hostapd: make "key" option optional if "wpa_psk_file" is provided

If an existing "wpa_psk_file" is passed to hostapd, the "key" option may be omitted. While we're at it, also improve the passphrase length checking to ensure that it is either exactly 64 bytes or 8 to 63 bytes. Fixes: FS#2689 Ref: openwrt#3283 Suggested-by: Michael Jones <[email protected]> Signed-off-by: Jo-Philipp Wich <[email protected]>
jiangzm · Aug 7, 2020 · 321503d · 321503d
1 parent a4e7201
commit 321503d
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/package/network/services/hostapd/files/hostapd.sh b/package/network/services/hostapd/files/hostapd.sh
@@ -402,13 +402,13 @@ hostapd_set_bss_options() {
 		;;
 		psk|sae|psk-sae)
 			json_get_vars key wpa_psk_file
-			if [ ${#key} -lt 8 ]; then
-				wireless_setup_vif_failed INVALID_WPA_PSK
-				return 1
-			elif [ ${#key} -eq 64 ]; then
+			if [ ${#key} -eq 64 ]; then
 				append bss_conf "wpa_psk=$key" "$N"
-			else
+			elif [ ${#key} -ge 8 ] && [ ${#key} -le 63 ]; then
 				append bss_conf "wpa_passphrase=$key" "$N"
+			elif [ -n "$key" ] || [ -z "$wpa_psk_file" ]; then
+				wireless_setup_vif_failed INVALID_WPA_PSK
+				return 1
 			fi
 			[ -z "$wpa_psk_file" ] && set_default wpa_psk_file /var/run/hostapd-$ifname.psk
 			[ -n "$wpa_psk_file" ] && {