← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/wpasupplicant/gutsy

« back to all changes in this revision

Viewing changes to debian/ifupdown/functions.sh

  • Committer: Bazaar Package Importer
  • Author(s): Reinhard Tartler, Alexander Sack
  • Date: 2007-08-26 16:06:57 UTC
  • mfrom: (1.1.9 upstream)
  • Revision ID: james.westby@ubuntu.com-20070826160657-2m8pxoweuxe8f93t
Tags: 0.6.0+0.5.8-0ubuntu1
https://launchpad.net/bugs/140763
https://launchpad.net/bugs/141233
* New upstream release
* remove patch 11_erroneous_manpage_ref, applied upstream
* remove patch 25_wpas_dbus_unregister_iface_fix, applied upstream

[ Alexander Sack ]
* bumping upstream version to replace development version 0.6.0 with
  this package from stable release branch.
* attempt to fix wierd timeout and high latency issues by going
  back to stable upstream version (0.5.9) (LP: #140763,
  LP: #141233).

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/ifupdown/functions.sh
1
 
#!/bin/sh
2
 
 
3
 
# Copyright (C) 2006 Debian/Ubuntu wpasupplicant Maintainers 
4
 
# <pkg-wpa-devel@lists.alioth.debian.org>
5
 
#
6
 
# This program is free software; you can redistribute it and/or
7
 
# modify it under the terms of the GNU General Public License
8
 
# as published by the Free Software Foundation; either version 2
9
 
# of the License, or (at your option) any later version.
10
 
#
11
 
# This program is distributed in the hope that it will be useful,
12
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of
13
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14
 
