Convert WiFi access point flags to connection profile security settings

Beniamino Galvani bgalvani at redhat.com
Mon May 6 07:36:16 UTC 2024


On Thu, May 02, 2024 at 03:54:41PM +0200, Adrien Cossa wrote:
> Hello,
> 
> I am writing a web API for NetworkManager, to get something like
> `nm-applet`, but in the browser. And I am struggling to implement the
> listing of access points, because I lack knowledge about NetworkManager
> and wireless security.
> 
> Retrieving the data via DBus etc. is OK (I use the great sdbus library
> for python [1]), but I don't know what to do with the access point's
> `Flags` [2], `WpaFlags` and `RsnFlags` [3]. I am trying to convert those
> flags combinations to `auth-alg` and `key-mgmt`, as described in [4]...
> because I assume that it will be needed to create a new connection
> profile with the right parameters. I found a useful code example [5] to
> start with, but there's still a lot to do (and I wonder if this example
> is up-to-date).
> 
> 1) Do I really need to build this mapping from the flags that I receive
> from DBus to `auth-alg` and `key-mgmt`? Or is there a better way than
> creating + activating a new connection profile to tell NetworkManager
> "please connect me to that access point" (via DBus)?

There is a better way: you can use the AddAndActivate2() D-Bus API [1]
and pass as `specific_object` the path of an AP object. NM will
autocomplete the security settings automatically [2]. You only need to
supply a PSK if you are connecting to a WPA-PSK/SAE network. For
reference, you can look at how nmcli does it in [3].

[1] https://networkmanager.dev/docs/api/latest/gdbus-org.freedesktop.NetworkManager.html#gdbus-method-org-freedesktop-NetworkManager.AddAndActivateConnection2
[2] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.49.0-dev/src/core/devices/wifi/nm-wifi-utils.c#L533
[3] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.49.0-dev/src/nmcli/devices.c#L3643

> 2) If adding the profile and activating it is the way to go, do you know
> where I could find the correspondence between the access point's flags
> to the wireless security settings `auth-alg` and `key-mgmt`? A table
> with the basic mapping for the most used access point configuration
> would already be great (a bit like [5] but more detailed, and using
> `auth-alg` and `key-mgmt` terminology).

See above.

> 3) Is `WpaFlags` used for the first version of WPA only, and `RsnFlags`
> used for WPA2 + WPA3?

Yes.

Beniamino
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/networkmanager/attachments/20240506/d121b734/attachment-0001.sig>


More information about the Networkmanager mailing list