526 lines
19 KiB
Python
526 lines
19 KiB
Python
# vi: ts=4 ai noet
|
|
#
|
|
# Copyright (C) 2006-2007 Red Hat, Inc.
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
import dbus
|
|
import dbus.service
|
|
import time
|
|
import os
|
|
import binascii
|
|
import ConfigParser
|
|
import logging
|
|
|
|
import nmclient
|
|
import keydialog
|
|
import gtk
|
|
from sugar import env
|
|
|
|
IW_AUTH_KEY_MGMT_802_1X = 0x1
|
|
IW_AUTH_KEY_MGMT_PSK = 0x2
|
|
|
|
IW_AUTH_WPA_VERSION_DISABLED = 0x00000001
|
|
IW_AUTH_WPA_VERSION_WPA = 0x00000002
|
|
IW_AUTH_WPA_VERSION_WPA2 = 0x00000004
|
|
|
|
NM_AUTH_TYPE_WPA_PSK_AUTO = 0x00000000
|
|
IW_AUTH_CIPHER_NONE = 0x00000001
|
|
IW_AUTH_CIPHER_WEP40 = 0x00000002
|
|
IW_AUTH_CIPHER_TKIP = 0x00000004
|
|
IW_AUTH_CIPHER_CCMP = 0x00000008
|
|
IW_AUTH_CIPHER_WEP104 = 0x00000010
|
|
|
|
IW_AUTH_ALG_OPEN_SYSTEM = 0x00000001
|
|
IW_AUTH_ALG_SHARED_KEY = 0x00000002
|
|
|
|
NM_INFO_IFACE='org.freedesktop.NetworkManagerInfo'
|
|
NM_INFO_PATH='/org/freedesktop/NetworkManagerInfo'
|
|
|
|
|
|
class NoNetworks(dbus.DBusException):
|
|
def __init__(self):
|
|
dbus.DBusException.__init__(self)
|
|
self._dbus_error_name = NM_INFO_IFACE + '.NoNetworks'
|
|
|
|
class CanceledKeyRequestError(dbus.DBusException):
|
|
def __init__(self):
|
|
dbus.DBusException.__init__(self)
|
|
self._dbus_error_name = NM_INFO_IFACE + '.CanceledError'
|
|
|
|
|
|
class NetworkInvalidError(Exception):
|
|
pass
|
|
|
|
|
|
class NMConfig(ConfigParser.ConfigParser):
|
|
def get_bool(self, section, name):
|
|
opt = self.get(section, name)
|
|
if type(opt) == type(""):
|
|
if opt.lower() == 'yes' or opt.lower() == 'true':
|
|
return True
|
|
elif opt.lower() == 'no' or opt.lower() == 'false':
|
|
return False
|
|
raise ValueError("Invalid format for %s/%s. Should be one of [yes, no, true, false]." % (section, name))
|
|
|
|
def get_list(self, section, name):
|
|
opt = self.get(section, name)
|
|
if type(opt) == type(""):
|
|
if not len(opt):
|
|
return []
|
|
try:
|
|
return opt.split()
|
|
except Exception:
|
|
pass
|
|
raise ValueError("Invalid format for %s/%s. Should be a space-separate list." % (section, name))
|
|
|
|
def get_int(self, section, name):
|
|
opt = self.get(section, name)
|
|
try:
|
|
return int(opt)
|
|
except Exception:
|
|
pass
|
|
raise ValueError("Invalid format for %s/%s. Should be a valid integer." % (section, name))
|
|
|
|
def get_float(self, section, name):
|
|
opt = self.get(section, name)
|
|
try:
|
|
return float(opt)
|
|
except Exception:
|
|
pass
|
|
raise ValueError("Invalid format for %s/%s. Should be a valid float." % (section, name))
|
|
|
|
|
|
NETWORK_TYPE_UNKNOWN = 0
|
|
NETWORK_TYPE_ALLOWED = 1
|
|
NETWORK_TYPE_INVALID = 2
|
|
|
|
|
|
class Security(object):
|
|
def __init__(self, we_cipher):
|
|
self._we_cipher = we_cipher
|
|
|
|
def read_from_config(self, cfg, name):
|
|
pass
|
|
|
|
def read_from_args(self, args):
|
|
pass
|
|
|
|
def new_from_config(cfg, name):
|
|
security = None
|
|
we_cipher = cfg.get_int(name, "we_cipher")
|
|
if we_cipher == IW_AUTH_CIPHER_NONE:
|
|
security = Security(we_cipher)
|
|
elif we_cipher == IW_AUTH_CIPHER_WEP40 or we_cipher == IW_AUTH_CIPHER_WEP104:
|
|
security = WEPSecurity(we_cipher)
|
|
elif we_cipher == NM_AUTH_TYPE_WPA_PSK_AUTO or we_cipher == IW_AUTH_CIPHER_CCMP or we_cipher == IW_AUTH_CIPHER_TKIP:
|
|
security = WPASecurity(we_cipher)
|
|
else:
|
|
raise ValueError("Unsupported security combo")
|
|
security.read_from_config(cfg, name)
|
|
return security
|
|
new_from_config = staticmethod(new_from_config)
|
|
|
|
