From 322c7cf83815bca5a6f01e728bcb424f127c72be Mon Sep 17 00:00:00 2001 From: Daniel Williams Date: Oct 21 2007 16:02:20 +0000 Subject: - Add BLOB support to the D-Bus interface - Fix D-Bus interface permissions so that only root can use the wpa_supplicant D-Bus interface --- diff --git a/wpa_supplicant-0.5.7-dbus-blobs.patch b/wpa_supplicant-0.5.7-dbus-blobs.patch new file mode 100644 index 0000000..9c33211 --- /dev/null +++ b/wpa_supplicant-0.5.7-dbus-blobs.patch @@ -0,0 +1,165 @@ +diff --git a/wpa_supplicant/ctrl_iface_dbus.c b/wpa_supplicant/ctrl_iface_dbus.c +index 1d66c96..8e236e8 100644 +--- a/wpa_supplicant/ctrl_iface_dbus.c ++++ b/wpa_supplicant/ctrl_iface_dbus.c +@@ -536,6 +536,10 @@ static DBusHandlerResult wpas_iface_message_handler(DBusConnection *connection, + reply = wpas_dbus_iface_set_ap_scan(message, wpa_s); + else if (!strcmp(method, "state")) + reply = wpas_dbus_iface_get_state(message, wpa_s); ++ else if (!strcmp(method, "setBlobs")) ++ reply = wpas_dbus_iface_set_blobs(message, wpa_s); ++ else if (!strcmp(method, "removeBlobs")) ++ reply = wpas_dbus_iface_remove_blobs(message, wpa_s); + } + + /* If the message was handled, send back the reply */ +diff --git a/wpa_supplicant/ctrl_iface_dbus_handlers.c b/wpa_supplicant/ctrl_iface_dbus_handlers.c +index 5e952ec..3ece2fe 100644 +--- a/wpa_supplicant/ctrl_iface_dbus_handlers.c ++++ b/wpa_supplicant/ctrl_iface_dbus_handlers.c +@@ -1203,3 +1203,128 @@ DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message, + + return reply; + } ++ ++ ++/** ++ * wpas_dbus_iface_set_blobs - Store named binary blobs (ie, for certificates) ++ * @message: Pointer to incoming dbus message ++ * @global: %wpa_supplicant global data structure ++ * Returns: A dbus message containing a UINT32 indicating success (1) or ++ * failure (0) ++ * ++ * Asks wpa_supplicant to internally store a one or more binary blobs. ++ */ ++DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message, ++ struct wpa_supplicant *wpa_s) ++{ ++ DBusMessage *reply = NULL; ++ struct wpa_dbus_dict_entry entry = { .type = DBUS_TYPE_STRING }; ++ DBusMessageIter iter, iter_dict; ++ ++ dbus_message_iter_init(message, &iter); ++ ++ if (!wpa_dbus_dict_open_read(&iter, &iter_dict)) ++ return wpas_dbus_new_invalid_opts_error(message, NULL); ++ ++ while (wpa_dbus_dict_has_dict_entry(&iter_dict)) { ++ struct wpa_config_blob *blob; ++ ++ if (!wpa_dbus_dict_get_entry(&iter_dict, &entry)) { ++ reply = wpas_dbus_new_invalid_opts_error(message, NULL); ++ break; ++ } ++ ++ if (entry.type != DBUS_TYPE_ARRAY || ++ entry.array_type != DBUS_TYPE_BYTE) { ++ reply = wpas_dbus_new_invalid_opts_error(message, ++ "Byte array expected."); ++ break; ++ } ++ ++ if ( (entry.array_len <= 0) ++ || (entry.array_len > 65536) ++ || !strlen(entry.key)) { ++ reply = wpas_dbus_new_invalid_opts_error(message, ++ "Invalid array size."); ++ break; ++ } ++ ++ blob = os_zalloc(sizeof(*blob)); ++ if (blob == NULL) { ++ reply = dbus_message_new_error(message, ++ WPAS_ERROR_ADD_ERROR, ++ "Not enough memory to add blob."); ++ break; ++ } ++ blob->data = os_zalloc(entry.array_len); ++ if (blob->data == NULL) { ++ reply = dbus_message_new_error(message, ++ WPAS_ERROR_ADD_ERROR, ++ "Not enough memory to add blob data."); ++ os_free(blob); ++ break; ++ } ++ ++ blob->name = os_strdup(entry.key); ++ os_memcpy(blob->data, (u8 *) entry.bytearray_value, ++ entry.array_len); ++ if (blob->name == NULL || blob->data == NULL) { ++ wpa_config_free_blob(blob); ++ reply = dbus_message_new_error(message, ++ WPAS_ERROR_ADD_ERROR, ++ "Error adding blob."); ++ break; ++ } ++ ++ /* Success */ ++ wpa_config_remove_blob(wpa_s->conf, blob->name); ++ wpa_config_set_blob(wpa_s->conf, blob); ++ wpa_dbus_dict_entry_clear(&entry); ++ } ++ wpa_dbus_dict_entry_clear(&entry); ++ ++ return reply ? reply : wpas_dbus_new_success_reply(message);; ++} ++ ++/** ++ * wpas_dbus_iface_remove_blob - Remove named binary blobs ++ * @message: Pointer to incoming dbus