os_free(bss->hs20_operating_class);
bss->hs20_operating_class = oper_class;
bss->hs20_operating_class_len = oper_class_len;
- } else if (os_strcmp(buf, "subscr_remediation_url") == 0) {
- os_free(bss->subscr_remediation_url);
- bss->subscr_remediation_url = os_strdup(pos);
- } else if (os_strcmp(buf, "subscr_remediation_method") == 0) {
- bss->subscr_remediation_method = atoi(pos);
} else if (os_strcmp(buf, "hs20_t_c_filename") == 0) {
os_free(bss->t_c_filename);
bss->t_c_filename = os_strdup(pos);
} else if (os_strcmp(buf, "hs20_t_c_server_url") == 0) {
os_free(bss->t_c_server_url);
bss->t_c_server_url = os_strdup(pos);
- } else if (os_strcmp(buf, "hs20_sim_provisioning_url") == 0) {
- os_free(bss->hs20_sim_provisioning_url);
- bss->hs20_sim_provisioning_url = os_strdup(pos);
#endif /* CONFIG_HS20 */
#ifdef CONFIG_MBO
} else if (os_strcmp(buf, "mbo") == 0) {
#endif /* CONFIG_WPS */
-#ifdef CONFIG_HS20
-
-static int hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data *hapd,
- const char *cmd)
-{
- u8 addr[ETH_ALEN];
- const char *url;
-
- if (hwaddr_aton(cmd, addr))
- return -1;
- url = cmd + 17;
- if (*url == '\0') {
- url = NULL;
- } else {
- if (*url != ' ')
- return -1;
- url++;
- if (*url == '\0')
- url = NULL;
- }
-
- return hs20_send_wnm_notification(hapd, addr, 1, url);
-}
-
+#ifdef CONFIG_HS20
static int hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data *hapd,
const char *cmd)
{
wpabuf_free(req);
return ret;
}
-
#endif /* CONFIG_HS20 */
reply_len = -1;
#endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_HS20
- } else if (os_strncmp(buf, "HS20_WNM_NOTIF ", 15) == 0) {
- if (hostapd_ctrl_iface_hs20_wnm_notif(hapd, buf + 15))
- reply_len = -1;
} else if (os_strncmp(buf, "HS20_DEAUTH_REQ ", 16) == 0) {
if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16))
reply_len = -1;
os_free(conf->hs20_wan_metrics);
os_free(conf->hs20_connection_capability);
os_free(conf->hs20_operating_class);
- os_free(conf->subscr_remediation_url);
- os_free(conf->hs20_sim_provisioning_url);
os_free(conf->t_c_filename);
os_free(conf->t_c_server_url);
#endif /* CONFIG_HS20 */
unsigned int wildcard_prefix:1;
unsigned int password_hash:1; /* whether password is hashed with
* nt_password_hash() */
- unsigned int remediation:1;
unsigned int macacl:1;
int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */
struct hostapd_radius_attr *accept_attr;
u8 *hs20_operating_class;
u8 hs20_operating_class_len;
unsigned int hs20_deauth_req_timeout;
- char *subscr_remediation_url;
- u8 subscr_remediation_method;
- char *hs20_sim_provisioning_url;
char *t_c_filename;
u32 t_c_timestamp;
char *t_c_server_url;
user->force_version = eap_user->force_version;
user->macacl = eap_user->macacl;
user->ttls_auth = eap_user->ttls_auth;
- user->remediation = eap_user->remediation;
user->accept_attr = eap_user->accept_attr;
user->t_c_timestamp = eap_user->t_c_timestamp;
rv = 0;
srv.dump_msk_file = conf->dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
#ifdef CONFIG_HS20
- srv.subscr_remediation_url = conf->subscr_remediation_url;
- srv.subscr_remediation_method = conf->subscr_remediation_method;
- srv.hs20_sim_provisioning_url = conf->hs20_sim_provisioning_url;
srv.t_c_server_url = conf->t_c_server_url;
#endif /* CONFIG_HS20 */
srv.erp_domain = conf->erp_domain;
user->next = (void *) 1;
} else if (os_strcmp(col[i], "methods") == 0 && argv[i]) {
set_user_methods(user, argv[i]);
