As there are networks that mandate the use of an anonymous
identity, we need to support it.
Reported by alin.
---
doc/config-format.txt | 1 +
gsupplicant/gsupplicant.h | 1 +
gsupplicant/supplicant.c | 4 ++++
plugins/wifi.c | 3 +++
src/config.c | 15 +++++++++++++++
src/connman.h | 2 ++
src/network.c | 7 +++++++
src/service.c | 28 ++++++++++++++++++++++++++++
8 files changed, 61 insertions(+)
diff --git a/doc/config-format.txt b/doc/config-format.txt
index b16f4e4..eae51e0 100644
--- a/doc/config-format.txt
+++ b/doc/config-format.txt
@@ -83,6 +83,7 @@ The following options are valid if Type is "wifi"
passphrase. The PrivateKeyPassphrase field is ignored when this field is set
to fsid.
- Identity: Identity string for EAP.
+- AnonymousIdentity: Anonymous Identity string for EAP.
- Phase2: Phase2 (inner authentication with TLS tunnel) authentication method.
Prefix the value with "EAP-" to indicate the usage of an EAP-based inner
authentication method (should only be used with EAP = TTLS).
diff --git a/gsupplicant/gsupplicant.h b/gsupplicant/gsupplicant.h
index 2a87f2f..a2a7605 100644
--- a/gsupplicant/gsupplicant.h
+++ b/gsupplicant/gsupplicant.h
@@ -142,6 +142,7 @@ struct _GSupplicantSSID {
const char *eap;
const char *passphrase;
const char *identity;
+ const char *anonymous_identity;
const char *ca_cert_path;
const char *client_cert_path;
const char *private_key_path;
diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c
index 0d32934..98ca94b 100644
--- a/gsupplicant/supplicant.c
+++ b/gsupplicant/supplicant.c
@@ -4385,6 +4385,10 @@ static void add_network_security_eap(DBusMessageIter
*dict,
supplicant_dbus_dict_append_basic(dict, "identity",
DBUS_TYPE_STRING,
&ssid->identity);
+ if(ssid->anonymous_identity)
+ supplicant_dbus_dict_append_basic(dict, "anonymous_identity",
+ DBUS_TYPE_STRING,
+ &ssid->anonymous_identity);
g_free(eap_value);
}
diff --git a/plugins/wifi.c b/plugins/wifi.c
index 176a84d..dfe849f 100644
--- a/plugins/wifi.c
+++ b/plugins/wifi.c
@@ -84,6 +84,7 @@ struct hidden_params {
char ssid[32];
unsigned int ssid_len;
char *identity;
+ char *anonymous_identity;
char *passphrase;
char *security;
GSupplicantScanParams *scan_params;
@@ -2027,6 +2028,8 @@ static void ssid_init(GSupplicantSSID *ssid, struct
connman_network *network)
ssid->identity = connman_network_get_string(network,
"WiFi.AgentIdentity");
+ ssid->anonymous_identity = connman_network_get_string(network,
+ "WiFi.AnonymousIdentity");
ssid->ca_cert_path = connman_network_get_string(network,
"WiFi.CACertFile");
ssid->client_cert_path = connman_network_get_string(network,
diff --git a/src/config.c b/src/config.c
index 0d7061c..88f8bd5 100644
--- a/src/config.c
+++ b/src/config.c
@@ -45,6 +45,7 @@ struct connman_config_service {
unsigned int ssid_len;
char *eap;
char *identity;
+ char *anonymous_identity;
char *ca_cert_file;
char *client_cert_file;
char *private_key_file;
@@ -98,6 +99,7 @@ static bool cleanup = false;
#define SERVICE_KEY_PRV_KEY_PASS "PrivateKeyPassphrase"
#define SERVICE_KEY_PRV_KEY_PASS_TYPE "PrivateKeyPassphraseType"
#define SERVICE_KEY_IDENTITY "Identity"
+#define SERVICE_KEY_ANONYMOUS_IDENTITY "AnonymousIdentity"
#define SERVICE_KEY_PHASE2 "Phase2"
#define SERVICE_KEY_PASSPHRASE "Passphrase"
#define SERVICE_KEY_SECURITY "Security"
@@ -129,6 +131,7 @@ static const char *service_possible_keys[] = {
SERVICE_KEY_PRV_KEY_PASS,
SERVICE_KEY_PRV_KEY_PASS_TYPE,
SERVICE_KEY_IDENTITY,
+ SERVICE_KEY_ANONYMOUS_IDENTITY,
SERVICE_KEY_PHASE2,
SERVICE_KEY_PASSPHRASE,
SERVICE_KEY_SECURITY,
@@ -220,6 +223,7 @@ free_only:
g_free(config_service->ssid);
g_free(config_service->eap);
g_free(config_service->identity);
+ g_free(config_service->anonymous_identity);
g_free(config_service->ca_cert_file);
g_free(config_service->client_cert_file);
g_free(config_service->private_key_file);
@@ -655,6 +659,13 @@ static bool load_service(GKeyFile *keyfile, const char
*group,
service->identity = str;
}
+ str = __connman_config_get_string(keyfile, group,
+ SERVICE_KEY_ANONYMOUS_IDENTITY, NULL);
+ if (str) {
+ g_free(service->anonymous_identity);
+ service->anonymous_identity = str;
+ }
+
str = __connman_config_get_string(keyfile, group, SERVICE_KEY_PHASE2,
NULL);
if (str) {
g_free(service->phase2);
@@ -1034,6 +1045,10 @@ static void provision_service_wifi(struct
connman_config_service *config,
__connman_service_set_string(service, "Identity",
config->identity);
+ if (config->anonymous_identity)
+ __connman_service_set_string(service, "AnonymousIdentity",
+ config->anonymous_identity);
+
if (config->ca_cert_file)
__connman_service_set_string(service, "CACertFile",
config->ca_cert_file);
