Opened 4 years ago

#15693 new defect

Changeset 24721: rsn_preauth

Reported by: anonymous Owned by: developers
Priority: high Milestone: Chaos Calmer 15.05
Component: base system Version: Trunk
Keywords: Cc:


I was just developing a simple patch to luci, when I discovered the following preconditions:

OpenWRT with several vif_s.
One Radius


config wifi-device 'radio0'

config wifi-iface

option device 'radio0'
option mode 'ap'
option ssid 'radiusnet'
option network 'vlan10'
option auth_server ''
option auth_port '1812'
option auth_secret 'secret'
option encryption 'wpa2+ccmp'
option nasid 'somenas'
option acct_server ''
option acct_port '1813'
option acct_secret 'secret'
option rsn_preauth '1'
option wpa_group_rekey '2000'

config wifi-iface

option device 'radio0'
option mode 'ap'
option ssid 'SomeOther'
option network 'vlan9'
option encryption 'psk-mixed'
option key ''


leads to auth_cache 0 in netifd, which in turn leads to a hostapd-phy0.conf with okc=0 in
== all == sections. (not only those, that have set_default auth_cache = 0)

It seems that: /lib/netifd/ on line 311 checks an empty variable: bridge instead of network_bridge. When correcting this again all sections (including the non-radius supported BSSIDs) will inherit the same okc values.

Question: Does it make sense to query rsn_preauth and rsn_preauth_interfaces on non-radius supported AP BSSID sections of hostapd in the first place? Do we use okc and pmksa on non-radius supported BSSIDs, too?!?

If moving the whole section

if [ "$wpa" -ge 2 ]; then

up to
case "$auth_type" in
in between


append bss_conf "wpa_key_mgmt=WPA-EAP" "$N"



the resulting hostapd looks correct (but is missing okc in all other sections.)

Please review the code, I am not sure yet, wether the described patch is a valid solution or not.
Fact is, it's currently broken and I'd like to get in working and have LuCI support it, too.


Attachments (1) (16.9 KB) - added by anonymous 4 years ago.
Proposed changes for for review

Download all attachments as: .zip

Change History (1)

Changed 4 years ago by anonymous

Proposed changes for for review

Add Comment

Modify Ticket

as new .

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.