On 2017 Nov 27 (Mon) at 02:33:59 +0100 (+0100), Stefan Sperling wrote:
:On Mon, Nov 27, 2017 at 01:31:17AM +0100, Stefan Sperling wrote:
:> On Sun, Nov 26, 2017 at 06:17:14PM +0100, Jeremie Courreges-Anglas wrote:
:> >
:> > I don't think anything has been committed regarding this issue, right?
:>
:> Nope.
:>
:> I've been discussing this with people in person.
:> Will summarize those discussions and send a new diff soon.
:
:Most people I've talked to seem to be OK with never exposing
:these secrets to userland in the first place.
:
:OK?
:
:Index: net/if_spppsubr.c
:===================================================================
:RCS file: /cvs/src/sys/net/if_spppsubr.c,v
:retrieving revision 1.173
:diff -u -p -r1.173 if_spppsubr.c
:--- net/if_spppsubr.c 20 Oct 2017 09:35:09 -0000 1.173
:+++ net/if_spppsubr.c 27 Nov 2017 01:27:31 -0000
:@@ -4493,9 +4493,8 @@ sppp_get_params(struct sppp *sp, struct
: spa->proto = auth->proto;
: spa->flags = auth->flags;
:
:- /* do not copy the secret, and only let root know the name */
:- if (auth->name != NULL && suser(curproc, 0) == 0)
:- strlcpy(spa->name, auth->name, sizeof(spa->name));
:+ /* do not copy the name and secret to userland */
:+ memset(spa->name, 0, sizeof(spa->name));
:
: if (copyout(spa, (caddr_t)ifr->ifr_data, sizeof(*spa)) != 0) {
: free(spa, M_DEVBUF, 0);
This hides the username that is used, not the password/authkey. Is the
username private information?
:Index: net80211/ieee80211_ioctl.c
:===================================================================
:RCS file: /cvs/src/sys/net80211/ieee80211_ioctl.c,v
:retrieving revision 1.57
:diff -u -p -r1.57 ieee80211_ioctl.c
:--- net80211/ieee80211_ioctl.c 6 Nov 2017 11:34:29 -0000 1.57
:+++ net80211/ieee80211_ioctl.c 27 Nov 2017 01:29:44 -0000
:@@ -252,9 +252,6 @@ static int
: ieee80211_ioctl_getnwkeys(struct ieee80211com *ic,
: struct ieee80211_nwkey *nwkey)
: {
:- struct ieee80211_key *k;
:- int error, i;
:-
: if (ic->ic_flags & IEEE80211_F_WEPON)
: nwkey->i_wepon = IEEE80211_NWKEY_WEP;
: else
:@@ -262,23 +259,8 @@ ieee80211_ioctl_getnwkeys(struct ieee802
:
: nwkey->i_defkid = ic->ic_wep_txkey + 1;
:
:- for (i = 0; i < IEEE80211_WEP_NKID; i++) {
:- if (nwkey->i_key[i].i_keydat == NULL)
:- continue;
:- /* do not show any keys to non-root user */
:- if ((error = suser(curproc, 0)) != 0)
:- return error;
:- k = &ic->ic_nw_keys[i];
:- if (k->k_cipher != IEEE80211_CIPHER_WEP40 &&
:- k->k_cipher != IEEE80211_CIPHER_WEP104)
:- nwkey->i_key[i].i_keylen = 0;
:- else
:- nwkey->i_key[i].i_keylen = k->k_len;
:- error = copyout(k->k_key, nwkey->i_key[i].i_keydat,
:- nwkey->i_key[i].i_keylen);
:- if (error != 0)
:- return error;
:- }
:+ /* do not show any keys to userland */
:+
: return 0;
: }
:
:@@ -491,14 +473,10 @@ ieee80211_ioctl(struct ifnet *ifp, u_lon
: case SIOCG80211WPAPSK:
: psk = (struct ieee80211_wpapsk *)data;
: if (ic->ic_flags & IEEE80211_F_PSK) {
:- psk->i_enabled = 1;
:- /* do not show any keys to non-root user */
:- if (suser(curproc, 0) != 0) {
:- psk->i_enabled = 2;
:- memset(psk->i_psk, 0, sizeof(psk->i_psk));
:- break; /* return ok but w/o key */
:- }
:- memcpy(psk->i_psk, ic->ic_psk, sizeof(psk->i_psk));
:+ /* do not show any keys to userland */
:+ psk->i_enabled = 2;
:+ memset(psk->i_psk, 0, sizeof(psk->i_psk));
:+ break; /* return ok but w/o key */
: } else
: psk->i_enabled = 0;
: break;
OK
:Index: netinet/ip_carp.c
:===================================================================
:RCS file: /cvs/src/sys/netinet/ip_carp.c,v
:retrieving revision 1.319
:diff -u -p -r1.319 ip_carp.c
:--- netinet/ip_carp.c 21 Nov 2017 09:08:55 -0000 1.319
:+++ netinet/ip_carp.c 27 Nov 2017 01:29:34 -0000
:@@ -2158,9 +2158,8 @@ carp_ioctl(struct ifnet *ifp, u_long cmd
: }
: carpr.carpr_advbase = sc->sc_advbase;
: carpr.carpr_balancing = sc->sc_balancing;
:- if (suser(p, 0) == 0)
:- bcopy(sc->sc_key, carpr.carpr_key,
:- sizeof(carpr.carpr_key));
:+ /* do not show any keys to userland */
:+ memset(carpr.carpr_key, 0, sizeof(carpr.carpr_key));
: carpr.carpr_peer.s_addr = sc->sc_peer.s_addr;
: error = copyout(&carpr, ifr->ifr_data, sizeof(carpr));
: break;
:
Best I can tell, ifconfig carp doesn't tell you the key anyways, so OK.
--
No problem is so formidable that you can't just walk away from it.
-- C. Schulz
