2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2017 IPFire Network Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 WIRELESS_NETWORK_CONFIG_SETTINGS
="ENCRYPTION_MODE PRIORITY PSK SSID"
24 cli_wireless_network
() {
27 wireless_network_new
"${@:2}"
30 wireless_network_destroy
"${@:2}"
37 if ! wireless_network_exists
"${ssid}"; then
38 error
"No such wireless network: ${ssid}"
43 encryption_mode|pre_shared_key|priority
)
44 wireless_network_
${key} "${ssid}" "$@"
47 wireless_network_show
"${ssid}"
51 error
"Unrecognized argument: ${key}"
59 wireless_network_list
() {
60 list_directory
"${NETWORK_WIRELESS_NETWORKS_DIR}"
63 wireless_network_list_ssids
() {
65 for handle
in $
(wireless_network_list
); do
66 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
67 if ! wireless_network_read_config_by_handle
"${handle}"; then
75 # This function writes all values to a via ${ssid} specificated wireless network configuration file
76 wireless_network_write_config
() {
81 local ssid_hash
="$(wireless_network_hash "${ssid}")"
82 assert isset ssid_hash
84 if ! wireless_network_exists
"${ssid}"; then
85 log ERROR
"No such wireless network: '${ssid}'"
89 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}/settings"
91 if ! settings_write
"${path}" ${WIRELESS_NETWORK_CONFIG_SETTINGS}; then
92 log ERROR
"Could not write configuration settings for wireless network ${ssid}"
96 # When we get here the writing of the config file was successful
100 # This funtion writes the value for one key to a via ${ssid} specificated
101 # wireless network configuration file
102 wireless_network_write_config_key
() {
111 if ! wireless_network_exists
"${ssid}"; then
112 log ERROR
"No such wireless network: ${ssid}"
116 log DEBUG
"Set '${key}' to new value '${value}' in wireless network '${ssid}'"
118 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
120 # Read the config settings
121 if ! wireless_network_read_config
"${ssid}"; then
125 # Set the key to a new value
126 assign
"${key}" "${value}"
128 if ! wireless_network_write_config
"${ssid}"; then
135 wireless_network_read_config
() {
138 if ! wireless_network_exists
"${ssid}"; then
139 log ERROR
"No such wireless network : ${ssid}"
143 local handle
="$(wireless_network_hash "${ssid}")"
144 wireless_network_read_config_by_handle
"${handle}"
147 # Reads one or more keys out of a settings file or all if no key is provided.
148 wireless_network_read_config_by_handle
() {
155 if [ $# -eq 0 ] && [ -n "${WIRELESS_NETWORK_CONFIG_SETTINGS}" ]; then
156 list_append args
${WIRELESS_NETWORK_CONFIG_SETTINGS}
158 list_append args
"$@"
161 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/settings"
163 if ! settings_read
"${path}" ${args}; then
164 log ERROR
"Could not read settings for wireless network ${handle}"
169 # This function checks if a wireless network exists
170 # Returns True when yes and false when not
171 wireless_network_exists
() {
175 local ssid_hash
="$(wireless_network_hash "${ssid}")"
176 assert isset ssid_hash
178 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}"
180 # We cannot use wireless_network_read_config here beacuse we would end in a loop
183 local path_settings
="${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}/settings"
185 if ! settings_read
"${path_settings}" SSID
; then
191 if [ -d "${path}" ] && [[ "${ssid}" = "${SSID}" ]]; then
198 wireless_network_hash
() {
203 local hash=$
(echo -n "${string}" |
md5sum )
206 local path
="${NETWORK_WIRELESS_NETWORKS_DIR}/*${hash}"
208 if [ -d "${path}" ]; then
211 local normalized
=$
(normalize
"${string}")
212 normalized
=${normalized%-}
213 echo "${normalized}-${hash}"
217 wireless_network_new
() {
218 if [ $# -gt 1 ]; then
219 error
"Too many arguments"
224 if ! isset ssid
; then
225 error
"Please provide a SSID"
229 local ssid_hash
="$(wireless_network_hash "${ssid}")"
230 assert isset ssid_hash
232 # Check for duplicates
233 if wireless_network_exists
"${ssid}"; then
234 error
"The wireless network ${ssid} already exists"
238 log DEBUG
"Creating wireless network '${ssid}'"
240 if ! mkdir
