Skip to content

Commit

Permalink
Hide WPA3 feature based on property
Browse files Browse the repository at this point in the history
Signed-off-by: pierantoniomerlino <[email protected]>
  • Loading branch information
pierantoniomerlino committed Dec 6, 2024
1 parent 27b8caa commit b59ea8a
Show file tree
Hide file tree
Showing 15 changed files with 297 additions and 35 deletions.
2 changes: 1 addition & 1 deletion kura/org.eclipse.kura.api/META-INF/MANIFEST.MF
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ Export-Package: org.eclipse.kura;version="1.7.0",
org.eclipse.kura.security.tamper.detection;version="1.0.0",
org.eclipse.kura.ssl;version="2.1.0",
org.eclipse.kura.status;version="1.0.2",
org.eclipse.kura.system;version="1.8.0",
org.eclipse.kura.system;version="1.9.0",
org.eclipse.kura.type;version="1.1.0",
org.eclipse.kura.usb;version="1.3.0",
org.eclipse.kura.watchdog;version="1.0.2",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,11 @@ public interface SystemService {
*/
public static final String KEY_DEFAULT_LOG_MANAGER = "kura.default.log.manager";

/**
* @since 3.0
*/
public static final String KEY_WPA3_WIFI_SECURITY_ENABLE = "kura.wpa3.wifi.security.enable";

/**
* @deprecated
*/
Expand Down Expand Up @@ -619,4 +624,13 @@ public interface SystemService {
*/
public Optional<String> getDefaultLogManager();

/**
* Returns true if the WPA3 WiFi Security is enabled on this device.
* The default is false.
*
* @since 3.0
* @return true if the WPA3 WiFi Security is enabled
*/
public boolean isWPA3WifiSecurityEnabled();

}
2 changes: 1 addition & 1 deletion kura/org.eclipse.kura.core.system/META-INF/MANIFEST.MF
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Import-Package:
org.eclipse.kura;version="[1.0,2.0)",
org.eclipse.kura.executor;version="[1.0,2.0)",
org.eclipse.kura.net;version="[2.0,3.0)",
org.eclipse.kura.system;version="[1.8,1.9)",
org.eclipse.kura.system;version="[1.9,2.0)",
org.osgi.framework;version="1.5.0",
org.osgi.service.component;version="1.2.0",
org.slf4j;version="1.6.4"
Original file line number Diff line number Diff line change
Expand Up @@ -1527,4 +1527,14 @@ public Optional<String> getDefaultLogManager() {
return getProperty(KEY_DEFAULT_LOG_MANAGER);
}

@Override
public boolean isWPA3WifiSecurityEnabled() {
final Optional<String> isWPA3enabled = getProperty(KEY_WPA3_WIFI_SECURITY_ENABLE);
if (isWPA3enabled.isPresent()) {
return Boolean.parseBoolean(isWPA3enabled.get());
}

return false;
}

}
1 change: 1 addition & 0 deletions kura/org.eclipse.kura.nm/META-INF/MANIFEST.MF
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ Import-Package: javax.xml.bind;version="2.3.3",
org.eclipse.kura.net.wifi;version="[2.4,3.0]",
org.eclipse.kura.position;version="[1.4,2.0)",
org.eclipse.kura.security.keystore;version="[1.0,2.0)",
org.eclipse.kura.system;version="[1.9,2.0)",
org.eclipse.kura.usb;version="[1.0,2.0)",
org.osgi.framework;version="1.5.0",
org.osgi.service.component;version="1.2.0",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,5 @@
<reference bind="setDnsServerService" cardinality="1..1" interface="org.eclipse.kura.internal.linux.net.dns.DnsServerService" name="DNSService" policy="static" />
<reference name="CryptoService" interface="org.eclipse.kura.crypto.CryptoService" bind="setCryptoService" unbind="unsetCryptoService" cardinality="1..1" policy="static"/>
<reference name="KeystoreService" interface="org.eclipse.kura.security.keystore.KeystoreService" bind="setKeystoreService" unbind="unsetKeystoreService" cardinality="0..n" policy="dynamic"/>
<reference bind="setSystemService" cardinality="1..1" interface="org.eclipse.kura.system.SystemService" name="SystemService" policy="static"/>
</scr:component>
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@
import org.eclipse.kura.linux.net.util.IwCapabilityTool;
import org.eclipse.kura.net.status.NetworkInterfaceStatus;
import org.eclipse.kura.net.wifi.WifiChannel;
import org.eclipse.kura.net.wifi.WifiMode;
import org.eclipse.kura.net.wifi.WifiSecurity;
import org.eclipse.kura.nm.configuration.NMSettingsConverter;
import org.eclipse.kura.nm.enums.MMModemLocationSource;
import org.eclipse.kura.nm.enums.NMDeviceState;
Expand All @@ -44,6 +46,7 @@
import org.eclipse.kura.nm.status.NMStatusConverter;
import org.eclipse.kura.nm.status.SimProperties;
import org.eclipse.kura.nm.status.SupportedChannelsProperties;
import org.eclipse.kura.system.SystemService;
import org.freedesktop.NetworkManager;
import org.freedesktop.dbus.DBusPath;
import org.freedesktop.dbus.connections.impl.DBusConnection;
Expand Down Expand Up @@ -94,6 +97,7 @@ public class NMDbusConnector {
private final NetworkManagerDbusWrapper networkManager;
private final ModemManagerDbusWrapper modemManager;
private final WpaSupplicantDbusWrapper wpaSupplicant;
private Optional<SystemService> optionalSystemService = Optional.empty();

private Map<String, Object> cachedConfiguration = null;

Expand Down Expand Up @@ -125,6 +129,10 @@ public DBusConnection getDbusConnection() {
return this.dbusConnection;
}

public void setSystemService(SystemService systemService) {
this.optionalSystemService = Optional.of(systemService);
}

public boolean configurationEnforcementIsActive() {
return Objects.nonNull(this.configurationEnforcementHandler) && Objects.nonNull(this.deviceAddedHandler)
&& this.configurationEnforcementHandlerIsArmed;
Expand Down Expand Up @@ -459,6 +467,12 @@ private synchronized void manageConfiguredInterface(Optional<Device> device, Str
return;
}

if (NMDeviceType.NM_DEVICE_TYPE_WIFI.equals(deviceType) && !isWPA3WifiSecuritySupported()
&& shouldConfigureWPA3WifiSecurity(deviceId, properties)) {
logger.warn("WPA3 is not supported. Cannot configure device \"{}\"", deviceId);
return;
}

logger.info("Settings iface \"{}\":{}", deviceId, deviceType);

if (interfaceStatus == KuraInterfaceStatus.DISABLED) {
Expand All @@ -481,6 +495,34 @@ private synchronized void manageConfiguredInterface(Optional<Device> device, Str

}

private boolean isWPA3WifiSecuritySupported() {
boolean isWPA3Supported = false;
if (this.optionalSystemService.isPresent()) {
isWPA3Supported = this.optionalSystemService.get().isWPA3WifiSecurityEnabled();
}
return isWPA3Supported;
}

private boolean shouldConfigureWPA3WifiSecurity(String deviceId, NetworkProperties properties) {
Optional<String> optionalWifiMode = properties.getOpt(String.class, "net.interface.%s.config.wifi.mode",
deviceId);
if (!optionalWifiMode.isPresent() || (!optionalWifiMode.get().equals(WifiMode.INFRA.toString())
&& !optionalWifiMode.get().equals(WifiMode.MASTER.toString()))) {
return false;
}

String wifiMode = optionalWifiMode.get().toLowerCase();
Optional<String> optionalWifiSecurity = properties.getOpt(String.class,
"net.interface.%s.config.wifi.%s.securityType", deviceId, wifiMode);

if (optionalWifiSecurity.isPresent()) {
return optionalWifiSecurity.get().equals(WifiSecurity.SECURITY_WPA3.toString())
|| optionalWifiSecurity.get().equals(WifiSecurity.SECURITY_WPA2_WPA3.toString());
}

return false;
}

private void enableInterface(String deviceId, NetworkProperties properties, Optional<Device> device,
NMDeviceType deviceType) throws DBusException {
if (device.isPresent()) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@
import org.eclipse.kura.nm.configuration.writer.DhcpServerConfigWriter;
import org.eclipse.kura.nm.configuration.writer.FirewallNatConfigWriter;
import org.eclipse.kura.security.keystore.KeystoreService;
import org.eclipse.kura.system.SystemService;
import org.freedesktop.dbus.exceptions.DBusException;
import org.freedesktop.dbus.exceptions.DBusExecutionException;
import org.osgi.service.component.ComponentContext;
Expand Down Expand Up @@ -79,6 +80,7 @@ public class NMConfigurationServiceImpl implements SelfConfiguringComponent {
private EventAdmin eventAdmin;
private CommandExecutorService commandExecutorService;
private CryptoService cryptoService;
private SystemService systemService;

private Map<String, KeystoreService> keystoreServices = new HashMap<>();

