From f8a2b88692e21d46799738c13d4d12cfa95b4152 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Fri, 23 Jun 2023 17:33:51 +0200
Subject: hotspot-to-wpa: support non-local users

This has some limitations, though: The password is not known and
additional configuration can not be given in user's comment.
---
 hotspot-to-wpa.rsc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'hotspot-to-wpa.rsc')

diff --git a/hotspot-to-wpa.rsc b/hotspot-to-wpa.rsc
index d7aeb65..ede4daf 100644
--- a/hotspot-to-wpa.rsc
+++ b/hotspot-to-wpa.rsc
@@ -25,7 +25,10 @@ $ScriptLock $0;
 }
 
 :local Date [ /system/clock/get date ];
-:local UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+:local UserVal ({});
+:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
+  :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+}
 :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
 :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
 
-- 
cgit v1.2.3-54-g00ecf


From 0c8bc60648c2b5629273bf64bce81c664470506c Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Mon, 26 Jun 2023 10:44:52 +0200
Subject: hotspot-to-wpa: reject for two seconds...

... to make the device send a new DHCP request after.
---
 hotspot-to-wpa.rsc | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'hotspot-to-wpa.rsc')

diff --git a/hotspot-to-wpa.rsc b/hotspot-to-wpa.rsc
index ede4daf..35d4fa5 100644
--- a/hotspot-to-wpa.rsc
+++ b/hotspot-to-wpa.rsc
@@ -57,7 +57,8 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $
   " (user " . $UserName . ").") false;
 /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ];
 /caps-man/access-list/add comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \
-    mac-address=$MacAddress private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" place-before=$PlaceBefore;
+    mac-address=$MacAddress private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \
+    action=reject place-before=$PlaceBefore;
 
 :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \
     comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ];
@@ -81,3 +82,6 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $
 :if ([ :len $VlanMode] > 0) do={
   /caps-man/access-list/set $Entry vlan-mode=$VlanMode;
 }
+
+:delay 2s;
+/caps-man/access-list/set $Entry action=accept;
-- 
cgit v1.2.3-54-g00ecf