2 * Wi-Fi Protected Setup - External Registrar
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
22 #include "http_client.h"
23 #include "http_server.h"
27 #include "wps_upnp_i.h"
31 static void wps_er_ap_timeout(void *eloop_data, void *user_ctx);
32 static void wps_er_sta_timeout(void *eloop_data, void *user_ctx);
33 static void wps_er_ap_process(struct wps_er_ap *ap, struct wpabuf *msg);
34 static int wps_er_send_get_device_info(struct wps_er_ap *ap,
35 void (*m1_handler)(struct wps_er_ap *ap,
39 static void wps_er_sta_event(struct wps_context *wps, struct wps_er_sta *sta,
42 union wps_event_data data;
43 struct wps_event_er_enrollee *ev = &data.enrollee;
45 if (wps->event_cb == NULL)
48 os_memset(&data, 0, sizeof(data));
50 ev->mac_addr = sta->addr;
51 ev->m1_received = sta->m1_received;
52 ev->config_methods = sta->config_methods;
53 ev->dev_passwd_id = sta->dev_passwd_id;
54 ev->pri_dev_type = sta->pri_dev_type;
55 ev->dev_name = sta->dev_name;
56 ev->manufacturer = sta->manufacturer;
57 ev->model_name = sta->model_name;
58 ev->model_number = sta->model_number;
59 ev->serial_number = sta->serial_number;
60 wps->event_cb(wps->cb_ctx, event, &data);
64 static struct wps_er_sta * wps_er_sta_get(struct wps_er_ap *ap, const u8 *addr)
66 struct wps_er_sta *sta = ap->sta;
68 if (os_memcmp(sta->addr, addr, ETH_ALEN) == 0)
76 static void wps_er_sta_free(struct wps_er_sta *sta)
78 wps_er_sta_event(sta->ap->er->wps, sta, WPS_EV_ER_ENROLLEE_REMOVE);
81 os_free(sta->manufacturer);
82 os_free(sta->model_name);
83 os_free(sta->model_number);
84 os_free(sta->serial_number);
85 os_free(sta->dev_name);
86 http_client_free(sta->http);
87 eloop_cancel_timeout(wps_er_sta_timeout, sta, NULL);
92 static void wps_er_sta_unlink(struct wps_er_sta *sta)
94 struct wps_er_sta *prev, *tmp;
95 struct wps_er_ap *ap = sta->ap;
101 prev->next = sta->next;
112 static void wps_er_sta_remove_all(struct wps_er_ap *ap)
114 struct wps_er_sta *prev, *sta;
122 wps_er_sta_free(prev);
127 static struct wps_er_ap * wps_er_ap_get(struct wps_er *er,
128 struct in_addr *addr, const u8 *uuid)
130 struct wps_er_ap *ap;
131 for (ap = er->ap; ap; ap = ap->next) {
132 if ((addr == NULL || ap->addr.s_addr == addr->s_addr) &&
134 os_memcmp(uuid, ap->uuid, WPS_UUID_LEN) == 0))
141 static struct wps_er_ap * wps_er_ap_get_id(struct wps_er *er, unsigned int id)
143 struct wps_er_ap *ap;
144 for (ap = er->ap; ap; ap = ap->next) {
152 static void wps_er_ap_event(struct wps_context *wps, struct wps_er_ap *ap,
153 enum wps_event event)
155 union wps_event_data data;
156 struct wps_event_er_ap *evap = &data.ap;
158 if (wps->event_cb == NULL)
161 os_memset(&data, 0, sizeof(data));
162 evap->uuid = ap->uuid;
163 evap->friendly_name = ap->friendly_name;
164 evap->manufacturer = ap->manufacturer;
165 evap->manufacturer_url = ap->manufacturer_url;
166 evap->model_description = ap->model_description;
167 evap->model_name = ap->model_name;
168 evap->model_number = ap->model_number;
169 evap->model_url = ap->model_url;
170 evap->serial_number = ap->serial_number;
172 evap->pri_dev_type = ap->pri_dev_type;
173 evap->wps_state = ap->wps_state;
174 evap->mac_addr = ap->mac_addr;
175 wps->event_cb(wps->cb_ctx, event, &data);
179 static void wps_er_ap_free(struct wps_er *er, struct wps_er_ap *ap)
181 /* TODO: if ap->subscribed, unsubscribe from events if the AP is still
183 wpa_printf(MSG_DEBUG, "WPS ER: Removing AP entry for %s (%s)",
184 inet_ntoa(ap->addr), ap->location);
185 eloop_cancel_timeout(wps_er_ap_timeout, er, ap);
186 wps_er_ap_event(er->wps, ap, WPS_EV_ER_AP_REMOVE);
187 os_free(ap->location);
188 http_client_free(ap->http);
192 os_free(ap->friendly_name);
193 os_free(ap->manufacturer);
194 os_free(ap->manufacturer_url);
195 os_free(ap->model_description);
196 os_free(ap->model_name);
197 os_free(ap->model_number);
198 os_free(ap->model_url);
199 os_free(ap->serial_number);
