summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-mod-network/htdocs
diff options
context:
space:
mode:
authorFlorian Eckert <fe@dev.tdt.de>2020-01-15 11:47:05 +0100
committerGitHub <noreply@github.com>2020-01-15 11:47:05 +0100
commit4536a1f1a9f79b20e2c3a658d964df3b54c7dd9c (patch)
treebfceda0d4a07ccb875a1c0d2d62a027eb4622141 /modules/luci-mod-network/htdocs
parent5ce29c827a94dd52f152426e0576cb0c0ed45c12 (diff)
parentd9e88c2072967ae4d0b92de9ad650e9c8a678e41 (diff)
Merge pull request #3444 from swg0101/subjectvalidation
luci-mod-network: add certificate subj validation
Diffstat (limited to 'modules/luci-mod-network/htdocs')
-rw-r--r--modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js48
1 files changed, 48 insertions, 0 deletions
diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
index 61838a2363..54786d36a0 100644
--- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
+++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
@@ -1434,6 +1434,30 @@ return L.view.extend({
o.depends({ mode: 'sta-wds', encryption: 'wpa' });
o.depends({ mode: 'sta-wds', encryption: 'wpa2' });
+ o = ss.taboption('encryption', form.Value, 'subject_match', _('Certificate constraint (Subject)'), _("Certificate constraint substring - e.g. /CN=wifi.mycompany.com<br />See `logread -f` during handshake for actual values"));
+ o.depends({ mode: 'sta', encryption: 'wpa' });
+ o.depends({ mode: 'sta', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'altsubject_match', _('Certificate constraint (SAN)'), _("Certificate constraint(s) via Subject Alternate Name values<br />(supported attributes: EMAIL, DNS, URI) - e.g. DNS:wifi.mycompany.com"));
+ o.depends({ mode: 'sta', encryption: 'wpa' });
+ o.depends({ mode: 'sta', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'domain_match', _('Certificate constraint (Domain)'), _("Certificate constraint(s) against DNS SAN values (if available)<br />or Subject CN (exact match)"));
+ o.depends({ mode: 'sta', encryption: 'wpa' });
+ o.depends({ mode: 'sta', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'domain_suffix_match', _('Certificate constraint (Wildcard)'), _("Certificate constraint(s) against DNS SAN values (if available)<br />or Subject CN (suffix match)"));
+ o.depends({ mode: 'sta', encryption: 'wpa' });
+ o.depends({ mode: 'sta', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', encryption: 'wpa2' });
+
o = ss.taboption('encryption', form.FileUpload, 'client_cert', _('Path to Client-Certificate'));
o.depends({ mode: 'sta', eap_type: 'tls', encryption: 'wpa' });
o.depends({ mode: 'sta', eap_type: 'tls', encryption: 'wpa2' });
@@ -1491,6 +1515,30 @@ return L.view.extend({
o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa' });
o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa2' });
+ o = ss.taboption('encryption', form.Value, 'subject_match2', _('Inner certificate constraint (Subject)'), _("Certificate constraint substring - e.g. /CN=wifi.mycompany.com<br />See `logread -f` during handshake for actual values"));
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'altsubject_match2', _('Inner certificate constraint (SAN)'), _("Certificate constraint(s) via Subject Alternate Name values<br />(supported attributes: EMAIL, DNS, URI) - e.g. DNS:wifi.mycompany.com"));
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'domain_match2', _('Inner certificate constraint (Domain)'), _("Certificate constraint(s) against DNS SAN values (if available)<br />or Subject CN (exact match)"));
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa2' });
+
+ o = ss.taboption('encryption', form.DynamicList, 'domain_suffix_match2', _('Inner certificate constraint (Wildcard)'), _("Certificate constraint(s) against DNS SAN values (if available)<br />or Subject CN (suffix match)"));
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa2' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa' });
+ o.depends({ mode: 'sta-wds', auth: 'EAP-TLS', encryption: 'wpa2' });
+
o = ss.taboption('encryption', form.FileUpload, 'client_cert2', _('Path to inner Client-Certificate'));
o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa' });
o.depends({ mode: 'sta', auth: 'EAP-TLS', encryption: 'wpa2' });