You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

994 lines
25 KiB
Bash

7 years ago
#!/bin/sh
#####################################################################
## Purpose
# This file contains common shell functions used by scripts of the
# wpasupplicant package to allow ifupdown to manage wpa_supplicant.
# It also contains some functions used by wpa_action(8) that allow
# ifupdown to be managed by wpa_cli(8) action events.
#
# This file is provided by the wpasupplicant package.
#####################################################################
# Copyright (C) 2006 - 2009 Debian/Ubuntu wpasupplicant Maintainers
# <pkg-wpa-devel@lists.alioth.debian.org>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# On Debian GNU/Linux systems, the text of the GPL license,
# version 2, can be found in /usr/share/common-licenses/GPL-2.
#####################################################################
## global variables
# wpa_supplicant variables
WPA_SUP_BIN="/sbin/wpa_supplicant"
WPA_SUP_PNAME="wpa_supplicant"
WPA_SUP_PIDFILE="/run/wpa_supplicant.${WPA_IFACE}.pid"
WPA_SUP_OMIT_DIR="/run/sendsigs.omit.d"
WPA_SUP_OMIT_PIDFILE="${WPA_SUP_OMIT_DIR}/wpasupplicant.wpa_supplicant.${WPA_IFACE}.pid"
# wpa_cli variables
WPA_CLI_BIN="/sbin/wpa_cli"
WPA_CLI_PNAME="wpa_cli"
WPA_CLI_PIDFILE="/run/wpa_action.${WPA_IFACE}.pid"
WPA_CLI_TIMESTAMP="/run/wpa_action.${WPA_IFACE}.timestamp"
WPA_CLI_IFUPDOWN="/run/wpa_action.${WPA_IFACE}.ifupdown"
# default ctrl_interface socket directory
if [ -z "$WPA_CTRL_DIR" ]; then
WPA_CTRL_DIR="/run/wpa_supplicant"
fi
# verbosity variables
if [ -n "$IF_WPA_VERBOSITY" ] || [ "$VERBOSITY" = "1" ]; then
TO_NULL="/dev/stdout"
DAEMON_VERBOSITY="--verbose"
else
TO_NULL="/dev/null"
DAEMON_VERBOSITY="--quiet"
fi
#####################################################################
## wpa_cli wrapper
# Path to common ctrl_interface socket and iface supplied.
# NB: WPA_CTRL_DIR cannot be used for interactive commands, it is
# set only in the environment that wpa_cli provides when processing
# action events.
#
wpa_cli () {
"$WPA_CLI_BIN" -p "$WPA_CTRL_DIR" -i "$WPA_IFACE" "$@"
return "$?"
}
#####################################################################
## verbose and stderr message wrapper
# Ensures a standard and easily identifiable message is printed by
# scripts using this function library.
#
# log Log a message to syslog when called non-interactively
# by wpa_action
#
# verbose To stdout when IF_WPA_VERBOSITY or VERBOSITY is true
#
# action Same as verbose but without newline
# Useful for allowing wpa_cli commands to echo result
# value of 'OK' or 'FAILED'
#
# stderr Echo warning or error messages to stderr
#
# NB: when called by wpa_action, there is no redirection (verbose)
#
wpa_msg () {
if [ "$1" = "log" ]; then
shift
case "$WPA_ACTION" in
"CONNECTED"|"DISCONNECTED")
[ -x /usr/bin/logger ] || return
if [ "$#" -gt 0 ]; then
logger -t "wpa_action" "$@"
else
logger -t "wpa_action"
fi
;;
*)
[ "$#" -gt 0 ] && echo "wpa_action: $@"
;;
esac
return
fi
case "$1" in
"verbose")
shift
echo "$WPA_SUP_PNAME: $@" >$TO_NULL
;;
"action")
shift
echo -n "$WPA_SUP_PNAME: $@ -- " >$TO_NULL
;;
"stderr")
shift
echo "$WPA_SUP_PNAME: $@" >/dev/stderr
;;
*)
;;
esac
}
#####################################################################
## validate daemon pid files
# Test daemon process ID files via start-stop-daemon with a signal 0
# given the exec binary and pidfile location.
#
# $1 daemon
# $2 pidfile
#
# Returns true when pidfile exists, the process ID exists _and_ was
# created by the exec binary.
#
# If the test fails, but the pidfile exists, it is stale
#
test_daemon_pidfile () {
local DAEMON
local PIDFILE
if [ -n "$1" ]; then
DAEMON="$1"
fi
if [ -f "$2" ]; then
PIDFILE="$2"
fi
if [ -n "$DAEMON" ] && [ -f "$PIDFILE" ]; then
if start-stop-daemon --stop --quiet --signal 0 \
--exec "$DAEMON" --pidfile "$PIDFILE"; then
return 0
else
rm -f "$PIDFILE"
return 1
fi
else
return 1
fi
}
# validate wpa_supplicant pidfile
test_wpa_supplicant () {
test_daemon_pidfile "$WPA_SUP_BIN" "$WPA_SUP_PIDFILE"
}
# validate wpa_cli pidfile
test_wpa_cli () {
test_daemon_pidfile "$WPA_CLI_BIN" "$WPA_CLI_PIDFILE"
}
#####################################################################
## daemonize wpa_supplicant
# Start wpa_supplicant via start-stop-dameon with all required
# options. Will start if environment variable WPA_SUP_CONF is present
#
# Default options:
# -B dameonize/background process
# -D driver backend ('wext' if none given)
# -P process ID file
# -C path to ctrl_interface socket directory
# -s log to syslog
#
# Conditional options:
# -c configuration file
# -W wait for wpa_cli to attach to ctrl_interface socket
# -b bridge interface name
# -f path to log file
#
init_wpa_supplicant () {
[ -n "$WPA_SUP_CONF" ] || return 0
local WPA_SUP_OPTIONS
WPA_SUP_OPTIONS="-s -B -P $WPA_SUP_PIDFILE -i $WPA_IFACE"
if [ -n "$WPA_ACTION_SCRIPT" ]; then
if [ -x "$WPA_ACTION_SCRIPT" ]; then
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -W"
wpa_msg verbose "wait for wpa_cli to attach"
else
wpa_msg stderr "action script \"$WPA_ACTION_SCRIPT\" not executable"
return 1
fi
fi
if [ -n "$IF_WPA_BRIDGE" ]; then
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -b $IF_WPA_BRIDGE"
wpa_msg verbose "wpa-bridge $IF_WPA_BRIDGE"
fi
if [ -n "$IF_WPA_DRIVER" ]; then
wpa_msg verbose "wpa-driver $IF_WPA_DRIVER"
case "$IF_WPA_DRIVER" in
hostap|ipw|madwifi|ndiswrapper)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D nl80211,wext"
wpa_msg stderr "\"$IF_WPA_DRIVER\" wpa-driver is unsupported"
wpa_msg stderr "using \"nl80211,wext\" wpa-driver instead ..."
;;
*)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D $IF_WPA_DRIVER"
;;
esac
else
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -D nl80211,wext"
wpa_msg verbose "wpa-driver nl80211,wext (default)"
fi
if [ -n "$IF_WPA_DEBUG_LEVEL" ]; then
case "$IF_WPA_DEBUG_LEVEL" in
3)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -ddd"
;;
2)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -dd"
;;
1)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -t -d"
;;
0)
# wpa_supplicant default verbosity
;;
-1)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -q"
;;
-2)
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -qq"
;;
esac
wpa_msg verbose "using debug level: $IF_WPA_DEBUG_LEVEL"
fi
if [ -n "$IF_WPA_LOGFILE" ]; then
# custom log file
WPA_SUP_OPTIONS="$WPA_SUP_OPTIONS -f $IF_WPA_LOGFILE"
WPA_SUP_LOGFILE="$IF_WPA_LOGFILE"
wpa_msg verbose "logging to $IF_WPA_LOGFILE"
fi
wpa_msg verbose "$WPA_SUP_BIN $WPA_SUP_OPTIONS $WPA_SUP_CONF"
start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
--name $WPA_SUP_PNAME --startas $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE \
-- $WPA_SUP_OPTIONS $WPA_SUP_CONF
if [ "$?" -ne 0 ]; then
wpa_msg stderr "$WPA_SUP_BIN daemon failed to start"
return 1
fi
local WPA_PIDFILE_WAIT
local MAX_WPA_PIDFILE_WAIT
WPA_PIDFILE_WAIT="0"
MAX_WPA_PIDFILE_WAIT="5"
until [ -s "$WPA_SUP_PIDFILE" ]; do
if [ "$WPA_PIDFILE_WAIT" -ge "$MAX_WPA_PIDFILE_WAIT" ]; then
wpa_msg stderr "timed out waiting for creation of $WPA_SUP_PIDFILE"
return 1
else
wpa_msg verbose "waiting for \"$WPA_SUP_PIDFILE\": " \
"$WPA_PIDFILE_WAIT (max. $MAX_WPA_PIDFILE_WAIT)"
fi
WPA_PIDFILE_WAIT=$(($WPA_PIDFILE_WAIT + 1))
sleep 1
done
if [ -d "${WPA_SUP_OMIT_DIR}" ]; then
wpa_msg verbose "creating sendsigs omission pidfile: $WPA_SUP_OMIT_PIDFILE"
cat "$WPA_SUP_PIDFILE" > "$WPA_SUP_OMIT_PIDFILE"
fi
local WPA_SOCKET_WAIT
local MAX_WPA_SOCKET_WAIT
WPA_SOCKET_WAIT="0"
MAX_WPA_SOCKET_WAIT="5"
until [ -S "$WPA_CTRL_DIR/$WPA_IFACE" ]; do
if [ "$WPA_SOCKET_WAIT" -ge "$MAX_WPA_SOCKET_WAIT" ]; then
wpa_msg stderr "ctrl_interface socket not found at $WPA_CTRL_DIR/$WPA_IFACE"
return 1
else
wpa_msg verbose "waiting for \"$WPA_CTRL_DIR/$WPA_IFACE\": " \
"$WPA_SOCKET_WAIT (max. $MAX_WPA_SOCKET_WAIT)"
fi
WPA_SOCKET_WAIT=$(($WPA_SOCKET_WAIT + 1))
sleep 1
done
wpa_msg verbose "ctrl_interface socket located at $WPA_CTRL_DIR/$WPA_IFACE"
}
#####################################################################
## stop wpa_supplicant process
# Kill wpa_supplicant via start-stop-daemon, given the location of
# the pidfile or ctrl_interface socket path and interface name
#
kill_wpa_supplicant () {
test_wpa_supplicant || return 0
wpa_msg verbose "terminating $WPA_SUP_PNAME daemon via pidfile $WPA_SUP_PIDFILE"
start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
--exec $WPA_SUP_BIN --pidfile $WPA_SUP_PIDFILE
if [ -f "$WPA_SUP_PIDFILE" ]; then
rm -f "$WPA_SUP_PIDFILE"
fi
if [ -f "$WPA_SUP_OMIT_PIDFILE" ]; then
wpa_msg verbose "removing $WPA_SUP_OMIT_PIDFILE"
rm -f "$WPA_SUP_OMIT_PIDFILE"
fi
}
#####################################################################
## reload wpa_supplicant process
# Sending a HUP signal causes wpa_supplicant to reparse its
# configuration file
#
reload_wpa_supplicant () {
if test_wpa_supplicant; then
wpa_msg verbose "reloading wpa_supplicant configuration file via HUP signal"
start-stop-daemon --stop --signal HUP \
--name "$WPA_SUP_PNAME" --pidfile "$WPA_SUP_PIDFILE"
else
wpa_msg verbose "cannot $WPA_ACTION, $WPA_SUP_PIDFILE does not exist"
fi
}
#####################################################################
## daemonize wpa_cli and action script
# If environment variable WPA_ACTION_SCRIPT is present, wpa_cli will
# be spawned via start-stop-daemon
#
# Required options:
# -a action script => wpa_action
# -P process ID file
# -B background process
#
init_wpa_cli () {
[ -n "$WPA_ACTION_SCRIPT" ] || return 0
local WPA_CLI_OPTIONS
WPA_CLI_OPTIONS="-B -P $WPA_CLI_PIDFILE -i $WPA_IFACE"
wpa_msg verbose "$WPA_CLI_BIN $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT"
start-stop-daemon --start --oknodo $DAEMON_VERBOSITY \
--name $WPA_CLI_PNAME --startas $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE \
-- $WPA_CLI_OPTIONS -p $WPA_CTRL_DIR -a $WPA_ACTION_SCRIPT
if [ "$?" -ne 0 ]; then
wpa_msg stderr "$WPA_CLI_BIN daemon failed to start"
return 1
fi
}
#####################################################################
## stop wpa_cli process
# Kill wpa_cli via start-stop-daemon, given the location of the
# pidfile
#
kill_wpa_cli () {
test_wpa_cli || return 0
wpa_msg verbose "terminating $WPA_CLI_PNAME daemon via pidfile $WPA_CLI_PIDFILE"
start-stop-daemon --stop --oknodo $DAEMON_VERBOSITY \
--exec $WPA_CLI_BIN --pidfile $WPA_CLI_PIDFILE
if [ -f "$WPA_CLI_PIDFILE" ]; then
rm -f "$WPA_CLI_PIDFILE"
fi
if [ -f "$WPA_CLI_TIMESTAMP" ]; then
rm -f "$WPA_CLI_TIMESTAMP"
fi
if [ -L "$WPA_CLI_IFUPDOWN" ]; then
rm -f "$WPA_CLI_IFUPDOWN"
fi
}
#####################################################################
## higher level wpa_cli wrapper for variable and set_network commands
# wpa_cli_do <value> <type> <variable> [set_network variable] <desc>
#
# $1 envorinment variable
# $2 data type of variable {raw|ascii}
# $3 wpa_cli variable, if $3 is set_network, shift and take
# set_network subvariable
# $4 wpa-* string as it would appear in interfaces file, enhances
# verbose messages
#
wpa_cli_do () {
if [ -z "$1" ]; then
return 0
fi
local WPACLISET_VALUE
local WPACLISET_VARIABLE
local WPACLISET_DESC
case "$2" in
ascii)
# Double quote
WPACLISET_VALUE="\"$1\""
;;
raw|*)
# Provide raw value
WPACLISET_VALUE="$1"
;;
esac
case "$3" in
set_network)
if [ -z "$WPA_ID" ]; then
return 1
fi
shift
WPACLISET_VARIABLE="set_network $WPA_ID $3"
;;
*)
WPACLISET_VARIABLE="$3"
;;
esac
case "$4" in
*-psk|*-passphrase|*-passwd*|*-password*|*-wep-key*)
WPACLISET_DESC="$4 *****"
;;
*)
WPACLISET_DESC="$4 $WPACLISET_VALUE"
;;
esac
wpa_msg action "$WPACLISET_DESC"
wpa_cli $WPACLISET_VARIABLE "$WPACLISET_VALUE" >$TO_NULL
if [ "$?" -ne 0 ]; then
wpa_msg stderr "$WPACLISET_DESC failed!"
fi
}
#####################################################################
## check value data type in plaintext or hex
# returns 0 if input consists of hexadecimal digits only, 1 otherwise
#
ishex () {
if [ -z "$1" ]; then
return 0
fi
case "$1" in
*[!0-9a-fA-F]*)
# plaintext
return 1
;;
*)
# hexadecimal
return 0
;;
esac
}
#####################################################################
## sanity check and set psk|passphrase
# Warn about strange psk|passphrase values
#
# $1 psk or passphrase value
#
# If psk is surrounded by quotes strip them.
#
# If psk contains all hexadecimal characters and string length is 64:
# is 256bit hexadecimal
# else:
# is plaintext
#
# plaintext passphrases must be 8 - 63 characters in length
# 256-bit hexadecimal key must be 64 characters in length
#
wpa_key_check_and_set () {
if [ "$#" -ne 3 ]; then
return 0
fi
local KEY
local KEY_LEN
local KEY_TYPE
local ENC_TYPE
case "$1" in
'"'*'"')
# Strip surrounding quotation marks
KEY=$(echo -n "$1" | sed 's/^"//;s/"$//')
;;
*)
KEY="$1"
;;
esac
KEY_LEN="${#KEY}"
case "$2" in
wep_key*)
ENC_TYPE="WEP"
;;
psk)
ENC_TYPE="WPA"
;;
*)
return 0
;;
esac
if [ "$ENC_TYPE" = "WEP" ]; then
if ishex "$KEY"; then
case "$KEY_LEN" in
10|26|32|58)
# 64/128/152/256-bit WEP
KEY_TYPE="raw"
;;
*)
KEY_TYPE="ascii"
;;
esac
else
KEY_TYPE="ascii"
fi
if [ "$KEY_TYPE" = "ascii" ]; then
if [ "$KEY_LEN" -lt "5" ]; then
wpa_msg stderr "WARNING: plaintext or ascii WEP key has $KEY_LEN characters,"
wpa_msg stderr "it must have at least 5 to be valid."
fi
fi
elif [ "$ENC_TYPE" = "WPA" ]; then
if ishex "$KEY"; then
case "$KEY_LEN" in
64)
# 256-bit WPA
KEY_TYPE="raw"
;;
*)
KEY_TYPE="ascii"
;;
esac
else
KEY_TYPE="ascii"
fi
if [ "$KEY_TYPE" = "ascii" ]; then
if [ "$KEY_LEN" -lt "8" ] || [ "$KEY_LEN" -gt "63" ]; then
wpa_msg stderr "WARNING: plaintext or ascii WPA key has $KEY_LEN characters,"
wpa_msg stderr "it must have between 8 and 63 to be valid."
wpa_msg stderr "If the WPA key is a 256-bit hexadecimal key, it must have"
wpa_msg stderr "exactly 64 characters."
