ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-18 21:28:02 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

wifi-scripts: introduce rxkh_file uci option

Browse Source 
With rxkh_file, hostapd will read a list of RxKHs from a text file.
This also makes it possible for hostapd to dynamically reload RxKHs.

RxKHs defined in rxkh_file should be formated as described in hostapd.conf,
with one entry per line.

R0KH/R1KH format:
r0kh=<MAC address> <NAS Identifier> <256-bit key as hex string>
r1kh=<MAC address> <R1KH-ID> <256-bit key as hex string>

Reworked behavior of the uci options r0kh and r1kh.

When rxkh_file is not configured:
  Instead of appending the RxKHs to the hostapd bss configuration.
  They will be added to a interface specific file with name
  /var/run/hostapd-phyX-apX.rxkh.
  This file will be used as the rxkh_file in the hostapd bss configuration.

When rxkh_file is configured:
  The specified file will be used in the hostapd bss configuration,
  and will be the only source for configured RxKHs.
  All RxKHs defined with the uci options r0kh or r1kh will be ignored.

Signed-off-by: Sybil127 <sybil127@outlook.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
Sybil127 2024-05-23 17:43:07 +02:00 committed by Felix Fietkau
parent 00860e485b
commit 97c8a94ec5
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
package/network/config/wifi-scripts/files/lib/netifd/hostapd.sh
View File

@ -335,7 +335,7 @@ hostapd_common_add_bss_config() {
config_add_boolean ieee80211r pmk_r1_push ft_psk_generate_local ft_over_ds
config_add_int r0_key_lifetime reassociation_deadline
config_add_string mobility_domain r1_key_holder
config_add_string mobility_domain r1_key_holder rxkh_file
config_add_array r0kh r1kh
config_add_int ieee80211w_max_timeout ieee80211w_retry_timeout
@ -592,7 +592,7 @@ hostapd_set_bss_options() {
wireless_vif_parse_encryption
local bss_conf bss_md5sum ft_key
local bss_conf bss_md5sum ft_key rxkhs
local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_key_mgmt
json_get_vars \
@ -981,7 +981,7 @@ hostapd_set_bss_options() {
append bss_conf "reassociation_deadline=$reassociation_deadline" "$N"
if [ "$ft_psk_generate_local" -eq "0" ]; then
json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push
json_get_vars r0_key_lifetime r1_key_holder pmk_r1_push rxkh_file
json_get_values r0kh r0kh
json_get_values r1kh r1kh
@ -1003,12 +1003,20 @@ hostapd_set_bss_options() {
append bss_conf "r0_key_lifetime=$r0_key_lifetime" "$N"
append bss_conf "pmk_r1_push=$pmk_r1_push" "$N"
if [ -z "$rxkh_file" ]; then
set_default rxkh_file /var/run/hostapd-$ifname.rxkh
[ -e "$rxkh_file" ] && rm -f "$rxkh_file"
touch "$rxkh_file"
for kh in $r0kh; do
append bss_conf "r0kh=${kh//,/ }" "$N"
append rxkhs "r0kh=${kh//,/ }" "$N"
done
for kh in $r1kh; do
append bss_conf "r1kh=${kh//,/ }" "$N"
append rxkhs "r1kh=${kh//,/ }" "$N"
done
echo "$rxkhs" > "$rxkh_file"
fi
append bss_conf "rxkh_file=$rxkh_file" "$N"
fi
fi