diff options
-rwxr-xr-x | setnet.sh | 304 |
1 files changed, 188 insertions, 116 deletions
@@ -323,34 +323,39 @@ check_sudo(){ ## ## Check the output of a command provided as argument against an -## expected output +## expected output. Return 1 if the check fails, otherwise return 0 ## ##function chk_out(){ EXP_OUT=$1 shift - ACT_OUT=$(eval "$*") + log "chk_out" "check output of: $(echo $@)" + ACT_OUT=$($@) [ "${ACT_OUT}" = "${EXP_OUT}" ] || \ - log "chk_out" "Error: got '${ACT_OUT}' when expecting '${EXP_OUT}'" + log "chk_out" "Error: got '${ACT_OUT}' when expecting '${EXP_OUT}'" && \ + return 1 + return 0 } ## ## Check the exit value of a command provided as argument against an -## expected output +## expected output -- return 1 if the check fails, otherwise return 0 ## ##function chk_exit(){ EXP_EXIT=$1 shift - eval "$*" + log "chk_exit" "check exit value of: $(echo $@)" + $@ ACT_EXIT=$? [ "${ACT_EXIT}" = "${EXP_EXIT}" ] || \ - log "chk_exit" "Error: got '${ACT_EXIT}' when expecting '${EXP_EXIT}'" - + log "chk_exit" "Error: got '${ACT_EXIT}' when expecting '${EXP_EXIT}'" && \ + return 1 + return 0 } @@ -631,7 +636,14 @@ wpa_authenticate_EAP_PEAP(){ ##unimplemented "wpa_authenticate_EAP_PEAP" DEVNAME=$1 - NET_NUM=$2 + W_ESSID=$2 + + ## We first add the new network + NET_NUM=$(wpa_cli -i ${DEVNAME} add_network | tail -1) + + log "wifi_authenticate" "NET_NUM: ${NET_NUM}" + chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} ssid "\"${W_ESSID}\"" + ## we get the needed information, namely: ## @@ -649,11 +661,8 @@ wpa_authenticate_EAP_PEAP(){ ## Remove identity and password from the temp file echo "" > ${TMPFILE} - # now we can begin -- get the EAP key_mgmt - KEY_MGMT=$(wpa_cli -i ${DEVNAME} get_network ${NET_NUM} key_mgmt | tr ' ' '\n' | \ - grep "EAP" | head -1) - chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} key_mgmt ${KEY_MGMT} + chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} key_mgmt EAP ## Set the eap to PEAP chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} eap PEAP @@ -662,7 +671,7 @@ wpa_authenticate_EAP_PEAP(){ chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} password "${EAP_PASSWORD}" eval "${DIALOG} --defaultno --yesno \ - 'Network \"${W_ESSID}\" added\nSave configuration file?' \ + 'Network \"${W_ESSID}\" configured\nSave configuration file?' \ ${INFO_HEIGHT} ${INFO_WIDTH} " 2> ${TMPFILE} if [ $? -eq 0 ]; then ## Save the config file @@ -679,53 +688,57 @@ wpa_authenticate_EAP_PEAP(){ ##function -wifi_authenticate_EAP(){ +# wifi_authenticate_EAP(){ - DEVNAME="$1" - W_ESSID="$2" +# DEVNAME="$1" +# W_ESSID="$2" - ## We first add the new network - NET_NUM=$(wpa_cli -i ${DEVNAME} add_network | tail -1) +# ## We first add the new network +# NET_NUM=$(wpa_cli -i ${DEVNAME} add_network | tail -1) - log "wifi_authenticate" "NET_NUM: ${NET_NUM}" - chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} ssid "\"${W_ESSID}\"" +# log "wifi_authenticate" "NET_NUM: ${NET_NUM}" +# chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} ssid "\"${W_ESSID}\"" - ## then we check what kind of EAP authentication is available: - ## - EAP_TYPE=$(wpa_cli -i ${DEVNAME} get_network ${NET_NUM} eap) +# ## then we check what kind of EAP authentication is available: +# ## +# EAP_TYPE=$(wpa_cli -i ${DEVNAME} get_network ${NET_NUM} eap) - log "wifi_authenticate_EAP" "EAP_TYPE: ${EAP_TYPE}" +# log "wifi_authenticate_EAP" "EAP_TYPE: ${EAP_TYPE}" - case ${EAP_TYPE} in - "PEAP") - wpa_authenticate_EAP_PEAP ${DEVNAME} ${NET_NUM} - return $? - ;; - "TLS") - ## TLS is not currently implemented - wpa_authenticate_EAP_TLS ${DEVNAME} ${NET_NUM} - # return $? - ;; - *) - ## We don't support anything more than PEAP and TSL, atm +# case ${EAP_TYPE} in +# "PEAP") +# wpa_authenticate_EAP_PEAP ${DEVNAME} ${NET_NUM} +# return $? +# ;; +# "TLS") +# ## TLS is not currently implemented +# wpa_authenticate_EAP_TLS ${DEVNAME} ${NET_NUM} +# # return $? +# ;; +# *) +# ## We don't support anything more than PEAP and TSL, atm - ;; - esac +# ;; +# esac - ### If we get here, there was an error before, and we should - ### remove the network to not clutter wpa_supplicant... +# ### If we get here, there was an error before, and we should +# ### remove the network to not clutter wpa_supplicant... - chk_out "OK" wpa_cli -i ${DEVNAME} remove_network ${NET_NUM} - eval "${DIALOG} --msgbox 'EAP-${EAP_TYPE} authentication is not currently supported\n' \ - ${INFO_HEIGHT} ${INFO_WIDTH}" +# chk_out "OK" wpa_cli -i ${DEVNAME} remove_network ${NET_NUM} +# eval "${DIALOG} --msgbox 'EAP-${EAP_TYPE} authentication is not currently supported\n' \ +# ${INFO_HEIGHT} ${INFO_WIDTH}" - return 1 -} +# return 1 +# } + +## +## Open access point +## ##function -wifi_authenticate_ESS(){ +wifi_authenticate_NONE(){ DEVNAME="$1" W_ESSID="$2" @@ -754,13 +767,13 @@ wifi_authenticate_ESS(){ ##function wifi_authenticate_PSK(){ - DEVNAME="$1" + DEVNAME=$1 W_ESSID="$2" PSK="" PSK_LENGTH=${#PSK} while [ ${PSK_LENGTH} -le 7 ]; do - eval "${DIALOG} --insecure --inputbox 'Please insert WPA PSK\n(8 characters)' \ + eval "${DIALOG} --insecure --inputbox 'Please insert WPA PSK\n(min 8 characters)' \ ${INFO_HEIGHT} ${INFO_WIDTH}" 2> ${TMPFILE} if [ $? -eq 1 ]; then eval "${DIALOG} --msgbox 'Network configuration aborted!!!' \ @@ -773,9 +786,14 @@ wifi_authenticate_PSK(){ NET_NUM=$(wpa_cli -i ${DEVNAME} add_network | tail -1) - + + log "wifi_authenticate_PSK" "NET_NUM: ${NET_NUM}" + log "wifi_authenticate_PSK" "W_ESSID: ${W_ESSID}" + log "wifi_authenticate_PSK" "PSK: ${PSK}" + + chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} ssid "\"${W_ESSID}\"" - chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} psk \"${PSK}\" + chk_out "OK" wpa_cli -i ${DEVNAME} set_network ${NET_NUM} psk "\"${PSK}\"" ## remove the password from tmpfile echo "" > ${TMPFILE} eval "${DIALOG} --defaultno --yesno \ @@ -795,6 +813,76 @@ wifi_authenticate_PSK(){ } +## +## Manage WPA authentication. Choose among the available +## authentication systems currently supported: +## +## - PSK +## - EAP/PEAP +## - EAP/TLS +## + +##function +wifi_authenticate_WPA(){ + + DEVNAME=$1 + W_ESSID=$2 + + ## + ## Construct the menu with all the available authentication modes + ## + MODES=$(echo $W_FLAGS | sed -r -e 's/\]\[/\n/g;s/\[//g;s/\]//g' | grep -E "^WPA") + log "wifi_authenticate_WPA" "MODES: ${MODES}" + MENU_ITEMS="" + CNT=0 + for m in ${MODES}; do + WPA_TYPE=$(echo ${m} | cut -d "-" -f 1) + HAS_PSK=$(echo ${m} | cut -d "-" -f 2 | grep "PSK") + if [ "${HAS_PSK}" != "" ]; then + MENU_ITEMS="${MENU_ITEMS} '${WPA_TYPE}+PSK' 'Pre-shared key' " + fi + + HAS_EAP=$(echo ${m} | cut -d "-" -f 2 | grep "EAP") + if [ "${HAS_EAP}" != "" ]; then + MENU_ITEMS="${MENU_ITEMS} '${WPA_TYPE}+EAP/PEAP' 'EAP/PEAP' " + MENU_ITEMS="${MENU_ITEMS} '${WPA_TYPE}+EAP/TLS' 'EAP/TLS' " + fi + done + + log "wifi_authenticate_WPA" "MENU_ITEMS: ${MENU_ITEMS}" + + + eval "${DIALOG} --menu 'Select authentication' ${WINDOW_HEIGHT} ${WINDOW_WIDTH} 10 \ + ${MENU_ITEMS} " 2> ${TMPFILE} + + if [ $? != "0" ]; then + ## conf aborted + log "wifi_authenticate_WPA" "configuration aborted" + return 1; + fi + + + SEL_MODE=$(cat ${TMPFILE}) + log "wifi_authenticate_WPA" "SEL_MODE: ${SEL_MODE}" + case ${SEL_MODE} in + "WPA+EAP/PEAP"|"WPA2+EAP/PEAP") + wifi_authenticate_EAP_PEAP ${DEVNAME} ${W_ESSID} + ;; + "WPA+EAP/TLS"|"WPA2+EAP/TLS") + wifi_authenticate_EAP_TLS ${DEVNAME} ${W_ESSID} + ;; + "WPA+PSK"|"WPA2+PSK") + wifi_authenticate_PSK ${DEVNAME} ${W_ESSID} + ;; + *) + log "wifi_authenticate_PSK" "Error. SEL_MODE '${SEL_MODE}' unsupported" + + esac + + +} + + ## ## Manage the authentication for a given wifi ESSID @@ -808,86 +896,70 @@ wifi_authenticate(){ ##local DEVNAME=$1 -##local + ##local W_MAC=$2 - - + + log "wifi_authenticate" "configuring ${DEVNAME} on ${W_MAC}" - ## This will set the variable W_ESSID appropriately - wifi_essid_from_mac ${DEVNAME} ${W_MAC} - - ## This will set the variable W_FLAGS appropriately - wifi_flags_from_mac ${DEVNAME} ${W_MAC} + ## This will set the variable W_ESSID appropriately + wifi_essid_from_mac ${DEVNAME} ${W_MAC} + + ## This will set the variable W_FLAGS appropriately + wifi_flags_from_mac ${DEVNAME} ${W_MAC} - - log "wifi_authenticate" "configuring essid: ${W_ESSID} on device: ${DEVNAME}" - log "wifi_authenticate" "W_FLAGS: ${W_FLAGS}" + + log "wifi_authenticate" "configuring essid: ${W_ESSID} on device: ${DEVNAME}" + log "wifi_authenticate" "W_FLAGS: ${W_FLAGS}" - ## If the network exists already, we first remove it... - - NET_EXISTS=$(wpa_cli -i ${DEVNAME} list_networks | tail -n +2 | sed -r -e 's/\t/\|/g' \ + ## If the network exists already, we first remove it... + + NET_EXISTS=$(wpa_cli -i ${DEVNAME} list_networks | tail -n +2 | sed -r -e 's/\t/\|/g' \ | cut -d "|" -f 2 | grep -c "${W_ESSID}$" ) - if [ ${NET_EXISTS} != 0 ]; then - NET_NUM=$(wpa_cli -i ${DEVNAME} list_networks | tail -n +2 | sed -r -e 's/\t/\|/g' \ + if [ ${NET_EXISTS} != 0 ]; then + NET_NUM=$(wpa_cli -i ${DEVNAME} list_networks | tail -n +2 | sed -r -e 's/\t/\|/g' \ | cut -d "|" -f 1,2 | grep "${W_ESSID}$" | cut -d "|" -f 1) - STATUS=$(wpa_cli -i ${DEVNAME} remove_network ${NET_NUM}) - if [ "${STATUS}" != "OK" ]; then - eval "${DIALOG} --msgbox 'Error while removing existing \ + STATUS=$(wpa_cli -i ${DEVNAME} remove_network ${NET_NUM}) + if [ "${STATUS}" != "OK" ]; then + eval "${DIALOG} --msgbox 'Error while removing existing \ network:\n$essid: {W_ESSID}'" ${INFO_HEIGHT} ${INFO_WIDTH} - return - fi - fi - - HAS_EAP=$(echo "${W_FLAGS}" | grep -E -c "WPA.*-EAP" ) - - log "wifi_authenticate" "HAS_EAP: \"${HAS_EAP}\"" - - ### This will configure WPA-EAP - if [ "${HAS_EAP}" != "0" ]; then - wifi_authenticate_EAP ${DEVNAME} ${W_ESSID} - if [ $? = "0" ]; then - log "wifi_authenticate" "EAP configured" - return 0 - fi - fi + return + fi + fi - log "wifi_authenticate" "EAP not supported" - - HAS_PSK=$(echo "${W_FLAGS}" | grep -E -c "WPA.*-PSK" ) + ## Check whether WPA is available + + HAS_WPA=$(echo "${W_FLAGS}" | grep -E -c "WPA" ) - log "wifi_authenticate" "HAS_PSK: \"${HAS_PSK}\"" - - ### This will configure WPA-PSK or WPA2-PSK - if [ "${HAS_PSK}" != "0" ]; then - wifi_authenticate_PSK ${DEVNAME} ${W_ESSID} - if [ $? = "0" ]; then - log "wifi_authenticate" "WPA-PSK configured" - return 0 - fi - fi + log "wifi_authenticate" "HAS_WPA: \"${HAS_WPA}\"" + + ### This will configure WPA + if [ "${HAS_WPA}" != "0" ]; then + wifi_authenticate_WPA ${DEVNAME} ${W_ESSID} + if [ $? = "0" ]; then + log "wifi_authenticate" "WPA configured" + return 0 + fi + fi - log "wifi_authenticate" "WPA-PSK not supported" + log "wifi_authenticate" "WPA authentication failed, aborted, or not supported" - - HAS_ESS=$(echo "${W_FLAGS}" | grep -E -c "ESS" ) - - log "wifi_authenticate" "HAS_ESS: \"${HAS_ESS}\"" - - if [ "${HAS_ESS}" != "0" ]; then - wifi_authenticate_ESS ${DEVNAME} ${W_ESSID} - if [ $? = "0" ]; then - log "wifi_authenticate" "ESS configured" - return 0 - fi - fi + ### ...otherwise, try to configure an open connection (key_mgmt=NONE) + + log "wifi_authenticate" "Trying open (no WPA) configuration..." + + wifi_authenticate_NONE ${DEVNAME} ${W_ESSID} + if [ $? = "0" ]; then + log "wifi_authenticate" "Open connection configured" + return 0 + fi - log "wifi_authenticate" "ESS not supported" - - ## No available authentication methods.... + log "wifi_authenticate" "Open connection not supported" + + ## No available authentication methods.... - eval "${DIALOG} --msgbox 'No supported authentication method for ${W_ESSID}'" - return 1 + eval "${DIALOG} --msgbox 'No supported authentication method for ${W_ESSID}'" + return 1 } |