hostapd: Code for secondary RADIUS

Signed-off-by: Ravi Vaishnav <ravi.vaishnav@netexperience.com>
2025-10-30 01:52:51 +00:00 · 2023-01-25 14:00:31 -05:00
parent f5604d42f6
commit cacb8a23dd
2 changed files with 122 additions and 0 deletions
--- a/feeds/wifi-ax/hostapd/files/hostapd.sh
+++ b/feeds/wifi-ax/hostapd/files/hostapd.sh
@@ -291,8 +291,17 @@ hostapd_common_add_bss_config() {
 	config_add_string acct_server
 	config_add_string acct_secret
 	config_add_int acct_port
+
+	config_add_string acct_server_secondary
+	config_add_string acct_secret_secondary
+	config_add_int acct_port_secondary
+
 	config_add_int acct_interval

+	config_add_string auth_server_secondary
+	config_add_string auth_secret_secondary
+	config_add_int auth_port_secondary
+
 	config_add_int bss_load_update_period chan_util_avg_period

 	config_add_string dae_client
@@ -551,6 +560,7 @@ append_radius_server() {

 	json_get_vars \
 		auth_server auth_secret auth_port \
+		auth_server_secondary auth_secret_secondary auth_port_secondary \
 		dae_client dae_secret dae_port \
 		dynamic_ownip ownip radius_client_addr \
 		eap_reauth_period request_cui \
@@ -589,6 +599,7 @@ append_radius_server() {
 	}

 	set_default auth_port 1812
+	set_default auth_port_secondary 1812
 	set_default dae_port 3799
 	set_default request_cui 0

@@ -598,6 +609,13 @@ append_radius_server() {
 		append bss_conf "auth_server_shared_secret=$auth_secret" "$N"
 	}

+	[ -n "$auth_server_secondary" ] && {
+		append bss_conf "auth_server_addr=$auth_server_secondary" "$N"
+		append bss_conf "auth_server_port=$auth_port_secondary" "$N"
+		[ -n "$auth_secret_secondary" ] && \
+			append bss_conf "auth_server_shared_secret=$auth_secret_secondary" "$N"
+	}
+
 	[ "$request_cui" -gt 0 ] && append bss_conf "radius_request_cui=$request_cui" "$N"
 	[ -n "$eap_reauth_period" ] && append bss_conf "eap_reauth_period=$eap_reauth_period" "$N"

@@ -636,6 +654,7 @@ hostapd_set_bss_options() {
 		macfilter ssid utf8_ssid wmm uapsd hidden short_preamble rsn_preauth \
 		iapp_interface eapol_version dynamic_vlan ieee80211w nasid \
 		acct_server acct_secret acct_port acct_interval \
+		acct_server_secondary acct_secret_secondary acct_port_secondary \
 		bss_load_update_period chan_util_avg_period sae_require_mfp sae_pwe \
 		multi_ap multi_ap_backhaul_ssid multi_ap_backhaul_key skip_inactivity_poll \
 		airtime_bss_weight airtime_bss_limit airtime_sta_weight \
@@ -657,6 +676,7 @@ hostapd_set_bss_options() {
 	set_default tdls_prohibit 0
 	set_default eapol_version $((wpa & 1))
 	set_default acct_port 1813
+	set_default acct_port_secondary 1813
 	set_default bss_load_update_period 60
 	set_default chan_util_avg_period 600
 	set_default utf8_ssid 1
@@ -718,6 +738,13 @@ hostapd_set_bss_options() {
 		json_for_each_item append_radius_acct_req_attr radius_acct_req_attr
 	}

