Hi, this seems to work, and passwords are not getting flushed into thin air anymore.
However there is a one problem still left in __connman_service_connect()-function. It has a call __connman_service_clear_error(service); at line 5973 (https://git.kernel.org/cgit/network/connman/connman.git/tree/src/service.c#n5973) which then again has a call to set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN). That will cause "err = service_connect(service);" to never return NOKEY-error. (https://git.kernel.org/cgit/network/connman/connman.git/tree/src/service.c#n5975) So, I guess set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN) needs to be removed from __connman_service_clear_error as well to keep the track of the error. Br, Pasi On 26.02.2015 13:43, Patrik Flykt wrote: > Deleting a WiFi PSK passphrase in response to an invalid key error > causes the passphrase disappear from the save file. This results in > a discovered WiFi network with identical SSID and security method > to remove the saved passphrase of the actual network. > > Instead of always removing the passphrase, use service error to keep > track of the passphrase validity. Do this by unsetting service error > only when the service enters ready or disconnect states or when the > passphrase is supplied by the agent. In all other states the service > error is not modified and the error is used to detect and invalid key > upon service connection. > > Reported by Pasi Sjöholm. > --- > src/service.c | 27 ++++++++++++++++----------- > 1 file changed, 16 insertions(+), 11 deletions(-) > > diff --git a/src/service.c b/src/service.c > index 3ed98ed..fdec83e 100644 > --- a/src/service.c > +++ b/src/service.c > @@ -5308,6 +5308,8 @@ static int service_indicate_state(struct > connman_service *service) > break; > > case CONNMAN_SERVICE_STATE_READY: > + set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN); > + > if (service->new_service && > __connman_stats_service_register(service) == 0) > { > /* > @@ -5374,6 +5376,7 @@ static int service_indicate_state(struct > connman_service *service) > break; > > case CONNMAN_SERVICE_STATE_DISCONNECT: > + set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN); > > reply_pending(service, ECONNABORTED); > > @@ -5418,9 +5421,6 @@ static int service_indicate_state(struct > connman_service *service) > break; > } > > - if (new_state != CONNMAN_SERVICE_STATE_FAILURE) > - set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN); > - > service_list_sort(); > > __connman_connection_update_gateway(); > @@ -5448,14 +5448,16 @@ int __connman_service_indicate_error(struct > connman_service *service, > if (!service) > return -EINVAL; > > + if (service->state == CONNMAN_SERVICE_STATE_FAILURE) > + return -EALREADY; > + > set_error(service, error); > > /* > * Supplicant does not always return invalid key error for > * WPA-EAP so clear the credentials always. > */ > - if (service->error == CONNMAN_SERVICE_ERROR_INVALID_KEY || > - service->security == CONNMAN_SERVICE_SECURITY_8021X) > + if (service->security == CONNMAN_SERVICE_SECURITY_8021X) > clear_passphrase(service); > > __connman_service_set_agent_identity(service, NULL); > @@ -5852,6 +5854,9 @@ static int service_connect(struct connman_service > *service) > case CONNMAN_SERVICE_SECURITY_PSK: > case CONNMAN_SERVICE_SECURITY_WPA: > case CONNMAN_SERVICE_SECURITY_RSN: > + if (service->error == CONNMAN_SERVICE_ERROR_INVALID_KEY) > + return -ENOKEY; > + > if (!service->passphrase) { > if (!service->network) > return -EOPNOTSUPP; > @@ -5878,9 +5883,10 @@ static int service_connect(struct connman_service > *service) > * missing. Agent provided credentials can be used as > * fallback if needed. > */ > - if ((!service->identity && > + if (((!service->identity && > !service->agent_identity) || > - !service->passphrase) > + !service->passphrase) || > + service->error == > CONNMAN_SERVICE_ERROR_INVALID_KEY) > return -ENOKEY; > > break; > @@ -5975,16 +5981,15 @@ int __connman_service_connect(struct connman_service > *service, > err = service_connect(service); > > service->connect_reason = reason; > - if (err >= 0) { > - set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN); > + > + if (err >= 0) > return 0; > - } > > if (err == -EINPROGRESS) { > if (service->timeout == 0) > service->timeout = g_timeout_add_seconds( > CONNECT_TIMEOUT, connect_timeout, service); > - set_error(service, CONNMAN_SERVICE_ERROR_UNKNOWN); > + > return -EINPROGRESS; > } > > _______________________________________________ connman mailing list [email protected] https://lists.connman.net/mailman/listinfo/connman
