wireless networks: Allow using a client certificate to authenticate

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/functions/functions.wireless-networks b/src/functions/functions.wireless-networks
index de6a650061a5f87e74a7a1734cb37b878e5da6d4..d717665ac7cecdd93b9754ab8ef3f2070501dace 100644 (file)
--- a/src/functions/functions.wireless-networks
+++ b/src/functions/functions.wireless-networks
@@ -431,8 +431,10 @@ wireless_network_to_wpa_supplicant() {
        assert isset auth_alg
        assert isset key_mgmt
 
-       # Read CA certificate
+       # Certificate Paths
        local ca_cert_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/ca.pem"
+       local client_cert_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/client.pem"
+       local client_key_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/client.key"
 
        print_indent 0 "# ${SSID}"
        print_indent 0 "network={"
@@ -481,6 +483,14 @@ wireless_network_to_wpa_supplicant() {
                print
        fi
 
+       # Client Certificate
+       if file_exists "${client_cert_path}" && file_exists "${client_key_path}"; then
+               print_indent 1 "# Client Certificate"
+               print_indent 1 "client_cert=\"${client_cert_path}\""
+               print_indent 1 "private_key=\"${client_key_path}\""
+               print
+       fi
+
        # Validate server certificates
        if file_exists "${ca_cert_path}"; then
                print_indent 1 "ca_cert=\"${ca_cert_path}\""