fix: add a new property SAEConfirmMismatch

Log: Add a new dbus property SAEConfirmMismatch to notify the desktop
     that a password dialog needs to pop up for the user to enter the
     correct password
pms: Bug-282673

debian/changelog

@@ -1,3 +1,9 @@
+wpa (2:2.10-deepin3) unstable; urgency=medium
+
+  * add dbus property SAEConfirmMismatch.
+
+ -- xinpeng.wang <[email protected]>  Thu, 26 Dec 2024 14:01:09 +0800
+
 wpa (2:2.10-deepin2) unstable; urgency=medium
 
   * merge v20 patch.

debian/patches/series

@@ -21,3 +21,4 @@ uniontech-filter-eap-response.patch
 uniontech-scan-failed-when-down.patch
 uniontech-add-failed_restart.patch
 uniontech-dbus-security-hardending.patch
+uniontech-dbus-add-a-new-property-SAEConfirmMismatch.patch

debian/patches/uniontech-dbus-add-a-new-property-SAEConfirmMismatch.patch

@@ -0,0 +1,178 @@
+Index: wpa/src/common/sae.c
+===================================================================
+--- wpa.orig/src/common/sae.c	2024-12-04 16:04:54.014235169 +0800
++++ wpa/src/common/sae.c	2024-12-26 11:17:33.332704460 +0800
+@@ -2332,6 +2332,7 @@
+ 			    data + 2, hash_len);
+ 		wpa_hexdump(MSG_DEBUG, "SAE: Calculated verifier",
+ 			    verifier, hash_len);
++		sae->sae_confirm_mismatch = 1;
+ 		return -1;
+ 	}
+
+Index: wpa/src/common/sae.h
+===================================================================
+--- wpa.orig/src/common/sae.h	2024-12-26 10:31:59.325343591 +0800
++++ wpa/src/common/sae.h	2024-12-26 11:17:59.501958153 +0800
+@@ -113,6 +113,7 @@
+ 	u16 rc; /* protocol instance variable: Rc (received send-confirm) */
+ 	unsigned int h2e:1;
+ 	unsigned int pk:1;
++	unsigned int sae_confirm_mismatch:1;
+ 	struct sae_temporary_data *tmp;
+ };
+
+Index: wpa/wpa_supplicant/dbus/dbus_new.c
+===================================================================
+--- wpa.orig/wpa_supplicant/dbus/dbus_new.c	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/dbus/dbus_new.c	2024-12-26 11:25:45.447576595 +0800
+@@ -2344,6 +2344,9 @@
+ 	case WPAS_DBUS_PROP_BSS_TM_STATUS:
+ 		prop = "BSSTMStatus";
+ 		break;
++	case WPAS_DBUS_PROP_SAE_CONFIRM_MISMATCH:
++		prop = "SAEConfirmMismatch";
++		break;
+ 	default:
+ 		wpa_printf(MSG_ERROR, "dbus: %s: Unknown Property value %d",
+ 			   __func__, property);
+@@ -3939,6 +3942,14 @@
+ 	  wpas_dbus_setter_mac_address_randomization_mask,
+ 	  NULL
+ 	},
++#if defined(CONFIG_SAE) && defined(CONFIG_SME)
++	{
++	  "SAEConfirmMismatch", WPAS_DBUS_NEW_IFACE_INTERFACE, "b",
++	  wpas_dbus_getter_sae_confirm_mismatch,
++	  NULL,
++	  NULL
++	},
++#endif /* CONFIG_SME && CONFIG_SAE */
+ 	{ NULL, NULL, NULL, NULL, NULL, NULL }
+ };
+
+Index: wpa/wpa_supplicant/dbus/dbus_new.h
+===================================================================
+--- wpa.orig/wpa_supplicant/dbus/dbus_new.h	2024-12-26 10:31:59.325343591 +0800
++++ wpa/wpa_supplicant/dbus/dbus_new.h	2024-12-26 11:26:34.669805489 +0800
+@@ -38,6 +38,7 @@
+ 	WPAS_DBUS_PROP_ROAM_COMPLETE,
+ 	WPAS_DBUS_PROP_SESSION_LENGTH,
+ 	WPAS_DBUS_PROP_BSS_TM_STATUS,
++	WPAS_DBUS_PROP_SAE_CONFIRM_MISMATCH,
+ };
+
+ enum wpas_dbus_bss_prop {
+Index: wpa/wpa_supplicant/dbus/dbus_new_handlers.c
+===================================================================
+--- wpa.orig/wpa_supplicant/dbus/dbus_new_handlers.c	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/dbus/dbus_new_handlers.c	2024-12-26 11:27:34.792518452 +0800
+@@ -3361,6 +3361,27 @@
+ 						&scanning, error);
+ }
+
++#if defined(CONFIG_SAE) && defined(CONFIG_SME)
++/**
++ * wpas_dbus_getter_sae_confirm_mismatch - Get interface sae_confirm_mismatch
++ * @iter: Pointer to incoming dbus message iter
++ * @error: Location to store error on failure
++ * @user_data: Function specific data
++ * Returns: TRUE on success, FALSE on failure
++ *
++ * Getter for "SAEConfirmMismatch" property.
++ */
++dbus_bool_t wpas_dbus_getter_sae_confirm_mismatch(
++	const struct wpa_dbus_property_desc *property_desc,
