HS 2.0: Add preliminary documentation for Hotspot 2.0
This describes wpa_supplicant functionality for Interworking (probe request parameters, network selection) and Hotspot 2.0. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
597d5d1b11
commit
a8a3868ddd
1 changed files with 437 additions and 0 deletions
437
wpa_supplicant/README-HS20
Normal file
437
wpa_supplicant/README-HS20
Normal file
|
@ -0,0 +1,437 @@
|
|||
wpa_supplicant and Hotspot 2.0
|
||||
==============================
|
||||
|
||||
This document describe how the IEEE 802.11u Interworking and Wi-Fi
|
||||
Hotspot 2.0 (Release 1) implementation in wpa_supplicant can be
|
||||
configured and how an external component on the client e.g., management
|
||||
GUI or Wi-Fi framework) is used to manage this functionality.
|
||||
|
||||
|
||||
Introduction to Wi-Fi Hotspot 2.0
|
||||
---------------------------------
|
||||
|
||||
Hotspot 2.0 is the name of the Wi-Fi Alliance specification that is used
|
||||
in the Wi-Fi CERTIFIED Passpoint<TM> program. More information about
|
||||
this is available in this white paper:
|
||||
|
||||
http://www.wi-fi.org/knowledge-center/white-papers/wi-fi-certified-passpoint%E2%84%A2-new-program-wi-fi-alliance%C2%AE-enable-seamless
|
||||
|
||||
The Hotspot 2.0 specification is also available from WFA:
|
||||
https://www.wi-fi.org/knowledge-center/published-specifications
|
||||
|
||||
The core Interworking functionality (network selection, GAS/ANQP) were
|
||||
standardized in IEEE Std 802.11u-2011 which is now part of the IEEE Std
|
||||
802.11-2012.
|
||||
|
||||
|
||||
wpa_supplicant configuration
|
||||
----------------------------
|
||||
|
||||
Interworking and Hotspot 2.0 functionality are optional components that
|
||||
need to be enabled in the wpa_supplicant build configuration
|
||||
(.config). This is done by adding following parameters into that file:
|
||||
|
||||
CONFIG_INTERWORKING=y
|
||||
CONFIG_HS20=y
|
||||
|
||||
It should be noted that this functionality requires a driver that
|
||||
supports GAS/ANQP operations. This uses the same design as P2P, i.e.,
|
||||
Action frame processing and building in user space within
|
||||
wpa_supplicant. The Linux nl80211 driver interface provides the needed
|
||||
functionality for this.
|
||||
|
||||
|
||||
There are number of run-time configuration parameters (e.g., in
|
||||
wpa_supplicant.conf when using the configuration file) that can be used
|
||||
to control Hotspot 2.0 operations.
|
||||
|
||||
# Enable Interworking
|
||||
interworking=1
|
||||
|
||||
# Enable Hotspot 2.0
|
||||
hs20=1
|
||||
|
||||
# Parameters for controlling scanning
|
||||
|
||||
# Homogenous ESS identifier
|
||||
# If this is set, scans will be used to request response only from BSSes
|
||||
# belonging to the specified Homogeneous ESS. This is used only if interworking
|
||||
# is enabled.
|
||||
#hessid=00:11:22:33:44:55
|
||||
|
||||
# Access Network Type
|
||||
# When Interworking is enabled, scans can be limited to APs that advertise the
|
||||
# specified Access Network Type (0..15; with 15 indicating wildcard match).
|
||||
# This value controls the Access Network Type value in Probe Request frames.
|
||||
#access_network_type=15
|
||||
|
||||
|
||||
Credentials can be pre-configured for automatic network selection:
|
||||
|
||||
# credential block
|
||||
#
|
||||
# Each credential used for automatic network selection is configured as a set
|
||||
# of parameters that are compared to the information advertised by the APs when
|
||||
# interworking_select and interworking_connect commands are used.
|
||||
#
|
||||
# credential fields:
|
||||
#
|
||||
# priority: Priority group
|
||||
# By default, all networks and credentials get the same priority group
|
||||
# (0). This field can be used to give higher priority for credentials
|
||||
# (and similarly in struct wpa_ssid for network blocks) to change the
|
||||
# Interworking automatic networking selection behavior. The matching
|
||||
# network (based on either an enabled network block or a credential)
|
||||
# with the highest priority value will be selected.
|
||||
#
|
||||
# pcsc: Use PC/SC and SIM/USIM card
|
||||
#
|
||||
# realm: Home Realm for Interworking
|
||||
#
|
||||
# username: Username for Interworking network selection
|
||||
#
|
||||
# password: Password for Interworking network selection
|
||||
#
|
||||
# ca_cert: CA certificate for Interworking network selection
|
||||
#
|
||||
# client_cert: File path to client certificate file (PEM/DER)
|
||||
# This field is used with Interworking networking selection for a case
|
||||
# where client certificate/private key is used for authentication
|
||||
# (EAP-TLS). Full path to the file should be used since working
|
||||
# directory may change when wpa_supplicant is run in the background.
|
||||
#
|
||||
# Alternatively, a named configuration blob can be used by setting
|
||||
# this to blob://blob_name.
|
||||
#
|
||||
# private_key: File path to client private key file (PEM/DER/PFX)
|
||||
# When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be
|
||||
# commented out. Both the private key and certificate will be read
|
||||
# from the PKCS#12 file in this case. Full path to the file should be
|
||||
# used since working directory may change when wpa_supplicant is run
|
||||
# in the background.
|
||||
#
|
||||
# Windows certificate store can be used by leaving client_cert out and
|
||||
# configuring private_key in one of the following formats:
|
||||
#
|
||||
# cert://substring_to_match
|
||||
#
|
||||
# hash://certificate_thumbprint_in_hex
|
||||
#
|
||||
# For example: private_key="hash://63093aa9c47f56ae88334c7b65a4"
|
||||
#
|
||||
# Note that when running wpa_supplicant as an application, the user
|
||||
# certificate store (My user account) is used, whereas computer store
|
||||
# (Computer account) is used when running wpasvc as a service.
|
||||
#
|
||||
# Alternatively, a named configuration blob can be used by setting
|
||||
# this to blob://blob_name.
|
||||
#
|
||||
# private_key_passwd: Password for private key file
|
||||
#
|
||||
# imsi: IMSI in <MCC> | <MNC> | '-' | <MSIN> format
|
||||
#
|
||||
# milenage: Milenage parameters for SIM/USIM simulator in <Ki>:<OPc>:<SQN>
|
||||
# format
|
||||
#
|
||||
# domain: Home service provider FQDN
|
||||
# This is used to compare against the Domain Name List to figure out
|
||||
# whether the AP is operated by the Home SP.
|
||||
#
|
||||
# roaming_consortium: Roaming Consortium OI
|
||||
# If roaming_consortium_len is non-zero, this field contains the
|
||||
# Roaming Consortium OI that can be used to determine which access
|
||||
# points support authentication with this credential. This is an
|
||||
# alternative to the use of the realm parameter. When using Roaming
|
||||
# Consortium to match the network, the EAP parameters need to be
|
||||
# pre-configured with the credential since the NAI Realm information
|
||||
# may not be available or fetched.
|
||||
#
|
||||
# eap: Pre-configured EAP method
|
||||
# This optional field can be used to specify which EAP method will be
|
||||
# used with this credential. If not set, the EAP method is selected
|
||||
# automatically based on ANQP information (e.g., NAI Realm).
|
||||
#
|
||||
# phase1: Pre-configure Phase 1 (outer authentication) parameters
|
||||
# This optional field is used with like the 'eap' parameter.
|
||||
#
|
||||
# phase2: Pre-configure Phase 2 (inner authentication) parameters
|
||||
# This optional field is used with like the 'eap' parameter.
|
||||
#
|
||||
# for example:
|
||||
#
|
||||
#cred={
|
||||
# realm="example.com"
|
||||
# username="user@example.com"
|
||||
# password="password"
|
||||
# ca_cert="/etc/wpa_supplicant/ca.pem"
|
||||
# domain="example.com"
|
||||
#}
|
||||
#
|
||||
#cred={
|
||||
# imsi="310026-000000000"
|
||||
# milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82"
|
||||
#}
|
||||
#
|
||||
#cred={
|
||||
# realm="example.com"
|
||||
# username="user"
|
||||
# password="password"
|
||||
# ca_cert="/etc/wpa_supplicant/ca.pem"
|
||||
# domain="example.com"
|
||||
# roaming_consortium=223344
|
||||
# eap=TTLS
|
||||
# phase2="auth=MSCHAPV2"
|
||||
#}
|
||||
|
||||
|
||||
Control interface
|
||||
-----------------
|
||||
|
||||
wpa_supplicant provides a control interface that can be used from
|
||||
external programs to manage various operations. The included command
|
||||
line tool, wpa_cli, can be used for manual testing with this interface.
|
||||
|
||||
Following wpa_cli interactive mode commands show some examples of manual
|
||||
operations related to Hotspot 2.0:
|
||||
|
||||
Remove configured networks and credentials:
|
||||
|
||||
> remove_network all
|
||||
OK
|
||||
> remove_cred all
|
||||
OK
|
||||
|
||||
|
||||
Add a username/password credential:
|
||||
|
||||
> add_cred
|
||||
0
|
||||
> set_cred 0 realm "mail.example.com"
|
||||
OK
|
||||
> set_cred 0 username "username"
|
||||
OK
|
||||
> set_cred 0 password "password"
|
||||
OK
|
||||
> set_cred 0 priority 1
|
||||
OK
|
||||
|
||||
Add a SIM credential using a simulated SIM/USIM card for testing:
|
||||
|
||||
> add_cred
|
||||
1
|
||||
> set_cred 1 imsi "23456-0000000000"
|
||||
OK
|
||||
> set_cred 1 milenage "90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123"
|
||||
OK
|
||||
> set_cred 1 priority 1
|
||||
OK
|
||||
|
||||
Note: the return value of add_cred is used as the first argument to
|
||||
the following set_cred commands.
|
||||
|
||||
|
||||
Add a WPA2-Enterprise network:
|
||||
|
||||
> add_network
|
||||
0
|
||||
> set_network 0 key_mgmt WPA-EAP
|
||||
OK
|
||||
> set_network 0 ssid "enterprise"
|
||||
OK
|
||||
> set_network 0 eap TTLS
|
||||
OK
|
||||
> set_network 0 anonymous_identity "anonymous"
|
||||
OK
|
||||
> set_network 0 identity "user"
|
||||
OK
|
||||
> set_network 0 password "password"
|
||||
OK
|
||||
> set_network 0 priority 0
|
||||
OK
|
||||
> enable_network 0 no-connect
|
||||
OK
|
||||
|
||||
|
||||
Add an open network:
|
||||
|
||||
> add_network
|
||||
3
|
||||
> set_network 3 key_mgmt NONE
|
||||
OK
|
||||
> set_network 3 ssid "coffee-shop"
|
||||
OK
|
||||
> select_network 3
|
||||
OK
|
||||
|
||||
Note: the return value of add_network is used as the first argument to
|
||||
the following set_network commands.
|
||||
|
||||
The preferred credentials/networks can be indicated with the priority
|
||||
parameter (1 is higher priority than 0).
|
||||
|
||||
|
||||
Interworking network selection can be started with interworking_select
|
||||
command. This instructs wpa_supplicant to run a network scan and iterate
|
||||
through the discovered APs to request ANQP information from the APs that
|
||||
advertise support for Interworking/Hotspot 2.0:
|
||||
|
||||
> interworking_select
|
||||
OK
|
||||
<3>Starting ANQP fetch for 02:00:00:00:01:00
|
||||
<3>RX-ANQP 02:00:00:00:01:00 ANQP Capability list
|
||||
<3>RX-ANQP 02:00:00:00:01:00 Roaming Consortium list
|
||||
<3>RX-HS20-ANQP 02:00:00:00:01:00 HS Capability List
|
||||
<3>ANQP fetch completed
|
||||
<3>INTERWORKING-AP 02:00:00:00:01:00 type=unknown
|
||||
|
||||
|
||||
INTERWORKING-AP event messages indicate the APs that support network
|
||||
selection and for which there is a matching
|
||||
credential. interworking_connect command can be used to select a network
|
||||
to connect with:
|
||||
|
||||
|
||||
> interworking_connect 02:00:00:00:01:00
|
||||
OK
|
||||
<3>CTRL-EVENT-SCAN-RESULTS
|
||||
<3>SME: Trying to authenticate with 02:00:00:00:01:00 (SSID='Example Network' freq=2412 MHz)
|
||||
<3>Trying to associate with 02:00:00:00:01:00 (SSID='Example Network' freq=2412 MHz)
|
||||
<3>Associated with 02:00:00:00:01:00
|
||||
<3>CTRL-EVENT-EAP-STARTED EAP authentication started
|
||||
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
|
||||
<3>CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
|
||||
<3>CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
|
||||
<3>WPA: Key negotiation completed with 02:00:00:00:01:00 [PTK=CCMP GTK=CCMP]
|
||||
<3>CTRL-EVENT-CONNECTED - Connection to 02:00:00:00:01:00 completed (auth) [id=0 id_str=]
|
||||
|
||||
|
||||
wpa_supplicant creates a temporary network block for the selected
|
||||
network based on the configured credential and ANQP information from the
|
||||
AP:
|
||||
|
||||
> list_networks
|
||||
network id / ssid / bssid / flags
|
||||
0 Example Network any [CURRENT]
|
||||
> get_network 0 key_mgmt
|
||||
WPA-EAP
|
||||
> get_network 0 eap
|
||||
TTLS
|
||||
|
||||
|
||||
Alternatively to using an external program to select the network,
|
||||
"interworking_select auto" command can be used to request wpa_supplicant
|
||||
to select which network to use based on configured priorities:
|
||||
|
||||
|
||||
> remove_network all
|
||||
OK
|
||||
<3>CTRL-EVENT-DISCONNECTED bssid=02:00:00:00:01:00 reason=1 locally_generated=1
|
||||
> interworking_select auto
|
||||
OK
|
||||
<3>Starting ANQP fetch for 02:00:00:00:01:00
|
||||
<3>RX-ANQP 02:00:00:00:01:00 ANQP Capability list
|
||||
<3>RX-ANQP 02:00:00:00:01:00 Roaming Consortium list
|
||||
<3>RX-HS20-ANQP 02:00:00:00:01:00 HS Capability List
|
||||
<3>ANQP fetch completed
|
||||
<3>INTERWORKING-AP 02:00:00:00:01:00 type=unknown
|
||||
<3>CTRL-EVENT-SCAN-RESULTS
|
||||
<3>SME: Trying to authenticate with 02:00:00:00:01:00 (SSID='Example Network' freq=2412 MHz)
|
||||
<3>Trying to associate with 02:00:00:00:01:00 (SSID='Example Network' freq=2412 MHz)
|
||||
<3>Associated with 02:00:00:00:01:00
|
||||
<3>CTRL-EVENT-EAP-STARTED EAP authentication started
|
||||
<3>CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
|
||||
<3>CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