# GNU General Public License for more details.
15
 
#
16
 
# On Debian GNU/Linux systems, the text of the GPL license can be
17
 
# found in /usr/share/common-licenses/GPL.
18
 
 
19
 
#####################################################################
20
 
## global variables
21
 
# wpa_supplicant variables
22
 
WPA_SUP_BIN="/sbin/wpa_supplicant"
23
 
WPA_SUP_PNAME="wpa_supplicant"
24
 
WPA_SUP_PIDFILE="/var/run/wpa_supplicant.$WPA_IFACE.pid"
25
 
 
26
 
# wpa_cli variables
27
 
WPA_CLI_BIN="/sbin/wpa_cli"
28
 
WPA_CLI_PNAME="wpa_cli"
29
 
WPA_CLI_PIDFILE="/var/run/wpa_action.$WPA_IFACE.pid"
30
 
WPA_CLI_LOGFILE="/var/log/wpa_action.log"
31
 
WPA_CLI_TIMESTAMP="/var/run/wpa_action.$WPA_IFACE.timestamp"
32
 
 
33
 
# default ctrl_interface socket directory
34
 
if [ -z "$WPA_CTRL_DIR" ]; then
35
 
        WPA_CTRL_DIR="/var/run/wpa_supplicant"
36
 
fi
37
 
 
38
 
# verbosity variables
39
 
if [ -n "$IF_WPA_VERBOSITY" ] || [ "$VERBOSITY" = "1" ]; then
40
 
        TO_NULL="/dev/stdout"
41
 
        DAEMON_VERBOSITY="--verbose"
42
 
else
43
 
        TO_NULL="/dev/null"
44
 
        DAEMON_VERBOSITY="--quiet"
45
 
fi
46
 
 
47
 
#####################################################################
48
 
## wpa_cli wrapper
49
 
# Path to common ctrl_interface socket and iface supplied.
50
 
# NB: WPA_CTRL_DIR cannot be used for interactive commands.
51
 
#
52
 
wpa_cli () {
53
 
        $WPA_CLI_BIN -p $WPA_CTRL_DIR -i $WPA_IFACE "$@"
54
 
}
55
 
 
56
 
#####################################################################
57
 
## verbose and stderr message wrapper
58
 
# Ensures a standard and easily identifiable message is printed by
59
 
# scripts using this function library.
60
 
#
61
 
# verbose       To stdout when IF_WPA_VERBOSITY or VERBOSITY is true
62
 
#
63
 
# action        Same as verbose but without newline
64
 
#               Useful for allowing wpa_cli commands to echo result
65
 
#               value of 'OK' or 'FAILED'
66
 
#
67
 
# stderr        Echo warning or error messages to stderr
68
 
#
69
 
# NB: when called by wpa_action, there is no redirection (verbose)
70
 
#
71
 
wpa_msg () {
72
 
        
73
 
        if [ -n "$WPA_ACTION" ]; then
74
 
                shift
75
 
                echo "wpa_action: $@"
76
 
                return
77
 
        fi
78
 
        
79
 
        case "$1" in 
80
 
                "verbose")
81
 
                        shift
82
 
                        echo "$WPA_SUP_PNAME: $@" >$TO_NULL
83
 
                        ;;
84
 
                "action")
85
 
                        shift
86
 
                        echo -n "$WPA_SUP_PNAME: $@ -- " >$TO_NULL
87
 
                        ;;
88
 
                "stderr")
89
 
                        shift
90
 
                        echo "$WPA_SUP_PNAME: $@" >/dev/stderr
91
 
                        ;;
92
 
                *)
93
 
                        ;;
94
 
        esac
95
 
}
96
 
 
97
 
#####################################################################
98
 
## validate daemon pid files
99
 
# Test daemon process ID files via start-stop-daemon with a signal 0
100
 
# given the exec binary and pidfile location.
101
 
#
102
 
# $1    daemon
103
 
# $2    pidfile
104
 
#
105
 
# Returns true when pidfile exists, the process ID exists _and_ was
106
 
# created by the exec binary.
107
 
#
108
 
# If the test fails, but the pidfile exists, it is stale
109
 
#
110
 
test_daemon_pidfile () {
111
 
        local DAEMON PIDFILE
112
 
        
113
 
        if [ -n "$1" ]; then
114
 
                DAEMON="$1"
115
 
        fi
116
 
        
117
 
        if [ -f "$2" ]; then
118
 
                PIDFILE="$2"
119
 
        fi
120
 
        
121
 
        if [ -n "$DAEMON" ] && [ -f "$PIDFILE" ]; then
122
 
                if start-stop-daemon --stop --quiet --signal 0 \
123
 
                        --exec "$DAEMON" --pidfile "$PIDFILE"; then
124
 
                        return 0
125
 
                else
126
 
                        rm -f "$PIDFILE"
127
 
                        return 1
128
 
                fi
129
 
        else
130
 
                return 1
131
 
        fi
132
 
}
133
 
 
134
 
# validate wpa_supplicant pidfile
135
 
test_wpa_supplicant () {
136
 
        test_daemon_pidfile "$WPA_SUP_BIN" "$WPA_SUP_PIDFILE"
137
 
}
138
 
 
139
 
# validate wpa_cli pidfile
140
 
test_wpa_cli () {
141
 
        test_daemon_pidfile "$WPA_CLI_BIN" "$WPA_CLI_PIDFILE"
142
 
}
143
 
 
144
 
#####################################################################
145
 
## daemonize wpa_supplicant
146
 
# Start wpa_supplicant via start-stop-dameon with all required
147
 
# options. Will start if environment variable WPA_SUP_CONF is present
148
 
#
149
 
# Required options:
150
 
# -B    dameonize/background process
151
 
# -D    driver backend ('wext' if none given)
152
 
# -P    process ID file
153
 
# -C    path to ctrl_interface socket directory
154
 
#
155
 
# Optional options:
156
 
# -c    configuration file
157
 
# -W    wait for wpa_cli to attach to ctrl_interface socket
158
 
# -b    bridge interface name
159
 
#
160
 
init_wpa_supplicant () {
161
 
        if [ -n "$WPA_SUP_CONF" ]; then
162
 
                # wpa-action was removed, point to wpa-roam
163
 
                if [ -n "$IF_WPA_ACTION" ]; then
164
 
                        wpa_msg stderr "wpa-action support has been removed"
165
 
                        wpa_msg stderr "refer to /usr/share/doc/wpasupplicant/README.modes.gz"
166
 
                        return 1
167
 
                fi
168
 
 
169
 
                local WPA_SUP_DRIVER WPA_SUP_OPTIONS
170
 
 
171
 
                if [ -n "$WPA_ACTION_SCRIPT" ]; then
172
 
                        if [ -x "$WPA_ACTION_SCRIPT" ]; then
173
 
                                WPA_SUP_OPTIONS="-W -B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
174
 
                                wpa_msg verbose "wait for wpa_cli to attach"
175
 
                        else
176
 
                                wpa_msg stderr "action script \"$WPA_ACTION_SCRIPT\" not executable"
177
 
                                return 1
178
 
                        fi
179
 
                else
180
 
                        WPA_SUP_OPTIONS="-B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
181
 
                fi
182
 
 
183
 
                if [ -n "$IF_WPA_BRIDGE" ]; then
184
 
                        WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -b $IF_WPA_BRIDGE"
185
 
                        wpa_msg verbose "wpa-bridge $IF_WPA_BRIDGE"
186
 
                fi
187
 
 
188
 
                if [ -n "$IF_WPA_DRIVER" ]; then
189
 
                        WPA_SUP_DRIVER="$IF_WPA_DRIVER"
190
 
                        wpa_msg verbose "wpa-driver $WPA_SUP_DRIVER"
191
 
                else
192
 
                        WPA_SUP_DRIVER="wext"
193
 
                        wpa_msg verbose "using default driver type: wpa-driver $WPA_SUP_DRIVER"
194
 
                fi
195
 
 
196
 
                wpa_msg verbose "$WPA_SUP_BIN $WPA_SUP_OPTIONS -D $WPA_SUP_DRIVER $WPA_SUP_CONF"
197
 
