HS 2.0R2: Fix permissions for SP/<fqdn> directory on Android

As part of OSU, the AAA TrustRoot cert is downloaded into SP/<fqdn>
directory. On Android, wpa_supplicant runs with Wifi uid privileges, and
hence might not have read access to the AAA TrustRoot present SP/<fqdn>
directory. Hence, make AID_WIFI as the group owner of SP/<fqdn>
directory and allow the members of AID_WIFI group to read files present
in this directory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/hs20/client/osu_client.c b/hs20/client/osu_client.c
index e452aa704d4ea29c0d7baad948ea24a59ab01def..6603425064ea152de9f54823b36845a0c1b270a5 100644 (file)
--- a/hs20/client/osu_client.c
+++ b/hs20/client/osu_client.c
@@ -9,6 +9,9 @@
 #include "includes.h"
 #include <time.h>
 #include <sys/stat.h>
+#ifdef ANDROID
+#include "private/android_filesystem_config.h"
+#endif /* ANDROID */
 
 #include "common.h"
 #include "utils/browser.h"
@@ -571,6 +574,21 @@ int hs20_add_pps_mo(struct hs20_osu_client *ctx, const char *uri,
                }
        }
 
+#ifdef ANDROID
+       /* Allow processes running with Group ID as AID_WIFI,
+        * to read files from SP/<fqdn> directory */
+       if (chown(fname, -1, AID_WIFI)) {
+               wpa_printf(MSG_INFO, "CTRL: Could not chown directory: %s",
+                          strerror(errno));
+               /* Try to continue anyway */
+       }
+       if (chmod(fname, S_IRWXU | S_IRGRP | S_IXGRP) < 0) {
+               wpa_printf(MSG_INFO, "CTRL: Could not chmod directory: %s",
+                          strerror(errno));
+               /* Try to continue anyway */
+       }
+#endif /* ANDROID */
+
        snprintf(fname, fname_len, "SP/%s/pps.xml", fqdn);
 
        if (os_file_exists(fname)) {