- } else if (os_strcmp(col[i], "remediation") == 0 && argv[i]) {
- user->remediation = strlen(argv[i]) > 0;
} else if (os_strcmp(col[i], "t_c_timestamp") == 0 && argv[i]) {
user->t_c_timestamp = strtol(argv[i], NULL, 10);
}
}
-int hs20_send_wnm_notification(struct hostapd_data *hapd, const u8 *addr,
- u8 osu_method, const char *url)
-{
- struct wpabuf *buf;
- size_t len = 0;
- int ret;
-
- /* TODO: should refuse to send notification if the STA is not associated
- * or if the STA did not indicate support for WNM-Notification */
-
- if (url) {
- len = 1 + os_strlen(url);
- if (5 + len > 255) {
- wpa_printf(MSG_INFO, "HS 2.0: Too long URL for "
- "WNM-Notification: '%s'", url);
- return -1;
- }
- }
-
- buf = wpabuf_alloc(4 + 7 + len);
- if (buf == NULL)
- return -1;
-
- wpabuf_put_u8(buf, WLAN_ACTION_WNM);
- wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ);
- wpabuf_put_u8(buf, 1); /* Dialog token */
- wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */
-
- /* Subscription Remediation subelement */
- wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
- wpabuf_put_u8(buf, 5 + len);
- wpabuf_put_be24(buf, OUI_WFA);
- wpabuf_put_u8(buf, HS20_WNM_SUB_REM_NEEDED);
- if (url) {
- wpabuf_put_u8(buf, len - 1);
- wpabuf_put_data(buf, url, len - 1);
- wpabuf_put_u8(buf, osu_method);
- } else {
- /* Server URL and Server Method fields not included */
- wpabuf_put_u8(buf, 0);
- }
-
- ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
- wpabuf_head(buf), wpabuf_len(buf));
-
- wpabuf_free(buf);
-
- return ret;
-}
-
-
int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd,
const u8 *addr,
const struct wpabuf *payload)
#endif /* CONFIG_HS20 */
static bool ieee802_1x_finished(struct hostapd_data *hapd,
struct sta_info *sta, int success,
- int remediation, bool logoff);
+ bool logoff);
static void ieee802_1x_send(struct hostapd_data *hapd, struct sta_info *sta,
{
struct eapol_state_machine *sm = sta->eapol_sm;
-#ifdef CONFIG_HS20
- eloop_cancel_timeout(ieee802_1x_wnm_notif_send, hapd, sta);
-#endif /* CONFIG_HS20 */
-
if (sta->pending_eapol_rx) {
wpabuf_free(sta->pending_eapol_rx->buf);
os_free(sta->pending_eapol_rx);
#ifdef CONFIG_HS20
-static void ieee802_1x_hs20_sub_rem(struct sta_info *sta, u8 *pos, size_t len)
-{
- sta->remediation = 1;
- os_free(sta->remediation_url);
- if (len > 2) {
- sta->remediation_url = os_malloc(len);
- if (!sta->remediation_url)
- return;
- sta->remediation_method = pos[0];
- os_memcpy(sta->remediation_url, pos + 1, len - 1);
- sta->remediation_url[len - 1] = '\0';
- wpa_printf(MSG_DEBUG,
- "HS 2.0: Subscription remediation needed for "
- MACSTR " - server method %u URL %s",
- MAC2STR(sta->addr), sta->remediation_method,
- sta->remediation_url);
- } else {
- sta->remediation_url = NULL;
- wpa_printf(MSG_DEBUG,
- "HS 2.0: Subscription remediation needed for "
- MACSTR, MAC2STR(sta->addr));
- }
- /* TODO: assign the STA into remediation VLAN or add filtering */
-}
-
-
static void ieee802_1x_hs20_deauth_req(struct hostapd_data *hapd,
struct sta_info *sta, const u8 *pos,
size_t len)
size_t len;
buf = NULL;
- sta->remediation = 0;
sta->hs20_deauth_requested = 0;
sta->hs20_deauth_on_ack = 0;
continue; /* invalid WFA VSA */
switch (type) {
- case RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION:
- ieee802_1x_hs20_sub_rem(sta, pos, sublen);
- break;
case RADIUS_VENDOR_ATTR_WFA_HS20_DEAUTH_REQ:
ieee802_1x_hs20_deauth_req(hapd, sta, pos, sublen);
break;
static bool _ieee802_1x_finished(void *ctx, void *sta_ctx, int success,
- int preauth, int remediation, bool logoff)
+ int preauth, bool logoff)
{
struct hostapd_data *hapd = ctx;
struct sta_info *sta = sta_ctx;
return false;
}
- return ieee802_1x_finished(hapd, sta, success, remediation, logoff);
+ return ieee802_1x_finished(hapd, sta, success, logoff);
}
user->force_version = eap_user->force_version;
user->macacl = eap_user->macacl;
user->ttls_auth = eap_user->ttls_auth;
- user->remediation = eap_user->remediation;
rv = 0;
out:
struct hostapd_data *hapd = eloop_ctx;
struct sta_info *sta = timeout_ctx;
- if (sta->remediation) {
- wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to "
- MACSTR " to indicate Subscription Remediation",
- MAC2STR(sta->addr));
- hs20_send_wnm_notification(hapd, sta->addr,
- sta->remediation_method,
- sta->remediation_url);
- os_free(sta->remediation_url);
- sta->remediation_url = NULL;
- }
-
if (sta->hs20_deauth_req) {
wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to "
MACSTR " to indicate imminent deauthentication",
static bool ieee802_1x_finished(struct hostapd_data *hapd,
struct sta_info *sta, int success,
- int remediation, bool logoff)
+ bool logoff)
{
const u8 *key;
size_t len;
struct os_reltime now, remaining;
#ifdef CONFIG_HS20
- if (remediation && !sta->remediation) {
- sta->remediation = 1;
- os_free(sta->remediation_url);
- sta->remediation_url =
- os_strdup(hapd->conf->subscr_remediation_url);
- sta->remediation_method = 1; /* SOAP-XML SPP */
- }
-
- if (success && (sta->remediation || sta->hs20_deauth_req ||
- sta->hs20_t_c_filtering)) {
+ if (success && (sta->hs20_deauth_req || sta->hs20_t_c_filtering)) {
wpa_printf(MSG_DEBUG, "HS 2.0: Schedule WNM-Notification to "
MACSTR " in 100 ms", MAC2STR(sta->addr));
eloop_cancel_timeout(ieee802_1x_wnm_notif_send, hapd, sta);
} else {
session_timeout = dot11RSNAConfigPMKLifetime;
}
- if (success && key && len >= PMK_LEN && !sta->remediation &&
+ if (success && key && len >= PMK_LEN &&
!sta->hs20_deauth_requested &&
wpa_auth_pmksa_add(sta->wpa_sm, key, len, session_timeout,
sta->eapol_sm) == 0) {
hostapd_free_psk_list(sta->psk);
os_free(sta->identity);
os_free(sta->radius_cui);
- os_free(sta->remediation_url);
os_free(sta->t_c_url);
wpabuf_free(sta->hs20_deauth_req);
os_free(sta->hs20_session_info_url);
unsigned int ht_20mhz_set:1;
unsigned int no_p2p_set:1;
unsigned int qos_map_enabled:1;
- unsigned int remediation:1;
unsigned int hs20_deauth_requested:1;
unsigned int hs20_deauth_on_ack:1;
unsigned int session_timeout_set:1;
struct wpabuf *hs20_ie; /* HS 2.0 IE from (Re)Association Request */
/* Hotspot 2.0 Roaming Consortium from (Re)Association Request */
struct wpabuf *roaming_consortium;
- u8 remediation_method;
- char *remediation_url; /* HS 2.0 Subscription Remediation Server URL */
char *t_c_url; /* HS 2.0 Terms and Conditions Server URL */
struct wpabuf *hs20_deauth_req;
char *hs20_session_info_url;
#endif /* HS20_VERSION */
/* WNM-Notification WFA vendors specific subtypes */
-#define HS20_WNM_SUB_REM_NEEDED 0
#define HS20_WNM_DEAUTH_IMMINENT_NOTICE 1
#define WFA_WNM_NOTIF_SUBELEM_NON_PREF_CHAN_REPORT 2
#define WFA_WNM_NOTIF_SUBELEM_CELL_DATA_CAPA 3
/* parameters: <Venue Number> <Venue URL> */
#define RX_VENUE_URL "RX-VENUE-URL "
-#define HS20_SUBSCRIPTION_REMEDIATION "HS20-SUBSCRIPTION-REMEDIATION "
