]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/bash | |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl" | |
23 | ||
24 | wpa_supplicant_config_header() { | |
25 | config_header "WPA supplicant configuration file" | |
26 | ||
27 | # Set control socket directory. | |
28 | print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" | |
29 | ||
30 | # Honour country | |
31 | local country="$(wireless_get_reg_domain)" | |
32 | if isset country; then | |
33 | print "country=${country}" | |
34 | fi | |
35 | ||
36 | print # end of header | |
37 | } | |
38 | ||
39 | wpa_supplicant_config_write() { | |
40 | local device="${1}" | |
41 | shift | |
42 | ||
43 | assert isset device | |
44 | ||
45 | local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf" | |
46 | ||
47 | local ap_scan=1 mode key ssid | |
48 | local channel | |
49 | ||
50 | local arg | |
51 | for arg in "$@"; do | |
52 | case "${arg}" in | |
53 | --ap-scan=*) | |
54 | ap_scan=$(cli_get_val "${arg}") | |
55 | ;; | |
56 | --channel=*) | |
57 | channel=$(cli_get_val "${arg}") | |
58 | ;; | |
59 | --mode=*) | |
60 | mode=$(cli_get_val "${arg}") | |
61 | ||
62 | # Empty signals no encryption. | |
63 | isset mode || mode="NONE" | |
64 | ;; | |
65 | --ssid=*) | |
66 | ssid=$(cli_get_val "${arg}") | |
67 | ;; | |
68 | --key=*) | |
69 | key=$(cli_get_val "${arg}") | |
70 | ;; | |
71 | *) | |
72 | error "Unrecognized argument: ${arg}" | |
73 | return ${EXIT_ERROR} | |
74 | ;; | |
75 | esac | |
76 | done | |
77 | ||
78 | assert isinteger ap_scan | |
79 | assert isset mode | |
80 | ||
81 | local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx | |
82 | local operation_mode | |
83 | local country_code="$(wireless_get_reg_domain)" | |
84 | ||
85 | case "${mode}" in | |
86 | # Normal WPA. | |
87 | WPA-PSK) | |
88 | auth_alg="OPEN" | |
89 | key_mgmt="WPA-PSK" | |
90 | proto="WPA" | |
91 | pairwise="CCMP TKIP" | |
92 | group="CCMP TKIP WEP104 WEP40" | |
93 | ;; | |
94 | ||
95 | # WPA with stronger algorithms. | |
96 | WPA-PSK-SHA256) | |
97 | auth_alg="OPEN" | |
98 | key_mgmt="WPA-PSK-SHA256" | |
99 | proto="WPA" | |
100 | pairwise="CCMP TKIP" | |
101 | group="CCMP TKIP WEP104 WEP40" | |
102 | ;; | |
103 | ||
104 | # Normal WPA2 (802.11i). | |
105 | WPA2-PSK) | |
106 | auth_alg="OPEN" | |
107 | key_mgmt="WPA-PSK" | |
108 | proto="RSN" | |
109 | pairwise="CCMP TKIP" | |
110 | group="CCMP TKIP WEP104 WEP40" | |
111 | ;; | |
112 | ||
113 | # WPA2 with stronger algorithms. | |
114 | WPA2-PSK-SHA256) | |
115 | auth_alg="OPEN" | |
116 | key_mgmt="WPA-PSK-SHA256" | |
117 | proto="RSN" | |
118 | pairwise="CCMP TKIP" | |
119 | group="CCMP TKIP WEP104 WEP40" | |
120 | ;; | |
121 | ||
122 | # WEP. | |
123 | WEP) | |
124 | auth_alg="SHARED" | |
125 | wep_key0="${key}" | |
126 | wep_tx_keyidx="0" | |
127 | ||
128 | # Reset PSK. | |
129 | psk="" | |
130 | ;; | |
131 | ||
132 | # IEEE 802.1X | |
133 | 8021X) | |
134 | key_mgmt="IEEE8021X" | |
135 | ;; | |
136 | ||
137 | # IEEE 802.11s without authentication | |
138 | 802.11s) | |
139 | operation_mode="mesh" | |
140 | ||
141 | # Use SAE when we got a PSK | |
142 | if isset key; then | |
143 | key_mgmt="SAE" | |
144 | else | |
145 | key_mgmt="NONE" | |
146 | fi | |
147 | ;; | |
148 | ||
149 | # No encryption. DANGEROUS! | |
150 | NONE) | |
151 | auth_alg="OPEN" | |
152 | key_mgmt="NONE" | |
153 | ;; | |
154 | *) | |
155 | log ERROR "Unknown mode: ${mode}" | |
156 | return ${EXIT_ERROR} | |
157 | ;; | |
158 | esac | |
159 | ||
160 | # Ensure we can write the file | |
161 | make_parent_directory "${file}" | |
162 | ||
163 | config_header "WPA supplicant configuration file" > ${file} | |
164 | ||
165 | # AP scanning/selection | |
166 | print "ap_scan=${ap_scan}" >> ${file} | |
167 | ||
168 | # Set country code, if known. | |
169 | if isset country_code; then | |
170 | print "country=\"${country_code}\"" >> ${file} | |
171 | fi | |
172 | ||
173 | # Set control socket directory. | |
174 | print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file} | |
175 | ||
176 | ( | |
177 | print # Network section | |
178 | print "network={" | |
179 | ||
180 | if isset auth_alg; then | |
181 | print " auth_alg=${auth_alg}" | |
182 | fi | |
183 | ||
184 | if isset key_mgmt; then | |
185 | print " key_mgmt=${key_mgmt}" | |
186 | fi | |
187 | ||
188 | if isset proto; then | |
189 | print " proto=${proto}" | |
190 | fi | |
191 | ||
192 | if isset ssid; then | |
193 | print " ssid=\"${ssid}\"" | |
194 | fi | |
195 | ||
196 | if isset key; then | |
197 | print " psk=\"${key}\"" | |
198 | fi | |
199 | ||
200 | # Operation Mode | |
201 | case "${operation_mode}" in | |
202 | ibss) | |
203 | print " mode=1" | |
204 | ;; | |
205 | mesh) | |
206 | print " mode=5" | |
207 | ;; | |
208 | esac | |
209 | ||
210 | # Frequency | |
211 | if isset channel; then | |
212 | print " frequency=$(wireless_channel_to_frequency "${channel}")" | |
213 | fi | |
214 | ||
215 | if isset wep_key0; then | |
216 | print " wep_key0=\"${wep_key0}\"" | |
217 | fi | |
218 | ||
219 | if isset wep_tx_keyidx; then | |
220 | print " wep_tx_keyidx=${wep_tx_keyidx}" | |
221 | fi | |
222 | ||
223 | print "}" | |
224 | ) >> ${file} | |
225 | ||
226 | return ${EXIT_OK} | |
227 | } | |
228 | ||
229 | wpa_supplicant_config_destroy() { | |
230 | local device="${1}" | |
231 | assert isset device | |
232 | ||
233 | file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf" | |
234 | } | |
235 | ||
236 | wpa_supplicant_start() { | |
237 | local device=${1} | |
238 | assert isset device | |
239 | ||
240 | service_start "wpa_supplicant@${device}.service" | |
241 | } | |
242 | ||
243 | wpa_supplicant_stop() { | |
244 | local device=${1} | |
245 | assert isset device | |
246 | ||
247 | service_stop "wpa_supplicant@${device}.service" | |
248 | } | |
249 | ||
250 | wpa_supplicant_client() { | |
251 | local device=${1} | |
252 | assert isset device | |
253 | shift | |
254 | ||
255 | local cmd="$@" | |
256 | assert isset cmd | |
257 | ||
258 | # Run the command and return the output. | |
259 | cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd} | |
260 | } | |
261 | ||
262 | wpa_cli_status() { | |
263 | local device=${1} | |
264 | assert isset device | |
265 | ||
266 | wpa_supplicant_client ${device} status verbose | |
267 | } | |
268 | ||
269 | wpa_cli_status_get() { | |
270 | local device=${1} | |
271 | assert isset device | |
272 | ||
273 | local arg=${2} | |
274 | assert isset arg | |
275 | ||
276 | local line key | |
277 | while read -r line; do | |
278 | key=$(cli_get_key ${line}) | |
279 | ||
280 | if [ "${key}" = "${arg}" ]; then | |
281 | cli_get_val "${line}" | |
282 | return ${EXIT_OK} | |
283 | fi | |
284 | done <<< "$(wpa_cli_status ${device})" | |
285 | ||
286 | return ${EXIT_ERROR} | |
287 | } | |
288 | ||
289 | wpa_cli_bss() { | |
290 | local device=${1} | |
291 | assert isset device | |
292 | ||
293 | local bss=${2} | |
294 | assert isset bss | |
295 | ||
296 | wpa_supplicant_client ${device} bss ${bss} | |
297 | } | |
298 | ||
299 | wpa_cli_bss_get() { | |
300 | local device=${1} | |
301 | assert isset device | |
302 | ||
303 | local bss=${2} | |
304 | assert isset bss | |
305 | ||
306 | local arg=${3} | |
307 | assert isset arg | |
308 | ||
309 | local line key | |
310 | while read -r line; do | |
311 | key=$(cli_get_key ${line}) | |
312 | ||
313 | if [ "${key}" = "${arg}" ]; then | |
314 | cli_get_val "${line}" | |
315 | return ${EXIT_OK} | |
316 | fi | |
317 | done <<< "$(wpa_cli_bss ${device} ${bss})" | |
318 | ||
319 | return ${EXIT_ERROR} | |
320 | } | |
321 | ||
322 | wpa_cli_bss_get_frequency() { | |
323 | local device=${1} | |
324 | assert isset device | |
325 | ||
326 | local bssid=${2} | |
327 | assert isset bssid | |
328 | ||
329 | wpa_cli_bss_get ${device} ${bssid} freq | |
330 | } | |
331 | ||
332 | wpa_cli_bss_get_noise() { | |
333 | local device=${1} | |
334 | assert isset device | |
335 | ||
336 | local bssid=${2} | |
337 | assert isset bssid | |
338 | ||
339 | wpa_cli_bss_get ${device} ${bssid} noise | |
340 | } | |
341 | ||
342 | wpa_cli_bss_get_quality() { | |
343 | local device=${1} | |
344 | assert isset device | |
345 | ||
346 | local bssid=${2} | |
347 | assert isset bssid | |
348 | ||
349 | local quality=$(wpa_cli_bss_get ${device} ${bssid} qual) | |
350 | ||
351 | # Convert to percent | |
352 | print $(( ${quality} * 100 / 70 )) | |
353 | } | |
354 | ||
355 | wpa_cli_bss_get_flags() { | |
356 | local device=${1} | |
357 | assert isset device | |
358 | ||
359 | local bssid=${2} | |
360 | assert isset bssid | |
361 | ||
362 | wpa_cli_bss_get ${device} ${bssid} flags | |
363 | } |