summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorDirk Brenken <dev@brenken.org>2017-12-13 20:21:57 +0100
committerDirk Brenken <dev@brenken.org>2017-12-13 20:26:02 +0100
commitc67066ebbf2fcd6b3c82ba2145404a6246b2e33f (patch)
treee91bed82c6c7717ff781876493e4de8e3b2135ab
parentc7b39ae08f29f49b8b014054161b8b34a4cda8fb (diff)
luci-app-travelmate: enhance wireless security connection settings
* fix wpa enterprise options * add various wpa / wep options Signed-off-by: Dirk Brenken <dev@brenken.org>
-rw-r--r--applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_add.lua120
-rw-r--r--applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_edit.lua147
-rw-r--r--applications/luci-app-travelmate/luasrc/view/travelmate/wifi_scan.htm8
3 files changed, 206 insertions, 69 deletions
diff --git a/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_add.lua b/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_add.lua
index 921e1b8323..31869478fa 100644
--- a/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_add.lua
+++ b/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_add.lua
@@ -5,7 +5,6 @@ local fs = require("nixio.fs")
local uci = require("luci.model.uci").cursor()
local http = require("luci.http")
local trmiface = uci.get("travelmate", "global", "trm_iface") or "trm_wwan"
-local val = ""
m = SimpleForm("add", translate("Add Wireless Uplink Configuration"))
m.submit = translate("Save")
@@ -38,35 +37,88 @@ bssid.datatype = "macaddr"
bssid.default = m.hidden.bssid or ""
if (tonumber(m.hidden.wep) or 0) == 1 then
- wkey = m:field(Value, "key", translate("WEP passphrase"),
- translate("Specify the secret encryption key here."))
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("wep", "WEP")
+ encr:value("wep+open", "WEP Open System")
+ encr:value("wep+mixed", "WEP mixed")
+ encr:value("wep+shared", "WEP Shared Key")
+ encr.default = "wep+open"
+
+ wkey = m:field(Value, "key", translate("WEP-Passphrase"))
wkey.password = true
wkey.datatype = "wepkey"
elseif (tonumber(m.hidden.wpa_version) or 0) > 0 then
if m.hidden.wpa_suites == "PSK" or m.hidden.wpa_suites == "PSK2" then
- wkey = m:field(Value, "key", translate("WPA passphrase"),
- translate("Specify the secret encryption key here."))
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("psk", "WPA PSK")
+ encr:value("psk-mixed", "WPA/WPA2 mixed")
+ encr:value("psk2", "WPA2 PSK")
+ encr.default = "psk2"
+
+ ciph = m:field(ListValue, "cipher", translate("Cipher"))
+ ciph:value("auto", translate("Automatic"))
+ ciph:value("ccmp", translate("Force CCMP (AES)"))
+ ciph:value("tkip", translate("Force TKIP"))
+ ciph:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
+ ciph.default = "auto"
+
+ wkey = m:field(Value, "key", translate("WPA-Passphrase"))
wkey.password = true
wkey.datatype = "wpakey"
elseif m.hidden.wpa_suites == "802.1X" then
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("wpa", "WPA Enterprise")
+ encr:value("wpa-mixed", "WPA/WPA2 Enterprise mixed")
+ encr:value("wpa2", "WPA2 Enterprise")
+ encr.default = "wpa2"
+
+ ciph = m:field(ListValue, "cipher", translate("Cipher"))
+ ciph:value("auto", translate("Automatic"))
+ ciph:value("ccmp", translate("Force CCMP (AES)"))
+ ciph:value("tkip", translate("Force TKIP"))
+ ciph:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
+ ciph.default = "auto"
+
eaptype = m:field(ListValue, "eap_type", translate("EAP-Method"))
- eaptype:value("TLS")
- eaptype:value("TTLS")
- eaptype:value("PEAP")
- eaptype.default = "PEAP"
+ eaptype:value("tls", "TLS")
+ eaptype:value("ttls", "TTLS")
+ eaptype:value("peap", "PEAP")
+ eaptype:value("fast", "FAST")
+ eaptype.default = "peap"
authentication = m:field(ListValue, "auth", translate("Authentication"))
authentication:value("PAP")
authentication:value("CHAP")
authentication:value("MSCHAP")
authentication:value("MSCHAPV2")
- authentication.default = "MSCHAPV2"
+ authentication:value("EAP-GTC")
+ authentication:value("EAP-MD5")
+ authentication:value("EAP-MSCHAPV2")
+ authentication:value("EAP-TLS")
+ authentication.default = "EAP-MSCHAPV2"
ident = m:field(Value, "identity", translate("Identity"))
- pass = m:field(Value, "password", translate("Password"))
- pass.datatype = "wpakey"
- pass.password = true
+ wkey = m:field(Value, "password", translate("Password"))
+ wkey.password = true
+ wkey.datatype = "wpakey"
+
+ cacert = m:field(Value, "ca_cert", translate("Path to CA-Certificate"))
+ cacert.rmempty = true
+
+ clientcert = m:field(Value, "client_cert", translate("Path to Client-Certificate"))
+ clientcert:depends("eap_type","tls")
+ clientcert.rmempty = true
+
+ privkey = m:field(Value, "priv_key", translate("Path to Private Key"))
+ privkey:depends("eap_type","tls")
+ privkey.rmempty = true
+
+ privkeypwd = m:field(Value, "priv_key_pwd", translate("Password of Private Key"))
+ privkeypwd:depends("eap_type","tls")
+ privkeypwd.datatype = "wpakey"
+ privkeypwd.password = true
+ privkeypwd.rmempty = true
end
end
@@ -79,34 +131,32 @@ function wssid.write(self, section, value)
bssid = bssid:formvalue(section),
disabled = "1"
})
- if wkey ~= nil then
- val = wkey:formvalue(section)
- if val == "" then
- val = "changeme"
- end
- end
+
if (tonumber(m.hidden.wep) or 0) == 1 then
- uci:set("wireless", newsection, "encryption", "wep-open")
- uci:set("wireless", newsection, "key", "1")
- uci:set("wireless", newsection, "key1", val)
+ uci:set("wireless", newsection, "encryption", encr:formvalue(section))
+ uci:set("wireless", newsection, "key", wkey:formvalue(section) or "")
elseif (tonumber(m.hidden.wpa_version) or 0) > 0 then
if m.hidden.wpa_suites == "PSK" or m.hidden.wpa_suites == "PSK2" then
- uci:set("wireless", newsection, "encryption", "psk2")
- uci:set("wireless", newsection, "key", val)
+ if ciph:formvalue(section) ~= "auto" then
+ uci:set("wireless", newsection, "encryption", encr:formvalue(section) .. "+" .. ciph:formvalue(section))
+ else
+ uci:set("wireless", newsection, "encryption", encr:formvalue(section))
+ end
+ uci:set("wireless", newsection, "key", wkey:formvalue(section) or "")
elseif m.hidden.wpa_suites == "802.1X" then
- uci:set("wireless", newsection, "encryption", "wpa2")
+ if ciph:formvalue(section) ~= "auto" then
+ uci:set("wireless", newsection, "encryption", encr:formvalue(section) .. "+" .. ciph:formvalue(section))
+ else
+ uci:set("wireless", newsection, "encryption", encr:formvalue(section))
+ end
uci:set("wireless", newsection, "eap_type", eaptype:formvalue(section))
uci:set("wireless", newsection, "auth", authentication:formvalue(section))
- val = ident:formvalue(section)
- if val == "" then
- val = "changeme"
- end
- uci:set("wireless", newsection, "identity", val)
- val = pass:formvalue(section)
- if val == "" then
- val = "changeme"
- end
- uci:set("wireless", newsection, "password", val)
+ uci:set("wireless", newsection, "identity", ident:formvalue(section) or "")
+ uci:set("wireless", newsection, "password", wkey:formvalue(section) or "")
+ uci:set("wireless", newsection, "ca_cert", cacert:formvalue(section) or "")
+ uci:set("wireless", newsection, "client_cert", clientcert:formvalue(section) or "")
+ uci:set("wireless", newsection, "priv_key", privkey:formvalue(section) or "")
+ uci:set("wireless", newsection, "priv_key_pwd", privkeypwd:formvalue(section) or "")
end
else
uci:set("wireless", newsection, "encryption", "none")
diff --git a/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_edit.lua b/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_edit.lua
index 1baca5be40..64659d65e6 100644
--- a/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_edit.lua
+++ b/applications/luci-app-travelmate/luasrc/model/cbi/travelmate/wifi_edit.lua
@@ -4,7 +4,6 @@
local fs = require("nixio.fs")
local uci = require("luci.model.uci").cursor()
local http = require("luci.http")
-local val = ""
m = SimpleForm("edit", translate("Edit Wireless Uplink Configuration"))
m.submit = translate("Save")
