ERP: Add ERP_FLUSH for hostapd
This can be used to drop any pending ERP key from both the internal AP authentication server and RADIUS server use of hostapd. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
777bbe7a3c
commit
2c6411edd0
6 changed files with 46 additions and 14 deletions
|
@ -2019,7 +2019,11 @@ static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||||
} else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
|
} else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
|
||||||
reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
|
reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
|
||||||
reply_size);
|
reply_size);
|
||||||
|
} else if (os_strcmp(buf, "ERP_FLUSH") == 0) {
|
||||||
|
ieee802_1x_erp_flush(hapd);
|
||||||
|
#ifdef RADIUS_SERVER
|
||||||
|
radius_server_erp_flush(hapd->radius_srv);
|
||||||
|
#endif /* RADIUS_SERVER */
|
||||||
} else {
|
} else {
|
||||||
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
|
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
|
||||||
reply_len = 16;
|
reply_len = 16;
|
||||||
|
|
|
@ -1002,6 +1002,13 @@ static int hostapd_cli_cmd_vendor(struct wpa_ctrl *ctrl, int argc, char *argv[])
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int hostapd_cli_cmd_erp_flush(struct wpa_ctrl *ctrl, int argc,
|
||||||
|
char *argv[])
|
||||||
|
{
|
||||||
|
return wpa_ctrl_command(ctrl, "ERP_FLUSH");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
struct hostapd_cli_cmd {
|
struct hostapd_cli_cmd {
|
||||||
const char *cmd;
|
const char *cmd;
|
||||||
int (*handler)(struct wpa_ctrl *ctrl, int argc, char *argv[]);
|
int (*handler)(struct wpa_ctrl *ctrl, int argc, char *argv[]);
|
||||||
|
@ -1055,6 +1062,7 @@ static struct hostapd_cli_cmd hostapd_cli_commands[] = {
|
||||||
{ "enable", hostapd_cli_cmd_enable },
|
{ "enable", hostapd_cli_cmd_enable },
|
||||||
{ "reload", hostapd_cli_cmd_reload },
|
{ "reload", hostapd_cli_cmd_reload },
|
||||||
{ "disable", hostapd_cli_cmd_disable },
|
{ "disable", hostapd_cli_cmd_disable },
|
||||||
|
{ "erp_flush", hostapd_cli_cmd_erp_flush },
|
||||||
{ NULL, NULL }
|
{ NULL, NULL }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -2151,10 +2151,20 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void ieee802_1x_deinit(struct hostapd_data *hapd)
|
void ieee802_1x_erp_flush(struct hostapd_data *hapd)
|
||||||
{
|
{
|
||||||
struct eap_server_erp_key *erp;
|
struct eap_server_erp_key *erp;
|
||||||
|
|
||||||
|
while ((erp = dl_list_first(&hapd->erp_keys, struct eap_server_erp_key,
|
||||||
|
list)) != NULL) {
|
||||||
|
dl_list_del(&erp->list);
|
||||||
|
bin_clear_free(erp, sizeof(*erp));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void ieee802_1x_deinit(struct hostapd_data *hapd)
|
||||||
|
{
|
||||||
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
|
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
|
||||||
|
|
||||||
if (hapd->driver != NULL &&
|
if (hapd->driver != NULL &&
|
||||||
|
@ -2164,11 +2174,7 @@ void ieee802_1x_deinit(struct hostapd_data *hapd)
|
||||||
eapol_auth_deinit(hapd->eapol_auth);
|
eapol_auth_deinit(hapd->eapol_auth);
|
||||||
hapd->eapol_auth = NULL;
|
hapd->eapol_auth = NULL;
|
||||||
|
|
||||||
while ((erp = dl_list_first(&hapd->erp_keys, struct eap_server_erp_key,
|
ieee802_1x_erp_flush(hapd);
|
||||||
list)) != NULL) {
|
|
||||||
dl_list_del(&erp->list);
|
|
||||||
bin_clear_free(erp, sizeof(*erp));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -29,6 +29,7 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
|
||||||
struct sta_info *sta, int authorized);
|
struct sta_info *sta, int authorized);
|
||||||
void ieee802_1x_dump_state(FILE *f, const char *prefix, struct sta_info *sta);
|
void ieee802_1x_dump_state(FILE *f, const char *prefix, struct sta_info *sta);
|
||||||
int ieee802_1x_init(struct hostapd_data *hapd);
|
int ieee802_1x_init(struct hostapd_data *hapd);
|
||||||
|
void ieee802_1x_erp_flush(struct hostapd_data *hapd);
|
||||||
void ieee802_1x_deinit(struct hostapd_data *hapd);
|
void ieee802_1x_deinit(struct hostapd_data *hapd);
|
||||||
int ieee802_1x_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
|
int ieee802_1x_tx_status(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
const u8 *buf, size_t len, int ack);
|
const u8 *buf, size_t len, int ack);
|
||||||
|
|
|
@ -1819,14 +1819,30 @@ radius_server_init(struct radius_server_conf *conf)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* radius_server_erp_flush - Flush all ERP keys
|
||||||
|
* @data: RADIUS server context from radius_server_init()
|
||||||
|
*/
|
||||||
|
void radius_server_erp_flush(struct radius_server_data *data)
|
||||||
|
{
|
||||||
|
struct eap_server_erp_key *erp;
|
||||||
|
|
||||||
|
if (data == NULL)
|
||||||
|
return;
|
||||||
|
while ((erp = dl_list_first(&data->erp_keys, struct eap_server_erp_key,
|
||||||
|
list)) != NULL) {
|
||||||
|
dl_list_del(&erp->list);
|
||||||
|
bin_clear_free(erp, sizeof(*erp));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* radius_server_deinit - Deinitialize RADIUS server
|
* radius_server_deinit - Deinitialize RADIUS server
|
||||||
* @data: RADIUS server context from radius_server_init()
|
* @data: RADIUS server context from radius_server_init()
|
||||||
*/
|
*/
|
||||||
void radius_server_deinit(struct radius_server_data *data)
|
void radius_server_deinit(struct radius_server_data *data)
|
||||||
{
|
{
|
||||||
struct eap_server_erp_key *erp;
|
|
||||||
|
|
||||||
if (data == NULL)
|
if (data == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
@ -1856,11 +1872,7 @@ void radius_server_deinit(struct radius_server_data *data)
|
||||||
sqlite3_close(data->db);
|
sqlite3_close(data->db);
|
||||||
#endif /* CONFIG_SQLITE */
|
#endif /* CONFIG_SQLITE */
|
||||||
|
|
||||||
while ((erp = dl_list_first(&data->erp_keys, struct eap_server_erp_key,
|
radius_server_erp_flush(data);
|
||||||
list)) != NULL) {
|
|
||||||
dl_list_del(&erp->list);
|
|
||||||
bin_clear_free(erp, sizeof(*erp));
|
|
||||||
}
|
|
||||||
|
|
||||||
os_free(data);
|
os_free(data);
|
||||||
}
|
}
|
||||||
|
|
|
@ -235,6 +235,7 @@ struct radius_server_conf {
|
||||||
struct radius_server_data *
|
struct radius_server_data *
|
||||||
radius_server_init(struct radius_server_conf *conf);
|
radius_server_init(struct radius_server_conf *conf);
|
||||||
|
|
||||||
|
void radius_server_erp_flush(struct radius_server_data *data);
|
||||||
void radius_server_deinit(struct radius_server_data *data);
|
void radius_server_deinit(struct radius_server_data *data);
|
||||||
|
|
||||||
int radius_server_get_mib(struct radius_server_data *data, char *buf,
|
int radius_server_get_mib(struct radius_server_data *data, char *buf,
|
||||||
|
|
Loading…
Reference in a new issue