++	DBusMessageIter *iter, DBusError *error, void *user_data)
++{
++	struct wpa_supplicant *wpa_s = user_data;
++	dbus_bool_t sae_confirm_mismatch = wpa_s->sme.sae.sae_confirm_mismatch ? TRUE : FALSE;
++
++	return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_BOOLEAN,
++						&sae_confirm_mismatch, error);
++}
++#endif /* CONFIG_SME && CONFIG_SAE*/
+
+ /**
+  * wpas_dbus_getter_ap_scan - Control roaming mode
+Index: wpa/wpa_supplicant/dbus/dbus_new_handlers.h
+===================================================================
+--- wpa.orig/wpa_supplicant/dbus/dbus_new_handlers.h	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/dbus/dbus_new_handlers.h	2024-12-26 11:28:21.546621631 +0800
+@@ -219,6 +219,7 @@
+ DECLARE_ACCESSOR(wpas_dbus_setter_enabled);
+ DECLARE_ACCESSOR(wpas_dbus_getter_network_properties);
+ DECLARE_ACCESSOR(wpas_dbus_setter_network_properties);
++DECLARE_ACCESSOR(wpas_dbus_getter_sae_confirm_mismatch);
+
+ DBusMessage * wpas_dbus_handler_wps_start(DBusMessage *message,
+ 					  struct wpa_supplicant *wpa_s);
+Index: wpa/wpa_supplicant/notify.c
+===================================================================
+--- wpa.orig/wpa_supplicant/notify.c	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/notify.c	2024-12-26 11:29:10.132801746 +0800
+@@ -262,6 +262,15 @@
+ 	wpas_dbus_signal_prop_changed(wpa_s, WPAS_DBUS_PROP_SCANNING);
+ }
+
++void wpas_notify_sae_confirm_mismatch(struct wpa_supplicant *wpa_s)
++{
++	if (wpa_s->p2p_mgmt)
++		return;
++
++	/* notify the new DBus API */
++	wpas_dbus_signal_prop_changed(wpa_s, WPAS_DBUS_PROP_SAE_CONFIRM_MISMATCH);
++}
++
+
+ void wpas_notify_scan_done(struct wpa_supplicant *wpa_s, int success)
+ {
+Index: wpa/wpa_supplicant/notify.h
+===================================================================
+--- wpa.orig/wpa_supplicant/notify.h	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/notify.h	2024-12-26 11:29:44.294331537 +0800
+@@ -44,6 +44,7 @@
+ 				 enum wpa_ctrl_req_type rtype,
+ 				 const char *default_txt);
+ void wpas_notify_scanning(struct wpa_supplicant *wpa_s);
++void wpas_notify_sae_confirm_mismatch(struct wpa_supplicant *wpa_s);
+ void wpas_notify_scan_done(struct wpa_supplicant *wpa_s, int success);
+ void wpas_notify_scan_results(struct wpa_supplicant *wpa_s);
+ void wpas_notify_wps_credential(struct wpa_supplicant *wpa_s,
+Index: wpa/wpa_supplicant/sme.c
+===================================================================
+--- wpa.orig/wpa_supplicant/sme.c	2024-12-23 19:53:57.796738828 +0800
++++ wpa/wpa_supplicant/sme.c	2024-12-26 11:31:43.407648143 +0800
+@@ -1353,6 +1353,17 @@
+ 		return -1;
+ 	}
+
++	if (auth_transaction == 2 &&
++	    status_code == WLAN_REASON_UNSPECIFIED) {
++		/* Some APs will only send confirmation after receiving the correct confirmation
++		   sent by STA, otherwise they will send status_code=WLAN_REASON_UNSPECIFIED.
++		   In order to allow the desktop to pop up the password dialog in this case,here
++		   also notify SAEConfirmMismatch */
++		wpa_s->sme.sae.sae_confirm_mismatch = 1;
++		wpa_dbg(wpa_s, MSG_DEBUG, "SME: Notifying SAEConfirmMismatch attribute changes");
++		wpas_notify_sae_confirm_mismatch(wpa_s);
++	}
++
+ 	if (status_code != WLAN_STATUS_SUCCESS &&
+ 	    status_code != WLAN_STATUS_SAE_HASH_TO_ELEMENT &&
+ 	    status_code != WLAN_STATUS_SAE_PK) {
+@@ -1437,8 +1448,13 @@
+ 		wpa_dbg(wpa_s, MSG_DEBUG, "SME SAE confirm");
+ 		if (wpa_s->sme.sae.state != SAE_CONFIRMED)
+ 			return -1;
+-		if (sae_check_confirm(&wpa_s->sme.sae, data, len) < 0)
++		if (sae_check_confirm(&wpa_s->sme.sae, data, len) < 0) {
++			if (wpa_s->sme.sae.sae_confirm_mismatch) {
++				wpa_dbg(wpa_s, MSG_DEBUG, "SME: Notifying SAEConfirmMismatch attribute changes");
++				wpas_notify_sae_confirm_mismatch(wpa_s);
++			}
+ 			return -1;
++		}
+ 		wpa_s->sme.sae.state = SAE_ACCEPTED;
+ 		sae_clear_temp_data(&wpa_s->sme.sae);
+