X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fhostapd%2Ffiles%2Fnetifd.sh;h=988ebc7757fedfba3eba464a973824622c3af8c3;hb=2856c7e32070347615f7e759f1c25e7b78c765af;hp=b87672c4d72c7fc3d4915363b49dbcfe08a3eda7;hpb=bdcffb9bb6bcab19a9e8978039760e4c3202a30e;p=openwrt%2Fopenwrt.git

diff --git a/package/network/services/hostapd/files/netifd.sh b/package/network/services/hostapd/files/netifd.sh
index b87672c4d7..988ebc7757 100644
--- a/package/network/services/hostapd/files/netifd.sh
+++ b/package/network/services/hostapd/files/netifd.sh
@@ -36,6 +36,14 @@ hostapd_append_wep_key() {
 	esac
 }
 
+hostapd_append_wpa_key_mgmt() {
+	local auth_type="$(echo $auth_type | tr 'a-z' 'A-Z')"
+
+	append wpa_key_mgmt "WPA-$auth_type"
+	[ "${ieee80211r:-0}" -gt 0 ] && append wpa_key_mgmt "FT-${auth_type}"
+	[ "${ieee80211w:-0}" -gt 0 ] && append wpa_key_mgmt "WPA-${auth_type}-SHA256"
+}
+
 hostapd_add_log_config() {
 	config_add_boolean \
 		log_80211 \
@@ -150,6 +158,7 @@ hostapd_common_add_bss_config() {
 	config_add_string wpa_psk_file
 
 	config_add_boolean wps_pushbutton wps_label ext_registrar wps_pbc_in_m1
+	config_add_int wps_ap_setup_locked wps_independent
 	config_add_string wps_device_type wps_device_name wps_manufacturer wps_pin
 
 	config_add_boolean ieee80211r pmk_r1_push
@@ -183,11 +192,11 @@ hostapd_set_bss_options() {
 	json_get_vars \
 		wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey \
 		maxassoc max_inactivity disassoc_low_ack isolate auth_cache \
-		wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 \
-		wps_device_type wps_device_name wps_manufacturer wps_pin \
+		wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 wps_ap_setup_locked \
+		wps_independent wps_device_type wps_device_name wps_manufacturer wps_pin \
 		macfilter ssid wmm uapsd hidden short_preamble rsn_preauth \
 		iapp_interface eapol_version acct_server acct_secret acct_port \
-		dynamic_vlan
+		dynamic_vlan ieee80211w
 
 	set_default isolate 0
 	set_default maxassoc 0
@@ -256,7 +265,6 @@ hostapd_set_bss_options() {
 			[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"
 
 			wps_possible=1
-			append wpa_key_mgmt "WPA-PSK"
 		;;
 		eap)
 			json_get_vars \
@@ -291,7 +299,6 @@ hostapd_set_bss_options() {
 			[ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
 			append bss_conf "eapol_key_index_workaround=1" "$N"
 			append bss_conf "ieee8021x=1" "$N"
-			append wpa_key_mgmt "WPA-EAP"
 
 			[ "$eapol_version" -ge "1" -a "$eapol_version" -le "2" ] && append bss_conf "eapol_version=$eapol_version" "$N"
 		;;
@@ -322,6 +329,7 @@ hostapd_set_bss_options() {
 		set_default wps_device_type "6-0050F204-1"
 		set_default wps_device_name "Lede AP"
 		set_default wps_manufacturer "www.lede-project.org"
+		set_default wps_independent 1
 
 		wps_state=2
 		[ -n "$wps_configured" ] && wps_state=1
@@ -331,11 +339,12 @@ hostapd_set_bss_options() {
 		append bss_conf "eap_server=1" "$N"
 		[ -n "$wps_pin" ] && append bss_conf "ap_pin=$wps_pin" "$N"
 		append bss_conf "wps_state=$wps_state" "$N"
-		append bss_conf "ap_setup_locked=0" "$N"
 		append bss_conf "device_type=$wps_device_type" "$N"
 		append bss_conf "device_name=$wps_device_name" "$N"
 		append bss_conf "manufacturer=$wps_manufacturer" "$N"
 		append bss_conf "config_methods=$config_methods" "$N"
+		append bss_conf "wps_independent=$wps_independent" "$N"
+		[ -n "$wps_ap_setup_locked" ] && append bss_conf "ap_setup_locked=$wps_ap_setup_locked" "$N"
 		[ "$wps_pbc_in_m1" -gt 0 ] && append bss_conf "pbc_in_m1=$wps_pbc_in_m1" "$N"
 	}
 
@@ -376,11 +385,9 @@ hostapd_set_bss_options() {
 			for kh in $r1kh; do
 				append bss_conf "r1kh=${kh//,/ }" "$N"
 			done
-
-			[ "$wpa_key_mgmt" != "${wpa_key_mgmt/EAP/}" ] && append wpa_key_mgmt "FT-EAP"
-			[ "$wpa_key_mgmt" != "${wpa_key_mgmt/PSK/}" ] && append wpa_key_mgmt "FT-PSK"
 		fi
 
+		hostapd_append_wpa_key_mgmt
 		[ -n "$wpa_key_mgmt" ] && append bss_conf "wpa_key_mgmt=$wpa_key_mgmt" "$N"
 	fi
 
@@ -397,7 +404,6 @@ hostapd_set_bss_options() {
 		[ "$auth_cache" = 0 ] && append bss_conf "disable_pmksa_caching=1" "$N"
 
 		# RSN -> allow management frame protection
-		json_get_var ieee80211w ieee80211w
 		case "$ieee80211w" in
 			[012])
 				json_get_vars ieee80211w_max_timeout ieee80211w_retry_timeout
@@ -614,8 +620,10 @@ wpa_supplicant_add_network() {
 		psk)
 			local passphrase
 
-			append wpa_key_mgmt "WPA-PSK"
-			[ "$ieee80211r" -gt 0 ] && append wpa_key_mgmt "FT-PSK"
+			if [ "$_w_mode" != "mesh" ]; then
+				hostapd_append_wpa_key_mgmt
+			fi
+
 			key_mgmt="$wpa_key_mgmt"
 
 			if [ ${#key} -eq 64 ]; then
@@ -626,8 +634,7 @@ wpa_supplicant_add_network() {
 			append network_data "$passphrase" "$N$T"
 		;;
 		eap)
-			append wpa_key_mgmt "WPA-EAP"
-		        [ "$ieee80211r" -gt 0 ] && append wpa_key_mgmt "FT-EAP"
+			hostapd_append_wpa_key_mgmt
 			key_mgmt="$wpa_key_mgmt"
 
 			json_get_vars eap_type identity anonymous_identity ca_cert