#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

function wireless_create() {
	local device=${1}
	local phy=$(phy_get ${2})
	local type=${3}
	local mac=${4}

	assert isset device
	assert isset phy
	assert isset type

	isset mac || mac=$(mac_generate)

	assert phy_exists ${phy}
	assert isoneof type managed __ap

	iw phy ${phy} interface add ${device} type ${type}

	if device_exists ${device}; then
		device_set_address ${device} ${mac}
	fi

	device_set_up ${device}
}

function wireless_remove() {
	local device=${1}

	assert device_exists ${device}

	device_set_down ${device}

	iw dev ${device} del
}

function wireless_set_channel() {
	local device=${1}
	local channel=${2}

	assert isset device
	assert device_exists ${device}
	assert isset channel

	iw dev ${device} set channel ${channel} $@
}

function hostapd_config_dir() {
	local device=${1}
	
	echo "${RUN_DIR}/hostapd/${device}"
}

function hostapd_config_write() {
	local device=${1}
	shift

	assert device_exists ${device}

	local broadcast_ssid
	local channel
	local country_code
	local encryption
	local key
	local mode
	local ssid

	while [ $# -gt 0 ]; do
		case "${1}" in
			--broadcast-ssid=*)
				broadcast_ssid=${1#--broadcast-ssid=}
				;;
			--channel=*)
				channel=${1#--channel=}
				;;
			--country-code=*)
				country_code=${1#--country-code=}
				;;
			--mode=*)
				mode=${1#--mode=}
				;;
			--ssid=*)
				ssid=${1#--ssid=}
				;;
			--encryption=*)
				encryption=$(cli_get_val ${1})
				;;
			--key=*)
				key=$(cli_get_val ${1})
				;;
			*)
				warning_log "Ignoring unknown argument '${1}'."
				;;			
		esac
		shift
	done

	assert isset broadcast_ssid
	assert isbool broadcast_ssid

	assert isset channel
	assert isinteger channel

	assert isset country_code
	assert isset mode
	assert isset ssid

	# Check if key is set when encryption is used.
	if isset encryption; then
		assert isoneof encryption WPA WPA2 WPA/WPA2
		assert isset key
	fi

	local ignore_broadcast_ssid
	if enabled broadcast_ssid; then
		ignore_broadcast_ssid="0"
	else
		ignore_broadcast_ssid="1"
	fi

	local hw_mode ieee80211n="0"
	if [ "${mode}" = "n" ]; then
		if [ ${channel} -le 15 ]; then
			hw_mode="g"
		else
			hw_mode="a"
		fi
		ieee80211n="1"
	fi

	cat <<EOF
### Hostapd configuration for ${device}

# Interface configuration
driver=nl80211
interface=${device}

# Wireless configuration
channel=${channel}
country_code=${country_code}
hw_mode=${hw_mode}
ieee80211n=${ieee80211n}
ignore_broadcast_ssid=${ignore_broadcast_ssid}
ssid=${ssid}

# Dump file
dump_file=$(hostapd_config_dir ${device}/dump)

ctrl_interface=/var/run/hostapd
ctrl_interface_group=0

EOF

	if isset encryption; then
		local encryption_mode=0
		case "${encryption}" in
			WPA)
				encryption_mode=1
				;;
			WPA2)
				encryption_mode=2
				;;
			WPA/WPA2)
				encryption_mode=3
				;;
		esac

		print "# Encryption settings."
		print "wpa=${encryption_mode}"
		print "wpa_passphrase=${key}"
		print "wpa_key_mgmt=WPA-PSK"
		print "wpa_pairwise=TKIP"
		print "rsn_pairwise=CCMP"
		print
	fi

	return ${EXIT_OK}
}

function hostapd_start() {
	local device=${1}
	shift

	assert isset device

	local config_dir=$(hostapd_config_dir ${device})
	mkdir -p ${config_dir}

	local config_file=${config_dir}/config
	hostapd_config_write ${device} $@ > ${config_file}

	service_start "hostapd@${device}.service"
	local ret=$?

	case "${ret}" in
		0)
			log DEBUG "Hostapd was successfully started for '${device}'."
			return ${EXIT_OK}
			;;
		1)
			error_log "Could not start hostapd properly for '${device}'."
			
			error_log "Configuration file dump:"
			local line
			while read line; do
				error_log "  ${line}"
			done < ${config_file}

			return ${EXIT_ERROR}
			;;
	esac
}

function hostapd_stop() {
	local device=${1}
	assert isset device

	service_stop "hostapd@${device}.service"

	rm -rf $(hostapd_config_dir ${device})
}

function hostapd_get_pid() {
	local device=${1}

	assert isset device

	local pid_file="$(hostapd_config_dir ${device})/pid"

	[ -e "${pid_file}" ] || return ${EXIT_ERROR}

	cat ${pid_file} 2>/dev/null
	return ${EXIT_OK}
}

function hostapd_is_running() {
	local device=${1}

	assert isset device

	local pid=$(hostapd_get_pid ${device})

	if isset pid && [ -d "/proc/${pid}" ]; then
		return ${EXIT_OK}
	fi

	return ${EXIT_ERROR}
}

function wpa_supplicant_config_write() {
	local device=${1}
	shift

	assert isset device

	local ssid
	local encryption
	local key

	while [ $# -gt 0 ]; do
		case "${1}" in
			--ssid=*)
				ssid=${1#--ssid=}
				;;
			--encryption=*)
				encryption=${1#--encryption=}
				;;
			--key=*)
				key=${1#--key=}
				;;
		esac
		shift
	done

	assert isset ssid
	assert isset encryption
	assert isset key

	cat <<EOF
# WPA supplicant configuration for ${device}.
# DO NOT EDIT.

network={
	ssid="${ssid}"
	proto=RSN
	key_mgmt=${encryption}
	pairwise=CCMP
	group=TKIP
	psk="${key}"
}

EOF
}

function wpa_supplicant_config_dir() {
	local device=${1}

	assert isset device

	echo "${RUN_DIR}/wireless/${device}"
}

function wpa_supplicant_start() {
	local device=${1}
	shift

	assert device_exists ${device}

	local config_dir=$(wpa_supplicant_config_dir ${device})
	mkdir -p ${config_dir}

	local config_file=${config_dir}/config
	wpa_supplicant_config_write ${device} $@ > ${config_file}

	wpa_supplicant -i ${device} -D wext -B -c ${config_file} \
		-P ${config_dir}/pid
}

function wpa_supplicant_stop() {
	local device=${1}

	assert isset device

	local pid=$(wpa_supplicant_get_pid ${device})

	if isset pid; then
		process_kill ${pid}
	else
		warning_log "Could not find pid file for wpa_supplicant process running for ${device}."
	fi

	rm -rf $(wpa_supplicant_config_dir ${device})
}

function wpa_supplicant_get_pid() {
	local device=${1}

	assert isset device

	local pid_file="$(wpa_supplicant_config_dir ${device})/pid"

	[ -e "${pid_file}" ] || return ${EXIT_ERROR}

	cat ${pid_file} 2>/dev/null
	return ${EXIT_OK}
}

function wpa_supplicant_is_running() {
	local device=${1}

	assert isset device

	local pid=$(wpa_supplicant_get_pid ${device})

	if isset pid && [ -d "/proc/${pid}" ]; then
		return ${EXIT_OK}
	fi

	return ${EXIT_ERROR}
}

function wpa_supplicant_get_pid() {
	local zone=${1}
	shift

	
}

function wpa_supplicant_stop() {
	local zone=${1}
	shift

	killall wpa_supplicant
}