diff options
| author | Felix Fietkau <nbd@openwrt.org> | 2010-12-19 11:48:31 +0000 |
|---|---|---|
| committer | Felix Fietkau <nbd@openwrt.org> | 2010-12-19 11:48:31 +0000 |
| commit | d08bc913a831bee508436a0280f0b0693a67b2d5 (patch) | |
| tree | e42550c856a10b1a9d8789fe641aa80a50087587 /package/hostapd | |
| parent | ba45b5a90730d8b3bc90e27bf16e8911fd4577d3 (diff) | |
| download | upstream-d08bc913a831bee508436a0280f0b0693a67b2d5.tar.gz upstream-d08bc913a831bee508436a0280f0b0693a67b2d5.tar.bz2 upstream-d08bc913a831bee508436a0280f0b0693a67b2d5.zip | |
hostapd: Allow rsn_preauth configuration
Hostapd can allow preauthentication for WPA2-EAP networks when
the interfaces through which preauthentication is allowed are
configured.
Add a new param "rsn_preauth=0/1" to the configuration that enables
or disables preauthentication on the according bridge interface.
Preauthentication for unbridged networks is not considered in this
patch.
Cc: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 24721
Diffstat (limited to 'package/hostapd')
| -rw-r--r-- | package/hostapd/files/hostapd.sh | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/package/hostapd/files/hostapd.sh b/package/hostapd/files/hostapd.sh index db08e7bce2..39f98f2c43 100644 --- a/package/hostapd/files/hostapd.sh +++ b/package/hostapd/files/hostapd.sh @@ -139,20 +139,32 @@ hostapd_set_bss_options() { [ -n "$ieee80211d" ] && append "$var" "ieee80211d=$ieee80211d" "$N" [ -n "$iapp_interface" ] && append "$var" $(uci_get_state network "$iapp_interface" ifname "$iapp_interface") "$N" - [ "$wpa" -ge "2" ] && config_get ieee80211w "$vif" ieee80211w - case "$ieee80211w" in - [012]) - append "$var" "ieee80211w=$ieee80211w" "$N" - [ "$ieee80211w" -gt "0" ] && { - config_get ieee80211w_max_timeout "$vif" ieee80211w_max_timeout - config_get ieee80211w_retry_timeout "$vif" ieee80211w_retry_timeout - [ -n "$ieee80211w_max_timeout" ] && \ - append "$var" "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N" - [ -n "$ieee80211w_retry_timeout" ] && \ - append "$var" "assoc_sa_query_retry_timeout=$ieee80211w_retry_timeout" "$N" - } - ;; - esac + if [ "$wpa" -ge "2" ] + then + # RSN -> allow preauthentication + config_get rsn_preauth "$vif" rsn_preauth + if [ -n "$bridge" -a "$rsn_preauth" = 1 ] + then + append "$var" "rsn_preauth=1" "$N" + append "$var" "rsn_preauth_interfaces=$bridge" "$N" + fi + + # RSN -> allow management frame protection + config_get ieee80211w "$vif" ieee80211w + case "$ieee80211w" in + [012]) + append "$var" "ieee80211w=$ieee80211w" "$N" + [ "$ieee80211w" -gt "0" ] && { + config_get ieee80211w_max_timeout "$vif" ieee80211w_max_timeout + config_get ieee80211w_retry_timeout "$vif" ieee80211w_retry_timeout + [ -n "$ieee80211w_max_timeout" ] && \ + append "$var" "assoc_sa_query_max_timeout=$ieee80211w_max_timeout" "$N" + [ -n "$ieee80211w_retry_timeout" ] && \ + append "$var" "assoc_sa_query_retry_timeout=$ieee80211w_retry_timeout" "$N" + } + ;; + esac + fi } hostapd_setup_vif() { |