rpms/gnome-control-center
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c9s
gnome-control-center/network-drop-WEP-support.patch
Felipe Borges 907c987c12 Drop WEP support 
Resolves: RHEL-166751
2026-04-20 11:50:32 +02:00

493 lines
18 KiB
Diff
Raw Permalink Blame History

From 5c3b92d3cee5ccf17645a0d963bfb0ad2cfed7c0 Mon Sep 17 00:00:00 2001
From: Felipe Borges <felipeborges@gnome.org>
Date: Tue, 31 Mar 2026 13:59:18 +0200
Subject: [PATCH] network: Drop WEP support
wpa_supplicant, libnma, NM, and friends have dropped WEP support.
WEP connections in GNOME Settings won't actually work anyway.
See also
https://gitlab.gnome.org/GNOME/libnma/-/merge_requests/33
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1139
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1138
https://gitlab.gnome.org/GNOME/network-manager-applet/-/merge_requests/112
https://gitlab.gnome.org/GNOME/network-manager-applet/-/merge_requests/113
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1340
(cherry picked from commit 087222d73481692c532e88eeeed4f292edcc01cf)
---
panels/network/cc-wifi-connection-row.c | 18 +--
panels/network/cc-wifi-hotspot-dialog.c | 118 +++++-------------
panels/network/cc-wifi-panel.c | 15 +--
.../connection-editor/ce-page-details.c | 8 --
.../connection-editor/ce-page-security.c | 63 +---------
panels/network/net-device-wifi.c | 9 +-
6 files changed, 41 insertions(+), 190 deletions(-)
diff --git a/panels/network/cc-wifi-connection-row.c b/panels/network/cc-wifi-connection-row.c
index cee92db61..17bd0440f 100644
--- a/panels/network/cc-wifi-connection-row.c
+++ b/panels/network/cc-wifi-connection-row.c
@@ -56,7 +56,6 @@ typedef enum
{
NM_AP_SEC_UNKNOWN,
NM_AP_SEC_NONE,
- NM_AP_SEC_WEP,
NM_AP_SEC_WPA,
NM_AP_SEC_WPA2,
NM_AP_SEC_SAE,
@@ -87,12 +86,6 @@ get_access_point_security (NMAccessPoint *ap)
{
type = NM_AP_SEC_NONE;
}
- else if ((flags & NM_802_11_AP_FLAGS_PRIVACY) &&
- wpa_flags == NM_802_11_AP_SEC_NONE &&
- rsn_flags == NM_802_11_AP_SEC_NONE)
- {
- type = NM_AP_SEC_WEP;
- }
else if (!(flags & NM_802_11_AP_FLAGS_PRIVACY) &&
wpa_flags != NM_802_11_AP_SEC_NONE &&
rsn_flags != NM_802_11_AP_SEC_NONE)
@@ -135,10 +128,6 @@ get_connection_security (NMConnection *con)
if (!key_mgmt)
return NM_AP_SEC_NONE;
- else if (g_str_equal (key_mgmt, "none"))
- return NM_AP_SEC_WEP;
- else if (g_str_equal (key_mgmt, "ieee8021x"))
- return NM_AP_SEC_WEP;
else if (g_str_equal (key_mgmt, "wpa-eap"))
return NM_AP_SEC_WPA2;
else if (strncmp (key_mgmt, "wpa-", 4) == 0)
@@ -262,12 +251,7 @@ update_ui (CcWifiConnectionRow *self)
const gchar *icon_path;
gtk_widget_set_child_visible (GTK_WIDGET (self->encrypted_icon), TRUE);
- if (security == NM_AP_SEC_WEP)
- {
- icon_path = "/org/gnome/control-center/network/warning-small-symbolic.svg";
- gtk_widget_set_tooltip_text (GTK_WIDGET (self->encrypted_icon), _("Insecure network (WEP)"));
- }
- else if (security == NM_AP_SEC_WPA)
+ if (security == NM_AP_SEC_WPA)
{
icon_path = "/org/gnome/control-center/network/lock-small-symbolic.svg";
gtk_widget_set_tooltip_text (GTK_WIDGET (self->encrypted_icon), _("Secure network (WPA)"));
diff --git a/panels/network/cc-wifi-hotspot-dialog.c b/panels/network/cc-wifi-hotspot-dialog.c
index 4d1ef2478..136cb9dfe 100644
--- a/panels/network/cc-wifi-hotspot-dialog.c
+++ b/panels/network/cc-wifi-hotspot-dialog.c
@@ -53,7 +53,6 @@ struct _CcWifiHotspotDialog
NMDeviceWifi *device;
NMConnection *connection;
gchar *host_name;
- gboolean wpa_supported; /* WPA/WPA2 supported */
};
G_DEFINE_TYPE (CcWifiHotspotDialog, cc_wifi_hotspot_dialog, GTK_TYPE_MESSAGE_DIALOG)
@@ -79,28 +78,6 @@ get_random_wpa_key (void)
return key;
}
-static gchar *
-get_random_wep_key (void)
-{
- const gchar *hexdigits = "0123456789abcdef";
- gchar *key;
- gint i;
-
- key = g_malloc (12 * sizeof (key));
-
- /* generate a 10-digit hex WEP key */
- for (i = 0; i < 10; i++)
- {
- gint digit;
- digit = g_random_int_range (0, 16);
- key[i] = hexdigits[digit];
- }
-
- key[i] = '\0';
-
- return key;
-}
-
static void
wifi_hotspot_dialog_update_main_label (CcWifiHotspotDialog *self)
{
@@ -167,10 +144,7 @@ get_secrets_cb (GObject *source_object,
}
security_setting = nm_connection_get_setting_wireless_security (self->connection);
- if (self->wpa_supported)
- key = nm_setting_wireless_security_get_psk (security_setting);
- else
- key = nm_setting_wireless_security_get_wep_key (security_setting, 0);
+ key = nm_setting_wireless_security_get_psk (security_setting);
if (key)
gtk_entry_set_text (self->password_entry, key);
@@ -227,16 +201,14 @@ hotspot_password_is_valid (CcWifiHotspotDialog *self,
if (!password || !*password)
return TRUE;
- if (self->wpa_supported)
- return nm_utils_wpa_psk_valid (password);
- else
- return nm_utils_wep_key_valid (password, NM_WEP_KEY_TYPE_KEY);
+ return nm_utils_wpa_psk_valid (password);
}
static void
hotspot_entry_changed_cb (CcWifiHotspotDialog *self)
{
const gchar *ssid, *password, *error_label;
+ g_autofree gchar *password_err_allocated = NULL;
gboolean valid_ssid, valid_password;
g_assert (CC_IS_WIFI_HOTSPOT_DIALOG (self));
@@ -262,7 +234,17 @@ hotspot_entry_changed_cb (CcWifiHotspotDialog *self)
}
else
{
- error_label = _("Must have a minimum of 8 characters");
+ if (strlen (password) < 8)
+ error_label = _("Must have a minimum of 8 characters");
+ else
+ {
+ /* 63 is the maximum WPA-PSK passphrase length (IEEE 802.11 / WPA spec). */
+ guint max_chars = 63;
+
+ password_err_allocated = g_strdup_printf (ngettext ("Must have a maximum of %d character",
+ "Must have a maximum of %d characters", max_chars), max_chars);
+ error_label = password_err_allocated;
+ }
widget_set_error (GTK_WIDGET(self->password_entry));
}
@@ -278,10 +260,7 @@ generate_password_clicked_cb (CcWifiHotspotDialog *self)
g_assert (CC_IS_WIFI_HOTSPOT_DIALOG (self));
- if (self->wpa_supported)
- key = get_random_wpa_key ();
- else
- key = get_random_wep_key ();
+ key = get_random_wpa_key ();
gtk_entry_set_text (self->password_entry, key);
}
@@ -316,10 +295,13 @@ static void
hotspot_update_wireless_security_settings (CcWifiHotspotDialog *self)
{
NMSettingWirelessSecurity *setting;
- const gchar *value, *key_type;
+ const gchar *value;
+ NMDeviceWifiCapabilities caps;
g_assert (CC_IS_WIFI_HOTSPOT_DIALOG (self));
+ caps = nm_device_wifi_get_capabilities (self->device);
+
if (nm_connection_get_setting_wireless_security (self->connection) == NULL)
nm_connection_add_setting (self->connection, nm_setting_wireless_security_new ());
@@ -329,51 +311,29 @@ hotspot_update_wireless_security_settings (CcWifiHotspotDialog *self)
nm_setting_wireless_security_clear_groups (setting);
value = gtk_entry_get_text (self->password_entry);
- if (self->wpa_supported)
- key_type = "psk";
- else
- key_type = "wep-key0";
-
- if (self->wpa_supported)
- g_object_set (setting, "key-mgmt", "wpa-psk", NULL);
- else
- g_object_set (setting,
- "key-mgmt", "none",
- "wep-key-type", NM_WEP_KEY_TYPE_KEY,
- NULL);
+ g_object_set (setting, "key-mgmt", "wpa-psk", NULL);
if (!value || !*value)
{
g_autofree gchar *key = NULL;
- if (self->wpa_supported)
- key = get_random_wpa_key ();
- else
- key = get_random_wep_key ();
-
- g_object_set (setting, key_type, key, NULL);
+ key = get_random_wpa_key ();
+ g_object_set (setting, "psk", key, NULL);
}
else
- g_object_set (setting, key_type, value, NULL);
+ g_object_set (setting, "psk", value, NULL);
- if (self->wpa_supported)
+ if (caps & NM_WIFI_DEVICE_CAP_RSN)
{
- NMDeviceWifiCapabilities caps;
-
- caps = nm_device_wifi_get_capabilities (self->device);
-
- if (caps & NM_WIFI_DEVICE_CAP_RSN)
- {
- nm_setting_wireless_security_add_proto (setting, "rsn");
- nm_setting_wireless_security_add_pairwise (setting, "ccmp");
- nm_setting_wireless_security_add_group (setting, "ccmp");
- }
- else if (caps & NM_WIFI_DEVICE_CAP_WPA)
- {
- nm_setting_wireless_security_add_proto (setting, "wpa");
- nm_setting_wireless_security_add_pairwise (setting, "tkip");
- nm_setting_wireless_security_add_group (setting, "tkip");
- }
+ nm_setting_wireless_security_add_proto (setting, "rsn");
+ nm_setting_wireless_security_add_pairwise (setting, "ccmp");
+ nm_setting_wireless_security_add_group (setting, "ccmp");
+ }
+ else if (caps & NM_WIFI_DEVICE_CAP_WPA)
+ {
+ nm_setting_wireless_security_add_proto (setting, "wpa");
+ nm_setting_wireless_security_add_pairwise (setting, "tkip");
+ nm_setting_wireless_security_add_group (setting, "tkip");
}
}
@@ -510,18 +470,6 @@ cc_wifi_hotspot_dialog_set_device (CcWifiHotspotDialog *self,
g_set_object (&self->device, device);
- if (device)
- {
- NMDeviceWifiCapabilities caps;
-
- caps = nm_device_wifi_get_capabilities (device);
- self->wpa_supported = FALSE;
-
- if (caps & NM_WIFI_DEVICE_CAP_AP)
- if (caps & (NM_WIFI_DEVICE_CAP_RSN | NM_WIFI_DEVICE_CAP_WPA))
- self->wpa_supported = TRUE;
- }
-
wifi_hotspot_dialog_update_main_label (self);
}
diff --git a/panels/network/cc-wifi-panel.c b/panels/network/cc-wifi-panel.c
index 9ca6e6ee5..d2a20ea9a 100644
--- a/panels/network/cc-wifi-panel.c
+++ b/panels/network/cc-wifi-panel.c
@@ -194,10 +194,6 @@ get_connection_security_type (NMConnection *c)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (setting);
- /* No IEEE 802.1x */
- if (g_strcmp0 (key_mgmt, "none") == 0)
- return "WEP";
-
if (g_strcmp0 (key_mgmt, "wpa-none") == 0 ||
g_strcmp0 (key_mgmt, "wpa-psk") == 0)
return "WPA";
@@ -212,7 +208,6 @@ get_wifi_password (NMConnection *c)
g_autoptr(GVariant) secrets = NULL;
g_autoptr(GError) error = NULL;
const gchar *sec_type, *password;
- gint wep_index;
g_assert (NM_IS_REMOTE_CONNECTION (c));
@@ -235,15 +230,7 @@ get_wifi_password (NMConnection *c)
return NULL;
}
- if (g_str_equal (sec_type, "WEP"))
