From 2925756575ae33b0137d5bd293482fade4f48e95 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 18 May 2013 11:00:05 +0300 Subject: [PATCH] wpa_supplicant: Add -G argument to specify global ctrl group The optional -G command line argument can be used to specify the group that can access the global control interface. Signed-hostap: Jouni Malinen --- wpa_supplicant/README | 2 ++ wpa_supplicant/ctrl_iface_unix.c | 37 ++++++++++++++++++++++++++++++- wpa_supplicant/main.c | 9 ++++++-- wpa_supplicant/wpa_supplicant.c | 4 ++++ wpa_supplicant/wpa_supplicant_i.h | 5 +++++ 5 files changed, 54 insertions(+), 3 deletions(-) diff --git a/wpa_supplicant/README b/wpa_supplicant/README index f43963253..78df89e87 100644 --- a/wpa_supplicant/README +++ b/wpa_supplicant/README @@ -410,6 +410,7 @@ Command line options usage: wpa_supplicant [-BddfhKLqqtuvwW] [-P] [-g] \ + [-G] \ -i -c [-C] [-D] [-p] \ [-b [-N -i -c [-C] [-D] \ [-p] [-b] ...] @@ -424,6 +425,7 @@ options: -D = driver name (can be multiple drivers: nl80211,wext) -f = Log output to default log location (normally /tmp) -g = global ctrl_interface + -G = global ctrl_interface group -K = include keys (passwords, etc.) in debug output -t = include timestamp in debug messages -h = show this help text diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c index f79286369..73d383721 100644 --- a/wpa_supplicant/ctrl_iface_unix.c +++ b/wpa_supplicant/ctrl_iface_unix.c @@ -1,6 +1,6 @@ /* * WPA Supplicant / UNIX domain socket -based control interface - * Copyright (c) 2004-2009, Jouni Malinen + * Copyright (c) 2004-2013, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -732,6 +732,41 @@ wpa_supplicant_global_ctrl_iface_init(struct wpa_global *global) } } + if (global->params.ctrl_interface_group) { + char *gid_str = global->params.ctrl_interface_group; + gid_t gid = 0; + struct group *grp; + char *endp; + + grp = getgrnam(gid_str); + if (grp) { + gid = grp->gr_gid; + wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d" + " (from group name '%s')", + (int) gid, gid_str); + } else { + /* Group name not found - try to parse this as gid */ + gid = strtol(gid_str, &endp, 10); + if (*gid_str == '\0' || *endp != '\0') { + wpa_printf(MSG_ERROR, "CTRL: Invalid group " + "'%s'", gid_str); + goto fail; + } + wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d", + (int) gid); + } + if (chown(global->params.ctrl_interface, -1, gid) < 0) { + perror("chown[global_ctrl_interface/ifname]"); + goto fail; + } + + if (chmod(global->params.ctrl_interface, S_IRWXU | S_IRWXG) < 0) + { + perror("chmod[global_ctrl_interface/ifname]"); + goto fail; + } + } + #ifdef ANDROID havesock: #endif /* ANDROID */ diff --git a/wpa_supplicant/main.c b/wpa_supplicant/main.c index f45c1b7d1..1b3364cbe 100644 --- a/wpa_supplicant/main.c +++ b/wpa_supplicant/main.c @@ -1,6 +1,6 @@ /* * WPA Supplicant / main() function for UNIX like OSes and MinGW - * Copyright (c) 2003-2007, Jouni Malinen + * Copyright (c) 2003-2013, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -25,6 +25,7 @@ static void usage(void) "usage:\n" " wpa_supplicant [-BddhKLqqstuvW] [-P] " "[-g] \\\n" + " [-G] \\\n" " -i -c [-C] [-D] " "[-p] \\\n" " [-b] [-f] [-e] " @@ -59,6 +60,7 @@ static void usage(void) printf(" -f = log output to debug file instead of stdout\n"); #endif /* CONFIG_DEBUG_FILE */ printf(" -g = global ctrl_interface\n" + " -G = global ctrl_interface group\n" " -K = include keys (passwords, etc.) in debug output\n"); #ifdef CONFIG_DEBUG_SYSLOG printf(" -s = log output to syslog instead of stdout\n"); @@ -157,7 +159,7 @@ int main(int argc, char *argv[]) for (;;) { c = getopt(argc, argv, - "b:Bc:C:D:de:f:g:hi:I:KLNo:O:p:P:qsTtuvW"); + "b:Bc:C:D:de:f:g:G:hi:I:KLNo:O:p:P:qsTtuvW"); if (c < 0) break; switch (c) { @@ -197,6 +199,9 @@ int main(int argc, char *argv[]) case 'g': params.ctrl_interface = optarg; break; + case 'G': + params.ctrl_interface_group = optarg; + break; case 'h': usage(); exitcode = 0; diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 2722eb2b9..8d967acd3 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3288,6 +3288,9 @@ struct wpa_global * wpa_supplicant_init(struct wpa_params *params) if (params->ctrl_interface) global->params.ctrl_interface = os_strdup(params->ctrl_interface); + if (params->ctrl_interface_group) + global->params.ctrl_interface_group = + os_strdup(params->ctrl_interface_group); if (params->override_driver) global->params.override_driver = os_strdup(params->override_driver); @@ -3430,6 +3433,7 @@ void wpa_supplicant_deinit(struct wpa_global *global) os_free(global->params.pid_file); } os_free(global->params.ctrl_interface); + os_free(global->params.ctrl_interface_group); os_free(global->params.override_driver); os_free(global->params.override_ctrl_interface); diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index a2a189b0c..d29318ec4 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -154,6 +154,11 @@ struct wpa_params { */ char *ctrl_interface; + /** + * ctrl_interface_group - Global ctrl_iface group + */ + char *ctrl_interface_group; + /** * dbus_ctrl_interface - Enable the DBus control interface */