aboutsummaryrefslogtreecommitdiffstats
path: root/src/radius
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2018-06-21 17:50:54 (GMT)
committerJouni Malinen <j@w1.fi>2018-06-21 17:50:54 (GMT)
commitd4e39c51f8bb5812aea95c38d11e8f9169fda2ee (patch)
tree12392a455129d2fd94f9ba1465e9d099be2f1df3 /src/radius
parente6f8042d179208f42bce7637d680b3034d1db206 (diff)
downloadhostap-d4e39c51f8bb5812aea95c38d11e8f9169fda2ee.zip
hostap-d4e39c51f8bb5812aea95c38d11e8f9169fda2ee.tar.gz
hostap-d4e39c51f8bb5812aea95c38d11e8f9169fda2ee.tar.bz2
HS 2.0: Move Terms and Conditions Server URL generation from AP to AS
This makes it more convenient to generate the URL in a way that interoperates between different vendors. The AP is simply copying the already constructed URL as-is from Access-Accept to WNM-Notification. This means that the HO AAA can generate the URL in a manner that works for the associated T&C Server without having to coordinate with each AP. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'src/radius')
-rw-r--r--src/radius/radius.h1
-rw-r--r--src/radius/radius_server.c50
-rw-r--r--src/radius/radius_server.h2
3 files changed, 53 insertions, 0 deletions
diff --git a/src/radius/radius.h b/src/radius/radius.h
index 55185df..630c0f9 100644
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
@@ -202,6 +202,7 @@ enum {
RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILENAME = 7,
RADIUS_VENDOR_ATTR_WFA_HS20_TIMESTAMP = 8,
RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING = 9,
+ RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL = 10,
};
#ifdef _MSC_VER
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 17c9087..27e2050 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -350,6 +350,8 @@ struct radius_server_data {
char *subscr_remediation_url;
u8 subscr_remediation_method;
+ char *t_c_server_url;
+
#ifdef CONFIG_SQLITE
sqlite3 *db;
#endif /* CONFIG_SQLITE */
@@ -884,12 +886,56 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->t_c_filtering) {
u8 buf[4] = { 0x01, 0x00, 0x00, 0x00 }; /* E=1 */
+ const char *url = data->t_c_server_url, *pos;
+ char *url2, *end2, *pos2;
+ size_t url_len;
if (!radius_msg_add_wfa(
msg, RADIUS_VENDOR_ATTR_WFA_HS20_T_C_FILTERING,
buf, sizeof(buf))) {
RADIUS_DEBUG("Failed to add WFA-HS20-T-C-Filtering");
+ radius_msg_free(msg);
+ return NULL;
+ }
+
+ if (!url) {
+ RADIUS_DEBUG("No t_c_server_url configured");
+ radius_msg_free(msg);
+ return NULL;
+ }
+
+ pos = os_strstr(url, "@1@");
+ if (!pos) {
+ RADIUS_DEBUG("No @1@ macro in t_c_server_url");
+ radius_msg_free(msg);
+ return NULL;
+ }
+
+ url_len = os_strlen(url) + ETH_ALEN * 3 - 1 - 3;
+ url2 = os_malloc(url_len);
+ if (!url2) {
+ RADIUS_DEBUG("Failed to allocate room for T&C Server URL");
+ os_free(url2);
+ radius_msg_free(msg);
+ return NULL;
}
+ pos2 = url2;
+ end2 = url2 + url_len;
+ os_memcpy(pos2, url, pos - url);
+ pos2 += pos - url;
+ os_snprintf(pos2, end2 - pos2, MACSTR, MAC2STR(sess->mac_addr));
+ pos2 += ETH_ALEN * 3 - 1;
+ os_memcpy(pos2, pos + 3, os_strlen(pos + 3));
+ if (!radius_msg_add_wfa(msg,
+ RADIUS_VENDOR_ATTR_WFA_HS20_T_C_URL,
+ (const u8 *) url2, url_len)) {
+ RADIUS_DEBUG("Failed to add WFA-HS20-T-C-URL");
+ os_free(url2);
+ radius_msg_free(msg);
+ return NULL;
+ }
+ os_free(url2);
+
radius_srv_hs20_t_c_pending(sess);
}
#endif /* CONFIG_HS20 */
@@ -1894,6 +1940,9 @@ radius_server_init(struct radius_server_conf *conf)
}
data->subscr_remediation_method = conf->subscr_remediation_method;
+ if (conf->t_c_server_url)
+ data->t_c_server_url = os_strdup(conf->t_c_server_url);
+
#ifdef CONFIG_SQLITE
if (conf->sqlite_file) {
if (sqlite3_open(conf->sqlite_file, &data->db)) {
@@ -2010,6 +2059,7 @@ void radius_server_deinit(struct radius_server_data *data)
os_free(data->dump_msk_file);
#endif /* CONFIG_RADIUS_TEST */
os_free(data->subscr_remediation_url);
+ os_free(data->t_c_server_url);
#ifdef CONFIG_SQLITE
if (data->db)
diff --git a/src/radius/radius_server.h b/src/radius/radius_server.h
index 996f00e..298f3c1 100644
--- a/src/radius/radius_server.h
+++ b/src/radius/radius_server.h
@@ -233,6 +233,8 @@ struct radius_server_conf {
char *subscr_remediation_url;
u8 subscr_remediation_method;
+
+ char *t_c_server_url;
};