CFLAGS += -DCONFIG_IPV6
endif
+ifdef CONFIG_DRIVER_RADIUS_ACL
+CFLAGS += -DCONFIG_DRIVER_RADIUS_ACL
+endif
+
ifdef CONFIG_FULL_DYNAMIC_VLAN
# define CONFIG_FULL_DYNAMIC_VLAN to have hostapd manipulate bridges
# and vlan interfaces for the vlan feature.
# IEEE 802.11r. This draft is still subject to change, so it should be noted
# that this version may not comply with the final standard.
#CONFIG_IEEE80211R=y
+
+# Use the hostapd's IEEE 802.11 authentication (ACL), but without
+# the IEEE 802.11 Management capability (e.g., madwifi or FreeBSD/net80211)
+#CONFIG_DRIVER_RADIUS_ACL=y
int (*send_ether)(void *priv, const u8 *dst, const u8 *src, u16 proto,
const u8 *data, size_t data_len);
+
+ int (*set_radius_acl_auth)(void *priv, const u8 *mac, int accepted,
+ u32 session_timeout);
+ int (*set_radius_acl_expire)(void *priv, const u8 *mac);
};
static inline void *
return hapd->driver->commit(hapd->drv_priv);
}
+static inline int
+hostapd_set_radius_acl_auth(struct hostapd_data *hapd, const u8 *mac,
+ int accepted, u32 session_timeout)
+{
+ if (hapd->driver == NULL || hapd->driver->set_radius_acl_auth == NULL)
+ return 0;
+ return hapd->driver->set_radius_acl_auth(hapd->drv_priv, mac, accepted,
+ session_timeout);
+}
+
+static inline int
+hostapd_set_radius_acl_expire(struct hostapd_data *hapd, const u8 *mac)
+{
+ if (hapd->driver == NULL ||
+ hapd->driver->set_radius_acl_expire == NULL)
+ return 0;
+ return hapd->driver->set_radius_acl_expire(hapd->drv_priv, mac);
+}
+
#endif /* DRIVER_H */
#include "radius/radius.h"
#include "radius/radius_client.h"
#include "eloop.h"
+#include "driver.h"
#define RADIUS_ACL_TIMEOUT 30
prev->next = entry->next;
else
hapd->acl_cache = entry->next;
-
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+ hostapd_set_radius_acl_expire(hapd, entry->addr);
+#endif /* CONFIG_DRIVER_RADIUS_ACL */
tmp = entry;
entry = entry->next;
os_free(tmp);
cache->next = hapd->acl_cache;
hapd->acl_cache = cache;
+#ifdef CONFIG_DRIVER_RADIUS_ACL
+ hostapd_set_radius_acl_auth(hapd, query->addr, cache->accepted,
+ cache->session_timeout);
+#else /* CONFIG_DRIVER_RADIUS_ACL */
/* Re-send original authentication frame for 802.11 processing */
wpa_printf(MSG_DEBUG, "Re-sending authentication frame after "
"successful RADIUS ACL query");
ieee802_11_mgmt(hapd, query->auth_msg, query->auth_msg_len,
WLAN_FC_STYPE_AUTH, NULL);
+#endif /* CONFIG_DRIVER_RADIUS_ACL */
done:
if (prev == NULL)