message ++ * @global: %wpa_supplicant global data structure ++ * Returns: A dbus message containing a UINT32 indicating success (1) or ++ * failure (0) ++ * ++ * Asks wpa_supplicant to remove one or more previously stored binary blobs. ++ */ ++DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message, ++ struct wpa_supplicant *wpa_s) ++{ ++ DBusMessageIter iter, array; ++ char *err_msg = NULL; ++ ++ dbus_message_iter_init(message, &iter); ++ ++ if ((dbus_message_iter_get_arg_type (&iter) != DBUS_TYPE_ARRAY) ++ || (dbus_message_iter_get_element_type (&iter) != DBUS_TYPE_STRING)) ++ return wpas_dbus_new_invalid_opts_error(message, NULL); ++ ++ dbus_message_iter_recurse(&iter, &array); ++ while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_STRING) { ++ const char *name; ++ ++ dbus_message_iter_get_basic(&array, &name); ++ if (!strlen(name)) ++ err_msg = "Invalid blob name."; ++ ++ if (wpa_config_remove_blob(wpa_s->conf, name) != 0) ++ err_msg = "Error removing blob."; ++ dbus_message_iter_next(&array); ++ } ++ ++ if (err_msg) { ++ return dbus_message_new_error(message, WPAS_ERROR_REMOVE_ERROR, ++ err_msg); ++ } ++ ++ return wpas_dbus_new_success_reply(message); ++} ++ +diff --git a/wpa_supplicant/ctrl_iface_dbus_handlers.h b/wpa_supplicant/ctrl_iface_dbus_handlers.h +index 0fd1d31..0ae94c4 100644 +--- a/wpa_supplicant/ctrl_iface_dbus_handlers.h ++++ b/wpa_supplicant/ctrl_iface_dbus_handlers.h +@@ -71,6 +71,12 @@ DBusMessage * wpas_dbus_iface_set_ap_scan(DBusMessage *message, + DBusMessage * wpas_dbus_iface_get_state(DBusMessage *message, + struct wpa_supplicant *wpa_s); + ++DBusMessage * wpas_dbus_iface_set_blobs(DBusMessage *message, ++ struct wpa_supplicant *wpa_s); ++ ++DBusMessage * wpas_dbus_iface_remove_blobs(DBusMessage *message, ++ struct wpa_supplicant *wpa_s); ++ + #endif /* CONFIG_CTRL_IFACE_DBUS */ + + #endif /* CTRL_IFACE_DBUS_HANDLERS_H */ diff --git a/wpa_supplicant-0.5.7-dbus-permissions-fix.patch b/wpa_supplicant-0.5.7-dbus-permissions-fix.patch new file mode 100644 index 0000000..2132185 --- /dev/null +++ b/wpa_supplicant-0.5.7-dbus-permissions-fix.patch @@ -0,0 +1,14 @@ +diff -up wpa_supplicant-0.5.7/dbus-wpa_supplicant.conf.permfix wpa_supplicant-0.5.7/dbus-wpa_supplicant.conf +--- wpa_supplicant-0.5.7/dbus-wpa_supplicant.conf.permfix 2007-10-20 07:42:01.000000000 -0400 ++++ wpa_supplicant-0.5.7/dbus-wpa_supplicant.conf 2007-10-20 07:42:22.000000000 -0400 +@@ -8,10 +8,6 @@ + + + +- +- +- +- + + + diff --git a/wpa_supplicant.spec b/wpa_supplicant.spec index b1cce4a..20dd1ab 100644 --- a/wpa_supplicant.spec +++ b/wpa_supplicant.spec @@ -2,7 +2,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant Name: wpa_supplicant Epoch: 1 Version: 0.5.7 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2 Group: System Environment/Base Source0: http://hostap.epitest.fi/releases/%{name}-%{version}.tar.gz @@ -23,6 +23,8 @@ Patch6: wpa_supplicant-0.5.7-flush-debug-output.patch Patch7: wpa_supplicant-0.5.7-sigusr1-changes-debuglevel.patch Patch8: wpa_supplicant-0.5.7-always-scan.patch Patch9: wpa_supplicant-0.5.7-dbus-iface-segfault-fix.patch +Patch10: wpa_supplicant-0.5.7-dbus-blobs.patch +Patch11: wpa_supplicant-0.5.7-dbus-permissions-fix.patch URL: http://w1.fi/wpa_supplicant/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -59,6 +61,8 @@ Graphical User Interface for wpa_supplicant written using QT3 %patch7 -p1 -b .sigusr1-changes-debuglevel %patch8 -p1 -b .always-scan %patch9 -p1 -b .dbus-iface-segfault-fix +%patch10 -p2 -b .dbus-blobs +%patch11 -p1 -b .dbus-permissions-fix %build cp %{SOURCE1} ./.config @@ -144,6 +148,11 @@ fi %{_bindir}/wpa_gui %changelog +* Sat Oct 20 2007 Dan Williams - 0.5.7-11 +- Add BLOB support to the D-Bus interface +- Fix D-Bus interface permissions so that only root can use the wpa_supplicant + D-Bus interface + * Tue Oct 9 2007 Dan Williams - 0.5.7-10 - Don't segfault with dbus control interface enabled and invalid network interface (rh #310531)