| 1 | wpa_supplicant_setup_vif() { |
| 2 | local vif="$1" |
| 3 | local driver="$2" |
| 4 | local key="$key" |
| 5 | local options="$3" |
| 6 | |
| 7 | # wpa_supplicant should use wext for mac80211 cards |
| 8 | [ "$driver" = "mac80211" ] && driver='wext' |
| 9 | |
| 10 | # make sure we have the encryption type and the psk |
| 11 | [ -n "$enc" ] || { |
| 12 | config_get enc "$vif" encryption |
| 13 | } |
| 14 | [ -n "$key" ] || { |
| 15 | config_get key "$vif" key |
| 16 | } |
| 17 | |
| 18 | local net_cfg bridge |
| 19 | config_get bridge "$vif" bridge |
| 20 | [ -z "$bridge" ] && { |
| 21 | net_cfg="$(find_net_config "$vif")" |
| 22 | [ -z "$net_cfg" ] || bridge="$(bridge_interface "$net_cfg")" |
| 23 | config_set "$vif" bridge "$bridge" |
| 24 | } |
| 25 | |
| 26 | local mode ifname wds |
| 27 | config_get mode "$vif" mode |
| 28 | config_get ifname "$vif" ifname |
| 29 | config_get_bool wds "$vif" wds 0 |
| 30 | [ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || { |
| 31 | echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface" |
| 32 | return 1 |
| 33 | } |
| 34 | |
| 35 | case "$enc" in |
| 36 | *none*) |
| 37 | key_mgmt='NONE' |
| 38 | ;; |
| 39 | *wep*) |
| 40 | key_mgmt='NONE' |
| 41 | config_get key "$vif" key |
| 42 | key="${key:-1}" |
| 43 | case "$key" in |
| 44 | [1234]) |
| 45 | for idx in 1 2 3 4; do |
| 46 | local zidx |
| 47 | zidx=$(($idx - 1)) |
| 48 | config_get ckey "$vif" "key${idx}" |
| 49 | [ -n "$ckey" ] && \ |
| 50 | append "wep_key${zidx}" "wep_key${zidx}=$(prepare_key_wep "$ckey")" |
| 51 | done |
| 52 | wep_tx_keyidx="wep_tx_keyidx=$((key - 1))" |
| 53 | ;; |
| 54 | *) |
| 55 | wep_key0="wep_key0=$(prepare_key_wep "$key")" |
| 56 | wep_tx_keyidx="wep_tx_keyidx=0" |
| 57 | ;; |
| 58 | esac |
| 59 | ;; |
| 60 | *psk*) |
| 61 | key_mgmt='WPA-PSK' |
| 62 | config_get_bool usepassphrase "$vif" usepassphrase 1 |
| 63 | if [ "$usepassphrase" = "1" ]; then |
| 64 | passphrase="psk=\"${key}\"" |
| 65 | else |
| 66 | passphrase="psk=${key}" |
| 67 | fi |
| 68 | case "$enc" in |
| 69 | *psk2*) |
| 70 | proto='proto=RSN' |
| 71 | config_get ieee80211w "$vif" ieee80211w |
| 72 | ;; |
| 73 | *psk*) |
| 74 | proto='proto=WPA' |
| 75 | ;; |
| 76 | esac |
| 77 | ;; |
| 78 | *wpa*|*8021x*) |
| 79 | proto='proto=WPA2' |
| 80 | key_mgmt='WPA-EAP' |
| 81 | config_get ieee80211w "$vif" ieee80211w |
| 82 | config_get ca_cert "$vif" ca_cert |
| 83 | config_get eap_type "$vif" eap_type |
| 84 | ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""} |
| 85 | case "$eap_type" in |
| 86 | tls) |
| 87 | pairwise='pairwise=CCMP' |
| 88 | group='group=CCMP' |
| 89 | config_get identity "$vif" identity |
| 90 | config_get client_cert "$vif" client_cert |
| 91 | config_get priv_key "$vif" priv_key |
| 92 | config_get priv_key_pwd "$vif" priv_key_pwd |
| 93 | identity="identity=\"$identity\"" |
| 94 | client_cert="client_cert=\"$client_cert\"" |
| 95 | priv_key="private_key=\"$priv_key\"" |
| 96 | priv_key_pwd="private_key_passwd=\"$priv_key_pwd\"" |
| 97 | ;; |
| 98 | peap|ttls) |
| 99 | config_get auth "$vif" auth |
| 100 | config_get identity "$vif" identity |
| 101 | config_get password "$vif" password |
| 102 | phase2="phase2=\"auth=${auth:-MSCHAPV2}\"" |
| 103 | identity="identity=\"$identity\"" |
| 104 | password="password=\"$password\"" |
| 105 | ;; |
| 106 | esac |
| 107 | eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')" |
| 108 | ;; |
| 109 | esac |
| 110 | |
| 111 | case "$ieee80211w" in |
| 112 | [012]) |
| 113 | ieee80211w="ieee80211w=$ieee80211w" |
| 114 | ;; |
| 115 | esac |
| 116 | |
| 117 | config_get ifname "$vif" ifname |
| 118 | config_get bridge "$vif" bridge |
| 119 | config_get ssid "$vif" ssid |
| 120 | config_get bssid "$vif" bssid |
| 121 | bssid=${bssid:+"bssid=$bssid"} |
| 122 | rm -rf /var/run/wpa_supplicant-$ifname |
| 123 | cat > /var/run/wpa_supplicant-$ifname.conf <<EOF |
| 124 | ctrl_interface=/var/run/wpa_supplicant-$ifname |
| 125 | network={ |
| 126 | scan_ssid=1 |
| 127 | ssid="$ssid" |
| 128 | $bssid |
| 129 | key_mgmt=$key_mgmt |
| 130 | $proto |
| 131 | $ieee80211w |
| 132 | $passphrase |
| 133 | $pairwise |
| 134 | $group |
| 135 | $eap_type |
| 136 | $ca_cert |
| 137 | $client_cert |
| 138 | $priv_key |
| 139 | $priv_key_pwd |
| 140 | $phase2 |
| 141 | $identity |
| 142 | $password |
| 143 | $wep_key0 |
| 144 | $wep_key1 |
| 145 | $wep_key2 |
| 146 | $wep_key3 |
| 147 | $wep_tx_keyidx |
| 148 | } |
| 149 | EOF |
| 150 | [ -z "$proto" -a "$key_mgmt" != "NONE" ] || \ |
| 151 | wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options |
| 152 | } |
| 153 | |