203 os_free(ap->scpd_url);
204 os_free(ap->control_url);
205 os_free(ap->event_sub_url);
207 os_free(ap->ap_settings);
209 wps_er_sta_remove_all(ap);
215 static void wps_er_ap_unlink(struct wps_er *er, struct wps_er_ap *ap)
217 struct wps_er_ap *prev, *tmp;
223 prev->next = ap->next;
234 static void wps_er_ap_timeout(void *eloop_data, void *user_ctx)
236 struct wps_er *er = eloop_data;
237 struct wps_er_ap *ap = user_ctx;
238 wpa_printf(MSG_DEBUG, "WPS ER: AP advertisement timed out");
239 wps_er_ap_unlink(er, ap);
240 wps_er_ap_free(er, ap);
244 static void wps_er_http_subscribe_cb(void *ctx, struct http_client *c,
245 enum http_client_event event)
247 struct wps_er_ap *ap = ctx;
251 wpa_printf(MSG_DEBUG, "WPS ER: Subscribed to events");
252 wps_er_ap_event(ap->er->wps, ap, WPS_EV_ER_AP_ADD);
254 case HTTP_CLIENT_FAILED:
255 case HTTP_CLIENT_INVALID_REPLY:
256 case HTTP_CLIENT_TIMEOUT:
257 wpa_printf(MSG_DEBUG, "WPS ER: Failed to subscribe to events");
260 http_client_free(ap->http);
265 static void wps_er_subscribe(struct wps_er_ap *ap)
268 struct sockaddr_in dst;
271 if (ap->event_sub_url == NULL) {
272 wpa_printf(MSG_DEBUG, "WPS ER: No eventSubURL - cannot "
277 wpa_printf(MSG_DEBUG, "WPS ER: Pending HTTP request - cannot "
278 "send subscribe request");
282 url = http_client_url_parse(ap->event_sub_url, &dst, &path);
284 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse eventSubURL");
288 req = wpabuf_alloc(os_strlen(ap->event_sub_url) + 1000);
294 "SUBSCRIBE %s HTTP/1.1\r\n"
296 "CALLBACK: <http://%s:%d/event/%u/%u>\r\n"
298 "TIMEOUT: Second-%d\r\n"
300 path, inet_ntoa(dst.sin_addr), ntohs(dst.sin_port),
301 ap->er->ip_addr_text, ap->er->http_port,
302 ap->er->event_id, ap->id, 1800);
304 wpa_hexdump_ascii(MSG_MSGDUMP, "WPS ER: Subscription request",
305 wpabuf_head(req), wpabuf_len(req));
307 ap->http = http_client_addr(&dst, req, 1000, wps_er_http_subscribe_cb,
309 if (ap->http == NULL)
314 static void wps_er_ap_get_m1(struct wps_er_ap *ap, struct wpabuf *m1)
316 struct wps_parse_attr attr;
318 if (wps_parse_msg(m1, &attr) < 0) {
319 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse M1");
322 if (attr.primary_dev_type)
323 os_memcpy(ap->pri_dev_type, attr.primary_dev_type, 8);
325 ap->wps_state = *attr.wps_state;
327 os_memcpy(ap->mac_addr, attr.mac_addr, ETH_ALEN);
329 wps_er_subscribe(ap);
333 static void wps_er_get_device_info(struct wps_er_ap *ap)
335 wps_er_send_get_device_info(ap, wps_er_ap_get_m1);
339 static void wps_er_parse_device_description(struct wps_er_ap *ap,
340 struct wpabuf *reply)
342 /* Note: reply includes null termination after the buffer data */
343 const char *data = wpabuf_head(reply);
346 wpa_hexdump_ascii(MSG_MSGDUMP, "WPS ER: Device info",
347 wpabuf_head(reply), wpabuf_len(reply));
349 ap->friendly_name = xml_get_first_item(data, "friendlyName");
350 wpa_printf(MSG_DEBUG, "WPS ER: friendlyName='%s'", ap->friendly_name);
352 ap->manufacturer = xml_get_first_item(data, "manufacturer");
353 wpa_printf(MSG_DEBUG, "WPS ER: manufacturer='%s'", ap->manufacturer);
355 ap->manufacturer_url = xml_get_first_item(data, "manufacturerURL");
356 wpa_printf(MSG_DEBUG, "WPS ER: manufacturerURL='%s'",
357 ap->manufacturer_url);
359 ap->model_description = xml_get_first_item(data, "modelDescription");
360 wpa_printf(MSG_DEBUG, "WPS ER: modelDescription='%s'",
361 ap->model_description);
363 ap->model_name = xml_get_first_item(data, "modelName");
364 wpa_printf(MSG_DEBUG, "WPS ER: modelName='%s'", ap->model_name);
366 ap->model_number = xml_get_first_item(data, "modelNumber");
367 wpa_printf(MSG_DEBUG, "WPS ER: modelNumber='%s'", ap->model_number);
369 ap->model_url = xml_get_first_item(data, "modelURL");
370 wpa_printf(MSG_DEBUG, "WPS ER: modelURL='%s'", ap->model_url);
372 ap->serial_number = xml_get_first_item(data, "serialNumber");
373 wpa_printf(MSG_DEBUG, "WPS ER: serialNumber='%s'", ap->serial_number);
