rpms/wpa_supplicant/devel wpa_supplicant-ctrl-iface-hide-keys.patch, NONE, 1.1 wpa_supplicant.spec, 1.8, 1.9
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Feb 28 05:03:50 UTC 2006
Author: dcbw
Update of /cvs/dist/rpms/wpa_supplicant/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv23087
Modified Files:
wpa_supplicant.spec
Added Files:
wpa_supplicant-ctrl-iface-hide-keys.patch
Log Message:
* Mon Feb 27 2006 Dan Williams <dcbw at redhat.com> - 0.4.8-2
- Don't expose private data on the control interface unless requested
wpa_supplicant-ctrl-iface-hide-keys.patch:
ctrl_iface.c | 21 +++++++++++++++++++--
1 files changed, 19 insertions(+), 2 deletions(-)
--- NEW FILE wpa_supplicant-ctrl-iface-hide-keys.patch ---
--- wpa_supplicant-0.4.8/ctrl_iface.c.hidekeys 2006-02-27 19:07:10.000000000 -0500
+++ wpa_supplicant-0.4.8/ctrl_iface.c 2006-02-27 23:49:40.000000000 -0500
@@ -681,6 +681,8 @@
int id;
struct wpa_ssid *ssid;
char *name, *value;
+ int show_value = 1;
+ const char *nokey = "[REMOVED]";
/* cmd: "<network id> <variable name> <value>" */
name = strchr(cmd, ' ');
@@ -688,6 +690,12 @@
return -1;
*name++ = '\0';
+ /* Only show passwords and keys if requested */
+ if (!strncmp (name, "wep_key", 7) || !strcmp (name, "psk")
+ || !strcmp (name, "password") || !strcmp (name, "pin")) {
+ show_value = wpa_s->global->params.wpa_debug_show_keys;
+ }
+
value = strchr(name, ' ');
if (value == NULL)
return -1;
@@ -695,7 +703,7 @@
id = atoi(cmd);
wpa_printf(MSG_DEBUG, "CTRL_IFACE: SET_NETWORK id=%d name='%s' "
- "value='%s'", id, name, value);
+ "value='%s'", id, name, show_value ? value : nokey);
ssid = wpa_config_get_network(wpa_s->conf, id);
if (ssid == NULL) {
@@ -706,7 +714,7 @@
if (wpa_config_set(ssid, name, value, 0) < 0) {
wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to set network "
- "variable '%s' to '%s'", name, value);
+ "variable '%s' to '%s'", name, show_value ? value : nokey);
return -1;
}
@@ -965,6 +973,15 @@
if (strncmp(buf, WPA_CTRL_RSP, strlen(WPA_CTRL_RSP)) == 0) {
wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
(u8 *) buf, res);
+ } else if (strncmp(buf, "SET_NETWORK ", 12) == 0) {
+ /* Check for forbidden material here too */
+ if (strstr (buf, " wep_key") || strstr (buf, " psk ")
+ || strstr (buf, " password ") || strstr (buf, " pin ")) {
+ wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
+ (u8 *) buf, res);
+ } else {
+ wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface", (u8 *) buf, res);
+ }
} else {
wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface", (u8 *) buf, res);
}
Index: wpa_supplicant.spec
===================================================================
RCS file: /cvs/dist/rpms/wpa_supplicant/devel/wpa_supplicant.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wpa_supplicant.spec 27 Feb 2006 07:46:47 -0000 1.8
+++ wpa_supplicant.spec 28 Feb 2006 05:03:44 -0000 1.9
@@ -2,7 +2,7 @@
Name: wpa_supplicant
Epoch: 1
Version: 0.4.8
-Release: 1
+Release: 2
License: GPL
Group: System Environment/Base
Source0: http://hostap.epitest.fi/releases/%{name}-%{version}.tar.gz
@@ -13,6 +13,7 @@
Source5: madwifi-headers.tar.bz2
Patch0: wpa_supplicant-auth-fallback-v4.patch
Patch1: wpa_supplicant-ctrl-iface-ap-scan.patch
+Patch2: wpa_supplicant-ctrl-iface-hide-keys.patch
URL: http://hostap.epitest.fi/wpa_supplicant/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -35,7 +36,8 @@
%prep
%setup -q
%patch0 -p0 -b .we-auth-fallback
-%patch1 -p1 -b .ap_scan
+%patch1 -p1 -b .ap-scan
+%patch2 -p1 -b .ctrl-iface-hide-keys
%build
cp %{SOURCE1} ./.config
@@ -110,6 +112,9 @@
%{_bindir}/wpa_gui
%changelog
+* Mon Feb 27 2006 Dan Williams <dcbw at redhat.com> - 0.4.8-2
+- Don't expose private data on the control interface unless requested
+
* Fri Feb 24 2006 Dan Williams <dcbw at redhat.com> - 0.4.8-1
- Downgrade to 0.4.8 stable release rather than a dev release
More information about the fedora-cvs-commits
mailing list