hostapd: Fix configuration of multiple RADIUS servers with SET
The current RADIUS server pointer was updated after each SET command which broke parsing of multiple RADIUS servers over the control interface. Fix this by doing the final RADIUS server pointer updates only once the full configuration is available. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
6a188ba3fc
commit
5d67bf1566
4 changed files with 15 additions and 7 deletions
|
@ -3238,7 +3238,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
|
||||||
fclose(f);
|
fclose(f);
|
||||||
|
|
||||||
for (i = 0; i < conf->num_bss; i++)
|
for (i = 0; i < conf->num_bss; i++)
|
||||||
hostapd_set_security_params(conf->bss[i]);
|
hostapd_set_security_params(conf->bss[i], 1);
|
||||||
|
|
||||||
if (hostapd_config_check(conf, 1))
|
if (hostapd_config_check(conf, 1))
|
||||||
errors++;
|
errors++;
|
||||||
|
@ -3270,7 +3270,7 @@ int hostapd_set_iface(struct hostapd_config *conf,
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < conf->num_bss; i++)
|
for (i = 0; i < conf->num_bss; i++)
|
||||||
hostapd_set_security_params(conf->bss[i]);
|
hostapd_set_security_params(conf->bss[i], 0);
|
||||||
|
|
||||||
if (hostapd_config_check(conf, 0)) {
|
if (hostapd_config_check(conf, 0)) {
|
||||||
wpa_printf(MSG_ERROR, "Configuration check failed");
|
wpa_printf(MSG_ERROR, "Configuration check failed");
|
||||||
|
|
|
@ -859,7 +859,8 @@ int hostapd_config_check(struct hostapd_config *conf, int full_config)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void hostapd_set_security_params(struct hostapd_bss_config *bss)
|
void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
||||||
|
int full_config)
|
||||||
{
|
{
|
||||||
if (bss->individual_wep_key_len == 0) {
|
if (bss->individual_wep_key_len == 0) {
|
||||||
/* individual keys are not use; can use key idx0 for
|
/* individual keys are not use; can use key idx0 for
|
||||||
|
@ -872,8 +873,10 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss)
|
||||||
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
|
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
|
||||||
bss->rsn_pairwise);
|
bss->rsn_pairwise);
|
||||||
|
|
||||||
|
if (full_config) {
|
||||||
bss->radius->auth_server = bss->radius->auth_servers;
|
bss->radius->auth_server = bss->radius->auth_servers;
|
||||||
bss->radius->acct_server = bss->radius->acct_servers;
|
bss->radius->acct_server = bss->radius->acct_servers;
|
||||||
|
}
|
||||||
|
|
||||||
if (bss->wpa && bss->ieee802_1x) {
|
if (bss->wpa && bss->ieee802_1x) {
|
||||||
bss->ssid.security_policy = SECURITY_WPA;
|
bss->ssid.security_policy = SECURITY_WPA;
|
||||||
|
|
|
@ -621,6 +621,7 @@ const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan,
|
||||||
struct hostapd_radius_attr *
|
struct hostapd_radius_attr *
|
||||||
hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type);
|
hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type);
|
||||||
int hostapd_config_check(struct hostapd_config *conf, int full_config);
|
int hostapd_config_check(struct hostapd_config *conf, int full_config);
|
||||||
void hostapd_set_security_params(struct hostapd_bss_config *bss);
|
void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
||||||
|
int full_config);
|
||||||
|
|
||||||
#endif /* HOSTAPD_CONFIG_H */
|
#endif /* HOSTAPD_CONFIG_H */
|
||||||
|
|
|
@ -1630,6 +1630,8 @@ static void hostapd_deinit_driver(const struct wpa_driver_ops *driver,
|
||||||
|
|
||||||
int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
|
int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
|
||||||
{
|
{
|
||||||
|
size_t j;
|
||||||
|
|
||||||
if (hapd_iface->bss[0]->drv_priv != NULL) {
|
if (hapd_iface->bss[0]->drv_priv != NULL) {
|
||||||
wpa_printf(MSG_ERROR, "Interface %s already enabled",
|
wpa_printf(MSG_ERROR, "Interface %s already enabled",
|
||||||
hapd_iface->conf->bss[0]->iface);
|
hapd_iface->conf->bss[0]->iface);
|
||||||
|
@ -1639,6 +1641,8 @@ int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
|
||||||
wpa_printf(MSG_DEBUG, "Enable interface %s",
|
wpa_printf(MSG_DEBUG, "Enable interface %s",
|
||||||
hapd_iface->conf->bss[0]->iface);
|
hapd_iface->conf->bss[0]->iface);
|
||||||
|
|
||||||
|
for (j = 0; j < hapd_iface->num_bss; j++)
|
||||||
|
hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
|
||||||
if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
|
if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
|
||||||
wpa_printf(MSG_INFO, "Invalid configuration - cannot enable");
|
wpa_printf(MSG_INFO, "Invalid configuration - cannot enable");
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -1667,7 +1671,7 @@ int hostapd_reload_iface(struct hostapd_iface *hapd_iface)
|
||||||
wpa_printf(MSG_DEBUG, "Reload interface %s",
|
wpa_printf(MSG_DEBUG, "Reload interface %s",
|
||||||
hapd_iface->conf->bss[0]->iface);
|
hapd_iface->conf->bss[0]->iface);
|
||||||
for (j = 0; j < hapd_iface->num_bss; j++)
|
for (j = 0; j < hapd_iface->num_bss; j++)
|
||||||
hostapd_set_security_params(hapd_iface->conf->bss[j]);
|
hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
|
||||||
if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
|
if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
|
||||||
wpa_printf(MSG_ERROR, "Updated configuration is invalid");
|
wpa_printf(MSG_ERROR, "Updated configuration is invalid");
|
||||||
return -1;
|
return -1;
|
||||||
|
|
Loading…
Reference in a new issue