X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/1e54b33b0127519366f04f658a1a1ee7afe335f8..369bc0e57da6a629d8a23a003d30a79c32a92573:/package/hostapd/files/wpa_supplicant.sh diff --git a/package/hostapd/files/wpa_supplicant.sh b/package/hostapd/files/wpa_supplicant.sh index 74d20c666..8b1de1694 100644 --- a/package/hostapd/files/wpa_supplicant.sh +++ b/package/hostapd/files/wpa_supplicant.sh @@ -2,6 +2,7 @@ wpa_supplicant_setup_vif() { local vif="$1" local driver="$2" local key="$key" + local options="$3" # wpa_supplicant should use wext for mac80211 cards [ "$driver" = "mac80211" ] && driver='wext' @@ -22,6 +23,15 @@ wpa_supplicant_setup_vif() { config_set "$vif" bridge "$bridge" } + local mode ifname wds + config_get mode "$vif" mode + config_get ifname "$vif" ifname + config_get_bool wds "$vif" wds 0 + [ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || { + echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface" + return 1 + } + case "$enc" in *none*) key_mgmt='NONE' @@ -49,7 +59,7 @@ wpa_supplicant_setup_vif() { ;; *psk*) key_mgmt='WPA-PSK' - config_get_bool usepassphrase "$vif" passphrase 1 + config_get_bool usepassphrase "$vif" usepassphrase 1 if [ "$usepassphrase" = "1" ]; then passphrase="psk=\"${key}\"" else @@ -70,13 +80,18 @@ wpa_supplicant_setup_vif() { key_mgmt='WPA-EAP' config_get ieee80211w "$vif" ieee80211w config_get ca_cert "$vif" ca_cert + config_get eap_type "$vif" eap_type ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""} case "$eap_type" in tls) pairwise='pairwise=CCMP' group='group=CCMP' + config_get identity "$vif" identity + config_get client_cert "$vif" client_cert config_get priv_key "$vif" priv_key config_get priv_key_pwd "$vif" priv_key_pwd + identity="identity=\"$identity\"" + client_cert="client_cert=\"$client_cert\"" priv_key="private_key=\"$priv_key\"" priv_key_pwd="private_key_passwd=\"$priv_key_pwd\"" ;; @@ -119,6 +134,7 @@ network={ $group $eap_type $ca_cert + $client_cert $priv_key $priv_key_pwd $phase2 @@ -132,5 +148,5 @@ network={ } EOF [ -z "$proto" -a "$key_mgmt" != "NONE" ] || \ - wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf + wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options }