hostapd: Fix configuration of multiple RADIUS servers with SET

The current RADIUS server pointer was updated after each SET command which broke parsing of multiple RADIUS servers over the control interface. Fix this by doing the final RADIUS server pointer updates only once the full configuration is available. Signed-off-by: Jouni Malinen <j@w1.fi>
greearb · May 30, 2014 · 5d67bf1 · 5d67bf1
1 parent 6a188ba
commit 5d67bf1
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 7 deletions.
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
@@ -3238,7 +3238,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
 	fclose(f);
 
 	for (i = 0; i < conf->num_bss; i++)
-		hostapd_set_security_params(conf->bss[i]);
+		hostapd_set_security_params(conf->bss[i], 1);
 
 	if (hostapd_config_check(conf, 1))
 		errors++;
@@ -3270,7 +3270,7 @@ int hostapd_set_iface(struct hostapd_config *conf,
 	}
 
 	for (i = 0; i < conf->num_bss; i++)
-		hostapd_set_security_params(conf->bss[i]);
+		hostapd_set_security_params(conf->bss[i], 0);
 
 	if (hostapd_config_check(conf, 0)) {
 		wpa_printf(MSG_ERROR, "Configuration check failed");

diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
@@ -859,7 +859,8 @@ int hostapd_config_check(struct hostapd_config *conf, int full_config)
 }
 
 
-void hostapd_set_security_params(struct hostapd_bss_config *bss)
+void hostapd_set_security_params(struct hostapd_bss_config *bss,
+				 int full_config)
 {
 	if (bss->individual_wep_key_len == 0) {
 		/* individual keys are not use; can use key idx0 for
@@ -872,8 +873,10 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss)
 	bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
 						    bss->rsn_pairwise);
 
-	bss->radius->auth_server = bss->radius->auth_servers;
-	bss->radius->acct_server = bss->radius->acct_servers;
+	if (full_config) {
+		bss->radius->auth_server = bss->radius->auth_servers;
+		bss->radius->acct_server = bss->radius->acct_servers;
+	}
 
 	if (bss->wpa && bss->ieee802_1x) {
 		bss->ssid.security_policy = SECURITY_WPA;

diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
@@ -621,6 +621,7 @@ const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan,
 struct hostapd_radius_attr *
 hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type);
 int hostapd_config_check(struct hostapd_config *conf, int full_config);
-void hostapd_set_security_params(struct hostapd_bss_config *bss);
+void hostapd_set_security_params(struct hostapd_bss_config *bss,
+				 int full_config);
 
 #endif /* HOSTAPD_CONFIG_H */
diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
@@ -1630,6 +1630,8 @@ static void hostapd_deinit_driver(const struct wpa_driver_ops *driver,
 
 int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
 {
+	size_t j;
+
 	if (hapd_iface->bss[0]->drv_priv != NULL) {
 		wpa_printf(MSG_ERROR, "Interface %s already enabled",
 			   hapd_iface->conf->bss[0]->iface);
@@ -1639,6 +1641,8 @@ int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
 	wpa_printf(MSG_DEBUG, "Enable interface %s",
 		   hapd_iface->conf->bss[0]->iface);
 
+	for (j = 0; j < hapd_iface->num_bss; j++)
+		hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
 	if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
 		wpa_printf(MSG_INFO, "Invalid configuration - cannot enable");
 		return -1;
@@ -1667,7 +1671,7 @@ int hostapd_reload_iface(struct hostapd_iface *hapd_iface)
 	wpa_printf(MSG_DEBUG, "Reload interface %s",
 		   hapd_iface->conf->bss[0]->iface);
 	for (j = 0; j < hapd_iface->num_bss; j++)
-		hostapd_set_security_params(hapd_iface->conf->bss[j]);
+		hostapd_set_security_params(hapd_iface->conf->bss[j], 1);
 	if (hostapd_config_check(hapd_iface->conf, 1) < 0) {
 		wpa_printf(MSG_ERROR, "Updated configuration is invalid");
 		return -1;