From: Michael Tremer Date: Sun, 2 Sep 2012 15:03:31 +0000 (+0000) Subject: wireless-ap: Add WPA/WPA2 encryption. X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=25e32463aaf011485cf1b6e6badadd1f2160b1b0;p=people%2Fstevee%2Fnetwork.git wireless-ap: Add WPA/WPA2 encryption. --- diff --git a/functions.wireless b/functions.wireless index 2cd19c57..fca2dacb 100644 --- a/functions.wireless +++ b/functions.wireless @@ -138,6 +138,8 @@ function hostapd_config_write() { local broadcast_ssid local channel local country_code + local encryption + local key local mode local ssid @@ -158,6 +160,12 @@ function hostapd_config_write() { --ssid=*) ssid=${1#--ssid=} ;; + --encryption=*) + encryption=$(cli_get_val ${1}) + ;; + --key=*) + key=$(cli_get_val ${1}) + ;; *) warning_log "Ignoring unknown argument '${1}'." ;; @@ -175,6 +183,12 @@ function hostapd_config_write() { assert isset mode assert isset ssid + # Check if key is set when encryption is used. + if isset encryption; then + assert isoneof encryption WPA WPA2 WPA/WPA2 + assert isset key + fi + local ignore_broadcast_ssid if enabled broadcast_ssid; then ignore_broadcast_ssid="0" @@ -196,19 +210,37 @@ hw_mode=${mode} ignore_broadcast_ssid=${ignore_broadcast_ssid} ssid=${ssid} -# Logging options -logger_syslog=-1 -logger_syslog_level=2 -logger_stdout=-1 -logger_stdout_level=2 - # Dump file -dump_file=$(hostapd_config_dir ${device}/dump +dump_file=$(hostapd_config_dir ${device}/dump) ctrl_interface=/var/run/hostapd ctrl_interface_group=0 + EOF + if isset encryption; then + local encryption_mode=0 + case "${encryption}" in + WPA) + encryption_mode=1 + ;; + WPA2) + encryption_mode=2 + ;; + WPA/WPA2) + encryption_mode=3 + ;; + esac + + print "# Encryption settings." + print "wpa=${encryption_mode}" + print "wpa_passphrase=${key}" + print "wpa_key_mgmt=WPA-PSK" + print "wpa_pairwise=TKIP" + print "rsn_pairwise=CCMP" + print + fi + return ${EXIT_OK} } diff --git a/hooks/ports/wireless-ap b/hooks/ports/wireless-ap index 7ff69526..662ec4d5 100755 --- a/hooks/ports/wireless-ap +++ b/hooks/ports/wireless-ap @@ -22,11 +22,14 @@ . /usr/lib/network/header-port HOOK_SETTINGS="HOOK ADDRESS BROADCAST_SSID CHANNEL COUNTRY_CODE MODE PHY SSID" +HOOK_SETTINGS="${HOOK_SETTINGS} ENCRYPTION KEY" ADDRESS=$(mac_generate) BROADCAST_SSID=on CHANNEL=1 COUNTRY_CODE="US" +ENCRYPTION="" +KEY="" MODE="g" SSID= @@ -42,6 +45,14 @@ function _check() { assert isset PHY assert ismac PHY assert isset SSID + + if isset ENCRYPTION; then + assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2 + + assert isset KEY + assert [ ${#KEY} -ge 8 ] + assert [ ${#KEY} -le 63 ] + fi } function _create() { @@ -56,6 +67,12 @@ function _create() { --country-code=*) COUNTRY_CODE=$(cli_get_val ${1}) ;; + --encryption=*) + ENCRYPTION=$(cli_get_val ${1}) + ;; + --key=*) + KEY=$(cli_get_val ${1}) + ;; --mac=*) ADDRESS=$(cli_get_val ${1}) ;; @@ -106,6 +123,12 @@ function _edit() { --country-code=*) COUNTRY_CODE=$(cli_get_val ${1}) ;; + --encryption=*) + ENCRYPTION=$(cli_get_val ${1}) + ;; + --key=*) + KEY=$(cli_get_val ${1}) + ;; --ssid=*) SSID=$(cli_get_val ${1}) ;; @@ -140,6 +163,8 @@ function _up() { --broadcast-ssid="${BROADCAST_SSID}" \ --channel="${CHANNEL}" \ --country-code="${COUNTRY_CODE}" \ + --encryption="${ENCRYPTION}" \ + --key="${KEY}" \ --mode="${MODE}" \ --ssid="${SSID}"