From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 19 Aug 2017 11:12:44 +0000 (+0000)
Subject: wireless networks: Allow using a client certificate to authenticate
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0da7d5665fb05b83810b8422497181437a6498fe;p=people%2Fjschlag%2Fnetwork.git

wireless networks: Allow using a client certificate to authenticate

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/functions/functions.wireless-networks b/src/functions/functions.wireless-networks
index de6a650..d717665 100644
--- a/src/functions/functions.wireless-networks
+++ b/src/functions/functions.wireless-networks
@@ -431,8 +431,10 @@ wireless_network_to_wpa_supplicant() {
 	assert isset auth_alg
 	assert isset key_mgmt
 
-	# Read CA certificate
+	# Certificate Paths
 	local ca_cert_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/ca.pem"
+	local client_cert_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/client.pem"
+	local client_key_path="${NETWORK_WIRELESS_NETWORKS_DIR}/${handle}/client.key"
 
 	print_indent 0 "# ${SSID}"
 	print_indent 0 "network={"
@@ -481,6 +483,14 @@ wireless_network_to_wpa_supplicant() {
 		print
 	fi
 
+	# Client Certificate
+	if file_exists "${client_cert_path}" && file_exists "${client_key_path}"; then
+		print_indent 1 "# Client Certificate"
+		print_indent 1 "client_cert=\"${client_cert_path}\""
+		print_indent 1 "private_key=\"${client_key_path}\""
+		print
+	fi
+
 	# Validate server certificates
 	if file_exists "${ca_cert_path}"; then
 		print_indent 1 "ca_cert=\"${ca_cert_path}\""