hostapd/RADIUS_server: enhance logging

Currently, logging level of the RADIUS server is a constant corresponding
to the highest verbosity (EXCESSIVE, ALL), but when running as a system
service, the output is discarded.

This commit makes logging verbosity configurable by `log_level` option
and redirects all logs to `logd`. Possible levels are defined in hostap
sources:
https://w1.fi/cgit/hostap/tree/src/utils/wpa_debug.h?id=012a893c469157d5734f6f33953497ea6e3b0169#n23
Their reference is inlined in `radius.config` file.

Default value for logging verbosity is INFO (even if the `-l` flag isn't
specified).

Signed-off-by: Dávid Benko <[email protected]>
Link: https://github.com/openwrt/openwrt/pull/18089
Signed-off-by: Robert Marko <[email protected]>

package/network/services/hostapd/files/radius.config

@@ -1,6 +1,17 @@
 config radius
 	option disabled '1'
 	option ipv6 '1'
+
+	# Logging levels:
+	#   0: ALL
+	#   1: MSGDUMP
+	#   2: DEBUG
+	#   3: INFO
+	#   4: WARNING
+	#   5: ERROR
+	# Default: INFO
+	option log_level '3'
+
 	option ca_cert '/etc/radius/ca.pem'
 	option cert '/etc/radius/cert.pem'
 	option key '/etc/radius/key.pem'

package/network/services/hostapd/files/radius.init

@@ -13,6 +13,7 @@ radius_start() {
 	[ "$disabled" -gt 0 ] && return
 
 	config_get_bool ipv6 "$cfg" ipv6 1
+	config_get log_level "$cfg" log_level 3
 	config_get ca "$cfg" ca_cert
 	config_get key "$cfg" key
 	config_get cert "$cfg" cert
@@ -24,12 +25,14 @@ radius_start() {
 
 	procd_open_instance $cfg
 	procd_set_param command /usr/sbin/hostapd-radius \
-		-C "$ca" \
+		-l "$log_level" -C "$ca" \
 		-c "$cert" -k "$key" \
 		-s "$clients" -u "$users" \
 		-p "$auth_port" -P "$acct_port" \
 		-i "$identity"
 	[ "$ipv6" -gt 0 ] && procd_append_param command -6
+	procd_set_param stdout 1
+	procd_set_param stderr 1
 	procd_close_instance
 }
 

package/network/services/hostapd/src/hostapd/radius.c

@@ -624,7 +624,6 @@ int radius_main(int argc, char **argv)
 	int ch;
 
 	wpa_debug_setup_stdout();
-	wpa_debug_level = 0;
 
 	if (eloop_init()) {
 		wpa_printf(MSG_ERROR, "Failed to initialize event loop");
@@ -634,11 +633,14 @@ int radius_main(int argc, char **argv)
 	eap_server_register_methods();
 	radius_init(&state);
 
-	while ((ch = getopt(argc, argv, "6C:c:d:i:k:K:p:P:s:u:")) != -1) {
+	while ((ch = getopt(argc, argv, "6l:C:c:d:i:k:K:p:P:s:u:")) != -1) {
 		switch (ch) {
 		case '6':
 			config.radius.ipv6 = 1;
 			break;
+		case 'l':
+			wpa_debug_level = atoi(optarg);
+			break;
 		case 'C':
 			config.tls.ca_cert = optarg;
 			break;