Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 9ed821d7e5d875a3395740a9cc2545671fa429b7 / . / ap / app / hostapd-2.10 / src / radius / radius_server.h
blob: 43192e58596c23439e91ec4246609a06602d2854 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame^]1/*
2 * RADIUS authentication server
3 * Copyright (c) 2005-2009, 2011, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#ifndef RADIUS_SERVER_H
10#define RADIUS_SERVER_H
11
12struct radius_server_data;
13struct eap_user;
14
15/**
16 * struct radius_server_conf - RADIUS server configuration
17 */
18struct radius_server_conf {
19 /**
20 * auth_port - UDP port to listen to as an authentication server
21 */
22 int auth_port;
23
24 /**
25 * acct_port - UDP port to listen to as an accounting server
26 */
27 int acct_port;
28
29 /**
30 * client_file - RADIUS client configuration file
31 *
32 * This file contains the RADIUS clients and the shared secret to be
33 * used with them in a format where each client is on its own line. The
34 * first item on the line is the IPv4 or IPv6 address of the client
35 * with an optional address mask to allow full network to be specified
36 * (e.g., 192.168.1.2 or 192.168.1.0/24). This is followed by white
37 * space (space or tabulator) and the shared secret. Lines starting
38 * with '#' are skipped and can be used as comments.
39 */
40 char *client_file;
41
42 /**
43 * sqlite_file - SQLite database for storing debug log information
44 */
45 const char *sqlite_file;
46
47 /**
48 * conf_ctx - Context pointer for callbacks
49 *
50 * This is used as the ctx argument in get_eap_user() calls.
51 */
52 void *conf_ctx;
53
54 const char *erp_domain;
55
56 /**
57 * ipv6 - Whether to enable IPv6 support in the RADIUS server
58 */
59 int ipv6;
60
61 /**
62 * get_eap_user - Callback for fetching EAP user information
63 * @ctx: Context data from conf_ctx
64 * @identity: User identity
65 * @identity_len: identity buffer length in octets
66 * @phase2: Whether this is for Phase 2 identity
67 * @user: Data structure for filling in the user information
68 * Returns: 0 on success, -1 on failure
69 *
70 * This is used to fetch information from user database. The callback
71 * will fill in information about allowed EAP methods and the user
72 * password. The password field will be an allocated copy of the
73 * password data and RADIUS server will free it after use.
74 */
75 int (*get_eap_user)(void *ctx, const u8 *identity, size_t identity_len,
76 int phase2, struct eap_user *user);
77
78 /**
79 * eap_req_id_text - Optional data for EAP-Request/Identity
80 *
81 * This can be used to configure an optional, displayable message that
82 * will be sent in EAP-Request/Identity. This string can contain an
83 * ASCII-0 character (nul) to separate network infromation per RFC
84 * 4284. The actual string length is explicit provided in
85 * eap_req_id_text_len since nul character will not be used as a string
86 * terminator.
87 */
88 const char *eap_req_id_text;
89
90 /**
91 * eap_req_id_text_len - Length of eap_req_id_text buffer in octets
92 */
93 size_t eap_req_id_text_len;
94
95#ifdef CONFIG_RADIUS_TEST
96 const char *dump_msk_file;
97#endif /* CONFIG_RADIUS_TEST */
98
99 char *subscr_remediation_url;
100 u8 subscr_remediation_method;
101 char *hs20_sim_provisioning_url;
102
103 char *t_c_server_url;
104
105 struct eap_config *eap_cfg;
106};
107
108
109struct radius_server_data *
110radius_server_init(struct radius_server_conf *conf);
111
112void radius_server_erp_flush(struct radius_server_data *data);
113void radius_server_deinit(struct radius_server_data *data);
114
115int radius_server_get_mib(struct radius_server_data *data, char *buf,
116 size_t buflen);
117
118void radius_server_eap_pending_cb(struct radius_server_data *data, void *ctx);
119int radius_server_dac_request(struct radius_server_data *data, const char *req);
120
121#endif /* RADIUS_SERVER_H */