diff --git a/package/mac80211/files/lib/wifi/mac80211.sh b/package/mac80211/files/lib/wifi/mac80211.sh
index a2e6c685c06fcb6113f56cfedf71825e89f0f157..bdf664c222980ffd88a832cb71efdc73330588eb 100644
--- a/package/mac80211/files/lib/wifi/mac80211.sh
+++ b/package/mac80211/files/lib/wifi/mac80211.sh
@@ -55,6 +55,7 @@ enable_mac80211() {
for vif in $vifs; do
config_get ifname "$vif" ifname
config_get enc "$vif" encryption
+ config_get eap_type "$vif" eap_type
config_get mode "$vif" mode
config_get ifname "$vif" ifname
@@ -145,30 +146,14 @@ enable_mac80211() {
fi
;;
sta)
- case "$enc" in
- PSK|psk|PSK2|psk2)
- case "$enc" in
- PSK|psk)
- proto='proto=WPA';;
- PSK2|psk2)
- proto='proto=RSN';;
- esac
- cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
-ctrl_interface=/var/run/wpa_supplicant
-network={
- scan_ssid=1
- ssid="$ssid"
- key_mgmt=WPA-PSK
- $proto
- psk="$key"
-}
-EOF
- ;;
- WPA|wpa|WPA2|wpa2)
- #add wpa_supplicant calls here
- ;;
- esac
- [ -z "$proto" ] || wpa_supplicant ${bridge:+ -b $bridge} -B -D wext -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
+ if eval "type wpa_supplicant_setup_vif" 2>/dev/null >/dev/null; then
+ wpa_supplicant_setup_vif "$vif" wext || {
+ echo "enable_mac80211($device): Failed to set up wpa_supplicant for interface $ifname" >&2
+ # make sure this wifi interface won't accidentally stay open without encryption
+ ifconfig "$ifname" down
+ continue
+ }
+ fi
;;
esac
first=0
diff --git a/package/madwifi/files/lib/wifi/madwifi.sh b/package/madwifi/files/lib/wifi/madwifi.sh
index 284c6609c6a7b3f2ac83f5bde476f39c01208722..bec72383b38153e28c9bd3894fba3ae78bac40e0 100755
--- a/package/madwifi/files/lib/wifi/madwifi.sh
+++ b/package/madwifi/files/lib/wifi/madwifi.sh
@@ -262,7 +262,7 @@ enable_atheros() {
if eval "type hostapd_setup_vif" 2>/dev/null >/dev/null; then
hostapd_setup_vif "$vif" madwifi || {
- echo "enable_atheros($device): Failed to set up wpa for interface $ifname" >&2
+ echo "enable_atheros($device): Failed to set up hostapd for interface $ifname" >&2
# make sure this wifi interface won't accidentally stay open without encryption
ifconfig "$ifname" down
wlanconfig "$ifname" destroy
@@ -271,80 +271,14 @@ enable_atheros() {
fi
;;
wds|sta)
- config_get_bool usepassphrase "$vif" passphrase 1
- case "$enc" in
- PSK|psk|PSK2|psk2)
- case "$enc" in
- PSK|psk)
- proto='proto=WPA'
- if [ "$usepassphrase" = "1" ]; then
- passphrase="psk=\"${key}\""
- else
- passphrase="psk=${key}"
- fi
- ;;
- PSK2|psk2)
- proto='proto=RSN'
- if [ "$usepassphrase" = "1" ]; then
- passphrase="psk=\"${key}\""
- else
- passphrase="psk=${key}"
- fi
- ;;
- esac
- cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
-network={
- scan_ssid=1
- ssid="$ssid"
- key_mgmt=WPA-PSK
- $proto
- $passphrase
-}
-EOF
- ;;
- WPA|wpa|WPA2|wpa2i|8021x|8021X)
- config_get ca_cert "$vif" ca_cert
- eap_type=$(echo $eap_type | tr 'a-z' 'A-Z')
- case "$eap_type" in
- tls|TLS)
- proto='proto=WPA2'
- pairwise='pairwise=CCMP'
- group='group=CCMP'
- config_get priv_key "$vif" priv_key
- config_get priv_key_pwd "$vif" priv_key_pwd
- priv_key="private_key=\"$priv_key\""
- priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
- ;;
- peap|PEAP|ttls|TTLS)
- proto='proto=WPA2'
- config_get auth "$vif" auth
- config_get identity "$vif" identity
- config_get password "$vif" password
- phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
- identity="identity=\"$identity\""
