hostapd/RADIUS_server: enhance logging

Currently, logging level of the RADIUS server is a constant corresponding to the highest verbosity (EXCESSIVE, ALL), but when running as a system service, the output is discarded. This commit makes logging verbosity configurable by `log_level` option and redirects all logs to `logd`. Possible levels are defined in hostap sources: https://w1.fi/cgit/hostap/tree/src/utils/wpa_debug.h?id=012a893c469157d5734f6f33953497ea6e3b0169#n23 Their reference is inlined in `radius.config` file. Default value for logging verbosity is INFO (even if the `-l` flag isn't specified). Signed-off-by: Dávid Benko <davidbenko@davidbenko.dev> Link: https://github.com/openwrt/openwrt/pull/18089 Signed-off-by: Robert Marko <robimarko@gmail.com>
2025-02-24 11:01:19 +01:00 · 2025-02-24 11:01:19 +01:00 · 939628f6b8
commit 939628f6b8
parent dbdd84725d
3 changed files with 19 additions and 3 deletions
--- a/package/network/services/hostapd/files/radius.config
+++ b/package/network/services/hostapd/files/radius.config
@ -1,6 +1,17 @@
 config radius
 	option disabled '1'
 	option ipv6 '1'
+
+	# Logging levels:
+	#   0: ALL
+	#   1: MSGDUMP
+	#   2: DEBUG
+	#   3: INFO
+	#   4: WARNING
+	#   5: ERROR
+	# Default: INFO
+	option log_level '3'
+
 	option ca_cert '/etc/radius/ca.pem'
 	option cert '/etc/radius/cert.pem'
 	option key '/etc/radius/key.pem'
--- a/package/network/services/hostapd/files/radius.init
+++ b/package/network/services/hostapd/files/radius.init
@ -13,6 +13,7 @@ radius_start() {
 	[ "$disabled" -gt 0 ] && return

 	config_get_bool ipv6 "$cfg" ipv6 1
+	config_get log_level "$cfg" log_level 3
 	config_get ca "$cfg" ca_cert
 	config_get key "$cfg" key
 	config_get cert "$cfg" cert
@ -24,12 +25,14 @@ radius_start() {

 	procd_open_instance $cfg
 	procd_set_param command /usr/sbin/hostapd-radius \
-		-C "$ca" \
+		-l "$log_level" -C "$ca" \
 		-c "$cert" -k "$key" \
 		-s "$clients" -u "$users" \
 		-p "$auth_port" -P "$acct_port" \
 		-i "$identity"
 	[ "$ipv6" -gt 0 ] && procd_append_param command -6
+	procd_set_param stdout 1
+	procd_set_param stderr 1
 	procd_close_instance
 }

--- a/package/network/services/hostapd/src/hostapd/radius.c
+++ b/package/network/services/hostapd/src/hostapd/radius.c
@ -624,7 +624,6 @@ int radius_main(int argc, char **argv)
 	int ch;

 	wpa_debug_setup_stdout();
-	wpa_debug_level = 0;

 	if (eloop_init()) {
 		wpa_printf(MSG_ERROR, "Failed to initialize event loop");
@ -634,11 +633,14 @@ int radius_main(int argc, char **argv)
 	eap_server_register_methods();
 	radius_init(&state);

-	while ((ch = getopt(argc, argv, "6C:c:d:i:k:K:p:P:s:u:")) != -1) {
+	while ((ch = getopt(argc, argv, "6l:C:c:d:i:k:K:p:P:s:u:")) != -1) {
 		switch (ch) {
 		case '6':
 			config.radius.ipv6 = 1;
 			break;
+		case 'l':
+			wpa_debug_level = atoi(optarg);
+			break;
 		case 'C':
 			config.tls.ca_cert = optarg;
 			break;