[PATCH] iwinfo: nl80211: fix wpa supplicant ctrl socket permissions
Andre Heider
a.heider at gmail.com
Sun Nov 13 12:33:46 PST 2022
No data at all can currently be read from the control socket.
Set up the permission exactly like hostapd's wpa_cli utility to fix it.
Among other this fixes a mesh's encryption being shown as "None".
Signed-off-by: Andre Heider <a.heider at gmail.com>
---
iwinfo_nl80211.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/iwinfo_nl80211.c b/iwinfo_nl80211.c
index aa92382..77fddee 100644
--- a/iwinfo_nl80211.c
+++ b/iwinfo_nl80211.c
@@ -938,6 +938,18 @@ static int nl80211_wpactl_connect(const char *ifname, struct sockaddr_un *local)
sprintf(remote.sun_path, "/var/run/wpa_supplicant-%s/%s",
ifname, ifname);
+ /* Set client socket file permissions so that bind() creates the client
+ * socket with these permissions and there is no need to try to change
+ * them with chmod() after bind() which would have potential issues with
+ * race conditions. These permissions are needed to make sure the server
+ * side (wpa_supplicant or hostapd) can reply to the control interface
+ * messages.
+ *
+ * The lchown() calls below after bind() are also part of the needed
+ * operations to allow the response to go through. Those are using the
+ * no-deference-symlinks version to avoid races. */
+ fchmod(sock, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+
if (fcntl(sock, F_SETFD, fcntl(sock, F_GETFD) | FD_CLOEXEC) < 0)
{
close(sock);
@@ -966,6 +978,10 @@ static int nl80211_wpactl_connect(const char *ifname, struct sockaddr_un *local)
return -1;
}
+ /* Set group even if we do not have privileges to change owner */
+ lchown(local->sun_path, -1, 101);
+ lchown(local->sun_path, 101, 101);
+
return sock;
}
--
2.35.1
More information about the openwrt-devel
mailing list