rlm_wimax - add support for RRQ-HA-MN

[Ben Wiechman]

Attached patch does two things:
Removes MN-FA key generation. These keys are generated at the authenticator
not the AAA so this is not needed.

Adds support to generate the RRQ-MN-HA key. 

I am left with two questions. 

First - I dug but haven't fully tracked down whether there is any validity
checking on the IP addresses that arrive in the request packets. When
testing this by dumping the RRQ-HA-IP address directly into the config file
with unlang I can see that invalid IP addresses are not accepted. Are
similar checks performed on packets off the wire and where?

Second - is a question of placement of the RRQ-MN-HA generation code. These
attributes are only needed for CMIP when the MN does not know the IP address
of the HA during network entry. Is it better to generate the appropriate key
whenever the RRQ-HA-IP is seen (at the potential expense of generating this
key if the MN is using PMIP yet somehow the RRQ-HA-IP shows up in the
request packet as well), or either moving the generation of the RRQ-MN-HA
keys to the appropriate sections of the switch where the MN-HA keys are
generated or adding an additional check to the generation block to ensure
that the appropriate MIP Technology is being used.

Ben Wiechman


-------------- next part --------------
A non-text attachment was scrubbed...
Name: rlm_wimax.patch
Type: application/octet-stream
Size: 6092 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20100203/b3134c00/attachment.obj>