• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Hotspot 2.0 OSU client
3  * Copyright (c) 2012-2014, Qualcomm Atheros, Inc.
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "includes.h"
10 #include <time.h>
11 #include <sys/stat.h>
12 #ifdef ANDROID
13 #include "private/android_filesystem_config.h"
14 #endif /* ANDROID */
15 
16 #include "common.h"
17 #include "utils/browser.h"
18 #include "utils/base64.h"
19 #include "utils/xml-utils.h"
20 #include "utils/http-utils.h"
21 #include "common/wpa_ctrl.h"
22 #include "common/wpa_helpers.h"
23 #include "eap_common/eap_defs.h"
24 #include "crypto/crypto.h"
25 #include "crypto/sha256.h"
26 #include "osu_client.h"
27 
28 const char *spp_xsd_fname = "spp.xsd";
29 
30 
write_result(struct hs20_osu_client * ctx,const char * fmt,...)31 void write_result(struct hs20_osu_client *ctx, const char *fmt, ...)
32 {
33 	va_list ap;
34 	FILE *f;
35 	char buf[500];
36 
37 	va_start(ap, fmt);
38 	vsnprintf(buf, sizeof(buf), fmt, ap);
39 	va_end(ap);
40 	write_summary(ctx, "%s", buf);
41 
42 	if (!ctx->result_file)
43 		return;
44 
45 	f = fopen(ctx->result_file, "w");
46 	if (f == NULL)
47 		return;
48 
49 	va_start(ap, fmt);
50 	vfprintf(f, fmt, ap);
51 	va_end(ap);
52 	fprintf(f, "\n");
53 	fclose(f);
54 }
55 
56 
write_summary(struct hs20_osu_client * ctx,const char * fmt,...)57 void write_summary(struct hs20_osu_client *ctx, const char *fmt, ...)
58 {
59 	va_list ap;
60 	FILE *f;
61 
62 	if (!ctx->summary_file)
63 		return;
64 
65 	f = fopen(ctx->summary_file, "a");
66 	if (f == NULL)
67 		return;
68 
69 	va_start(ap, fmt);
70 	vfprintf(f, fmt, ap);
71 	va_end(ap);
72 	fprintf(f, "\n");
73 	fclose(f);
74 }
75 
76 
debug_dump_node(struct hs20_osu_client * ctx,const char * title,xml_node_t * node)77 void debug_dump_node(struct hs20_osu_client *ctx, const char *title,
78 		     xml_node_t *node)
79 {
80 	char *str = xml_node_to_str(ctx->xml, node);
81 	wpa_printf(MSG_DEBUG, "[hs20] %s: '%s'", title, str);
82 	free(str);
83 }
84 
85 
valid_fqdn(const char * fqdn)86 static int valid_fqdn(const char *fqdn)
87 {
88 	const char *pos;
89 
90 	/* TODO: could make this more complete.. */
91 	if (strchr(fqdn, '.') == 0 || strlen(fqdn) > 255)
92 		return 0;
93 	for (pos = fqdn; *pos; pos++) {
94 		if (*pos >= 'a' && *pos <= 'z')
95 			continue;
96 		if (*pos >= 'A' && *pos <= 'Z')
97 			continue;
98 		if (*pos >= '0' && *pos <= '9')
99 			continue;
100 		if (*pos == '-' || *pos == '.' || *pos == '_')
101 			continue;
102 		return 0;
103 	}
104 	return 1;
105 }
106 
107 
osu_get_certificate(struct hs20_osu_client * ctx,xml_node_t * getcert)108 int osu_get_certificate(struct hs20_osu_client *ctx, xml_node_t *getcert)
109 {
110 	xml_node_t *node;
111 	char *url, *user = NULL, *pw = NULL;
112 	char *proto;
113 	int ret = -1;
114 
115 	proto = xml_node_get_attr_value(ctx->xml, getcert,
116 					"enrollmentProtocol");
117 	if (!proto)
118 		return -1;
119 	wpa_printf(MSG_INFO, "getCertificate - enrollmentProtocol=%s", proto);
120 	write_summary(ctx, "getCertificate - enrollmentProtocol=%s", proto);
121 	if (os_strcasecmp(proto, "EST") != 0) {
122 		wpa_printf(MSG_INFO, "Unsupported enrollmentProtocol");
123 		xml_node_get_attr_value_free(ctx->xml, proto);
124 		return -1;
125 	}
126 	xml_node_get_attr_value_free(ctx->xml, proto);
127 
128 	node = get_node(ctx->xml, getcert, "enrollmentServerURI");
129 	if (node == NULL) {
130 		wpa_printf(MSG_INFO, "Could not find enrollmentServerURI node");
131 		xml_node_get_attr_value_free(ctx->xml, proto);
132 		return -1;
133 	}
134 	url = xml_node_get_text(ctx->xml, node);
135 	if (url == NULL) {
136 		wpa_printf(MSG_INFO, "Could not get URL text");
137 		return -1;
138 	}
139 	wpa_printf(MSG_INFO, "enrollmentServerURI: %s", url);
140 	write_summary(ctx, "enrollmentServerURI: %s", url);
141 
142 	node = get_node(ctx->xml, getcert, "estUserID");
143 	if (node == NULL && !ctx->client_cert_present) {
144 		wpa_printf(MSG_INFO, "Could not find estUserID node");
145 		goto fail;
146 	}
147 	if (node) {
148 		user = xml_node_get_text(ctx->xml, node);
149 		if (user == NULL) {
150 			wpa_printf(MSG_INFO, "Could not get estUserID text");
151 			goto fail;
152 		}
153 		wpa_printf(MSG_INFO, "estUserID: %s", user);
154 		write_summary(ctx, "estUserID: %s", user);
155 	}
156 
157 	node = get_node(ctx->xml, getcert, "estPassword");
158 	if (node == NULL && !ctx->client_cert_present) {
159 		wpa_printf(MSG_INFO, "Could not find estPassword node");
160 		goto fail;
161 	}
162 	if (node) {
163 		pw = xml_node_get_base64_text(ctx->xml, node, NULL);
164 		if (pw == NULL) {
165 			wpa_printf(MSG_INFO, "Could not get estPassword text");
166 			goto fail;
167 		}
168 		wpa_printf(MSG_INFO, "estPassword: %s", pw);
169 	}
170 
171 	mkdir("Cert", S_IRWXU);
172 	if (est_load_cacerts(ctx, url) < 0 ||
173 	    est_build_csr(ctx, url) < 0 ||
174 	    est_simple_enroll(ctx, url, user, pw) < 0)
175 		goto fail;
176 
177 	ret = 0;
178 fail:
179 	xml_node_get_text_free(ctx->xml, url);
180 	xml_node_get_text_free(ctx->xml, user);
181 	xml_node_get_text_free(ctx->xml, pw);
182 
183 	return ret;
184 }
185 
186 
process_est_cert(struct hs20_osu_client * ctx,xml_node_t * cert,const char * fqdn)187 static int process_est_cert(struct hs20_osu_client *ctx, xml_node_t *cert,
188 			    const char *fqdn)
189 {
190 	u8 digest1[SHA256_MAC_LEN], digest2[SHA256_MAC_LEN];
191 	char *der, *pem;
192 	size_t der_len, pem_len;
193 	char *fingerprint;
194 	char buf[200];
195 
196 	wpa_printf(MSG_INFO, "PPS for certificate credential - fqdn=%s", fqdn);
197 
198 	fingerprint = xml_node_get_text(ctx->xml, cert);
199 	if (fingerprint == NULL)
200 		return -1;
201 	if (hexstr2bin(fingerprint, digest1, SHA256_MAC_LEN) < 0) {
202 		wpa_printf(MSG_INFO, "Invalid SHA256 hash value");
203 		write_result(ctx, "Invalid client certificate SHA256 hash value in PPS");
204 		xml_node_get_text_free(ctx->xml, fingerprint);
205 		return -1;
206 	}
207 	xml_node_get_text_free(ctx->xml, fingerprint);
208 
209 	der = os_readfile("Cert/est_cert.der", &der_len);
210 	if (der == NULL) {
211 		wpa_printf(MSG_INFO, "Could not find client certificate from EST");
212 		write_result(ctx, "Could not find client certificate from EST");
213 		return -1;
214 	}
215 
216 	if (sha256_vector(1, (const u8 **) &der, &der_len, digest2) < 0) {
217 		os_free(der);
218 		return -1;
219 	}
220 	os_free(der);
221 
222 	if (os_memcmp(digest1, digest2, sizeof(digest1)) != 0) {
223 		wpa_printf(MSG_INFO, "Client certificate from EST does not match fingerprint from PPS MO");
224 		write_result(ctx, "Client certificate from EST does not match fingerprint from PPS MO");
225 		return -1;
226 	}
227 
228 	wpa_printf(MSG_INFO, "Client certificate from EST matches PPS MO");
229 	unlink("Cert/est_cert.der");
230 
231 	os_snprintf(buf, sizeof(buf), "SP/%s/client-ca.pem", fqdn);
232 	if (rename("Cert/est-cacerts.pem", buf) < 0) {
233 		wpa_printf(MSG_INFO, "Could not move est-cacerts.pem to client-ca.pem: %s",
234 			   strerror(errno));
235 		return -1;
236 	}
237 	pem = os_readfile(buf, &pem_len);
238 
239 	os_snprintf(buf, sizeof(buf), "SP/%s/client-cert.pem", fqdn);
240 	if (rename("Cert/est_cert.pem", buf) < 0) {
241 		wpa_printf(MSG_INFO, "Could not move est_cert.pem to client-cert.pem: %s",
242 			   strerror(errno));
243 		os_free(pem);
244 		return -1;
245 	}
246 
247 	if (pem) {
248 		FILE *f = fopen(buf, "a");
249 		if (f) {
250 			fwrite(pem, pem_len, 1, f);
251 			fclose(f);
252 		}
253 		os_free(pem);
254 	}
255 
256 	os_snprintf(buf, sizeof(buf), "SP/%s/client-key.pem", fqdn);
257 	if (rename("Cert/privkey-plain.pem", buf) < 0) {
258 		wpa_printf(MSG_INFO, "Could not move privkey-plain.pem to client-key.pem: %s",
259 			   strerror(errno));
260 		return -1;
261 	}
262 
263 	unlink("Cert/est-req.b64");
264 	unlink("Cert/est-req.pem");
265 	unlink("Cert/est-resp.raw");
266 	rmdir("Cert");
267 
268 	return 0;
269 }
270 
271 
272 #define TMP_CERT_DL_FILE "tmp-cert-download"
273 
download_cert(struct hs20_osu_client * ctx,xml_node_t * params,const char * fname)274 static int download_cert(struct hs20_osu_client *ctx, xml_node_t *params,
275 			 const char *fname)
276 {
277 	xml_node_t *url_node, *hash_node;
278 	char *url, *hash;
279 	char *cert;
280 	size_t len;
281 	u8 digest1[SHA256_MAC_LEN], digest2[SHA256_MAC_LEN];
282 	int res;
283 	unsigned char *b64;
284 	FILE *f;
285 
286 	url_node = get_node(ctx->xml, params, "CertURL");
287 	hash_node = get_node(ctx->xml, params, "CertSHA256Fingerprint");
288 	if (url_node == NULL || hash_node == NULL)
289 		return -1;
290 	url = xml_node_get_text(ctx->xml, url_node);
291 	hash = xml_node_get_text(ctx->xml, hash_node);
292 	if (url == NULL || hash == NULL) {
293 		xml_node_get_text_free(ctx->xml, url);
294 		xml_node_get_text_free(ctx->xml, hash);
295 		return -1;
296 	}
297 
298 	wpa_printf(MSG_INFO, "CertURL: %s", url);
299 	wpa_printf(MSG_INFO, "SHA256 hash: %s", hash);
300 
301 	if (hexstr2bin(hash, digest1, SHA256_MAC_LEN) < 0) {
302 		wpa_printf(MSG_INFO, "Invalid SHA256 hash value");
303 		write_result(ctx, "Invalid SHA256 hash value for downloaded certificate");
304 		xml_node_get_text_free(ctx->xml, hash);
305 		return -1;
306 	}
307 	xml_node_get_text_free(ctx->xml, hash);
308 
309 	write_summary(ctx, "Download certificate from %s", url);
310 	ctx->no_osu_cert_validation = 1;
311 	http_ocsp_set(ctx->http, 1);
312 	res = http_download_file(ctx->http, url, TMP_CERT_DL_FILE, NULL);
313 	http_ocsp_set(ctx->http,
314 		      (ctx->workarounds & WORKAROUND_OCSP_OPTIONAL) ? 1 : 2);
315 	ctx->no_osu_cert_validation = 0;
316 	xml_node_get_text_free(ctx->xml, url);
317 	if (res < 0)
318 		return -1;
319 
320 	cert = os_readfile(TMP_CERT_DL_FILE, &len);
321 	remove(TMP_CERT_DL_FILE);
322 	if (cert == NULL)
323 		return -1;
324 
325 	if (sha256_vector(1, (const u8 **) &cert, &len, digest2) < 0) {
326 		os_free(cert);
327 		return -1;
328 	}
329 
330 	if (os_memcmp(digest1, digest2, sizeof(digest1)) != 0) {
331 		wpa_printf(MSG_INFO, "Downloaded certificate fingerprint did not match");
332 		write_result(ctx, "Downloaded certificate fingerprint did not match");
333 		os_free(cert);
334 		return -1;
335 	}
336 
337 	b64 = base64_encode((unsigned char *) cert, len, NULL);
338 	os_free(cert);
339 	if (b64 == NULL)
340 		return -1;
341 
342 	f = fopen(fname, "wb");
343 	if (f == NULL) {
344 		os_free(b64);
345 		return -1;
346 	}
347 
348 	fprintf(f, "-----BEGIN CERTIFICATE-----\n"
349 		"%s"
350 		"-----END CERTIFICATE-----\n",
351 		b64);
352 
353 	os_free(b64);
354 	fclose(f);
355 
356 	wpa_printf(MSG_INFO, "Downloaded certificate into %s and validated fingerprint",
357 		   fname);
358 	write_summary(ctx, "Downloaded certificate into %s and validated fingerprint",
359 		      fname);
360 
361 	return 0;
362 }
363 
364 
cmd_dl_osu_ca(struct hs20_osu_client * ctx,const char * pps_fname,const char * ca_fname)365 static int cmd_dl_osu_ca(struct hs20_osu_client *ctx, const char *pps_fname,
366 			 const char *ca_fname)
367 {
368 	xml_node_t *pps, *node;
369 	int ret;
370 
371 	pps = node_from_file(ctx->xml, pps_fname);
372 	if (pps == NULL) {
373 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", pps_fname);
374 		return -1;
375 	}
376 
377 	node = get_child_node(ctx->xml, pps,
378 			      "SubscriptionUpdate/TrustRoot");
379 	if (node == NULL) {
380 		wpa_printf(MSG_INFO, "No SubscriptionUpdate/TrustRoot/CertURL found from PPS");
381 		xml_node_free(ctx->xml, pps);
382 		return -1;
383 	}
384 
385 	ret = download_cert(ctx, node, ca_fname);
386 	xml_node_free(ctx->xml, pps);
387 
388 	return ret;
389 }
390 
391 
cmd_dl_polupd_ca(struct hs20_osu_client * ctx,const char * pps_fname,const char * ca_fname)392 static int cmd_dl_polupd_ca(struct hs20_osu_client *ctx, const char *pps_fname,
393 			    const char *ca_fname)
394 {
395 	xml_node_t *pps, *node;
396 	int ret;
397 
398 	pps = node_from_file(ctx->xml, pps_fname);
399 	if (pps == NULL) {
400 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", pps_fname);
401 		return -1;
402 	}
403 
404 	node = get_child_node(ctx->xml, pps,
405 			      "Policy/PolicyUpdate/TrustRoot");
406 	if (node == NULL) {
407 		wpa_printf(MSG_INFO, "No Policy/PolicyUpdate/TrustRoot/CertURL found from PPS");
408 		xml_node_free(ctx->xml, pps);
409 		return -1;
410 	}
411 
412 	ret = download_cert(ctx, node, ca_fname);
413 	xml_node_free(ctx->xml, pps);
414 
415 	return ret;
416 }
417 
418 
cmd_dl_aaa_ca(struct hs20_osu_client * ctx,const char * pps_fname,const char * ca_fname)419 static int cmd_dl_aaa_ca(struct hs20_osu_client *ctx, const char *pps_fname,
420 			 const char *ca_fname)
421 {
422 	xml_node_t *pps, *node, *aaa;
423 	int ret;
424 
425 	pps = node_from_file(ctx->xml, pps_fname);
426 	if (pps == NULL) {
427 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", pps_fname);
428 		return -1;
429 	}
430 
431 	node = get_child_node(ctx->xml, pps,
432 			      "AAAServerTrustRoot");
433 	if (node == NULL) {
434 		wpa_printf(MSG_INFO, "No AAAServerTrustRoot/CertURL found from PPS");
435 		xml_node_free(ctx->xml, pps);
436 		return -1;
437 	}
438 
439 	aaa = xml_node_first_child(ctx->xml, node);
440 	if (aaa == NULL) {
441 		wpa_printf(MSG_INFO, "No AAAServerTrustRoot/CertURL found from PPS");
442 		xml_node_free(ctx->xml, pps);
443 		return -1;
444 	}
445 
446 	ret = download_cert(ctx, aaa, ca_fname);
447 	xml_node_free(ctx->xml, pps);
448 
449 	return ret;
450 }
451 
452 
download_trust_roots(struct hs20_osu_client * ctx,const char * pps_fname)453 static int download_trust_roots(struct hs20_osu_client *ctx,
454 				const char *pps_fname)
455 {
456 	char *dir, *pos;
457 	char fname[300];
458 	int ret;
459 
460 	dir = os_strdup(pps_fname);
461 	if (dir == NULL)
462 		return -1;
463 	pos = os_strrchr(dir, '/');
464 	if (pos == NULL) {
465 		os_free(dir);
466 		return -1;
467 	}
468 	*pos = '\0';
469 
470 	snprintf(fname, sizeof(fname), "%s/ca.pem", dir);
471 	ret = cmd_dl_osu_ca(ctx, pps_fname, fname);
472 	snprintf(fname, sizeof(fname), "%s/polupd-ca.pem", dir);
473 	cmd_dl_polupd_ca(ctx, pps_fname, fname);
474 	snprintf(fname, sizeof(fname), "%s/aaa-ca.pem", dir);
475 	cmd_dl_aaa_ca(ctx, pps_fname, fname);
476 
477 	os_free(dir);
478 
479 	return ret;
480 }
481 
482 
server_dnsname_suffix_match(struct hs20_osu_client * ctx,const char * fqdn)483 static int server_dnsname_suffix_match(struct hs20_osu_client *ctx,
484 				       const char *fqdn)
485 {
486 	size_t match_len, len, i;
487 	const char *val;
488 
489 	match_len = os_strlen(fqdn);
490 
491 	for (i = 0; i < ctx->server_dnsname_count; i++) {
492 		wpa_printf(MSG_INFO,
493 			   "Checking suffix match against server dNSName %s",
494 			   ctx->server_dnsname[i]);
495 		val = ctx->server_dnsname[i];
496 		len = os_strlen(val);
497 
498 		if (match_len > len)
499 			continue;
500 
501 		if (os_strncasecmp(val + len - match_len, fqdn, match_len) != 0)
502 			continue; /* no match */
503 
504 		if (match_len == len)
505 			return 1; /* exact match */
506 
507 		if (val[len - match_len - 1] == '.')
