From 10e5bee5efe480132edae56616d64b672bc7d846 Mon Sep 17 00:00:00 2001 From: Denis Kenzior Date: Tue, 6 Jul 2021 13:38:56 -0500 Subject: [PATCH] wsc: Properly write provisioning files with a passphrase Credentials obtained can now be either in passphrase or PSK form. Prior to commit 7a9891dbef5b, passphrase credentials were always converted to PSK form by invoking crypto_psk_from_passphrase. This was changed in order to support WPA3 networks. Unfortunately the provisioning logic was never properly updated. Fix that, and also try to not overwrite any existing settings in case WSC is providing credentials for networks that are already known. Fixes: 7a9891dbef5b ("wsc: store plain text passphrase if available") --- src/wsc.c | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/src/wsc.c b/src/wsc.c index acc0885b..4ab497d4 100644 --- a/src/wsc.c +++ b/src/wsc.c @@ -28,6 +28,7 @@ #include #include +#include "ell/useful.h" #include "src/missing.h" #include "src/module.h" #include "src/dbus.h" @@ -40,7 +41,6 @@ #include "src/util.h" #include "src/handshake.h" #include "src/eap-wsc.h" -#include "src/crypto.h" #include "src/common.h" #include "src/storage.h" #include "src/iwd.h" @@ -525,21 +525,40 @@ static void wsc_store_credentials(struct wsc_credentials_info *creds, { unsigned int i; + /* We don't store any non-open/psk credentials */ for (i = 0; i < n_creds; i++) { enum security security = creds[i].security; const char *ssid = creds[i].ssid; - struct l_settings *settings = l_settings_new(); + _auto_(l_settings_free) struct l_settings *settings = + l_settings_new(); + _auto_(l_free) char *path = + storage_get_network_file_path(security, ssid); + + if (l_settings_load_from_file(settings, path)) { + /* + * Nothing to do, + * so don't overwrite any existing settings + */ + if (security == SECURITY_NONE) + continue; + + /* Remove any existing Security keys */ + l_settings_remove_group(settings, "Security"); + } + + if (security == SECURITY_PSK) { + if (creds[i].has_passphrase) + l_settings_set_string(settings, "Security", + "Passphrase", creds[i].passphrase); + else + l_settings_set_bytes(settings, "Security", + "PreSharedKey", creds[i].psk, + sizeof(creds[i].psk)); + } l_debug("Storing credential for '%s(%s)'", ssid, security_to_str(security)); - - if (security == SECURITY_PSK) - l_settings_set_bytes(settings, "Security", - "PreSharedKey", creds[i].psk, - sizeof(creds[i].psk)); - storage_network_sync(security, ssid, settings); - l_settings_free(settings); } }