summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-mod-network/luasrc/model
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2019-09-04 17:26:38 +0200
committerJo-Philipp Wich <jo@mein.io>2019-09-10 15:28:16 +0200
commit963b7636b46fd1b9ae47e2317ef491ce1b0ecfd5 (patch)
tree63c6f7ba20e2b88a50b2cf5656906f344fc036a5 /modules/luci-mod-network/luasrc/model
parentdab0a11b7357e5a609906e43fc5699b73ee11dfb (diff)
luci-mod-network: switch to client side wifi configuration pages
Rewrite the wireless network management views in client side JS using ubus rpc calls for the router communication. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'modules/luci-mod-network/luasrc/model')
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua1216
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua168
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua153
3 files changed, 0 insertions, 1537 deletions
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua
deleted file mode 100644
index 2e6c026bb2..0000000000
--- a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua
+++ /dev/null
@@ -1,1216 +0,0 @@
--- Copyright 2008 Steven Barth <steven@midlink.org>
--- Licensed to the public under the Apache License 2.0.
-
-local wa = require "luci.tools.webadmin"
-local nw = require "luci.model.network"
-local ut = require "luci.util"
-local nt = require "luci.sys".net
-local fs = require "nixio.fs"
-
-local acct_port, acct_secret, acct_server, anonymous_identity, ant1, ant2,
- auth, auth_port, auth_secret, auth_server, bssid, cacert, cacert2,
- cc, ch, cipher, clientcert, clientcert2, ea, eaptype, en, encr,
- ft_protocol, ft_psk_generate_local, hidden, htmode, identity,
- ieee80211r, ieee80211w, ifname, isolate, key_retries,
- legacyrates, max_timeout, meshfwd, meshid, ml, mobility_domain, mode,
- mp, nasid, network, password, pmk_r1_push, privkey, privkey2, privkeypwd,
- privkeypwd2, r0_key_lifetime, r0kh, r1_key_holder, r1kh,
- reassociation_deadline, retry_timeout, ssid, st, tp, wepkey, wepslot,
- wmm, wpakey, wps, disassoc_low_ack, short_preamble, beacon_int, dtim_period,
- wparekey, inactivitypool, maxinactivity, listeninterval,
- dae_client, dae_port, dae_port
-
-
-arg[1] = arg[1] or ""
-
-m = Map("wireless", "",
- translate("The <em>Device Configuration</em> section covers physical settings of the radio " ..
- "hardware such as channel, transmit power or antenna selection which are shared among all " ..
- "defined wireless networks (if the radio hardware is multi-SSID capable). Per network settings " ..
- "like encryption or operation mode are grouped in the <em>Interface Configuration</em>."))
-
-m:chain("network")
-m:chain("firewall")
-m.redirect = luci.dispatcher.build_url("admin/network/wireless")
-
-nw.init(m.uci)
-
-local wnet = nw:get_wifinet(arg[1])
-local wdev = wnet and wnet:get_device()
-
--- redirect to overview page if network does not exist anymore (e.g. after a revert)
-if not wnet or not wdev then
- luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless"))
- return
-end
-
-local function txpower_list(iw)
- local list = iw.txpwrlist or { }
- local off = tonumber(iw.txpower_offset) or 0
- local new = { }
- local prev = -1
- local _, val
- for _, val in ipairs(list) do
- local dbm = val.dbm + off
- local mw = math.floor(10 ^ (dbm / 10))
- if mw ~= prev then
- prev = mw
- new[#new+1] = {
- display_dbm = dbm,
- display_mw = mw,
- driver_dbm = val.dbm,
- driver_mw = val.mw
- }
- end
- end
- return new
-end
-
-local function txpower_current(pwr, list)
- pwr = tonumber(pwr)
- if pwr ~= nil then
- local _, item
- for _, item in ipairs(list) do
- if item.driver_dbm >= pwr then
- return item.driver_dbm
- end
- end
- end
- return pwr or ""
-end
-
-local iw = luci.sys.wifi.getiwinfo(arg[1])
-local hw_modes = iw.hwmodelist or { }
-local tx_power_list = txpower_list(iw)
-local tx_power_cur = txpower_current(wdev:get("txpower"), tx_power_list)
