Changeset 37734 for trunk


Ignore:
Timestamp:
2013-08-06T20:55:30+02:00 (3 years ago)
Author:
nbd
Message:

hostapd: Settings for DAE/CoA server

hostapd supports "Dynamic Authorization Extensions", making it possible
to forcibly disconnect a user by sending it a RADIUS "Disconnect-Request"
packet.

I've added three new variables to enable setting of the
"radius_das_client" and "radius_das_port" variables in the hostapd
configuration, which enable these extensions.

  • dae_client - IP of the client that can send disconnect requests
  • dae_secret - shared secret for DAE packets

These are combined into the "radius_das_client" option in hostapd.conf
To enable the server, both dae_client and dae_secret must be set.

  • dae_port - optional, default value is 3799 as specified in RFC 5176

Signed-off-by: Martijn van de Streek <martijn@…>

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/package/network/services/hostapd/files/hostapd.sh

    r37114 r37734  
    109109                        config_get acct_secret "$vif" acct_secret 
    110110                        [ -n "$acct_secret" ] && append "$var" "acct_server_shared_secret=$acct_secret" "$N" 
     111                        config_get dae_client "$vif" dae_client 
     112                        config_get dae_secret "$vif" dae_secret 
     113                        [ -n "$dae_client" -a -n "$dae_secret" ] && { 
     114                                config_get dae_port  "$vif" dae_port 
     115                                append "$var" "radius_das_port=${dae_port:-3799}" "$N" 
     116                                append "$var" "radius_das_client=$dae_client $dae_secret" "$N" 
     117                        } 
    111118                        config_get nasid "$vif" nasid 
    112119                        append "$var" "nas_identifier=$nasid" "$N" 
Note: See TracChangeset for help on using the changeset viewer.