diff options
| author | Felix Fietkau <nbd@nbd.name> | 2021-05-17 11:20:09 +0200 |
|---|---|---|
| committer | Felix Fietkau <nbd@nbd.name> | 2021-05-17 11:23:30 +0200 |
| commit | 2a97fd006c3b09c1aeab30ac881c9ac902365d57 (patch) | |
| tree | 65b9676bcad44f00c459b6e2bf99de7f026cc072 /interface.c | |
| parent | 3052f2f67686f3d540d4d941e4664730de530741 (diff) | |
| download | netifd-2a97fd006c3b09c1aeab30ac881c9ac902365d57.tar.gz | |
device: add support for configuring devices with external auth handler
This can be used to support 802.1x on wired devices.
In order to use this, the device section for each port needing authentication
needs to contain the option auth 1
When set, this option prevents devices from being added to bridges or configured
with IP settings by default, until the set_state ubus call on network.device
sets "auth_status" to true for the device.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'interface.c')
| -rw-r--r-- | interface.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/interface.c b/interface.c index 2a8f604..a91246a 100644 --- a/interface.c +++ b/interface.c @@ -99,6 +99,17 @@ interface_error_flush(struct interface *iface) } } +static bool +interface_force_link(struct interface *iface) +{ + struct device *dev = iface->main_dev.dev; + + if (dev && dev->settings.auth) + return false; + + return iface->force_link; +} + static void interface_clear_errors(struct interface *iface) { @@ -344,7 +355,7 @@ __interface_set_up(struct interface *iface) static void interface_check_state(struct interface *iface) { - bool link_state = iface->link_state || iface->force_link; + bool link_state = iface->link_state || interface_force_link(iface); switch (iface->state) { case IFS_UP: @@ -390,7 +401,8 @@ interface_set_link_state(struct interface *iface, bool new_state) iface->link_state = new_state; interface_check_state(iface); - if (new_state && iface->force_link && iface->state == IFS_UP && !iface->link_up_event) { + if (new_state && interface_force_link(iface) && + iface->state == IFS_UP && !iface->link_up_event) { interface_event(iface, IFEV_LINK_UP); iface->link_up_event = true; } @@ -424,11 +436,10 @@ interface_main_dev_cb(struct device_user *dep, enum device_event ev) case DEV_EVENT_DOWN: interface_set_enabled(iface, false); break; + case DEV_EVENT_AUTH_UP: case DEV_EVENT_LINK_UP: - interface_set_link_state(iface, true); - break; case DEV_EVENT_LINK_DOWN: - interface_set_link_state(iface, false); + interface_set_link_state(iface, device_link_active(dep->dev)); break; case DEV_EVENT_TOPO_CHANGE: interface_proto_event(iface->proto, PROTO_CMD_RENEW, false); |