Commit graph

123 commits

Author SHA1 Message Date
Jouni Malinen
e2ea0fd70b EST: Write the RSA private key using the standard PRIVATE KEY format
The routines used for using raw RSA keys directly have been deprecated
in OpenSSL 3.0. There should be no particular need to use the "RSA
PRIVATE KEY" format, so replace this with the more common "PRIVATE KEY"
format that can be written without use of the deprecated functions.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-23 16:44:38 +02:00
Ilan Peer
909864ab1e HS 2.0: Restore ifdef for DEFINE_STACK_OF in est.c
DEFINE_STACK_OF() was only introduced in OpenSSL 1.1.0 and newer, but
the ifdef directive that wrapped it was wrongly removed when cleaning
some BoringSSL definitions. Use ifdef confistently for defining and
using AttrOrOID.

Fixes: faf9c04cb5 ("Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs")
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-16 22:42:16 +02:00
Damien Dejean
3268ec0acf HS20: Use required_home_ois in hs20-osu-client
Move from the now deprecated roaming_consortium and
required_roaming_consortium credential parameters to home_ois and
required_home_ois.

Signed-off-by: Damien Dejean <damiendejean@chromium.org>
2022-11-26 17:58:57 +02:00
David Benjamin
faf9c04cb5 Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs
The <openssl/buf.h> include is relevant in both OpenSSL and BoringSSL
because the file uses BUF_MEM (include what you use). OpenSSL just
happened to include it via another file. OpenSSL also spells it
<openssl/buffer.h>, not matching the type, so use the compatible
spelling.

Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions
call into BoringSSL internals. The correct, public APIs are simply to
just use the same code as OpenSSL and call the DEFINE_STACK_OF macros.

Signed-off-by: David Benjamin <davidben@google.com>
2022-07-28 12:57:40 +03:00
Jouni Malinen
02047e9c88 hs20-osu-client: Explicit checks for snprintf() result
Get rid of the gcc warnings on potentially truncating the output buffer
by explicitly checking that there was enough room to write the full
string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-05-27 00:32:13 +03:00
Chenming Huang
a2dbb25583 Android: Compile hs20-osu-client to /vendor/bin in test builds
hs20-osu-client compilation fails on Android O onwards because of
undefined reference for __android_log_print/__android_log_vprint.

Modify hs20-osu-client's Android.mk to include liblog library and
use tag 'hs20-osu-client' in logcat logs. Additionally, compile
hs20-osu-client to /vendor/bin in non-production builds.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-14 17:10:03 +03:00
Jouni Malinen
5ab3853211 Revert "Android: Compile hs20-osu-client to /vendor/bin in test builds"
This reverts commit 1192d5721b. That
commit disabled hostapd and wpa_supplicant build in user build variants.
Furthermore, it used duplicated TARGET_BUILD_VARIANT checks between the
Android.mk files.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 19:47:44 +03:00
Jouni Malinen
3085e1a671 hs20-osu-client: dNSName values from OSU server certificate for PPS MO
The previous change to allow EST server to use a different host name
ended up overriding the OSU server certificate information and the
incorrect server certificate was used when comparing the SP FQDN from
the PPS MO if the OSU and EST servers where different. Fix this by
keeping the dNSName from the SPP interaction and not storing the values
from the EST interaction.

Fixes: 0ce8d55a2e ("hs20-osu-client: Allow EST server to use different host name")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-14 10:42:11 +02:00
Jouni Malinen
0ce8d55a2e hs20-osu-client: Allow EST server to use different host name
The EST server does not have to be sharing the same host name with the
OSU server. Use the host name from the EST URL instead of the SPP server
URL when validating the EST server certificate.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-11 19:47:30 +02:00
Jouni Malinen
abed7978f6 HS 2.0 server: Event log entry on missing configuration for the realm
Make the error reason clearer in the event log for the case where the
requested realm has not been configured.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-11 19:44:58 +02:00
Purushottam Kushwaha
1192d5721b Android: Compile hs20-osu-client to /vendor/bin in test builds
hs20-osu-client compilation fails on Android O onwards because of
undefined reference for __android_log_print/__android_log_vprint.

Modify hs20-osu-client's Android.mk to include liblog library and use
tag 'hs20-osu-client' in logcat logs. Additionally, compile
hs20-osu-client to /vendor/bin in non-production builds.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-10 19:40:08 +02:00
Baligh Gasmi
3d86fcee07 cleanup: Remove unreachable code
There is no need for unreachable code in these places, so remove it.

Signed-off-by: Baligh Gasmi <gasmibal@gmail.com>
2022-03-04 12:07:46 +02:00
Johannes Berg
722138cd25 build: Put object files into build/ folder
Instead of building in the source tree, put most object
files into the build/ folder at the root, and put each
thing that's being built into a separate folder.

This then allows us to build hostapd and wpa_supplicant
(or other combinations) without "make clean" inbetween.

For the tests keep the objects in place for now (and to
do that, add the build rule) so that we don't have to
rewrite all of that with $(call BUILDOBJS,...) which is
just noise there.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-10-10 12:51:39 +03:00
Johannes Berg
0430bc8267 build: Add a common-clean target
Clean up in a more common fashion as well, initially for ../src/.

Also add $(Q) to the clean target in src/

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-10-10 12:48:41 +03:00
Johannes Berg
a41a29192e build: Pull common fragments into a build.rules file
Some things are used by most of the binaries, pull them
into a common rule fragment that we can use properly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-10-10 12:47:29 +03:00
Johannes Berg
21cc50a434 HS 2.0 server: Add a .gitignore file
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-10-10 12:42:58 +03:00
Jouni Malinen
3f45b8daeb hs20-osu-client: Use size_t for certificate components
This avoids a theoretical integer overflow with 16-bit unsigned int
should a certificate be encoded with more that 65535 friendly names or
icons.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-22 18:50:04 +02:00
Ben Greear
e0fb468a7d HS 2.0 server: Add a note on OCSP server hostname
Signed-off-by: Ben Greear <greearb@candelatech.com>
2020-03-13 16:52:29 +02:00
Ben Greear
440dac7558 hs20-osu-client: Use more specific debug message on OSU connection
Signed-off-by: Ben Greear <greearb@candelatech.com>
2020-03-13 16:52:29 +02:00
Jouni Malinen
87998f80e7 HS 2.0 server: Allow OCSP responder to continue running after errors
By default, 'openssl ocsp' exits upon receiving a malformed request.
That's not really ideal for a server, so configure openssl to not do
that and instead, continue running to process other requests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 13:26:56 +02:00
Didier Raboud
8155b36fae Fix VERSION_STR printf() calls in case the postfix strings include %
Do not use VERSION_STR directly as the format string to printf() since
it is possible for that string to contain '%'.

Signed-off-by: Didier Raboud <odyx@debian.org>
2020-02-17 19:17:10 +02:00
Jouni Malinen
e33a0eecec hs20-osu-client: Validate HTTPS server certificate by default (browser)
This changes "hs20-osu-client browser <URL>" behavior to validate the
HTTPS server certificate against the system trust roots. The new command
line argument -T can be used to disable this validation.

This does not change behavior for SPP/OMA-DM triggered OSU operation,
i.e., they continue to not mandate server certificate validation for now
to avoid breaking existing test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 17:40:52 +02:00
Jouni Malinen
61bf9819c1 hs20_web_browser() to allow TLS server validation to be enabled
hs20_web_browser() was previously hardcoded to not perform strict TLS
server validation. Add an argument to this function to allow that
behavior to be configured. The hs20-osu-client users are still using the
old behavior, i.e., not validating server certificates, to be usable for
testing purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 17:40:52 +02:00
Ben Greear
b4b1b122e8 hs20-osu-client: Enable webkit2 support
This is my mostly-ignorant attempt to port hs20-osu-client to webkit2
API.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2020-02-16 17:40:52 +02:00
Jouni Malinen
8e5e36a184 Clean up base64_{encode,decode} pointer types
Allow any pointer to be used as source for encoding and use char * as
the return value from encoding and input value for decoding to reduce
number of type casts needed in the callers.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
236f132c54 HS 2.0 client: Ignore generated/copied files in work directory
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 14:09:33 +03:00
Masashi Honma
18f4fc43f2 hs20-osu-client: Check snprintf result to avoid compiler warnings
Fix false positive warnings by gcc 8.3.0.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-05-25 21:58:29 +03:00
Purushottam Kushwaha
7ad7aa0e12 HS 2.0: Make hs20-osu-client SP and <FQDN> directories group writable
This updates SP/<FQDN> directory with following permissions on Android
to allow moving certificate at runtime from Cert/ to SP/<FQDN> folder:
 - user:read/write/exec
 - group:read/write/exec
(i.e., add group write permission)

