Added support for removing RADIUS accounting and RADIUS in general
CONFIG_NO_ACCOUNTING=y and CONFIG_NO_RADIUS=y build options can now be used to remove RADIUS support from the hostapd build.
This commit is contained in:
parent
9c584c06bd
commit
f88bd28836
6 changed files with 94 additions and 2 deletions
|
@ -39,7 +39,7 @@ LIBS += -lws2_32
|
||||||
endif
|
endif
|
||||||
|
|
||||||
OBJS = hostapd.o ieee802_1x.o eapol_sm.o \
|
OBJS = hostapd.o ieee802_1x.o eapol_sm.o \
|
||||||
config.o ieee802_11_auth.o accounting.o \
|
config.o ieee802_11_auth.o \
|
||||||
sta_info.o wpa.o ctrl_iface.o \
|
sta_info.o wpa.o ctrl_iface.o \
|
||||||
drivers.o preauth.o pmksa_cache.o \
|
drivers.o preauth.o pmksa_cache.o \
|
||||||
hw_features.o \
|
hw_features.o \
|
||||||
|
@ -55,8 +55,19 @@ OBJS += ../src/utils/ip_addr.o
|
||||||
OBJS += ../src/common/ieee802_11_common.o
|
OBJS += ../src/common/ieee802_11_common.o
|
||||||
OBJS += ../src/common/wpa_common.o
|
OBJS += ../src/common/wpa_common.o
|
||||||
|
|
||||||
|
ifdef CONFIG_NO_RADIUS
|
||||||
|
CFLAGS += -DCONFIG_NO_RADIUS
|
||||||
|
CONFIG_NO_ACCOUNTING=y
|
||||||
|
else
|
||||||
OBJS += ../src/radius/radius.o
|
OBJS += ../src/radius/radius.o
|
||||||
OBJS += ../src/radius/radius_client.o
|
OBJS += ../src/radius/radius_client.o
|
||||||
|
endif
|
||||||
|
|
||||||
|
ifdef CONFIG_NO_ACCOUNTING
|
||||||
|
CFLAGS += -DCONFIG_NO_ACCOUNTING
|
||||||
|
else
|
||||||
|
OBJS += accounting.o
|
||||||
|
endif
|
||||||
|
|
||||||
OBJS += ../src/crypto/md5.o
|
OBJS += ../src/crypto/md5.o
|
||||||
OBJS += ../src/crypto/rc4.o
|
OBJS += ../src/crypto/rc4.o
|
||||||
|
|
|
@ -15,11 +15,32 @@
|
||||||
#ifndef ACCOUNTING_H
|
#ifndef ACCOUNTING_H
|
||||||
#define ACCOUNTING_H
|
#define ACCOUNTING_H
|
||||||
|
|
||||||
void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
|
|
||||||
void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta);
|
void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta);
|
||||||
|
#ifdef CONFIG_NO_ACCOUNTING
|
||||||
|
static inline void accounting_sta_start(struct hostapd_data *hapd,
|
||||||
|
struct sta_info *sta)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void accounting_sta_stop(struct hostapd_data *hapd,
|
||||||
|
struct sta_info *sta)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline int accounting_init(struct hostapd_data *hapd)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void accounting_deinit(struct hostapd_data *hapd)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
#else /* CONFIG_NO_ACCOUNTING */
|
||||||
|
void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
|
||||||
void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta);
|
void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta);
|
||||||
int accounting_init(struct hostapd_data *hapd);
|
int accounting_init(struct hostapd_data *hapd);
|
||||||
void accounting_deinit(struct hostapd_data *hapd);
|
void accounting_deinit(struct hostapd_data *hapd);
|
||||||
|
#endif /* CONFIG_NO_ACCOUNTING */
|
||||||
int accounting_reconfig(struct hostapd_data *hapd,
|
int accounting_reconfig(struct hostapd_data *hapd,
|
||||||
struct hostapd_config *oldconf);
|
struct hostapd_config *oldconf);