                        
198
 
                start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
199
 
                        --name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \
200
 
                        -- $WPA_SUP_OPTIONS -D $WPA_SUP_DRIVER $WPA_SUP_CONF
201
 
 
202
 
                if [ "$?" != "0" ]; then
203
 
                        wpa_msg stderr "$WPA_SUP_BIN daemon failed to start"
204
 
                        return 1
205
 
                fi
206
 
                
207
 
                local WPA_SOCKET_WAIT MAX_WPA_SOCKET_WAIT
208
 
                WPA_SOCKET_WAIT="0"
209
 
                MAX_WPA_SOCKET_WAIT="5"
210
 
                until [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; do
211
 
                        if [ "$WPA_SOCKET_WAIT" -ge "$MAX_WPA_SOCKET_WAIT" ]; then
212
 
                                wpa_msg stderr "ctrl_interface socket not found at $WPA_CTRL_DIR/$WPA_IFACE"
213
 
                                return 1
214
 
                        else
215
 
                                wpa_msg verbose "waiting for \"$WPA_CTRL_DIR/$WPA_IFACE\": $WPA_SOCKET_WAIT (max. $MAX_WPA_SOCKET_WAIT)"
216
 
                        fi
217
 
                        
218
 
                        WPA_SOCKET_WAIT=$(($WPA_SOCKET_WAIT + 1))
219
 
                        sleep 1
220
 
                done
221
 
                
222
 
                wpa_msg verbose "ctrl_interface socket located at $WPA_CTRL_DIR/$WPA_IFACE"
223
 
        else
224
 
                wpa_msg stderr "init_wpa_supplicant() called without WPA_SUP_CONF"
225
 
                return 1
226
 
        fi
227
 
}
228
 
 
229
 
#####################################################################
230
 
## stop wpa_supplicant process
231
 
# Kill wpa_supplicant via start-stop-daemon, given the location of
232
 
# the pidfile or ctrl_interface socket path and interface name
233
 
#
234
 
kill_wpa_supplicant () {
235
 
        if test_wpa_supplicant; then
236
 
                
237
 
                wpa_msg verbose "terminating $WPA_SUP_PNAME daemon via pidfile $WPA_SUP_PIDFILE"
238
 
 
239
 
                start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
240
 
                        --exec $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE
241
 
        
242
 
                if [ -f "$WPA_SUP_PIDFILE" ]; then
243
 
                        rm -f "$WPA_SUP_PIDFILE"
244
 
                fi
245
 
        elif [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; then
246
 
 
247
 
                wpa_msg action "terminating via ctrl_interface socket $WPA_CTRL_DIR/$WPA_IFACE"
248
 
 
249
 
                wpa_cli terminate >$TO_NULL
250
 
                
251
 
                if [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; then
252
 
                        rm -f "$WPA_CTRL_DIR/$WPA_IFACE"
253
 
                fi
254
 
        fi
255
 
}
256
 
 
257
 
#####################################################################
258
 
## reload wpa_supplicant process
259
 
# Sending a HUP signal causes wpa_supplicant to reparse its
260
 
# configuration file
261
 
#
262
 
reload_wpa_supplicant () {
263
 
        if test_wpa_supplicant; then
264
 
                wpa_msg verbose "reloading wpa_supplicant configuration file via HUP signal"
265
 
                start-stop-daemon --stop --signal HUP \
266
 
                        --name "$WPA_SUP_PNAME" --pidfile "$WPA_SUP_PIDFILE"
267
 
        else
268
 
                wpa_msg verbose "cannot $WPA_ACTION, $WPA_SUP_PIDFILE does not exist"
269
 
        fi
270
 
}
271
 
 
272
 
#####################################################################
273
 
## daemonize wpa_cli and action script
274
 
# If environment variable WPA_ACTION_SCRIPT is present, wpa_cli will
275
 
# be spawned via start-stop-daemon
276
 
#
277
 
# Required options:
278
 
# -a    action script => wpa_action
279
 
# -P    process ID file
280
 
# -B    background process
281
 
#
282
 
init_wpa_cli () {
283
 
        if [ -n "$WPA_ACTION_SCRIPT" ]; then
284
 
                local WPA_CLI_OPTIONS
285
 
                WPA_CLI_OPTIONS="-B -P $WPA_CLI_PIDFILE -i $WPA_IFACE"
286
 
 
287
 
                wpa_msg verbose "$WPA_CLI_BIN $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT"
288
 
                        
289
 
                start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
290
 
                        --name $WPA_CLI_PNAME --startas $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE \
291
 
                        -- $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT
292
 
 
293
 
                if [ "$?" != "0" ]; then
294
 
                        wpa_msg stderr "$WPA_CLI_BIN daemon failed to start"
295
 
                        return 1
296
 
                fi
297
 
        fi
298
 
}
299
 
 
300
 
#####################################################################
301
 
## stop wpa_cli process
302
 
# Kill wpa_cli via start-stop-daemon, given the location of the
303
 
# pidfile
304
 
#
305
 
kill_wpa_cli () {
306
 
        if test_wpa_cli; then
307
 
                
308
 
                wpa_msg verbose "terminating $WPA_CLI_PNAME daemon via pidfile $WPA_CLI_PIDFILE"
309
 
                
310
 
                start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
311
 
                        --exec $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE
312
 
                
313
 
                if [ -f "$WPA_CLI_PIDFILE" ]; then
314
 
                        rm -f "$WPA_CLI_PIDFILE"
315
 
                fi
316
 
        fi
317
 
}
318
 
 
319
 
#####################################################################
320
 
## higher level wpa_cli wrapper for variable and set_network commands
321
 
# wpa_cli_do <value> <type> <variable> [set_network variable] <desc>
322
 
#
323
 
# $1    envorinment variable
324
 
# $2    data type of variable {raw|ascii}
325
 
# $3    wpa_cli variable, if $3 is set_network, shift and take 
326
 
#       set_network subvariable
327
 
# $4    wpa-* string as it would appear in interfaces file, enhances
328
 
#       verbose messages
329
 
#
330
 
wpa_cli_do () {
331
 
        if [ -z "$1" ]; then
332
 
                return 0
333
 
        fi
334
 
        
335
 
        local WPACLISET_VALUE WPACLISET_VARIABLE WPACLISET_DESC
336
 
        
337
 
        case "$2" in
338
 
                ascii)
339
 
                        # Double quote
340
 
                        WPACLISET_VALUE="\"$1\""
341
 
                        ;;
342
 
                raw|*)
343
 
                        # Provide raw value
344
 
                        WPACLISET_VALUE="$1"
345
 
                        ;;
346
 
        esac
347
 
        
348
 
        case "$3" in
349
 
                set_network)
350
 
                        if [ -z "$WPA_ID" ]; then
351
 
                                return 1
352
 
                        fi
353
 
                        shift
354
 
                        WPACLISET_VARIABLE="set_network $WPA_ID $3"
355
 
                        ;;
356
 
                *)
357
 
                        WPACLISET_VARIABLE="$3"
358
 
                        ;;
359
 
        esac
360
 
        
361
 
        case "$4" in
362
 
                *-psk|*-passphrase|*-passwd*|*-wep-key*)
363
 
                        WPACLISET_DESC="$4 *****"
364
 
                        ;;
365
 
                *)
366
 
                        WPACLISET_DESC="$4 $WPACLISET_VALUE"
367
 
                        ;;
368
 
        esac
369
 
 
370
 
        wpa_msg action "$WPACLISET_DESC"
371
 
        
372
 
        wpa_cli $WPACLISET_VARIABLE "$WPACLISET_VALUE" >$TO_NULL
373
 
}
374
 
 
375
 
#####################################################################
376
 
## check value data type in plaintext or hex
377
 
# returns 0 if input consists of hexadecimal digits only, 1 otherwise
378
 
#
379
 
ishex () {
380
 
        if [ -z "$1" ]; then 
381
 
                return 0
382
 
        fi
383
 
        
384
 
        case "$1" in
385
 
                *[!0-9a-fA-F]*)
386
 
                        # plaintext
387
 
                        return 1
388
 
                        ;;
389
 
                *)
390
 
                        # hexadecimal
391
 
                        return 0
392
 
                        ;;
393
 
        esac
394
 
}
395
 
 
396
 
#####################################################################
397
 
## sanity check and set psk|passphrase
398
 
# Warn about strange psk|passphrase values
399
 
#
400
 
# $1    psk or passphrase value
401
 
402
 
# If psk is surrounded by quotes strip them.
403
 
#
404
 
# If psk contains all hexadecimal characters and string length is 64:
405
 
#       is 256bit hexadecimal
406
 
# else:
407
 
#       is plaintext
408
 
#
409
 
# plaintext passphrases must be 8 - 63 characters in length
410
 
# 256-bit hexadecimal key must be 64 characters in length
411
 
#
412
 
wpa_key_check_and_set () {
413
 
        if [ -z "$1" ]; then
414
 
                return 0
415
 
        fi
416
 
 
417
 
        local KEY KEY_TYPE
418
 
        
419
 
        case "$1" in
420
 
                '"'*'"')
421
 
                        # Strip surrounding quotation marks
422
 
                        KEY=$(echo -n "$1" | sed 's/^"//;s/"$//')
423
 
                        ;;
424
 
                *)
425
 
                        KEY="$1"
426
 
                        ;;
427
 
        esac
428
 
 
429
 
        if ishex "$KEY" && [ "${#KEY}" -eq "64" ]; then
430
 
                KEY_TYPE="raw"
431
 
        else
432
 
                KEY_TYPE="ascii"
433
 
                if [ "${#KEY}" -lt "8" ] || [ "${#KEY}" -gt "63" ]; then
434
 
                        wpa_msg stderr \
435
 
                                "plaintext or ascii wpa-psk has ${#KEY} characters, it must have between 8 and 63"
436
 
