Add 802.1x client configuration support and corresponding documentation (#2069)
[openwrt/openwrt.git] / package / madwifi / files / lib / wifi / madwifi.sh
1 #!/bin/sh
2 append DRIVERS "atheros"
3
4 scan_atheros() {
5 local device="$1"
6 local wds
7 local adhoc sta ap
8
9 config_get vifs "$device" vifs
10 for vif in $vifs; do
11
12 config_get ifname "$vif" ifname
13 config_set "$vif" ifname "${ifname:-ath}"
14
15 config_get mode "$vif" mode
16 case "$mode" in
17 adhoc|ahdemo|sta|ap|monitor)
18 append $mode "$vif"
19 ;;
20 wds)
21 config_get ssid "$vif" ssid
22 [ -z "$ssid" ] && continue
23
24 config_set "$vif" wds 1
25 config_set "$vif" mode sta
26 mode="sta"
27 addr="$ssid"
28 ${addr:+append $mode "$vif"}
29 ;;
30 *) echo "$device($vif): Invalid mode, ignored."; continue;;
31 esac
32 done
33
34 case "${adhoc:+1}:${sta:+1}:${ap+1}" in
35 # valid mode combinations
36 1::) wds="";;
37 1::1);;
38 :1:1)config_set "$device" nosbeacon 1;; # AP+STA, can't use beacon timers for STA
39 :1:);;
40 ::1);;
41 ::);;
42 *) echo "$device: Invalid mode combination in config"; return 1;;
43 esac
44
45 config_set "$device" vifs "${ap:+$ap }${adhoc:+$adhoc }${ahdemo:+$ahdemo }${sta:+$sta }${wds:+$wds }${monitor:+$monitor}"
46 }
47
48
49 disable_atheros() (
50 local device="$1"
51
52 set_wifi_down "$device"
53 # kill all running hostapd and wpa_supplicant processes that
54 # are running on atheros vifs
55 for pid in `pidof hostapd wpa_supplicant`; do
56 grep ath /proc/$pid/cmdline >/dev/null && \
57 kill $pid
58 done
59
60 include /lib/network
61 cd /proc/sys/net
62 for dev in *; do
63 grep "$device" "$dev/%parent" >/dev/null 2>/dev/null && {
64 ifconfig "$dev" down
65 unbridge "$dev"
66 wlanconfig "$dev" destroy
67 }
68 done
69 return 0
70 )
71
72 enable_atheros() {
73 local device="$1"
74 config_get channel "$device" channel
75 config_get vifs "$device" vifs
76
77 [ auto = "$channel" ] && channel=0
78
79 local first=1
80 for vif in $vifs; do
81 nosbeacon=
82 config_get ifname "$vif" ifname
83 config_get enc "$vif" encryption
84 config_get eap_type "$vif" eap_type
85 config_get mode "$vif" mode
86
87 [ "$mode" = sta ] && config_get nosbeacon "$device" nosbeacon
88
89 config_get ifname "$vif" ifname
90 ifname=$(wlanconfig "$ifname" create wlandev "$device" wlanmode "$mode" ${nosbeacon:+nosbeacon})
91 [ $? -ne 0 ] && {
92 echo "enable_atheros($device): Failed to set up $mode vif $ifname" >&2
93 continue
94 }
95 config_set "$vif" ifname "$ifname"
96
97 [ "$first" = 1 ] && {
98 # only need to change freq band and channel on the first vif
99 config_get agmode "$device" agmode
100 [ -z "$agmode" ] && config_get agmode "$device" mode
101
102 pureg=0
103 case "$agmode" in
104 *b) agmode=11b;;
105 *bg) agmode=11g;;
106 *g) agmode=11g; pureg=1;;
107 *gdt) agmode=11gdt;;
108 *a) agmode=11a;;
109 *adt) agmode=11adt;;
110 *ast) agmode=11ast;;
111 *fh) agmode=fh;;
112 *) agmode=auto;;
113 esac
114 iwpriv "$ifname" mode "$agmode"
115 iwpriv "$ifname" pureg "$pureg"
116 iwconfig "$ifname" channel "$channel" >/dev/null 2>/dev/null
117 }
118
119 config_get_bool hidden "$vif" hidden 0
120 iwpriv "$ifname" hide_ssid "$hidden"
121
122 config_get ff "$vif" ff
123 if [ -n "$ff" ]; then
124 iwpriv "$ifname" ff "$ff"
125 fi
126
127 config_get wds "$vif" wds
128 case "$wds" in
129 1|on|enabled) wds=1;;
130 *) wds=0;;
131 esac
132 iwpriv "$ifname" wds "$wds"
133
134 [ "$mode" = ap -a "$wds" = 1 ] && {
135 config_get_bool wdssep "$vif" wdssep 1
136 [ -n "$wdssep" ] && iwpriv "$ifname" wdssep "$wdssep"
137 }
138
139 wpa=
140 case "$enc" in
141 WEP|wep)
142 for idx in 1 2 3 4; do
143 config_get key "$vif" "key${idx}"
144 iwconfig "$ifname" enc "[$idx]" "${key:-off}"
145 done
146 config_get key "$vif" key
147 key="${key:-1}"
148 case "$key" in
149 [1234]) iwconfig "$ifname" enc "[$key]";;
150 *) iwconfig "$ifname" enc "$key";;
151 esac
152 ;;
153 PSK|psk|PSK2|psk2)
154 config_get key "$vif" key
155 ;;
156 esac
157
158 case "$mode" in
159 adhoc|ahdemo)
160 config_get addr "$vif" bssid
161 [ -z "$addr" ] || {
162 iwconfig "$ifname" ap "$addr"
163 }
164 ;;
165 esac
166 config_get ssid "$vif" ssid
167
168 config_get_bool bgscan "$vif" bgscan
169 [ -n "$bgscan" ] && iwpriv "$ifname" bgscan "$bgscan"
170
171 config_get_bool antdiv "$device" diversity
172 [ -n "$antdiv" ] && sysctl -w dev."$device".diversity="$antdiv" >&-
173
174 config_get antrx "$device" rxantenna
175 [ -n "$antrx" ] && sysctl -w dev."$device".rxantenna="$antrx" >&-
176
177 config_get anttx "$device" txantenna
178 [ -n "$anttx" ] && sysctl -w dev."$device".txantenna="$anttx" >&-
179
180 config_get distance "$device" distance
181 [ -n "$distance" ] && athctrl -i "$device" -d "$distance" >&-
182
183 config_get txpwr "$vif" txpower
184 [ -n "$txpwr" ] && iwconfig "$ifname" txpower "${txpwr%%.*}"
185
186 config_get rate "$vif" rate
187 [ -n "$rate" ] && iwconfig "$ifname" rate "${rate%%.*}"
188
189 config_get mcast_rate "$vif" mcast_rate
190 [ -n "$mcast_rate" ] && iwpriv "$ifname" mcast_rate "${mcast_rate%%.*}"
191
192 config_get frag "$vif" frag
193 [ -n "$frag" ] && iwconfig "$ifname" frag "${frag%%.*}"
194
195 config_get rts "$vif" rts
196 [ -n "$rts" ] && iwconfig "$ifname" rts "${rts%%.*}"
197
198 config_get_bool comp "$vif" compression
199 [ -n "$comp" ] && iwpriv "$ifname" compression "$comp"
200
201 config_get_bool minrate "$vif" minrate
202 [ -n "$minrate" ] && iwpriv "$ifname" minrate "$minrate"
203
204 config_get_bool maxrate "$vif" maxrate
205 [ -n "$maxrate" ] && iwpriv "$ifname" maxrate "$maxrate"
206
207 config_get_bool burst "$vif" bursting
208 [ -n "$burst" ] && iwpriv "$ifname" burst "$burst"
209
210 config_get_bool wmm "$vif" wmm
211 [ -n "$wmm" ] && iwpriv "$ifname" wmm "$wmm"
212
213 config_get_bool xr "$vif" xr
214 [ -n "$xr" ] && iwpriv "$ifname" xr "$xr"
215
216 config_get_bool ar "$vif" ar
217 [ -n "$ar" ] && iwpriv "$ifname" ar "$ar"
218
219 config_get_bool turbo "$vif" turbo
220 [ -n "$turbo" ] && iwpriv "$ifname" turbo "$turbo"
221
222 config_get_bool doth "$vif" doth 0
223 [ -n "$doth" ] && iwpriv "$ifname" doth "$doth"
224
225 config_get maclist "$vif" maclist
226 [ -n "$maclist" ] && {
227 # flush MAC list
228 iwpriv "$ifname" maccmd 3
229 for mac in $maclist; do
230 iwpriv "$ifname" addmac "$mac"
231 done
232 }
233
234 config_get macpolicy "$vif" macpolicy
235 case "$macpolicy" in
236 allow)
237 iwpriv "$ifname" maccmd 1
238 ;;
239 deny)
240 iwpriv "$ifname" maccmd 2
241 ;;
242 *)
243 # default deny policy if mac list exists
