hostapd: make radius rate-limit work with new event listener framework

Signed-off-by: John Crispin <john@phrozen.org>
2025-10-30 18:07:52 +00:00 · 2023-01-27 12:14:17 +01:00
parent 1cc9673e8c
commit 8f53da4f79
4 changed files with 356 additions and 22 deletions
--- a/feeds/ucentral/ucentral-event/files/ucentral-event
+++ b/feeds/ucentral/ucentral-event/files/ucentral-event
@@ -67,8 +67,8 @@ let handlers = {
 				address: notify.data.address,
 			};
 			if (notify.data['rate-limit']) {
-				msg.rate_ingress = notify.data['rate-limit'][0] / 1000;
+				msg.rate_ingress = notify.data['rate-limit'][0] / 1000000;
-				msg.rate_egress = notify.data['rate-limit'][1] / 1000;
+				msg.rate_egress = notify.data['rate-limit'][1] / 1000000;
 			} else
 				msg.defaults = hapd.ssid;
 			ubus.call('ratelimit', 'client_set', msg);
--- a/feeds/wifi-ax/hostapd/src/src/ap/ubus.c
+++ b/feeds/wifi-ax/hostapd/src/src/ap/ubus.c
@@ -1857,6 +1857,13 @@ void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *
 	blob_buf_init(&b, 0);
 	blobmsg_add_macaddr(&b, "address", sta->addr);
 	blobmsg_add_string(&b, "ifname", hapd->conf->iface);
 	if (sta->bandwidth[0] || sta->bandwidth[1]) {
 		void *r = blobmsg_open_array(&b, "rate-limit");
 		blobmsg_add_u32(&b, "", sta->bandwidth[0]);
 		blobmsg_add_u32(&b, "", sta->bandwidth[1]);
 		blobmsg_close_array(&b, r);
 	}
 	ubus_notify(ctx, &hapd->ubus.obj, "sta-authorized", b.head, -1);
 }
--- a/patches/wifi/0005-hostapd-add-wispr-bandwidth-patch.patch
+++ b/patches/wifi/0005-hostapd-add-wispr-bandwidth-patch.patch
@@ -1,20 +1,20 @@
-From ede24c139935619b506d21b43516592c484bcce8 Mon Sep 17 00:00:00 2001
+From 8db2cc7ffd2d8b646439b485766be39da85e7319 Mon Sep 17 00:00:00 2001
 From: John Crispin <john@phrozen.org>
 Date: Tue, 9 Nov 2021 12:49:43 +0100
-Subject: [PATCH 5/8] hostapd: add wispr bandwidth patch
+Subject: [PATCH 01/84] hostapd: add wispr bandwidth patch
 Signed-off-by: John Crispin <john@phrozen.org>
 ---
- .../services/hostapd/patches/750-wispr.patch  | 126 ++++++++++++++++++
+ .../services/hostapd/patches/750-wispr.patch  | 113 ++++++++++++++++++
- 1 file changed, 126 insertions(+)
+ 1 file changed, 113 insertions(+)
 create mode 100644 package/network/services/hostapd/patches/750-wispr.patch
 diff --git a/package/network/services/hostapd/patches/750-wispr.patch b/package/network/services/hostapd/patches/750-wispr.patch
 new file mode 100644
-index 0000000000..f2f4a933d7
+index 0000000000..59537cedeb
 --- /dev/null
 +++ b/package/network/services/hostapd/patches/750-wispr.patch
-@@ -0,0 +1,126 @@
+@@ -0,0 +1,113 @@
 +Index: hostapd-2021-02-20-59e9794c/src/ap/ieee802_1x.c
 +===================================================================
 +--- hostapd-2021-02-20-59e9794c.orig/src/ap/ieee802_1x.c
@@ -128,19 +128,6 @@ index 0000000000..f2f4a933d7
 + int radius_msg_add_mppe_keys(struct radius_msg *msg,
 + 			     const u8 *req_authenticator,
 + 			     const u8 *secret, size_t secret_len,
 +Index: hostapd-2021-02-20-59e9794c/src/ap/sta_info.c
 +===================================================================
 +--- hostapd-2021-02-20-59e9794c.orig/src/ap/sta_info.c
 ++++ hostapd-2021-02-20-59e9794c/src/ap/sta_info.c
 +@@ -1292,7 +1292,7 @@ void ap_sta_set_authorized(struct hostap