def new_from_args(we_cipher, args):
|
|
security = None
|
|
try:
|
|
if we_cipher == IW_AUTH_CIPHER_NONE:
|
|
security = Security(we_cipher)
|
|
elif we_cipher == IW_AUTH_CIPHER_WEP40 or we_cipher == IW_AUTH_CIPHER_WEP104:
|
|
security = WEPSecurity(we_cipher)
|
|
elif we_cipher == NM_AUTH_TYPE_WPA_PSK_AUTO or we_cipher == IW_AUTH_CIPHER_CCMP or we_cipher == IW_AUTH_CIPHER_TKIP:
|
|
security = WPASecurity(we_cipher)
|
|
else:
|
|
raise ValueError("Unsupported security combo")
|
|
security.read_from_args(args)
|
|
except ValueError, e:
|
|
logging.debug("Error reading security information: %s" % e)
|
|
del security
|
|
return None
|
|
return security
|
|
new_from_args = staticmethod(new_from_args)
|
|
|
|
def get_properties(self):
|
|
return [dbus.Int32(self._we_cipher)]
|
|
|
|
def write_to_config(self, section, config):
|
|
config.set(section, "we_cipher", self._we_cipher)
|
|
|
|
|
|
class WEPSecurity(Security):
|
|
def read_from_args(self, args):
|
|
if len(args) != 2:
|
|
raise ValueError("not enough arguments")
|
|
key = args[0]
|
|
auth_alg = args[1]
|
|
if isinstance(key, unicode):
|
|
key = key.encode()
|
|
if not isinstance(key, str):
|
|
raise ValueError("wrong argument type for key")
|
|
if not isinstance(auth_alg, int):
|
|
raise ValueError("wrong argument type for auth_alg")
|
|
self._key = key
|
|
self._auth_alg = auth_alg
|
|
|
|
def read_from_config(self, cfg, name):
|
|
# Key should be a hex encoded string
|
|
self._key = cfg.get(name, "key")
|
|
if self._we_cipher == IW_AUTH_CIPHER_WEP40 and len(self._key) != 10:
|
|
raise ValueError("Key length not right for 40-bit WEP")
|
|
if self._we_cipher == IW_AUTH_CIPHER_WEP104 and len(self._key) != 26:
|
|
raise ValueError("Key length not right for 104-bit WEP")
|
|
|
|
try:
|
|
a = binascii.a2b_hex(self._key)
|
|
except TypeError:
|
|
raise ValueError("Key was not a hexadecimal string.")
|
|
|
|
self._auth_alg = cfg.get_int(name, "auth_alg")
|
|
if self._auth_alg != IW_AUTH_ALG_OPEN_SYSTEM and self._auth_alg != IW_AUTH_ALG_SHARED_KEY:
|
|
raise ValueError("Invalid authentication algorithm %d" % self._auth_alg)
|
|
|
|
def get_properties(self):
|
|
args = Security.get_properties(self)
|
|
args.append(dbus.String(self._key))
|
|
args.append(dbus.Int32(self._auth_alg))
|
|
return args
|
|
|
|
def write_to_config(self, section, config):
|
|
Security.write_to_config(self, section, config)
|
|
config.set(section, "key", self._key)
|
|
config.set(section, "auth_alg", self._auth_alg)
|
|
|
|
class WPASecurity(Security):
|
|
def read_from_args(self, args):
|
|
if len(args) != 3:
|
|
raise ValueError("not enough arguments")
|
|
key = args[0]
|
|
if isinstance(key, unicode):
|
|
key = key.encode()
|
|
if not isinstance(key, str):
|
|
raise ValueError("wrong argument type for key")
|
|
|
|
wpa_ver = args[1]
|
|
if not isinstance(wpa_ver, int):
|
|
raise ValueError("wrong argument type for WPA version")
|
|
|
|
key_mgmt = args[2]
|
|
if not isinstance(key_mgmt, int):
|
|
raise ValueError("wrong argument type for WPA key management")
|
|
if not key_mgmt & IW_AUTH_KEY_MGMT_PSK:
|
|
raise ValueError("Key management types other than PSK are not supported")
|
|
|
|
self._key = key
|
|
self._wpa_ver = wpa_ver
|
|
self._key_mgmt = key_mgmt
|
|
|
|
def read_from_config(self, cfg, name):
|
|
# Key should be a hex encoded string
|
|
self._key = cfg.get(name, "key")
|
|
if len(self._key) != 64:
|
|
raise ValueError("Key length not right for WPA-PSK")
|
|
|
|
try:
|
|
a = binascii.a2b_hex(self._key)
|
|
except TypeError:
|
|
raise ValueError("Key was not a hexadecimal string.")
