HS 2.0R2: Configure OSU client trust root more consistently

Some of the code paths could have ended up ignoring CA file name from
command line due to overly complex way of setting ctx->ca_fname.
Configure this more consistently in osu_client.c as soon as the CA file
name has been determined.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/hs20/client/oma_dm_client.c b/hs20/client/oma_dm_client.c
index 8fc350b1dd255f7b1cae67902b1d98eb2e81e89a..82e9106230f67241fcf77d6763d8b94d9273ce73 100644 (file)
--- a/hs20/client/oma_dm_client.c
+++ b/hs20/client/oma_dm_client.c
@@ -1,6 +1,6 @@
 /*
  * Hotspot 2.0 - OMA DM client
- * Copyright (c) 2013, Qualcomm Atheros, Inc.
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -909,7 +909,7 @@ static int oma_dm_get_cmdid(struct hs20_osu_client *ctx, xml_node_t *node)
 
 static xml_node_t * oma_dm_send_recv(struct hs20_osu_client *ctx,
                                     const char *url, xml_node_t *syncml,
-                                    const char *ext_hdr, const char *ca_fname,
+                                    const char *ext_hdr,
                                     const char *username, const char *password,
                                     const char *client_cert,
                                     const char *client_key)
@@ -928,7 +928,7 @@ static xml_node_t * oma_dm_send_recv(struct hs20_osu_client *ctx,
        os_free(ctx->server_url);
        ctx->server_url = os_strdup(url);
        res = http_post(ctx->http, url, str, "application/vnd.syncml.dm+xml",
-                       ext_hdr, ca_fname, username, password,
+                       ext_hdr, ctx->ca_fname, username, password,
                        client_cert, client_key, NULL);
        os_free(str);
        os_free(resp_uri);
@@ -1123,8 +1123,7 @@ static xml_node_t * oma_dm_process(struct hs20_osu_client *ctx, const char *url,
 }
 
 
-int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url,
-                   const char *ca_fname)
+int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url)
 {
        xml_node_t *syncml, *resp;
        char *resp_uri = NULL;
@@ -1145,8 +1144,7 @@ int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url,
 
        while (syncml) {
                resp = oma_dm_send_recv(ctx, resp_uri ? resp_uri : url,
-                                       syncml, NULL, ca_fname, NULL, NULL,
-                                       NULL, NULL);
+                                       syncml, NULL, NULL, NULL, NULL, NULL);
                if (resp == NULL)
                        return -1;
 
@@ -1162,8 +1160,7 @@ int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url,
 }
 
 
-int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url,
-                       const char *ca_fname)
+int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url)
 {
        xml_node_t *syncml, *resp;
        char *resp_uri = NULL;
@@ -1192,8 +1189,7 @@ int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url,
 
        while (syncml) {
                resp = oma_dm_send_recv(ctx, resp_uri ? resp_uri : url,
-                                       syncml, NULL, ca_fname, NULL, NULL,
-                                       NULL, NULL);
+                                       syncml, NULL, NULL, NULL, NULL, NULL);
                if (resp == NULL)
                        return -1;
 
@@ -1223,7 +1219,7 @@ int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url,
 
 
 void oma_dm_pol_upd(struct hs20_osu_client *ctx, const char *address,
-                   const char *pps_fname, const char *ca_fname,
+                   const char *pps_fname,
                    const char *client_cert, const char *client_key,
                    const char *cred_username, const char *cred_password,
                    xml_node_t *pps)
@@ -1242,7 +1238,7 @@ void oma_dm_pol_upd(struct hs20_osu_client *ctx, const char *address,
 
        while (syncml) {
                resp = oma_dm_send_recv(ctx, resp_uri ? resp_uri : address,
-                                       syncml, NULL, ca_fname, cred_username,
+                                       syncml, NULL, cred_username,
                                        cred_password, client_cert, client_key);
                if (resp == NULL)
                        return;
@@ -1270,7 +1266,7 @@ void oma_dm_pol_upd(struct hs20_osu_client *ctx, const char *address,
 
 
 void oma_dm_sub_rem(struct hs20_osu_client *ctx, const char *address,
-                   const char *pps_fname, const char *ca_fname,
+                   const char *pps_fname,
                    const char *client_cert, const char *client_key,
                    const char *cred_username, const char *cred_password,
                    xml_node_t *pps)
@@ -1289,7 +1285,7 @@ void oma_dm_sub_rem(struct hs20_osu_client *ctx, const char *address,
 
