BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)

If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.

Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36
("RADIUS client: Fix server connection recovery after initial failure")

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46512

diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile
index 788fd11057f7249627c3b906fb6cf07b32158993..af979e8fba45d25b143f863b21d779fd2c45b830 100644 (file)
--- a/package/network/services/hostapd/Makefile
+++ b/package/network/services/hostapd/Makefile
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2006-2014 OpenWrt.org
+# Copyright (C) 2006-2015 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostapd
 PKG_VERSION:=2014-06-03.1
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 PKG_REV:=84df167554569af8c87f0a8ac1fb508192417d8e
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2

diff --git a/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch
new file mode 100644 (file)
index 0000000..46a4167
--- /dev/null
+++ b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch
@@ -0,0 +1,41 @@
+From 94b39e5927e570e6b0fe41d455dde0a361c71c36 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sat, 28 Feb 2015 11:57:57 +0000
+Subject: RADIUS client: Fix server connection recovery after initial failure
+
+If the initial attempt at opening the socket connection to the RADIUS
+server failed due to missing IP connectivity during startup, e.g., with
+"connect[radius]: Network is unreachable", hostapd did not try to
+reconnect when RADIUS messages were sent. Instead, it only reported "No
+authentication server configured" even if the configuration did have a
+server entry.
+
+This was broken by commit 9ed40766735a9628cc6c936076b175e6f66534bb
+('RADIUS client: Do not try to send message without socket') for the
+initial case and the more recent fixes in RADIUS server failover cases
+did not cover the initial failure case.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+
+--- a/src/radius/radius_client.c
++++ b/src/radius/radius_client.c
+@@ -658,6 +658,9 @@ int radius_client_send(struct radius_cli
+       }
+ 
+       if (msg_type == RADIUS_ACCT || msg_type == RADIUS_ACCT_INTERIM) {
++              if (conf->acct_server && radius->acct_sock < 0)
++                      radius_client_init_acct(radius);
++
+               if (conf->acct_server == NULL || radius->acct_sock < 0) {
+                       hostapd_logger(radius->ctx, NULL,
+                                      HOSTAPD_MODULE_RADIUS,
+@@ -672,6 +675,9 @@ int radius_client_send(struct radius_cli
+               s = radius->acct_sock;
+               conf->acct_server->requests++;
+       } else {
++              if (conf->auth_server && radius->auth_sock < 0)
++                      radius_client_init_auth(radius);
++
+               if (conf->auth_server == NULL || radius->auth_sock < 0) {
+                       hostapd_logger(radius->ctx, NULL,
+                                      HOSTAPD_MODULE_RADIUS,