[PATCH] ext_password_file: do not use wpa_config_get_line
Jouni Malinen
j at w1.fi
Sun Dec 22 09:55:39 PST 2024
On Wed, Sep 18, 2024 at 03:58:25PM +0200, rnhmjoj wrote:
> The file-based backed of the ext_password framework uses
> `wpa_config_get_line` to read the passwords line-by-line from a file.
> This function is meant to parse a single line from the
> wpa_supplicant.conf file, so it handles whitespace, quotes and other
> characters specially.
>
> Its behavior, however, it's not compatible with the rest of the
> ext_password framework implementation. For example, if a passphrase
> contains a `#` character it must be quoted to prevent parsing the
> remaining characters as an inline comment, but the code handling the
> external password in `wpa_supplicant_get_psk` does not handle quotes.
> The result is that either it will hash the enclosing quotes, producing a
> wrong PSK, or if the passphrase is long enough, fail the length check.
> As a consequence, some passphrases are impossible to input correctly.
>
> To solve this and other issues, this patch changes the behaviour of the
> `ext_password_file_get` function (which was not documented in details,
> at least w.r.t. special characters) to simply treat all characters
> literally: including trailing whitespaces (except CR and LF), `#` for
> inline comments, etc. Empty lines and full-line comments are still
> supported.
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list