EAP AgentPassphrase has been set on replies from the agent and
removed on any error. It has been used by the wifi plugin as a
backup if the normal wifi passphrase is unset. The normal passphrase
is removed only on invalid key errors with a comment indicating
that EAP does not always signal invalid key errors although the
key is incorrect.

Thus the implementation can end up in a situation where the normal
passphrase is wrong but not removed resulting in unnecessarily
retrying with an erroneous key.
---
 src/connman.h |  4 +---
 src/service.c | 36 +++++++-----------------------------
 2 files changed, 8 insertions(+), 32 deletions(-)

diff --git a/src/connman.h b/src/connman.h
index bf59dbf..f18b2f3 100644
--- a/src/connman.h
+++ b/src/connman.h
@@ -2,7 +2,7 @@
  *
  *  Connection Manager
  *
- *  Copyright (C) 2007-2012  Intel Corporation. All rights reserved.
+ *  Copyright (C) 2007-2014  Intel Corporation. All rights reserved.
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2 as
@@ -756,8 +756,6 @@ void __connman_service_set_agent_identity(struct 
connman_service *service,
 int __connman_service_set_passphrase(struct connman_service *service,
                                        const char *passphrase);
 const char *__connman_service_get_passphrase(struct connman_service *service);
-void __connman_service_set_agent_passphrase(struct connman_service *service,
-                                               const char *agent_passphrase);
 int __connman_service_reset_ipconfig(struct connman_service *service,
                enum connman_ipconfig_type type, DBusMessageIter *array,
                enum connman_service_state *new_state);
diff --git a/src/service.c b/src/service.c
index 33cce14..212c5a4 100644
--- a/src/service.c
+++ b/src/service.c
@@ -84,7 +84,6 @@ struct connman_service {
        unsigned int order;
        char *name;
        char *passphrase;
-       char *agent_passphrase;
        bool roaming;
        struct connman_ipconfig *ipconfig_ipv4;
        struct connman_ipconfig *ipconfig_ipv6;
@@ -2809,20 +2808,6 @@ const char *__connman_service_get_passphrase(struct 
connman_service *service)
        return service->passphrase;
 }
 
-void __connman_service_set_agent_passphrase(struct connman_service *service,
-                                               const char *agent_passphrase)
-{
-       if (service->hidden)
-               return;
-       g_free(service->agent_passphrase);
-       service->agent_passphrase = g_strdup(agent_passphrase);
-
-       if (service->network)
-               connman_network_set_string(service->network,
-                                       "WiFi.AgentPassphrase",
-                                       service->agent_passphrase);
-}
-
 static DBusMessage *get_properties(DBusConnection *conn,
                                        DBusMessage *msg, void *user_data)
 {
@@ -3982,9 +3967,6 @@ bool __connman_service_remove(struct connman_service 
*service)
        g_free(service->passphrase);
        service->passphrase = NULL;
 
-       g_free(service->agent_passphrase);
-       service->agent_passphrase = NULL;
-
        g_free(service->identity);
        service->identity = NULL;
 
@@ -4435,7 +4417,6 @@ static void service_free(gpointer user_data)
        g_free(service->pac);
        g_free(service->name);
        g_free(service->passphrase);
-       g_free(service->agent_passphrase);
        g_free(service->identifier);
        g_free(service->eap);
        g_free(service->identity);
@@ -5004,12 +4985,10 @@ int __connman_service_add_passphrase(struct 
connman_service *service,
        switch (service->security) {
        case CONNMAN_SERVICE_SECURITY_WEP:
        case CONNMAN_SERVICE_SECURITY_PSK:
-               err = __connman_service_set_passphrase(service, passphrase);
-               break;
        case CONNMAN_SERVICE_SECURITY_8021X:
-               __connman_service_set_agent_passphrase(service,
-                                               passphrase);
+               err = __connman_service_set_passphrase(service, passphrase);
                break;
+
        case CONNMAN_SERVICE_SECURITY_UNKNOWN:
        case CONNMAN_SERVICE_SECURITY_NONE:
        case CONNMAN_SERVICE_SECURITY_WPA:
@@ -5424,15 +5403,15 @@ int __connman_service_indicate_error(struct 
connman_service *service,
 
        set_error(service, error);
 
-       if (service->error == CONNMAN_SERVICE_ERROR_INVALID_KEY)
-               __connman_service_set_passphrase(service, NULL);
-
        /*
         * Supplicant does not always return invalid key error for
         * WPA-EAP so clear the credentials always.
         */
+       if (service->error == CONNMAN_SERVICE_ERROR_INVALID_KEY ||
+                       service->security == CONNMAN_SERVICE_SECURITY_8021X)
+               __connman_service_set_passphrase(service, NULL);
+
        __connman_service_set_agent_identity(service, NULL);
-       __connman_service_set_agent_passphrase(service, NULL);
 
        __connman_service_ipconfig_indicate_state(service,
                                                CONNMAN_SERVICE_STATE_FAILURE,
@@ -5844,8 +5823,7 @@ static int service_connect(struct connman_service 
*service)
                         */
                        if ((!service->identity &&
                                        !service->agent_identity) ||
-                                       (!service->passphrase &&
-                                       !service->agent_passphrase))
+                                       !service->passphrase)
                                return -ENOKEY;
 
                        break;
-- 
1.8.5.2

_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

Reply via email to