#define HS20_DEAUTH_IMMINENT_NOTICE "HS20-DEAUTH-IMMINENT-NOTICE "
#define HS20_T_C_ACCEPTANCE "HS20-T-C-ACCEPTANCE "
size_t salt_len;
int phase2;
int force_version;
- unsigned int remediation:1;
unsigned int macacl:1;
int ttls_auth; /* bitfield of
* EAP_TTLS_AUTH_{PAP,CHAP,MSCHAP,MSCHAPV2} */
if (!from_initialize && !pre_auth_logoff) {
if (sm->eapol->cb.finished(sm->eapol->conf.ctx, sm->sta, 0,
sm->flags & EAPOL_SM_PREAUTH,
- sm->remediation, logoff)) {
+ logoff)) {
wpa_printf(MSG_DEBUG,
"EAPOL: Do not restart since lower layers will disconnect the port after EAPOL-Logoff");
sm->stopped = true;
eap_server_get_name(0, sm->eap_type_supp));
}
sm->eapol->cb.finished(sm->eapol->conf.ctx, sm->sta, 0,
- sm->flags & EAPOL_SM_PREAUTH, sm->remediation,
- false);
+ sm->flags & EAPOL_SM_PREAUTH, false);
}
if (sm->authSuccess)
sm->authenticated++;
sm->eapol->cb.finished(sm->eapol->conf.ctx, sm->sta, 1,
- sm->flags & EAPOL_SM_PREAUTH, sm->remediation,
- false);
+ sm->flags & EAPOL_SM_PREAUTH, false);
}
struct eap_user *user)
{
struct eapol_state_machine *sm = ctx;
- int ret;
- ret = sm->eapol->cb.get_eap_user(sm->eapol->conf.ctx, identity,
- identity_len, phase2, user);
- if (user->remediation)
- sm->remediation = 1;
- return ret;
+ return sm->eapol->cb.get_eap_user(sm->eapol->conf.ctx, identity,
+ identity_len, phase2, user);
}
void (*aaa_send)(void *ctx, void *sta_ctx, const u8 *data,
size_t datalen);
bool (*finished)(void *ctx, void *sta_ctx, int success, int preauth,
- int remediation, bool logoff);
+ bool logoff);
int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
int phase2, struct eap_user *user);
int (*sta_entry_alive)(void *ctx, const u8 *addr);
void *sta; /* station context pointer to use in callbacks */
- int remediation;
-
u64 acct_multi_session_id;
unsigned int authenticated; /* The number of times authentication has
#define RADIUS_VENDOR_ID_WFA 40808
enum {
- RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION = 1,
RADIUS_VENDOR_ATTR_WFA_HS20_AP_VERSION = 2,
RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION = 3,
RADIUS_VENDOR_ATTR_WFA_HS20_DEAUTH_REQ = 4,
struct radius_msg *last_reply;
u8 last_authenticator[16];
- unsigned int remediation:1;
unsigned int macacl:1;
unsigned int t_c_filtering:1;
char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
- char *subscr_remediation_url;
- u8 subscr_remediation_method;
- char *hs20_sim_provisioning_url;
-
char *t_c_server_url;
#ifdef CONFIG_SQLITE
static void radius_server_session_remove_timeout(void *eloop_ctx,
void *timeout_ctx);
-#ifdef CONFIG_SQLITE
-#ifdef CONFIG_HS20
-
-static int db_table_exists(sqlite3 *db, const char *name)
-{
- char cmd[128];
-
- os_snprintf(cmd, sizeof(cmd), "SELECT 1 FROM %s;", name);
- return sqlite3_exec(db, cmd, NULL, NULL, NULL) == SQLITE_OK;
-}
-
-
-static int db_table_create_sim_provisioning(sqlite3 *db)
-{
- char *err = NULL;
- const char *sql =
- "CREATE TABLE sim_provisioning("
- " mobile_identifier_hash TEXT PRIMARY KEY,"
- " imsi TEXT,"
- " mac_addr TEXT,"
- " eap_method TEXT,"
- " timestamp TEXT"
- ");";
-
- RADIUS_DEBUG("Adding database table for SIM provisioning information");
- if (sqlite3_exec(db, sql, NULL, NULL, &err) != SQLITE_OK) {
- RADIUS_ERROR("SQLite error: %s", err);
- sqlite3_free(err);
- return -1;
- }
-
- return 0;
-}
-
-#endif /* CONFIG_HS20 */
-#endif /* CONFIG_SQLITE */
-
-
void srv_log(struct radius_session *sess, const char *fmt, ...)
PRINTF_FORMAT(2, 3);
}
-#ifdef CONFIG_HS20
-
-static int radius_server_is_sim_method(struct radius_session *sess)
-{
- const char *name;
-
- name = eap_get_method(sess->eap);
- return name &&
- (os_strcmp(name, "SIM") == 0 ||
- os_strcmp(name, "AKA") == 0 ||
- os_strcmp(name, "AKA'") == 0);
-}
-
-
-static int radius_server_hs20_missing_sim_pps(struct radius_msg *request)
-{
- u8 *buf, *pos, *end, type, sublen;
- size_t len;
-
- buf = NULL;
- for (;;) {
- if (radius_msg_get_attr_ptr(request,
- RADIUS_ATTR_VENDOR_SPECIFIC,
- &buf, &len, buf) < 0)
- return 0;
- if (len < 6)
- continue;
- pos = buf;
- end = buf + len;
- if (WPA_GET_BE32(pos) != RADIUS_VENDOR_ID_WFA)
- continue;
- pos += 4;
-
- type = *pos++;
- sublen = *pos++;
- if (sublen < 2)
- continue; /* invalid length */
- sublen -= 2; /* skip header */
- if (pos + sublen > end)
- continue; /* invalid WFA VSA */
-
- if (type != RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION)
- continue;
-
- RADIUS_DUMP("HS2.0 mobile device version", pos, sublen);
- if (sublen < 1 + 2)
- continue;
- if (pos[0] == 0)
- continue; /* Release 1 STA does not support provisioning
-
- */
- /* UpdateIdentifier 0 indicates no PPS MO */
- return WPA_GET_BE16(pos + 1) == 0;
- }
-}
-
-
-#define HS20_MOBILE_ID_HASH_LEN 16
-
-static int radius_server_sim_provisioning_session(struct radius_session *sess,
- const u8 *hash)
-{
-#ifdef CONFIG_SQLITE
- char *sql;
- char addr_txt[ETH_ALEN * 3];
- char hash_txt[2 * HS20_MOBILE_ID_HASH_LEN + 1];
- struct os_time now;
- int res;
- const char *imsi, *eap_method;
-
- if (!sess->server->db ||
- (!db_table_exists(sess->server->db, "sim_provisioning") &&
- db_table_create_sim_provisioning(sess->server->db) < 0))
- return -1;
-
- imsi = eap_get_imsi(sess->eap);
- if (!imsi)
- return -1;
-
- eap_method = eap_get_method(sess->eap);
- if (!eap_method)
- return -1;
-
- os_snprintf(addr_txt, sizeof(addr_txt), MACSTR,
- MAC2STR(sess->mac_addr));
- wpa_snprintf_hex(hash_txt, sizeof(hash_txt), hash,
- HS20_MOBILE_ID_HASH_LEN);
-
- os_get_time(&now);
- sql = sqlite3_mprintf("INSERT INTO sim_provisioning(mobile_identifier_hash,imsi,mac_addr,eap_method,timestamp) VALUES (%Q,%Q,%Q,%Q,%u)",
- hash_txt, imsi, addr_txt, eap_method, now.sec);
- if (!sql)
- return -1;
-
- if (sqlite3_exec(sess->server->db, sql, NULL, NULL, NULL) !=
- SQLITE_OK) {
- RADIUS_ERROR("Failed to add SIM provisioning entry into sqlite database: %s",
- sqlite3_errmsg(sess->server->db));
- res = -1;
- } else {
- res = 0;
- }
- sqlite3_free(sql);
- return res;
-#endif /* CONFIG_SQLITE */
- return -1;
-}
-
-#endif /* CONFIG_HS20 */
-
-
static struct radius_msg *
radius_server_encapsulate_eap(struct radius_server_data *data,
struct radius_client *client,
}
#ifdef CONFIG_HS20
- if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->remediation &&
- data->subscr_remediation_url) {
- u8 *buf;
