18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP WPS Device 38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2000-2003 Intel Corporation 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2006-2007 Sony Corporation 58d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2008-2009 Atheros Communications 68d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi> 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * See below for more details on licensing and code history. 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This has been greatly stripped down from the original file 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * (upnp_wps_device.c) by Ted Merrill, Atheros Communications 148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * in order to eliminate use of the bulky libupnp library etc. 158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * History: 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device.c is/was a shim layer between wps_opt_upnp.c and 188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * the libupnp library. 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The layering (by Sony) was well done; only a very minor modification 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * to API of upnp_wps_device.c was required. 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * libupnp was found to be undesirable because: 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- It consumed too much code and data space 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- It uses multiple threads, making debugging more difficult 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * and possibly reducing reliability. 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- It uses static variables and only supports one instance. 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The shim and libupnp are here replaced by special code written 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * specifically for the needs of hostapd. 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Various shortcuts can and are taken to keep the code size small. 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Generally, execution time is not as crucial. 308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * BUGS: 328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- UPnP requires that we be able to resolve domain names. 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * While uncommon, if we have to do it then it will stall the entire 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * hostapd program, which is bad. 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This is because we use the standard linux getaddrinfo() function 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * which is syncronous. 378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * An asyncronous solution would be to use the free "ares" library. 388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- Does not have a robust output buffering scheme. Uses a single 398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * fixed size output buffer per TCP/HTTP connection, with possible (although 408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * unlikely) possibility of overflow and likely excessive use of RAM. 418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * A better solution would be to write the HTTP output as a buffered stream, 428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * using chunking: (handle header specially, then) generate data with 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * a printf-like function into a buffer, catching buffer full condition, 448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * then send it out surrounded by http chunking. 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- There is some code that could be separated out into the common 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * library to be shared with wpa_supplicant. 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -- Needs renaming with module prefix to avoid polluting the debugger 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * namespace and causing possible collisions with other static fncs 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * and structure declarations when using the debugger. 501f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt * -- The http error code generation is pretty bogus, hopefully no one cares. 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Author: Ted Merrill, Atheros Communications, based upon earlier work 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * as explained above and below. 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright: 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright 2008 Atheros Communications. 578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The original header (of upnp_wps_device.c) reads: 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2006-2007 Sony Corporation. All Rights Reserved. 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * File Name: upnp_wps_device.c 638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Description: EAP-WPS UPnP device source 648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Redistribution and use in source and binary forms, with or without 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * modification, are permitted provided that the following conditions 678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * are met: 688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Redistributions of source code must retain the above copyright 708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * notice, this list of conditions and the following disclaimer. 718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Redistributions in binary form must reproduce the above copyright 728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * notice, this list of conditions and the following disclaimer in 738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * the documentation and/or other materials provided with the 748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * distribution. 758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Neither the name of Sony Corporation nor the names of its 768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * contributors may be used to endorse or promote products derived 778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * from this software without specific prior written permission. 788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Portions from Intel libupnp files, e.g. genlib/net/http/httpreadwrite.c 928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * typical header: 938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2000-2003 Intel Corporation 958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * All rights reserved. 968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Redistribution and use in source and binary forms, with or without 988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * modification, are permitted provided that the following conditions are met: 998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Redistributions of source code must retain the above copyright notice, 1018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * this list of conditions and the following disclaimer. 1028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Redistributions in binary form must reproduce the above copyright notice, 1038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * this list of conditions and the following disclaimer in the documentation 1048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * and/or other materials provided with the distribution. 1058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * * Neither name of Intel Corporation nor the names of its contributors 1068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * may be used to endorse or promote products derived from this software 1078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * without specific prior written permission. 1088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 1108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 1118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 1128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL OR 1138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 1148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 1158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 1168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 1178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 1188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 1198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 1208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt*/ 1218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 1238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Overview of WPS over UPnP: 1248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP is a protocol that allows devices to discover each other and control 1268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * each other. In UPnP terminology, a device is either a "device" (a server 1278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * that provides information about itself and allows itself to be controlled) 1288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * or a "control point" (a client that controls "devices") or possibly both. 1298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This file implements a UPnP "device". 1308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * For us, we use mostly basic UPnP discovery, but the control part of interest 1328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * is WPS carried via UPnP messages. There is quite a bit of basic UPnP 1338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * discovery to do before we can get to WPS, however. 1348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP discovery begins with "devices" send out multicast UDP packets to a 1368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * certain fixed multicast IP address and port, and "control points" sending 1378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * out other such UDP packets. 