bin/128582: [patch] activate readline(3) support in wpa_cli

Eygene Ryabinkin rea-fbsd at codelabs.ru
Wed Nov 5 10:30:10 PST 2008


The following reply was made to PR bin/128582; it has been noted by GNATS.

From: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
To: Sam Leffler <sam at freebsd.org>
Cc: FreeBSD-gnats-submit at freebsd.org
Subject: Re: bin/128582: [patch] activate readline(3) support in wpa_cli
Date: Wed, 5 Nov 2008 20:58:53 +0300

 --i0/AhcQY5QxfSsSZ
 Content-Type: multipart/mixed; boundary="NzB8fVQJ5HfG6fxh"
 Content-Disposition: inline
 
 
 --NzB8fVQJ5HfG6fxh
 Content-Type: text/plain; charset=koi8-r
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 Sam, good day.
 
 Tue, Nov 04, 2008 at 11:37:22AM -0800, Sam Leffler wrote:
 > readline support in wpa_cli is not enabled by default because it bloats=
 =20
 > the system with very little gain.  It is trivial to have a local=20
 > configuration that adds it w/o touching the source code but once added=20
 > in the way proposed it is not possible to disable it w/o modification.
 
 OK, no problems: what about the attached patch?
 
 > I believe the original PR was submitted by brix at .  I recently asked him=
 =20
 > to review it and decide whether he wanted to commit the change;=20
 > otherwise close the PR.
 
 Yes, it is bin/116606.  I had spotted from that patch that ncurses is
 needed too and had explicitely added it to my patch.  The main
 difference between my and Henrik patches is that I am defining
 additional knob WPA_CLI_WITH_READLINE that enables the realine support
 (but only when MK_GNU_SUPPORT is defined too).  So, by-default the
 support won't be included and people will be able to turn it on
 without resorting the the make trickery.  And I had also described
 this in the manual page.
 
 As a bonus, I had written proper support for the history command
 validation for the potentially sensitive commands that shouldn't be
 written to the disk.  The original version was faulty and incomplete.
 The patch is attached too.  May be it should go upstream, I'll try to
 submit it there too.
 --=20
 Eygene
  _                ___       _.--.   #
  \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
  /  ' `         ,       __.--'      #  to read the on-line manual  =20
  )/' _/     \   `-_,   /            #  while single-stepping the kernel.
  `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
      _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook=20
     {_.-``-'         {_/            #
 
 --NzB8fVQJ5HfG6fxh
 Content-Type: text/plain; charset=koi8-r
 Content-Disposition: attachment; filename=patch-wpa_cli-readline-support
 Content-Transfer-Encoding: quoted-printable
 
 =46rom dfcf8eb229255ff0d28e7afc4bfd49cf3afb573f Mon Sep 17 00:00:00 2001
 =46rom: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
 Date: Tue, 4 Nov 2008 16:00:51 +0300
 Subject: [PATCH] WPA supplicant: activate support for readline and history =
 browsing
 
 The support is present since wpa_cli.c, rev. 1.1, but it was not turned
 on.  Since it is rather useful to have readline/history support for the
 interactive mode, I am enabling this functionality, but it is done
 conditionally.  Sam Leffler told me [1] that it will be the system bloat
 when there will be unconditional support for readline(3).  So, one
 should set the macro WPA_CLI_WITH_READLINE=3D"yes" to enable this.
 
 readline(3) support won't be enabled when GNU support is globally
 disabled.
 
 [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=3D128582
 
 Signed-off-by: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
 ---
  usr.sbin/wpa/wpa_cli/Makefile  |   10 ++++++++++
  usr.sbin/wpa/wpa_cli/wpa_cli.8 |   25 ++++++++++++++++++++++++-
  2 files changed, 34 insertions(+), 1 deletions(-)
 