-
--- wireless toggle was requested, commit and reload page
-function m.parse(map)
- local new_cc = m:formvalue("cbid.wireless.%s.country" % wdev:name())
- local old_cc = m:get(wdev:name(), "country")
-
- if m:formvalue("cbid.wireless.%s.__toggle" % wdev:name()) then
- if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then
- wnet:set("disabled", nil)
- else
- wnet:set("disabled", "1")
- end
- wdev:set("disabled", nil)
- m.apply_needed = true
- m.redirect = nil
- end
-
- Map.parse(map)
-
- if m:get(wdev:name(), "type") == "mac80211" and new_cc and new_cc ~= old_cc then
- luci.sys.call("iw reg set %s" % ut.shellquote(new_cc))
-
- local old_ch = tonumber(m:formvalue("cbid.wireless.%s._mode_freq.channel" % wdev:name()) or "")
- if old_ch then
- local _, c, new_ch
- for _, c in ipairs(iw.freqlist) do
- if c.channel > old_ch or (old_ch <= 14 and c.channel > 14) then
- break
- end
- new_ch = c.channel
- end
- if new_ch ~= old_ch then
- wdev:set("channel", new_ch)
- m.message = translatef("Channel %d is not available in the %s regulatory domain and has been auto-adjusted to %d.",
- old_ch, new_cc, new_ch)
- end
- end
- end
-
- if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then
- en.title = translate("Wireless network is disabled")
- en.inputtitle = translate("Enable")
- en.inputstyle = "apply"
- else
- en.title = translate("Wireless network is enabled")
- en.inputtitle = translate("Disable")
- en.inputstyle = "reset"
- end
-end
-
-m.title = luci.util.pcdata(wnet:get_i18n())
-
-s = m:section(NamedSection, wdev:name(), "wifi-device", translate("Device Configuration"))
-s.addremove = false
-
-s:tab("general", translate("General Setup"))
-s:tab("macfilter", translate("MAC-Filter"))
-s:tab("advanced", translate("Advanced Settings"))
-
-st = s:taboption("general", DummyValue, "__status", translate("Status"))
-st.template = "admin_network/wifi_status"
-st.ifname = arg[1]
-
-en = s:taboption("general", Button, "__toggle")
-
-local hwtype = wdev:get("type")
-
--- NanoFoo
-local nsantenna = wdev:get("antenna")
-
--- Check whether there are client interfaces on the same radio,
--- if yes, lock the channel choice as these stations will dicatate the freq
-local found_sta = nil
-local _, net
-if wnet:mode() ~= "sta" then
- for _, net in ipairs(wdev:get_wifinets()) do
- if net:mode() == "sta" and net:get("disabled") ~= "1" then
- if not found_sta then
- found_sta = {}
- found_sta.channel = net:channel()
- found_sta.names = {}
- end
- found_sta.names[#found_sta.names+1] = net:shortname()
- end
- end
-end
-
-if found_sta then
- ch = s:taboption("general", DummyValue, "choice", translate("Channel"))
- ch.value = translatef("Locked to channel %s used by: %s",
- found_sta.channel or "(auto)", table.concat(found_sta.names, ", "))
-else
- ch = s:taboption("general", Value, "_mode_freq", '<br />'..translate("Operating frequency"))
- ch.iwinfo = iw
- ch.hostapd_acs = (os.execute("hostapd -vacs >/dev/null 2>/dev/null") == 0)
- ch.template = "cbi/wireless_modefreq"
-
- function ch.cfgvalue(self, section)
- return {
- m:get(section, "hwmode") or "",
- m:get(section, "channel") or "auto",
- m:get(section, "htmode") or ""
- }
- end
-
- function ch.formvalue(self, section)
- return {
- m:formvalue(self:cbid(section) .. ".band") or (hw_modes.g and "11g" or "11a"),
- m:formvalue(self:cbid(section) .. ".channel") or "auto",
- m:formvalue(self:cbid(section) .. ".htmode") or ""
- }
- end
-
- function ch.write(self, section, value)
- m:set(section, "hwmode", value[1])
- m:set(section, "channel", value[2])
- m:set(section, "htmode", value[3])
- end
-end
-
-------------------- MAC80211 Device ------------------
-
-if hwtype == "mac80211" then
- if #tx_power_list > 0 then
- tp = s:taboption("general", ListValue,
- "txpower", translate("Transmit Power"), "dBm")
- tp.rmempty = true
- tp.default = tx_power_cur
- function tp.cfgvalue(...)
