On Fri, Nov 17, 2017 at 11:41:57AM +0100, Stefan Sperling wrote:
> There have been several instances of people mailing out WPA keys as
> part of ifconfig output, e.g. in bug reports. This happens when you
> run ifconfig as root and copy/paste without thinking.
>
> I see no real need to ever show the key except in circumstances where
> the key needs to be legitimately passed on to someone else ("do you
> happen to know the wifi key?" in a bar). Though for devices which
> want the plaintext passphrase instead of the hashed key our ifconfig
> output is already useless for this purpose anyway.
>
> This diff makes the WPA key available only if the interface is in
> debug mode (suggestion by phessler). If this is acceptable then I
> can also try to squeeze a hint into the ifconfig man page so that
> this mechanism can be discovered by those who don't read kernel code.
>
> OK?
I wanted this for so long, but never bugged me enough to fix it.
Thanks for that and OK!
>
> Index: ieee80211_ioctl.c
> ===================================================================
> RCS file: /cvs/src/sys/net80211/ieee80211_ioctl.c,v
> retrieving revision 1.55
> diff -u -p -r1.55 ieee80211_ioctl.c
> --- ieee80211_ioctl.c 27 Oct 2017 12:22:40 -0000 1.55
> +++ ieee80211_ioctl.c 17 Nov 2017 10:13:06 -0000
> @@ -491,8 +491,8 @@ ieee80211_ioctl(struct ifnet *ifp, u_lon
> psk = (struct ieee80211_wpapsk *)data;
> if (ic->ic_flags & IEEE80211_F_PSK) {
> psk->i_enabled = 1;
> - /* do not show any keys to non-root user */
> - if (suser(curproc, 0) != 0) {
> + if (suser(curproc, 0) != 0 ||
> + (ifp->if_flags & IFF_DEBUG) == 0) {
> psk->i_enabled = 2;
> memset(psk->i_psk, 0, sizeof(psk->i_psk));
> break; /* return ok but w/o key */
