1 hostapd_set_bss_options
() {
4 local enc wpa_group_rekey wps_possible
6 config_get enc
"$vif" encryption
7 config_get wpa_group_rekey
"$vif" wpa_group_rekey
8 config_get_bool ap_isolate
"$vif" isolate
0
10 config_get device
"$vif" device
11 config_get hwmode
"$device" hwmode
13 if [ "$ap_isolate" -gt 0 ]; then
14 append
"$var" "ap_isolate=$ap_isolate" "$N"
18 # psk-mixed/tkip => WPA1+2 PSK, TKIP
19 # wpa-psk2/tkip+aes => WPA2 PSK, CCMP+TKIP
20 # wpa2/tkip+aes => WPA2 RADIUS, CCMP+TKIP
23 # TODO: move this parsing function somewhere generic, so that
24 # later it can be reused by drivers that don't use hostapd
26 # crypto defaults: WPA2 vs WPA1
42 # explicit override for crypto setting
44 *tkip
+aes|
*tkip
+ccmp|
*aes
+tkip|
*ccmp
+tkip
) crypto
="CCMP TKIP";;
45 *aes|
*ccmp
) crypto
="CCMP";;
46 *tkip
) crypto
="TKIP";;
49 # enforce CCMP for 11ng and 11na
51 *ng|
*na
) crypto
="CCMP";;
54 # use crypto/auth settings for building the hostapd config
57 config_get psk
"$vif" key
58 if [ ${#psk} -eq 64 ]; then
59 append
"$var" "wpa_psk=$psk" "$N"
61 append
"$var" "wpa_passphrase=$psk" "$N"
66 # required fields? formats?
67 # hostapd is particular, maybe a default configuration for failures
68 config_get server
"$vif" server
69 append
"$var" "auth_server_addr=$server" "$N"
70 config_get port
"$vif" port
72 append
"$var" "auth_server_port=$port" "$N"
73 config_get secret
"$vif" key
74 append
"$var" "auth_server_shared_secret=$secret" "$N"
75 config_get nasid
"$vif" nasid
76 append
"$var" "nas_identifier=$nasid" "$N"
77 append
"$var" "eapol_key_index_workaround=1" "$N"
78 append
"$var" "radius_acct_interim_interval=300" "$N"
79 append
"$var" "ieee8021x=1" "$N"
80 append
"$var" "wpa_key_mgmt=WPA-EAP" "$N"
81 append
"$var" "wpa_group_rekey=300" "$N"
82 append
"$var" "wpa_gmk_rekey=640" "$N"
85 config_get key
"$vif" key
89 for idx
in 1 2 3 4; do
92 config_get ckey
"$vif" "key${idx}"
94 append
"$var" "wep_key${zidx}=$(prepare_key_wep "$ckey")" "$N"
96 append
"$var" "wep_default_key=$((key - 1))" "$N"
99 append
"$var" "wep_key0=$(prepare_key_wep "$key")" "$N"
100 append
"$var" "wep_default_key=0" "$N"
119 append
"$var" "auth_algs=${auth_algs:-1}" "$N"
120 append
"$var" "wpa=$wpa" "$N"
121 [ -n "$crypto" ] && append
"$var" "wpa_pairwise=$crypto" "$N"
122 [ -n "$wpa_group_rekey" ] && append
"$var" "wpa_group_rekey=$wpa_group_rekey" "$N"
124 config_get ssid
"$vif" ssid
125 config_get bridge
"$vif" bridge
126 config_get ieee80211d
"$vif" ieee80211d
127 config_get iapp_interface
"$vif" iapp_interface
129 config_get_bool wps_pbc
"$vif" wps_pushbutton
0
130 [ -n "$wps_possible" -a "$wps_pbc" -gt 0 ] && {
131 append
"$var" "eap_server=1" "$N"
132 append
"$var" "wps_state=2" "$N"
133 append
"$var" "ap_setup_locked=1" "$N"
134 append
"$var" "config_methods=push_button" "$N"
137 append
"$var" "ssid=$ssid" "$N"
138 [ -n "$bridge" ] && append
"$var" "bridge=$bridge" "$N"
139 [ -n "$ieee80211d" ] && append
"$var" "ieee80211d=$ieee80211d" "$N"
140 [ -n "$iapp_interface" ] && append
"$var" iapp_interface
=$
(uci_get_state network
"$iapp_interface" ifname
"$iapp_interface") "$N"
142 if [ "$wpa" -ge "2" ]
144 # RSN -> allow preauthentication
145 config_get rsn_preauth
"$vif" rsn_preauth
146 if [ -n "$bridge" -a "$rsn_preauth" = 1 ]
148 append
"$var" "rsn_preauth=1" "$N"
149 append
"$var" "rsn_preauth_interfaces=$bridge" "$N"
152 # RSN -> allow management frame protection
153 config_get ieee80211w
"$vif" ieee80211w
154 case "$ieee80211w" in
156 append
"$var" "ieee80211w=$ieee80211w" "$N"
157 [ "$ieee80211w" -gt "0" ] && {
158 config_get ieee80211w_max_timeout
"$vif" ieee80211w_max_timeout
159 config_get ieee80211w_retry_timeout
"$vif" ieee80211w_retry_timeout
160 [ -n "$ieee80211w_max_timeout" ] && \
161 append
"$var" "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N"
162 [ -n "$ieee80211w_retry_timeout" ] && \
163 append
"$var" "assoc_sa_query_retry_timeout=$ieee80211w_retry_timeout" "$N"
170 hostapd_setup_vif
() {
175 hostapd_set_bss_options hostapd_cfg
"$vif"
176 config_get ifname
"$vif" ifname
177 config_get device
"$vif" device
178 config_get channel
"$device" channel
179 config_get hwmode
"$device" hwmode
181 *bg|
*gdt|
*gst|
*fh
) hwmode
=g
;;
182 *adt|
*ast
) hwmode
=a
;;
184 [ "$channel" = auto
] && channel
=
185 [ -n "$channel" -a -z "$hwmode" ] && wifi_fixup_hwmode
"$device"
186 cat > /var
/run
/hostapd-
$ifname.conf
<<EOF
187 ctrl_interface=/var/run/hostapd-$ifname
190 ${hwmode:+hw_mode=${hwmode#11}}
191 ${channel:+channel=$channel}
194 hostapd
-P /var
/run
/wifi-
$ifname.pid
-B /var
/run
/hostapd-
$ifname.conf
projects / openwrt / openwrt.git / blob