375 ap->udn = xml_get_first_item(data, "UDN");
376 wpa_printf(MSG_DEBUG, "WPS ER: UDN='%s'", ap->udn);
377 pos = os_strstr(ap->udn, "uuid:");
380 uuid_str2bin(pos, ap->uuid);
383 ap->upc = xml_get_first_item(data, "UPC");
384 wpa_printf(MSG_DEBUG, "WPS ER: UPC='%s'", ap->upc);
386 ap->scpd_url = http_link_update(
387 xml_get_first_item(data, "SCPDURL"), ap->location);
388 wpa_printf(MSG_DEBUG, "WPS ER: SCPDURL='%s'", ap->scpd_url);
390 ap->control_url = http_link_update(
391 xml_get_first_item(data, "controlURL"), ap->location);
392 wpa_printf(MSG_DEBUG, "WPS ER: controlURL='%s'", ap->control_url);
394 ap->event_sub_url = http_link_update(
395 xml_get_first_item(data, "eventSubURL"), ap->location);
396 wpa_printf(MSG_DEBUG, "WPS ER: eventSubURL='%s'", ap->event_sub_url);
400 static void wps_er_http_dev_desc_cb(void *ctx, struct http_client *c,
401 enum http_client_event event)
403 struct wps_er_ap *ap = ctx;
404 struct wpabuf *reply;
409 reply = http_client_get_body(c);
412 wps_er_parse_device_description(ap, reply);
415 case HTTP_CLIENT_FAILED:
416 case HTTP_CLIENT_INVALID_REPLY:
417 case HTTP_CLIENT_TIMEOUT:
418 wpa_printf(MSG_DEBUG, "WPS ER: Failed to fetch device info");
421 http_client_free(ap->http);
424 wps_er_get_device_info(ap);
428 void wps_er_ap_add(struct wps_er *er, const u8 *uuid, struct in_addr *addr,
429 const char *location, int max_age)
431 struct wps_er_ap *ap;
433 ap = wps_er_ap_get(er, addr, uuid);
435 /* Update advertisement timeout */
436 eloop_cancel_timeout(wps_er_ap_timeout, er, ap);
437 eloop_register_timeout(max_age, 0, wps_er_ap_timeout, er, ap);
441 ap = os_zalloc(sizeof(*ap));
445 ap->id = ++er->next_ap_id;
446 ap->location = os_strdup(location);
447 if (ap->location == NULL) {
454 ap->addr.s_addr = addr->s_addr;
455 os_memcpy(ap->uuid, uuid, WPS_UUID_LEN);
456 eloop_register_timeout(max_age, 0, wps_er_ap_timeout, er, ap);
458 wpa_printf(MSG_DEBUG, "WPS ER: Added AP entry for %s (%s)",
459 inet_ntoa(ap->addr), ap->location);
461 /* Fetch device description */
462 ap->http = http_client_url(ap->location, NULL, 10000,
463 wps_er_http_dev_desc_cb, ap);
467 void wps_er_ap_remove(struct wps_er *er, struct in_addr *addr)
469 struct wps_er_ap *prev = NULL, *ap = er->ap;
472 if (ap->addr.s_addr == addr->s_addr) {
474 prev->next = ap->next;
477 wps_er_ap_free(er, ap);
486 static void wps_er_ap_remove_all(struct wps_er *er)
488 struct wps_er_ap *prev, *ap;
496 wps_er_ap_free(er, prev);
501 static void http_put_date(struct wpabuf *buf)
503 wpabuf_put_str(buf, "Date: ");
505 wpabuf_put_str(buf, "\r\n");
509 static void wps_er_http_resp_not_found(struct http_request *req)
512 buf = wpabuf_alloc(200);
514 http_request_deinit(req);
519 "HTTP/1.1 404 Not Found\r\n"
520 "Server: unspecified, UPnP/1.0, unspecified\r\n"
521 "Connection: close\r\n");
523 wpabuf_put_str(buf, "\r\n");
524 http_request_send_and_deinit(req, buf);
528 static void wps_er_http_resp_ok(struct http_request *req)
531 buf = wpabuf_alloc(200);
533 http_request_deinit(req);
538 "HTTP/1.1 200 OK\r\n"
539 "Server: unspecified, UPnP/1.0, unspecified\r\n"
540 "Connection: close\r\n"
541 "Content-Length: 0\r\n");
543 wpabuf_put_str(buf, "\r\n");
544 http_request_send_and_deinit(req, buf);
548 static void wps_er_sta_timeout(void *eloop_data, void *user_ctx)
550 struct wps_er_sta *sta = eloop_data;
551 wpa_printf(MSG_DEBUG, "WPS ER: STA entry timed out");
552 wps_er_sta_unlink(sta);
553 wps_er_sta_free(sta);
557 static struct wps_er_sta * wps_er_add_sta_data(struct wps_er_ap *ap,
559 struct wps_parse_attr *attr,
562 struct wps_er_sta *sta = wps_er_sta_get(ap, addr);
566 m1 = !probe_req && attr->msg_type && *attr->msg_type == WPS_M1;
570 * Only allow new STA entry to be added based on Probe Request
571 * or M1. This will filter out bogus events and anything that
572 * may have been ongoing at the time ER subscribed for events.
