/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to network-hooks.d/wireless

  • Committer: Björn Påhlsson
  • Date: 2008-07-20 02:52:20 UTC
  • Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
       Avahi instead of udp server discovery
       openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

Show diffs side-by-side

added added

removed removed

Lines of Context:
network-hooks.d/wireless
1
 
#!/bin/sh
2
 
#
3
 
# This is an example of a Mandos client network hook.  This hook
4
 
# brings up a wireless interface as specified in a separate
5
 
# configuration file.  To be used, this file and any needed
6
 
# configuration file(s) should be copied into the
7
 
# /etc/mandos/network-hooks.d directory.
8
 
9
 
# Copying and distribution of this file, with or without modification,
10
 
# are permitted in any medium without royalty provided the copyright
11
 
# notice and this notice are preserved.  This file is offered as-is,
12
 
# without any warranty.
13
 
 
14
 
set -e
15
 
 
16
 
RUNDIR="/run"
17
 
CTRL="$RUNDIR/wpa_supplicant-global"
18
 
CTRLDIR="$RUNDIR/wpa_supplicant"
19
 
PIDFILE="$RUNDIR/wpa_supplicant-mandos.pid"
20
 
 
21
 
CONFIG="$MANDOSNETHOOKDIR/wireless.conf"
22
 
 
23
 
# Read config file
24
 
if [ -e "$CONFIG" ]; then
25
 
    . "$CONFIG"
26
 
else
27
 
    exit
28
 
fi
29
 
 
30
 
interfaces="`env|sed -n -e 's/^\(MODULE\|IPADDRS\|ROUTES\|WPA_DRIVER\)_\([^=]*\)=.*/\2/p' \"$CONFIG\" |sort -u`"
31
 
 
32
 
# Exit if DEVICE is set and is not any of the wireless interfaces
33
 
if [ -n "$DEVICE" ]; then
34
 
    while :; do
35
 
        for IF in $interfaces; do
36
 
            if [ "$IF" = "$DEVICE" ]; then
37
 
                break 2
38
 
            fi
39
 
        done
40
 
        exit
41
 
    done
42
 
fi
43
 
 
44
 
wpa_supplicant=/sbin/wpa_supplicant
45
 
wpa_cli=/sbin/wpa_cli
46
 
ip=/bin/ip
47
 
 
48
 
# Used by the wpa_interface_* functions in the wireless.conf file
49
 
wpa_cli_set(){
50
 
    case "$1" in
51
 
        ssid|psk) arg="\"$2\"" ;;
52
 
        *) arg="$2" ;;
53
 
    esac
54
 
    "$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" set_network "$NETWORK" \
55
 
        "$1" "$arg" 2>&1 | sed -e '/^OK$/d'
56
 
}
57
 
 
58
 
if [ $VERBOSITY -gt 0 ]; then
59
 
    WPAS_OPTIONS="-d $WPAS_OPTIONS"
60
 
fi
61
 
if [ -n "$PIDFILE" ]; then
62
 
    WPAS_OPTIONS="-P$PIDFILE $WPAS_OPTIONS"
63
 
fi
64
 
 
65
 
case "${MODE:-$1}" in
66
 
    start)
67
 
        mkdir -m u=rwx,go= -p "$CTRLDIR"
68
 
        "$wpa_supplicant" -B -g "$CTRL" -p "$CTRLDIR" $WPAS_OPTIONS
69
 
        for INTERFACE in $interfaces; do
70
 
            DRIVER=`eval 'echo "$WPA_DRIVER_'"$INTERFACE"\"`
71
 
            IFDELAY=`eval 'echo "$DELAY_'"$INTERFACE"\"`
72
 
            "$wpa_cli" -g "$CTRL" interface_add "$INTERFACE" "" \
73
 
                "${DRIVER:-wext}" "$CTRLDIR" > /dev/null \
74
 
                | sed -e '/^OK$/d'
75
 
            NETWORK=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" add_network`
76
 
            eval wpa_interface_"$INTERFACE"
77
 
            "$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" enable_network \
78
 
                "$NETWORK" | sed -e '/^OK$/d'
79
 
            sleep "${IFDELAY:-$DELAY}" &
80
 
            sleep=$!
81
 
            while :; do
82
 
                kill -0 $sleep 2>/dev/null || break
83
 
                STATE=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" status | sed -n -e 's/^wpa_state=//p'`
84
 
                if [ "$STATE" = COMPLETED ]; then
85
 
                    while :; do
86
 
                        kill -0 $sleep 2>/dev/null || break 2
87
 
                        UP=`cat /sys/class/net/"$INTERFACE"/operstate`
88
 
                        if [ "$UP" = up ]; then
89
 
                            kill $sleep 2>/dev/null
90
 
                            break 2
91
 
                        fi
92
 
                        sleep 1
93
 
                    done
94
 
                fi
95
 
                sleep 1
96
 
            done &
97
 
            wait $sleep || :
98
 
            IPADDRS=`eval 'echo "$IPADDRS_'"$INTERFACE"\"`
99
 
            if [ -n "$IPADDRS" ]; then
100
 
                if [ "$IPADDRS" = dhcp ]; then
101
 
                    ipconfig -c dhcp -d "$INTERFACE" || :
102
 
                    #dhclient "$INTERFACE"
103
 
                else
104
 
                    for ipaddr in $IPADDRS; do
105
 
                        "$ip" addr add "$ipaddr" dev "$INTERFACE"
106
 
                    done
107
 
                fi
108
 
            fi
109
 
            ROUTES=`eval 'echo "$ROUTES_'"$INTERFACE"\"`
110
 
            if [ -n "$ROUTES" ]; then
111
 
                for route in $ROUTES; do
112
 
                    "$ip" route add "$route" dev "$BRIDGE"
113
 
                done
114
 
            fi
115
 
        done
116
 
        ;;
117
 
    stop)
118
 
        "$wpa_cli" -g "$CTRL" terminate 2>&1 | sed -e '/^OK$/d'
119
 
        for INTERFACE in $interfaces; do
120
 
            "$ip" addr show scope global permanent dev "$INTERFACE" \
121
 
                | while read type addr rest; do
122
 
                case "$type" in
123
 
                    inet|inet6)
124
 
                        "$ip" addr del "$addr" dev "$INTERFACE"
125
 
                        ;;
126
 
                esac
127
 
            done
128
 
            "$ip" link set dev "$INTERFACE" down
129
 
        done
130
 
        ;;
131
 
    files)
132
 
        echo "$wpa_supplicant"
133
 
        echo "$wpa_cli"
134
 
        echo "$ip"
135
 
        ;;
136
 
    modules)
137
 
        if [ "$IPADDRS" = dhcp ]; then
138
 
            echo af_packet
139
 
        fi
140
 
        sed -n -e 's/#.*$//' -e 's/[    ]*$//' \
141
 
            -e 's/^MODULE_[^=]\+=//p' "$CONFIG"
142
 
        ;;
143
 
esac