|
|
|
|
self._wpa_ver = cfg.get_int(name, "wpa_ver")
|
|
if self._wpa_ver != IW_AUTH_WPA_VERSION_WPA and self._wpa_ver != IW_AUTH_WPA_VERSION_WPA2:
|
|
raise ValueError("Invalid WPA version %d" % self._wpa_ver)
|
|
|
|
self._key_mgmt = cfg.get_int(name, "key_mgmt")
|
|
if not self._key_mgmt & IW_AUTH_KEY_MGMT_PSK:
|
|
raise ValueError("Invalid WPA key management option %d" % self._key_mgmt)
|
|
|
|
def get_properties(self):
|
|
args = Security.get_properties(self)
|
|
args.append(dbus.String(self._key))
|
|
args.append(dbus.Int32(self._wpa_ver))
|
|
args.append(dbus.Int32(self._key_mgmt))
|
|
return args
|
|
|
|
def write_to_config(self, section, config):
|
|
Security.write_to_config(self, section, config)
|
|
config.set(section, "key", self._key)
|
|
config.set(section, "wpa_ver", self._wpa_ver)
|
|
config.set(section, "key_mgmt", self._key_mgmt)
|
|
|
|
|
|
class Network:
|
|
def __init__(self, ssid):
|
|
self.ssid = ssid
|
|
self.timestamp = int(time.time())
|
|
self.bssids = []
|
|
self.we_cipher = 0
|
|
self._security = None
|
|
|
|
def get_properties(self):
|
|
bssid_list = dbus.Array([], signature="s")
|
|
for item in self.bssids:
|
|
bssid_list.append(dbus.String(item))
|
|
args = [dbus.String(self.ssid), dbus.Int32(self.timestamp), dbus.Boolean(True), bssid_list]
|
|
args += self._security.get_properties()
|
|
return tuple(args)
|
|
|
|
def get_security(self):
|
|
return self._security.get_properties()
|
|
|
|
def set_security(self, security):
|
|
self._security = security
|
|
|
|
def read_from_args(self, auto, bssid, we_cipher, args):
|
|
if auto == False:
|
|
self.timestamp = int(time.time())
|
|
if not bssid in self.bssids:
|
|
self.bssids.append(bssid)
|
|
|
|
self._security = Security.new_from_args(we_cipher, args)
|
|
if not self._security:
|
|
raise NetworkInvalidError("Invalid security information")
|
|
|
|
def read_from_config(self, config):
|
|
try:
|
|
self.timestamp = config.get_int(self.ssid, "timestamp")
|
|
except (ConfigParser.NoOptionError, ValueError), e:
|
|
raise NetworkInvalidError(e)
|
|
|
|
try:
|
|
self._security = Security.new_from_config(config, self.ssid)
|
|
except Exception, e:
|
|
raise NetworkInvalidError(e)
|
|
|
|
# The following don't need to be present
|
|
try:
|
|
self.bssids = config.get_list(self.ssid, "bssids")
|
|
except (ConfigParser.NoOptionError, ValueError), e:
|
|
pass
|
|
|
|
def write_to_config(self, config):
|
|
try:
|
|
config.add_section(self.ssid)
|
|
config.set(self.ssid, "timestamp", self.timestamp)
|
|
if len(self.bssids) > 0:
|
|
opt = " "
|
|
opt.join(self.bssids)
|
|
config.set(self.ssid, "bssids", opt)
|
|
self._security.write_to_config(self.ssid, config)
|
|
except Exception, e:
|
|
logging.debug("Error writing '%s': %s" % (self.ssid, e))
|
|
|
|
|
|
class NotFoundError(dbus.DBusException):
|
|
pass
|
|
class UnsupportedError(dbus.DBusException):
|
|
pass
|
|
|
|
class NMInfoDBusServiceHelper(dbus.service.Object):
|
|
def __init__(self, parent):
|
|
self._parent = parent
|
|
bus = dbus.SystemBus()
|
|
|
|
# If NMI is already around, don't grab the NMI service
|
|
bus_object = bus.get_object('org.freedesktop.DBus', '/org/freedesktop/DBus')
|
|
name = None
|
|
try:
|
|
