package/network/services/hostapd/files/wpa_supplicant.sh

   1 wpa_supplicant_setup_vif() {
   2         local vif="$1"
   3         local driver="$2"
   4         local key="$key"
   5         local options="$3"
   6         local freq=""
   7         local ht="$5"
   8         local ap_scan=""
   9         local scan_ssid="1"
  10         [ -n "$4" ] && freq="frequency=$4"
  11
  12         config_get enc "$vif" encryption
  13         config_get key "$vif" key
  14
  15         local net_cfg bridge
  16         config_get bridge "$vif" bridge
  17         [ -z "$bridge" ] && {
  18                 net_cfg="$(find_net_config "$vif")"
  19                 [ -z "$net_cfg" ] || bridge="$(bridge_interface "$net_cfg")"
  20                 config_set "$vif" bridge "$bridge"
  21         }
  22
  23         local mode ifname wds modestr=""
  24         config_get mode "$vif" mode
  25         config_get ifname "$vif" ifname
  26         config_get_bool wds "$vif" wds 0
  27         [ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || {
  28                 echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface"
  29                 return 1
  30         }
  31         [ "$mode" = "adhoc" ] && {
  32                 modestr="mode=1"
  33                 scan_ssid="0"
  34                 ap_scan="ap_scan=2"
  35         }
  36
  37         key_mgmt='NONE'
  38         case "$enc" in
  39                 *none*) ;;
  40                 *wep*)
  41                         config_get key "$vif" key
  42                         key="${key:-1}"
  43                         case "$key" in
  44                                 [1234])
  45                                         for idx in 1 2 3 4; do
  46                                                 local zidx
  47                                                 zidx=$(($idx - 1))
  48                                                 config_get ckey "$vif" "key${idx}"
  49                                                 [ -n "$ckey" ] && \
  50                                                         append "wep_key${zidx}" "wep_key${zidx}=$(prepare_key_wep "$ckey")"
  51                                         done
  52                                         wep_tx_keyidx="wep_tx_keyidx=$((key - 1))"
  53                                 ;;
  54                                 *)
  55                                         wep_key0="wep_key0=$(prepare_key_wep "$key")"
  56                                         wep_tx_keyidx="wep_tx_keyidx=0"
  57                                 ;;
  58                         esac
  59                 ;;
  60                 *psk*)
  61                         key_mgmt='WPA-PSK'
  62                         # if you want to use PSK with a non-nl80211 driver you
  63                         # have to use WPA-NONE and wext driver for wpa_s
  64                         [ "$mode" = "adhoc" -a "$driver" != "nl80211" ] && {
  65                                 key_mgmt='WPA-NONE'
  66                                 driver='wext'
  67                         }
  68                         if [ ${#key} -eq 64 ]; then
  69                                 passphrase="psk=${key}"
  70                         else
  71                                 passphrase="psk=\"${key}\""
  72                         fi
  73                         case "$enc" in
  74                                 *psk2*)
  75                                         proto='proto=RSN'
  76                                         config_get ieee80211w "$vif" ieee80211w
  77                                 ;;
  78                                 *psk*)
  79                                         proto='proto=WPA'
  80                                 ;;
  81                         esac
  82                 ;;
  83                 *wpa*|*8021x*)
  84                         proto='proto=WPA2'
  85                         key_mgmt='WPA-EAP'
  86                         config_get ieee80211w "$vif" ieee80211w
  87                         config_get ca_cert "$vif" ca_cert
  88                         config_get eap_type "$vif" eap_type
  89                         ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""}
  90                         case "$eap_type" in
  91                                 tls)
  92                                         pairwise='pairwise=CCMP'
  93                                         group='group=CCMP'
  94                                         config_get identity "$vif" identity
  95                                         config_get client_cert "$vif" client_cert
  96                                         config_get priv_key "$vif" priv_key
  97                                         config_get priv_key_pwd "$vif" priv_key_pwd
  98                                         identity="identity=\"$identity\""
  99                                         client_cert="client_cert=\"$client_cert\""
 100                                         priv_key="private_key=\"$priv_key\""
 101                                         priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
 102                                 ;;
 103                                 peap|ttls)
 104                                         config_get auth "$vif" auth
 105                                         config_get identity "$vif" identity
 106                                         config_get password "$vif" password
 107                                         phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
 108                                         identity="identity=\"$identity\""
 109                                         password="${password:+password=\"$password\"}"
 110                                 ;;
 111                         esac
 112                         eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')"
 113                 ;;
 114         esac
 115
 116         case "$ieee80211w" in
 117                 [012])
 118                         ieee80211w="ieee80211w=$ieee80211w"
 119                 ;;
 120         esac
 121
 122         local fixed_freq bssid1 beacon_interval brates mrate
 123         config_get ifname "$vif" ifname
 124         config_get bridge "$vif" bridge
 125         config_get ssid "$vif" ssid
 126         config_get bssid "$vif" bssid
 127         bssid1=${bssid:+"bssid=$bssid"}
 128         beacon_interval=${beacon_int:+"beacon_interval=$beacon_int"}
 129
 130         local br brval brsub brstr
 131         [ -n "$basic_rate_list" ] && {
 132                 for br in $basic_rate_list; do
 133                         brval="$(($br / 1000))"
 134                         brsub="$((($br / 100) % 10))"
 135                         [ "$brsub" -gt 0 ] && brval="$brval.$brsub"
 136                         [ -n "$brstr" ] && brstr="$brstr,"
 137                         brstr="$brstr$brval"
 138                 done
 139                 brates=${basic_rate_list:+"rates=$brstr"}
 140         }
 141
 142         local mcval=""
 143         [ -n "$mcast_rate" ] && {
 144                 mcval="$(($mcast_rate / 1000))"
 145                 mcsub="$(( ($mcast_rate / 100) % 10 ))"
 146                 [ "$mcsub" -gt 0 ] && mcval="$mcval.$mcsub"
 147                 mrate=${mcast_rate:+"mcast_rate=$mcval"}
 148         }
 149
 150         local ht_str
 151         [ -n "$ht" ] && ht_str="htmode=$ht"
 152
 153         rm -rf /var/run/wpa_supplicant-$ifname
 154         cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
 155 ctrl_interface=/var/run/wpa_supplicant-$ifname
 156 $ap_scan
 157 network={
 158         $modestr
 159         scan_ssid=$scan_ssid
 160         ssid="$ssid"
 161         $bssid1
 162         key_mgmt=$key_mgmt
 163         $proto
 164         $freq
 165         ${fixed:+"fixed_freq=1"}
 166         $beacon_interval
 167         $brates
 168         $mrate
 169         $ht_str
 170         $ieee80211w
 171         $passphrase
 172         $pairwise
 173         $group
 174         $eap_type
 175         $ca_cert
 176         $client_cert
 177         $priv_key
 178         $priv_key_pwd
 179         $phase2
 180         $identity
 181         $password
 182         $wep_key0
 183         $wep_key1
 184         $wep_key2
 185         $wep_key3
 186         $wep_tx_keyidx
 187 }
 188 EOF
 189         if [ -n "$proto" -o "$key_mgmt" == "NONE" ]; then
 190                 wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options
 191         else
 192                 return 0
 193         fi
 194 }