On Sat, Dec 23, 2017 at 07:26:03AM +0900, Masashi Honma wrote: > The FILS(Fast Initial Link Setup) is a specification defined by IEEE 802.11ai > to > speed up roaming. This patch adds support of it. I have tested with both > FILS-SHA256 and FILS-SHA384 by PEAP. > > Signed-off-by: Masashi Honma <[email protected]> > --- > libnm-core/nm-setting-wireless-security.c | 9 ++++++--- > libnm-core/nm-setting-wireless.c | 5 +++-- > src/devices/wifi/nm-wifi-ap.c | 6 ++++-- > src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 2 +- > src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 3 +++ > src/supplicant/nm-supplicant-config.c | 13 +++++++++---- > src/supplicant/nm-supplicant-settings-verify.c | 1 + > 7 files changed, 27 insertions(+), 12 deletions(-) > > diff --git a/libnm-core/nm-setting-wireless-security.c > b/libnm-core/nm-setting-wireless-security.c > index de77a49..eea0581 100644 > --- a/libnm-core/nm-setting-wireless-security.c > +++ b/libnm-core/nm-setting-wireless-security.c > @@ -868,7 +868,8 @@ need_secrets (NMSetting *setting) > } > > if ( (strcmp (priv->key_mgmt, "ieee8021x") == 0) > - || (strcmp (priv->key_mgmt, "wpa-eap") == 0)) { > + || (strcmp (priv->key_mgmt, "wpa-eap") == 0) > + || (strcmp (priv->key_mgmt, "wpa-fils") == 0)) { > /* Let caller check the 802.1x setting for secrets */ > goto no_secrets; > } > @@ -887,7 +888,8 @@ verify (NMSetting *setting, NMConnection *connection, > GError **error) > { > NMSettingWirelessSecurity *self = NM_SETTING_WIRELESS_SECURITY > (setting); > NMSettingWirelessSecurityPrivate *priv = > NM_SETTING_WIRELESS_SECURITY_GET_PRIVATE (self); > - const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", > "wpa-psk", "wpa-eap", NULL }; > + const char *valid_key_mgmt[] = { "none", "ieee8021x", "wpa-none", > + "wpa-psk", "wpa-eap", "wpa-fils", NULL };
Hi, please also update the documentation comment of the key-mgmt property at the end of the file. I have found little information about FILS, but I guess a valid use case would be to optionally enable it by passing "key_mgmt=FILS-SHA256 FILS-SHA384 WPA-EAP" to wpa_supplicant, so that the supplicant will fall back to WPA-EAP if the AP doesn't support FILS. Do you think this configuration is useful at all? If so, we shouldn't have a new key-mgmt value 'wpa-fils' but perhaps we should add a new wifi-sec.fils boolean (or tristate) property. Beniamino
signature.asc
Description: PGP signature
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
