From 85cbbf00291c4b982e8e7ca5f6eb29418fd21bd4 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Mon, 23 Mar 2009 13:44:17 +0000 Subject: [PATCH] Fix WPA2-EAP support --- i18n/english/luasrc/i18n/admin-core.en.lua | 6 +- i18n/german/luasrc/i18n/admin-core.de.lua | 6 +- .../root/lib/uci/schema/default/wireless | 42 +++++++---- .../luasrc/model/cbi/admin_network/wifi.lua | 40 ++++++---- .../admin-mini/luasrc/model/cbi/mini/wifi.lua | 73 ++++++++++++++++--- 5 files changed, 123 insertions(+), 44 deletions(-) diff --git a/i18n/english/luasrc/i18n/admin-core.en.lua b/i18n/english/luasrc/i18n/admin-core.en.lua index 6c71c208df..37dab9e127 100644 --- a/i18n/english/luasrc/i18n/admin-core.en.lua +++ b/i18n/english/luasrc/i18n/admin-core.en.lua @@ -374,9 +374,9 @@ a_w_cacert = 'Path to CA-Certificate' a_w_eaptype = 'EAP-Method' a_w_tlsprivkey = 'Path to Private Key' a_w_tlsprivkeypwd = 'Password of Private Key' -a_w_peapauth = 'PEAP-Authentication' -a_w_peapidentity = 'PEAP-Identity' -a_w_peappassword = 'PEAP-Password' +a_w_peapauth = 'Authentication' +a_w_peapidentity = 'Identity' +a_w_peappassword = 'Password' a_w_create = 'Create Network' hostnames = 'Hostnames' hostnames_entries = 'Host entries' diff --git a/i18n/german/luasrc/i18n/admin-core.de.lua b/i18n/german/luasrc/i18n/admin-core.de.lua index ccfdc019a3..970fdbe0cc 100644 --- a/i18n/german/luasrc/i18n/admin-core.de.lua +++ b/i18n/german/luasrc/i18n/admin-core.de.lua @@ -332,9 +332,9 @@ a_w_cacert = 'Pfad zum CA-Zertifikat' a_w_eaptype = 'EAP-Methode' a_w_tlsprivkey = 'Pfad zum Privaten Schlüssel' a_w_tlsprivkeypwd = 'Passwort des Privaten Schlüssels' -a_w_peapauth = 'PEAP-Authentifizierung' -a_w_peapidentity = 'PEAP-Identitäz' -a_w_peappassword = 'PEAP-Passwort' +a_w_peapauth = 'Authentifizierung' +a_w_peapidentity = 'Identität' +a_w_peappassword = 'Passwort' a_w_create = 'Netzwerk anlegen' hostnames = 'Rechnernamen' hostnames_entries = 'Host-Einträge' diff --git a/modules/admin-core/root/lib/uci/schema/default/wireless b/modules/admin-core/root/lib/uci/schema/default/wireless index 85532a1d21..1f3f71a0c6 100644 --- a/modules/admin-core/root/lib/uci/schema/default/wireless +++ b/modules/admin-core/root/lib/uci/schema/default/wireless @@ -425,7 +425,7 @@ config enum config enum option variable 'wireless.wifi-iface.encryption' - option value 'wpa2i' + option value 'wpa2' option title 'WPA2-EAP' config variable @@ -433,7 +433,7 @@ config variable option section 'wireless.wifi-iface' option title 'RadiusServer' list depends 'encryption=wpa,mode=ap' - list depends 'encryption=wpa2i,mode=ap' + list depends 'encryption=wpa2,mode=ap' option datatype host config variable @@ -441,7 +441,7 @@ config variable option section 'wireless.wifi-iface' option title 'Radius-Port' list depends 'encryption=wpa,mode=ap' - list depends 'encryption=wpa2i,mode=ap' + list depends 'encryption=wpa2,mode=ap' option datatype port config variable @@ -452,14 +452,16 @@ config variable list depends 'encryption=psk' list depends 'encryption=wpa,mode=ap' list depends 'encryption=psk2' - list depends 'encryption=wpa2i,mode=ap' + list depends 'encryption=wpa2,mode=ap' + list depends 'encryption=psk+psk2' + list depends 'encryption=mixed' config variable option name 'nasid' option section 'wireless.wifi-iface' option title 'NAS ID' list depends 'encryption=wpa,mode=ap' - list depends 'encryption=wpa2i,mode=ap' + list depends 'encryption=wpa2,mode=ap' config variable option name 'eap_type' @@ -467,7 +469,7 @@ config variable option title 'EAP-Method' option type enum list depends 'encryption=wpa,mode=sta' - list depends 'encryption=wpa2i,mode=sta' + list depends 'encryption=wpa2,mode=sta' config enum option variable 'wireless.wifi-iface.eap_type' @@ -476,20 +478,24 @@ config enum config enum option variable 'wireless.wifi-iface.eap_type' option value 'PEAP' + +config enum + option variable 'wireless.wifi-iface.eap_type' + option value 'TTLS' config variable option name 'ca_cert' option section 'wireless.wifi-iface' option title 'Path to CA-Certificate' list depends 'encryption=wpa,mode=sta' - list depends 'encryption=wpa2i,mode=sta' + list depends 'encryption=wpa2,mode=sta' option datatype file config variable option name 'priv_key' option section 'wireless.wifi-iface' option title 'Path to Private Key' - list depends 'mode=sta,encryption=wpa2i,eap_type=TLS' + list depends 'mode=sta,encryption=wpa2,eap_type=TLS' list depends 'mode=sta,encryption=wpa,eap_type=TLS' option datatype file @@ -498,26 +504,32 @@ config variable option name 'priv_key_pwd' option section 'wireless.wifi-iface' option title 'Password of Private Key' - list depends 'mode=sta,encryption=wpa2i,eap_type=TLS' + list depends 'mode=sta,encryption=wpa2,eap_type=TLS' list depends 'mode=sta,encryption=wpa,eap_type=TLS' config variable option name 'auth' option section 'wireless.wifi-iface' - option title 'PEAP-Authentication' - list depends 'mode=sta,encryption=wpa2i,eap_type=PEAP' + option title 'Authentication' + list depends 'mode=sta,encryption=wpa2,eap_type=PEAP' list depends 'mode=sta,encryption=wpa,eap_type=PEAP' + list depends 'mode=sta,encryption=wpa2,eap_type=TTLS' + list depends 'mode=sta,encryption=wpa,eap_type=TTLS' config variable option name 'identity' option section 'wireless.wifi-iface' - option title 'PEAP-Identity' - list depends 'mode=sta,encryption=wpa2i,eap_type=PEAP' + option title 'Identity' + list depends 'mode=sta,encryption=wpa2,eap_type=PEAP' list depends 'mode=sta,encryption=wpa,eap_type=PEAP' + list depends 'mode=sta,encryption=wpa2,eap_type=TTLS' + list depends 'mode=sta,encryption=wpa,eap_type=TTLS' config variable option name 'password' option section 'wireless.wifi-iface' - option title 'PEAP-Password' - list depends 'mode=sta,encryption=wpa2i,eap_type=PEAP' + option title 'Password' + list depends 'mode=sta,encryption=wpa2,eap_type=PEAP' list depends 'mode=sta,encryption=wpa,eap_type=PEAP' + list depends 'mode=sta,encryption=wpa2,eap_type=TTLS' + list depends 'mode=sta,encryption=wpa,eap_type=TTLS' diff --git a/modules/admin-full/luasrc/model/cbi/admin_network/wifi.lua b/modules/admin-full/luasrc/model/cbi/admin_network/wifi.lua index 7ba6dd2608..08861448eb 100644 --- a/modules/admin-full/luasrc/model/cbi/admin_network/wifi.lua +++ b/modules/admin-full/luasrc/model/cbi/admin_network/wifi.lua @@ -288,18 +288,18 @@ if hwtype == "atheros" or hwtype == "mac80211" then encr:value("psk", "WPA-PSK") encr:value("psk2", "WPA2-PSK") encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="sta"}) - encr:value("wpa2i", "WPA2-EAP", {mode="ap"}, {mode="sta"}) + encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="sta"}) elseif hostapd and not supplicant then encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="adhoc"}, {mode="ahdemo"}) encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="adhoc"}, {mode="ahdemo"}) encr:value("wpa", "WPA-EAP", {mode="ap"}) - encr:value("wpa2i", "WPA2-EAP", {mode="ap"}) + encr:value("wpa2", "WPA2-EAP", {mode="ap"}) encr.description = translate("wifi_wpareq") elseif not hostapd and supplicant then encr:value("psk", "WPA-PSK", {mode="sta"}) encr:value("psk2", "WPA2-PSK", {mode="sta"}) encr:value("wpa", "WPA-EAP", {mode="sta"}) - encr:value("wpa2i", "WPA2-EAP", {mode="sta"}) + encr:value("wpa2", "WPA2-EAP", {mode="sta"}) encr.description = translate("wifi_wpareq") else encr.description = translate("wifi_wpareq") @@ -315,12 +315,12 @@ encr:depends("mode", "wds") server = s:option(Value, "server", translate("a_w_radiussrv")) server:depends({mode="ap", encryption="wpa"}) -server:depends({mode="ap", encryption="wpa2i"}) +server:depends({mode="ap", encryption="wpa2"}) server.rmempty = true port = s:option(Value, "port", translate("a_w_radiusport")) port:depends({mode="ap", encryption="wpa"}) -port:depends({mode="ap", encryption="wpa2i"}) +port:depends({mode="ap", encryption="wpa2"}) port.rmempty = true key = s:option(Value, "key", translate("key")) @@ -328,45 +328,57 @@ key:depends("encryption", "wep") key:depends("encryption", "psk") key:depends({mode="ap", encryption="wpa"}) key:depends("encryption", "psk2") -key:depends({mode="ap", encryption="wpa2i"}) +key:depends({mode="ap", encryption="wpa2"}) key.rmempty = true if hwtype == "atheros" or hwtype == "mac80211" then nasid = s:option(Value, "nasid", translate("a_w_nasid")) nasid:depends({mode="ap", encryption="wpa"}) - nasid:depends({mode="ap", encryption="wpa2i"}) + nasid:depends({mode="ap", encryption="wpa2"}) nasid.rmempty = true eaptype = s:option(ListValue, "eap_type", translate("a_w_eaptype")) eaptype:value("TLS") + eaptype:value("TTLS") eaptype:value("PEAP") eaptype:depends({mode="sta", encryption="wpa"}) - eaptype:depends({mode="sta", encryption="wpa2i"}) + eaptype:depends({mode="sta", encryption="wpa2"}) cacert = s:option(FileUpload, "ca_cert", translate("a_w_cacert")) cacert:depends({mode="sta", encryption="wpa"}) - cacert:depends({mode="sta", encryption="wpa2i"}) + cacert:depends({mode="sta", encryption="wpa2"}) privkey = s:option(FileUpload, "priv_key", translate("a_w_tlsprivkey")) - privkey:depends({mode="sta", eap_type="TLS", encryption="wpa2i"}) + privkey:depends({mode="sta", eap_type="TLS", encryption="wpa2"}) privkey:depends({mode="sta", eap_type="TLS", encryption="wpa"}) privkeypwd = s:option(Value, "priv_key_pwd", translate("a_w_tlsprivkeypwd")) - privkeypwd:depends({mode="sta", eap_type="TLS", encryption="wpa2i"}) + privkeypwd:depends({mode="sta", eap_type="TLS", encryption="wpa2"}) privkeypwd:depends({mode="sta", eap_type="TLS", encryption="wpa"}) auth = s:option(Value, "auth", translate("a_w_peapauth")) - auth:depends({mode="sta", eap_type="PEAP", encryption="wpa2i"}) + auth:value("PAP") + auth:value("CHAP") + auth:value("MSCHAP") + auth:value("MSCHAPV2") + auth:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) auth:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + auth:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + auth:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) + identity = s:option(Value, "identity", translate("a_w_peapidentity")) - identity:depends({mode="sta", eap_type="PEAP", encryption="wpa2i"}) + identity:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) identity:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + identity:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + identity:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) password = s:option(Value, "password", translate("a_w_peappassword")) - password:depends({mode="sta", eap_type="PEAP", encryption="wpa2i"}) + password:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) password:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + password:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + password:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) end diff --git a/modules/admin-mini/luasrc/model/cbi/mini/wifi.lua b/modules/admin-mini/luasrc/model/cbi/mini/wifi.lua index e1d5b396bf..e87e7ed6e0 100644 --- a/modules/admin-mini/luasrc/model/cbi/mini/wifi.lua +++ b/modules/admin-mini/luasrc/model/cbi/mini/wifi.lua @@ -224,17 +224,21 @@ if hwtype == "atheros" or hwtype == "mac80211" then if hostapd and supplicant then encr:value("psk", "WPA-PSK") encr:value("psk2", "WPA2-PSK") - encr:value("wpa", "WPA-Radius", {mode="ap"}) - encr:value("wpa2i", "WPA2-Radius", {mode="ap"}) + encr:value("mixed", "WPA-PSK/WPA2-PSK Mixed Mode") + encr:value("wpa", "WPA-Radius", {mode="ap"}, {mode="sta"}) + encr:value("wpa2", "WPA2-Radius", {mode="ap"}, {mode="sta"}) elseif hostapd and not supplicant then encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="adhoc"}) encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="adhoc"}) encr:value("wpa", "WPA-Radius", {mode="ap"}) - encr:value("wpa2i", "WPA2-Radius", {mode="ap"}) + encr:value("wpa2", "WPA2-Radius", {mode="ap"}) encr.description = translate("wifi_wpareq") elseif not hostapd and supplicant then encr:value("psk", "WPA-PSK", {mode="sta"}) encr:value("psk2", "WPA2-PSK", {mode="sta"}) + encr:value("mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="sta"}) + encr:value("wpa", "WPA-EAP", {mode="sta"}) + encr:value("wpa2", "WPA2-EAP", {mode="sta"}) encr.description = translate("wifi_wpareq") else encr.description = translate("wifi_wpareq") @@ -247,22 +251,73 @@ end key = s:option(Value, "key", translate("key")) key:depends("encryption", "wep") key:depends("encryption", "psk") -key:depends("encryption", "wpa") +key:depends({mode="ap", encryption="wpa"}) key:depends("encryption", "psk2") -key:depends("encryption", "wpa2i") +key:depends({mode="ap", encryption="wpa2"}) key.rmempty = true server = s:option(Value, "server", translate("a_w_radiussrv")) -server:depends("encryption", "wpa") -server:depends("encryption", "wpa2i") +server:depends({mode="ap", encryption="wpa"}) +server:depends({mode="ap", encryption="wpa2"}) server.rmempty = true port = s:option(Value, "port", translate("a_w_radiusport")) -port:depends("encryption", "wpa") -port:depends("encryption", "wpa2i") +port:depends({mode="ap", encryption="wpa"}) +port:depends({mode="ap", encryption="wpa2"}) port.rmempty = true +if hwtype == "atheros" or hwtype == "mac80211" then + nasid = s:option(Value, "nasid", translate("a_w_nasid")) + nasid:depends({mode="ap", encryption="wpa"}) + nasid:depends({mode="ap", encryption="wpa2"}) + nasid.rmempty = true + + eaptype = s:option(ListValue, "eap_type", translate("a_w_eaptype")) + eaptype:value("TLS") + eaptype:value("TTLS") + eaptype:value("PEAP") + eaptype:depends({mode="sta", encryption="wpa"}) + eaptype:depends({mode="sta", encryption="wpa2"}) + + cacert = s:option(FileUpload, "ca_cert", translate("a_w_cacert")) + cacert:depends({mode="sta", encryption="wpa"}) + cacert:depends({mode="sta", encryption="wpa2"}) + + privkey = s:option(FileUpload, "priv_key", translate("a_w_tlsprivkey")) + privkey:depends({mode="sta", eap_type="TLS", encryption="wpa2"}) + privkey:depends({mode="sta", eap_type="TLS", encryption="wpa"}) + + privkeypwd = s:option(Value, "priv_key_pwd", translate("a_w_tlsprivkeypwd")) + privkeypwd:depends({mode="sta", eap_type="TLS", encryption="wpa2"}) + privkeypwd:depends({mode="sta", eap_type="TLS", encryption="wpa"}) + + + auth = s:option(Value, "auth", translate("a_w_peapauth")) + auth:value("PAP") + auth:value("CHAP") + auth:value("MSCHAP") + auth:value("MSCHAPV2") + auth:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) + auth:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + auth:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + auth:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) + + + identity = s:option(Value, "identity", translate("a_w_peapidentity")) + identity:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) + identity:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + identity:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + identity:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) + + password = s:option(Value, "password", translate("a_w_peappassword")) + password:depends({mode="sta", eap_type="PEAP", encryption="wpa2"}) + password:depends({mode="sta", eap_type="PEAP", encryption="wpa"}) + password:depends({mode="sta", eap_type="TTLS", encryption="wpa2"}) + password:depends({mode="sta", eap_type="TTLS", encryption="wpa"}) +end + + if hwtype == "atheros" or hwtype == "broadcom" then iso = s:option(Flag, "isolate", translate("a_w_apisolation"), translate("a_w_apisolation1")) iso.rmempty = true -- 2.30.2