Convert WiFi access point flags to connection profile security settings

Thu May 2 13:54:41 UTC 2024

Hello,

I am writing a web API for NetworkManager, to get something like
`nm-applet`, but in the browser. And I am struggling to implement the
listing of access points, because I lack knowledge about NetworkManager
and wireless security.

Retrieving the data via DBus etc. is OK (I use the great sdbus library
for python [1]), but I don't know what to do with the access point's
`Flags` [2], `WpaFlags` and `RsnFlags` [3]. I am trying to convert those
flags combinations to `auth-alg` and `key-mgmt`, as described in [4]...
because I assume that it will be needed to create a new connection
profile with the right parameters. I found a useful code example [5] to
start with, but there's still a lot to do (and I wonder if this example
is up-to-date).

1) Do I really need to build this mapping from the flags that I receive
from DBus to `auth-alg` and `key-mgmt`? Or is there a better way than
creating + activating a new connection profile to tell NetworkManager
"please connect me to that access point" (via DBus)?

2) If adding the profile and activating it is the way to go, do you know
where I could find the correspondence between the access point's flags
to the wireless security settings `auth-alg` and `key-mgmt`? A table
with the basic mapping for the most used access point configuration
would already be great (a bit like [5] but more detailed, and using
`auth-alg` and `key-mgmt` terminology).

3) Is `WpaFlags` used for the first version of WPA only, and `RsnFlags`
used for WPA2 + WPA3?

Many thanks,

Adrien

[1] https://github.com/python-sdbus/python-sdbus-networkmanager

[2]
https://networkmanager.dev/docs/api/latest/nm-dbus-types.html#NM80211ApFlags

[3]
https://networkmanager.dev/docs/api/latest/nm-dbus-types.html#NM80211ApSecurityFlags

[4]
https://networkmanager.dev/docs/api/latest/nm-settings-dbus.html#id-1.2.9.4.49

[5]
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/examples/python/gi/show-wifi-networks.py

Adrien Cossa
Senior Software Developer
Viewpointsystem GmbH    [http://sig.viewpointsystem.com/icons.png]
Technology Center Seestadt, Bt. 2 Christine-Touaillon-Str. 11 / Top 14, 1220 Vienna, Austria
UID ATU 65189299 | FN 333211t | HG Wien
M  | T +43 1 208 90 90
a.cossa at viewpointsystem.com<mailto:a.cossa at viewpointsystem.com> | www.viewpointsystem.com<https://www.viewpointsystem.com>
Datenschutzerklaerung <https://viewpointsystem.com/de/datenschutz/>
[http://sig.viewpointsystem.com/xing22_vps.png] <https://www.xing.com/companies/viewpointsystemgmbh>    [http://sig.viewpointsystem.com/linkedin22_vps.png]  <https://www.linkedin.com/company/viewpointsystem-gmbh?trk=prof-following-company-logo>    [http://sig.viewpointsystem.com/twitter22_vps.png]  <https://twitter.com/VPS_Eyetracking>       [http://sig.viewpointsystem.com/fb22_vps.png]  <https://www.facebook.com/Viewpointsystem-GmbH-382331958771804/>         [http://sig.viewpointsystem.com/youtube22_vps.png]  <https://www.youtube.com/user/viewpointsystem>
https://viewpointsystem.wetransfer.com [http://sig.viewpointsystem.com/news_eng.jpg] <https://seu2.cleverreach.com/f/342259-351488/>
This message and any attached files are confidential and intended solely for the addressee(s). Any publication, transmission or other use of the information by a person or entity other than the intended addressee is prohibited. If you receive this in error, please contact the sender and delete the material. The sender does not accept liability for any errors or omissions as a result of the transmission. The contents of this email and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this email is received in error, please contact viewpointsystem gmbh nor the name of the sender and the email address to which it has been sent and then delete it. Please note that neither viewpointsystem gmbh or the sender accepts any responsibility for viruses - it is your responsibility to scan or otherwise check this email and any attachments.