- size_t url_len = os_strlen(data->subscr_remediation_url);
- buf = os_malloc(1 + url_len);
- if (buf == NULL) {
- radius_msg_free(msg);
- return NULL;
- }
- buf[0] = data->subscr_remediation_method;
- os_memcpy(&buf[1], data->subscr_remediation_url, url_len);
- if (!radius_msg_add_wfa(
- msg, RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION,
- buf, 1 + url_len)) {
- RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem");
- }
- os_free(buf);
- } else if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->remediation) {
- u8 buf[1];
- if (!radius_msg_add_wfa(
- msg, RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION,
- buf, 0)) {
- RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem");
- }
- } else if (code == RADIUS_CODE_ACCESS_ACCEPT &&
- data->hs20_sim_provisioning_url &&
- radius_server_is_sim_method(sess) &&
- radius_server_hs20_missing_sim_pps(request)) {
- u8 *buf, *pos, hash[HS20_MOBILE_ID_HASH_LEN];
- size_t prefix_len, url_len;
-
- RADIUS_DEBUG("Device needs HS 2.0 SIM provisioning");
-
- if (os_get_random(hash, HS20_MOBILE_ID_HASH_LEN) < 0) {
- radius_msg_free(msg);
- return NULL;
- }
- RADIUS_DUMP("hotspot2dot0-mobile-identifier-hash",
- hash, HS20_MOBILE_ID_HASH_LEN);
-
- if (radius_server_sim_provisioning_session(sess, hash) < 0) {
- radius_msg_free(msg);
- return NULL;
- }
-
- prefix_len = os_strlen(data->hs20_sim_provisioning_url);
- url_len = prefix_len + 2 * HS20_MOBILE_ID_HASH_LEN;
- buf = os_malloc(1 + url_len + 1);
- if (!buf) {
- radius_msg_free(msg);
- return NULL;
- }
- pos = buf;
- *pos++ = data->subscr_remediation_method;
- os_memcpy(pos, data->hs20_sim_provisioning_url, prefix_len);
- pos += prefix_len;
- wpa_snprintf_hex((char *) pos, 2 * HS20_MOBILE_ID_HASH_LEN + 1,
- hash, HS20_MOBILE_ID_HASH_LEN);
- RADIUS_DEBUG("HS 2.0 subscription remediation URL: %s",
- (char *) &buf[1]);
- if (!radius_msg_add_wfa(
- msg, RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION,
- buf, 1 + url_len)) {
- RADIUS_DEBUG("Failed to add WFA-HS20-SubscrRem");
- }
- os_free(buf);
- }
-
if (code == RADIUS_CODE_ACCESS_ACCEPT && sess->t_c_filtering) {
u8 buf[4] = { 0x01, 0x00, 0x00, 0x00 }; /* E=1 */
const char *url = data->t_c_server_url, *pos;
}
data->erp_domain = conf->erp_domain;
- if (conf->subscr_remediation_url) {
- data->subscr_remediation_url =
- os_strdup(conf->subscr_remediation_url);
- if (!data->subscr_remediation_url)
- goto fail;
- }
- data->subscr_remediation_method = conf->subscr_remediation_method;
- if (conf->hs20_sim_provisioning_url) {
- data->hs20_sim_provisioning_url =
- os_strdup(conf->hs20_sim_provisioning_url);
- if (!data->hs20_sim_provisioning_url)
- goto fail;
- }
-
if (conf->t_c_server_url) {
data->t_c_server_url = os_strdup(conf->t_c_server_url);
if (!data->t_c_server_url)
#ifdef CONFIG_RADIUS_TEST
os_free(data->dump_msk_file);
#endif /* CONFIG_RADIUS_TEST */