fi
fi
fi
wpa_cli_do "$KEY" "$KEY_TYPE" set_network "$2" "$3"
}
#####################################################################
## formulate a usable configuration from interfaces(5) wpa- lines
# A series of wpa_cli commands corresponding to environment variables
# created as a result of wpa- lines in an interfaces stanza.
#
# NB: no-act when roaming daemon is used (to avoid prematurely
# attaching to ctrl_interface socket)
#
conf_wpa_supplicant () {
if [ -n "$WPA_ACTION_SCRIPT" ]; then
return 0
fi
if [ "$IF_WPA_DRIVER" = "wired" ]; then
IF_WPA_AP_SCAN="0"
wpa_msg verbose "forcing ap_scan=0 (required for wired IEEE8021X auth)"
fi
if [ -n "$IF_WPA_ESSID" ]; then
# #403316, be similar to wireless tools
IF_WPA_SSID="$IF_WPA_ESSID"
fi
wpa_cli_do "$IF_WPA_AP_SCAN" raw \
ap_scan wpa-ap-scan
wpa_cli_do "$IF_WPA_PREAUTHENTICATE" raw \
preauthenticate wpa-preauthenticate
if [ -n "$IF_WPA_SSID" ] || [ "$IF_WPA_DRIVER" = "wired" ] || \
[ -n "$IF_WPA_KEY_MGMT" ]; then
case "$IF_WPA_SSID" in
'"'*'"')
IF_WPA_SSID=$(echo -n "$IF_WPA_SSID" | sed 's/^"//;s/"$//')
;;
*)
;;
esac
WPA_ID=$(wpa_cli add_network)
wpa_msg verbose "configuring network block -- $WPA_ID"
wpa_cli_do "$IF_WPA_SSID" ascii \
set_network ssid wpa-ssid
wpa_cli_do "$IF_WPA_PRIORITY" raw \
set_network priority wpa-priority
wpa_cli_do "$IF_WPA_BSSID" raw \
set_network bssid wpa-bssid
if [ -s "$IF_WPA_PSK_FILE" ]; then
IF_WPA_PSK=$(cat "$IF_WPA_PSK_FILE")
fi
# remain compat with wpa-passphrase-file
if [ -s "$IF_WPA_PASSPHRASE_FILE" ]; then
IF_WPA_PSK=$(cat "$IF_WPA_PASSPHRASE_FILE")
fi
# remain compat with wpa-passphrase
if [ -n "$IF_WPA_PASSPHRASE" ]; then
IF_WPA_PSK="$IF_WPA_PASSPHRASE"
fi
if [ -n "$IF_WPA_PSK" ]; then
wpa_key_check_and_set "$IF_WPA_PSK" \
psk wpa-psk
fi
wpa_cli_do "$IF_WPA_PAIRWISE" raw \
set_network pairwise wpa-pairwise
wpa_cli_do "$IF_WPA_GROUP" raw \
set_network group wpa-group
wpa_cli_do "$IF_WPA_MODE" raw \
set_network mode wpa-mode
wpa_cli_do "$IF_WPA_FREQUENCY" raw \
set_network frequency wpa-frequency
wpa_cli_do "$IF_WPA_SCAN_FREQ" raw \
set_network scan_freq wpa-scan-freq
wpa_cli_do "$IF_WPA_FREQ_LIST" raw \
set_network freq_list wpa-freq-list
wpa_cli_do "$IF_WPA_KEY_MGMT" raw \
set_network key_mgmt wpa-key-mgmt
wpa_cli_do "$IF_WPA_PROTO" raw \
set_network proto wpa-proto
wpa_cli_do "$IF_WPA_AUTH_ALG" raw \
set_network auth_alg wpa-auth-alg
wpa_cli_do "$IF_WPA_SCAN_SSID" raw \
set_network scan_ssid wpa-scan-ssid
wpa_cli_do "$IF_WPA_IDENTITY" ascii \
set_network identity wpa-identity
wpa_cli_do "$IF_WPA_ANONYMOUS_IDENTITY" ascii \
set_network anonymous_identity wpa-anonymous-identity
wpa_cli_do "$IF_WPA_EAP" raw \
set_network eap wpa-eap
wpa_cli_do "$IF_WPA_EAPPSK" raw \
set_network eappsk wpa-eappsk
wpa_cli_do "$IF_WPA_NAI" ascii \
set_network nai wpa-nai
wpa_cli_do "$IF_WPA_PASSWORD" ascii \
set_network password wpa-password
wpa_cli_do "$IF_WPA_CA_CERT" ascii \
set_network ca_cert wpa-ca-cert
wpa_cli_do "$IF_WPA_CA_PATH" ascii \
set_network ca_path wpa-ca-path
wpa_cli_do "$IF_WPA_CLIENT_CERT" ascii \
set_network client_cert wpa-client-cert
wpa_cli_do "$IF_WPA_PRIVATE_KEY" ascii \
set_network private_key wpa-private-key
wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD" ascii \
set_network private_key_passwd wpa-private-key-passwd
wpa_cli_do "$IF_WPA_DH_FILE" ascii \
set_network dh_file wpa-dh-file
wpa_cli_do "$IF_WPA_SUBJECT_MATCH" ascii \
set_network subject_match wpa-subject-match
wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH" ascii \
set_network altsubject_match wpa-altsubject-match
wpa_cli_do "$IF_WPA_CA_CERT2" ascii \
set_network ca_cert2 wpa-ca-cert2
wpa_cli_do "$IF_WPA_CA_PATH2" ascii \
set_network ca_path2 wpa-ca-path2
wpa_cli_do "$IF_WPA_CLIENT_CERT2" ascii \
set_network client_cert2 wpa-client-cert2
wpa_cli_do "$IF_WPA_PRIVATE_KEY2" ascii \
set_network private_key2 wpa-private-key2
wpa_cli_do "$IF_WPA_PRIVATE_KEY_PASSWD2" ascii \
set_network private_key_passwd2 wpa-private-key-passwd2
wpa_cli_do "$IF_WPA_DH_FILE2" ascii \
set_network dh_file2 wpa-dh-file2
wpa_cli_do "$IF_WPA_SUBJECT_MATCH2" ascii \
set_network subject_match2 wpa-subject-match2
wpa_cli_do "$IF_WPA_ALTSUBJECT_MATCH2" ascii \
set_network altsubject_match2 wpa-altsubject-match2
wpa_cli_do "$IF_WPA_EAP_METHODS" raw \
set_network eap_methods wpa-eap-methods
wpa_cli_do "$IF_WPA_PHASE1" ascii \
set_network phase1 wpa-phase1
wpa_cli_do "$IF_WPA_PHASE2" ascii \
set_network phase2 wpa-phase2
wpa_cli_do "$IF_WPA_PCSC" raw \
set_network pcsc wpa-pcsc
wpa_cli_do "$IF_WPA_PIN" ascii \
set_network pin wpa-pin
wpa_cli_do "$IF_WPA_ENGINE" raw \
set_network engine wpa-engine
wpa_cli_do "$IF_WPA_ENGINE_ID" ascii \
set_network engine_id wpa-engine-id
wpa_cli_do "$IF_WPA_KEY_ID" ascii \
set_network key_id wpa-key-id
wpa_cli_do "$IF_WPA_EAPOL_FLAGS" raw \
set_network eapol_flags wpa-eapol-flags
if [ -n "$IF_WPA_WEP_KEY0" ]; then
wpa_key_check_and_set "$IF_WPA_WEP_KEY0" \
wep_key0 wpa-wep-key0
fi
if [ -n "$IF_WPA_WEP_KEY1" ]; then
wpa_key_check_and_set "$IF_WPA_WEP_KEY1" \
wep_key1 wpa-wep-key1
fi
if [ -n "$IF_WPA_WEP_KEY2" ]; then
wpa_key_check_and_set "$IF_WPA_WEP_KEY2" \
wep_key2 wpa-wep-key2
fi
if [ -n "$IF_WPA_WEP_KEY3" ]; then
wpa_key_check_and_set "$IF_WPA_WEP_KEY3" \
wep_key3 wpa-wep-key3
fi
wpa_cli_do "$IF_WPA_WEP_TX_KEYIDX" raw \
set_network wep_tx_keyidx wpa-wep-tx-keyidx
wpa_cli_do "$IF_WPA_PROACTIVE_KEY_CACHING" raw \
set_network proactive_key_caching wpa-proactive-key-caching
wpa_cli_do "$IF_WPA_PAC_FILE" ascii \
set_network pac_file wpa-pac-file
wpa_cli_do "$IF_WPA_PEERKEY" raw \
set_network peerkey wpa-peerkey
wpa_cli_do "$IF_FRAGMENT_SIZE" raw \
set_network fragment_size wpa-fragment-size
wpa_cli_do "$IF_WPA_ID_STR" ascii \
set_network id_str wpa-id-str
wpa_cli_do "$WPA_ID" raw \
enable_network "enabling network block"
fi
}
#####################################################################
## Log wpa_cli environment variables
wpa_log_env () {
wpa_msg log "WPA_IFACE=$WPA_IFACE WPA_ACTION=$WPA_ACTION"
wpa_msg log "WPA_ID=$WPA_ID WPA_ID_STR=$WPA_ID_STR WPA_CTRL_DIR=$WPA_CTRL_DIR"
