shill: Restrict access to the WiFi passphrase via Service.GetProperties API
Do it by registering the passphrase as a write-only property.
BUG=chromium-os:21196
TEST=added a new unit test
Change-Id: I76684dafb4050346faff18ce199d95d8bd4b5bd7
Reviewed-on: https://gerrit.chromium.org/gerrit/11541
Commit-Ready: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Tested-by: Gaurav Shah <gauravsh@chromium.org>
diff --git a/wifi_service_unittest.cc b/wifi_service_unittest.cc
index 661e3e3..929766c 100644
--- a/wifi_service_unittest.cc
+++ b/wifi_service_unittest.cc
@@ -61,7 +61,7 @@
class WiFiServiceSecurityTest : public WiFiServiceTest {
public:
WiFiServiceRefPtr CreateServiceWithSecurity(const string &security) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
ssid.push_back(0xff);
return new WiFiService(control_interface(),
@@ -125,13 +125,8 @@
}
};
-MATCHER(WPASecurityArgs, "") {
- return ContainsKey(arg, wpa_supplicant::kPropertySecurityProtocol) &&
- ContainsKey(arg, wpa_supplicant::kPropertyPreSharedKey);
-}
-
TEST_F(WiFiServiceTest, StorageId) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
ssid.push_back(0xff);
WiFiServiceRefPtr wifi_service = new WiFiService(control_interface(),
@@ -154,6 +149,24 @@
EXPECT_NE(id.find(string(flimflam::kModeManaged), mac_pos), string::npos);
}
+// Make sure the passphrase is registered as a write only property
+// by reading and comparing all string properties returned on the store.
+TEST_F(WiFiServiceTest, PassphraseWriteOnly) {
+ vector<uint8_t> ssid(5);
+ WiFiServiceRefPtr wifi_service = new WiFiService(control_interface(),
+ dispatcher(),
+ manager(),
+ wifi(),
+ ssid,
+ flimflam::kModeManaged,
+ flimflam::kSecurityWpa,
+ false);
+ ReadablePropertyConstIterator<string> it =
+ (wifi_service->store()).GetStringPropertiesIter();
+ for( ; !it.AtEnd(); it.Advance())
+ EXPECT_NE(it.Key(), flimflam::kPassphraseProperty);
+}
+
TEST_F(WiFiServiceTest, NonUTF8SSID) {
vector<uint8_t> ssid;
@@ -171,8 +184,13 @@
DBusAdaptor::GetProperties(wifi_service->store(), &properties, NULL);
}
+MATCHER(WPASecurityArgs, "") {
+ return ContainsKey(arg, wpa_supplicant::kPropertySecurityProtocol) &&
+ ContainsKey(arg, wpa_supplicant::kPropertyPreSharedKey);
+}
+
TEST_F(WiFiServiceTest, ConnectTaskWPA) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
WiFiServiceRefPtr wifi_service = new WiFiService(control_interface(),
dispatcher(),
manager(),
@@ -187,7 +205,7 @@
}
TEST_F(WiFiServiceTest, ConnectTaskRSN) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
WiFiServiceRefPtr wifi_service = new WiFiService(control_interface(),
dispatcher(),
manager(),
@@ -202,7 +220,7 @@
}
TEST_F(WiFiServiceTest, ConnectTaskPSK) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
WiFiServiceRefPtr wifi_service = new WiFiService(control_interface(),
dispatcher(),
manager(),
@@ -217,7 +235,7 @@
}
TEST_F(WiFiServiceTest, LoadHidden) {
- vector<uint8_t> ssid(5, 0);
+ vector<uint8_t> ssid(5);
ssid.push_back(0xff);
WiFiServiceRefPtr service = new WiFiService(control_interface(),