Modify

Opened 4 years ago

#15693 new defect

Changeset 24721: rsn_preauth

Reported by: anonymous Owned by: developers
Priority: high Milestone: Chaos Calmer 15.05
Component: base system Version: Trunk
Keywords: Cc:

Description

I was just developing a simple patch to luci, when I discovered the following preconditions:

OpenWRT with several vif_s.
One Radius
Some WPA2-PSK

e.g.:

config wifi-device 'radio0'
...

config wifi-iface

option device 'radio0'
option mode 'ap'
option ssid 'radiusnet'
option network 'vlan10'
option auth_server '172.16.31.2'
option auth_port '1812'
option auth_secret 'secret'
option encryption 'wpa2+ccmp'
option nasid 'somenas'
option acct_server '172.16.31.2'
option acct_port '1813'
option acct_secret 'secret'
option rsn_preauth '1'
option wpa_group_rekey '2000'


config wifi-iface

option device 'radio0'
option mode 'ap'
option ssid 'SomeOther'
option network 'vlan9'
option encryption 'psk-mixed'
option key ''

...

leads to auth_cache 0 in netifd, which in turn leads to a hostapd-phy0.conf with okc=0 in
== all == sections. (not only those, that have set_default auth_cache = 0)

It seems that: /lib/netifd/hostapd.sh on line 311 checks an empty variable: bridge instead of network_bridge. When correcting this again all sections (including the non-radius supported BSSIDs) will inherit the same okc values.

Question: Does it make sense to query rsn_preauth and rsn_preauth_interfaces on non-radius supported AP BSSID sections of hostapd in the first place? Do we use okc and pmksa on non-radius supported BSSIDs, too?!?

If moving the whole section

if [ "$wpa" -ge 2 ]; then
...
fi

up to
case "$auth_type" in
...
in between

eap)
...

append bss_conf "wpa_key_mgmt=WPA-EAP" "$N"

---here---

;;
wep)

the resulting hostapd looks correct (but is missing okc in all other sections.)

Please review the code, I am not sure yet, wether the described patch is a valid solution or not.
Fact is, it's currently broken and I'd like to get in working and have LuCI support it, too.

Literature:
/changeset/24721.html
/changeset/38336.html

Attachments (1)

hostapd.sh.new (16.9 KB) - added by anonymous 4 years ago.
Proposed changes for hostapd.sh for review

Download all attachments as: .zip

Change History (1)

Changed 4 years ago by anonymous

Proposed changes for hostapd.sh for review

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.