Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / vendor / qcom-opensource / wlan / utils / sigma-dut / 6a3005fe0349b8c5954d772ab6a8eb9e99b15b2b^! / . / dev.c
commit6a3005fe0349b8c5954d772ab6a8eb9e99b15b2b[log] [tgz]
authorJouni Malinen <jouni@codeaurora.org>Thu Jun 13 23:39:34 2019 +0300
committerJouni Malinen <jouni@codeaurora.org>Thu Jun 13 23:39:34 2019 +0300
tree3e8c7c585ce1c7ca2e23792411ae5c3ec4f418c8
parenta485fd1dd00b5b8a24a17274134141689cda886b [diff] [blame]
dev_exec_action: Update ServerCertTrust behavior

The CAPI command definition was modified, so match the changes in the
implementation. Indicate OverrideNotAllowed explicitly.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/dev.c b/dev.c
index e70b7fa..2ecd477 100644
--- a/dev.c
+++ b/dev.c

@@ -79,33 +79,37 @@
 
 	strlcpy(resp, "ServerCertTrustResult,Accepted", sizeof(resp));
 
-	if (strcasecmp(val, "Accept") != 0) {
-		strlcpy(resp,
-			"ServerCertTrustResult,NotAccepted,Reason,Unsupported ServerCertTrust value",
-			sizeof(resp));
-		goto done;
+	if (strcasecmp(val, "Accept") != 0 && strcasecmp(val, "Reject") != 0) {
+		sigma_dut_print(dut, DUT_MSG_INFO,
+				"Unknown ServerCertTrust value '%s'", val);
+		return INVALID_SEND_STATUS;
 	}
 
 	if (!dut->server_cert_hash[0]) {
 		strlcpy(resp,
-			"ServerCertTrustResult,NotAccepted,Reason,No server certificate stored",
+			"ServerCertTrustResult,OverrideNotAllowed,Reason,No server certificate stored",
 			sizeof(resp));
 		goto done;
 	}
 
 	if (dut->sta_tod_policy) {
 		strlcpy(resp,
-			"ServerCertTrustResult,NotAccepted,Reason,TOD policy",
+			"ServerCertTrustResult,OverrideNotAllowed,Reason,TOD policy",
 			sizeof(resp));
 		goto done;
 	}
 
+	if (strcasecmp(val, "Accept") != 0) {
+		strlcpy(resp, "ServerCertTrustResult,Rejected", sizeof(resp));
+		goto done;
+	}
+
 	snprintf(buf, sizeof(buf), "hash://server/sha256/%s",
 		 dut->server_cert_hash);
 	if (set_network_quoted(get_station_ifname(), dut->infra_network_id,
 			       "ca_cert", buf) < 0) {
 		strlcpy(resp,
-			"ServerCertTrustResult,NotAccepted,Reason,Could not configure server certificate hash for the network profile",
+			"ServerCertTrustResult,OverrideNotAllowed,Reason,Could not configure server certificate hash for the network profile",
 			sizeof(resp));
 		goto done;
 	}
@@ -149,7 +153,7 @@
 
 		if (strstr(buf, "CTRL-EVENT-EAP-TLS-CERT-ERROR")) {
 			strlcpy(resp,
-				"ServerCertTrustResult,Accepted,Result,TLS server certitficate validation failed with updated profile",
+				"ServerCertTrustResult,Accepted,Result,TLS server certificate validation failed with updated profile",
 				sizeof(resp));
 			goto done;
 		}