diff --git a/package/mac80211/files/lib/wifi/mac80211.sh b/package/mac80211/files/lib/wifi/mac80211.sh index a2e6c685c..bdf664c22 100644 --- a/package/mac80211/files/lib/wifi/mac80211.sh +++ b/package/mac80211/files/lib/wifi/mac80211.sh @@ -55,6 +55,7 @@ enable_mac80211() { for vif in $vifs; do config_get ifname "$vif" ifname config_get enc "$vif" encryption + config_get eap_type "$vif" eap_type config_get mode "$vif" mode config_get ifname "$vif" ifname @@ -145,30 +146,14 @@ enable_mac80211() { fi ;; sta) - case "$enc" in - PSK|psk|PSK2|psk2) - case "$enc" in - PSK|psk) - proto='proto=WPA';; - PSK2|psk2) - proto='proto=RSN';; - esac - cat > /var/run/wpa_supplicant-$ifname.conf </dev/null >/dev/null; then + wpa_supplicant_setup_vif "$vif" wext || { + echo "enable_mac80211($device): Failed to set up wpa_supplicant for interface $ifname" >&2 + # make sure this wifi interface won't accidentally stay open without encryption + ifconfig "$ifname" down + continue + } + fi ;; esac first=0 diff --git a/package/madwifi/files/lib/wifi/madwifi.sh b/package/madwifi/files/lib/wifi/madwifi.sh index 284c6609c..bec72383b 100755 --- a/package/madwifi/files/lib/wifi/madwifi.sh +++ b/package/madwifi/files/lib/wifi/madwifi.sh @@ -262,7 +262,7 @@ enable_atheros() { if eval "type hostapd_setup_vif" 2>/dev/null >/dev/null; then hostapd_setup_vif "$vif" madwifi || { - echo "enable_atheros($device): Failed to set up wpa for interface $ifname" >&2 + echo "enable_atheros($device): Failed to set up hostapd for interface $ifname" >&2 # make sure this wifi interface won't accidentally stay open without encryption ifconfig "$ifname" down wlanconfig "$ifname" destroy @@ -271,80 +271,14 @@ enable_atheros() { fi ;; wds|sta) - config_get_bool usepassphrase "$vif" passphrase 1 - case "$enc" in - PSK|psk|PSK2|psk2) - case "$enc" in - PSK|psk) - proto='proto=WPA' - if [ "$usepassphrase" = "1" ]; then - passphrase="psk=\"${key}\"" - else - passphrase="psk=${key}" - fi - ;; - PSK2|psk2) - proto='proto=RSN' - if [ "$usepassphrase" = "1" ]; then - passphrase="psk=\"${key}\"" - else - passphrase="psk=${key}" - fi - ;; - esac - cat > /var/run/wpa_supplicant-$ifname.conf < /var/run/wpa_supplicant-$ifname.conf </dev/null >/dev/null; then + wpa_supplicant_setup_vif "$vif" madwifi || { + echo "enable_atheros($device): Failed to set up wpa_supplicant for interface $ifname" >&2 + ifconfig "$ifname" down + wlanconfig "$ifname" destroy + continue + } + fi ;; esac first=0 diff --git a/package/wpa_supplicant/Makefile b/package/wpa_supplicant/Makefile index 41b9b1239..ed6e45588 100644 --- a/package/wpa_supplicant/Makefile +++ b/package/wpa_supplicant/Makefile @@ -75,6 +75,8 @@ define Package/wpa-supplicant/install $(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant \ $(PKG_BUILD_DIR)/wpa_supplicant/wpa_passphrase \ $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/lib/wifi + $(INSTALL_DATA) ./files/wpa_supplicant.sh $(1)/lib/wifi/wpa_supplicant.sh endef define Package/wpa-cli/install diff --git a/package/wpa_supplicant/files/wpa_supplicant.sh b/package/wpa_supplicant/files/wpa_supplicant.sh new file mode 100644 index 000000000..192c90354 --- /dev/null +++ b/package/wpa_supplicant/files/wpa_supplicant.sh @@ -0,0 +1,78 @@ +wpa_supplicant_setup_vif() { + local vif="$1" + local driver="$2" + + # wpa_supplicant should use wext for mac80211 cards + [ "$driver" = "mac80211" ] && driver='wext' + + case "$enc" in + PSK|psk|psk2|PSK2) + key_mgmt='WPA-PSK' + config_get_bool usepassphrase "$vif" passphrase 1 + case "$enc" in + psk|PSK) + proto='WPA' + if [ "$usepassphrase" = "1" ]; then + passphrase="psk=\"${key}\"" + else + passphrase="psk=${key}" + fi + ;; + psk2|PSK2) + proto='RSN' + if [ "$usepassphrase" = "1" ]; then + passphrase="psk=\"${key}\"" + else + passphrase="psk=${key}" + fi + ;; + esac + ;; + WPA|wpa|WPA2|wpa2i|8021x|8021X) + proto='WPA2' + key_mgmt='WPA-EAP' + config_get ca_cert "$vif" ca_cert + case "$eap_type" in + tls|TLS) + pairwise='pairwise=CCMP' + group='group=CCMP' + config_get priv_key "$vif" priv_key + config_get priv_key_pwd "$vif" priv_key_pwd + priv_key="private_key=\"$priv_key\"" + priv_key_pwd="private_key_passwd=\"$priv_key_pwd\"" + ;; + peap|PEAP|ttls|TTLS) + config_get auth "$vif" auth + config_get identity "$vif" identity + config_get password "$vif" password + phase2="phase2=\"auth=${auth:-MSCHAPV2}\"" + identity="identity=\"$identity\"" + password="password=\"$password\"" + ;; + esac + ;; + esac + config_get ifname "$vif" ifname + config_get bridge "$vif" bridge + config_get ssid "$vif" ssid + eap_type=$(echo $eap_type | tr 'a-z' 'A-Z') + cat > /var/run/wpa_supplicant-$ifname.conf <