Add option to force a specific RADIUS client address to be used

The new hostapd.conf parameter radius_client_addr can now be used to
select a specific local IP address to be used as the RADIUS client
address.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 95f3bf2..53143f7 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2189,6 +2189,14 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                os_free(bss->nas_identifier);
                bss->nas_identifier = os_strdup(pos);
 #ifndef CONFIG_NO_RADIUS
+       } else if (os_strcmp(buf, "radius_client_addr") == 0) {
+               if (hostapd_parse_ip_addr(pos, &bss->radius->client_addr)) {
+                       wpa_printf(MSG_ERROR,
+                                  "Line %d: invalid IP address '%s'",
+                                  line, pos);
+                       return 1;
+               }
+               bss->radius->force_client_addr = 1;
        } else if (os_strcmp(buf, "auth_server_addr") == 0) {
                if (hostapd_config_read_radius_addr(
                            &bss->radius->auth_servers,

diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index dd05c2f..9e81e9e 100644 (file)
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -885,6 +885,12 @@ own_ip_addr=127.0.0.1
 # 48 octets long.
 #nas_identifier=ap.example.com
 
+# RADIUS client forced local IP address for the access point
+# Normally the local IP address is determined automatically based on configured
+# IP addresses, but this field can be used to force a specific address to be
+# used, e.g., when the device has multiple IP addresses.
+#radius_client_addr=127.0.0.1
+
 # RADIUS authentication server
 #auth_server_addr=127.0.0.1
 #auth_server_port=1812