]>
Commit | Line | Data |
---|---|---|
6d4eec4c MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22a61046 MT |
22 | WPA_SUPPLICANT_SOCKET_DIR="${RUN_DIR}/wpa_supplicant/ctrl" |
23 | ||
f1b49125 MT |
24 | wpa_supplicant_config_header() { |
25 | config_header "WPA supplicant configuration file" | |
26 | ||
27 | # Set control socket directory. | |
28 | print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" | |
29 | ||
30 | # Honour country | |
31 | if isset country; then | |
32 | print "country=${country}" | |
33 | fi | |
34 | ||
35 | print # end of header | |
36 | } | |
37 | ||
1c6a4e30 | 38 | wpa_supplicant_config_write() { |
02807ad2 MT |
39 | local device="${1}" |
40 | shift | |
6d4eec4c | 41 | |
02807ad2 | 42 | assert isset device |
6d4eec4c | 43 | |
231bce76 | 44 | local file="${WPA_SUPPLICANT_CONF_DIR}/${device}.conf" |
22a61046 | 45 | |
31670741 | 46 | local ap_scan=1 mode key ssid |
4c1a5e6d | 47 | local channel |
22a61046 MT |
48 | |
49 | local arg | |
50 | for arg in "$@"; do | |
51 | case "${arg}" in | |
52 | --ap-scan=*) | |
2212045f | 53 | ap_scan=$(cli_get_val "${arg}") |
22a61046 | 54 | ;; |
4c1a5e6d MT |
55 | --channel=*) |
56 | channel=$(cli_get_val "${arg}") | |
57 | ;; | |
22a61046 | 58 | --mode=*) |
2212045f | 59 | mode=$(cli_get_val "${arg}") |
22a61046 MT |
60 | |
61 | # Empty signals no encryption. | |
62 | isset mode || mode="NONE" | |
6d4eec4c | 63 | ;; |
22a61046 | 64 | --ssid=*) |
2212045f | 65 | ssid=$(cli_get_val "${arg}") |
6d4eec4c MT |
66 | ;; |
67 | --key=*) | |
2212045f | 68 | key=$(cli_get_val "${arg}") |
22a61046 MT |
69 | ;; |
70 | *) | |
71 | error "Unrecognized argument: ${arg}" | |
72 | return ${EXIT_ERROR} | |
6d4eec4c MT |
73 | ;; |
74 | esac | |
6d4eec4c MT |
75 | done |
76 | ||
22a61046 MT |
77 | assert isinteger ap_scan |
78 | assert isset mode | |
79 | ||
80 | local auth_alg key_mgmt proto ssid psk wep_key0 wep_tx_keyidx | |
4c1a5e6d | 81 | local operation_mode |
31670741 | 82 | local country_code="$(wireless_get_reg_domain)" |
22a61046 MT |
83 | |
84 | case "${mode}" in | |
85 | # Normal WPA. | |
86 | WPA-PSK) | |
87 | auth_alg="OPEN" | |
88 | key_mgmt="WPA-PSK" | |
89 | proto="WPA" | |
90 | pairwise="CCMP TKIP" | |
91 | group="CCMP TKIP WEP104 WEP40" | |
92 | ;; | |
93 | ||
94 | # WPA with stronger algorithms. | |
95 | WPA-PSK-SHA256) | |
96 | auth_alg="OPEN" | |
97 | key_mgmt="WPA-PSK-SHA256" | |
98 | proto="WPA" | |
99 | pairwise="CCMP TKIP" | |
100 | group="CCMP TKIP WEP104 WEP40" | |
101 | ;; | |
102 | ||
103 | # Normal WPA2 (802.11i). | |
104 | WPA2-PSK) | |
105 | auth_alg="OPEN" | |
106 | key_mgmt="WPA-PSK" | |
107 | proto="RSN" | |
108 | pairwise="CCMP TKIP" | |
109 | group="CCMP TKIP WEP104 WEP40" | |
110 | ;; | |
111 | ||
112 | # WPA2 with stronger algorithms. | |
113 | WPA2-PSK-SHA256) | |
114 | auth_alg="OPEN" | |
115 | key_mgmt="WPA-PSK-SHA256" | |
116 | proto="RSN" | |
117 | pairwise="CCMP TKIP" | |
118 | group="CCMP TKIP WEP104 WEP40" | |
119 | ;; | |
120 | ||
121 | # WEP. | |
122 | WEP) | |
123 | auth_alg="SHARED" | |
124 | wep_key0="${key}" | |
125 | wep_tx_keyidx="0" | |
126 | ||
127 | # Reset PSK. | |
128 | psk="" | |
129 | ;; | |
130 | ||
131 | # IEEE 802.1X | |
132 | 8021X) | |
133 | key_mgmt="IEEE8021X" | |
134 | ;; | |
135 | ||
4c1a5e6d MT |
136 | # IEEE 802.11s without authentication |
137 | 802.11s) | |
138 | operation_mode="mesh" | |
139 | ||
140 | # Use SAE when we got a PSK | |
b7b18ba3 | 141 | if isset key; then |
4c1a5e6d MT |
142 | key_mgmt="SAE" |
143 | else | |
144 | key_mgmt="NONE" | |
145 | fi | |
146 | ;; | |
147 | ||
22a61046 MT |
148 | # No encryption. DANGEROUS! |
149 | NONE) | |
150 | auth_alg="OPEN" | |
151 | key_mgmt="NONE" | |
152 | ;; | |
153 | *) | |
154 | log ERROR "Unknown mode: ${mode}" | |
155 | return ${EXIT_ERROR} | |
156 | ;; | |
157 | esac | |
158 | ||
231bce76 | 159 | # Ensure we can write the file |
46954be3 | 160 | make_parent_directory "${file}" |
22a61046 MT |
161 | |
162 | config_header "WPA supplicant configuration file" > ${file} | |
163 | ||
164 | # AP scanning/selection | |
165 | print "ap_scan=${ap_scan}" >> ${file} | |
166 | ||
167 | # Set country code, if known. | |
168 | if isset country_code; then | |
169 | print "country=\"${country_code}\"" >> ${file} | |
170 | fi | |
171 | ||
172 | # Set control socket directory. | |
173 | print "ctrl_interface=${WPA_SUPPLICANT_SOCKET_DIR}" >> ${file} | |
174 | ||
175 | ( | |
176 | print # Network section | |
177 | print "network={" | |
178 | ||
179 | if isset auth_alg; then | |
180 | print " auth_alg=${auth_alg}" | |
181 | fi | |
182 | ||
183 | if isset key_mgmt; then | |
184 | print " key_mgmt=${key_mgmt}" | |
185 | fi | |
186 | ||
187 | if isset proto; then | |
188 | print " proto=${proto}" | |
189 | fi | |
6d4eec4c | 190 | |
22a61046 | 191 | if isset ssid; then |
aaf34099 | 192 | print " ssid=\"${ssid}\"" |
22a61046 MT |
193 | fi |
194 | ||
195 | if isset key; then | |
196 | print " psk=\"${key}\"" | |
197 | fi | |
198 | ||
4c1a5e6d MT |
199 | # Operation Mode |
200 | case "${operation_mode}" in | |
201 | ibss) | |
202 | print " mode=1" | |
203 | ;; | |
204 | mesh) | |
205 | print " mode=5" | |
206 | ;; | |
207 | esac | |
208 | ||
209 | # Frequency | |
210 | if isset channel; then | |
211 | print " frequency=$(wireless_channel_to_frequency "${channel}")" | |
212 | fi | |
213 | ||
22a61046 MT |
214 | if isset wep_key0; then |
215 | print " wep_key0=\"${wep_key0}\"" | |
216 | fi | |
217 | ||
218 | if isset wep_tx_keyidx; then | |
219 | print " wep_tx_keyidx=${wep_tx_keyidx}" | |
220 | fi | |
221 | ||
222 | print "}" | |
223 | ) >> ${file} | |
224 | ||
225 | return ${EXIT_OK} | |
6d4eec4c MT |
226 | } |
227 | ||
02807ad2 MT |
228 | wpa_supplicant_config_destroy() { |
229 | local device="${1}" | |
230 | assert isset device | |
231 | ||
231bce76 | 232 | file_delete "${WPA_SUPPLICANT_CONF_DIR}/${device}.conf" |
6d4eec4c MT |
233 | } |
234 | ||
1c6a4e30 | 235 | wpa_supplicant_start() { |
6d4eec4c | 236 | local device=${1} |
22a61046 | 237 | assert isset device |
6d4eec4c | 238 | |
22a61046 MT |
239 | service_start "wpa_supplicant@${device}.service" |
240 | } | |
6d4eec4c | 241 | |
1c6a4e30 | 242 | wpa_supplicant_stop() { |
22a61046 MT |
243 | local device=${1} |
244 | assert isset device | |
6d4eec4c | 245 | |
22a61046 MT |
246 | service_stop "wpa_supplicant@${device}.service" |
247 | } | |
248 | ||
1c6a4e30 | 249 | wpa_supplicant_client() { |
22a61046 MT |
250 | local device=${1} |
251 | assert isset device | |
252 | shift | |
6d4eec4c | 253 | |
22a61046 MT |
254 | local cmd="$@" |
255 | assert isset cmd | |
256 | ||
257 | # Run the command and return the output. | |
258 | cmd wpa_cli -p${WPA_SUPPLICANT_SOCKET_DIR} -i${device} ${cmd} | |
6d4eec4c MT |
259 | } |
260 | ||
1c6a4e30 | 261 | wpa_cli_status() { |
6d4eec4c | 262 | local device=${1} |
22a61046 MT |
263 | assert isset device |
264 | ||
265 | wpa_supplicant_client ${device} status verbose | |
266 | } | |
6d4eec4c | 267 | |
1c6a4e30 | 268 | wpa_cli_status_get() { |
22a61046 | 269 | local device=${1} |
6d4eec4c MT |
270 | assert isset device |
271 | ||
22a61046 MT |
272 | local arg=${2} |
273 | assert isset arg | |
6d4eec4c | 274 | |
22a61046 MT |
275 | local line key |
276 | while read -r line; do | |
277 | key=$(cli_get_key ${line}) | |
6d4eec4c | 278 | |
22a61046 MT |
279 | if [ "${key}" = "${arg}" ]; then |
280 | cli_get_val "${line}" | |
281 | return ${EXIT_OK} | |
282 | fi | |
283 | done <<< "$(wpa_cli_status ${device})" | |
284 | ||
285 | return ${EXIT_ERROR} | |
6d4eec4c MT |
286 | } |
287 | ||
1c6a4e30 | 288 | wpa_cli_bss() { |
6d4eec4c | 289 | local device=${1} |
22a61046 MT |
290 | assert isset device |
291 | ||
292 | local bss=${2} | |
293 | assert isset bss | |
6d4eec4c | 294 | |
22a61046 MT |
295 | wpa_supplicant_client ${device} bss ${bss} |
296 | } | |
297 | ||
1c6a4e30 | 298 | wpa_cli_bss_get() { |
22a61046 | 299 | local device=${1} |
6d4eec4c MT |
300 | assert isset device |
301 | ||
22a61046 MT |
302 | local bss=${2} |
303 | assert isset bss | |
6d4eec4c | 304 | |
22a61046 MT |
305 | local arg=${3} |
306 | assert isset arg | |
6d4eec4c | 307 | |
22a61046 MT |
308 | local line key |
309 | while read -r line; do | |
310 | key=$(cli_get_key ${line}) | |
311 | ||
312 | if [ "${key}" = "${arg}" ]; then | |
313 | cli_get_val "${line}" | |
314 | return ${EXIT_OK} | |
315 | fi | |
316 | done <<< "$(wpa_cli_bss ${device} ${bss})" | |
317 | ||
318 | return ${EXIT_ERROR} | |
6d4eec4c MT |
319 | } |
320 | ||
1c6a4e30 | 321 | wpa_cli_bss_get_frequency() { |
6d4eec4c | 322 | local device=${1} |
6d4eec4c MT |
323 | assert isset device |
324 | ||
22a61046 MT |
325 | local bssid=${2} |
326 | assert isset bssid | |
6d4eec4c | 327 | |
22a61046 MT |
328 | wpa_cli_bss_get ${device} ${bssid} freq |
329 | } | |
6d4eec4c | 330 | |
1c6a4e30 | 331 | wpa_cli_bss_get_noise() { |
22a61046 MT |
332 | local device=${1} |
333 | assert isset device | |
334 | ||
335 | local bssid=${2} | |
336 | assert isset bssid | |
337 | ||
338 | wpa_cli_bss_get ${device} ${bssid} noise | |
6d4eec4c MT |
339 | } |
340 | ||
1c6a4e30 | 341 | wpa_cli_bss_get_quality() { |
22a61046 MT |
342 | local device=${1} |
343 | assert isset device | |
6d4eec4c | 344 | |
22a61046 MT |
345 | local bssid=${2} |
346 | assert isset bssid | |
347 | ||
324c09bc MT |
348 | local quality=$(wpa_cli_bss_get ${device} ${bssid} qual) |
349 | ||
350 | # Convert to percent | |
351 | print $(( ${quality} * 100 / 70 )) | |
6d4eec4c MT |
352 | } |
353 | ||
1c6a4e30 | 354 | wpa_cli_bss_get_flags() { |
22a61046 MT |
355 | local device=${1} |
356 | assert isset device | |
357 | ||
358 | local bssid=${2} | |
359 | assert isset bssid | |
6d4eec4c | 360 | |
22a61046 | 361 | wpa_cli_bss_get ${device} ${bssid} flags |
6d4eec4c | 362 | } |