        while (syncml) {
                resp = oma_dm_send_recv(ctx, resp_uri ? resp_uri : address,
-                                       syncml, NULL, ca_fname, cred_username,
+                                       syncml, NULL, cred_username,
                                        cred_password, client_cert, client_key);
                if (resp == NULL)
                        return;

diff --git a/hs20/client/osu_client.c b/hs20/client/osu_client.c
index 2175fc353030c1eed9e33c2d38df226be7c362a5..6e6de6574045e755e86e26585e5a0ca586a9bb85 100644 (file)
--- a/hs20/client/osu_client.c
+++ b/hs20/client/osu_client.c
@@ -1,6 +1,6 @@
 /*
  * Hotspot 2.0 OSU client
- * Copyright (c) 2012-2013, Qualcomm Atheros, Inc.
+ * Copyright (c) 2012-2014, Qualcomm Atheros, Inc.
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -1993,7 +1993,7 @@ static struct osu_data * parse_osu_providers(const char *fname, size_t *count)
 
 
 static int osu_connect(struct hs20_osu_client *ctx, const char *bssid,
-                      const char *ssid, const char *url, const char *ca_fname,
+                      const char *ssid, const char *url,
                       unsigned int methods, int no_prod_assoc,
                       const char *osu_nai)
 {
@@ -2068,9 +2068,9 @@ static int osu_connect(struct hs20_osu_client *ctx, const char *bssid,
 
        ctx->no_reconnect = 1;
        if (methods & 0x02)
-               res = cmd_prov(ctx, url, ca_fname);
+               res = cmd_prov(ctx, url);
        else if (methods & 0x01)
-               res = cmd_oma_dm_prov(ctx, url, ca_fname);
+               res = cmd_oma_dm_prov(ctx, url);
 
        wpa_printf(MSG_INFO, "Remove OSU network connection");
        write_summary(ctx, "Remove OSU network connection");
@@ -2093,7 +2093,7 @@ static int osu_connect(struct hs20_osu_client *ctx, const char *bssid,
 
 
 static int cmd_osu_select(struct hs20_osu_client *ctx, const char *dir,
-                         int connect, const char *ca_fname, int no_prod_assoc,
+                         int connect, int no_prod_assoc,
                          const char *friendly_name)
 {
        char fname[255];
@@ -2264,14 +2264,14 @@ selected:
 
                if (connect == 2) {
                        if (last->methods & 0x02)
-                               ret = cmd_prov(ctx, last->url, ca_fname);
+                               ret = cmd_prov(ctx, last->url);
                        else if (last->methods & 0x01)
-                               ret = cmd_oma_dm_prov(ctx, last->url, ca_fname);
+                               ret = cmd_oma_dm_prov(ctx, last->url);
                        else
                                ret = -1;
                } else if (connect)
                        ret = osu_connect(ctx, last->bssid, last->osu_ssid,
-                                         last->url, ca_fname, last->methods,
+                                         last->url, last->methods,
                                          no_prod_assoc, last->osu_nai);
        } else
                ret = -1;
@@ -2282,8 +2282,8 @@ selected:
 }
 
 
-static int cmd_signup(struct hs20_osu_client *ctx, const char *ca_fname,
-                     int no_prod_assoc, const char *friendly_name)
+static int cmd_signup(struct hs20_osu_client *ctx, int no_prod_assoc,
+                     const char *friendly_name)
 {
        char dir[255];
        char fname[300], buf[400];
@@ -2334,8 +2334,7 @@ static int cmd_signup(struct hs20_osu_client *ctx, const char *ca_fname,
        }
        wpa_printf(MSG_INFO, "OSU provider fetch completed");
 
-       return cmd_osu_select(ctx, fname, 1, ca_fname, no_prod_assoc,
-                             friendly_name);
+       return cmd_osu_select(ctx, fname, 1, no_prod_assoc, friendly_name);
 }
 
 
@@ -2354,8 +2353,6 @@ static void cmd_sub_rem(struct hs20_osu_client *ctx, const char *address,
        char *client_key = NULL;
        int spp;
 