- os_free(data->subscr_remediation_url);
- os_free(data->hs20_sim_provisioning_url);
os_free(data->t_c_server_url);
#ifdef CONFIG_SQLITE
phase2, user);
if (ret == 0 && user) {
sess->accept_attr = user->accept_attr;
- sess->remediation = user->remediation;
sess->macacl = user->macacl;
sess->t_c_timestamp = user->t_c_timestamp;
}
const char *dump_msk_file;
#endif /* CONFIG_RADIUS_TEST */
- char *subscr_remediation_url;
- u8 subscr_remediation_method;
- char *hs20_sim_provisioning_url;
-
char *t_c_server_url;
struct eap_config *eap_cfg;
}
-void hs20_rx_subscription_remediation(struct wpa_supplicant *wpa_s,
- const char *url, u8 osu_method)
-{
- if (url)
- wpa_msg(wpa_s, MSG_INFO, HS20_SUBSCRIPTION_REMEDIATION "%u %s",
- osu_method, url);
- else
- wpa_msg(wpa_s, MSG_INFO, HS20_SUBSCRIPTION_REMEDIATION);
-}
-
-
void hs20_rx_deauth_imminent_notice(struct wpa_supplicant *wpa_s, u8 code,
u16 reauth_delay, const char *url)
{
struct wpa_bss *bss);
int hs20_get_pps_mo_id(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
-void hs20_rx_subscription_remediation(struct wpa_supplicant *wpa_s,
- const char *url, u8 osu_method);
void hs20_rx_deauth_imminent_notice(struct wpa_supplicant *wpa_s, u8 code,
u16 reauth_delay, const char *url);
void hs20_rx_t_c_acceptance(struct wpa_supplicant *wpa_s, const char *url);
WPA_GET_BE24(pos), pos[3]);
#ifdef CONFIG_HS20
- if (ie == WLAN_EID_VENDOR_SPECIFIC && ie_len >= 5 &&
- WPA_GET_BE24(pos) == OUI_WFA &&
- pos[3] == HS20_WNM_SUB_REM_NEEDED) {
- /* Subscription Remediation subelement */
- const u8 *ie_end;
- u8 url_len;
- char *url;
- u8 osu_method;
-
- wpa_printf(MSG_DEBUG, "WNM: Subscription Remediation "
- "subelement");
- ie_end = pos + ie_len;
- pos += 4;
- url_len = *pos++;
- if (url_len == 0) {
- wpa_printf(MSG_DEBUG, "WNM: No Server URL included");
- url = NULL;
- osu_method = 1;
- } else {
- if (url_len + 1 > ie_end - pos) {
- wpa_printf(MSG_DEBUG, "WNM: Not enough room for Server URL (len=%u) and Server Method (left %d)",
- url_len,
- (int) (ie_end - pos));
- break;
- }
- url = os_malloc(url_len + 1);
- if (url == NULL)
- break;
- os_memcpy(url, pos, url_len);
- url[url_len] = '\0';
- osu_method = pos[url_len];
- }
- hs20_rx_subscription_remediation(wpa_s, url,
- osu_method);
- os_free(url);
- pos = next;
- continue;
- }
-
if (ie == WLAN_EID_VENDOR_SPECIFIC && ie_len >= 8 &&
WPA_GET_BE24(pos) == OUI_WFA &&
pos[3] == HS20_WNM_DEAUTH_IMMINENT_NOTICE) {
wpa_cli_exec(action_file, ifname, pos);
} else if (str_starts(pos, ESS_DISASSOC_IMMINENT)) {
wpa_cli_exec(action_file, ifname, pos);
- } else if (str_starts(pos, HS20_SUBSCRIPTION_REMEDIATION)) {
- wpa_cli_exec(action_file, ifname, pos);
} else if (str_starts(pos, HS20_DEAUTH_IMMINENT_NOTICE)) {
wpa_cli_exec(action_file, ifname, pos);
} else if (str_starts(pos, HS20_T_C_ACCEPTANCE)) {
projects / thirdparty / hostap.git / commitdiff
