Hello, this patch fixes eap_type configuration and adds a few options.
* eap_type should be get in wpa_supplicant.sh (was only in mac80211.sh).
* typo while writing eap_type to wpa_supplicant configuration file.
* allow 'identity' for all modes.
* make private_key_passwd optional.
* add 'client_cert' option for separate client certificate.
* add optional 'anonymous_identity'(ttls,peap) and 'phase1'(peap) parameters.
Signed-of-by: Frédéric Moulins <[EMAIL PROTECTED]>
diff --git a/package/mac80211/files/lib/wifi/mac80211.sh
b/package/mac80211/files/lib/wifi/mac80211.sh
--- a/package/mac80211/files/lib/wifi/mac80211.sh
+++ b/package/mac80211/files/lib/wifi/mac80211.sh
@@ -56,7 +56,6 @@
ifconfig "$ifname" down 2>/dev/null
config_get ifname "$vif" ifname
config_get enc "$vif" encryption
- config_get eap_type "$vif" eap_type
config_get mode "$vif" mode
config_get ifname "$vif" ifname
diff --git a/package/wpa_supplicant/files/wpa_supplicant.sh
b/package/wpa_supplicant/files/wpa_supplicant.sh
--- a/package/wpa_supplicant/files/wpa_supplicant.sh
+++ b/package/wpa_supplicant/files/wpa_supplicant.sh
@@ -31,27 +31,34 @@
WPA|wpa|WPA2|wpa2i|8021x|8021X)
proto='WPA2'
key_mgmt='WPA-EAP'
+ config_get eap_type "$vif" eap_type
config_get ca_cert "$vif" ca_cert
+ config_get identity "$vif" identity
ca_cert="ca_cert=\"$ca_cert\""
+ [ -n "$identity" ] && identity="identity=\"$identity\""
case "$eap_type" in
tls|TLS)
pairwise='pairwise=CCMP'
group='group=CCMP'
+ config_get client_cert "$vif"
client_cert
config_get priv_key "$vif" priv_key
config_get priv_key_pwd "$vif"
priv_key_pwd
+ [ -n "$client_cert" ] &&
client_cert="client_cert=\"${client_cert}\""
priv_key="private_key=\"$priv_key\""
-
priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
+ [ -n "$priv_key_pwd" ] &&
priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
;;
peap|PEAP|ttls|TTLS)
+ config_get phase1 "$vif" phase1
+ config_get anonymous_identity "$vif"
anonymous_identity
config_get auth "$vif" auth
- config_get identity "$vif" identity
config_get password "$vif" password
+
anonymous_identity="anonymous_identity=\"${anonymous_identity:-anonymous}\""
+ [ -n "$phase1" ] &&
phase1="phase1=\"${phase1}\""
phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
- identity="identity=\"$identity\""
password="password=\"$password\""
;;
esac
- eap_type="eap_type=$(echo $eap_type | tr 'a-z' 'A-Z')"
+ eap_type="eap=$(echo $eap_type | tr 'a-z' 'A-Z')"
;;
esac
config_get ifname "$vif" ifname
@@ -68,8 +75,11 @@
$group
$eap_type
$ca_cert
+ $client_cert
$priv_key
$priv_key_pwd
+ $phase1
+ $anonymous_identity
$phase2
$identity
$password
_______________________________________________
openwrt-devel mailing list
[email protected]
http://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
