Lines Matching refs:radius
257 radius_change_server(struct radius_client_data *radius,
261 static int radius_client_init_acct(struct radius_client_data *radius);
262 static int radius_client_init_auth(struct radius_client_data *radius);
263 static void radius_client_auth_failover(struct radius_client_data *radius);
264 static void radius_client_acct_failover(struct radius_client_data *radius);
290 int radius_client_register(struct radius_client_data *radius, in radius_client_register() argument
303 handlers = &radius->acct_handlers; in radius_client_register()
304 num = &radius->num_acct_handlers; in radius_client_register()
306 handlers = &radius->auth_handlers; in radius_client_register()
307 num = &radius->num_auth_handlers; in radius_client_register()
334 void radius_client_set_interim_error_cb(struct radius_client_data *radius, in radius_client_set_interim_error_cb() argument
338 radius->interim_error_cb = cb; in radius_client_set_interim_error_cb()
339 radius->interim_error_cb_ctx = ctx; in radius_client_set_interim_error_cb()
347 static int radius_client_handle_send_error(struct radius_client_data *radius, in radius_client_handle_send_error() argument
355 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_handle_send_error()
361 radius_client_init_acct(radius); in radius_client_handle_send_error()
364 radius_client_init_auth(radius); in radius_client_handle_send_error()
374 static int radius_client_retransmit(struct radius_client_data *radius, in radius_client_retransmit() argument
378 struct hostapd_radius_servers *conf = radius->conf; in radius_client_retransmit()
395 if (radius->acct_tls) in radius_client_retransmit()
396 conn = radius->acct_tls_conn; in radius_client_retransmit()
399 if (radius->acct_sock < 0) in radius_client_retransmit()
400 radius_client_init_acct(radius); in radius_client_retransmit()
401 if (radius->acct_sock < 0 && conf->num_acct_servers > 1) { in radius_client_retransmit()
402 prev_num_msgs = radius->num_msgs; in radius_client_retransmit()
403 radius_client_acct_failover(radius); in radius_client_retransmit()
404 if (prev_num_msgs != radius->num_msgs) in radius_client_retransmit()
407 s = radius->acct_sock; in radius_client_retransmit()
416 if (radius->auth_tls) in radius_client_retransmit()
417 conn = radius->auth_tls_conn; in radius_client_retransmit()
420 if (radius->auth_sock < 0) in radius_client_retransmit()
421 radius_client_init_auth(radius); in radius_client_retransmit()
422 if (radius->auth_sock < 0 && conf->num_auth_servers > 1) { in radius_client_retransmit()
423 prev_num_msgs = radius->num_msgs; in radius_client_retransmit()
424 radius_client_auth_failover(radius); in radius_client_retransmit()
425 if (prev_num_msgs != radius->num_msgs) in radius_client_retransmit()
428 s = radius->auth_sock; in radius_client_retransmit()
442 if (radius->interim_error_cb) in radius_client_retransmit()
443 radius->interim_error_cb(entry->addr, in radius_client_retransmit()
444 radius->interim_error_cb_ctx); in radius_client_retransmit()
455 if ((acct && radius->acct_tls && !radius->acct_tls_ready) || in radius_client_retransmit()
456 (!acct && radius->auth_tls && !radius->auth_tls_ready)) { in radius_client_retransmit()
476 hdr->identifier = radius_client_get_id(radius); in radius_client_retransmit()
487 if (radius->conf->msg_dumps) in radius_client_retransmit()
501 hostapd_logger(radius->ctx, entry->addr, HOSTAPD_MODULE_RADIUS, in radius_client_retransmit()
509 out = tls_connection_encrypt(radius->tls_ctx, conn, buf); in radius_client_retransmit()
525 if (radius_client_handle_send_error(radius, s, entry->msg_type) in radius_client_retransmit()
550 struct radius_client_data *radius = eloop_ctx; in radius_client_timer() local
558 entry = radius->msgs; in radius_client_timer()
566 s = entry->msg_type == RADIUS_AUTH ? radius->auth_sock : in radius_client_timer()
567 radius->acct_sock; in radius_client_timer()
581 radius_client_auth_failover(radius); in radius_client_timer()
584 radius_client_acct_failover(radius); in radius_client_timer()
586 entry = radius->msgs; in radius_client_timer()
591 prev_num_msgs = radius->num_msgs; in radius_client_timer()
593 radius_client_retransmit(radius, entry, now.sec)) { in radius_client_timer()
597 radius->msgs = entry->next; in radius_client_timer()
602 radius->num_msgs--; in radius_client_timer()
606 if (prev_num_msgs != radius->num_msgs) { in radius_client_timer()
609 entry = radius->msgs; in radius_client_timer()
621 if (radius->msgs) { in radius_client_timer()
624 eloop_cancel_timeout(radius_client_timer, radius, NULL); in radius_client_timer()
626 radius_client_timer, radius, NULL); in radius_client_timer()
627 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_timer()
635 static void radius_client_auth_failover(struct radius_client_data *radius) in radius_client_auth_failover() argument
637 struct hostapd_radius_servers *conf = radius->conf; in radius_client_auth_failover()
643 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_auth_failover()
649 for (entry = radius->msgs; entry; entry = entry->next) { in radius_client_auth_failover()
658 radius_change_server(radius, next, old, 1); in radius_client_auth_failover()
662 static void radius_client_acct_failover(struct radius_client_data *radius) in radius_client_acct_failover() argument
664 struct hostapd_radius_servers *conf = radius->conf; in radius_client_acct_failover()
670 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_acct_failover()
676 for (entry = radius->msgs; entry; entry = entry->next) { in radius_client_acct_failover()
686 radius_change_server(radius, next, old, 0); in radius_client_acct_failover()
690 static void radius_client_update_timeout(struct radius_client_data *radius) in radius_client_update_timeout() argument
696 eloop_cancel_timeout(radius_client_timer, radius, NULL); in radius_client_update_timeout()
698 if (radius->msgs == NULL) { in radius_client_update_timeout()
703 for (entry = radius->msgs; entry; entry = entry->next) { in radius_client_update_timeout()
711 eloop_register_timeout(first - now.sec, 0, radius_client_timer, radius, in radius_client_update_timeout()
713 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_update_timeout()
719 static void radius_client_list_add(struct radius_client_data *radius, in radius_client_list_add() argument
755 entry->next = radius->msgs; in radius_client_list_add()
756 radius->msgs = entry; in radius_client_list_add()
757 radius_client_update_timeout(radius); in radius_client_list_add()
759 if (radius->num_msgs >= RADIUS_CLIENT_MAX_ENTRIES) { in radius_client_list_add()
771 radius->num_msgs++; in radius_client_list_add()
791 static void radius_close_auth_socket(struct radius_client_data *radius) in radius_close_auth_socket() argument
793 if (radius->auth_sock >= 0) { in radius_close_auth_socket()
795 if (radius->conf->auth_server->tls) in radius_close_auth_socket()
796 eloop_unregister_sock(radius->auth_sock, in radius_close_auth_socket()
799 eloop_unregister_read_sock(radius->auth_sock); in radius_close_auth_socket()
800 close(radius->auth_sock); in radius_close_auth_socket()
801 radius->auth_sock = -1; in radius_close_auth_socket()
806 static void radius_close_acct_socket(struct radius_client_data *radius) in radius_close_acct_socket() argument
808 if (radius->acct_sock >= 0) { in radius_close_acct_socket()
810 if (radius->conf->acct_server->tls) in radius_close_acct_socket()
811 eloop_unregister_sock(radius->acct_sock, in radius_close_acct_socket()
814 eloop_unregister_read_sock(radius->acct_sock); in radius_close_acct_socket()
815 close(radius->acct_sock); in radius_close_acct_socket()
816 radius->acct_sock = -1; in radius_close_acct_socket()
846 int radius_client_send(struct radius_client_data *radius, in radius_client_send() argument
850 struct hostapd_radius_servers *conf = radius->conf; in radius_client_send()
865 if (radius->acct_tls) in radius_client_send()
866 conn = radius->acct_tls_conn; in radius_client_send()
868 if (conf->acct_server && radius->acct_sock < 0) in radius_client_send()
869 radius_client_init_acct(radius); in radius_client_send()
871 if (conf->acct_server == NULL || radius->acct_sock < 0 || in radius_client_send()
873 hostapd_logger(radius->ctx, NULL, in radius_client_send()
883 s = radius->acct_sock; in radius_client_send()
887 if (radius->auth_tls) in radius_client_send()
888 conn = radius->auth_tls_conn; in radius_client_send()
890 if (conf->auth_server && radius->auth_sock < 0) in radius_client_send()
891 radius_client_init_auth(radius); in radius_client_send()
893 if (conf->auth_server == NULL || radius->auth_sock < 0 || in radius_client_send()
895 hostapd_logger(radius->ctx, NULL, in radius_client_send()
905 s = radius->auth_sock; in radius_client_send()
909 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_send()
916 if ((acct && radius->acct_tls && !radius->acct_tls_ready) || in radius_client_send()
917 (!acct && radius->auth_tls && !radius->auth_tls_ready)) { in radius_client_send()
927 out = tls_connection_encrypt(radius->tls_ctx, conn, buf); in radius_client_send()
946 radius_client_handle_send_error(radius, s, msg_type); in radius_client_send()
951 radius_client_list_add(radius, msg, msg_type, shared_secret, in radius_client_send()
960 static void radius_client_close_tcp(struct radius_client_data *radius, in radius_client_close_tcp() argument
966 radius->acct_tls_ready = false; in radius_client_close_tcp()
967 radius_close_acct_socket(radius); in radius_client_close_tcp()
969 radius->auth_tls_ready = false; in radius_client_close_tcp()
970 radius_close_auth_socket(radius); in radius_client_close_tcp()
976 radius_client_process_tls_handshake(struct radius_client_data *radius, in radius_client_process_tls_handshake() argument
990 conn = radius->acct_tls_conn; in radius_client_process_tls_handshake()
992 conn = radius->auth_tls_conn; in radius_client_process_tls_handshake()
999 out = tls_connection_handshake(radius->tls_ctx, conn, in, &appl); in radius_client_process_tls_handshake()
1007 if (tls_connection_get_failed(radius->tls_ctx, conn)) { in radius_client_process_tls_handshake()
1012 if (tls_connection_established(radius->tls_ctx, conn)) { in radius_client_process_tls_handshake()
1017 radius->acct_tls_ready = true; in radius_client_process_tls_handshake()
1019 radius->auth_tls_ready = true; in radius_client_process_tls_handshake()
1047 entry = radius->msgs; in radius_client_process_tls_handshake()
1056 if (radius_client_retransmit(radius, entry, now.sec)) { in radius_client_process_tls_handshake()
1060 radius->msgs = entry->next; in radius_client_process_tls_handshake()
1065 radius->num_msgs--; in radius_client_process_tls_handshake()
1078 tls_connection_deinit(radius->tls_ctx, conn); in radius_client_process_tls_handshake()
1080 radius->acct_tls_conn = NULL; in radius_client_process_tls_handshake()
1082 radius->auth_tls_conn = NULL; in radius_client_process_tls_handshake()
1083 radius_client_close_tcp(radius, sock, msg_type); in radius_client_process_tls_handshake()
1091 struct radius_client_data *radius = eloop_ctx; in radius_client_receive() local
1092 struct hostapd_radius_servers *conf = radius->conf; in radius_client_receive()
1113 if (radius->acct_tls) in radius_client_receive()
1114 conn = radius->acct_tls_conn; in radius_client_receive()
1115 tls = radius->acct_tls; in radius_client_receive()
1116 tls_ready = radius->acct_tls_ready; in radius_client_receive()
1118 handlers = radius->acct_handlers; in radius_client_receive()
1119 num_handlers = radius->num_acct_handlers; in radius_client_receive()
1123 if (radius->auth_tls) in radius_client_receive()
1124 conn = radius->auth_tls_conn; in radius_client_receive()
1125 tls = radius->auth_tls; in radius_client_receive()
1126 tls_ready = radius->auth_tls_ready; in radius_client_receive()
1128 handlers = radius->auth_handlers; in radius_client_receive()
1129 num_handlers = radius->num_auth_handlers; in radius_client_receive()
1150 radius_client_process_tls_handshake(radius, sock, msg_type, in radius_client_receive()
1164 out = tls_connection_decrypt(radius->tls_ctx, conn, in); in radius_client_receive()
1190 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_receive()
1207 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_receive()
1228 req = radius->msgs; in radius_client_receive()
1244 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_client_receive()
1255 hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS, in radius_client_receive()
1266 radius->msgs = req->next; in radius_client_receive()
1267 radius->num_msgs--; in radius_client_receive()
1294 hostapd_logger(radius->ctx, req->addr, HOSTAPD_MODULE_RADIUS, in radius_client_receive()
1308 radius_client_close_tcp(radius, sock, msg_type); in radius_client_receive()
1316 struct radius_client_data *radius = eloop_ctx; in radius_client_write_ready() local
1329 eloop_register_read_sock(sock, radius_client_receive, radius, in radius_client_write_ready()
1331 if (radius->acct_tls_conn) { in radius_client_write_ready()
1334 tls_connection_deinit(radius->tls_ctx, in radius_client_write_ready()
1335 radius->acct_tls_conn); in radius_client_write_ready()
1336 radius->acct_tls_conn = NULL; in radius_client_write_ready()
1338 server = radius->conf->acct_server; in radius_client_write_ready()
1341 eloop_register_read_sock(sock, radius_client_receive, radius, in radius_client_write_ready()
1343 if (radius->auth_tls_conn) { in radius_client_write_ready()
1346 tls_connection_deinit(radius->tls_ctx, in radius_client_write_ready()
1347 radius->auth_tls_conn); in radius_client_write_ready()
1348 radius->auth_tls_conn = NULL; in radius_client_write_ready()
1350 server = radius->conf->auth_server; in radius_client_write_ready()
1356 conn = tls_connection_init(radius->tls_ctx); in radius_client_write_ready()
1369 if (tls_connection_set_params(radius->tls_ctx, conn, ¶ms)) { in radius_client_write_ready()
1377 out = tls_connection_handshake(radius->tls_ctx, conn, in, &appl); in radius_client_write_ready()
1384 if (tls_connection_get_failed(radius->tls_ctx, conn)) { in radius_client_write_ready()
1405 radius->acct_tls_conn = conn; in radius_client_write_ready()
1407 radius->auth_tls_conn = conn; in radius_client_write_ready()
1412 tls_connection_deinit(radius->tls_ctx, conn); in radius_client_write_ready()
1414 radius_client_close_tcp(radius, sock, msg_type); in radius_client_write_ready()
1427 u8 radius_client_get_id(struct radius_client_data *radius) in radius_client_get_id() argument
1430 u8 id = radius->next_radius_identifier++; in radius_client_get_id()
1434 entry = radius->msgs; in radius_client_get_id()
1438 hostapd_logger(radius->ctx, entry->addr, in radius_client_get_id()
1446 radius->msgs = entry->next; in radius_client_get_id()
1467 void radius_client_flush(struct radius_client_data *radius, int only_auth) in radius_client_flush() argument
1471 if (!radius) in radius_client_flush()
1475 entry = radius->msgs; in radius_client_flush()
1482 radius->msgs = entry->next; in radius_client_flush()
1487 radius->num_msgs--; in radius_client_flush()
1494 if (radius->msgs == NULL) in radius_client_flush()
1495 eloop_cancel_timeout(radius_client_timer, radius, NULL); in radius_client_flush()
1499 static void radius_client_update_acct_msgs(struct radius_client_data *radius, in radius_client_update_acct_msgs() argument
1505 if (!radius) in radius_client_update_acct_msgs()
1508 for (entry = radius->msgs; entry; entry = entry->next) { in radius_client_update_acct_msgs()
1520 radius_change_server(struct radius_client_data *radius, in radius_change_server() argument
1534 struct hostapd_radius_servers *conf = radius->conf; in radius_change_server()
1547 hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, in radius_change_server()
1557 radius_client_flush(radius, 1); in radius_change_server()
1572 radius_client_flush(radius, 1); in radius_change_server()
1575 radius, nserv->shared_secret, in radius_change_server()
1581 for (entry = radius->msgs; oserv && entry; entry = entry->next) { in radius_change_server()
1590 if (radius->msgs) { in radius_change_server()
1591 eloop_cancel_timeout(radius_client_timer, radius, NULL); in radius_change_server()
1593 radius_client_timer, radius, NULL); in radius_change_server()
1733 radius_close_auth_socket(radius); in radius_change_server()
1734 radius->auth_sock = sel_sock; in radius_change_server()
1736 radius_close_acct_socket(radius); in radius_change_server()
1737 radius->acct_sock = sel_sock; in radius_change_server()
1742 radius, in radius_change_server()
1748 radius_client_write_ready, radius, in radius_change_server()
1754 radius->auth_tls = nserv->tls; in radius_change_server()
1755 radius->auth_tls_ready = false; in radius_change_server()
1757 radius->acct_tls = nserv->tls; in radius_change_server()
1758 radius->acct_tls_ready = false; in radius_change_server()
1767 struct radius_client_data *radius = eloop_ctx; in radius_retry_primary_timer() local
1768 struct hostapd_radius_servers *conf = radius->conf; in radius_retry_primary_timer()
1771 if (radius->auth_sock >= 0 && conf->auth_servers && in radius_retry_primary_timer()
1775 if (radius_change_server(radius, conf->auth_server, oserv, in radius_retry_primary_timer()
1778 radius_change_server(radius, oserv, conf->auth_server, in radius_retry_primary_timer()
1783 if (radius->acct_sock >= 0 && conf->acct_servers && in radius_retry_primary_timer()
1787 if (radius_change_server(radius, conf->acct_server, oserv, in radius_retry_primary_timer()
1790 radius_change_server(radius, oserv, conf->acct_server, in radius_retry_primary_timer()
1797 radius_retry_primary_timer, radius, in radius_retry_primary_timer()
1802 static int radius_client_init_auth(struct radius_client_data *radius) in radius_client_init_auth() argument
1804 radius_close_auth_socket(radius); in radius_client_init_auth()
1805 return radius_change_server(radius, radius->conf->auth_server, NULL, 1); in radius_client_init_auth()
1809 static int radius_client_init_acct(struct radius_client_data *radius) in radius_client_init_acct() argument
1811 radius_close_acct_socket(radius); in radius_client_init_acct()
1812 return radius_change_server(radius, radius->conf->acct_server, NULL, 0); in radius_client_init_acct()
1838 struct radius_client_data *radius; in radius_client_init() local
1840 radius = os_zalloc(sizeof(struct radius_client_data)); in radius_client_init()
1841 if (radius == NULL) in radius_client_init()
1844 radius->ctx = ctx; in radius_client_init()
1845 radius->conf = conf; in radius_client_init()
1846 radius->auth_sock = radius->acct_sock = -1; in radius_client_init()
1848 if (conf->auth_server && radius_client_init_auth(radius) == -1) { in radius_client_init()
1849 radius_client_deinit(radius); in radius_client_init()
1853 if (conf->acct_server && radius_client_init_acct(radius) == -1) { in radius_client_init()
1854 radius_client_deinit(radius); in radius_client_init()
1860 radius_retry_primary_timer, radius, in radius_client_init()
1870 radius->tls_ctx = tls_init(&tls_conf); in radius_client_init()
1871 if (!radius->tls_ctx) { in radius_client_init()
1872 radius_client_deinit(radius); in radius_client_init()
1879 return radius; in radius_client_init()
1887 void radius_client_deinit(struct radius_client_data *radius) in radius_client_deinit() argument
1889 if (!radius) in radius_client_deinit()
1892 radius_close_auth_socket(radius); in radius_client_deinit()
1893 radius_close_acct_socket(radius); in radius_client_deinit()
1895 eloop_cancel_timeout(radius_retry_primary_timer, radius, NULL); in radius_client_deinit()
1897 radius_client_flush(radius, 0); in radius_client_deinit()
1898 os_free(radius->auth_handlers); in radius_client_deinit()
1899 os_free(radius->acct_handlers); in radius_client_deinit()
1901 if (radius->tls_ctx) { in radius_client_deinit()
1902 tls_connection_deinit(radius->tls_ctx, radius->auth_tls_conn); in radius_client_deinit()
1903 tls_connection_deinit(radius->tls_ctx, radius->acct_tls_conn); in radius_client_deinit()
1904 tls_deinit(radius->tls_ctx); in radius_client_deinit()
1907 os_free(radius); in radius_client_deinit()
1921 void radius_client_flush_auth(struct radius_client_data *radius, in radius_client_flush_auth() argument
1927 entry = radius->msgs; in radius_client_flush_auth()
1931 hostapd_logger(radius->ctx, addr, in radius_client_flush_auth()
1940 radius->msgs = entry->next; in radius_client_flush_auth()
1945 radius->num_msgs--; in radius_client_flush_auth()
2057 int radius_client_get_mib(struct radius_client_data *radius, char *buf, in radius_client_get_mib() argument
2065 if (!radius) in radius_client_get_mib()
2068 conf = radius->conf; in radius_client_get_mib()
2076 radius : NULL); in radius_client_get_mib()
2086 radius : NULL); in radius_client_get_mib()
2094 void radius_client_reconfig(struct radius_client_data *radius, in radius_client_reconfig() argument
2097 if (radius) in radius_client_reconfig()
2098 radius->conf = conf; in radius_client_reconfig()