From: rnhmjoj Date: Wed, 18 Sep 2024 13:58:25 +0000 (+0200) Subject: ext_password_file: Do not use wpa_config_get_line() X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c9a3b3e75120f4f1ab069251411df0856d5d00d5;p=thirdparty%2Fhostap.git ext_password_file: Do not use wpa_config_get_line() The file-based backed of the ext_password framework uses wpa_config_get_line() to read the passwords line-by-line from a file. This function is meant to parse a single line from the wpa_supplicant.conf file, so it handles whitespace, quotes and other characters specially. Its behavior, however, it's not compatible with the rest of the ext_password framework implementation. For example, if a passphrase contains a `#` character it must be quoted to prevent parsing the remaining characters as an inline comment, but the code handling the external password in wpa_supplicant_get_psk() does not handle quotes. The result is that either it will hash the enclosing quotes, producing a wrong PSK, or if the passphrase is long enough, fail the length check. As a consequence, some passphrases are impossible to input correctly. To solve this and other issues, this patch changes the behaviour of the ext_password_file_get() function (which was not documented in details, at least w.r.t. special characters) to simply treat all characters literally: including trailing whitespaces (except CR and LF), `#` for inline comments, etc. Empty lines and full-line comments are still supported. Signed-off-by: Michele Guerini Rocco --- diff --git a/src/utils/ext_password_file.c b/src/utils/ext_password_file.c index 4bb0095f3..312251263 100644 --- a/src/utils/ext_password_file.c +++ b/src/utils/ext_password_file.c @@ -9,7 +9,6 @@ #include "includes.h" #include "utils/common.h" -#include "utils/config.h" #include "ext_password_i.h" @@ -97,9 +96,19 @@ static struct wpabuf * ext_password_file_get(void *ctx, const char *name) wpa_printf(MSG_DEBUG, "EXT PW FILE: get(%s)", name); - while (wpa_config_get_line(buf, sizeof(buf), f, &line, &pos)) { - char *sep = os_strchr(pos, '='); + while ((pos = fgets(buf, sizeof(buf), f))) { + char *sep; + line++; + + /* Strip newline characters */ + pos[strcspn(pos, "\r\n")] = 0; + + /* Skip comments and empty lines */ + if (*pos == '#' || *pos == '\0') + continue; + + sep = os_strchr(pos, '='); if (!sep) { wpa_printf(MSG_ERROR, "Invalid password line %d.", line);