/*
- * hostapd / RADIUS client
- * Copyright (c) 2002-2005, Jouni Malinen <j@w1.fi>
+ * RADIUS client
+ * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
struct radius_msg;
+/**
+ * struct hostapd_radius_server - RADIUS server information for RADIUS client
+ *
+ * This structure contains information about a RADIUS server. The values are
+ * mainly for MIB information. The MIB variable prefix (radiusAuth or
+ * radiusAcc) depends on whether this is an authentication or accounting
+ * server.
+ *
+ * radiusAuthClientPendingRequests (or radiusAccClientPendingRequests) is the
+ * number struct radius_client_data::msgs for matching msg_type.
+ */
struct hostapd_radius_server {
- /* MIB prefix for shared variables:
- * @ = radiusAuth or radiusAcc depending on the type of the server */
- struct hostapd_ip_addr addr; /* @ServerAddress */
- int port; /* @ClientServerPortNumber */
+ /**
+ * addr - radiusAuthServerAddress or radiusAccServerAddress
+ */
+ struct hostapd_ip_addr addr;
+
+ /**
+ * port - radiusAuthClientServerPortNumber or radiusAccClientServerPortNumber
+ */
+ int port;
+
+ /**
+ * shared_secret - Shared secret for authenticating RADIUS messages
+ */
u8 *shared_secret;
+
+ /**
+ * shared_secret_len - Length of shared_secret in octets
+ */
size_t shared_secret_len;
/* Dynamic (not from configuration file) MIB data */
- int index; /* @ServerIndex */
- int round_trip_time; /* @ClientRoundTripTime; in hundredths of a
- * second */
- u32 requests; /* @Client{Access,}Requests */
- u32 retransmissions; /* @Client{Access,}Retransmissions */
- u32 access_accepts; /* radiusAuthClientAccessAccepts */
- u32 access_rejects; /* radiusAuthClientAccessRejects */
- u32 access_challenges; /* radiusAuthClientAccessChallenges */
- u32 responses; /* radiusAccClientResponses */
- u32 malformed_responses; /* @ClientMalformed{Access,}Responses */
- u32 bad_authenticators; /* @ClientBadAuthenticators */
- u32 timeouts; /* @ClientTimeouts */
- u32 unknown_types; /* @ClientUnknownTypes */
- u32 packets_dropped; /* @ClientPacketsDropped */
- /* @ClientPendingRequests: length of hapd->radius->msgs for matching
- * msg_type */
+
+ /**
+ * index - radiusAuthServerIndex or radiusAccServerIndex
+ */
+ int index;
+
+ /**
+ * round_trip_time - radiusAuthClientRoundTripTime or radiusAccClientRoundTripTime
+ * Round-trip time in hundredths of a second.
+ */
+ int round_trip_time;
+
+ /**
+ * requests - radiusAuthClientAccessRequests or radiusAccClientRequests
+ */
+ u32 requests;
+
+ /**
+ * retransmissions - radiusAuthClientAccessRetransmissions or radiusAccClientRetransmissions
+ */
+ u32 retransmissions;
+
+ /**
+ * access_accepts - radiusAuthClientAccessAccepts
+ */
+ u32 access_accepts;
+
+ /**
+ * access_rejects - radiusAuthClientAccessRejects
+ */
+ u32 access_rejects;
+
+ /**
+ * access_challenges - radiusAuthClientAccessChallenges
+ */
+ u32 access_challenges;
+
+ /**
+ * responses - radiusAccClientResponses
+ */
+ u32 responses;
+
+ /**
+ * malformed_responses - radiusAuthClientMalformedAccessResponses or radiusAccClientMalformedResponses
+ */
+ u32 malformed_responses;
+
+ /**
+ * bad_authenticators - radiusAuthClientBadAuthenticators or radiusAccClientBadAuthenticators
+ */
+ u32 bad_authenticators;
+
+ /**
+ * timeouts - radiusAuthClientTimeouts or radiusAccClientTimeouts
+ */
+ u32 timeouts;
+
+ /**
+ * unknown_types - radiusAuthClientUnknownTypes or radiusAccClientUnknownTypes
+ */
+ u32 unknown_types;
+
+ /**
+ * packets_dropped - radiusAuthClientPacketsDropped or radiusAccClientPacketsDropped
+ */
+ u32 packets_dropped;
};
+/**
+ * struct hostapd_radius_servers - RADIUS servers for RADIUS client
+ */
struct hostapd_radius_servers {
- /* RADIUS Authentication and Accounting servers in priority order */
- struct hostapd_radius_server *auth_servers, *auth_server;
+ /**
+ * auth_servers - RADIUS Authentication servers in priority order
+ */
+ struct hostapd_radius_server *auth_servers;
+
+ /**
+ * num_auth_servers - Number of auth_servers entries
+ */
int num_auth_servers;
- struct hostapd_radius_server *acct_servers, *acct_server;
+
+ /**
+ * auth_server - The current Authentication server
+ */
+ struct hostapd_radius_server *auth_server;
+
+ /**
+ * acct_servers - RADIUS Accounting servers in priority order
+ */
+ struct hostapd_radius_server *acct_servers;
+
+ /**
+ * num_acct_servers - Number of acct_servers entries
+ */
int num_acct_servers;
+ /**
+ * acct_server - The current Accounting server
+ */
+ struct hostapd_radius_server *acct_server;
+
+ /**
+ * retry_primary_interval - Retry interval for trying primary server
+ *
+ * This specifies a retry interval in sexconds for trying to return to
+ * the primary RADIUS server. RADIUS client code will automatically try
+ * to use the next server when the current server is not replying to
+ * requests. If this interval is set (non-zero), the primary server
+ * will be retried after the specified number of seconds has passed
+ * even if the current used secondary server is still working.
+ */
int retry_primary_interval;
- int acct_interim_interval;
+ /**
+ * msg_dumps - Whether RADIUS message details are shown in stdout
+ */
int msg_dumps;
+ /**
+ * client_addr - Client (local) address to use if force_client_addr
+ */
struct hostapd_ip_addr client_addr;
+
+ /**
+ * force_client_addr - Whether to force client (local) address
+ */
int force_client_addr;
};
+/**
+ * RadiusType - RADIUS server type for RADIUS client
+ */
typedef enum {
+ /**
+ * RADIUS authentication
+ */
RADIUS_AUTH,
+
+ /**
+ * RADIUS_ACCT - RADIUS accounting
+ */
RADIUS_ACCT,
- RADIUS_ACCT_INTERIM /* used only with radius_client_send(); just like
- * RADIUS_ACCT, but removes any pending interim
- * RADIUS Accounting packages for the same STA
- * before sending the new interim update */
+
+ /**
+ * RADIUS_ACCT_INTERIM - RADIUS interim accounting message
+ *
+ * Used only with radius_client_send(). This behaves just like
+ * RADIUS_ACCT, but removes any pending interim RADIUS Accounting
+ * messages for the same STA before sending the new interim update.
+ */
+ RADIUS_ACCT_INTERIM
} RadiusType;
+/**
+ * RadiusRxResult - RADIUS client RX handler result
+ */
typedef enum {
+ /**
+ * RADIUS_RX_PROCESSED - Message processed
+ *
+ * This stops handler calls and frees the message.
+ */
RADIUS_RX_PROCESSED,
+
+ /**
+ * RADIUS_RX_QUEUED - Message has been queued
+ *
+ * This stops handler calls, but does not free the message; the handler
+ * that returned this is responsible for eventually freeing the
+ * message.
+ */
RADIUS_RX_QUEUED,
+
+ /**
+ * RADIUS_RX_UNKNOWN - Message is not for this handler
+ */
RADIUS_RX_UNKNOWN,
+
+ /**
+ * RADIUS_RX_INVALID_AUTHENTICATOR - Message has invalid Authenticator
+ */
RADIUS_RX_INVALID_AUTHENTICATOR
} RadiusRxResult;
struct radius_msg *msg,
RadiusType msg_type, const u8 *addr);
u8 radius_client_get_id(struct radius_client_data *radius);
-
-#ifdef CONFIG_NO_RADIUS
-static inline void radius_client_flush(struct radius_client_data *radius,
- int only_auth)
-{
-}
-
-static inline struct radius_client_data *
-radius_client_init(void *ctx, struct hostapd_radius_servers *conf)
-{
- return (void *) -1;
-}
-
-static inline void radius_client_deinit(struct radius_client_data *radius)
-{
-}
-
-static inline void radius_client_flush_auth(struct radius_client_data *radius,
- u8 *addr)
-{
-}
-
-static inline int radius_client_get_mib(struct radius_client_data *radius,
- char *buf, size_t buflen)
-{
- return 0;
-}
-#else /* CONFIG_NO_RADIUS */
void radius_client_flush(struct radius_client_data *radius, int only_auth);
struct radius_client_data *
radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
void radius_client_deinit(struct radius_client_data *radius);
-void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
+void radius_client_flush_auth(struct radius_client_data *radius,
+ const u8 *addr);
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
size_t buflen);
-#endif /* CONFIG_NO_RADIUS */
-struct radius_client_data *
-radius_client_reconfig(struct radius_client_data *old, void *ctx,
- struct hostapd_radius_servers *oldconf,
- struct hostapd_radius_servers *newconf);
#endif /* RADIUS_CLIENT_H */
projects / mech_eap.orig / blobdiff