hak5
/
openwrt
mirror of https://github.com/hak5/openwrt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

hostapd: append nasid to config for all WPA types 

The 802.11r implementation in hostapd uses nas_identifier as PMK-R0 Key
Holder identifier. As 802.11r can also be used with WPA Personal, nasid
should be appended to the hostapd config for all WPA types.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 45049
lede-17.01
Felix Fietkau 2015-03-26 23:34:10 +00:00
parent eedf17dc9e
commit 4482d10a04
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
package/network/services/hostapd/files/hostapd.sh
View File

@ -129,9 +129,7 @@ hostapd_set_bss_options() {
append "$var" "radius_das_port=${dae_port:-3799}" "$N" append "$var" "radius_das_port=${dae_port:-3799}" "$N"
append "$var" "radius_das_client=$dae_client $dae_secret" "$N" append "$var" "radius_das_client=$dae_client $dae_secret" "$N"
} }
config_get nasid "$vif" nasid
config_get ownip "$vif" ownip config_get ownip "$vif" ownip
append "$var" "nas_identifier=$nasid" "$N"
append "$var" "own_ip_addr=$ownip" "$N" append "$var" "own_ip_addr=$ownip" "$N"
append "$var" "eapol_key_index_workaround=1" "$N" append "$var" "eapol_key_index_workaround=1" "$N"
append "$var" "ieee8021x=1" "$N" append "$var" "ieee8021x=1" "$N"
@ -216,6 +214,12 @@ hostapd_set_bss_options() {
[ -n "$ieee80211d" ] && append "$var" "ieee80211d=$ieee80211d" "$N" [ -n "$ieee80211d" ] && append "$var" "ieee80211d=$ieee80211d" "$N"
[ -n "$iapp_interface" ] && append "$var" iapp_interface=$(uci_get_state network "$iapp_interface" ifname "$iapp_interface") "$N" [ -n "$iapp_interface" ] && append "$var" iapp_interface=$(uci_get_state network "$iapp_interface" ifname "$iapp_interface") "$N"
if [ "$wpa" -ge "1" ]
then
config_get nasid "$vif" nasid
[ -n "$nasid" ] && append "$var" "nas_identifier=$nasid" "$N"
fi
if [ "$wpa" -ge "2" ] if [ "$wpa" -ge "2" ]
then then
# RSN -> allow preauthentication. You have two # RSN -> allow preauthentication. You have two

8
package/network/services/hostapd/files/netifd.sh
View File

@ -239,7 +239,7 @@ hostapd_set_bss_options() {
auth_server auth_secret auth_port \ auth_server auth_secret auth_port \
acct_server acct_secret acct_port \ acct_server acct_secret acct_port \
dae_client dae_secret dae_port \ dae_client dae_secret dae_port \
nasid ownip \ ownip \
eap_reauth_period dynamic_vlan \ eap_reauth_period dynamic_vlan \
vlan_naming vlan_tagged_interface \ vlan_naming vlan_tagged_interface \
vlan_bridge vlan_bridge
@ -273,7 +273,6 @@ hostapd_set_bss_options() {
append bss_conf "radius_das_client=$dae_client $dae_secret" "$N" append bss_conf "radius_das_client=$dae_client $dae_secret" "$N"
} }
append bss_conf "nas_identifier=$nasid" "$N"
[ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N" [ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" "$N"
append bss_conf "eapol_key_index_workaround=1" "$N" append bss_conf "eapol_key_index_workaround=1" "$N"
append bss_conf "ieee8021x=1" "$N" append bss_conf "ieee8021x=1" "$N"
@ -339,6 +338,11 @@ hostapd_set_bss_options() {
[ -n "$iapp_interface" ] && append bss_conf "iapp_interface=$iapp_interface" "$N" [ -n "$iapp_interface" ] && append bss_conf "iapp_interface=$iapp_interface" "$N"
} }
if [ "$wpa" -ge "1" ]; then
json_get_vars nasid
[ -n "$nasid" ] && append bss_conf "nas_identifier=$nasid" "$N"
fi
if [ "$wpa" -ge "2" ]; then if [ "$wpa" -ge "2" ]; then
if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then if [ -n "$network_bridge" -a "$rsn_preauth" = 1 ]; then
set_default auth_cache 1 set_default auth_cache 1