574 if (!probe_req && !m1)
577 sta = os_zalloc(sizeof(*sta));
580 os_memcpy(sta->addr, addr, ETH_ALEN);
588 sta->m1_received = 1;
590 if (attr->config_methods && (!probe_req || !sta->m1_received))
591 sta->config_methods = WPA_GET_BE16(attr->config_methods);
592 if (attr->uuid_e && (!probe_req || !sta->m1_received))
593 os_memcpy(sta->uuid, attr->uuid_e, WPS_UUID_LEN);
594 if (attr->primary_dev_type && (!probe_req || !sta->m1_received))
595 os_memcpy(sta->pri_dev_type, attr->primary_dev_type, 8);
596 if (attr->dev_password_id && (!probe_req || !sta->m1_received))
597 sta->dev_passwd_id = WPA_GET_BE16(attr->dev_password_id);
599 if (attr->manufacturer) {
600 os_free(sta->manufacturer);
601 sta->manufacturer = os_malloc(attr->manufacturer_len + 1);
602 if (sta->manufacturer) {
603 os_memcpy(sta->manufacturer, attr->manufacturer,
604 attr->manufacturer_len);
605 sta->manufacturer[attr->manufacturer_len] = '\0';
609 if (attr->model_name) {
610 os_free(sta->model_name);
611 sta->model_name = os_malloc(attr->model_name_len + 1);
612 if (sta->model_name) {
613 os_memcpy(sta->model_name, attr->model_name,
614 attr->model_name_len);
615 sta->model_name[attr->model_name_len] = '\0';
619 if (attr->model_number) {
620 os_free(sta->model_number);
621 sta->model_number = os_malloc(attr->model_number_len + 1);
622 if (sta->model_number) {
623 os_memcpy(sta->model_number, attr->model_number,
624 attr->model_number_len);
625 sta->model_number[attr->model_number_len] = '\0';
629 if (attr->serial_number) {
630 os_free(sta->serial_number);
631 sta->serial_number = os_malloc(attr->serial_number_len + 1);
632 if (sta->serial_number) {
633 os_memcpy(sta->serial_number, attr->serial_number,
634 attr->serial_number_len);
635 sta->serial_number[attr->serial_number_len] = '\0';
639 if (attr->dev_name) {
640 os_free(sta->dev_name);
641 sta->dev_name = os_malloc(attr->dev_name_len + 1);
643 os_memcpy(sta->dev_name, attr->dev_name,
645 sta->dev_name[attr->dev_name_len] = '\0';
649 eloop_cancel_timeout(wps_er_sta_timeout, sta, NULL);
650 eloop_register_timeout(300, 0, wps_er_sta_timeout, sta, NULL);
653 wps_er_sta_event(ap->er->wps, sta, WPS_EV_ER_ENROLLEE_ADD);
659 static void wps_er_process_wlanevent_probe_req(struct wps_er_ap *ap,
663 struct wps_parse_attr attr;
665 wpa_printf(MSG_DEBUG, "WPS ER: WLANEvent - Probe Request - from "
666 MACSTR, MAC2STR(addr));
667 wpa_hexdump_buf(MSG_MSGDUMP, "WPS ER: WLANEvent - Enrollee's message "
668 "(TLVs from Probe Request)", msg);
670 if (wps_parse_msg(msg, &attr) < 0) {
671 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse TLVs in "
672 "WLANEvent message");
676 wps_er_add_sta_data(ap, addr, &attr, 1);
680 static void wps_er_http_put_wlan_response_cb(void *ctx, struct http_client *c,
681 enum http_client_event event)
683 struct wps_er_sta *sta = ctx;
687 wpa_printf(MSG_DEBUG, "WPS ER: PutWLANResponse OK");
689 case HTTP_CLIENT_FAILED:
690 case HTTP_CLIENT_INVALID_REPLY:
691 case HTTP_CLIENT_TIMEOUT:
692 wpa_printf(MSG_DEBUG, "WPS ER: PutWLANResponse failed");
695 http_client_free(sta->http);
700 static const char *soap_prefix =
701 "<?xml version=\"1.0\"?>\n"
702 "<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" "
703 "s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n"
705 static const char *soap_postfix =
706 "</s:Body>\n</s:Envelope>\n";
707 static const char *urn_wfawlanconfig =
708 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1";
710 static struct wpabuf * wps_er_soap_hdr(const struct wpabuf *msg,
711 const char *name, const char *arg_name,
713 const struct sockaddr_in *dst,
714 char **len_ptr, char **body_ptr)
716 unsigned char *encoded;
721 encoded = base64_encode(wpabuf_head(msg), wpabuf_len(msg),
730 buf = wpabuf_alloc(1000 + encoded_len);
737 "POST %s HTTP/1.1\r\n"
739 "Content-Type: text/xml; charset=\"utf-8\"\r\n"
741 path, inet_ntoa(dst->sin_addr), ntohs(dst->sin_port));
743 *len_ptr = wpabuf_put(buf, 0);
