mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
Added support for removing RADIUS accounting and RADIUS in general
CONFIG_NO_ACCOUNTING=y and CONFIG_NO_RADIUS=y build options can now be used to remove RADIUS support from the hostapd build.
This commit is contained in:
parent
9c584c06bd
commit
f88bd28836
@ -39,7 +39,7 @@ LIBS += -lws2_32
|
||||
endif
|
||||
|
||||
OBJS = hostapd.o ieee802_1x.o eapol_sm.o \
|
||||
config.o ieee802_11_auth.o accounting.o \
|
||||
config.o ieee802_11_auth.o \
|
||||
sta_info.o wpa.o ctrl_iface.o \
|
||||
drivers.o preauth.o pmksa_cache.o \
|
||||
hw_features.o \
|
||||
@ -55,8 +55,19 @@ OBJS += ../src/utils/ip_addr.o
|
||||
OBJS += ../src/common/ieee802_11_common.o
|
||||
OBJS += ../src/common/wpa_common.o
|
||||
|
||||
ifdef CONFIG_NO_RADIUS
|
||||
CFLAGS += -DCONFIG_NO_RADIUS
|
||||
CONFIG_NO_ACCOUNTING=y
|
||||
else
|
||||
OBJS += ../src/radius/radius.o
|
||||
OBJS += ../src/radius/radius_client.o
|
||||
endif
|
||||
|
||||
ifdef CONFIG_NO_ACCOUNTING
|
||||
CFLAGS += -DCONFIG_NO_ACCOUNTING
|
||||
else
|
||||
OBJS += accounting.o
|
||||
endif
|
||||
|
||||
OBJS += ../src/crypto/md5.o
|
||||
OBJS += ../src/crypto/rc4.o
|
||||
|
@ -15,11 +15,32 @@
|
||||
#ifndef ACCOUNTING_H
|
||||
#define ACCOUNTING_H
|
||||
|
||||
void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
|
||||
void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta);
|
||||
#ifdef CONFIG_NO_ACCOUNTING
|
||||
static inline void accounting_sta_start(struct hostapd_data *hapd,
|
||||
struct sta_info *sta)
|
||||
{
|
||||
}
|
||||
|
||||
static inline void accounting_sta_stop(struct hostapd_data *hapd,
|
||||
struct sta_info *sta)
|
||||
{
|
||||
}
|
||||
|
||||
static inline int accounting_init(struct hostapd_data *hapd)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline void accounting_deinit(struct hostapd_data *hapd)
|
||||
{
|
||||
}
|
||||
#else /* CONFIG_NO_ACCOUNTING */
|
||||
void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
|
||||
void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta);
|
||||
int accounting_init(struct hostapd_data *hapd);
|
||||
void accounting_deinit(struct hostapd_data *hapd);
|
||||
#endif /* CONFIG_NO_ACCOUNTING */
|
||||
int accounting_reconfig(struct hostapd_data *hapd,
|
||||
struct hostapd_config *oldconf);
|
||||
|
||||
|
@ -140,3 +140,9 @@ CONFIG_IPV6=y
|
||||
# This can be used to reduce the size of the hostapd considerably if debugging
|
||||
# code is not needed.
|
||||
#CONFIG_NO_STDOUT_DEBUG=y
|
||||
|
||||
# Remove support for RADIUS accounting
|
||||
#CONFIG_NO_ACCOUNTING=y
|
||||
|
||||
# Remove support for RADIUS
|
||||
#CONFIG_NO_RADIUS=y
|
||||
|
@ -53,6 +53,7 @@ struct hostapd_acl_query_data {
|
||||
};
|
||||
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
static void hostapd_acl_cache_free(struct hostapd_cached_radius_acl *acl_cache)
|
||||
{
|
||||
struct hostapd_cached_radius_acl *prev;
|
||||
@ -96,6 +97,7 @@ static int hostapd_acl_cache_get(struct hostapd_data *hapd, const u8 *addr,
|
||||
|
||||
return -1;
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
|
||||
static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
|
||||
@ -107,6 +109,7 @@ static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
|
||||
}
|
||||
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
|
||||
struct hostapd_acl_query_data *query)
|
||||
{
|
||||
@ -196,6 +199,7 @@ static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
|
||||
os_free(msg);
|
||||
return -1;
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
|
||||
/**
|
||||
@ -234,6 +238,9 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
|
||||
return HOSTAPD_ACL_REJECT;
|
||||
|
||||
if (hapd->conf->macaddr_acl == USE_EXTERNAL_RADIUS_AUTH) {
|
||||
#ifdef CONFIG_NO_RADIUS
|
||||
return HOSTAPD_ACL_REJECT;
|
||||
#else /* CONFIG_NO_RADIUS */
|
||||
struct hostapd_acl_query_data *query;
|
||||
|
||||
/* Check whether ACL cache has an entry for this station */
|
||||
@ -289,12 +296,14 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
|
||||
/* Queued data will be processed in hostapd_acl_recv_radius()
|
||||
* when RADIUS server replies to the sent Access-Request. */
|
||||
return HOSTAPD_ACL_PENDING;
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
}
|
||||
|
||||
return HOSTAPD_ACL_REJECT;
|
||||
}
|
||||
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
static void hostapd_acl_expire_cache(struct hostapd_data *hapd, time_t now)
|
||||
{
|
||||
struct hostapd_cached_radius_acl *prev, *entry, *tmp;
|
||||
@ -472,6 +481,7 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
||||
|
||||
return RADIUS_RX_PROCESSED;
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
|
||||
/**
|
||||
@ -481,11 +491,13 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
|
||||
*/
|
||||
int hostapd_acl_init(struct hostapd_data *hapd)
|
||||
{
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
||||
hostapd_acl_recv_radius, hapd))
|
||||
return -1;
|
||||
|
||||
eloop_register_timeout(10, 0, hostapd_acl_expire, hapd, NULL);
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -499,9 +511,11 @@ void hostapd_acl_deinit(struct hostapd_data *hapd)
|
||||
{
|
||||
struct hostapd_acl_query_data *query, *prev;
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
eloop_cancel_timeout(hostapd_acl_expire, hapd, NULL);
|
||||
|
||||
hostapd_acl_cache_free(hapd->acl_cache);
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
query = hapd->acl_queries;
|
||||
while (query) {
|
||||
|
@ -371,6 +371,7 @@ int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta)
|
||||
}
|
||||
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
static void ieee802_1x_learn_identity(struct hostapd_data *hapd,
|
||||
struct eapol_state_machine *sm,
|
||||
const u8 *eap, size_t len)
|
||||
@ -541,6 +542,7 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
|
||||
radius_msg_free(msg);
|
||||
os_free(msg);
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
|
||||
char *eap_type_text(u8 type)
|
||||
@ -948,10 +950,12 @@ void ieee802_1x_free_station(struct sta_info *sta)
|
||||
|
||||
sta->eapol_sm = NULL;
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
if (sm->last_recv_radius) {
|
||||
radius_msg_free(sm->last_recv_radius);
|
||||
os_free(sm->last_recv_radius);
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
os_free(sm->identity);
|
||||
ieee802_1x_free_radius_class(&sm->radius_class);
|
||||
@ -959,6 +963,7 @@ void ieee802_1x_free_station(struct sta_info *sta)
|
||||
}
|
||||
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
|
||||
struct sta_info *sta)
|
||||
{
|
||||
@ -1371,6 +1376,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
|
||||
|
||||
return RADIUS_RX_QUEUED;
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
|
||||
void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
||||
@ -1382,11 +1388,13 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
||||
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
|
||||
HOSTAPD_LEVEL_DEBUG, "aborting authentication");
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
if (sm->last_recv_radius) {
|
||||
radius_msg_free(sm->last_recv_radius);
|
||||
os_free(sm->last_recv_radius);
|
||||
sm->last_recv_radius = NULL;
|
||||
}
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
if (sm->eap_if->eapTimeout) {
|
||||
/*
|
||||
@ -1535,10 +1543,12 @@ static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
|
||||
static void ieee802_1x_aaa_send(void *ctx, void *sta_ctx,
|
||||
const u8 *data, size_t datalen)
|
||||
{
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
struct hostapd_data *hapd = ctx;
|
||||
struct sta_info *sta = sta_ctx;
|
||||
|
||||
ieee802_1x_encapsulate_radius(hapd, sta, data, datalen);
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
}
|
||||
|
||||
|
||||
@ -1698,9 +1708,11 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
||||
hostapd_set_ieee8021x(hapd->conf->iface, hapd, 1))
|
||||
return -1;
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
if (radius_client_register(hapd->radius, RADIUS_AUTH,
|
||||
ieee802_1x_receive_auth, hapd))
|
||||
return -1;
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
if (hapd->conf->default_wep_key_len) {
|
||||
hostapd_set_privacy(hapd, 1);
|
||||
|
@ -93,6 +93,33 @@ int radius_client_send(struct radius_client_data *radius,
|
||||
RadiusType msg_type, const u8 *addr);
|
||||
u8 radius_client_get_id(struct radius_client_data *radius);
|
||||
|
||||
#ifdef CONFIG_NO_RADIUS
|
||||
static inline void radius_client_flush(struct radius_client_data *radius,
|
||||
int only_auth)
|
||||
{
|
||||
}
|
||||
|
||||
static inline struct radius_client_data *
|
||||
radius_client_init(void *ctx, struct hostapd_radius_servers *conf)
|
||||
{
|
||||
return (void *) -1;
|
||||
}
|
||||
|
||||
static inline void radius_client_deinit(struct radius_client_data *radius)
|
||||
{
|
||||
}
|
||||
|
||||
static inline void radius_client_flush_auth(struct radius_client_data *radius,
|
||||
u8 *addr)
|
||||
{
|
||||
}
|
||||
|
||||
static inline int radius_client_get_mib(struct radius_client_data *radius,
|
||||
char *buf, size_t buflen)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
#else /* CONFIG_NO_RADIUS */
|
||||
void radius_client_flush(struct radius_client_data *radius, int only_auth);
|
||||
struct radius_client_data *
|
||||
radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
|
||||
@ -100,6 +127,7 @@ void radius_client_deinit(struct radius_client_data *radius);
|
||||
void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
|
||||
int radius_client_get_mib(struct radius_client_data *radius, char *buf,
|
||||
size_t buflen);
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
struct radius_client_data *
|
||||
radius_client_reconfig(struct radius_client_data *old, void *ctx,
|
||||
struct hostapd_radius_servers *oldconf,
|
||||
|
Loading…
Reference in New Issue
Block a user