1388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The packets sent by devices are NOTIFY packets (not to be confused with TCP 1408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * NOTIFY packets that are used later) and those sent by control points are 1418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * M-SEARCH packets. These packets contain a simple HTTP style header. The 1428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * packets are sent redundantly to get around packet loss. Devices respond to 1438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * M-SEARCH packets with HTTP-like UDP packets containing HTTP/1.1 200 OK 1448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * messages, which give similar information as the UDP NOTIFY packets. 1458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The above UDP packets advertise the (arbitrary) TCP ports that the 1478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * respective parties will listen to. The control point can then do a HTTP 1488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SUBSCRIBE (something like an HTTP PUT) after which the device can do a 1498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * separate HTTP NOTIFY (also like an HTTP PUT) to do event messaging. 1508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The control point will also do HTTP GET of the "device file" listed in the 1528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * original UDP information from the device (see UPNP_WPS_DEVICE_XML_FILE 1538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * data), and based on this will do additional GETs... HTTP POSTs are done to 1548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * cause an action. 1558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Beyond some basic information in HTTP headers, additional information is in 1578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * the HTTP bodies, in a format set by the SOAP and XML standards, a markup 1588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * language related to HTML used for web pages. This language is intended to 1598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * provide the ultimate in self-documentation by providing a universal 1608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * namespace based on pseudo-URLs called URIs. Note that although a URI looks 1618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * like a URL (a web address), they are never accessed as such but are used 1628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * only as identifiers. 1638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The POST of a GetDeviceInfo gets information similar to what might be 1658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * obtained from a probe request or response on Wi-Fi. WPS messages M1-M8 1668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * are passed via a POST of a PutMessage; the M1-M8 WPS messages are converted 1678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * to a bin64 ascii representation for encapsulation. When proxying messages, 1688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * WLANEvent and PutWLANResponse are used. 1698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This of course glosses over a lot of details. 1718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 1728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "includes.h" 1748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1751f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt#include <time.h> 1768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <net/if.h> 1778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <netdb.h> 1788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <sys/ioctl.h> 1798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "common.h" 1818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "uuid.h" 1828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "base64.h" 1838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "wps.h" 1848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "wps_i.h" 1858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "wps_upnp.h" 1868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "wps_upnp_i.h" 1878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 1908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP allows a client ("control point") to send a server like us ("device") 1918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * a domain name for registration, and we are supposed to resolve it. This is 1928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * bad because, using the standard Linux library, we will stall the entire 1938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * hostapd waiting for resolution. 1948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 1958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The "correct" solution would be to use an event driven library for domain 1968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * name resolution such as "ares". However, this would increase code size 1978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * further. Since it is unlikely that we'll actually see such domain names, we 1988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * can just refuse to accept them. 1998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define NO_DOMAIN_NAME_RESOLUTION 1 /* 1 to allow only dotted ip addresses */ 2018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 2048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP does not scale well. If we were in a room with thousands of control 2058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * points then potentially we could be expected to handle subscriptions for 2068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * each of them, which would exhaust our memory. So we must set a limit. In 2078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * practice we are unlikely to see more than one or two. 2088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define MAX_SUBSCRIPTIONS 4 /* how many subscribing clients we handle */ 2108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define MAX_ADDR_PER_SUBSCRIPTION 8 2118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* Maximum number of Probe Request events per second */ 2138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define MAX_EVENTS_PER_SEC 5 2148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic struct upnp_wps_device_sm *shared_upnp_device = NULL; 2178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* Write the current date/time per RFC */ 2208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid format_date(struct wpabuf *buf) 2218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *weekday_str = "Sun\0Mon\0Tue\0Wed\0Thu\0Fri\0Sat"; 2238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *month_str = "Jan\0Feb\0Mar\0Apr\0May\0Jun\0" 2248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Jul\0Aug\0Sep\0Oct\0Nov\0Dec"; 2258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct tm *date; 2268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt time_t t; 2278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt t = time(NULL); 2298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt date = gmtime(&t); 2308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_printf(buf, "%s, %02d %s %d %02d:%02d:%02d GMT", 2318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt &weekday_str[date->tm_wday * 4], date->tm_mday, 2328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt &month_str[date->tm_mon * 4], date->tm_year + 1900, 2338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt date->tm_hour, date->tm_min, date->tm_sec); 2348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/*************************************************************************** 2388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UUIDs (unique identifiers) 2398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 2408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * These are supposed to be unique in all the world. 2418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Sometimes permanent ones are used, sometimes temporary ones 2428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * based on random numbers... there are different rules for valid content 2438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * of different types. 2448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Each uuid is 16 bytes long. 2458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt **************************************************************************/ 2468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* uuid_make -- construct a random UUID 2488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * The UPnP documents don't seem to offer any guidelines as to which method to 2498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * use for constructing UUIDs for subscriptions. Presumably any method from 2508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * rfc4122 is good enough; I've chosen random number method. 2518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void uuid_make(u8 uuid[UUID_LEN]) 2538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_get_random(uuid, UUID_LEN); 2558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Replace certain bits as specified in rfc4122 or X.667 */ 2578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt uuid[6] &= 0x0f; uuid[6] |= (4 << 4); /* version 4 == random gen */ 2588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt uuid[8] &= 0x3f; uuid[8] |= 0x80; 2598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 2638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Subscriber address handling. 