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-18 19:54:36 +02:00
Jouni Malinen
dd2aedeb55 HS 2.0 server: Add X-WFA-Hotspot20-Filtering header line to T&C
When filtering is successfully disabled at the end of the terms and
conditions acceptance sequence, add the "X-WFA-Hotspot20-Filtering:
remove" header line to the HTTP response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-14 12:09:09 +02:00
Johannes Berg
65b487ae54 HS 2.0: Add QUIET=1 support for building hs20-osu-client
Add QUIET=1 support to its Makefile and add the created binary to a
.gitignore file.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-05 23:51:36 +02:00
Jouni Malinen
59c6930641 HS 2.0 server: Command line option to fetch the version information
This can be used to report automatically generated version strings from
the SPP server.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:44 +02:00
Jouni Malinen
2d1762fa4a HS 2.0 server: Alternative subrem updateNode for certificate credentials
The new subrem field in the users database can now be used to issue an
alternative subscription remediation updateNode for clients using
certificate credentials. The data file for this case is similar to the
policy update files, but it starts with the managementTreeURI value in
the first line.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-23 01:03:46 +02:00
Jouni Malinen
d97cf2a117 HS 2.0 server: Use noMOUpdate in client certificate subrem
There is no point in trying to update the Credential node with the
existing contents in case of subscription remediation using a client
certificate instead of a username/password credential, so use the
noMOUpdate in that case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-22 23:31:06 +02:00
Jouni Malinen
8c70c30472 HS 2.0 server: Log new username in eventlog for cert reenroll
Make it easier to find the new username (and the new serial number from
it) when a user entry is renamed at the conclusion of client certificate
re-enrollment sequence.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-10 00:47:04 +02:00
Jouni Malinen
02f52ab6f5 Use lchown() instead of chown() for self-created files
There is no need to allow symlink dereferencing in these cases where a
file (including directories and sockets) are created by the same
process, so use the safer lchown() variant to avoid leaving potential
windows for something external to replace the file before the chown()
call. The particular locations used here should not have write
permissions enabled for processes with less privileges, so this may not
be needed, but anyway, it is better to make these more restrictive
should there be cases where directory permissions are not as expected
for a good deployment.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-06 20:28:04 +02:00
Ben Greear
a898113823 HS 2.0: Fix EST compilation with OpenSSL 1.1.0 and newer
SKM_sk_value() is not available anymore, so use DEFINE_STACK_OF() to get
the appropriate accessor functions.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-01-01 19:56:19 +02:00
Jouni Malinen
183a6c93cd HS 2.0 server: Allow policy to be set for SIM provisioning
A new osu_config field "sim_policy" can now be used to specify the
policy template for SIM provisioning.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-16 18:33:11 +02:00
Jouni Malinen
89ae35833b HS 2.0 server: SIM provisioning exchange
Support SIM provisioning exchange with SPP. This uses the
hotspot2dot0-mobile-identifier-hash value from the AAA server to allow
subscription registration through subscription remediation exchange.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-15 18:15:01 +02:00
Jouni Malinen
7bd8c76a4f HS 2.0 server: RADIUS server support for SIM provisioning
This adds support for hostapd-as-RADIUS-authentication-server to request
subscription remediation for SIM-based credentials. The new hostapd.conf
parameter hs20_sim_provisioning_url is used to set the URL prefix for
the remediation server for SIM provisioning. The random
hotspot2dot0-mobile-identifier-hash value will be added to the end of
this URL prefix and the same value is stored in a new SQLite database
table sim_provisioning for the subscription server implementation to
use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-15 18:01:38 +02:00
Jouni Malinen
0e1ab324cc HS 2.0 server: Fix couple of memory leaks
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 14:12:44 +02:00
Jouni Malinen
718346775d HS 2.0 server: Client certificate reenrollment
This adds support for the SPP server to request certificate reenrollment
and for the EST server to support the simplereenroll version.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 14:11:39 +02:00
Jouni Malinen
d726f4da54 HS 2.0 server: Document client certificate related Apache configuration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 00:34:10 +02:00
Jouni Malinen
2166651b0c HS 2.0 server: Clear remediation requirement for certificate credentials
Previous implementation updated user database only for username/password
credentials. While client certificates do not need the updated password
to be written, they do need the remediation requirement to be cleared,
so fix that.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 00:34:10 +02:00
Jouni Malinen
34341b09b4 HS 2.0 server: Do not set phase2=1 for certificate-based users
These are not really using Phase 2, so use more appropriate
configuration when going through online signup for client certificates.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 00:34:00 +02:00
Jouni Malinen
6ff4241797 HS 2.0 server: Include phase2=0 users for TLS in the user list
EAP-TLS users are not really using phase2, so do not require the
database to be set in a way that claim that inaccurately.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-03 23:38:20 +02:00
Jouni Malinen
1695b4dc37 HS 2.0: Do not require devinfo.xml for all hs20-osu-client operations
hs20-osu-client refused to do anything if it could not find devinfo.xml
from the current working directory. This is a bit excessive since that
file was used in init_ctx() only to fill in ctx->devid which is used
when constructing OMA DM messages.

Move the check for ctx->devid into OMA DM specific code so that other
hs20-osu-client functionality can be used without the devinfo.xml file.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-30 15:29:12 +02:00
Jouni Malinen
ba7d3fe920 HS 2.0: Record policy update into users table
This makes it easier to track whether a policy update has been
successfully completed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 19:00:37 +03:00
Jouni Malinen
4939e2bb97 HS 2.0: Rename PPS/Credential1 node to Cred01
This makes it a bit easier to use existing hardcoded PPS MO files for
testing purposes when the subscription remediation and policy update
operations target the same path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 18:07:37 +03:00
Jouni Malinen
950cafafb2 HS 2.0: Fix SubscriptionUpdate UpdateMethod value in OSU server
This node was modified long time ago to include "SPP-" prefix. Fix the
OSU server implementation to use the correct value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 18:00:02 +03:00
Jouni Malinen
55e5084d9e HS 2.0: OSU server test functionality for incorrect behavior (policy)
Extend test=<value> special incorrect behavior testing capabilities in
the OSU server to include the fingerprint of the policy update trust
root: test=corrupt_polupd_hash.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 17:57:39 +03:00