[people/stevee/network.git] / src / functions / functions.wpa_supplicant

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2012  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl"

wpa_supplicant_config_header() {
	config_header "WPA supplicant configuration file"

	# Set control socket directory.
	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}"

	# Honour country
	if isset country; then
		print "country=${country}"
	fi

	print # end of header
}

wpa_supplicant_config_write() {
	local device="${1}"
	shift

	assert isset device

	local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"

	local ap_scan=1 mode key ssid
	local channel

	local arg
	for arg in "$@"; do
		case "${arg}" in
			--ap-scan=*)
				ap_scan=$(cli_get_val "${arg}")
				;;
			--channel=*)
				channel=$(cli_get_val "${arg}")
				;;
			--mode=*)
				mode=$(cli_get_val "${arg}")

				# Empty signals no encryption.
				isset mode || mode="NONE"
				;;
			--ssid=*)
				ssid=$(cli_get_val "${arg}")
				;;
			--key=*)
				key=$(cli_get_val "${arg}")
				;;
			*)
				error "Unrecognized argument: ${arg}"
				return ${EXIT_ERROR}
				;;
		esac
	done

	assert isinteger ap_scan
	assert isset mode

	local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx
	local operation_mode
	local country_code="$(wireless_get_reg_domain)"

	case "${mode}" in
		# Normal WPA.
		WPA-PSK)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK"
			proto="WPA"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WPA with stronger algorithms.
		WPA-PSK-SHA256)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK-SHA256"
			proto="WPA"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# Normal WPA2 (802.11i).
		WPA2-PSK)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK"
			proto="RSN"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WPA2 with stronger algorithms.
		WPA2-PSK-SHA256)
			auth_alg="OPEN"
			key_mgmt="WPA-PSK-SHA256"
			proto="RSN"
			pairwise="CCMP TKIP"
			group="CCMP TKIP WEP104 WEP40"
			;;

		# WEP.
		WEP)
			auth_alg="SHARED"
			wep_key0="${key}"
			wep_tx_keyidx="0"

			# Reset PSK.
			psk=""
			;;

		# IEEE 802.1X
		8021X)
			key_mgmt="IEEE8021X"
			;;

		# IEEE 802.11s without authentication
		802.11s)
			operation_mode="mesh"

			# Use SAE when we got a PSK
			if isset key; then
				key_mgmt="SAE"
			else
				key_mgmt="NONE"
			fi
			;;

		# No encryption. DANGEROUS!
		NONE)
			auth_alg="OPEN"
			key_mgmt="NONE"
			;;
		*)
			log ERROR "Unknown mode: ${mode}"
			return ${EXIT_ERROR}
			;;
	esac

	# Ensure we can write the file
	make_parent_directory "${file}"

	config_header "WPA supplicant configuration file" > ${file}

	# AP scanning/selection
	print "ap_scan=${ap_scan}" >> ${file}

	# Set country code, if known.
	if isset country_code; then
		print "country=\"${country_code}\"" >> ${file}
	fi

	# Set control socket directory.
	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file}

	(
		print # Network section
		print "network={"

		if isset auth_alg; then
			print "	auth_alg=${auth_alg}"
		fi

		if isset key_mgmt; then
			print "	key_mgmt=${key_mgmt}"
		fi

		if isset proto; then
			print "	proto=${proto}"
		fi

		if isset ssid; then
			print "	ssid=\"${ssid}\""
		fi

		if isset key; then
			print "	psk=\"${key}\""
		fi

		# Operation Mode
		case "${operation_mode}" in
			ibss)
				print "	mode=1"
				;;
			mesh)
				print "	mode=5"
				;;
		esac

		# Frequency
		if isset channel; then
			print "	frequency=$(wireless_channel_to_frequency "${channel}")"
		fi

		if isset wep_key0; then
			print "	wep_key0=\"${wep_key0}\""
		fi

		if isset wep_tx_keyidx; then
			print "	wep_tx_keyidx=${wep_tx_keyidx}"
		fi

		print "}"
	) >> ${file}

	return ${EXIT_OK}
}

wpa_supplicant_config_destroy() {
	local device="${1}"
	assert isset device

	file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
}

wpa_supplicant_start() {
	local device=${1}
	assert isset device

	service_start "wpa_supplicant@${device}.service"
}

wpa_supplicant_stop() {
	local device=${1}
	assert isset device

	service_stop "wpa_supplicant@${device}.service"
}

wpa_supplicant_client() {
	local device=${1}
	assert isset device
	shift

	local cmd="$@"
	assert isset cmd

	# Run the command and return the output.
	cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd}
}

wpa_cli_status() {
	local device=${1}
	assert isset device

	wpa_supplicant_client ${device} status verbose
}

wpa_cli_status_get() {
	local device=${1}
	assert isset device

	local arg=${2}
	assert isset arg

	local line key
	while read -r line; do
		key=$(cli_get_key ${line})

		if [ "${key}" = "${arg}" ]; then
			cli_get_val "${line}"
			return ${EXIT_OK}
		fi
	done <<< "$(wpa_cli_status ${device})"

	return ${EXIT_ERROR}
}

wpa_cli_bss() {
	local device=${1}
	assert isset device

	local bss=${2}
	assert isset bss

	wpa_supplicant_client ${device} bss ${bss}
}

wpa_cli_bss_get() {
	local device=${1}
	assert isset device

	local bss=${2}
	assert isset bss

	local arg=${3}
	assert isset arg

	local line key
	while read -r line; do
		key=$(cli_get_key ${line})

		if [ "${key}" = "${arg}" ]; then
			cli_get_val "${line}"
			return ${EXIT_OK}
		fi
	done <<< "$(wpa_cli_bss ${device} ${bss})"

	return ${EXIT_ERROR}
}

wpa_cli_bss_get_frequency() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} freq
}

wpa_cli_bss_get_noise() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} noise
}

wpa_cli_bss_get_quality() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	local quality=$(wpa_cli_bss_get ${device} ${bssid} qual)

	# Convert to percent
	print $(( ${quality} * 100 / 70 ))
}

wpa_cli_bss_get_flags() {
	local device=${1}
	assert isset device

	local bssid=${2}
	assert isset bssid

	wpa_cli_bss_get ${device} ${bssid} flags
}
Commit	Line	Data
6d4eec4c MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2012 IPFire Network Development Team #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
22a61046 MT	22	WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl"
22a61046 MT	23
f1b49125 MT	24	wpa_supplicant_config_header() {
	25	config_header "WPA supplicant configuration file"
	26
	27	# Set control socket directory.
	28	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}"
	29
	30	# Honour country
	31	if isset country; then
	32	print "country=${country}"
	33	fi
	34
	35	print # end of header
	36	}
	37
1c6a4e30	38	wpa_supplicant_config_write() {
02807ad2 MT	39	local device="${1}"
02807ad2 MT	40	shift
6d4eec4c	41
02807ad2	42	assert isset device
6d4eec4c	43
231bce76	44	local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
22a61046	45
31670741	46	local ap_scan=1 mode key ssid
4c1a5e6d	47	local channel
22a61046 MT	48
	49	local arg
	50	for arg in "$@"; do
	51	case "${arg}" in
	52	--ap-scan=*)
2212045f	53	ap_scan=$(cli_get_val "${arg}")
22a61046	54	;;
4c1a5e6d MT	55	--channel=*)
	56	channel=$(cli_get_val "${arg}")
	57	;;
22a61046	58	--mode=*)
2212045f	59	mode=$(cli_get_val "${arg}")
22a61046 MT	60
	61	# Empty signals no encryption.
	62	isset mode \|\| mode="NONE"
6d4eec4c	63	;;
22a61046	64	--ssid=*)
2212045f	65	ssid=$(cli_get_val "${arg}")
6d4eec4c MT	66	;;
6d4eec4c MT	67	--key=*)
2212045f	68	key=$(cli_get_val "${arg}")
22a61046 MT	69	;;
	70	*)
	71	error "Unrecognized argument: ${arg}"
	72	return ${EXIT_ERROR}
6d4eec4c MT	73	;;
6d4eec4c MT	74	esac
6d4eec4c MT	75	done
6d4eec4c MT	76
22a61046 MT	77	assert isinteger ap_scan
	78	assert isset mode
	79
	80	local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx
4c1a5e6d	81	local operation_mode
31670741	82	local country_code="$(wireless_get_reg_domain)"
22a61046 MT	83
	84	case "${mode}" in
	85	# Normal WPA.
	86	WPA-PSK)
	87	auth_alg="OPEN"
	88	key_mgmt="WPA-PSK"
	89	proto="WPA"
	90	pairwise="CCMP TKIP"
	91	group="CCMP TKIP WEP104 WEP40"
	92	;;
	93
	94	# WPA with stronger algorithms.
	95	WPA-PSK-SHA256)
	96	auth_alg="OPEN"
	97	key_mgmt="WPA-PSK-SHA256"
	98	proto="WPA"
	99	pairwise="CCMP TKIP"
	100	group="CCMP TKIP WEP104 WEP40"
	101	;;
	102
	103	# Normal WPA2 (802.11i).
	104	WPA2-PSK)
	105	auth_alg="OPEN"
	106	key_mgmt="WPA-PSK"
	107	proto="RSN"
	108	pairwise="CCMP TKIP"
	109	group="CCMP TKIP WEP104 WEP40"
	110	;;
	111
	112	# WPA2 with stronger algorithms.
	113	WPA2-PSK-SHA256)
	114	auth_alg="OPEN"
	115	key_mgmt="WPA-PSK-SHA256"
	116	proto="RSN"
	117	pairwise="CCMP TKIP"
	118	group="CCMP TKIP WEP104 WEP40"
	119	;;
	120
	121	# WEP.
	122	WEP)
	123	auth_alg="SHARED"
	124	wep_key0="${key}"
	125	wep_tx_keyidx="0"
	126
	127	# Reset PSK.
	128	psk=""
	129	;;
	130
	131	# IEEE 802.1X
	132	8021X)
	133	key_mgmt="IEEE8021X"
	134	;;
	135
4c1a5e6d MT	136	# IEEE 802.11s without authentication
	137	802.11s)
	138	operation_mode="mesh"
	139
	140	# Use SAE when we got a PSK
b7b18ba3	141	if isset key; then
4c1a5e6d MT	142	key_mgmt="SAE"
	143	else
	144	key_mgmt="NONE"
	145	fi
	146	;;
	147
22a61046 MT	148	# No encryption. DANGEROUS!
	149	NONE)
	150	auth_alg="OPEN"
	151	key_mgmt="NONE"
	152	;;
	153	*)
	154	log ERROR "Unknown mode: ${mode}"
	155	return ${EXIT_ERROR}
	156	;;
	157	esac
	158
231bce76	159	# Ensure we can write the file
46954be3	160	make_parent_directory "${file}"
22a61046 MT	161
	162	config_header "WPA supplicant configuration file" > ${file}
	163
	164	# AP scanning/selection
	165	print "ap_scan=${ap_scan}" >> ${file}
	166
	167	# Set country code, if known.
	168	if isset country_code; then
	169	print "country=\"${country_code}\"" >> ${file}
	170	fi
	171
	172	# Set control socket directory.
	173	print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file}
	174
	175	(
	176	print # Network section
	177	print "network={"
	178
	179	if isset auth_alg; then
	180	print " auth_alg=${auth_alg}"
	181	fi
	182
	183	if isset key_mgmt; then
	184	print " key_mgmt=${key_mgmt}"
	185	fi
	186
	187	if isset proto; then
	188	print " proto=${proto}"
	189	fi
6d4eec4c	190
22a61046	191	if isset ssid; then
aaf34099	192	print " ssid=\"${ssid}\""
22a61046 MT	193	fi
	194
	195	if isset key; then
	196	print " psk=\"${key}\""
	197	fi
	198
4c1a5e6d MT	199	# Operation Mode
	200	case "${operation_mode}" in
	201	ibss)
	202	print " mode=1"
	203	;;
	204	mesh)
	205	print " mode=5"
	206	;;
	207	esac
	208
	209	# Frequency
	210	if isset channel; then
	211	print " frequency=$(wireless_channel_to_frequency "${channel}")"
	212	fi
	213
22a61046 MT	214	if isset wep_key0; then
	215	print " wep_key0=\"${wep_key0}\""
	216	fi
	217
	218	if isset wep_tx_keyidx; then
	219	print " wep_tx_keyidx=${wep_tx_keyidx}"
	220	fi
	221
	222	print "}"
	223	) >> ${file}
	224
	225	return ${EXIT_OK}
6d4eec4c MT	226	}
6d4eec4c MT	227
02807ad2 MT	228	wpa_supplicant_config_destroy() {
	229	local device="${1}"
	230	assert isset device
	231
231bce76	232	file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf"
6d4eec4c MT	233	}
6d4eec4c MT	234
1c6a4e30	235	wpa_supplicant_start() {
6d4eec4c	236	local device=${1}
22a61046	237	assert isset device
6d4eec4c	238
22a61046 MT	239	service_start "wpa_supplicant@${device}.service"
22a61046 MT	240	}
6d4eec4c	241
1c6a4e30	242	wpa_supplicant_stop() {
22a61046 MT	243	local device=${1}
22a61046 MT	244	assert isset device
6d4eec4c	245
22a61046 MT	246	service_stop "wpa_supplicant@${device}.service"
	247	}
	248
1c6a4e30	249	wpa_supplicant_client() {
22a61046 MT	250	local device=${1}
	251	assert isset device
	252	shift
6d4eec4c	253
22a61046 MT	254	local cmd="$@"
	255	assert isset cmd
	256
	257	# Run the command and return the output.
	258	cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd}
6d4eec4c MT	259	}
6d4eec4c MT	260
1c6a4e30	261	wpa_cli_status() {
6d4eec4c	262	local device=${1}
22a61046 MT	263	assert isset device
	264
	265	wpa_supplicant_client ${device} status verbose
	266	}
6d4eec4c	267
1c6a4e30	268	wpa_cli_status_get() {
22a61046	269	local device=${1}
6d4eec4c MT	270	assert isset device
6d4eec4c MT	271
22a61046 MT	272	local arg=${2}
22a61046 MT	273	assert isset arg
6d4eec4c	274
22a61046 MT	275	local line key
	276	while read -r line; do
	277	key=$(cli_get_key ${line})
6d4eec4c	278
22a61046 MT	279	if [ "${key}" = "${arg}" ]; then
	280	cli_get_val "${line}"
	281	return ${EXIT_OK}
	282	fi
	283	done <<< "$(wpa_cli_status ${device})"
	284
	285	return ${EXIT_ERROR}
6d4eec4c MT	286	}
6d4eec4c MT	287
1c6a4e30	288	wpa_cli_bss() {
6d4eec4c	289	local device=${1}
22a61046 MT	290	assert isset device
	291
	292	local bss=${2}
	293	assert isset bss
6d4eec4c	294
22a61046 MT	295	wpa_supplicant_client ${device} bss ${bss}
	296	}
	297
1c6a4e30	298	wpa_cli_bss_get() {
22a61046	299	local device=${1}
6d4eec4c MT	300	assert isset device
6d4eec4c MT	301
22a61046 MT	302	local bss=${2}
22a61046 MT	303	assert isset bss
6d4eec4c	304
22a61046 MT	305	local arg=${3}
22a61046 MT	306	assert isset arg
6d4eec4c	307
22a61046 MT	308	local line key
	309	while read -r line; do
	310	key=$(cli_get_key ${line})
	311
	312	if [ "${key}" = "${arg}" ]; then
	313	cli_get_val "${line}"
	314	return ${EXIT_OK}
	315	fi
	316	done <<< "$(wpa_cli_bss ${device} ${bss})"
	317
	318	return ${EXIT_ERROR}
6d4eec4c MT	319	}
6d4eec4c MT	320
1c6a4e30	321	wpa_cli_bss_get_frequency() {
6d4eec4c	322	local device=${1}
6d4eec4c MT	323	assert isset device
6d4eec4c MT	324
22a61046 MT	325	local bssid=${2}
22a61046 MT	326	assert isset bssid
6d4eec4c	327
22a61046 MT	328	wpa_cli_bss_get ${device} ${bssid} freq
22a61046 MT	329	}
6d4eec4c	330
1c6a4e30	331	wpa_cli_bss_get_noise() {
22a61046 MT	332	local device=${1}
	333	assert isset device
	334
	335	local bssid=${2}
	336	assert isset bssid
	337
	338	wpa_cli_bss_get ${device} ${bssid} noise
6d4eec4c MT	339	}
6d4eec4c MT	340
1c6a4e30	341	wpa_cli_bss_get_quality() {
22a61046 MT	342	local device=${1}
22a61046 MT	343	assert isset device
6d4eec4c	344
22a61046 MT	345	local bssid=${2}
	346	assert isset bssid
	347
324c09bc MT	348	local quality=$(wpa_cli_bss_get ${device} ${bssid} qual)
	349
	350	# Convert to percent
	351	print $(( ${quality} * 100 / 70 ))
6d4eec4c MT	352	}
6d4eec4c MT	353
1c6a4e30	354	wpa_cli_bss_get_flags() {
22a61046 MT	355	local device=${1}
	356	assert isset device
	357
	358	local bssid=${2}
	359	assert isset bssid
6d4eec4c	360
22a61046	361	wpa_cli_bss_get ${device} ${bssid} flags
6d4eec4c	362	}