Top | ![]() |
![]() |
![]() |
![]() |
NMSettingWirelessSecurityNMSettingWirelessSecurity — Describes connection properties for Wi-Fi networks that use WEP, LEAP, WPA or WPA2/RSN security |
gchar * | auth-alg | Read / Write |
GSList_gchararray_ * | group | Read / Write |
gchar * | key-mgmt | Read / Write |
gchar * | leap-password | Read / Write |
guint | leap-password-flags | Read / Write |
gchar * | leap-username | Read / Write |
GSList_gchararray_ * | pairwise | Read / Write |
GSList_gchararray_ * | proto | Read / Write |
gchar * | psk | Read / Write |
guint | psk-flags | Read / Write |
guint | wep-key-flags | Read / Write |
guint | wep-key-type | Read / Write / Construct |
gchar * | wep-key0 | Read / Write |
gchar * | wep-key1 | Read / Write |
gchar * | wep-key2 | Read / Write |
gchar * | wep-key3 | Read / Write |
guint | wep-tx-keyidx | Read / Write / Construct |
GEnum ├── NMSettingWirelessSecurityError ╰── NMWepKeyType GObject ╰── NMSetting ╰── NMSettingWirelessSecurity
The NMSettingWirelessSecurity object is a NMSetting subclass that describes properties necessary for connection to encrypted Wi-Fi networks.
It's a good idea to read up on wpa_supplicant configuration before using this setting extensively, since most of the options here correspond closely with the relevant wpa_supplicant configuration options. To get a better overview of how Wi-Fi security works, you may want to get copies of the following books.
802.11 Wireless Networks: The Definitive Guide, Second Edition Author: Matthew Gast ISBN: 978-0596100520
Cisco Wireless LAN Security Authors: Krishna Sankar, Sri Sundaralingam, Darrin Miller, and Andrew Balinsky ISBN: 978-1587051548
GQuark
nm_setting_wireless_security_error_quark
(void
);
Registers an error quark for NMSettingWired if necessary.
NMSetting *
nm_setting_wireless_security_new (void
);
Creates a new NMSettingWirelessSecurity object with default values.
const char *
nm_setting_wireless_security_get_key_mgmt
(NMSettingWirelessSecurity *setting
);
guint32
nm_setting_wireless_security_get_num_protos
(NMSettingWirelessSecurity *setting
);
const char * nm_setting_wireless_security_get_proto (NMSettingWirelessSecurity *setting
,guint32 i
);
gboolean nm_setting_wireless_security_add_proto (NMSettingWirelessSecurity *setting
,const char *proto
);
Adds a Wi-Fi security protocol (one of "wpa" or "rsn") to the allowed list; only protocols in this list will be used when finding and connecting to the Wi-Fi network specified by this connection. For example, if the protocol list contains only "wpa" but the access point for the SSID specified by this connection only supports WPA2/RSN, the connection cannot be used with the access point.
void nm_setting_wireless_security_remove_proto (NMSettingWirelessSecurity *setting
,guint32 i
);
Removes a protocol from the allowed protocol list.
gboolean nm_setting_wireless_security_remove_proto_by_value (NMSettingWirelessSecurity *setting
,const char *proto
);
Removes a protocol from the allowed protocol list.
Since: 0.9.10
void
nm_setting_wireless_security_clear_protos
(NMSettingWirelessSecurity *setting
);
Removes all protocols from the allowed list. If there are no protocols specified then all protocols are allowed.
guint32
nm_setting_wireless_security_get_num_pairwise
(NMSettingWirelessSecurity *setting
);
const char * nm_setting_wireless_security_get_pairwise (NMSettingWirelessSecurity *setting
,guint32 i
);
Returns the allowed pairwise encryption algorithm from allowed algorithm list.
gboolean nm_setting_wireless_security_add_pairwise (NMSettingWirelessSecurity *setting
,const char *pairwise
);
Adds an encryption algorithm to the list of allowed pairwise encryption algorithms. If the list is not empty, then only access points that support one or more of the encryption algorithms in the list will be considered compatible with this connection.
void nm_setting_wireless_security_remove_pairwise (NMSettingWirelessSecurity *setting
,guint32 i
);
Removes an encryption algorithm from the allowed pairwise encryption algorithm list.
gboolean nm_setting_wireless_security_remove_pairwise_by_value (NMSettingWirelessSecurity *setting
,const char *pairwise
);
Removes an encryption algorithm from the allowed pairwise encryption algorithm list.
