HOOK_PORT_PATTERN="${PORT_PATTERN_ACCESSPOINT}"
-HOOK_SETTINGS="ADDRESS BROADCAST_SSID CHANNEL CHANNEL_BANDWIDTH DFS MODE PHY"
-HOOK_SETTINGS="${HOOK_SETTINGS} ENCRYPTION ENVIRONMENT KEY SSID"
-HOOK_SETTINGS="${HOOK_SETTINGS} MFP"
+HOOK_SETTINGS=(
+ "ADDRESS"
+ "BROADCAST_SSID"
+ "CHANNEL"
+ "CHANNEL_BANDWIDTH"
+ "DFS"
+ "ENVIRONMENT"
+ "MFP"
+ "MODE"
+ "PHY"
+ "SECRET"
+ "SSID"
+ "WPA3_PERSONAL"
+ "WPA2_PERSONAL"
+)
+
+# Disable WPA3+2 by default
+DEFAULT_WPA3_PERSONAL="off"
+DEFAULT_WPA2_PERSONAL="off"
# Broadcast SSID by default
DEFAULT_BROADCAST_SSID="on"
DEFAULT_DFS="on"
# 802.11w - Management Frame Protection
-# Disable by default because many clients cannot connect when enabled
-DEFAULT_MFP="off"
+DEFAULT_MFP="on"
DEFAULT_ENVIRONMENT="${WIRELESS_DEFAULT_ENVIRONMENT}"
assert ismac PHY
assert isset SSID
- if isset ENCRYPTION; then
- assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2
-
- assert isset KEY
- assert [ ${#KEY} -ge 8 ]
- assert [ ${#KEY} -le 63 ]
- fi
-
assert wireless_environment_is_valid "${ENVIRONMENT}"
}
CHANNEL_BANDWIDTH="$(cli_get_val "${1}")"
;;
--dfs=*)
- DFS="$(cli_get_val "${1}")"
-
- if enabled DFS; then
- DFS="on"
- elif disabled DFS; then
- DFS="off"
- else
- error "Invalid value for DFS: ${DFS}"
- return ${EXIT_ERROR}
- fi
- ;;
- --encryption=*)
- ENCRYPTION=$(cli_get_val "${1}")
+ DFS="$(cli_get_bool "${1}")"
;;
--environment=*)
ENVIRONMENT="$(cli_get_val "${1}")"
return ${EXIT_ERROR}
fi
;;
- --key=*)
- KEY=$(cli_get_val "${1}")
- ;;
--mac=*)
ADDRESS=$(cli_get_val "${1}")
;;
--mfp=*)
- MFP="$(cli_get_val "${1}")"
-
- if enabled MFP; then
- MFP="on"
- elif disabled MFP; then
- MFP="off"
- else
- error "Invalid value for --mfp: ${MFP}"
- return ${EXIT_ERROR}
- fi
+ MFP="$(cli_get_bool "${1}")"
;;
--mode=*)
MODE=$(cli_get_val "${1}")
--phy=*)
PHY=$(cli_get_val "${1}")
;;
+ --secret=*)
+ SECRET="$(cli_get_val "${1}")"
+ ;;
--ssid=*)
SSID=$(cli_get_val "${1}")
;;
+ --wpa2-personal=*)
+ WPA2_PERSONAL="$(cli_get_bool "${1}")"
+ ;;
+ --wpa3-personal=*)
+ WPA3_PERSONAL="$(cli_get_bool "${1}")"
+ ;;
*)
warning "Ignoring unknown argument '${1}'"
;;
return ${EXIT_ERROR}
fi
+ # Check if SECRET is set when WPA* is enabled
+ if enabled WPA3_PERSONAL || enabled WPA2_PERSONAL; then
+ if ! isset SECRET; then
+ error "Secret is not set when PSK authentication is enabled"
+ return ${EXIT_ERROR}
+ fi
+
+ # Check if SECRET is valid
+ if ! wireless_pre_shared_key_is_valid "${SECRET}"; then
+ error "The secret is in an invalid format"
+ return ${EXIT_ERROR}
+ fi
+ fi
+
# Save address of phy do identify it again
PHY=$(phy_get ${PHY})
PHY=$(phy_get_address ${PHY})
device_exists "${port}" && exit ${EXIT_OK}
- port_settings_read "${port}" ${HOOK_SETTINGS}
+ port_settings_read "${port}"
# Check if the PHY is present.
local phy=$(phy_get ${PHY})