[PATCH v2] Add dbus signal for information about server certification
Jouni Malinen
j
Tue Jul 5 02:23:07 PDT 2011
On Wed, Jun 29, 2011 at 02:54:17PM +0800, Michael Chang wrote:
> In general, this patch attemps to extend commit
> 00468b4650998144f794762206c695c962c54734 with dbus support.
>
> This can be used by dbus client to implement subject match text
> entry with preset value probed from server. This preset value, if
> user accepts it, is remembered and passed to subject_match config
> for any future authenication.
Thanks! I applied this with some changes.
> diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
> @@ -1208,6 +1208,14 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
> + if (sm->eapol_cb->notify_cert) {
> + sm->eapol_cb->notify_cert(sm->eapol_ctx,
> + data->peer_cert.depth,
> + data->peer_cert.subject,
> + hash_hex ? hash_hex : "",
> + cert_hex ? wpabuf_head(data->peer_cert.cert) : NULL,
> + cert_hex ? wpabuf_len(data->peer_cert.cert) : 0);
I changed the callbacks to use struct wpabuf * instead of char* and int
len.
> diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
> +void wpas_dbus_signal_certification(struct wpa_supplicant *wpa_s,
> + if (cert_hex && cert_hex_len)
> + if (!wpa_dbus_dict_append_byte_array(&dict_iter, "cert_hex", cert_hex, cert_hex_len))
Since this is really a byte array of the raw certificate bytes instead
of hexdump of that, I renamed "cert_hex" to "cert".
> @@ -2641,6 +2686,12 @@ static const struct wpa_dbus_signal_desc wpas_dbus_interface_signals[] = {
> #endif /* CONFIG_P2P */
> + { "Certification", WPAS_DBUS_NEW_IFACE_INTERFACE,
> + {
> + { "certification", "a{sv}", ARG_OUT },
> + END_ARGS
> + }
> + },
I'm not really that familiar with the format used here, but this looks a
bit odd.. Is that list of arguments really correct?
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list