radius_client.h File Reference

RADIUS client. More...

#include "ip_addr.h"

Go to the source code of this file.

Data Structures
struct	hostapd_radius_server
	RADIUS server information for RADIUS client. More...
struct	hostapd_radius_servers
	RADIUS servers for RADIUS client. More...

Enumerations
enum	RadiusType { RADIUS_AUTH, RADIUS_ACCT, RADIUS_ACCT_INTERIM }
	RADIUS server type for RADIUS client. More...
enum	RadiusRxResult { RADIUS_RX_PROCESSED, RADIUS_RX_QUEUED, RADIUS_RX_UNKNOWN, RADIUS_RX_INVALID_AUTHENTICATOR }
	RADIUS client RX handler result. More...

Functions
int	radius_client_register (struct radius_client_data *radius, RadiusType msg_type, RadiusRxResult(*handler)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data), void *data)
	Register a RADIUS client RX handler. More...
int	radius_client_send (struct radius_client_data *radius, struct radius_msg *msg, RadiusType msg_type, const u8 *addr)
	Send a RADIUS request. More...
u8	radius_client_get_id (struct radius_client_data *radius)
	Get an identifier for a new RADIUS message. More...
void	radius_client_flush (struct radius_client_data *radius, int only_auth)
	Flush all pending RADIUS client messages. More...
struct radius_client_data *	radius_client_init (void *ctx, struct hostapd_radius_servers *conf)
	Initialize RADIUS client. More...
void	radius_client_deinit (struct radius_client_data *radius)
	Deinitialize RADIUS client. More...
void	radius_client_flush_auth (struct radius_client_data *radius, const u8 *addr)
	Flush pending RADIUS messages for an address. More...
int	radius_client_get_mib (struct radius_client_data *radius, char *buf, size_t buflen)
	Get RADIUS client MIB information. More...
void	radius_client_reconfig (struct radius_client_data *radius, struct hostapd_radius_servers *conf)

Detailed Description

RADIUS client.

Enumeration Type Documentation

enum RadiusRxResult

RADIUS client RX handler result.

Enumerator
RADIUS_RX_PROCESSED	Message processed. This stops handler calls and frees the message.
RADIUS_RX_QUEUED	Message has been queued. This stops handler calls, but does not free the message; the handler that returned this is responsible for eventually freeing the message.
RADIUS_RX_UNKNOWN	Message is not for this handler.
RADIUS_RX_INVALID_AUTHENTICATOR	Message has invalid Authenticator.

enum RadiusType

RADIUS server type for RADIUS client.

Enumerator
RADIUS_AUTH	RADIUS authentication.
RADIUS_ACCT	RADIUS accounting.
RADIUS_ACCT_INTERIM	RADIUS interim accounting message. Used only with radius_client_send(). This behaves just like RADIUS_ACCT, but removes any pending interim RADIUS Accounting messages for the same STA before sending the new interim update.

Function Documentation

void radius_client_deinit

(

struct radius_client_data *

radius

)

Deinitialize RADIUS client.

Parameters

radius

RADIUS client context from radius_client_init()

void radius_client_flush	(	struct radius_client_data *	radius,
		int	only_auth
	)

Flush all pending RADIUS client messages.

Parameters

radius	RADIUS client context from radius_client_init()
only_auth	Whether only authentication messages are removed

void radius_client_flush_auth	(	struct radius_client_data *	radius,
		const u8 *	addr
	)

Flush pending RADIUS messages for an address.

Parameters

radius	RADIUS client context from radius_client_init()
addr	MAC address of the related device

This function can be used to remove pending RADIUS authentication messages that are related to a specific device. The addr parameter is matched with the one used in radius_client_send() call that was used to transmit the authentication request.

u8 radius_client_get_id

(

struct radius_client_data *

radius

)

Get an identifier for a new RADIUS message.

Parameters

radius

RADIUS client context from radius_client_init()

Returns

Allocated identifier

This function is used to fetch a unique (among pending requests) identifier for a new RADIUS message.

int radius_client_get_mib	(	struct radius_client_data *	radius,
		char *	buf,
		size_t	buflen
	)

Get RADIUS client MIB information.

Parameters

radius	RADIUS client context from radius_client_init()
buf	Buffer for returning MIB data in text format
buflen	Maximum buf length in octets

Returns

Number of octets written into the buffer

struct radius_client_data* radius_client_init	(	void *	ctx,
		struct hostapd_radius_servers *	conf
	)

Initialize RADIUS client.

Parameters

ctx	Callback context to be used in hostapd_logger() calls
conf	RADIUS client configuration (RADIUS servers)

Returns

Pointer to private RADIUS client context or NULL on failure

The caller is responsible for keeping the configuration data available for the lifetime of the RADIUS client, i.e., until radius_client_deinit() is called for the returned context pointer.

int radius_client_register	(	struct radius_client_data *	radius,
		RadiusType	msg_type,
		RadiusRxResult(*)(struct radius_msg *msg, struct radius_msg *req, const u8 *shared_secret, size_t shared_secret_len, void *data)	handler,
		void *	data
	)

Register a RADIUS client RX handler.

Parameters

radius	RADIUS client context from radius_client_init()
msg_type	RADIUS client type (RADIUS_AUTH or RADIUS_ACCT)
handler	Handler for received RADIUS messages
data	Context pointer for handler callbacks

Returns

0 on success, -1 on failure

This function is used to register a handler for processing received RADIUS authentication and accounting messages. The handler() callback function will be called whenever a RADIUS message is received from the active server.

There can be multiple registered RADIUS message handlers. The handlers will be called in order until one of them indicates that it has processed or queued the message.

int radius_client_send	(	struct radius_client_data *	radius,
		struct radius_msg *	msg,
		RadiusType	msg_type,
		const u8 *	addr
	)

Send a RADIUS request.

Parameters

radius	RADIUS client context from radius_client_init()
msg	RADIUS message to be sent
msg_type	Message type (RADIUS_AUTH, RADIUS_ACCT, RADIUS_ACCT_INTERIM)
addr	MAC address of the device related to this message or NULL

Returns

0 on success, -1 on failure

This function is used to transmit a RADIUS authentication (RADIUS_AUTH) or accounting request (RADIUS_ACCT or RADIUS_ACCT_INTERIM). The only difference between accounting and interim accounting messages is that the interim message will override any pending interim accounting updates while a new accounting message does not remove any pending messages.

The message is added on the retransmission queue and will be retransmitted automatically until a response is received or maximum number of retries (RADIUS_CLIENT_MAX_RETRIES) is reached.

The related device MAC address can be used to identify pending messages that can be removed with radius_client_flush_auth() or with interim accounting updates.