[PATCH 1/3] Added wpa_config_get_all function

Jouni Malinen j
Tue Nov 10 05:38:00 PST 2009

On Mon, Nov 09, 2009 at 10:23:57PM -0800, Dan Williams wrote:
> At the moment, the D-Bus interface is restricted to 'root' only.  This
> is done by the D-Bus permissions config file (dbus-wpa_supplicant.conf).


> I think the idea here was to ensure that an external program (like NM)
> could get the actual key used to connect to the network after the WPS
> exchange had succeeded.  Otherwise, how would we know what PSK to send
> back to the supplicant the next time we connect?
> We can't really send out a signal (since signals are usually readable by
> anyone) thus the original method of caching the response and using
> properties to get it.  If you don't like that (you didn't) then we can
> let the supplicant update the network block in the in-memory config, and
> then add a method to allow NM to read back the updated network block
> (which I think you are now objecting to as well :).  Not sure how we're
> supposed to get out the negotiated PSK then?

There were two reasons for me not liking the caching of WPS credentials:
I did not know why it was needed (this explanation on signal readability
seems to explain that) and it not working very well (at least in theory)
should there be multiple new credentials being received close to
each other with the latest one replacing the older ones which may or may
not have been fetched.

The original patches introduced both mechanisms (access to full config
and caching of WPS credentials). Why? Would only one of them be enough?
Or to be more specific, would caching of WPS credentials be enough?

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list