DPP2: hostapd/AP as Enrollee/Initiator over TCP

Extend DPP support in hostapd to allow AP Enrollee role when initiating
the exchange using TCP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2020-08-14 16:44:38 +03:00 committed by Jouni Malinen
parent d21dde9dac
commit 6aa7aa8089
4 changed files with 53 additions and 19 deletions

View file

@ -490,8 +490,15 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd)
{ {
const char *pos; const char *pos;
struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; struct dpp_bootstrap_info *peer_bi, *own_bi = NULL;
struct dpp_authentication *auth;
u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
unsigned int neg_freq = 0; unsigned int neg_freq = 0;
int tcp = 0;
#ifdef CONFIG_DPP2
int tcp_port = DPP_TCP_PORT;
struct hostapd_ip_addr ipaddr;
char *addr;
#endif /* CONFIG_DPP2 */
pos = os_strstr(cmd, " peer="); pos = os_strstr(cmd, " peer=");
if (!pos) if (!pos)
@ -504,6 +511,25 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd)
return -1; return -1;
} }
#ifdef CONFIG_DPP2
pos = os_strstr(cmd, " tcp_port=");
if (pos) {
pos += 10;
tcp_port = atoi(pos);
}
addr = get_param(cmd, " tcp_addr=");
if (addr) {
int res;
res = hostapd_parse_ip_addr(addr, &ipaddr);
os_free(addr);
if (res)
return -1;
tcp = 1;
}
#endif /* CONFIG_DPP2 */
pos = os_strstr(cmd, " own="); pos = os_strstr(cmd, " own=");
if (pos) { if (pos) {
pos += 5; pos += 5;
@ -541,7 +567,7 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd)
if (pos) if (pos)
neg_freq = atoi(pos + 10); neg_freq = atoi(pos + 10);
if (hapd->dpp_auth) { if (!tcp && hapd->dpp_auth) {
eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL);
eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout,
hapd, NULL); hapd, NULL);
@ -555,26 +581,31 @@ int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd)
dpp_auth_deinit(hapd->dpp_auth); dpp_auth_deinit(hapd->dpp_auth);
} }
hapd->dpp_auth = dpp_auth_init(hapd->iface->interfaces->dpp, auth = dpp_auth_init(hapd->iface->interfaces->dpp, hapd->msg_ctx,
hapd->msg_ctx, peer_bi, own_bi, peer_bi, own_bi, allowed_roles, neg_freq,
allowed_roles, neg_freq, hapd->iface->hw_features,
hapd->iface->hw_features, hapd->iface->num_hw_features);
hapd->iface->num_hw_features); if (!auth)
if (!hapd->dpp_auth)
goto fail; goto fail;
hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); hostapd_dpp_set_testing_options(hapd, auth);
if (dpp_set_configurator(hapd->dpp_auth, cmd) < 0) { if (dpp_set_configurator(auth, cmd) < 0) {
dpp_auth_deinit(hapd->dpp_auth); dpp_auth_deinit(auth);
hapd->dpp_auth = NULL;
goto fail; goto fail;
} }
hapd->dpp_auth->neg_freq = neg_freq; auth->neg_freq = neg_freq;
if (!is_zero_ether_addr(peer_bi->mac_addr)) if (!is_zero_ether_addr(peer_bi->mac_addr))
os_memcpy(hapd->dpp_auth->peer_mac_addr, peer_bi->mac_addr, os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN);
ETH_ALEN);
#ifdef CONFIG_DPP2
if (tcp)
return dpp_tcp_init(hapd->iface->interfaces->dpp, auth,
&ipaddr, tcp_port, hapd->conf->dpp_name,
DPP_NETROLE_AP);
#endif /* CONFIG_DPP2 */
hapd->dpp_auth = auth;
return hostapd_dpp_auth_init_next(hapd); return hostapd_dpp_auth_init_next(hapd);
fail: fail:
return -1; return -1;

View file

@ -673,7 +673,7 @@ void dpp_controller_new_qr_code(struct dpp_global *dpp,
struct dpp_bootstrap_info *bi); struct dpp_bootstrap_info *bi);
int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
const struct hostapd_ip_addr *addr, int port, const struct hostapd_ip_addr *addr, int port,
const char *name); const char *name, enum dpp_netrole netrole);
struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi); struct wpabuf * dpp_build_presence_announcement(struct dpp_bootstrap_info *bi);
struct dpp_global_config { struct dpp_global_config {

View file

@ -41,6 +41,7 @@ struct dpp_connection {
unsigned int gas_comeback_in_progress:1; unsigned int gas_comeback_in_progress:1;
u8 gas_dialog_token; u8 gas_dialog_token;
char *name; char *name;
enum dpp_netrole netrole;
}; };
/* Remote Controller */ /* Remote Controller */
@ -257,11 +258,11 @@ static void dpp_controller_start_gas_client(struct dpp_connection *conn)
{ {
struct dpp_authentication *auth = conn->auth; struct dpp_authentication *auth = conn->auth;
struct wpabuf *buf; struct wpabuf *buf;
int netrole_ap = 0; /* TODO: make this configurable */
const char *dpp_name; const char *dpp_name;
dpp_name = conn->name ? conn->name : "Test"; dpp_name = conn->name ? conn->name : "Test";
buf = dpp_build_conf_req_helper(auth, dpp_name, netrole_ap, NULL, NULL); buf = dpp_build_conf_req_helper(auth, dpp_name, conn->netrole, NULL,
NULL);
if (!buf) { if (!buf) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"DPP: No configuration request data available"); "DPP: No configuration request data available");
@ -1530,7 +1531,8 @@ fail:
int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth, int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
const struct hostapd_ip_addr *addr, int port, const char *name) const struct hostapd_ip_addr *addr, int port, const char *name,
enum dpp_netrole netrole)
{ {
struct dpp_connection *conn; struct dpp_connection *conn;
struct sockaddr_storage saddr; struct sockaddr_storage saddr;
@ -1553,6 +1555,7 @@ int dpp_tcp_init(struct dpp_global *dpp, struct dpp_authentication *auth,
} }
conn->name = os_strdup(name ? name : "Test"); conn->name = os_strdup(name ? name : "Test");
conn->netrole = netrole;
conn->global = dpp; conn->global = dpp;
conn->auth = auth; conn->auth = auth;
conn->sock = socket(AF_INET, SOCK_STREAM, 0); conn->sock = socket(AF_INET, SOCK_STREAM, 0);

View file

@ -836,7 +836,7 @@ int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
#ifdef CONFIG_DPP2 #ifdef CONFIG_DPP2
if (tcp) if (tcp)
return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port, return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
wpa_s->conf->dpp_name); wpa_s->conf->dpp_name, DPP_NETROLE_STA);
#endif /* CONFIG_DPP2 */ #endif /* CONFIG_DPP2 */
wpa_s->dpp_auth = auth; wpa_s->dpp_auth = auth;