 diff --git a/usr.sbin/wpa/wpa_cli/Makefile b/usr.sbin/wpa/wpa_cli/Makefile
 index 75c3c02..4531598 100644
 --- a/usr.sbin/wpa/wpa_cli/Makefile
 +++ b/usr.sbin/wpa/wpa_cli/Makefile
 @@ -11,4 +11,14 @@ MAN=3D	wpa_cli.8
  CFLAGS+=3D -DCONFIG_CTRL_IFACE
  CFLAGS+=3D -DCONFIG_CTRL_IFACE_UNIX
 =20
 +.include <bsd.own.mk>
 +
 +.if ${MK_GNU_SUPPORT} =3D=3D "no"
 +# Do nothing, we don't want readline(3) support: GNU support it disabled
 +.elif defined(WPA_CLI_WITH_READLINE) && ${WPA_CLI_WITH_READLINE} =3D=3D "y=
 es"
 +CFLAGS+=3D -DCONFIG_READLINE
 +DPADD+=3D ${LIBREADLINE} ${LIBNCURSES}
 +LDADD+=3D -lreadline -lncurses
 +.endif
 +
  .include <bsd.prog.mk>
 diff --git a/usr.sbin/wpa/wpa_cli/wpa_cli.8 b/usr.sbin/wpa/wpa_cli/wpa_cli.8
 index e9a22ee..3ed857c 100644
 --- a/usr.sbin/wpa/wpa_cli/wpa_cli.8
 +++ b/usr.sbin/wpa/wpa_cli/wpa_cli.8
 @@ -202,9 +202,32 @@ to terminate.
  Exit
  .Nm .
  .El
 +.Sh IMPLEMENTATION DETAILS
 +.Pp
 +One can enable
 +.Xr readline 3
 +support for the
 +.Nm
 +by setting the macro=20
 +.Dv WPA_CLI_WITH_READLINE
 +to
 +.Qq yes
 +either on the compile time, in the
 +.Pa /etc/make.conf
 +or
 +.Pa /etc/src.conf .
 +This option will be effective only when GNU tools support is enabled:
 +the macro
 +.Dv WITHOUT_GNU_SUPPORT
 +should be unset.
 +.Xr readline 3
 +support will add history browsing, command editing and command completion
 +for the interactive operation mode.
  .Sh SEE ALSO
  .Xr wpa_supplicant.conf 5 ,
 -.Xr wpa_supplicant 8
 +.Xr wpa_supplicant 8 ,
 +.Xr src.conf 5 ,
 +.Xr make.conf 5
  .Sh HISTORY
  The
  .Nm
 --=20
 1.6.0.3
 
 
 --NzB8fVQJ5HfG6fxh
 Content-Type: text/plain; charset=koi8-r
 Content-Disposition: attachment; filename=patch-wpa_cli-properly-clean-history
 Content-Transfer-Encoding: quoted-printable
 
 =46rom fbd42c715af5d894a48b45db3abf12ac8eaf36b0 Mon Sep 17 00:00:00 2001
 =46rom: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
 Date: Wed, 5 Nov 2008 20:29:56 +0300
 Subject: [PATCH] WPA CLI tool: properly clean history before writing it to =
 the disk
 
 First of all, the history had not been written to the disk, since almost
 all commands were cleaned up due to the error in the history cleaning:
 the return value of the last os_strncasecmp() call was not compared to
 zero, but was rather used as is.  So the condition was almost always
 true and most commands were removed from the history.
 
 The second problem was that the evaluation of the potentially sensitive
 commands was started at the entry number 1, instead of very first entry.
 
 I had added flags to the every command description: just now the only
 meaningful flag tells that this command has sensitive arguments and it
 shouldn't be written to the disk.  I rewrote the logics for the search
 for the sensitive commands: special procedure is now loops over all
 commands and tries to see if command has sensitive data.  And I had
 rewritten the command checking loop to properly check all commands.
 
 Signed-off-by: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
 ---
  contrib/wpa_supplicant/wpa_cli.c |  124 ++++++++++++++++++++++------------=
 ----
  1 files changed, 72 insertions(+), 52 deletions(-)
 
