RADIUS: Allow 0.0.0.0 to be used as wildard radius_das_client

This allows hostapd DAS to be configured to allow any DAC (with the
matching shared secret) to send Disconnect-Request and CoA-Request
packets.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index 8834ccfbf59d36690d30fa08f9a5ebdaa64ccacc..0de4b856965b0d110f0b327c04b089f552162ed4 100644 (file)
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -1191,6 +1191,8 @@ own_ip_addr=127.0.0.1
 #radius_das_port=3799
 #
 # DAS client (the host that can send Disconnect/CoA requests) and shared secret
+# Format: <IP address> <shared secret>
+# IP address 0.0.0.0 can be used to allow requests from any address.
 #radius_das_client=192.168.1.123 shared secret here
 #
 # DAS Event-Timestamp time window in seconds

diff --git a/src/radius/radius_das.c b/src/radius/radius_das.c
index 0a0cf8ed4b8b20ee8a29267eb82fa99ee03516ec..aaa3fc26723ad16d3b492c3ceb8d61720bb9676c 100644 (file)
--- a/src/radius/radius_das.c
+++ b/src/radius/radius_das.c
@@ -413,7 +413,8 @@ static void radius_das_receive(int sock, void *eloop_ctx, void *sock_ctx)
 
        wpa_printf(MSG_DEBUG, "DAS: Received %d bytes from %s:%d",
                   len, abuf, from_port);
-       if (das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) {
+       if (das->client_addr.u.v4.s_addr &&
+           das->client_addr.u.v4.s_addr != from.sin.sin_addr.s_addr) {
                wpa_printf(MSG_DEBUG, "DAS: Drop message from unknown client");
                return;
        }