wpa_supplicant / hostapd  2.5
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
Data Structures | Macros | Functions
radius_client.c File Reference

RADIUS client. More...

#include "includes.h"
#include "common.h"
#include "radius.h"
#include "radius_client.h"
#include "eloop.h"

Data Structures

struct  radius_rx_handler
 RADIUS client RX handler. More...
 
struct  radius_msg_list
 RADIUS client message retransmit list. More...
 
struct  radius_client_data
 Internal RADIUS client data. More...
 

Macros

#define RADIUS_CLIENT_FIRST_WAIT   3
 RADIUS client timeout for first retry in seconds.
 
#define RADIUS_CLIENT_MAX_WAIT   120
 RADIUS client maximum retry timeout in seconds.
 
#define RADIUS_CLIENT_MAX_RETRIES   10
 RADIUS client maximum retries. More...
 
#define RADIUS_CLIENT_MAX_ENTRIES   30
 RADIUS client maximum pending messages. More...
 
#define RADIUS_CLIENT_NUM_FAILOVER   4
 RADIUS client failover point. More...
 

Functions

int radius_client_register (struct radius_client_data *radius, RadiusType msg_type, RadiusRxResult(*handler)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data), void *data)
 Register a RADIUS client RX handler. More...
 
int radius_client_send (struct radius_client_data *radius, struct radius_msg *msg, RadiusType msg_type, const u8 *addr)
 Send a RADIUS request. More...
 
u8 radius_client_get_id (struct radius_client_data *radius)
 Get an identifier for a new RADIUS message. More...
 
void radius_client_flush (struct radius_client_data *radius, int only_auth)
 Flush all pending RADIUS client messages. More...
 
struct radius_client_dataradius_client_init (void *ctx, struct hostapd_radius_servers *conf)
 Initialize RADIUS client. More...
 
void radius_client_deinit (struct radius_client_data *radius)
 Deinitialize RADIUS client. More...
 
void radius_client_flush_auth (struct radius_client_data *radius, const u8 *addr)
 Flush pending RADIUS messages for an address. More...
 
int radius_client_get_mib (struct radius_client_data *radius, char *buf, size_t buflen)
 Get RADIUS client MIB information. More...
 
void radius_client_reconfig (struct radius_client_data *radius, struct hostapd_radius_servers *conf)
 

Detailed Description

RADIUS client.

Macro Definition Documentation

#define RADIUS_CLIENT_MAX_ENTRIES   30

RADIUS client maximum pending messages.

Maximum number of entries in retransmit list (oldest entries will be removed, if this limit is exceeded).

#define RADIUS_CLIENT_MAX_RETRIES   10

RADIUS client maximum retries.

Maximum number of retransmit attempts before the entry is removed from retransmit list.

#define RADIUS_CLIENT_NUM_FAILOVER   4

RADIUS client failover point.

The number of failed retry attempts after which the RADIUS server will be changed (if one of more backup servers are configured).

Function Documentation

void radius_client_deinit ( struct radius_client_data radius)

Deinitialize RADIUS client.

Parameters
radiusRADIUS client context from radius_client_init()
void radius_client_flush ( struct radius_client_data radius,
int  only_auth 
)

Flush all pending RADIUS client messages.

Parameters
radiusRADIUS client context from radius_client_init()
only_authWhether only authentication messages are removed
void radius_client_flush_auth ( struct radius_client_data radius,
const u8 *  addr 
)

Flush pending RADIUS messages for an address.

Parameters
radiusRADIUS client context from radius_client_init()
addrMAC address of the related device

This function can be used to remove pending RADIUS authentication messages that are related to a specific device. The addr parameter is matched with the one used in radius_client_send() call that was used to transmit the authentication request.

u8 radius_client_get_id ( struct radius_client_data radius)

Get an identifier for a new RADIUS message.

Parameters
radiusRADIUS client context from radius_client_init()
Returns
Allocated identifier

This function is used to fetch a unique (among pending requests) identifier for a new RADIUS message.

int radius_client_get_mib ( struct radius_client_data radius,
char *  buf,
size_t  buflen 
)

Get RADIUS client MIB information.

Parameters
radiusRADIUS client context from radius_client_init()
bufBuffer for returning MIB data in text format
buflenMaximum buf length in octets
Returns
Number of octets written into the buffer
struct radius_client_data* radius_client_init ( void *  ctx,
struct hostapd_radius_servers conf 
)

Initialize RADIUS client.

Parameters
ctxCallback context to be used in hostapd_logger() calls
confRADIUS client configuration (RADIUS servers)
Returns
Pointer to private RADIUS client context or NULL on failure

The caller is responsible for keeping the configuration data available for the lifetime of the RADIUS client, i.e., until radius_client_deinit() is called for the returned context pointer.

int radius_client_register ( struct radius_client_data radius,
RadiusType  msg_type,
RadiusRxResult(*)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data)  handler,
void *  data 
)

Register a RADIUS client RX handler.

Parameters
radiusRADIUS client context from radius_client_init()
msg_typeRADIUS client type (RADIUS_AUTH or RADIUS_ACCT)
handlerHandler for received RADIUS messages
dataContext pointer for handler callbacks
Returns
0 on success, -1 on failure

This function is used to register a handler for processing received RADIUS authentication and accounting messages. The handler() callback function will be called whenever a RADIUS message is received from the active server.

There can be multiple registered RADIUS message handlers. The handlers will be called in order until one of them indicates that it has processed or queued the message.

int radius_client_send ( struct radius_client_data radius,
struct radius_msg msg,
RadiusType  msg_type,
const u8 *  addr 
)

Send a RADIUS request.

Parameters
radiusRADIUS client context from radius_client_init()
msgRADIUS message to be sent
msg_typeMessage type (RADIUS_AUTH, RADIUS_ACCT, RADIUS_ACCT_INTERIM)
addrMAC address of the device related to this message or NULL
Returns
0 on success, -1 on failure

This function is used to transmit a RADIUS authentication (RADIUS_AUTH) or accounting request (RADIUS_ACCT or RADIUS_ACCT_INTERIM). The only difference between accounting and interim accounting messages is that the interim message will override any pending interim accounting updates while a new accounting message does not remove any pending messages.

The message is added on the retransmission queue and will be retransmitted automatically until a response is received or maximum number of retries (RADIUS_CLIENT_MAX_RETRIES) is reached.

The related device MAC address can be used to identify pending messages that can be removed with radius_client_flush_auth() or with interim accounting updates.