1 /*
2 * Hotspot 2.0 AP ANQP processing
3 * Copyright (c) 2009, Atheros Communications, Inc.
4 * Copyright (c) 2011-2013, Qualcomm Atheros, Inc.
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "includes.h"
11
12 #include "common.h"
13 #include "common/ieee802_11_defs.h"
14 #include "common/wpa_ctrl.h"
15 #include "hostapd.h"
16 #include "ap_config.h"
17 #include "ap_drv_ops.h"
18 #include "sta_info.h"
19 #include "hs20.h"
20
21
hostapd_eid_hs20_indication(struct hostapd_data * hapd,u8 * eid)22 u8 * hostapd_eid_hs20_indication(struct hostapd_data *hapd, u8 *eid)
23 {
24 u8 conf;
25 if (!hapd->conf->hs20)
26 return eid;
27 *eid++ = WLAN_EID_VENDOR_SPECIFIC;
28 *eid++ = hapd->conf->hs20_release < 2 ? 5 : 7;
29 WPA_PUT_BE24(eid, OUI_WFA);
30 eid += 3;
31 *eid++ = HS20_INDICATION_OUI_TYPE;
32 conf = (hapd->conf->hs20_release - 1) << 4; /* Release Number */
33 if (hapd->conf->hs20_release >= 2)
34 conf |= HS20_ANQP_DOMAIN_ID_PRESENT;
35 if (hapd->conf->disable_dgaf)
36 conf |= HS20_DGAF_DISABLED;
37 *eid++ = conf;
38 if (hapd->conf->hs20_release >= 2) {
39 WPA_PUT_LE16(eid, hapd->conf->anqp_domain_id);
40 eid += 2;
41 }
42
43 return eid;
44 }
45
46
hostapd_eid_osen(struct hostapd_data * hapd,u8 * eid)47 u8 * hostapd_eid_osen(struct hostapd_data *hapd, u8 *eid)
48 {
49 u8 *len;
50 u16 capab;
51
52 if (!hapd->conf->osen)
53 return eid;
54
55 *eid++ = WLAN_EID_VENDOR_SPECIFIC;
56 len = eid++; /* to be filled */
57 WPA_PUT_BE24(eid, OUI_WFA);
58 eid += 3;
59 *eid++ = HS20_OSEN_OUI_TYPE;
60
61 /* Group Data Cipher Suite */
62 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
63 eid += RSN_SELECTOR_LEN;
64
65 /* Pairwise Cipher Suite Count and List */
66 WPA_PUT_LE16(eid, 1);
67 eid += 2;
68 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_CCMP);
69 eid += RSN_SELECTOR_LEN;
70
71 /* AKM Suite Count and List */
72 WPA_PUT_LE16(eid, 1);
73 eid += 2;
74 RSN_SELECTOR_PUT(eid, RSN_AUTH_KEY_MGMT_OSEN);
75 eid += RSN_SELECTOR_LEN;
76
77 /* RSN Capabilities */
78 capab = 0;
79 if (hapd->conf->wmm_enabled) {
80 /* 4 PTKSA replay counters when using WMM */
81 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
82 }
83 if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
84 capab |= WPA_CAPABILITY_MFPC;
85 if (hapd->conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
86 capab |= WPA_CAPABILITY_MFPR;
87 }
88 #ifdef CONFIG_OCV
89 if (hapd->conf->ocv)
90 capab |= WPA_CAPABILITY_OCVC;
91 #endif /* CONFIG_OCV */
92 WPA_PUT_LE16(eid, capab);
93 eid += 2;
94
95 *len = eid - len - 1;
96
97 return eid;
98 }
99
100
hs20_send_wnm_notification(struct hostapd_data * hapd,const u8 * addr,u8 osu_method,const char * url)101 int hs20_send_wnm_notification(struct hostapd_data *hapd, const u8 *addr,
102 u8 osu_method, const char *url)
103 {
104 struct wpabuf *buf;
105 size_t len = 0;
106 int ret;
107
108 /* TODO: should refuse to send notification if the STA is not associated
109 * or if the STA did not indicate support for WNM-Notification */
110
111 if (url) {
112 len = 1 + os_strlen(url);
113 if (5 + len > 255) {
114 wpa_printf(MSG_INFO, "HS 2.0: Too long URL for "
115 "WNM-Notification: '%s'", url);
116 return -1;
117 }
118 }
119
120 buf = wpabuf_alloc(4 + 7 + len);
121 if (buf == NULL)
122 return -1;
123
124 wpabuf_put_u8(buf, WLAN_ACTION_WNM);
125 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ);
126 wpabuf_put_u8(buf, 1); /* Dialog token */
127 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */
128
129 /* Subscription Remediation subelement */
130 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
131 wpabuf_put_u8(buf, 5 + len);
132 wpabuf_put_be24(buf, OUI_WFA);
133 wpabuf_put_u8(buf, HS20_WNM_SUB_REM_NEEDED);