@@ -27,23 +26,103 @@ if s ~= nil then
bssid = m:field(Value, "bssid", translate("BSSID"))
bssid.datatype = "macaddr"
bssid.default = s.bssid
- if s.identity then
- ident = m:field(Value, "identity", translate("Identity"))
- ident.default = s.identity
- end
- if s.encryption and s.key then
- wkey = m:field(Value, "key", translatef("Passphrase (%s)", s.encryption))
- elseif s.encryption and s.password then
- wkey = m:field(Value, "password", translatef("Passphrase (%s)", s.encryption))
+
+ if string.match(s.encryption, '\+') and not string.match(s.encryption, '^wep') then
+ s.pos = string.find(s.encryption, '\+')
+ s.cipher = string.sub(s.encryption, s.pos + 1)
+ s.encryption = string.sub(s.encryption, 0, s.pos - 1)
+ else
+ s.cipher = "auto"
end
- if s.encryption and (s.key or s.password) then
- wkey.password = true
- wkey.default = s.key or s.password
- if s.encryption == "wep" then
+
+ if s.encryption and s.encryption ~= "none" then
+ if string.match(s.encryption, '^wep') then
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("wep", "WEP")
+ encr:value("wep+open", "WEP Open System")
+ encr:value("wep+mixed", "WEP mixed")
+ encr:value("wep+shared", "WEP Shared Key")
+ encr.default = s.encryption
+
+ wkey = m:field(Value, "key", translate("Passphrase"))
wkey.datatype = "wepkey"
- else
+ elseif string.match(s.encryption, '^psk') then
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("psk", "WPA PSK")
+ encr:value("psk-mixed", "WPA/WPA2 mixed")
+ encr:value("psk2", "WPA2 PSK")
+ encr.default = s.encryption
+
+ ciph = m:field(ListValue, "cipher", translate("Cipher"))
+ ciph:value("auto", translate("Automatic"))
+ ciph:value("ccmp", translate("Force CCMP (AES)"))
+ ciph:value("tkip", translate("Force TKIP"))
+ ciph:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
+ ciph.default = s.cipher
+
+ wkey = m:field(Value, "key", translate("Passphrase"))
+ wkey.datatype = "wpakey"
+ elseif string.match(s.encryption, '^wpa') then
+ encr = m:field(ListValue, "encryption", translate("Encryption"))
+ encr:value("wpa", "WPA Enterprise")
+ encr:value("wpa-mixed", "WPA/WPA2 Enterprise mixed")
+ encr:value("wpa2", "WPA2 Enterprise")
+ encr.default = s.encryption
+
+ ciph = m:field(ListValue, "cipher", translate("Cipher"))
+ ciph:value("auto", translate("Automatic"))
+ ciph:value("ccmp", translate("Force CCMP (AES)"))
+ ciph:value("tkip", translate("Force TKIP"))
+ ciph:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
+ ciph.default = s.cipher
+
+ eaptype = m:field(ListValue, "eap_type", translate("EAP-Method"))
+ eaptype:value("tls", "TLS")
+ eaptype:value("ttls", "TTLS")
+ eaptype:value("peap", "PEAP")
+ eaptype:value("fast", "FAST")
+ eaptype.default = s.eap_type or "peap"
+
+ authentication = m:field(ListValue, "auth", translate("Authentication"))
+ authentication:value("PAP")
+ authentication:value("CHAP")
+ authentication:value("MSCHAP")
+ authentication:value("MSCHAPV2")
+ authentication:value("EAP-GTC")
+ authentication:value("EAP-MD5")
+ authentication:value("EAP-MSCHAPV2")
+ authentication:value("EAP-TLS")
+ authentication.default = s.auth or "EAP-MSCHAPV2"
+
+ ident = m:field(Value, "identity", translate("Identity"))
+ ident.default = s.identity or ""
+
+ wkey = m:field(Value, "password", translate("Passphrase"))
wkey.datatype = "wpakey"
+
+ cacert = m:field(Value, "ca_cert", translate("Path to CA-Certificate"))
+ cacert.rmempty = true
+ cacert.default = s.ca_cert or ""
+
+ clientcert = m:field(Value, "client_cert", translate("Path to Client-Certificate"))
+ clientcert:depends("eap_type","tls")
+ clientcert.rmempty = true
+ clientcert.default = s.client_cert or ""
+
+ privkey = m:field(Value, "priv_key", translate("Path to Private Key"))
+ privkey:depends("eap_type","tls")
+ privkey.rmempty = true
+ privkey.default = s.priv_key or ""
+
+ privkeypwd = m:field(Value, "priv_key_pwd", translate("Password of Private Key"))
+ privkeypwd:depends("eap_type","tls")
+ privkeypwd.datatype = "wpakey"
