[PATCH v2] Add dbus signal for information about server certification

Jouni Malinen j at w1.fi
Tue Jul 5 05:23:07 EDT 2011


On Wed, Jun 29, 2011 at 02:54:17PM +0800, Michael Chang wrote:
> In general, this patch attemps to extend commit
> 00468b4650998144f794762206c695c962c54734 with dbus support.
> 
> This can be used by dbus client to implement subject match text
> entry with preset value probed from server. This preset value, if
> user accepts it, is remembered and passed to subject_match config
> for any future authenication.

Thanks! I applied this with some changes.

> diff --git a/src/eap_peer/eap.c b/src/eap_peer/eap.c
> @@ -1208,6 +1208,14 @@ static void eap_peer_sm_tls_event(void *ctx, enum tls_event ev,
> +		if (sm->eapol_cb->notify_cert) {
> +			sm->eapol_cb->notify_cert(sm->eapol_ctx,
> +					data->peer_cert.depth,
> +					data->peer_cert.subject,
> +					hash_hex ? hash_hex : "",
> +					cert_hex ? wpabuf_head(data->peer_cert.cert) : NULL,
> +					cert_hex ? wpabuf_len(data->peer_cert.cert) : 0);

I changed the callbacks to use struct wpabuf * instead of char* and int
len.

> diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
> +void wpas_dbus_signal_certification(struct wpa_supplicant *wpa_s,

> +	if (cert_hex && cert_hex_len)
> +		if (!wpa_dbus_dict_append_byte_array(&dict_iter, "cert_hex", cert_hex, cert_hex_len))

Since this is really a byte array of the raw certificate bytes instead
of hexdump of that, I renamed "cert_hex" to "cert".

> @@ -2641,6 +2686,12 @@ static const struct wpa_dbus_signal_desc wpas_dbus_interface_signals[] = {
>  #endif /* CONFIG_P2P */
> +	{ "Certification", WPAS_DBUS_NEW_IFACE_INTERFACE,
> +	  {
> +		  { "certification", "a{sv}", ARG_OUT },
> +		  END_ARGS
> +	  }
> +	},

I'm not really that familiar with the format used here, but this looks a
bit odd.. Is that list of arguments really correct?

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list