From 28e2e446868b94b92edc4a82aa0bf1e3eda8ec54 Mon Sep 17 00:00:00 2001
From: Dan Williams <dcbw@redhat.com>
Date: Mon, 28 Sep 2009 15:29:29 -0700
Subject: [PATCH] ifcfg-rh: really fix writing the WPA PSK and add testcase for
 it

---
 .../plugins/ifcfg-rh/tests/test-ifcfg-rh.c    | 44 ++++++++++++++++---
 system-settings/plugins/ifcfg-rh/writer.c     | 21 ++++-----
 2 files changed, 49 insertions(+), 16 deletions(-)

diff --git a/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
index 12e8008596..4d83145982 100644
--- a/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
+++ b/system-settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
@@ -4215,7 +4215,8 @@ test_write_wifi_wpa_psk (const char *name,
                          const char *test_name,
                          gboolean wep_group,
                          gboolean wpa,
-                         gboolean wpa2)
+                         gboolean wpa2,
+                         const char *psk)
 {
 	NMConnection *connection;
 	NMConnection *reread;
@@ -4233,6 +4234,8 @@ test_write_wifi_wpa_psk (const char *name,
 	GByteArray *ssid;
 	const unsigned char ssid_data[] = "blahblah";
 
+	g_return_if_fail (psk != NULL);
+
 	connection = nm_connection_new ();
 	ASSERT (connection != NULL,
 	        test_name, "failed to allocate new connection");
@@ -4280,7 +4283,7 @@ test_write_wifi_wpa_psk (const char *name,
 
 	g_object_set (s_wsec,
 	              NM_SETTING_WIRELESS_SECURITY_KEY_MGMT, "wpa-psk",
-	              NM_SETTING_WIRELESS_SECURITY_PSK, "7d308b11df1b4243b0f78e5f3fc68cdbb9a264ed0edf4c188edf329ff5b467f0",
+	              NM_SETTING_WIRELESS_SECURITY_PSK, psk,
 	              NULL);
 
 	if (wep_group) {
@@ -5620,6 +5623,9 @@ test_write_mobile_broadband (gboolean gsm)
 #define TEST_IFCFG_WIFI_OPEN_SSID_LONG_QUOTED TEST_IFCFG_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-quoted"
 #define TEST_IFCFG_WIFI_OPEN_SSID_LONG_HEX TEST_IFCFG_DIR"/network-scripts/ifcfg-test-wifi-open-ssid-long-hex"
 
+
+#define DEFAULT_HEX_PSK "7d308b11df1b4243b0f78e5f3fc68cdbb9a264ed0edf4c188edf329ff5b467f0"
+
 int main (int argc, char **argv)
 {
 	GError *error = NULL;
@@ -5664,10 +5670,36 @@ int main (int argc, char **argv)
 	test_write_wifi_open_hex_ssid ();
 	test_write_wifi_wep ();
 	test_write_wifi_wep_adhoc ();
-	test_write_wifi_wpa_psk ("Test Write Wifi WPA PSK", "wifi-wpa-psk-write", FALSE, TRUE, FALSE);
-	test_write_wifi_wpa_psk ("Test Write Wifi WPA2 PSK", "wifi-wpa2-psk-write", FALSE, FALSE, TRUE);
-	test_write_wifi_wpa_psk ("Test Write Wifi WPA WPA2 PSK", "wifi-wpa-wpa2-psk-write", FALSE, TRUE, TRUE);
-	test_write_wifi_wpa_psk ("Test Write Wifi WEP WPA WPA2 PSK", "wifi-wep-wpa-wpa2-psk-write", TRUE, TRUE, TRUE);
+	test_write_wifi_wpa_psk ("Test Write Wifi WPA PSK",
+	                         "wifi-wpa-psk-write",
+	                         FALSE,
+	                         TRUE,
+	                         FALSE,
+	                         DEFAULT_HEX_PSK);
+	test_write_wifi_wpa_psk ("Test Write Wifi WPA2 PSK",
+	                         "wifi-wpa2-psk-write",
+	                         FALSE,
+	                         FALSE,
+	                         TRUE,
+	                         DEFAULT_HEX_PSK);
+	test_write_wifi_wpa_psk ("Test Write Wifi WPA WPA2 PSK",
+	                         "wifi-wpa-wpa2-psk-write",
+	                         FALSE,
+	                         TRUE,
+	                         TRUE,
+	                         DEFAULT_HEX_PSK);
+	test_write_wifi_wpa_psk ("Test Write Wifi WEP WPA WPA2 PSK",
+	                         "wifi-wep-wpa-wpa2-psk-write",
+	                         TRUE,
+	                         TRUE,
+	                         TRUE,
+	                         DEFAULT_HEX_PSK);
+	test_write_wifi_wpa_psk ("Test Write Wifi WPA WPA2 PSK Passphrase",
+	                         "wifi-wpa-wpa2-psk-passphrase-write",
+	                         FALSE,
+	                         TRUE,
+	                         TRUE,
+	                         "really insecure passphrase04!");
 	test_write_wifi_wpa_psk_adhoc ();
 	test_write_wifi_wpa_eap_tls ();
 	test_write_wifi_wpa_eap_ttls_tls ();
diff --git a/system-settings/plugins/ifcfg-rh/writer.c b/system-settings/plugins/ifcfg-rh/writer.c
index e39d172b4b..11ab2d182d 100644
--- a/system-settings/plugins/ifcfg-rh/writer.c
+++ b/system-settings/plugins/ifcfg-rh/writer.c
@@ -48,7 +48,7 @@
 	{ g_warning ("   " pname ": " fmt, ##args); }
 
