diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2010-10-18 04:10:59 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2010-10-18 04:10:59 +0000 |
commit | 71d52980e1bad002fad823b45b6b8de23ad378d4 (patch) | |
tree | f644718063a1a9f7a59b3cac9353c063cc2eafc5 /sbin | |
parent | bf1773d7c45d72bafb95b717fd0d1f06908710c2 (diff) |
Add wpakey/-wpakey options. This was originally written by halex and
has gone many times around now (it is smaller now). man page diff
coming soon. Fits onto the media that need it.
ok halex
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ifconfig/Makefile | 8 | ||||
-rw-r--r-- | sbin/ifconfig/ifconfig.c | 55 |
2 files changed, 59 insertions, 4 deletions
diff --git a/sbin/ifconfig/Makefile b/sbin/ifconfig/Makefile index 072c8546bec..a3c3381d6eb 100644 --- a/sbin/ifconfig/Makefile +++ b/sbin/ifconfig/Makefile @@ -1,9 +1,11 @@ -# $OpenBSD: Makefile,v 1.10 2009/11/22 22:00:24 claudio Exp $ +# $OpenBSD: Makefile,v 1.11 2010/10/18 04:10:56 deraadt Exp $ + +.PATH: ${.CURDIR}/../bioctl PROG= ifconfig -SRCS= ifconfig.c brconfig.c +SRCS= ifconfig.c brconfig.c pbkdf2.c MAN= ifconfig.8 -CPPFLAGS+=-DINET6 +CPPFLAGS+=-DINET6 -I${.CURDIR}/../bioctl .include <bsd.prog.mk> diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c index 6f4c012c272..ee0f6483acc 100644 --- a/sbin/ifconfig/ifconfig.c +++ b/sbin/ifconfig/ifconfig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ifconfig.c,v 1.239 2010/07/03 04:44:51 guenther Exp $ */ +/* $OpenBSD: ifconfig.c,v 1.240 2010/10/18 04:10:57 deraadt Exp $ */ /* $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $ */ /* @@ -105,6 +105,7 @@ #include <ifaddrs.h> #include "brconfig.h" +#include "pbkdf2.h" struct ifreq ifr, ridreq; struct in_aliasreq in_addreq; @@ -160,6 +161,7 @@ void setifwpaprotos(const char *, int); void setifwpaakms(const char *, int); void setifwpaciphers(const char *, int); void setifwpagroupcipher(const char *, int); +void setifwpakey(const char *, int); void setifwpapsk(const char *, int); void setifchan(const char *, int); void setifscan(const char *, int); @@ -317,6 +319,8 @@ const struct cmd { { "wpaciphers", NEXTARG, 0, setifwpaciphers }, { "wpagroupcipher", NEXTARG, 0, setifwpagroupcipher }, { "wpaprotos", NEXTARG, 0, setifwpaprotos }, + { "wpakey", NEXTARG, 0, setifwpakey }, + { "-wpakey", -1, 0, setifwpakey }, { "wpapsk", NEXTARG, 0, setifwpapsk }, { "-wpapsk", -1, 0, setifwpapsk }, { "chan", NEXTARG0, 0, setifchan }, @@ -1564,6 +1568,7 @@ setifwpa(const char *val, int d) { struct ieee80211_wpaparams wpa; + memset(&wpa, 0, sizeof(wpa)); (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) err(1, "SIOCG80211WPAPARMS"); @@ -1594,6 +1599,7 @@ setifwpaprotos(const char *val, int d) } free(optlist); + memset(&wpa, 0, sizeof(wpa)); (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) err(1, "SIOCG80211WPAPARMS"); @@ -1624,6 +1630,7 @@ setifwpaakms(const char *val, int d) } free(optlist); + memset(&wpa, 0, sizeof(wpa)); (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) err(1, "SIOCG80211WPAPARMS"); @@ -1675,6 +1682,7 @@ setifwpaciphers(const char *val, int d) } free(optlist); + memset(&wpa, 0, sizeof(wpa)); (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) err(1, "SIOCG80211WPAPARMS"); @@ -1694,6 +1702,7 @@ setifwpagroupcipher(const char *val, int d) if (cipher == IEEE80211_WPA_CIPHER_NONE) errx(1, "wpagroupcipher: unknown cipher: %s", val); + memset(&wpa, 0, sizeof(wpa)); (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) err(1, "SIOCG80211WPAPARMS"); @@ -1703,6 +1712,50 @@ setifwpagroupcipher(const char *val, int d) } void +setifwpakey(const char *val, int d) +{ + struct ieee80211_wpaparams wpa; + struct ieee80211_wpapsk psk; + struct ieee80211_nwid nwid; + int passlen, nwid_len; + + memset(&psk, 0, sizeof(psk)); + if (d != -1) { + memset(&ifr, 0, sizeof(ifr)); + ifr.ifr_data = (caddr_t)&nwid; + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); + if (ioctl(s, SIOCG80211NWID, (caddr_t)&ifr)) + err(1, "SIOCG80211NWID"); + + passlen = strlen(val); + if (passlen < 8 || passlen > 63) + errx(1, "wpakey: passphrase must be between 8 and 63 " + "characters"); + nwid_len = nwid.i_len; + if (nwid_len == 0) + errx(1, "wpakey: nwid not set"); + if (pkcs5_pbkdf2(val, passlen, nwid.i_nwid, nwid_len, psk.i_psk, + sizeof(psk.i_psk), 4096) != 0) + errx(1, "wpakey: passphrase hashing failed"); + psk.i_enabled = 1; + } else + psk.i_enabled = 0; + + (void)strlcpy(psk.i_name, name, sizeof(psk.i_name)); + if (ioctl(s, SIOCS80211WPAPSK, (caddr_t)&psk) < 0) + err(1, "SIOCS80211WPAPSK"); + + /* And ... automatically enable or disable WPA */ + memset(&wpa, 0, sizeof(wpa)); + (void)strlcpy(wpa.i_name, name, sizeof(wpa.i_name)); + if (ioctl(s, SIOCG80211WPAPARMS, (caddr_t)&wpa) < 0) + err(1, "SIOCG80211WPAPARMS"); + wpa.i_enabled = psk.i_enabled; + if (ioctl(s, SIOCS80211WPAPARMS, (caddr_t)&wpa) < 0) + err(1, "SIOCS80211WPAPARMS"); +} + +void setifwpapsk(const char *val, int d) { struct ieee80211_wpapsk psk; |