summaryrefslogtreecommitdiffstats
path: root/package/hostapd
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2010-12-19 11:48:31 +0000
committerFelix Fietkau <nbd@openwrt.org>2010-12-19 11:48:31 +0000
commitd08bc913a831bee508436a0280f0b0693a67b2d5 (patch)
treee42550c856a10b1a9d8789fe641aa80a50087587 /package/hostapd
parentba45b5a90730d8b3bc90e27bf16e8911fd4577d3 (diff)
downloadmaster-31e0f0ae-d08bc913a831bee508436a0280f0b0693a67b2d5.tar.gz
master-31e0f0ae-d08bc913a831bee508436a0280f0b0693a67b2d5.tar.bz2
master-31e0f0ae-d08bc913a831bee508436a0280f0b0693a67b2d5.zip
hostapd: Allow rsn_preauth configuration
Hostapd can allow preauthentication for WPA2-EAP networks when the interfaces through which preauthentication is allowed are configured. Add a new param "rsn_preauth=0/1" to the configuration that enables or disables preauthentication on the according bridge interface. Preauthentication for unbridged networks is not considered in this patch. Cc: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> SVN-Revision: 24721
Diffstat (limited to 'package/hostapd')
-rw-r--r--package/hostapd/files/hostapd.sh40
1 files changed, 26 insertions, 14 deletions
diff --git a/package/hostapd/files/hostapd.sh b/package/hostapd/files/hostapd.sh
index db08e7bce2..39f98f2c43 100644
--- a/package/hostapd/files/hostapd.sh
+++ b/package/hostapd/files/hostapd.sh
@@ -139,20 +139,32 @@ hostapd_set_bss_options() {
[ -n "$ieee80211d" ] && append "$var" "ieee80211d=$ieee80211d" "$N"
[ -n "$iapp_interface" ] && append "$var" $(uci_get_state network "$iapp_interface" ifname "$iapp_interface") "$N"
- [ "$wpa" -ge "2" ] && config_get ieee80211w "$vif" ieee80211w
- case "$ieee80211w" in
- [012])
- append "$var" "ieee80211w=$ieee80211w" "$N"
- [ "$ieee80211w" -gt "0" ] && {
- config_get ieee80211w_max_timeout "$vif" ieee80211w_max_timeout
- config_get ieee80211w_retry_timeout "$vif" ieee80211w_retry_timeout
- [ -n "$ieee80211w_max_timeout" ] && \
- append "$var" "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N"
- [ -n "$ieee80211w_retry_timeout" ] && \
- append "$var" "assoc_sa_query_retry_timeout=$ieee80211w_retry_timeout" "$N"
- }
- ;;
- esac
+ if [ "$wpa" -ge "2" ]
+ then
+ # RSN -> allow preauthentication
+ config_get rsn_preauth "$vif" rsn_preauth
+ if [ -n "$bridge" -a "$rsn_preauth" = 1 ]
+ then
+ append "$var" "rsn_preauth=1" "$N"
+ append "$var" "rsn_preauth_interfaces=$bridge" "$N"
+ fi
+
+ # RSN -> allow management frame protection
+ config_get ieee80211w "$vif" ieee80211w
+ case "$ieee80211w" in
+ [012])
+ append "$var" "ieee80211w=$ieee80211w" "$N"
+ [ "$ieee80211w" -gt "0" ] && {
+ config_get ieee80211w_max_timeout "$vif" ieee80211w_max_timeout
+ config_get ieee80211w_retry_timeout "$vif" ieee80211w_retry_timeout
+ [ -n "$ieee80211w_max_timeout" ] && \
+ append "$var" "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N"
+ [ -n "$ieee80211w_retry_timeout" ] && \
+ append "$var" "assoc_sa_query_retry_timeout=$ieee80211w_retry_timeout" "$N"
+ }
+ ;;
+ esac
+ fi
}
hostapd_setup_vif() {