hostapd: disable logging of wpa_passphrase

Message ID	20241217084648.1152396-1-ck@dev.tdt.de
State	Not Applicable
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Christian Korber <ck@dev.tdt.de> To: hostap@lists.infradead.org Cc: Christian Korber <ckorber@tdt.de> Subject: [PATCH] hostapd: disable logging of wpa_passphrase Date: Tue, 17 Dec 2024 09:46:48 +0100 Message-ID: <20241217084648.1152396-1-ck@dev.tdt.de> MIME-Version: 1.0 preview: From: Christian Korber <ckorber@tdt.de> During the initialization of hostapd, the configuration file is logged in the syslog and the wpa_passphrase is also logged. This is not ideal from a security point of view. Therefore this commit allows the output if compiled in debug mode. Content analysis details: (-2.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [194.37.255.70 listed in list.dnswl.org] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [194.37.255.70 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [194.37.255.70 listed in sa-trusted.bondedsender.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [194.37.255.70 listed in bl.score.senderscore.com] Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	hostapd: disable logging of wpa_passphrase \| expand hostapd: disable logging of wpa_passphrase

Message ID

20241217084648.1152396-1-ck@dev.tdt.de

State

Not Applicable

Headers

From: Christian Korber <ck@dev.tdt.de>
To: hostap@lists.infradead.org
Cc: Christian Korber <ckorber@tdt.de>
Subject: [PATCH] hostapd: disable logging of wpa_passphrase
Date: Tue, 17 Dec 2024 09:46:48 +0100
Message-ID: <20241217084648.1152396-1-ck@dev.tdt.de>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

hostapd: disable logging of wpa_passphrase | expand

Commit Message

Christian Korber Dec. 17, 2024, 8:46 a.m. UTC

From: Christian Korber <ckorber@tdt.de>

During the initialization of hostapd, the configuration file is logged in
the syslog and the wpa_passphrase is also logged.

This is not ideal from a security point of view. Therefore this commit allows
the output if compiled in debug mode.

Signed-off-by: Christian Korber <ckorber@tdt.de>
---
 .../804-disable-logging-of-passphrase.patch       | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch

Comments

Jouni Malinen Dec. 22, 2024, 6:06 p.m. UTC | #1

On Tue, Dec 17, 2024 at 09:46:48AM +0100, Christian Korber wrote:
> During the initialization of hostapd, the configuration file is logged in
> the syslog and the wpa_passphrase is also logged.

What do you mean with the configuration file being logged? And in
particular, where do you see wpa_passphrase being logged?

> This is not ideal from a security point of view. Therefore this commit allows
> the output if compiled in debug mode.

I don't see how this would really be doing that..

>  .../804-disable-logging-of-passphrase.patch       | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
>  create mode 100644 package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch

This is not really a style that would be used for the upstream
hostap.git repository.. Instead of adding patches to file some files,
the changes should modify the files themselves..

> diff --git a/package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch b/package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch

> +--- a/src/ap/hostapd.c
> ++++ b/src/ap/hostapd.c
> +@@ -3378,8 +3378,11 @@ hostapd_interface_init_bss(struct hapd_i
> + 		}
> + 	}
> + 
> +-	wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s",
> ++	if (CONFIG_MSG_MIN_PRIORITY <= MSG_DEBUG){
> ++		wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s",
> + 		   config_fname, phy, iface ? "" : " --> new PHY");
> ++	}

This does not really log the configuration file; it logs only its name.
In other words, no passphrases are logged here..

CONFIG_MSG_MIN_PRIORITY is not defined in hostap.git, so this change
would not even compile.

diff --git a/package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch b/package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch
new file mode 100644
index 000000000..86f8fd774
--- /dev/null
+++ b/package/network/services/hostapd/patches/804-disable-logging-of-passphrase.patch
@@ -0,0 +1,15 @@ 
+--- a/src/ap/hostapd.c
++++ b/src/ap/hostapd.c
+@@ -3378,8 +3378,11 @@ hostapd_interface_init_bss(struct hapd_i
+ 		}
+ 	}
+ 
+-	wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s",
++	if (CONFIG_MSG_MIN_PRIORITY <= MSG_DEBUG){
++		wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s",
+ 		   config_fname, phy, iface ? "" : " --> new PHY");
++	}
++
+ 	if (iface) {
+ 		struct hostapd_config *conf;
+ 		struct hostapd_bss_config **tmp_conf;

hostapd: disable logging of wpa_passphrase

Commit Message

Comments

Patch