+static void setup_bcom_vif_sec(int skfd, char *ifname, int vif)
+{
+ int val, wep, wsec, i;
+ char *v;
+
+ wsec = bcom_get_wsec(vif);
+ if (wsec)
+ val = bcom_get_wauth(vif);
+ else
+ val = 0;
+
+ bcom_set_bss_int(skfd, ifname, vif, "wpa_auth", val);
+
+ if (val) {
+ if (WPA_AUTH_PSK | WPA2_AUTH_PSK) {
+ v = nvram_safe_get(wl_var("wpa_psk"));
+ if ((strlen(v) >= 8) && (strlen(v) < 63) && nvram_match(wl_var("mode"), "wet") && (vif == 0)) {
+ /* Enable in-driver WPA supplicant */
+ wsec_pmk_t pmk;
+
+ pmk.key_len = (unsigned short) strlen(v);
+ pmk.flags = WSEC_PASSPHRASE;
+ strcpy(pmk.key, v);
+ bcom_ioctl(skfd, ifname, WLC_SET_WSEC_PMK, &pmk, sizeof(pmk));
+ bcom_set_int(skfd, ifname, "sup_wpa", 1);
+ } else {
+ bcom_set_int(skfd, ifname, "sup_wpa", 0);
+ }
+ }
+ bcom_set_bss_int(skfd, ifname, vif, "eap_restrict", 1);
+ bcom_set_bss_int(skfd, ifname, vif, "wsec", wsec);
+ bcom_set_bss_int(skfd, ifname, vif, "wsec_restrict", 1);
+ } else {
+ bcom_set_bss_int(skfd, ifname, vif, "eap_restrict", 0);
+ if (wep = nvram_enabled(vif_var(vif, "wep"))) {
+ wep = atoi(nvram_safe_get(vif_var(vif, "key")));
+ if ((wep >= 1) && (wep <= 4)) {
+ for (i = 1; i < 4; i++) {
+ wl_wsec_key_t k;
+ char name[5] = "key0";
+ unsigned char *kdata = k.data;
+ unsigned char *kstr;
+
+ bzero(&k, sizeof(k));
+ name[3] += i;
+ kstr = nvram_safe_get(vif_var(vif, name));
+ k.len = strlen(kstr);
+ if ((k.len == 10) || (k.len == 26)) {
+ k.index = i - 1;
+#ifdef DEBUG
+ fprintf(stderr, "Adding WEP key %d to VIF %d: ", i, vif);
+#endif
+ k.len = 0;
+ while (*kstr != 0) {
+ strncpy(name, kstr, 2);
+ name[2] = 0;
+ *kdata = (unsigned char) strtoul(name, NULL, 16);
+#ifdef DEBUG
+ fprintf(stderr, "%02x", *kdata);
+#endif
+ kstr += 2;
+ kdata++;
+ k.len++;
+ }
+#ifdef DEBUG
+ fprintf(stderr, "\n");
+#endif
+ } else {
+ k.len = 0;
+ }
+ if ((k.len > 0) && (i == wep))
+ k.flags = WL_PRIMARY_KEY;
+
+ bcom_set_bss_var(skfd, ifname, vif, "wsec_key", &k, sizeof(k));
+ }
+ wep = 1;
+ bcom_set_bss_int(skfd, ifname, vif, "wsec", WEP_ENABLED);
+ bcom_set_bss_int(skfd, ifname, vif, "wsec_restrict", 1);
+ bcom_set_bss_int(skfd, ifname, vif, "auth", 1);
+ } else {
+ wep = 0;
+ }
+ }
+ }