Resneptacle/openwrt-cghmn-mt300n
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hostapd/RADIUS_server: enhance logging

Browse Source 
Currently, logging level of the RADIUS server is a constant corresponding
to the highest verbosity (EXCESSIVE, ALL), but when running as a system
service, the output is discarded.

This commit makes logging verbosity configurable by `log_level` option
and redirects all logs to `logd`. Possible levels are defined in hostap
sources:
https://w1.fi/cgit/hostap/tree/src/utils/wpa_debug.h?id=012a893c469157d5734f6f33953497ea6e3b0169#n23
Their reference is inlined in `radius.config` file.

Default value for logging verbosity is INFO (even if the `-l` flag isn't
specified).

Signed-off-by: Dávid Benko <davidbenko@davidbenko.dev>
Link: https://github.com/openwrt/openwrt/pull/18089
Signed-off-by: Robert Marko <robimarko@gmail.com>
This commit is contained in:
Dávid Benko 2025-02-24 11:01:19 +01:00 committed by Robert Marko
parent dbdd84725d
commit 939628f6b8
3 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
package/network/services/hostapd/files/radius.config
View File

@ -1,6 +1,17 @@
config radius config radius
option disabled '1' option disabled '1'
option ipv6 '1' option ipv6 '1'
# Logging levels:
# 0: ALL
# 1: MSGDUMP
# 2: DEBUG
# 3: INFO
# 4: WARNING
# 5: ERROR
# Default: INFO
option log_level '3'
option ca_cert '/etc/radius/ca.pem' option ca_cert '/etc/radius/ca.pem'
option cert '/etc/radius/cert.pem' option cert '/etc/radius/cert.pem'
option key '/etc/radius/key.pem' option key '/etc/radius/key.pem'

5
package/network/services/hostapd/files/radius.init
View File

@ -13,6 +13,7 @@ radius_start() {
[ "$disabled" -gt 0 ] && return [ "$disabled" -gt 0 ] && return
config_get_bool ipv6 "$cfg" ipv6 1 config_get_bool ipv6 "$cfg" ipv6 1
config_get log_level "$cfg" log_level 3
config_get ca "$cfg" ca_cert config_get ca "$cfg" ca_cert
config_get key "$cfg" key config_get key "$cfg" key
config_get cert "$cfg" cert config_get cert "$cfg" cert
@ -24,12 +25,14 @@ radius_start() {
procd_open_instance $cfg procd_open_instance $cfg
procd_set_param command /usr/sbin/hostapd-radius \ procd_set_param command /usr/sbin/hostapd-radius \
-C "$ca" \ -l "$log_level" -C "$ca" \
-c "$cert" -k "$key" \ -c "$cert" -k "$key" \
-s "$clients" -u "$users" \ -s "$clients" -u "$users" \
-p "$auth_port" -P "$acct_port" \ -p "$auth_port" -P "$acct_port" \
-i "$identity" -i "$identity"
[ "$ipv6" -gt 0 ] && procd_append_param command -6 [ "$ipv6" -gt 0 ] && procd_append_param command -6
procd_set_param stdout 1
procd_set_param stderr 1
procd_close_instance procd_close_instance
} }

6
package/network/services/hostapd/src/hostapd/radius.c
View File

@ -624,7 +624,6 @@ int radius_main(int argc, char **argv)
int ch; int ch;
wpa_debug_setup_stdout(); wpa_debug_setup_stdout();
wpa_debug_level = 0;
if (eloop_init()) { if (eloop_init()) {
wpa_printf(MSG_ERROR, "Failed to initialize event loop"); wpa_printf(MSG_ERROR, "Failed to initialize event loop");
@ -634,11 +633,14 @@ int radius_main(int argc, char **argv)
eap_server_register_methods(); eap_server_register_methods();
radius_init(&state); radius_init(&state);
while ((ch = getopt(argc, argv, "6C:c:d:i:k:K:p:P:s:u:")) != -1) { while ((ch = getopt(argc, argv, "6l:C:c:d:i:k:K:p:P:s:u:")) != -1) {
switch (ch) { switch (ch) {
case '6': case '6':
config.radius.ipv6 = 1; config.radius.ipv6 = 1;
break; break;
case 'l':
wpa_debug_level = atoi(optarg);
break;
case 'C': case 'C':
config.tls.ca_cert = optarg; config.tls.ca_cert = optarg;
break; break;