[PATCH] DBus: add RemoveAllCreds to the API.

Damien Dejean damiendejean at chromium.org
Wed Nov 17 01:40:31 PST 2021 

Adds a method to allow the caller to remove all the interworking
credentials in one call.

Signed-off-by: Damien Dejean <damiendejean at chromium.org>
---
 tests/hwsim/test_dbus.py                | 17 ++++++
 wpa_supplicant/ctrl_iface.c             | 55 ++-----------------
 wpa_supplicant/dbus/dbus_new.c          |  6 ++
 wpa_supplicant/dbus/dbus_new_handlers.c | 40 +++++++++++++-
 wpa_supplicant/dbus/dbus_new_handlers.h |  3 +
 wpa_supplicant/wpa_supplicant.c         | 73 +++++++++++++++++++++++++
 wpa_supplicant/wpa_supplicant_i.h       |  4 ++
 7 files changed, 146 insertions(+), 52 deletions(-)

diff --git a/tests/hwsim/test_dbus.py b/tests/hwsim/test_dbus.py
index c9e2db028..59e7e4098 100644
--- a/tests/hwsim/test_dbus.py
+++ b/tests/hwsim/test_dbus.py
@@ -6118,6 +6118,23 @@ def test_dbus_creds(dev, apdev):
     if not "FAIL" in dev[0].get_cred(0, 'domain'):
         raise Exception("Credential remove failed")
 
+    # Removal of multiple credentials
+    cred1 = {'domain': 'server1.w1.fi','realm': 'server1.w1.fi','eap': 'TTLS'}
+    iface.AddCred(dbus.Dictionary(cred1, signature='sv'))
+    if "FAIL" in dev[0].get_cred(0, 'domain'):
+        raise Exception("Failed to add credential")
+
+    cred2 = {'domain': 'server2.w1.fi','realm': 'server2.w1.fi','eap': 'TTLS'}
+    iface.AddCred(dbus.Dictionary(cred2, signature='sv'))
+    if "FAIL" in dev[0].get_cred(1, 'domain'):
+        raise Exception("Failed to add credential")
+
+    iface.RemoveAllCreds()
+    if not "FAIL" in dev[0].get_cred(0, 'domain'):
+        raise Exception("Credential remove failed")
+    if not "FAIL" in dev[0].get_cred(1, 'domain'):
+        raise Exception("Credential remove failed")
+
 def test_dbus_interworking(dev, apdev):
     "D-Bus interworking selection"
     (bus, wpas_obj, path, if_obj) = prepare_dbus(dev[0])
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 9dc17f5ee..95e5efdb7 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -3793,47 +3793,6 @@ static int wpa_supplicant_ctrl_iface_add_cred(struct wpa_supplicant *wpa_s,
 }
 
 
-static int wpas_ctrl_remove_cred(struct wpa_supplicant *wpa_s,
-				 struct wpa_cred *cred)
-{
-	struct wpa_ssid *ssid;
-	char str[20];
-	int id;
-
-	if (cred == NULL) {
-		wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find cred");
-		return -1;
-	}
-
-	id = cred->id;
-	if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
-		wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find cred");
-		return -1;
-	}
-
-	wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
-
-	/* Remove any network entry created based on the removed credential */
-	ssid = wpa_s->conf->ssid;
-	while (ssid) {
-		if (ssid->parent_cred == cred) {
-			int res;
-
-			wpa_printf(MSG_DEBUG, "Remove network id %d since it "
-				   "used the removed credential", ssid->id);
-			res = os_snprintf(str, sizeof(str), "%d", ssid->id);
-			if (os_snprintf_error(sizeof(str), res))
-				str[sizeof(str) - 1] = '\0';
-			ssid = ssid->next;
-			wpa_supplicant_ctrl_iface_remove_network(wpa_s, str);
-		} else
-			ssid = ssid->next;
-	}
-
-	return 0;
-}
-
-
 static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
 						 char *cmd)
 {
@@ -3844,13 +3803,7 @@ static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
 	 * "provisioning_sp=<FQDN> */
 	if (os_strcmp(cmd, "all") == 0) {
 		wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_CRED all");
-		cred = wpa_s->conf->cred;
-		while (cred) {
-			prev = cred;
-			cred = cred->next;
-			wpas_ctrl_remove_cred(wpa_s, prev);
-		}
-		return 0;
+		return wpa_supplicant_remove_all_creds(wpa_s);
 	}
 
