aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2019-09-17 10:36:22 (GMT)
committerJouni Malinen <j@w1.fi>2019-09-18 21:21:47 (GMT)
commit5a5639b0682379606a465515a7a04825ba6f307b (patch)
tree09ff7f1c492baa29a607e98accfa89244df98833
parent91a07031579a88982a4a780126f7f0e3e74de3c7 (diff)
downloadhostap-5a5639b0682379606a465515a7a04825ba6f307b.zip
hostap-5a5639b0682379606a465515a7a04825ba6f307b.tar.gz
hostap-5a5639b0682379606a465515a7a04825ba6f307b.tar.bz2
DPP: Allow name and mudurl to be configured for Config Request
The new hostapd and wpa_supplicant configuration parameters dpp_name and dpp_mud_url can now be used to set a specific name and MUD URL for the Enrollee to use in the Configuration Request. dpp_name replaces the previously hardcoded "Test" string (which is still the default if an explicit configuration entry is not included). dpp_mud_url can optionally be used to add a MUD URL to describe the Enrollee device. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-rw-r--r--hostapd/config_file.c6
-rw-r--r--hostapd/hostapd.conf14
-rw-r--r--src/ap/ap_config.c2
-rw-r--r--src/ap/ap_config.h2
-rw-r--r--src/ap/dpp_hostapd.c12
-rw-r--r--src/common/dpp.c75
-rw-r--r--src/common/dpp.h3
-rw-r--r--wpa_supplicant/config.c6
-rw-r--r--wpa_supplicant/config.h10
-rw-r--r--wpa_supplicant/dpp_supplicant.c18
-rw-r--r--wpa_supplicant/wpa_supplicant.conf20
11 files changed, 127 insertions, 41 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 0d340d2..db9d582 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -4327,6 +4327,12 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} else if (os_strcmp(buf, "broadcast_deauth") == 0) {
bss->broadcast_deauth = atoi(pos);
#ifdef CONFIG_DPP
+ } else if (os_strcmp(buf, "dpp_name") == 0) {
+ os_free(bss->dpp_name);
+ bss->dpp_name = os_strdup(pos);
+ } else if (os_strcmp(buf, "dpp_mud_url") == 0) {
+ os_free(bss->dpp_mud_url);
+ bss->dpp_mud_url = os_strdup(pos);
} else if (os_strcmp(buf, "dpp_connector") == 0) {
os_free(bss->dpp_connector);
bss->dpp_connector = os_strdup(pos);
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index a3c6984..e6d8472 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -2165,6 +2165,20 @@ own_ip_addr=127.0.0.1
# Allow cross connection
#allow_cross_connection=1
+##### Device Provisioning Protocol (DPP) ######################################
+
+# Name for Enrollee's DPP Configuration Request
+#dpp_name=Test
+
+# MUD URL for Enrollee's DPP Configuration Request (optional)
+#dpp_mud_url=https://example.com/mud
+
+#dpp_connector
+#dpp_netaccesskey
+#dpp_netaccesskey_expiry
+#dpp_csign
+#dpp_controller
+
#### TDLS (IEEE 802.11z-2010) #################################################
# Prohibit use of TDLS in this BSS
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index a1aa450..6704ade 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -841,6 +841,8 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
hostapd_config_free_fils_realms(conf);
#ifdef CONFIG_DPP
+ os_free(conf->dpp_name);
+ os_free(conf->dpp_mud_url);
os_free(conf->dpp_connector);
wpabuf_free(conf->dpp_netaccesskey);
wpabuf_free(conf->dpp_csign);
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 17eb068..d6052e1 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -707,6 +707,8 @@ struct hostapd_bss_config {
int broadcast_deauth;
#ifdef CONFIG_DPP
+ char *dpp_name;
+ char *dpp_mud_url;
char *dpp_connector;
struct wpabuf *dpp_netaccesskey;
unsigned int dpp_netaccesskey_expiry;
diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c
index 6c3e11e..91bbb01 100644
--- a/src/ap/dpp_hostapd.c
+++ b/src/ap/dpp_hostapd.c
@@ -765,18 +765,10 @@ static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd)
{
struct dpp_authentication *auth = hapd->dpp_auth;
struct wpabuf *buf;
- char json[100];
int res;
- int netrole_ap = 1;
- os_snprintf(json, sizeof(json),