746 "SOAPACTION: \"%s#%s\"\r\n"
748 urn_wfawlanconfig, name);
750 *body_ptr = wpabuf_put(buf, 0);
752 wpabuf_put_str(buf, soap_prefix);
753 wpabuf_printf(buf, "<u:%s xmlns:u=\"", name);
754 wpabuf_put_str(buf, urn_wfawlanconfig);
755 wpabuf_put_str(buf, "\">\n");
757 wpabuf_printf(buf, "<%s>%s</%s>\n",
758 arg_name, (char *) encoded, arg_name);
766 static void wps_er_soap_end(struct wpabuf *buf, const char *name,
767 char *len_ptr, char *body_ptr)
770 wpabuf_printf(buf, "</u:%s>\n", name);
771 wpabuf_put_str(buf, soap_postfix);
772 os_snprintf(len_buf, sizeof(len_buf), "%d",
773 (int) ((char *) wpabuf_put(buf, 0) - body_ptr));
774 os_memcpy(len_ptr, len_buf, os_strlen(len_buf));
778 static void wps_er_sta_send_msg(struct wps_er_sta *sta, struct wpabuf *msg)
781 char *len_ptr, *body_ptr;
782 struct sockaddr_in dst;
786 wpa_printf(MSG_DEBUG, "WPS ER: Pending HTTP request for STA - "
787 "ignore new request");
792 if (sta->ap->control_url == NULL) {
793 wpa_printf(MSG_DEBUG, "WPS ER: No controlURL for AP");
798 url = http_client_url_parse(sta->ap->control_url, &dst, &path);
800 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse controlURL");
805 buf = wps_er_soap_hdr(msg, "PutWLANResponse", "NewMessage", path, &dst,
806 &len_ptr, &body_ptr);
811 wpabuf_printf(buf, "<NewWLANEventType>%d</NewWLANEventType>\n",
812 UPNP_WPS_WLANEVENT_TYPE_EAP);
813 wpabuf_printf(buf, "<NewWLANEventMAC>" MACSTR "</NewWLANEventMAC>\n",
816 wps_er_soap_end(buf, "PutWLANResponse", len_ptr, body_ptr);
818 sta->http = http_client_addr(&dst, buf, 1000,
819 wps_er_http_put_wlan_response_cb, sta);
820 if (sta->http == NULL)
825 static void wps_er_sta_process(struct wps_er_sta *sta, struct wpabuf *msg,
826 enum wsc_op_code op_code)
828 enum wps_process_res res;
830 res = wps_process_msg(sta->wps, op_code, msg);
831 if (res == WPS_CONTINUE) {
832 struct wpabuf *next = wps_get_msg(sta->wps, &op_code);
834 wps_er_sta_send_msg(sta, next);
836 wpa_printf(MSG_DEBUG, "WPS ER: Protocol run %s with the "
838 res == WPS_DONE ? "succeeded" : "failed", res);
839 wps_deinit(sta->wps);
841 if (res == WPS_DONE) {
842 /* Remove the STA entry after short timeout */
843 eloop_cancel_timeout(wps_er_sta_timeout, sta, NULL);
844 eloop_register_timeout(10, 0, wps_er_sta_timeout, sta,
851 static void wps_er_sta_start(struct wps_er_sta *sta, struct wpabuf *msg)
853 struct wps_config cfg;
856 wps_deinit(sta->wps);
858 os_memset(&cfg, 0, sizeof(cfg));
859 cfg.wps = sta->ap->er->wps;
861 cfg.peer_addr = sta->addr;
863 sta->wps = wps_init(&cfg);
864 if (sta->wps == NULL)
867 sta->wps->use_cred = sta->ap->ap_settings;
869 wps_er_sta_process(sta, msg, WSC_MSG);
873 static void wps_er_process_wlanevent_eap(struct wps_er_ap *ap, const u8 *addr,
876 struct wps_parse_attr attr;
877 struct wps_er_sta *sta;
879 wpa_printf(MSG_DEBUG, "WPS ER: WLANEvent - EAP - from " MACSTR,
881 wpa_hexdump_buf(MSG_MSGDUMP, "WPS ER: WLANEvent - Enrollee's message "
882 "(TLVs from EAP-WSC)", msg);
884 if (wps_parse_msg(msg, &attr) < 0) {
885 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse TLVs in "
886 "WLANEvent message");
890 sta = wps_er_add_sta_data(ap, addr, &attr, 0);
894 if (attr.msg_type && *attr.msg_type == WPS_M1)
895 wps_er_sta_start(sta, msg);
897 enum wsc_op_code op_code = WSC_MSG;
899 switch (*attr.msg_type) {
911 wps_er_sta_process(sta, msg, op_code);
916 static void wps_er_process_wlanevent(struct wps_er_ap *ap,
917 struct wpabuf *event)
921 u8 wlan_event_mac[ETH_ALEN];
924 wpa_hexdump(MSG_MSGDUMP, "WPS ER: Received WLANEvent",
925 wpabuf_head(event), wpabuf_len(event));
926 if (wpabuf_len(event) < 1 + 17) {
927 wpa_printf(MSG_DEBUG, "WPS ER: Too short WLANEvent");
931 data = wpabuf_mhead(event);
932 wlan_event_type = data[0];
933 if (hwaddr_aton((char *) data + 1, wlan_event_mac) < 0) {
934 wpa_printf(MSG_DEBUG, "WPS ER: Invalid WLANEventMAC in "
939 wpabuf_set(&msg, data + 1 + 17, wpabuf_len(event) - (1 + 17));
