From 321503dbf3d8ac0da8c1693a94a334f8072c72ac Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 7 Aug 2020 20:50:55 +0200 Subject: hostapd: make "key" option optional if "wpa_psk_file" is provided If an existing "wpa_psk_file" is passed to hostapd, the "key" option may be omitted. While we're at it, also improve the passphrase length checking to ensure that it is either exactly 64 bytes or 8 to 63 bytes. Fixes: FS#2689 Ref: https://github.com/openwrt/openwrt/pull/3283 Suggested-by: Michael Jones Signed-off-by: Jo-Philipp Wich --- package/network/services/hostapd/files/hostapd.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'package/network') diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh index 268a41a82b..5cab11022f 100644 --- a/package/network/services/hostapd/files/hostapd.sh +++ b/package/network/services/hostapd/files/hostapd.sh @@ -402,13 +402,13 @@ hostapd_set_bss_options() { ;; psk|sae|psk-sae) json_get_vars key wpa_psk_file - if [ ${#key} -lt 8 ]; then - wireless_setup_vif_failed INVALID_WPA_PSK - return 1 - elif [ ${#key} -eq 64 ]; then + if [ ${#key} -eq 64 ]; then append bss_conf "wpa_psk=$key" "$N" - else + elif [ ${#key} -ge 8 ] && [ ${#key} -le 63 ]; then append bss_conf "wpa_passphrase=$key" "$N" + elif [ -n "$key" ] || [ -z "$wpa_psk_file" ]; then + wireless_setup_vif_failed INVALID_WPA_PSK + return 1 fi [ -z "$wpa_psk_file" ] && set_default wpa_psk_file /var/run/hostapd-$ifname.psk [ -n "$wpa_psk_file" ] && { -- cgit v1.2.3