 static void
-set_secret (shvarFile *ifcfg, const char *key, const char *value)
+set_secret (shvarFile *ifcfg, const char *key, const char *value, gboolean verbatim)
 {
 	shvarFile *keyfile;
 	
@@ -62,7 +62,7 @@ set_secret (shvarFile *ifcfg, const char *key, const char *value)
 	/* Clear the secret from the actual ifcfg */
 	svSetValue (ifcfg, key, NULL, FALSE);
 
-	svSetValue (keyfile, key, value, FALSE);
+	svSetValue (keyfile, key, value, verbatim);
 	if (svWriteFile (keyfile, 0600)) {
 		PLUGIN_WARN (IFCFG_PLUGIN_NAME, "    warning: could not update key file '%s'",
 		             keyfile->fileName);
@@ -397,9 +397,9 @@ write_8021x_certs (NMSetting8021x *s_8021x,
 
 	/* Private key password */
 	if (phase2)
-		set_secret (ifcfg, "IEEE_8021X_INNER_PRIVATE_KEY_PASSWORD", password);
+		set_secret (ifcfg, "IEEE_8021X_INNER_PRIVATE_KEY_PASSWORD", password, FALSE);
 	else
-		set_secret (ifcfg, "IEEE_8021X_PRIVATE_KEY_PASSWORD", password);
+		set_secret (ifcfg, "IEEE_8021X_PRIVATE_KEY_PASSWORD", password, FALSE);
 
 	/* Client certificate */
 	if (is_pkcs12) {
@@ -475,7 +475,7 @@ write_8021x_setting (NMConnection *connection,
 	            nm_setting_802_1x_get_anonymous_identity (s_8021x),
 	            FALSE);
 
-	set_secret (ifcfg, "IEEE_8021X_PASSWORD", nm_setting_802_1x_get_password (s_8021x));
+	set_secret (ifcfg, "IEEE_8021X_PASSWORD", nm_setting_802_1x_get_password (s_8021x), FALSE);
 
 	/* PEAP version */
 	value = nm_setting_802_1x_get_phase1_peapver (s_8021x);
@@ -579,7 +579,8 @@ write_wireless_security_setting (NMConnection *connection,
 			            nm_setting_wireless_security_get_leap_username (s_wsec),
 			            FALSE);
 			set_secret (ifcfg, "IEEE_8021X_PASSWORD",
-			            nm_setting_wireless_security_get_leap_password (s_wsec));
+			            nm_setting_wireless_security_get_leap_password (s_wsec),
+			            FALSE);
 			*no_8021x = TRUE;
 		}
 	}
@@ -592,11 +593,11 @@ write_wireless_security_setting (NMConnection *connection,
 	}
 
 	/* WEP keys */
-	set_secret (ifcfg, "KEY", NULL); /* Clear any default key */
+	set_secret (ifcfg, "KEY", NULL, FALSE); /* Clear any default key */
 	for (i = 0; i < 4; i++) {
 		key = nm_setting_wireless_security_get_wep_key (s_wsec, i);
 		tmp = g_strdup_printf ("KEY%d", i + 1);
-		set_secret (ifcfg, tmp, (wep && key) ? key : NULL);
+		set_secret (ifcfg, tmp, (wep && key) ? key : NULL, FALSE);
 		g_free (tmp);
 	}
 
@@ -656,11 +657,11 @@ write_wireless_security_setting (NMConnection *connection,
 			g_string_append (quoted, psk);
 			g_string_append_c (quoted, '"');
 		}
-		set_secret (ifcfg, "WPA_PSK", quoted ? quoted->str : psk);
+		set_secret (ifcfg, "WPA_PSK", quoted ? quoted->str : psk, TRUE);
 		if (quoted)
 			g_string_free (quoted, TRUE);
 	} else
-		set_secret (ifcfg, "WPA_PSK", NULL);
+		set_secret (ifcfg, "WPA_PSK", NULL, FALSE);
 
 	return TRUE;
 }