 + 			    MAC2STR(sta->addr), MAC2STR(dev_addr));
 + 	else
 + #endif /* CONFIG_P2P */
 +-		os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
 ++		os_snprintf(buf, sizeof(buf), MACSTR " %d %d", MAC2STR(sta->addr), sta->bandwidth[0] / 1000000, sta->bandwidth[1] / 1000000);
 + 
 + 	if (hapd->sta_authorized_cb)
 + 		hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx,
 -- 
-2.25.1
+2.34.1
--- a/patches/wifi/0023-hostapd-add-sta-authorized-notification.patch
+++ b/patches/wifi/0023-hostapd-add-sta-authorized-notification.patch
@@ -0,0 +1,340 @@
 From 89bbcf1b48f13f72396cde59949267b25ebef297 Mon Sep 17 00:00:00 2001
 From: John Crispin <john@phrozen.org>
 Date: Fri, 27 Jan 2023 11:16:46 +0100
 Subject: [PATCH 84/84] hostapd: add sta-authorized notification
 Signed-off-by: John Crispin <john@phrozen.org>
 ---
 .../hostapd/patches/600-ubus_support.patch    | 130 ++++++++++++------
 .../services/hostapd/src/src/ap/ubus.c        |  20 +++
 .../services/hostapd/src/src/ap/ubus.h        |   1 +
 3 files changed, 110 insertions(+), 41 deletions(-)
 diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch
 index 6a0acbb318..bf2dec4f07 100644
 --- a/package/network/services/hostapd/patches/600-ubus_support.patch
 +++ b/package/network/services/hostapd/patches/600-ubus_support.patch
@@ -1,5 +1,7 @@
 ---- a/hostapd/Makefile
 -+++ b/hostapd/Makefile
 +Index: hostapd-2022-01-16-cff80b4f/hostapd/Makefile
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/hostapd/Makefile
 ++++ hostapd-2022-01-16-cff80b4f/hostapd/Makefile
 @@ -166,6 +166,11 @@ OBJS += ../src/common/hw_features_common
  OBJS += ../src/eapol_auth/eapol_auth_sm.o
@@ -12,8 +14,10 @@
  ifdef CONFIG_CODE_COVERAGE
  CFLAGS += -O0 -fprofile-arcs -ftest-coverage
 ---- a/src/ap/hostapd.h
 -+++ b/src/ap/hostapd.h
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/hostapd.h
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/hostapd.h
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/hostapd.h
 @@ -17,6 +17,7 @@
  #include "utils/list.h"
  #include "ap_config.h"
@@ -47,8 +51,10 @@
  void hostapd_interface_deinit(struct hostapd_iface *iface);
  void hostapd_interface_free(struct hostapd_iface *iface);
  struct hostapd_iface * hostapd_alloc_iface(void);
 ---- a/src/ap/hostapd.c
 -+++ b/src/ap/hostapd.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/hostapd.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/hostapd.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/hostapd.c
 @@ -396,6 +396,7 @@ void hostapd_free_hapd_data(struct hosta
  	hapd->beacon_set_done = 0;
@@ -90,8 +96,10 @@
  	hostapd_interface_deinit(iface);
  	wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit",
  		   __func__, driver, drv_priv);
 ---- a/src/ap/ieee802_11.c
 -+++ b/src/ap/ieee802_11.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/ieee802_11.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/ieee802_11.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/ieee802_11.c
 @@ -3553,13 +3553,18 @@ static void handle_auth(struct hostapd_d
  	u16 auth_alg, auth_transaction, status_code;
  	u16 resp = WLAN_STATUS_SUCCESS;
@@ -178,8 +186,10 @@
  	sta = ap_get_sta(hapd, mgmt->sa);
  	if (sta == NULL) {
  		wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR " trying "
 ---- a/src/ap/beacon.c
