rpms/gnome-control-center
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c10s
gnome-control-center/network-drop-WEP-support.patch
Felipe Borges f8aa2c56cb Drop WEP support in Network settings 
Resolves: RHEL-578
2026-04-10 08:54:06 +02:00

475 lines
18 KiB
Diff
Raw Permalink Blame History

From 168be990b4e76f70ebea92b115776dc33aff744b Mon Sep 17 00:00:00 2001
From: Felipe Borges <felipeborges@gnome.org>
Date: Tue, 31 Mar 2026 13:59:18 +0200
Subject: [PATCH] network: Drop WEP support
wpa_supplicant, libnma, NM, and friends have dropped WEP support.
WEP connections in GNOME Settings won't actually work anyway.
See also
https://gitlab.gnome.org/GNOME/libnma/-/merge_requests/33
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1139
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1138
https://gitlab.gnome.org/GNOME/network-manager-applet/-/merge_requests/112
https://gitlab.gnome.org/GNOME/network-manager-applet/-/merge_requests/113
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1340
(cherry picked from commit 087222d73481692c532e88eeeed4f292edcc01cf)
---
panels/network/cc-qr-code.c | 18 +--
panels/network/cc-wifi-connection-row.c | 18 +--
panels/network/cc-wifi-hotspot-dialog.c | 109 ++++--------------
.../connection-editor/ce-page-details.c | 8 --
.../connection-editor/ce-page-security.c | 61 +---------
panels/network/net-device-wifi.c | 10 +-
6 files changed, 32 insertions(+), 192 deletions(-)
diff --git a/panels/network/cc-qr-code.c b/panels/network/cc-qr-code.c
index 69816e002..c51ba4848 100644
--- a/panels/network/cc-qr-code.c
+++ b/panels/network/cc-qr-code.c
@@ -229,10 +229,6 @@ get_connection_security_type (NMConnection *c)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (setting);
- /* No IEEE 802.1x */
- if (g_strcmp0 (key_mgmt, "none") == 0)
- return "WEP";
-
if (g_strcmp0 (key_mgmt, "wpa-psk") == 0)
return "WPA";
@@ -266,8 +262,7 @@ is_qr_code_supported (NMConnection *c)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (setting);
- if (g_str_equal (key_mgmt, "none") ||
- g_str_equal (key_mgmt, "wpa-psk") ||
+ if (g_str_equal (key_mgmt, "wpa-psk") ||
g_str_equal (key_mgmt, "sae"))
return TRUE;
@@ -279,7 +274,6 @@ get_wifi_password (NMConnection *c)
{
NMSettingWirelessSecurity *setting;
const gchar *sec_type, *password;
- gint wep_index;
sec_type = get_connection_security_type (c);
setting = nm_connection_get_setting_wireless_security (c);
@@ -287,15 +281,7 @@ get_wifi_password (NMConnection *c)
if (g_str_equal (sec_type, "nopass"))
return NULL;
- if (g_str_equal (sec_type, "WEP"))
- {
- wep_index = nm_setting_wireless_security_get_wep_tx_keyidx (setting);
- password = nm_setting_wireless_security_get_wep_key (setting, wep_index);
- }
- else
- {
- password = nm_setting_wireless_security_get_psk (setting);
- }
+ password = nm_setting_wireless_security_get_psk (setting);
return g_strdup (password);
}
diff --git a/panels/network/cc-wifi-connection-row.c b/panels/network/cc-wifi-connection-row.c
index adc2c4889..2bb4db898 100644
--- a/panels/network/cc-wifi-connection-row.c
+++ b/panels/network/cc-wifi-connection-row.c
@@ -62,7 +62,6 @@ typedef enum
{
NM_AP_SEC_UNKNOWN,
NM_AP_SEC_NONE,
- NM_AP_SEC_WEP,
NM_AP_SEC_WPA,
NM_AP_SEC_WPA2,
NM_AP_SEC_SAE,
@@ -96,12 +95,6 @@ get_access_point_security (NMAccessPoint *ap)
{
type = NM_AP_SEC_NONE;
}
- else if ((flags & NM_802_11_AP_FLAGS_PRIVACY) &&
- wpa_flags == NM_802_11_AP_SEC_NONE &&
- rsn_flags == NM_802_11_AP_SEC_NONE)
- {
- type = NM_AP_SEC_WEP;
- }
else if (!(flags & NM_802_11_AP_FLAGS_PRIVACY) &&
wpa_flags != NM_802_11_AP_SEC_NONE &&
rsn_flags != NM_802_11_AP_SEC_NONE)
@@ -150,10 +143,6 @@ get_connection_security (NMConnection *con)
if (!key_mgmt)
return NM_AP_SEC_NONE;
- else if (g_str_equal (key_mgmt, "none"))
- return NM_AP_SEC_WEP;
- else if (g_str_equal (key_mgmt, "ieee8021x"))
- return NM_AP_SEC_WEP;
else if (g_str_equal (key_mgmt, "wpa-eap"))
return NM_AP_SEC_WPA2;
else if (strncmp (key_mgmt, "wpa-", 4) == 0)
@@ -268,12 +257,7 @@ update_ui (CcWifiConnectionRow *self)
const gchar *icon_name = "lock-small-symbolic";
gtk_widget_set_child_visible (GTK_WIDGET (self->encrypted_icon), TRUE);
- if (security == NM_AP_SEC_WEP)
- {
- icon_name = "warning-small-symbolic";
- gtk_widget_set_tooltip_text (GTK_WIDGET (self->encrypted_icon), _("Insecure network (WEP)"));
- }
- else if (security == NM_AP_SEC_WPA)
+ if (security == NM_AP_SEC_WPA)
{
gtk_widget_set_tooltip_text (GTK_WIDGET (self->encrypted_icon), _("Secure network (WPA)"));
}
diff --git a/panels/network/cc-wifi-hotspot-dialog.c b/panels/network/cc-wifi-hotspot-dialog.c
index e4958aaf7..bfad9e4a4 100644
--- a/panels/network/cc-wifi-hotspot-dialog.c
+++ b/panels/network/cc-wifi-hotspot-dialog.c
@@ -53,7 +53,6 @@ struct _CcWifiHotspotDialog
NMDeviceWifi *device;
NMConnection *connection;
gchar *host_name;
- gboolean wpa_supported; /* WPA/WPA2 supported */
};
G_DEFINE_TYPE (CcWifiHotspotDialog, cc_wifi_hotspot_dialog, GTK_TYPE_DIALOG)
@@ -79,28 +78,6 @@ get_random_wpa_key (void)
return key;
}
-static gchar *
-get_random_wep_key (void)
-{
- const gchar *hexdigits = "0123456789abcdef";
- gchar *key;
- gint i;
-
- key = g_malloc (12 * sizeof (key));
-
- /* generate a 10-digit hex WEP key */
- for (i = 0; i < 10; i++)
- {
- gint digit;
- digit = g_random_int_range (0, 16);
- key[i] = hexdigits[digit];
- }
-
- key[i] = '\0';
-
- return key;
-}
-
static void
wifi_hotspot_dialog_update_main_label (CcWifiHotspotDialog *self)
{
@@ -167,10 +144,7 @@ get_secrets_cb (GObject *source_object,
}
security_setting = nm_connection_get_setting_wireless_security (self->connection);
- if (self->wpa_supported)
- key = nm_setting_wireless_security_get_psk (security_setting);
- else
- key = nm_setting_wireless_security_get_wep_key (security_setting, 0);
+ key = nm_setting_wireless_security_get_psk (security_setting);
if (key)
gtk_editable_set_text (GTK_EDITABLE (self->password_entry), key);
@@ -227,10 +201,7 @@ hotspot_password_is_valid (CcWifiHotspotDialog *self,
if (!password || !*password)
return TRUE;
- if (self->wpa_supported)
- return nm_utils_wpa_psk_valid (password);
- else
- return nm_utils_wep_key_valid (password, NM_WEP_KEY_TYPE_KEY);
+ return nm_utils_wpa_psk_valid (password);
}
static void
@@ -278,7 +249,9 @@ hotspot_entry_changed_cb (CcWifiHotspotDialog *self)
}
else
{
- guint max_chars = self->wpa_supported ? 63 : 16;
+ /* 63 is the maximum WPA-PSK passphrase length (IEEE 802.11 / WPA spec). */
+ guint max_chars = 63;
+
password_error_label = g_strdup_printf (ngettext ("Must have a maximum of %d character",
"Must have a maximum of %d characters", max_chars), max_chars);
}
@@ -299,10 +272,7 @@ generate_password_clicked_cb (CcWifiHotspotDialog *self)
g_assert (CC_IS_WIFI_HOTSPOT_DIALOG (self));
- if (self->wpa_supported)
- key = get_random_wpa_key ();
- else
- key = get_random_wep_key ();
+ key = get_random_wpa_key ();
gtk_editable_set_text (GTK_EDITABLE (self->password_entry), key);
}
@@ -337,10 +307,13 @@ static void
hotspot_update_wireless_security_settings (CcWifiHotspotDialog *self)
{
NMSettingWirelessSecurity *setting;
- const gchar *value, *key_type;
+ const gchar *value;
+ NMDeviceWifiCapabilities caps;
g_assert (CC_IS_WIFI_HOTSPOT_DIALOG (self));
+ caps = nm_device_wifi_get_capabilities (self->device);
+
if (nm_connection_get_setting_wireless_security (self->connection) == NULL)
nm_connection_add_setting (self->connection, nm_setting_wireless_security_new ());
@@ -350,51 +323,29 @@ hotspot_update_wireless_security_settings (CcWifiHotspotDialog *self)
nm_setting_wireless_security_clear_groups (setting);
value = gtk_editable_get_text (GTK_EDITABLE (self->password_entry));
- if (self->wpa_supported)
- key_type = "psk";
- else
- key_type = "wep-key0";
-
- if (self->wpa_supported)
- g_object_set (setting, "key-mgmt", "wpa-psk", NULL);
- else
- g_object_set (setting,
- "key-mgmt", "none",
- "wep-key-type", NM_WEP_KEY_TYPE_KEY,
- NULL);
+ g_object_set (setting, "key-mgmt", "wpa-psk", NULL);
if (!value || !*value)
{
g_autofree gchar *key = NULL;
- if (self->wpa_supported)
- key = get_random_wpa_key ();
- else
- key = get_random_wep_key ();
-
- g_object_set (setting, key_type, key, NULL);
+ key = get_random_wpa_key ();
+ g_object_set (setting, "psk", key, NULL);
}
else
- g_object_set (setting, key_type, value, NULL);
+ g_object_set (setting, "psk", value, NULL);
- if (self->wpa_supported)
+ if (caps & NM_WIFI_DEVICE_CAP_RSN)
{
- NMDeviceWifiCapabilities caps;
-
- caps = nm_device_wifi_get_capabilities (self->device);
-
- if (caps & NM_WIFI_DEVICE_CAP_RSN)
- {
- nm_setting_wireless_security_add_proto (setting, "rsn");
- nm_setting_wireless_security_add_pairwise (setting, "ccmp");
- nm_setting_wireless_security_add_group (setting, "ccmp");
- }
- else if (caps & NM_WIFI_DEVICE_CAP_WPA)
- {
- nm_setting_wireless_security_add_proto (setting, "wpa");
- nm_setting_wireless_security_add_pairwise (setting, "tkip");
- nm_setting_wireless_security_add_group (setting, "tkip");
- }
+ nm_setting_wireless_security_add_proto (setting, "rsn");
+ nm_setting_wireless_security_add_pairwise (setting, "ccmp");
+ nm_setting_wireless_security_add_group (setting, "ccmp");
+ }
+ else if (caps & NM_WIFI_DEVICE_CAP_WPA)
+ {
+ nm_setting_wireless_security_add_proto (setting, "wpa");
+ nm_setting_wireless_security_add_pairwise (setting, "tkip");
+ nm_setting_wireless_security_add_group (setting, "tkip");
}
}
@@ -527,18 +478,6 @@ cc_wifi_hotspot_dialog_set_device (CcWifiHotspotDialog *self,
g_set_object (&self->device, device);
- if (device)
- {
- NMDeviceWifiCapabilities caps;
-
- caps = nm_device_wifi_get_capabilities (device);
- self->wpa_supported = FALSE;
-
- if (caps & NM_WIFI_DEVICE_CAP_AP)
- if (caps & (NM_WIFI_DEVICE_CAP_RSN | NM_WIFI_DEVICE_CAP_WPA))
- self->wpa_supported = TRUE;
- }
-
wifi_hotspot_dialog_update_main_label (self);
}
diff --git a/panels/network/connection-editor/ce-page-details.c b/panels/network/connection-editor/ce-page-details.c
index e35a5af7a..2751a7116 100644
--- a/panels/network/connection-editor/ce-page-details.c
+++ b/panels/network/connection-editor/ce-page-details.c
@@ -103,20 +103,12 @@ static gchar *
get_ap_security_string (NMAccessPoint *ap)
{
NM80211ApSecurityFlags wpa_flags, rsn_flags;
- NM80211ApFlags flags;
GString *str;
- flags = nm_access_point_get_flags (ap);
wpa_flags = nm_access_point_get_wpa_flags (ap);
rsn_flags = nm_access_point_get_rsn_flags (ap);
str = g_string_new ("");
- if ((flags & NM_802_11_AP_FLAGS_PRIVACY) &&
- (wpa_flags == NM_802_11_AP_SEC_NONE) &&
- (rsn_flags == NM_802_11_AP_SEC_NONE)) {
- /* TRANSLATORS: this WEP WiFi security */
- g_string_append_printf (str, "%s, ", _("WEP"));
- }
if (wpa_flags != NM_802_11_AP_SEC_NONE) {
/* TRANSLATORS: this WPA WiFi security */
g_string_append_printf (str, "%s, ", _("WPA"));
diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c
index 58fb8e8f9..0785be42a 100644
--- a/panels/network/connection-editor/ce-page-security.c
+++ b/panels/network/connection-editor/ce-page-security.c
@@ -76,14 +76,10 @@ get_default_type_for_security (NMSettingWirelessSecurity *sec)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (sec);
auth_alg = nm_setting_wireless_security_get_auth_alg (sec);
- /* No IEEE 802.1x */
- if (!strcmp (key_mgmt, "none"))
- return NMU_SEC_STATIC_WEP;
-
if (!strcmp (key_mgmt, "ieee8021x")) {
if (auth_alg && !strcmp (auth_alg, "leap"))
return NMU_SEC_LEAP;
- return NMU_SEC_DYNAMIC_WEP;
+ return NMU_SEC_INVALID;
}
#if NM_CHECK_VERSION(1,24,0)
@@ -237,9 +233,7 @@ finish_setup (CEPageSecurity *self)
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
- dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
- | NM_WIFI_DEVICE_CAP_CIPHER_WEP104
- | NM_WIFI_DEVICE_CAP_CIPHER_TKIP
+ dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
@@ -277,38 +271,6 @@ finish_setup (CEPageSecurity *self)
}
#endif
- if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
- NMAWsWepKey *ws_wep;
- NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
-
- if (default_type == NMU_SEC_STATIC_WEP) {
- sws = nm_connection_get_setting_wireless_security (self->connection);
- if (sws)
- wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
- if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
- wep_type = NM_WEP_KEY_TYPE_KEY;
- }
-
- ws_wep = nma_ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_KEY, FALSE, FALSE);
- if (ws_wep) {
- add_security_item (self, NMA_WS (ws_wep), sec_model,
- &iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
- TRUE);
- if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
- active = item;
- item++;
- }
-
- ws_wep = nma_ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_PASSPHRASE, FALSE, FALSE);
- if (ws_wep) {
- add_security_item (self, NMA_WS (ws_wep), sec_model,
- &iter, _("WEP 128-bit Passphrase"), TRUE);
- if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
- active = item;
- item++;
- }
- }
-
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
NMAWsLeap *ws_leap;
@@ -322,19 +284,6 @@ finish_setup (CEPageSecurity *self)
}
}
- if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
- NMAWsDynamicWep *ws_dynamic_wep;
-
- ws_dynamic_wep = nma_ws_dynamic_wep_new (self->connection, TRUE, FALSE);
- if (ws_dynamic_wep) {
- add_security_item (self, NMA_WS (ws_dynamic_wep), sec_model,
- &iter, _("Dynamic WEP (802.1x)"), FALSE);
- if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
- active = item;
- item++;
- }
- }
-
if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
NMAWsWpaPsk *ws_wpa_psk;
@@ -526,8 +475,7 @@ ce_page_security_new (NMConnection *connection)
if (sws)
default_type = get_default_type_for_security (sws);
- if (default_type == NMU_SEC_STATIC_WEP ||
- default_type == NMU_SEC_LEAP ||
+ if (default_type == NMU_SEC_LEAP ||
default_type == NMU_SEC_WPA_PSK ||
#if NM_CHECK_VERSION(1,20,6)
default_type == NMU_SEC_SAE ||
@@ -539,8 +487,7 @@ ce_page_security_new (NMConnection *connection)
self->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
- if (default_type == NMU_SEC_DYNAMIC_WEP ||
- default_type == NMU_SEC_WPA_ENTERPRISE ||
+ if (default_type == NMU_SEC_WPA_ENTERPRISE ||
default_type == NMU_SEC_WPA2_ENTERPRISE) {
self->security_setting = NM_SETTING_802_1X_SETTING_NAME;
}
diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c
index 4a06f0ca0..834cb69b9 100644
--- a/panels/network/net-device-wifi.c
+++ b/panels/network/net-device-wifi.c
@@ -227,16 +227,8 @@ device_get_hotspot_security_details (NetDeviceWifi *self,
tmp_secret = NULL;
tmp_security = C_("Wifi security", "None");
- /* Key management values:
- * "none" = WEP or no password protection
- * "wpa-psk" = WPAv2 Ad-Hoc mode (eg IBSS RSN) and AP-mode WPA v1 and v2
- */
key_mgmt = nm_setting_wireless_security_get_key_mgmt (sws);
- if (strcmp (key_mgmt, "none") == 0) {
- tmp_secret = nm_setting_wireless_security_get_wep_key (sws, 0);
- tmp_security = _("WEP");
- }
- else if (strcmp (key_mgmt, "wpa-psk") == 0) {
+ if (strcmp (key_mgmt, "wpa-psk") == 0) {
tmp_secret = nm_setting_wireless_security_get_psk (sws);
tmp_security = _("WPA");
} else {
--
2.52.0
Reference in New Issue View Git Blame Copy Permalink