Since: 0.9.10
void
nm_setting_wireless_security_clear_pairwise
(NMSettingWirelessSecurity *setting
);
Removes all algorithms from the allowed list. If there are no algorithms specified then all pairwise encryption algorithms are allowed.
guint32
nm_setting_wireless_security_get_num_groups
(NMSettingWirelessSecurity *setting
);
const char * nm_setting_wireless_security_get_group (NMSettingWirelessSecurity *setting
,guint32 i
);
Returns the allowed groupwise encryption algorithm from allowed algorithm list.
gboolean nm_setting_wireless_security_add_group (NMSettingWirelessSecurity *setting
,const char *group
);
Adds an encryption algorithm to the list of allowed groupwise encryption algorithms. If the list is not empty, then only access points that support one or more of the encryption algorithms in the list will be considered compatible with this connection.
void nm_setting_wireless_security_remove_group (NMSettingWirelessSecurity *setting
,guint32 i
);
Removes an encryption algorithm from the allowed groupwise encryption algorithm list.
gboolean nm_setting_wireless_security_remove_group_by_value (NMSettingWirelessSecurity *setting
,const char *group
);
Removes an encryption algorithm from the allowed groupwise encryption algorithm list.
setting |
||
group |
the encryption algorithm to remove, one of "wep40", "wep104", "tkip", or "ccmp" |
Since: 0.9.10
void
nm_setting_wireless_security_clear_groups
(NMSettingWirelessSecurity *setting
);
Removes all algorithms from the allowed list. If there are no algorithms specified then all groupwise encryption algorithms are allowed.
const char *
nm_setting_wireless_security_get_psk (NMSettingWirelessSecurity *setting
);
NMSettingSecretFlags
nm_setting_wireless_security_get_psk_flags
(NMSettingWirelessSecurity *setting
);
const char *
nm_setting_wireless_security_get_leap_username
(NMSettingWirelessSecurity *setting
);
const char *
nm_setting_wireless_security_get_leap_password
(NMSettingWirelessSecurity *setting
);
NMSettingSecretFlags
nm_setting_wireless_security_get_leap_password_flags
(NMSettingWirelessSecurity *setting
);
const char * nm_setting_wireless_security_get_wep_key (NMSettingWirelessSecurity *setting
,guint32 idx
);
void nm_setting_wireless_security_set_wep_key (NMSettingWirelessSecurity *setting
,guint32 idx
,const char *key
);
Sets a WEP key in the given index.
setting |
||
idx |
the index of the key (0..3 inclusive) |
|
key |
the WEP key as a string, in either hexadecimal, ASCII, or passphrase form as determiend by the value of the “wep-key-type” property. |
guint32
nm_setting_wireless_security_get_wep_tx_keyidx
(NMSettingWirelessSecurity *setting
);
const char *
nm_setting_wireless_security_get_auth_alg
(NMSettingWirelessSecurity *setting
);
NMSettingSecretFlags
nm_setting_wireless_security_get_wep_key_flags
(NMSettingWirelessSecurity *setting
);
NMWepKeyType
nm_setting_wireless_security_get_wep_key_type
(NMSettingWirelessSecurity *setting
);
#define NM_SETTING_WIRELESS_SECURITY_SETTING_NAME "802-11-wireless-security"
unknown or unclassified error |
||
the property was invalid |
||
the property was missing and is required |
||
a property contained a value that requires the connection to contain a NMSetting8021x setting |
||
LEAP authentication was specified but key management was not set to "8021x" |
||
LEAP authentication was specified but no LEAP username was given |
||
Shared Key authentication was specified but the setting did not specify WEP as the encryption protocol |
#define NM_SETTING_WIRELESS_SECURITY_ERROR nm_setting_wireless_security_error_quark ()
The NMWepKeyType values specify how any WEP keys present in the setting are interpreted. There are no standards governing how to hash the various WEP key/passphrase formats into the actual WEP key. Unfortunately some WEP keys can be interpreted in multiple ways, requiring the setting to specify how to interpret the any WEP keys. For example, the key "732f2d712e4a394a375d366931" is both a valid Hexadecimal WEP key and a WEP passphrase. Further, many ASCII keys are also valid WEP passphrases, but since passphrases and ASCII keys are hashed differently to determine the actual WEP key the type must be specified.
unknown WEP key type |
||
indicates a hexadecimal or ASCII formatted WEP key. Hex keys are either 10 or 26 hexadecimal characters (ie "5f782f2f5f" or "732f2d712e4a394a375d366931"), while ASCII keys are either 5 or 13 ASCII characters (ie "abcde" or "blahblah99$*1"). |
||
indicates a WEP passphrase (ex "I bought a duck on my way back from the market 235Q&^%^*%") instead of a hexadecimal or ASCII key. Passphrases are between 8 and 64 characters inclusive and are hashed the actual WEP key using the MD5 hash algorithm. |
||
placeholder value for bounds-checking |
#define NM_SETTING_WIRELESS_SECURITY_WEP_TX_KEYIDX "wep-tx-keyidx"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_USERNAME "leap-username"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY_FLAGS "wep-key-flags"
#define NM_SETTING_WIRELESS_SECURITY_WEP_KEY_TYPE "wep-key-type"
#define NM_SETTING_WIRELESS_SECURITY_LEAP_PASSWORD "leap-password"
“auth-alg”
property“auth-alg” gchar *
When WEP is used (ie, key-mgmt = "none" or "ieee8021x") indicate the 802.11 authentication algorithm required by the AP here. One of "open" for Open System, "shared" for Shared Key, or "leap" for Cisco LEAP. When using Cisco LEAP (ie, key-mgmt = "ieee8021x" and auth-alg = "leap") the "leap-username" and "leap-password" properties must be specified.