- {
- wep_index = nm_setting_wireless_security_get_wep_tx_keyidx (setting);
- password = nm_setting_wireless_security_get_wep_key (setting, wep_index);
- }
- else
- {
- password = nm_setting_wireless_security_get_psk (setting);
- }
+ password = nm_setting_wireless_security_get_psk (setting);
return escape_string (password, FALSE);
}
diff --git a/panels/network/connection-editor/ce-page-details.c b/panels/network/connection-editor/ce-page-details.c
index 27433efe2..c068bcea0 100644
--- a/panels/network/connection-editor/ce-page-details.c
+++ b/panels/network/connection-editor/ce-page-details.c
@@ -80,20 +80,12 @@ static gchar *
get_ap_security_string (NMAccessPoint *ap)
{
NM80211ApSecurityFlags wpa_flags, rsn_flags;
- NM80211ApFlags flags;
GString *str;
- flags = nm_access_point_get_flags (ap);
wpa_flags = nm_access_point_get_wpa_flags (ap);
rsn_flags = nm_access_point_get_rsn_flags (ap);
str = g_string_new ("");
- if ((flags & NM_802_11_AP_FLAGS_PRIVACY) &&
- (wpa_flags == NM_802_11_AP_SEC_NONE) &&
- (rsn_flags == NM_802_11_AP_SEC_NONE)) {
- /* TRANSLATORS: this WEP WiFi security */
- g_string_append_printf (str, "%s, ", _("WEP"));
- }
if (wpa_flags != NM_802_11_AP_SEC_NONE) {
/* TRANSLATORS: this WPA WiFi security */
g_string_append_printf (str, "%s, ", _("WPA"));
diff --git a/panels/network/connection-editor/ce-page-security.c b/panels/network/connection-editor/ce-page-security.c
index 696971579..0f8bfc865 100644
--- a/panels/network/connection-editor/ce-page-security.c
+++ b/panels/network/connection-editor/ce-page-security.c
@@ -28,10 +28,8 @@
#include "ce-page.h"
#include "ce-page-security.h"
#include "wireless-security.h"
-#include "ws-dynamic-wep.h"
#include "ws-leap.h"
#include "ws-sae.h"
-#include "ws-wep-key.h"
#include "ws-wpa-eap.h"
#include "ws-wpa-psk.h"
@@ -82,14 +80,10 @@ get_default_type_for_security (NMSettingWirelessSecurity *sec)
key_mgmt = nm_setting_wireless_security_get_key_mgmt (sec);
auth_alg = nm_setting_wireless_security_get_auth_alg (sec);
- /* No IEEE 802.1x */
- if (!strcmp (key_mgmt, "none"))
- return NMU_SEC_STATIC_WEP;
-
if (!strcmp (key_mgmt, "ieee8021x")) {
if (auth_alg && !strcmp (auth_alg, "leap"))
return NMU_SEC_LEAP;
- return NMU_SEC_DYNAMIC_WEP;
+ return NMU_SEC_INVALID;
}
#if NM_CHECK_VERSION(1,24,0)
@@ -245,9 +239,7 @@ finish_setup (CEPageSecurity *self)
self->group = gtk_size_group_new (GTK_SIZE_GROUP_HORIZONTAL);
- dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_WEP40
- | NM_WIFI_DEVICE_CAP_CIPHER_WEP104
- | NM_WIFI_DEVICE_CAP_CIPHER_TKIP
+ dev_caps = NM_WIFI_DEVICE_CAP_CIPHER_TKIP
| NM_WIFI_DEVICE_CAP_CIPHER_CCMP
| NM_WIFI_DEVICE_CAP_WPA
| NM_WIFI_DEVICE_CAP_RSN;
@@ -285,38 +277,6 @@ finish_setup (CEPageSecurity *self)
}
#endif
- if (nm_utils_security_valid (NMU_SEC_STATIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
- WirelessSecurityWEPKey *ws_wep;
- NMWepKeyType wep_type = NM_WEP_KEY_TYPE_KEY;
-
- if (default_type == NMU_SEC_STATIC_WEP) {
- sws = nm_connection_get_setting_wireless_security (self->connection);
- if (sws)
- wep_type = nm_setting_wireless_security_get_wep_key_type (sws);
- if (wep_type == NM_WEP_KEY_TYPE_UNKNOWN)
- wep_type = NM_WEP_KEY_TYPE_KEY;
- }
-