}
#####################################################################
## hysteresis checking
# Networking tools such as dhcp clients used with ifupdown can
# synthesize artificial ACTION events, particularly just after a
# DISCONNECTED/CONNECTED events are experienced in quick succession.
# This can lead to infinite event loops, and in extreme cases has the
# potential to cause system instability.
#
wpa_hysteresis_event () {
echo "$(date +%s)" > "$WPA_CLI_TIMESTAMP" 2>/dev/null
}
wpa_hysteresis_check () {
if [ -f "$WPA_CLI_TIMESTAMP" ]; then
local TIME
local TIMESTAMP
local TIMEWAIT
TIME=$(date +%s)
# current time minus 4 second event buffer
TIMEWAIT=$(($TIME-4))
# get time of last event
TIMESTAMP=$(cat $WPA_CLI_TIMESTAMP)
# compare values, allowing new action to be processed
# only if last action was more than 4 seconds ago
if [ "$TIMEWAIT" -le "$TIMESTAMP" ]; then
wpa_msg log "$WPA_ACTION event blocked by hysteresis check"
return 1
fi
fi
return 0
}
#####################################################################
## ifupdown locking functions
# A collection of rudimentary locking functions to lock ifup/ifdown
# actions.
#
ifupdown_lock () {
ln -s lock "$WPA_CLI_IFUPDOWN"
}
ifupdown_locked () {
[ -L "$WPA_CLI_IFUPDOWN" ] && return 0
return 1
}
ifupdown_unlock () {
rm -f "$WPA_CLI_IFUPDOWN"
}
#####################################################################
## apply mapping logic and ifup logical interface
# Apply mapping logic via id_str or external mapping script, check
# state of IFACE with respect to ifupdown and ifup logical interaface
#
ifup () {
local INTERFACES_FILE
local IFUP_RETVAL
local WPA_LOGICAL_IFACE
if [ -e /etc/network/interfaces ]; then
INTERFACES_FILE="/etc/network/interfaces"
else
wpa_msg log "/etc/network/interfaces does not exist, $WPA_IFACE will not be configured"
return 1
fi
if [ -z "$IF_WPA_MAPPING_SCRIPT_PRIORITY" ] && [ -n "$WPA_ID_STR" ]; then
WPA_LOGICAL_IFACE="$WPA_ID_STR"
fi
if [ -z "$WPA_LOGICAL_IFACE" ] && [ -n "$IF_WPA_MAPPING_SCRIPT" ]; then
local WPA_MAP_STDIN
WPA_MAP_STDIN=$(set | sed -n 's/^\(IF_WPA_MAP[0-9]*\)=.*/echo \$\1/p')
if [ -n "$WPA_MAP_STDIN" ]; then
WPA_LOGICAL_IFACE=$(eval "$WPA_MAP_STDIN" | "$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
else
WPA_LOGICAL_IFACE=$("$IF_WPA_MAPPING_SCRIPT" "$WPA_IFACE")
fi
if [ -n "$WPA_LOGICAL_IFACE" ]; then
wpa_msg log "mapping script result: $WPA_LOGICAL_IFACE"
else
wpa_msg log "mapping script failed."
fi
fi
if [ -z "$WPA_LOGICAL_IFACE" ]; then
if [ -n "$IF_WPA_ROAM_DEFAULT_IFACE" ]; then
WPA_LOGICAL_IFACE="$IF_WPA_ROAM_DEFAULT_IFACE"
else
WPA_LOGICAL_IFACE="default"
fi
fi
if [ -n "$WPA_LOGICAL_IFACE" ]; then
committing changes in /etc after apt run Package changes: -adduser 3.116 all +adduser 3.117 all -apt 1.6~alpha3 armhf -apt-listchanges 3.14 all -apt-utils 1.6~alpha3 armhf -aptitude 0.8.9-1 armhf -aptitude-common 0.8.9-1 all -avahi-daemon 0.7-3 armhf -base-files 10+rpi1 armhf +apt 1.6~beta1 armhf +apt-listchanges 3.16 all +apt-utils 1.6~beta1 armhf +aptitude 0.8.10-6 armhf +aptitude-common 0.8.10-6 all +avahi-daemon 0.7-3.1+b1 armhf +base-files 10.1+rpi1 armhf -bash 4.4-5 armhf -bash-completion 1:2.1-4.3 all -bind9 1:9.10.3.dfsg.P4-12.6 armhf -bind9-host 1:9.10.3.dfsg.P4-12.6 armhf -bind9utils 1:9.10.3.dfsg.P4-12.6 armhf -binutils 2.29.1-6+rpi1 armhf -binutils-arm-linux-gnueabihf 2.29.1-6+rpi1 armhf -binutils-common 2.29.1-6+rpi1 armhf +bash 4.4.18-1.1 armhf +bash-completion 1:2.7-1 all +bind9 1:9.11.2.P1-1 armhf +bind9-host 1:9.11.2.P1-1 armhf +bind9utils 1:9.11.2.P1-1 armhf +binutils 2.30-7+rpi1 armhf +binutils-arm-linux-gnueabihf 2.30-7+rpi1 armhf +binutils-common 2.30-7+rpi1 armhf -bluez 5.47-1 armhf -bluez-firmware 1.2-3+rpi2 all -bridge-utils 1.5-14 armhf +bluez 5.47-1+b3 armhf +bluez-firmware 1.2-3+rpt4.1 all +bridge-utils 1.5-15 armhf -bsdmainutils 9.0.14 armhf -bsdutils 1:2.30.2-0.1 armhf +bsdmainutils 11.1.2 armhf +bsdutils 1:2.31.1-0.4 armhf -certbot 0.19.0-1 all +certbot 0.21.1-1 all -console-setup 1.170 all -console-setup-linux 1.170 all -coreutils 8.26-3 armhf -cpio 2.11+dfsg-6 armhf +console-setup 1.178 all +console-setup-linux 1.178 all +coreutils 8.28-1 armhf +cpio 2.12+dfsg-6 armhf -cpp-6 6.4.0-6 armhf -cpp-7 7.2.0-12 armhf +cpp-6 6.4.0-12+rpi1 armhf +cpp-7 7.3.0-5 armhf -curl 7.56.1-1 armhf -dash 0.5.8-2.5 armhf -dbus 1.12.0-1 armhf -dc 1.06.95-9 armhf -debconf 1.5.64 all -debconf-i18n 1.5.64 all -debconf-utils 1.5.64 all -debianutils 4.8.2 armhf +curl 7.58.0-2 armhf +dash 0.5.8-2.10 armhf +dbus 1.12.6-2 armhf +dc 1.07.1-1 armhf +debconf 1.5.66 all +debconf-i18n 1.5.66 all +debconf-utils 1.5.66 all +debianutils 4.8.4 armhf -dhcpcd5 1:6.11.5-1+rpt2 armhf +dhcpcd5 1:6.11.5-1+rpt4 armhf -dirmngr 2.2.1-5 armhf +dirmngr 2.2.5-1 armhf -dmsetup 2:1.02.142-1 armhf -dnsutils 1:9.10.3.dfsg.P4-12.6 armhf +dmsetup 2:1.02.145-4.1 armhf +dnsutils 1:9.11.2.P1-1 armhf -dpkg 1.19.0.4 armhf -dpkg-dev 1.19.0.4 all -e2fslibs 1.43.7-1 armhf -e2fsprogs 1.43.7-1 armhf -e2fsprogs-l10n 1.43.7-1 all +dpkg 1.19.0.5 armhf +dpkg-dev 1.19.0.5 all +e2fslibs 1.44.0-1 armhf +e2fsprogs 1.44.0-1 armhf +e2fsprogs-l10n 1.44.0-1 all -elinks 0.12~pre6-12+b1 armhf -elinks-data 0.12~pre6-12 all -etckeeper 1.18.5-1 all -exim4-base 4.89-7 armhf -exim4-config 4.89-7 all -exim4-daemon-light 4.89-7 armhf -eyed3 0.8-1 all -fail2ban 0.9.7-2 all +elinks 0.12~pre6-13 armhf +elinks-data 0.12~pre6-13 all +etckeeper 1.18.7-1 all +exim4-base 4.90.1-1 armhf +exim4-config 4.90.1-1 all +exim4-daemon-light 4.90.1-1 armhf +eyed3 0.8.4-2 all +fail2ban 0.10.2-1 all -fakeroot 1.22-1 armhf -fbset 2.1-29 armhf -fdisk 2.30.2-0.1 armhf -file 1:5.32-1 armhf -findutils 4.6.0+git+20170729-2 armhf -firmware-atheros 1:20161130-3+rpi2 all -firmware-brcm80211 1:20161130-3+rpi2 all -firmware-libertas 1:20161130-3+rpi2 all -firmware-misc-nonfree 1:20161130-3+rpi2 all -firmware-realtek 1:20161130-3+rpi2 all -fontconfig-config 2.12.3-0.2 all +fakeroot 1.22-2 armhf +fbset 2.1-30 armhf +fdisk 2.31.1-0.4 armhf +file 1:5.32-2 armhf +findutils 4.6.0+git+20170828-2 armhf +firmware-atheros 1:20161130-3+rpt3 all +firmware-brcm80211 1:20161130-3+rpt3 all +firmware-libertas 1:20161130-3+rpt3 all +firmware-misc-nonfree 1:20161130-3+rpt3 all +firmware-realtek 1:20161130-3+rpt3 all +fontconfig-config 2.12.6-0.1 all -g++-7 7.2.0-12 armhf -gawk 1:4.1.4+dfsg-1 armhf +g++-7 7.3.0-5 armhf +gawk 1:4.1.4+dfsg-1+b1 armhf -gcc-4.9-base 4.9.3-14 armhf -gcc-5-base 5.4.1-4 armhf -gcc-6 6.4.0-6 armhf -gcc-6-base 6.4.0-6 armhf -gcc-7 7.2.0-12 armhf -gcc-7-base 7.2.0-12 armhf -gdb 7.12-6 armhf -geoip-database 20170928-1 all +gcc-4.9-base 4.9.4-2+rpi1 armhf +gcc-5-base 5.5.0-8 armhf +gcc-6 6.4.0-12+rpi1 armhf +gcc-6-base 6.4.0-12+rpi1 armhf +gcc-7 7.3.0-5 armhf +gcc-7-base 7.3.0-5 armhf +gcc-8-base 8-20180218-1+rpi1 armhf +gdb 7.12-6+b1 armhf +geoip-database 20180215-1 all -gir1.2-glib-2.0 1.54.1-2 armhf -git 1:2.14.2-1 armhf -git-man 1:2.14.2-1 all -gnupg 2.2.1-5 armhf -gnupg-agent 2.2.1-5 all -gnupg-l10n 2.2.1-5 all -gnupg-utils 2.2.1-5 armhf -gpg 2.2.1-5 armhf -gpg-agent 2.2.1-5 armhf -gpg-wks-client 2.2.1-5 armhf -gpg-wks-server 2.2.1-5 armhf -gpgconf 2.2.1-5 armhf -gpgsm 2.2.1-5 armhf -gpgv 2.2.1-5 armhf +gir1.2-glib-2.0 1.54.1-4 armhf +git 1:2.16.2-1 armhf +git-man 1:2.16.2-1 all +gnupg 2.2.5-1 armhf +gnupg-agent 2.2.5-1 all +gnupg-l10n 2.2.5-1 all +gnupg-utils 2.2.5-1 armhf +gpg 2.2.5-1 armhf +gpg-agent 2.2.5-1 armhf +gpg-wks-client 2.2.5-1 armhf +gpg-wks-server 2.2.5-1 armhf +gpgconf 2.2.5-1 armhf +gpgsm 2.2.5-1 armhf +gpgv 2.2.5-1 armhf -groff-base 1.22.3-9 armhf +groff-base 1.22.3-10 armhf -hostname 3.18 armhf -htop 2.0.2-1 armhf -i2c-tools 3.1.2-3+b1 armhf -id3tool 1.2a-7 armhf -id3v2 0.1.12-3 armhf -ifupdown 0.8.29 armhf -info 6.5.0.dfsg.1-1 armhf +hostname 3.20 armhf +htop 2.1.0-3 armhf +i2c-tools 4.0-2 armhf +id3tool 1.2a-8 armhf +id3v2 0.1.12+dfsg-1 armhf +ifupdown 0.8.31 armhf +info 6.5.0.dfsg.1-2 armhf -install-info 6.5.0.dfsg.1-1 armhf +install-info 6.5.0.dfsg.1-2 armhf -iproute2 4.9.0-2 armhf -iptables 1.6.1-2+b1 armhf +iproute2 4.15.0-2 armhf +iptables 1.6.2-1 armhf -isc-dhcp-client 4.3.5-3 armhf -isc-dhcp-common 4.3.5-3+b1 armhf -isc-dhcp-server 4.3.5-3 armhf -iso-codes 3.76-1 all -iw 4.9-0.1 armhf +isc-dhcp-client 4.3.5-3.1 armhf +isc-dhcp-common 4.3.5-3.1 armhf +isc-dhcp-server 4.3.5-3.1 armhf +iso-codes 3.79-1 all +iw 4.14-0.1 armhf -keyboard-configuration 1.170 all -keyutils 1.5.9-9 armhf -klibc-utils 2.0.4-9+rpi1 armhf -kmod 24-1 armhf -less 481-2.1 armhf +keyboard-configuration 1.178 all +keyutils 1.5.9-9.2 armhf +klibc-utils 2.0.4-11+rpi1 armhf +kmod 25-1 armhf +less 487-0.1 armhf -libalgorithm-diff-xs-perl 0.04-4+b3 armhf +libalgorithm-diff-xs-perl 0.04-5 armhf -libapparmor1 2.11.1-2 armhf -libapt-inst2.0 1.6~alpha3 armhf -libapt-pkg5.0 1.6~alpha3 armhf -libasan3 6.4.0-6 armhf -libasan4 7.2.0-12 armhf +libapparmor1 2.12-3 armhf +libapt-inst2.0 1.6~beta1 armhf +libapt-pkg5.0 1.6~beta1 armhf +libargon2-0 0~20161029-1.1 armhf +libasan3 6.4.0-12+rpi1 armhf +libasan4 7.3.0-5 armhf -libassuan0 2.4.3-3 armhf -libatomic1 7.2.0-12 armhf +libassuan0 2.5.1-2 armhf +libatomic1 8-20180218-1+rpi1 armhf -libaudit-common 1:2.8.1-1 all -libaudit1 1:2.8.1-1 armhf +libaudit-common 1:2.8.2-1 all +libaudit1 1:2.8.2-1 armhf -libavahi-common-data 0.7-3 armhf -libavahi-common3 0.7-3 armhf -libavahi-core7 0.7-3 armhf -libbabeltrace-ctf1 1.5.3-4 all -libbabeltrace1 1.5.3-4 armhf +libavahi-common-data 0.7-3.1+b1 armhf +libavahi-common3 0.7-3.1+b1 armhf +libavahi-core7 0.7-3.1+b1 armhf +libbabeltrace-ctf1 1.5.4-1 all +libbabeltrace1 1.5.4-1 armhf -libbinutils 2.29.1-6+rpi1 armhf +libbind9-160 1:9.11.2.P1-1 armhf +libbinutils 2.30-7+rpi1 armhf -libblkid1 2.30.2-0.1 armhf -libboost-filesystem1.62.0 1.62.0+dfsg-4+b2 armhf +libblkid1 2.31.1-0.4 armhf +libboost-filesystem1.62.0 1.62.0+dfsg-5 armhf -libboost-iostreams1.62.0 1.62.0+dfsg-4+b2 armhf -libboost-system1.62.0 1.62.0+dfsg-4+b2 armhf -libbsd0 0.8.6-2 armhf +libboost-iostreams1.62.0 1.62.0+dfsg-5 armhf +libboost-system1.62.0 1.62.0+dfsg-5 armhf +libbsd0 0.8.7-1 armhf -libc-bin 2.24-17 armhf -libc-dev-bin 2.24-17 armhf -libc-l10n 2.24-17 all -libc6 2.24-17 armhf -libc6-dbg 2.24-17 armhf -libc6-dev 2.24-17 armhf +libc-bin 2.27-1+rpi1 armhf +libc-dev-bin 2.27-1+rpi1 armhf +libc-l10n 2.27-1+rpi1 all +libc6 2.27-1+rpi1 armhf +libc6-dbg 2.27-1+rpi1 armhf +libc6-dev 2.27-1+rpi1 armhf -libcap2 1:2.25-1.1 armhf -libcap2-bin 1:2.25-1.1 armhf -libcc1-0 7.2.0-12 armhf -libcilkrts5 7.2.0-12 armhf -libcomerr2 1.43.7-1 armhf +libcap2 1:2.25-1.2 armhf +libcap2-bin 1:2.25-1.2 armhf +libcc1-0 8-20180218-1+rpi1 armhf +libcilkrts5 7.3.0-5 armhf +libcom-err2 1.44.0-1 armhf +libcomerr2 1.44.0-1 armhf +libcryptsetup12 2:2.0.1-1 armhf -libcurl3 7.56.1-1 armhf -libcurl3-gnutls 7.56.1-1 armhf -libcwidget3v5 0.5.17-6 armhf +libcurl3 7.58.0-2 armhf +libcurl3-gnutls 7.58.0-2 armhf +libcwidget3v5 0.5.17-7 armhf -libdbus-1-3 1.12.0-1 armhf -libdbus-glib-1-2 0.108-2 armhf -libdebconfclient0 0.232 armhf -libdevmapper1.02.1 2:1.02.142-1 armhf +libdbus-1-3 1.12.6-2 armhf +libdbus-glib-1-2 0.110-2 armhf +libdebconfclient0 0.241 armhf +libdevmapper1.02.1 2:1.02.145-4.1 armhf +libdns-export169 1:9.11.2.P1-1 armhf -libdpkg-perl 1.19.0.4 all -libdrm-common 2.4.85-1+rpi1 all -libdrm2 2.4.85-1+rpi1 armhf -libdw1 0.170-0.1 armhf +libdns169 1:9.11.2.P1-1 armhf +libdpkg-perl 1.19.0.5 all +libdrm-common 2.4.90-1+rpi1 all +libdrm2 