- password="password=\"$password\""
- ;;
- esac
- cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
-network={
- scan_ssid=1
- ssid="$ssid"
- key_mgmt=WPA-EAP
- $proto
- $pairwise
- $group
- eap=$eap_type
- ca_cert="$ca_cert"
- $priv_key
- $priv_key_pwd
- $phase2
- $identity
- $password
-}
-EOF
- ;;
- esac
- [ -z "$proto" ] || wpa_supplicant ${bridge:+ -b $bridge} -B -D madwifi -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
+ if eval "type wpa_supplicant_setup_vif" 2>/dev/null >/dev/null; then
+ wpa_supplicant_setup_vif "$vif" madwifi || {
+ echo "enable_atheros($device): Failed to set up wpa_supplicant for interface $ifname" >&2
+ ifconfig "$ifname" down
+ wlanconfig "$ifname" destroy
+ continue
+ }
+ fi
;;
esac
first=0
diff --git a/package/wpa_supplicant/Makefile b/package/wpa_supplicant/Makefile
index 41b9b12396e5d7d6b9387de75c2bf35ea96151d1..ed6e45588e6bf66521974e1f6190c98ccfd3503b 100644
--- a/package/wpa_supplicant/Makefile
+++ b/package/wpa_supplicant/Makefile
@@ -75,6 +75,8 @@ define Package/wpa-supplicant/install
$(PKG_BUILD_DIR)/wpa_supplicant/wpa_supplicant \
$(PKG_BUILD_DIR)/wpa_supplicant/wpa_passphrase \
$(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/lib/wifi
+ $(INSTALL_DATA) ./files/wpa_supplicant.sh $(1)/lib/wifi/wpa_supplicant.sh
endef
define Package/wpa-cli/install
diff --git a/package/wpa_supplicant/files/wpa_supplicant.sh b/package/wpa_supplicant/files/wpa_supplicant.sh
new file mode 100644
index 0000000000000000000000000000000000000000..192c90354085567bfdf6aaa43fa3703f5f9308f3
--- /dev/null
+++ b/package/wpa_supplicant/files/wpa_supplicant.sh
@@ -0,0 +1,78 @@
+wpa_supplicant_setup_vif() {
+ local vif="$1"
+ local driver="$2"
+
+ # wpa_supplicant should use wext for mac80211 cards
+ [ "$driver" = "mac80211" ] && driver='wext'
+
+ case "$enc" in
+ PSK|psk|psk2|PSK2)
+ key_mgmt='WPA-PSK'
+ config_get_bool usepassphrase "$vif" passphrase 1
+ case "$enc" in
+ psk|PSK)
+ proto='WPA'
+ if [ "$usepassphrase" = "1" ]; then
+ passphrase="psk=\"${key}\""
+ else
+ passphrase="psk=${key}"
+ fi
+ ;;
+ psk2|PSK2)
+ proto='RSN'
+ if [ "$usepassphrase" = "1" ]; then
+ passphrase="psk=\"${key}\""
+ else
+ passphrase="psk=${key}"
+ fi
+ ;;
+ esac
+ ;;
+ WPA|wpa|WPA2|wpa2i|8021x|8021X)
+ proto='WPA2'
+ key_mgmt='WPA-EAP'
+ config_get ca_cert "$vif" ca_cert
+ case "$eap_type" in
+ tls|TLS)
+ pairwise='pairwise=CCMP'
+ group='group=CCMP'
+ config_get priv_key "$vif" priv_key
+ config_get priv_key_pwd "$vif" priv_key_pwd
+ priv_key="private_key=\"$priv_key\""
+ priv_key_pwd="private_key_passwd=\"$priv_key_pwd\""
+ ;;
+ peap|PEAP|ttls|TTLS)
+ config_get auth "$vif" auth
+ config_get identity "$vif" identity
+ config_get password "$vif" password
+ phase2="phase2=\"auth=${auth:-MSCHAPV2}\""
+ identity="identity=\"$identity\""
+ password="password=\"$password\""
+ ;;
+ esac
+ ;;
+ esac
+ config_get ifname "$vif" ifname
+ config_get bridge "$vif" bridge
+ config_get ssid "$vif" ssid
+ eap_type=$(echo $eap_type | tr 'a-z' 'A-Z')
+ cat > /var/run/wpa_supplicant-$ifname.conf <<EOF
+network={
+ scan_ssid=1
+ ssid="$ssid"
+ key_mgmt=$key_mgmt
+ proto=$proto
+ $passphrase
+ $pairwise
+ $group
+ eap=$eap_type
+ ca_cert="$ca_cert"
+ $priv_key
+ $priv_key_pwd
+ $phase2
+ $identity
+ $password
+}
+EOF
+ [ -z "$proto" ] || wpa_supplicant ${bridge:+ -b $bridge} -B -D ${driver:-wext} -i "$ifname" -c /var/run/wpa_supplicant-$ifname.conf
+}