[PATCH 2/7] service: Check the passphrase validity

[Julien Massot]

A WPA passphrase is 8..63 char length.
A WPA raw key is always 64 hex digit.

A Wep passphrase is either 5 or 13 characters
A WEP key is 10 or 26 hex digit.
---
 src/connman.h |    8 +++---
 src/service.c |   62 ++++++++++++++++++++++++++++++++++++++++++++++----------
 2 files changed, 55 insertions(+), 15 deletions(-)

diff --git a/src/connman.h b/src/connman.h
index 7f42bc9..225928c 100644
--- a/src/connman.h
+++ b/src/connman.h
@@ -84,8 +84,8 @@ void __connman_counter_cleanup(void);
 
 struct connman_service;
 
-void __connman_service_add_passphrase(struct connman_service *service,
-                               const gchar *passphrase);
+int __connman_service_add_passphrase(struct connman_service *service,
+                                       const gchar *passphrase);
 typedef void (* authentication_cb_t) (struct connman_service *service,
                                connman_bool_t values_received,
                                const char *name, int name_len,
@@ -651,8 +651,8 @@ void __connman_service_set_identity(struct connman_service 
*service,
                                        const char *identity);
 void __connman_service_set_agent_identity(struct connman_service *service,
                                                const char *agent_identity);
-void __connman_service_set_passphrase(struct connman_service *service,
-                                       const char* passphrase);
+int __connman_service_set_passphrase(struct connman_service *service,
+                                       const char *passphrase);
 void __connman_service_set_agent_passphrase(struct connman_service *service,
                                                const char *agent_passphrase);
 
diff --git a/src/service.c b/src/service.c
index bfd8c7e..562e3c9 100644
--- a/src/service.c
+++ b/src/service.c
@@ -28,6 +28,7 @@
 #include <string.h>
 #include <netdb.h>
 #include <gdbus.h>
+#include <ctype.h>
 
 #include <connman/storage.h>
 #include <connman/setting.h>
@@ -2469,21 +2470,57 @@ void __connman_service_set_agent_identity(struct 
connman_service *service,
                                        service->agent_identity);
 }
 
-void __connman_service_set_passphrase(struct connman_service *service,
+int __connman_service_set_passphrase(struct connman_service *service,
                                        const char* passphrase)
 {
+       int err = 0;
+       guint i;
+       gsize length;
+
        if (service->immutable == TRUE || service->hidden == TRUE)
-               return;
+               return -EINVAL;
 
-       g_free(service->passphrase);
-       service->passphrase = g_strdup(passphrase);
+       if (passphrase != NULL) {
+               length = strlen(passphrase);
+               if (service->security == CONNMAN_SERVICE_SECURITY_PSK) {
+                       /* A raw key is always 64 bytes length,
+                        * its content is in hex representation.
+                        * A PSK key must be between [8..63].
+                        */
+                       if (length == 64) {
+                               for (i = 0; i < 64; i++)
+                                       if (!isxdigit((unsigned char)
+                                                       passphrase[i]))
+                                               err = -ENOKEY;
+                       } else if (length < 8 || length > 63)
+                               err = -ENOKEY;
+
+               } else if (service->security == CONNMAN_SERVICE_SECURITY_WEP) {
+                       /* length of WEP key is 10 or 26
+                        * length of WEP passphrase is 5 or 13
+                        */
+                       if (length == 10 || length == 26) {
+                               for (i = 0; i < length; i++)
+                                       if (!isxdigit((unsigned char)
+                                                       passphrase[i]))
+                                               err = -ENOKEY;
+                       } else if (length != 5 && length != 13)
+                               err = -ENOKEY;
+               }
+       }
 
-       if (service->network != NULL)
-               connman_network_set_string(service->network,
-                                       "WiFi.Passphrase",
-                                       service->passphrase);
+       if (err >= 0) {
+               g_free(service->passphrase);
+               service->passphrase = g_strdup(passphrase);
 
-       service_save(service);
+               if (service->network != NULL)
+                       connman_network_set_string(service->network,
+                                                       "WiFi.Passphrase",
+                                                       service->passphrase);
+               service_save(service);
+       }
+
+       return err;
 }
 
 void __connman_service_set_agent_passphrase(struct connman_service *service,
@@ -4194,13 +4231,15 @@ static void report_error_cb(struct connman_service 
*service,
        }
 }
 
-void __connman_service_add_passphrase(struct connman_service *service,
+int __connman_service_add_passphrase(struct connman_service *service,
                                const gchar *passphrase)
 {
+       int err = 0;
+
        switch (service->security) {
        case CONNMAN_SERVICE_SECURITY_WEP:
        case CONNMAN_SERVICE_SECURITY_PSK:
-               __connman_service_set_passphrase(service, passphrase);
+               err = __connman_service_set_passphrase(service, passphrase);
                break;
        case CONNMAN_SERVICE_SECURITY_8021X:
                __connman_service_set_agent_passphrase(service,
@@ -4216,6 +4255,7 @@ void __connman_service_add_passphrase(struct 
connman_service *service,
                break;
        }
 
+       return err;
 }
 
 static void request_input_cb (struct connman_service *service,
-- 
1.7.5.4

_______________________________________________
connman mailing list
connman@connman.net
http://lists.connman.net/listinfo/connman