2648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Since a subscriber may have an arbitrary number of addresses, we have to 2658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * add a bunch of code to handle them. 2668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 2678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Addresses are passed in text, and MAY be domain names instead of the (usual 2688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * and expected) dotted IP addresses. Resolving domain names consumes a lot of 2698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * resources. Worse, we are currently using the standard Linux getaddrinfo() 2708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * which will block the entire program until complete or timeout! The proper 2718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * solution would be to use the "ares" library or similar with more state 2728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * machine steps etc. or just disable domain name resolution by setting 2738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * NO_DOMAIN_NAME_RESOLUTION to 1 at top of this file. 2748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscr_addr_delete -- delete single unlinked subscriber address 2778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * (be sure to unlink first if need be) 2788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid subscr_addr_delete(struct subscr_addr *a) 2808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 2828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Note: do NOT free domain_and_port or path because they point to 2838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * memory within the allocation of "a". 2848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(a); 2868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscr_addr_free_all -- unlink and delete list of subscriber addresses. */ 2908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void subscr_addr_free_all(struct subscription *s) 2918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscr_addr *a, *tmp; 2938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each_safe(a, tmp, &s->addr_list, struct subscr_addr, list) 2948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt { 2958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&a->list); 2968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscr_addr_delete(a); 2978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscr_addr_add_url -- add address(es) for one url to subscription */ 3028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void subscr_addr_add_url(struct subscription *s, const char *url, 3038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t url_len) 3048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 3058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int alloc_len; 3068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *scratch_mem = NULL; 3078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *mem; 30804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt char *host; 3098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *delim; 3108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *path; 3118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int port = 80; /* port to send to (default is port 80) */ 3128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct addrinfo hints; 3138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct addrinfo *result = NULL; 3148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct addrinfo *rp; 3158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int rerr; 31604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt size_t host_len, path_len; 3178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* url MUST begin with http: */ 3198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (url_len < 7 || os_strncasecmp(url, "http://", 7)) 3208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 3218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt url += 7; 3228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt url_len -= 7; 3238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 32404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt /* Make a copy of the string to allow modification during parsing */ 32504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt scratch_mem = os_malloc(url_len + 1); 3268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scratch_mem == NULL) 3278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 32804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt os_memcpy(scratch_mem, url, url_len); 32904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt scratch_mem[url_len] = '\0'; 33004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Adding URL '%s'", scratch_mem); 33104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt host = scratch_mem; 33204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt path = os_strchr(host, '/'); 33304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (path) 33404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt *path++ = '\0'; /* null terminate host */ 33504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 33604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt /* Process and remove optional port component */ 33704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt delim = os_strchr(host, ':'); 3388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (delim) { 33904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt *delim = '\0'; /* null terminate host name for now */ 34004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (isdigit(delim[1])) 34104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt port = atol(delim + 1); 3428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 3438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 3458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * getaddrinfo does the right thing with dotted decimal notations, or 3468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * will resolve domain names. Resolving domain names will unfortunately 3478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * hang the entire program until it is resolved or it times out 3488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * internal to getaddrinfo; fortunately we think that the use of actual 3498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * domain names (vs. dotted decimal notations) should be uncommon. 3508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 3518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(&hints, 0, sizeof(struct addrinfo)); 3528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hints.ai_family = AF_INET; /* IPv4 */ 3538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hints.ai_socktype = SOCK_STREAM; 3548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#if NO_DOMAIN_NAME_RESOLUTION 3558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Suppress domain name resolutions that would halt 3568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * the program for periods of time 3578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 3588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hints.ai_flags = AI_NUMERICHOST; 3598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else 3608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Allow domain name resolution. */ 3618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hints.ai_flags = 0; 3628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif 3638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hints.ai_protocol = 0; /* Any protocol? */ 36404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt rerr = getaddrinfo(host, NULL /* fill in port ourselves */, 3658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt &hints, &result); 3668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (rerr) { 3678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS UPnP: Resolve error %d (%s) on: %s", 36804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt rerr, gai_strerror(rerr), host); 3698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 3708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 37104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 37204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (delim) 37304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt *delim = ':'; /* Restore port */ 37404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 37504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt host_len = os_strlen(host); 37604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt path_len = path ? os_strlen(path) : 0; 37704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt alloc_len = host_len + 1 + 1 + path_len + 1; 37804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 3798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt for (rp = result; rp; rp = rp->ai_next) { 3808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscr_addr *a; 3818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Limit no. of address to avoid denial of service attack */ 3838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_len(&s->addr_list) >= MAX_ADDR_PER_SUBSCRIPTION) { 3848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS UPnP: subscr_addr_add_url: " 3858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Ignoring excessive addresses"); 3868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 3878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 3888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt a = os_zalloc(sizeof(*a) + alloc_len); 3908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (a == NULL) 39104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 39204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt mem = (char *) (a + 1); 3938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt a->domain_and_port = mem; 39404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt os_memcpy(mem, host, host_len); 39504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt mem += host_len + 1; 3968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt a->path = mem; 39704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (path == NULL || path[0] != '/') 3988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *mem++ = '/'; 39904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (path) 40004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt os_memcpy(mem, path, path_len); 4018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(&a->saddr, rp->ai_addr, sizeof(a->saddr)); 4028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt a->saddr.sin_port = htons(port); 4038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_add(&s->addr_list, &a->list); 4058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfail: 4088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (result) 4098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt freeaddrinfo(result); 4108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(scratch_mem); 4118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 4128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscr_addr_list_create -- create list from urls in string. 4158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Each url is enclosed by angle brackets. 4168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 4178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void subscr_addr_list_create(struct subscription *s, 4188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *url_list) 4198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 4208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *end; 4218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Parsing URL list '%s'", url_list); 4228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt for (;;) { 4238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt while (*url_list == ' ' || *url_list == '\t') 4248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt url_list++; 4258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (*url_list != '<') 4268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 4278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt url_list++; 4288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt end = os_strchr(url_list, '>'); 4298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (end == NULL) 4308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 4318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscr_addr_add_url(s, url_list, end - url_list); 4328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt url_list = end + 1; 4338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 4358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint send_wpabuf(int fd, struct wpabuf *buf) 4388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 4398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Send %lu byte message", 4408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (unsigned long) wpabuf_len(buf)); 4418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt errno = 0; 4428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (write(fd, wpabuf_head(buf), wpabuf_len(buf)) != 4438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (int) wpabuf_len(buf)) { 4448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: Failed to send buffer: " 4458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "errno=%d (%s)", 4468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt errno, strerror(errno)); 4478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 4518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 4528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void wpabuf_put_property(struct wpabuf *buf, const char *name, 4558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *value) 4568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 4578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, "<e:property>"); 4588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_printf(buf, "<%s>", name); 4598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (value) 4608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, value); 4618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_printf(buf, "</%s>", name); 4628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, "</e:property>\n"); 4638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 4648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 4678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_send_event - Queue event messages for subscribers 4688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 4698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 4708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function queues the last WLANEvent to be sent for all currently 4718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * subscribed UPnP control points. sm->wlanevent must have been set with the 4728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * encoded data before calling this function. 4738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 4748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void upnp_wps_device_send_event(struct upnp_wps_device_sm *sm) 4758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 4768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Enqueue event message for all subscribers */ 4778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wpabuf *buf; /* holds event message */ 4788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int buf_size = 0; 4798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s, *tmp; 4808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Actually, utf-8 is the default, but it doesn't hurt to specify it */ 4818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *format_head = 4828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" 4838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "<e:propertyset xmlns:e=\"urn:schemas-upnp-org:event-1-0\">\n"; 4848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *format_tail = "</e:propertyset>\n"; 4858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct os_time now; 4868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_empty(&sm->subscriptions)) { 4888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* optimize */ 4898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 4908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (os_get_time(&now) == 0) { 4938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (now.sec != sm->last_event_sec) { 4948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->last_event_sec = now.sec; 4958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->num_events_in_sec = 1; 4968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 4978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->num_events_in_sec++; 4988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 4998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * In theory, this should apply to all WLANEvent 5008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * notifications, but EAP messages are of much higher 5018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * priority and Probe Request notifications should not 5028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * be allowed to drop EAP messages, so only throttle 5038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Probe Request notifications. 5048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 5058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sm->num_events_in_sec > MAX_EVENTS_PER_SEC && 5068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->wlanevent_type == 5078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt UPNP_WPS_WLANEVENT_TYPE_PROBE) { 5088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Throttle " 5098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "event notifications (%u seen " 5108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "during one second)", 5118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->num_events_in_sec); 5128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 5138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Determine buffer size needed first */ 5188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf_size += os_strlen(format_head); 5198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf_size += 50 + 2 * os_strlen("WLANEvent"); 5208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sm->wlanevent) 5218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf_size += os_strlen(sm->wlanevent); 5228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf_size += os_strlen(format_tail); 5238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf = wpabuf_alloc(buf_size); 5258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf == NULL) 5268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 5278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, format_head); 5288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_property(buf, "WLANEvent", sm->wlanevent); 5298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, format_tail); 5308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_MSGDUMP, "WPS UPnP: WLANEvent message:\n%s", 5328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (char *) wpabuf_head(buf)); 5338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each_safe(s, tmp, &sm->subscriptions, struct subscription, 5358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt list) { 5368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt event_add(s, buf, 5378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->wlanevent_type == UPNP_WPS_WLANEVENT_TYPE_PROBE); 5388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_free(buf); 5418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 5428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 5458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Event subscription (subscriber machines register with us to receive event 5468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * messages). 5478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This is the result of an incoming HTTP over TCP SUBSCRIBE request. 5488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 5498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscription_destroy -- destroy an unlinked subscription 5518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Be sure to unlink first if necessary. 5528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 5538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid subscription_destroy(struct subscription *s) 5548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 555c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt struct upnp_wps_device_interface *iface; 5568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Destroy subscription %p", s); 5578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscr_addr_free_all(s); 5588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt event_delete_all(s); 559c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt dl_list_for_each(iface, &s->sm->interfaces, 560c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt struct upnp_wps_device_interface, list) 561c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt upnp_er_remove_notification(iface->wps->registrar, s); 5628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(s); 5638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 5648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscription_list_age -- remove expired subscriptions */ 5678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void subscription_list_age(struct upnp_wps_device_sm *sm, time_t now) 5688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 5698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s, *tmp; 5708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each_safe(s, tmp, &sm->subscriptions, 5718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription, list) { 5728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (s->timeout_time > now) 5738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 5748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Removing aged subscription"); 5758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&s->list); 5768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_destroy(s); 5778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 5798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscription_find -- return existing subscription matching uuid, if any 5828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * returns NULL if not found 5838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 5848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct subscription * subscription_find(struct upnp_wps_device_sm *sm, 5858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 uuid[UUID_LEN]) 5868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 5878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s; 5888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each(s, &sm->subscriptions, struct subscription, list) { 5898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (os_memcmp(s->uuid, uuid, UUID_LEN) == 0) 5908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return s; /* Found match */ 5918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 5938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 5948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic struct wpabuf * build_fake_wsc_ack(void) 5978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 5988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wpabuf *msg = wpabuf_alloc(100); 5998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (msg == NULL) 6008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 6018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_u8(msg, UPNP_WPS_WLANEVENT_TYPE_EAP); 6028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(msg, "00:00:00:00:00:00"); 6038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (wps_build_version(msg) || 6048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_build_msg_type(msg, WPS_WSC_ACK)) { 6058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_free(msg); 6068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 6078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Enrollee Nonce */ 6098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_be16(msg, ATTR_ENROLLEE_NONCE); 6108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_be16(msg, WPS_NONCE_LEN); 6118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put(msg, WPS_NONCE_LEN); 6128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Registrar Nonce */ 6138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_be16(msg, ATTR_REGISTRAR_NONCE); 6148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_be16(msg, WPS_NONCE_LEN); 6158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put(msg, WPS_NONCE_LEN); 6168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_build_wfa_ext(msg, 0, NULL, 0); 6178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return msg; 6188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 6198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscription_first_event -- send format/queue event that is automatically 6228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * sent on a new subscription. 6238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 6248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int subscription_first_event(struct subscription *s) 6258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 6268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 6278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Actually, utf-8 is the default, but it doesn't hurt to specify it. 6288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 6298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * APStatus is apparently a bit set, 6308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 0x1 = configuration change (but is always set?) 6318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 0x10 = ap is locked 6328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 6338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Per UPnP spec, we send out the last value of each variable, even 6348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * for WLANEvent, whatever it was. 6358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 6368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *wlan_event; 6378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wpabuf *buf; 6388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int ap_status = 1; /* TODO: add 0x10 if access point is locked */ 6398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *head = 6408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" 6418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "<e:propertyset xmlns:e=\"urn:schemas-upnp-org:event-1-0\">\n"; 6428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *tail = "</e:propertyset>\n"; 6438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char txt[10]; 6448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int ret; 6458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (s->sm->wlanevent == NULL) { 6478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 6488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * There has been no events before the subscription. However, 6498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UPnP device architecture specification requires all the 6508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * evented variables to be included, so generate a dummy event 6518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * for this particular case using a WSC_ACK and all-zeros 6528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * nonces. The ER (UPnP control point) will ignore this, but at 6538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * least it will learn that WLANEvent variable will be used in 6548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * event notifications in the future. 6558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 6568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wpabuf *msg; 6578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Use a fake WSC_ACK as the " 6588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "initial WLANEvent"); 6598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt msg = build_fake_wsc_ack(); 6608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (msg) { 6618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s->sm->wlanevent = (char *) 6628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt base64_encode(wpabuf_head(msg), 6638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_len(msg), NULL); 6648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_free(msg); 6658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wlan_event = s->sm->wlanevent; 6698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (wlan_event == NULL || *wlan_event == '\0') { 6708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: WLANEvent not known for " 6718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "initial event message"); 6728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wlan_event = ""; 6738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf = wpabuf_alloc(500 + os_strlen(wlan_event)); 6758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf == NULL) 6768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 6778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, head); 6798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_property(buf, "STAStatus", "1"); 6808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_snprintf(txt, sizeof(txt), "%d", ap_status); 6818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_property(buf, "APStatus", txt); 6828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (*wlan_event) 6838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_property(buf, "WLANEvent", wlan_event); 6848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_put_str(buf, tail); 6858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = event_add(s, buf, 0); 6878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret) { 6888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_free(buf); 6898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return ret; 6908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpabuf_free(buf); 6928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 6948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 6958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 6988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * subscription_start - Remember a UPnP control point to send events to. 6998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 7008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @callback_urls: Callback URLs 7018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: %NULL on error, or pointer to new subscription structure. 