HS 2.0: Add a new cred block parameter roaming_consortiums

This new string parameter contains a comma delimited list of OIs
(hexdump) in a string. This is used to store Hotspot 2.0
PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI. This commit
includes the configuration changes to parse and write the parameter. The
actual values are not yet used in Interworking network selection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-04-17 16:19:00 +03:00 committed by Jouni Malinen
parent 9b6f93e4d6
commit 909a948b0f
5 changed files with 144 additions and 0 deletions

View File

@ -202,6 +202,15 @@ Credentials can be pre-configured for automatic network selection:
# Roaming Consortium OI that is required to be advertised by the AP for
# the credential to be considered matching.
#
# roaming_consortiums: Roaming Consortium OI(s) memberships
# This string field contains one or more comma delimited OIs (hexdump)
# identifying the roaming consortiums of which the provider is a member.
# The list is sorted from the most preferred one to the least preferred
# one. A match between the Roaming Consortium OIs advertised by an AP and
# the OIs in this list indicates that successful authentication is
# possible.
# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
#
# eap: Pre-configured EAP method
# This optional field can be used to specify which EAP method will be
# used with this credential. If not set, the EAP method is selected
@ -300,6 +309,7 @@ Credentials can be pre-configured for automatic network selection:
# ca_cert="/etc/wpa_supplicant/ca.pem"
# domain="example.com"
# roaming_consortium=223344
# roaming_consortiums="112233,4455667788,aabbcc"
# eap=TTLS
# phase2="auth=MSCHAPV2"
#}

View File

@ -3104,11 +3104,62 @@ static int wpa_config_set_cred_req_conn_capab(struct wpa_cred *cred,
}
static int wpa_config_set_cred_roaming_consortiums(struct wpa_cred *cred,
const char *value)
{
u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN];
size_t roaming_consortiums_len[MAX_ROAMING_CONS];
unsigned int num_roaming_consortiums = 0;
const char *pos, *end;
size_t len;
os_memset(roaming_consortiums, 0, sizeof(roaming_consortiums));
os_memset(roaming_consortiums_len, 0, sizeof(roaming_consortiums_len));
for (pos = value;;) {
end = os_strchr(pos, ',');
len = end ? (size_t) (end - pos) : os_strlen(pos);
if (!end && len == 0)
break;
if (len == 0 || (len & 1) != 0 ||
len / 2 > MAX_ROAMING_CONS_OI_LEN ||
hexstr2bin(pos,
roaming_consortiums[num_roaming_consortiums],
len / 2) < 0) {
wpa_printf(MSG_INFO,
"Invalid roaming_consortiums entry: %s",
pos);
return -1;
}
roaming_consortiums_len[num_roaming_consortiums] = len / 2;
num_roaming_consortiums++;
if (num_roaming_consortiums > MAX_ROAMING_CONS) {
wpa_printf(MSG_INFO,
"Too many roaming_consortiums OIs");
return -1;
}
if (!end)
break;
pos = end + 1;
}
os_memcpy(cred->roaming_consortiums, roaming_consortiums,
sizeof(roaming_consortiums));
os_memcpy(cred->roaming_consortiums_len, roaming_consortiums_len,
sizeof(roaming_consortiums_len));
cred->num_roaming_consortiums = num_roaming_consortiums;
return 0;
}
int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
const char *value, int line)
{
char *val;
size_t len;
int res;
if (os_strcmp(var, "temporary") == 0) {
cred->temporary = atoi(value);
@ -3331,6 +3382,16 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
return 0;
}
if (os_strcmp(var, "roaming_consortiums") == 0) {
res = wpa_config_set_cred_roaming_consortiums(cred, val);
if (res < 0)
wpa_printf(MSG_ERROR,
"Line %d: invalid roaming_consortiums",
line);
os_free(val);
return res;
}
if (os_strcmp(var, "excluded_ssid") == 0) {
struct excluded_ssid *e;
@ -3642,6 +3703,31 @@ char * wpa_config_get_cred_no_key(struct wpa_cred *cred, const char *var)
return buf;
}
if (os_strcmp(var, "roaming_consortiums") == 0) {
size_t buflen;
char *buf, *pos;
size_t i;
if (!cred->num_roaming_consortiums)
return NULL;
buflen = cred->num_roaming_consortiums *
MAX_ROAMING_CONS_OI_LEN * 2 + 1;
buf = os_malloc(buflen);
if (!buf)
return NULL;
pos = buf;
for (i = 0; i < cred->num_roaming_consortiums; i++) {
if (i > 0)
*pos++ = ',';
pos += wpa_snprintf_hex(
pos, buf + buflen - pos,
cred->roaming_consortiums[i],
cred->roaming_consortiums_len[i]);
}
*pos = '\0';
return buf;
}
if (os_strcmp(var, "excluded_ssid") == 0) {
unsigned int i;
char *buf, *end, *pos;

View File

@ -51,6 +51,9 @@
#include "common/ieee802_11_common.h"
#define MAX_ROAMING_CONS 36
#define MAX_ROAMING_CONS_OI_LEN 15
struct wpa_cred {
/**
* next - Next credential in the list
@ -239,6 +242,28 @@ struct wpa_cred {
*/
size_t required_roaming_consortium_len;
/**
* roaming_consortiums - Roaming Consortium OI(s) memberships
*
* This field contains one or more OIs identifying the roaming
* consortiums of which the provider is a member. The list is sorted
* from the most preferred one to the least preferred one. A match
* between the Roaming Consortium OIs advertised by an AP and the OIs
* in this list indicates that successful authentication is possible.
* (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
*/
u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN];
/**
* roaming_consortiums_len - Length on roaming_consortiums[i]
*/
size_t roaming_consortiums_len[MAX_ROAMING_CONS];
/**
* num_roaming_consortiums - Number of entries in roaming_consortiums
*/
unsigned int num_roaming_consortiums;
/**
* eap_method - EAP method to use
*

View File

@ -1039,6 +1039,20 @@ static void wpa_config_write_cred(FILE *f, struct wpa_cred *cred)
fprintf(f, "\n");
}
if (cred->num_roaming_consortiums) {
size_t j;
fprintf(f, "\troaming_consortiums=\"");
for (i = 0; i < cred->num_roaming_consortiums; i++) {
if (i > 0)
fprintf(f, ",");
for (j = 0; j < cred->roaming_consortiums_len[i]; j++)
fprintf(f, "%02x",
cred->roaming_consortiums[i][j]);
}
fprintf(f, "\"\n");
}
if (cred->sim_num != DEFAULT_USER_SELECTED_SIM)
fprintf(f, "\tsim_num=%d\n", cred->sim_num);
}

View File

@ -602,6 +602,15 @@ fast_reauth=1
# Roaming Consortium OI that is required to be advertised by the AP for
# the credential to be considered matching.
#
# roaming_consortiums: Roaming Consortium OI(s) memberships
# This string field contains one or more comma delimited OIs (hexdump)
# identifying the roaming consortiums of which the provider is a member.
# The list is sorted from the most preferred one to the least preferred
# one. A match between the Roaming Consortium OIs advertised by an AP and
# the OIs in this list indicates that successful authentication is
# possible.
# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
#
# eap: Pre-configured EAP method
# This optional field can be used to specify which EAP method will be
# used with this credential. If not set, the EAP method is selected