-       ctx->ca_fname = ca_fname;
-
        wpa_printf(MSG_INFO, "Subscription remediation requested with Server URL: %s",
                   address);
 
@@ -2399,6 +2396,7 @@ static void cmd_sub_rem(struct hs20_osu_client *ctx, const char *address,
                return;
        }
        wpa_printf(MSG_INFO, "Using server trust root: %s", ca_fname);
+       ctx->ca_fname = ca_fname;
 
        pps = node_from_file(ctx->xml, pps_fname);
        if (pps == NULL) {
@@ -2482,11 +2480,11 @@ static void cmd_sub_rem(struct hs20_osu_client *ctx, const char *address,
        }
 
        if (spp)
-               spp_sub_rem(ctx, address, pps_fname, ca_fname,
+               spp_sub_rem(ctx, address, pps_fname,
                            client_cert, client_key,
                            cred_username, cred_password, pps);
        else
-               oma_dm_sub_rem(ctx, address, pps_fname, ca_fname,
+               oma_dm_sub_rem(ctx, address, pps_fname,
                               client_cert, client_key,
                               cred_username, cred_password, pps);
 
@@ -2555,6 +2553,7 @@ static int cmd_pol_upd(struct hs20_osu_client *ctx, const char *address,
                return -1;
        }
        wpa_printf(MSG_INFO, "Using server trust root: %s", ca_fname);
+       ctx->ca_fname = ca_fname;
 
        pps = node_from_file(ctx->xml, pps_fname);
        if (pps == NULL) {
@@ -2628,11 +2627,11 @@ static int cmd_pol_upd(struct hs20_osu_client *ctx, const char *address,
        }
 
        if (spp)
-               spp_pol_upd(ctx, address, pps_fname, ca_fname,
+               spp_pol_upd(ctx, address, pps_fname,
                            client_cert, client_key,
                            cred_username, cred_password, pps);
        else
-               oma_dm_pol_upd(ctx, address, pps_fname, ca_fname,
+               oma_dm_pol_upd(ctx, address, pps_fname,
                               client_cert, client_key,
                               cred_username, cred_password, pps);
 
@@ -3077,13 +3076,15 @@ int main(int argc, char *argv[])
                        usage();
                        exit(0);
                }
-               cmd_prov(&ctx, argv[optind + 1], argv[optind + 2]);
+               ctx.ca_fname = argv[optind + 2];
+               cmd_prov(&ctx, argv[optind + 1]);
        } else if (strcmp(argv[optind], "sim_prov") == 0) {
                if (argc - optind < 2) {
                        usage();
                        exit(0);
                }
-               cmd_sim_prov(&ctx, argv[optind + 1], argv[optind + 2]);
+               ctx.ca_fname = argv[optind + 2];
+               cmd_sim_prov(&ctx, argv[optind + 1]);
        } else if (strcmp(argv[optind], "dl_osu_ca") == 0) {
                if (argc - optind < 2) {
                        usage();
@@ -3107,13 +3108,11 @@ int main(int argc, char *argv[])
                        usage();
                        exit(0);
                }
-               cmd_osu_select(&ctx, argv[optind + 1], 2,
-                              argc > optind + 2 ? argv[optind + 2] : NULL,
-                              1, NULL);
+               ctx.ca_fname = argc > optind + 2 ? argv[optind + 2] : NULL;
+               cmd_osu_select(&ctx, argv[optind + 1], 2, 1, NULL);
        } else if (strcmp(argv[optind], "signup") == 0) {
-               ret = cmd_signup(&ctx,
-                                argc > optind + 1 ? argv[optind + 1] : NULL,
-                                no_prod_assoc, friendly_name);
+               ctx.ca_fname = argc > optind + 1 ? argv[optind + 1] : NULL;
+               ret = cmd_signup(&ctx, no_prod_assoc, friendly_name);
        } else if (strcmp(argv[optind], "set_pps") == 0) {
                if (argc - optind < 2) {
                        usage();
@@ -3131,14 +3130,15 @@ int main(int argc, char *argv[])
                        usage();
                        exit(0);
                }
-               cmd_oma_dm_prov(&ctx, argv[optind + 1], argv[optind + 2]);
+               ctx.ca_fname = argv[optind + 2];
+               cmd_oma_dm_prov(&ctx, argv[optind + 1]);
        } else if (strcmp(argv[optind], "oma_dm_sim_prov") == 0) {
                if (argc - optind < 2) {
                        usage();
                        exit(0);
                }
-               if (cmd_oma_dm_sim_prov(&ctx, argv[optind + 1],
-                                       argv[optind + 2]) < 0) {
+               ctx.ca_fname = argv[optind + 2];
+               if (cmd_oma_dm_sim_prov(&ctx, argv[optind + 1]) < 0) {
                        write_summary(&ctx, "Failed to complete OMA DM SIM provisioning");
                        return -1;
                }

