From 939628f6b8373fb3dfd26d55229c81e584269a22 Mon Sep 17 00:00:00 2001 From: =?utf8?q?D=C3=A1vid=20Benko?= Date: Mon, 24 Feb 2025 11:01:19 +0100 Subject: [PATCH] hostapd/RADIUS_server: enhance logging MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Currently, logging level of the RADIUS server is a constant corresponding to the highest verbosity (EXCESSIVE, ALL), but when running as a system service, the output is discarded. This commit makes logging verbosity configurable by `log_level` option and redirects all logs to `logd`. Possible levels are defined in hostap sources: https://w1.fi/cgit/hostap/tree/src/utils/wpa_debug.h?id=012a893c469157d5734f6f33953497ea6e3b0169#n23 Their reference is inlined in `radius.config` file. Default value for logging verbosity is INFO (even if the `-l` flag isn't specified). Signed-off-by: Dávid Benko Link: https://github.com/openwrt/openwrt/pull/18089 Signed-off-by: Robert Marko --- package/network/services/hostapd/files/radius.config | 11 +++++++++++ package/network/services/hostapd/files/radius.init | 5 ++++- package/network/services/hostapd/src/hostapd/radius.c | 6 ++++-- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/package/network/services/hostapd/files/radius.config b/package/network/services/hostapd/files/radius.config index a66fc2a9ac0..9c26b751f25 100644 --- a/package/network/services/hostapd/files/radius.config +++ b/package/network/services/hostapd/files/radius.config @@ -1,6 +1,17 @@ config radius option disabled '1' option ipv6 '1' + + # Logging levels: + # 0: ALL + # 1: MSGDUMP + # 2: DEBUG + # 3: INFO + # 4: WARNING + # 5: ERROR + # Default: INFO + option log_level '3' + option ca_cert '/etc/radius/ca.pem' option cert '/etc/radius/cert.pem' option key '/etc/radius/key.pem' diff --git a/package/network/services/hostapd/files/radius.init b/package/network/services/hostapd/files/radius.init index b594993a562..29f687c93f2 100644 --- a/package/network/services/hostapd/files/radius.init +++ b/package/network/services/hostapd/files/radius.init @@ -13,6 +13,7 @@ radius_start() { [ "$disabled" -gt 0 ] && return config_get_bool ipv6 "$cfg" ipv6 1 + config_get log_level "$cfg" log_level 3 config_get ca "$cfg" ca_cert config_get key "$cfg" key config_get cert "$cfg" cert @@ -24,12 +25,14 @@ radius_start() { procd_open_instance $cfg procd_set_param command /usr/sbin/hostapd-radius \ - -C "$ca" \ + -l "$log_level" -C "$ca" \ -c "$cert" -k "$key" \ -s "$clients" -u "$users" \ -p "$auth_port" -P "$acct_port" \ -i "$identity" [ "$ipv6" -gt 0 ] && procd_append_param command -6 + procd_set_param stdout 1 + procd_set_param stderr 1 procd_close_instance } diff --git a/package/network/services/hostapd/src/hostapd/radius.c b/package/network/services/hostapd/src/hostapd/radius.c index 362a22c276e..7685d4d6743 100644 --- a/package/network/services/hostapd/src/hostapd/radius.c +++ b/package/network/services/hostapd/src/hostapd/radius.c @@ -624,7 +624,6 @@ int radius_main(int argc, char **argv) int ch; wpa_debug_setup_stdout(); - wpa_debug_level = 0; if (eloop_init()) { wpa_printf(MSG_ERROR, "Failed to initialize event loop"); @@ -634,11 +633,14 @@ int radius_main(int argc, char **argv) eap_server_register_methods(); radius_init(&state); - while ((ch = getopt(argc, argv, "6C:c:d:i:k:K:p:P:s:u:")) != -1) { + while ((ch = getopt(argc, argv, "6l:C:c:d:i:k:K:p:P:s:u:")) != -1) { switch (ch) { case '6': config.radius.ipv6 = 1; break; + case 'l': + wpa_debug_level = atoi(optarg); + break; case 'C': config.tls.ca_cert = optarg; break; -- 2.47.2