esac
}
+hostapd_append_wpa_key_mgmt() {
+ local auth_type="$(echo $auth_type | tr 'a-z' 'A-Z')"
+
+ append wpa_key_mgmt "WPA-$auth_type"
+ [ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-${auth_type}"
+ [ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type}-SHA256"
+}
+
hostapd_add_log_config() {
config_add_boolean \
log_80211 \
config_add_string wpa_psk_file
config_add_boolean wps_pushbutton wps_label ext_registrar wps_pbc_in_m1
+ config_add_int wps_ap_setup_locked wps_independent
config_add_string wps_device_type wps_device_name wps_manufacturer wps_pin
config_add_boolean ieee80211r pmk_r1_push
json_get_vars \
wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey \
maxassoc max_inactivity disassoc_low_ack isolate auth_cache \
- wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 \
- wps_device_type wps_device_name wps_manufacturer wps_pin \
+ wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 wps_ap_setup_locked \
+ wps_independent wps_device_type wps_device_name wps_manufacturer wps_pin \
macfilter ssid wmm uapsd hidden short_preamble rsn_preauth \
iapp_interface eapol_version acct_server acct_secret acct_port \
- dynamic_vlan
+ dynamic_vlan ieee80211w
set_default isolate 0
set_default maxassoc 0
[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"
wps_possible=1
- append wpa_key_mgmt "WPA-PSK"
;;
eap)
json_get_vars \
[ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
append bss_conf "eapol_key_index_workaround=1" "$N"
append bss_conf "ieee8021x=1" "$N"
- append wpa_key_mgmt "WPA-EAP"
[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"
;;
set_default wps_device_type "6-0050F204-1"
set_default wps_device_name "Lede AP"
set_default wps_manufacturer "www.lede-project.org"
+ set_default wps_independent 1
wps_state=2
[ -n "$wps_configured" ] && wps_state=1
append bss_conf "eap_server=1" "$N"
[ -n "$wps_pin" ] && append bss_conf "ap_pin=$wps_pin" "$N"
append bss_conf "wps_state=$wps_state" "$N"
- append bss_conf "ap_setup_locked=0" "$N"
append bss_conf "device_type=$wps_device_type" "$N"
append bss_conf "device_name=$wps_device_name" "$N"
append bss_conf "manufacturer=$wps_manufacturer" "$N"
append bss_conf "config_methods=$config_methods" "$N"
+ append bss_conf "wps_independent=$wps_independent" "$N"
+ [ -n "$wps_ap_setup_locked" ] && append bss_conf "ap_setup_locked=$wps_ap_setup_locked" "$N"
[ "$wps_pbc_in_m1" -gt 0 ] && append bss_conf "pbc_in_m1=$wps_pbc_in_m1" "$N"
}
for kh in $r1kh; do
append bss_conf "r1kh=${kh//,/ }" "$N"
done
-
- [ "$wpa_key_mgmt" != "${wpa_key_mgmt/EAP/}" ] && append wpa_key_mgmt "FT-EAP"
- [ "$wpa_key_mgmt" != "${wpa_key_mgmt/PSK/}" ] && append wpa_key_mgmt "FT-PSK"
fi
+ hostapd_append_wpa_key_mgmt
[ -n "$wpa_key_mgmt" ] && append bss_conf "wpa_key_mgmt=$wpa_key_mgmt" "$N"
fi
[ "$auth_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
# RSN -> allow management frame protection
- json_get_var ieee80211w ieee80211w
case "$ieee80211w" in
[012])
json_get_vars ieee80211w_max_timeout ieee80211w_retry_timeout
local network_data=
local T=" "
- local wpa_key_mgmt="WPA-PSK"
local scan_ssid="scan_ssid=1"
- local freq
-
- [ "$ieee80211r" -gt 0 ] && wpa_key_mgmt="FT-PSK $wpa_key_mgmt"
+ local freq wpa_key_mgmt
[[ "$_w_mode" = "adhoc" ]] && {
append network_data "mode=1" "$N$T"
scan_ssid="scan_ssid=0"
- [ "$_w_driver" = "nl80211" ] || wpa_key_mgmt="WPA-NONE"
+ [ "$_w_driver" = "nl80211" ] || append wpa_key_mgmt "WPA-NONE"
}
[[ "$_w_mode" = "mesh" ]] && {
freq="$(get_freq "$phy" "$channel")"
append network_data "frequency=$freq" "$N$T"
}
- wpa_key_mgmt="SAE"
+ append wpa_key_mgmt "SAE"
scan_ssid=""
}
psk)
local passphrase
+ if [ "$_w_mode" != "mesh" ]; then
+ hostapd_append_wpa_key_mgmt
+ fi
+
key_mgmt="$wpa_key_mgmt"
+
if [ ${#key} -eq 64 ]; then
passphrase="psk=${key}"
else
append network_data "$passphrase" "$N$T"
;;
eap)
- key_mgmt='WPA-EAP'
- [ "$ieee80211r" -gt 0 ] && key_mgmt="FT-EAP $key_mgmt"
+ hostapd_append_wpa_key_mgmt
+ key_mgmt="$wpa_key_mgmt"
json_get_vars eap_type identity anonymous_identity ca_cert
[ -n "$ca_cert" ] && append network_data "ca_cert=\"$ca_cert\"" "$N$T"