws-sae.ui + +diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c +index 5104d7442..37b1e1286 100644 +--- a/panels/network/connection-editor/ce-page-security.c ++++ b/panels/network/connection-editor/ce-page-security.c +@@ -343,11 +343,11 @@ finish_setup (CEPageSecurity *page) + + #if NM_CHECK_VERSION(1,20,6) + if (nm_utils_security_valid (NMU_SEC_SAE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { +- WirelessSecurityWPAPSK *ws_wpa_psk; ++ WirelessSecuritySAE *ws_sae; + +- ws_wpa_psk = ws_wpa_psk_new (connection, FALSE); +- if (ws_wpa_psk) { +- add_security_item (page, WIRELESS_SECURITY (ws_wpa_psk), sec_model, ++ ws_sae = ws_sae_new (connection, FALSE); ++ if (ws_sae) { ++ add_security_item (page, WIRELESS_SECURITY (ws_sae), sec_model, + &iter, _("WPA3 Personal"), FALSE); + if ((active < 0) && ((default_type == NMU_SEC_SAE))) + active = item; +diff --git a/panels/network/wireless-security/meson.build b/panels/network/wireless-security/meson.build +index 47def7a63..6036f56af 100644 +--- a/panels/network/wireless-security/meson.build ++++ b/panels/network/wireless-security/meson.build +@@ -14,6 +14,7 @@ nm_applet_headers = [ + 'wireless-security.h', + 'ws-leap.h', + 'ws-dynamic-wep.h', ++ 'ws-sae.h', + 'ws-wep-key.h', + 'ws-wpa-eap.h', + 'ws-wpa-psk.h' +@@ -31,6 +32,7 @@ nm_applet_sources = [ + 'wireless-security.c', + 'ws-leap.c', + 'ws-dynamic-wep.c', ++ 'ws-sae.c', + 'ws-wep-key.c', + 'ws-wpa-eap.c', + 'ws-wpa-psk.c' +@@ -47,6 +49,7 @@ nm_resource_data = [ + 'eap-method-ttls.ui', + 'ws-dynamic-wep.ui', + 'ws-leap.ui', ++ 'ws-sae.ui', + 'ws-wep-key.ui', + 'ws-wpa-eap.ui', + 'ws-wpa-psk.ui' +diff --git a/panels/network/wireless-security/wireless-security.gresource.xml b/panels/network/wireless-security/wireless-security.gresource.xml +index a483d06a0..fa1a965ad 100644 +--- a/panels/network/wireless-security/wireless-security.gresource.xml ++++ b/panels/network/wireless-security/wireless-security.gresource.xml +@@ -9,6 +9,7 @@ + eap-method-ttls.ui + ws-dynamic-wep.ui + ws-leap.ui ++ ws-sae.ui + ws-wep-key.ui + ws-wpa-eap.ui + ws-wpa-psk.ui +diff --git a/panels/network/wireless-security/wireless-security.h b/panels/network/wireless-security/wireless-security.h +index 975e750f6..c5508ad1b 100644 +--- a/panels/network/wireless-security/wireless-security.h ++++ b/panels/network/wireless-security/wireless-security.h +@@ -102,6 +102,7 @@ GType wireless_security_get_type (void); + #include "ws-wep-key.h" + #include "ws-wpa-psk.h" + #include "ws-leap.h" ++#include "ws-sae.h" + #include "ws-wpa-eap.h" + #include "ws-dynamic-wep.h" + +diff --git a/panels/network/wireless-security/ws-sae.c b/panels/network/wireless-security/ws-sae.c +new file mode 100644 +index 000000000..3138cd723 +--- /dev/null ++++ b/panels/network/wireless-security/ws-sae.c +@@ -0,0 +1,216 @@ ++/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ ++/* NetworkManager Applet -- allow user control over networking ++ * ++ * Dan Williams ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Copyright 2007 - 2014 Red Hat, Inc. ++ */ ++ ++#include "nm-default.h" ++ ++#include ++#include ++ ++#include "wireless-security.h" ++#include "helpers.h" ++#include "nma-ui-utils.h" ++#include "utils.h" ++ ++#define WPA_PMK_LEN 32 ++ ++struct _WirelessSecuritySAE { ++ WirelessSecurity parent; ++ ++ gboolean editing_connection; ++ const char *password_flags_name; ++}; ++ ++static void ++show_toggled_cb (GtkCheckButton *button, WirelessSecurity *sec) ++{ ++ GtkWidget *widget; ++ gboolean visible; ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (sec->builder, "sae_entry")); ++ g_assert (widget); ++ ++ visible = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (button)); ++ gtk_entry_set_visibility (GTK_ENTRY (widget), visible); ++} ++ ++static gboolean ++validate (WirelessSecurity *parent, GError **error) ++{ ++ GtkWidget *entry; ++ const char *key; ++ gsize len; ++ int i; ++ ++ entry = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_entry")); ++ g_assert (entry); ++ ++ key = gtk_entry_get_text (GTK_ENTRY (entry)); ++ if (key == NULL || key[0] == '\0') { ++ widget_set_error (entry); ++ g_set_error_literal (error, NMA_ERROR, NMA_ERROR_GENERIC, _("Wi-Fi password is missing.")); ++ return FALSE; ++ } ++ widget_unset_error (entry); ++ ++ /* passphrase can be between 8 and 63 characters inclusive */ ++ ++ return TRUE; ++} ++ ++static void ++add_to_size_group (WirelessSecurity *parent, GtkSizeGroup *group) ++{ ++ GtkWidget *widget; ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_label")); ++ gtk_size_group_add_widget (group, widget); ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_label")); ++ gtk_size_group_add_widget (group, widget); ++} ++ ++static void ++fill_connection (WirelessSecurity *parent, NMConnection *connection) ++{ ++ WirelessSecuritySAE *sae = (WirelessSecuritySAE *) parent; ++ GtkWidget *widget, *passwd_entry; ++ const char *key; ++ NMSettingWireless *s_wireless; ++ NMSettingWirelessSecurity *s_wireless_sec; ++ NMSettingSecretFlags secret_flags; ++ const char *mode; ++ gboolean is_adhoc = FALSE; ++ ++ s_wireless = nm_connection_get_setting_wireless (connection); ++ g_assert (s_wireless); ++ ++ mode = nm_setting_wireless_get_mode (s_wireless); ++ if (mode && !strcmp (mode, "adhoc")) ++ is_adhoc = TRUE; ++ ++ /* Blow away the old security setting by adding a clear one */ ++ s_wireless_sec = (NMSettingWirelessSecurity *) nm_setting_wireless_security_new (); ++ nm_connection_add_setting (connection, (NMSetting *) s_wireless_sec); ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_entry")); ++ passwd_entry = widget; ++ key = gtk_entry_get_text (GTK_ENTRY (widget)); ++ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_PSK, key, NULL); ++ ++ /* Save PSK_FLAGS to the connection */ ++ secret_flags = nma_utils_menu_to_secret_flags (passwd_entry); ++ nm_setting_set_secret_flags (NM_SETTING (s_wireless_sec), NM_SETTING_WIRELESS_SECURITY_PSK, ++ secret_flags, NULL); ++ ++ /* Update secret flags and popup when editing the connection */ ++ if (sae->editing_connection) ++ nma_utils_update_password_storage (passwd_entry, secret_flags, ++ NM_SETTING (s_wireless_sec), sae->password_flags_name); ++ ++ wireless_security_clear_ciphers (connection); ++ if (is_adhoc) { ++ /* Ad-Hoc settings as specified by the supplicant */ ++ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "sae", NULL); ++ nm_setting_wireless_security_add_proto (s_wireless_sec, "rsn"); ++ nm_setting_wireless_security_add_pairwise (s_wireless_sec, "ccmp"); ++ nm_setting_wireless_security_add_group (s_wireless_sec, "ccmp"); ++ } else { ++ g_object_set (s_wireless_sec, NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "sae", NULL); ++ ++ /* Just leave ciphers and protocol empty, the supplicant will ++ * figure that out magically based on the AP IEs and card capabilities. ++ */ ++ } ++} ++ ++static void ++update_secrets (WirelessSecurity *parent, NMConnection *connection) ++{ ++ helper_fill_secret_entry (connection, ++ parent->builder, ++ "sae_entry", ++ NM_TYPE_SETTING_WIRELESS_SECURITY, ++ (HelperSecretFunc) nm_setting_wireless_security_get_psk); ++} ++ ++WirelessSecuritySAE * ++ws_sae_new (NMConnection *connection, gboolean secrets_only) ++{ ++ WirelessSecurity *parent; ++ WirelessSecuritySAE *sec; ++ NMSetting *setting = NULL; ++ GtkWidget *widget; ++ ++ parent = wireless_security_init (sizeof (WirelessSecuritySAE), ++ validate, ++ add_to_size_group, ++ fill_connection, ++ update_secrets, ++ NULL, ++ "/org/gnome/ControlCenter/network/ws-sae.ui", ++ "sae_notebook", ++ "sae_entry"); ++ if (!parent) ++ return NULL; ++ ++ parent->adhoc_compatible = FALSE; ++ sec = (WirelessSecuritySAE *) parent; ++ sec->editing_connection = secrets_only ? FALSE : TRUE; ++ sec->password_flags_name = NM_SETTING_WIRELESS_SECURITY_PSK; ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_entry")); ++ g_assert (widget); ++ g_signal_connect (G_OBJECT (widget), "changed", ++ (GCallback) wireless_security_changed_cb, ++ sec); ++ gtk_entry_set_width_chars (GTK_ENTRY (widget), 28); ++ ++ /* Create password-storage popup menu for password entry under entry's secondary icon */ ++ if (connection) ++ setting = (NMSetting *) nm_connection_get_setting_wireless_security (connection); ++ nma_utils_setup_password_storage (widget, 0, setting, sec->password_flags_name, ++ FALSE, secrets_only); ++ ++ /* Fill secrets, if any */ ++ if (connection) ++ update_secrets (WIRELESS_SECURITY (sec), connection); ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "show_checkbutton_wpa")); ++ g_assert (widget); ++ g_signal_connect (G_OBJECT (widget), "toggled", ++ (GCallback) show_toggled_cb, ++ sec); ++ ++ /* Hide WPA/RSN for now since this can be autodetected by NM and the ++ * supplicant when connecting to the AP. ++ */ ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_combo")); ++ g_assert (widget); ++ gtk_widget_hide (widget); ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (parent->builder, "sae_type_label")); ++ g_assert (widget); ++ gtk_widget_hide (widget); ++ ++ return sec; ++} +diff --git a/panels/network/wireless-security/ws-sae.h b/panels/network/wireless-security/ws-sae.h +new file mode 100644 +index 000000000..9a1262cd0 +--- /dev/null ++++ b/panels/network/wireless-security/ws-sae.h +@@ -0,0 +1,30 @@ ++/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */ ++/* NetworkManager Applet -- allow user control over networking ++ * ++ * Dan Williams ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Copyright 2007 - 2014 Red Hat, Inc. ++ */ ++ ++#ifndef WS_SAE_H ++#define WS_SAE_H ++ ++typedef struct _WirelessSecuritySAE WirelessSecuritySAE; ++ ++WirelessSecuritySAE * ws_sae_new (NMConnection *connection, gboolean secrets_only); ++ ++#endif /* WS_SAE_H */ +diff --git a/panels/network/wireless-security/ws-sae.ui b/panels/network/wireless-security/ws-sae.ui +new file mode 100644 +index 000000000..d523f16c8 +--- /dev/null ++++ b/panels/network/wireless-security/ws-sae.ui +@@ -0,0 +1,117 @@ ++ ++ ++ ++ ++ True ++ False ++ False ++ False ++ ++ ++ True ++ False ++ 3 ++ 2 ++ 6 ++ 6 ++ ++ ++ True ++ False ++ 1 ++ _Password ++ True ++ sae_entry ++ ++ ++ GTK_FILL ++ ++ ++ ++ ++ ++ True ++ True ++ 64 ++ False ++ True ++ ++ ++ 1 ++ 2 ++ ++ ++ ++ ++ ++ True ++ False ++ 1 ++ _Type ++ True ++ sae_type_combo ++ ++ ++ 2 ++ 3 ++ GTK_FILL ++ ++ ++ ++ ++ ++ True ++ False ++ 0 ++ ++ ++ 1 ++ 2 ++ GTK_FILL ++ ++ ++ ++ ++ ++ Sho_w password ++ True ++ True ++ False ++ True ++ True ++ ++ ++ 1 ++ 2 ++ 1 ++ 2 ++ GTK_FILL ++ ++ ++ ++ ++ ++ True ++ False ++ ++ ++ 1 ++ 2 ++ 2 ++ 3 ++ GTK_FILL ++ ++ ++ ++ ++ ++ ++ True ++ False ++ ++ ++ False ++ ++ ++ ++ +-- +2.31.1 + diff --git a/SOURCES/0006-Add-support-for-Enhanced-Open-WiFi-security.patch b/SOURCES/0006-Add-support-for-Enhanced-Open-WiFi-security.patch new file mode 100644 index 0000000..76037aa --- /dev/null +++ b/SOURCES/0006-Add-support-for-Enhanced-Open-WiFi-security.patch @@ -0,0 +1,114 @@ +From c95964913893c6dca47e2987eb75730229ae1658 Mon Sep 17 00:00:00 2001 +From: David Bauer +Date: Fri, 17 Jul 2020 03:41:44 +0000 +Subject: [PATCH] Add support for Enhanced Open WiFi security + +(cherry picked from commit 1d0b664f7c5e38e9d8933956c1cc4661244edb7d) +--- + .../connection-editor/ce-page-details.c | 6 +++++ + .../connection-editor/ce-page-security.c | 22 +++++++++++++++++++ + panels/network/net-device-wifi.c | 10 +++++++-- + 3 files changed, 36 insertions(+), 2 deletions(-) + +diff --git a/panels/network/connection-editor/ce-page-details.c b/panels/network/connection-editor/ce-page-details.c +index f0c594dd4..8bdb932a4 100644 +--- a/panels/network/connection-editor/ce-page-details.c ++++ b/panels/network/connection-editor/ce-page-details.c +@@ -65,6 +65,12 @@ get_ap_security_string (NMAccessPoint *ap) + /* TRANSLATORS: this WPA3 WiFi security */ + g_string_append_printf (str, "%s, ", _("WPA3")); + } ++#if NM_CHECK_VERSION(1,24,0) ++ else if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_OWE) { ++ /* TRANSLATORS: this Enhanced Open WiFi security */ ++ g_string_append_printf (str, "%s, ", _("Enhanced Open")); ++ } ++#endif + else + #endif + { +diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c +index 37b1e1286..52efb9da1 100644 +--- a/panels/network/connection-editor/ce-page-security.c ++++ b/panels/network/connection-editor/ce-page-security.c +@@ -68,6 +68,13 @@ get_default_type_for_security (NMSettingWirelessSecurity *sec) + return NMU_SEC_LEAP; + return NMU_SEC_DYNAMIC_WEP; + } ++ ++#if NM_CHECK_VERSION(1,24,0) ++ if (!strcmp (key_mgmt, "owe")) { ++ return NMU_SEC_OWE; ++ } ++#endif ++ + #if NM_CHECK_VERSION(1,20,6) + if (!strcmp (key_mgmt, "sae")) { + return NMU_SEC_SAE; +@@ -255,6 +262,18 @@ finish_setup (CEPageSecurity *page) + item++; + } + ++#if NM_CHECK_VERSION(1,24,0) ++ if (nm_utils_security_valid (NMU_SEC_OWE, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { ++ gtk_list_store_insert_with_values (sec_model, &iter, -1, ++ S_NAME_COLUMN, _("Enhanced Open"), ++ S_ADHOC_VALID_COLUMN, FALSE, ++ -1); ++ if (active < 0 && default_type == NMU_SEC_OWE) ++ active = item; ++ item++; ++ } ++#endif ++ + if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) { + WirelessSecurityWEPKey *ws_wep; + NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY; +@@ -473,6 +492,9 @@ ce_page_security_new (NMConnection *connection, + default_type == NMU_SEC_WPA_PSK || + #if NM_CHECK_VERSION(1,20,6) + default_type == NMU_SEC_SAE || ++#endif ++#if NM_CHECK_VERSION(1,24,0) ++ default_type == NMU_SEC_OWE || + #endif + default_type == NMU_SEC_WPA2_PSK) { + CE_PAGE (page)->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME; +diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c +index af0e89733..86291c08d 100644 +--- a/panels/network/net-device-wifi.c ++++ b/panels/network/net-device-wifi.c +@@ -47,7 +47,8 @@ typedef enum { + NM_AP_SEC_WEP, + NM_AP_SEC_WPA, + NM_AP_SEC_WPA2, +- NM_AP_SEC_SAE ++ NM_AP_SEC_SAE, ++ NM_AP_SEC_OWE, + } NMAccessPointSecurity; + + static void nm_device_wifi_refresh_ui (NetDeviceWifi *device_wifi); +@@ -150,6 +151,10 @@ get_access_point_security (NMAccessPoint *ap) + #if NM_CHECK_VERSION(1,20,6) + else if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_SAE) + type = NM_AP_SEC_SAE; ++#endif ++#if NM_CHECK_VERSION(1,20,6) ++ else if (rsn_flags & NM_802_11_AP_SEC_KEY_MGMT_OWE) ++ type = NM_AP_SEC_OWE; + #endif + else + type = NM_AP_SEC_WPA2; +@@ -1930,7 +1935,8 @@ make_row (GtkSizeGroup *rows, + + if (in_range) { + if (security != NM_AP_SEC_UNKNOWN && +- security != NM_AP_SEC_NONE) { ++ security != NM_AP_SEC_NONE && ++ security != NM_AP_SEC_OWE) { + widget = gtk_image_new_from_icon_name ("network-wireless-encrypted-symbolic", GTK_ICON_SIZE_MENU); + } else { + widget = gtk_label_new (""); +-- +2.31.1 + diff --git a/SPECS/gnome-control-center.spec b/SPECS/gnome-control-center.spec index 558e053..b9339d8 100644 --- a/SPECS/gnome-control-center.spec +++ b/SPECS/gnome-control-center.spec @@ -11,7 +11,7 @@ Name: gnome-control-center Version: 3.28.2 -Release: 28%{?dist} +Release: 29%{?dist} Summary: Utilities to configure the GNOME desktop License: GPLv2+ and CC-BY-SA @@ -64,6 +64,16 @@ Patch25: printers-Update-entries.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1876291 Patch26: Update-translations.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1938323 +Patch31: 0001-network-Populate-AP-list-from-idle-handler.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1915411 +Patch32: 0002-ce-page-security-add-SAE-support.patch +Patch33: 0003-ce-page-details-add-SAE-support.patch +Patch34: 0004-net-device-wifi-Decode-SAE-AP-security.patch +Patch35: 0005-network-complete-SAE-support.patch +Patch36: 0006-Add-support-for-Enhanced-Open-WiFi-security.patch + + BuildRequires: chrpath BuildRequires: cups-devel BuildRequires: desktop-file-utils @@ -236,9 +246,16 @@ chrpath --delete $RPM_BUILD_ROOT%{_bindir}/gnome-control-center %dir %{_datadir}/gnome/wm-properties %changelog +* Wed Nov 10 2021 Benjamin Berg - 3.28.2-29 +- Backport SAE/WPA3/OWE support + Resolves: #1915411 + Resolves: #2023156 +- Add patch to fix wifi performance issue + Resolves: #1938323 + * Fri Sep 10 2021 Kalev Lember - 3.28.2-28 - Update pt_BR translations -- Resolves: #1978612 +- Resolves: #2003069 * Fri Jul 02 2021 Tomas Popela - 3.28.2-27 - Update fr, ja, zh_CN translations