|
||||||
|
|
||||||
|
|
|
@ -140,3 +140,9 @@ CONFIG_IPV6=y
|
||||||
# This can be used to reduce the size of the hostapd considerably if debugging
|
# This can be used to reduce the size of the hostapd considerably if debugging
|
||||||
# code is not needed.
|
# code is not needed.
|
||||||
#CONFIG_NO_STDOUT_DEBUG=y
|
#CONFIG_NO_STDOUT_DEBUG=y
|
||||||
|
|
||||||
|
# Remove support for RADIUS accounting
|
||||||
|
#CONFIG_NO_ACCOUNTING=y
|
||||||
|
|
||||||
|
# Remove support for RADIUS
|
||||||
|
#CONFIG_NO_RADIUS=y
|
||||||
|
|
|
@ -53,6 +53,7 @@ struct hostapd_acl_query_data {
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
static void hostapd_acl_cache_free(struct hostapd_cached_radius_acl *acl_cache)
|
static void hostapd_acl_cache_free(struct hostapd_cached_radius_acl *acl_cache)
|
||||||
{
|
{
|
||||||
struct hostapd_cached_radius_acl *prev;
|
struct hostapd_cached_radius_acl *prev;
|
||||||
|
@ -96,6 +97,7 @@ static int hostapd_acl_cache_get(struct hostapd_data *hapd, const u8 *addr,
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
|
|
||||||
static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
|
static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
|
||||||
|
@ -107,6 +109,7 @@ static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
|
static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
|
||||||
struct hostapd_acl_query_data *query)
|
struct hostapd_acl_query_data *query)
|
||||||
{
|
{
|
||||||
|
@ -196,6 +199,7 @@ static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
|
||||||
os_free(msg);
|
os_free(msg);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -234,6 +238,9 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
|
||||||
return HOSTAPD_ACL_REJECT;
|
return HOSTAPD_ACL_REJECT;
|
||||||
|
|
||||||
if (hapd->conf->macaddr_acl == USE_EXTERNAL_RADIUS_AUTH) {
|
if (hapd->conf->macaddr_acl == USE_EXTERNAL_RADIUS_AUTH) {
|
||||||
|
#ifdef CONFIG_NO_RADIUS
|
||||||
|
return HOSTAPD_ACL_REJECT;
|
||||||
|
#else /* CONFIG_NO_RADIUS */
|
||||||
struct hostapd_acl_query_data *query;
|
struct hostapd_acl_query_data *query;
|
||||||
|
|
||||||
/* Check whether ACL cache has an entry for this station */
|
/* Check whether ACL cache has an entry for this station */
|
||||||
|
@ -289,12 +296,14 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
|
||||||
/* Queued data will be processed in hostapd_acl_recv_radius()
|
/* Queued data will be processed in hostapd_acl_recv_radius()
|
||||||
* when RADIUS server replies to the sent Access-Request. */
|
* when RADIUS server replies to the sent Access-Request. */
|
||||||
return HOSTAPD_ACL_PENDING;
|
return HOSTAPD_ACL_PENDING;
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
}
|
}
|
||||||
|
|
||||||
return HOSTAPD_ACL_REJECT;
|
return HOSTAPD_ACL_REJECT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
static void hostapd_acl_expire_cache(struct hostapd_data *hapd, time_t now)
|
static void hostapd_acl_expire_cache(struct hostapd_data *hapd, time_t now)
|
||||||
{
|
{
|
||||||
struct hostapd_cached_radius_acl *prev, *entry, *tmp;
|
struct hostapd_cached_radius_acl *prev, *entry, *tmp;
|
||||||
|
@ -472,6 +481,7 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
||||||
|
|
||||||
return RADIUS_RX_PROCESSED;
|
return RADIUS_RX_PROCESSED;
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -481,11 +491,13 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
||||||
*/
|
*/
|
||||||
int hostapd_acl_init(struct hostapd_data *hapd)
|
int hostapd_acl_init(struct hostapd_data *hapd)
|
||||||
{
|
{
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
||||||
hostapd_acl_recv_radius, hapd))
|
hostapd_acl_recv_radius, hapd))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
eloop_register_timeout(10, 0, hostapd_acl_expire, hapd, NULL);
|
eloop_register_timeout(10, 0, hostapd_acl_expire, hapd, NULL);
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -499,9 +511,11 @@ void hostapd_acl_deinit(struct hostapd_data *hapd)
|
||||||
{
|
{
|
||||||
struct hostapd_acl_query_data *query, *prev;
|
struct hostapd_acl_query_data *query, *prev;
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
eloop_cancel_timeout(hostapd_acl_expire, hapd, NULL);
|
eloop_cancel_timeout(hostapd_acl_expire, hapd, NULL);
|
||||||
|
|
||||||
hostapd_acl_cache_free(hapd->acl_cache);
|
hostapd_acl_cache_free(hapd->acl_cache);
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
query = hapd->acl_queries;
|
query = hapd->acl_queries;
|
||||||
while (query) {
|
while (query) {
|
||||||
|
|
|
@ -371,6 +371,7 @@ int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
static void ieee802_1x_learn_identity(struct hostapd_data *hapd,
|
static void ieee802_1x_learn_identity(struct hostapd_data *hapd,
|
||||||
struct eapol_state_machine *sm,
|
struct eapol_state_machine *sm,
|
||||||
const u8 *eap, size_t len)
|
const u8 *eap, size_t len)
|
||||||
|
@ -541,6 +542,7 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
|
||||||
radius_msg_free(msg);
|
radius_msg_free(msg);
|
||||||
os_free(msg);
|
os_free(msg);
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
|
|
||||||
char *eap_type_text(u8 type)
|
char *eap_type_text(u8 type)
|
||||||
|
@ -948,10 +950,12 @@ void ieee802_1x_free_station(struct sta_info *sta)
|
||||||
|
|
||||||
sta->eapol_sm = NULL;
|
sta->eapol_sm = NULL;
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
