[0/1] Add FQDN support for auth and acct server addresses

Message ID	20211203111841.3631616-1-magnusmalm@gmail.com
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Magnus Malm <magnusmalm@gmail.com> To: hostap@lists.infradead.org Cc: Magnus Malm <magnusmalm@gmail.com> Subject: [PATCH 0/1] Add FQDN support for auth and acct server addresses Date: Fri, 3 Dec 2021 12:18:40 +0100 Message-Id: <20211203111841.3631616-1-magnusmalm@gmail.com> MIME-Version: 1.0 preview: This is an RFC patch to add support for configuring RADIUS server address using Fully Qualified Domain Names (FQDN). The patch in current form implements this support. The drawback is that resolving i [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:129 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [magnusmalm[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	Add FQDN support for auth and acct server addresses \| expand [0/1] Add FQDN support for auth and acct server addresses [1/1] Add FQDN support for auth and acct server addresses

Message ID

20211203111841.3631616-1-magnusmalm@gmail.com

Headers

From: Magnus Malm <magnusmalm@gmail.com>
To: hostap@lists.infradead.org
Cc: Magnus Malm <magnusmalm@gmail.com>
Subject: [PATCH 0/1] Add FQDN support for auth and acct server addresses
Date: Fri,  3 Dec 2021 12:18:40 +0100
Message-Id: <20211203111841.3631616-1-magnusmalm@gmail.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

Add FQDN support for auth and acct server addresses | expand

Message

Magnus Malm Dec. 3, 2021, 11:18 a.m. UTC

This is an RFC patch to add support for configuring RADIUS server address using Fully Qualified
Domain Names (FQDN). The patch in current form implements this support. The drawback is that
resolving is done in a syncronous manner. That is, the entire hostapd process locks up for the
duration of resolving.

One way to solve this would be to use, for instance, c-ares[1].

Besides the syncronous nature of resolving, which at first glance seems rather straight forward to
fix, this patch unfortunately breaks failover in the case a primary RADIUS server address is
configured to a FQDN that fails to resolve at startup.

I cannot for the life of me grok the code enough to realize why this is. hostapd simply never try
the secondary configured address.

Any and all comments, suggestions, and help is deeply appreciated.

Kind regards,
Magnus Malm

[1]: https://c-ares.org/

Magnus Malm (1):
  Add FQDN support for auth and acct server addresses

 hostapd/config_file.c      | 31 ++++++++++++++-
 src/radius/radius_client.c | 13 ++++++-
 src/radius/radius_client.h |  3 ++
 src/utils/ip_addr.c        | 77 ++++++++++++++++++++++++++++++++++++++
 src/utils/ip_addr.h        |  1 +
 5 files changed, 123 insertions(+), 2 deletions(-)