diff --git a/hs20/client/osu_client.h b/hs20/client/osu_client.h
index ef568b49af880cb031fb81edbd317ec1ae4ef0e6..092d6e1ae7371f8de7da0bea3f0d4e2b8430d369 100644 (file)
--- a/hs20/client/osu_client.h
+++ b/hs20/client/osu_client.h
@@ -1,6 +1,6 @@
 /*
  * Hotspot 2.0 - OSU client
- * Copyright (c) 2013, Qualcomm Atheros, Inc.
+ * Copyright (c) 2013-2014, Qualcomm Atheros, Inc.
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -73,39 +73,35 @@ void cmd_set_pps(struct hs20_osu_client *ctx, const char *pps_fname);
 /* spp_client.c */
 
 void spp_sub_rem(struct hs20_osu_client *ctx, const char *address,
-                const char *pps_fname, const char *ca_fname,
+                const char *pps_fname,
                 const char *client_cert, const char *client_key,
                 const char *cred_username, const char *cred_password,
                 xml_node_t *pps);
 void spp_pol_upd(struct hs20_osu_client *ctx, const char *address,
-                const char *pps_fname, const char *ca_fname,
+                const char *pps_fname,
                 const char *client_cert, const char *client_key,
                 const char *cred_username, const char *cred_password,
                 xml_node_t *pps);
-int cmd_prov(struct hs20_osu_client *ctx, const char *url,
-            const char *ca_fname);
-int cmd_sim_prov(struct hs20_osu_client *ctx, const char *url,
-                const char *ca_fname);
+int cmd_prov(struct hs20_osu_client *ctx, const char *url);
+int cmd_sim_prov(struct hs20_osu_client *ctx, const char *url);
 
 
 /* oma_dm_client.c */
 
-int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url,
-                   const char *ca_fname);
-int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url,
-                       const char *ca_fname);
+int cmd_oma_dm_prov(struct hs20_osu_client *ctx, const char *url);
+int cmd_oma_dm_sim_prov(struct hs20_osu_client *ctx, const char *url);
 void oma_dm_sub_rem(struct hs20_osu_client *ctx, const char *address,
-                   const char *pps_fname, const char *ca_fname,
+                   const char *pps_fname,
                    const char *client_cert, const char *client_key,
                    const char *cred_username, const char *cred_password,
                    xml_node_t *pps);
 void oma_dm_pol_upd(struct hs20_osu_client *ctx, const char *address,
-                   const char *pps_fname, const char *ca_fname,
+                   const char *pps_fname,
                    const char *client_cert, const char *client_key,
                    const char *cred_username, const char *cred_password,
                    xml_node_t *pps);
 void cmd_oma_dm_sub_rem(struct hs20_osu_client *ctx, const char *address,
-                       const char *pps_fname, const char *ca_fname);
+                       const char *pps_fname);
 void cmd_oma_dm_add(struct hs20_osu_client *ctx, const char *pps_fname,
                    const char *add_fname);
 void cmd_oma_dm_replace(struct hs20_osu_client *ctx, const char *pps_fname,

diff --git a/hs20/client/spp_client.c b/hs20/client/spp_client.c
index 8022ccbbfe4d69e3fae9951519c4dcb2d30fd957..302a05040df6a09354e8908a91970ccf7f88c7e7 100644 (file)
--- a/hs20/client/spp_client.c
+++ b/hs20/client/spp_client.c
@@ -1,6 +1,6 @@
 /*
  * Hotspot 2.0 SPP client
- * Copyright (c) 2012-2013, Qualcomm Atheros, Inc.
+ * Copyright (c) 2012-2014, Qualcomm Atheros, Inc.
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -776,7 +776,7 @@ static int spp_post_dev_data(struct hs20_osu_client *ctx,
 
 
 void spp_sub_rem(struct hs20_osu_client *ctx, const char *address,
-                const char *pps_fname, const char *ca_fname,
+                const char *pps_fname,
                 const char *client_cert, const char *client_key,
                 const char *cred_username, const char *cred_password,
                 xml_node_t *pps)
@@ -787,7 +787,7 @@ void spp_sub_rem(struct hs20_osu_client *ctx, const char *address,
        os_free(ctx->server_url);
        ctx->server_url = os_strdup(address);
 
