[PATCH] iwinfo: nl80211: fix wpa supplicant ctrl socket permissions

Christian Marangi ansuelsmth at gmail.com
Tue Nov 15 06:42:11 PST 2022


On Sun, Nov 13, 2022 at 09:33:46PM +0100, Andre Heider wrote:
> No data at all can currently be read from the control socket.
> Set up the permission exactly like hostapd's wpa_cli utility to fix it.
> 
> Among other this fixes a mesh's encryption being shown as "None".
> 
> Signed-off-by: Andre Heider <a.heider at gmail.com>

I wonder, can we have some tested-by tag for this? Maybe ask some user
to test this and check if it does fix the mesh encryption problem?

> ---
>  iwinfo_nl80211.c | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
> 
> diff --git a/iwinfo_nl80211.c b/iwinfo_nl80211.c
> index aa92382..77fddee 100644
> --- a/iwinfo_nl80211.c
> +++ b/iwinfo_nl80211.c
> @@ -938,6 +938,18 @@ static int nl80211_wpactl_connect(const char *ifname, struct sockaddr_un *local)
>  		sprintf(remote.sun_path, "/var/run/wpa_supplicant-%s/%s",
>  		        ifname, ifname);
>  
> +	/* Set client socket file permissions so that bind() creates the client
> +	* socket with these permissions and there is no need to try to change
> +	* them with chmod() after bind() which would have potential issues with
> +	* race conditions. These permissions are needed to make sure the server
> +	* side (wpa_supplicant or hostapd) can reply to the control interface
> +	* messages.
> +	*
> +	* The lchown() calls below after bind() are also part of the needed
> +	* operations to allow the response to go through. Those are using the
> +	* no-deference-symlinks version to avoid races. */
> +	fchmod(sock, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
> +
>  	if (fcntl(sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC) < 0)
>  	{
>  		close(sock);
> @@ -966,6 +978,10 @@ static int nl80211_wpactl_connect(const char *ifname, struct sockaddr_un *local)
>  		return -1;
>  	}
>  
> +	/* Set group even if we do not have privileges to change owner */
> +	lchown(local->sun_path, -1, 101);
> +	lchown(local->sun_path, 101, 101);
> +
>  	return sock;
>  }
>  
> -- 
> 2.35.1
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

-- 
	Ansuel



More information about the openwrt-devel mailing list