1252190Srpaulo/*
2252190Srpaulo * Copyright (c) 2009, Atheros Communications, Inc.
3252190Srpaulo * Copyright (c) 2011-2012, Qualcomm Atheros, Inc.
4252190Srpaulo *
5252190Srpaulo * This software may be distributed under the terms of the BSD license.
6252190Srpaulo * See README for more details.
7252190Srpaulo */
8252190Srpaulo
9252190Srpaulo#include "includes.h"
10252190Srpaulo
11252190Srpaulo#include "common.h"
12252190Srpaulo#include "eloop.h"
13252190Srpaulo#include "common/ieee802_11_common.h"
14252190Srpaulo#include "common/ieee802_11_defs.h"
15252190Srpaulo#include "common/gas.h"
16252190Srpaulo#include "common/wpa_ctrl.h"
17252190Srpaulo#include "wpa_supplicant_i.h"
18252190Srpaulo#include "driver_i.h"
19252190Srpaulo#include "config.h"
20252190Srpaulo#include "bss.h"
21252190Srpaulo#include "gas_query.h"
22252190Srpaulo#include "interworking.h"
23252190Srpaulo#include "hs20_supplicant.h"
24252190Srpaulo
25252190Srpaulo
26252190Srpaulovoid wpas_hs20_add_indication(struct wpabuf *buf)
27252190Srpaulo{
28252190Srpaulo	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
29252190Srpaulo	wpabuf_put_u8(buf, 5);
30252190Srpaulo	wpabuf_put_be24(buf, OUI_WFA);
31252190Srpaulo	wpabuf_put_u8(buf, HS20_INDICATION_OUI_TYPE);
32252190Srpaulo	wpabuf_put_u8(buf, 0x00); /* Hotspot Configuration */
33252190Srpaulo}
34252190Srpaulo
35252190Srpaulo
36252190Srpaulostruct wpabuf * hs20_build_anqp_req(u32 stypes, const u8 *payload,
37252190Srpaulo				    size_t payload_len)
38252190Srpaulo{
39252190Srpaulo	struct wpabuf *buf;
40252190Srpaulo	u8 *len_pos;
41252190Srpaulo
42252190Srpaulo	buf = gas_anqp_build_initial_req(0, 100 + payload_len);
43252190Srpaulo	if (buf == NULL)
44252190Srpaulo		return NULL;
45252190Srpaulo
46252190Srpaulo	len_pos = gas_anqp_add_element(buf, ANQP_VENDOR_SPECIFIC);
47252190Srpaulo	wpabuf_put_be24(buf, OUI_WFA);
48252190Srpaulo	wpabuf_put_u8(buf, HS20_ANQP_OUI_TYPE);
49252190Srpaulo	if (stypes == BIT(HS20_STYPE_NAI_HOME_REALM_QUERY)) {
50252190Srpaulo		wpabuf_put_u8(buf, HS20_STYPE_NAI_HOME_REALM_QUERY);
51252190Srpaulo		wpabuf_put_u8(buf, 0); /* Reserved */
52252190Srpaulo		if (payload)
53252190Srpaulo			wpabuf_put_data(buf, payload, payload_len);
54252190Srpaulo	} else {
55252190Srpaulo		u8 i;
56252190Srpaulo		wpabuf_put_u8(buf, HS20_STYPE_QUERY_LIST);
57252190Srpaulo		wpabuf_put_u8(buf, 0); /* Reserved */
58252190Srpaulo		for (i = 0; i < 32; i++) {
59252190Srpaulo			if (stypes & BIT(i))
60252190Srpaulo				wpabuf_put_u8(buf, i);
61252190Srpaulo		}
62252190Srpaulo	}
63252190Srpaulo	gas_anqp_set_element_len(buf, len_pos);
64252190Srpaulo
65252190Srpaulo	gas_anqp_set_len(buf);
66252190Srpaulo
67252190Srpaulo	return buf;
68252190Srpaulo}
69252190Srpaulo
70252190Srpaulo
71252190Srpauloint hs20_anqp_send_req(struct wpa_supplicant *wpa_s, const u8 *dst, u32 stypes,
72252190Srpaulo		       const u8 *payload, size_t payload_len)
73252190Srpaulo{
74252190Srpaulo	struct wpabuf *buf;
75252190Srpaulo	int ret = 0;
76252190Srpaulo	int freq;
77252190Srpaulo	struct wpa_bss *bss;
78252190Srpaulo	int res;
79252190Srpaulo
80252190Srpaulo	freq = wpa_s->assoc_freq;
81252190Srpaulo	bss = wpa_bss_get_bssid(wpa_s, dst);
82252190Srpaulo	if (bss) {
83252190Srpaulo		wpa_bss_anqp_unshare_alloc(bss);
84252190Srpaulo		freq = bss->freq;
85252190Srpaulo	}
86252190Srpaulo	if (freq <= 0)
87252190Srpaulo		return -1;
88252190Srpaulo
89252190Srpaulo	wpa_printf(MSG_DEBUG, "HS20: ANQP Query Request to " MACSTR " for "
90252190Srpaulo		   "subtypes 0x%x", MAC2STR(dst), stypes);
91252190Srpaulo
92252190Srpaulo	buf = hs20_build_anqp_req(stypes, payload, payload_len);
93252190Srpaulo	if (buf == NULL)
94252190Srpaulo		return -1;
95252190Srpaulo
96252190Srpaulo	res = gas_query_req(wpa_s->gas, dst, freq, buf, anqp_resp_cb, wpa_s);
97252190Srpaulo	if (res < 0) {
