[PATCH 0/3] Extra RADIUS request attributes from SQLite

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've found wpa_supplicant with hostapd useful for testing EAP methods and
simultaneous use policies (including COA/disconnect) for AAA setups, more so
than running a single-shot eapol_test.

To do this I have hostapd listen on a bridge interface (wired driver, with IEEE
802.1X) and spawn multiple wpa_supplicants on VETH-pairs with one end bound
into the bridge. From the perspective of a backend RADIUS server this is a
"mock NAS" of sorts.

To simulate complex policies it is often necessary to set per-station RADIUS
attributes.

This patch series provides a new option `radius_req_attr_sqlite` that
configures hostapd to consult an SQLite database for arbitrary attributes on
the basis of the station's MAC address and the RADIUS request type (auth or
acct).

The schema for the radius_attributes table is:

    id | sta | reqtype | attr   :   multi-key (sta, reqtype)

    id   = autonumber
    sta  = station mac address in `11:22:33:44:55:66` format.
    type = `auth` | `acct` | NULL (match any)
    attr = existing config file format, e.g. `126:s:Test Operator`

The table is created if it is non-existent.

Perhaps there may be more common scenarios where having hostapd set RADIUS
request attributes on the basis of the station MAC address is useful?

In any case I'd be interested in whether I should be targetting this work for
inclusion in the project? If so, then I'll work up some documentation changes
and respond to any feedback you might offer.


Terry Burton (3):
  Move hostapd_parse_radius_attr into ap_config.c
  Functions to apply extra RADIUS attributes from SQLite
  Expose functionality to add extra RADIUS attributes from SQLite

 hostapd/config_file.c | 80 ++-----------------------------------------
 hostapd/hostapd.conf  |  4 +++
 src/ap/accounting.c   |  3 ++
 src/ap/ap_config.c    | 70 +++++++++++++++++++++++++++++++++++++
 src/ap/ap_config.h    |  3 ++
 src/ap/hostapd.c      | 56 ++++++++++++++++++++++++++++++
 src/ap/hostapd.h      |  8 +++++
 src/ap/ieee802_1x.c   | 67 ++++++++++++++++++++++++++++++++++++
 src/ap/ieee802_1x.h   |  6 ++++
 9 files changed, 220 insertions(+), 77 deletions(-)

-- 
2.20.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux