path: root/hostapd/hostapd.radius_clients
diff options
authorJouni Malinen <j@w1.fi>2005-01-02 21:31:44 (GMT)
committerJouni Malinen <j@w1.fi>2005-01-02 21:31:44 (GMT)
commitdab671aa678529a6678fd7b5cf769b8603e51a37 (patch)
treed1ffb6b4203034a09ec8fe4208b90c01436b0bcc /hostapd/hostapd.radius_clients
parentdc88fa4e8e0371291f617ec30a0160378ddd6732 (diff)
Added support for using hostapd as a RADIUS authentication server
with the integrated EAP authenticator taking care of EAP authentication (new hostapd.conf options: radius_server_clients and radius_server_auth_port). CONFIG_RADIUS_SERVER=y in .config can be used to select whether RADIUS authentication server support is build in or not. RADIUS authentication server shares the same EAP authenticator as the integrated one. This means that also the EAP user configuration is shared. EAP state machine has not couple of additional changes from the "EAP Backend Authenticator State Machine" of draft-ietf-eap-statemachine-05.pdf, in addition to the "Standalone Authenticator State Machine". EAP methods use a new initPickUp() function if they support picking up of an already started authentication session. At the momemnt, only EAP-Identity includes support for this, i.e., NAS sends EAP-Request/Identity and AS picks up the session and starts processing from EAP-Response/Identity. Couple of fixes for error handling in radius.c (potential busy loop when parsing RADIUS messages and possible NULL pointer dereference in adding Message-Authenticator).
Diffstat (limited to 'hostapd/hostapd.radius_clients')
1 files changed, 4 insertions, 0 deletions
diff --git a/hostapd/hostapd.radius_clients b/hostapd/hostapd.radius_clients
new file mode 100644
index 0000000..3980427
--- /dev/null
+++ b/hostapd/hostapd.radius_clients
@@ -0,0 +1,4 @@
+# RADIUS client configuration for the RADIUS server
+ secret passphrase
+ another very secret passphrase
+ radius