{"id":2224876,"url":"http://patchwork.ozlabs.org/api/patches/2224876/?format=json","web_url":"http://patchwork.ozlabs.org/project/hostap/patch/20260419090202.10870-1-aokblast@FreeBSD.org/","project":{"id":22,"url":"http://patchwork.ozlabs.org/api/projects/22/?format=json","name":"HostAP Development","link_name":"hostap","list_id":"hostap.lists.infradead.org","list_email":"hostap@lists.infradead.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260419090202.10870-1-aokblast@FreeBSD.org>","list_archive_url":null,"date":"2026-04-19T09:02:02","name":"[v2] config_file: Honor permissions from the target file","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"689fe5b7d43593cff2ada32b8f657f1a3d37c74b","submitter":{"id":91510,"url":"http://patchwork.ozlabs.org/api/people/91510/?format=json","name":"ShengYi Hung","email":"aokblast@FreeBSD.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/hostap/patch/20260419090202.10870-1-aokblast@FreeBSD.org/mbox/","series":[{"id":500489,"url":"http://patchwork.ozlabs.org/api/series/500489/?format=json","web_url":"http://patchwork.ozlabs.org/project/hostap/list/?series=500489","date":"2026-04-19T09:02:02","name":"[v2] config_file: Honor permissions from the target file","version":2,"mbox":"http://patchwork.ozlabs.org/series/500489/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2224876/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2224876/checks/","tags":{},"related":[],"headers":{"Return-Path":"\n <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=BqLFGYOj;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n secure) header.d=freebsd.org header.i=@freebsd.org header.a=rsa-sha256\n header.s=dkim header.b=TnzwDRp8;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fz2hq2Xn7z1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Sun, 19 Apr 2026 19:03:23 +1000 (AEST)","from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wEO3F-00000005fEE-2Sy5;\n\tSun, 19 Apr 2026 09:02:49 +0000","from mx2.freebsd.org ([96.47.72.81])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wEO3D-00000005fDt-0tXo\n\tfor hostap@lists.infradead.org;\n\tSun, 19 Apr 2026 09:02:48 +0000","from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits)\n\t client-signature RSA-PSS (4096 bits))\n\t(Client CN \"mx1.freebsd.org\", Issuer \"R12\" (not verified))\n\tby mx2.freebsd.org (Postfix) with ESMTPS id 4fz2h60R2vz3shV;\n\tSun, 19 Apr 2026 09:02:46 +0000 (UTC)\n\t(envelope-from aokblast@FreeBSD.org)","from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256\n\t client-signature RSA-PSS (4096 bits) client-digest SHA256)\n\t(Client CN \"smtp.freebsd.org\", Issuer \"R12\" (not verified))\n\tby mx1.freebsd.org (Postfix) with ESMTPS id 4fz2h56LScz3rkT;\n\tSun, 19 Apr 2026 09:02:45 +0000 (UTC)\n\t(envelope-from aokblast@FreeBSD.org)","from localhost.localdomain\n (2001-b011-3808-3c9b-c651-d0a5-df6b-f6bf.dynamic-ip6.hinet.net\n [IPv6:2001:b011:3808:3c9b:c651:d0a5:df6b:f6bf])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n\t(Client did not present a certificate)\n\t(Authenticated sender: aokblast)\n\tby smtp.freebsd.org (Postfix) with ESMTPSA id 4fz2h45m78zrwy;\n\tSun, 19 Apr 2026 09:02:44 +0000 (UTC)\n\t(envelope-from aokblast@FreeBSD.org)"],"DKIM-Signature":["v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:Date:Subject:Cc\n\t:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:\n\tResent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:\n\tList-Owner; bh=xKt/uouWf0IYLREQzgTasF9mKp5O5MOoqwg53kh5XxU=; b=BqLFGYOji7DNIb\n\tZtiNUAqU3xIwgQbKQzFEPEsE/Mp7nCk/U/7V6TcZczTuiK0IihpED2BLMWMT/EPci6WvzFyMq0NjL\n\tgTHVI8Gbs0N2RYIcFDqDfLEYJrDRqcv8r+Agr933tXRXZbfM41tSLEKEmMA4GHGeWfzelkUDq4Do1\n\tfeFbwaCtBfRPmKgz3t3hEVKnYYQfPYajRKK0Ht8t3E3Q8Vg+YuD7wji/V9NOByFRvRPS+GHnzVIB1\n\tAJQZ34Fmjs+VzPLzswugJU/Kc3FBRlEj/DJSt6TIhx8UcQAk9yV7XXdpnB9DVigRb+le58ZiL531n\n\tC1EKQWlakbCj4KKSq2qA==;","v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;\n\tt=1776589365;\n\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n\t to:to:cc:cc:mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding;\n\tbh=+yiMlpcmSt9dB/IWWF4x+Cubi1vLXivSD0Yz3777HVI=;\n\tb=TnzwDRp8t/wPVa1laDIb/papDucasScTJhTaYCMsvPrLz+jvKutkrq6ZKZuVt0ObJWZ960\n\tyzBihZcgAhpYuLUX5NDwRH3gh+Jx9vVl6Zop81H34Y+FxmeLQLnE3B6YZJeMTAlyQGO6g5\n\tXvEKAlnB/HLFyux44skaJZA2mip29FdW1+AfdCXwMx6EGQ7SdPM8t1Fp1l9YO7ClBA+Bw/\n\tusT85fTdLZK1EdAEaJEk2PT+/ADA5Jge7SrgBravF37PNGv9vbvGH7g45Fgp0szzpttBeF\n\t1uSxwdyXkQuL0lvG+ia7rdHLey83dIYVKiMb4d8mxrxQnzp1gbE8sFLu6w29BQ=="],"ARC-Seal":"i=1; s=dkim; d=freebsd.org; t=1776589365; a=rsa-sha256; cv=none;\n\tb=kynBHHxkGa6v3dg8r8htj2eyI75y0FNbd9Qm0CTe6RTiOGNgLSl4pSmnFW1FnP/hG/vk8u\n\tXmeM5SZsl+l6QfsApWPX18VBfcQqTb+X7WGIxXnncZzUYswfLC5pJ9QW7c78gmT+hGCgEu\n\tKtpdCbC98pL3HH+VMrTwBI9wFBY+12uXvbogiILExECE8BPcSDRboc/8RuF/FokFvwCV53\n\t8wFRq+5sbRlAe6+IInwegS1AIpVOfoFLsX/iRREUo3x9Ws1N4YtizNJ6aAU8DsYHyvXAPa\n\t2NZJUk54CAD1etsXm50BJnzezSRmZheeuuA8uGEZnGar2byUxDIKdhs4vMvpAQ==","ARC-Authentication-Results":"i=1;\n\tmx1.freebsd.org;\n\tnone","ARC-Message-Signature":"i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;\n\ts=dkim; t=1776589365;\n\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n\t to:to:cc:cc:mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding;\n\tbh=+yiMlpcmSt9dB/IWWF4x+Cubi1vLXivSD0Yz3777HVI=;\n\tb=WuCGd6KeieebSHdGBdoWel/wOwDaD+8XJr6eDFIFK5weLrcNRaSJ+MgtGFwG/kj9ztj46T\n\tme26iy4by62tpNZDQHNveYdMnyn+2dhjfR7dDznmCwtzIOPwr6zvCQG17fllPQpM/YCgpW\n\tBy0xjcg8zSOGTwOokot+1PXwN9uFWOdtXXQWHwdjuTUgkswFJq1dZoqmC7saslZBy5PDsW\n\t1HOZS7iNpAWvNpipdc0UcppM+nr8Go+KXe/PCX+FJgzqduNSSuogT1xW2AV0zQjtIamgmi\n\t0r4rejQVvGvUgAw7V/2xU7QoiYTtXghF3sq4nvU5ao4v6vDhOQmr7NDLCyskTA==","From":"ShengYi Hung <aokblast@FreeBSD.org>","To":"hostap@lists.infradead.org","Cc":"ShengYi Hung <aokblast@FreeBSD.org>","Subject":"[PATCH v2] config_file: Honor permissions from the target file","Date":"Sun, 19 Apr 2026 17:02:02 +0800","Message-ID":"<20260419090202.10870-1-aokblast@FreeBSD.org>","X-Mailer":"git-send-email 2.53.0","MIME-Version":"1.0","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20260419_020247_320627_D284D7CD ","X-CRM114-Status":"GOOD (  11.90  )","X-Spam-Score":"-4.4 (----)","X-Spam-Report":"Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam.  The original\n message has been attached to this so you can view it or label\n similar future email.  If you have any questions, see\n the administrator of that system for details.\n Content preview:  fwrite creates file with default permission (rw-r--r--)\n while\n    the file does not exist. However, the wpa config file may be installed as\n    (rw-------), which doesn't want other user to see the password.\n Content analysis details:   (-4.4 points, 5.0 required)\n  pts rule name              description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED      RBL: Sender listed at https://www.dnswl.org/,\n                             medium trust\n                             [96.47.72.81 listed in list.dnswl.org]\n -0.0 SPF_PASS               SPF: sender matches SPF record\n  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record\n -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from\n author's\n                             domain\n  0.1 DKIM_SIGNED            Message has a DKIM or DK signature,\n not necessarily valid\n -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from\n                             envelope-from domain\n -0.1 DKIM_VALID             Message has at least one valid DKIM or DK\n signature\n -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%\n                             [score: 0.0000]\n -0.0 DKIMWL_WL_HIGH         DKIMwl.org - High trust sender","X-BeenThere":"hostap@lists.infradead.org","X-Mailman-Version":"2.1.34","Precedence":"list","List-Id":"<hostap.lists.infradead.org>","List-Unsubscribe":"<http://lists.infradead.org/mailman/options/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=unsubscribe>","List-Archive":"<http://lists.infradead.org/pipermail/hostap/>","List-Post":"<mailto:hostap@lists.infradead.org>","List-Help":"<mailto:hostap-request@lists.infradead.org?subject=help>","List-Subscribe":"<http://lists.infradead.org/mailman/listinfo/hostap>,\n <mailto:hostap-request@lists.infradead.org?subject=subscribe>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"\"Hostap\" <hostap-bounces@lists.infradead.org>","Errors-To":"hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"},"content":"fwrite creates file with default permission (rw-r--r--) while the file\ndoes not exist. However, the wpa config file may be installed as\n(rw-------), which doesn't want other user to see the password.\n\nAs a result, we honor these permissions from the original file by using\nstat and chmod syscalls.\n\nSigned-off-by: ShengYi Hung <aokblast@FreeBSD.org>\n---\n wpa_supplicant/config_file.c | 5 +++++\n 1 file changed, 5 insertions(+)","diff":"diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c\nindex 45b16d43a..062b41ec3 100644\n--- a/wpa_supplicant/config_file.c\n+++ b/wpa_supplicant/config_file.c\n@@ -1856,6 +1856,7 @@ int wpa_config_write(const char *name, struct wpa_config *config)\n \tconst char *orig_name = name;\n \tint tmp_len;\n \tchar *tmp_name;\n+\tstruct stat file_stat;\n \n \tif (!name) {\n \t\twpa_printf(MSG_ERROR, \"No configuration file for writing\");\n@@ -1878,6 +1879,10 @@ int wpa_config_write(const char *name, struct wpa_config *config)\n \t\treturn -1;\n \t}\n \n+\tif (stat(orig_name, &file_stat) == 0)\n+\t\tchmod(name, (file_stat.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)) |\n+\t\t\t  S_IRUSR | S_IWUSR);\n+\n \twpa_config_write_global(f, config);\n \n \tfor (cred = config->cred; cred; cred = cred->next) {\n","prefixes":["v2"]}