|
||||
<3>CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
|
||||
<3>WPA: Key negotiation completed with 02:00:00:00:01:00 [PTK=CCMP GTK=CCMP]
|
||||
<3>CTRL-EVENT-CONNECTED - Connection to 02:00:00:00:01:00 completed (reauth) [id=0 id_str=]
|
||||
|
||||
|
||||
The connection status can be shown with the status command:
|
||||
|
||||
> status
|
||||
bssid=02:00:00:00:01:00
|
||||
ssid=Example Network
|
||||
id=0
|
||||
mode=station
|
||||
pairwise_cipher=CCMP <--- link layer security indication
|
||||
group_cipher=CCMP
|
||||
key_mgmt=WPA2/IEEE 802.1X/EAP
|
||||
wpa_state=COMPLETED
|
||||
p2p_device_address=02:00:00:00:00:00
|
||||
address=02:00:00:00:00:00
|
||||
hs20=1 <--- HS 2.0 indication
|
||||
Supplicant PAE state=AUTHENTICATED
|
||||
suppPortStatus=Authorized
|
||||
EAP state=SUCCESS
|
||||
selectedMethod=21 (EAP-TTLS)
|
||||
EAP TLS cipher=AES-128-SHA
|
||||
EAP-TTLSv0 Phase2 method=PAP
|
||||
|
||||
|
||||
> status
|
||||
bssid=02:00:00:00:02:00
|
||||
ssid=coffee-shop
|
||||
id=3
|
||||
mode=station
|
||||
pairwise_cipher=NONE
|
||||
group_cipher=NONE
|
||||
key_mgmt=NONE
|
||||
wpa_state=COMPLETED
|
||||
p2p_device_address=02:00:00:00:00:00
|
||||
address=02:00:00:00:00:00
|
||||
|
||||
|
||||
Note: The Hotspot 2.0 indication is shown as "hs20=1" in the status
|
||||
command output. Link layer security is indicated with the
|
||||
pairwise_cipher (CCMP = secure, NONE = no encryption used).
|
||||
|
||||
|
||||
Also the scan results include the Hotspot 2.0 indication:
|
||||
|
||||
> scan_results
|
||||
bssid / frequency / signal level / flags / ssid
|
||||
02:00:00:00:01:00 2412 -30 [WPA2-EAP-CCMP][ESS][HS20] Example Network
|
||||
|
||||
|
||||
ANQP information for the BSS can be fetched using the BSS command:
|
||||
|
||||
> bss 02:00:00:00:01:00
|
||||
id=1
|
||||
bssid=02:00:00:00:01:00
|
||||
freq=2412
|
||||
beacon_int=100
|
||||
capabilities=0x0411
|
||||
qual=0
|
||||
noise=-92
|
||||
level=-30
|
||||
tsf=1345573286517276
|
||||
age=105
|
||||
ie=000f4578616d706c65204e6574776f726b010882848b960c1218240301012a010432043048606c30140100000fac040100000fac040100000fac0100007f04000000806b091e07010203040506076c027f006f1001531122331020304050010203040506dd05506f9a1000
|
||||
flags=[WPA2-EAP-CCMP][ESS][HS20]
|
||||
ssid=Example Network
|
||||
anqp_roaming_consortium=031122330510203040500601020304050603fedcba
|
||||
|
||||
|
||||
ANQP queries can also be requested with the anqp_get and hs20_anqp_get
|
||||
commands:
|
||||
|
||||
> anqp_get 02:00:00:00:01:00 261
|
||||
OK
|
||||
<3>RX-ANQP 02:00:00:00:01:00 Roaming Consortium list
|
||||
> hs20_anqp_get 02:00:00:00:01:00 2
|
||||
OK
|
||||
<3>RX-HS20-ANQP 02:00:00:00:01:00 HS Capability List
|
||||
|
||||
In addition, fetch_anqp command can be used to request similar set of
|
||||
ANQP queries to be done as is run as part of interworking_select:
|
||||
|
||||
> scan
|
||||
OK
|
||||
<3>CTRL-EVENT-SCAN-RESULTS
|
||||
> fetch_anqp
|
||||
OK
|
||||
<3>Starting ANQP fetch for 02:00:00:00:01:00
|
||||
<3>RX-ANQP 02:00:00:00:01:00 ANQP Capability list
|
||||
<3>RX-ANQP 02:00:00:00:01:00 Roaming Consortium list
|
||||
<3>RX-HS20-ANQP 02:00:00:00:01:00 HS Capability List
|
||||
<3>ANQP fetch completed
|
Loading…
Reference in a new issue