                        wpa_msg stderr \
437
 
                                "if wpa-psk truly is a 256-bit hexadecimal key, it must have 64 characters"
438
 
                fi
439
 
        fi
440
 
        
441
 
        wpa_cli_do "$KEY" "$KEY_TYPE" \
442
 
                set_network psk wpa-psk
443
 
}
444
 
 
445
 
#####################################################################
446
 
## formulate a usable configuration from interfaces(5) wpa- lines
447
 
# A series of wpa_cli commands corresponding to environment variables
448
 
# created as a result of wpa- lines in an interfaces stanza.
449
 
#
450
 
# NB: no-act when roaming daemon is used (to avoid prematurely
451
 
# attaching to ctrl_interface socket)
452
 
#
453
 
conf_wpa_supplicant () {
454
 
        if [ -n "$WPA_ACTION_SCRIPT" ]; then
455
 
                return 0
456
 
        fi
457
 
 
458
 
        if [ "$IF_WPA_DRIVER" = "wired" ]; then
459
 
                IF_WPA_AP_SCAN="0"
460
 
                wpa_msg verbose "forcing ap_scan=0 (required for wired IEEE8021X auth)"
461
 
        fi
462
 
 
463
 
        if [ -n "$IF_WPA_ESSID" ]; then
464
 
                # #403316, be similar to wireless tools
465
 
                IF_WPA_SSID="$IF_WPA_ESSID"
466
 
        fi
467
 
        
468
 
        wpa_cli_do "$IF_WPA_AP_SCAN" raw \
469
 
                ap_scan wpa-ap-scan
470
 
        
471
 
        wpa_cli_do "$IF_WPA_PREAUTHENTICATE" raw \
472
 
                preauthenticate wpa-preauthenticate
473
 
                
474
 
        if [ -n "$IF_WPA_SSID" ] || [ "$IF_WPA_DRIVER" = "wired" ]; then
475
 
                
476
 
                case "$IF_WPA_SSID" in
477
 
                        '"'*'"')
478
 
                                IF_WPA_SSID=$(echo -n "$IF_WPA_SSID" | sed 's/^"//;s/"$//')
479
 
                                ;;
480
 
                        *)
481
 
                                ;;
482
 
                esac
483
 
                
484
 
                WPA_ID=$(wpa_cli add_network)
485
 
 
486
 
                wpa_msg verbose "configuring network block -- $WPA_ID"
487
 
                
488
 
                wpa_cli_do "$IF_WPA_SSID" ascii \
489
 
                        set_network ssid wpa-ssid
490
 
                
491
 
                wpa_cli_do "$IF_WPA_PRIORITY" raw \
492
 
                        set_network priority wpa-priority
493
 
                
494
 
                wpa_cli_do "$IF_WPA_BSSID" raw \
495
 
                        set_network bssid wpa-bssid
496
 
                
497
 
                if [ -s "$IF_WPA_PSK_FILE" ]; then
498
 
                        IF_WPA_PSK=$(cat "$IF_WPA_PSK_FILE")
499
 
                fi
500
 
                
501
 
                # remain compat with wpa-passphrase-file
502
 
                if [ -s "$IF_WPA_PASSPHRASE_FILE" ]; then
503
 
                        IF_WPA_PSK=$(cat "$IF_WPA_PASSPHRASE_FILE")
504
 
                fi
505
 
                
506
 
                # remain compat with wpa-passphrase
507
 
                if [ -n "$IF_WPA_PASSPHRASE" ]; then
508
 
                        IF_WPA_PSK="$IF_WPA_PASSPHRASE"
509
 
                fi
510
 
        
511
 
                if [ -n "$IF_WPA_PSK" ]; then
512
 
                        wpa_key_check_and_set "$IF_WPA_PSK"
513
 
                fi
514
 
                
515
 
                wpa_cli_do "$IF_WPA_PAIRWISE" raw \
516
 
                        set_network pairwise wpa-pairwise
517
 
                
518
 
                wpa_cli_do "$IF_WPA_GROUP" raw \
519
 
                        set_network group wpa-group
520
 
 
521
 
                wpa_cli_do "$IF_WPA_MODE" raw \
522
 
                        set_network mode wpa-mode
523
 
 
524
 
                wpa_cli_do "$IF_WPA_FREQUENCY" raw \
525
 
                        set_network frequency wpa-frequency
526
 
                
527
 
                wpa_cli_do "$IF_WPA_KEY_MGMT" raw \
528
 
                        set_network key_mgmt wpa-key-mgmt
529
 
                
530
 
                wpa_cli_do "$IF_WPA_PROTO" raw \
531
 
                        set_network proto wpa-proto
532
 
                
533
 
                wpa_cli_do "$IF_WPA_AUTH_ALG" raw \
534
 
                        set_network auth_alg wpa-auth-alg
535
 
                
536
 
                wpa_cli_do "$IF_WPA_SCAN_SSID" raw \
537
 
                        set_network scan_ssid wpa-scan-ssid
538
 
                
539
 
                wpa_cli_do "$IF_WPA_IDENTITY" ascii \
540
 
                        set_network identity wpa-identity
541
 
                
542
 
                wpa_cli_do "$IF_WPA_ANONYMOUS_IDENTITY" ascii \
543
 
                        set_network anonymous_identity wpa-anonymous-identity
544
 
                
545
 
                wpa_cli_do "$IF_WPA_EAP" raw \