508 			return 1; /* full label match completes suffix match */
509 
510 		/* Reject due to incomplete label match */
511 	}
512 
513 	/* None of the dNSName(s) matched */
514 	return 0;
515 }
516 
517 
hs20_add_pps_mo(struct hs20_osu_client * ctx,const char * uri,xml_node_t * add_mo,char * fname,size_t fname_len)518 int hs20_add_pps_mo(struct hs20_osu_client *ctx, const char *uri,
519 		    xml_node_t *add_mo, char *fname, size_t fname_len)
520 {
521 	char *str;
522 	char *fqdn, *pos;
523 	xml_node_t *tnds, *mo, *cert;
524 	const char *name;
525 	int ret;
526 
527 	if (strncmp(uri, "./Wi-Fi/", 8) != 0) {
528 		wpa_printf(MSG_INFO, "Unsupported location for addMO to add PPS MO: '%s'",
529 			   uri);
530 		write_result(ctx, "Unsupported location for addMO to add PPS MO: '%s'",
531 			     uri);
532 		return -1;
533 	}
534 
535 	fqdn = strdup(uri + 8);
536 	if (fqdn == NULL)
537 		return -1;
538 	pos = strchr(fqdn, '/');
539 	if (pos) {
540 		if (os_strcasecmp(pos, "/PerProviderSubscription") != 0) {
541 			wpa_printf(MSG_INFO, "Unsupported location for addMO to add PPS MO (extra directory): '%s'",
542 				   uri);
543 			write_result(ctx, "Unsupported location for addMO to "
544 				     "add PPS MO (extra directory): '%s'", uri);
545 			free(fqdn);
546 			return -1;
547 		}
548 		*pos = '\0'; /* remove trailing slash and PPS node name */
549 	}
550 	wpa_printf(MSG_INFO, "SP FQDN: %s", fqdn);
551 
552 	if (!server_dnsname_suffix_match(ctx, fqdn)) {
553 		wpa_printf(MSG_INFO,
554 			   "FQDN '%s' for new PPS MO did not have suffix match with server's dNSName values, count: %d",
555 			   fqdn, (int) ctx->server_dnsname_count);
556 		write_result(ctx, "FQDN '%s' for new PPS MO did not have suffix match with server's dNSName values",
557 			     fqdn);
558 		free(fqdn);
559 		return -1;
560 	}
561 
562 	if (!valid_fqdn(fqdn)) {
563 		wpa_printf(MSG_INFO, "Invalid FQDN '%s'", fqdn);
564 		write_result(ctx, "Invalid FQDN '%s'", fqdn);
565 		free(fqdn);
566 		return -1;
567 	}
568 
569 	mkdir("SP", S_IRWXU);
570 	snprintf(fname, fname_len, "SP/%s", fqdn);
571 	if (mkdir(fname, S_IRWXU) < 0) {
572 		if (errno != EEXIST) {
573 			int err = errno;
574 			wpa_printf(MSG_INFO, "mkdir(%s) failed: %s",
575 				   fname, strerror(err));
576 			free(fqdn);
577 			return -1;
578 		}
579 	}
580 
581 #ifdef ANDROID
582 	/* Allow processes running with Group ID as AID_WIFI,
583 	 * to read files from SP/<fqdn> directory */
584 	if (chown(fname, -1, AID_WIFI)) {
585 		wpa_printf(MSG_INFO, "CTRL: Could not chown directory: %s",
586 			   strerror(errno));
587 		/* Try to continue anyway */
588 	}
589 	if (chmod(fname, S_IRWXU | S_IRGRP | S_IXGRP) < 0) {
590 		wpa_printf(MSG_INFO, "CTRL: Could not chmod directory: %s",
591 			   strerror(errno));
592 		/* Try to continue anyway */
593 	}
594 #endif /* ANDROID */
595 
596 	snprintf(fname, fname_len, "SP/%s/pps.xml", fqdn);
597 
598 	if (os_file_exists(fname)) {
599 		wpa_printf(MSG_INFO, "PPS file '%s' exists - reject addMO",
600 			   fname);
601 		write_result(ctx, "PPS file '%s' exists - reject addMO",
602 			     fname);
603 		free(fqdn);
604 		return -2;
605 	}
606 	wpa_printf(MSG_INFO, "Using PPS file: %s", fname);
607 
608 	str = xml_node_get_text(ctx->xml, add_mo);
609 	if (str == NULL) {
610 		wpa_printf(MSG_INFO, "Could not extract MO text");
611 		free(fqdn);
612 		return -1;
613 	}
614 	wpa_printf(MSG_DEBUG, "[hs20] addMO text: '%s'", str);
615 
616 	tnds = xml_node_from_buf(ctx->xml, str);
617 	xml_node_get_text_free(ctx->xml, str);
618 	if (tnds == NULL) {
619 		wpa_printf(MSG_INFO, "[hs20] Could not parse addMO text");
620 		free(fqdn);
621 		return -1;
622 	}
623 
624 	mo = tnds_to_mo(ctx->xml, tnds);
625 	if (mo == NULL) {
626 		wpa_printf(MSG_INFO, "[hs20] Could not parse addMO TNDS text");
627 		free(fqdn);
628 		return -1;
629 	}
630 
631 	debug_dump_node(ctx, "Parsed TNDS", mo);
632 
633 	name = xml_node_get_localname(ctx->xml, mo);
634 	if (os_strcasecmp(name, "PerProviderSubscription") != 0) {
635 		wpa_printf(MSG_INFO, "[hs20] Unexpected PPS MO root node name '%s'",
636 			   name);
637 		free(fqdn);
638 		return -1;
639 	}
640 
641 	cert = get_child_node(ctx->xml, mo,
642 			      "Credential/DigitalCertificate/"
643 			      "CertSHA256Fingerprint");
644 	if (cert && process_est_cert(ctx, cert, fqdn) < 0) {
645 		xml_node_free(ctx->xml, mo);
646 		free(fqdn);
647 		return -1;
648 	}
649 	free(fqdn);
650 
651 	if (node_to_file(ctx->xml, fname, mo) < 0) {
652 		wpa_printf(MSG_INFO, "Could not write MO to file");
653 		xml_node_free(ctx->xml, mo);
654 		return -1;
655 	}
656 	xml_node_free(ctx->xml, mo);
657 
658 	wpa_printf(MSG_INFO, "A new PPS MO added as '%s'", fname);
659 	write_summary(ctx, "A new PPS MO added as '%s'", fname);
660 
661 	ret = download_trust_roots(ctx, fname);
662 	if (ret < 0) {
663 		wpa_printf(MSG_INFO, "Remove invalid PPS MO file");
664 		write_summary(ctx, "Remove invalid PPS MO file");
665 		unlink(fname);
666 	}
667 
668 	return ret;
669 }
670 
671 
update_pps_file(struct hs20_osu_client * ctx,const char * pps_fname,xml_node_t * pps)672 int update_pps_file(struct hs20_osu_client *ctx, const char *pps_fname,
673 		    xml_node_t *pps)
674 {
675 	char *str;
676 	FILE *f;
677 	char backup[300];
678 
679 	if (ctx->client_cert_present) {
680 		xml_node_t *cert;
681 		cert = get_child_node(ctx->xml, pps,
682 				      "Credential/DigitalCertificate/"
683 				      "CertSHA256Fingerprint");
684 		if (cert && os_file_exists("Cert/est_cert.der") &&
685 		    process_est_cert(ctx, cert, ctx->fqdn) < 0) {
686 			wpa_printf(MSG_INFO, "EST certificate update processing failed on PPS MO update");
687 			return -1;
688 		}
689 	}
690 
691 	wpa_printf(MSG_INFO, "Updating PPS MO %s", pps_fname);
692 
693 	str = xml_node_to_str(ctx->xml, pps);
694 	if (str == NULL) {
695 		wpa_printf(MSG_ERROR, "No node found");
696 		return -1;
697 	}
698 	wpa_printf(MSG_MSGDUMP, "[hs20] Updated PPS: '%s'", str);
699 
700 	snprintf(backup, sizeof(backup), "%s.bak", pps_fname);
701 	rename(pps_fname, backup);
702 	f = fopen(pps_fname, "w");
703 	if (f == NULL) {
704 		wpa_printf(MSG_INFO, "Could not write PPS");
705 		rename(backup, pps_fname);
706 		free(str);
707 		return -1;
708 	}
709 	fprintf(f, "%s\n", str);
710 	fclose(f);
711 
712 	free(str);
713 
714 	return 0;
715 }
716 
717 
get_user_pw(struct hs20_osu_client * ctx,xml_node_t * pps,const char * alt_loc,char ** user,char ** pw)718 void get_user_pw(struct hs20_osu_client *ctx, xml_node_t *pps,
719 		 const char *alt_loc, char **user, char **pw)
720 {
721 	xml_node_t *node;
722 
723 	node = get_child_node(ctx->xml, pps,
724 			      "Credential/UsernamePassword/Username");
725 	if (node)
726 		*user = xml_node_get_text(ctx->xml, node);
727 
728 	node = get_child_node(ctx->xml, pps,
729 			      "Credential/UsernamePassword/Password");
730 	if (node)
731 		*pw = xml_node_get_base64_text(ctx->xml, node, NULL);
732 
733 	node = get_child_node(ctx->xml, pps, alt_loc);
734 	if (node) {
735 		xml_node_t *a;
736 		a = get_node(ctx->xml, node, "Username");
737 		if (a) {
738 			xml_node_get_text_free(ctx->xml, *user);
739 			*user = xml_node_get_text(ctx->xml, a);
740 			wpa_printf(MSG_INFO, "Use OSU username '%s'", *user);
741 		}
742 
743 		a = get_node(ctx->xml, node, "Password");
744 		if (a) {
745 			free(*pw);
746 			*pw = xml_node_get_base64_text(ctx->xml, a, NULL);
747 			wpa_printf(MSG_INFO, "Use OSU password");
748 		}
749 	}
750 }
751 
752 
753 /* Remove old credentials based on HomeSP/FQDN */
remove_sp_creds(struct hs20_osu_client * ctx,const char * fqdn)754 static void remove_sp_creds(struct hs20_osu_client *ctx, const char *fqdn)
755 {
756 	char cmd[300];
757 	os_snprintf(cmd, sizeof(cmd), "REMOVE_CRED provisioning_sp=%s", fqdn);
758 	if (wpa_command(ctx->ifname, cmd) < 0)
759 		wpa_printf(MSG_INFO, "Failed to remove old credential(s)");
760 }
761 
762 
set_pps_cred_policy_spe(struct hs20_osu_client * ctx,int id,xml_node_t * spe)763 static void set_pps_cred_policy_spe(struct hs20_osu_client *ctx, int id,
764 				    xml_node_t *spe)
765 {
766 	xml_node_t *ssid;
767 	char *txt;
768 
769 	ssid = get_node(ctx->xml, spe, "SSID");
770 	if (ssid == NULL)
771 		return;
772 	txt = xml_node_get_text(ctx->xml, ssid);
773 	if (txt == NULL)
774 		return;
775 	wpa_printf(MSG_DEBUG, "- Policy/SPExclusionList/<X+>/SSID = %s", txt);
776 	if (set_cred_quoted(ctx->ifname, id, "excluded_ssid", txt) < 0)
777 		wpa_printf(MSG_INFO, "Failed to set cred excluded_ssid");
778 	xml_node_get_text_free(ctx->xml, txt);
779 }
780 
781 
set_pps_cred_policy_spel(struct hs20_osu_client * ctx,int id,xml_node_t * spel)782 static void set_pps_cred_policy_spel(struct hs20_osu_client *ctx, int id,
783 				     xml_node_t *spel)
784 {
785 	xml_node_t *child;
786 
787 	xml_node_for_each_child(ctx->xml, child, spel) {
788 		xml_node_for_each_check(ctx->xml, child);
789 		set_pps_cred_policy_spe(ctx, id, child);
790 	}
791 }
792 
793 
set_pps_cred_policy_prp(struct hs20_osu_client * ctx,int id,xml_node_t * prp)794 static void set_pps_cred_policy_prp(struct hs20_osu_client *ctx, int id,
795 				    xml_node_t *prp)
796 {
797 	xml_node_t *node;
798 	char *txt = NULL, *pos;
799 	char *prio, *country_buf = NULL;
800 	const char *country;
801 	char val[200];
802 	int priority;
803 
804 	node = get_node(ctx->xml, prp, "Priority");
805 	if (node == NULL)
806 		return;
807 	prio = xml_node_get_text(ctx->xml, node);
808 	if (prio == NULL)
809 		return;
810 	wpa_printf(MSG_INFO, "- Policy/PreferredRoamingPartnerList/<X+>/Priority = %s",
811 		   prio);
812 	priority = atoi(prio);
813 	xml_node_get_text_free(ctx->xml, prio);
814 
815 	node = get_node(ctx->xml, prp, "Country");
816 	if (node) {
817 		country_buf = xml_node_get_text(ctx->xml, node);
818 		if (country_buf == NULL)
819 			return;
820 		country = country_buf;
821 		wpa_printf(MSG_INFO, "- Policy/PreferredRoamingPartnerList/<X+>/Country = %s",
822 			   country);
823 	} else {
824 		country = "*";
825 	}
826 
827 	node = get_node(ctx->xml, prp, "FQDN_Match");
828 	if (node == NULL)
829 		goto out;
830 	txt = xml_node_get_text(ctx->xml, node);
831 	if (txt == NULL)
832 		goto out;
833 	wpa_printf(MSG_INFO, "- Policy/PreferredRoamingPartnerList/<X+>/FQDN_Match = %s",
834 		   txt);
835 	pos = strrchr(txt, ',');
836 	if (pos == NULL)
837 		goto out;
838 	*pos++ = '\0';
839 
840 	snprintf(val, sizeof(val), "%s,%d,%d,%s", txt,
841 		 strcmp(pos, "includeSubdomains") != 0, priority, country);
842 	if (set_cred_quoted(ctx->ifname, id, "roaming_partner", val) < 0)
843 		wpa_printf(MSG_INFO, "Failed to set cred roaming_partner");
844 out:
845 	xml_node_get_text_free(ctx->xml, country_buf);
846 	xml_node_get_text_free(ctx->xml, txt);
847 }
848 
849 
set_pps_cred_policy_prpl(struct hs20_osu_client * ctx,int id,xml_node_t * prpl)850 static void set_pps_cred_policy_prpl(struct hs20_osu_client *ctx, int id,
851 				     xml_node_t *prpl)
852 {
853 	xml_node_t *child;
854 
855 	xml_node_for_each_child(ctx->xml, child, prpl) {
856 		xml_node_for_each_check(ctx->xml, child);
857 		set_pps_cred_policy_prp(ctx, id, child);
858 	}
859 }
860 
861 
set_pps_cred_policy_min_backhaul(struct hs20_osu_client * ctx,int id,xml_node_t * min_backhaul)862 static void set_pps_cred_policy_min_backhaul(struct hs20_osu_client *ctx, int id,
863 					     xml_node_t *min_backhaul)
864 {
865 	xml_node_t *node;
866 	char *type, *dl = NULL, *ul = NULL;
867 	int home;
868 
869 	node = get_node(ctx->xml, min_backhaul, "NetworkType");
870 	if (node == NULL) {
871 		wpa_printf(MSG_INFO, "Ignore MinBackhaulThreshold without mandatory NetworkType node");
872 		return;
873 	}
874 
875 	type = xml_node_get_text(ctx->xml, node);
876 	if (type == NULL)
877 		return;
878 	wpa_printf(MSG_INFO, "- Policy/MinBackhaulThreshold/<X+>/NetworkType = %s",
879 		   type);
880 	if (os_strcasecmp(type, "home") == 0)
881 		home = 1;
882 	else if (os_strcasecmp(type, "roaming") == 0)
883 		home = 0;
884 	else {
885 		wpa_printf(MSG_INFO, "Ignore MinBackhaulThreshold with invalid NetworkType");
886 		xml_node_get_text_free(ctx->xml, type);
887 		return;
888 	}
889 	xml_node_get_text_free(ctx->xml, type);
890 
891 	node = get_node(ctx->xml, min_backhaul, "DLBandwidth");
892 	if (node)
893 		dl = xml_node_get_text(ctx->xml, node);
894 
895 	node = get_node(ctx->xml, min_backhaul, "ULBandwidth");
896 	if (node)
897 		ul = xml_node_get_text(ctx->xml, node);
898 
899 	if (dl == NULL && ul == NULL) {
900 		wpa_printf(MSG_INFO, "Ignore MinBackhaulThreshold without either DLBandwidth or ULBandwidth nodes");
901 		return;
902 	}
903 
904 	if (dl)
905 		wpa_printf(MSG_INFO, "- Policy/MinBackhaulThreshold/<X+>/DLBandwidth = %s",
906 			   dl);
907 	if (ul)
908 		wpa_printf(MSG_INFO, "- Policy/MinBackhaulThreshold/<X+>/ULBandwidth = %s",
909 			   ul);
910 
911 	if (home) {
912 		if (dl &&
913 		    set_cred(ctx->ifname, id, "min_dl_bandwidth_home", dl) < 0)
914 			wpa_printf(MSG_INFO, "Failed to set cred bandwidth limit");
915 		if (ul &&
916 		    set_cred(ctx->ifname, id, "min_ul_bandwidth_home", ul) < 0)
917 			wpa_printf(MSG_INFO, "Failed to set cred bandwidth limit");
918 	} else {
919 		if (dl &&
920 		    set_cred(ctx->ifname, id, "min_dl_bandwidth_roaming", dl) <
921 		    0)
922 			wpa_printf(MSG_INFO, "Failed to set cred bandwidth limit");
923 		if (ul &&
924 		    set_cred(ctx->ifname, id, "min_ul_bandwidth_roaming", ul) <
925 		    0)
926 			wpa_printf(MSG_INFO, "Failed to set cred bandwidth limit");
927 	}
928 
929 	xml_node_get_text_free(ctx->xml, dl);
930 	xml_node_get_text_free(ctx->xml, ul);
931 }
932 
933 
set_pps_cred_policy_min_backhaul_list(struct hs20_osu_client * ctx,int id,xml_node_t * node)934 static void set_pps_cred_policy_min_backhaul_list(struct hs20_osu_client *ctx,
935 						  int id, xml_node_t *node)
936 {
937 	xml_node_t *child;
938 
939 	wpa_printf(MSG_INFO, "- Policy/MinBackhaulThreshold");
940 
941 	xml_node_for_each_child(ctx->xml, child, node) {
942 		xml_node_for_each_check(ctx->xml, child);
943 		set_pps_cred_policy_min_backhaul(ctx, id, child);
944 	}
945 }
946 
947 
set_pps_cred_policy_update(struct hs20_osu_client * ctx,int id,xml_node_t * node)948 static void set_pps_cred_policy_update(struct hs20_osu_client *ctx, int id,
949 				       xml_node_t *node)
950 {
951 	wpa_printf(MSG_INFO, "- Policy/PolicyUpdate");
952 	/* Not used in wpa_supplicant */
953 }
954 
955 
set_pps_cred_policy_required_proto_port(struct hs20_osu_client * ctx,int id,xml_node_t * tuple)956 static void set_pps_cred_policy_required_proto_port(struct hs20_osu_client *ctx,
957 						    int id, xml_node_t *tuple)
958 {
959 	xml_node_t *node;
960 	char *proto, *port;
961 	char *buf;
962 	size_t buflen;
963 
964 	node = get_node(ctx->xml, tuple, "IPProtocol");
965 	if (node == NULL) {
966 		wpa_printf(MSG_INFO, "Ignore RequiredProtoPortTuple without mandatory IPProtocol node");
967 		return;
968 	}
969 
970 	proto = xml_node_get_text(ctx->xml, node);
971 	if (proto == NULL)
972 		return;
973 
974 	wpa_printf(MSG_INFO, "- Policy/RequiredProtoPortTuple/<X+>/IPProtocol = %s",
975 		   proto);
976 
977 	node = get_node(ctx->xml, tuple, "PortNumber");
978 	port = node ? xml_node_get_text(ctx->xml, node) : NULL;
979 	if (port) {
980 		wpa_printf(MSG_INFO, "- Policy/RequiredProtoPortTuple/<X+>/PortNumber = %s",
981 			   port);
982 		buflen = os_strlen(proto) + os_strlen(port) + 10;
983 		buf = os_malloc(buflen);
984 		if (buf)
985 			os_snprintf(buf, buflen, "%s:%s", proto, port);
986 		xml_node_get_text_free(ctx->xml, port);
987 	} else {
988 		buflen = os_strlen(proto) + 10;
989 		buf = os_malloc(buflen);
990 		if (buf)
991 			os_snprintf(buf, buflen, "%s", proto);
992 	}
993 
994 	xml_node_get_text_free(ctx->xml, proto);
995 
996 	if (buf == NULL)
997 		return;
998 
999 	if (set_cred(ctx->ifname, id, "req_conn_capab", buf) < 0)
1000 		wpa_printf(MSG_INFO, "Could not set req_conn_capab");
1001 
1002 	os_free(buf);
1003 }
1004 
1005 
set_pps_cred_policy_required_proto_ports(struct hs20_osu_client * ctx,int id,xml_node_t * node)1006 static void set_pps_cred_policy_required_proto_ports(struct hs20_osu_client *ctx,
1007 						     int id, xml_node_t *node)
1008 {
1009 	xml_node_t *child;
1010 
1011 	wpa_printf(MSG_INFO, "- Policy/RequiredProtoPortTuple");
1012 
1013 	xml_node_for_each_child(ctx->xml, child, node) {
1014 		xml_node_for_each_check(ctx->xml, child);
1015 		set_pps_cred_policy_required_proto_port(ctx, id, child);
1016 	}
1017 }
1018 
1019 
set_pps_cred_policy_max_bss_load(struct hs20_osu_client * ctx,int id,xml_node_t * node)1020 static void set_pps_cred_policy_max_bss_load(struct hs20_osu_client *ctx, int id,
1021 					     xml_node_t *node)
1022 {
1023 	char *str = xml_node_get_text(ctx->xml, node);
1024 	if (str == NULL)
1025 		return;
1026 	wpa_printf(MSG_INFO, "- Policy/MaximumBSSLoadValue - %s", str);
1027 	if (set_cred(ctx->ifname, id, "max_bss_load", str) < 0)
1028 		wpa_printf(MSG_INFO, "Failed to set cred max_bss_load limit");
1029 	xml_node_get_text_free(ctx->xml, str);
1030 }
1031 
1032 
set_pps_cred_policy(struct hs20_osu_client * ctx,int id,xml_node_t * node)1033 static void set_pps_cred_policy(struct hs20_osu_client *ctx, int id,
1034 				xml_node_t *node)
1035 {
1036 	xml_node_t *child;
1037 	const char *name;
1038 
1039 	wpa_printf(MSG_INFO, "- Policy");
1040 
1041 	xml_node_for_each_child(ctx->xml, child, node) {
1042 		xml_node_for_each_check(ctx->xml, child);
1043 		name = xml_node_get_localname(ctx->xml, child);
1044 		if (os_strcasecmp(name, "PreferredRoamingPartnerList") == 0)
1045 			set_pps_cred_policy_prpl(ctx, id, child);
1046 		else if (os_strcasecmp(name, "MinBackhaulThreshold") == 0)
1047 			set_pps_cred_policy_min_backhaul_list(ctx, id, child);
1048 		else if (os_strcasecmp(name, "PolicyUpdate") == 0)
1049 			set_pps_cred_policy_update(ctx, id, child);
1050 		else if (os_strcasecmp(name, "SPExclusionList") == 0)
1051 			set_pps_cred_policy_spel(ctx, id, child);
1052 		else if (os_strcasecmp(name, "RequiredProtoPortTuple") == 0)
1053 			set_pps_cred_policy_required_proto_ports(ctx, id, child);
1054 		else if (os_strcasecmp(name, "MaximumBSSLoadValue") == 0)
1055 			set_pps_cred_policy_max_bss_load(ctx, id, child);
1056 		else
1057 			wpa_printf(MSG_INFO, "Unknown Policy node '%s'", name);
1058 	}
1059 }
1060 
1061 
set_pps_cred_priority(struct hs20_osu_client * ctx,int id,xml_node_t * node)1062 static void set_pps_cred_priority(struct hs20_osu_client *ctx, int id,
1063 				  xml_node_t *node)
1064 {
1065 	char *str = xml_node_get_text(ctx->xml, node);
1066 	if (str == NULL)
1067 		return;
1068 	wpa_printf(MSG_INFO, "- CredentialPriority = %s", str);
1069 	if (set_cred(ctx->ifname, id, "sp_priority", str) < 0)
1070 		wpa_printf(MSG_INFO, "Failed to set cred sp_priority");
1071 	xml_node_get_text_free(ctx->xml, str);
1072 }
1073 
1074 
set_pps_cred_aaa_server_trust_root(struct hs20_osu_client * ctx,int id,xml_node_t * node)1075 static void set_pps_cred_aaa_server_trust_root(struct hs20_osu_client *ctx,
1076 					       int id, xml_node_t *node)
1077 {
1078 	wpa_printf(MSG_INFO, "- AAAServerTrustRoot - TODO");
1079 }
1080 
1081 
set_pps_cred_sub_update(struct hs20_osu_client * ctx,int id,xml_node_t * node)1082 static void set_pps_cred_sub_update(struct hs20_osu_client *ctx, int id,
1083 				    xml_node_t *node)
1084 {
1085 	wpa_printf(MSG_INFO, "- SubscriptionUpdate");
1086 	/* not used within wpa_supplicant */
1087 }
1088 
1089 
set_pps_cred_home_sp_network_id(struct hs20_osu_client * ctx,int id,xml_node_t * node)1090 static void set_pps_cred_home_sp_network_id(struct hs20_osu_client *ctx,
1091 					    int id, xml_node_t *node)
1092 {
1093 	xml_node_t *ssid_node, *hessid_node;
1094 	char *ssid, *hessid;
1095 
1096 	ssid_node = get_node(ctx->xml, node, "SSID");
1097 	if (ssid_node == NULL) {
1098 		wpa_printf(MSG_INFO, "Ignore HomeSP/NetworkID without mandatory SSID node");
1099 		return;
1100 	}
1101 
1102 	hessid_node = get_node(ctx->xml, node, "HESSID");
1103 
1104 	ssid = xml_node_get_text(ctx->xml, ssid_node);
1105 	if (ssid == NULL)
1106 		return;
1107 	hessid = hessid_node ? xml_node_get_text(ctx->xml, hessid_node) : NULL;
1108 
1109 	wpa_printf(MSG_INFO, "- HomeSP/NetworkID/<X+>/SSID = %s", ssid);
1110 	if (hessid)
1111 		wpa_printf(MSG_INFO, "- HomeSP/NetworkID/<X+>/HESSID = %s",
1112 			   hessid);
1113 
1114 	/* TODO: Configure to wpa_supplicant */
1115 
1116 	xml_node_get_text_free(ctx->xml, ssid);
1117 	xml_node_get_text_free(ctx->xml, hessid);
1118 }
1119 
1120 
set_pps_cred_home_sp_network_ids(struct hs20_osu_client * ctx,int id,xml_node_t * node)1121 static void set_pps_cred_home_sp_network_ids(struct hs20_osu_client *ctx,
1122 					     int id, xml_node_t *node)
1123 {
1124 	xml_node_t *child;
1125 
1126 	wpa_printf(MSG_INFO, "- HomeSP/NetworkID");
1127 
1128 	xml_node_for_each_child(ctx->xml, child, node) {
1129 		xml_node_for_each_check(ctx->xml, child);
1130 		set_pps_cred_home_sp_network_id(ctx, id, child);
1131 	}
1132 }
1133 
1134 
set_pps_cred_home_sp_friendly_name(struct hs20_osu_client * ctx,int id,xml_node_t * node)1135 static void set_pps_cred_home_sp_friendly_name(struct hs20_osu_client *ctx,
1136 					       int id, xml_node_t *node)
1137 {
1138 	char *str = xml_node_get_text(ctx->xml, node);
1139 	if (str == NULL)
1140 		return;
1141 	wpa_printf(MSG_INFO, "- HomeSP/FriendlyName = %s", str);
1142 	/* not used within wpa_supplicant(?) */
1143 	xml_node_get_text_free(ctx->xml, str);
1144 }
1145 
1146 
set_pps_cred_home_sp_icon_url(struct hs20_osu_client * ctx,int id,xml_node_t * node)1147 static void set_pps_cred_home_sp_icon_url(struct hs20_osu_client *ctx,
1148 					  int id, xml_node_t *node)
1149 {
1150 	char *str = xml_node_get_text(ctx->xml, node);
1151 	if (str == NULL)
1152 		return;
1153 	wpa_printf(MSG_INFO, "- HomeSP/IconURL = %s", str);
1154 	/* not used within wpa_supplicant */
1155 	xml_node_get_text_free(ctx->xml, str);
1156 }
1157 
1158 
set_pps_cred_home_sp_fqdn(struct hs20_osu_client * ctx,int id,xml_node_t * node)1159 static void set_pps_cred_home_sp_fqdn(struct hs20_osu_client *ctx, int id,
1160 				      xml_node_t *node)
1161 {
1162 	char *str = xml_node_get_text(ctx->xml, node);
1163 	if (str == NULL)
1164 		return;
1165 	wpa_printf(MSG_INFO, "- HomeSP/FQDN = %s", str);
1166 	if (set_cred_quoted(ctx->ifname, id, "domain", str) < 0)
1167 		wpa_printf(MSG_INFO, "Failed to set cred domain");
1168 	if (set_cred_quoted(ctx->ifname, id, "domain_suffix_match", str) < 0)
1169 		wpa_printf(MSG_INFO, "Failed to set cred domain_suffix_match");
1170 	xml_node_get_text_free(ctx->xml, str);
1171 }
1172 
1173 
set_pps_cred_home_sp_oi(struct hs20_osu_client * ctx,int id,xml_node_t * node)1174 static void set_pps_cred_home_sp_oi(struct hs20_osu_client *ctx, int id,
1175 				    xml_node_t *node)
1176 {
1177 	xml_node_t *child;
1178 	const char *name;
1179 	char *homeoi = NULL;
1180 	int required = 0;
1181 	char *str;
1182 
1183 	xml_node_for_each_child(ctx->xml, child, node) {
1184 		xml_node_for_each_check(ctx->xml, child);
1185 		name = xml_node_get_localname(ctx->xml, child);
1186 		if (strcasecmp(name, "HomeOI") == 0 && !homeoi) {
1187 			homeoi = xml_node_get_text(ctx->xml, child);
1188 			wpa_printf(MSG_INFO, "- HomeSP/HomeOIList/<X+>/HomeOI = %s",
1189 				   homeoi);
1190 		} else if (strcasecmp(name, "HomeOIRequired") == 0) {
1191 			str = xml_node_get_text(ctx->xml, child);
1192 			wpa_printf(MSG_INFO, "- HomeSP/HomeOIList/<X+>/HomeOIRequired = '%s'",
1193 				   str);
1194 			if (str == NULL)
1195 				continue;
1196 			required = strcasecmp(str, "true") == 0;
1197 			xml_node_get_text_free(ctx->xml, str);
1198 		} else
1199 			wpa_printf(MSG_INFO, "Unknown HomeOIList node '%s'",
1200 				   name);
1201 	}
1202 
1203 	if (homeoi == NULL) {
1204 		wpa_printf(MSG_INFO, "- HomeSP/HomeOIList/<X+> without HomeOI ignored");
1205 		return;
1206 	}
1207 
1208 	wpa_printf(MSG_INFO, "- HomeSP/HomeOIList/<X+> '%s' required=%d",
1209 		   homeoi, required);
1210 
1211 	if (required) {
1212 		if (set_cred(ctx->ifname, id, "required_roaming_consortium",
1213 			     homeoi) < 0)
1214 			wpa_printf(MSG_INFO, "Failed to set cred required_roaming_consortium");
1215 	} else {
1216 		if (set_cred_quoted(ctx->ifname, id, "roaming_consortium",
1217 				    homeoi) < 0)
1218 			wpa_printf(MSG_INFO, "Failed to set cred roaming_consortium");
1219 	}
1220 
1221 	xml_node_get_text_free(ctx->xml, homeoi);
1222 }
1223 
1224 
set_pps_cred_home_sp_oi_list(struct hs20_osu_client * ctx,int id,xml_node_t * node)1225 static void set_pps_cred_home_sp_oi_list(struct hs20_osu_client *ctx, int id,
1226 					 xml_node_t *node)
1227 {
1228 	xml_node_t *child;
1229 
1230 	wpa_printf(MSG_INFO, "- HomeSP/HomeOIList");
1231 
1232 	xml_node_for_each_child(ctx->xml, child, node) {
1233 		xml_node_for_each_check(ctx->xml, child);
1234 		set_pps_cred_home_sp_oi(ctx, id, child);
1235 	}
1236 }
1237 
1238 
set_pps_cred_home_sp_other_partner(struct hs20_osu_client * ctx,int id,xml_node_t * node)1239 static void set_pps_cred_home_sp_other_partner(struct hs20_osu_client *ctx,
1240 					       int id, xml_node_t *node)
1241 {
1242 	xml_node_t *child;
1243 	const char *name;
1244 	char *fqdn = NULL;
1245 
1246 	xml_node_for_each_child(ctx->xml, child, node) {
1247 		xml_node_for_each_check(ctx->xml, child);
1248 		name = xml_node_get_localname(ctx->xml, child);
1249 		if (os_strcasecmp(name, "FQDN") == 0 && !fqdn) {
1250 			fqdn = xml_node_get_text(ctx->xml, child);
1251 			wpa_printf(MSG_INFO, "- HomeSP/OtherHomePartners/<X+>/FQDN = %s",
1252 				   fqdn);
1253 		} else
1254 			wpa_printf(MSG_INFO, "Unknown OtherHomePartners node '%s'",
1255 				   name);
1256 	}
1257 
1258 	if (fqdn == NULL) {
1259 		wpa_printf(MSG_INFO, "- HomeSP/OtherHomePartners/<X+> without FQDN ignored");
1260 		return;
1261 	}
1262 
1263 	if (set_cred_quoted(ctx->ifname, id, "domain", fqdn) < 0)
1264 		wpa_printf(MSG_INFO, "Failed to set cred domain for OtherHomePartners node");
1265 
1266 	xml_node_get_text_free(ctx->xml, fqdn);
1267 }
1268 
1269 
set_pps_cred_home_sp_other_partners(struct hs20_osu_client * ctx,int id,xml_node_t * node)1270 static void set_pps_cred_home_sp_other_partners(struct hs20_osu_client *ctx,
1271 						int id,
1272 						xml_node_t *node)
1273 {
1274 	xml_node_t *child;
1275 
1276 	wpa_printf(MSG_INFO, "- HomeSP/OtherHomePartners");
1277 
1278 	xml_node_for_each_child(ctx->xml, child, node) {
1279 		xml_node_for_each_check(ctx->xml, child);
1280 		set_pps_cred_home_sp_other_partner(ctx, id, child);
1281 	}
1282 }
1283 
1284 
set_pps_cred_home_sp_roaming_consortium_oi(struct hs20_osu_client * ctx,int id,xml_node_t * node)1285 static void set_pps_cred_home_sp_roaming_consortium_oi(
1286 	struct hs20_osu_client *ctx, int id, xml_node_t *node)
1287 {
1288 	char *str = xml_node_get_text(ctx->xml, node);
1289 	if (str == NULL)
1290 		return;
1291 	wpa_printf(MSG_INFO, "- HomeSP/RoamingConsortiumOI = %s", str);
1292 	/* TODO: Set to wpa_supplicant */
1293 	xml_node_get_text_free(ctx->xml, str);
1294 }
1295 
1296 
set_pps_cred_home_sp(struct hs20_osu_client * ctx,int id,xml_node_t * node)1297 static void set_pps_cred_home_sp(struct hs20_osu_client *ctx, int id,
1298 				 xml_node_t *node)
1299 {
1300 	xml_node_t *child;
1301 	const char *name;
1302 
1303 	wpa_printf(MSG_INFO, "- HomeSP");
1304 
1305 	xml_node_for_each_child(ctx->xml, child, node) {
1306 		xml_node_for_each_check(ctx->xml, child);
1307 		name = xml_node_get_localname(ctx->xml, child);
1308 		if (os_strcasecmp(name, "NetworkID") == 0)
1309 			set_pps_cred_home_sp_network_ids(ctx, id, child);
1310 		else if (os_strcasecmp(name, "FriendlyName") == 0)
1311 			set_pps_cred_home_sp_friendly_name(ctx, id, child);
1312 		else if (os_strcasecmp(name, "IconURL") == 0)
1313 			set_pps_cred_home_sp_icon_url(ctx, id, child);
1314 		else if (os_strcasecmp(name, "FQDN") == 0)
1315 			set_pps_cred_home_sp_fqdn(ctx, id, child);
1316 		else if (os_strcasecmp(name, "HomeOIList") == 0)
1317 			set_pps_cred_home_sp_oi_list(ctx, id, child);
1318 		else if (os_strcasecmp(name, "OtherHomePartners") == 0)
1319 			set_pps_cred_home_sp_other_partners(ctx, id, child);
1320 		else if (os_strcasecmp(name, "RoamingConsortiumOI") == 0)
1321 			set_pps_cred_home_sp_roaming_consortium_oi(ctx, id,
1322 								   child);
1323 		else
1324 			wpa_printf(MSG_INFO, "Unknown HomeSP node '%s'", name);
1325 	}
1326 }
1327 
1328 
set_pps_cred_sub_params(struct hs20_osu_client * ctx,int id,xml_node_t * node)1329 static void set_pps_cred_sub_params(struct hs20_osu_client *ctx, int id,
1330 				    xml_node_t *node)
1331 {
1332 	wpa_printf(MSG_INFO, "- SubscriptionParameters");
1333 	/* not used within wpa_supplicant */
1334 }
1335 
1336 
set_pps_cred_creation_date(struct hs20_osu_client * ctx,int id,xml_node_t * node)1337 static void set_pps_cred_creation_date(struct hs20_osu_client *ctx, int id,
1338 				       xml_node_t *node)
1339 {
1340 	char *str = xml_node_get_text(ctx->xml, node);
1341 	if (str == NULL)
1342 		return;
1343 	wpa_printf(MSG_INFO, "- Credential/CreationDate = %s", str);
1344 	/* not used within wpa_supplicant */
1345 	xml_node_get_text_free(ctx->xml, str);
1346 }
1347 
1348 
set_pps_cred_expiration_date(struct hs20_osu_client * ctx,int id,xml_node_t * node)1349 static void set_pps_cred_expiration_date(struct hs20_osu_client *ctx, int id,
1350 					 xml_node_t *node)
1351 {
1352 	char *str = xml_node_get_text(ctx->xml, node);
1353 	if (str == NULL)
1354 		return;
1355 	wpa_printf(MSG_INFO, "- Credential/ExpirationDate = %s", str);
1356 	/* not used within wpa_supplicant */
1357 	xml_node_get_text_free(ctx->xml, str);
1358 }
1359 
1360 
set_pps_cred_username(struct hs20_osu_client * ctx,int id,xml_node_t * node)1361 static void set_pps_cred_username(struct hs20_osu_client *ctx, int id,
1362 				  xml_node_t *node)
1363 {
1364 	char *str = xml_node_get_text(ctx->xml, node);
1365 	if (str == NULL)
1366 		return;
1367 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/Username = %s",
1368 		   str);
1369 	if (set_cred_quoted(ctx->ifname, id, "username", str) < 0)
1370 		wpa_printf(MSG_INFO, "Failed to set cred username");
1371 	xml_node_get_text_free(ctx->xml, str);
1372 }
1373 
1374 
set_pps_cred_password(struct hs20_osu_client * ctx,int id,xml_node_t * node)1375 static void set_pps_cred_password(struct hs20_osu_client *ctx, int id,
1376 				  xml_node_t *node)
1377 {
1378 	int len, i;
1379 	char *pw, *hex, *pos, *end;
1380 
1381 	pw = xml_node_get_base64_text(ctx->xml, node, &len);
1382 	if (pw == NULL)
1383 		return;
1384 
1385 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/Password = %s", pw);
1386 
1387 	hex = malloc(len * 2 + 1);
1388 	if (hex == NULL) {
1389 		free(pw);
1390 		return;
1391 	}
1392 	end = hex + len * 2 + 1;
1393 	pos = hex;
1394 	for (i = 0; i < len; i++) {
1395 		snprintf(pos, end - pos, "%02x", pw[i]);
1396 		pos += 2;
1397 	}
1398 	free(pw);
1399 
1400 	if (set_cred(ctx->ifname, id, "password", hex) < 0)
1401 		wpa_printf(MSG_INFO, "Failed to set cred password");
1402 	free(hex);
1403 }
1404 
1405 
set_pps_cred_machine_managed(struct hs20_osu_client * ctx,int id,xml_node_t * node)1406 static void set_pps_cred_machine_managed(struct hs20_osu_client *ctx, int id,
1407 					 xml_node_t *node)
1408 {
1409 	char *str = xml_node_get_text(ctx->xml, node);
1410 	if (str == NULL)
1411 		return;
1412 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/MachineManaged = %s",
1413 		   str);
1414 	/* not used within wpa_supplicant */
1415 	xml_node_get_text_free(ctx->xml, str);
1416 }
1417 
1418 
set_pps_cred_soft_token_app(struct hs20_osu_client * ctx,int id,xml_node_t * node)1419 static void set_pps_cred_soft_token_app(struct hs20_osu_client *ctx, int id,
1420 					xml_node_t *node)
1421 {
1422 	char *str = xml_node_get_text(ctx->xml, node);
1423 	if (str == NULL)
1424 		return;
1425 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/SoftTokenApp = %s",
1426 		   str);
1427 	/* not used within wpa_supplicant */
1428 	xml_node_get_text_free(ctx->xml, str);
1429 }
1430 
1431 
set_pps_cred_able_to_share(struct hs20_osu_client * ctx,int id,xml_node_t * node)1432 static void set_pps_cred_able_to_share(struct hs20_osu_client *ctx, int id,
1433 				       xml_node_t *node)
1434 {
1435 	char *str = xml_node_get_text(ctx->xml, node);
1436 	if (str == NULL)
1437 		return;
1438 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/AbleToShare = %s",
1439 		   str);
1440 	/* not used within wpa_supplicant */
1441 	xml_node_get_text_free(ctx->xml, str);
1442 }
1443 
1444 
set_pps_cred_eap_method(struct hs20_osu_client * ctx,int id,xml_node_t * node)1445 static void set_pps_cred_eap_method(struct hs20_osu_client *ctx, int id,
1446 				    xml_node_t *node)
1447 {
1448 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword/EAPMethod - TODO");
1449 }
1450 
1451 
set_pps_cred_username_password(struct hs20_osu_client * ctx,int id,xml_node_t * node)1452 static void set_pps_cred_username_password(struct hs20_osu_client *ctx, int id,
1453 					   xml_node_t *node)
1454 {
1455 	xml_node_t *child;
1456 	const char *name;
1457 
1458 	wpa_printf(MSG_INFO, "- Credential/UsernamePassword");
1459 
1460 	xml_node_for_each_child(ctx->xml, child, node) {
1461 		xml_node_for_each_check(ctx->xml, child);
1462 		name = xml_node_get_localname(ctx->xml, child);
1463 		if (os_strcasecmp(name, "Username") == 0)
1464 			set_pps_cred_username(ctx, id, child);
1465 		else if (os_strcasecmp(name, "Password") == 0)
1466 			set_pps_cred_password(ctx, id, child);
1467 		else if (os_strcasecmp(name, "MachineManaged") == 0)
1468 			set_pps_cred_machine_managed(ctx, id, child);
1469 		else if (os_strcasecmp(name, "SoftTokenApp") == 0)
1470 			set_pps_cred_soft_token_app(ctx, id, child);
1471 		else if (os_strcasecmp(name, "AbleToShare") == 0)
1472 			set_pps_cred_able_to_share(ctx, id, child);
1473 		else if (os_strcasecmp(name, "EAPMethod") == 0)
1474 			set_pps_cred_eap_method(ctx, id, child);
1475 		else
1476 			wpa_printf(MSG_INFO, "Unknown Credential/UsernamePassword node '%s'",
1477 				   name);
1478 	}
1479 }
1480 
1481 
set_pps_cred_digital_cert(struct hs20_osu_client * ctx,int id,xml_node_t * node,const char * fqdn)1482 static void set_pps_cred_digital_cert(struct hs20_osu_client *ctx, int id,
1483 				      xml_node_t *node, const char *fqdn)
1484 {
1485 	char buf[200], dir[200];
1486 
1487 	wpa_printf(MSG_INFO, "- Credential/DigitalCertificate");
1488 
1489 	if (getcwd(dir, sizeof(dir)) == NULL)
1490 		return;
1491 
1492 	/* TODO: could build username from Subject of Subject AltName */
1493 	if (set_cred_quoted(ctx->ifname, id, "username", "cert") < 0) {
1494 		wpa_printf(MSG_INFO, "Failed to set username");
1495 	}
1496 
1497 	snprintf(buf, sizeof(buf), "%s/SP/%s/client-cert.pem", dir, fqdn);
1498 	if (os_file_exists(buf)) {
1499 		if (set_cred_quoted(ctx->ifname, id, "client_cert", buf) < 0) {
1500 			wpa_printf(MSG_INFO, "Failed to set client_cert");
1501 		}
1502 	}
1503 
1504 	snprintf(buf, sizeof(buf), "%s/SP/%s/client-key.pem", dir, fqdn);
1505 	if (os_file_exists(buf)) {
1506 		if (set_cred_quoted(ctx->ifname, id, "private_key", buf) < 0) {
1507 			wpa_printf(MSG_INFO, "Failed to set private_key");
1508 		}
1509 	}
1510 }
1511 
1512 
set_pps_cred_realm(struct hs20_osu_client * ctx,int id,xml_node_t * node,const char * fqdn,int sim)1513 static void set_pps_cred_realm(struct hs20_osu_client *ctx, int id,
1514 			       xml_node_t *node, const char *fqdn, int sim)
1515 {
1516 	char *str = xml_node_get_text(ctx->xml, node);
1517 	char buf[200], dir[200];
1518 
1519 	if (str == NULL)
1520 		return;
1521 
1522 	wpa_printf(MSG_INFO, "- Credential/Realm = %s", str);
1523 	if (set_cred_quoted(ctx->ifname, id, "realm", str) < 0)
1524 		wpa_printf(MSG_INFO, "Failed to set cred realm");
1525 	xml_node_get_text_free(ctx->xml, str);
1526 
1527 	if (sim)
1528 		return;
1529 
1530 	if (getcwd(dir, sizeof(dir)) == NULL)
1531 		return;
1532 	snprintf(buf, sizeof(buf), "%s/SP/%s/aaa-ca.pem", dir, fqdn);
1533 	if (os_file_exists(buf)) {
1534 		if (set_cred_quoted(ctx->ifname, id, "ca_cert", buf) < 0) {
1535 			wpa_printf(MSG_INFO, "Failed to set CA cert");
1536 		}
1537 	}
1538 }
1539 
1540 
set_pps_cred_check_aaa_cert_status(struct hs20_osu_client * ctx,int id,xml_node_t * node)1541 static void set_pps_cred_check_aaa_cert_status(struct hs20_osu_client *ctx,
1542 					       int id, xml_node_t *node)
1543 {
1544 	char *str = xml_node_get_text(ctx->xml, node);
1545 
1546 	if (str == NULL)
1547 		return;
1548 
1549 	wpa_printf(MSG_INFO, "- Credential/CheckAAAServerCertStatus = %s", str);
1550 	if (os_strcasecmp(str, "true") == 0 &&
1551 	    set_cred(ctx->ifname, id, "ocsp", "2") < 0)
1552 		wpa_printf(MSG_INFO, "Failed to set cred ocsp");
1553 	xml_node_get_text_free(ctx->xml, str);
1554 }
1555 
1556 
set_pps_cred_sim(struct hs20_osu_client * ctx,int id,xml_node_t * sim,xml_node_t * realm)1557 static void set_pps_cred_sim(struct hs20_osu_client *ctx, int id,
1558 			     xml_node_t *sim, xml_node_t *realm)
1559 {
1560 	xml_node_t *node;
1561 	char *imsi, *eaptype, *str, buf[20];
1562 	int type;
1563 	int mnc_len = 3;
1564 	size_t imsi_len;
1565 
1566 	node = get_node(ctx->xml, sim, "EAPType");
1567 	if (node == NULL) {
1568 		wpa_printf(MSG_INFO, "No SIM/EAPType node in credential");
1569 		return;
1570 	}
1571 	eaptype = xml_node_get_text(ctx->xml, node);
1572 	if (eaptype == NULL) {
1573 		wpa_printf(MSG_INFO, "Could not extract SIM/EAPType");
1574 		return;
1575 	}
1576 	wpa_printf(MSG_INFO, " - Credential/SIM/EAPType = %s", eaptype);
1577 	type = atoi(eaptype);
1578 	xml_node_get_text_free(ctx->xml, eaptype);
1579 
1580 	switch (type) {
1581 	case EAP_TYPE_SIM:
1582 		if (set_cred(ctx->ifname, id, "eap", "SIM") < 0)
1583 			wpa_printf(MSG_INFO, "Could not set eap=SIM");
1584 		break;
1585 	case EAP_TYPE_AKA:
1586 		if (set_cred(ctx->ifname, id, "eap", "AKA") < 0)
1587 			wpa_printf(MSG_INFO, "Could not set eap=SIM");
1588 		break;
1589 	case EAP_TYPE_AKA_PRIME:
1590 		if (set_cred(ctx->ifname, id, "eap", "AKA'") < 0)
1591 			wpa_printf(MSG_INFO, "Could not set eap=SIM");
1592 		break;
1593 	default:
1594 		wpa_printf(MSG_INFO, "Unsupported SIM/EAPType %d", type);
1595 		return;
1596 	}
1597 
1598 	node = get_node(ctx->xml, sim, "IMSI");
1599 	if (node == NULL) {
1600 		wpa_printf(MSG_INFO, "No SIM/IMSI node in credential");
1601 		return;
1602 	}
1603 	imsi = xml_node_get_text(ctx->xml, node);
1604 	if (imsi == NULL) {
1605 		wpa_printf(MSG_INFO, "Could not extract SIM/IMSI");
1606 		return;
1607 	}
1608 	wpa_printf(MSG_INFO, " - Credential/SIM/IMSI = %s", imsi);
1609 	imsi_len = os_strlen(imsi);
1610 	if (imsi_len < 7 || imsi_len + 2 > sizeof(buf)) {
1611 		wpa_printf(MSG_INFO, "Invalid IMSI length");
1612 		xml_node_get_text_free(ctx->xml, imsi);
1613 		return;
1614 	}
1615 
1616 	str = xml_node_get_text(ctx->xml, node);
1617 	if (str) {
1618 		char *pos;
1619 		pos = os_strstr(str, "mnc");
1620 		if (pos && os_strlen(pos) >= 6) {
1621 			if (os_strncmp(imsi + 3, pos + 3, 3) == 0)
1622 				mnc_len = 3;
1623 			else if (os_strncmp(imsi + 3, pos + 4, 2) == 0)
1624 				mnc_len = 2;
1625 		}
1626 		xml_node_get_text_free(ctx->xml, str);
1627 	}
1628 
1629 	os_memcpy(buf, imsi, 3 + mnc_len);
1630 	buf[3 + mnc_len] = '-';
1631 	os_strlcpy(buf + 3 + mnc_len + 1, imsi + 3 + mnc_len,
1632 		   sizeof(buf) - 3 - mnc_len - 1);
1633 
1634 	xml_node_get_text_free(ctx->xml, imsi);
1635 
1636 	if (set_cred_quoted(ctx->ifname, id, "imsi", buf) < 0)
1637 		wpa_printf(MSG_INFO, "Could not set IMSI");
1638 
1639 	if (set_cred_quoted(ctx->ifname, id, "milenage",
1640 			    "90dca4eda45b53cf0f12d7c9c3bc6a89:"
1641 			    "cb9cccc4b9258e6dca4760379fb82581:000000000123") <
1642 	    0)
1643 		wpa_printf(MSG_INFO, "Could not set Milenage parameters");
1644 }
1645 
1646 
set_pps_cred_credential(struct hs20_osu_client * ctx,int id,xml_node_t * node,const char * fqdn)1647 static void set_pps_cred_credential(struct hs20_osu_client *ctx, int id,
1648 				    xml_node_t *node, const char *fqdn)
1649 {
1650 	xml_node_t *child, *sim, *realm;
1651 	const char *name;
1652 
1653 	wpa_printf(MSG_INFO, "- Credential");
1654 
1655 	sim = get_node(ctx->xml, node, "SIM");
1656 	realm = get_node(ctx->xml, node, "Realm");
1657 
1658 	xml_node_for_each_child(ctx->xml, child, node) {
1659 		xml_node_for_each_check(ctx->xml, child);
1660 		name = xml_node_get_localname(ctx->xml, child);
1661 		if (os_strcasecmp(name, "CreationDate") == 0)
1662 			set_pps_cred_creation_date(ctx, id, child);
1663 		else if (os_strcasecmp(name, "ExpirationDate") == 0)
1664 			set_pps_cred_expiration_date(ctx, id, child);
1665 		else if (os_strcasecmp(name, "UsernamePassword") == 0)
1666 			set_pps_cred_username_password(ctx, id, child);
1667 		else if (os_strcasecmp(name, "DigitalCertificate") == 0)
1668 			set_pps_cred_digital_cert(ctx, id, child, fqdn);
1669 		else if (os_strcasecmp(name, "Realm") == 0)
1670 			set_pps_cred_realm(ctx, id, child, fqdn, sim != NULL);
1671 		else if (os_strcasecmp(name, "CheckAAAServerCertStatus") == 0)
1672 			set_pps_cred_check_aaa_cert_status(ctx, id, child);
1673 		else if (os_strcasecmp(name, "SIM") == 0)
1674 			set_pps_cred_sim(ctx, id, child, realm);
1675 		else
1676 			wpa_printf(MSG_INFO, "Unknown Credential node '%s'",
1677 				   name);
1678 	}
1679 }
1680 
1681 
set_pps_credential(struct hs20_osu_client * ctx,int id,xml_node_t * cred,const char * fqdn)1682 static void set_pps_credential(struct hs20_osu_client *ctx, int id,
1683 			       xml_node_t *cred, const char *fqdn)
1684 {
1685 	xml_node_t *child;
1686 	const char *name;
1687 
1688 	xml_node_for_each_child(ctx->xml, child, cred) {
1689 		xml_node_for_each_check(ctx->xml, child);
1690 		name = xml_node_get_localname(ctx->xml, child);
1691 		if (os_strcasecmp(name, "Policy") == 0)
1692 			set_pps_cred_policy(ctx, id, child);
1693 		else if (os_strcasecmp(name, "CredentialPriority") == 0)
1694 			set_pps_cred_priority(ctx, id, child);
1695 		else if (os_strcasecmp(name, "AAAServerTrustRoot") == 0)
1696 			set_pps_cred_aaa_server_trust_root(ctx, id, child);
1697 		else if (os_strcasecmp(name, "SubscriptionUpdate") == 0)
1698 			set_pps_cred_sub_update(ctx, id, child);
1699 		else if (os_strcasecmp(name, "HomeSP") == 0)
1700 			set_pps_cred_home_sp(ctx, id, child);
1701 		else if (os_strcasecmp(name, "SubscriptionParameters") == 0)
1702 			set_pps_cred_sub_params(ctx, id, child);
1703 		else if (os_strcasecmp(name, "Credential") == 0)
1704 			set_pps_cred_credential(ctx, id, child, fqdn);
1705 		else
1706 			wpa_printf(MSG_INFO, "Unknown credential node '%s'",
1707 				   name);
1708 	}
1709 }
1710 
1711 
set_pps(struct hs20_osu_client * ctx,xml_node_t * pps,const char * fqdn)1712 static void set_pps(struct hs20_osu_client *ctx, xml_node_t *pps,
1713 		    const char *fqdn)
1714 {
1715 	xml_node_t *child;
1716 	const char *name;
1717 	int id;
1718 	char *update_identifier = NULL;
1719 
1720 	/*
1721 	 * TODO: Could consider more complex mechanism that would remove
1722 	 * credentials only if there are changes in the information sent to
1723 	 * wpa_supplicant.
1724 	 */
1725 	remove_sp_creds(ctx, fqdn);
1726 
1727 	xml_node_for_each_child(ctx->xml, child, pps) {
1728 		xml_node_for_each_check(ctx->xml, child);
1729 		name = xml_node_get_localname(ctx->xml, child);
1730 		if (os_strcasecmp(name, "UpdateIdentifier") == 0) {
1731 			update_identifier = xml_node_get_text(ctx->xml, child);
1732 			if (update_identifier) {
1733 				wpa_printf(MSG_INFO, "- UpdateIdentifier = %s",
1734 					   update_identifier);
1735 				break;
1736 			}
1737 		}
1738 	}
1739 
1740 	xml_node_for_each_child(ctx->xml, child, pps) {
1741 		xml_node_for_each_check(ctx->xml, child);
1742 		name = xml_node_get_localname(ctx->xml, child);
1743 		if (os_strcasecmp(name, "UpdateIdentifier") == 0)
1744 			continue;
1745 		id = add_cred(ctx->ifname);
1746 		if (id < 0) {
1747 			wpa_printf(MSG_INFO, "Failed to add credential to wpa_supplicant");
1748 			write_summary(ctx, "Failed to add credential to wpa_supplicant");
1749 			break;
1750 		}
1751 		write_summary(ctx, "Add a credential to wpa_supplicant");
1752 		if (update_identifier &&
1753 		    set_cred(ctx->ifname, id, "update_identifier",
1754 			     update_identifier) < 0)
1755 			wpa_printf(MSG_INFO, "Failed to set update_identifier");
1756 		if (set_cred_quoted(ctx->ifname, id, "provisioning_sp", fqdn) <
1757 		    0)
1758 			wpa_printf(MSG_INFO, "Failed to set provisioning_sp");
1759 		wpa_printf(MSG_INFO, "credential localname: '%s'", name);
1760 		set_pps_credential(ctx, id, child, fqdn);
1761 		ctx->pps_cred_set = 1;
1762 	}
1763 
1764 	xml_node_get_text_free(ctx->xml, update_identifier);
1765 }
1766 
1767 
cmd_set_pps(struct hs20_osu_client * ctx,const char * pps_fname)1768 void cmd_set_pps(struct hs20_osu_client *ctx, const char *pps_fname)
1769 {
1770 	xml_node_t *pps;
1771 	const char *fqdn;
1772 	char *fqdn_buf = NULL, *pos;
1773 
1774 	pps = node_from_file(ctx->xml, pps_fname);
1775 	if (pps == NULL) {
1776 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", pps_fname);
1777 		return;
1778 	}
1779 
1780 	fqdn = os_strstr(pps_fname, "SP/");
1781 	if (fqdn) {
1782 		fqdn_buf = os_strdup(fqdn + 3);
1783 		if (fqdn_buf == NULL)
1784 			return;
1785 		pos = os_strchr(fqdn_buf, '/');
1786 		if (pos)
1787 			*pos = '\0';
1788 		fqdn = fqdn_buf;
1789 	} else
1790 		fqdn = "wi-fi.org";
1791 
1792 	wpa_printf(MSG_INFO, "Set PPS MO info to wpa_supplicant - SP FQDN %s",
1793 		   fqdn);
1794 	set_pps(ctx, pps, fqdn);
1795 
1796 	os_free(fqdn_buf);
1797 	xml_node_free(ctx->xml, pps);
1798 }
1799 
1800 
cmd_get_fqdn(struct hs20_osu_client * ctx,const char * pps_fname)1801 static int cmd_get_fqdn(struct hs20_osu_client *ctx, const char *pps_fname)
1802 {
1803 	xml_node_t *pps, *node;
1804 	char *fqdn = NULL;
1805 
1806 	pps = node_from_file(ctx->xml, pps_fname);
1807 	if (pps == NULL) {
1808 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", pps_fname);
1809 		return -1;
1810 	}
1811 
1812 	node = get_child_node(ctx->xml, pps, "HomeSP/FQDN");
1813 	if (node)
1814 		fqdn = xml_node_get_text(ctx->xml, node);
1815 
1816 	xml_node_free(ctx->xml, pps);
1817 
1818 	if (fqdn) {
1819 		FILE *f = fopen("pps-fqdn", "w");
1820 		if (f) {
1821 			fprintf(f, "%s", fqdn);
1822 			fclose(f);
1823 		}
1824 		xml_node_get_text_free(ctx->xml, fqdn);
1825 		return 0;
1826 	}
1827 
1828 	xml_node_get_text_free(ctx->xml, fqdn);
1829 	return -1;
1830 }
1831 
1832 
cmd_to_tnds(struct hs20_osu_client * ctx,const char * in_fname,const char * out_fname,const char * urn,int use_path)1833 static void cmd_to_tnds(struct hs20_osu_client *ctx, const char *in_fname,
1834 			const char *out_fname, const char *urn, int use_path)
1835 {
1836 	xml_node_t *mo, *node;
1837 
1838 	mo = node_from_file(ctx->xml, in_fname);
1839 	if (mo == NULL) {
1840 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", in_fname);
1841 		return;
1842 	}
1843 
1844 	node = mo_to_tnds(ctx->xml, mo, use_path, urn, NULL);
1845 	if (node) {
1846 		node_to_file(ctx->xml, out_fname, node);
1847 		xml_node_free(ctx->xml, node);
1848 	}
1849 
1850 	xml_node_free(ctx->xml, mo);
1851 }
1852 
1853 
cmd_from_tnds(struct hs20_osu_client * ctx,const char * in_fname,const char * out_fname)1854 static void cmd_from_tnds(struct hs20_osu_client *ctx, const char *in_fname,
1855 			  const char *out_fname)
1856 {
1857 	xml_node_t *tnds, *mo;
1858 
1859 	tnds = node_from_file(ctx->xml, in_fname);
1860 	if (tnds == NULL) {
1861 		wpa_printf(MSG_INFO, "Could not read or parse '%s'", in_fname);
1862 		return;
1863 	}
1864 
1865 	mo = tnds_to_mo(ctx->xml, tnds);
1866 	if (mo) {
1867 		node_to_file(ctx->xml, out_fname, mo);
1868 		xml_node_free(ctx->xml, mo);
1869 	}
1870 
1871 	xml_node_free(ctx->xml, tnds);
1872 }
1873 
1874 
1875 struct osu_icon {
1876 	int id;
1877 	char lang[4];
1878 	char mime_type[256];
1879 	char filename[256];
1880 };
1881 
1882 struct osu_data {
1883 	char bssid[20];
1884 	char url[256];
1885 	unsigned int methods;
1886 	char osu_ssid[33];
1887 	char osu_nai[256];
1888 	struct osu_lang_text friendly_name[MAX_OSU_VALS];
1889 	size_t friendly_name_count;
1890 	struct osu_lang_text serv_desc[MAX_OSU_VALS];
1891 	size_t serv_desc_count;
1892 	struct osu_icon icon[MAX_OSU_VALS];
1893 	size_t icon_count;
1894 };
1895 
1896 
parse_osu_providers(const char * fname,size_t * count)1897 static struct osu_data * parse_osu_providers(const char *fname, size_t *count)
1898 {
1899 	FILE *f;
1900 	char buf[1000];
1901 	struct osu_data *osu = NULL, *last = NULL;
1902 	size_t osu_count = 0;
1903 	char *pos, *end;
1904 
1905 	f = fopen(fname, "r");
1906 	if (f == NULL) {
1907 		wpa_printf(MSG_ERROR, "Could not open %s", fname);
1908 		return NULL;
1909 	}
1910 
1911 	while (fgets(buf, sizeof(buf), f)) {
1912 		pos = strchr(buf, '\n');
1913 		if (pos)
1914 			*pos = '\0';
1915 
1916 		if (strncmp(buf, "OSU-PROVIDER ", 13) == 0) {
1917 			last = realloc(osu, (osu_count + 1) * sizeof(*osu));
1918 			if (last == NULL)
1919 				break;
1920 			osu = last;
1921 			last = &osu[osu_count++];
1922 			memset(last, 0, sizeof(*last));
1923 			snprintf(last->bssid, sizeof(last->bssid), "%s",
1924 				 buf + 13);
1925 			continue;
1926 		}
1927 		if (!last)
1928 			continue;
1929 
1930 		if (strncmp(buf, "uri=", 4) == 0) {
1931 			snprintf(last->url, sizeof(last->url), "%s", buf + 4);
1932 			continue;
1933 		}
1934 
1935 		if (strncmp(buf, "methods=", 8) == 0) {
1936 			last->methods = strtol(buf + 8, NULL, 16);
1937 			continue;
1938 		}
1939 
1940 		if (strncmp(buf, "osu_ssid=", 9) == 0) {
1941 			snprintf(last->osu_ssid, sizeof(last->osu_ssid),
1942 				 "%s", buf + 9);
1943 			continue;
1944 		}
1945 
1946 		if (os_strncmp(buf, "osu_nai=", 8) == 0) {
1947 			os_snprintf(last->osu_nai, sizeof(last->osu_nai),
1948 				    "%s", buf + 8);
1949 			continue;
1950 		}
1951 
1952 		if (strncmp(buf, "friendly_name=", 14) == 0) {
1953 			struct osu_lang_text *txt;
1954 			if (last->friendly_name_count == MAX_OSU_VALS)
1955 				continue;
1956 			pos = strchr(buf + 14, ':');
1957 			if (pos == NULL)
1958 				continue;
1959 			*pos++ = '\0';
1960 			txt = &last->friendly_name[last->friendly_name_count++];
1961 			snprintf(txt->lang, sizeof(txt->lang), "%s", buf + 14);
1962 			snprintf(txt->text, sizeof(txt->text), "%s", pos);
1963 		}
1964 
1965 		if (strncmp(buf, "desc=", 5) == 0) {
1966 			struct osu_lang_text *txt;
1967 			if (last->serv_desc_count == MAX_OSU_VALS)
1968 				continue;
1969 			pos = strchr(buf + 5, ':');
1970 			if (pos == NULL)
1971 				continue;
1972 			*pos++ = '\0';
1973 			txt = &last->serv_desc[last->serv_desc_count++];
1974 			snprintf(txt->lang, sizeof(txt->lang), "%s", buf + 5);
1975 			snprintf(txt->text, sizeof(txt->text), "%s", pos);
1976 		}
1977 
1978 		if (strncmp(buf, "icon=", 5) == 0) {
1979 			struct osu_icon *icon;
1980 			if (last->icon_count == MAX_OSU_VALS)
1981 				continue;
1982 			icon = &last->icon[last->icon_count++];
1983 			icon->id = atoi(buf + 5);
1984 			pos = strchr(buf, ':');
1985 			if (pos == NULL)
1986 				continue;
1987 			pos = strchr(pos + 1, ':');
1988 			if (pos == NULL)
1989 				continue;
1990 			pos = strchr(pos + 1, ':');
1991 			if (pos == NULL)
1992 				continue;
1993 			pos++;
1994 			end = strchr(pos, ':');
1995 			if (!end)
1996 				continue;
1997 			*end = '\0';
1998 			snprintf(icon->lang, sizeof(icon->lang), "%s", pos);
1999 			pos = end + 1;
2000 
2001 			end = strchr(pos, ':');
2002 			if (end)
2003 				*end = '\0';
2004 			snprintf(icon->mime_type, sizeof(icon->mime_type),
2005 				 "%s", pos);
2006 			if (!pos)
2007 				continue;
2008 			pos = end + 1;
2009 
2010 			end = strchr(pos, ':');
2011 			if (end)
2012 				*end = '\0';
2013 			snprintf(icon->filename, sizeof(icon->filename),
2014 				 "%s", pos);
2015 			continue;
2016 		}
2017 	}
2018 
2019 	fclose(f);
2020 
2021 	*count = osu_count;
2022 	return osu;
2023 }
2024 
2025 
osu_connect(struct hs20_osu_client * ctx,const char * bssid,const char * ssid,const char * url,unsigned int methods,int no_prod_assoc,const char * osu_nai)2026 static int osu_connect(struct hs20_osu_client *ctx, const char *bssid,
2027 		       const char *ssid, const char *url,
2028 		       unsigned int methods, int no_prod_assoc,
2029 		       const char *osu_nai)
2030 {
2031 	int id;
2032 	const char *ifname = ctx->ifname;
2033 	char buf[200];
2034 	struct wpa_ctrl *mon;
2035 	int res;
2036 
2037 	id = add_network(ifname);
2038 	if (id < 0)
2039 		return -1;
2040 	if (set_network_quoted(ifname, id, "ssid", ssid) < 0)
2041 		return -1;
2042 	if (osu_nai && os_strlen(osu_nai) > 0) {
2043 		char dir[255], fname[300];
2044 		if (getcwd(dir, sizeof(dir)) == NULL)
2045 			return -1;
2046 		os_snprintf(fname, sizeof(fname), "%s/osu-ca.pem", dir);
2047 
2048 		if (set_network(ifname, id, "proto", "OSEN") < 0 ||
2049 		    set_network(ifname, id, "key_mgmt", "OSEN") < 0 ||
2050 		    set_network(ifname, id, "pairwise", "CCMP") < 0 ||
2051 		    set_network(ifname, id, "group", "GTK_NOT_USED") < 0 ||
2052 		    set_network(ifname, id, "eap", "WFA-UNAUTH-TLS") < 0 ||
2053 		    set_network(ifname, id, "ocsp", "2") < 0 ||
2054 		    set_network_quoted(ifname, id, "identity", osu_nai) < 0 ||
2055 		    set_network_quoted(ifname, id, "ca_cert", fname) < 0)
2056 			return -1;
2057 	} else {
2058 		if (set_network(ifname, id, "key_mgmt", "NONE") < 0)
2059 			return -1;
2060 	}
2061 
2062 	mon = open_wpa_mon(ifname);
2063 	if (mon == NULL)
2064 		return -1;
2065 
2066 	wpa_printf(MSG_INFO, "Associate with OSU SSID");
2067 	write_summary(ctx, "Associate with OSU SSID");
2068 	snprintf(buf, sizeof(buf), "SELECT_NETWORK %d", id);
2069 	if (wpa_command(ifname, buf) < 0)
2070 		return -1;
2071 
2072 	res = get_wpa_cli_event(mon, "CTRL-EVENT-CONNECTED",
2073 				buf, sizeof(buf));
2074 
2075 	wpa_ctrl_detach(mon);
2076 	wpa_ctrl_close(mon);
2077 
2078 	if (res < 0) {
2079 		wpa_printf(MSG_INFO, "Could not connect");
2080 		write_summary(ctx, "Could not connect to OSU network");
2081 		wpa_printf(MSG_INFO, "Remove OSU network connection");
2082 		snprintf(buf, sizeof(buf), "REMOVE_NETWORK %d", id);
2083 		wpa_command(ifname, buf);
2084 		return -1;
2085 	}
2086 
2087 	write_summary(ctx, "Waiting for IP address for subscription registration");
2088 	if (wait_ip_addr(ifname, 15) < 0) {
2089 		wpa_printf(MSG_INFO, "Could not get IP address for WLAN - try connection anyway");
2090 	}
2091 
2092 	if (no_prod_assoc) {
2093 		if (res < 0)
2094 			return -1;
2095 		wpa_printf(MSG_INFO, "No production connection used for testing purposes");
2096 		write_summary(ctx, "No production connection used for testing purposes");
2097 		return 0;
2098 	}
2099 
2100 	ctx->no_reconnect = 1;
2101 	if (methods & 0x02) {
2102 		wpa_printf(MSG_DEBUG, "Calling cmd_prov from osu_connect");
2103 		res = cmd_prov(ctx, url);
2104 	} else if (methods & 0x01) {
2105 		wpa_printf(MSG_DEBUG,
2106 			   "Calling cmd_oma_dm_prov from osu_connect");
2107 		res = cmd_oma_dm_prov(ctx, url);
2108 	}
2109 
2110 	wpa_printf(MSG_INFO, "Remove OSU network connection");
2111 	write_summary(ctx, "Remove OSU network connection");
2112 	snprintf(buf, sizeof(buf), "REMOVE_NETWORK %d", id);
2113 	wpa_command(ifname, buf);
2114 
2115 	if (res < 0)
2116 		return -1;
2117 
2118 	wpa_printf(MSG_INFO, "Requesting reconnection with updated configuration");
2119 	write_summary(ctx, "Requesting reconnection with updated configuration");
2120 	if (wpa_command(ctx->ifname, "INTERWORKING_SELECT auto") < 0) {
2121 		wpa_printf(MSG_INFO, "Failed to request wpa_supplicant to reconnect");
2122 		write_summary(ctx, "Failed to request wpa_supplicant to reconnect");
2123 		return -1;
2124 	}
2125 
2126 	return 0;
2127 }
2128 
2129 
cmd_osu_select(struct hs20_osu_client * ctx,const char * dir,int connect,int no_prod_assoc,const char * friendly_name)2130 static int cmd_osu_select(struct hs20_osu_client *ctx, const char *dir,
2131 			  int connect, int no_prod_assoc,
2132 			  const char *friendly_name)
2133 {
2134 	char fname[255];
2135 	FILE *f;
2136 	struct osu_data *osu = NULL, *last = NULL;
2137 	size_t osu_count = 0, i, j;
2138 	int ret;
2139 
2140 	write_summary(ctx, "OSU provider selection");
2141 
2142 	if (dir == NULL) {
2143 		wpa_printf(MSG_INFO, "Missing dir parameter to osu_select");
2144 		return -1;
2145 	}
2146 
2147 	snprintf(fname, sizeof(fname), "%s/osu-providers.txt", dir);
2148 	osu = parse_osu_providers(fname, &osu_count);
2149 	if (osu == NULL) {
2150 		wpa_printf(MSG_INFO, "Could not find any OSU providers from %s",
2151 			   fname);
2152 		write_result(ctx, "No OSU providers available");
2153 		return -1;
2154 	}
2155 
2156 	if (friendly_name) {
2157 		for (i = 0; i < osu_count; i++) {
2158 			last = &osu[i];
2159 			for (j = 0; j < last->friendly_name_count; j++) {
2160 				if (os_strcmp(last->friendly_name[j].text,
2161 					      friendly_name) == 0)
2162 					break;
2163 			}
2164 			if (j < last->friendly_name_count)
2165 				break;
2166 		}
2167 		if (i == osu_count) {
2168 			wpa_printf(MSG_INFO, "Requested operator friendly name '%s' not found in the list of available providers",
2169 				   friendly_name);
2170 			write_summary(ctx, "Requested operator friendly name '%s' not found in the list of available providers",
2171 				      friendly_name);
2172 			free(osu);
2173 			return -1;
2174 		}
2175 
2176 		wpa_printf(MSG_INFO, "OSU Provider selected based on requested operator friendly name '%s'",
2177 			   friendly_name);
2178 		write_summary(ctx, "OSU Provider selected based on requested operator friendly name '%s'",
2179 			      friendly_name);
2180 		ret = i + 1;
2181 		goto selected;
2182 	}
2183 
2184 	snprintf(fname, sizeof(fname), "%s/osu-providers.html", dir);
2185 	f = fopen(fname, "w");
2186 	if (f == NULL) {
2187 		wpa_printf(MSG_INFO, "Could not open %s", fname);
2188 		free(osu);
2189 		return -1;
2190 	}
2191 
2192 	fprintf(f, "<html><head>"
2193 		"<meta http-equiv=\"Content-type\" content=\"text/html; "
2194 		"charset=utf-8\"<title>Select service operator</title>"
2195 		"</head><body><h1>Select service operator</h1>\n");
2196 
2197 	if (osu_count == 0)
2198 		fprintf(f, "No online signup available\n");
2199 
2200 	for (i = 0; i < osu_count; i++) {
2201 		last = &osu[i];
2202 #ifdef ANDROID
2203 		fprintf(f, "<p>\n"
2204 			"<a href=\"http://localhost:12345/osu/%d\">"
2205 			"<table><tr><td>", (int) i + 1);
2206 #else /* ANDROID */
2207 		fprintf(f, "<p>\n"
2208 			"<a href=\"osu://%d\">"
2209 			"<table><tr><td>", (int) i + 1);
2210 #endif /* ANDROID */
2211 		for (j = 0; j < last->icon_count; j++) {
2212 			fprintf(f, "<img src=\"osu-icon-%d.%s\">\n",
2213 				last->icon[j].id,
2214 				strcasecmp(last->icon[j].mime_type,
2215 					   "image/png") == 0 ? "png" : "icon");
2216 		}
2217 		fprintf(f, "<td>");
2218 		for (j = 0; j < last->friendly_name_count; j++) {
2219 			fprintf(f, "<small>[%s]</small> %s<br>\n",
2220 				last->friendly_name[j].lang,
2221 				last->friendly_name[j].text);
2222 		}
2223 		fprintf(f, "<tr><td colspan=2>");
2224 		for (j = 0; j < last->serv_desc_count; j++) {
2225 			fprintf(f, "<small>[%s]</small> %s<br>\n",
2226 				last->serv_desc[j].lang,
2227 				last->serv_desc[j].text);
2228 		}
2229 		fprintf(f, "</table></a><br><small>BSSID: %s<br>\n"
2230 			"SSID: %s<br>\n",
2231 			last->bssid, last->osu_ssid);
2232 		if (last->osu_nai[0])
2233 			fprintf(f, "NAI: %s<br>\n", last->osu_nai);
2234 		fprintf(f, "URL: %s<br>\n"
2235 			"methods:%s%s<br>\n"
2236 			"</small></p>\n",
2237 			last->url,
2238 			last->methods & 0x01 ? " OMA-DM" : "",
2239 			last->methods & 0x02 ? " SOAP-XML-SPP" : "");
2240 	}
2241 
2242 	fprintf(f, "</body></html>\n");
2243 
2244 	fclose(f);
2245 
2246 	snprintf(fname, sizeof(fname), "file://%s/osu-providers.html", dir);
2247 	write_summary(ctx, "Start web browser with OSU provider selection page");
2248 	ret = hs20_web_browser(fname);
2249 
2250 selected:
2251 	if (ret > 0 && (size_t) ret <= osu_count) {
2252 		char *data;
2253 		size_t data_len;
2254 
2255 		wpa_printf(MSG_INFO, "Selected OSU id=%d", ret);
2256 		last = &osu[ret - 1];
2257 		ret = 0;
2258 		wpa_printf(MSG_INFO, "BSSID: %s", last->bssid);
2259 		wpa_printf(MSG_INFO, "SSID: %s", last->osu_ssid);
2260 		wpa_printf(MSG_INFO, "URL: %s", last->url);
2261 		write_summary(ctx, "Selected OSU provider id=%d BSSID=%s SSID=%s URL=%s",
2262 			      ret, last->bssid, last->osu_ssid, last->url);
2263 
2264 		ctx->friendly_name_count = last->friendly_name_count;
2265 		for (j = 0; j < last->friendly_name_count; j++) {
2266 			wpa_printf(MSG_INFO, "FRIENDLY_NAME: [%s]%s",
2267 				   last->friendly_name[j].lang,
2268 				   last->friendly_name[j].text);
2269 			os_strlcpy(ctx->friendly_name[j].lang,
2270 				   last->friendly_name[j].lang,
2271 				   sizeof(ctx->friendly_name[j].lang));
2272 			os_strlcpy(ctx->friendly_name[j].text,
2273 				   last->friendly_name[j].text,
2274 				   sizeof(ctx->friendly_name[j].text));
2275 		}
2276 
2277 		ctx->icon_count = last->icon_count;
2278 		for (j = 0; j < last->icon_count; j++) {
2279 			char fname[256];
2280 
2281 			os_snprintf(fname, sizeof(fname), "%s/osu-icon-%d.%s",
2282 				    dir, last->icon[j].id,
2283 				    strcasecmp(last->icon[j].mime_type,
2284 					       "image/png") == 0 ?
2285 				    "png" : "icon");
2286 			wpa_printf(MSG_INFO, "ICON: %s (%s)",
2287 				   fname, last->icon[j].filename);
2288 			os_strlcpy(ctx->icon_filename[j],
2289 				   last->icon[j].filename,
2290 				   sizeof(ctx->icon_filename[j]));
2291 
2292 			data = os_readfile(fname, &data_len);
2293 			if (data) {
2294 				sha256_vector(1, (const u8 **) &data, &data_len,
2295 					      ctx->icon_hash[j]);
2296 				os_free(data);
2297 			}
2298 		}
2299 
2300 		if (connect == 2) {
2301 			if (last->methods & 0x02) {
2302 				wpa_printf(MSG_DEBUG,
2303 					   "Calling cmd_prov from cmd_osu_select");
2304 				ret = cmd_prov(ctx, last->url);
2305 			} else if (last->methods & 0x01) {
2306 				wpa_printf(MSG_DEBUG,
2307 					   "Calling cmd_oma_dm_prov from cmd_osu_select");
2308 				ret = cmd_oma_dm_prov(ctx, last->url);
2309 			} else {
2310 				wpa_printf(MSG_DEBUG,
2311 					   "No supported OSU provisioning method");
2312 				ret = -1;
2313 			}
2314 		} else if (connect)
2315 			ret = osu_connect(ctx, last->bssid, last->osu_ssid,
2316 					  last->url, last->methods,
2317 					  no_prod_assoc, last->osu_nai);
2318 	} else
2319 		ret = -1;
2320 
2321 	free(osu);
2322 
2323 	return ret;
2324 }
2325 
2326 
cmd_signup(struct hs20_osu_client * ctx,int no_prod_assoc,const char * friendly_name)2327 static int cmd_signup(struct hs20_osu_client *ctx, int no_prod_assoc,
2328 		      const char *friendly_name)
2329 {
2330 	char dir[255];
2331 	char fname[300], buf[400];
2332 	struct wpa_ctrl *mon;
2333 	const char *ifname;
2334 	int res;
2335 
2336 	ifname = ctx->ifname;
2337 
2338 	if (getcwd(dir, sizeof(dir)) == NULL)
2339 		return -1;
2340 
2341 	snprintf(fname, sizeof(fname), "%s/osu-info", dir);
2342 	if (mkdir(fname, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH) < 0 &&
2343 	    errno != EEXIST) {
2344 		wpa_printf(MSG_INFO, "mkdir(%s) failed: %s",
2345 			   fname, strerror(errno));
2346 		return -1;
2347 	}
2348 
2349 #ifdef ANDROID
2350 	/* Allow processes running with Group ID as AID_WIFI
2351 	 * to read/write files from osu-info directory
2352 	 */
2353 	if (chown(fname, -1, AID_WIFI)) {
2354 		wpa_printf(MSG_INFO, "Could not chown osu-info directory: %s",
2355 			   strerror(errno));
2356 	}
2357 #endif /* ANDROID */
2358 
2359 	snprintf(buf, sizeof(buf), "SET osu_dir %s", fname);
2360 	if (wpa_command(ifname, buf) < 0) {
2361 		wpa_printf(MSG_INFO, "Failed to configure osu_dir to wpa_supplicant");
2362 		return -1;
2363 	}
2364 
2365 	mon = open_wpa_mon(ifname);
2366 	if (mon == NULL)
2367 		return -1;
2368 
2369 	wpa_printf(MSG_INFO, "Starting OSU fetch");
2370 	write_summary(ctx, "Starting OSU provider information fetch");
2371 	if (wpa_command(ifname, "FETCH_OSU") < 0) {
2372 		wpa_printf(MSG_INFO, "Could not start OSU fetch");
2373 		wpa_ctrl_detach(mon);
2374 		wpa_ctrl_close(mon);
2375 		return -1;
2376 	}
2377 	res = get_wpa_cli_event(mon, "OSU provider fetch completed",
2378 				buf, sizeof(buf));
2379 
2380 	wpa_ctrl_detach(mon);
2381 	wpa_ctrl_close(mon);
2382 
2383 	if (res < 0) {
2384 		wpa_printf(MSG_INFO, "OSU fetch did not complete");
2385 		write_summary(ctx, "OSU fetch did not complete");
2386 		return -1;
2387 	}
2388 	wpa_printf(MSG_INFO, "OSU provider fetch completed");
2389 
2390 	return cmd_osu_select(ctx, fname, 1, no_prod_assoc, friendly_name);
2391 }
2392 
2393 
cmd_sub_rem(struct hs20_osu_client * ctx,const char * address,const char * pps_fname,const char * ca_fname)2394 static int cmd_sub_rem(struct hs20_osu_client *ctx, const char *address,
2395 		       const char *pps_fname, const char *ca_fname)
2396 {
2397 	xml_node_t *pps, *node;
2398 	char pps_fname_buf[300];
2399 	char ca_fname_buf[200];
2400 	char *cred_username = NULL;
2401 	char *cred_password = NULL;
2402 	char *sub_rem_uri = NULL;
2403 	char client_cert_buf[200];
2404 	char *client_cert = NULL;
2405 	char client_key_buf[200];
2406 	char *client_key = NULL;
2407 	int spp;
2408 
2409 	wpa_printf(MSG_INFO, "Subscription remediation requested with Server URL: %s",
2410 		   address);
2411 
2412 	if (!pps_fname) {
2413 		char buf[256];
2414 		wpa_printf(MSG_INFO, "Determining PPS file based on Home SP information");
2415 		if (os_strncmp(address, "fqdn=", 5) == 0) {
2416 			wpa_printf(MSG_INFO, "Use requested FQDN from command line");
2417 			os_snprintf(buf, sizeof(buf), "%s", address + 5);
2418 			address = NULL;
2419 		} else if (get_wpa_status(ctx->ifname, "provisioning_sp", buf,
2420 					  sizeof(buf)) < 0) {
2421 			wpa_printf(MSG_INFO, "Could not get provisioning Home SP FQDN from wpa_supplicant");
2422 			return -1;
2423 		}
2424 		os_free(ctx->fqdn);
2425 		ctx->fqdn = os_strdup(buf);
2426 		if (ctx->fqdn == NULL)
2427 			return -1;
2428 		wpa_printf(MSG_INFO, "Home SP FQDN for current credential: %s",
2429 			   buf);
2430 		os_snprintf(pps_fname_buf, sizeof(pps_fname_buf),
2431 			    "SP/%s/pps.xml", ctx->fqdn);
2432 		pps_fname = pps_fname_buf;
2433 
2434 		os_snprintf(ca_fname_buf, sizeof(ca_fname_buf), "SP/%s/ca.pem",
2435 			    ctx->fqdn);
2436 		ca_fname = ca_fname_buf;
2437 	}
2438 
2439 	if (!os_file_exists(pps_fname)) {
2440 		wpa_printf(MSG_INFO, "PPS file '%s' does not exist or is not accessible",
2441 			   pps_fname);
2442 		return -1;
2443 	}
2444 	wpa_printf(MSG_INFO, "Using PPS file: %s", pps_fname);
2445 
2446 	if (ca_fname && !os_file_exists(ca_fname)) {
2447 		wpa_printf(MSG_INFO, "CA file '%s' does not exist or is not accessible",
2448 			   ca_fname);
2449 		return -1;
2450 	}
2451 	wpa_printf(MSG_INFO, "Using server trust root: %s", ca_fname);
2452 	ctx->ca_fname = ca_fname;
2453 
2454 	pps = node_from_file(ctx->xml, pps_fname);
2455 	if (pps == NULL) {
2456 		wpa_printf(MSG_INFO, "Could not read PPS MO");
2457 		return -1;
2458 	}
2459 
2460 	if (!ctx->fqdn) {
2461 		char *tmp;
2462 		node = get_child_node(ctx->xml, pps, "HomeSP/FQDN");
2463 		if (node == NULL) {
2464 			wpa_printf(MSG_INFO, "No HomeSP/FQDN found from PPS");
2465 			return -1;
2466 		}
2467 		tmp = xml_node_get_text(ctx->xml, node);
2468 		if (tmp == NULL) {
2469 			wpa_printf(MSG_INFO, "No HomeSP/FQDN text found from PPS");
2470 			return -1;
2471 		}
2472 		ctx->fqdn = os_strdup(tmp);
2473 		xml_node_get_text_free(ctx->xml, tmp);
2474 		if (!ctx->fqdn) {
2475 			wpa_printf(MSG_INFO, "No FQDN known");
2476 			return -1;
2477 		}
2478 	}
2479 
2480 	node = get_child_node(ctx->xml, pps,
2481 			      "SubscriptionUpdate/UpdateMethod");
2482 	if (node) {
2483 		char *tmp;
2484 		tmp = xml_node_get_text(ctx->xml, node);
2485 		if (tmp && os_strcasecmp(tmp, "OMA-DM-ClientInitiated") == 0)
2486 			spp = 0;
2487 		else
2488 			spp = 1;
2489 	} else {
2490 		wpa_printf(MSG_INFO, "No UpdateMethod specified - assume SPP");
2491 		spp = 1;
2492 	}
2493 
2494 	get_user_pw(ctx, pps, "SubscriptionUpdate/UsernamePassword",
2495 		    &cred_username, &cred_password);
2496 	if (cred_username)
2497 		wpa_printf(MSG_INFO, "Using username: %s", cred_username);
2498 	if (cred_password)
2499 		wpa_printf(MSG_DEBUG, "Using password: %s", cred_password);
2500 
2501 	if (cred_username == NULL && cred_password == NULL &&
2502 	    get_child_node(ctx->xml, pps, "Credential/DigitalCertificate")) {
2503 		wpa_printf(MSG_INFO, "Using client certificate");
2504 		os_snprintf(client_cert_buf, sizeof(client_cert_buf),
2505 			    "SP/%s/client-cert.pem", ctx->fqdn);
2506 		client_cert = client_cert_buf;
2507 		os_snprintf(client_key_buf, sizeof(client_key_buf),
2508 			    "SP/%s/client-key.pem", ctx->fqdn);
2509 		client_key = client_key_buf;
2510 		ctx->client_cert_present = 1;
2511 	}
2512 
2513 	node = get_child_node(ctx->xml, pps, "SubscriptionUpdate/URI");
2514 	if (node) {
2515 		sub_rem_uri = xml_node_get_text(ctx->xml, node);
2516 		if (sub_rem_uri &&
2517 		    (!address || os_strcmp(address, sub_rem_uri) != 0)) {
2518 			wpa_printf(MSG_INFO, "Override sub rem URI based on PPS: %s",
2519 				   sub_rem_uri);
2520 			address = sub_rem_uri;
2521 		}
2522 	}
2523 	if (!address) {
2524 		wpa_printf(MSG_INFO, "Server URL not known");
2525 		return -1;
2526 	}
2527 
2528 	write_summary(ctx, "Wait for IP address for subscriptiom remediation");
2529 	wpa_printf(MSG_INFO, "Wait for IP address before starting subscription remediation");
2530 
2531 	if (wait_ip_addr(ctx->ifname, 15) < 0) {
2532 		wpa_printf(MSG_INFO, "Could not get IP address for WLAN - try connection anyway");
2533 	}
2534 
2535 	if (spp)
2536 		spp_sub_rem(ctx, address, pps_fname,
2537 			    client_cert, client_key,
2538 			    cred_username, cred_password, pps);
2539 	else
2540 		oma_dm_sub_rem(ctx, address, pps_fname,
2541 			       client_cert, client_key,
2542 			       cred_username, cred_password, pps);
2543 
2544 	xml_node_get_text_free(ctx->xml, sub_rem_uri);
2545 	xml_node_get_text_free(ctx->xml, cred_username);
2546 	str_clear_free(cred_password);
2547 	xml_node_free(ctx->xml, pps);
2548 	return 0;
2549 }
2550 
2551 
cmd_pol_upd(struct hs20_osu_client * ctx,const char * address,const char * pps_fname,const char * ca_fname)2552 static int cmd_pol_upd(struct hs20_osu_client *ctx, const char *address,
2553 		       const char *pps_fname, const char *ca_fname)
2554 {
2555 	xml_node_t *pps;
2556 	xml_node_t *node;
2557 	char pps_fname_buf[300];
2558 	char ca_fname_buf[200];
2559 	char *uri = NULL;
2560 	char *cred_username = NULL;
2561 	char *cred_password = NULL;
2562 	char client_cert_buf[200];
2563 	char *client_cert = NULL;
2564 	char client_key_buf[200];
2565 	char *client_key = NULL;
2566 	int spp;
2567 
2568 	wpa_printf(MSG_INFO, "Policy update requested");
2569 
2570 	if (!pps_fname) {
2571 		char buf[256];
2572 		wpa_printf(MSG_INFO, "Determining PPS file based on Home SP information");
2573 		if (address && os_strncmp(address, "fqdn=", 5) == 0) {
2574 			wpa_printf(MSG_INFO, "Use requested FQDN from command line");
2575 			os_snprintf(buf, sizeof(buf), "%s", address + 5);
2576 			address = NULL;
2577 		} else if (get_wpa_status(ctx->ifname, "provisioning_sp", buf,
2578 					  sizeof(buf)) < 0) {
2579 			wpa_printf(MSG_INFO, "Could not get provisioning Home SP FQDN from wpa_supplicant");
2580 			return -1;
2581 		}
2582 		os_free(ctx->fqdn);
2583 		ctx->fqdn = os_strdup(buf);
2584 		if (ctx->fqdn == NULL)
2585 			return -1;
2586 		wpa_printf(MSG_INFO, "Home SP FQDN for current credential: %s",
2587 			   buf);
2588 		os_snprintf(pps_fname_buf, sizeof(pps_fname_buf),
2589 			    "SP/%s/pps.xml", ctx->fqdn);
2590 		pps_fname = pps_fname_buf;
2591 
2592 		os_snprintf(ca_fname_buf, sizeof(ca_fname_buf), "SP/%s/ca.pem",
2593 			    buf);
2594 		ca_fname = ca_fname_buf;
2595 	}
2596 
2597 	if (!os_file_exists(pps_fname)) {
2598 		wpa_printf(MSG_INFO, "PPS file '%s' does not exist or is not accessible",
2599 			   pps_fname);
2600 		return -1;
2601 	}
2602 	wpa_printf(MSG_INFO, "Using PPS file: %s", pps_fname);
2603 
2604 	if (ca_fname && !os_file_exists(ca_fname)) {
2605 		wpa_printf(MSG_INFO, "CA file '%s' does not exist or is not accessible",
2606 			   ca_fname);
2607 		return -1;
2608 	}
2609 	wpa_printf(MSG_INFO, "Using server trust root: %s", ca_fname);
2610 	ctx->ca_fname = ca_fname;
2611 
2612 	pps = node_from_file(ctx->xml, pps_fname);
2613 	if (pps == NULL) {
2614 		wpa_printf(MSG_INFO, "Could not read PPS MO");
2615 		return -1;
2616 	}
2617 
2618 	if (!ctx->fqdn) {
2619 		char *tmp;
2620 		node = get_child_node(ctx->xml, pps, "HomeSP/FQDN");
2621 		if (node == NULL) {
2622 			wpa_printf(MSG_INFO, "No HomeSP/FQDN found from PPS");
2623 			return -1;
2624 		}
2625 		tmp = xml_node_get_text(ctx->xml, node);
2626 		if (tmp == NULL) {
2627 			wpa_printf(MSG_INFO, "No HomeSP/FQDN text found from PPS");
2628 			return -1;
2629 		}
2630 		ctx->fqdn = os_strdup(tmp);
2631 		xml_node_get_text_free(ctx->xml, tmp);
2632 		if (!ctx->fqdn) {
2633 			wpa_printf(MSG_INFO, "No FQDN known");
2634 			return -1;
2635 		}
2636 	}
2637 
2638 	node = get_child_node(ctx->xml, pps,
2639 			      "Policy/PolicyUpdate/UpdateMethod");
2640 	if (node) {
2641 		char *tmp;
2642 		tmp = xml_node_get_text(ctx->xml, node);
2643 		if (tmp && os_strcasecmp(tmp, "OMA-DM-ClientInitiated") == 0)
2644 			spp = 0;
2645 		else
2646 			spp = 1;
2647 	} else {
2648 		wpa_printf(MSG_INFO, "No UpdateMethod specified - assume SPP");
2649 		spp = 1;
2650 	}
2651 
2652 	get_user_pw(ctx, pps, "Policy/PolicyUpdate/UsernamePassword",
2653 		    &cred_username, &cred_password);
2654 	if (cred_username)
2655 		wpa_printf(MSG_INFO, "Using username: %s", cred_username);
2656 	if (cred_password)
2657 		wpa_printf(MSG_DEBUG, "Using password: %s", cred_password);
2658 
2659 	if (cred_username == NULL && cred_password == NULL &&
2660 	    get_child_node(ctx->xml, pps, "Credential/DigitalCertificate")) {
2661 		wpa_printf(MSG_INFO, "Using client certificate");
2662 		os_snprintf(client_cert_buf, sizeof(client_cert_buf),
2663 			    "SP/%s/client-cert.pem", ctx->fqdn);
2664 		client_cert = client_cert_buf;
2665 		os_snprintf(client_key_buf, sizeof(client_key_buf),
2666 			    "SP/%s/client-key.pem", ctx->fqdn);
2667 		client_key = client_key_buf;
2668 	}
2669 
2670 	if (!address) {
2671 		node = get_child_node(ctx->xml, pps, "Policy/PolicyUpdate/URI");
2672 		if (node) {
2673 			uri = xml_node_get_text(ctx->xml, node);
2674 			wpa_printf(MSG_INFO, "URI based on PPS: %s", uri);
2675 			address = uri;
2676 		}
2677 	}
2678 	if (!address) {
2679 		wpa_printf(MSG_INFO, "Server URL not known");
2680 		return -1;
2681 	}
2682 
2683 	if (spp)
2684 		spp_pol_upd(ctx, address, pps_fname,
2685 			    client_cert, client_key,
2686 			    cred_username, cred_password, pps);
2687 	else
2688 		oma_dm_pol_upd(ctx, address, pps_fname,
2689 			       client_cert, client_key,
2690 			       cred_username, cred_password, pps);
2691 
2692 	xml_node_get_text_free(ctx->xml, uri);
2693 	xml_node_get_text_free(ctx->xml, cred_username);
2694 	str_clear_free(cred_password);
2695 	xml_node_free(ctx->xml, pps);
2696 
2697 	return 0;
2698 }
2699 
2700 
get_hostname(const char * url)2701 static char * get_hostname(const char *url)
2702 {
2703 	const char *pos, *end, *end2;
2704 	char *ret;
2705 
2706 	if (url == NULL)
2707 		return NULL;
2708 
2709 	pos = os_strchr(url, '/');
2710 	if (pos == NULL)
2711 		return NULL;
2712 	pos++;
2713 	if (*pos != '/')
2714 		return NULL;
2715 	pos++;
2716 
2717 	end = os_strchr(pos, '/');
2718 	end2 = os_strchr(pos, ':');
2719 	if ((end && end2 && end2 < end) || (!end && end2))
2720 		end = end2;
2721 	if (end)
2722 		end--;
2723 	else {
2724 		end = pos;
2725 		while (*end)
2726 			end++;
2727 		if (end > pos)
2728 			end--;
2729 	}
2730 
2731 	ret = os_malloc(end - pos + 2);
2732 	if (ret == NULL)
2733 		return NULL;
2734 
2735 	os_memcpy(ret, pos, end - pos + 1);
2736 	ret[end - pos + 1] = '\0';
2737 
2738 	return ret;
2739 }
2740 
2741 
osu_cert_cb(void * _ctx,struct http_cert * cert)2742 static int osu_cert_cb(void *_ctx, struct http_cert *cert)
2743 {
2744 	struct hs20_osu_client *ctx = _ctx;
2745 	unsigned int i, j;
2746 	int found;
2747 	char *host = NULL;
2748 
2749 	wpa_printf(MSG_INFO, "osu_cert_cb(osu_cert_validation=%d, url=%s)",
2750 		   !ctx->no_osu_cert_validation, ctx->server_url);
2751 
2752 	host = get_hostname(ctx->server_url);
2753 
2754 	for (i = 0; i < ctx->server_dnsname_count; i++)
2755 		os_free(ctx->server_dnsname[i]);
2756 	os_free(ctx->server_dnsname);
2757 	ctx->server_dnsname = os_calloc(cert->num_dnsname, sizeof(char *));
2758 	ctx->server_dnsname_count = 0;
2759 
2760 	found = 0;
2761 	for (i = 0; i < cert->num_dnsname; i++) {
2762 		if (ctx->server_dnsname) {
2763 			ctx->server_dnsname[ctx->server_dnsname_count] =
2764 				os_strdup(cert->dnsname[i]);
2765 			if (ctx->server_dnsname[ctx->server_dnsname_count])
2766 				ctx->server_dnsname_count++;
2767 		}
2768 		if (host && os_strcasecmp(host, cert->dnsname[i]) == 0)
2769 			found = 1;
2770 		wpa_printf(MSG_INFO, "dNSName '%s'", cert->dnsname[i]);
2771 	}
2772 
2773 	if (host && !found) {
2774 		wpa_printf(MSG_INFO, "Server name from URL (%s) did not match any dNSName - abort connection",
2775 			   host);
2776 		write_result(ctx, "Server name from URL (%s) did not match any dNSName - abort connection",
2777 			     host);
2778 		os_free(host);
2779 		return -1;
2780 	}
2781 
2782 	os_free(host);
2783 
2784 	for (i = 0; i < cert->num_othername; i++) {
2785 		if (os_strcmp(cert->othername[i].oid,
2786 			      "1.3.6.1.4.1.40808.1.1.1") == 0) {
2787 			wpa_hexdump_ascii(MSG_INFO,
2788 					  "id-wfa-hotspot-friendlyName",
2789 					  cert->othername[i].data,
2790 					  cert->othername[i].len);
2791 		}
2792 	}
2793 
2794 	for (j = 0; !ctx->no_osu_cert_validation &&
2795 		     j < ctx->friendly_name_count; j++) {
2796 		int found = 0;
2797 		for (i = 0; i < cert->num_othername; i++) {
2798 			if (os_strcmp(cert->othername[i].oid,
2799 				      "1.3.6.1.4.1.40808.1.1.1") != 0)
2800 				continue;
2801 			if (cert->othername[i].len < 3)
2802 				continue;
2803 			if (os_strncasecmp((char *) cert->othername[i].data,
2804 					   ctx->friendly_name[j].lang, 3) != 0)
2805 				continue;
2806 			if (os_strncmp((char *) cert->othername[i].data + 3,
2807 				       ctx->friendly_name[j].text,
2808 				       cert->othername[i].len - 3) == 0) {
2809 				found = 1;
2810 				break;
2811 			}
2812 		}
2813 
2814 		if (!found) {
2815 			wpa_printf(MSG_INFO, "No friendly name match found for '[%s]%s'",
2816 				   ctx->friendly_name[j].lang,
2817 				   ctx->friendly_name[j].text);
2818 			write_result(ctx, "No friendly name match found for '[%s]%s'",
2819 				     ctx->friendly_name[j].lang,
2820 				     ctx->friendly_name[j].text);
2821 			return -1;
2822 		}
2823 	}
2824 
2825 	for (i = 0; i < cert->num_logo; i++) {
2826 		struct http_logo *logo = &cert->logo[i];
2827 
2828 		wpa_printf(MSG_INFO, "logo hash alg %s uri '%s'",