 -+++ b/src/ap/beacon.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/beacon.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/beacon.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/beacon.c
 @@ -852,6 +852,12 @@ void handle_probe_req(struct hostapd_dat
  	u16 csa_offs[2];
  	size_t csa_offs_len;
@@ -206,8 +216,10 @@
  	/* TODO: verify that supp_rates contains at least one matching rate
  	 * with AP configuration */
 ---- a/src/ap/drv_callbacks.c
 -+++ b/src/ap/drv_callbacks.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/drv_callbacks.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/drv_callbacks.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/drv_callbacks.c
 @@ -145,6 +145,10 @@ int hostapd_notif_assoc(struct hostapd_d
  	u16 reason = WLAN_REASON_UNSPECIFIED;
  	int status = WLAN_STATUS_SUCCESS;
@@ -232,8 +244,10 @@
  #ifdef CONFIG_P2P
  	if (elems.p2p) {
  		wpabuf_free(sta->p2p_ie);
 ---- a/src/ap/sta_info.c
 -+++ b/src/ap/sta_info.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/sta_info.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/sta_info.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/sta_info.c
 @@ -458,6 +458,7 @@ void ap_handle_timer(void *eloop_ctx, vo
  		hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
  			       HOSTAPD_LEVEL_INFO, "deauthenticated due to "
@@ -250,7 +264,15 @@
  		ap_free_sta(hapd, sta);
  		break;
  	}
 -@@ -1329,6 +1331,7 @@ void ap_sta_set_authorized(struct hostap
 +@@ -1319,6 +1321,7 @@ void ap_sta_set_authorized(struct hostap
 + 				    " keyid=%s", keyid);
 + 		}
 + 
 ++		hostapd_ubus_notify_authorized(hapd, sta);
 + 		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s",
 + 			buf, ip_addr, keyid_buf);
 + 
 +@@ -1329,6 +1332,7 @@ void ap_sta_set_authorized(struct hostap
  					  buf, ip_addr, keyid_buf);
  	} else {
  		wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
@@ -258,8 +280,10 @@
  		if (hapd->msg_ctx_parent &&
  		    hapd->msg_ctx_parent != hapd->msg_ctx)
 ---- a/src/ap/wpa_auth_glue.c
 -+++ b/src/ap/wpa_auth_glue.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/wpa_auth_glue.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/wpa_auth_glue.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/wpa_auth_glue.c
 @@ -265,6 +265,7 @@ static void hostapd_wpa_auth_psk_failure
  	struct hostapd_data *hapd = ctx;
  	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_POSSIBLE_PSK_MISMATCH MACSTR,
@@ -268,8 +292,10 @@
  }
 ---- a/wpa_supplicant/Makefile
 -+++ b/wpa_supplicant/Makefile
 +Index: hostapd-2022-01-16-cff80b4f/wpa_supplicant/Makefile
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/wpa_supplicant/Makefile
 ++++ hostapd-2022-01-16-cff80b4f/wpa_supplicant/Makefile
 @@ -176,6 +176,12 @@ ifdef CONFIG_EAPOL_TEST
  CFLAGS += -Werror -DEAPOL_TEST
  endif
@@ -293,8 +319,10 @@
  endif
  CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
 ---- a/wpa_supplicant/wpa_supplicant.c
 -+++ b/wpa_supplicant/wpa_supplicant.c
 +Index: hostapd-2022-01-16-cff80b4f/wpa_supplicant/wpa_supplicant.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/wpa_supplicant/wpa_supplicant.c
 ++++ hostapd-2022-01-16-cff80b4f/wpa_supplicant/wpa_supplicant.c
 @@ -7241,6 +7241,8 @@ struct wpa_supplicant * wpa_supplicant_a
  	}