7028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 7038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct subscription * subscription_start(struct upnp_wps_device_sm *sm, 7048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const char *callback_urls) 7058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s; 7078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt time_t now = time(NULL); 7088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt time_t expire = now + UPNP_SUBSCRIBE_SEC; 7098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Get rid of expired subscriptions so we have room */ 7118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_list_age(sm, now); 7128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* If too many subscriptions, remove oldest */ 7148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_len(&sm->subscriptions) >= MAX_SUBSCRIPTIONS) { 7158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s = dl_list_first(&sm->subscriptions, struct subscription, 7168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt list); 7178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS UPnP: Too many subscriptions, " 7188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "trashing oldest"); 7198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&s->list); 7208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_destroy(s); 7218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s = os_zalloc(sizeof(*s)); 7248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (s == NULL) 7258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 7268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_init(&s->addr_list); 7278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_init(&s->event_queue); 7288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s->sm = sm; 7308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s->timeout_time = expire; 7318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt uuid_make(s->uuid); 7328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscr_addr_list_create(s, callback_urls); 7338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_empty(&s->addr_list)) { 7348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: No valid callback URLs in " 7358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "'%s' - drop subscription", callback_urls); 7368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_destroy(s); 7378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 7388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Add to end of list, since it has the highest expiration time */ 7418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_add_tail(&sm->subscriptions, &s->list); 7428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Queue up immediate event message (our last event) 7438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * as required by UPnP spec. 7448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 7458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (subscription_first_event(s)) { 7468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS UPnP: Dropping subscriber due to " 7478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "event backlog"); 7488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&s->list); 7498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_destroy(s); 7508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 7518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Subscription %p started with %s", 7538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s, callback_urls); 7548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Schedule sending this */ 7558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt event_send_all_later(sm); 7568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return s; 7578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 7588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* subscription_renew -- find subscription and reset timeout */ 7618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct subscription * subscription_renew(struct upnp_wps_device_sm *sm, 7628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 uuid[UUID_LEN]) 7638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt time_t now = time(NULL); 7658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt time_t expire = now + UPNP_SUBSCRIBE_SEC; 7668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s = subscription_find(sm, uuid); 7678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (s == NULL) 7688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 7698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Subscription renewed"); 7708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&s->list); 7718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt s->timeout_time = expire; 7728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* add back to end of list, since it now has highest expiry */ 7738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_add_tail(&sm->subscriptions, &s->list); 7748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return s; 7758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 7768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 7798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_send_wlan_event - Event notification 7808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 7818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @from_mac_addr: Source (Enrollee) MAC address for the event 7828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ev_type: Event type 7838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @msg: Event data 7848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 on failure 7858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 7868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Tell external Registrars (UPnP control points) that something happened. In 7878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * particular, events include WPS messages from clients that are proxied to 7888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * external Registrars. 7898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 7908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint upnp_wps_device_send_wlan_event(struct upnp_wps_device_sm *sm, 7918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 from_mac_addr[ETH_ALEN], 7928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt enum upnp_wps_wlanevent_type ev_type, 7938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const struct wpabuf *msg) 7948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int ret = -1; 7968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char type[2]; 7978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *mac = from_mac_addr; 7988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char mac_text[18]; 7998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 *raw = NULL; 8008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t raw_len; 8018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *val; 8028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t val_len; 8038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int pos = 0; 8048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!sm) 8068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 8078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_snprintf(type, sizeof(type), "%1u", ev_type); 8098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt raw_len = 1 + 17 + (msg ? wpabuf_len(msg) : 0); 8118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt raw = os_zalloc(raw_len); 8128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!raw) 8138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 8148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *(raw + pos) = (u8) ev_type; 8168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += 1; 8178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_snprintf(mac_text, sizeof(mac_text), MACSTR, MAC2STR(mac)); 8188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Proxying WLANEvent from %s", 8198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt mac_text); 8208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(raw + pos, mac_text, 17); 8218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += 17; 8228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (msg) { 8238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(raw + pos, wpabuf_head(msg), wpabuf_len(msg)); 8248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += wpabuf_len(msg); 8258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt raw_len = pos; 8278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt val = (char *) base64_encode(raw, raw_len, &val_len); 8298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (val == NULL) 8308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 8318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm->wlanevent); 8338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->wlanevent = val; 8348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->wlanevent_type = ev_type; 8358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_device_send_event(sm); 8368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = 0; 8388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfail: 8408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(raw); 8418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return ret; 8438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 8448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) 8478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <sys/sysctl.h> 8488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <net/route.h> 8498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <net/if_dl.h> 8508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int eth_get(const char *device, u8 ea[ETH_ALEN]) 8528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 8538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct if_msghdr *ifm; 8548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct sockaddr_dl *sdl; 8558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u_char *p, *buf; 8568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len; 8578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int mib[] = { CTL_NET, AF_ROUTE, 0, AF_LINK, NET_RT_IFLIST, 0 }; 8588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) 8608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if ((buf = os_malloc(len)) == NULL) 8628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { 8648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 8658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt for (p = buf; p < buf + len; p += ifm->ifm_msglen) { 8688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ifm = (struct if_msghdr *)p; 8698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sdl = (struct sockaddr_dl *)(ifm + 1); 8708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ifm->ifm_type != RTM_IFINFO || 8718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (ifm->ifm_addrs & RTA_IFP) == 0) 8728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 8738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sdl->sdl_family != AF_LINK || sdl->sdl_nlen == 0 || 8748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcmp(sdl->sdl_data, device, sdl->sdl_nlen) != 0) 8758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 8768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(ea, LLADDR(sdl), sdl->sdl_alen); 8778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 8788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 8808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (p >= buf + len) { 8828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt errno = ESRCH; 8838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 8868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 8878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* __FreeBSD__ */ 8888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 8918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * get_netif_info - Get hw and IP addresses for network device 8928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @net_if: Selected network interface name 8938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ip_addr: Buffer for returning IP address in network byte order 8948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ip_addr_text: Buffer for returning a pointer to allocated IP address text 8958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @mac: Buffer for returning MAC address 8968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 on failure 8978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 8988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text, 8998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 mac[ETH_ALEN]) 9008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct ifreq req; 9028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int sock = -1; 9038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct sockaddr_in *addr; 9048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct in_addr in_addr; 9058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *ip_addr_text = os_zalloc(16); 9078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (*ip_addr_text == NULL) 9088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 9098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sock = socket(AF_INET, SOCK_DGRAM, 0); 9118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sock < 0) 9128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 9138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_strlcpy(req.ifr_name, net_if, sizeof(req.ifr_name)); 9158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ioctl(sock, SIOCGIFADDR, &req) < 0) { 9168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: SIOCGIFADDR failed: %d (%s)", 9178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt errno, strerror(errno)); 9188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 9198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt addr = (void *) &req.ifr_addr; 9218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *ip_addr = addr->sin_addr.s_addr; 9228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt in_addr.s_addr = *ip_addr; 9238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_snprintf(*ip_addr_text, 16, "%s", inet_ntoa(in_addr)); 9248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef __linux__ 9268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_strlcpy(req.ifr_name, net_if, sizeof(req.ifr_name)); 9278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ioctl(sock, SIOCGIFHWADDR, &req) < 0) { 9288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: SIOCGIFHWADDR failed: " 9298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "%d (%s)", errno, strerror(errno)); 9308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 9318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(mac, req.ifr_addr.sa_data, 6); 9338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__) 9348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (eth_get(net_if, mac) < 0) { 9358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: Failed to get MAC address"); 9368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 9378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else 9398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#error MAC address fetch not implemented 9408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif 9418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt close(sock); 9438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 9448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfail: 9468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sock >= 0) 9478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt close(sock); 9488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(*ip_addr_text); 9498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *ip_addr_text = NULL; 9508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 9518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 9528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void upnp_wps_free_msearchreply(struct dl_list *head) 9558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct advertisement_state_machine *a, *tmp; 9578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each_safe(a, tmp, head, struct advertisement_state_machine, 9588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt list) 9598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt msearchreply_state_machine_stop(a); 9608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 9618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void upnp_wps_free_subscriptions(struct dl_list *head, 9648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wps_registrar *reg) 9658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct subscription *s, *tmp; 9678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each_safe(s, tmp, head, struct subscription, list) { 9688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (reg && s->reg != reg) 9698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 9708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&s->list); 9718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt subscription_destroy(s); 9728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 9748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 9778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_stop - Stop WPS UPnP operations on an interface 9788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 9798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 9808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void upnp_wps_device_stop(struct upnp_wps_device_sm *sm) 9818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!sm || !sm->started) 9838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 9848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Stop device"); 9868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt web_listener_stop(sm); 9878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_free_msearchreply(&sm->msearch_replies); 9888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_free_subscriptions(&sm->subscriptions, NULL); 9898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt advertisement_state_machine_stop(sm, 1); 9918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt event_send_stop_all(sm); 9938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm->wlanevent); 9948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->wlanevent = NULL; 9958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm->ip_addr_text); 9968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->ip_addr_text = NULL; 9978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sm->multicast_sd >= 0) 9988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt close(sm->multicast_sd); 9998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->multicast_sd = -1; 10008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ssdp_listener_stop(sm); 10018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->started = 0; 10038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 10048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 10078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_start - Start WPS UPnP operations on an interface 10088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 10098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @net_if: Selected network interface name 10108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 on failure 10118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 10128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int upnp_wps_device_start(struct upnp_wps_device_sm *sm, char *net_if) 10138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 10148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!sm || !net_if) 10158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 10168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sm->started) 10188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_device_stop(sm); 10198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->multicast_sd = -1; 10218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->ssdp_sd = -1; 10228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->started = 1; 10238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->advertise_count = 0; 10248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Fix up linux multicast handling */ 10268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (add_ssdp_network(net_if)) 10278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Determine which IP and mac address we're using */ 10308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (get_netif_info(net_if, &sm->ip_addr, &sm->ip_addr_text, 10318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm->mac_addr)) { 10328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS UPnP: Could not get IP/MAC address " 10338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "for %s. Does it have IP address?", net_if); 10348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Listen for incoming TCP connections so that others 10388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * can fetch our "xml files" from us. 10398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 10408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (web_listener_start(sm)) 10418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Set up for receiving discovery (UDP) packets */ 10448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ssdp_listener_start(sm)) 10458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Set up for sending multicast */ 10488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ssdp_open_multicast(sm) < 0) 10498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 10528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Broadcast NOTIFY messages to let the world know we exist. 