546
 
                        set_network eap wpa-eap
547
 
                
548
 
                wpa_cli_do "$IF_WPA_EAPPSK" raw \
549
 
                        set_network eappsk wpa-eappsk
550
 
 
551
 
                wpa_cli_do "$IF_WPA_NAI" ascii \
552
 
                        set_network nai wpa-nai
553
 
 
554
 
                wpa_cli_do "$IF_WPA_PASSWORD" ascii \
555
 
                        set_network password wpa-password
556
 
 
557
 
                wpa_cli_do "$IF_WPA_CA_CERT" ascii \
558
 
                        set_network ca_cert wpa-ca-cert
559
 
 
560
 
                wpa_cli_do "$IF_WPA_CA_PATH" ascii \
561
 
                        set_network ca_path wpa-ca-path
562
 
 
563
 
                wpa_cli_do "$IF_WPA_CLIENT_CERT" ascii \
564
 
                        set_network client_cert wpa-client-cert
565
 
 
566
 
                wpa_cli_do "$IF_WPA_PRIVATE_KEY" ascii \
567
 
                        set_network private_key wpa-private-key
568
 
 
569
 
                wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD" ascii \
570
 
                        set_network private_key_passwd wpa-private-key-passwd
571
 
                
572
 
                wpa_cli_do "$IF_WPA_DH_FILE" ascii \
573
 
                        set_network dh_file wpa-dh-file
574
 
 
575
 
                wpa_cli_do "$IF_WPA_SUBJECT_MATCH" ascii \
576
 
                        set_network subject_match wpa-subject-match
577
 
 
578
 
                wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH" ascii \
579
 
                        set_network altsubject_match wpa-altsubject-match
580
 
 
581
 
                wpa_cli_do "$IF_WPA_CA_CERT2" ascii \
582
 
                        set_network ca_cert2 wpa-ca-cert2
583
 
 
584
 
                wpa_cli_do "$IF_WPA_CA_PATH2" ascii \
585
 
                        set_network ca_path2 wpa-ca-path2
586
 
 
587
 
                wpa_cli_do "$IF_WPA_CLIENT_CERT2" ascii \
588
 
                        set_network client_cert2 wpa-client-cert2
589
 
 
590
 
                wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \
591
 
                        set_network private_key2 wpa-private-key2
592
 
 
593
 
                wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \
594
 
                        set_network private_key_passwd2 wpa-private-key-passwd2
595
 
                
596
 
                wpa_cli_do "$IF_WPA_DH_FILE2" ascii \
597
 
                        set_network dh_file2 wpa-dh-file2
598
 
 
599
 
                wpa_cli_do "$IF_WPA_SUBJECT_MATCH2" ascii \
600
 
                        set_network subject_match2 wpa-subject-match2
601
 
 
602
 
                wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH2" ascii \
603
 
                        set_network altsubject_match2 wpa-altsubject-match2
604
 
                
605
 
                wpa_cli_do "$IF_WPA_EAP_METHODS" raw \
606
 
                        set_network eap_methods wpa-eap-methods
607
 
 
608
 
                wpa_cli_do "$IF_WPA_PHASE1" ascii \
609
 
                        set_network phase1 wpa-phase1
610
 
 
611
 
                wpa_cli_do "$IF_WPA_PHASE2" ascii \
612
 
                        set_network phase2 wpa-phase2
613
 
 
614
 
                wpa_cli_do "$IF_WPA_PCSC" raw \
615
 
                        set_network pcsc wpa-pcsc
616
 
 
617
 
                wpa_cli_do "$IF_WPA_PIN" ascii \
618
 
                        set_network pin wpa-pin
619
 
 
620
 
                wpa_cli_do "$IF_WPA_ENGINE" raw \
621
 
                        set_network engine wpa-engine
622
 
 
623
 
                wpa_cli_do "$IF_WPA_ENGINE_ID" ascii \
624
 
                        set_network engine_id wpa-engine-id
625
 
 
626
 
                wpa_cli_do "$IF_WPA_KEY_ID" ascii \
627
 
                        set_network key_id wpa-key-id
628
 
 
629
 
                wpa_cli_do "$IF_WPA_EAPOL_FLAGS" raw \
630
 
                        set_network eapol_flags wpa-eapol-flags
631
 
                
632
 
                wpa_cli_do "$IF_WPA_WEP_KEY0" raw \
633
 
                        set_network wep_key0 wpa-wep-key0
634
 
                
635
 
                wpa_cli_do "$IF_WPA_WEP_KEY1" raw \
636
 
                        set_network wep_key1 wpa-wep-key1
637
 
                
638
 
                wpa_cli_do "$IF_WPA_WEP_KEY2" raw \
639
 
                        set_network wep_key2 wpa-wep-key2
640
 
                
641
 
                wpa_cli_do "$IF_WPA_WEP_KEY3" raw \
642
 
                        set_network wep_key3 wpa-wep-key3
643
 
                
644
 
                wpa_cli_do "$IF_WPA_WEP_TX_KEYIDX" raw \
645
 
                        set_network wep_tx_keyidx wpa-wep-tx-keyidx
646
 
                
647
 
                wpa_cli_do "$IF_WPA_PROACTIVE_KEY_CACHING" raw \
