X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/bc233ef4904edbd646be4f8aa99d3a4fdc003af6..bd89d0375546794ed6cefab3797a4b284a5926a3:/package/hostapd/files/wpa_supplicant.sh

diff --git a/package/hostapd/files/wpa_supplicant.sh b/package/hostapd/files/wpa_supplicant.sh
index a9f8ca132..1ab6c663e 100644
--- a/package/hostapd/files/wpa_supplicant.sh
+++ b/package/hostapd/files/wpa_supplicant.sh
@@ -2,6 +2,7 @@ wpa_supplicant_setup_vif() {
 	local vif="$1"
 	local driver="$2"
 	local key="$key"
+	local options="$3"
 
 	# wpa_supplicant should use wext for mac80211 cards
 	[ "$driver" = "mac80211" ] && driver='wext'
@@ -22,6 +23,15 @@ wpa_supplicant_setup_vif() {
 		config_set "$vif" bridge "$bridge"
 	}
 
+	local mode ifname wds
+	config_get mode "$vif" mode
+	config_get ifname "$vif" ifname
+	config_get_bool wds "$vif" wds 0
+	[ -z "$bridge" ] || [ "$mode" = ap ] || [ "$mode" = sta -a $wds -eq 1 ] || {
+		echo "wpa_supplicant_setup_vif($ifname): Refusing to bridge $mode mode interface"
+		return 1
+	}
+
 	case "$enc" in
 		*none*)
 			key_mgmt='NONE'
@@ -50,36 +60,36 @@ wpa_supplicant_setup_vif() {
 		*psk*)
 			key_mgmt='WPA-PSK'
 			config_get_bool usepassphrase "$vif" passphrase 1
+			if [ "$usepassphrase" = "1" ]; then
+				passphrase="psk=\"${key}\""
+			else
+				passphrase="psk=${key}"
+			fi
 			case "$enc" in
 				*psk2*)
 					proto='proto=RSN'
-					if [ "$usepassphrase" = "1" ]; then
-						passphrase="psk=\"${key}\""
-					else
-						passphrase="psk=${key}"
-					fi
+					config_get ieee80211w "$vif" ieee80211w
 				;;
 				*psk*)
 					proto='proto=WPA'
-					if [ "$usepassphrase" = "1" ]; then
-						passphrase="psk=\"${key}\""
-					else
-						passphrase="psk=${key}"
-					fi
 				;;
 			esac
 		;;
 		*wpa*|*8021x*)
 			proto='proto=WPA2'
 			key_mgmt='WPA-EAP'
+			config_get ieee80211w "$vif" ieee80211w
 			config_get ca_cert "$vif" ca_cert
+			config_get eap_type "$vif" eap_type
 			ca_cert=${ca_cert:+"ca_cert=\"$ca_cert\""}
 			case "$eap_type" in
 				tls)
 					pairwise='pairwise=CCMP'
 					group='group=CCMP'
+					config_get identity "$vif" identity
 					config_get priv_key "$vif" priv_key
 					config_get priv_key_pwd "$vif" priv_key_pwd
+					identity="identity=\"$identity\""
 					priv_key="private_key=\"$priv_key\""
 					priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
 				;;
@@ -95,6 +105,13 @@ wpa_supplicant_setup_vif() {
 			eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')"
 		;;
 	esac
+
+	case "$ieee80211w" in
+		[012])
+			ieee80211w="ieee80211w=$ieee80211w"
+		;;
+	esac
+
 	config_get ifname "$vif" ifname
 	config_get bridge "$vif" bridge
 	config_get ssid "$vif" ssid
@@ -109,6 +126,7 @@ network={
 	$bssid
 	key_mgmt=$key_mgmt
 	$proto
+	$ieee80211w
 	$passphrase
 	$pairwise
 	$group
@@ -127,5 +145,5 @@ network={
 }
 EOF
 	[ -z "$proto" -a "$key_mgmt" != "NONE" ] || \
-		wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
+		wpa_supplicant ${bridge:+ -b $bridge} -B -P "/var/run/wifi-${ifname}.pid" -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf $options
 }