Unverified Commit a065b80b authored by rnhmjoj's avatar rnhmjoj
Browse files

wpa_supplicant: add patch to fix ext_passwords_file bug 

This fixes inconsistent behaviour in ext_passwords_file that makes
impossible to input passphrases containing certain characters.

Closes #342140
parent af8995a6

pkgs/os-specific/linux/wpa_supplicant/default.nix

+1 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ stdenv.mkDerivation rec { 
      hash = "sha256-X6mBbj7BkW66aYeSCiI3JKBJv10etLQxaTRfRgwsFmM=";

      revert = true;

    })

    ./unsurprising-ext-password.patch

  ];



  # TODO: Patch epoll so that the dbus actually responds

pkgs/os-specific/linux/wpa_supplicant/unsurprising-ext-password.patch

0 → 100644
+66 −0
Original line number Diff line number Diff line 
From e5ac0dd1af48e085bb824082ef3b64afba673ded Mon Sep 17 00:00:00 2001

From: rnhmjoj <rnhmjoj@inventati.org>

Date: Wed, 18 Sep 2024 13:43:44 +0200

Subject: [PATCH] ext_password_file: do not use wpa_config_get_line

To: hostap@lists.infradead.org



The file-based backed of the ext_password framework uses

`wpa_config_get_line` to read the passwords line-by-line from a file.

This function is meant to parse a single line from the

wpa_supplicant.conf file, so it handles whitespace, quotes and other

characters specially.



Its behavior, however, it's not compatible with the rest of the

ext_password framework implementation. For example, if a passphrase

contains a `#` character it must be quoted to prevent parsing the

remaining characters as an inline comment, but the code handling the

external password in `wpa_supplicant_get_psk` does not handle quotes.

The result is that either it will hash the enclosing quotes, producing a

wrong PSK, or if the passphrase is long enough, fail the length check.

As a consequence, some passphrases are impossible to input correctly.



To solve this and other issues, this patch changes the behaviour of the

`ext_password_file_get` function (which was not documented in details,

at least w.r.t. special characters) to simply treat all characters

literally: including trailing whitespaces (except CR and LF), `#` for

inline comments, etc. Empty lines and full-line comments are still

supported.



Signed-off-by: Michele Guerini Rocco <rnhmjoj@inventati.org>

---

 src/utils/ext_password_file.c | 12 ++++++++++--

 1 file changed, 10 insertions(+), 2 deletions(-)



diff --git a/src/utils/ext_password_file.c b/src/utils/ext_password_file.c

index 4bb0095f3..f631ff15c 100644

--- a/src/utils/ext_password_file.c

+++ b/src/utils/ext_password_file.c

@@ -9,7 +9,6 @@

 #include "includes.h"

 

 #include "utils/common.h"

-#include "utils/config.h"

 #include "ext_password_i.h"

 

 

@@ -97,7 +96,16 @@ static struct wpabuf * ext_password_file_get(void *ctx, const char *name)

 

 	wpa_printf(MSG_DEBUG, "EXT PW FILE: get(%s)", name);

 

-	while (wpa_config_get_line(buf, sizeof(buf), f, &line, &pos)) {

+	while ((pos = fgets(buf, sizeof(buf), f))) {

+		line++;

+

+		/* Strip newline characters */

+		pos[strcspn(pos, "\r\n")] = 0;

+

+		/* Skip comments and empty lines */

+		if (*pos == '#' || *pos == '\0')

+		  continue;

+

 		char *sep = os_strchr(pos, '=');

 

 		if (!sep) {

-- 

2.44.1