Re: [PATCH] dbus: add a new property SAENeedAuth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Dec 23, 2024 at 09:10:03PM +0800, xinpeng wang wrote:
> Add a new dbus property SAENeedAuth to notify the desktop that a
> password dialog needs to pop up for the user to enter the correct
> password

What does "SAENeedAuth" mean? That feels like a strange name for this.

> diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
> +dbus_bool_t wpas_dbus_getter_sae_need_auth(
> +	const struct wpa_dbus_property_desc *property_desc,
> +	DBusMessageIter *iter, DBusError *error, void *user_data)
> +{
> +	struct wpa_supplicant *wpa_s = user_data;
> +	dbus_bool_t sae_need_auth = wpa_s->sme.sae.sae_need_auth ? TRUE : FALSE;

This would break compilation without CONFIG_SME=y.

> diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
> @@ -1913,8 +1913,12 @@ static int sme_sae_auth(struct wpa_supplicant *wpa_s, u16 auth_transaction,
>  		if (sae_check_confirm(&wpa_s->sme.sae, data, len,
> -				      ie_offset) < 0)
> +				      ie_offset) < 0) {
> +			wpa_s->sme.sae.sae_need_auth = 1;
> +			wpa_dbg(wpa_s, MSG_DEBUG, "SME: Notifying SAENeedAuth attribute changes");
> +			wpas_notify_sae_need_auth(wpa_s);
>  			return -1;
> +		}

This would not work for cases where the AP sends out its SAE Confirm
message only after having received a valid SAE Confirm from the STA.
Furthermore, this would have no impact for drivers that use
SME-in-driver design. In either of these cases, the new property would
confusingly show FALSE regardless of what happened with SAE
authentication.

sae_check_confirm() can fail for a number of reasons and only the actual
mismatch in the verifier value might be of reason to consider whether
the configured password would need to be changed. It should also be
noted that it could be a bad idea to automatically pop up a new dialog
to the user whenever this happens if that operation would end up
replacing the currently configured password since there is no
authentication of this information and it would be trivial for attackers
to force this to happen. In other words, the commit message should be
much more careful in implying that this should always result in user
dialog and a new password being entered.
 
-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux