package/hostapd/files/wpa_supplicant.sh

   1 wpa_supplicant_setup_vif() {
   2         local vif="$1"
   3         local driver="$2"
   4         local key="$key"
   5         local options="$3"
   6         local freq=""
   7         [ -n "$4" ] && freq="frequency=$4"
   8
   9         # wpa_supplicant should use wext for mac80211 cards
  10         [ "$driver" = "mac80211" ] && driver='wext'
  11
  12         # make sure we have the encryption type and the psk
  13         [ -n "$enc" ] || {
  14                 config_get enc "$vif" encryption
  15         }
  16         [ -n "$key" ] || {
  17                 config_get key "$vif" key
  18         }
  19
  20         local net_cfg bridge
  21         config_get bridge "$vif" bridge
  22         [ -z "$bridge" ] && {
  23                 net_cfg="$(find_net_config "$vif")"
  24                 [ -z "$net_cfg" ] || bridge="$(bridge_interface "$net_cfg")"
  25                 config_set "$vif" bridge "$bridge"
  26         }
  27
  28         local mode ifname wds modestr=""
  29         config_get mode "$vif" mode
  30         config_get ifname "$vif" ifname
  31         config_get_bool wds "$vif" wds 0
  32         [ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || {
  33                 echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface"
  34                 return 1
  35         }
  36         [ "$mode" = "adhoc" ] && modestr="mode=1"
  37
  38         key_mgmt='NONE'
  39         case "$enc" in
  40                 *none*) ;;
  41                 *wep*)
  42                         config_get key "$vif" key
  43                         key="${key:-1}"
  44                         case "$key" in
  45                                 [1234])
  46                                         for idx in 1 2 3 4; do
  47                                                 local zidx
  48                                                 zidx=$(($idx - 1))
  49                                                 config_get ckey "$vif" "key${idx}"
  50                                                 [ -n "$ckey" ] && \
  51                                                         append "wep_key${zidx}" "wep_key${zidx}=$(prepare_key_wep "$ckey")"
  52                                         done
  53                                         wep_tx_keyidx="wep_tx_keyidx=$((key - 1))"
  54                                 ;;
  55                                 *)
  56                                         wep_key0="wep_key0=$(prepare_key_wep "$key")"
  57                                         wep_tx_keyidx="wep_tx_keyidx=0"
  58                                 ;;
  59                         esac
  60                 ;;
  61                 *psk*)
  62                         key_mgmt='WPA-PSK'
  63                         [ "$mode" = "adhoc" -a "$driver" != "nl80211" ] && key_mgmt='WPA-NONE'
  64                         config_get_bool usepassphrase "$vif" usepassphrase 1
  65                         if [ "$usepassphrase" = "1" ]; then
  66                                 passphrase="psk=\"${key}\""
  67                         else
  68                                 passphrase="psk=${key}"
  69                         fi
  70                         case "$enc" in
  71                                 *psk2*)
  72                                         proto='proto=RSN'
  73                                         config_get ieee80211w "$vif" ieee80211w
  74                                 ;;
  75                                 *psk*)
  76                                         proto='proto=WPA'
  77                                 ;;
  78                         esac
  79                 ;;
  80                 *wpa*|*8021x*)
  81                         proto='proto=WPA2'
  82                         key_mgmt='WPA-EAP'
  83                         config_get ieee80211w "$vif" ieee80211w
  84                         config_get ca_cert "$vif" ca_cert
  85                         config_get eap_type "$vif" eap_type
  86                         ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""}
  87                         case "$eap_type" in
  88                                 tls)
  89                                         pairwise='pairwise=CCMP'
  90                                         group='group=CCMP'
  91                                         config_get identity "$vif" identity
  92                                         config_get client_cert "$vif" client_cert
  93                                         config_get priv_key "$vif" priv_key
  94                                         config_get priv_key_pwd "$vif" priv_key_pwd
  95                                         identity="identity=\"$identity\""
  96                                         client_cert="client_cert=\"$client_cert\""
  97                                         priv_key="private_key=\"$priv_key\""
  98                                         priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
  99                                 ;;
 100                                 peap|ttls)
 101                                         config_get auth "$vif" auth
 102                                         config_get identity "$vif" identity
 103                                         config_get password "$vif" password
 104                                         phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
 105                                         identity="identity=\"$identity\""
 106                                         password="password=\"$password\""
 107                                 ;;
 108                         esac
 109                         eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')"
 110                 ;;
 111         esac
 112
 113         case "$ieee80211w" in
 114                 [012])
 115                         ieee80211w="ieee80211w=$ieee80211w"
 116                 ;;
 117         esac
 118
 119         config_get ifname "$vif" ifname
 120         config_get bridge "$vif" bridge
 121         config_get ssid "$vif" ssid
 122         config_get bssid "$vif" bssid
 123         bssid=${bssid:+"bssid=$bssid"}
 124         rm -rf /var/run/wpa_supplicant-$ifname
 125         cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
 126 ctrl_interface=/var/run/wpa_supplicant-$ifname
 127 network={
 128         $modestr
 129         scan_ssid=1
 130         ssid="$ssid"
 131         $bssid
 132         key_mgmt=$key_mgmt
 133         $proto
 134         $freq
 135         $ieee80211w
 136         $passphrase
 137         $pairwise
 138         $group
 139         $eap_type
 140         $ca_cert
 141         $client_cert
 142         $priv_key
 143         $priv_key_pwd
 144         $phase2
 145         $identity
 146         $password
 147         $wep_key0
 148         $wep_key1
 149         $wep_key2
 150         $wep_key3
 151         $wep_tx_keyidx
 152 }
 153 EOF
 154         [ -z "$proto" -a "$key_mgmt" != "NONE" ] || \
 155                 wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options
 156 }