98252190Srpaulo		wpa_printf(MSG_DEBUG, "ANQP: Failed to send Query Request");
99252190Srpaulo		ret = -1;
100252190Srpaulo	} else
101252190Srpaulo		wpa_printf(MSG_DEBUG, "ANQP: Query started with dialog token "
102252190Srpaulo			   "%u", res);
103252190Srpaulo
104252190Srpaulo	wpabuf_free(buf);
105252190Srpaulo	return ret;
106252190Srpaulo}
107252190Srpaulo
108252190Srpaulo
109252190Srpaulovoid hs20_parse_rx_hs20_anqp_resp(struct wpa_supplicant *wpa_s,
110252190Srpaulo				  const u8 *sa, const u8 *data, size_t slen)
111252190Srpaulo{
112252190Srpaulo	const u8 *pos = data;
113252190Srpaulo	u8 subtype;
114252190Srpaulo	struct wpa_bss *bss = wpa_bss_get_bssid(wpa_s, sa);
115252190Srpaulo	struct wpa_bss_anqp *anqp = NULL;
116252190Srpaulo
117252190Srpaulo	if (slen < 2)
118252190Srpaulo		return;
119252190Srpaulo
120252190Srpaulo	if (bss)
121252190Srpaulo		anqp = bss->anqp;
122252190Srpaulo
123252190Srpaulo	subtype = *pos++;
124252190Srpaulo	slen--;
125252190Srpaulo
126252190Srpaulo	pos++; /* Reserved */
127252190Srpaulo	slen--;
128252190Srpaulo
129252190Srpaulo	switch (subtype) {
130252190Srpaulo	case HS20_STYPE_CAPABILITY_LIST:
131252190Srpaulo		wpa_msg(wpa_s, MSG_INFO, "RX-HS20-ANQP " MACSTR
132252190Srpaulo			" HS Capability List", MAC2STR(sa));
133252190Srpaulo		wpa_hexdump_ascii(MSG_DEBUG, "HS Capability List", pos, slen);
134252190Srpaulo		break;
135252190Srpaulo	case HS20_STYPE_OPERATOR_FRIENDLY_NAME:
136252190Srpaulo		wpa_msg(wpa_s, MSG_INFO, "RX-HS20-ANQP " MACSTR
137252190Srpaulo			" Operator Friendly Name", MAC2STR(sa));
138252190Srpaulo		wpa_hexdump_ascii(MSG_DEBUG, "oper friendly name", pos, slen);
139252190Srpaulo		if (anqp) {
140252190Srpaulo			wpabuf_free(anqp->hs20_operator_friendly_name);
141252190Srpaulo			anqp->hs20_operator_friendly_name =
142252190Srpaulo				wpabuf_alloc_copy(pos, slen);
143252190Srpaulo		}
144252190Srpaulo		break;
145252190Srpaulo	case HS20_STYPE_WAN_METRICS:
146252190Srpaulo		wpa_hexdump(MSG_DEBUG, "WAN Metrics", pos, slen);
147252190Srpaulo		if (slen < 13) {
148252190Srpaulo			wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: Too short WAN "
149252190Srpaulo				"Metrics value from " MACSTR, MAC2STR(sa));
150252190Srpaulo			break;
151252190Srpaulo		}
152252190Srpaulo		wpa_msg(wpa_s, MSG_INFO, "RX-HS20-ANQP " MACSTR
153252190Srpaulo			" WAN Metrics %02x:%u:%u:%u:%u:%u", MAC2STR(sa),
154252190Srpaulo			pos[0], WPA_GET_LE32(pos + 1), WPA_GET_LE32(pos + 5),
155252190Srpaulo			pos[9], pos[10], WPA_GET_LE16(pos + 11));
156252190Srpaulo		if (anqp) {
157252190Srpaulo			wpabuf_free(anqp->hs20_wan_metrics);
158252190Srpaulo			anqp->hs20_wan_metrics = wpabuf_alloc_copy(pos, slen);
159252190Srpaulo		}
160252190Srpaulo		break;
161252190Srpaulo	case HS20_STYPE_CONNECTION_CAPABILITY:
162252190Srpaulo		wpa_msg(wpa_s, MSG_INFO, "RX-HS20-ANQP " MACSTR
163252190Srpaulo			" Connection Capability", MAC2STR(sa));
164252190Srpaulo		wpa_hexdump_ascii(MSG_DEBUG, "conn capability", pos, slen);
165252190Srpaulo		if (anqp) {
166252190Srpaulo			wpabuf_free(anqp->hs20_connection_capability);
167252190Srpaulo			anqp->hs20_connection_capability =
168252190Srpaulo				wpabuf_alloc_copy(pos, slen);
169252190Srpaulo		}
170252190Srpaulo		break;
171252190Srpaulo	case HS20_STYPE_OPERATING_CLASS:
172252190Srpaulo		wpa_msg(wpa_s, MSG_INFO, "RX-HS20-ANQP " MACSTR
173252190Srpaulo			" Operating Class", MAC2STR(sa));
174252190Srpaulo		wpa_hexdump_ascii(MSG_DEBUG, "Operating Class", pos, slen);
175252190Srpaulo		if (anqp) {
176252190Srpaulo			wpabuf_free(anqp->hs20_operating_class);
177252190Srpaulo			anqp->hs20_operating_class =
178252190Srpaulo				wpabuf_alloc_copy(pos, slen);
179252190Srpaulo		}
180252190Srpaulo		break;
181252190Srpaulo	default:
182252190Srpaulo		wpa_printf(MSG_DEBUG, "HS20: Unsupported subtype %u", subtype);
183252190Srpaulo		break;
184252190Srpaulo	}
185252190Srpaulo}
186