This patch adds wpa_supplicant calls for EAP TLS, TTLS, PEAP to madwifi configuration script.
Defined options correspond to wpa_supplicant options :
Common options :
* eap
* identity
* ca_cert
* pairwise
* group
TLS specific options :
* client_cert
* private_key
* private_key_passwd
TTLS and PEAP specific options :
* password
* phase2
* ca_cert2
* client_cert2
* private_key2
* private_key2_passwd
* anonymous_identity (TTLS only)
* phase1 (PEAP only)
Credit goes to Lionel Nardon.
Signed-off-by: Frédéric Moulins <[EMAIL PROTECTED]>
diff --git a/package/madwifi/files/lib/wifi/madwifi.sh
b/package/madwifi/files/lib/wifi/madwifi.sh
index 9d08e1f..d4705aa 100755
--- a/package/madwifi/files/lib/wifi/madwifi.sh
+++ b/package/madwifi/files/lib/wifi/madwifi.sh
@@ -148,6 +148,40 @@ enable_atheros() {
PSK|psk|PSK2|psk2)
config_get key "$vif" key
;;
+ WPA|wpa|WPA2|wpa2)
+ config_get identity "$vif" identity
+ config_get ca_cert "$vif" ca_cert
+ config_get eap "$vif" eap
+ config_get pairwise "$vif" pairwise
+ config_get group "$vif" group
+
+ case "$eap" in
+ TLS|tls)
+ config_get client_cert "$vif"
client_cert
+ config_get private_key "$vif"
private_key
+ config_get private_key_passwd
"$vif" private_key_passwd
+ ;;
+ TTLS|ttls|PEAP|peap)
+ config_get password "$vif"
password
+ config_get phase2 "$vif" phase2
+ config_get ca_cert2 "$vif"
ca_cert2
+ config_get client_cert2 "$vif"
client_cert2
+ config_get private_key2 "$vif"
private_key2
+ config_get private_key2_passwd
"$vif" private_key2_passwd
+ case "$eap" in
+ TTLS|ttls)
+ config_get
anonymous_identity "$vif" anonymous_identity
+ ;;
+ PEAP|peap)
+ config_get
phase1 "$vif" phase1
+ ;;
+ esac
+ ;;
+ *)
+ echo "$eap: Invalid eap mode in
config"; return 1
+ ;;
+ esac
+ ;;
esac
case "$mode" in
@@ -298,7 +332,74 @@ network={
EOF
;;
WPA|wpa|WPA2|wpa2)
- #add wpa_supplicant calls here
+ case "$enc" in
+ WPA|wpa)
+
proto='proto=WPA'
+ ;;
+ WPA2|wpa2)
+
proto='proto=RSN'
+ ;;
+ esac
+
+ [ -n "$pairwise" ] && pairw="
pairwise=${pairwise}"
+
+ [ -n "$group" ] && gr="
group=${group}"
+
+ [ -n "$ca_cert" ] && ca="
ca_cert=\"${ca_cert}\""
+
+ case "$eap" in
+ TLS|tls)
+ cli_cert="
client_cert=\"${client_cert}\""
+ priv_key="
private_key=\"${private_key}\""
+ priv_key_pass="
private_key_passwd=\"${private_key_passwd}\""
+ ;;
+ TTLS|ttls|PEAP|peap)
+ pass="
password=\"${password}\""
+
+ [ -n "$phase2"
] && pha2=" phase2=\"${phase2}\""
+
+ [ -n "$ca2" ]
&& ca2=" ca_cert2=\"${phase2}\""
+
+ [ -n
"$client_cert2" ] && cli_cert2=" client_cert2=\"${client_cert2}\""
+
+ [ -n
"$private_key2" ] && priv_key2=" private_key2=\"${private_key2}\""
+
+ [ -n
"$private_key2_passwd" ] && priv_key2_pass="
private_key2_passwd=\"${private_key2_passwd}\""
+
+ case "$eap" in
+
TTLS|ttls)
+
anon_id=" anonymous_identity=\"${anonymous_identity}\""
+ ;;
+
PEAP|peap)
+
[ -n "$phase1" ] && pha1=" phase1=\"${phase1}\""
+ ;;
+ esac
+ ;;
+ esac
+ sed '/^$/ d' << EOF >
/var/run/wpa_supplicant-$ifname.conf
+network={
+ scan_ssid=0
+ ssid="$ssid"
+ key_mgmt=WPA-EAP
+ $proto
+ eap=$eap
+ identity="$identity"
+$ca
+$anon_id
+$pairw
+$gr
+$cli_cert
+$priv_key
+$priv_key_pass
+$pass
+$pha1
+$pha2
+$ca2
+$cli_cert2
+$priv_key2
+$priv_key2_pass
+}
+EOF
;;
esac
[ -z "$proto" ] || wpa_supplicant ${bridge:+ -b
$bridge} -B -D madwifi -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
_______________________________________________
openwrt-devel mailing list
[email protected]
http://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