-       if (soap_init_client(ctx->http, address, ca_fname,
+       if (soap_init_client(ctx->http, address, ctx->ca_fname,
                             cred_username, cred_password, client_cert,
                             client_key) == 0) {
                spp_post_dev_data(ctx, SPP_SUBSCRIPTION_REMEDIATION,
@@ -923,7 +923,7 @@ static int hs20_spp_update_response(struct hs20_osu_client *ctx,
 
 
 void spp_pol_upd(struct hs20_osu_client *ctx, const char *address,
-                const char *pps_fname, const char *ca_fname,
+                const char *pps_fname,
                 const char *client_cert, const char *client_key,
                 const char *cred_username, const char *cred_password,
                 xml_node_t *pps)
@@ -934,7 +934,7 @@ void spp_pol_upd(struct hs20_osu_client *ctx, const char *address,
        os_free(ctx->server_url);
        ctx->server_url = os_strdup(address);
 
-       if (soap_init_client(ctx->http, address, ca_fname, cred_username,
+       if (soap_init_client(ctx->http, address, ctx->ca_fname, cred_username,
                             cred_password, client_cert, client_key) == 0) {
                spp_post_dev_data(ctx, SPP_POLICY_UPDATE, "Policy update",
                                  pps_fname, pps);
@@ -942,14 +942,11 @@ void spp_pol_upd(struct hs20_osu_client *ctx, const char *address,
 }
 
 
-int cmd_prov(struct hs20_osu_client *ctx, const char *url,
-            const char *ca_fname)
+int cmd_prov(struct hs20_osu_client *ctx, const char *url)
 {
        unlink("Cert/est_cert.der");
        unlink("Cert/est_cert.pem");
 
-       ctx->ca_fname = ca_fname;
-
        if (url == NULL) {
                wpa_printf(MSG_INFO, "Invalid prov command (missing URL)");
                return -1;
@@ -960,8 +957,8 @@ int cmd_prov(struct hs20_osu_client *ctx, const char *url,
        os_free(ctx->server_url);
        ctx->server_url = os_strdup(url);
 
-       if (soap_init_client(ctx->http, url, ca_fname, NULL, NULL, NULL, NULL) <
-           0)
+       if (soap_init_client(ctx->http, url, ctx->ca_fname, NULL, NULL, NULL,
+                            NULL) < 0)
                return -1;
        spp_post_dev_data(ctx, SPP_SUBSCRIPTION_REGISTRATION,
                          "Subscription registration", NULL, NULL);
@@ -970,11 +967,8 @@ int cmd_prov(struct hs20_osu_client *ctx, const char *url,
 }
 
 
-int cmd_sim_prov(struct hs20_osu_client *ctx, const char *url,
-            const char *ca_fname)
+int cmd_sim_prov(struct hs20_osu_client *ctx, const char *url)
 {
-       ctx->ca_fname = ca_fname;
-
        if (url == NULL) {
                wpa_printf(MSG_INFO, "Invalid prov command (missing URL)");
                return -1;
@@ -991,8 +985,8 @@ int cmd_sim_prov(struct hs20_osu_client *ctx, const char *url,
                wpa_printf(MSG_INFO, "Could not get IP address for WLAN - try connection anyway");
        }
 
-       if (soap_init_client(ctx->http, url, ca_fname, NULL, NULL, NULL, NULL) <
-           0)
+       if (soap_init_client(ctx->http, url, ctx->ca_fname, NULL, NULL, NULL,
+                            NULL) < 0)
                return -1;
        spp_post_dev_data(ctx, SPP_SUBSCRIPTION_REGISTRATION,
                          "Subscription provisioning", NULL, NULL);