 diff --git a/contrib/wpa_supplicant/wpa_cli.c b/contrib/wpa_supplicant/wpa_=
 cli.c
 index 7176c95..f3e90ef 100644
 --- a/contrib/wpa_supplicant/wpa_cli.c
 +++ b/contrib/wpa_supplicant/wpa_cli.c
 @@ -973,57 +973,81 @@ static int wpa_cli_cmd_interface_remove(struct wpa_ct=
 rl *ctrl, int argc,
  	return wpa_ctrl_command(ctrl, cmd);
  }
 =20
 +enum wpa_cli_cmd_flags {
 +	cli_cmd_flag_none		=3D 0x00,
 +	cli_cmd_flag_sensitive		=3D 0x01
 +};
 =20
  struct wpa_cli_cmd {
  	const char *cmd;
  	int (*handler)(struct wpa_ctrl *ctrl, int argc, char *argv[]);
 +	enum wpa_cli_cmd_flags flags;
  };
 =20
  static struct wpa_cli_cmd wpa_cli_commands[] =3D {
 -	{ "status", wpa_cli_cmd_status },
 -	{ "ping", wpa_cli_cmd_ping },
 -	{ "mib", wpa_cli_cmd_mib },
 -	{ "help", wpa_cli_cmd_help },
 -	{ "interface", wpa_cli_cmd_interface },
 -	{ "level", wpa_cli_cmd_level },
 -	{ "license", wpa_cli_cmd_license },
 -	{ "quit", wpa_cli_cmd_quit },
 -	{ "set", wpa_cli_cmd_set },
 -	{ "logon", wpa_cli_cmd_logon },
 -	{ "logoff", wpa_cli_cmd_logoff },
 -	{ "pmksa", wpa_cli_cmd_pmksa },
 -	{ "reassociate", wpa_cli_cmd_reassociate },
 -	{ "preauthenticate", wpa_cli_cmd_preauthenticate },
 -	{ "identity", wpa_cli_cmd_identity },
 -	{ "password", wpa_cli_cmd_password },
 -	{ "new_password", wpa_cli_cmd_new_password },
 -	{ "pin", wpa_cli_cmd_pin },
 -	{ "otp", wpa_cli_cmd_otp },
 -	{ "passphrase", wpa_cli_cmd_passphrase },
 -	{ "bssid", wpa_cli_cmd_bssid },
 -	{ "list_networks", wpa_cli_cmd_list_networks },
 -	{ "select_network", wpa_cli_cmd_select_network },
 -	{ "enable_network", wpa_cli_cmd_enable_network },
 -	{ "disable_network", wpa_cli_cmd_disable_network },
 -	{ "add_network", wpa_cli_cmd_add_network },
 -	{ "remove_network", wpa_cli_cmd_remove_network },
 -	{ "set_network", wpa_cli_cmd_set_network },
 -	{ "get_network", wpa_cli_cmd_get_network },
 -	{ "save_config", wpa_cli_cmd_save_config },
 -	{ "disconnect", wpa_cli_cmd_disconnect },
 -	{ "reconnect", wpa_cli_cmd_reconnect },
 -	{ "scan", wpa_cli_cmd_scan },
 -	{ "scan_results", wpa_cli_cmd_scan_results },
 -	{ "get_capability", wpa_cli_cmd_get_capability },
 -	{ "reconfigure", wpa_cli_cmd_reconfigure },
 -	{ "terminate", wpa_cli_cmd_terminate },
 -	{ "interface_add", wpa_cli_cmd_interface_add },
 -	{ "interface_remove", wpa_cli_cmd_interface_remove },
 -	{ "ap_scan", wpa_cli_cmd_ap_scan },
 -	{ "stkstart", wpa_cli_cmd_stkstart },
 -	{ NULL, NULL }
 +	{ "status", wpa_cli_cmd_status, cli_cmd_flag_none },
 +	{ "ping", wpa_cli_cmd_ping, cli_cmd_flag_none },
 +	{ "mib", wpa_cli_cmd_mib, cli_cmd_flag_none },
 +	{ "help", wpa_cli_cmd_help, cli_cmd_flag_none },
 +	{ "interface", wpa_cli_cmd_interface, cli_cmd_flag_none },
 +	{ "level", wpa_cli_cmd_level, cli_cmd_flag_none },
 +	{ "license", wpa_cli_cmd_license, cli_cmd_flag_none },
 +	{ "quit", wpa_cli_cmd_quit, cli_cmd_flag_none },
 +	{ "set", wpa_cli_cmd_set, cli_cmd_flag_none },
 +	{ "logon", wpa_cli_cmd_logon, cli_cmd_flag_none },
 +	{ "logoff", wpa_cli_cmd_logoff, cli_cmd_flag_none },
 +	{ "pmksa", wpa_cli_cmd_pmksa, cli_cmd_flag_none },
 +	{ "reassociate", wpa_cli_cmd_reassociate, cli_cmd_flag_none },
 +	{ "preauthenticate", wpa_cli_cmd_preauthenticate, cli_cmd_flag_none },
 +	{ "identity", wpa_cli_cmd_identity, cli_cmd_flag_none },
 +	{ "password", wpa_cli_cmd_password, cli_cmd_flag_sensitive },
