Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

luci-mod-network: Add WPA3 SAE support #2537

Merged
merged 2 commits into from Mar 10, 2019
Merged

luci-mod-network: Add WPA3 SAE support #2537

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9627dbd
luci-mod-network: wifi: Add WPA3 SAE support
hauke Feb 17, 2019
526ac93
luci-mod-network: wifi: Add OWE support
hauke Feb 17, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
62 changes: 45 additions & 17 deletions modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua
View file
Open in desktop
Expand Up @@ -674,23 +674,44 @@ if hwtype == "mac80211" or hwtype == "prism2" then
local has_ap_eap = (os.execute("hostapd -veap >/dev/null 2>/dev/null") == 0)
local has_sta_eap = (os.execute("wpa_supplicant -veap >/dev/null 2>/dev/null") == 0)

-- Probe SAE support
local has_ap_sae = (os.execute("hostapd -vsae >/dev/null 2>/dev/null") == 0)
local has_sta_sae = (os.execute("wpa_supplicant -vsae >/dev/null 2>/dev/null") == 0)

-- Probe OWE support
local has_ap_owe = (os.execute("hostapd -vowe >/dev/null 2>/dev/null") == 0)
local has_sta_owe = (os.execute("wpa_supplicant -vowe >/dev/null 2>/dev/null") == 0)

if hostapd and supplicant then
encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("sae", "SAE", {mode="mesh"})
if has_ap_sae and has_sta_sae then
encr:value("sae", "WPA3-SAE", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="mesh"})
encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
end
if has_ap_eap and has_sta_eap then
encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
end
if has_ap_owe and has_sta_owe then
encr:value("owe", "OWE", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
end
elseif hostapd and not supplicant then
encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="ap-wds"})
encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="ap-wds"})
encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="ap-wds"})
if has_ap_sae then
encr:value("sae", "WPA3-SAE", {mode="ap"}, {mode="ap-wds"})
encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="ap"}, {mode="ap-wds"})
end
if has_ap_eap then
encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="ap-wds"})
encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="ap-wds"})
end
if has_ap_owe then
encr:value("owe", "OWE", {mode="ap"}, {mode="ap-wds"})
end
encr.description = translate(
"WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
"and ad-hoc mode) to be installed."
Expand All @@ -699,11 +720,17 @@ if hwtype == "mac80211" or hwtype == "prism2" then
encr:value("psk", "WPA-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("psk2", "WPA2-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
encr:value("sae", "SAE", {mode="mesh"})
if has_sta_sae then
encr:value("sae", "WPA3-SAE", {mode="sta"}, {mode="sta-wds"}, {mode="mesh"})
encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="sta"}, {mode="sta-wds"})
end
if has_sta_eap then
encr:value("wpa", "WPA-EAP", {mode="sta"}, {mode="sta-wds"})
encr:value("wpa2", "WPA2-EAP", {mode="sta"}, {mode="sta-wds"})
end
if has_sta_owe then
encr:value("owe", "OWE", {mode="sta"}, {mode="sta-wds"})
end
encr.description = translate(
"WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
"and ad-hoc mode) to be installed."
Expand Down Expand Up @@ -797,6 +824,8 @@ wpakey:depends("encryption", "psk")
wpakey:depends("encryption", "psk2")
wpakey:depends("encryption", "psk+psk2")
wpakey:depends("encryption", "psk-mixed")
wpakey:depends("encryption", "sae")
wpakey:depends("encryption", "sae-mixed")
wpakey.datatype = "wpakey"
wpakey.rmempty = true
wpakey.password = true
Expand Down Expand Up @@ -852,21 +881,6 @@ for slot=1,4 do
end
end

saekey = s:taboption("encryption", Value, "_sae_key", translate("Key"))
saekey:depends("encryption", "sae")
saekey.rmempty = true
saekey.datatype = "wpakey"
saekey.password = true

saekey.cfgvalue = function(self, section, value)
local key = m.uci:get("wireless", section, "key")
return key
end

saekey.write = function(self, section, value)
self.map.uci:set("wireless", section, "key", value)
end

if hwtype == "mac80211" or hwtype == "prism2" then

-- Probe 802.11r support (and EAP support as a proxy for Openwrt)
Expand All @@ -884,9 +898,13 @@ if hwtype == "mac80211" or hwtype == "prism2" then
ieee80211r:depends({mode="ap", encryption="psk"})
ieee80211r:depends({mode="ap", encryption="psk2"})
ieee80211r:depends({mode="ap", encryption="psk-mixed"})
ieee80211r:depends({mode="ap", encryption="sae"})
ieee80211r:depends({mode="ap", encryption="sae-mixed"})
ieee80211r:depends({mode="ap-wds", encryption="psk"})
ieee80211r:depends({mode="ap-wds", encryption="psk2"})
ieee80211r:depends({mode="ap-wds", encryption="psk-mixed"})
ieee80211r:depends({mode="ap-wds", encryption="sae"})
ieee80211r:depends({mode="ap-wds", encryption="sae-mixed"})
end
ieee80211r.rmempty = true

Expand Down Expand Up @@ -1124,8 +1142,14 @@ if hwtype == "mac80211" then
ieee80211w:depends({mode="ap-wds", encryption="wpa2"})
ieee80211w:depends({mode="ap", encryption="psk2"})
ieee80211w:depends({mode="ap", encryption="psk-mixed"})
ieee80211w:depends({mode="ap", encryption="sae"})
ieee80211w:depends({mode="ap", encryption="sae-mixed"})
ieee80211w:depends({mode="ap", encryption="owe"})
ieee80211w:depends({mode="ap-wds", encryption="psk2"})
ieee80211w:depends({mode="ap-wds", encryption="psk-mixed"})
ieee80211w:depends({mode="ap-wds", encryption="sae"})
ieee80211w:depends({mode="ap-wds", encryption="sae-mixed"})
ieee80211w:depends({mode="ap-wds", encryption="owe"})

max_timeout = s:taboption("encryption", Value, "ieee80211w_max_timeout",
translate("802.11w maximum timeout"),
Expand Down Expand Up @@ -1153,9 +1177,13 @@ if hwtype == "mac80211" then
key_retries:depends({mode="ap", encryption="wpa2"})
key_retries:depends({mode="ap", encryption="psk2"})
key_retries:depends({mode="ap", encryption="psk-mixed"})
key_retries:depends({mode="ap", encryption="sae"})
key_retries:depends({mode="ap", encryption="sae-mixed"})
key_retries:depends({mode="ap-wds", encryption="wpa2"})
key_retries:depends({mode="ap-wds", encryption="psk2"})
key_retries:depends({mode="ap-wds", encryption="psk-mixed"})
key_retries:depends({mode="ap-wds", encryption="sae"})
key_retries:depends({mode="ap-wds", encryption="sae-mixed"})
end

if hwtype == "mac80211" or hwtype == "prism2" then
Expand Down