+ privkeypwd.password = true
+ privkeypwd.rmempty = true
+ privkeypwd.default = s.priv_key_pwd or ""
end
+ wkey.password = true
+ wkey.default = s.key or s.password
end
else
m.on_cancel()
@@ -52,23 +131,31 @@ end
function wssid.write(self, section, value)
uci:set("wireless", m.hidden.cfg, "ssid", wssid:formvalue(section))
uci:set("wireless", m.hidden.cfg, "bssid", bssid:formvalue(section))
- if s.identity then
- val = ident:formvalue(section)
- if val == "" then
- val = "changeme"
- end
- uci:set("wireless", m.hidden.cfg, "identity", val)
- end
-
if s.encryption and s.encryption ~= "none" then
- val = wkey:formvalue(section)
- if val == "" then
- val = "changeme"
- end
- if s.key then
- uci:set("wireless", m.hidden.cfg, "key", val)
- elseif s.password then
- uci:set("wireless", m.hidden.cfg, "password", val)
+ if string.match(s.encryption, '^wep') then
+ uci:set("wireless", m.hidden.cfg, "encryption", encr:formvalue(section))
+ uci:set("wireless", m.hidden.cfg, "key", wkey:formvalue(section) or "")
+ elseif string.match(s.encryption, '^psk') then
+ if ciph:formvalue(section) ~= "auto" then
+ uci:set("wireless", m.hidden.cfg, "encryption", encr:formvalue(section) .. "+" .. ciph:formvalue(section))
+ else
+ uci:set("wireless", m.hidden.cfg, "encryption", encr:formvalue(section))
+ end
+ uci:set("wireless", m.hidden.cfg, "key", wkey:formvalue(section) or "")
+ elseif string.match(s.encryption, '^wpa') then
+ if ciph:formvalue(section) ~= "auto" then
+ uci:set("wireless", m.hidden.cfg, "encryption", encr:formvalue(section) .. "+" .. ciph:formvalue(section))
+ else
+ uci:set("wireless", m.hidden.cfg, "encryption", encr:formvalue(section))
+ end
+ uci:set("wireless", m.hidden.cfg, "eap_type", eaptype:formvalue(section))
+ uci:set("wireless", m.hidden.cfg, "auth", authentication:formvalue(section))
+ uci:set("wireless", m.hidden.cfg, "identity", ident:formvalue(section) or "")
+ uci:set("wireless", m.hidden.cfg, "password", wkey:formvalue(section) or "")
+ uci:set("wireless", m.hidden.cfg, "ca_cert", cacert:formvalue(section) or "")
+ uci:set("wireless", m.hidden.cfg, "client_cert", clientcert:formvalue(section) or "")
+ uci:set("wireless", m.hidden.cfg, "priv_key", privkey:formvalue(section) or "")
+ uci:set("wireless", m.hidden.cfg, "priv_key_pwd", privkeypwd:formvalue(section) or "")
end
end
uci:save("wireless")
diff --git a/applications/luci-app-travelmate/luasrc/view/travelmate/wifi_scan.htm b/applications/luci-app-travelmate/luasrc/view/travelmate/wifi_scan.htm
index 68ca63f459..aea194cde2 100644
--- a/applications/luci-app-travelmate/luasrc/view/travelmate/wifi_scan.htm
+++ b/applications/luci-app-travelmate/luasrc/view/travelmate/wifi_scan.htm
@@ -17,7 +17,7 @@ This is free software, licensed under the Apache License, Version 2.0
if info.wep == true then
return translate("WEP")
elseif info.wpa > 0 then
- return translate("WPA/WPA2 - " .. table.concat(info.auth_suites))
+ return translatef("%s (%s/%s)", (info.wpa == 3) and translate("WPA/WPA2") or (info.wpa == 2 and "WPA2" or "WPA"), table.concat(info.auth_suites), table.concat(info.group_ciphers))
elseif info.enabled then
return translate("Unknown")
else
@@ -70,9 +70,9 @@ This is free software, licensed under the Apache License, Version 2.0
<input type="hidden" name="bssid" value="<%=utl.pcdata(net.bssid)%>"/>
<input type="hidden" name="wep" value="<%=net.encryption.wep and 1 or 0%>"/>
<% if net.encryption.wpa then %>
- <input type="hidden" name="wpa_version" value="<%=net.encryption.wpa%>"/>
- <% for _, v in ipairs(net.encryption.auth_suites) do %><input type="hidden" name="wpa_suites" value="<%=v%>"/>
- <% end; end %>
+ <input type="hidden" name="wpa_version" value="<%=net.encryption.wpa%>"/>
+ <% for _, v in ipairs(net.encryption.auth_suites) do %><input type="hidden" name="wpa_suites" value="<%=v%>"/><% end %>
+ <% end %>
<input class="cbi-button cbi-button-apply" type="submit" value="<%:Add Uplink%>"/>
</form>
</td>