 +	{ "new_password", wpa_cli_cmd_new_password, cli_cmd_flag_sensitive },
 +	{ "pin", wpa_cli_cmd_pin, cli_cmd_flag_sensitive },
 +	{ "otp", wpa_cli_cmd_otp, cli_cmd_flag_sensitive },
 +	{ "passphrase", wpa_cli_cmd_passphrase, cli_cmd_flag_sensitive },
 +	{ "bssid", wpa_cli_cmd_bssid, cli_cmd_flag_none },
 +	{ "list_networks", wpa_cli_cmd_list_networks, cli_cmd_flag_none },
 +	{ "select_network", wpa_cli_cmd_select_network, cli_cmd_flag_none },
 +	{ "enable_network", wpa_cli_cmd_enable_network, cli_cmd_flag_none },
 +	{ "disable_network", wpa_cli_cmd_disable_network, cli_cmd_flag_none },
 +	{ "add_network", wpa_cli_cmd_add_network, cli_cmd_flag_none },
 +	{ "remove_network", wpa_cli_cmd_remove_network, cli_cmd_flag_none },
 +	{ "set_network", wpa_cli_cmd_set_network, cli_cmd_flag_none },
 +	{ "get_network", wpa_cli_cmd_get_network, cli_cmd_flag_none },
 +	{ "save_config", wpa_cli_cmd_save_config, cli_cmd_flag_none },
 +	{ "disconnect", wpa_cli_cmd_disconnect, cli_cmd_flag_none },
 +	{ "reconnect", wpa_cli_cmd_reconnect, cli_cmd_flag_none },
 +	{ "scan", wpa_cli_cmd_scan, cli_cmd_flag_none },
 +	{ "scan_results", wpa_cli_cmd_scan_results, cli_cmd_flag_none },
 +	{ "get_capability", wpa_cli_cmd_get_capability, cli_cmd_flag_none },
 +	{ "reconfigure", wpa_cli_cmd_reconfigure, cli_cmd_flag_none },
 +	{ "terminate", wpa_cli_cmd_terminate, cli_cmd_flag_none },
 +	{ "interface_add", wpa_cli_cmd_interface_add, cli_cmd_flag_none },
 +	{ "interface_remove", wpa_cli_cmd_interface_remove, cli_cmd_flag_none },
 +	{ "ap_scan", wpa_cli_cmd_ap_scan, cli_cmd_flag_none },
 +	{ "stkstart", wpa_cli_cmd_stkstart, cli_cmd_flag_none },
 +	{ NULL, NULL, cli_cmd_flag_none }
  };
 =20
 +static int _cmd_has_sensitive_data(const char *cmd)
 +{
 +	const char *c, *delim;
 +	int n;
 +	size_t len;
 +
 +	delim =3D strpbrk(cmd, " \t");
 +	if (delim)
 +		len =3D delim - cmd;
 +	else
 +		len =3D strlen(cmd);
 +
 +	for (n =3D 0; c =3D wpa_cli_commands[n].cmd; n++) {
 +		if (os_strncasecmp(cmd, c, len) =3D=3D 0 && len =3D=3D strlen(c))
 +			return (wpa_cli_commands[n].flags &
 +			    cli_cmd_flag_sensitive);
 +	}
 +	return 0;
 +}
 =20
  static int wpa_request(struct wpa_ctrl *ctrl, int argc, char *argv[])
  {
 @@ -1349,24 +1373,20 @@ static void wpa_cli_interactive(void)
  		 * passwords. */
  		HIST_ENTRY *h;
  		history_set_pos(0);
 -		h =3D next_history();
 -		while (h) {
 +		while (h =3D current_history()) {
  			char *p =3D h->line;
  			while (*p =3D=3D ' ' || *p =3D=3D '\t')
  				p++;
 -			if (os_strncasecmp(p, "pa", 2) =3D=3D 0 ||
 -			    os_strncasecmp(p, "o", 1) =3D=3D 0 ||
 -			    os_strncasecmp(p, "n", 1)) {
 +			if (_cmd_has_sensitive_data(p)) {
  				h =3D remove_history(where_history());
  				if (h) {
  					os_free(h->line);
  					os_free(h->data);
  					os_free(h);
 -				}
 -				h =3D current_history();
 -			} else {
 -				h =3D next_history();
 -			}
 +				} else
 +					next_history();
 +			} else
 +				next_history();
  		}
  		write_history(hfile);
  		os_free(hfile);
 --=20
 1.6.0.3
 
 
 --NzB8fVQJ5HfG6fxh--
 
 --i0/AhcQY5QxfSsSZ
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (FreeBSD)
 
 iEYEARECAAYFAkkR3t0ACgkQthUKNsbL7YijtgCfcGVUtEI5SQbGLjj0lWkmtQD4
 fhkAnRToWxLfVDpF8FDgXQiekkxUpb7U
 =dpiq
 -----END PGP SIGNATURE-----
 
 --i0/AhcQY5QxfSsSZ--


More information about the freebsd-bugs mailing list