Added support for removing RADIUS accounting and RADIUS in general

CONFIG_NO_ACCOUNTING=y and CONFIG_NO_RADIUS=y build options can now be
used to remove RADIUS support from the hostapd build.

hostapd/Makefile

@@ -39,7 +39,7 @@ LIBS += -lws2_32
 endif
 
 OBJS =	hostapd.o ieee802_1x.o eapol_sm.o \
-	config.o ieee802_11_auth.o accounting.o \
+	config.o ieee802_11_auth.o \
 	sta_info.o wpa.o ctrl_iface.o \
 	drivers.o preauth.o pmksa_cache.o \
 	hw_features.o \
@@ -55,8 +55,19 @@ OBJS += ../src/utils/ip_addr.o
 OBJS += ../src/common/ieee802_11_common.o
 OBJS += ../src/common/wpa_common.o
 
+ifdef CONFIG_NO_RADIUS
+CFLAGS += -DCONFIG_NO_RADIUS
+CONFIG_NO_ACCOUNTING=y
+else
 OBJS += ../src/radius/radius.o
 OBJS += ../src/radius/radius_client.o
+endif
+
+ifdef CONFIG_NO_ACCOUNTING
+CFLAGS += -DCONFIG_NO_ACCOUNTING
+else
+OBJS += accounting.o
+endif
 
 OBJS += ../src/crypto/md5.o
 OBJS += ../src/crypto/rc4.o

hostapd/accounting.h

@@ -15,11 +15,32 @@
 #ifndef ACCOUNTING_H
 #define ACCOUNTING_H
 
-void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
 void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta);
+#ifdef CONFIG_NO_ACCOUNTING
+static inline void accounting_sta_start(struct hostapd_data *hapd,
+					struct sta_info *sta)
+{
+}
+
+static inline void accounting_sta_stop(struct hostapd_data *hapd,
+				       struct sta_info *sta)
+{
+}
+
+static inline int accounting_init(struct hostapd_data *hapd)
+{
+	return 0;
+}
+
+static inline void accounting_deinit(struct hostapd_data *hapd)
+{
+}
+#else /* CONFIG_NO_ACCOUNTING */
+void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta);
 void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta);
 int accounting_init(struct hostapd_data *hapd);
 void accounting_deinit(struct hostapd_data *hapd);
+#endif /* CONFIG_NO_ACCOUNTING */
 int accounting_reconfig(struct hostapd_data *hapd,
 			struct hostapd_config *oldconf);
 

hostapd/defconfig

@@ -140,3 +140,9 @@ CONFIG_IPV6=y
 # This can be used to reduce the size of the hostapd considerably if debugging
 # code is not needed.
 #CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove support for RADIUS accounting
+#CONFIG_NO_ACCOUNTING=y
+
+# Remove support for RADIUS
+#CONFIG_NO_RADIUS=y

hostapd/ieee802_11_auth.c

@@ -53,6 +53,7 @@ struct hostapd_acl_query_data {
 };
 
 
+#ifndef CONFIG_NO_RADIUS
 static void hostapd_acl_cache_free(struct hostapd_cached_radius_acl *acl_cache)
 {
 	struct hostapd_cached_radius_acl *prev;
@@ -96,6 +97,7 @@ static int hostapd_acl_cache_get(struct hostapd_data *hapd, const u8 *addr,
 
 	return -1;
 }
+#endif /* CONFIG_NO_RADIUS */
 
 
 static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
@@ -107,6 +109,7 @@ static void hostapd_acl_query_free(struct hostapd_acl_query_data *query)
 }
 
 
+#ifndef CONFIG_NO_RADIUS
 static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
 				    struct hostapd_acl_query_data *query)
 {
@@ -196,6 +199,7 @@ static int hostapd_radius_acl_query(struct hostapd_data *hapd, const u8 *addr,
 	os_free(msg);
 	return -1;
 }
+#endif /* CONFIG_NO_RADIUS */
 
 
 /**
@@ -234,6 +238,9 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
 		return HOSTAPD_ACL_REJECT;
 
 	if (hapd->conf->macaddr_acl == USE_EXTERNAL_RADIUS_AUTH) {
+#ifdef CONFIG_NO_RADIUS
+		return HOSTAPD_ACL_REJECT;
+#else /* CONFIG_NO_RADIUS */
 		struct hostapd_acl_query_data *query;
 
 		/* Check whether ACL cache has an entry for this station */
@@ -289,12 +296,14 @@ int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr,
 		/* Queued data will be processed in hostapd_acl_recv_radius()
 		 * when RADIUS server replies to the sent Access-Request. */
 		return HOSTAPD_ACL_PENDING;
+#endif /* CONFIG_NO_RADIUS */
 	}
 
 	return HOSTAPD_ACL_REJECT;
 }
 
 
+#ifndef CONFIG_NO_RADIUS
 static void hostapd_acl_expire_cache(struct hostapd_data *hapd, time_t now)
 {
 	struct hostapd_cached_radius_acl *prev, *entry, *tmp;
@@ -472,6 +481,7 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
 
 	return RADIUS_RX_PROCESSED;
 }
+#endif /* CONFIG_NO_RADIUS */
 
 
 /**
@@ -481,11 +491,13 @@ hostapd_acl_recv_radius(struct radius_msg *msg, struct radius_msg *req,
  */
 int hostapd_acl_init(struct hostapd_data *hapd)
 {
+#ifndef CONFIG_NO_RADIUS
 	if (radius_client_register(hapd->radius, RADIUS_AUTH,
 				   hostapd_acl_recv_radius, hapd))
 		return -1;
 
 	eloop_register_timeout(10, 0, hostapd_acl_expire, hapd, NULL);
+#endif /* CONFIG_NO_RADIUS */
 
 	return 0;
 }
@@ -499,9 +511,11 @@ void hostapd_acl_deinit(struct hostapd_data *hapd)
 {
 	struct hostapd_acl_query_data *query, *prev;
 
+#ifndef CONFIG_NO_RADIUS
 	eloop_cancel_timeout(hostapd_acl_expire, hapd, NULL);
 
 	hostapd_acl_cache_free(hapd->acl_cache);
+#endif /* CONFIG_NO_RADIUS */
 
 	query = hapd->acl_queries;
 	while (query) {

hostapd/ieee802_1x.c

@@ -371,6 +371,7 @@ int radius_sta_rate(struct hostapd_data *hapd, struct sta_info *sta)
 }
 
 
+#ifndef CONFIG_NO_RADIUS
 static void ieee802_1x_learn_identity(struct hostapd_data *hapd,
 				      struct eapol_state_machine *sm,
 				      const u8 *eap, size_t len)
@@ -541,6 +542,7 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
 	radius_msg_free(msg);
 	os_free(msg);
 }
+#endif /* CONFIG_NO_RADIUS */
 
 
 char *eap_type_text(u8 type)
@@ -948,10 +950,12 @@ void ieee802_1x_free_station(struct sta_info *sta)
 
 	sta->eapol_sm = NULL;
 
+#ifndef CONFIG_NO_RADIUS
 	if (sm->last_recv_radius) {
 		radius_msg_free(sm->last_recv_radius);
 		os_free(sm->last_recv_radius);
 	}
+#endif /* CONFIG_NO_RADIUS */
 
 	os_free(sm->identity);
 	ieee802_1x_free_radius_class(&sm->radius_class);
@@ -959,6 +963,7 @@ void ieee802_1x_free_station(struct sta_info *sta)
 }
 
 
+#ifndef CONFIG_NO_RADIUS
 static void ieee802_1x_decapsulate_radius(struct hostapd_data *hapd,
 					  struct sta_info *sta)
 {
@@ -1371,6 +1376,7 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
 
 	return RADIUS_RX_QUEUED;
 }
+#endif /* CONFIG_NO_RADIUS */
 
 
 void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
@@ -1382,11 +1388,13 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
 	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
 		       HOSTAPD_LEVEL_DEBUG, "aborting authentication");
 
+#ifndef CONFIG_NO_RADIUS
 	if (sm->last_recv_radius) {
 		radius_msg_free(sm->last_recv_radius);
 		os_free(sm->last_recv_radius);
 		sm->last_recv_radius = NULL;
 	}
+#endif /* CONFIG_NO_RADIUS */
 
 	if (sm->eap_if->eapTimeout) {
 		/*
@@ -1535,10 +1543,12 @@ static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
 static void ieee802_1x_aaa_send(void *ctx, void *sta_ctx,
 				const u8 *data, size_t datalen)
 {
+#ifndef CONFIG_NO_RADIUS
 	struct hostapd_data *hapd = ctx;
 	struct sta_info *sta = sta_ctx;
 
 	ieee802_1x_encapsulate_radius(hapd, sta, data, datalen);
+#endif /* CONFIG_NO_RADIUS */
 }
 
 
@@ -1698,9 +1708,11 @@ int ieee802_1x_init(struct hostapd_data *hapd)
 	    hostapd_set_ieee8021x(hapd->conf->iface, hapd, 1))
 		return -1;
 
+#ifndef CONFIG_NO_RADIUS
 	if (radius_client_register(hapd->radius, RADIUS_AUTH,
 				   ieee802_1x_receive_auth, hapd))
 		return -1;
+#endif /* CONFIG_NO_RADIUS */
 
 	if (hapd->conf->default_wep_key_len) {
 		hostapd_set_privacy(hapd, 1);

src/radius/radius_client.h

@@ -93,6 +93,33 @@ int radius_client_send(struct radius_client_data *radius,
 		       RadiusType msg_type, const u8 *addr);
 u8 radius_client_get_id(struct radius_client_data *radius);
 
+#ifdef CONFIG_NO_RADIUS
+static inline void radius_client_flush(struct radius_client_data *radius,
+				       int only_auth)
+{
+}
+
+static inline struct radius_client_data *
+radius_client_init(void *ctx, struct hostapd_radius_servers *conf)
+{
+	return (void *) -1;
+}
+
+static inline void radius_client_deinit(struct radius_client_data *radius)
+{
+}
+
+static inline void radius_client_flush_auth(struct radius_client_data *radius,
+					    u8 *addr)
+{
+}
+
+static inline int radius_client_get_mib(struct radius_client_data *radius,
+					char *buf, size_t buflen)
+{
+	return 0;
+}
+#else /* CONFIG_NO_RADIUS */
 void radius_client_flush(struct radius_client_data *radius, int only_auth);
 struct radius_client_data *
 radius_client_init(void *ctx, struct hostapd_radius_servers *conf);
@@ -100,6 +127,7 @@ void radius_client_deinit(struct radius_client_data *radius);
 void radius_client_flush_auth(struct radius_client_data *radius, u8 *addr);
 int radius_client_get_mib(struct radius_client_data *radius, char *buf,
 			  size_t buflen);
+#endif /* CONFIG_NO_RADIUS */
 struct radius_client_data *
 radius_client_reconfig(struct radius_client_data *old, void *ctx,
 		       struct hostapd_radius_servers *oldconf,