1 /* 2 * Hotspot 2.0 AP ANQP processing 3 * Copyright (c) 2009, Atheros Communications, Inc. 4 * Copyright (c) 2011-2013, Qualcomm Atheros, Inc. 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "includes.h" 11 12 #include "common.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "hostapd.h" 16 #include "ap_config.h" 17 #include "ap_drv_ops.h" 18 #include "sta_info.h" 19 #include "hs20.h" 20 21 22 u8 * hostapd_eid_hs20_indication(struct hostapd_data *hapd, u8 *eid) 23 { 24 u8 conf; 25 if (!hapd->conf->hs20) 26 return eid; 27 *eid++ = WLAN_EID_VENDOR_SPECIFIC; 28 *eid++ = 7; 29 WPA_PUT_BE24(eid, OUI_WFA); 30 eid += 3; 31 *eid++ = HS20_INDICATION_OUI_TYPE; 32 conf = HS20_VERSION; /* Release Number */ 33 conf |= HS20_ANQP_DOMAIN_ID_PRESENT; 34 if (hapd->conf->disable_dgaf) 35 conf |= HS20_DGAF_DISABLED; 36 *eid++ = conf; 37 WPA_PUT_LE16(eid, hapd->conf->anqp_domain_id); 38 eid += 2; 39 40 return eid; 41 } 42 43 44 u8 * hostapd_eid_osen(struct hostapd_data *hapd, u8 *eid) 45 { 46 u8 *len; 47 u16 capab; 48 49 if (!hapd->conf->osen) 50 return eid; 51 52 *eid++ = WLAN_EID_VENDOR_SPECIFIC; 53 len = eid++; /* to be filled */ 54 WPA_PUT_BE24(eid, OUI_WFA); 55 eid += 3; 56 *eid++ = HS20_OSEN_OUI_TYPE; 57 58 /* Group Data Cipher Suite */ 59 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED); 60 eid += RSN_SELECTOR_LEN; 61 62 /* Pairwise Cipher Suite Count and List */ 63 WPA_PUT_LE16(eid, 1); 64 eid += 2; 65 RSN_SELECTOR_PUT(eid, RSN_CIPHER_SUITE_CCMP); 66 eid += RSN_SELECTOR_LEN; 67 68 /* AKM Suite Count and List */ 69 WPA_PUT_LE16(eid, 1); 70 eid += 2; 71 RSN_SELECTOR_PUT(eid, RSN_AUTH_KEY_MGMT_OSEN); 72 eid += RSN_SELECTOR_LEN; 73 74 /* RSN Capabilities */ 75 capab = 0; 76 if (hapd->conf->wmm_enabled) { 77 /* 4 PTKSA replay counters when using WMM */ 78 capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); 79 } 80 #ifdef CONFIG_IEEE80211W 81 if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 82 capab |= WPA_CAPABILITY_MFPC; 83 if (hapd->conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) 84 capab |= WPA_CAPABILITY_MFPR; 85 } 86 #endif /* CONFIG_IEEE80211W */ 87 WPA_PUT_LE16(eid, capab); 88 eid += 2; 89 90 *len = eid - len - 1; 91 92 return eid; 93 } 94 95 96 int hs20_send_wnm_notification(struct hostapd_data *hapd, const u8 *addr, 97 u8 osu_method, const char *url) 98 { 99 struct wpabuf *buf; 100 size_t len = 0; 101 int ret; 102 103 /* TODO: should refuse to send notification if the STA is not associated 104 * or if the STA did not indicate support for WNM-Notification */ 105 106 if (url) { 107 len = 1 + os_strlen(url); 108 if (5 + len > 255) { 109 wpa_printf(MSG_INFO, "HS 2.0: Too long URL for " 110 "WNM-Notification: '%s'", url); 111 return -1; 112 } 113 } 114 115 buf = wpabuf_alloc(4 + 7 + len); 116 if (buf == NULL) 117 return -1; 118 119 wpabuf_put_u8(buf, WLAN_ACTION_WNM); 120 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ); 121 wpabuf_put_u8(buf, 1); /* Dialog token */ 122 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */ 123 124 /* Subscription Remediation subelement */ 125 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); 126 wpabuf_put_u8(buf, 5 + len); 127 wpabuf_put_be24(buf, OUI_WFA); 128 wpabuf_put_u8(buf, HS20_WNM_SUB_REM_NEEDED); 129 if (url) { 130 wpabuf_put_u8(buf, len - 1); 131 wpabuf_put_data(buf, url, len - 1); 132 wpabuf_put_u8(buf, osu_method); 133 } else { 134 /* Server URL and Server Method fields not included */ 135 wpabuf_put_u8(buf, 0); 136 } 137 138 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, 139 wpabuf_head(buf), wpabuf_len(buf)); 140 141 wpabuf_free(buf); 142 143 return ret; 144 } 145 146 147 int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd, 148 const u8 *addr, 149 const struct wpabuf *payload) 150 { 151 struct wpabuf *buf; 152 int ret; 153 154 /* TODO: should refuse to send notification if the STA is not associated 155 * or if the STA did not indicate support for WNM-Notification */ 156 157 buf = wpabuf_alloc(4 + 6 + wpabuf_len(payload)); 158 if (buf == NULL) 159 return -1; 160 161 wpabuf_put_u8(buf, WLAN_ACTION_WNM); 162 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ); 163 wpabuf_put_u8(buf, 1); /* Dialog token */ 164 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */ 165 166 /* Deauthentication Imminent Notice subelement */ 167 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); 168 wpabuf_put_u8(buf, 4 + wpabuf_len(payload)); 169 wpabuf_put_be24(buf, OUI_WFA); 170 wpabuf_put_u8(buf, HS20_WNM_DEAUTH_IMMINENT_NOTICE); 171 wpabuf_put_buf(buf, payload); 172 173 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, 174 wpabuf_head(buf), wpabuf_len(buf)); 175 176 wpabuf_free(buf); 177 178 return ret; 179 } 180 181 182 int hs20_send_wnm_notification_t_c(struct hostapd_data *hapd, 183 const u8 *addr, const char *url) 184 { 185 struct wpabuf *buf; 186 int ret; 187 size_t url_len; 188 189 if (!url) { 190 wpa_printf(MSG_INFO, "HS 2.0: No T&C Server URL available"); 191 return -1; 192 } 193 194 url_len = os_strlen(url); 195 if (5 + url_len > 255) { 196 wpa_printf(MSG_INFO, 197 "HS 2.0: Too long T&C Server URL for WNM-Notification: '%s'", 198 url); 199 return -1; 200 } 201 202 buf = wpabuf_alloc(4 + 7 + url_len); 203 if (!buf) 204 return -1; 205 206 wpabuf_put_u8(buf, WLAN_ACTION_WNM); 207 wpabuf_put_u8(buf, WNM_NOTIFICATION_REQ); 208 wpabuf_put_u8(buf, 1); /* Dialog token */ 209 wpabuf_put_u8(buf, 1); /* Type - 1 reserved for WFA */ 210 211 /* Terms and Conditions Acceptance subelement */ 212 wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); 213 wpabuf_put_u8(buf, 4 + 1 + url_len); 214 wpabuf_put_be24(buf, OUI_WFA); 215 wpabuf_put_u8(buf, HS20_WNM_T_C_ACCEPTANCE); 216 wpabuf_put_u8(buf, url_len); 217 wpabuf_put_str(buf, url); 218 219 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr, 220 wpabuf_head(buf), wpabuf_len(buf)); 221 222 wpabuf_free(buf); 223 224 return ret; 225 } 226 227 228 void hs20_t_c_filtering(struct hostapd_data *hapd, struct sta_info *sta, 229 int enabled) 230 { 231 if (enabled) { 232 wpa_printf(MSG_DEBUG, 233 "HS 2.0: Terms and Conditions filtering required for " 234 MACSTR, MAC2STR(sta->addr)); 235 sta->hs20_t_c_filtering = 1; 236 /* TODO: Enable firewall filtering for the STA */ 237 wpa_msg(hapd->msg_ctx, MSG_INFO, HS20_T_C_FILTERING_ADD MACSTR, 238 MAC2STR(sta->addr)); 239 } else { 240 wpa_printf(MSG_DEBUG, 241 "HS 2.0: Terms and Conditions filtering not required for " 242 MACSTR, MAC2STR(sta->addr)); 243 sta->hs20_t_c_filtering = 0; 244 /* TODO: Disable firewall filtering for the STA */ 245 wpa_msg(hapd->msg_ctx, MSG_INFO, 246 HS20_T_C_FILTERING_REMOVE MACSTR, MAC2STR(sta->addr)); 247 } 248 } 249