  #endif /* CONFIG_P2P */
@@ -326,8 +354,10 @@
  	return 0;
  }
 ---- a/wpa_supplicant/wpa_supplicant_i.h
 -+++ b/wpa_supplicant/wpa_supplicant_i.h
 +Index: hostapd-2022-01-16-cff80b4f/wpa_supplicant/wpa_supplicant_i.h
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/wpa_supplicant/wpa_supplicant_i.h
 ++++ hostapd-2022-01-16-cff80b4f/wpa_supplicant/wpa_supplicant_i.h
 @@ -19,6 +19,7 @@
  #include "wps/wps_defs.h"
  #include "config_ssid.h"
@@ -353,8 +383,10 @@
  #ifdef CONFIG_MATCH_IFACE
  	int matched;
  #endif /* CONFIG_MATCH_IFACE */
 ---- a/wpa_supplicant/wps_supplicant.c
 -+++ b/wpa_supplicant/wps_supplicant.c
 +Index: hostapd-2022-01-16-cff80b4f/wpa_supplicant/wps_supplicant.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/wpa_supplicant/wps_supplicant.c
 ++++ hostapd-2022-01-16-cff80b4f/wpa_supplicant/wps_supplicant.c
 @@ -33,6 +33,7 @@
  #include "p2p/p2p.h"
  #include "p2p_supplicant.h"
@@ -372,8 +404,10 @@
  	if (wpa_s->conf->wps_cred_processing == 1)
  		return 0;
 ---- a/hostapd/main.c
 -+++ b/hostapd/main.c
 +Index: hostapd-2022-01-16-cff80b4f/hostapd/main.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/hostapd/main.c
 ++++ hostapd-2022-01-16-cff80b4f/hostapd/main.c
 @@ -895,6 +895,7 @@ int main(int argc, char *argv[])
  	}
@@ -390,8 +424,10 @@
  	hostapd_global_ctrl_iface_deinit(&interfaces);
  	/* Deinitialize all interfaces */
  	for (i = 0; i < interfaces.count; i++) {
 ---- a/wpa_supplicant/main.c
 -+++ b/wpa_supplicant/main.c
 +Index: hostapd-2022-01-16-cff80b4f/wpa_supplicant/main.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/wpa_supplicant/main.c
 ++++ hostapd-2022-01-16-cff80b4f/wpa_supplicant/main.c
 @@ -203,7 +203,7 @@ int main(int argc, char *argv[])
  	for (;;) {
@@ -411,8 +447,10 @@
  		case 'o':
  			params.override_driver = optarg;
  			break;
 ---- a/src/ap/rrm.c
 -+++ b/src/ap/rrm.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/rrm.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/rrm.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/rrm.c
 @@ -89,6 +89,9 @@ static void hostapd_handle_beacon_report
  		return;
  	wpa_msg(hapd->msg_ctx, MSG_INFO, BEACON_RESP_RX MACSTR " %u %02x %s",
@@ -423,8 +461,10 @@
  }
 ---- a/src/ap/vlan_init.c
 -+++ b/src/ap/vlan_init.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/vlan_init.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/vlan_init.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/vlan_init.c
 @@ -22,6 +22,7 @@
  static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
  		       int existsok)
@@ -461,8 +501,10 @@
  	return hostapd_vlan_if_remove(hapd, vlan->ifname);
  }
 ---- a/src/ap/dfs.c
 -+++ b/src/ap/dfs.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/dfs.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/dfs.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/dfs.c
 @@ -1196,6 +1196,8 @@ int hostapd_dfs_radar_detected(struct ho
  		"freq=%d ht_enabled=%d chan_offset=%d chan_width=%d cf1=%d cf2=%d",
  		freq, ht_enabled, chan_offset, chan_width, cf1, cf2);
@@ -472,8 +514,10 @@
  	/* Proceed only if DFS is not offloaded to the driver */
  	if (iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)
  		return 0;
 ---- a/src/ap/airtime_policy.c