941 switch (wlan_event_type) {
943 wps_er_process_wlanevent_probe_req(ap, wlan_event_mac, &msg);
946 wps_er_process_wlanevent_eap(ap, wlan_event_mac, &msg);
949 wpa_printf(MSG_DEBUG, "WPS ER: Unknown WLANEventType %d",
956 static void wps_er_http_event(struct wps_er *er, struct http_request *req,
959 struct wps_er_ap *ap = wps_er_ap_get_id(er, ap_id);
960 struct wpabuf *event;
961 enum http_reply_code ret;
964 wpa_printf(MSG_DEBUG, "WPS ER: HTTP event from unknown AP id "
966 wps_er_http_resp_not_found(req);
969 wpa_printf(MSG_MSGDUMP, "WPS ER: HTTP event from AP id %u: %s",
970 ap_id, http_request_get_data(req));
972 event = xml_get_base64_item(http_request_get_data(req), "WLANEvent",
975 wpa_printf(MSG_DEBUG, "WPS ER: Could not extract WLANEvent "
976 "from the event notification");
978 * Reply with OK anyway to avoid getting unregistered from
981 wps_er_http_resp_ok(req);
985 wps_er_process_wlanevent(ap, event);
988 wps_er_http_resp_ok(req);
992 static void wps_er_http_notify(struct wps_er *er, struct http_request *req)
994 char *uri = http_request_get_uri(req);
996 if (os_strncmp(uri, "/event/", 7) == 0) {
997 unsigned int event_id;
999 event_id = atoi(uri + 7);
1000 if (event_id != er->event_id) {
1001 wpa_printf(MSG_DEBUG, "WPS ER: HTTP event for an "
1002 "unknown event id %u", event_id);
1005 pos = os_strchr(uri + 7, '/');
1009 wps_er_http_event(er, req, atoi(pos));
1011 wpa_printf(MSG_DEBUG, "WPS ER: Unknown HTTP NOTIFY for '%s'",
1013 wps_er_http_resp_not_found(req);
1018 static void wps_er_http_req(void *ctx, struct http_request *req)
1020 struct wps_er *er = ctx;
1021 struct sockaddr_in *cli = http_request_get_cli_addr(req);
1022 enum httpread_hdr_type type = http_request_get_type(req);
1025 wpa_printf(MSG_DEBUG, "WPS ER: HTTP request: '%s' (type %d) from "
1027 http_request_get_uri(req), type,
1028 inet_ntoa(cli->sin_addr), ntohs(cli->sin_port));
1031 case HTTPREAD_HDR_TYPE_NOTIFY:
1032 wps_er_http_notify(er, req);
1035 wpa_printf(MSG_DEBUG, "WPS ER: Unsupported HTTP request type "
1037 buf = wpabuf_alloc(200);
1039 http_request_deinit(req);
1043 "HTTP/1.1 501 Unimplemented\r\n"
1044 "Connection: close\r\n");
1046 wpabuf_put_str(buf, "\r\n");
1047 http_request_send_and_deinit(req, buf);
1054 wps_er_init(struct wps_context *wps, const char *ifname)
1057 struct in_addr addr;
1059 er = os_zalloc(sizeof(*er));
1063 er->multicast_sd = -1;
1066 os_strlcpy(er->ifname, ifname, sizeof(er->ifname));
1068 os_get_random((unsigned char *) &er->event_id, sizeof(er->event_id));
1070 if (get_netif_info(ifname,
1071 &er->ip_addr, &er->ip_addr_text,
1072 er->mac_addr, &er->mac_addr_text)) {
1073 wpa_printf(MSG_INFO, "WPS UPnP: Could not get IP/MAC address "
1074 "for %s. Does it have IP address?", ifname);
1079 if (wps_er_ssdp_init(er) < 0) {
1084 addr.s_addr = er->ip_addr;
1085 er->http_srv = http_server_init(&addr, -1, wps_er_http_req, er);
1086 if (er->http_srv == NULL) {
1090 er->http_port = http_server_get_port(er->http_srv);
1092 wpa_printf(MSG_DEBUG, "WPS ER: Start (ifname=%s ip_addr=%s "
1094 er->ifname, er->ip_addr_text, er->mac_addr_text);
1100 void wps_er_refresh(struct wps_er *er)
1102 struct wps_er_ap *ap;
1103 struct wps_er_sta *sta;
1105 for (ap = er->ap; ap; ap = ap->next) {
1106 wps_er_ap_event(er->wps, ap, WPS_EV_ER_AP_ADD);
1107 for (sta = ap->sta; sta; sta = sta->next)
1108 wps_er_sta_event(er->wps, sta, WPS_EV_ER_ENROLLEE_ADD);
1111 wps_er_send_ssdp_msearch(er);
1115 void wps_er_deinit(struct wps_er *er)
1119 http_server_deinit(er->http_srv);
1120 wps_er_ap_remove_all(er);
1121 wps_er_ssdp_deinit(er);
1122 os_free(er->ip_addr_text);
1123 os_free(er->mac_addr_text);
1128 static void wps_er_http_set_sel_reg_cb(void *ctx, struct http_client *c,
1129 enum http_client_event event)
1131 struct wps_er_ap *ap = ctx;
1134 case HTTP_CLIENT_OK:
1135 wpa_printf(MSG_DEBUG, "WPS ER: SetSelectedRegistrar OK");
1137 case HTTP_CLIENT_FAILED:
1138 case HTTP_CLIENT_INVALID_REPLY:
1139 case HTTP_CLIENT_TIMEOUT:
1140 wpa_printf(MSG_DEBUG, "WPS ER: SetSelectedRegistrar failed");
1143 http_client_free(ap->http);
1148 static void wps_er_send_set_sel_reg(struct wps_er_ap *ap, struct wpabuf *msg)
1151 char *len_ptr, *body_ptr;
1152 struct sockaddr_in dst;
1155 if (ap->control_url == NULL) {
1156 wpa_printf(MSG_DEBUG, "WPS ER: No controlURL for AP");
1161 wpa_printf(MSG_DEBUG, "WPS ER: Pending HTTP request for AP - "
1162 "ignore new request");
1166 url = http_client_url_parse(ap->control_url, &dst, &path);
1168 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse controlURL");
1172 buf = wps_er_soap_hdr(msg, "SetSelectedRegistrar", "NewMessage", path,
1173 &dst, &len_ptr, &body_ptr);
1178 wps_er_soap_end(buf, "SetSelectedRegistrar", len_ptr, body_ptr);
1180 ap->http = http_client_addr(&dst, buf, 1000,
1181 wps_er_http_set_sel_reg_cb, ap);
1182 if (ap->http == NULL)
1187 static int wps_er_build_selected_registrar(struct wpabuf *msg, int sel_reg)
1189 wpabuf_put_be16(msg, ATTR_SELECTED_REGISTRAR);
1190 wpabuf_put_be16(msg, 1);
1191 wpabuf_put_u8(msg, !!sel_reg);
1196 static int wps_er_build_dev_password_id(struct wpabuf *msg, u16 dev_passwd_id)
1198 wpabuf_put_be16(msg, ATTR_DEV_PASSWORD_ID);
1199 wpabuf_put_be16(msg, 2);
1200 wpabuf_put_be16(msg, dev_passwd_id);
1205 static int wps_er_build_sel_reg_config_methods(struct wpabuf *msg,
1206 u16 sel_reg_config_methods)
1208 wpabuf_put_be16(msg, ATTR_SELECTED_REGISTRAR_CONFIG_METHODS);
1209 wpabuf_put_be16(msg, 2);
1210 wpabuf_put_be16(msg, sel_reg_config_methods);
1215 void wps_er_set_sel_reg(struct wps_er *er, int sel_reg, u16 dev_passwd_id,
1216 u16 sel_reg_config_methods)
1219 struct wps_er_ap *ap;
1221 msg = wpabuf_alloc(500);
1225 if (wps_build_version(msg) ||
1226 wps_er_build_selected_registrar(msg, sel_reg) ||
1227 wps_er_build_dev_password_id(msg, dev_passwd_id) ||
1228 wps_er_build_sel_reg_config_methods(msg, sel_reg_config_methods)) {
1233 for (ap = er->ap; ap; ap = ap->next)
1234 wps_er_send_set_sel_reg(ap, msg);
1240 int wps_er_pbc(struct wps_er *er, const u8 *uuid)
1242 if (er == NULL || er->wps == NULL)
1246 * TODO: Should enable PBC mode only in a single AP based on which AP
1247 * the Enrollee (uuid) is using. Now, we may end up enabling multiple
1248 * APs in PBC mode which could result in session overlap at the
1251 if (wps_registrar_button_pushed(er->wps->registrar))
1258 static void wps_er_ap_settings_cb(void *ctx, const struct wps_credential *cred)
1260 struct wps_er_ap *ap = ctx;
1261 wpa_printf(MSG_DEBUG, "WPS ER: AP Settings received");
1262 os_free(ap->ap_settings);
1263 ap->ap_settings = os_malloc(sizeof(*cred));
1264 if (ap->ap_settings) {
1265 os_memcpy(ap->ap_settings, cred, sizeof(*cred));
1266 ap->ap_settings->cred_attr = NULL;
1269 /* TODO: send info through ctrl_iface */
1273 static void wps_er_http_put_message_cb(void *ctx, struct http_client *c,
1274 enum http_client_event event)
1276 struct wps_er_ap *ap = ctx;
1277 struct wpabuf *reply;
1281 case HTTP_CLIENT_OK:
1282 wpa_printf(MSG_DEBUG, "WPS ER: PutMessage OK");
1283 reply = http_client_get_body(c);
1286 msg = os_zalloc(wpabuf_len(reply) + 1);
1289 os_memcpy(msg, wpabuf_head(reply), wpabuf_len(reply));
1291 case HTTP_CLIENT_FAILED:
1292 case HTTP_CLIENT_INVALID_REPLY:
1293 case HTTP_CLIENT_TIMEOUT:
1294 wpa_printf(MSG_DEBUG, "WPS ER: PutMessage failed");
1296 wps_deinit(ap->wps);
1301 http_client_free(ap->http);
1306 enum http_reply_code ret;
1307 buf = xml_get_base64_item(msg, "NewOutMessage", &ret);
1310 wpa_printf(MSG_DEBUG, "WPS ER: Could not extract "
1311 "NewOutMessage from PutMessage response");
1314 wps_er_ap_process(ap, buf);
1320 static void wps_er_ap_put_message(struct wps_er_ap *ap,
1321 const struct wpabuf *msg)
1324 char *len_ptr, *body_ptr;
1325 struct sockaddr_in dst;
1329 wpa_printf(MSG_DEBUG, "WPS ER: Pending HTTP operation ongoing "
1330 "with the AP - cannot continue learn");
1334 if (ap->control_url == NULL) {
1335 wpa_printf(MSG_DEBUG, "WPS ER: No controlURL for AP");
1339 url = http_client_url_parse(ap->control_url, &dst, &path);
1341 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse controlURL");
1345 buf = wps_er_soap_hdr(msg, "PutMessage", "NewInMessage", path, &dst,
1346 &len_ptr, &body_ptr);
1351 wps_er_soap_end(buf, "PutMessage", len_ptr, body_ptr);
1353 ap->http = http_client_addr(&dst, buf, 10000,
1354 wps_er_http_put_message_cb, ap);
1355 if (ap->http == NULL)
1360 static void wps_er_ap_process(struct wps_er_ap *ap, struct wpabuf *msg)
1362 enum wps_process_res res;
1364 res = wps_process_msg(ap->wps, WSC_MSG, msg);
1365 if (res == WPS_CONTINUE) {
1366 enum wsc_op_code op_code;
1367 struct wpabuf *next = wps_get_msg(ap->wps, &op_code);
1369 wps_er_ap_put_message(ap, next);
1372 wpa_printf(MSG_DEBUG, "WPS ER: Failed to build "
1374 wps_deinit(ap->wps);
1378 wpa_printf(MSG_DEBUG, "WPS ER: Failed to process message from "
1379 "AP (res=%d)", res);
1380 wps_deinit(ap->wps);
1386 static void wps_er_ap_learn_m1(struct wps_er_ap *ap, struct wpabuf *m1)
1388 struct wps_config cfg;
1391 wpa_printf(MSG_DEBUG, "WPS ER: Protocol run already in "
1392 "progress with this AP");
1396 os_memset(&cfg, 0, sizeof(cfg));
1397 cfg.wps = ap->er->wps;
1399 ap->wps = wps_init(&cfg);
1400 if (ap->wps == NULL)
1402 ap->wps->ap_settings_cb = wps_er_ap_settings_cb;
1403 ap->wps->ap_settings_cb_ctx = ap;
1405 wps_er_ap_process(ap, m1);
1409 static void wps_er_ap_learn(struct wps_er_ap *ap, const char *dev_info)
1411 struct wpabuf *info;
1412 enum http_reply_code ret;
1414 wpa_printf(MSG_DEBUG, "WPS ER: Received GetDeviceInfo response (M1) "
1416 info = xml_get_base64_item(dev_info, "NewDeviceInfo", &ret);
1418 wpa_printf(MSG_DEBUG, "WPS ER: Could not extract "
1419 "NewDeviceInfo from GetDeviceInfo response");
1423 ap->m1_handler(ap, info);
1428 static void wps_er_http_get_dev_info_cb(void *ctx, struct http_client *c,
1429 enum http_client_event event)
1431 struct wps_er_ap *ap = ctx;
1432 struct wpabuf *reply;
1433 char *dev_info = NULL;
1436 case HTTP_CLIENT_OK:
1437 wpa_printf(MSG_DEBUG, "WPS ER: GetDeviceInfo OK");
1438 reply = http_client_get_body(c);
1441 dev_info = os_zalloc(wpabuf_len(reply) + 1);
1442 if (dev_info == NULL)
1444 os_memcpy(dev_info, wpabuf_head(reply), wpabuf_len(reply));
1446 case HTTP_CLIENT_FAILED:
1447 case HTTP_CLIENT_INVALID_REPLY:
1448 case HTTP_CLIENT_TIMEOUT:
1449 wpa_printf(MSG_DEBUG, "WPS ER: GetDeviceInfo failed");
1452 http_client_free(ap->http);
1456 wps_er_ap_learn(ap, dev_info);
1462 static int wps_er_send_get_device_info(struct wps_er_ap *ap,
1463 void (*m1_handler)(struct wps_er_ap *ap,
1467 char *len_ptr, *body_ptr;
1468 struct sockaddr_in dst;
1472 wpa_printf(MSG_DEBUG, "WPS ER: Pending HTTP operation ongoing "
1473 "with the AP - cannot get device info");
1477 if (ap->control_url == NULL) {
1478 wpa_printf(MSG_DEBUG, "WPS ER: No controlURL for AP");
1482 url = http_client_url_parse(ap->control_url, &dst, &path);
1484 wpa_printf(MSG_DEBUG, "WPS ER: Failed to parse controlURL");
1488 buf = wps_er_soap_hdr(NULL, "GetDeviceInfo", NULL, path, &dst,
1489 &len_ptr, &body_ptr);
1494 wps_er_soap_end(buf, "GetDeviceInfo", len_ptr, body_ptr);
1496 ap->http = http_client_addr(&dst, buf, 10000,
1497 wps_er_http_get_dev_info_cb, ap);
1498 if (ap->http == NULL) {
1503 ap->m1_handler = m1_handler;
1509 int wps_er_learn(struct wps_er *er, const u8 *uuid, const u8 *pin,
1512 struct wps_er_ap *ap;
1517 ap = wps_er_ap_get(er, NULL, uuid);
1519 wpa_printf(MSG_DEBUG, "WPS ER: AP not found for learn "
1524 wpa_printf(MSG_DEBUG, "WPS ER: Pending operation ongoing "
1525 "with the AP - cannot start learn");
1529 if (wps_er_send_get_device_info(ap, wps_er_ap_learn_m1) < 0)
1532 /* TODO: add PIN without SetSelectedRegistrar trigger to all APs */
1533 wps_registrar_add_pin(er->wps->registrar, uuid, pin, pin_len, 0);
projects / libeap.git / blob