static void radius_retry_primary_timer(void *eloop_ctx, void *timeout_ctx) { struct radius_client_data *radius = eloop_ctx; struct hostapd_radius_servers *conf = radius->conf; struct hostapd_radius_server *oserv; if (radius->auth_sock >= 0 && conf->auth_servers && conf->auth_server != conf->auth_servers) { oserv = conf->auth_server; conf->auth_server = conf->auth_servers; radius_change_server(radius, conf->auth_server, oserv, radius->auth_serv_sock, radius->auth_serv_sock6, 1); } if (radius->acct_sock >= 0 && conf->acct_servers && conf->acct_server != conf->acct_servers) { oserv = conf->acct_server; conf->acct_server = conf->acct_servers; radius_change_server(radius, conf->acct_server, oserv, radius->acct_serv_sock, radius->acct_serv_sock6, 0); } if (conf->retry_primary_interval) eloop_register_timeout(conf->retry_primary_interval, 0, radius_retry_primary_timer, radius, NULL); }
static void radius_retry_primary_timer(void *eloop_ctx, void *timeout_ctx) { struct wpa_supplicant *wpa_s = eloop_ctx; struct hostapd_radius_server *oserv; if (wpa_s->radius->auth_serv_sock >= 0 && wpa_s->auth_servers && wpa_s->auth_server != wpa_s->auth_servers) { oserv = wpa_s->auth_server; wpa_s->auth_server = wpa_s->auth_servers; radius_change_server(wpa_s, wpa_s->auth_server, oserv, wpa_s->radius->auth_serv_sock, 1); } if (wpa_s->radius->acct_serv_sock >= 0 && wpa_s->acct_servers && wpa_s->acct_server != wpa_s->acct_servers) { oserv = wpa_s->acct_server; wpa_s->acct_server = wpa_s->acct_servers; radius_change_server(wpa_s, wpa_s->acct_server, oserv, wpa_s->radius->acct_serv_sock, 0); } if (wpa_s->radius_retry_primary_interval) eloop_register_timeout(wpa_s-> radius_retry_primary_interval, 0, radius_retry_primary_timer, wpa_s, NULL); }
static void radius_retry_primary_timer(void *eloop_ctx, void *timeout_ctx) { struct radius_client_data *radius = eloop_ctx; struct hostapd_data *hapd = radius->hapd; struct hostapd_radius_server *oserv; if (radius->auth_serv_sock >= 0 && hapd->conf->auth_servers && hapd->conf->auth_server != hapd->conf->auth_servers) { oserv = hapd->conf->auth_server; hapd->conf->auth_server = hapd->conf->auth_servers; radius_change_server(radius, hapd->conf->auth_server, oserv, radius->auth_serv_sock, 1); } if (radius->acct_serv_sock >= 0 && hapd->conf->acct_servers && hapd->conf->acct_server != hapd->conf->acct_servers) { oserv = hapd->conf->acct_server; hapd->conf->acct_server = hapd->conf->acct_servers; radius_change_server(radius, hapd->conf->acct_server, oserv, radius->acct_serv_sock, 0); } if (hapd->conf->radius_retry_primary_interval) eloop_register_timeout(hapd->conf-> radius_retry_primary_interval, 0, radius_retry_primary_timer, radius, NULL); }
static void radius_client_acct_failover(struct radius_client_data *radius) { struct hostapd_radius_servers *conf = radius->conf; struct hostapd_radius_server *next, *old; struct radius_msg_list *entry; char abuf[50]; old = conf->acct_server; hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Accounting server %s:%d - failover", hostapd_ip_txt(&old->addr, abuf, sizeof(abuf)), old->port); for (entry = radius->msgs; entry; entry = entry->next) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) old->timeouts++; } next = old + 1; if (next > &conf->acct_servers[conf->num_acct_servers - 1]) next = conf->acct_servers; conf->acct_server = next; radius_change_server(radius, next, old, radius->acct_serv_sock, radius->acct_serv_sock6, 0); }
static int radius_client_init_acct(struct radius_client_data *radius) { struct hostapd_radius_servers *conf = radius->conf; int ok = 0; radius_close_acct_sockets(radius); radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (radius->acct_serv_sock < 0) wpa_printf(MSG_INFO, "RADIUS: socket[PF_INET,SOCK_DGRAM]: %s", strerror(errno)); else { radius_client_disable_pmtu_discovery(radius->acct_serv_sock); ok++; } #ifdef CONFIG_IPV6 radius->acct_serv_sock6 = socket(PF_INET6, SOCK_DGRAM, 0); if (radius->acct_serv_sock6 < 0) wpa_printf(MSG_INFO, "RADIUS: socket[PF_INET6,SOCK_DGRAM]: %s", strerror(errno)); else ok++; #endif /* CONFIG_IPV6 */ if (ok == 0) return -1; radius_change_server(radius, conf->acct_server, NULL, radius->acct_serv_sock, radius->acct_serv_sock6, 0); if (radius->acct_serv_sock >= 0 && eloop_register_read_sock(radius->acct_serv_sock, radius_client_receive, radius, (void *) RADIUS_ACCT)) { wpa_printf(MSG_INFO, "RADIUS: Could not register read socket for accounting server"); radius_close_acct_sockets(radius); return -1; } #ifdef CONFIG_IPV6 if (radius->acct_serv_sock6 >= 0 && eloop_register_read_sock(radius->acct_serv_sock6, radius_client_receive, radius, (void *) RADIUS_ACCT)) { wpa_printf(MSG_INFO, "RADIUS: Could not register read socket for accounting server"); radius_close_acct_sockets(radius); return -1; } #endif /* CONFIG_IPV6 */ return 0; }
static int radius_client_init_auth(struct radius_client_data *radius) { struct hostapd_radius_servers *conf = radius->conf; int ok = 0; radius->auth_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (radius->auth_serv_sock < 0) perror("socket[PF_INET,SOCK_DGRAM]"); else { radius_client_disable_pmtu_discovery(radius->auth_serv_sock); ok++; } #ifdef CONFIG_IPV6 radius->auth_serv_sock6 = socket(PF_INET6, SOCK_DGRAM, 0); if (radius->auth_serv_sock6 < 0) perror("socket[PF_INET6,SOCK_DGRAM]"); else ok++; #endif /* CONFIG_IPV6 */ if (ok == 0) return -1; radius_change_server(radius, conf->auth_server, NULL, radius->auth_serv_sock, radius->auth_serv_sock6, 1); if (radius->auth_serv_sock >= 0 && eloop_register_read_sock(radius->auth_serv_sock, radius_client_receive, radius, (void *) RADIUS_AUTH)) { printf("Could not register read socket for authentication " "server\n"); return -1; } #ifdef CONFIG_IPV6 if (radius->auth_serv_sock6 >= 0 && eloop_register_read_sock(radius->auth_serv_sock6, radius_client_receive, radius, (void *) RADIUS_AUTH)) { printf("Could not register read socket for authentication " "server\n"); return -1; } #endif /* CONFIG_IPV6 */ return 0; }
static int radius_client_init_acct(hostapd *hapd) { hapd->radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (hapd->radius->acct_serv_sock < 0) { perror("socket[PF_INET,SOCK_DGRAM]"); return -1; } radius_change_server(hapd, hapd->conf->acct_server, NULL, hapd->radius->acct_serv_sock, 0); if (eloop_register_read_sock(hapd->radius->acct_serv_sock, radius_client_receive, hapd, (void *) RADIUS_ACCT)) { printf("Could not register read socket for accounting " "server\n"); return -1; } return 0; }
static int radius_client_init_acct(struct wpa_supplicant *wpa_s) { wpa_s->radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (wpa_s->radius->acct_serv_sock < 0) { perror("socket[PF_INET,SOCK_DGRAM]"); return -1; } radius_change_server(wpa_s, wpa_s->acct_server, NULL, wpa_s->radius->acct_serv_sock, 0); if (eloop_register_read_sock(wpa_s->radius->acct_serv_sock, radius_client_receive, wpa_s, (void *) RADIUS_ACCT)) { printf("Could not register read socket for accounting " "server\n"); return -1; } return 0; }
static int radius_client_init_acct(struct radius_client_data *radius) { struct hostapd_data *hapd = radius->hapd; radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (radius->acct_serv_sock < 0) { perror("socket[PF_INET,SOCK_DGRAM]"); return -1; } radius_change_server(radius, hapd->conf->acct_server, NULL, radius->acct_serv_sock, 0); if (eloop_register_read_sock(radius->acct_serv_sock, radius_client_receive, radius, (void *) RADIUS_ACCT)) { printf("Could not register read socket for accounting " "server\n"); return -1; } return 0; }
static int radius_client_init_acct(struct radius_client_data *radius) { struct hostapd_radius_servers *conf = radius->conf; int ok = 0; radius->acct_serv_sock = socket(PF_INET, SOCK_DGRAM, 0); if (radius->acct_serv_sock < 0) perror("socket[PF_INET,SOCK_DGRAM]"); else ok++; radius_change_server(radius, conf->acct_server, NULL, radius->acct_serv_sock, radius->acct_serv_sock6, 0); if (radius->acct_serv_sock >= 0 && eloop_register_read_sock(radius->acct_serv_sock, radius_client_receive, radius, (void *) RADIUS_ACCT)) { wpa_printf(MSG_ERROR, "Could not register read socket for accounting " "server\n"); return -1; } #ifdef CONFIG_IPV6 if (radius->acct_serv_sock6 >= 0 && eloop_register_read_sock(radius->acct_serv_sock6, radius_client_receive, radius, (void *) RADIUS_ACCT)) { wpa_printf(MSG_ERROR, "Could not register read socket for accounting " "server\n"); return -1; } #endif /* CONFIG_IPV6 */ return 0; }
static void radius_client_timer(void *eloop_ctx, void *timeout_ctx) { struct radius_client_data *radius = eloop_ctx; struct hostapd_radius_servers *conf = radius->conf; struct os_time now; os_time_t first; struct radius_msg_list *entry, *prev, *tmp; int auth_failover = 0, acct_failover = 0; char abuf[50]; entry = radius->msgs; if (!entry) return; os_get_time(&now); first = 0; prev = NULL; while (entry) { if (now.sec >= entry->next_try && radius_client_retransmit(radius, entry, now.sec)) { if (prev) prev->next = entry->next; else radius->msgs = entry->next; tmp = entry; entry = entry->next; radius_client_msg_free(tmp); radius->num_msgs--; continue; } if (entry->attempts > RADIUS_CLIENT_NUM_FAILOVER) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) acct_failover++; else auth_failover++; } if (first == 0 || entry->next_try < first) first = entry->next_try; prev = entry; entry = entry->next; } if (radius->msgs) { if (first < now.sec) first = now.sec; eloop_register_timeout(first - now.sec, 0, radius_client_timer, radius, NULL); hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_DEBUG, "Next RADIUS client " "retransmit in %ld seconds", (long int) (first - now.sec)); } if (auth_failover && conf->num_auth_servers > 1) { struct hostapd_radius_server *next, *old; old = conf->auth_server; hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Authentication server " "%s:%d - failover", hostapd_ip_txt(&old->addr, abuf, sizeof(abuf)), old->port); for (entry = radius->msgs; entry; entry = entry->next) { if (entry->msg_type == RADIUS_AUTH) old->timeouts++; } next = old + 1; if (next > &(conf->auth_servers[conf->num_auth_servers - 1])) next = conf->auth_servers; conf->auth_server = next; radius_change_server(radius, next, old, radius->auth_serv_sock, radius->auth_serv_sock6, 1); } if (acct_failover && conf->num_acct_servers > 1) { struct hostapd_radius_server *next, *old; old = conf->acct_server; hostapd_logger(radius->ctx, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Accounting server " "%s:%d - failover", hostapd_ip_txt(&old->addr, abuf, sizeof(abuf)), old->port); for (entry = radius->msgs; entry; entry = entry->next) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) old->timeouts++; } next = old + 1; if (next > &conf->acct_servers[conf->num_acct_servers - 1]) next = conf->acct_servers; conf->acct_server = next; radius_change_server(radius, next, old, radius->acct_serv_sock, radius->acct_serv_sock6, 0); } }
static void radius_client_timer(void *eloop_ctx, void *timeout_ctx) { struct radius_client_data *radius = eloop_ctx; struct hostapd_data *hapd = radius->hapd; time_t now, first; struct radius_msg_list *entry, *prev, *tmp; int auth_failover = 0, acct_failover = 0; entry = radius->msgs; if (!entry) return; time(&now); first = 0; prev = NULL; while (entry) { if (now >= entry->next_try && radius_client_retransmit(radius, entry, now)) { if (prev) prev->next = entry->next; else radius->msgs = entry->next; tmp = entry; entry = entry->next; radius_client_msg_free(tmp); radius->num_msgs--; continue; } if (entry->attempts > RADIUS_CLIENT_NUM_FAILOVER) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) acct_failover++; else auth_failover++; } if (first == 0 || entry->next_try < first) first = entry->next_try; prev = entry; entry = entry->next; } if (radius->msgs) { if (first < now) first = now; eloop_register_timeout(first - now, 0, radius_client_timer, radius, NULL); HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL, "Next RADIUS client " "retransmit in %ld seconds\n", (long int) (first - now)); } if (auth_failover && hapd->conf->num_auth_servers > 1) { struct hostapd_radius_server *next, *old; old = hapd->conf->auth_server; hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Authentication server " "%s:%d - failover", inet_ntoa(old->addr), old->port); for (entry = radius->msgs; entry; entry = entry->next) { if (entry->msg_type == RADIUS_AUTH) old->timeouts++; } next = old + 1; if (next > &(hapd->conf->auth_servers [hapd->conf->num_auth_servers - 1])) next = hapd->conf->auth_servers; hapd->conf->auth_server = next; radius_change_server(radius, next, old, radius->auth_serv_sock, 1); } if (acct_failover && hapd->conf->num_acct_servers > 1) { struct hostapd_radius_server *next, *old; old = hapd->conf->acct_server; hostapd_logger(hapd, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Accounting server " "%s:%d - failover", inet_ntoa(old->addr), old->port); for (entry = radius->msgs; entry; entry = entry->next) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) old->timeouts++; } next = old + 1; if (next > &hapd->conf->acct_servers [hapd->conf->num_acct_servers - 1]) next = hapd->conf->acct_servers; hapd->conf->acct_server = next; radius_change_server(radius, next, old, radius->acct_serv_sock, 0); } }
static void radius_client_timer(void *eloop_ctx, void *timeout_ctx) { struct wpa_supplicant *wpa_s = eloop_ctx; time_t now, first; struct radius_msg_list *entry, *prev, *tmp; int auth_failover = 0, acct_failover = 0; entry = wpa_s->radius->msgs; if (!entry) return; time(&now); first = 0; prev = NULL; while (entry) { if (now >= entry->next_try && radius_client_retransmit(wpa_s, entry, now)) { if (prev) prev->next = entry->next; else wpa_s->radius->msgs = entry->next; tmp = entry; entry = entry->next; radius_client_msg_free(tmp); wpa_s->radius->num_msgs--; continue; } if (entry->attempts > RADIUS_CLIENT_NUM_FAILOVER) { if (entry->msg_type == RADIUS_ACCT || entry->msg_type == RADIUS_ACCT_INTERIM) acct_failover++; else auth_failover++; } if (first == 0 || entry->next_try < first) first = entry->next_try; prev = entry; entry = entry->next; } if (wpa_s->radius->msgs) { if (first < now) first = now; eloop_register_timeout(first - now, 0, radius_client_timer, wpa_s, NULL); } if (auth_failover && wpa_s->num_auth_servers > 1) { struct hostapd_radius_server *next, *old; old = wpa_s->auth_server; hostapd_logger(wpa_s, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Authentication server " "%s:%d - failover", inet_ntoa(old->addr), old->port); next = old + 1; if (next > &(wpa_s->auth_servers [wpa_s->num_auth_servers - 1])) next = wpa_s->auth_servers; wpa_s->auth_server = next; radius_change_server(wpa_s, next, old, wpa_s->radius->auth_serv_sock, 1); } if (acct_failover && wpa_s->num_acct_servers > 1) { struct hostapd_radius_server *next, *old; old = wpa_s->acct_server; hostapd_logger(wpa_s, NULL, HOSTAPD_MODULE_RADIUS, HOSTAPD_LEVEL_NOTICE, "No response from Accounting server " "%s:%d - failover", inet_ntoa(old->addr), old->port); next = old + 1; if (next > &wpa_s->acct_servers [wpa_s->num_acct_servers - 1]) next = wpa_s->acct_servers; wpa_s->acct_server = next; radius_change_server(wpa_s, next, old, wpa_s->radius->acct_serv_sock, 0); } }