HS 2.0: Add a new cred block parameter roaming_consortiums
This new string parameter contains a comma delimited list of OIs (hexdump) in a string. This is used to store Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI. This commit includes the configuration changes to parse and write the parameter. The actual values are not yet used in Interworking network selection. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
9b6f93e4d6
commit
909a948b0f
5 changed files with 144 additions and 0 deletions
|
@ -202,6 +202,15 @@ Credentials can be pre-configured for automatic network selection:
|
||||||
# Roaming Consortium OI that is required to be advertised by the AP for
|
# Roaming Consortium OI that is required to be advertised by the AP for
|
||||||
# the credential to be considered matching.
|
# the credential to be considered matching.
|
||||||
#
|
#
|
||||||
|
# roaming_consortiums: Roaming Consortium OI(s) memberships
|
||||||
|
# This string field contains one or more comma delimited OIs (hexdump)
|
||||||
|
# identifying the roaming consortiums of which the provider is a member.
|
||||||
|
# The list is sorted from the most preferred one to the least preferred
|
||||||
|
# one. A match between the Roaming Consortium OIs advertised by an AP and
|
||||||
|
# the OIs in this list indicates that successful authentication is
|
||||||
|
# possible.
|
||||||
|
# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
|
||||||
|
#
|
||||||
# eap: Pre-configured EAP method
|
# eap: Pre-configured EAP method
|
||||||
# This optional field can be used to specify which EAP method will be
|
# This optional field can be used to specify which EAP method will be
|
||||||
# used with this credential. If not set, the EAP method is selected
|
# used with this credential. If not set, the EAP method is selected
|
||||||
|
@ -300,6 +309,7 @@ Credentials can be pre-configured for automatic network selection:
|
||||||
# ca_cert="/etc/wpa_supplicant/ca.pem"
|
# ca_cert="/etc/wpa_supplicant/ca.pem"
|
||||||
# domain="example.com"
|
# domain="example.com"
|
||||||
# roaming_consortium=223344
|
# roaming_consortium=223344
|
||||||
|
# roaming_consortiums="112233,4455667788,aabbcc"
|
||||||
# eap=TTLS
|
# eap=TTLS
|
||||||
# phase2="auth=MSCHAPV2"
|
# phase2="auth=MSCHAPV2"
|
||||||
#}
|
#}
|
||||||
|
|
|
@ -3104,11 +3104,62 @@ static int wpa_config_set_cred_req_conn_capab(struct wpa_cred *cred,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int wpa_config_set_cred_roaming_consortiums(struct wpa_cred *cred,
|
||||||
|
const char *value)
|
||||||
|
{
|
||||||
|
u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN];
|
||||||
|
size_t roaming_consortiums_len[MAX_ROAMING_CONS];
|
||||||
|
unsigned int num_roaming_consortiums = 0;
|
||||||
|
const char *pos, *end;
|
||||||
|
size_t len;
|
||||||
|
|
||||||
|
os_memset(roaming_consortiums, 0, sizeof(roaming_consortiums));
|
||||||
|
os_memset(roaming_consortiums_len, 0, sizeof(roaming_consortiums_len));
|
||||||
|
|
||||||
|
for (pos = value;;) {
|
||||||
|
end = os_strchr(pos, ',');
|
||||||
|
len = end ? (size_t) (end - pos) : os_strlen(pos);
|
||||||
|
if (!end && len == 0)
|
||||||
|
break;
|
||||||
|
if (len == 0 || (len & 1) != 0 ||
|
||||||
|
len / 2 > MAX_ROAMING_CONS_OI_LEN ||
|
||||||
|
hexstr2bin(pos,
|
||||||
|
roaming_consortiums[num_roaming_consortiums],
|
||||||
|
len / 2) < 0) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"Invalid roaming_consortiums entry: %s",
|
||||||
|
pos);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
roaming_consortiums_len[num_roaming_consortiums] = len / 2;
|
||||||
|
num_roaming_consortiums++;
|
||||||
|
if (num_roaming_consortiums > MAX_ROAMING_CONS) {
|
||||||
|
wpa_printf(MSG_INFO,
|
||||||
|
"Too many roaming_consortiums OIs");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!end)
|
||||||
|
break;
|
||||||
|
pos = end + 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
os_memcpy(cred->roaming_consortiums, roaming_consortiums,
|
||||||
|
sizeof(roaming_consortiums));
|
||||||
|
os_memcpy(cred->roaming_consortiums_len, roaming_consortiums_len,
|
||||||
|
sizeof(roaming_consortiums_len));
|
||||||
|
cred->num_roaming_consortiums = num_roaming_consortiums;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
|
int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
|
||||||
const char *value, int line)
|
const char *value, int line)
|
||||||
{
|
{
|
||||||
char *val;
|
char *val;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
int res;
|
||||||
|
|
||||||
if (os_strcmp(var, "temporary") == 0) {
|
if (os_strcmp(var, "temporary") == 0) {
|
||||||
cred->temporary = atoi(value);
|
cred->temporary = atoi(value);
|
||||||
|
@ -3331,6 +3382,16 @@ int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (os_strcmp(var, "roaming_consortiums") == 0) {
|
||||||
|
res = wpa_config_set_cred_roaming_consortiums(cred, val);
|
||||||
|
if (res < 0)
|
||||||
|
wpa_printf(MSG_ERROR,
|
||||||
|
"Line %d: invalid roaming_consortiums",
|
||||||
|
line);
|
||||||
|
os_free(val);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
if (os_strcmp(var, "excluded_ssid") == 0) {
|
if (os_strcmp(var, "excluded_ssid") == 0) {
|
||||||
struct excluded_ssid *e;
|
struct excluded_ssid *e;
|
||||||
|
|
||||||
|
@ -3642,6 +3703,31 @@ char * wpa_config_get_cred_no_key(struct wpa_cred *cred, const char *var)
|
||||||
return buf;
|
return buf;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (os_strcmp(var, "roaming_consortiums") == 0) {
|
||||||
|
size_t buflen;
|
||||||
|
char *buf, *pos;
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
if (!cred->num_roaming_consortiums)
|
||||||
|
return NULL;
|
||||||
|
buflen = cred->num_roaming_consortiums *
|
||||||
|
MAX_ROAMING_CONS_OI_LEN * 2 + 1;
|
||||||
|
buf = os_malloc(buflen);
|
||||||
|
if (!buf)
|
||||||
|
return NULL;
|
||||||
|
pos = buf;
|
||||||
|
for (i = 0; i < cred->num_roaming_consortiums; i++) {
|
||||||
|
if (i > 0)
|
||||||
|
*pos++ = ',';
|
||||||
|
pos += wpa_snprintf_hex(
|
||||||
|
pos, buf + buflen - pos,
|
||||||
|
cred->roaming_consortiums[i],
|
||||||
|
cred->roaming_consortiums_len[i]);
|
||||||
|
}
|
||||||
|
*pos = '\0';
|
||||||
|
return buf;
|
||||||
|
}
|
||||||
|
|
||||||
if (os_strcmp(var, "excluded_ssid") == 0) {
|
if (os_strcmp(var, "excluded_ssid") == 0) {
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
char *buf, *end, *pos;
|
char *buf, *end, *pos;
|
||||||
|
|
|
@ -51,6 +51,9 @@
|
||||||
#include "common/ieee802_11_common.h"
|
#include "common/ieee802_11_common.h"
|
||||||
|
|
||||||
|
|
||||||
|
#define MAX_ROAMING_CONS 36
|
||||||
|
#define MAX_ROAMING_CONS_OI_LEN 15
|
||||||
|
|
||||||
struct wpa_cred {
|
struct wpa_cred {
|
||||||
/**
|
/**
|
||||||
* next - Next credential in the list
|
* next - Next credential in the list
|
||||||
|
@ -239,6 +242,28 @@ struct wpa_cred {
|
||||||
*/
|
*/
|
||||||
size_t required_roaming_consortium_len;
|
size_t required_roaming_consortium_len;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* roaming_consortiums - Roaming Consortium OI(s) memberships
|
||||||
|
*
|
||||||
|
* This field contains one or more OIs identifying the roaming
|
||||||
|
* consortiums of which the provider is a member. The list is sorted
|
||||||
|
* from the most preferred one to the least preferred one. A match
|
||||||
|
* between the Roaming Consortium OIs advertised by an AP and the OIs
|
||||||
|
* in this list indicates that successful authentication is possible.
|
||||||
|
* (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
|
||||||
|
*/
|
||||||
|
u8 roaming_consortiums[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* roaming_consortiums_len - Length on roaming_consortiums[i]
|
||||||
|
*/
|
||||||
|
size_t roaming_consortiums_len[MAX_ROAMING_CONS];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* num_roaming_consortiums - Number of entries in roaming_consortiums
|
||||||
|
*/
|
||||||
|
unsigned int num_roaming_consortiums;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* eap_method - EAP method to use
|
* eap_method - EAP method to use
|
||||||
*
|
*
|
||||||
|
|
|
@ -1039,6 +1039,20 @@ static void wpa_config_write_cred(FILE *f, struct wpa_cred *cred)
|
||||||
fprintf(f, "\n");
|
fprintf(f, "\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (cred->num_roaming_consortiums) {
|
||||||
|
size_t j;
|
||||||
|
|
||||||
|
fprintf(f, "\troaming_consortiums=\"");
|
||||||
|
for (i = 0; i < cred->num_roaming_consortiums; i++) {
|
||||||
|
if (i > 0)
|
||||||
|
fprintf(f, ",");
|
||||||
|
for (j = 0; j < cred->roaming_consortiums_len[i]; j++)
|
||||||
|
fprintf(f, "%02x",
|
||||||
|
cred->roaming_consortiums[i][j]);
|
||||||
|
}
|
||||||
|
fprintf(f, "\"\n");
|
||||||
|
}
|
||||||
|
|
||||||
if (cred->sim_num != DEFAULT_USER_SELECTED_SIM)
|
if (cred->sim_num != DEFAULT_USER_SELECTED_SIM)
|
||||||
fprintf(f, "\tsim_num=%d\n", cred->sim_num);
|
fprintf(f, "\tsim_num=%d\n", cred->sim_num);
|
||||||
}
|
}
|
||||||
|
|
|
@ -602,6 +602,15 @@ fast_reauth=1
|
||||||
# Roaming Consortium OI that is required to be advertised by the AP for
|
# Roaming Consortium OI that is required to be advertised by the AP for
|
||||||
# the credential to be considered matching.
|
# the credential to be considered matching.
|
||||||
#
|
#
|
||||||
|
# roaming_consortiums: Roaming Consortium OI(s) memberships
|
||||||
|
# This string field contains one or more comma delimited OIs (hexdump)
|
||||||
|
# identifying the roaming consortiums of which the provider is a member.
|
||||||
|
# The list is sorted from the most preferred one to the least preferred
|
||||||
|
# one. A match between the Roaming Consortium OIs advertised by an AP and
|
||||||
|
# the OIs in this list indicates that successful authentication is
|
||||||
|
# possible.
|
||||||
|
# (Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI)
|
||||||
|
#
|
||||||
# eap: Pre-configured EAP method
|
# eap: Pre-configured EAP method
|
||||||
# This optional field can be used to specify which EAP method will be
|
# This optional field can be used to specify which EAP method will be
|
||||||
# used with this credential. If not set, the EAP method is selected
|
# used with this credential. If not set, the EAP method is selected
|
||||||
|
|
Loading…
Reference in a new issue