From 0e2217c95b953f8dde29e7ce1c3af8e076e4fab1 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 16 Jul 2022 12:31:28 +0300 Subject: [PATCH] DPP: Allow 3rd party information to be added into config request obj This allows the DPP Configuration Request Object from an Enrollee to be extended with 3rd party information. The new dpp_extra_conf_req_name and dpp_extra_conf_req_value configuration parameters specify the name of the added JSON node and its contents. For example: dpp_extra_conf_req_name=org.example dpp_extra_conf_req_value={"a":1,"b":"test"} Signed-off-by: Jouni Malinen --- hostapd/config_file.c | 6 ++++++ hostapd/hostapd.conf | 6 ++++++ src/ap/ap_config.c | 2 ++ src/ap/ap_config.h | 2 ++ src/ap/dpp_hostapd.c | 12 ++++++++++-- src/common/dpp.c | 10 +++++++++- src/common/dpp.h | 15 +++++++++++---- src/common/dpp_tcp.c | 34 +++++++++++++++++++++++++++++---- wpa_supplicant/config.c | 4 ++++ wpa_supplicant/config.h | 12 ++++++++++++ wpa_supplicant/config_file.c | 10 ++++++++++ wpa_supplicant/dpp_supplicant.c | 13 +++++++++++-- 12 files changed, 113 insertions(+), 13 deletions(-) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 5d915a090..8dc267ef2 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4456,6 +4456,12 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "dpp_mud_url") == 0) { os_free(bss->dpp_mud_url); bss->dpp_mud_url = os_strdup(pos); + } else if (os_strcmp(buf, "dpp_extra_conf_req_name") == 0) { + os_free(bss->dpp_extra_conf_req_name); + bss->dpp_extra_conf_req_name = os_strdup(pos); + } else if (os_strcmp(buf, "dpp_extra_conf_req_value") == 0) { + os_free(bss->dpp_extra_conf_req_value); + bss->dpp_extra_conf_req_value = os_strdup(pos); } else if (os_strcmp(buf, "dpp_connector") == 0) { os_free(bss->dpp_connector); bss->dpp_connector = os_strdup(pos); diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf index 1c4ca71a9..ea67aa100 100644 --- a/hostapd/hostapd.conf +++ b/hostapd/hostapd.conf @@ -2514,6 +2514,12 @@ own_ip_addr=127.0.0.1 # MUD URL for Enrollee's DPP Configuration Request (optional) #dpp_mud_url=https://example.com/mud +# JSON node name of additional data for Enrollee's DPP Configuration Request +#dpp_extra_conf_req_name=org.example + +# JSON node data of additional data for Enrollee's DPP Configuration Request +#dpp_extra_conf_req_value="abc":123 + #dpp_connector #dpp_netaccesskey #dpp_netaccesskey_expiry diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 1c229c6c7..63af3d047 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -947,6 +947,8 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf) #ifdef CONFIG_DPP os_free(conf->dpp_name); os_free(conf->dpp_mud_url); + os_free(conf->dpp_extra_conf_req_name); + os_free(conf->dpp_extra_conf_req_value); os_free(conf->dpp_connector); wpabuf_free(conf->dpp_netaccesskey); wpabuf_free(conf->dpp_csign); diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 9fb385717..c5701cc00 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -755,6 +755,8 @@ struct hostapd_bss_config { #ifdef CONFIG_DPP char *dpp_name; char *dpp_mud_url; + char *dpp_extra_conf_req_name; + char *dpp_extra_conf_req_value; char *dpp_connector; struct wpabuf *dpp_netaccesskey; unsigned int dpp_netaccesskey_expiry; diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c index e99e658ca..47174a71b 100644 --- a/src/ap/dpp_hostapd.c +++ b/src/ap/dpp_hostapd.c @@ -343,6 +343,9 @@ static int hostapd_dpp_pkex_done(void *ctx, void *conn, return dpp_tcp_auth(hapd->iface->interfaces->dpp, conn, auth, hapd->conf->dpp_name, DPP_NETROLE_AP, + hapd->conf->dpp_mud_url, + hapd->conf->dpp_extra_conf_req_name, + hapd->conf->dpp_extra_conf_req_value, hostapd_dpp_process_conf_obj, NULL); } #endif /* CONFIG_DPP2 */ @@ -928,7 +931,10 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) if (tcp) return dpp_tcp_init(hapd->iface->interfaces->dpp, auth, &ipaddr, tcp_port, hapd->conf->dpp_name, - DPP_NETROLE_AP, hapd->msg_ctx, hapd, + DPP_NETROLE_AP, hapd->conf->dpp_mud_url, + hapd->conf->dpp_extra_conf_req_name, + hapd->conf->dpp_extra_conf_req_value, + hapd->msg_ctx, hapd, hostapd_dpp_process_conf_obj, NULL); #endif /* CONFIG_DPP2 */ @@ -1287,7 +1293,9 @@ static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd) buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name, DPP_NETROLE_AP, - hapd->conf->dpp_mud_url, NULL); + hapd->conf->dpp_mud_url, NULL, + hapd->conf->dpp_extra_conf_req_name, + hapd->conf->dpp_extra_conf_req_value); if (!buf) { wpa_printf(MSG_DEBUG, "DPP: No configuration request data available"); diff --git a/src/common/dpp.c b/src/common/dpp.c index 6c1b5be0e..4ef736c0e 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -969,7 +969,9 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, const char *name, enum dpp_netrole netrole, - const char *mud_url, int *opclasses) + const char *mud_url, int *opclasses, + const char *extra_name, + const char *extra_value) { size_t len, name_len; const char *tech = "infra"; @@ -992,6 +994,8 @@ struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, len = 100 + name_len * 6 + 1 + int_array_len(opclasses) * 4; if (mud_url && mud_url[0]) len += 10 + os_strlen(mud_url); + if (extra_name && extra_value && extra_name[0] && extra_value[0]) + len += 10 + os_strlen(extra_name) + os_strlen(extra_value); #ifdef CONFIG_DPP2 if (auth->csr) { size_t csr_len; @@ -1031,6 +1035,10 @@ struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, json_value_sep(json); json_add_string(json, "pkcs10", csr); } + if (extra_name && extra_value && extra_name[0] && extra_value[0]) { + json_value_sep(json); + wpabuf_printf(json, "\"%s\":%s", extra_name, extra_value); + } json_end_object(json); buf = dpp_build_conf_req(auth, wpabuf_head(json)); diff --git a/src/common/dpp.h b/src/common/dpp.h index 8202ef818..af0341313 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -586,7 +586,9 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, const char *name, enum dpp_netrole netrole, - const char *mud_url, int *opclasses); + const char *mud_url, int *opclasses, + const char *extra_name, + const char *extra_value); int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, const u8 *attr_start, size_t attr_len); int dpp_notify_new_qr_code(struct dpp_authentication *auth, @@ -744,15 +746,20 @@ int dpp_tcp_pkex_init(struct dpp_global *dpp, struct dpp_pkex *pkex, struct dpp_bootstrap_info *bi)); int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, const struct hostapd_ip_addr *addr, int port, - const char *name, enum dpp_netrole netrole, void *msg_ctx, - void *cb_ctx, + const char *name, enum dpp_netrole netrole, + const char *mud_url, + const char *extra_conf_req_name, + const char *extra_conf_req_value, + void *msg_ctx, void *cb_ctx, int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth), bool (*tcp_msg_sent)(void *ctx, struct dpp_authentication *auth)); int dpp_tcp_auth(struct dpp_global *dpp, void *_conn, struct dpp_authentication *auth, const char *name, - enum dpp_netrole netrole, + enum dpp_netrole netrole, const char *mud_url, + const char *extra_conf_req_name, + const char *extra_conf_req_value, int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth), bool (*tcp_msg_sent)(void *ctx, diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c index d7c232841..cbe8d2ca5 100644 --- a/src/common/dpp_tcp.c +++ b/src/common/dpp_tcp.c @@ -48,6 +48,9 @@ struct dpp_connection { unsigned int gas_comeback_in_progress:1; u8 gas_dialog_token; char *name; + char *mud_url; + char *extra_conf_req_name; + char *extra_conf_req_value; enum dpp_netrole netrole; }; @@ -118,6 +121,9 @@ static void dpp_connection_free(struct dpp_connection *conn) dpp_auth_deinit(conn->auth); dpp_pkex_free(conn->pkex); os_free(conn->name); + os_free(conn->mud_url); + os_free(conn->extra_conf_req_name); + os_free(conn->extra_conf_req_value); os_free(conn); } @@ -332,8 +338,10 @@ static void dpp_controller_start_gas_client(struct dpp_connection *conn) const char *dpp_name; dpp_name = conn->name ? conn->name : "Test"; - buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole, NULL, - NULL); + buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole, + conn->mud_url, NULL, + conn->extra_conf_req_name, + conn->extra_conf_req_value); if (!buf) { wpa_printf(MSG_DEBUG, "DPP: No configuration request data available"); @@ -1943,7 +1951,10 @@ static int dpp_tcp_auth_start(struct dpp_connection *conn, int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, const struct hostapd_ip_addr *addr, int port, const char *name, - enum dpp_netrole netrole, void *msg_ctx, void *cb_ctx, + enum dpp_netrole netrole, const char *mud_url, + const char *extra_conf_req_name, + const char *extra_conf_req_value, + void *msg_ctx, void *cb_ctx, int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth), bool (*tcp_msg_sent)(void *ctx, @@ -1973,6 +1984,12 @@ int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, conn->process_conf_obj = process_conf_obj; conn->tcp_msg_sent = tcp_msg_sent; conn->name = os_strdup(name ? name : "Test"); + if (mud_url) + conn->mud_url = os_strdup(mud_url); + if (extra_conf_req_name) + conn->extra_conf_req_name = os_strdup(extra_conf_req_name); + if (extra_conf_req_value) + conn->extra_conf_req_value = os_strdup(extra_conf_req_value); conn->netrole = netrole; conn->global = dpp; conn->auth = auth; @@ -2019,7 +2036,9 @@ fail: int dpp_tcp_auth(struct dpp_global *dpp, void *_conn, struct dpp_authentication *auth, const char *name, - enum dpp_netrole netrole, + enum dpp_netrole netrole, const char *mud_url, + const char *extra_conf_req_name, + const char *extra_conf_req_value, int (*process_conf_obj)(void *ctx, struct dpp_authentication *auth), bool (*tcp_msg_sent)(void *ctx, @@ -2033,6 +2052,13 @@ int dpp_tcp_auth(struct dpp_global *dpp, void *_conn, conn->tcp_msg_sent = tcp_msg_sent; os_free(conn->name); conn->name = os_strdup(name ? name : "Test"); + os_free(conn->mud_url); + conn->mud_url = mud_url ? os_strdup(mud_url) : NULL; + os_free(conn->extra_conf_req_name); + conn->extra_conf_req_name = extra_conf_req_name ? + os_strdup(extra_conf_req_name) : NULL; + conn->extra_conf_req_value = extra_conf_req_value ? + os_strdup(extra_conf_req_value) : NULL; conn->netrole = netrole; conn->auth = auth; diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 92525d7c6..364bdc905 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -2970,6 +2970,8 @@ void wpa_config_free(struct wpa_config *config) #endif /* CONFIG_MBO */ os_free(config->dpp_name); os_free(config->dpp_mud_url); + os_free(config->dpp_extra_conf_req_name); + os_free(config->dpp_extra_conf_req_value); os_free(config); } @@ -5301,6 +5303,8 @@ static const struct global_parse_data global_fields[] = { { INT_RANGE(dpp_config_processing, 0, 2), 0 }, { STR(dpp_name), 0 }, { STR(dpp_mud_url), 0 }, + { STR(dpp_extra_conf_req_name), 0 }, + { STR(dpp_extra_conf_req_value), 0 }, #endif /* CONFIG_DPP */ { INT_RANGE(coloc_intf_reporting, 0, 1), 0 }, #ifdef CONFIG_WNM diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h index ba9f2ed8b..d16913692 100644 --- a/wpa_supplicant/config.h +++ b/wpa_supplicant/config.h @@ -1617,6 +1617,18 @@ struct wpa_config { */ char *dpp_mud_url; + /** + * dpp_extra_conf_req_name - JSON node name of additional data for + * Enrollee's DPP Configuration Request + */ + char *dpp_extra_conf_req_name; + + /** + * dpp_extra_conf_req_value - JSON node data of additional data for + * Enrollee's DPP Configuration Request + */ + char *dpp_extra_conf_req_value; + /** * coloc_intf_reporting - Colocated interference reporting * diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index c0763253f..a779868f3 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -1543,6 +1543,16 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) if (config->dpp_config_processing) fprintf(f, "dpp_config_processing=%d\n", config->dpp_config_processing); + if (config->dpp_name) + fprintf(f, "dpp_name=%s\n", config->dpp_name); + if (config->dpp_mud_url) + fprintf(f, "dpp_mud_url=%s\n", config->dpp_mud_url); + if (config->dpp_extra_conf_req_name) + fprintf(f, "dpp_extra_conf_req_name=%s\n", + config->dpp_extra_conf_req_name); + if (config->dpp_extra_conf_req_value) + fprintf(f, "dpp_extra_conf_req_value=%s\n", + config->dpp_extra_conf_req_value); if (config->coloc_intf_reporting) fprintf(f, "coloc_intf_reporting=%d\n", config->coloc_intf_reporting); diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index a248ca2dd..1ed2be03b 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -904,6 +904,9 @@ int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) if (tcp) return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port, wpa_s->conf->dpp_name, DPP_NETROLE_STA, + wpa_s->conf->dpp_mud_url, + wpa_s->conf->dpp_extra_conf_req_name, + wpa_s->conf->dpp_extra_conf_req_value, wpa_s, wpa_s, wpas_dpp_process_conf_obj, wpas_dpp_tcp_msg_sent); #endif /* CONFIG_DPP2 */ @@ -1842,7 +1845,9 @@ static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s) buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name, wpa_s->dpp_netrole, wpa_s->conf->dpp_mud_url, - supp_op_classes); + supp_op_classes, + wpa_s->conf->dpp_extra_conf_req_name, + wpa_s->conf->dpp_extra_conf_req_value); os_free(supp_op_classes); if (!buf) { wpa_printf(MSG_DEBUG, @@ -2764,7 +2769,11 @@ static int wpas_dpp_pkex_done(void *ctx, void *conn, } return dpp_tcp_auth(wpa_s->dpp, conn, auth, wpa_s->conf->dpp_name, - DPP_NETROLE_STA, wpas_dpp_process_conf_obj, + DPP_NETROLE_STA, + wpa_s->conf->dpp_mud_url, + wpa_s->conf->dpp_extra_conf_req_name, + wpa_s->conf->dpp_extra_conf_req_value, + wpas_dpp_process_conf_obj, wpas_dpp_tcp_msg_sent); } #endif /* CONFIG_DPP2 */ -- 2.47.2