648
 
                        set_network proactive_key_caching wpa-proactive-key-caching
649
 
                        
650
 
                wpa_cli_do "$IF_WPA_PAC_FILE" ascii \
651
 
                        set_network pac_file wpa-pac-file
652
 
                
653
 
                wpa_cli_do "$IF_WPA_MODE" raw \
654
 
                        set_network mode wpa-mode
655
 
                
656
 
                wpa_cli_do "$IF_WPA_PEERKEY" raw \
657
 
                        set_network peerkey wpa-peerkey
658
 
                        
659
 
                wpa_cli_do "$IF_FRAGMENT_SIZE" raw \
660
 
                        set_network fragment_size wpa-fragment-size
661
 
 
662
 
                wpa_cli_do "$IF_WPA_ID_STR" ascii \
663
 
                        set_network id_str wpa-id-str
664
 
                
665
 
                wpa_cli_do "$WPA_ID" raw \
666
 
                        enable_network "enabling network block"
667
 
        fi
668
 
}
669
 
 
670
 
#####################################################################
671
 
## wpa_action basic logging
672
 
# Log actions to file, test to see if it is writeable first
673
 
#
674
 
wpa_log_init () {
675
 
        if touch "$WPA_CLI_LOGFILE" 2>/dev/null; then
676
 
                exec >> "$WPA_CLI_LOGFILE" 2>&1
677
 
        fi
678
 
}
679
 
 
680
 
# log timestamp and wpa_action arguments
681
 
wpa_log_action () {
682
 
        echo "########## $(date +"%H:%M:%S  %Y-%m-%d") ##########"
683
 
        echo "IFACE=$WPA_IFACE ACTION=$WPA_ACTION"
684
 
}
685
 
 
686
 
# log wpa_cli environment variables
687
 
wpa_log_environment () {
688
 
        echo "WPA_ID=$WPA_ID WPA_ID_STR=$WPA_ID_STR"
689
 
        echo "WPA_CTRL_DIR=$WPA_CTRL_DIR"
690
 
}
691
 
 
692
 
#####################################################################
693
 
## hysteresis checking
694
 
# Networking tools such as dhcp clients used with ifupdown can
695
 
# synthesize artificial ACTION events, particuarly just after a 
696
 
# DISCONNECTED/CONNECTED events are experienced in quick succession.
697
 
# This can lead to infinite event loops, and in extreme cases has the
698
 
# potential to cause system instability.
699
 
#
700
 
wpa_hysteresis_event () {
701
 
        echo "$(date +%s)" > "$WPA_CLI_TIMESTAMP"
702
 
}
703
 
 
704
 
wpa_hysteresis_check () {
705
 
        if [ -f "$WPA_CLI_TIMESTAMP" ]; then
706
 
                local TIME TIMESTAMP TIMEWAIT
707
 
                TIME=$(date +%s)
708
 
                # current time minus 4 second event buffer
709
 
                TIMEWAIT=$(($TIME-4))
710
 
                # get time of last event
711
 
                TIMESTAMP=$(cat $WPA_CLI_TIMESTAMP)
712
 
                # compare values, allowing new action to be processed 
713
 
                # only if last action was more than 4 seconds ago
714
 
                if [ "$TIMEWAIT" -le "$TIMESTAMP" ]; then
715
 
                        echo "Ignoring $WPA_ACTION event, too soon after previous event"
716
 
                        return 1
717
 
                fi
718
 
        fi
719
 
 
720
 
        return 0
721
 
}
722
 
 
723
 
#####################################################################
724
 
## identify ifupdown files
725
 
# Identify ifupdown core files, so that state of the interface can be
726
 
# checked. This is the weakest part of the wpa_action roaming scheme,
727
 
# it would be _much_ better if stateless ifupdown capabilities were
728
 
# a reality.
729
 
#
730
 
ifupdown_check () {
731
 
        if [ -e /etc/network/interfaces ]; then
732
 
                INTERFACES_FILE="/etc/network/interfaces"
733
 
        else
734
 
                echo "Cannot locate ifupdown's \"interfaces\" file, $WPA_IFACE will not be configured"
735
 
                return 1
736
 
        fi
737
 
 
738
 
        if [ -e /etc/network/run/ifstate ]; then
739
 
                # debian's ifupdown
740
 
                IFSTATE_FILE="/etc/network/run/ifstate"
741
 
        elif [ -e /var/run/network/ifstate ]; then
742
 
                # ubuntu's
743
 
                IFSTATE_FILE="/var/run/network/ifstate"
744
 
        else
745
 
                echo "Cannot locate ifupdown's \"ifstate\" file, $WPA_IFACE will not be configured"
746
 
                return 1
747
 
        fi
748
 
 
749
 
        return 0
750
 
}
751
 
 
752
 
#####################################################################
753
 
## apply mapping logic and ifup logical interface
754
 
# Apply mapping logic via id_str or external mapping script, check
755
 
# state of IFACE with respect to ifupdown and ifup logical interaface
756
 
#
757
 
ifup () {
758
 
        local WPA_LOGICAL_IFACE
759
 
        
760
 
        if [ -z "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -n "$WPA_ID_STR" ]; then
761
 
                WPA_LOGICAL_IFACE="$WPA_ID_STR"
762
 
                echo "Mapping logical interface via id_str: $WPA_LOGICAL_IFACE"
763
 
        fi
764
 
        
765
 
        if [ -z "$WPA_LOGICAL_IFACE" ] && [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
766
 
                echo "Mapping logical interface via wpa-mapping-script: $IF_WPA_MAPPING_SCRIPT"
767
 
                
768
 
                local WPA_MAP_STDIN
769
 
                
770
 
                WPA_MAP_STDIN=$(set | sed --quiet 's/^\(IF_WPA_MAP[0-9]*\)=.*/echo \$\1/p')
771
 
                
772
 
                if [ -n "$WPA_MAP_STDIN" ]; then
773
 
                        WPA_LOGICAL_IFACE=$(eval "$WPA_MAP_STDIN" | "$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
774
 
                else            
775
 
                        WPA_LOGICAL_IFACE=$("$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
776
 
                fi
777
 
                
778
 
                if [ -n "$WPA_LOGICAL_IFACE" ]; then
779
 
                        echo "Mapping script result: $WPA_LOGICAL_IFACE"
780
 
                else
781
 
                        echo "Mapping script failed."
782
 
                fi
783
 
        fi
784
 
 
785
 
        if [ -z "$WPA_LOGICAL_IFACE" ]; then
786
 
                if [ -n "$IF_WPA_ROAM_DEFAULT_IFACE" ]; then
787
 
                        WPA_LOGICAL_IFACE="$IF_WPA_ROAM_DEFAULT_IFACE"
788
 
                        echo "Using wpa-roam-default-iface: $WPA_LOGICAL_IFACE"
789
 
                else
790
 
                        WPA_LOGICAL_IFACE="default"
791
 
                        echo "Using fallback logical interface: $WPA_LOGICAL_IFACE"
792
 
                fi
793
 
        fi
794
 
 
795
 
        if [ -n "$WPA_LOGICAL_IFACE" ]; then
796
 
                if egrep --quiet "^iface[[:space:]]+$WPA_LOGICAL_IFACE[[:space:]]+inet" "$INTERFACES_FILE"; then
797
 
                        
798
 
                        echo "ifup $WPA_IFACE=$WPA_LOGICAL_IFACE"
799
 
                        
800
 
                        if grep --quiet "^$WPA_IFACE=$WPA_IFACE" "$IFSTATE_FILE"; then
801
 
                                # Force settings over the unconfigured "master" IFACE
802
 
                                /sbin/ifup --force "$WPA_IFACE=$WPA_LOGICAL_IFACE"
803
 
                        else
804
 
                                /sbin/ifup "$WPA_IFACE=$WPA_LOGICAL_IFACE"
805
 
                        fi
806
 
                else
807
 
                        echo "No network defined for \"$WPA_LOGICAL_IFACE\" in \"$INTERFACES_FILE\""
808
 
                fi
809
 
        else
810
 
                echo "No suitable logical interface mapping for ifupdown to configure"
811
 
        fi
812
 
}
813
 
 
814
 
#####################################################################
815
 
## ifdown IFACE
816
 
# Check IFACE state and ifdown as requested.
817
 
#
818
 
ifdown () {
819
 
        if grep --quiet "^$WPA_IFACE" "$IFSTATE_FILE"; then
820
 
                echo "ifdown $WPA_IFACE"
821
 
                /sbin/ifdown "$WPA_IFACE"
822
 
        else
823
 
                echo "Ignoring request to take \"$WPA_IFACE\" down, it is not up"
824
 
        fi
825
 
}
826
 
 
827
 
#####################################################################
828
 
## keep IFACE scanning
829
 
# After ifdown, the IFACE may be left "down", and inhibits 
830
 
# wpa_supplicant's ability to continue roaming.
831
 
#
832
 
# NB: use iproute if present, flushing the IFACE first
833
 
#
834
 
if_post_down_up () {
835
 
        if [ -x /sbin/ip ]; then
836
 
                /sbin/ip addr flush dev "$WPA_IFACE" 2>/dev/null
837
 
                /sbin/ip link set "$WPA_IFACE" up
838
 
        else
839
 
                /sbin/ifconfig "$WPA_IFACE" up
840
 
        fi
841
 
}