2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2017 IPFire Network Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 WIRELESS_NETWORK_CONFIG_SETTINGS
="EAP_MODES ENCRYPTION_MODE PRIORITY PSK SSID"
24 cli_wireless_network
() {
27 wireless_network_new
"${@:2}"
30 wireless_network_destroy
"${@:2}"
37 if ! wireless_network_exists
"${ssid}"; then
38 error
"No such wireless network: ${ssid}"
42 # Convert SSID into usable format
43 local handle
="$(wireless_network_hash "${ssid}")"
46 encryption_mode|pre_shared_key|priority
)
47 wireless_network_
${key} "${handle}" "$@"
50 wireless_network_show
"${handle}"
54 error
"Unrecognized argument: ${key}"
62 wireless_network_list
() {
63 list_directory
"${NETWORK_WIRELESS_NETWORKS_DIR}"
66 wireless_network_list_ssids
() {
68 for handle
in $
(wireless_network_list
); do
69 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
70 if ! wireless_network_read_config
"${handle}"; then
78 # This function writes all values to a via ${ssid} specificated wireless network configuration file
79 wireless_network_write_config
() {
84 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/settings"
86 if ! settings_write
"${path}" ${WIRELESS_NETWORK_CONFIG_SETTINGS}; then
87 log ERROR
"Could not write configuration"
91 # When we get here the writing of the config file was successful
95 # This funtion writes the value for one key to a via ${ssid} specificated
96 # wireless network configuration file
97 wireless_network_write_config_key
() {
106 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
108 # Read the config settings
109 if ! wireless_network_read_config
"${handle}"; then
113 log DEBUG
"Set '${key}' to new value '${value}' in wireless network '${SSID}'"
115 # Set the key to a new value
116 assign
"${key}" "${value}"
118 if ! wireless_network_write_config
"${handle}"; then
125 # Reads one or more keys out of a settings file or all if no key is provided.
126 wireless_network_read_config
() {
133 if [ $# -eq 0 ] && [ -n "${WIRELESS_NETWORK_CONFIG_SETTINGS}" ]; then
134 list_append args
${WIRELESS_NETWORK_CONFIG_SETTINGS}
136 list_append args
"$@"
139 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/settings"
141 if ! settings_read
"${path}" ${args}; then
142 log ERROR
"Could not read settings for wireless network ${handle}"
147 # This function checks if a wireless network exists
148 # Returns True when yes and false when not
149 wireless_network_exists
() {
152 local handle
="$(wireless_network_hash "${ssid}")"
155 # We cannot use wireless_network_read_config here beacuse we would end in a loop
157 if ! settings_read
"${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/settings" SSID
; then
161 if [ "${SSID}" = "${ssid}" ]; then
168 wireless_network_hash
() {
173 local hash=$
(echo -n "${string}" |
md5sum )
176 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/*${hash}"
178 if [ -d "${path}" ]; then
181 local normalized
=$
(normalize
"${string}")
182 normalized
=${normalized%-}
183 echo "${normalized}-${hash}"
187 wireless_network_new
() {
188 if [ $# -gt 1 ]; then
189 error
"Too many arguments"
195 if ! isset ssid
; then
196 error
"Please provide a SSID"
200 # Check for duplicates
201 if wireless_network_exists
"${ssid}"; then
202 error
"The wireless network ${ssid} already exists"
206 local handle
="$(wireless_network_hash "${ssid}")"
209 log DEBUG
"Creating wireless network '${ssid}'"
211 if ! mkdir
-p "${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}"; then
212 log ERROR
"Could not create config directory for wireless network ${ssid}"
216 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
217 ENCRYPTION_MODE
="${WIRELESS_DEFAULT_ENCRYPTION_MODE}"
221 if ! wireless_network_write_config
"${handle}"; then
222 log ERROR
"Could not write new config file"
227 # Deletes a wireless network
228 wireless_network_destroy
() {
231 if ! wireless_network_exists
"${ssid}"; then
232 error
"No such wireless network: ${ssid}"
236 local handle
="$(wireless_network_hash "${ssid}")"
239 if ! rm -rf "${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}"; then
240 error
"Could not delete the wireless network"
244 log INFO
"Successfully destroyed wireless network ${ssid}"
248 wireless_network_encryption_mode
() {
249 if [ ! $# -eq 2 ]; then
250 log ERROR
"Not enough arguments"
256 if ! isoneof mode
${WIRELESS_VALID_ENCRYPTION_MODES}; then
257 log ERROR
"Encryption mode '${mode}' is invalid"
261 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
262 if ! wireless_network_read_config
"${handle}"; then
263 error
"Could not read configuration"
267 # Validate the PSK when changing mode and reset if needed
268 if isset PSK
&& [ "${mode}" != "NONE" ] && \
269 ! wireless_pre_shared_key_is_valid
"${mode}" "${PSK}"; then
270 log WARNING
"The configured pre-shared-key is incompatible with this encryption mode and has been reset"
274 # Save new encryption mode
275 ENCRYPTION_MODE
="${mode}"
277 if ! wireless_network_write_config
"${handle}"; then
278 log ERROR
"Could not write configuration settings"
283 wireless_network_pre_shared_key
() {
284 if [ ! $# -eq 2 ]; then
285 log ERROR
"Not enough arguments"
292 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
293 if ! wireless_network_read_config
"${handle}"; then
294 error
"Could not read configuration"
298 # Validate the key if encryption mode is known
299 if isset ENCRYPTION_MODE
&& [ "${ENCRYPTION_MODE}" != "NONE" ]; then
300 if ! wireless_pre_share_key_is_valid
"${ENCRYPTION_MODE}" "${psk}"; then
301 error
"The pre-shared-key is invalid for this wireless network: ${psk}"
306 if ! wireless_network_write_config_key
"${handle}" "PSK" "${psk}"; then
307 log ERROR
"Could not write configuration settings"
312 wireless_network_priority
() {
313 if [ ! $# -eq 2 ]; then
314 log ERROR
"Not enough arguments"
321 if ! isinteger priority
&& [ ! ${priority} -ge 0 ]; then
322 log ERROR
"The priority must be an integer greater or eqal zero"
326 if ! wireless_network_write_config_key
"${handle}" "PRIORITY" "${priority}"; then
327 log ERROR
"Could not write configuration settings"
332 wireless_networks_to_wpa_supplicant
() {
334 for handle
in $
(wireless_network_list
); do
335 wireless_network_to_wpa_supplicant
"${handle}"
339 wireless_network_to_wpa_supplicant
() {
342 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
343 if ! wireless_network_read_config
"${handle}"; then
344 error
"Could not read configuration for ${handle}"
354 case "${ENCRYPTION_MODE}" in
361 group
="CCMP TKIP WEP104 WEP40"
364 # WPA with stronger algorithms
367 key_mgmt
="WPA-PSK-SHA256"
370 group
="CCMP TKIP WEP104 WEP40"
373 # Normal WPA2 (802.11i)
379 group
="CCMP TKIP WEP104 WEP40"
382 # WPA2 with stronger algorithms
385 key_mgmt
="WPA-PSK-SHA256"
388 group
="CCMP TKIP WEP104 WEP40"
391 # No encryption. DANGEROUS!
398 print_indent
0 "# ${SSID}"
399 print_indent
0 "network = {"
400 print_indent
1 "ssid=\"${SSID}\""
404 print_indent
1 "# Authentication"
405 print_indent
1 "auth_alg=${auth_alg}"
406 print_indent
1 "key_mgmt=${key_mgmt}"
408 case "${ENCRYPTION_MODE}" in
410 print_indent
1 "proto=${proto}"
411 print_indent
1 "pairwise=${pairwise}"
416 case "${ENCRYPTION_MODE}" in
418 print_indent
1 "psk=\"${PSK}\""
422 if isset EAP_MODES
; then
423 print_indent
1 "# EAP"
424 print_indent
1 "eap=${EAP_MODES}"