244 [ -n "$maclist" ] && iwpriv "$ifname" maccmd 2
245 ;;
246 esac
247
248 ifconfig "$ifname" up
249 local net_cfg bridge
250 net_cfg="$(find_net_config "$vif")"
251 [ -z "$net_cfg" ] || {
252 bridge="$(bridge_interface "$net_cfg")"
253 config_set "$vif" bridge "$bridge"
254 start_net "$ifname" "$net_cfg"
255 }
256 iwconfig "$ifname" essid "$ssid"
257 set_wifi_up "$vif" "$ifname"
258 case "$mode" in
259 ap)
260 config_get_bool isolate "$vif" isolate 0
261 iwpriv "$ifname" ap_bridge "$((isolate^1))"
262
263 if eval "type hostapd_setup_vif" 2>/dev/null >/dev/null; then
264 hostapd_setup_vif "$vif" madwifi || {
265 echo "enable_atheros($device): Failed to set up wpa for interface $ifname" >&2
266 # make sure this wifi interface won't accidentally stay open without encryption
267 ifconfig "$ifname" down
268 wlanconfig "$ifname" destroy
269 continue
270 }
271 fi
272 ;;
273 wds|sta)
274 config_get_bool usepassphrase "$vif" passphrase 1
275 case "$enc" in
276 PSK|psk|PSK2|psk2)
277 case "$enc" in
278 PSK|psk)
279 proto='proto=WPA'
280 if [ "$usepassphrase" = "1" ]; then
281 passphrase="psk=\"${key}\""
282 else
283 passphrase="psk=${key}"
284 fi
285 ;;
286 PSK2|psk2)
287 proto='proto=RSN'
288 if [ "$usepassphrase" = "1" ]; then
289 passphrase="psk=\"${key}\""
290 else
291 passphrase="psk=${key}"
292 fi
293 ;;
294 esac
295 cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
296 network={
297 scan_ssid=1
298 ssid="$ssid"
299 key_mgmt=WPA-PSK
300 $proto
301 $passphrase
302 }
303 EOF
304 ;;
305 WPA|wpa|WPA2|wpa2i|8021x|8021X)
306 config_get ca_cert "$vif" ca_cert
307 eap_type=$(echo $eap_type | tr 'a-z' 'A-Z')
308 case "$eap_type" in
309 tls|TLS)
310 proto='proto=WPA2'
311 pairwise='pairwise=CCMP'
312 group='group=CCMP'
313 config_get priv_key "$vif" priv_key
314 config_get priv_key_pwd "$vif" priv_key_pwd
315 priv_key="private_key=\"$priv_key\""
316 priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
317 ;;
318 peap|PEAP|ttls|TTLS)
319 proto='proto=WPA2'
320 config_get auth "$vif" auth
321 config_get identity "$vif" identity
322 config_get password "$vif" password
323 phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
324 identity="identity=\"$identity\""
325 password="password=\"$password\""
326 ;;
327 esac
328 cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
329 network={
330 scan_ssid=1
331 ssid="$ssid"
332 key_mgmt=WPA-EAP
333 $proto
334 $pairwise
335 $group
336 eap=$eap_type
337 ca_cert="$ca_cert"
338 $priv_key
339 $priv_key_pwd
340 $phase2
341 $identity
342 $password
343 }
344 EOF
345 ;;
346 esac
347 [ -z "$proto" ] || wpa_supplicant ${bridge:+ -b $bridge} -B -D madwifi -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
348 ;;
349 esac
350 first=0
351 done
352 }
353
354
355 detect_atheros() {
356 cd /proc/sys/dev
357 [ -d ath ] || return
358 for dev in $(ls -d wifi* 2>&-); do
359 config_get type "$dev" type
360 [ "$type" = atheros ] && return
361 cat <<EOF
362 config wifi-device $dev
363 option type atheros
364 option channel auto
365
366 # REMOVE THIS LINE TO ENABLE WIFI:
367 option disabled 1
368
369 config wifi-iface
370 option device $dev
371 option network lan
372 option mode ap
373 option ssid OpenWrt
374 option encryption none
375 EOF
376 done
377 }