From 6aa7aa808907749bc54000b456519a196a5d5991 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 14 Aug 2020 16:44:38 +0300 Subject: [PATCH] DPP2: hostapd/AP as Enrollee/Initiator over TCP Extend DPP support in hostapd to allow AP Enrollee role when initiating the exchange using TCP. Signed-off-by: Jouni Malinen --- src/ap/dpp_hostapd.c | 59 +++++++++++++++++++++++++-------- src/common/dpp.h | 2 +- src/common/dpp_tcp.c | 9 +++-- wpa_supplicant/dpp_supplicant.c | 2 +- 4 files changed, 53 insertions(+), 19 deletions(-) diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c index 70027ad6e..9b9232d4c 100644 --- a/src/ap/dpp_hostapd.c +++ b/src/ap/dpp_hostapd.c @@ -490,8 +490,15 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) { const char *pos; struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; + struct dpp_authentication *auth; u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; unsigned int neg_freq = 0; + int tcp = 0; +#ifdef CONFIG_DPP2 + int tcp_port = DPP_TCP_PORT; + struct hostapd_ip_addr ipaddr; + char *addr; +#endif /* CONFIG_DPP2 */ pos = os_strstr(cmd, " peer="); if (!pos) @@ -504,6 +511,25 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) return -1; } +#ifdef CONFIG_DPP2 + pos = os_strstr(cmd, " tcp_port="); + if (pos) { + pos += 10; + tcp_port = atoi(pos); + } + + addr = get_param(cmd, " tcp_addr="); + if (addr) { + int res; + + res = hostapd_parse_ip_addr(addr, &ipaddr); + os_free(addr); + if (res) + return -1; + tcp = 1; + } +#endif /* CONFIG_DPP2 */ + pos = os_strstr(cmd, " own="); if (pos) { pos += 5; @@ -541,7 +567,7 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) if (pos) neg_freq = atoi(pos + 10); - if (hapd->dpp_auth) { + if (!tcp && hapd->dpp_auth) { eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); @@ -555,26 +581,31 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) dpp_auth_deinit(hapd->dpp_auth); } - hapd->dpp_auth = dpp_auth_init(hapd->iface->interfaces->dpp, - hapd->msg_ctx, peer_bi, own_bi, - allowed_roles, neg_freq, - hapd->iface->hw_features, - hapd->iface->num_hw_features); - if (!hapd->dpp_auth) + auth = dpp_auth_init(hapd->iface->interfaces->dpp, hapd->msg_ctx, + peer_bi, own_bi, allowed_roles, neg_freq, + hapd->iface->hw_features, + hapd->iface->num_hw_features); + if (!auth) goto fail; - hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); - if (dpp_set_configurator(hapd->dpp_auth, cmd) < 0) { - dpp_auth_deinit(hapd->dpp_auth); - hapd->dpp_auth = NULL; + hostapd_dpp_set_testing_options(hapd, auth); + if (dpp_set_configurator(auth, cmd) < 0) { + dpp_auth_deinit(auth); goto fail; } - hapd->dpp_auth->neg_freq = neg_freq; + auth->neg_freq = neg_freq; if (!is_zero_ether_addr(peer_bi->mac_addr)) - os_memcpy(hapd->dpp_auth->peer_mac_addr, peer_bi->mac_addr, - ETH_ALEN); + os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN); +#ifdef CONFIG_DPP2 + if (tcp) + return dpp_tcp_init(hapd->iface->interfaces->dpp, auth, + &ipaddr, tcp_port, hapd->conf->dpp_name, + DPP_NETROLE_AP); +#endif /* CONFIG_DPP2 */ + + hapd->dpp_auth = auth; return hostapd_dpp_auth_init_next(hapd); fail: return -1; diff --git a/src/common/dpp.h b/src/common/dpp.h index 9cf1019ae..810ecb81b 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -673,7 +673,7 @@ void dpp_controller_new_qr_code(struct dpp_global *dpp, struct dpp_bootstrap_info *bi); int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, const struct hostapd_ip_addr *addr, int port, - const char *name); + const char *name, enum dpp_netrole netrole); struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi); struct dpp_global_config { diff --git a/src/common/dpp_tcp.c b/src/common/dpp_tcp.c index 83aff1ca9..97b015d67 100644 --- a/src/common/dpp_tcp.c +++ b/src/common/dpp_tcp.c @@ -41,6 +41,7 @@ struct dpp_connection { unsigned int gas_comeback_in_progress:1; u8 gas_dialog_token; char *name; + enum dpp_netrole netrole; }; /* Remote Controller */ @@ -257,11 +258,11 @@ static void dpp_controller_start_gas_client(struct dpp_connection *conn) { struct dpp_authentication *auth = conn->auth; struct wpabuf *buf; - int netrole_ap = 0; /* TODO: make this configurable */ const char *dpp_name; dpp_name = conn->name ? conn->name : "Test"; - buf = dpp_build_conf_req_helper(auth, dpp_name, netrole_ap, NULL, NULL); + buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole, NULL, + NULL); if (!buf) { wpa_printf(MSG_DEBUG, "DPP: No configuration request data available"); @@ -1530,7 +1531,8 @@ fail: int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, - const struct hostapd_ip_addr *addr, int port, const char *name) + const struct hostapd_ip_addr *addr, int port, const char *name, + enum dpp_netrole netrole) { struct dpp_connection *conn; struct sockaddr_storage saddr; @@ -1553,6 +1555,7 @@ int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, } conn->name = os_strdup(name ? name : "Test"); + conn->netrole = netrole; conn->global = dpp; conn->auth = auth; conn->sock = socket(AF_INET, SOCK_STREAM, 0); diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index 6dc0002eb..43dcaae05 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -836,7 +836,7 @@ int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) #ifdef CONFIG_DPP2 if (tcp) return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port, - wpa_s->conf->dpp_name); + wpa_s->conf->dpp_name, DPP_NETROLE_STA); #endif /* CONFIG_DPP2 */ wpa_s->dpp_auth = auth;