make PMF configurable using D-Bus

https://bugzilla.redhat.com/show_bug.cgi?id=1567474
2018-05-11 15:57:40 +02:00 · 2018-05-11 15:57:40 +02:00 · f50b348f99
commit f50b348f99
parent e36192aacc
3 changed files with 182 additions and 1 deletions
--- a/rh1567474-0001-D-Bus-Implement-Pmf-property.patch
+++ b/rh1567474-0001-D-Bus-Implement-Pmf-property.patch
@ -0,0 +1,141 @@
+From adf8f45f8af27a9ac9429ecde81776b19b6f9224 Mon Sep 17 00:00:00 2001
+Message-Id: <adf8f45f8af27a9ac9429ecde81776b19b6f9224.1525963452.git.davide.caratti@gmail.com>
+From: Stijn Tintel <stijn@linux-ipv6.be>
+Date: Thu, 12 Jan 2017 17:13:26 +0100
+Subject: [PATCH] D-Bus: Implement Pmf property
+
+The Pmf property is documented in doc/dbus.doxygen, but does not exist,
+so implement it.
+
+Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
+---
+ wpa_supplicant/dbus/dbus_new.c          | 12 +++++++
+ wpa_supplicant/dbus/dbus_new.h          |  1 +
+ wpa_supplicant/dbus/dbus_new_handlers.c | 55 +++++++++++++++++++++++++++++++++
+ wpa_supplicant/dbus/dbus_new_handlers.h |  2 ++
+ 4 files changed, 70 insertions(+)
+
+diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
+index a60118254..0c355f799 100644
+--- a/wpa_supplicant/dbus/dbus_new.c
+++ b/wpa_supplicant/dbus/dbus_new.c
+@@ -1987,6 +1987,11 @@ void wpas_dbus_signal_prop_changed(struct wpa_supplicant *wpa_s,
+ 	case WPAS_DBUS_PROP_AP_SCAN:
+ 		prop = "ApScan";
+ 		break;
+#ifdef CONFIG_IEEE80211W
+	case WPAS_DBUS_PROP_PMF:
+		prop = "Pmf";
+		break;
+#endif /* CONFIG_IEEE80211W */
+ 	case WPAS_DBUS_PROP_SCANNING:
+ 		prop = "Scanning";
+ 		break;
+@@ -3138,6 +3143,13 @@ static const struct wpa_dbus_property_desc wpas_dbus_interface_properties[] = {
+ 	  wpas_dbus_setter_ap_scan,
+ 	  NULL
+ 	},
+#ifdef CONFIG_IEEE80211W
+	{ "Pmf", WPAS_DBUS_NEW_IFACE_INTERFACE, "u",
+	  wpas_dbus_getter_pmf,
+	  wpas_dbus_setter_pmf,
+	  NULL
+	},
+#endif /* CONFIG_IEEE80211W */
+ 	{ "BSSExpireAge", WPAS_DBUS_NEW_IFACE_INTERFACE, "u",
+ 	  wpas_dbus_getter_bss_expire_age,
+ 	  wpas_dbus_setter_bss_expire_age,
+diff --git a/wpa_supplicant/dbus/dbus_new.h b/wpa_supplicant/dbus/dbus_new.h
+index 2b0b775d3..bd0e07433 100644
+--- a/wpa_supplicant/dbus/dbus_new.h
+++ b/wpa_supplicant/dbus/dbus_new.h
+@@ -22,6 +22,7 @@ struct wps_credential;
+ 
+ enum wpas_dbus_prop {
+ 	WPAS_DBUS_PROP_AP_SCAN,
+	WPAS_DBUS_PROP_PMF,
+ 	WPAS_DBUS_PROP_SCANNING,
+ 	WPAS_DBUS_PROP_STATE,
+ 	WPAS_DBUS_PROP_CURRENT_BSS,
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index e36226d86..094301045 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -2787,6 +2787,61 @@ dbus_bool_t wpas_dbus_setter_ap_scan(
+ }
+ 
+ 
+#ifdef CONFIG_IEEE80211W
+
+/**
+ * wpas_dbus_getter_pmf - Control PMF default
+ * @iter: Pointer to incoming dbus message iter
+ * @error: Location to store error on failure
+ * @user_data: Function specific data
+ * Returns: TRUE on success, FALSE on failure
+ *
+ * Getter function for "Pmf" property.
+ */
+dbus_bool_t wpas_dbus_getter_pmf(
+	const struct wpa_dbus_property_desc *property_desc,
+	DBusMessageIter *iter, DBusError *error, void *user_data)
+{
+	struct wpa_supplicant *wpa_s = user_data;
+	dbus_uint32_t pmf = wpa_s->conf->pmf;
+
+	return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_UINT32,
+						&pmf, error);
+}
+
+
+/**
+ * wpas_dbus_setter_pmf - Control PMF default
+ * @iter: Pointer to incoming dbus message iter
+ * @error: Location to store error on failure
+ * @user_data: Function specific data
+ * Returns: TRUE on success, FALSE on failure
+ *
+ * Setter function for "Pmf" property.
+ */
+dbus_bool_t wpas_dbus_setter_pmf(
+	const struct wpa_dbus_property_desc *property_desc,
+	DBusMessageIter *iter, DBusError *error, void *user_data)
+{
+	struct wpa_supplicant *wpa_s = user_data;
+	dbus_uint32_t pmf;
+
+	if (!wpas_dbus_simple_property_setter(iter, error, DBUS_TYPE_UINT32,
+					      &pmf))
+		return FALSE;
+
+	if (pmf > 2) {
+		dbus_set_error_const(error, DBUS_ERROR_FAILED,
+				     "Pmf must be 0, 1, or 2");
+		return FALSE;
+	}
+	wpa_s->conf->pmf = pmf;
+	return TRUE;
+}
+
+#endif /* CONFIG_IEEE80211W */
+
+
+ /**
+  * wpas_dbus_getter_fast_reauth - Control fast
+  * reauthentication (TLS session resumption)
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.h b/wpa_supplicant/dbus/dbus_new_handlers.h
+index fe8767a11..3b8f0966f 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.h
+++ b/wpa_supplicant/dbus/dbus_new_handlers.h
+@@ -138,6 +138,8 @@ DECLARE_ACCESSOR(wpas_dbus_getter_state);
+ DECLARE_ACCESSOR(wpas_dbus_getter_scanning);
+ DECLARE_ACCESSOR(wpas_dbus_getter_ap_scan);
+ DECLARE_ACCESSOR(wpas_dbus_setter_ap_scan);
+DECLARE_ACCESSOR(wpas_dbus_getter_pmf);
+DECLARE_ACCESSOR(wpas_dbus_setter_pmf);
+ DECLARE_ACCESSOR(wpas_dbus_getter_fast_reauth);
+ DECLARE_ACCESSOR(wpas_dbus_setter_fast_reauth);
+ DECLARE_ACCESSOR(wpas_dbus_getter_disconnect_reason);
+-- 
+2.14.3
+
--- a/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
+++ b/rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
@ -0,0 +1,31 @@
+From 3cdb4ac074f76accf24a51d143db545afad2c90b Mon Sep 17 00:00:00 2001
+Message-Id: <3cdb4ac074f76accf24a51d143db545afad2c90b.1525963467.git.davide.caratti@gmail.com>
+From: Stijn Tintel <stijn@linux-ipv6.be>
+Date: Thu, 5 Jan 2017 16:06:33 +0100
+Subject: [PATCH] D-Bus: Add pmf to global capabilities
+
+This indicates that the wpa_supplicant binary has been compiled with PMF
+support.
+
+Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
+---
+ wpa_supplicant/dbus/dbus_new_handlers.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
+index 094301045..87581c900 100644
+--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
+@@ -991,6 +991,9 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
+ #ifdef CONFIG_INTERWORKING
+ 	capabilities[num_items++] = "interworking";
+ #endif /* CONFIG_INTERWORKING */
+#ifdef CONFIG_IEEE80211W
+	capabilities[num_items++] = "pmf";
+#endif /* CONFIG_IEEE80211W */
+ 
+ 	return wpas_dbus_simple_array_property_getter(iter,
+ 						      DBUS_TYPE_STRING,
+-- 
+2.14.3
+
--- a/wpa_supplicant.spec
+++ b/wpa_supplicant.spec
@ -7,7 +7,7 @@ Summary: WPA/WPA2/IEEE 802.1X Supplicant
 Name: wpa_supplicant
 Epoch: 1
 Version: 2.6
-Release: 14%{?dist}
+Release: 15%{?dist}
 License: BSD
 Group: System Environment/Base
 Source0: http://w1.fi/releases/%{name}-%{version}%{rcver}%{snapshot}.tar.gz
@ -99,6 +99,10 @@ Patch58: rh1465138-openssl-Fix-openssl-1-1-private-key-callback.patch
 Patch59: rh1497640-mka-add-error-handling-for-secy_init_macsec.patch
 Patch60: rh1497640-pae-validate-input-before-pointer.patch

+# make PMF configurable using D-Bus (rh #1567474)
+Patch61: rh1567474-0001-D-Bus-Implement-Pmf-property.patch
+Patch62: rh1567474-0002-D-Bus-Add-pmf-to-global-capabilities.patch
+
 URL: http://w1.fi/wpa_supplicant/

 %if %{build_gui}
@ -200,6 +204,8 @@ Graphical User Interface for wpa_supplicant written using QT
 %patch58 -p1 -b .rh1465138-openssl-cb
 %patch59 -p1 -b .rh1487640-mka
 %patch60 -p1 -b .rh1487640-pae
+%patch61 -p1 -b .rh1567474-pmf-0001
+%patch62 -p1 -b .rh1567474-pmf-0002

 %build
 pushd wpa_supplicant
@ -297,6 +303,9 @@ chmod -R 0644 %{name}/examples/*.py
 %endif

 %changelog
+* Fri May 11 2018 Davide Caratti <dcaratti@redhat.com> - 1:2.6-15
+- Make PMF configurable using D-Bus (rh#1567474)
+
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.6-14
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild