xref: /freebsd/contrib/wpa/src/common/gas.c (revision 67350cb56a69468c118bd4ccf6e361b7ebfa9eb4) 
1f05cddf9SRui Paulo /*
2f05cddf9SRui Paulo  * Generic advertisement service (GAS) (IEEE 802.11u)
3f05cddf9SRui Paulo  * Copyright (c) 2009, Atheros Communications
4f05cddf9SRui Paulo  * Copyright (c) 2011-2012, Qualcomm Atheros
5f05cddf9SRui Paulo  *
6f05cddf9SRui Paulo  * This software may be distributed under the terms of the BSD license.
7f05cddf9SRui Paulo  * See README for more details.
8f05cddf9SRui Paulo  */
9f05cddf9SRui Paulo 
10f05cddf9SRui Paulo #include "includes.h"
11f05cddf9SRui Paulo 
12f05cddf9SRui Paulo #include "common.h"
13f05cddf9SRui Paulo #include "ieee802_11_defs.h"
14f05cddf9SRui Paulo #include "gas.h"
15f05cddf9SRui Paulo 
16f05cddf9SRui Paulo 
17f05cddf9SRui Paulo static struct wpabuf *
gas_build_req(u8 action,u8 dialog_token,size_t size)18f05cddf9SRui Paulo gas_build_req(u8 action, u8 dialog_token, size_t size)
19f05cddf9SRui Paulo {
20f05cddf9SRui Paulo 	struct wpabuf *buf;
21f05cddf9SRui Paulo 
22f05cddf9SRui Paulo 	buf = wpabuf_alloc(100 + size);
23f05cddf9SRui Paulo 	if (buf == NULL)
24f05cddf9SRui Paulo 		return NULL;
25f05cddf9SRui Paulo 
26f05cddf9SRui Paulo 	wpabuf_put_u8(buf, WLAN_ACTION_PUBLIC);
27f05cddf9SRui Paulo 	wpabuf_put_u8(buf, action);
28f05cddf9SRui Paulo 	wpabuf_put_u8(buf, dialog_token);
29f05cddf9SRui Paulo 
30f05cddf9SRui Paulo 	return buf;
31f05cddf9SRui Paulo }
32f05cddf9SRui Paulo 
33f05cddf9SRui Paulo 
gas_build_initial_req(u8 dialog_token,size_t size)34f05cddf9SRui Paulo struct wpabuf * gas_build_initial_req(u8 dialog_token, size_t size)
35f05cddf9SRui Paulo {
36f05cddf9SRui Paulo 	return gas_build_req(WLAN_PA_GAS_INITIAL_REQ, dialog_token,
37f05cddf9SRui Paulo 			     size);
38f05cddf9SRui Paulo }
39f05cddf9SRui Paulo 
40f05cddf9SRui Paulo 
gas_build_comeback_req(u8 dialog_token)41f05cddf9SRui Paulo struct wpabuf * gas_build_comeback_req(u8 dialog_token)
42f05cddf9SRui Paulo {
43f05cddf9SRui Paulo 	return gas_build_req(WLAN_PA_GAS_COMEBACK_REQ, dialog_token, 0);
44f05cddf9SRui Paulo }
45f05cddf9SRui Paulo 
46f05cddf9SRui Paulo 
47f05cddf9SRui Paulo static struct wpabuf *
gas_build_resp(u8 action,u8 dialog_token,u16 status_code,u8 frag_id,u8 more,u16 comeback_delay,size_t size)48f05cddf9SRui Paulo gas_build_resp(u8 action, u8 dialog_token, u16 status_code, u8 frag_id,
49f05cddf9SRui Paulo 	       u8 more, u16 comeback_delay, size_t size)
50f05cddf9SRui Paulo {
51f05cddf9SRui Paulo 	struct wpabuf *buf;
52f05cddf9SRui Paulo 
53f05cddf9SRui Paulo 	buf = wpabuf_alloc(100 + size);
54f05cddf9SRui Paulo 	if (buf == NULL)
55f05cddf9SRui Paulo 		return NULL;
56f05cddf9SRui Paulo 
57f05cddf9SRui Paulo 	wpabuf_put_u8(buf, WLAN_ACTION_PUBLIC);
58f05cddf9SRui Paulo 	wpabuf_put_u8(buf, action);
59f05cddf9SRui Paulo 	wpabuf_put_u8(buf, dialog_token);
60f05cddf9SRui Paulo 	wpabuf_put_le16(buf, status_code);
61f05cddf9SRui Paulo 	if (action == WLAN_PA_GAS_COMEBACK_RESP)
62f05cddf9SRui Paulo 		wpabuf_put_u8(buf, frag_id | (more ? 0x80 : 0));
63f05cddf9SRui Paulo 	wpabuf_put_le16(buf, comeback_delay);
64f05cddf9SRui Paulo 
65f05cddf9SRui Paulo 	return buf;
66f05cddf9SRui Paulo }
67f05cddf9SRui Paulo 
68f05cddf9SRui Paulo 
69f05cddf9SRui Paulo struct wpabuf *
gas_build_initial_resp(u8 dialog_token,u16 status_code,u16 comeback_delay,size_t size)70f05cddf9SRui Paulo gas_build_initial_resp(u8 dialog_token, u16 status_code, u16 comeback_delay,
71f05cddf9SRui Paulo 		       size_t size)
72f05cddf9SRui Paulo {
73f05cddf9SRui Paulo 	return gas_build_resp(WLAN_PA_GAS_INITIAL_RESP, dialog_token,
74f05cddf9SRui Paulo 			      status_code, 0, 0, comeback_delay, size);
75f05cddf9SRui Paulo }
76f05cddf9SRui Paulo 
77f05cddf9SRui Paulo 
78*85732ac8SCy Schubert struct wpabuf *
gas_build_comeback_resp(u8 dialog_token,u16 status_code,u8 frag_id,u8 more,u16 comeback_delay,size_t size)79f05cddf9SRui Paulo gas_build_comeback_resp(u8 dialog_token, u16 status_code, u8 frag_id, u8 more,
80f05cddf9SRui Paulo 			u16 comeback_delay, size_t size)
81f05cddf9SRui Paulo {
82f05cddf9SRui Paulo 	return gas_build_resp(WLAN_PA_GAS_COMEBACK_RESP, dialog_token,
83f05cddf9SRui Paulo 			      status_code, frag_id, more, comeback_delay,
84f05cddf9SRui Paulo 			      size);
85f05cddf9SRui Paulo }
86f05cddf9SRui Paulo 
87f05cddf9SRui Paulo 
88f05cddf9SRui Paulo /**
89f05cddf9SRui Paulo  * gas_add_adv_proto_anqp - Add an Advertisement Protocol element
90f05cddf9SRui Paulo  * @buf: Buffer to which the element is added
91f05cddf9SRui Paulo  * @query_resp_len_limit: Query Response Length Limit in units of 256 octets
92f05cddf9SRui Paulo  * @pame_bi: Pre-Association Message Exchange BSSID Independent (0/1)
93f05cddf9SRui Paulo  *
94f05cddf9SRui Paulo  *
95f05cddf9SRui Paulo  * @query_resp_len_limit is 0 for request and 1-0x7f for response. 0x7f means
96f05cddf9SRui Paulo  * that the maximum limit is determined by the maximum allowable number of
97f05cddf9SRui Paulo  * fragments in the GAS Query Response Fragment ID.
