summaryrefslogtreecommitdiffstats
path: root/contrib/hostapd/radius_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/hostapd/radius_client.c')
-rw-r--r--contrib/hostapd/radius_client.c375
1 files changed, 237 insertions, 138 deletions
diff --git a/contrib/hostapd/radius_client.c b/contrib/hostapd/radius_client.c
index dc69ca9..abc28bd 100644
--- a/contrib/hostapd/radius_client.c
+++ b/contrib/hostapd/radius_client.c
@@ -16,14 +16,16 @@
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
-#include <netinet/in.h>
#include <string.h>
#include <time.h>
#include <sys/types.h>
#include <sys/time.h>
+#include <errno.h>
+#ifndef CONFIG_NATIVE_WINDOWS
+#include <netinet/in.h>
#include <sys/socket.h>
#include <arpa/inet.h>
-#include <errno.h>
+#endif /* CONFIG_NATIVE_WINDOWS */
#include "hostapd.h"
#include "radius.h"
@@ -74,10 +76,15 @@ struct radius_msg_list {
struct radius_client_data {
- struct hostapd_data *hapd;
+ void *ctx;
+ struct hostapd_radius_servers *conf;
int auth_serv_sock; /* socket for authentication RADIUS messages */
int acct_serv_sock; /* socket for accounting RADIUS messages */
+ int auth_serv_sock6;
+ int acct_serv_sock6;
+ int auth_sock; /* currently used socket */
+ int acct_sock; /* currently used socket */
struct radius_rx_handler *auth_handlers;
size_t num_auth_handlers;
@@ -95,7 +102,7 @@ static int
radius_change_server(struct radius_client_data *radius,
struct hostapd_radius_server *nserv,
struct hostapd_radius_server *oserv,
- int sock, int auth);
+ int sock, int sock6, int auth);
static int radius_client_init_acct(struct radius_client_data *radius);
static int radius_client_init_auth(struct radius_client_data *radius);
@@ -146,11 +153,11 @@ int radius_client_register(struct radius_client_data *radius,
static void radius_client_handle_send_error(struct radius_client_data *radius,
int s, RadiusType msg_type)
{
- struct hostapd_data *hapd = radius->hapd;
+#ifndef CONFIG_NATIVE_WINDOWS
int _errno = errno;
perror("send[RADIUS]");
if (_errno == ENOTCONN || _errno == EDESTADDRREQ || _errno == EINVAL) {
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS,
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_INFO,
"Send failed - maybe interface status changed -"
" try to connect again");
@@ -161,38 +168,40 @@ static void radius_client_handle_send_error(struct radius_client_data *radius,
else
radius_client_init_auth(radius);
}
+#endif /* CONFIG_NATIVE_WINDOWS */
}
static int radius_client_retransmit(struct radius_client_data *radius,
struct radius_msg_list *entry, time_t now)
{
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
int s;
if (entry->msg_type == RADIUS_ACCT ||
entry->msg_type == RADIUS_ACCT_INTERIM) {
- s = radius->acct_serv_sock;
+ s = radius->acct_sock;
if (entry->attempts == 0)
- hapd->conf->acct_server->requests++;
+ conf->acct_server->requests++;
else {
- hapd->conf->acct_server->timeouts++;
- hapd->conf->acct_server->retransmissions++;
+ conf->acct_server->timeouts++;
+ conf->acct_server->retransmissions++;
}
} else {
- s = radius->auth_serv_sock;
+ s = radius->auth_sock;
if (entry->attempts == 0)
- hapd->conf->auth_server->requests++;
+ conf->auth_server->requests++;
else {
- hapd->conf->auth_server->timeouts++;
- hapd->conf->auth_server->retransmissions++;
+ conf->auth_server->timeouts++;
+ conf->auth_server->retransmissions++;
}
}
/* retransmit; remove entry if too many attempts */
entry->attempts++;
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "Resending RADIUS message (id=%d)"
- "\n", entry->msg->hdr->identifier);
+ hostapd_logger(radius->ctx, entry->addr, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Resending RADIUS message (id=%d)",
+ entry->msg->hdr->identifier);
gettimeofday(&entry->last_attempt, NULL);
if (send(s, entry->msg->buf, entry->msg->buf_used, 0) < 0)
@@ -215,10 +224,11 @@ static int radius_client_retransmit(struct radius_client_data *radius,
static void radius_client_timer(void *eloop_ctx, void *timeout_ctx)
{
struct radius_client_data *radius = eloop_ctx;
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
time_t now, first;
struct radius_msg_list *entry, *prev, *tmp;
int auth_failover = 0, acct_failover = 0;
+ char abuf[50];
entry = radius->msgs;
if (!entry)
@@ -263,20 +273,21 @@ static void radius_client_timer(void *eloop_ctx, void *timeout_ctx)
first = now;
eloop_register_timeout(first - now, 0,
radius_client_timer, radius, NULL);
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "Next RADIUS client "
- "retransmit in %ld seconds\n",
- (long int) (first - now));
-
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Next RADIUS client "
+ "retransmit in %ld seconds",
+ (long int) (first - now));
}
- if (auth_failover && hapd->conf->num_auth_servers > 1) {
+ if (auth_failover && conf->num_auth_servers > 1) {
struct hostapd_radius_server *next, *old;
- old = hapd->conf->auth_server;
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS,
+ old = conf->auth_server;
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_NOTICE,
"No response from Authentication server "
"%s:%d - failover",
- inet_ntoa(old->addr), old->port);
+ hostapd_ip_txt(&old->addr, abuf, sizeof(abuf)),
+ old->port);
for (entry = radius->msgs; entry; entry = entry->next) {
if (entry->msg_type == RADIUS_AUTH)
@@ -284,22 +295,23 @@ static void radius_client_timer(void *eloop_ctx, void *timeout_ctx)
}
next = old + 1;
- if (next > &(hapd->conf->auth_servers
- [hapd->conf->num_auth_servers - 1]))
- next = hapd->conf->auth_servers;
- hapd->conf->auth_server = next;
+ if (next > &(conf->auth_servers[conf->num_auth_servers - 1]))
+ next = conf->auth_servers;
+ conf->auth_server = next;
radius_change_server(radius, next, old,
- radius->auth_serv_sock, 1);
+ radius->auth_serv_sock,
+ radius->auth_serv_sock6, 1);
}
- if (acct_failover && hapd->conf->num_acct_servers > 1) {
+ if (acct_failover && conf->num_acct_servers > 1) {
struct hostapd_radius_server *next, *old;
- old = hapd->conf->acct_server;
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS,
+ old = conf->acct_server;
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_NOTICE,
"No response from Accounting server "
"%s:%d - failover",
- inet_ntoa(old->addr), old->port);
+ hostapd_ip_txt(&old->addr, abuf, sizeof(abuf)),
+ old->port);
for (entry = radius->msgs; entry; entry = entry->next) {
if (entry->msg_type == RADIUS_ACCT ||
@@ -308,19 +320,18 @@ static void radius_client_timer(void *eloop_ctx, void *timeout_ctx)
}
next = old + 1;
- if (next > &hapd->conf->acct_servers
- [hapd->conf->num_acct_servers - 1])
- next = hapd->conf->acct_servers;
- hapd->conf->acct_server = next;
+ if (next > &conf->acct_servers[conf->num_acct_servers - 1])
+ next = conf->acct_servers;
+ conf->acct_server = next;
radius_change_server(radius, next, old,
- radius->acct_serv_sock, 0);
+ radius->acct_serv_sock,
+ radius->acct_serv_sock6, 0);
}
}
static void radius_client_update_timeout(struct radius_client_data *radius)
{
- struct hostapd_data *hapd = radius->hapd;
time_t now, first;
struct radius_msg_list *entry;
@@ -341,8 +352,9 @@ static void radius_client_update_timeout(struct radius_client_data *radius)
first = now;
eloop_register_timeout(first - now, 0, radius_client_timer, radius,
NULL);
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "Next RADIUS client retransmit in"
- " %ld seconds\n", (long int) (first - now));
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Next RADIUS client retransmit in"
+ " %ld seconds\n", (long int) (first - now));
}
@@ -405,7 +417,6 @@ static void radius_client_list_add(struct radius_client_data *radius,
static void radius_client_list_del(struct radius_client_data *radius,
RadiusType msg_type, u8 *addr)
{
- struct hostapd_data *hapd = radius->hapd;
struct radius_msg_list *entry, *prev, *tmp;
if (addr == NULL)
@@ -422,9 +433,10 @@ static void radius_client_list_del(struct radius_client_data *radius,
radius->msgs = entry->next;
tmp = entry;
entry = entry->next;
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "Removing matching RADIUS message for "
- MACSTR "\n", MAC2STR(addr));
+ hostapd_logger(radius->ctx, addr,
+ HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG,
+ "Removing matching RADIUS message");
radius_client_msg_free(tmp);
radius->num_msgs--;
continue;
@@ -438,7 +450,7 @@ static void radius_client_list_del(struct radius_client_data *radius,
int radius_client_send(struct radius_client_data *radius,
struct radius_msg *msg, RadiusType msg_type, u8 *addr)
{
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
u8 *shared_secret;
size_t shared_secret_len;
char *name;
@@ -450,24 +462,25 @@ int radius_client_send(struct radius_client_data *radius,
}
if (msg_type == RADIUS_ACCT || msg_type == RADIUS_ACCT_INTERIM) {
- shared_secret = hapd->conf->acct_server->shared_secret;
- shared_secret_len = hapd->conf->acct_server->shared_secret_len;
+ shared_secret = conf->acct_server->shared_secret;
+ shared_secret_len = conf->acct_server->shared_secret_len;
radius_msg_finish_acct(msg, shared_secret, shared_secret_len);
name = "accounting";
- s = radius->acct_serv_sock;
- hapd->conf->acct_server->requests++;
+ s = radius->acct_sock;
+ conf->acct_server->requests++;
} else {
- shared_secret = hapd->conf->auth_server->shared_secret;
- shared_secret_len = hapd->conf->auth_server->shared_secret_len;
+ shared_secret = conf->auth_server->shared_secret;
+ shared_secret_len = conf->auth_server->shared_secret_len;
radius_msg_finish(msg, shared_secret, shared_secret_len);
name = "authentication";
- s = radius->auth_serv_sock;
- hapd->conf->auth_server->requests++;
+ s = radius->auth_sock;
+ conf->auth_server->requests++;
}
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "Sending RADIUS message to %s server\n", name);
- if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MSGDUMPS))
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Sending RADIUS message to %s "
+ "server", name);
+ if (conf->msg_dumps)
radius_msg_dump(msg);
res = send(s, msg->buf, msg->buf_used, 0);
@@ -484,7 +497,7 @@ int radius_client_send(struct radius_client_data *radius,
static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
{
struct radius_client_data *radius = eloop_ctx;
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
RadiusType msg_type = (RadiusType) sock_ctx;
int len, i, roundtrip;
unsigned char buf[3000];
@@ -499,11 +512,11 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
if (msg_type == RADIUS_ACCT) {
handlers = radius->acct_handlers;
num_handlers = radius->num_acct_handlers;
- rconf = hapd->conf->acct_server;
+ rconf = conf->acct_server;
} else {
handlers = radius->auth_handlers;
num_handlers = radius->num_auth_handlers;
- rconf = hapd->conf->auth_server;
+ rconf = conf->auth_server;
}
len = recv(sock, buf, sizeof(buf), MSG_DONTWAIT);
@@ -511,8 +524,9 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
perror("recv[RADIUS]");
return;
}
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "Received %d bytes from RADIUS server\n", len);
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Received %d bytes from RADIUS "
+ "server", len);
if (len == sizeof(buf)) {
printf("Possibly too long UDP frame for our buffer - "
"dropping it\n");
@@ -526,9 +540,9 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
return;
}
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "Received RADIUS message\n");
- if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MSGDUMPS))
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG, "Received RADIUS message");
+ if (conf->msg_dumps)
radius_msg_dump(msg);
switch (msg->hdr->code) {
@@ -562,19 +576,22 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
}
if (req == NULL) {
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "No matching RADIUS request found (type=%d "
- "id=%d) - dropping packet\n",
- msg_type, msg->hdr->identifier);
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG,
+ "No matching RADIUS request found (type=%d "
+ "id=%d) - dropping packet",
+ msg_type, msg->hdr->identifier);
goto fail;
}
gettimeofday(&tv, NULL);
roundtrip = (tv.tv_sec - req->last_attempt.tv_sec) * 100 +
(tv.tv_usec - req->last_attempt.tv_usec) / 10000;
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "Received RADIUS packet matched "
- "with a pending request, round trip time %d.%02d sec\n",
- roundtrip / 100, roundtrip % 100);
+ hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG,
+ "Received RADIUS packet matched with a pending "
+ "request, round trip time %d.%02d sec",
+ roundtrip / 100, roundtrip % 100);
rconf->round_trip_time = roundtrip;
/* Remove ACKed RADIUS packet from retransmit list */
@@ -610,7 +627,7 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
rconf->bad_authenticators++;
else
rconf->unknown_types++;
- hostapd_logger(hapd, req->addr, HOSTAPD_MODULE_RADIUS,
+ hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG, "No RADIUS RX handler found "
"(type=%d code=%d id=%d)%s - dropping packet",
msg_type, msg->hdr->code, msg->hdr->identifier,
@@ -626,7 +643,6 @@ static void radius_client_receive(int sock, void *eloop_ctx, void *sock_ctx)
u8 radius_client_get_id(struct radius_client_data *radius)
{
- struct hostapd_data *hapd = radius->hapd;
struct radius_msg_list *entry, *prev, *remove;
u8 id = radius->next_radius_identifier++;
@@ -636,9 +652,11 @@ u8 radius_client_get_id(struct radius_client_data *radius)
prev = NULL;
while (entry) {
if (entry->msg->hdr->identifier == id) {
- HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
- "Removing pending RADIUS message, since "
- "its id (%d) is reused\n", id);
+ hostapd_logger(radius->ctx, entry->addr,
+ HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_DEBUG,
+ "Removing pending RADIUS message, "
+ "since its id (%d) is reused", id);
if (prev)
prev->next = entry->next;
else
@@ -681,15 +699,23 @@ static int
radius_change_server(struct radius_client_data *radius,
struct hostapd_radius_server *nserv,
struct hostapd_radius_server *oserv,
- int sock, int auth)
+ int sock, int sock6, int auth)
{
- struct hostapd_data *hapd = radius->hapd;
struct sockaddr_in serv;
-
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_INFO,
+#ifdef CONFIG_IPV6
+ struct sockaddr_in6 serv6;
+#endif /* CONFIG_IPV6 */
+ struct sockaddr *addr;
+ socklen_t addrlen;
+ char abuf[50];
+ int sel_sock;
+
+ hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_INFO,
"%s server %s:%d",
auth ? "Authentication" : "Accounting",
- inet_ntoa(nserv->addr), nserv->port);
+ hostapd_ip_txt(&nserv->addr, abuf, sizeof(abuf)),
+ nserv->port);
if (!oserv || nserv->shared_secret_len != oserv->shared_secret_len ||
memcmp(nserv->shared_secret, oserv->shared_secret,
@@ -720,16 +746,42 @@ radius_change_server(struct radius_client_data *radius,
}
}
- memset(&serv, 0, sizeof(serv));
- serv.sin_family = AF_INET;
- serv.sin_addr.s_addr = nserv->addr.s_addr;
- serv.sin_port = htons(nserv->port);
+ switch (nserv->addr.af) {
+ case AF_INET:
+ memset(&serv, 0, sizeof(serv));
+ serv.sin_family = AF_INET;
+ serv.sin_addr.s_addr = nserv->addr.u.v4.s_addr;
+ serv.sin_port = htons(nserv->port);
+ addr = (struct sockaddr *) &serv;
+ addrlen = sizeof(serv);
+ sel_sock = sock;
+ break;
+#ifdef CONFIG_IPV6
+ case AF_INET6:
+ memset(&serv6, 0, sizeof(serv6));
+ serv6.sin6_family = AF_INET6;
+ memcpy(&serv6.sin6_addr, &nserv->addr.u.v6,
+ sizeof(struct in6_addr));
+ serv6.sin6_port = htons(nserv->port);
+ addr = (struct sockaddr *) &serv6;
+ addrlen = sizeof(serv6);
+ sel_sock = sock6;
+ break;
+#endif /* CONFIG_IPV6 */
+ default:
+ return -1;
+ }
- if (connect(sock, (struct sockaddr *) &serv, sizeof(serv)) < 0) {
+ if (connect(sel_sock, addr, addrlen) < 0) {
perror("connect[radius]");
return -1;
}
+ if (auth)
+ radius->auth_sock = sel_sock;
+ else
+ radius->acct_sock = sel_sock;
+
return 0;
}
@@ -737,28 +789,29 @@ radius_change_server(struct radius_client_data *radius,
static void radius_retry_primary_timer(void *eloop_ctx, void *timeout_ctx)
{
struct radius_client_data *radius = eloop_ctx;
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
struct hostapd_radius_server *oserv;
- if (radius->auth_serv_sock >= 0 && hapd->conf->auth_servers &&
- hapd->conf->auth_server != hapd->conf->auth_servers) {
- oserv = hapd->conf->auth_server;
- hapd->conf->auth_server = hapd->conf->auth_servers;
- radius_change_server(radius, hapd->conf->auth_server, oserv,
- radius->auth_serv_sock, 1);
+ if (radius->auth_sock >= 0 && conf->auth_servers &&
+ conf->auth_server != conf->auth_servers) {
+ oserv = conf->auth_server;
+ conf->auth_server = conf->auth_servers;
+ radius_change_server(radius, conf->auth_server, oserv,
+ radius->auth_serv_sock,
+ radius->auth_serv_sock6, 1);
}
- if (radius->acct_serv_sock >= 0 && hapd->conf->acct_servers &&
- hapd->conf->acct_server != hapd->conf->acct_servers) {
- oserv = hapd->conf->acct_server;
- hapd->conf->acct_server = hapd->conf->acct_servers;
- radius_change_server(radius, hapd->conf->acct_server, oserv,
- radius->acct_serv_sock, 0);
+ if (radius->acct_sock >= 0 && conf->acct_servers &&
+ conf->acct_server != conf->acct_servers) {
+ oserv = conf->acct_server;
+ conf->acct_server = conf->acct_servers;
+ radius_change_server(radius, conf->acct_server, oserv,
+ radius->acct_serv_sock,
+ radius->acct_serv_sock6, 0);
}
- if (hapd->conf->radius_retry_primary_interval)
- eloop_register_timeout(hapd->conf->
- radius_retry_primary_interval, 0,
+ if (conf->retry_primary_interval)
+ eloop_register_timeout(conf->retry_primary_interval, 0,
radius_retry_primary_timer, radius,
NULL);
}
@@ -766,23 +819,49 @@ static void radius_retry_primary_timer(void *eloop_ctx, void *timeout_ctx)
static int radius_client_init_auth(struct radius_client_data *radius)
{
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
+ int ok = 0;
+
radius->auth_serv_sock = socket(PF_INET, SOCK_DGRAM, 0);
- if (radius->auth_serv_sock < 0) {
+ if (radius->auth_serv_sock < 0)
perror("socket[PF_INET,SOCK_DGRAM]");
+ else
+ ok++;
+
+#ifdef CONFIG_IPV6
+ radius->auth_serv_sock6 = socket(PF_INET6, SOCK_DGRAM, 0);
+ if (radius->auth_serv_sock6 < 0)
+ perror("socket[PF_INET6,SOCK_DGRAM]");
+ else
+ ok++;
+#endif /* CONFIG_IPV6 */
+
+ if (ok == 0)
return -1;
- }
- radius_change_server(radius, hapd->conf->auth_server, NULL,
- radius->auth_serv_sock, 1);
+ radius_change_server(radius, conf->auth_server, NULL,
+ radius->auth_serv_sock, radius->auth_serv_sock6,
+ 1);
+
+ if (radius->auth_serv_sock >= 0 &&
+ eloop_register_read_sock(radius->auth_serv_sock,
+ radius_client_receive, radius,
+ (void *) RADIUS_AUTH)) {
+ printf("Could not register read socket for authentication "
+ "server\n");
+ return -1;
+ }
- if (eloop_register_read_sock(radius->auth_serv_sock,
+#ifdef CONFIG_IPV6
+ if (radius->auth_serv_sock6 >= 0 &&
+ eloop_register_read_sock(radius->auth_serv_sock6,
radius_client_receive, radius,
(void *) RADIUS_AUTH)) {
printf("Could not register read socket for authentication "
"server\n");
return -1;
}
+#endif /* CONFIG_IPV6 */
return 0;
}
@@ -790,29 +869,45 @@ static int radius_client_init_auth(struct radius_client_data *radius)
static int radius_client_init_acct(struct radius_client_data *radius)
{
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
+ int ok = 0;
+
radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0);
- if (radius->acct_serv_sock < 0) {
+ if (radius->acct_serv_sock < 0)
perror("socket[PF_INET,SOCK_DGRAM]");
+ else
+ ok++;
+
+ radius_change_server(radius, conf->acct_server, NULL,
+ radius->acct_serv_sock, radius->acct_serv_sock6,
+ 0);
+
+ if (radius->acct_serv_sock >= 0 &&
+ eloop_register_read_sock(radius->acct_serv_sock,
+ radius_client_receive, radius,
+ (void *) RADIUS_ACCT)) {
+ printf("Could not register read socket for accounting "
+ "server\n");
return -1;
}
- radius_change_server(radius, hapd->conf->acct_server, NULL,
- radius->acct_serv_sock, 0);
-
- if (eloop_register_read_sock(radius->acct_serv_sock,
+#ifdef CONFIG_IPV6
+ if (radius->acct_serv_sock6 >= 0 &&
+ eloop_register_read_sock(radius->acct_serv_sock6,
radius_client_receive, radius,
(void *) RADIUS_ACCT)) {
printf("Could not register read socket for accounting "
"server\n");
return -1;
}
+#endif /* CONFIG_IPV6 */
return 0;
}
-struct radius_client_data * radius_client_init(struct hostapd_data *hapd)
+struct radius_client_data *
+radius_client_init(void *ctx, struct hostapd_radius_servers *conf)
{
struct radius_client_data *radius;
@@ -821,22 +916,24 @@ struct radius_client_data * radius_client_init(struct hostapd_data *hapd)
return NULL;
memset(radius, 0, sizeof(struct radius_client_data));
- radius->hapd = hapd;
- radius->auth_serv_sock = radius->acct_serv_sock = -1;
+ radius->ctx = ctx;
+ radius->conf = conf;
+ radius->auth_serv_sock = radius->acct_serv_sock =
+ radius->auth_serv_sock6 = radius->acct_serv_sock6 =
+ radius->auth_sock = radius->acct_sock = -1;
- if (hapd->conf->auth_server && radius_client_init_auth(radius)) {
+ if (conf->auth_server && radius_client_init_auth(radius)) {
radius_client_deinit(radius);
return NULL;
}
- if (hapd->conf->acct_server && radius_client_init_acct(radius)) {
+ if (conf->acct_server && radius_client_init_acct(radius)) {
radius_client_deinit(radius);
return NULL;
}
- if (hapd->conf->radius_retry_primary_interval)
- eloop_register_timeout(hapd->conf->
- radius_retry_primary_interval, 0,
+ if (conf->retry_primary_interval)
+ eloop_register_timeout(conf->retry_primary_interval, 0,
radius_retry_primary_timer, radius,
NULL);
@@ -860,7 +957,6 @@ void radius_client_deinit(struct radius_client_data *radius)
void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr)
{
- struct hostapd_data *hapd = radius->hapd;
struct radius_msg_list *entry, *prev, *tmp;
prev = NULL;
@@ -868,7 +964,8 @@ void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr)
while (entry) {
if (entry->msg_type == RADIUS_AUTH &&
memcmp(entry->addr, addr, ETH_ALEN) == 0) {
- hostapd_logger(hapd, addr, HOSTAPD_MODULE_RADIUS,
+ hostapd_logger(radius->ctx, addr,
+ HOSTAPD_MODULE_RADIUS,
HOSTAPD_LEVEL_DEBUG,
"Removing pending RADIUS authentication"
" message for removed client");
@@ -897,6 +994,7 @@ static int radius_client_dump_auth_server(char *buf, size_t buflen,
{
int pending = 0;
struct radius_msg_list *msg;
+ char abuf[50];
if (cli) {
for (msg = cli->msgs; msg; msg = msg->next) {
@@ -922,7 +1020,7 @@ static int radius_client_dump_auth_server(char *buf, size_t buflen,
"radiusAuthClientUnknownTypes=%u\n"
"radiusAuthClientPacketsDropped=%u\n",
serv->index,
- inet_ntoa(serv->addr),
+ hostapd_ip_txt(&serv->addr, abuf, sizeof(abuf)),
serv->port,
serv->round_trip_time,
serv->requests,
@@ -945,6 +1043,7 @@ static int radius_client_dump_acct_server(char *buf, size_t buflen,
{
int pending = 0;
struct radius_msg_list *msg;
+ char abuf[50];
if (cli) {
for (msg = cli->msgs; msg; msg = msg->next) {
@@ -969,7 +1068,7 @@ static int radius_client_dump_acct_server(char *buf, size_t buflen,
"radiusAccClientUnknownTypes=%u\n"
"radiusAccClientPacketsDropped=%u\n",
serv->index,
- inet_ntoa(serv->addr),
+ hostapd_ip_txt(&serv->addr, abuf, sizeof(abuf)),
serv->port,
serv->round_trip_time,
serv->requests,
@@ -987,27 +1086,27 @@ static int radius_client_dump_acct_server(char *buf, size_t buflen,
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
size_t buflen)
{
- struct hostapd_data *hapd = radius->hapd;
+ struct hostapd_radius_servers *conf = radius->conf;
int i;
struct hostapd_radius_server *serv;
int count = 0;
- if (hapd->conf->auth_servers) {
- for (i = 0; i < hapd->conf->num_auth_servers; i++) {
- serv = &hapd->conf->auth_servers[i];
+ if (conf->auth_servers) {
+ for (i = 0; i < conf->num_auth_servers; i++) {
+ serv = &conf->auth_servers[i];
count += radius_client_dump_auth_server(
buf + count, buflen - count, serv,
- serv == hapd->conf->auth_server ?
+ serv == conf->auth_server ?
radius : NULL);
}
}
- if (hapd->conf->acct_servers) {
- for (i = 0; i < hapd->conf->num_acct_servers; i++) {
- serv = &hapd->conf->acct_servers[i];
+ if (conf->acct_servers) {
+ for (i = 0; i < conf->num_acct_servers; i++) {
+ serv = &conf->acct_servers[i];
count += radius_client_dump_acct_server(
buf + count, buflen - count, serv,
- serv == hapd->conf->acct_server ?
+ serv == conf->acct_server ?
radius : NULL);
}
}
OpenPOWER on IntegriCloud