#/bin/bash

# script for generating a wpa supplicant config file based on given SSID and password, 
# using scan results for hints

#------------------------------

test_hex() 
{
    case $1 in
        ( *[!0-9A-Fa-f]* | "" ) return 0 ;;
    esac  
    return 1    
}
#------------------------------


if [ $#  -lt  1 ]
then
    echo "Need to supply SSID"
    echo num args = $#
    exit
fi

SSID=$1
PW=$2

SOURCE="guessing"

#look at the input parameters for security and adhoc
SECURITY="unknown"
if [ $#  -ge  3 ]
then
    SECURITY=$3
    SOURCE="indicatation"
fi
if [ "$SECURITY" != "wep" -a "$SECURITY" != "wpa" -a "$SECURITY" != "open" ]
then
    SECURITY="unknown"
fi
 
ADHOC="unknown"
if [ $#  =  4 ]
then
    ADHOC=$4
fi
if [ "$ADHOC" != "0" -a "$ADHOC" != "1" ]
then
    ADHOC="unknown"
fi

# check if the ADHOC or SECURITY settings are unknown.  if so, look at scan results to learn more
if [ "$ADHOC" = "unknown" -o  "$SECURITY" = "unknown" ]
then

    LINE=`wpa_cli scan_re|grep "$SSID"`

    # look at the scan results to learn more (if needed)
    if [ "$SECURITY" = "unknown" ]
    then
        if [[ "$LINE" == *WPA[2]-PSK* ]]
        then
            SECURITY="wpa"
            SOURCE="scanning"
        elif [[ "$LINE" == *WEP* ]]
        then
            SECURITY="wep"
            SOURCE="scanning"
        else
            SECURITY="unknown"
        fi
    fi

    if [ "$ADHOC" = "unknown" ]
    then
        if [[ "$LINE" == *\[IBSS\]* ]]
        then
            ADHOC="1"
        else # even if the SSID wasn't in the scan, we are going to assume NOT adhoc
            ADHOC="0"
        fi
    fi
fi

# At this point, security type may still be unknown if it wasn't indicated 
# and didn't show up in the scan

# determine if the PW string is all hex chars
IS_HEX=0
test_hex "$PW"
if [ $? = 1 ]
then
    IS_HEX=1
fi

# determine length of PW string 
LENGTH=${#PW}

#Here are the rules for guessing from unknown.  Not perfect, but pretty good guesses based on input:

    # if no PW assume open
    # if PW is 64 characters and only hex digits, assume WPA hex key
    # if PW is 10 chars or 26 chars and only hex, assume WEP hex key0
    # if PW is 5 then assume WEP ascii key0 (quoted)
    # else assume it's WPA passphrase

# make guesses if unknown
if [ "$SECURITY" = "unknown"  ]
then
    GUESS=yes
    if [ "$PW" = ""  ]  
    then
        SECURITY="open"
    elif [ $LENGTH = 64 -a $IS_HEX = 1  ]
    then
        SECURITY="wpa"  
    elif [ \( $LENGTH = 10 -o $LENGTH = 26 \) -a $IS_HEX = 1 ]
    then
        SECURITY="wep"
    elif [ $LENGTH = 5 ]
    then
        SECURITY="wep"
    else
        SECURITY="wpa"
    fi 
fi 


# decide if we want to quote the passphrase/key
if [ \( $LENGTH = 5 -o $LENGTH = 13 \)  -a "$SECURITY" = "wep" ]
then
    USE_QUOTES=1
elif [ $LENGTH -lt 64  -a "$SECURITY" = "wpa" ]
then
    USE_QUOTES=1
fi

echo "# Security is determined to be: $SECURITY ($SOURCE)"
echo "#"

# Generate the new conf file 
# (if WEP, assume it's always key index 0)

echo "ctrl_interface=/var/run/wpa_supplicant"
if [ "$ADHOC" = "1" ]  
then
    echo "ap_scan=2"
fi
echo ""
echo "network={"
echo "    ssid=\"$SSID\""

if [ "$SECURITY" = "open" ]  
then
    echo "    key_mgmt=NONE"
elif [ "$SECURITY" = "wpa" -a "$USE_QUOTES" = "1" ]
then
    echo "    psk=\"$PW\""
elif [ "$SECURITY" = "wpa" ]
then
    echo "    psk=$PW"
elif [  "$SECURITY" = "wep" -a "$USE_QUOTES" = "1" ]
then
    echo "    key_mgmt=NONE"
    echo "    wep_key0=\"$PW\""
    echo "    wep_tx_keyidx=0"
elif [  "$SECURITY" = "wep"  ]
then
    echo "    key_mgmt=NONE"
    echo "    wep_key0=$PW"
    echo "    wep_tx_keyidx=0"
else # this shouldn't ever happen
    echo "    key_mgmt=NONE"
fi

if [ "$ADHOC" = "1" ]  
then
    echo "    mode=1"
fi

echo "}"