10538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This is done via a state machine since the messages should not be 10548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * all sent out at once. 10558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 10568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (advertisement_state_machine_start(sm)) 10578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 10588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 10608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfail: 10628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_device_stop(sm); 10638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 10648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 10658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic struct upnp_wps_device_interface * 10688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtupnp_wps_get_iface(struct upnp_wps_device_sm *sm, void *priv) 10698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 10708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface *iface; 10718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each(iface, &sm->interfaces, 10728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface, list) { 10738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (iface->priv == priv) 10748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return iface; 10758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 10778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 10788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 10818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_deinit - Deinitialize WPS UPnP 10828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 10838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @priv: External context data that was used in upnp_wps_device_init() call 10848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 10858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid upnp_wps_device_deinit(struct upnp_wps_device_sm *sm, void *priv) 10868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 10878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface *iface; 10888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!sm) 10908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 10918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface = upnp_wps_get_iface(sm, priv); 10938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (iface == NULL) { 10948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: Could not find the interface " 10958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "instance to deinit"); 10968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 10978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Deinit interface instance %p", iface); 10998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_len(&sm->interfaces) == 1) { 11008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Deinitializing last instance " 11018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "- free global device instance"); 11028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_device_stop(sm); 11038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else 11048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_free_subscriptions(&sm->subscriptions, 11058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->wps->registrar); 11068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_del(&iface->list); 11078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (iface->peer.wps) 11098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_deinit(iface->peer.wps); 11108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(iface->ctx->ap_pin); 11118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(iface->ctx); 11128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(iface); 11138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dl_list_empty(&sm->interfaces)) { 11158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm->root_dir); 11168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm->desc_url); 11178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(sm); 11188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt shared_upnp_device = NULL; 11198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 11218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 11248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_device_init - Initialize WPS UPnP 11258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ctx: callback table; we must eventually free it 11268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @wps: Pointer to longterm WPS context 11278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @priv: External context data that will be used in callbacks 11288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @net_if: Selected network interface name 11298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: WPS UPnP state or %NULL on failure 11308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 11318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct upnp_wps_device_sm * 11328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtupnp_wps_device_init(struct upnp_wps_device_ctx *ctx, struct wps_context *wps, 11338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt void *priv, char *net_if) 11348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 11358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_sm *sm; 11368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface *iface; 11378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int start = 0; 11388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface = os_zalloc(sizeof(*iface)); 11408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (iface == NULL) { 11418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(ctx->ap_pin); 11428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(ctx); 11438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 11448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Init interface instance %p", iface); 11468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->ctx = ctx; 11488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->wps = wps; 11498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->priv = priv; 11508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (shared_upnp_device) { 11528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Share existing device " 11538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "context"); 11548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm = shared_upnp_device; 11558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 11568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS UPnP: Initialize device context"); 11578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sm = os_zalloc(sizeof(*sm)); 11588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (!sm) { 11598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "WPS UPnP: upnp_wps_device_init " 11608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "failed"); 11618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(iface); 11628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(ctx->ap_pin); 11638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(ctx); 11648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 11658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt shared_upnp_device = sm; 11678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_init(&sm->msearch_replies); 11698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_init(&sm->subscriptions); 11708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_init(&sm->interfaces); 11718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt start = 1; 11728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_add(&sm->interfaces, &iface->list); 11758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (start && upnp_wps_device_start(sm, net_if)) { 11778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt upnp_wps_device_deinit(sm, priv); 11788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 11798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return sm; 11838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 11848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 11878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * upnp_wps_subscribers - Check whether there are any event subscribers 11888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sm: WPS UPnP state machine from upnp_wps_device_init() 11898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 if no subscribers, 1 if subscribers 11908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 11918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint upnp_wps_subscribers(struct upnp_wps_device_sm *sm) 11928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 11938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return !dl_list_empty(&sm->subscriptions); 11948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 11958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint upnp_wps_set_ap_pin(struct upnp_wps_device_sm *sm, const char *ap_pin) 11988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 11998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface *iface; 12008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sm == NULL) 12018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 12028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dl_list_for_each(iface, &sm->interfaces, 12048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct upnp_wps_device_interface, list) { 12058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(iface->ctx->ap_pin); 12068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ap_pin) { 12078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->ctx->ap_pin = os_strdup(ap_pin); 12088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (iface->ctx->ap_pin == NULL) 12098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 12108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else 12118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt iface->ctx->ap_pin = NULL; 12128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 12138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 12158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1216