 	if (os_strncmp(cmd, "sp_fqdn=", 8) == 0) {
@@ -3866,7 +3819,7 @@ static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
 					if (os_strcmp(prev->domain[i], cmd + 8)
 					    != 0)
 						continue;
-					wpas_ctrl_remove_cred(wpa_s, prev);
+					wpa_supplicant_remove_cred(wpa_s, prev);
 					break;
 				}
 			}
@@ -3883,7 +3836,7 @@ static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
 			cred = cred->next;
 			if (prev->provisioning_sp &&
 			    os_strcmp(prev->provisioning_sp, cmd + 16) == 0)
-				wpas_ctrl_remove_cred(wpa_s, prev);
+				wpa_supplicant_remove_cred(wpa_s, prev);
 		}
 		return 0;
 	}
@@ -3892,7 +3845,7 @@ static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
 	wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_CRED id=%d", id);
 
 	cred = wpa_config_get_cred(wpa_s->conf, id);
-	return wpas_ctrl_remove_cred(wpa_s, cred);
+	return wpa_supplicant_remove_cred(wpa_s, cred);
 }
 
 
diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
index 22971acff..501d3854c 100644
--- a/wpa_supplicant/dbus/dbus_new.c
+++ b/wpa_supplicant/dbus/dbus_new.c
@@ -3678,6 +3678,12 @@ static const struct wpa_dbus_method_desc wpas_dbus_interface_methods[] = {
 		  END_ARGS
 	  }
 	},
+	{ "RemoveAllCreds", WPAS_DBUS_NEW_IFACE_INTERFACE,
+	  (WPADBusMethodHandler) wpas_dbus_handler_remove_all_creds,
+	  {
+		  END_ARGS
+	  }
+	},
 	{ "InterworkingSelect", WPAS_DBUS_NEW_IFACE_INTERFACE,
 	  (WPADBusMethodHandler) wpas_dbus_handler_interworking_select,
 	  {
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c
index 14e55211c..bf22203e0 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers.c
@@ -1705,6 +1705,7 @@ DBusMessage * wpas_dbus_handler_remove_cred(DBusMessage *message,
 	const char *op;
 	char *iface, *cred_id;
 	int id;
+	struct wpa_cred *cred;
 	int result;
 
 	dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &op,
@@ -1728,7 +1729,17 @@ DBusMessage * wpas_dbus_handler_remove_cred(DBusMessage *message,
 		goto out;
 	}
 
-	result = wpa_config_remove_cred(wpa_s->conf, id);
+	cred = wpa_config_get_cred(wpa_s->conf, id);
+	if (!cred) {
+		wpa_printf(MSG_ERROR,
+			   "%s[dbus]: could not find credential %s",
+			   __func__, op);
+		reply = wpas_dbus_error_invalid_args(message,
+			"could not find credentials");
+		goto out;
+	}
+
+	result = wpa_supplicant_remove_cred(wpa_s, cred);
 	if (result == -1) {
 		wpa_printf(MSG_ERROR,
 			   "%s[dbus]: error occurred when removing cred %d",
@@ -1744,6 +1755,33 @@ out:
 	return reply;
 }
 
+/**
+ * wpas_dbus_handler_remove_all_creds - Remove all the configured sets of
+ * credentials.
+ * @message: Pointer to incoming dbus message
+ * @wpa_s: wpa_supplicant structure for a network interface
+ * Returns: NULL indicating success or DBus error message on failure
+ *
+ * Handler function for "RemoveAllCreds" method call of a network interface.
+ */
+DBusMessage * wpas_dbus_handler_remove_all_creds(DBusMessage *message,
+						 struct wpa_supplicant *wpa_s)
+{
+	int res;
+	DBusMessage *reply = NULL;
+
+	res = wpa_supplicant_remove_all_creds(wpa_s);
+	if (res < 0) {
+		wpa_printf(MSG_ERROR,
+			   "%s[dbus]: failed to remove all credentials",
+			   __func__);
+		reply = wpas_dbus_error_unknown_error(message,
+			"failed to remove all credentials");
+	}
+
+	return reply;
+}
+
 DBusMessage * wpas_dbus_handler_interworking_select(DBusMessage *message,
 						    struct wpa_supplicant *wpa_s)
 {
diff --git a/wpa_supplicant/dbus/dbus_new_handlers.h b/wpa_supplicant/dbus/dbus_new_handlers.h
index 90e523e00..417a79f3b 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers.h
+++ b/wpa_supplicant/dbus/dbus_new_handlers.h
@@ -155,6 +155,9 @@ DBusMessage * wpas_dbus_handler_add_cred(DBusMessage *message,
 DBusMessage * wpas_dbus_handler_remove_cred(DBusMessage *message,
 					    struct wpa_supplicant *wpa_s);
 
+DBusMessage * wpas_dbus_handler_remove_all_creds(DBusMessage *message,
+						 struct wpa_supplicant *wpa_s);
+
 DBusMessage * wpas_dbus_handler_interworking_select(DBusMessage *message,
 						    struct wpa_supplicant *wpa_s);
 
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index b80f1d4f0..34da9cac4 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -4512,6 +4512,79 @@ void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
 }
 
 
+/**
+ * wpa_supplicant_remove_cred - Remove the set of provided credentials and all
+ * the network entries created based on the removed credentials.
+ * @wpa_s: wpa_supplicant structure for a network interface
+ * @cred: the set of credentials to remove
+ */
+int wpa_supplicant_remove_cred(struct wpa_supplicant* wpa_s,
+			       struct wpa_cred* cred)
+{
+	struct wpa_ssid *ssid;
+	int id;
+
+	if (cred == NULL) {
+		wpa_printf(MSG_DEBUG, "Could not find cred");
+		return -1;
+	}
+
+	id = cred->id;
+	if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
+		wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
+		return -1;
+	}
+
+	wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
+
+	/* Remove any network entry created based on the removed credential */
+	ssid = wpa_s->conf->ssid;
+	while (ssid) {
+		if (ssid->parent_cred == cred) {
+			int res;
+			wpa_printf(MSG_DEBUG, "Remove network id %d since it "
+				   "used the removed credential", ssid->id);
+			res = wpa_supplicant_remove_network(wpa_s, ssid->id);
+			if (res == -1) {
+				wpa_printf(MSG_DEBUG,
+					   "Could not find network id=%d",
+					   ssid->id);
+			}
+			ssid = ssid->next;
+		} else
+			ssid = ssid->next;
+	}
+
+	return 0;
+}
+
+
+/**
+ * wpa_supplicant_remove_cred - Remove all the interworking credentials.
+ * @wpa_s: wpa_supplicant structure for a network interface
+ */
+int wpa_supplicant_remove_all_creds(struct wpa_supplicant* wpa_s)
+{
+	int res;
+	struct wpa_cred *cred, *prev;
+
+	cred = wpa_s->conf->cred;
+	while (cred) {
+		prev = cred;
+		cred = cred->next;
+		res = wpa_supplicant_remove_cred(wpa_s, prev);
+		if (res < 0) {
+			wpa_printf(MSG_DEBUG, "Remove all credentials failed "
+				   "because remove of credential id=%d failed",
+				   prev->id);
+			return -1;
+		}
+	}
+
+	return 0;
+}
+
+
 /**
  * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
  * @wpa_s: wpa_supplicant structure for a network interface
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index cbc955159..d68350ae9 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -38,6 +38,7 @@ struct wpa_bss;
 struct wpa_scan_results;
 struct hostapd_hw_modes;
 struct wpa_driver_associate_params;
+struct wpa_cred;
 
 /*
  * Forward declarations of private structures used within the ctrl_iface
@@ -1578,6 +1579,9 @@ void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
 				    struct wpa_ssid *ssid);
 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
 				   struct wpa_ssid *ssid);
+int wpa_supplicant_remove_cred(struct wpa_supplicant* wpa_s,
+			       struct wpa_cred* cred);
+int wpa_supplicant_remove_all_creds(struct wpa_supplicant* wpa_s);
 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
 					   const char *pkcs11_engine_path,
 					   const char *pkcs11_module_path);
-- 
2.34.0.rc1.387.gb447b232ab-goog

More information about the Hostap mailing list