From 55e5084d9e28026275b5767ff9fa7bb3e18650bd Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 19 Oct 2018 17:57:39 +0300 Subject: [PATCH] HS 2.0: OSU server test functionality for incorrect behavior (policy) Extend test= special incorrect behavior testing capabilities in the OSU server to include the fingerprint of the policy update trust root: test=corrupt_polupd_hash. Signed-off-by: Jouni Malinen --- hs20/server/spp_server.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/hs20/server/spp_server.c b/hs20/server/spp_server.c index 18290d9e8..1a06e5257 100644 --- a/hs20/server/spp_server.c +++ b/hs20/server/spp_server.c @@ -1266,7 +1266,7 @@ static xml_node_t * build_pps(struct hs20_svc *ctx, const char *pw, const char *cert, int machine_managed, const char *test) { - xml_node_t *pps, *c, *trust, *aaa, *aaa1, *upd, *homesp; + xml_node_t *pps, *c, *trust, *aaa, *aaa1, *upd, *homesp, *p; xml_node_t *cred, *eap, *userpw; pps = xml_node_create_root(ctx->xml, NULL, NULL, NULL, @@ -1295,6 +1295,23 @@ static xml_node_t * build_pps(struct hs20_svc *ctx, "aaa_trust_root_cert_fingerprint"); } + if (test && os_strcmp(test, "corrupt_polupd_hash") == 0) { + debug_print(ctx, 1, + "TEST: Corrupt PPS/Cred*/Policy/PolicyUpdate/Trustroot/CertSHA256FingerPrint"); + p = xml_node_create(ctx->xml, c, NULL, "Policy"); + upd = xml_node_create(ctx->xml, p, NULL, "PolicyUpdate"); + add_text_node(ctx, upd, "UpdateInterval", "30"); + add_text_node(ctx, upd, "UpdateMethod", "SPP-ClientInitiated"); + add_text_node(ctx, upd, "Restriction", "Unrestricted"); + add_text_node_conf(ctx, realm, upd, "URI", "policy_url"); + trust = xml_node_create(ctx->xml, upd, NULL, "TrustRoot"); + add_text_node_conf(ctx, realm, trust, "CertURL", + "policy_trust_root_cert_url"); + add_text_node_conf_corrupt(ctx, realm, trust, + "CertSHA256Fingerprint", + "policy_trust_root_cert_fingerprint"); + } + upd = xml_node_create(ctx->xml, c, NULL, "SubscriptionUpdate"); add_text_node(ctx, upd, "UpdateInterval", "4294967295"); add_text_node(ctx, upd, "UpdateMethod", "ClientInitiated");