From: Neelansh Mittal <neelansh@qti.qualcomm.com>
Date: Mon, 16 Feb 2015 14:29:46 +0000 (+0530)
Subject: HS 2.0R2: Fix permissions for SP/<fqdn> directory on Android
X-Git-Tag: hostap_2_4~131
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a926295a553585233aab3cf12a9353b008b10799;p=thirdparty%2Fhostap.git

HS 2.0R2: Fix permissions for SP/<fqdn> directory on Android

As part of OSU, the AAA TrustRoot cert is downloaded into SP/<fqdn>
directory. On Android, wpa_supplicant runs with Wifi uid privileges, and
hence might not have read access to the AAA TrustRoot present SP/<fqdn>
directory. Hence, make AID_WIFI as the group owner of SP/<fqdn>
directory and allow the members of AID_WIFI group to read files present
in this directory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---

diff --git a/hs20/client/osu_client.c b/hs20/client/osu_client.c
index e452aa704..660342506 100644
--- a/hs20/client/osu_client.c
+++ b/hs20/client/osu_client.c
@@ -9,6 +9,9 @@
 #include "includes.h"
 #include <time.h>
 #include <sys/stat.h>
+#ifdef ANDROID
+#include "private/android_filesystem_config.h"
+#endif /* ANDROID */
 
 #include "common.h"
 #include "utils/browser.h"
@@ -571,6 +574,21 @@ int hs20_add_pps_mo(struct hs20_osu_client *ctx, const char *uri,
 		}
 	}
 
+#ifdef ANDROID
+	/* Allow processes running with Group ID as AID_WIFI,
+	 * to read files from SP/<fqdn> directory */
+	if (chown(fname, -1, AID_WIFI)) {
+		wpa_printf(MSG_INFO, "CTRL: Could not chown directory: %s",
+			   strerror(errno));
+		/* Try to continue anyway */
+	}
+	if (chmod(fname, S_IRWXU | S_IRGRP | S_IXGRP) < 0) {
+		wpa_printf(MSG_INFO, "CTRL: Could not chmod directory: %s",
+			   strerror(errno));
+		/* Try to continue anyway */
+	}
+#endif /* ANDROID */
+
 	snprintf(fname, fname_len, "SP/%s/pps.xml", fqdn);
 
 	if (os_file_exists(fname)) {