wireless-ap: Add WPA/WPA2 encryption.

diff --git a/functions.wireless b/functions.wireless
index 2cd19c57153d6271ae5de82006ea6d8811821797..fca2dacbb830ee6e1c7c50a052a9d97d0c1c115d 100644 (file)
--- a/functions.wireless
+++ b/functions.wireless
@@ -138,6 +138,8 @@ function hostapd_config_write() {
        local broadcast_ssid
        local channel
        local country_code
+       local encryption
+       local key
        local mode
        local ssid
 
@@ -158,6 +160,12 @@ function hostapd_config_write() {
                        --ssid=*)
                                ssid=${1#--ssid=}
                                ;;
+                       --encryption=*)
+                               encryption=$(cli_get_val ${1})
+                               ;;
+                       --key=*)
+                               key=$(cli_get_val ${1})
+                               ;;
                        *)
                                warning_log "Ignoring unknown argument '${1}'."
                                ;;                      
@@ -175,6 +183,12 @@ function hostapd_config_write() {
        assert isset mode
        assert isset ssid
 
+       # Check if key is set when encryption is used.
+       if isset encryption; then
+               assert isoneof encryption WPA WPA2 WPA/WPA2
+               assert isset key
+       fi
+
        local ignore_broadcast_ssid
        if enabled broadcast_ssid; then
                ignore_broadcast_ssid="0"
@@ -196,19 +210,37 @@ hw_mode=${mode}
 ignore_broadcast_ssid=${ignore_broadcast_ssid}
 ssid=${ssid}
 
-# Logging options
-logger_syslog=-1
-logger_syslog_level=2
-logger_stdout=-1
-logger_stdout_level=2
-
 # Dump file
-dump_file=$(hostapd_config_dir ${device}/dump
+dump_file=$(hostapd_config_dir ${device}/dump)
 
 ctrl_interface=/var/run/hostapd
 ctrl_interface_group=0
+
 EOF
 
+       if isset encryption; then
+               local encryption_mode=0
+               case "${encryption}" in
+                       WPA)
+                               encryption_mode=1
+                               ;;
+                       WPA2)
+                               encryption_mode=2
+                               ;;
+                       WPA/WPA2)
+                               encryption_mode=3
+                               ;;
+               esac
+
+               print "# Encryption settings."
+               print "wpa=${encryption_mode}"
+               print "wpa_passphrase=${key}"
+               print "wpa_key_mgmt=WPA-PSK"
+               print "wpa_pairwise=TKIP"
+               print "rsn_pairwise=CCMP"
+               print
+       fi
+
        return ${EXIT_OK}
 }
 

diff --git a/hooks/ports/wireless-ap b/hooks/ports/wireless-ap
index 7ff695263735d3890248685857d4c5c1991400ef..662ec4d5f797f95dcedd07c5da56613879fec8b9 100755 (executable)
--- a/hooks/ports/wireless-ap
+++ b/hooks/ports/wireless-ap
@@ -22,11 +22,14 @@
 . /usr/lib/network/header-port
 
 HOOK_SETTINGS="HOOK ADDRESS BROADCAST_SSID CHANNEL COUNTRY_CODE MODE PHY SSID"
+HOOK_SETTINGS="${HOOK_SETTINGS} ENCRYPTION KEY"
 
 ADDRESS=$(mac_generate)
 BROADCAST_SSID=on
 CHANNEL=1
 COUNTRY_CODE="US"
+ENCRYPTION=""
+KEY=""
 MODE="g"
 SSID=
 
@@ -42,6 +45,14 @@ function _check() {
        assert isset PHY
        assert ismac PHY
        assert isset SSID
+
+       if isset ENCRYPTION; then
+               assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2
+
+               assert isset KEY
+               assert [ ${#KEY} -ge 8 ]
+               assert [ ${#KEY} -le 63 ]
+       fi
 }
 
 function _create() {
@@ -56,6 +67,12 @@ function _create() {
                        --country-code=*)
                                COUNTRY_CODE=$(cli_get_val ${1})
                                ;;
+                       --encryption=*)
+                               ENCRYPTION=$(cli_get_val ${1})
+                               ;;
+                       --key=*)
+                               KEY=$(cli_get_val ${1})
+                               ;;
                        --mac=*)
                                ADDRESS=$(cli_get_val ${1})
                                ;;
@@ -106,6 +123,12 @@ function _edit() {
                        --country-code=*)
                                COUNTRY_CODE=$(cli_get_val ${1})
                                ;;
+                       --encryption=*)
+                               ENCRYPTION=$(cli_get_val ${1})
+                               ;;
+                       --key=*)
+                               KEY=$(cli_get_val ${1})
+                               ;;
                        --ssid=*)
                                SSID=$(cli_get_val ${1})
                                ;;
@@ -140,6 +163,8 @@ function _up() {
                        --broadcast-ssid="${BROADCAST_SSID}" \
                        --channel="${CHANNEL}" \
                        --country-code="${COUNTRY_CODE}" \
+                       --encryption="${ENCRYPTION}" \
+                       --key="${KEY}" \
                        --mode="${MODE}" \
                        --ssid="${SSID}"