From 7404574458f814c64ebba2a6693eac9ab167f40b Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 12 Dec 2019 02:17:31 +0200 Subject: [PATCH] DPP: Replace ap boolean with netRole enum in Configurator params The netRole enum is more generic and can be extended to include new roles (e.g., Configurator) more easily. Signed-off-by: Jouni Malinen --- src/ap/dpp_hostapd.c | 3 +- src/common/dpp.c | 51 +++++++++++++++++++------------ src/common/dpp.h | 3 +- wpa_supplicant/dpp_supplicant.c | 12 ++++++-- wpa_supplicant/wpa_supplicant_i.h | 2 +- 5 files changed, 45 insertions(+), 26 deletions(-) diff --git a/src/ap/dpp_hostapd.c b/src/ap/dpp_hostapd.c index 64158fc7e..1a3a815cb 100644 --- a/src/ap/dpp_hostapd.c +++ b/src/ap/dpp_hostapd.c @@ -787,7 +787,8 @@ static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd) struct wpabuf *buf; int res; - buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name, 1, + buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name, + DPP_NETROLE_AP, hapd->conf->dpp_mud_url, NULL); if (!buf) { wpa_printf(MSG_DEBUG, diff --git a/src/common/dpp.c b/src/common/dpp.c index 834fae0e0..00708a822 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -33,6 +33,8 @@ #include "dpp.h" +static const char * dpp_netrole_str(enum dpp_netrole netrole); + #ifdef CONFIG_TESTING_OPTIONS enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED; u8 dpp_pkex_own_mac_override[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; @@ -2531,7 +2533,8 @@ struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, - const char *name, int netrole_ap, + const char *name, + enum dpp_netrole netrole, const char *mud_url, int *opclasses) { size_t len, name_len; @@ -2566,7 +2569,7 @@ struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, json_value_sep(json); json_add_string(json, "wi-fi_tech", tech); json_value_sep(json); - json_add_string(json, "netRole", netrole_ap ? "ap" : "sta"); + json_add_string(json, "netRole", dpp_netrole_str(netrole)); if (mud_url && mud_url[0]) { json_value_sep(json); json_add_string(json, "mudurl", mud_url); @@ -5012,9 +5015,10 @@ dpp_build_conf_obj_legacy(struct dpp_authentication *auth, static struct wpabuf * -dpp_build_conf_obj(struct dpp_authentication *auth, int ap, int idx) +dpp_build_conf_obj(struct dpp_authentication *auth, enum dpp_netrole netrole, + int idx) { - struct dpp_configuration *conf; + struct dpp_configuration *conf = NULL; #ifdef CONFIG_TESTING_OPTIONS if (auth->config_obj_override) { @@ -5026,17 +5030,22 @@ dpp_build_conf_obj(struct dpp_authentication *auth, int ap, int idx) } #endif /* CONFIG_TESTING_OPTIONS */ - if (idx == 0) - conf = ap ? auth->conf_ap : auth->conf_sta; - else if (idx == 1) - conf = ap ? auth->conf2_ap : auth->conf2_sta; - else - conf = NULL; + if (idx == 0) { + if (netrole == DPP_NETROLE_STA) + conf = auth->conf_sta; + else if (netrole == DPP_NETROLE_AP) + conf = auth->conf_ap; + } else if (idx == 1) { + if (netrole == DPP_NETROLE_STA) + conf = auth->conf2_sta; + else if (netrole == DPP_NETROLE_AP) + conf = auth->conf2_ap; + } if (!conf) { if (idx == 0) wpa_printf(MSG_DEBUG, "DPP: No configuration available for Enrollee(%s) - reject configuration request", - ap ? "ap" : "sta"); + dpp_netrole_str(netrole)); return NULL; } @@ -5048,7 +5057,7 @@ dpp_build_conf_obj(struct dpp_authentication *auth, int ap, int idx) static struct wpabuf * dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce, - u16 e_nonce_len, int ap) + u16 e_nonce_len, enum dpp_netrole netrole) { struct wpabuf *conf, *conf2 = NULL; size_t clear_len, attr_len; @@ -5058,11 +5067,11 @@ dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce, size_t len[1]; enum dpp_status_error status; - conf = dpp_build_conf_obj(auth, ap, 0); + conf = dpp_build_conf_obj(auth, netrole, 0); if (conf) { wpa_hexdump_ascii(MSG_DEBUG, "DPP: configurationObject JSON", wpabuf_head(conf), wpabuf_len(conf)); - conf2 = dpp_build_conf_obj(auth, ap, 1); + conf2 = dpp_build_conf_obj(auth, netrole, 1); } status = conf ? DPP_STATUS_OK : DPP_STATUS_CONFIGURE_FAILURE; auth->conf_resp_status = status; @@ -5073,7 +5082,8 @@ dpp_build_conf_resp(struct dpp_authentication *auth, const u8 *e_nonce, clear_len += 4 + wpabuf_len(conf); if (conf2) clear_len += 4 + wpabuf_len(conf2); - if (auth->peer_version >= 2 && auth->send_conn_status && !ap) + if (auth->peer_version >= 2 && auth->send_conn_status && + netrole == DPP_NETROLE_STA) clear_len += 4; clear = wpabuf_alloc(clear_len); attr_len = 4 + 1 + 4 + clear_len + AES_BLOCK_SIZE; @@ -5131,7 +5141,8 @@ skip_e_nonce: "DPP: Second Config Object available, but peer does not support more than one"); } - if (auth->peer_version >= 2 && auth->send_conn_status && !ap) { + if (auth->peer_version >= 2 && auth->send_conn_status && + netrole == DPP_NETROLE_STA) { wpa_printf(MSG_DEBUG, "DPP: sendConnStatus"); wpabuf_put_le16(clear, DPP_ATTR_SEND_CONN_STATUS); wpabuf_put_le16(clear, 0); @@ -5205,7 +5216,7 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, size_t unwrapped_len = 0; struct wpabuf *resp = NULL; struct json_token *root = NULL, *token; - int ap; + enum dpp_netrole netrole; #ifdef CONFIG_TESTING_OPTIONS if (dpp_test == DPP_TEST_STOP_AT_CONF_REQ) { @@ -5303,9 +5314,9 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, } wpa_printf(MSG_DEBUG, "DPP: netRole = '%s'", token->string); if (os_strcmp(token->string, "sta") == 0) { - ap = 0; + netrole = DPP_NETROLE_STA; } else if (os_strcmp(token->string, "ap") == 0) { - ap = 1; + netrole = DPP_NETROLE_AP; } else { wpa_printf(MSG_DEBUG, "DPP: Unsupported netRole '%s'", token->string); @@ -5333,7 +5344,7 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start, } } - resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, ap); + resp = dpp_build_conf_resp(auth, e_nonce, e_nonce_len, netrole); fail: json_free(root); diff --git a/src/common/dpp.h b/src/common/dpp.h index 7d14e76d3..437dd9524 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -437,7 +437,8 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr, struct wpabuf * dpp_build_conf_req(struct dpp_authentication *auth, const char *json); struct wpabuf * dpp_build_conf_req_helper(struct dpp_authentication *auth, - const char *name, int netrole_ap, + const char *name, + enum dpp_netrole netrole, const char *mud_url, int *opclasses); int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr, const u8 *attr_start, size_t attr_len); diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c index 80d2c9ce7..4638351c0 100644 --- a/wpa_supplicant/dpp_supplicant.c +++ b/wpa_supplicant/dpp_supplicant.c @@ -678,7 +678,10 @@ int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) pos = os_strstr(cmd, " netrole="); if (pos) { pos += 9; - wpa_s->dpp_netrole_ap = os_strncmp(pos, "ap", 2) == 0; + if (os_strncmp(pos, "ap", 2) == 0) + wpa_s->dpp_netrole = DPP_NETROLE_AP; + else + wpa_s->dpp_netrole = DPP_NETROLE_STA; } pos = os_strstr(cmd, " neg_freq="); @@ -830,7 +833,10 @@ int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd) wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE; wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; - wpa_s->dpp_netrole_ap = os_strstr(cmd, " netrole=ap") != NULL; + if (os_strstr(cmd, " netrole=ap")) + wpa_s->dpp_netrole = DPP_NETROLE_AP; + else + wpa_s->dpp_netrole = DPP_NETROLE_STA; if (wpa_s->dpp_listen_freq == (unsigned int) freq) { wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz", freq); @@ -1296,7 +1302,7 @@ static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s) supp_op_classes = wpas_supp_op_classes(wpa_s); buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name, - wpa_s->dpp_netrole_ap, + wpa_s->dpp_netrole, wpa_s->conf->dpp_mud_url, supp_op_classes); os_free(supp_op_classes); diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index 4a958ac20..db46c02ce 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -1230,7 +1230,7 @@ struct wpa_supplicant { unsigned int dpp_listen_freq; u8 dpp_allowed_roles; int dpp_qr_mutual; - int dpp_netrole_ap; + int dpp_netrole; int dpp_auth_ok_on_ack; int dpp_in_response_listen; int dpp_gas_client;