if (sm->last_recv_radius) {
|
if (sm->last_recv_radius) {
|
||||||
radius_msg_free(sm->last_recv_radius);
|
radius_msg_free(sm->last_recv_radius);
|
||||||
os_free(sm->last_recv_radius);
|
os_free(sm->last_recv_radius);
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
os_free(sm->identity);
|
os_free(sm->identity);
|
||||||
ieee802_1x_free_radius_class(&sm->radius_class);
|
ieee802_1x_free_radius_class(&sm->radius_class);
|
||||||
|
@ -959,6 +963,7 @@ void ieee802_1x_free_station(struct sta_info *sta)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
|
static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
|
||||||
struct sta_info *sta)
|
struct sta_info *sta)
|
||||||
{
|
{
|
||||||
|
@ -1371,6 +1376,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
|
||||||
|
|
||||||
return RADIUS_RX_QUEUED;
|
return RADIUS_RX_QUEUED;
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
|
|
||||||
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
|
@ -1382,11 +1388,13 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
||||||
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
|
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
|
||||||
HOSTAPD_LEVEL_DEBUG, "aborting authentication");
|
HOSTAPD_LEVEL_DEBUG, "aborting authentication");
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
if (sm->last_recv_radius) {
|
if (sm->last_recv_radius) {
|
||||||
radius_msg_free(sm->last_recv_radius);
|
radius_msg_free(sm->last_recv_radius);
|
||||||
os_free(sm->last_recv_radius);
|
os_free(sm->last_recv_radius);
|
||||||
sm->last_recv_radius = NULL;
|
sm->last_recv_radius = NULL;
|
||||||
}
|
}
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
if (sm->eap_if->eapTimeout) {
|
if (sm->eap_if->eapTimeout) {
|
||||||
/*
|
/*
|
||||||
|
@ -1535,10 +1543,12 @@ static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
|
||||||
static void ieee802_1x_aaa_send(void *ctx, void *sta_ctx,
|
static void ieee802_1x_aaa_send(void *ctx, void *sta_ctx,
|
||||||
const u8 *data, size_t datalen)
|
const u8 *data, size_t datalen)
|
||||||
{
|
{
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
struct hostapd_data *hapd = ctx;
|
struct hostapd_data *hapd = ctx;
|
||||||
struct sta_info *sta = sta_ctx;
|
struct sta_info *sta = sta_ctx;
|
||||||
|
|
||||||
ieee802_1x_encapsulate_radius(hapd, sta, data, datalen);
|
ieee802_1x_encapsulate_radius(hapd, sta, data, datalen);
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1698,9 +1708,11 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
||||||
hostapd_set_ieee8021x(hapd->conf->iface, hapd, 1))
|
hostapd_set_ieee8021x(hapd->conf->iface, hapd, 1))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
#ifndef CONFIG_NO_RADIUS
|
||||||
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
||||||
ieee802_1x_receive_auth, hapd))
|
ieee802_1x_receive_auth, hapd))
|
||||||
return -1;
|
return -1;
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
|
|
||||||
if (hapd->conf->default_wep_key_len) {
|
if (hapd->conf->default_wep_key_len) {
|
||||||
hostapd_set_privacy(hapd, 1);
|
hostapd_set_privacy(hapd, 1);
|
||||||
|
|
|
@ -93,6 +93,33 @@ int radius_client_send(struct radius_client_data *radius,
|
||||||
RadiusType msg_type, const u8 *addr);
|
RadiusType msg_type, const u8 *addr);
|
||||||
u8 radius_client_get_id(struct radius_client_data *radius);
|
u8 radius_client_get_id(struct radius_client_data *radius);
|
||||||
|
|
||||||
|
#ifdef CONFIG_NO_RADIUS
|
||||||
|
static inline void radius_client_flush(struct radius_client_data *radius,
|
||||||
|
int only_auth)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline struct radius_client_data *
|
||||||
|
radius_client_init(void *ctx, struct hostapd_radius_servers *conf)
|
||||||
|
{
|
||||||
|
return (void *) -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void radius_client_deinit(struct radius_client_data *radius)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline void radius_client_flush_auth(struct radius_client_data *radius,
|
||||||
|
u8 *addr)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline int radius_client_get_mib(struct radius_client_data *radius,
|
||||||
|
char *buf, size_t buflen)
|
||||||
|
{
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
#else /* CONFIG_NO_RADIUS */
|
||||||
void radius_client_flush(struct radius_client_data *radius, int only_auth);
|
void radius_client_flush(struct radius_client_data *radius, int only_auth);
|
||||||
struct radius_client_data *
|
struct radius_client_data *
|
||||||
radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
|
radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
|
||||||
|
@ -100,6 +127,7 @@ void radius_client_deinit(struct radius_client_data *radius);
|
||||||
void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
|
void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
|
||||||
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
|
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
|
||||||
size_t buflen);
|
size_t buflen);
|
||||||
|
#endif /* CONFIG_NO_RADIUS */
|
||||||
struct radius_client_data *
|
struct radius_client_data *
|
||||||
radius_client_reconfig(struct radius_client_data *old, void *ctx,
|
radius_client_reconfig(struct radius_client_data *old, void *ctx,
|
||||||
struct hostapd_radius_servers *oldconf,
|
struct hostapd_radius_servers *oldconf,
|
||||||
|
|
Loading…
Reference in a new issue