Allow the use of 64 hex digits pre-shared-key

hostapd allow the use of a 64 hex digits pre-shared-key:
it is the combination of SSID and ASCII passphrase.
The user can use wpa_passphrase command to calculate it.

Add a --psk command switch to allow that
This commit is contained in:
solsTiCe d'Hiver 2015-05-13 14:28:30 +02:00
parent 3f08801967
commit bae72de6dc

View File

@ -40,6 +40,7 @@ usage() {
echo " Use: 'nat' for NAT (default)" echo " Use: 'nat' for NAT (default)"
echo " 'bridge' for bridging" echo " 'bridge' for bridging"
echo " 'none' for no Internet sharing (equivalent to -n)" echo " 'none' for no Internet sharing (equivalent to -n)"
echo " --psk Use 64 hex digits pre-shared-key instead of passphrase"
echo " --hidden Make the Access Point hidden (do not broadcast the SSID)" echo " --hidden Make the Access Point hidden (do not broadcast the SSID)"
echo " --ieee80211n Enable IEEE 802.11n (HT)" echo " --ieee80211n Enable IEEE 802.11n (HT)"
echo " --ht_capab <HT> HT capabilities (default: [HT40+])" echo " --ht_capab <HT> HT capabilities (default: [HT40+])"
@ -807,7 +808,7 @@ send_stop() {
} }
ARGS=( "$@" ) ARGS=( "$@" )
GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","daemon","stop:","list","version","no-haveged" -n "$PROGNAME" -- "$@") GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","daemon","stop:","list","version","psk","no-haveged" -n "$PROGNAME" -- "$@")
[[ $? -ne 0 ]] && exit 1 [[ $? -ne 0 ]] && exit 1
eval set -- "$GETOPT_ARGS" eval set -- "$GETOPT_ARGS"
@ -908,6 +909,10 @@ while :; do
shift shift
NO_HAVEGED=1 NO_HAVEGED=1
;; ;;
--psk)
shift
WPA_MODE="psk"
;;
--) --)
shift shift
break break
@ -915,6 +920,8 @@ while :; do
esac esac
done done
WPA_MODE=${WPA_MODE:="passphrase"}
if [[ $# -lt 1 && $FIX_UNMANAGED -eq 0 && -z "$STOP_ID" && $LIST_RUNNING -eq 0 ]]; then if [[ $# -lt 1 && $FIX_UNMANAGED -eq 0 && -z "$STOP_ID" && $LIST_RUNNING -eq 0 ]]; then
usage >&2 usage >&2
exit 1 exit 1
@ -1083,7 +1090,12 @@ else
while :; do while :; do
read -p "Passphrase: " -s PASSPHRASE read -p "Passphrase: " -s PASSPHRASE
echo echo
if [[ ${#PASSPHRASE} -gt 0 && ${#PASSPHRASE} -lt 8 ]] || [[ ${#PASSPHRASE} -gt 63 ]]; then if [[ ${WPA_MODE} == "psk" ]]; then
if [[ ${#PASSPHRASE} -ne 64 ]]; then
echo "ERROR: Invalid pre-shared-key length ${#PASSPHRASE} (expected 64)" >&2
continue
fi
elif [[ ${#PASSPHRASE} -gt 0 && ${#PASSPHRASE} -lt 8 ]] || [[ ${#PASSPHRASE} -gt 63 ]]; then
echo "ERROR: Invalid passphrase length ${#PASSPHRASE} (expected 8..63)" >&2 echo "ERROR: Invalid passphrase length ${#PASSPHRASE} (expected 8..63)" >&2
continue continue
fi fi
@ -1111,8 +1123,15 @@ if [[ ${#SSID} -lt 1 || ${#SSID} -gt 32 ]]; then
exit 1 exit 1
fi fi
if [[ ${#PASSPHRASE} -gt 0 && ${#PASSPHRASE} -lt 8 ]] || [[ ${#PASSPHRASE} -gt 63 ]]; then if [[ ${WPA_MODE} == "passphrase" ]]; then
echo "ERROR: Invalid passphrase length ${#PASSPHRASE} (expected 8..63)" >&2 if [[ ${#PASSPHRASE} -gt 0 && ${#PASSPHRASE} -lt 8 ]] || [[ ${#PASSPHRASE} -gt 63 ]]; then
echo "ERROR: Invalid passphrase length ${#PASSPHRASE} (expected 8..63)" >&2
exit 1
fi
fi
if [[ ${WPA_MODE} == "psk" && ${#PASSPHRASE} -ne 64 ]]; then
echo "ERROR: Invalid pre-shared-key length ${#PASSPHRASE} (expected 64)" >&2
exit 1 exit 1
fi fi
@ -1261,7 +1280,7 @@ if [[ -n "$PASSPHRASE" ]]; then
[[ "$WPA_VERSION" == "1+2" ]] && WPA_VERSION=3 [[ "$WPA_VERSION" == "1+2" ]] && WPA_VERSION=3
cat << EOF >> $CONFDIR/hostapd.conf cat << EOF >> $CONFDIR/hostapd.conf
wpa=${WPA_VERSION} wpa=${WPA_VERSION}
wpa_passphrase=$PASSPHRASE wpa_$WPA_MODE=$PASSPHRASE
wpa_key_mgmt=WPA-PSK wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP rsn_pairwise=CCMP