2829 			   logo->alg_oid, logo->uri);
2830 		wpa_hexdump_ascii(MSG_INFO, "hashValue",
2831 				  logo->hash, logo->hash_len);
2832 	}
2833 
2834 	for (j = 0; !ctx->no_osu_cert_validation && j < ctx->icon_count; j++) {
2835 		int found = 0;
2836 		char *name = ctx->icon_filename[j];
2837 		size_t name_len = os_strlen(name);
2838 
2839 		wpa_printf(MSG_INFO,
2840 			   "[%i] Looking for icon file name '%s' match",
2841 			   j, name);
2842 		for (i = 0; i < cert->num_logo; i++) {
2843 			struct http_logo *logo = &cert->logo[i];
2844 			size_t uri_len = os_strlen(logo->uri);
2845 			char *pos;
2846 
2847 			wpa_printf(MSG_INFO,
2848 				   "[%i] Comparing to '%s' uri_len=%d name_len=%d",
2849 				   i, logo->uri, (int) uri_len, (int) name_len);
2850 			if (uri_len < 1 + name_len) {
2851 				wpa_printf(MSG_INFO, "URI Length is too short");
2852 				continue;
2853 			}
2854 			pos = &logo->uri[uri_len - name_len - 1];
2855 			if (*pos != '/')
2856 				continue;
2857 			pos++;
2858 			if (os_strcmp(pos, name) == 0) {
2859 				found = 1;
2860 				break;
2861 			}
2862 		}
2863 
2864 		if (!found) {
2865 			wpa_printf(MSG_INFO, "No icon filename match found for '%s'",
2866 				   name);
2867 			write_result(ctx,
2868 				     "No icon filename match found for '%s'",
2869 				     name);
2870 			return -1;
2871 		}
2872 	}
2873 
2874 	for (j = 0; !ctx->no_osu_cert_validation && j < ctx->icon_count; j++) {
2875 		int found = 0;
2876 
2877 		for (i = 0; i < cert->num_logo; i++) {
2878 			struct http_logo *logo = &cert->logo[i];
2879 
2880 			if (logo->hash_len != 32) {
2881 				wpa_printf(MSG_INFO,
2882 					   "[%i][%i] Icon hash length invalid (should be 32): %d",
2883 					   j, i, (int) logo->hash_len);
2884 				continue;
2885 			}
2886 			if (os_memcmp(logo->hash, ctx->icon_hash[j], 32) == 0) {
2887 				found = 1;
2888 				break;
2889 			}
2890 
2891 			wpa_printf(MSG_DEBUG,
2892 				   "[%u][%u] Icon hash did not match", j, i);
2893 			wpa_hexdump_ascii(MSG_DEBUG, "logo->hash",
2894 					  logo->hash, 32);
2895 			wpa_hexdump_ascii(MSG_DEBUG, "ctx->icon_hash[j]",
2896 					  ctx->icon_hash[j], 32);
2897 		}
2898 
2899 		if (!found) {
2900 			wpa_printf(MSG_INFO,
2901 				   "No icon hash match (by hash) found");
2902 			write_result(ctx,
2903 				     "No icon hash match (by hash) found");
2904 			return -1;
2905 		}
2906 	}
2907 
2908 	return 0;
2909 }
2910 
2911 
init_ctx(struct hs20_osu_client * ctx)2912 static int init_ctx(struct hs20_osu_client *ctx)
2913 {
2914 	xml_node_t *devinfo, *devid;
2915 
2916 	os_memset(ctx, 0, sizeof(*ctx));
2917 	ctx->ifname = "wlan0";
2918 	ctx->xml = xml_node_init_ctx(ctx, NULL);
2919 	if (ctx->xml == NULL)
2920 		return -1;
2921 
2922 	devinfo = node_from_file(ctx->xml, "devinfo.xml");
2923 	if (!devinfo) {
2924 		wpa_printf(MSG_ERROR, "devinfo.xml not found");
2925 		return -1;
2926 	}
2927 
2928 	devid = get_node(ctx->xml, devinfo, "DevId");
2929 	if (devid) {
2930 		char *tmp = xml_node_get_text(ctx->xml, devid);
2931 		if (tmp) {
2932 			ctx->devid = os_strdup(tmp);
2933 			xml_node_get_text_free(ctx->xml, tmp);
2934 		}
2935 	}
2936 	xml_node_free(ctx->xml, devinfo);
2937 
2938 	if (ctx->devid == NULL) {
2939 		wpa_printf(MSG_ERROR, "Could not fetch DevId from devinfo.xml");
2940 		return -1;
2941 	}
2942 
2943 	ctx->http = http_init_ctx(ctx, ctx->xml);
2944 	if (ctx->http == NULL) {
2945 		xml_node_deinit_ctx(ctx->xml);
2946 		return -1;
2947 	}
2948 	http_ocsp_set(ctx->http, 2);
2949 	http_set_cert_cb(ctx->http, osu_cert_cb, ctx);
2950 
2951 	return 0;
2952 }
2953 
2954 
deinit_ctx(struct hs20_osu_client * ctx)2955 static void deinit_ctx(struct hs20_osu_client *ctx)
2956 {
2957 	size_t i;
2958 
2959 	http_deinit_ctx(ctx->http);
2960 	xml_node_deinit_ctx(ctx->xml);
2961 	os_free(ctx->fqdn);
2962 	os_free(ctx->server_url);
2963 	os_free(ctx->devid);
2964 
2965 	for (i = 0; i < ctx->server_dnsname_count; i++)
2966 		os_free(ctx->server_dnsname[i]);
2967 	os_free(ctx->server_dnsname);
2968 }
2969 
2970 
check_workarounds(struct hs20_osu_client * ctx)2971 static void check_workarounds(struct hs20_osu_client *ctx)
2972 {
2973 	FILE *f;
2974 	char buf[100];
2975 	unsigned long int val = 0;
2976 
2977 	f = fopen("hs20-osu-client.workarounds", "r");
2978 	if (f == NULL)
2979 		return;
2980 
2981 	if (fgets(buf, sizeof(buf), f))
2982 		val = strtoul(buf, NULL, 16);
2983 
2984 	fclose(f);
2985 
2986 	if (val) {
2987 		wpa_printf(MSG_INFO, "Workarounds enabled: 0x%lx", val);
2988 		ctx->workarounds = val;
2989 		if (ctx->workarounds & WORKAROUND_OCSP_OPTIONAL)
2990 			http_ocsp_set(ctx->http, 1);
2991 	}
2992 }
2993 
2994 
usage(void)2995 static void usage(void)
2996 {
2997 	printf("usage: hs20-osu-client [-dddqqKt] [-S<station ifname>] \\\n"
2998 	       "    [-w<wpa_supplicant ctrl_iface dir>] "
2999 	       "[-r<result file>] [-f<debug file>] \\\n"
3000 	       "    [-s<summary file>] \\\n"
3001 	       "    [-x<spp.xsd file name>] \\\n"
3002 	       "    <command> [arguments..]\n"
3003 	       "commands:\n"
3004 	       "- to_tnds <XML MO> <XML MO in TNDS format> [URN]\n"
3005 	       "- to_tnds2 <XML MO> <XML MO in TNDS format (Path) "
3006 	       "[URN]>\n"
3007 	       "- from_tnds <XML MO in TNDS format> <XML MO>\n"
3008 	       "- set_pps <PerProviderSubscription XML file name>\n"
3009 	       "- get_fqdn <PerProviderSubscription XML file name>\n"
3010 	       "- pol_upd [Server URL] [PPS] [CA cert]\n"
3011 	       "- sub_rem <Server URL> [PPS] [CA cert]\n"
3012 	       "- prov <Server URL> [CA cert]\n"
3013 	       "- oma_dm_prov <Server URL> [CA cert]\n"
3014 	       "- sim_prov <Server URL> [CA cert]\n"
3015 	       "- oma_dm_sim_prov <Server URL> [CA cert]\n"
3016 	       "- signup [CA cert]\n"
3017 	       "- dl_osu_ca <PPS> <CA file>\n"
3018 	       "- dl_polupd_ca <PPS> <CA file>\n"
3019 	       "- dl_aaa_ca <PPS> <CA file>\n"
3020 	       "- browser <URL>\n"
3021 	       "- parse_cert <X.509 certificate (DER)>\n"
3022 	       "- osu_select <OSU info directory> [CA cert]\n");
3023 }
3024 
3025 
main(int argc,char * argv[])3026 int main(int argc, char *argv[])
3027 {
3028 	struct hs20_osu_client ctx;
3029 	int c;
3030 	int ret = 0;
3031 	int no_prod_assoc = 0;
3032 	const char *friendly_name = NULL;
3033 	const char *wpa_debug_file_path = NULL;
3034 	extern char *wpas_ctrl_path;
3035 	extern int wpa_debug_level;
3036 	extern int wpa_debug_show_keys;
3037 	extern int wpa_debug_timestamp;
3038 
3039 	if (init_ctx(&ctx) < 0)
3040 		return -1;
3041 
3042 	for (;;) {
3043 		c = getopt(argc, argv, "df:hKNO:qr:s:S:tw:x:");
3044 		if (c < 0)
3045 			break;
3046 		switch (c) {
3047 		case 'd':
3048 			if (wpa_debug_level > 0)
3049 				wpa_debug_level--;
3050 			break;
3051 		case 'f':
3052 			wpa_debug_file_path = optarg;
3053 			break;
3054 		case 'K':
3055 			wpa_debug_show_keys++;
3056 			break;
3057 		case 'N':
3058 			no_prod_assoc = 1;
3059 			break;
3060 		case 'O':
3061 			friendly_name = optarg;
3062 			break;
3063 		case 'q':
3064 			wpa_debug_level++;
3065 			break;
3066 		case 'r':
3067 			ctx.result_file = optarg;
3068 			break;
3069 		case 's':
3070 			ctx.summary_file = optarg;
3071 			break;
3072 		case 'S':
3073 			ctx.ifname = optarg;
3074 			break;
3075 		case 't':
3076 			wpa_debug_timestamp++;
3077 			break;
3078 		case 'w':
3079 			wpas_ctrl_path = optarg;
3080 			break;
3081 		case 'x':
3082 			spp_xsd_fname = optarg;
3083 			break;
3084 		case 'h':
3085 		default:
3086 			usage();
3087 			exit(0);
3088 			break;
3089 		}
3090 	}
3091 
3092 	if (argc - optind < 1) {
3093 		usage();
3094 		exit(0);
3095 	}
3096 
3097 	wpa_debug_open_file(wpa_debug_file_path);
3098 
3099 #ifdef __linux__
3100 	setlinebuf(stdout);
3101 #endif /* __linux__ */
3102 
3103 	if (ctx.result_file)
3104 		unlink(ctx.result_file);
3105 	wpa_printf(MSG_DEBUG, "===[hs20-osu-client START - command: %s ]======"
3106 		   "================", argv[optind]);
3107 	check_workarounds(&ctx);
3108 
3109 	if (strcmp(argv[optind], "to_tnds") == 0) {
3110 		if (argc - optind < 2) {
3111 			usage();
3112 			exit(0);
3113 		}
3114 		cmd_to_tnds(&ctx, argv[optind + 1], argv[optind + 2],
3115 			    argc > optind + 3 ? argv[optind + 3] : NULL,
3116 			    0);
3117 	} else if (strcmp(argv[optind], "to_tnds2") == 0) {
3118 		if (argc - optind < 2) {
3119 			usage();
3120 			exit(0);
3121 		}
3122 		cmd_to_tnds(&ctx, argv[optind + 1], argv[optind + 2],
3123 			    argc > optind + 3 ? argv[optind + 3] : NULL,
3124 			    1);
3125 	} else if (strcmp(argv[optind], "from_tnds") == 0) {
3126 		if (argc - optind < 2) {
3127 			usage();
3128 			exit(0);
3129 		}
3130 		cmd_from_tnds(&ctx, argv[optind + 1], argv[optind + 2]);
3131 	} else if (strcmp(argv[optind], "sub_rem") == 0) {
3132 		if (argc - optind < 2) {
3133 			usage();
3134 			exit(0);
3135 		}
3136 		ret = cmd_sub_rem(&ctx, argv[optind + 1],
3137 				  argc > optind + 2 ? argv[optind + 2] : NULL,
3138 				  argc > optind + 3 ? argv[optind + 3] : NULL);
3139 	} else if (strcmp(argv[optind], "pol_upd") == 0) {
3140 		ret = cmd_pol_upd(&ctx,
3141 				  argc > optind + 1 ? argv[optind + 1] : NULL,
3142 				  argc > optind + 2 ? argv[optind + 2] : NULL,
3143 				  argc > optind + 3 ? argv[optind + 3] : NULL);
3144 	} else if (strcmp(argv[optind], "prov") == 0) {
3145 		if (argc - optind < 2) {
3146 			usage();
3147 			exit(0);
3148 		}
3149 		ctx.ca_fname = argv[optind + 2];
3150 		wpa_printf(MSG_DEBUG, "Calling cmd_prov from main");
3151 		cmd_prov(&ctx, argv[optind + 1]);
3152 	} else if (strcmp(argv[optind], "sim_prov") == 0) {
3153 		if (argc - optind < 2) {
3154 			usage();
3155 			exit(0);
3156 		}
3157 		ctx.ca_fname = argv[optind + 2];
3158 		cmd_sim_prov(&ctx, argv[optind + 1]);
3159 	} else if (strcmp(argv[optind], "dl_osu_ca") == 0) {
3160 		if (argc - optind < 2) {
3161 			usage();
3162 			exit(0);
3163 		}
3164 		cmd_dl_osu_ca(&ctx, argv[optind + 1], argv[optind + 2]);
3165 	} else if (strcmp(argv[optind], "dl_polupd_ca") == 0) {
3166 		if (argc - optind < 2) {
3167 			usage();
3168 			exit(0);
3169 		}
3170 		cmd_dl_polupd_ca(&ctx, argv[optind + 1], argv[optind + 2]);
3171 	} else if (strcmp(argv[optind], "dl_aaa_ca") == 0) {
3172 		if (argc - optind < 2) {
3173 			usage();
3174 			exit(0);
3175 		}
3176 		cmd_dl_aaa_ca(&ctx, argv[optind + 1], argv[optind + 2]);
3177 	} else if (strcmp(argv[optind], "osu_select") == 0) {
3178 		if (argc - optind < 2) {
3179 			usage();
3180 			exit(0);
3181 		}
3182 		ctx.ca_fname = argc > optind + 2 ? argv[optind + 2] : NULL;
3183 		cmd_osu_select(&ctx, argv[optind + 1], 2, 1, NULL);
3184 	} else if (strcmp(argv[optind], "signup") == 0) {
3185 		ctx.ca_fname = argc > optind + 1 ? argv[optind + 1] : NULL;
3186 		ret = cmd_signup(&ctx, no_prod_assoc, friendly_name);
3187 	} else if (strcmp(argv[optind], "set_pps") == 0) {
3188 		if (argc - optind < 2) {
3189 			usage();
3190 			exit(0);
3191 		}
3192 		cmd_set_pps(&ctx, argv[optind + 1]);
3193 	} else if (strcmp(argv[optind], "get_fqdn") == 0) {
3194 		if (argc - optind < 1) {
3195 			usage();
3196 			exit(0);
3197 		}
3198 		ret = cmd_get_fqdn(&ctx, argv[optind + 1]);
3199 	} else if (strcmp(argv[optind], "oma_dm_prov") == 0) {
3200 		if (argc - optind < 2) {
3201 			usage();
3202 			exit(0);
3203 		}
3204 		ctx.ca_fname = argv[optind + 2];
3205 		cmd_oma_dm_prov(&ctx, argv[optind + 1]);
3206 	} else if (strcmp(argv[optind], "oma_dm_sim_prov") == 0) {
3207 		if (argc - optind < 2) {
3208 			usage();
3209 			exit(0);
3210 		}
3211 		ctx.ca_fname = argv[optind + 2];
3212 		if (cmd_oma_dm_sim_prov(&ctx, argv[optind + 1]) < 0) {
3213 			write_summary(&ctx, "Failed to complete OMA DM SIM provisioning");
3214 			return -1;
3215 		}
3216 	} else if (strcmp(argv[optind], "oma_dm_add") == 0) {
3217 		if (argc - optind < 2) {
3218 			usage();
3219 			exit(0);
3220 		}
3221 		cmd_oma_dm_add(&ctx, argv[optind + 1], argv[optind + 2]);
3222 	} else if (strcmp(argv[optind], "oma_dm_replace") == 0) {
3223 		if (argc - optind < 2) {
3224 			usage();
3225 			exit(0);
3226 		}
3227 		cmd_oma_dm_replace(&ctx, argv[optind + 1], argv[optind + 2]);
3228 	} else if (strcmp(argv[optind], "est_csr") == 0) {
3229 		if (argc - optind < 2) {
3230 			usage();
3231 			exit(0);
3232 		}
3233 		mkdir("Cert", S_IRWXU);
3234 		est_build_csr(&ctx, argv[optind + 1]);
3235 	} else if (strcmp(argv[optind], "browser") == 0) {
3236 		int ret;
3237 
3238 		if (argc - optind < 2) {
3239 			usage();
3240 			exit(0);
3241 		}
3242 
3243 		wpa_printf(MSG_INFO, "Launch web browser to URL %s",
3244 			   argv[optind + 1]);
3245 		ret = hs20_web_browser(argv[optind + 1]);
3246 		wpa_printf(MSG_INFO, "Web browser result: %d", ret);
3247 	} else if (strcmp(argv[optind], "parse_cert") == 0) {
3248 		if (argc - optind < 2) {
3249 			usage();
3250 			exit(0);
3251 		}
3252 
3253 		wpa_debug_level = MSG_MSGDUMP;
3254 		http_parse_x509_certificate(ctx.http, argv[optind + 1]);
3255 		wpa_debug_level = MSG_INFO;
3256 	} else {
3257 		wpa_printf(MSG_INFO, "Unknown command '%s'", argv[optind]);
3258 	}
3259 
3260 	deinit_ctx(&ctx);
3261 	wpa_printf(MSG_DEBUG,
3262 		   "===[hs20-osu-client END ]======================");
3263 
3264 	wpa_debug_close_file();
3265 
3266 	return ret;
3267 }
3268