- "{\"name\":\"Test\","
- "\"wi-fi_tech\":\"infra\","
- "\"netRole\":\"%s\"}",
- netrole_ap ? "ap" : "sta");
- wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json);
-
- buf = dpp_build_conf_req(auth, json);
+ buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name, 1,
+ hapd->conf->dpp_mud_url);
if (!buf) {
wpa_printf(MSG_DEBUG,
"DPP: No configuration request data available");
diff --git a/src/common/dpp.c b/src/common/dpp.c
index d35c82e..6d6fbfb 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2376,7 +2376,7 @@ static struct wpabuf * dpp_build_conf_req_attr(struct dpp_authentication *auth,
}
wpa_hexdump(MSG_DEBUG, "DPP: E-nonce", auth->e_nonce, nonce_len);
json_len = os_strlen(json);
- wpa_hexdump_ascii(MSG_DEBUG, "DPP: configAttr JSON", json, json_len);
+ wpa_hexdump_ascii(MSG_DEBUG, "DPP: configRequest JSON", json, json_len);
/* { E-nonce, configAttrib }ke */
clear_len = 4 + nonce_len + 4 + json_len;
@@ -2512,6 +2512,59 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
}
+struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
+ const char *name, int netrole_ap,
+ const char *mud_url)
+{
+ size_t len, nlen;
+ const char *tech = "infra";
+ const char *dpp_name;
+ char *nbuf;
+ struct wpabuf *buf, *json;
+
+#ifdef CONFIG_TESTING_OPTIONS
+ if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) {
+ static const char *bogus_tech = "knfra";
+
+ wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr");
+ tech = bogus_tech;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
+
+ dpp_name = name ? name : "Test";
+ len = os_strlen(dpp_name);
+ nlen = len * 6 + 1;
+ nbuf = os_malloc(nlen);
+ if (!nbuf)
+ return NULL;
+ json_escape_string(nbuf, nlen, dpp_name, len);
+
+ len = 100 + os_strlen(nbuf);
+ if (mud_url && mud_url[0])
+ len += 10 + os_strlen(mud_url);
+ json = wpabuf_alloc(len);
+ if (!json) {
+ os_free(nbuf);
+ return NULL;
+ }
+
+ wpabuf_printf(json,
+ "{\"name\":\"%s\","
+ "\"wi-fi_tech\":\"%s\","
+ "\"netRole\":\"%s\"",
+ nbuf, tech, netrole_ap ? "ap" : "sta");
+ if (mud_url && mud_url[0])
+ wpabuf_printf(json, ",\"mudurl\":\"%s\"", mud_url);
+ wpabuf_put_str(json, "}");
+ os_free(nbuf);
+
+ buf = dpp_build_conf_req(auth, wpabuf_head(json));
+ wpabuf_free(json);
+
+ return buf;
+}
+
+
static void dpp_auth_success(struct dpp_authentication *auth)
{
wpa_printf(MSG_DEBUG,
@@ -5102,6 +5155,10 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
goto fail;
}
+ token = json_get_member(root, "mudurl");
+ if (token && token->type == JSON_STRING)
+ wpa_printf(MSG_DEBUG, "DPP: mudurl = '%s'", token->string);
+
resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, ap);
fail:
@@ -9194,23 +9251,9 @@ static void dpp_controller_start_gas_client(struct dpp_connection *conn)
{
struct dpp_authentication *auth = conn->auth;
struct wpabuf *buf;
- char json[100];
int netrole_ap = 0; /* TODO: make this configurable */
- os_snprintf(json, sizeof(json),
- "{\"name\":\"Test\","
- "\"wi-fi_tech\":\"infra\","
- "\"netRole\":\"%s\"}",
- netrole_ap ? "ap" : "sta");
-#ifdef CONFIG_TESTING_OPTIONS
- if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) {
- wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr");
- json[29] = 'k'; /* replace "infra" with "knfra" */
- }
-#endif /* CONFIG_TESTING_OPTIONS */
- wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json);
-
- buf = dpp_build_conf_req(auth, json);
+ buf = dpp_build_conf_req_helper(auth, "Test", netrole_ap, NULL);
if (!buf) {
wpa_printf(MSG_DEBUG,
"DPP: No configuration request data available");
diff --git a/src/common/dpp.h b/src/common/dpp.h
index d560f4b..9870e3d 100644
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -420,6 +420,9 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
const u8 *attr_start, size_t attr_len);
struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth,
const char *json);
+struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth,
+ const char *name, int netrole_ap,
+ const char *mud_url);
int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
const u8 *attr_start, size_t attr_len);
int dpp_notify_new_qr_code(struct dpp_authentication *auth,
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 0467af9..5ad6fc7 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -2881,6 +2881,8 @@ void wpa_config_free(struct wpa_config *config)
#ifdef CONFIG_MBO
os_free(config->non_pref_chan);
#endif /* CONFIG_MBO */
+ os_free(config->dpp_name);
+ os_free(config->dpp_mud_url);
os_free(config);
}
@@ -5020,7 +5022,11 @@ static const struct global_parse_data global_fields[] = {
{ INT_RANGE(ftm_initiator, 0, 1), 0 },
{ INT(gas_rand_addr_lifetime), 0 },
{ INT_RANGE(gas_rand_mac_addr, 0, 2), 0 },
+#ifdef CONFIG_DPP
{ INT_RANGE(dpp_config_processing, 0, 2), 0 },
+ { STR(dpp_name), 0 },
+ { STR(dpp_mud_url), 0 },
+#endif /* CONFIG_DPP */
{ INT_RANGE(coloc_intf_reporting, 0, 1), 0 },
#ifdef CONFIG_WNM
{ INT_RANGE(disable_btm, 0, 1), CFG_CHANGED_DISABLE_BTM },
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index 5b5c2fd..1734e00 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -1497,6 +1497,16 @@ struct wpa_config {
int dpp_config_processing;
/**
+ * dpp_name - Name for Enrollee's DPP Configuration Request
+ */
+ char *dpp_name;
+
+ /**
+ * dpp_mud_url - MUD URL for Enrollee's DPP Configuration Request
+ */
+ char *dpp_mud_url;
+
+ /**
* coloc_intf_reporting - Colocated interference reporting
*
* dot11CoLocIntfReportingActivated
diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c
index 020a6d0..29a50f3 100644
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -1251,27 +1251,15 @@ static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
{
struct dpp_authentication *auth = wpa_s->dpp_auth;
struct wpabuf *buf;
- char json[100];
int res;
wpa_s->dpp_gas_client = 1;
- os_snprintf(json, sizeof(json),
- "{\"name\":\"Test\","
- "\"wi-fi_tech\":\"infra\","
- "\"netRole\":\"%s\"}",
- wpa_s->dpp_netrole_ap ? "ap" : "sta");
-#ifdef CONFIG_TESTING_OPTIONS
- if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) {
- wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr");
- json[29] = 'k'; /* replace "infra" with "knfra" */
- }
-#endif /* CONFIG_TESTING_OPTIONS */
- wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json);
-
offchannel_send_action_done(wpa_s);
wpas_dpp_listen_stop(wpa_s);
- buf = dpp_build_conf_req(auth, json);
+ buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
+ wpa_s->dpp_netrole_ap,
+ wpa_s->conf->dpp_mud_url);
if (!buf) {
wpa_printf(MSG_DEBUG,
"DPP: No configuration request data available");
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index 26df78a..0babadc 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -311,6 +311,26 @@ fast_reauth=1
# by executing the WPS protocol.
#wps_priority=0
+# Device Provisioning Protocol (DPP) parameters
+#
+# How to process DPP configuration
+# 0 = report received configuration to an external program for
+# processing; do not generate any network profile internally (default)
+# 1 = report received configuration to an external program and generate
+# a network profile internally, but do not automatically connect
+# to the created (disabled) profile; the network profile id is
+# reported to external programs
+# 2 = report received configuration to an external program, generate
+# a network profile internally, try to connect to the created
+# profile automatically
+#dpp_config_processing=0
+#
+# Name for Enrollee's DPP Configuration Request
+#dpp_name=Test
+#
+# MUD URL for Enrollee's DPP Configuration Request (optional)
+#dpp_mud_url=https://example.com/mud
+
# Maximum number of BSS entries to keep in memory
# Default: 200
# This can be used to limit memory use on the BSS entries (cached scan