HS 2.0: Add Roaming Consortium Selection network profile parameter

This adds new roaming_consortium_selection network profile parameter
into wpa_supplicant. This is used to store the OI that was used for
network selection (INTERWORKING_SELECT) based on matching against the
Roaming Consortium OIs advertised by the AP. This can also be used when
using an external component to perform selection.

This commit adds the network profile parameter, but does not yet include
it in (Re)Association Request frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-04-17 17:12:22 +03:00 committed by Jouni Malinen
parent ce952ebda0
commit 6311547e7b
6 changed files with 48 additions and 1 deletions

View file

@ -606,7 +606,7 @@ network={
Hotspot 2.0 connection with external network selection Hotspot 2.0 connection with external network selection
------------------------------------------------------ ------------------------------------------------------
When an component controlling wpa_supplicant takes care of Interworking When a component controlling wpa_supplicant takes care of Interworking
network selection, following configuration and network profile network selection, following configuration and network profile
parameters can be used to configure a temporary network profile for a parameters can be used to configure a temporary network profile for a
Hotspot 2.0 connection (e.g., with SET, ADD_NETWORK, SET_NETWORK, and Hotspot 2.0 connection (e.g., with SET, ADD_NETWORK, SET_NETWORK, and
@ -628,6 +628,7 @@ network={
eap=TTLS eap=TTLS
phase2="auth=MSCHAPV2" phase2="auth=MSCHAPV2"
update_identifier=54321 update_identifier=54321
roaming_consortium_selection=112233
#ocsp=2 #ocsp=2
} }
@ -643,4 +644,5 @@ update_identifier: PPS/UpdateIdentifier
ca_cert: from the downloaded trust root based on PPS information ca_cert: from the downloaded trust root based on PPS information
eap: Credential/UsernamePassword/EAPMethod or NAI Realm list eap: Credential/UsernamePassword/EAPMethod or NAI Realm list
phase2: Credential/UsernamePassword/EAPMethod or NAI Realm list phase2: Credential/UsernamePassword/EAPMethod or NAI Realm list
roaming_consortium_selection: Matching OI from HomeSP/RoamingConsortiumOI
ocsp: Credential/CheckAAAServerCertStatus ocsp: Credential/CheckAAAServerCertStatus

View file

@ -2289,6 +2289,7 @@ static const struct parse_data ssid_fields[] = {
#endif /* CONFIG_MACSEC */ #endif /* CONFIG_MACSEC */
#ifdef CONFIG_HS20 #ifdef CONFIG_HS20
{ INT(update_identifier) }, { INT(update_identifier) },
{ STR_RANGE(roaming_consortium_selection, 0, MAX_ROAMING_CONS_OI_LEN) },
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
{ INT_RANGE(mac_addr, 0, 2) }, { INT_RANGE(mac_addr, 0, 2) },
{ INT_RANGE(pbss, 0, 2) }, { INT_RANGE(pbss, 0, 2) },
@ -2489,6 +2490,9 @@ void wpa_config_free_ssid(struct wpa_ssid *ssid)
#ifdef CONFIG_MESH #ifdef CONFIG_MESH
os_free(ssid->mesh_basic_rates); os_free(ssid->mesh_basic_rates);
#endif /* CONFIG_MESH */ #endif /* CONFIG_MESH */
#ifdef CONFIG_HS20
os_free(ssid->roaming_consortium_selection);
#endif /* CONFIG_HS20 */
os_free(ssid->dpp_connector); os_free(ssid->dpp_connector);
bin_clear_free(ssid->dpp_netaccesskey, ssid->dpp_netaccesskey_len); bin_clear_free(ssid->dpp_netaccesskey, ssid->dpp_netaccesskey_len);
os_free(ssid->dpp_csign); os_free(ssid->dpp_csign);

View file

@ -856,6 +856,7 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
#endif /* CONFIG_MACSEC */ #endif /* CONFIG_MACSEC */
#ifdef CONFIG_HS20 #ifdef CONFIG_HS20
INT(update_identifier); INT(update_identifier);
STR(roaming_consortium_selection);
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
write_int(f, "mac_addr", ssid->mac_addr, -1); write_int(f, "mac_addr", ssid->mac_addr, -1);
#ifdef CONFIG_MESH #ifdef CONFIG_MESH

View file

@ -804,6 +804,19 @@ struct wpa_ssid {
#ifdef CONFIG_HS20 #ifdef CONFIG_HS20
int update_identifier; int update_identifier;
/**
* roaming_consortium_selection - Roaming Consortium Selection
*
* The matching Roaming Consortium OI that was used to generate this
* network profile.
*/
u8 *roaming_consortium_selection;
/**
* roaming_consortium_selection_len - roaming_consortium_selection len
*/
size_t roaming_consortium_selection_len;
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
unsigned int wps_run; unsigned int wps_run;

View file

@ -1555,6 +1555,9 @@ static int interworking_connect_roaming_consortium(
struct wpa_bss *bss, int only_add) struct wpa_bss *bss, int only_add)
{ {
struct wpa_ssid *ssid; struct wpa_ssid *ssid;
const u8 *ie;
const struct wpabuf *anqp;
unsigned int i;
wpa_msg(wpa_s, MSG_DEBUG, "Interworking: Connect with " MACSTR wpa_msg(wpa_s, MSG_DEBUG, "Interworking: Connect with " MACSTR
" based on roaming consortium match", MAC2STR(bss->bssid)); " based on roaming consortium match", MAC2STR(bss->bssid));
@ -1584,6 +1587,26 @@ static int interworking_connect_roaming_consortium(
if (interworking_set_hs20_params(wpa_s, ssid) < 0) if (interworking_set_hs20_params(wpa_s, ssid) < 0)
goto fail; goto fail;
ie = wpa_bss_get_ie(bss, WLAN_EID_ROAMING_CONSORTIUM);
anqp = bss->anqp ? bss->anqp->roaming_consortium : NULL;
for (i = 0; (ie || anqp) && i < cred->num_roaming_consortiums; i++) {
if (!roaming_consortium_match(
ie, anqp, cred->roaming_consortiums[i],
cred->roaming_consortiums_len[i]))
continue;
ssid->roaming_consortium_selection =
os_malloc(cred->roaming_consortiums_len[i]);
if (!ssid->roaming_consortium_selection)
goto fail;
os_memcpy(ssid->roaming_consortium_selection,
cred->roaming_consortiums[i],
cred->roaming_consortiums_len[i]);
ssid->roaming_consortium_selection_len =
cred->roaming_consortiums_len[i];
break;
}
if (cred->eap_method == NULL) { if (cred->eap_method == NULL) {
wpa_msg(wpa_s, MSG_DEBUG, wpa_msg(wpa_s, MSG_DEBUG,
"Interworking: No EAP method set for credential using roaming consortium"); "Interworking: No EAP method set for credential using roaming consortium");

View file

@ -1287,6 +1287,10 @@ fast_reauth=1
# update_identifier: PPS MO ID # update_identifier: PPS MO ID
# (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier) # (Hotspot 2.0 PerProviderSubscription/UpdateIdentifier)
#
# roaming_consortium_selection: Roaming Consortium Selection
# The matching Roaming Consortium OI that was used to generate this
# network profile.
# Station inactivity limit # Station inactivity limit
# #