wpa_supplicant / hostapd
2.5
|
RADIUS client. More...
#include "includes.h"
#include "common.h"
#include "radius.h"
#include "radius_client.h"
#include "eloop.h"
Data Structures | |
struct | radius_rx_handler |
RADIUS client RX handler. More... | |
struct | radius_msg_list |
RADIUS client message retransmit list. More... | |
struct | radius_client_data |
Internal RADIUS client data. More... | |
Macros | |
#define | RADIUS_CLIENT_FIRST_WAIT 3 |
RADIUS client timeout for first retry in seconds. | |
#define | RADIUS_CLIENT_MAX_WAIT 120 |
RADIUS client maximum retry timeout in seconds. | |
#define | RADIUS_CLIENT_MAX_RETRIES 10 |
RADIUS client maximum retries. More... | |
#define | RADIUS_CLIENT_MAX_ENTRIES 30 |
RADIUS client maximum pending messages. More... | |
#define | RADIUS_CLIENT_NUM_FAILOVER 4 |
RADIUS client failover point. More... | |
Functions | |
int | radius_client_register (struct radius_client_data *radius, RadiusType msg_type, RadiusRxResult(*handler)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data), void *data) |
Register a RADIUS client RX handler. More... | |
int | radius_client_send (struct radius_client_data *radius, struct radius_msg *msg, RadiusType msg_type, const u8 *addr) |
Send a RADIUS request. More... | |
u8 | radius_client_get_id (struct radius_client_data *radius) |
Get an identifier for a new RADIUS message. More... | |
void | radius_client_flush (struct radius_client_data *radius, int only_auth) |
Flush all pending RADIUS client messages. More... | |
struct radius_client_data * | radius_client_init (void *ctx, struct hostapd_radius_servers *conf) |
Initialize RADIUS client. More... | |
void | radius_client_deinit (struct radius_client_data *radius) |
Deinitialize RADIUS client. More... | |
void | radius_client_flush_auth (struct radius_client_data *radius, const u8 *addr) |
Flush pending RADIUS messages for an address. More... | |
int | radius_client_get_mib (struct radius_client_data *radius, char *buf, size_t buflen) |
Get RADIUS client MIB information. More... | |
void | radius_client_reconfig (struct radius_client_data *radius, struct hostapd_radius_servers *conf) |
RADIUS client.
#define RADIUS_CLIENT_MAX_ENTRIES 30 |
RADIUS client maximum pending messages.
Maximum number of entries in retransmit list (oldest entries will be removed, if this limit is exceeded).
#define RADIUS_CLIENT_MAX_RETRIES 10 |
RADIUS client maximum retries.
Maximum number of retransmit attempts before the entry is removed from retransmit list.
#define RADIUS_CLIENT_NUM_FAILOVER 4 |
RADIUS client failover point.
The number of failed retry attempts after which the RADIUS server will be changed (if one of more backup servers are configured).
void radius_client_deinit | ( | struct radius_client_data * | radius | ) |
Deinitialize RADIUS client.
radius | RADIUS client context from radius_client_init() |
void radius_client_flush | ( | struct radius_client_data * | radius, |
int | only_auth | ||
) |
Flush all pending RADIUS client messages.
radius | RADIUS client context from radius_client_init() |
only_auth | Whether only authentication messages are removed |
void radius_client_flush_auth | ( | struct radius_client_data * | radius, |
const u8 * | addr | ||
) |
Flush pending RADIUS messages for an address.
radius | RADIUS client context from radius_client_init() |
addr | MAC address of the related device |
This function can be used to remove pending RADIUS authentication messages that are related to a specific device. The addr parameter is matched with the one used in radius_client_send() call that was used to transmit the authentication request.
u8 radius_client_get_id | ( | struct radius_client_data * | radius | ) |
Get an identifier for a new RADIUS message.
radius | RADIUS client context from radius_client_init() |
This function is used to fetch a unique (among pending requests) identifier for a new RADIUS message.
int radius_client_get_mib | ( | struct radius_client_data * | radius, |
char * | buf, | ||
size_t | buflen | ||
) |
Get RADIUS client MIB information.
radius | RADIUS client context from radius_client_init() |
buf | Buffer for returning MIB data in text format |
buflen | Maximum buf length in octets |
struct radius_client_data* radius_client_init | ( | void * | ctx, |
struct hostapd_radius_servers * | conf | ||
) |
Initialize RADIUS client.
ctx | Callback context to be used in hostapd_logger() calls |
conf | RADIUS client configuration (RADIUS servers) |
The caller is responsible for keeping the configuration data available for the lifetime of the RADIUS client, i.e., until radius_client_deinit() is called for the returned context pointer.
int radius_client_register | ( | struct radius_client_data * | radius, |
RadiusType | msg_type, | ||
RadiusRxResult(*)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data) | handler, | ||
void * | data | ||
) |
Register a RADIUS client RX handler.
radius | RADIUS client context from radius_client_init() |
msg_type | RADIUS client type (RADIUS_AUTH or RADIUS_ACCT) |
handler | Handler for received RADIUS messages |
data | Context pointer for handler callbacks |
This function is used to register a handler for processing received RADIUS authentication and accounting messages. The handler() callback function will be called whenever a RADIUS message is received from the active server.
There can be multiple registered RADIUS message handlers. The handlers will be called in order until one of them indicates that it has processed or queued the message.
int radius_client_send | ( | struct radius_client_data * | radius, |
struct radius_msg * | msg, | ||
RadiusType | msg_type, | ||
const u8 * | addr | ||
) |
Send a RADIUS request.
radius | RADIUS client context from radius_client_init() |
msg | RADIUS message to be sent |
msg_type | Message type (RADIUS_AUTH, RADIUS_ACCT, RADIUS_ACCT_INTERIM) |
addr | MAC address of the device related to this message or NULL |
This function is used to transmit a RADIUS authentication (RADIUS_AUTH) or accounting request (RADIUS_ACCT or RADIUS_ACCT_INTERIM). The only difference between accounting and interim accounting messages is that the interim message will override any pending interim accounting updates while a new accounting message does not remove any pending messages.
The message is added on the retransmission queue and will be retransmitted automatically until a response is received or maximum number of retries (RADIUS_CLIENT_MAX_RETRIES) is reached.
The related device MAC address can be used to identify pending messages that can be removed with radius_client_flush_auth() or with interim accounting updates.