Re: [PATCH] hostapd: add option to save DPP csign, connector and net access key in runtime

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Feb 08, 2025 at 09:28:24AM +0000, Fengming Ye wrote:
> Improve one case that hostapd DPP AP needs user to manually save
> DPP csign, connector and net access key in hostapd config
> and rerun hostapd to perform DPP connection as AP.
> 
> When device does not have command line, or cannot rerun hostapd,
> IE. when it's flashed rather than a binary,
> it gives another option to directly save the DPP conf info to
> hostapd config when they are sent by configurator.

This behavior should be configurable in the runtime configuration since
this might not be desired wall all cases.

> Signed-off-by: Fengming Ye mailto:frank.ye@xxxxxxx

That email address should be without mailto: and within < .. >

> diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c
> +#ifdef CONFIG_HOSTAPD_DPP_CONF_LOCAL_STORAGE

I would not make this compile time configurable.

> +static void hostapd_dpp_add_network(struct hostapd_data *hapd,

> +       if (dpp_conf->connector) {
> +                if (conf->dpp_connector)
> +                          os_free(conf->dpp_connector);

No need to check whether a pointer is not NULL before calling os_free().

> +       if (dpp_conf->c_sign_key) {
> +                if (conf->dpp_csign)
> +                          wpabuf_free(conf->dpp_csign);

No need to check whether a pointer is not NULL before calling
wpabuf_free().

> +       if (auth->net_access_key) {
> +                if (conf->dpp_netaccesskey)
> +                          wpabuf_free(conf->dpp_netaccesskey);
> +
> +                conf->dpp_netaccesskey = wpabuf_dup(auth->net_access_key);
> +                conf->dpp_netaccesskey_expiry = auth->net_access_key_expiry;
> +       }

What is the new config object does not have net_access_key? Should the
old one from configuration be cleared?

What about dpp_conf->ssid, passphrase, and psk/psk_set? 

> @@ -1206,6 +1240,10 @@ static void hostapd_dpp_handle_config_obj(struct hostapd_data *hapd,
> +#ifdef CONFIG_HOSTAPD_DPP_CONF_LOCAL_STORAGE
> +       hostapd_dpp_add_network(hapd, auth, conf);
> +#endif
> }

Please keep in mind that there may be more than a single config object
in the configuration response. This would result in all config objects
being applied in sequence and each of the overriding the previous one.
This does not feel correct, i.e., at most, this automatic update of the
configuration should be limited to cases where there is a single config
object.
 
-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux