18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Authentication server setup 38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi> 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license. 6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details. 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "utils/includes.h" 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "utils/common.h" 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "crypto/tls.h" 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "eap_server/eap.h" 148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "eap_server/eap_sim_db.h" 158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "eapol_auth/eapol_auth_sm.h" 168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "radius/radius_server.h" 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "hostapd.h" 188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "ap_config.h" 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "sta_info.h" 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "authsrv.h" 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#if defined(EAP_SERVER_SIM) || defined(EAP_SERVER_AKA) 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define EAP_SIM_DB 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_SERVER_SIM || EAP_SERVER_AKA */ 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef EAP_SIM_DB 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int hostapd_sim_db_cb_sta(struct hostapd_data *hapd, 308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct sta_info *sta, void *ctx) 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (eapol_auth_eap_pending_cb(sta->eapol_sm, ctx) == 0) 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 1; 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void hostapd_sim_db_cb(void *ctx, void *session_ctx) 398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct hostapd_data *hapd = ctx; 418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ap_for_each_sta(hapd, hostapd_sim_db_cb_sta, session_ctx) == 0) { 428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef RADIUS_SERVER 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt radius_server_eap_pending_cb(hapd->radius_srv, session_ctx); 448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* RADIUS_SERVER */ 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_SIM_DB */ 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef RADIUS_SERVER 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int hostapd_radius_get_eap_user(void *ctx, const u8 *identity, 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t identity_len, int phase2, 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct eap_user *user) 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const struct hostapd_eap_user *eap_user; 571f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt int i; 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2); 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (eap_user == NULL) 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (user == NULL) 648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(user, 0, sizeof(*user)); 671f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt for (i = 0; i < EAP_MAX_METHODS; i++) { 688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->methods[i].vendor = eap_user->methods[i].vendor; 698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->methods[i].method = eap_user->methods[i].method; 708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (eap_user->password) { 738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->password = os_malloc(eap_user->password_len); 748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (user->password == NULL) 758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(user->password, eap_user->password, 778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_user->password_len); 788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->password_len = eap_user->password_len; 798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->password_hash = eap_user->password_hash; 808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->force_version = eap_user->force_version; 82df5a7e4c5c64890c2425bb47d665bbce4992b676Dmitry Shmidt user->macacl = eap_user->macacl; 838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt user->ttls_auth = eap_user->ttls_auth; 84f21452aea786ac056eb01f1cbba4f553bd502747Dmitry Shmidt user->remediation = eap_user->remediation; 85818ea489ef32dcdc7c098d8a336d6e1dd8996112Dmitry Shmidt user->accept_attr = eap_user->accept_attr; 868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int hostapd_setup_radius_srv(struct hostapd_data *hapd) 928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct radius_server_conf srv; 948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct hostapd_bss_config *conf = hapd->conf; 958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(&srv, 0, sizeof(srv)); 968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.client_file = conf->radius_server_clients; 978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.auth_port = conf->radius_server_auth_port; 98bd14a57187b024f49f5b9ace55ef457d8d04650aDmitry Shmidt srv.acct_port = conf->radius_server_acct_port; 99d5e4923d04122f81300fa68fb07d64ede28fd44dDmitry Shmidt srv.conf_ctx = hapd; 1008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_sim_db_priv = hapd->eap_sim_db_priv; 1018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.ssl_ctx = hapd->ssl_ctx; 1028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.msg_ctx = hapd->msg_ctx; 1038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.pac_opaque_encr_key = conf->pac_opaque_encr_key; 1048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_fast_a_id = conf->eap_fast_a_id; 1058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_fast_a_id_len = conf->eap_fast_a_id_len; 1068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_fast_a_id_info = conf->eap_fast_a_id_info; 1078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_fast_prov = conf->eap_fast_prov; 1088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.pac_key_lifetime = conf->pac_key_lifetime; 1098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.pac_key_refresh_time = conf->pac_key_refresh_time; 1108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_sim_aka_result_ind = conf->eap_sim_aka_result_ind; 1118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.tnc = conf->tnc; 1128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.wps = hapd->wps; 1138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.ipv6 = conf->radius_server_ipv6; 1148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.get_eap_user = hostapd_radius_get_eap_user; 1158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_req_id_text = conf->eap_req_id_text; 1168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.eap_req_id_text_len = conf->eap_req_id_text_len; 1178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt srv.pwd_group = conf->pwd_group; 11834af306c42b7ccf956508e7cd23f0ba90606e360Dmitry Shmidt srv.server_id = conf->server_id ? conf->server_id : "hostapd"; 119818ea489ef32dcdc7c098d8a336d6e1dd8996112Dmitry Shmidt srv.sqlite_file = conf->eap_user_sqlite; 1201f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt#ifdef CONFIG_RADIUS_TEST 1211f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt srv.dump_msk_file = conf->dump_msk_file; 1221f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt#endif /* CONFIG_RADIUS_TEST */ 123f21452aea786ac056eb01f1cbba4f553bd502747Dmitry Shmidt#ifdef CONFIG_HS20 124f21452aea786ac056eb01f1cbba4f553bd502747Dmitry Shmidt srv.subscr_remediation_url = conf->subscr_remediation_url; 125f21452aea786ac056eb01f1cbba4f553bd502747Dmitry Shmidt srv.subscr_remediation_method = conf->subscr_remediation_method; 126f21452aea786ac056eb01f1cbba4f553bd502747Dmitry Shmidt#endif /* CONFIG_HS20 */ 1278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->radius_srv = radius_server_init(&srv); 1298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->radius_srv == NULL) { 1308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "RADIUS server initialization failed."); 1318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* RADIUS_SERVER */ 1388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint authsrv_init(struct hostapd_data *hapd) 1418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef EAP_TLS_FUNCS 1438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->conf->eap_server && 1448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (hapd->conf->ca_cert || hapd->conf->server_cert || 14501904cfafd75a70b9f29c0220b90bdef45595491Dmitry Shmidt hapd->conf->private_key || hapd->conf->dh_file)) { 1468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct tls_connection_params params; 1478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->ssl_ctx = tls_init(NULL); 1498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->ssl_ctx == NULL) { 1508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "Failed to initialize TLS"); 1518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt authsrv_deinit(hapd); 1528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(¶ms, 0, sizeof(params)); 1568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt params.ca_cert = hapd->conf->ca_cert; 1578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt params.client_cert = hapd->conf->server_cert; 1588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt params.private_key = hapd->conf->private_key; 1598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt params.private_key_passwd = hapd->conf->private_key_passwd; 1608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt params.dh_file = hapd->conf->dh_file; 16134af306c42b7ccf956508e7cd23f0ba90606e360Dmitry Shmidt params.ocsp_stapling_response = 16234af306c42b7ccf956508e7cd23f0ba90606e360Dmitry Shmidt hapd->conf->ocsp_stapling_response; 1638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (tls_global_set_params(hapd->ssl_ctx, ¶ms)) { 1658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "Failed to set TLS parameters"); 1668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt authsrv_deinit(hapd); 1678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (tls_global_set_verify(hapd->ssl_ctx, 1718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->conf->check_crl)) { 1728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "Failed to enable check_crl"); 1738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt authsrv_deinit(hapd); 1748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_TLS_FUNCS */ 1788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef EAP_SIM_DB 1808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->conf->eap_sim_db) { 1818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->eap_sim_db_priv = 1828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_sim_db_init(hapd->conf->eap_sim_db, 1838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hostapd_sim_db_cb, hapd); 1848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->eap_sim_db_priv == NULL) { 1858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "Failed to initialize EAP-SIM " 1868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "database interface"); 1878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt authsrv_deinit(hapd); 1888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_SIM_DB */ 1928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef RADIUS_SERVER 1948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->conf->radius_server_clients && 1958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hostapd_setup_radius_srv(hapd)) 1968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* RADIUS_SERVER */ 1988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 2008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid authsrv_deinit(struct hostapd_data *hapd) 2048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef RADIUS_SERVER 2068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt radius_server_deinit(hapd->radius_srv); 2078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->radius_srv = NULL; 2088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* RADIUS_SERVER */ 2098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef EAP_TLS_FUNCS 2118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->ssl_ctx) { 2128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt tls_deinit(hapd->ssl_ctx); 2138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->ssl_ctx = NULL; 2148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_TLS_FUNCS */ 2168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef EAP_SIM_DB 2188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hapd->eap_sim_db_priv) { 2198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt eap_sim_db_deinit(hapd->eap_sim_db_priv); 2208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hapd->eap_sim_db_priv = NULL; 2218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* EAP_SIM_DB */ 2238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 224