diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2015-07-27 13:29:08 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2015-07-27 13:29:08 +0000 |
commit | 953e2167311e854613143c0d597d6c6889dfaf71 (patch) | |
tree | 2b1465aeeb7366a057abbe991a4b7224b745ae2f | |
parent | 71fc6f1fd5f4915b09537b543c6020db7406b44d (diff) | |
download | upstream-953e2167311e854613143c0d597d6c6889dfaf71.tar.gz upstream-953e2167311e854613143c0d597d6c6889dfaf71.tar.bz2 upstream-953e2167311e854613143c0d597d6c6889dfaf71.zip |
BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)
If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.
Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36
("RADIUS client: Fix server connection recovery after initial failure")
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46512 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | package/network/services/hostapd/Makefile | 4 | ||||
-rw-r--r-- | package/network/services/hostapd/patches/700-fix-radius-reconnect.patch | 41 |
2 files changed, 43 insertions, 2 deletions
diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 788fd11057..af979e8fba 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2014 OpenWrt.org +# Copyright (C) 2006-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd PKG_VERSION:=2014-06-03.1 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_REV:=84df167554569af8c87f0a8ac1fb508192417d8e PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 diff --git a/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch new file mode 100644 index 0000000000..46a4167ccd --- /dev/null +++ b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch @@ -0,0 +1,41 @@ +From 94b39e5927e570e6b0fe41d455dde0a361c71c36 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Sat, 28 Feb 2015 11:57:57 +0000 +Subject: RADIUS client: Fix server connection recovery after initial failure + +If the initial attempt at opening the socket connection to the RADIUS +server failed due to missing IP connectivity during startup, e.g., with +"connect[radius]: Network is unreachable", hostapd did not try to +reconnect when RADIUS messages were sent. Instead, it only reported "No +authentication server configured" even if the configuration did have a +server entry. + +This was broken by commit 9ed40766735a9628cc6c936076b175e6f66534bb +('RADIUS client: Do not try to send message without socket') for the +initial case and the more recent fixes in RADIUS server failover cases +did not cover the initial failure case. + +Signed-off-by: Jouni Malinen <j@w1.fi> + +--- a/src/radius/radius_client.c ++++ b/src/radius/radius_client.c +@@ -658,6 +658,9 @@ int radius_client_send(struct radius_cli + } + + if (msg_type == RADIUS_ACCT || msg_type == RADIUS_ACCT_INTERIM) { ++ if (conf->acct_server && radius->acct_sock < 0) ++ radius_client_init_acct(radius); ++ + if (conf->acct_server == NULL || radius->acct_sock < 0) { + hostapd_logger(radius->ctx, NULL, + HOSTAPD_MODULE_RADIUS, +@@ -672,6 +675,9 @@ int radius_client_send(struct radius_cli + s = radius->acct_sock; + conf->acct_server->requests++; + } else { ++ if (conf->auth_server && radius->auth_sock < 0) ++ radius_client_init_auth(radius); ++ + if (conf->auth_server == NULL || radius->auth_sock < 0) { + hostapd_logger(radius->ctx, NULL, + HOSTAPD_MODULE_RADIUS, |