Public Attributes
radius_server_conf Struct Reference

#include <radius_server.h>

List of all members.

Public Attributes

int auth_port
char * client_file
void * conf_ctx
u8 * eap_fast_a_id
char * eap_fast_a_id_info
size_t eap_fast_a_id_len
int eap_fast_prov
const char * eap_req_id_text
size_t eap_req_id_text_len
int eap_sim_aka_result_ind
void * eap_sim_db_priv
int(* get_eap_user )(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user)
int ipv6
void * msg_ctx
int pac_key_lifetime
int pac_key_refresh_time
u8 * pac_opaque_encr_key
void * ssl_ctx
int tnc
struct wps_contextwps

Detailed Description

struct radius_server_conf - RADIUS server configuration

Definition at line 24 of file radius_server.h.


Member Data Documentation

auth_port - UDP port to listen to as an authentication server

Definition at line 28 of file radius_server.h.

client_file - RADIUS client configuration file

This file contains the RADIUS clients and the shared secret to be used with them in a format where each client is on its own line. The first item on the line is the IPv4 or IPv6 address of the client with an optional address mask to allow full network to be specified (e.g., 192.168.1.2 or 192.168.1.0/24). This is followed by white space (space or tabulator) and the shared secret. Lines starting with '#' are skipped and can be used as comments.

Definition at line 41 of file radius_server.h.

conf_ctx - Context pointer for callbacks

This is used as the ctx argument in get_eap_user() calls.

Definition at line 48 of file radius_server.h.

eap_fast_a_id - EAP-FAST authority identity (A-ID)

If EAP-FAST is not used, this can be set to NULL. In theory, this is a variable length field, but due to some existing implementations requiring A-ID to be 16 octets in length, it is recommended to use that length for the field to provide interoperability with deployed peer implementations.

Definition at line 84 of file radius_server.h.

eap_fast_a_id_info - EAP-FAST authority identifier information

This A-ID-Info contains a user-friendly name for the A-ID. For example, this could be the enterprise and server names in human-readable format. This field is encoded as UTF-8. If EAP-FAST is not used, this can be set to NULL.

Definition at line 99 of file radius_server.h.

eap_fast_a_id_len - Length of eap_fast_a_id buffer in octets

Definition at line 89 of file radius_server.h.

eap_fast_prov - EAP-FAST provisioning modes

0 = provisioning disabled, 1 = only anonymous provisioning allowed, 2 = only authenticated provisioning allowed, 3 = both provisioning modes allowed.

Definition at line 108 of file radius_server.h.

eap_req_id_text - Optional data for EAP-Request/Identity

This can be used to configure an optional, displayable message that will be sent in EAP-Request/Identity. This string can contain an ASCII-0 character (nul) to separate network infromation per RFC 4284. The actual string length is explicit provided in eap_req_id_text_len since nul character will not be used as a string terminator.

Definition at line 186 of file radius_server.h.

eap_req_id_text_len - Length of eap_req_id_text buffer in octets

Definition at line 191 of file radius_server.h.

eap_sim_aka_result_ind - EAP-SIM/AKA protected success indication

This controls whether the protected success/failure indication (AT_RESULT_IND) is used with EAP-SIM and EAP-AKA.

Definition at line 133 of file radius_server.h.

eap_sim_db_priv - EAP-SIM/AKA database context

This is passed to the EAP-SIM/AKA server implementation as a callback context.

Definition at line 56 of file radius_server.h.

int(* radius_server_conf::get_eap_user)(void *ctx, const u8 *identity, size_t identity_len, int phase2, struct eap_user *user)

get_eap_user - Callback for fetching EAP user information : Context data from conf_ctx : User identity : identity buffer length in octets : Whether this is for Phase 2 identity : Data structure for filling in the user information Returns: 0 on success, -1 on failure

This is used to fetch information from user database. The callback will fill in information about allowed EAP methods and the user password. The password field will be an allocated copy of the password data and RADIUS server will free it after use.

Definition at line 173 of file radius_server.h.

ipv6 - Whether to enable IPv6 support in the RADIUS server

Definition at line 157 of file radius_server.h.

Definition at line 196 of file radius_server.h.

pac_key_lifetime - EAP-FAST PAC-Key lifetime in seconds

This is the hard limit on how long a provisioned PAC-Key can be used.

Definition at line 116 of file radius_server.h.

pac_key_refresh_time - EAP-FAST PAC-Key refresh time in seconds

This is a soft limit on the PAC-Key. The server will automatically generate a new PAC-Key when this number of seconds (or fewer) of the lifetime remains.

Definition at line 125 of file radius_server.h.

pac_opaque_encr_key - PAC-Opaque encryption key for EAP-FAST

This parameter is used to set a key for EAP-FAST to encrypt the PAC-Opaque data. It can be set to NULL if EAP-FAST is not used. If set, must point to a 16-octet key.

Definition at line 73 of file radius_server.h.

ssl_ctx - TLS context

This is passed to the EAP server implementation as a callback context for TLS operations.

Definition at line 64 of file radius_server.h.

tnc - Trusted Network Connect (TNC)

This controls whether TNC is enabled and will be required before the peer is allowed to connect. Note: This is only used with EAP-TTLS and EAP-FAST. If any other EAP method is enabled, the peer will be allowed to connect without TNC.

Definition at line 143 of file radius_server.h.

wps - Wi-Fi Protected Setup context

If WPS is used with an external RADIUS server (which is quite unlikely configuration), this is used to provide a pointer to WPS context data. Normally, this can be set to NULL.

Definition at line 152 of file radius_server.h.


The documentation for this struct was generated from the following file:


wpa_supplicant_node
Author(s): Package maintained by Blaise Gassend
autogenerated on Thu Apr 24 2014 15:33:26