Add support for RADIUS configuration options to Wi-SUN #13412
Conversation
0xc0170
changed the title
| tr_error("Failed to set network size"); | ||
| return NSAPI_ERROR_PARAMETER; | ||
| } | ||
| #endif | ||
|
|
||
| #ifdef MBED_CONF_MBED_MESH_API_RADIUS_SHARED_SECRET | ||
| // Set on here, for compatibility with applications not using WisunBorderRouter class */ |
There was a problem hiding this comment.
Is there any such applications that can be used without the Border router interface? the Border router is not started without it
There was a problem hiding this comment.
There are applications, e.g. nanostack border router that use directly the nanostack c-api and does not use the border router class to start the BBR.
There was a problem hiding this comment.
Removed the changes from wisuninterface. Applications using RADIUS should use the wisunborderrouter class.
| @@ -186,3 +225,37 @@ int WisunBorderRouter::routing_table_get(ws_br_route_info_t *table_ptr, uint16_t | |||
|
|
|||
| return ws_bbr_routing_table_get(_mesh_if_id, (bbr_route_info_t *)table_ptr, table_len); | |||
| } | |||
|
|
|||
| mesh_error_t WisunBorderRouter::set_radius_server_ipv6_address(const char *address) | |||
There was a problem hiding this comment.
Do we need the GET interfaces for these
Could this be combined in the higher level api to have radius_configure(address,password)?
There was a problem hiding this comment.
Yes, I can add the get interface. There are no defaults for these, so the application must always program these first, but it might be easier for application, if the values could also be read from Nanostack.
I would prefer having the two functions for this since either one can be changed individually.
There was a problem hiding this comment.
Added get interfaces. Added storing of IP address and shared secret to border router class. Changed configuration to two phases, on class init the .json configuration is applied (if set) and then on BBR start the BBR is configured with the address and shared secret using the then defined (mesh) interface id.
|
|
||
| mesh_error_t WisunBorderRouter::get_radius_server_ipv6_address(char *address) | ||
| { | ||
| if (!_radius_ipv6_addr_set) { |
There was a problem hiding this comment.
You would not need these booleans if you would always read these variables from the Mbed json in the begining?
There was a problem hiding this comment.
The RADIUS configuration could be unspecified in the .json (use internal TLS) and then later enabled by configuration function calls.
| #ifdef MBED_CONF_MBED_MESH_API_RADIUS_SHARED_SECRET | ||
| // Set on here, for compatibility with applications not using WisunBorderRouter class */ | ||
| const char radius_shared_secret[] = {MBED_CONF_MBED_MESH_API_RADIUS_SHARED_SECRET}; | ||
| if (ws_bbr_radius_shared_secret_set(get_interface_id(), strlen(radius_shared_secret), (const uint8_t *) radius_shared_secret) != 0) { |
|
Changed shared secret length to uint16 and added support for byte sequences for shared secret to .json configuration. |
|
@artokin Here's the radius if pull request. Could you review. |
|
Re-based over latest feature-wisun, @0xc0170 could you trigger the CI. |
|
I've got few jobs running from master, once al lcomplete will start all the rest |
|
CI started |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
|
This PR cannot be merged due to conflicts. Please rebase to resolve them. |
Added support for external RADIUS server configuration to Wi-SUN Border Router. Added configuration functions and .json configuration options for: - external RADIUS server IPv6 address - RADIUS shared secret.
|
CI restarted |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
Summary of changes
Added support for external RADIUS server configuration to Wi-SUN Border Router.
Added configuration functions and .json configuration options for:
Impact of changes
None
Migration actions required
None
Documentation
None
Pull request type
Test results
Reviewers
@mikter @artokin