Re: setEnvironmentVariable DBus method for wpasupplicant

Dan Williams <dcbw redhat com> writes:

> On Thu, 2008-07-24 at 02:29 +0900, David Smith wrote:
>> Hi,
>> For implementing PKCS#11 support in the network manager gnome applet
>> using gnome keyring as the backing store, it's necessary to tell
>> wpasupplicant the environment variable of GNOME_KEYRING_SOCKET before
>> loading the gnome keyring PKCS#11 library. This socket will be protected
>> to the local user, but since wpasupplicant must run as root, it should
>> be able to access it and indeed it must.
>> This issue is currently being discussed in network manager's bugzilla at
>> .
>> Attached is a patch to add a DBus interface to set environment variables
>> in wpasupplicant. I hope this is an acceptable compromise. In the long
>> term, a better interface from keyring might be made available and then
>> any necessary changes to wpasupplicant could be made at that time, but
>> for now this is a rather trivial addition that would primarily be useful
>> for working with the current implementation.
> I think the real fix for this is to get Gnome Keyring using D-Bus, not
> sockets.  That needs to be done anyway. 

Yeah, ignore this patch. I have another patch waiting for wpasupplicant
to give it another configuration variable, pkcs11_init_args, that's settable
over DBus. We'll pass to wpasupplicant the value of
org.gnome.keyring.Daemon.GetSocketPath() as an init arg instead of using
the environment variable.

I haven't sent the patch to wpasupplicant yet because it depends on a
patch to the PKCS#11 OpenSSL engine and libp11, both from OpenSC, that I
sent them a few days ago. See
. Nobody from OpenSC has responded yet but hopefully they will soon.

> This sort of call in the supplicant seems really ugly to me.

It seems we all agree on at least that :)

- dds

Attachment: pgpNVe7v3ojje.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]