98f05cddf9SRui Paulo  */
gas_add_adv_proto_anqp(struct wpabuf * buf,u8 query_resp_len_limit,u8 pame_bi)99f05cddf9SRui Paulo static void gas_add_adv_proto_anqp(struct wpabuf *buf, u8 query_resp_len_limit,
100f05cddf9SRui Paulo 				   u8 pame_bi)
101f05cddf9SRui Paulo {
102f05cddf9SRui Paulo 	/* Advertisement Protocol IE */
103f05cddf9SRui Paulo 	wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO);
104f05cddf9SRui Paulo 	wpabuf_put_u8(buf, 2); /* Length */
105f05cddf9SRui Paulo 	wpabuf_put_u8(buf, (query_resp_len_limit & 0x7f) |
106f05cddf9SRui Paulo 		      (pame_bi ? 0x80 : 0));
107f05cddf9SRui Paulo 	/* Advertisement Protocol */
108f05cddf9SRui Paulo 	wpabuf_put_u8(buf, ACCESS_NETWORK_QUERY_PROTOCOL);
109f05cddf9SRui Paulo }
110f05cddf9SRui Paulo 
111f05cddf9SRui Paulo 
gas_anqp_build_initial_req(u8 dialog_token,size_t size)112f05cddf9SRui Paulo struct wpabuf * gas_anqp_build_initial_req(u8 dialog_token, size_t size)
113f05cddf9SRui Paulo {
114f05cddf9SRui Paulo 	struct wpabuf *buf;
115f05cddf9SRui Paulo 
116f05cddf9SRui Paulo 	buf = gas_build_initial_req(dialog_token, 4 + size);
117f05cddf9SRui Paulo 	if (buf == NULL)
118f05cddf9SRui Paulo 		return NULL;
119f05cddf9SRui Paulo 
120f05cddf9SRui Paulo 	gas_add_adv_proto_anqp(buf, 0, 0);
121f05cddf9SRui Paulo 
122f05cddf9SRui Paulo 	wpabuf_put(buf, 2); /* Query Request Length to be filled */
123f05cddf9SRui Paulo 
124f05cddf9SRui Paulo 	return buf;
125f05cddf9SRui Paulo }
126f05cddf9SRui Paulo 
127f05cddf9SRui Paulo 
gas_anqp_build_initial_resp(u8 dialog_token,u16 status_code,u16 comeback_delay,size_t size)128f05cddf9SRui Paulo struct wpabuf * gas_anqp_build_initial_resp(u8 dialog_token, u16 status_code,
129f05cddf9SRui Paulo 					    u16 comeback_delay, size_t size)
130f05cddf9SRui Paulo {
131f05cddf9SRui Paulo 	struct wpabuf *buf;
132f05cddf9SRui Paulo 
133f05cddf9SRui Paulo 	buf = gas_build_initial_resp(dialog_token, status_code, comeback_delay,
134f05cddf9SRui Paulo 				     4 + size);
135f05cddf9SRui Paulo 	if (buf == NULL)
136f05cddf9SRui Paulo 		return NULL;
137f05cddf9SRui Paulo 
138f05cddf9SRui Paulo 	gas_add_adv_proto_anqp(buf, 0x7f, 0);
139f05cddf9SRui Paulo 
140f05cddf9SRui Paulo 	wpabuf_put(buf, 2); /* Query Response Length to be filled */
141f05cddf9SRui Paulo 
142f05cddf9SRui Paulo 	return buf;
143f05cddf9SRui Paulo }
144f05cddf9SRui Paulo 
145f05cddf9SRui Paulo 
gas_anqp_build_initial_resp_buf(u8 dialog_token,u16 status_code,u16 comeback_delay,struct wpabuf * payload)146f05cddf9SRui Paulo struct wpabuf * gas_anqp_build_initial_resp_buf(u8 dialog_token,
147f05cddf9SRui Paulo 						u16 status_code,
148f05cddf9SRui Paulo 						u16 comeback_delay,
149f05cddf9SRui Paulo 						struct wpabuf *payload)
150f05cddf9SRui Paulo {
151f05cddf9SRui Paulo 	struct wpabuf *buf;
152f05cddf9SRui Paulo 
153f05cddf9SRui Paulo 	buf = gas_anqp_build_initial_resp(dialog_token, status_code,
