diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-03-27 16:31:43 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-03-27 16:33:52 +0100 |
commit | a0424f9c6a4cf813934d5a3bc877fddae6eb99de (patch) | |
tree | 99c697f78884af8035821ed664168a4c5c8c5c00 | |
parent | 551eb5d596266c3bb6891d4ccc9b55c1b1ec02ff (diff) | |
download | vyos-1x-a0424f9c6a4cf813934d5a3bc877fddae6eb99de.tar.gz vyos-1x-a0424f9c6a4cf813934d5a3bc877fddae6eb99de.zip |
wireless: T2105: properly support disabled WIFI interfaces
It is not sufficient to only place a wifi interface in adminsitrative down
state as hostapd could change the interface state again. If the wifi interface
is administratively disabled, hostapd or wpa_supplicant should not be started
at all to prevent anyone from messing arround with the admin state.
-rw-r--r-- | python/vyos/ifconfig/wireless.py | 3 | ||||
-rwxr-xr-x | src/conf_mode/interfaces-wireless.py | 69 |
2 files changed, 37 insertions, 35 deletions
diff --git a/python/vyos/ifconfig/wireless.py b/python/vyos/ifconfig/wireless.py index a1f50b71d..932d07d01 100644 --- a/python/vyos/ifconfig/wireless.py +++ b/python/vyos/ifconfig/wireless.py @@ -46,6 +46,9 @@ class WiFiIf(Interface): .format(**self.config) self._cmd(cmd) + # wireless interface is administratively down by default + self.set_state('down') + def _delete(self): cmd = 'iw dev {ifname} del' \ .format(**self.config) diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 43455196c..2d05e722d 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -1520,41 +1520,40 @@ def apply(wifi): if not wifi['disable']: w.set_state('up') - - # Physical interface is now configured. Proceed by starting hostapd or - # wpa_supplicant daemon. When type is monitor we can just skip this. - if wifi['op_mode'] == 'ap': - cmd = 'start-stop-daemon' - cmd += ' --start ' - cmd += ' --quiet' - cmd += ' --oknodo' - cmd += ' --pidfile ' + get_pid('hostapd', wifi['intf']) - cmd += ' --exec /usr/sbin/hostapd' - # now pass arguments to hostapd binary - cmd += ' -- ' - cmd += ' -B' - cmd += ' -P ' + get_pid('hostapd', wifi['intf']) - cmd += ' ' + get_conf_file('hostapd', wifi['intf']) - - # execute assembled command - subprocess_cmd(cmd) - - elif wifi['op_mode'] == 'station': - cmd = 'start-stop-daemon' - cmd += ' --start ' - cmd += ' --quiet' - cmd += ' --oknodo' - cmd += ' --pidfile ' + get_pid('hostapd', wifi['intf']) - cmd += ' --exec /sbin/wpa_supplicant' - # now pass arguments to hostapd binary - cmd += ' -- ' - cmd += ' -s -B -D nl80211' - cmd += ' -P ' + get_pid('wpa_supplicant', wifi['intf']) - cmd += ' -i ' + wifi['intf'] - cmd += ' -c ' + get_conf_file('wpa_supplicant', wifi['intf']) - - # execute assembled command - subprocess_cmd(cmd) + # Physical interface is now configured. Proceed by starting hostapd or + # wpa_supplicant daemon. When type is monitor we can just skip this. + if wifi['op_mode'] == 'ap': + cmd = 'start-stop-daemon' + cmd += ' --start ' + cmd += ' --quiet' + cmd += ' --oknodo' + cmd += ' --pidfile ' + get_pid('hostapd', wifi['intf']) + cmd += ' --exec /usr/sbin/hostapd' + # now pass arguments to hostapd binary + cmd += ' -- ' + cmd += ' -B' + cmd += ' -P ' + get_pid('hostapd', wifi['intf']) + cmd += ' ' + get_conf_file('hostapd', wifi['intf']) + + # execute assembled command + subprocess_cmd(cmd) + + elif wifi['op_mode'] == 'station': + cmd = 'start-stop-daemon' + cmd += ' --start ' + cmd += ' --quiet' + cmd += ' --oknodo' + cmd += ' --pidfile ' + get_pid('hostapd', wifi['intf']) + cmd += ' --exec /sbin/wpa_supplicant' + # now pass arguments to hostapd binary + cmd += ' -- ' + cmd += ' -s -B -D nl80211' + cmd += ' -P ' + get_pid('wpa_supplicant', wifi['intf']) + cmd += ' -i ' + wifi['intf'] + cmd += ' -c ' + get_conf_file('wpa_supplicant', wifi['intf']) + + # execute assembled command + subprocess_cmd(cmd) return None |