/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to network-hooks.d/wireless

  • Committer: Teddy Hogeborn
  • Date: 2008-08-29 05:53:59 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus
* mandos.xml (EXAMPLE): Replaced all occurences of command name with
                        "&COMMANDNAME;".

* plugins.d/password-prompt.c (main): Improved some documentation
                                      strings.  Do perror() of
                                      tcgetattr() fails.  Add debug
                                      output if interrupted by signal.
                                      Loop over write() instead of
                                      using fwrite() when outputting
                                      password.  Add debug output if
                                      getline() returns 0, unless it
                                      was caused by a signal.  Add
                                      exit status code to debug
                                      output.

* plugins.d/password-prompt.xml: Changed all single quotes to double
                                 quotes for consistency.  Removed
                                 <?xml-stylesheet>.
  (ENTITY TIMESTAMP): New.  Automatically updated by Emacs time-stamp
                      by using Emacs local variables.
  (/refentry/refentryinfo/title): Changed to "Mandos Manual".
  (/refentry/refentryinfo/productname): Changed to "Mandos".
  (/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
  (/refentry/refentryinfo/copyright): Split copyright holders.
  (/refentry/refnamediv/refpurpose): Improved wording.
  (SYNOPSIS): Fix to use correct markup.  Add short options.
  (DESCRIPTION, OPTIONS): Improved wording.
  (OPTIONS): Improved wording.  Use more correct markup.  Document
             short options.
  (EXIT STATUS): Add text.
  (ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
  (FILES): REMOVED.
  (BUGS): Add text.
  (EXAMPLE): Added some examples.
  (SECURITY): Added text.
  (SEE ALSO): Remove reference to mandos(8).  Add reference to
              crypttab(5).

Show diffs side-by-side

added added

removed removed

Lines of Context:
network-hooks.d/wireless
1
 
#!/bin/sh
2
 
#
3
 
# This is an example of a Mandos client network hook.  This hook
4
 
# brings up a wireless interface as specified in a separate
5
 
# configuration file.  To be used, this file and any needed
6
 
# configuration file(s) should be copied into the
7
 
# /etc/mandos/network-hooks.d directory.
8
 
9
 
# Copying and distribution of this file, with or without modification,
10
 
# are permitted in any medium without royalty provided the copyright
11
 
# notice and this notice are preserved.  This file is offered as-is,
12
 
# without any warranty.
13
 
 
14
 
set -e
15
 
 
16
 
RUNDIR="/run"
17
 
CTRL="$RUNDIR/wpa_supplicant-global"
18
 
CTRLDIR="$RUNDIR/wpa_supplicant"
19
 
PIDFILE="$RUNDIR/wpa_supplicant-mandos.pid"
20
 
 
21
 
CONFIG="$MANDOSNETHOOKDIR/wireless.conf"
22
 
 
23
 
# Read config file
24
 
if [ -e "$CONFIG" ]; then
25
 
    . "$CONFIG"
26
 
else
27
 
    exit
28
 
fi
29
 
 
30
 
interfaces="`env|sed -n -e 's/^\(MODULE\|IPADDRS\|ROUTES\|WPA_DRIVER\)_\([^=]*\)=.*/\2/p' \"$CONFIG\" |sort -u`"
31
 
 
32
 
# Exit if DEVICE is set and is not any of the wireless interfaces
33
 
if [ -n "$DEVICE" ]; then
34
 
    while :; do
35
 
        for IF in $interfaces; do
36
 
            if [ "$IF" = "$DEVICE" ]; then
37
 
                break 2
38
 
            fi
39
 
        done
40
 
        exit
41
 
    done
42
 
fi
43
 
 
44
 
wpa_supplicant=/sbin/wpa_supplicant
45
 
wpa_cli=/sbin/wpa_cli
46
 
ip=/bin/ip
47
 
 
48
 
# Used by the wpa_interface_* functions in the wireless.conf file
49
 
wpa_cli_set(){
50
 
    case "$1" in
51
 
        ssid|psk) arg="\"$2\"" ;;
52
 
        *) arg="$2" ;;
53
 
    esac
54
 
    "$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" set_network "$NETWORK" \
55
 
        "$1" "$arg" 2>&1 | sed -e '/^OK$/d'
56
 
}
57
 
 
58
 
if [ $VERBOSITY -gt 0 ]; then
59
 
    WPAS_OPTIONS="-d $WPAS_OPTIONS"
60
 
fi
61
 
if [ -n "$PIDFILE" ]; then
62
 
    WPAS_OPTIONS="-P$PIDFILE $WPAS_OPTIONS"
63
 
fi
64
 
 
65
 
case "${MODE:-$1}" in
66
 
    start)
67
 
        mkdir -m u=rwx,go= -p "$CTRLDIR"
68
 
        "$wpa_supplicant" -B -g "$CTRL" -p "$CTRLDIR" $WPAS_OPTIONS
69
 
        for INTERFACE in $interfaces; do
70
 
            DRIVER=`eval 'echo "$WPA_DRIVER_'"$INTERFACE"\"`
71
 
            DELAY=`eval 'echo "$DELAY_'"$INTERFACE"\"`
72
 
            "$wpa_cli" -g "$CTRL" interface_add "$INTERFACE" "" \
73
 
                "${DRIVER:-wext}" "$CTRLDIR" > /dev/null \
74
 
                | sed -e '/^OK$/d'
75
 
            NETWORK=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" add_network`
76
 
            eval wpa_interface_"$INTERFACE"
77
 
            "$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" enable_network \
78
 
                "$NETWORK" | sed -e '/^OK$/d'
79
 
            ( sleep "${DELAY:-$DELAY}" || : ) &
80
 
            sleep=$!
81
 
            while :; do
82
 
                kill -0 $sleep || break
83
 
                STATE=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" status | sed -n -e 's/^wpa_state=//p'`
84
 
                if [ "$STATE" = COMPLETED ]; then
85
 
                    kill $sleep
86
 
                    break
87
 
                fi
88
 
                sleep 1
89
 
            done &
90
 
            wait $sleep || :
91
 
            IPADDRS=`eval 'echo "$IPADDRS_'"$INTERFACE"\"`
92
 
            if [ -n "$IPADDRS" ]; then
93
 
                if [ "$IPADDRS" = dhcp ]; then
94
 
                    ipconfig -c dhcp -d "$INTERFACE" || :
95
 
                    #dhclient "$INTERFACE"
96
 
                else
97
 
                    for ipaddr in $IPADDRS; do
98
 
                        "$ip" addr add "$ipaddr" dev "$INTERFACE"
99
 
                    done
100
 
                fi
101
 
            fi
102
 
            ROUTES=`eval 'echo "$ROUTES_'"$INTERFACE"\"`
103
 
            if [ -n "$ROUTES" ]; then
104
 
                for route in $ROUTES; do
105
 
                    "$ip" route add "$route" dev "$BRIDGE"
106
 
                done
107
 
            fi
108
 
        done
109
 
        ;;
110
 
    stop)
111
 
        "$wpa_cli" -g "$CTRL" terminate 2>&1 | sed -e '/^OK$/d'
112
 
        for INTERFACE in $interfaces; do
113
 
            "$ip" addr show scope global permanent dev "$INTERFACE" \
114
 
                | while read type addr rest; do
115
 
                case "$type" in
116
 
                    inet|inet6)
117
 
                        "$ip" addr del "$addr" dev "$INTERFACE"
118
 
                        ;;
119
 
                esac
120
 
            done
121
 
            "$ip" link set dev "$INTERFACE" down
122
 
        done
123
 
        ;;
124
 
    files)
125
 
        echo "$wpa_supplicant"
126
 
        echo "$wpa_cli"
127
 
        echo "$ip"
128
 
        ;;
129
 
    modules)
130
 
        if [ "$IPADDRS" = dhcp ]; then
131
 
            echo af_packet
132
 
        fi
133
 
        sed -n -e 's/#.*$//' -e 's/[    ]*$//' -e 's/^MODULE=//p' \
134
 
            "$CONFIG"
135
 
        ;;
136
 
esac