154f05cddf9SRui Paulo 					  comeback_delay,
155f05cddf9SRui Paulo 					  payload ? wpabuf_len(payload) : 0);
156f05cddf9SRui Paulo 	if (buf == NULL)
157f05cddf9SRui Paulo 		return NULL;
158f05cddf9SRui Paulo 
159f05cddf9SRui Paulo 	if (payload)
160f05cddf9SRui Paulo 		wpabuf_put_buf(buf, payload);
161f05cddf9SRui Paulo 
162f05cddf9SRui Paulo 	gas_anqp_set_len(buf);
163f05cddf9SRui Paulo 
164f05cddf9SRui Paulo 	return buf;
165f05cddf9SRui Paulo }
166f05cddf9SRui Paulo 
167f05cddf9SRui Paulo 
gas_anqp_build_comeback_resp(u8 dialog_token,u16 status_code,u8 frag_id,u8 more,u16 comeback_delay,size_t size)168f05cddf9SRui Paulo struct wpabuf * gas_anqp_build_comeback_resp(u8 dialog_token, u16 status_code,
169f05cddf9SRui Paulo 					     u8 frag_id, u8 more,
170f05cddf9SRui Paulo 					     u16 comeback_delay, size_t size)
171f05cddf9SRui Paulo {
172f05cddf9SRui Paulo 	struct wpabuf *buf;
173f05cddf9SRui Paulo 
174f05cddf9SRui Paulo 	buf = gas_build_comeback_resp(dialog_token, status_code,
175f05cddf9SRui Paulo 				      frag_id, more, comeback_delay, 4 + size);
176f05cddf9SRui Paulo 	if (buf == NULL)
177f05cddf9SRui Paulo 		return NULL;
178f05cddf9SRui Paulo 
179f05cddf9SRui Paulo 	gas_add_adv_proto_anqp(buf, 0x7f, 0);
180f05cddf9SRui Paulo 
181f05cddf9SRui Paulo 	wpabuf_put(buf, 2); /* Query Response Length to be filled */
182f05cddf9SRui Paulo 
183f05cddf9SRui Paulo 	return buf;
184f05cddf9SRui Paulo }
185f05cddf9SRui Paulo 
186f05cddf9SRui Paulo 
gas_anqp_build_comeback_resp_buf(u8 dialog_token,u16 status_code,u8 frag_id,u8 more,u16 comeback_delay,struct wpabuf * payload)187f05cddf9SRui Paulo struct wpabuf * gas_anqp_build_comeback_resp_buf(u8 dialog_token,
188f05cddf9SRui Paulo 						 u16 status_code,
189f05cddf9SRui Paulo 						 u8 frag_id, u8 more,
190f05cddf9SRui Paulo 						 u16 comeback_delay,
191f05cddf9SRui Paulo 						 struct wpabuf *payload)
192f05cddf9SRui Paulo {
193f05cddf9SRui Paulo 	struct wpabuf *buf;
194f05cddf9SRui Paulo 
195f05cddf9SRui Paulo 	buf = gas_anqp_build_comeback_resp(dialog_token, status_code, frag_id,
196f05cddf9SRui Paulo 					   more, comeback_delay,
197f05cddf9SRui Paulo 					   payload ? wpabuf_len(payload) : 0);
198f05cddf9SRui Paulo 	if (buf == NULL)
199f05cddf9SRui Paulo 		return NULL;
200f05cddf9SRui Paulo 
201f05cddf9SRui Paulo 	if (payload)
202f05cddf9SRui Paulo 		wpabuf_put_buf(buf, payload);
203f05cddf9SRui Paulo 
204f05cddf9SRui Paulo 	gas_anqp_set_len(buf);
205f05cddf9SRui Paulo 
206f05cddf9SRui Paulo 	return buf;
207f05cddf9SRui Paulo }
208f05cddf9SRui Paulo 
209f05cddf9SRui Paulo 
210f05cddf9SRui Paulo /**
211f05cddf9SRui Paulo  * gas_anqp_set_len - Set Query Request/Response Length
212f05cddf9SRui Paulo  * @buf: GAS message
213f05cddf9SRui Paulo  *
214f05cddf9SRui Paulo  * This function is used to update the Query Request/Response Length field once
215f05cddf9SRui Paulo  * the payload has been filled.
216f05cddf9SRui Paulo  */
gas_anqp_set_len(struct wpabuf * buf)217f05cddf9SRui Paulo void gas_anqp_set_len(struct wpabuf *buf)
218f05cddf9SRui Paulo {
219f05cddf9SRui Paulo 	u8 action;
220f05cddf9SRui Paulo 	size_t offset;
221f05cddf9SRui Paulo 	u8 *len;
222f05cddf9SRui Paulo 
223f05cddf9SRui Paulo 	if (buf == NULL || wpabuf_len(buf) < 2)
224f05cddf9SRui Paulo 		return;
225f05cddf9SRui Paulo 
226f05cddf9SRui Paulo 	action = *(wpabuf_head_u8(buf) + 1);
227f05cddf9SRui Paulo 	switch (action) {
228f05cddf9SRui Paulo 	case WLAN_PA_GAS_INITIAL_REQ:
229f05cddf9SRui Paulo 		offset = 3 + 4;
230f05cddf9SRui Paulo 		break;
231f05cddf9SRui Paulo 	case WLAN_PA_GAS_INITIAL_RESP:
232f05cddf9SRui Paulo 		offset = 7 + 4;
233f05cddf9SRui Paulo 		break;
234f05cddf9SRui Paulo 	case WLAN_PA_GAS_COMEBACK_RESP:
235f05cddf9SRui Paulo 		offset = 8 + 4;
236f05cddf9SRui Paulo 		break;
237f05cddf9SRui Paulo 	default:
238f05cddf9SRui Paulo 		return;
239f05cddf9SRui Paulo 	}
240f05cddf9SRui Paulo 
241f05cddf9SRui Paulo 	if (wpabuf_len(buf) < offset + 2)
242f05cddf9SRui Paulo 		return;
243f05cddf9SRui Paulo 
244f05cddf9SRui Paulo 	len = wpabuf_mhead_u8(buf) + offset;
245f05cddf9SRui Paulo 	WPA_PUT_LE16(len, (u8 *) wpabuf_put(buf, 0) - len - 2);
246f05cddf9SRui Paulo }
247f05cddf9SRui Paulo 
248f05cddf9SRui Paulo 
249f05cddf9SRui Paulo /**
250f05cddf9SRui Paulo  * gas_anqp_add_element - Add ANQP element header
251f05cddf9SRui Paulo  * @buf: GAS message
252f05cddf9SRui Paulo  * @info_id: ANQP Info ID
253f05cddf9SRui Paulo  * Returns: Pointer to the Length field for gas_anqp_set_element_len()
254f05cddf9SRui Paulo  */
gas_anqp_add_element(struct wpabuf * buf,u16 info_id)255f05cddf9SRui Paulo u8 * gas_anqp_add_element(struct wpabuf *buf, u16 info_id)
256f05cddf9SRui Paulo {
257f05cddf9SRui Paulo 	wpabuf_put_le16(buf, info_id);
258f05cddf9SRui Paulo 	return wpabuf_put(buf, 2); /* Length to be filled */
259f05cddf9SRui Paulo }
260f05cddf9SRui Paulo 
261f05cddf9SRui Paulo 
262f05cddf9SRui Paulo /**
263f05cddf9SRui Paulo  * gas_anqp_set_element_len - Update ANQP element Length field
264f05cddf9SRui Paulo  * @buf: GAS message
265f05cddf9SRui Paulo  * @len_pos: Length field position from gas_anqp_add_element()
266f05cddf9SRui Paulo  *
267f05cddf9SRui Paulo  * This function is called after the ANQP element payload has been added to the
268f05cddf9SRui Paulo  * buffer.
269f05cddf9SRui Paulo  */
gas_anqp_set_element_len(struct wpabuf * buf,u8 * len_pos)270f05cddf9SRui Paulo void gas_anqp_set_element_len(struct wpabuf *buf, u8 *len_pos)
271f05cddf9SRui Paulo {
272f05cddf9SRui Paulo 	WPA_PUT_LE16(len_pos, (u8 *) wpabuf_put(buf, 0) - len_pos - 2);
273f05cddf9SRui Paulo }
274