The file-based backed of the ext_password framework uses
wpa_config_get_line() to read the passwords line-by-line from a file.
This function is meant to parse a single line from the
wpa_supplicant.conf file, so it handles whitespace, quotes and other
characters specially.
Its behavior, however, it's not compatible with the rest of the
ext_password framework implementation. For example, if a passphrase
contains a `#` character it must be quoted to prevent parsing the
remaining characters as an inline comment, but the code handling the
external password in wpa_supplicant_get_psk() does not handle quotes.
The result is that either it will hash the enclosing quotes, producing a
wrong PSK, or if the passphrase is long enough, fail the length check.
As a consequence, some passphrases are impossible to input correctly.
To solve this and other issues, this patch changes the behaviour of the
ext_password_file_get() function (which was not documented in details,
at least w.r.t. special characters) to simply treat all characters
literally: including trailing whitespaces (except CR and LF), `#` for
inline comments, etc. Empty lines and full-line comments are still
supported.
Signed-off-by: Michele Guerini Rocco <rnhmjoj@inventati.org>
#include "includes.h"
#include "utils/common.h"
-#include "utils/config.h"
#include "ext_password_i.h"
wpa_printf(MSG_DEBUG, "EXT PW FILE: get(%s)", name);
- while (wpa_config_get_line(buf, sizeof(buf), f, &line, &pos)) {
- char *sep = os_strchr(pos, '=');
+ while ((pos = fgets(buf, sizeof(buf), f))) {
+ char *sep;
+ line++;
+
+ /* Strip newline characters */
+ pos[strcspn(pos, "\r\n")] = 0;
+
+ /* Skip comments and empty lines */
+ if (*pos == '#' || *pos == '\0')
+ continue;
+
+ sep = os_strchr(pos, '=');
if (!sep) {
wpa_printf(MSG_ERROR, "Invalid password line %d.",
line);
projects / thirdparty / hostap.git / commitdiff