 -+++ b/src/ap/airtime_policy.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/airtime_policy.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/airtime_policy.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/airtime_policy.c
 @@ -112,8 +112,14 @@ static void set_sta_weights(struct hosta
  {
  	struct sta_info *sta;
@@ -503,8 +547,10 @@
  		if (weight)
  			return sta_set_airtime_weight(hapd, sta, weight);
  	}
 ---- a/src/ap/sta_info.h
 -+++ b/src/ap/sta_info.h
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/sta_info.h
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/sta_info.h
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/sta_info.h
 @@ -324,6 +324,7 @@ struct sta_info {
  #endif /* CONFIG_TESTING_OPTIONS */
  #ifdef CONFIG_AIRTIME_POLICY
@@ -513,8 +559,10 @@
  	struct os_reltime backlogged_until;
  #endif /* CONFIG_AIRTIME_POLICY */
 ---- a/src/ap/wnm_ap.c
 -+++ b/src/ap/wnm_ap.c
 +Index: hostapd-2022-01-16-cff80b4f/src/ap/wnm_ap.c
 +===================================================================
 +--- hostapd-2022-01-16-cff80b4f.orig/src/ap/wnm_ap.c
 ++++ hostapd-2022-01-16-cff80b4f/src/ap/wnm_ap.c
 @@ -442,7 +442,8 @@ static void ieee802_11_rx_bss_trans_mgmt
  	wpa_hexdump(MSG_DEBUG, "WNM: BSS Transition Candidate List Entries",
  		    pos, end - pos);
 diff --git a/package/network/services/hostapd/src/src/ap/ubus.c b/package/network/services/hostapd/src/src/ap/ubus.c
 index fdc2a3fd26..441f23226c 100644
 --- a/package/network/services/hostapd/src/src/ap/ubus.c
 +++ b/package/network/services/hostapd/src/src/ap/ubus.c
@@ -1843,10 +1843,30 @@ void hostapd_ubus_notify(struct hostapd_data *hapd, const char *type, const u8 *
 	blob_buf_init(&b, 0);
 	blobmsg_add_macaddr(&b, "address", addr);
 +	blobmsg_add_string(&b, "ifname", hapd->conf->iface);
 	ubus_notify(ctx, &hapd->ubus.obj, type, b.head, -1);
 }
 +void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta)
 +{
 +	if (!hapd->ubus.obj.has_subscribers)
 +		return;
 +
 +	blob_buf_init(&b, 0);
 +	blobmsg_add_macaddr(&b, "address", sta->addr);
 +	blobmsg_add_string(&b, "ifname", hapd->conf->iface);
 +	if (sta->bandwidth[0] || sta->bandwidth[1]) {
 +		void *r = blobmsg_open_array(&b, "rate-limit");
 +
 +		blobmsg_add_u32(&b, "", sta->bandwidth[0]);
 +		blobmsg_add_u32(&b, "", sta->bandwidth[1]);
 +		blobmsg_close_array(&b, r);
 +	}
 +
 +	ubus_notify(ctx, &hapd->ubus.obj, "sta-authorized", b.head, -1);
 +}
 +
 void hostapd_ubus_notify_beacon_report(
 	struct hostapd_data *hapd, const u8 *addr, u8 token, u8 rep_mode,
 	struct rrm_measurement_beacon_report *rep, size_t len)
 diff --git a/package/network/services/hostapd/src/src/ap/ubus.h b/package/network/services/hostapd/src/src/ap/ubus.h
 index f1bc093e57..b3d6e93844 100644
 --- a/package/network/services/hostapd/src/src/ap/ubus.h
 +++ b/package/network/services/hostapd/src/src/ap/ubus.h
@@ -54,6 +54,7 @@ void hostapd_ubus_notify_beacon_report(struct hostapd_data *hapd,
 				       size_t len);
 void hostapd_ubus_notify_radar_detected(struct hostapd_iface *iface, int frequency,
 					int chan_width, int cf1, int cf2);
 +void hostapd_ubus_notify_authorized(struct hostapd_data *hapd, struct sta_info *sta);
 void hostapd_ubus_notify_bss_transition_response(
 	struct hostapd_data *hapd, const u8 *addr, u8 dialog_token, u8 status_code,
 -- 
 2.34.1