name = bus_object.GetNameOwner("org.freedesktop.NetworkManagerInfo", \
|
|
dbus_interface='org.freedesktop.DBus')
|
|
except dbus.DBusException:
|
|
pass
|
|
if name:
|
|
logging.debug("NMI service already owned by %s, won't claim it." % name)
|
|
raise RuntimeError
|
|
|
|
bus_name = dbus.service.BusName(NM_INFO_IFACE, bus=bus)
|
|
dbus.service.Object.__init__(self, bus_name, NM_INFO_PATH)
|
|
|
|
@dbus.service.method(NM_INFO_IFACE, in_signature='i', out_signature='as')
|
|
def getNetworks(self, net_type):
|
|
ssids = self._parent.get_networks(net_type)
|
|
if len(ssids) > 0:
|
|
return dbus.Array(ssids)
|
|
|
|
raise NoNetworks()
|
|
|
|
@dbus.service.method(NM_INFO_IFACE, in_signature='si', async_callbacks=('async_cb', 'async_err_cb'))
|
|
def getNetworkProperties(self, ssid, net_type, async_cb, async_err_cb):
|
|
self._parent.get_network_properties(ssid, net_type, async_cb, async_err_cb)
|
|
|
|
@dbus.service.method(NM_INFO_IFACE)
|
|
def updateNetworkInfo(self, ssid, bauto, bssid, cipher, *args):
|
|
self._parent.update_network_info(ssid, bauto, bssid, cipher, args)
|
|
|
|
@dbus.service.method(NM_INFO_IFACE, async_callbacks=('async_cb', 'async_err_cb'))
|
|
def getKeyForNetwork(self, dev_path, net_path, ssid, attempt, new_key, async_cb, async_err_cb):
|
|
self._parent.get_key_for_network(dev_path, net_path, ssid,
|
|
attempt, new_key, async_cb, async_err_cb)
|
|
|
|
@dbus.service.method(NM_INFO_IFACE)
|
|
def cancelGetKeyForNetwork(self):
|
|
self._parent.cancel_get_key_for_network()
|
|
|
|
class NMInfo(object):
|
|
def __init__(self, client):
|
|
profile_path = env.get_profile_path()
|
|
self._cfg_file = os.path.join(profile_path, "nm", "networks.cfg")
|
|
self._nmclient = client
|
|
self._allowed_networks = self._read_config()
|
|
self._dbus_helper = NMInfoDBusServiceHelper(self)
|
|
self._key_dialog = None
|
|
|
|
def save_config(self):
|
|
self._write_config(self._allowed_networks)
|
|
|
|
def _read_config(self):
|
|
if not os.path.exists(os.path.dirname(self._cfg_file)):
|
|
os.makedirs(os.path.dirname(self._cfg_file), 0755)
|
|
if not os.path.exists(self._cfg_file):
|
|
self._write_config({})
|
|
return {}
|
|
|
|
config = NMConfig()
|
|
config.read(self._cfg_file)
|
|
networks = {}
|
|
for name in config.sections():
|
|
try:
|
|
net = Network(name)
|
|
net.read_from_config(config)
|
|
networks[name] = net
|
|
except Exception, e:
|
|
logging.error("Error when processing config for the network %s: %r" % (name, e))
|
|
|
|
del config
|
|
return networks
|
|
|
|
def _write_config(self, networks):
|
|
fp = open(self._cfg_file, 'w')
|
|
config = NMConfig()
|
|
for net in networks.values():
|
|
net.write_to_config(config)
|
|
config.write(fp)
|
|
fp.close()
|
|
del config
|
|
|
|
def get_networks(self, net_type):
|
|
if net_type != NETWORK_TYPE_ALLOWED:
|
|
raise ValueError("Bad network type")
|
|
nets = []
|
|
for net in self._allowed_networks.values():
|
|
nets.append(net.ssid)
|
|
logging.debug("Returning networks: %s" % nets)
|
|
return nets
|
|
|
|
def get_network_properties(self, ssid, net_type, async_cb, async_err_cb):
|
|
if not isinstance(ssid, unicode):
|
|
async_err_cb(ValueError("Invalid arguments; ssid must be unicode."))
|
|
if net_type != NETWORK_TYPE_ALLOWED:
|
|
async_err_cb(ValueError("Bad network type"))
|
|
if not self._allowed_networks.has_key(ssid):
|
|
async_err_cb(NotFoundError("Network '%s' not found." % ssid))
|
|
network = self._allowed_networks[ssid]
|
|
props = network.get_properties()
|
|
|
|
# DBus workaround: the normal method return handler wraps
|
|
# the returned arguments in a tuple and then converts that to a
|
|
# struct, but NetworkManager expects a plain list of arguments.
|
|
# It turns out that the async callback method return code _doesn't_
|
|
# wrap the returned arguments in a tuple, so as a workaround use
|
|
# the async callback stuff here even though we're not doing it
|
|
# asynchronously.
|
|
async_cb(*props)
|
|
|
|
def update_network_info(self, ssid, auto, bssid, we_cipher, args):
|
|
if not isinstance(ssid, unicode):
|
|
raise ValueError("Invalid arguments; ssid must be unicode.")
|
|
if self._allowed_networks.has_key(ssid):
|
|
del self._allowed_networks[ssid]
|
|
net = Network(ssid)
|
|
try:
|
|
net.read_from_args(auto, bssid, we_cipher, args)
|
|
logging.debug("Updated network information for '%s'." % ssid)
|
|
self._allowed_networks[ssid] = net
|
|
self.save_config()
|
|
except NetworkInvalidError, e:
|
|
logging.debug("Error updating network information: %s" % e)
|
|
del net
|
|
|
|
def get_key_for_network(self, dev_op, net_op, ssid, attempt, new_key, async_cb, async_err_cb):
|
|
if not isinstance(ssid, unicode):
|
|
raise ValueError("Invalid arguments; ssid must be unicode.")
|
|
if self._allowed_networks.has_key(ssid) and not new_key:
|
|
# We've got the info already
|
|
net = self._allowed_networks[ssid]
|
|
async_cb(tuple(net.get_security()))
|
|
return
|
|
|
|
# Otherwise, ask the user for it
|
|
net = None
|
|
dev = self._nmclient.get_device(dev_op)
|
|
if not dev:
|
|
async_err_cb(NotFoundError("Device was unknown."))
|
|
return
|
|
|
|
if dev.get_type() == nmclient.DEVICE_TYPE_802_3_ETHERNET:
|
|
# We don't support wired 802.1x yet...
|
|
async_err_cb(UnsupportedError("Device type is unsupported by NMI."))
|
|
return
|
|
|
|
net = dev.get_network(net_op)
|
|
if not net:
|
|
async_err_cb(NotFoundError("Network was unknown."))
|
|
return
|
|
|
|
self._key_dialog = keydialog.new_key_dialog(net, async_cb, async_err_cb)
|
|
self._key_dialog.connect("response", self._key_dialog_response_cb)
|
|
self._key_dialog.connect("destroy", self._key_dialog_destroy_cb)
|
|
self._key_dialog.show_all()
|
|
|
|
def _key_dialog_destroy_cb(self, widget, foo=None):
|
|
if widget != self._key_dialog:
|
|
return
|
|
self._key_dialog_response_cb(widget, gtk.RESPONSE_CANCEL)
|
|
|
|
def _key_dialog_response_cb(self, widget, response_id):
|
|
if widget != self._key_dialog:
|
|
return
|
|
|
|
(async_cb, async_err_cb) = self._key_dialog.get_callbacks()
|
|
net = self._key_dialog.get_network()
|
|
security = None
|
|
if response_id == gtk.RESPONSE_OK:
|
|
security = self._key_dialog.create_security()
|
|
self._key_dialog = None
|
|
widget.destroy()
|
|
|
|
if response_id in [gtk.RESPONSE_CANCEL, gtk.RESPONSE_NONE]:
|
|
# key dialog dialog was canceled; send the error back to NM
|
|
async_err_cb(CanceledKeyRequestError())
|
|
elif response_id == gtk.RESPONSE_OK:
|
|
if not security:
|
|
raise RuntimeError("Invalid security arguments.")
|
|
props = security.get_properties()
|
|
a = tuple(props)
|
|
async_cb(*a)
|
|
else:
|
|
raise RuntimeError("Unhandled key dialog response %d" % response_id)
|
|
|
|
def cancel_get_key_for_network(self):
|
|
# Close the wireless key dialog and just have it return
|
|
# with the 'canceled' argument set to true
|
|
if not self._key_dialog:
|
|
return
|
|
self._key_dialog_destroy_cb(self._key_dialog)
|
|
|