2.4.90-1+rpi1 armhf +libdw1 0.170-0.3 armhf -libelf1 0.170-0.1 armhf +libelf1 0.170-0.3 armhf -libexpat1 2.2.3-1 armhf -libexpat1-dev 2.2.3-1 armhf -libfakeroot 1.22-1 armhf -libfastjson4 0.99.7-1 armhf -libfdisk1 2.30.2-0.1 armhf -libffi6 3.2.1-6 armhf -libfftw3-single3 3.3.6p2-2 armhf +libexpat1 2.2.5-3 armhf +libexpat1-dev 2.2.5-3 armhf +libext2fs2 1.44.0-1 armhf +libfakeroot 1.22-2 armhf +libfastjson4 0.99.8-2 armhf +libfdisk1 2.31.1-0.4 armhf +libffi6 3.2.1-8 armhf +libfftw3-single3 3.3.7-1 armhf -libfontconfig1 2.12.3-0.2 armhf -libfreetype6 2.8.1-0.1 armhf -libfreetype6-dev 2.8.1-0.1 armhf +libfontconfig1 2.12.6-0.1 armhf +libfreetype6 2.8.1-2 armhf +libfreetype6-dev 2.8.1-2 armhf -libgcc-6-dev 6.4.0-6 armhf -libgcc-7-dev 7.2.0-12 armhf -libgcc1 1:7.2.0-12 armhf -libgcrypt20 1.7.9-1 armhf +libgcc-6-dev 6.4.0-12+rpi1 armhf +libgcc-7-dev 7.3.0-5 armhf +libgcc1 1:8-20180218-1+rpi1 armhf +libgcrypt20 1.8.1-4 armhf +libgdbm-compat4 1.14.1-4 armhf -libgeoip1 1.6.11-2 armhf -libgfortran4 7.2.0-12 armhf -libgirepository-1.0-1 1.54.1-2 armhf -libglib2.0-0 2.54.1-1 armhf -libglib2.0-data 2.54.1-1 all -libgmp10 2:6.1.2+dfsg-1.1 armhf -libgnutls30 3.5.16-1 armhf -libgomp1 7.2.0-12 armhf -libgpg-error0 1.27-4 armhf -libgpm2 1.20.4-6.2 armhf -libgssapi-krb5-2 1.15.2-2 armhf -libhogweed4 3.3-2 armhf +libgdbm5 1.14.1-4 armhf +libgeoip1 1.6.12-1 armhf +libgfortran4 7.3.0-5 armhf +libgirepository-1.0-1 1.54.1-4 armhf +libglib2.0-0 2.54.3-2 armhf +libglib2.0-data 2.54.3-2 all +libgmp10 2:6.1.2+dfsg-3 armhf +libgnutls30 3.5.18-1 armhf +libgomp1 8-20180218-1+rpi1 armhf +libgpg-error0 1.27-6 armhf +libgpm2 1.20.7-5 armhf +libgssapi-krb5-2 1.16-2 armhf +libhogweed4 3.4-1 armhf -libhtml-tree-perl 5.03-2 all -libhttp-cookies-perl 6.01-1 all +libhtml-tree-perl 5.07-1 all +libhttp-cookies-perl 6.04-1 all -libhttp-message-perl 6.13-1 all +libhttp-message-perl 6.14-1 all +libi2c0 4.0-2 armhf -libidn11 1.33-2 armhf -libidn2-0 2.0.2-5 armhf +libidn11 1.33-2.1 armhf +libidn2-0 2.0.4-1.1 armhf -libio-socket-ssl-perl 2.052-1 all -libip4tc0 1.6.1-2+b1 armhf -libip6tc0 1.6.1-2+b1 armhf -libiptc0 1.6.1-2+b1 armhf +libio-socket-ssl-perl 2.056-1 all +libip4tc0 1.6.2-1 armhf +libip6tc0 1.6.2-1 armhf +libiptc0 1.6.2-1 armhf +libirs-export160 1:9.11.2.P1-1 armhf +libirs160 1:9.11.2.P1-1 armhf +libisc-export166 1:9.11.2.P1-1 armhf +libisc166 1:9.11.2.P1-1 armhf +libisccc160 1:9.11.2.P1-1 armhf +libisccfg-export160 1:9.11.2.P1-1 armhf +libisccfg160 1:9.11.2.P1-1 armhf -libjim0.77 0.77-2 armhf -libjpeg62-turbo 1:1.5.2-2 armhf +libjim0.77 0.77+dfsg0-2 armhf +libjpeg62-turbo 1:1.5.2-2+b1 armhf -libjs-sphinxdoc 1.6.5-2 all +libjs-sphinxdoc 1.6.7-1 all -libk5crypto3 1.15.2-2 armhf -libkeyutils1 1.5.9-9 armhf -libklibc 2.0.4-9+rpi1 armhf -libkmod2 24-1 armhf -libkrb5-3 1.15.2-2 armhf -libkrb5support0 1.15.2-2 armhf +libjson-c3 0.12.1-1.3 armhf +libk5crypto3 1.16-2 armhf +libkeyutils1 1.5.9-9.2 armhf +libklibc 2.0.4-11+rpi1 armhf +libkmod2 25-1 armhf +libkrb5-3 1.16-2 armhf +libkrb5support0 1.16-2 armhf +liblmdb0 0.9.21-1 armhf -liblockfile-bin 1.14-1 armhf -liblockfile1 1.14-1 armhf -liblogging-stdlog0 1.0.6-1 armhf +liblockfile-bin 1.14-1.1 armhf +liblockfile1 1.14-1.1 armhf +liblogging-stdlog0 1.0.6-3 armhf +liblwres160 1:9.11.2.P1-1 armhf -libmagic-mgc 1:5.32-1 armhf -libmagic1 1:5.32-1 armhf +libmagic-mgc 1:5.32-2 armhf +libmagic1 1:5.32-2 armhf -libmount1 2.30.2-0.1 armhf -libmpc3 1.0.3-2 armhf +libmount1 2.31.1-0.4 armhf +libmpc3 1.1.0-1 armhf +libmpfr6 4.0.0-7 armhf -libncurses5 6.0+20170902-1 armhf -libncursesw5 6.0+20170902-1 armhf +libncurses5 6.1-1 armhf +libncursesw5 6.1-1 armhf -libnet-ssleay-perl 1.80-1+b1 armhf +libnet-ssleay-perl 1.84-1 armhf -libnettle6 3.3-2 armhf -libnewt0.52 0.52.20-1+b1 armhf +libnettle6 3.4-1 armhf +libnewt0.52 0.52.20-3 armhf -libnghttp2-14 1.27.0-1 armhf -libnginx-mod-http-auth-pam 1.13.6-2 armhf -libnginx-mod-http-dav-ext 1.13.6-2 armhf -libnginx-mod-http-echo 1.13.6-2 armhf -libnginx-mod-http-geoip 1.13.6-2 armhf -libnginx-mod-http-image-filter 1.13.6-2 armhf -libnginx-mod-http-subs-filter 1.13.6-2 armhf -libnginx-mod-http-upstream-fair 1.13.6-2 armhf -libnginx-mod-http-xslt-filter 1.13.6-2 armhf -libnginx-mod-mail 1.13.6-2 armhf -libnginx-mod-stream 1.13.6-2 armhf -libnih-dbus1 1.0.3-8 armhf -libnih1 1.0.3-8 armhf +libnghttp2-14 1.31.0-1 armhf +libnginx-mod-http-auth-pam 1.13.9-1 armhf +libnginx-mod-http-dav-ext 1.13.9-1 armhf +libnginx-mod-http-echo 1.13.9-1 armhf +libnginx-mod-http-geoip 1.13.9-1 armhf +libnginx-mod-http-image-filter 1.13.9-1 armhf +libnginx-mod-http-subs-filter 1.13.9-1 armhf +libnginx-mod-http-upstream-fair 1.13.9-1 armhf +libnginx-mod-http-xslt-filter 1.13.9-1 armhf +libnginx-mod-mail 1.13.9-1 armhf +libnginx-mod-stream 1.13.9-1 armhf +libnih-dbus1 1.0.3-10+b9 armhf +libnih1 1.0.3-10+b9 armhf -libnpth0 1.5-2 armhf +libnpth0 1.5-3 armhf +libnss-systemd 237-3+b1 armhf -libpam-modules 1.1.8-3.6+rpi1 armhf -libpam-modules-bin 1.1.8-3.6+rpi1 armhf -libpam-runtime 1.1.8-3.6+rpi1 all -libpam-systemd 235-2 armhf -libpam0g 1.1.8-3.6+rpi1 armhf -libparted2 3.2-18 armhf -libpcap0.8 1.8.1-5 armhf -libpcre2-8-0 10.22-3 armhf -libpcre3 2:8.39-4 armhf -libpcsclite1 1.8.22-1 armhf -libperl5.26 5.26.1-2 armhf -libpipeline1 1.4.2-1 armhf -libplymouth4 0.9.3-1 armhf +libpam-modules 1.1.8-3.7 armhf +libpam-modules-bin 1.1.8-3.7 armhf +libpam-runtime 1.1.8-3.7 all +libpam-systemd 237-3+b1 armhf +libpam0g 1.1.8-3.7 armhf +libparted2 3.2-20 armhf +libpcap0.8 1.8.1-6 armhf +libpcre2-8-0 10.31-3 armhf +libpcre3 2:8.39-9 armhf +libpcsclite1 1.8.23-1 armhf +libperl5.26 5.26.1-5 armhf +libpipeline1 1.5.0-1 armhf +libplymouth4 0.9.3-2 armhf -libprocps6 2:3.3.12-3 armhf -libpsl5 0.18.0-4 armhf -libpython-stdlib 2.7.14-1 armhf -libpython2.7-minimal 2.7.14-2 armhf -libpython2.7-stdlib 2.7.14-2 armhf -libpython3-dev 3.6.3-2 armhf -libpython3-stdlib 3.6.3-2 armhf +libprocps6 2:3.3.12-4 armhf +libpsl5 0.19.1-5 armhf +libpython-stdlib 2.7.14-4 armhf +libpython2.7-minimal 2.7.14-6 armhf +libpython2.7-stdlib 2.7.14-6 armhf +libpython3-dev 3.6.4-1 armhf +libpython3-stdlib 3.6.4-1 armhf -libpython3.6 3.6.3-1 armhf -libpython3.6-dev 3.6.3-1 armhf -libpython3.6-minimal 3.6.3-1 armhf -libpython3.6-stdlib 3.6.3-1 armhf -libraspberrypi-bin 1.20170811-1 armhf -libraspberrypi-dev 1.20170811-1 armhf -libraspberrypi-doc 1.20170811-1 armhf -libraspberrypi0 1.20170811-1 armhf +libpython3.6 3.6.4-4 armhf +libpython3.6-dev 3.6.4-4 armhf +libpython3.6-minimal 3.6.4-4 armhf +libpython3.6-stdlib 3.6.4-4 armhf +libraspberrypi-bin 1.20180313-1 armhf +libraspberrypi-dev 1.20180313-1 armhf +libraspberrypi-doc 1.20180313-1 armhf +libraspberrypi0 1.20180313-1 armhf -libruby2.3 2.3.3-1+deb9u1+rpi1 armhf -libsamplerate0 0.1.9-1 armhf +libruby2.3 2.3.6-2+rpi1 armhf +libruby2.5 2.5.0-6+rpi1 armhf +libsamplerate0 0.1.9-2 armhf -libsigsegv2 2.11-1 armhf -libslang2 2.3.1a-1 armhf -libsmartcols1 2.30.2-0.1 armhf -libsqlite3-0 3.20.1-2 armhf -libss2 1.43.7-1 armhf +libsigsegv2 2.12-1 armhf +libslang2 2.3.2-1 armhf +libsmartcols1 2.31.1-0.4 armhf +libsqlite3-0 3.22.0-1 armhf +libss2 1.44.0-1 armhf -libssl1.0.2 1.0.2l-2 armhf +libssl1.0.2 1.0.2n-1 armhf -libstdc++-7-dev 7.2.0-12 armhf -libstdc++6 7.2.0-12 armhf +libstdc++-7-dev 7.3.0-5 armhf +libstdc++6 8-20180218-1+rpi1 armhf -libsystemd0 235-2 armhf +libsystemd0 237-3+b1 armhf -libtasn1-6 4.12-2.1 armhf -libtcl8.6 8.6.7+dfsg-1 armhf +libtasn1-6 4.13-2 armhf +libtcl8.6 8.6.8+dfsg-3 armhf -libtiff5 4.0.8-6 armhf +libtiff5 4.0.9-4 armhf -libtinfo5 6.0+20170902-1 armhf +libtinfo5 6.1-1 armhf -libtry-tiny-perl 0.28-1 all -libubsan0 7.2.0-12 armhf +libtry-tiny-perl 0.30-1 all +libubsan0 7.3.0-5 armhf -libudev1 235-2 armhf +libudev1 237-3+b1 armhf -libunistring2 0.9.7-2 armhf -liburi-perl 1.72-2 all +libunistring2 0.9.8-1 armhf +liburi-perl 1.73-1 all -libuuid1 2.30.2-0.1 armhf -libv4l-0 1.12.5-1 armhf -libv4l2rds0 1.12.5-1 armhf -libv4lconvert0 1.12.5-1 armhf -libwbclient0 2:4.7.0+dfsg-2 armhf -libwebp6 0.6.0-3 armhf +libuuid1 2.31.1-0.4 armhf +libv4l-0 1.14.2-1 armhf +libv4l2rds0 1.14.2-1 armhf +libv4lconvert0 1.14.2-1 armhf +libwbclient0 2:4.7.4+dfsg-2 armhf +libwebp6 0.6.1-2 armhf -libwww-perl 6.27-1 all +libwww-perl 6.31-1 all -libxcb1 1.12-1 armhf +libxcb1 1.13-1 armhf -libxml2 2.9.4+dfsg1-5 armhf +libxml2 2.9.4+dfsg1-6.1 armhf -libxslt1.1 1.1.29-2.2 armhf -libxtables12 1.6.1-2+b1 armhf +libxslt1.1 1.1.29-5 armhf +libxtables12 1.6.2-1 armhf -linux-libc-dev 4.9.51-1+rpi3+b1 armhf -locales 2.24-17 all +linux-libc-dev 4.15.4-1+rpi1 armhf +locales 2.27-1+rpi1 all -man-db 2.7.6.1-2 armhf -manpages 4.13-3 all -manpages-dev 4.13-3 all +man-db 2.8.2-1 armhf +manpages 4.15-1 all +manpages-dev 4.15-1 all -mount 2.30.2-0.1 armhf +mount 2.31.1-0.4 armhf -multiarch-support 2.24-17 armhf +multiarch-support 2.27-1+rpi1 armhf -nano 2.8.7-1 armhf +nano 2.9.3-2 armhf -ncurses-base 6.0+20170902-1 all -ncurses-bin 6.0+20170902-1 armhf -ncurses-term 6.0+20170902-1 all +ncurses-base 6.1-1 all +ncurses-bin 6.1-1 armhf +ncurses-term 6.1-1 all -net-tools 1.60+git20161116.90da8a0-1 armhf +net-tools 1.60+git20161116.90da8a0-2 armhf -netcat-openbsd 1.178-3 armhf +netcat-openbsd 1.187-1 armhf -nfs-common 1:1.3.4-2.1+b1 armhf -nginx 1.13.6-2 all -nginx-common 1.13.6-2 all -nginx-full 1.13.6-2 armhf +nfs-common 1:1.3.4-2.2 armhf +nginx-common 1.13.9-1 all -openssh-client 1:7.6p1-2 armhf -openssh-server 1:7.6p1-2 armhf -openssh-sftp-server 1:7.6p1-2 armhf +openssh-client 1:7.6p1-4 armhf +openssh-server 1:7.6p1-4 armhf +openssh-sftp-server 1:7.6p1-4 armhf -parted 3.2-18 armhf +parted 3.2-20 armhf -patch 2.7.5-1 armhf +patch 2.7.6-1 armhf -perl 5.26.1-2 armhf -perl-base 5.26.1-2 armhf -perl-modules-5.26 5.26.1-2 all +perl 5.26.1-5 armhf +perl-base 5.26.1-5 armhf +perl-modules-5.26 5.26.1-5 all -pi-bluetooth 0.1.6 armhf -pinentry-curses 1.0.0-3 armhf +pi-bluetooth 0.1.7 all +pinentry-curses 1.1.0-1 armhf -plymouth 0.9.3-1 armhf +plymouth 0.9.3-2 armhf -procps 2:3.3.12-3 armhf +procps 2:3.3.12-4 armhf -python 2.7.14-1 armhf -python-acme 0.19.0-1 all +python 2.7.14-4 armhf +python-acme 0.21.1-1 all -python-asn1crypto 0.22.0-1 all +python-asn1crypto 0.24.0-1 all -python-certbot 0.19.0-1 all -python-certifi 2017.7.27.1-2 all -python-cffi-backend 1.9.1-2+b1 armhf +python-certifi 2018.1.18-2 all +python-cffi-backend 1.11.5-1 armhf -python-cryptography 1.9-1 armhf -python-enum34 1.1.6-1 all -python-eyed3 0.8-1 all -python-funcsigs 1.0.2-3 all +python-cryptography 2.1.4-1 armhf +python-enum34 1.1.6-2 all +python-eyed3 0.8.4-2 all +python-funcsigs 1.0.2-4 all -python-idna 2.5-1 all +python-idna 2.6-1 all +python-josepy 1.0.1-1 all -python-minimal 2.7.14-1 armhf +python-magic 2:0.4.15-1 all +python-minimal 2.7.14-4 armhf -python-newt 0.52.20-1+b1 armhf -python-openssl 16.2.0-1 all +python-newt 0.52.20-3 armhf +python-openssl 17.5.0-1 all -python-pbr 3.1.1-2 all -python-pip-whl 9.0.1-2+rpt1 all -python-pkg-resources 36.6.0-1 all +python-pbr 3.1.1-4 all +python-pip-whl 9.0.1-2+rpt2 all +python-pkg-resources 38.5.2-1 all -python-requests 2.18.1-1 all +python-requests 2.18.4-2 all -python-setuptools 36.6.0-1 all -python-six 1.11.0-1 all -python-tz 2017.2-2 all -python-urllib3 1.21.1-1 all +python-setuptools 38.5.2-1 all +python-six 1.11.0-2 all +python-tz 2018.3-2 all +python-urllib3 1.22-1 all -python2.7 2.7.14-2 armhf -python2.7-minimal 2.7.14-2 armhf -python3 3.6.3-2 armhf +python2.7 2.7.14-6 armhf +python2.7-minimal 2.7.14-6 armhf +python3 3.6.4-1 armhf +python3-acme 0.21.1-1 all -python3-asn1crypto 0.22.0-1 all -python3-cffi-backend 1.9.1-2+b1 armhf -python3-crypto 2.6.1-7+b1 armhf -python3-cryptography 1.9-1 armhf -python3-dbus 1.2.4-1+b1 armhf -python3-debconf 1.5.64 all -python3-dev 3.6.3-2 armhf -python3-gi 3.24.1-3+rpi1 armhf -python3-idna 2.5-1 all -python3-keyring 10.4.0-1 all -python3-keyrings.alt 2.2-2 all -python3-minimal 3.6.3-2 armhf -python3-pip 9.0.1-2+rpt1 all -python3-pkg-resources 36.6.0-1 all +python3-asn1crypto 0.24.0-1 all +python3-certbot 0.21.1-1 all +python3-certifi 2018.1.18-2 all +python3-cffi-backend 1.11.5-1 armhf +python3-chardet 3.0.4-1 all +python3-configargparse 0.11.0-1 all +python3-configobj 5.0.6-2 all +python3-crypto 2.6.1-8 armhf +python3-cryptography 2.1.4-1 armhf +python3-dbus 1.2.6-1 armhf +python3-debconf 1.5.66 all +python3-dev 3.6.4-1 armhf +python3-distutils 3.6.4-4 all +python3-eyed3 0.8.4-2 all +python3-future 0.15.2-4 all +python3-gi 3.26.1-2 armhf +python3-idna 2.6-1 all +python3-josepy 1.0.1-1 all +python3-keyring 10.6.0-1 all +python3-keyrings.alt 3.0-1 all +python3-lib2to3 3.6.4-4 all +python3-magic 2:0.4.15-1 all +python3-minimal 3.6.4-1 armhf +python3-mock 2.0.0-3 all +python3-openssl 17.5.0-1 all +python3-parsedatetime 2.4-2 all +python3-pbr 3.1.1-4 all +python3-pip 9.0.1-2+rpt2 all +python3-pkg-resources 38.5.2-1 all +python3-requests 2.18.4-2 all +python3-rfc3339 1.0-4 all -python3-setuptools 36.6.0-1 all -python3-six 1.11.0-1 all +python3-setuptools 38.5.2-1 all +python3-six 1.11.0-2 all -python3-wheel 0.29.0-2 all +python3-tz 2018.3-2 all +python3-urllib3 1.22-1 all +python3-wheel 0.30.0-0.2 all +python3-zope.component 4.3.0-1 all +python3-zope.event 4.2.0-1 all +python3-zope.hookable 4.0.4-4+b2 armhf +python3-zope.interface 4.3.2-1+b1 armhf -python3.6 3.6.3-1 armhf -python3.6-dev 3.6.3-1 armhf -python3.6-minimal 3.6.3-1 armhf -rake 12.0.0-1 all -raspberrypi-bootloader 1.20170811-1 armhf -raspberrypi-kernel 1.20170811-1 armhf +python3.6 3.6.4-4 armhf +python3.6-dev 3.6.4-4 armhf +python3.6-minimal 3.6.4-4 armhf +rake 12.3.0-1 all +raspberrypi-bootloader 1.20180313-1 armhf +raspberrypi-kernel 1.20180313-1 armhf -raspberrypi-sys-mods 20170717 armhf +raspberrypi-sys-mods 20180315 armhf -raspi-config 20170926 all +raspi-config 20180228 all +rfkill 2.31.1-0.4 armhf -rsync 3.1.2-2 armhf -rsyslog 8.29.0-2 armhf -ruby 1:2.3.3 armhf +rsync 3.1.2-2.1 armhf +rsyslog 8.33.1-1 armhf +ruby 1:2.5.0 armhf -ruby2.3 2.3.3-1+deb9u1+rpi1 armhf +ruby2.3 2.3.6-2+rpi1 armhf +ruby2.5 2.5.0-6+rpi1 armhf -samba-common 2:4.7.0+dfsg-2 all +samba-common 2:4.7.4+dfsg-2 all -sed 4.4-1 armhf +sed 4.4-2 armhf -sensible-utils 0.0.10 all +sensible-utils 0.0.11 all -ssh 1:7.6p1-2 all -strace 4.19-1 armhf -sudo 1.8.21p2-2 armhf -systemd 235-2 armhf -systemd-sysv 235-2 armhf +ssh 1:7.6p1-4 all +strace 4.21-1 armhf +sudo 1.8.21p2-3 armhf +systemd 237-3+b1 armhf +systemd-sysv 237-3+b1 armhf -tasksel 3.42 all -tasksel-data 3.42 all +tasksel 3.43 all +tasksel-data 3.43 all -tmux 2.6-1 armhf +tmux 2.6-3 armhf -tzdata 2017c-1 all -ucf 3.0036 all -udev 235-2 armhf +tzdata 2018c-1 all +ucf 3.0038 all +udev 237-3+b1 armhf -usb-modeswitch 2.5.1+repack0-1+b1 armhf -usb-modeswitch-data 20170806-1 all +usb-modeswitch 2.5.2+repack0-2 armhf +usb-modeswitch-data 20170806-2 all -util-linux 2.30.2-0.1 armhf -v4l-utils 1.12.5-1 armhf +util-linux 2.31.1-0.4 armhf +v4l-utils 1.14.2-1 armhf -vim-common 2:8.0.1144-1 all -vim-nox 2:8.0.1144-1 armhf -vim-runtime 2:8.0.1144-1 all -vim-tiny 2:8.0.1144-1 armhf -vnstat 1.15-2 armhf -wget 1.19.2-1 armhf -whiptail 0.52.20-1+b1 armhf -whois 5.2.18 armhf +vim-common 2:8.0.1453-1 all +vim-nox 2:8.0.1453-1 armhf +vim-runtime 2:8.0.1453-1 all +vim-tiny 2:8.0.1453-1 armhf +vnstat 1.17-1 armhf +wget 1.19.4-1 armhf +whiptail 0.52.20-3 armhf +whois 5.3.0 armhf -wpasupplicant 2:2.4-1.1 armhf -xauth 1:1.0.9-1 armhf -xdg-user-dirs 0.15-3 armhf -xkb-data 2.19-1.1 all +wpasupplicant 2:2.6-15 armhf +xauth 1:1.0.10-1 armhf +xdg-user-dirs 0.16-1 armhf +xkb-data 2.23.1-1 all -xxd 2:8.0.1144-1 armhf +xxd 2:8.0.1453-1 armhf -zsh 5.4.2-1 armhf -zsh-common 5.4.2-1 all +zsh 5.4.2-3 armhf +zsh-common 5.4.2-3 all
7 years ago
if ! /sbin/ifquery "${WPA_LOGICAL_IFACE}" > /dev/null 2>&1; then
wpa_msg log "network settings not defined for $WPA_LOGICAL_IFACE in $INTERFACES_FILE and included files."
7 years ago
WPA_LOGICAL_IFACE="default"
fi
wpa_msg log "ifup $WPA_IFACE=$WPA_LOGICAL_IFACE"
ifupdown_lock
if /sbin/ifquery "$WPA_IFACE" | grep -q '^wpa-roam: ' ; then
# Force settings over the unconfigured "master" IFACE
/sbin/ifup -v --force "$WPA_IFACE=$WPA_LOGICAL_IFACE"
else
/sbin/ifup -v "$WPA_IFACE=$WPA_LOGICAL_IFACE"
fi
IFUP_RETVAL="$?"
ifupdown_unlock
fi
if [ -d "${WPA_SUP_OMIT_DIR}" ]; then
wpa_msg log "creating sendsigs omission pidfile: $WPA_SUP_OMIT_PIDFILE"
cat "$WPA_SUP_PIDFILE" > "$WPA_SUP_OMIT_PIDFILE"
fi
return "$IFUP_RETVAL"
}
#####################################################################
## ifdown IFACE
# Check IFACE state and ifdown as requested.
#
ifdown () {
wpa_msg log "ifdown $WPA_IFACE"
ifupdown_lock
/sbin/ifdown -v "$WPA_IFACE"
ifupdown_unlock
wpa_msg log "removing sendsigs omission pidfile: $WPA_SUP_OMIT_PIDFILE"
rm -f "$WPA_SUP_OMIT_PIDFILE"
}
#####################################################################
## keep IFACE scanning
# After ifdown, the IFACE may be left "down", and inhibits
# wpa_supplicant's ability to continue roaming.
#
# NB: use iproute if present, flushing the IFACE first
#
if_post_down_up () {
if [ -x /bin/ip ]; then
ip addr flush dev "$WPA_IFACE" 2>/dev/null
ip link set "$WPA_IFACE" up
else
ifconfig "$WPA_IFACE" up
fi
}