dev_exec_action: Allow UOSP to be disabled
Making a file with name "uosc-disabled" in the certificate directory (-C
command line option or /etc/wpa_supplicant by default) can now be used
to disable user override for server certificate for the device. This is
mainly for validating test script completeness.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
diff --git a/dev.c b/dev.c
index 2ecd477..356b841 100644
--- a/dev.c
+++ b/dev.c
@@ -14,6 +14,9 @@
#include "wpa_helpers.h"
+extern char *sigma_cert_path;
+
+
static enum sigma_cmd_result cmd_dev_send_frame(struct sigma_dut *dut,
struct sigma_conn *conn,
struct sigma_cmd *cmd)
@@ -71,7 +74,7 @@
struct sigma_conn *conn,
const char *val)
{
- char buf[100];
+ char buf[200];
struct wpa_ctrl *ctrl = NULL;
int e;
char resp[200];
@@ -85,6 +88,14 @@
return INVALID_SEND_STATUS;
}
+ snprintf(buf, sizeof(buf), "%s/uosc-disabled", sigma_cert_path);
+ if (file_exists(buf)) {
+ strlcpy(resp,
+ "ServerCertTrustResult,OverrideNotAllowed,Reason,UOSC disabled on device",
+ sizeof(resp));
+ goto done;
+ }
+
if (!dut->server_cert_hash[0]) {
strlcpy(resp,
"ServerCertTrustResult,OverrideNotAllowed,Reason,No server certificate stored",