[people/stevee/network.git] / src / functions / functions.wpa_supplicant

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2012  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl"

wpa_supplicant_config_header() {
	config_header "WPA supplicant configuration file"

	# Set control socket directory.
	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}"

	# Honour country
	local country="$(wireless_get_reg_domain)"
	if isset country; then
		print "country=${country}"
	fi

	print # end of header
}

wpa_supplicant_config_write() {
	local device="${1}"
	shift

	assert isset device

	local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"

	local ap_scan=1 mode key ssid
	local channel

	local arg
	for arg in "$@"; do
		case "${arg}" in
			--ap-scan=*)
				ap_scan=$(cli_get_val "${arg}")
				;;
			--channel=*)
				channel=$(cli_get_val "${arg}")
				;;
			--mode=*)
				mode=$(cli_get_val "${arg}")

				# Empty signals no encryption.
				isset mode || mode="NONE"
				;;
			--ssid=*)
				ssid=$(cli_get_val "${arg}")
				;;
			--key=*)
				key=$(cli_get_val "${arg}")
				;;
			*)
				error "Unrecognized argument: ${arg}"
				return ${EXIT_ERROR}
				;;
		esac
	done

	assert isinteger ap_scan
	assert isset mode

	local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx
	local operation_mode
	local country_code="$(wireless_get_reg_domain)"

	case "${mode}" in
		# Normal WPA.
		WPA-PSK)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK"
			proto="WPA"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WPA with stronger algorithms.
		WPA-PSK-SHA256)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK-SHA256"
			proto="WPA"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# Normal WPA2 (802.11i).
		WPA2-PSK)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK"
			proto="RSN"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WPA2 with stronger algorithms.
		WPA2-PSK-SHA256)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK-SHA256"
			proto="RSN"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WEP.
		WEP)
			auth_alg="SHARED"
			wep_key0="${key}"
			wep_tx_keyidx="0"

			# Reset PSK.
			psk=""
			;;

		# IEEE 802.1X
		8021X)
			key_mgmt="IEEE8021X"
			;;

		# IEEE 802.11s without authentication
		802.11s)
			operation_mode="mesh"

			# Use SAE when we got a PSK
			if isset key; then
				key_mgmt="SAE"
			else
				key_mgmt="NONE"
			fi
			;;

		# No encryption. DANGEROUS!
		NONE)
			auth_alg="OPEN"
			key_mgmt="NONE"
			;;
		*)
			log ERROR "Unknown mode: ${mode}"
			return ${EXIT_ERROR}
			;;
	esac

	# Ensure we can write the file
	make_parent_directory "${file}"

	config_header "WPA supplicant configuration file" > ${file}

	# AP scanning/selection
	print "ap_scan=${ap_scan}" >> ${file}

	# Set country code, if known.
	if isset country_code; then
		print "country=\"${country_code}\"" >> ${file}
	fi

	# Set control socket directory.
	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file}

	(
		print # Network section
		print "network={"

		if isset auth_alg; then
			print "	auth_alg=${auth_alg}"
		fi

		if isset key_mgmt; then
			print "	key_mgmt=${key_mgmt}"
		fi

		if isset proto; then
			print "	proto=${proto}"
		fi

		if isset ssid; then
			print "	ssid=\"${ssid}\""
		fi

		if isset key; then
			print "	psk=\"${key}\""
		fi

		# Operation Mode
		case "${operation_mode}" in
			ibss)
				print "	mode=1"
				;;
			mesh)
				print "	mode=5"
				;;
		esac

		# Frequency
		if isset channel; then
			print "	frequency=$(wireless_channel_to_frequency "${channel}")"
		fi

		if isset wep_key0; then
			print "	wep_key0=\"${wep_key0}\""
		fi

		if isset wep_tx_keyidx; then
			print "	wep_tx_keyidx=${wep_tx_keyidx}"
		fi

		print "}"
	) >> ${file}

	return ${EXIT_OK}
}

wpa_supplicant_config_destroy() {
	local device="${1}"
	assert isset device

	file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
}

wpa_supplicant_start() {
	local device=${1}
	assert isset device

	service_start "wpa_supplicant@${device}.service"
}

wpa_supplicant_stop() {
	local device=${1}
	assert isset device

	service_stop "wpa_supplicant@${device}.service"
}

wpa_supplicant_client() {
	local device=${1}
	assert isset device
	shift

	local cmd="$@"
	assert isset cmd

	# Run the command and return the output.
	cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd}
}

wpa_cli_status() {
	local device=${1}
	assert isset device

	wpa_supplicant_client ${device} status verbose
}

wpa_cli_status_get() {
	local device=${1}
	assert isset device

	local arg=${2}
	assert isset arg

	local line key
	while read -r line; do
		key=$(cli_get_key ${line})

		if [ "${key}" = "${arg}" ]; then
			cli_get_val "${line}"
			return ${EXIT_OK}
		fi
	done <<< "$(wpa_cli_status ${device})"

	return ${EXIT_ERROR}
}

wpa_cli_bss() {
	local device=${1}
	assert isset device

	local bss=${2}
	assert isset bss

	wpa_supplicant_client ${device} bss ${bss}
}

wpa_cli_bss_get() {
	local device=${1}
	assert isset device

	local bss=${2}
	assert isset bss

	local arg=${3}
	assert isset arg

	local line key
	while read -r line; do
		key=$(cli_get_key ${line})

		if [ "${key}" = "${arg}" ]; then
			cli_get_val "${line}"
			return ${EXIT_OK}
		fi
	done <<< "$(wpa_cli_bss ${device} ${bss})"

	return ${EXIT_ERROR}
}

wpa_cli_bss_get_frequency() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} freq
}

wpa_cli_bss_get_noise() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} noise
}

wpa_cli_bss_get_quality() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	local quality=$(wpa_cli_bss_get ${device} ${bssid} qual)

	# Convert to percent
	print $(( ${quality} * 100 / 70 ))
}

wpa_cli_bss_get_flags() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} flags
}
Commit	Line	Data
	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2012 IPFire Network Development Team #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl"
	23
	24	wpa_supplicant_config_header() {
	25	config_header "WPA supplicant configuration file"
	26
	27	# Set control socket directory.
	28	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}"
	29
	30	# Honour country
	31	local country="$(wireless_get_reg_domain)"
	32	if isset country; then
	33	print "country=${country}"
	34	fi
	35
	36	print # end of header
	37	}
	38
	39	wpa_supplicant_config_write() {
	40	local device="${1}"
	41	shift
	42
	43	assert isset device
	44
	45	local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
	46
	47	local ap_scan=1 mode key ssid
	48	local channel
	49
	50	local arg
	51	for arg in "$@"; do
	52	case "${arg}" in
	53	--ap-scan=*)
	54	ap_scan=$(cli_get_val "${arg}")
	55	;;
	56	--channel=*)
	57	channel=$(cli_get_val "${arg}")
	58	;;
	59	--mode=*)
	60	mode=$(cli_get_val "${arg}")
	61
	62	# Empty signals no encryption.
	63	isset mode \|\| mode="NONE"
	64	;;
	65	--ssid=*)
	66	ssid=$(cli_get_val "${arg}")
	67	;;
	68	--key=*)
	69	key=$(cli_get_val "${arg}")
	70	;;
	71	*)
	72	error "Unrecognized argument: ${arg}"
	73	return ${EXIT_ERROR}
	74	;;
	75	esac
	76	done
	77
	78	assert isinteger ap_scan
	79	assert isset mode
	80
	81	local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx
	82	local operation_mode
	83	local country_code="$(wireless_get_reg_domain)"
	84
	85	case "${mode}" in
	86	# Normal WPA.
	87	WPA-PSK)
	88	auth_alg="OPEN"
	89	key_mgmt="WPA-PSK"
	90	proto="WPA"
	91	pairwise="CCMP TKIP"
	92	group="CCMP TKIP WEP104 WEP40"
	93	;;
	94
	95	# WPA with stronger algorithms.
	96	WPA-PSK-SHA256)
	97	auth_alg="OPEN"
	98	key_mgmt="WPA-PSK-SHA256"
	99	proto="WPA"
	100	pairwise="CCMP TKIP"
	101	group="CCMP TKIP WEP104 WEP40"
	102	;;
	103
	104	# Normal WPA2 (802.11i).
	105	WPA2-PSK)
	106	auth_alg="OPEN"
	107	key_mgmt="WPA-PSK"
	108	proto="RSN"
	109	pairwise="CCMP TKIP"
	110	group="CCMP TKIP WEP104 WEP40"
	111	;;
	112
	113	# WPA2 with stronger algorithms.
	114	WPA2-PSK-SHA256)
	115	auth_alg="OPEN"
	116	key_mgmt="WPA-PSK-SHA256"
	117	proto="RSN"
	118	pairwise="CCMP TKIP"
	119	group="CCMP TKIP WEP104 WEP40"
	120	;;
	121
	122	# WEP.
	123	WEP)
	124	auth_alg="SHARED"
	125	wep_key0="${key}"
	126	wep_tx_keyidx="0"
	127
	128	# Reset PSK.
	129	psk=""
	130	;;
	131
	132	# IEEE 802.1X
	133	8021X)
	134	key_mgmt="IEEE8021X"
	135	;;
	136
	137	# IEEE 802.11s without authentication
	138	802.11s)
	139	operation_mode="mesh"
	140
	141	# Use SAE when we got a PSK
	142	if isset key; then
	143	key_mgmt="SAE"
	144	else
	145	key_mgmt="NONE"
	146	fi
	147	;;
	148
	149	# No encryption. DANGEROUS!
	150	NONE)
	151	auth_alg="OPEN"
	152	key_mgmt="NONE"
	153	;;
	154	*)
	155	log ERROR "Unknown mode: ${mode}"
	156	return ${EXIT_ERROR}
	157	;;
	158	esac
	159
	160	# Ensure we can write the file
	161	make_parent_directory "${file}"
	162
	163	config_header "WPA supplicant configuration file" > ${file}
	164
	165	# AP scanning/selection
	166	print "ap_scan=${ap_scan}" >> ${file}
	167
	168	# Set country code, if known.
	169	if isset country_code; then
	170	print "country=\"${country_code}\"" >> ${file}
	171	fi
	172
	173	# Set control socket directory.
	174	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file}
	175
	176	(
	177	print # Network section
	178	print "network={"
	179
	180	if isset auth_alg; then
	181	print " auth_alg=${auth_alg}"
	182	fi
	183
	184	if isset key_mgmt; then
	185	print " key_mgmt=${key_mgmt}"
	186	fi
	187
	188	if isset proto; then
	189	print " proto=${proto}"
	190	fi
	191
	192	if isset ssid; then
	193	print " ssid=\"${ssid}\""
	194	fi
	195
	196	if isset key; then
	197	print " psk=\"${key}\""
	198	fi
	199
	200	# Operation Mode
	201	case "${operation_mode}" in
	202	ibss)
	203	print " mode=1"
	204	;;
	205	mesh)
	206	print " mode=5"
	207	;;
	208	esac
	209
	210	# Frequency
	211	if isset channel; then
	212	print " frequency=$(wireless_channel_to_frequency "${channel}")"
	213	fi
	214
	215	if isset wep_key0; then
	216	print " wep_key0=\"${wep_key0}\""
	217	fi
	218
	219	if isset wep_tx_keyidx; then
	220	print " wep_tx_keyidx=${wep_tx_keyidx}"
	221	fi
	222
	223	print "}"
	224	) >> ${file}
	225
	226	return ${EXIT_OK}
	227	}
	228
	229	wpa_supplicant_config_destroy() {
	230	local device="${1}"
	231	assert isset device
	232
	233	file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
	234	}
	235
	236	wpa_supplicant_start() {
	237	local device=${1}
	238	assert isset device
	239
	240	service_start "wpa_supplicant@${device}.service"
	241	}
	242
	243	wpa_supplicant_stop() {
	244	local device=${1}
	245	assert isset device
	246
	247	service_stop "wpa_supplicant@${device}.service"
	248	}
	249
	250	wpa_supplicant_client() {
	251	local device=${1}
	252	assert isset device
	253	shift
	254
	255	local cmd="$@"
	256	assert isset cmd
	257
	258	# Run the command and return the output.
	259	cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd}
	260	}
	261
	262	wpa_cli_status() {
	263	local device=${1}
	264	assert isset device
	265
	266	wpa_supplicant_client ${device} status verbose
	267	}
	268
	269	wpa_cli_status_get() {
	270	local device=${1}
	271	assert isset device
	272
	273	local arg=${2}
	274	assert isset arg
	275
	276	local line key
	277	while read -r line; do
	278	key=$(cli_get_key ${line})
	279
	280	if [ "${key}" = "${arg}" ]; then
	281	cli_get_val "${line}"
	282	return ${EXIT_OK}
	283	fi
	284	done <<< "$(wpa_cli_status ${device})"
	285
	286	return ${EXIT_ERROR}
	287	}
	288
	289	wpa_cli_bss() {
	290	local device=${1}
	291	assert isset device
	292
	293	local bss=${2}
	294	assert isset bss
	295
	296	wpa_supplicant_client ${device} bss ${bss}
	297	}
	298
	299	wpa_cli_bss_get() {
	300	local device=${1}
	301	assert isset device
	302
	303	local bss=${2}
	304	assert isset bss
	305
	306	local arg=${3}
	307	assert isset arg
	308
	309	local line key
	310	while read -r line; do
	311	key=$(cli_get_key ${line})
	312
	313	if [ "${key}" = "${arg}" ]; then
	314	cli_get_val "${line}"
	315	return ${EXIT_OK}
	316	fi
	317	done <<< "$(wpa_cli_bss ${device} ${bss})"
	318
	319	return ${EXIT_ERROR}
	320	}
	321
	322	wpa_cli_bss_get_frequency() {
	323	local device=${1}
	324	assert isset device
	325
	326	local bssid=${2}
	327	assert isset bssid
	328
	329	wpa_cli_bss_get ${device} ${bssid} freq
	330	}
	331
	332	wpa_cli_bss_get_noise() {
	333	local device=${1}
	334	assert isset device
	335
	336	local bssid=${2}
	337	assert isset bssid
	338
	339	wpa_cli_bss_get ${device} ${bssid} noise
	340	}
	341
	342	wpa_cli_bss_get_quality() {
	343	local device=${1}
	344	assert isset device
	345
	346	local bssid=${2}
	347	assert isset bssid
	348
	349	local quality=$(wpa_cli_bss_get ${device} ${bssid} qual)
	350
	351	# Convert to percent
	352	print $(( ${quality} * 100 / 70 ))
	353	}
	354
	355	wpa_cli_bss_get_flags() {
	356	local device=${1}
	357	assert isset device
	358
	359	local bssid=${2}
	360	assert isset bssid
	361
	362	wpa_cli_bss_get ${device} ${bssid} flags
	363	}