 c06fb25d1f
			
		
	
	c06fb25d1f
	
	
		
			
	
		
	
	
		
			Some checks failed
		
		
	
	Build Kernel / Build all affected Kernels (push) Has been cancelled
				
			Build all core packages / Build all core packages for selected target (push) Has been cancelled
				
			Build and Push prebuilt tools container / Build and Push all prebuilt containers (push) Has been cancelled
				
			Build Toolchains / Build Toolchains for each target (push) Has been cancelled
				
			Build host tools / Build host tools for linux and macos based systems (push) Has been cancelled
				
			Coverity scan build / Coverity x86/64 build (push) Has been cancelled
				
			
		
			
				
	
	
		
			117 lines
		
	
	
		
			3.8 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
			
		
		
	
	
			117 lines
		
	
	
		
			3.8 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
| From: Felix Fietkau <nbd@nbd.name>
 | |
| Date: Thu, 15 Dec 2022 13:57:04 +0100
 | |
| Subject: [PATCH] hostapd: add support for automatically setting RADIUS own-ip
 | |
|  dynamically
 | |
| 
 | |
| Some servers use the NAS-IP-Address attribute as a destination address
 | |
| 
 | |
| --- a/hostapd/config_file.c
 | |
| +++ b/hostapd/config_file.c
 | |
| @@ -2865,6 +2865,8 @@ static int hostapd_config_fill(struct ho
 | |
|  	} else if (os_strcmp(buf, "iapp_interface") == 0) {
 | |
|  		wpa_printf(MSG_INFO, "DEPRECATED: iapp_interface not used");
 | |
|  #endif /* CONFIG_IAPP */
 | |
| +	} else if (os_strcmp(buf, "dynamic_own_ip_addr") == 0) {
 | |
| +		bss->dynamic_own_ip_addr = atoi(pos);
 | |
|  	} else if (os_strcmp(buf, "own_ip_addr") == 0) {
 | |
|  		if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
 | |
|  			wpa_printf(MSG_ERROR,
 | |
| --- a/src/ap/ap_config.h
 | |
| +++ b/src/ap/ap_config.h
 | |
| @@ -310,6 +310,7 @@ struct hostapd_bss_config {
 | |
|  	unsigned int eap_sim_db_timeout;
 | |
|  	int eap_server_erp; /* Whether ERP is enabled on internal EAP server */
 | |
|  	struct hostapd_ip_addr own_ip_addr;
 | |
| +	int dynamic_own_ip_addr;
 | |
|  	char *nas_identifier;
 | |
|  	struct hostapd_radius_servers *radius;
 | |
|  	int radius_require_message_authenticator;
 | |
| --- a/src/ap/ieee802_1x.c
 | |
| +++ b/src/ap/ieee802_1x.c
 | |
| @@ -600,6 +600,10 @@ int add_common_radius_attr(struct hostap
 | |
|  	struct hostapd_radius_attr *attr;
 | |
|  	int len;
 | |
|  
 | |
| +	if (hapd->conf->dynamic_own_ip_addr)
 | |
| +		radius_client_get_local_addr(hapd->radius,
 | |
| +					     &hapd->conf->own_ip_addr);
 | |
| +
 | |
|  	if (!hostapd_config_get_radius_attr(req_attr,
 | |
|  					    RADIUS_ATTR_NAS_IP_ADDRESS) &&
 | |
|  	    hapd->conf->own_ip_addr.af == AF_INET &&
 | |
| --- a/src/radius/radius_client.c
 | |
| +++ b/src/radius/radius_client.c
 | |
| @@ -165,6 +165,8 @@ struct radius_client_data {
 | |
|  	 */
 | |
|  	void *ctx;
 | |
|  
 | |
| +	struct hostapd_ip_addr local_ip;
 | |
| +
 | |
|  	/**
 | |
|  	 * conf - RADIUS client configuration (list of RADIUS servers to use)
 | |
|  	 */
 | |
| @@ -819,6 +821,30 @@ static void radius_close_acct_socket(str
 | |
|  
 | |
|  
 | |
|  /**
 | |
| + * radius_client_send - Get local address for the RADIUS auth socket
 | |
| + * @radius: RADIUS client context from radius_client_init()
 | |
| + * @addr: pointer to store the address
 | |
| + *
 | |
| + * This function returns the local address for the connection to the RADIUS
 | |
| + * auth server. It also opens the socket if it's not available yet.
 | |
| + */
 | |
| +int radius_client_get_local_addr(struct radius_client_data *radius,
 | |
| +				 struct hostapd_ip_addr *addr)
 | |
| +{
 | |
| +	struct hostapd_radius_servers *conf = radius->conf;
 | |
| +
 | |
| +	if (conf->auth_server && radius->auth_sock < 0)
 | |
| +		radius_client_init_auth(radius);
 | |
| +
 | |
| +	if (radius->auth_sock < 0)
 | |
| +		return -1;
 | |
| +
 | |
| +	memcpy(addr, &radius->local_ip, sizeof(*addr));
 | |
| +
 | |
| +	return 0;
 | |
| +}
 | |
| +
 | |
| +/**
 | |
|   * radius_client_send - Send a RADIUS request
 | |
|   * @radius: RADIUS client context from radius_client_init()
 | |
|   * @msg: RADIUS message to be sent
 | |
| @@ -1711,6 +1737,10 @@ radius_change_server(struct radius_clien
 | |
|  			wpa_printf(MSG_DEBUG, "RADIUS local address: %s:%u",
 | |
|  				   inet_ntoa(claddr.sin_addr),
 | |
|  				   ntohs(claddr.sin_port));
 | |
| +			if (auth) {
 | |
| +				radius->local_ip.af = AF_INET;
 | |
| +				radius->local_ip.u.v4 = claddr.sin_addr;
 | |
| +			}
 | |
|  		}
 | |
|  		break;
 | |
|  #ifdef CONFIG_IPV6
 | |
| @@ -1722,6 +1752,10 @@ radius_change_server(struct radius_clien
 | |
|  				   inet_ntop(AF_INET6, &claddr6.sin6_addr,
 | |
|  					     abuf, sizeof(abuf)),
 | |
|  				   ntohs(claddr6.sin6_port));
 | |
| +			if (auth) {
 | |
| +				radius->local_ip.af = AF_INET6;
 | |
| +				radius->local_ip.u.v6 = claddr6.sin6_addr;
 | |
| +			}
 | |
|  		}
 | |
|  		break;
 | |
|  	}
 | |
| --- a/src/radius/radius_client.h
 | |
| +++ b/src/radius/radius_client.h
 | |
| @@ -274,6 +274,8 @@ int radius_client_register(struct radius
 | |
|  void radius_client_set_interim_error_cb(struct radius_client_data *radius,
 | |
|  					void (*cb)(const u8 *addr, void *ctx),
 | |
|  					void *ctx);
 | |
| +int radius_client_get_local_addr(struct radius_client_data *radius,
 | |
| +				 struct hostapd_ip_addr * addr);
 | |
|  int radius_client_send(struct radius_client_data *radius,
 | |
|  		       struct radius_msg *msg,
 | |
|  		       RadiusType msg_type, const u8 *addr);
 |