+	[ -n "$acct_server_secondary" ] && {
+		append bss_conf "acct_server_addr=$acct_server_secondary" "$N"
+		append bss_conf "acct_server_port=$acct_port_secondary" "$N"
+		[ -n "$acct_secret_secondary" ] && \
+			append bss_conf "acct_server_shared_secret=$acct_secret_secondary" "$N"
+	}
+
 	case "$auth_type" in
 		sae|owe|eap192|eap256)
 			set_default ieee80211w 2
--- a/patches/wifi/0023-hostapd-WiFi-5-Code-for-secondary-RADIUS.patch
+++ b/patches/wifi/0023-hostapd-WiFi-5-Code-for-secondary-RADIUS.patch
@@ -0,0 +1,95 @@
+From 3e703bb9415b4a047ca36a984f7ec4f484bb2368 Mon Sep 17 00:00:00 2001
+From: Ravi Vaishnav <ravi.vaishnav@netexperience.com>
+Date: Wed, 25 Jan 2023 13:56:36 -0500
+Subject: [PATCH] hostapd: WiFi-5: Code for secondary RADIUS
+
+Signed-off-by: Ravi Vaishnav <ravi.vaishnav@netexperience.com>
+---
+ .../network/services/hostapd/files/hostapd.sh | 27 +++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
+index fa0dbfb754..68dbd374ff 100644
+--- a/package/network/services/hostapd/files/hostapd.sh
+++ b/package/network/services/hostapd/files/hostapd.sh
+@@ -291,8 +291,17 @@ hostapd_common_add_bss_config() {
+ 	config_add_string acct_server
+ 	config_add_string acct_secret
+ 	config_add_int acct_port
+
+	config_add_string acct_server_secondary
+	config_add_string acct_secret_secondary
+	config_add_int acct_port_secondary
+
+ 	config_add_int acct_interval
+ 
+	config_add_string auth_server_secondary
+	config_add_string auth_secret_secondary
+	config_add_int auth_port_secondary
+
+ 	config_add_int bss_load_update_period chan_util_avg_period
+ 
+ 	config_add_string dae_client
+@@ -551,6 +560,7 @@ append_radius_server() {
+ 
+ 	json_get_vars \
+ 		auth_server auth_secret auth_port \
+		auth_server_secondary auth_secret_secondary auth_port_secondary \
+ 		dae_client dae_secret dae_port \
+ 		ownip radius_client_addr \
+ 		eap_reauth_period request_cui \
+@@ -587,6 +597,7 @@ append_radius_server() {
+ 	}
+ 
+ 	set_default auth_port 1812
+	set_default auth_port_secondary 1812
+ 	set_default dae_port 3799
+ 	set_default request_cui 0
+ 
+@@ -596,6 +607,13 @@ append_radius_server() {
+ 		append bss_conf "auth_server_shared_secret=$auth_secret" "$N"
+ 	}
+ 
+	[ -n "$auth_server_secondary" ] && {
+		append bss_conf "auth_server_addr=$auth_server_secondary" "$N"
+		append bss_conf "auth_server_port=$auth_port_secondary" "$N"
+		[ -n "$auth_secret_secondary" ] && \
+			append bss_conf "auth_server_shared_secret=$auth_secret_secondary" "$N"
+	}
+
+ 	[ "$request_cui" -gt 0 ] && append bss_conf "radius_request_cui=$request_cui" "$N"
+ 	[ -n "$eap_reauth_period" ] && append bss_conf "eap_reauth_period=$eap_reauth_period" "$N"
+ 
+@@ -629,6 +647,7 @@ hostapd_set_bss_options() {
+ 		macfilter ssid utf8_ssid wmm uapsd hidden short_preamble rsn_preauth \
+ 		iapp_interface eapol_version dynamic_vlan ieee80211w nasid \
+ 		acct_server acct_secret acct_port acct_interval \
+		acct_server_secondary acct_secret_secondary acct_port_secondary \
+ 		bss_load_update_period chan_util_avg_period sae_require_mfp sae_pwe \
+ 		multi_ap multi_ap_backhaul_ssid multi_ap_backhaul_key skip_inactivity_poll \
+ 		airtime_bss_weight airtime_bss_limit airtime_sta_weight \
+@@ -650,6 +669,7 @@ hostapd_set_bss_options() {
+ 	set_default tdls_prohibit 0
+ 	set_default eapol_version $((wpa & 1))
+ 	set_default acct_port 1813
+	set_default acct_port_secondary 1813
+ 	set_default bss_load_update_period 60
+ 	set_default chan_util_avg_period 600
+ 	set_default utf8_ssid 1
+@@ -709,6 +729,13 @@ hostapd_set_bss_options() {
+ 		json_for_each_item append_radius_acct_req_attr radius_acct_req_attr
+ 	}
+ 
+	[ -n "$acct_server_secondary" ] && {
+		append bss_conf "acct_server_addr=$acct_server_secondary" "$N"
+		append bss_conf "acct_server_port=$acct_port_secondary" "$N"
+		[ -n "$acct_secret_secondary" ] && \
+			append bss_conf "acct_server_shared_secret=$acct_secret_secondary" "$N"
+	}
+
+ 	case "$auth_type" in
+ 		sae|owe|eap192|eap256)
+ 			set_default ieee80211w 2
+-- 
+2.25.1
+