134 if (url) {
135 wpabuf_put_u8(buf, len - 1);
136 wpabuf_put_data(buf, url, len - 1);
137 wpabuf_put_u8(buf, osu_method);
138 } else {
139 /* Server URL and Server Method fields not included */
140 wpabuf_put_u8(buf, 0);
141 }
142
143 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
144 wpabuf_head(buf), wpabuf_len(buf));
145
146 wpabuf_free(buf);
147
148 return ret;
149 }
150
151
hs20_send_wnm_notification_deauth_req(struct hostapd_data * hapd,const u8 * addr,const struct wpabuf * payload)152 int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd,
153 const u8 *addr,
154 const struct wpabuf *payload)
155 {
156 struct wpabuf *buf;
157 int ret;
158
159 /* TODO: should refuse to send notification if the STA is not associated
160 * or if the STA did not indicate support for WNM-Notification */
161
162 buf = wpabuf_alloc(4 + 6 + wpabuf_len(payload));
163 if (buf == NULL)
164 return -1;
165
166 wpabuf_put_u8(buf, WLAN_ACTION_WNM);
167 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ);
168 wpabuf_put_u8(buf, 1); /* Dialog token */
169 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */
170
171 /* Deauthentication Imminent Notice subelement */
172 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
173 wpabuf_put_u8(buf, 4 + wpabuf_len(payload));
174 wpabuf_put_be24(buf, OUI_WFA);
175 wpabuf_put_u8(buf, HS20_WNM_DEAUTH_IMMINENT_NOTICE);
176 wpabuf_put_buf(buf, payload);
177
178 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
179 wpabuf_head(buf), wpabuf_len(buf));
180
181 wpabuf_free(buf);
182
183 return ret;
184 }
185
186
hs20_send_wnm_notification_t_c(struct hostapd_data * hapd,const u8 * addr,const char * url)187 int hs20_send_wnm_notification_t_c(struct hostapd_data *hapd,
188 const u8 *addr, const char *url)
189 {
190 struct wpabuf *buf;
191 int ret;
192 size_t url_len;
193
194 if (!url) {
195 wpa_printf(MSG_INFO, "HS 2.0: No T&C Server URL available");
196 return -1;
197 }
198
199 url_len = os_strlen(url);
200 if (5 + url_len > 255) {
201 wpa_printf(MSG_INFO,
202 "HS 2.0: Too long T&C Server URL for WNM-Notification: '%s'",
203 url);
204 return -1;
205 }
206
207 buf = wpabuf_alloc(4 + 7 + url_len);
208 if (!buf)
209 return -1;
210
211 wpabuf_put_u8(buf, WLAN_ACTION_WNM);
212 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ);
213 wpabuf_put_u8(buf, 1); /* Dialog token */
214 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */
215
216 /* Terms and Conditions Acceptance subelement */
217 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
218 wpabuf_put_u8(buf, 4 + 1 + url_len);
219 wpabuf_put_be24(buf, OUI_WFA);
220 wpabuf_put_u8(buf, HS20_WNM_T_C_ACCEPTANCE);
221 wpabuf_put_u8(buf, url_len);
222 wpabuf_put_str(buf, url);
223
224 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
225 wpabuf_head(buf), wpabuf_len(buf));
226
227 wpabuf_free(buf);
228
229 return ret;
230 }
231
232
hs20_t_c_filtering(struct hostapd_data * hapd,struct sta_info * sta,int enabled)233 void hs20_t_c_filtering(struct hostapd_data *hapd, struct sta_info *sta,
234 int enabled)
235 {
236 if (enabled) {
237 wpa_printf(MSG_DEBUG,
238 "HS 2.0: Terms and Conditions filtering required for "
239 MACSTR, MAC2STR(sta->addr));
240 sta->hs20_t_c_filtering = 1;
241 /* TODO: Enable firewall filtering for the STA */
242 wpa_msg(hapd->msg_ctx, MSG_INFO, HS20_T_C_FILTERING_ADD MACSTR,
243 MAC2STR(sta->addr));
244 } else {
245 wpa_printf(MSG_DEBUG,
246 "HS 2.0: Terms and Conditions filtering not required for "
247 MACSTR, MAC2STR(sta->addr));
248 sta->hs20_t_c_filtering = 0;
249 /* TODO: Disable firewall filtering for the STA */
250 wpa_msg(hapd->msg_ctx, MSG_INFO,
251 HS20_T_C_FILTERING_REMOVE MACSTR, MAC2STR(sta->addr));
252 }
253 }
254