Flags: Read / Write
Default value: NULL
“group”
property “group” GSList_gchararray_ *
A list of group/broadcast encryption algorithms which prevents connections to Wi-Fi networks that do not utilize one of the algorithms in the list. For maximum compatibility leave this property empty. Each list element may be one of "wep40", "wep104", "tkip", or "ccmp".
Flags: Read / Write
“key-mgmt”
property“key-mgmt” gchar *
Key management used for the connection. One of "none" (WEP), "ieee8021x" (Dynamic WEP), "wpa-none" (Ad-Hoc WPA-PSK), "wpa-psk" (infrastructure WPA-PSK), or "wpa-eap" (WPA-Enterprise). This property must be set for any Wi-Fi connection that uses security.
Flags: Read / Write
Default value: NULL
“leap-password”
property“leap-password” gchar *
The login password for legacy LEAP connections (ie, key-mgmt = "ieee8021x" and auth-alg = "leap").
Flags: Read / Write
Default value: NULL
“leap-password-flags”
property“leap-password-flags” guint
Flags indicating how to handle the “leap-password” property.
Flags: Read / Write
Allowed values: <= 7
Default value: 0
“leap-username”
property“leap-username” gchar *
The login username for legacy LEAP connections (ie, key-mgmt = "ieee8021x" and auth-alg = "leap").
Flags: Read / Write
Default value: NULL
“pairwise”
property “pairwise” GSList_gchararray_ *
A list of pairwise encryption algorithms which prevents connections to Wi-Fi networks that do not utilize one of the algorithms in the list. For maximum compatibility leave this property empty. Each list element may be one of "tkip" or "ccmp".
Flags: Read / Write
“proto”
property “proto” GSList_gchararray_ *
List of strings specifying the allowed WPA protocol versions to use. Each element may be one "wpa" (allow WPA) or "rsn" (allow WPA2/RSN). If not specified, both WPA and RSN connections are allowed.
Flags: Read / Write
“psk”
property“psk” gchar *
Pre-Shared-Key for WPA networks. If the key is 64-characters long, it must contain only hexadecimal characters and is interpreted as a hexadecimal WPA key. Otherwise, the key must be between 8 and 63 ASCII characters (as specified in the 802.11i standard) and is interpreted as a WPA passphrase, and is hashed to derive the actual WPA-PSK used when connecting to the Wi-Fi network.
Flags: Read / Write
Default value: NULL
“psk-flags”
property“psk-flags” guint
Flags indicating how to handle the “psk” property.
Flags: Read / Write
Allowed values: <= 7
Default value: 0
“wep-key-flags”
property“wep-key-flags” guint
Flags indicating how to handle the “wep-key0”, “wep-key1”, “wep-key2”, and “wep-key3” properties.
Flags: Read / Write
Allowed values: <= 7
Default value: 0
“wep-key-type”
property“wep-key-type” guint
Controls the interpretation of WEP keys. Allowed values are
NM_WEP_KEY_TYPE_KEY
, in which case the key is either a 10- or
26-character hexadecimal string, or a 5- or 13-character ASCII password;
or NM_WEP_KEY_TYPE_PASSPHRASE
, in which case the passphrase is provided
as a string and will be hashed using the de-facto MD5 method to derive
the actual WEP key.
Flags: Read / Write / Construct
Allowed values: <= 2
Default value: 0
“wep-key0”
property“wep-key0” gchar *
Index 0 WEP key. This is the WEP key used in most networks. See the "wep-key-type" property for a description of how this key is interpreted.
Flags: Read / Write
Default value: NULL
“wep-key1”
property“wep-key1” gchar *
Index 1 WEP key. This WEP index is not used by most networks. See the "wep-key-type" property for a description of how this key is interpreted.
Flags: Read / Write
Default value: NULL
“wep-key2”
property“wep-key2” gchar *
Index 2 WEP key. This WEP index is not used by most networks. See the "wep-key-type" property for a description of how this key is interpreted.
Flags: Read / Write
Default value: NULL
“wep-key3”
property“wep-key3” gchar *
Index 3 WEP key. This WEP index is not used by most networks. See the "wep-key-type" property for a description of how this key is interpreted.
Flags: Read / Write
Default value: NULL
“wep-tx-keyidx”
property“wep-tx-keyidx” guint
When static WEP is used (ie, key-mgmt = "none") and a non-default WEP key index is used by the AP, put that WEP key index here. Valid values are 0 (default key) through 3. Note that some consumer access points (like the Linksys WRT54G) number the keys 1 - 4.
Flags: Read / Write / Construct
Allowed values: <= 3
Default value: 0