package/hostapd/files/wpa_supplicant.sh

   1 wpa_supplicant_setup_vif() {
   2         local vif="$1"
   3         local driver="$2"
   4         local key="$key"
   5         local options="$3"
   6         local freq
   7         [ -n "$4" ] && freq="frequency=$4"
   8
   9         # wpa_supplicant should use wext for mac80211 cards
  10         [ "$driver" = "mac80211" ] && driver='wext'
  11
  12         # make sure we have the encryption type and the psk
  13         [ -n "$enc" ] || {
  14                 config_get enc "$vif" encryption
  15         }
  16         [ -n "$key" ] || {
  17                 config_get key "$vif" key
  18         }
  19
  20         local net_cfg bridge
  21         config_get bridge "$vif" bridge
  22         [ -z "$bridge" ] && {
  23                 net_cfg="$(find_net_config "$vif")"
  24                 [ -z "$net_cfg" ] || bridge="$(bridge_interface "$net_cfg")"
  25                 config_set "$vif" bridge "$bridge"
  26         }
  27
  28         local mode ifname wds
  29         config_get mode "$vif" mode
  30         config_get ifname "$vif" ifname
  31         config_get_bool wds "$vif" wds 0
  32         [ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || {
  33                 echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface"
  34                 return 1
  35         }
  36
  37         case "$enc" in
  38                 *none*)
  39                         key_mgmt='NONE'
  40                 ;;
  41                 *wep*)
  42                         key_mgmt='NONE'
  43                         config_get key "$vif" key
  44                         key="${key:-1}"
  45                         case "$key" in
  46                                 [1234])
  47                                         for idx in 1 2 3 4; do
  48                                                 local zidx
  49                                                 zidx=$(($idx - 1))
  50                                                 config_get ckey "$vif" "key${idx}"
  51                                                 [ -n "$ckey" ] && \
  52                                                         append "wep_key${zidx}" "wep_key${zidx}=$(prepare_key_wep "$ckey")"
  53                                         done
  54                                         wep_tx_keyidx="wep_tx_keyidx=$((key - 1))"
  55                                 ;;
  56                                 *)
  57                                         wep_key0="wep_key0=$(prepare_key_wep "$key")"
  58                                         wep_tx_keyidx="wep_tx_keyidx=0"
  59                                 ;;
  60                         esac
  61                 ;;
  62                 *psk*)
  63                         key_mgmt='WPA-PSK'
  64                         [ "$mode" = "adhoc" -a "$driver" != "nl80211" ] && key_mgmt='WPA-NONE'
  65                         config_get_bool usepassphrase "$vif" usepassphrase 1
  66                         if [ "$usepassphrase" = "1" ]; then
  67                                 passphrase="psk=\"${key}\""
  68                         else
  69                                 passphrase="psk=${key}"
  70                         fi
  71                         case "$enc" in
  72                                 *psk2*)
  73                                         proto='proto=RSN'
  74                                         config_get ieee80211w "$vif" ieee80211w
  75                                 ;;
  76                                 *psk*)
  77                                         proto='proto=WPA'
  78                                 ;;
  79                         esac
  80                 ;;
  81                 *wpa*|*8021x*)
  82                         proto='proto=WPA2'
  83                         key_mgmt='WPA-EAP'
  84                         config_get ieee80211w "$vif" ieee80211w
  85                         config_get ca_cert "$vif" ca_cert
  86                         config_get eap_type "$vif" eap_type
  87                         ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""}
  88                         case "$eap_type" in
  89                                 tls)
  90                                         pairwise='pairwise=CCMP'
  91                                         group='group=CCMP'
  92                                         config_get identity "$vif" identity
  93                                         config_get client_cert "$vif" client_cert
  94                                         config_get priv_key "$vif" priv_key
  95                                         config_get priv_key_pwd "$vif" priv_key_pwd
  96                                         identity="identity=\"$identity\""
  97                                         client_cert="client_cert=\"$client_cert\""
  98                                         priv_key="private_key=\"$priv_key\""
  99                                         priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
 100                                 ;;
 101                                 peap|ttls)
 102                                         config_get auth "$vif" auth
 103                                         config_get identity "$vif" identity
 104                                         config_get password "$vif" password
 105                                         phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
 106                                         identity="identity=\"$identity\""
 107                                         password="password=\"$password\""
 108                                 ;;
 109                         esac
 110                         eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')"
 111                 ;;
 112         esac
 113
 114         case "$ieee80211w" in
 115                 [012])
 116                         ieee80211w="ieee80211w=$ieee80211w"
 117                 ;;
 118         esac
 119
 120         config_get ifname "$vif" ifname
 121         config_get bridge "$vif" bridge
 122         config_get ssid "$vif" ssid
 123         config_get bssid "$vif" bssid
 124         bssid=${bssid:+"bssid=$bssid"}
 125         rm -rf /var/run/wpa_supplicant-$ifname
 126         cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
 127 ctrl_interface=/var/run/wpa_supplicant-$ifname
 128 network={
 129         $mode
 130         scan_ssid=1
 131         ssid="$ssid"
 132         $bssid
 133         key_mgmt=$key_mgmt
 134         $proto
 135         $freq
 136         $ieee80211w
 137         $passphrase
 138         $pairwise
 139         $group
 140         $eap_type
 141         $ca_cert
 142         $client_cert
 143         $priv_key
 144         $priv_key_pwd
 145         $phase2
 146         $identity
 147         $password
 148         $wep_key0
 149         $wep_key1
 150         $wep_key2
 151         $wep_key3
 152         $wep_tx_keyidx
 153 }
 154 EOF
 155         [ -z "$proto" -a "$key_mgmt" != "NONE" ] || \
 156                 wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options
 157 }