Add preliminary RADIUS dynamic authorization server (RFC 5176)
This adds the basic DAS mechanism to enable hostapd to be configured to request dynamic authorization requests (Disconnect-Request and CoA-Request). This commit does not add actual processing of the requests, i.e., this will only receive and authenticate the requests and NAK them regardless of what operation is requested. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
af35e7af7f
commit
b031338cf0
11 changed files with 469 additions and 4 deletions
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* hostapd / Initialization and configuration
|
||||
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
|
@ -12,6 +12,7 @@
|
|||
#include "utils/eloop.h"
|
||||
#include "common/ieee802_11_defs.h"
|
||||
#include "radius/radius_client.h"
|
||||
#include "radius/radius_das.h"
|
||||
#include "drivers/driver.h"
|
||||
#include "hostapd.h"
|
||||
#include "authsrv.h"
|
||||
|
|
@ -241,6 +242,8 @@ static void hostapd_free_hapd_data(struct hostapd_data *hapd)
|
|||
#ifndef CONFIG_NO_RADIUS
|
||||
radius_client_deinit(hapd->radius);
|
||||
hapd->radius = NULL;
|
||||
radius_das_deinit(hapd->radius_das);
|
||||
hapd->radius_das = NULL;
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
hostapd_deinit_wps(hapd);
|
||||
|
|
@ -627,6 +630,22 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
|
|||
wpa_printf(MSG_ERROR, "RADIUS client initialization failed.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (hapd->conf->radius_das_port) {
|
||||
struct radius_das_conf das_conf;
|
||||
os_memset(&das_conf, 0, sizeof(das_conf));
|
||||
das_conf.port = hapd->conf->radius_das_port;
|
||||
das_conf.shared_secret = hapd->conf->radius_das_shared_secret;
|
||||
das_conf.shared_secret_len =
|
||||
hapd->conf->radius_das_shared_secret_len;
|
||||
das_conf.client_addr = &hapd->conf->radius_das_client_addr;
|
||||
hapd->radius_das = radius_das_init(&das_conf);
|
||||
if (hapd->radius_das == NULL) {
|
||||
wpa_printf(MSG_ERROR, "RADIUS DAS initialization "
|
||||
"failed.");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
if (hostapd_acl_init(hapd)) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue