DPP2: Add an automatic peer_bi entry for CSR matching if needed
This allows the DPP_CA_SET command to be targeting a specific DPP-CST event in cases where the Configurator did not receive the bootstrapping information for the peer. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
b25ddfe9d3
commit
8f88dcf050
4 changed files with 82 additions and 18 deletions
|
|
@ -1293,9 +1293,14 @@ void dpp_auth_deinit(struct dpp_authentication *auth)
|
|||
wpabuf_free(auth->cacert);
|
||||
wpabuf_free(auth->certbag);
|
||||
os_free(auth->trusted_eap_server_name);
|
||||
wpabuf_free(auth->conf_resp_tcp);
|
||||
#endif /* CONFIG_DPP2 */
|
||||
wpabuf_free(auth->net_access_key);
|
||||
dpp_bootstrap_info_free(auth->tmp_own_bi);
|
||||
if (auth->tmp_peer_bi) {
|
||||
dl_list_del(&auth->tmp_peer_bi->list);
|
||||
dpp_bootstrap_info_free(auth->tmp_peer_bi);
|
||||
}
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
os_free(auth->config_obj_override);
|
||||
os_free(auth->discovery_override);
|
||||
|
|
@ -2044,6 +2049,7 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
|
|||
cert_req = json_get_member_base64(root, "pkcs10");
|
||||
if (cert_req) {
|
||||
char *txt;
|
||||
int id;
|
||||
|
||||
wpa_hexdump_buf(MSG_DEBUG, "DPP: CertificateRequest", cert_req);
|
||||
if (dpp_validate_csr(auth, cert_req) < 0) {
|
||||
|
|
@ -2051,13 +2057,31 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
|
|||
auth->force_conf_resp_status = DPP_STATUS_CSR_BAD;
|
||||
goto cont;
|
||||
}
|
||||
|
||||
if (auth->peer_bi) {
|
||||
id = auth->peer_bi->id;
|
||||
} else if (auth->tmp_peer_bi) {
|
||||
id = auth->tmp_peer_bi->id;
|
||||
} else {
|
||||
struct dpp_bootstrap_info *bi;
|
||||
|
||||
bi = os_zalloc(sizeof(*bi));
|
||||
if (!bi)
|
||||
goto fail;
|
||||
bi->id = dpp_next_id(auth->global);
|
||||
dl_list_add(&auth->global->bootstrap, &bi->list);
|
||||
auth->tmp_peer_bi = bi;
|
||||
id = bi->id;
|
||||
}
|
||||
|
||||
wpa_printf(MSG_DEBUG, "DPP: CSR is valid - forward to CA/RA");
|
||||
txt = base64_encode_no_lf(wpabuf_head(cert_req),
|
||||
wpabuf_len(cert_req), NULL);
|
||||
if (!txt)
|
||||
goto fail;
|
||||
|
||||
wpa_msg(auth->msg_ctx, MSG_INFO, DPP_EVENT_CSR "peer=%d csr=%s",
|
||||
auth->peer_bi ? (int) auth->peer_bi->id : -1, txt);
|
||||
id, txt);
|
||||
os_free(txt);
|
||||
auth->waiting_csr = false;
|
||||
auth->waiting_cert = true;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue