blob: 7681fb9d661401ce2da45a3edb5dfa7d9efdbfdc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/bin/sh
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. /lib/functions/network.sh
. ../netifd-proto.sh
init_proto "$@"
}
cfg_format() {
echo "$1" | sed -r 's/^[[:blank:]]+//;/^[[:space:]]*$/d'
}
ieee8021xclient_exitcode_tostring() {
local errorcode=$1
[ -n "$errorcode" ] || errorcode=5
case "$errorcode" in
0) echo "OK" ;;
1) echo "FATAL_ERROR" ;;
5) echo "USER_REQUEST" ;;
*) echo "UNKNOWN_ERROR" ;;
esac
}
_wpa_supplicant_common() {
local ifname="$1"
_config="/var/run/wpa_supplicant-$ifname.conf"
_pid="/var/run/wpa_supplicant-$ifname.pid"
}
proto_ieee8021xclient_setup() {
local cfg="$1"
local ifname="$2"
local eapol_version
local identity anonymous_identity password
local ca_cert client_cert private_key private_key_passwd dh_file subject_match
local phase1 phase2 ca_cert2 client_cert2 private_key2 private_key_passwd2 dh_file2 subject_match2
local eap_workaround
json_get_vars eapol_version
json_get_vars identity anonymous_identity password
json_get_vars ca_cert client_cert private_key private_key_passwd dh_file subject_match
json_get_vars phase1 phase2 ca_cert2 client_cert2 private_key2 private_key_passwd2 dh_file2 subject_match2
json_get_vars eap_workaround
# launch
local _config _pid
_wpa_supplicant_common "$ifname"
cat > "${_config}" << EOF
${eapol_version:+eapol_version=${eapol_version}}
network={
${identity:+identity=${identity}}
${anonymous_identity:+anonymous_identity=${anonymous_identity}}
${password:+password=${password}}
${ca_cert:+ca_cert=${ca_cert}}
${client_cert:+client_cert=${client_cert}}
${private_key:+private_key=${private_key}}
${private_key_passwd:+private_key_passwd=${private_key_passwd}}
${dh_file:+dh_file=${dh_file}}
${subject_match:+subject_match=${subject_match}}
${phase1:+phase1=${phase1}}
${phase2:+phase2=${phase2}}
${ca_cert2:+ca_cert2=${ca_cert2}}
${client_cert2:+client_cert2=${client_cert2}}
${private_key2:+private_key2=${private_key2}}
${private_key_passwd2:+private_key_passwd2=${private_key_passwd2}}
${dh_file2:+dh_file2=${dh_file2}}
${subject_match2:+subject_match2=${subject_match2}}
${eap_workaround:+eap_workaround=1}
}
EOF
ubus wait_for wpa_supplicant
ubus call wpa_supplicant config_add "{ \"driver\":\"wired\", \"iface\": \"$ifname\", \"config\": \"$_config\" }"
}
proto_ieee8021xclient_teardown() {
local ifname="$1"
local errorstring=$(ieee8021xclient_exitcode_tostring $ERROR)
case "$ERROR" in
0)
;;
2)
proto_notify_error "$ifname" "$errorstring"
proto_block_restart "$ifname"
;;
*)
proto_notify_error "$ifname" "$errorstring"
;;
esac
ubus call wpa_supplicant config_remove "{\"iface\":\"$ifname\"}"
}
proto_ieee8021xclient_init_config() {
proto_config_add_int eapol_version
proto_config_add_string identity
proto_config_add_string anonymous_identity
proto_config_add_string password
proto_config_add_string 'ca_cert:file'
proto_config_add_string 'client_cert:file'
proto_config_add_string 'private_key:file'
proto_config_add_string private_key_passwd
proto_config_add_string 'dh_file:file'
proto_config_add_string subject_match
proto_config_add_string phase1
proto_config_add_string phase2
proto_config_add_string 'ca_cert2:file'
proto_config_add_string 'client_cert2:file'
proto_config_add_string 'private_key2:file'
proto_config_add_string private_key_passwd2
proto_config_add_string 'dh_file2:file'
proto_config_add_string subject_match2
proto_config_add_boolean eap_workaround
}
[ -n "$INCLUDE_ONLY" ] || add_protocol ieee8021xclient
|