Expand Down Expand Up @@ -149,6 +151,10 @@ public void setDnsServerService(DnsServerService dnsServer) {
this.dnsServer = dnsServer;
}

public void setSystemService(SystemService systemService) {
this.systemService = systemService;
}

public NMConfigurationServiceImpl() {
try {
this.nmDbusConnector = NMDbusConnector.getInstance();
Expand Down Expand Up @@ -176,6 +182,7 @@ public void activate(ComponentContext componentContext, Map<String, Object> prop
if (Objects.nonNull(this.nmDbusConnector)) {
try {
this.nmDbusConnector.checkPermissions();
this.nmDbusConnector.setSystemService(this.systemService);
} catch (DBusExecutionException e) {
logger.error("Cannot check NetworkManager permissions due to: ", e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,10 @@
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.logging.Logger;

import org.eclipse.kura.system.SystemService;
import org.eclipse.kura.web.client.messages.Messages;
import org.eclipse.kura.web.client.ui.EntryClassUi;
import org.eclipse.kura.web.client.ui.NewPasswordInput;
Expand All @@ -27,6 +29,7 @@
import org.eclipse.kura.web.client.util.MessageUtils;
import org.eclipse.kura.web.shared.GwtSafeHtmlUtils;
import org.eclipse.kura.web.shared.model.GwtConsoleUserOptions;
import org.eclipse.kura.web.shared.model.GwtGroupedNVPair;
import org.eclipse.kura.web.shared.model.GwtNetIfStatus;
import org.eclipse.kura.web.shared.model.GwtNetInterfaceConfig;
import org.eclipse.kura.web.shared.model.GwtSession;
Expand All @@ -41,6 +44,8 @@
import org.eclipse.kura.web.shared.model.GwtWifiSecurity;
import org.eclipse.kura.web.shared.model.GwtWifiWirelessMode;
import org.eclipse.kura.web.shared.model.GwtXSRFToken;
import org.eclipse.kura.web.shared.service.GwtDeviceService;
import org.eclipse.kura.web.shared.service.GwtDeviceServiceAsync;
import org.eclipse.kura.web.shared.service.GwtNetworkService;
import org.eclipse.kura.web.shared.service.GwtNetworkServiceAsync;
import org.eclipse.kura.web.shared.service.GwtSecurityTokenService;
Expand Down Expand Up @@ -140,6 +145,7 @@ interface TabWirelessUiUiBinder extends UiBinder<Widget, TabWirelessUi> {

private final GwtSecurityTokenServiceAsync gwtXSRFService = GWT.create(GwtSecurityTokenService.class);
private final GwtNetworkServiceAsync gwtNetworkService = GWT.create(GwtNetworkService.class);
private final GwtDeviceServiceAsync gwtDeviceService = GWT.create(GwtDeviceService.class);

private static final String REGEX_PASS_WPA = "^[ -~]{8,63}$";
private static final String REGEX_PASS_WEP = "^(?:[\\x00-\\x7F]{5}|[\\x00-\\x7F]{13}|[a-fA-F0-9]{10}|[a-fA-F0-9]{26})$";
Expand All @@ -152,6 +158,7 @@ interface TabWirelessUiUiBinder extends UiBinder<Widget, TabWirelessUi> {
private final NetworkTabsUi netTabs;
private final ListDataProvider<GwtWifiHotspotEntry> ssidDataProvider = new ListDataProvider<>();
private final SingleSelectionModel<GwtWifiHotspotEntry> ssidSelectionModel = new SingleSelectionModel<>();
// private boolean isWPA3WifiSecuritySupported;

AnchorListItem wireless8021xTabAnchorItem;

Expand Down Expand Up @@ -372,6 +379,8 @@ public TabWirelessUi(GwtSession currentSession, TabIp4Ui tcp4, TabIp6Ui tcp6,
evalActiveConfig();
});

configureWifiSecurityListBox();

logger.info("Constructor done.");
}

Expand Down Expand Up @@ -914,23 +923,7 @@ private void initForm() {
});

// Wireless Security
this.labelSecurity.setText(MSGS.netWifiWirelessSecurity());
this.security.addMouseOverHandler(event -> {
if (TabWirelessUi.this.security.isEnabled()) {
TabWirelessUi.this.helpText.clear();
TabWirelessUi.this.helpText.add(new Span(MSGS.netWifiToolTipSecurity()));
}
});
this.security.addMouseOutHandler(event -> resetHelp());
for (GwtWifiSecurity mode : GwtWifiSecurity.values()) {
this.security.addItem(MessageUtils.get(mode.name()));
}
this.security.addChangeHandler(event -> {
setDirty(true);
setPasswordValidation();
refreshForm();
checkPassword();
});
initWifiSecurityListBox(false);

// Password
this.labelPassword.setText(MSGS.netWifiWirelessPassword());
Expand Down Expand Up @@ -1201,6 +1194,7 @@ private void remove8021xFromSecurityDropdown() {
for (int i = 0; i < this.security.getItemCount(); i++) {
if (this.security.getItemText(i).equals(WIFI_SECURITY_WPA2_WPA3_ENTERPRISE_MESSAGE)) {
this.security.removeItem(i);
return;
}
}
}
Expand Down Expand Up @@ -1866,4 +1860,74 @@ private void fillRadioMode(boolean acSupported) {
this.radio.addItem(WIFI_BAND_BOTH_MESSAGE, WIFI_RADIO_BGN);
}

private void configureWifiSecurityListBox() {

this.gwtXSRFService.generateSecurityToken(new AsyncCallback<GwtXSRFToken>() {

@Override
public void onFailure(Throwable ex) {
FailureHandler.handle(ex);
}

@Override
public void onSuccess(GwtXSRFToken token) {
TabWirelessUi.this.gwtDeviceService.findSystemProperties(token,
new AsyncCallback<List<GwtGroupedNVPair>>() {

@Override
public void onFailure(Throwable caught) {
logger.info("Unable to read WPA3 WiFi Security support property.");
}

@Override
public void onSuccess(List<GwtGroupedNVPair> result) {
Optional<GwtGroupedNVPair> wpa3SupportPair = result.stream().filter(
pair -> pair.getName().equals(SystemService.KEY_WPA3_WIFI_SECURITY_ENABLE))
.findFirst();
if (wpa3SupportPair.isPresent()
&& Boolean.parseBoolean(wpa3SupportPair.get().getValue())) {
initWifiSecurityListBox(true);
}
}
});
}
});
}

private void initWifiSecurityListBox(boolean isWPA3WifiSecuritySupported) {
this.labelSecurity.setText(MSGS.netWifiWirelessSecurity());
this.security.addMouseOverHandler(event -> {
if (TabWirelessUi.this.security.isEnabled()) {
TabWirelessUi.this.helpText.clear();
TabWirelessUi.this.helpText.add(new Span(composeNetWifiToolTipSecurity(isWPA3WifiSecuritySupported)));
}
});
this.security.addMouseOutHandler(event -> resetHelp());
this.security.clear();
for (GwtWifiSecurity mode : GwtWifiSecurity.values()) {
if (mode.equals(GwtWifiSecurity.netWifiSecurityWPA3)
|| mode.equals(GwtWifiSecurity.netWifiSecurityWPA2_WPA3)) {
if (isWPA3WifiSecuritySupported) {
this.security.addItem(MessageUtils.get(mode.name()));
}
} else {
this.security.addItem(MessageUtils.get(mode.name()));
}
}
this.security.addChangeHandler(event -> {
setDirty(true);
setPasswordValidation();
refreshForm();
checkPassword();
});
}

private String composeNetWifiToolTipSecurity(boolean isWPA3WifiSecuritySupported) {
String toolTipMessage = MSGS.netWifiToolTipSecurity();
if (isWPA3WifiSecuritySupported) {
toolTipMessage += "<br><br>" + MSGS.netWifiToolTipSecurityWPA3();
}
return toolTipMessage;
}

}
Loading

0 comments on commit b59ea8a

Please sign in to comment.