diff --git a/src/connman.h b/src/connman.h
index 654b8fa..35eb3f5 100644
--- a/src/connman.h
+++ b/src/connman.h
@@ -771,6 +771,8 @@ void __connman_service_set_proxy_autoconfig(struct
connman_service *service,
void __connman_service_set_identity(struct connman_service *service,
const char *identity);
+void __connman_service_set_anonymous_identity(struct connman_service *service,
+ const char *anonymous_identity);
void __connman_service_set_agent_identity(struct connman_service *service,
const char *agent_identity);
int __connman_service_set_passphrase(struct connman_service *service,
diff --git a/src/network.c b/src/network.c
index badb770..4f0d5bd 100644
--- a/src/network.c
+++ b/src/network.c
@@ -78,6 +78,7 @@ struct connman_network {
char *passphrase;
char *eap;
char *identity;
+ char *anonymous_identity;
char *agent_identity;
char *ca_cert_path;
char *client_cert_path;
@@ -906,6 +907,7 @@ static void network_destruct(struct connman_network
*network)
g_free(network->wifi.passphrase);
g_free(network->wifi.eap);
g_free(network->wifi.identity);
+ g_free(network->wifi.anonymous_identity);
g_free(network->wifi.agent_identity);
g_free(network->wifi.ca_cert_path);
g_free(network->wifi.client_cert_path);
@@ -1816,6 +1818,9 @@ int connman_network_set_string(struct connman_network
*network,
} else if (g_str_equal(key, "WiFi.Identity")) {
g_free(network->wifi.identity);
network->wifi.identity = g_strdup(value);
+ } else if (g_str_equal(key, "WiFi.AnonymousIdentity")) {
+ g_free(network->wifi.anonymous_identity);
+ network->wifi.anonymous_identity = g_strdup(value);
} else if (g_str_equal(key, "WiFi.AgentIdentity")) {
g_free(network->wifi.agent_identity);
network->wifi.agent_identity = g_strdup(value);
@@ -1872,6 +1877,8 @@ const char *connman_network_get_string(struct
connman_network *network,
return network->wifi.eap;
else if (g_str_equal(key, "WiFi.Identity"))
return network->wifi.identity;
+ else if (g_str_equal(key, "WiFi.AnonymousIdentity"))
+ return network->wifi.anonymous_identity;
else if (g_str_equal(key, "WiFi.AgentIdentity"))
return network->wifi.agent_identity;
else if (g_str_equal(key, "WiFi.CACertFile"))
diff --git a/src/service.c b/src/service.c
index 8d73f22..d80dd4c 100644
--- a/src/service.c
+++ b/src/service.c
@@ -100,6 +100,7 @@ struct connman_service {
/* 802.1x settings from the config files */
char *eap;
char *identity;
+ char *anonymous_identity;
char *agent_identity;
char *ca_cert_file;
char *client_cert_file;
@@ -2800,6 +2801,21 @@ void __connman_service_set_identity(struct
connman_service *service,
service->identity);
}
+void __connman_service_set_anonymous_identity(struct connman_service *service,
+ const char *anonymous_identity)
+{
+ if (service->immutable || service->hidden)
+ return;
+
+ g_free(service->anonymous_identity);
+ service->anonymous_identity = g_strdup(anonymous_identity);
+
+ if (service->network)
+ connman_network_set_string(service->network,
+ "WiFi.AnonymousIdentity",
+ service->anonymous_identity);
+}
+
void __connman_service_set_agent_identity(struct connman_service *service,
const char *agent_identity)
{
@@ -4074,6 +4090,9 @@ bool __connman_service_remove(struct connman_service
*service)
g_free(service->identity);
service->identity = NULL;
+ g_free(service->anonymous_identity);
+ service->anonymous_identity = NULL;
+
g_free(service->agent_identity);
service->agent_identity = NULL;
@@ -4524,6 +4543,7 @@ static void service_free(gpointer user_data)
g_free(service->identifier);
g_free(service->eap);
g_free(service->identity);
+ g_free(service->anonymous_identity);
g_free(service->agent_identity);
g_free(service->ca_cert_file);
g_free(service->client_cert_file);
@@ -4997,6 +5017,9 @@ void __connman_service_set_string(struct connman_service
*service,
} else if (g_str_equal(key, "Identity")) {
g_free(service->identity);
service->identity = g_strdup(value);
+ } else if (g_str_equal(key, "AnonymousIdentity")) {
+ g_free(service->anonymous_identity);
+ service->anonymous_identity = g_strdup(value);
} else if (g_str_equal(key, "CACertFile")) {
g_free(service->ca_cert_file);
service->ca_cert_file = g_strdup(value);
@@ -5840,6 +5863,11 @@ static void prepare_8021x(struct connman_service
*service)
connman_network_set_string(service->network, "WiFi.Identity",
service->identity);
+ if (service->anonymous_identity)
+ connman_network_set_string(service->network,
+ "WiFi.AnonymousIdentity",
+ service->anonymous_identity);
+
if (service->ca_cert_file)
connman_network_set_string(service->network, "WiFi.CACertFile",
service->ca_cert_file);
--
2.1.0
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
