Commit graph

12 commits

Author SHA1 Message Date
Jouni Malinen
ba7d3fe920 HS 2.0: Record policy update into users table
This makes it easier to track whether a policy update has been
successfully completed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 19:00:37 +03:00
Jouni Malinen
4939e2bb97 HS 2.0: Rename PPS/Credential1 node to Cred01
This makes it a bit easier to use existing hardcoded PPS MO files for
testing purposes when the subscription remediation and policy update
operations target the same path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 18:07:37 +03:00
Jouni Malinen
950cafafb2 HS 2.0: Fix SubscriptionUpdate UpdateMethod value in OSU server
This node was modified long time ago to include "SPP-" prefix. Fix the
OSU server implementation to use the correct value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 18:00:02 +03:00
Jouni Malinen
55e5084d9e HS 2.0: OSU server test functionality for incorrect behavior (policy)
Extend test=<value> special incorrect behavior testing capabilities in
the OSU server to include the fingerprint of the policy update trust
root: test=corrupt_polupd_hash.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 17:57:39 +03:00
Jouni Malinen
a9574f0f99 HS 2.0: OSU server test functionality for incorrect behavior
Add a mechanism to allow special incorrect behavior to be requested from
OSU server by adding an optional parameter test=<value> to the initial
signup URL. This is for protocol testing purposes for the OSU client.

This commit adds two special behavior cases: corrupt_aaa_hash and
corrupt_subrem_hash. These can be used to generate PPS MO with invalid
CertSHA256Fingerprint values for AAAServerTrustRoot and
SubscriptionUpdate nodes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-17 19:08:12 +03:00
Jouni Malinen
cc5f797593 HS 2.0 server: Subscription remediation with user selected new password
Add support for user remediation to request a new password from the user
for username/password credentials that have been configured not use use
machine managed password.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
dd76afff65 HS 2.0 server: Do not perform subrem if not requested to
Instead of defaulting to machine remediation, reject a request to do
subscription remediation if that has not been configured to be required.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
cc6263ef60 HS 2.0 server: Store device MAC address into database
This is needed for tracking status of certificate enrollment cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-15 05:17:54 +03:00
Maneesh Jain
ea06a08f85 HS 2.0 server: Remove redundant NULL check
Both devinfo and devdetail are non-NULL here due to the earlier check
within the same function.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2016-10-28 19:08:32 +03:00
Ben Greear
8e31cd2cf6 OSU server: Improve logging for SPP schema validation failures
Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:25:32 +02:00
Sreenath S
6a6569b8bd HS 2.0R2: Add password to DB in case of machine managed subscription
Add password and machine_managed flag to database in case of machine
managed subscription to fix EAP-TTLS connection failure to production
AP. In case of user managed subscription, the entered password is added
to DB from the PHP script. However in machine managed subscription,
machine generated password is added only in SOAP messages and PPS MO. So
connection to production will fail as the generated password is not
present in the database used by AAA server.

Signed-off-by: Sreenath Sharma <sreenath.mailing.lists@gmail.com>
2015-02-01 22:21:01 +02:00
Jouni Malinen
0f27c20d8d HS 2.0R2: Add example OSU SPP server implementation
This is meant mainly for testing purposes and as a reference
implementation showing how OSU SPP server could be implemented. This is
not suitable for any real production use in its current form.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-31 12:25:17 +03:00