From 76f0d68f2424e064ed03df3f11ca126ec6b85422 Mon Sep 17 00:00:00 2001
From: bergware <bergware@users.noreply.github.com>
Date: Wed, 12 Feb 2025 03:50:42 +0100
Subject: [PATCH] wireless fine tuning

---
 emhttp/plugins/dynamix/scripts/open_ssl |  7 +++++++
 etc/rc.d/rc.wireless                    | 14 ++------------
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/emhttp/plugins/dynamix/scripts/open_ssl b/emhttp/plugins/dynamix/scripts/open_ssl
index 734511776..e62a0b3fa 100755
--- a/emhttp/plugins/dynamix/scripts/open_ssl
+++ b/emhttp/plugins/dynamix/scripts/open_ssl
@@ -16,6 +16,13 @@ $ssl_input = '/etc/rc.d/rc.ssl.input';
 if (is_readable($ssl_input)) extract(parse_ini_file($ssl_input));
 
 switch ($argv[1]) {
+case 'reload':
+  if (file_exists($ssl_input)) break;
+case 'load':
+  $key = exec("dmidecode -qt1 | grep -Pom1 'Manufacturer: \K.+' | sed 's/ /_/g'")."ABCDEFGH";
+  $iv  = "12".exec("cat /sys/class/net/wlan0/address | sed 's/://g'")."34";
+  file_put_contents($ssl_input, "cipher=aes-256-cbc\nkey=".substr($key,0,63)."\niv=$iv\n");
+  break;
 case 'encrypt':
   if (!empty($argv[2]) && isset($cipher,$key,$iv)) $encrypt = openssl_encrypt($argv[2],$cipher,$key,0,$iv);
   if (!empty($encrypt)) echo "$encrypt";
diff --git a/etc/rc.d/rc.wireless b/etc/rc.d/rc.wireless
index 8ee968d0e..7fedd793c 100755
--- a/etc/rc.d/rc.wireless
+++ b/etc/rc.d/rc.wireless
@@ -10,7 +10,6 @@ DAEMON="WiFi network"
 CALLER="wifi"
 INI="/var/local/emhttp/wireless.ini"
 CFG="/boot/config/wireless.cfg"
-SSLINPUT="/etc/rc.d/rc.ssl.input"
 OPENSSL="/usr/local/emhttp/webGui/scripts/open_ssl"
 STARTWIFI="/usr/local/emhttp/webGui/scripts/wireless"
 WPA="/etc/wpa_supplicant.conf"
@@ -42,15 +41,6 @@ unzero6(){
   echo -n $(for Q in ${A//:/ }; do [[ $Q != - ]] && printf "$M%x" "0x$Q" || printf ":"; M=:; done)
 }
 
-# function to initialize openSSL variables
-ssl_init(){
-  KEY="$(dmidecode -qt1 | grep -Pom1 'Manufacturer: \K.+' | sed 's/ /_/g')ABCDEFGH"
-  IV="12$(cat $SYSTEM/$PORT/address | sed 's/://g')34"
-  echo "cipher=aes-256-cbc" >$SSLINPUT
-  echo "key=${KEY:0:63}" >>$SSLINPUT
-  echo "iv=$IV" >>$SSLINPUT
-}
-
 # function to convert text to hex
 hex(){
   echo -n $1 | od -An -tx1 | tr -d ' \n'
@@ -184,7 +174,7 @@ wifi_start(){
     [[ -e $SYSTEM/$LINK ]] || run ip link add link $PORT name $LINK type ipvtap mode l2 bridge
     run ip link set $PORT up
     run ip link set $LINK up
-    ssl_init
+    $OPENSSL load
     # start active SSID
     $STARTWIFI
     if ! carrier_up $PORT; then
@@ -233,7 +223,7 @@ wifi_join(){
     log "$DAEMON...  No configuration."
     return
   fi
-  [[ -e $SSLINPUT ]] || ssl_init
+  $OPENSSL reload
   [[ -n $USERNAME ]] && DECRYPT1=$($OPENSSL decrypt "$USERNAME")
   [[ -n $DECRYPT1 ]] && USERNAME=$DECRYPT1
   [[ -n $PASSWORD ]] && DECRYPT2=$($OPENSSL decrypt "$PASSWORD")