-p "${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}"; then
241 log ERROR
"Could not create config directory for wireless network ${ssid}"
245 # When the ssid is not set in the settings file we cannot write it because wireless_network_exists fails
246 echo "SSID=\"${ssid}\"" >>"${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}/settings"
248 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
249 ENCRYPTION_MODE
="${WIRELESS_DEFAULT_ENCRYPTION_MODE}"
253 if ! wireless_network_write_config
"${ssid}"; then
254 log ERROR
"Could not write new config file"
259 # Deletes a wireless network
260 wireless_network_destroy
() {
263 if ! wireless_network_exists
"${ssid}"; then
264 error
"No such wireless network: ${ssid}"
268 local ssid_hash
="$(wireless_network_hash "${ssid}")"
269 assert isset ssid_hash
271 if ! rm -rf "${NETWORK_WIRELESS_NETWORKS_DIR}/${ssid_hash}"; then
272 error
"Could not delete the wireless network"
276 log INFO
"Successfully destroyed wireless network ${ssid}"
280 wireless_network_encryption_mode
() {
281 if [ ! $# -eq 2 ]; then
282 log ERROR
"Not enough arguments"
288 if ! isoneof mode
${WIRELESS_VALID_ENCRYPTION_MODES}; then
289 log ERROR
"Encryption mode '${mode}' is invalid"
293 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
294 if ! wireless_network_read_config
"${ssid}"; then
295 error
"Could not read configuration for ${ssid}"
299 # Validate the PSK when changing mode and reset if needed
300 if isset PSK
&& [ "${mode}" != "NONE" ] && \
301 ! wireless_pre_shared_key_is_valid
"${mode}" "${PSK}"; then
302 log WARNING
"The configured pre-shared-key is incompatible with this encryption mode and has been reset"
306 # Save new encryption mode
307 ENCRYPTION_MODE
="${mode}"
309 if ! wireless_network_write_config
"${ssid}"; then
310 log ERROR
"Could not write configuration settings"
315 wireless_network_pre_shared_key
() {
316 if [ ! $# -eq 2 ]; then
317 log ERROR
"Not enough arguments"
323 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
324 if ! wireless_network_read_config
"${ssid}"; then
325 error
"Could not read configuration for ${ssid}"
329 # Validate the key if encryption mode is known
330 if isset ENCRYPTION_MODE
&& [ "${ENCRYPTION_MODE}" != "NONE" ]; then
331 if ! wireless_pre_share_key_is_valid
"${ENCRYPTION_MODE}" "${psk}"; then
332 error
"The pre-shared-key is invalid for this wireless network: ${psk}"
337 if ! wireless_network_write_config_key
"${ssid}" "PSK" "${psk}"; then
338 log ERROR
"Could not write configuration settings"
343 wireless_network_priority
() {
344 if [ ! $# -eq 2 ]; then
345 log ERROR
"Not enough arguments"
351 if ! isinteger priority
&& [ ! ${priority} -ge 0 ]; then
352 log ERROR
"The priority must be an integer greater or eqal zero"
356 if ! wireless_network_write_config_key
"${ssid}" "PRIORITY" "${priority}"; then
357 log ERROR
"Could not write configuration settings"
362 wireless_networks_to_wpa_supplicant
() {
364 for ssid
in "$(wireless_network_list_ssids)"; do
365 wireless_network_to_wpa_supplicant
"${ssid}"
369 wireless_network_to_wpa_supplicant
() {
372 local ${WIRELESS_NETWORK_CONFIG_SETTINGS}
373 if ! wireless_network_read_config
"${ssid}"; then
374 error
"Could not read configuration for ${ssid}"
384 case "${ENCRYPTION_MODE}" in
391 group
="CCMP TKIP WEP104 WEP40"
394 # WPA with stronger algorithms
397 key_mgmt
="WPA-PSK-SHA256"
400 group
="CCMP TKIP WEP104 WEP40"
403 # Normal WPA2 (802.11i)
409 group
="CCMP TKIP WEP104 WEP40"
412 # WPA2 with stronger algorithms
415 key_mgmt
="WPA-PSK-SHA256"
418 group
="CCMP TKIP WEP104 WEP40"
431 # No encryption. DANGEROUS!
438 print_indent
0 "# ${SSID}"
439 print_indent
0 "network = {"
440 print_indent
1 "ssid=\"${ssid}\""
444 print_indent
1 "# Authentication"
445 print_indent
1 "auth_alg=${auth_alg}"
446 print_indent
1 "key_mgmt=${key_mgmt}"
448 case "${ENCRYPTION_MODE}" in
450 print_indent
1 "proto=${proto}"
451 print_indent
1 "pairwise=${pairwise}"
456 case "${ENCRYPTION_MODE}" in
458 print_indent
1 "psk=\"${PSK}\""
461 print_indent
1 "wep_key0=\"${PSK}\""
462 print_indent
1 "wep_tx_keyidx=0"