When filtering is successfully disabled at the end of the terms and
conditions acceptance sequence, add the "X-WFA-Hotspot20-Filtering:
remove" header line to the HTTP response.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Support SIM provisioning exchange with SPP. This uses the
hotspot2dot0-mobile-identifier-hash value from the AAA server to allow
subscription registration through subscription remediation exchange.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This adds support for the SPP server to request certificate reenrollment
and for the EST server to support the simplereenroll version.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
EAP-TLS users are not really using phase2, so do not require the
database to be set in a way that claim that inaccurately.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a mechanism to allow special incorrect behavior to be requested from
OSU server by adding an optional parameter test=<value> to the initial
signup URL. This is for protocol testing purposes for the OSU client.
This commit adds two special behavior cases: corrupt_aaa_hash and
corrupt_subrem_hash. These can be used to generate PPS MO with invalid
CertSHA256Fingerprint values for AAAServerTrustRoot and
SubscriptionUpdate nodes.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add support for user remediation to request a new password from the user
for username/password credentials that have been configured not use use
machine managed password.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Order the rows based on identity and use a bit smaller font for some of
the fields to make the table fit on the screen more easily.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It was possible for the wait loop to exit early due to the $row[0] == 1
check returning false if the database value was not yet set. Fix this by
updated the $waiting default value only if the database actually has a
value for this field.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use explode() instead of split() because split() has been removed from
PHP 7.0.0 and there is no need for using full regular expression here.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends the terms.php implementation of Hotspot 2.0 Terms and
Conditions server to allow it to interact with hostapd(AS) to clear the
filtering rules from the AP. After requesting hostapd to send out the
CoA-Request, terms.php waits for up to 10 seconds to see whether the
current_sessions table gets an update to indicate that filtering has
been successfully disabled.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add minimal Terms and Conditions server for testing purposes. This can
be used to test user interaction for Terms and Conditions acceptance.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is meant mainly for testing purposes and as a reference
implementation showing how OSU SPP server could be implemented. This is
not suitable for any real production use in its current form.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