- ws_wep = ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_KEY);
- if (ws_wep) {
- add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
- &iter, _("WEP 40/128-bit Key (Hex or ASCII)"),
- TRUE);
- if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_KEY))
- active = item;
- item++;
- }
-
- ws_wep = ws_wep_key_new (self->connection, NM_WEP_KEY_TYPE_PASSPHRASE);
- if (ws_wep) {
- add_security_item (self, WIRELESS_SECURITY (ws_wep), sec_model,
- &iter, _("WEP 128-bit Passphrase"), TRUE);
- if ((active < 0) && (default_type == NMU_SEC_STATIC_WEP) && (wep_type == NM_WEP_KEY_TYPE_PASSPHRASE))
- active = item;
- item++;
- }
- }
-
if (nm_utils_security_valid (NMU_SEC_LEAP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityLEAP *ws_leap;
@@ -330,19 +290,6 @@ finish_setup (CEPageSecurity *self)
}
}
- if (nm_utils_security_valid (NMU_SEC_DYNAMIC_WEP, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
- WirelessSecurityDynamicWEP *ws_dynamic_wep;
-
- ws_dynamic_wep = ws_dynamic_wep_new (self->connection);
- if (ws_dynamic_wep) {
- add_security_item (self, WIRELESS_SECURITY (ws_dynamic_wep), sec_model,
- &iter, _("Dynamic WEP (802.1x)"), FALSE);
- if ((active < 0) && (default_type == NMU_SEC_DYNAMIC_WEP))
- active = item;
- item++;
- }
- }
-
if (nm_utils_security_valid (NMU_SEC_WPA_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0) ||
nm_utils_security_valid (NMU_SEC_WPA2_PSK, dev_caps, FALSE, is_adhoc, 0, 0, 0)) {
WirelessSecurityWPAPSK *ws_wpa_psk;
@@ -533,8 +480,7 @@ ce_page_security_new (NMConnection *connection)
if (sws)
default_type = get_default_type_for_security (sws);
- if (default_type == NMU_SEC_STATIC_WEP ||
- default_type == NMU_SEC_LEAP ||
+ if (default_type == NMU_SEC_LEAP ||
default_type == NMU_SEC_WPA_PSK ||
#if NM_CHECK_VERSION(1,20,6)
default_type == NMU_SEC_SAE ||
@@ -546,8 +492,7 @@ ce_page_security_new (NMConnection *connection)
self->security_setting = NM_SETTING_WIRELESS_SECURITY_SETTING_NAME;
}
- if (default_type == NMU_SEC_DYNAMIC_WEP ||
- default_type == NMU_SEC_WPA_ENTERPRISE ||
+ if (default_type == NMU_SEC_WPA_ENTERPRISE ||
default_type == NMU_SEC_WPA2_ENTERPRISE) {
self->security_setting = NM_SETTING_802_1X_SETTING_NAME;
}
diff --git a/panels/network/net-device-wifi.c b/panels/network/net-device-wifi.c
index 69fe2e122..7c0174da4 100644
--- a/panels/network/net-device-wifi.c
+++ b/panels/network/net-device-wifi.c
@@ -218,17 +218,12 @@ device_get_hotspot_security_details (NetDeviceWifi *self,
tmp_security = C_("Wifi security", "None");
/* Key management values:
- * "none" = WEP
* "wpa-none" = WPAv1 Ad-Hoc mode (not supported in NM >= 0.9.4)
* "wpa-psk" = WPAv2 Ad-Hoc mode (eg IBSS RSN) and AP-mode WPA v1 and v2
*/
key_mgmt = nm_setting_wireless_security_get_key_mgmt (sws);
- if (strcmp (key_mgmt, "none") == 0) {
- tmp_secret = nm_setting_wireless_security_get_wep_key (sws, 0);
- tmp_security = _("WEP");
- }
- else if (strcmp (key_mgmt, "wpa-none") == 0 ||
- strcmp (key_mgmt, "wpa-psk") == 0) {
+ if (strcmp (key_mgmt, "wpa-none") == 0 ||
+ strcmp (key_mgmt, "wpa-psk") == 0) {
tmp_secret = nm_setting_wireless_security_get_psk (sws);
tmp_security = _("WPA");
} else {
--
2.52.0
Reference in New Issue View Git Blame Copy Permalink