- return txpower_current(Value.cfgvalue(...), tx_power_list)
- end
-
- tp:value("", translate("auto"))
- for _, p in ipairs(tx_power_list) do
- tp:value(p.driver_dbm, "%i dBm (%i mW)"
- %{ p.display_dbm, p.display_mw })
- end
- end
-
- local cl = iw and iw.countrylist
- if cl and #cl > 0 then
- cc = s:taboption("advanced", ListValue, "country", translate("Country Code"), translate("Use ISO/IEC 3166 alpha2 country codes."))
- cc.default = tostring(iw and iw.country or "00")
- for _, c in ipairs(cl) do
- cc:value(c.alpha2, "%s - %s" %{ c.alpha2, c.name })
- end
- else
- s:taboption("advanced", Value, "country", translate("Country Code"), translate("Use ISO/IEC 3166 alpha2 country codes."))
- end
-
- legacyrates = s:taboption("advanced", Flag, "legacy_rates", translate("Allow legacy 802.11b rates"))
- legacyrates.rmempty = false
- legacyrates.default = "1"
-
- s:taboption("advanced", Value, "distance", translate("Distance Optimization"),
- translate("Distance to farthest network member in meters."))
-
- -- external antenna profiles
- local eal = iw and iw.extant
- if eal and #eal > 0 then
- ea = s:taboption("advanced", ListValue, "extant", translate("Antenna Configuration"))
- for _, eap in ipairs(eal) do
- ea:value(eap.id, "%s (%s)" %{ eap.name, eap.description })
- if eap.selected then
- ea.default = eap.id
- end
- end
- end
-
- s:taboption("advanced", Value, "frag", translate("Fragmentation Threshold"))
- s:taboption("advanced", Value, "rts", translate("RTS/CTS Threshold"))
-
- s:taboption("advanced", Flag, "noscan", translate("Force 40MHz mode"),
- translate("Always use 40MHz channels even if the secondary channel overlaps. Using this option does not comply with IEEE 802.11n-2009!")).optional = true
-
- beacon_int = s:taboption("advanced", Value, "beacon_int", translate("Beacon Interval"))
- beacon_int.optional = true
- beacon_int.placeholder = 100
- beacon_int.datatype = "range(15,65535)"
-end
-
-
-------------------- Broadcom Device ------------------
-
-if hwtype == "broadcom" then
- tp = s:taboption("general",
- (#tx_power_list > 0) and ListValue or Value,
- "txpower", translate("Transmit Power"), "dBm")
-
- tp.rmempty = true
- tp.default = tx_power_cur
-
- function tp.cfgvalue(...)
- return txpower_current(Value.cfgvalue(...), tx_power_list)
- end
-
- tp:value("", translate("auto"))
- for _, p in ipairs(tx_power_list) do
- tp:value(p.driver_dbm, "%i dBm (%i mW)"
- %{ p.display_dbm, p.display_mw })
- end
-
- mode = s:taboption("advanced", ListValue, "hwmode", translate("Band"))
- if hw_modes.b then
- mode:value("11b", "2.4GHz (802.11b)")
- if hw_modes.g then
- mode:value("11bg", "2.4GHz (802.11b+g)")
- end
- end
- if hw_modes.g then
- mode:value("11g", "2.4GHz (802.11g)")
- mode:value("11gst", "2.4GHz (802.11g + Turbo)")
- mode:value("11lrs", "2.4GHz (802.11g Limited Rate Support)")
- end
- if hw_modes.a then mode:value("11a", "5GHz (802.11a)") end
- if hw_modes.n then
- if hw_modes.g then
- mode:value("11ng", "2.4GHz (802.11g+n)")
- mode:value("11n", "2.4GHz (802.11n)")
- end
- if hw_modes.a then
- mode:value("11na", "5GHz (802.11a+n)")
- mode:value("11n", "5GHz (802.11n)")
- end
- htmode = s:taboption("advanced", ListValue, "htmode", translate("HT mode (802.11n)"))
- htmode:depends("hwmode", "11ng")
- htmode:depends("hwmode", "11na")
- htmode:depends("hwmode", "11n")
- htmode:value("HT20", "20MHz")
- htmode:value("HT40", "40MHz")
- end
-
- ant1 = s:taboption("advanced", ListValue, "txantenna", translate("Transmitter Antenna"))
- ant1.widget = "radio"
- ant1:depends("diversity", "")
- ant1:value("3", translate("auto"))
- ant1:value("0", translate("Antenna 1"))
- ant1:value("1", translate("Antenna 2"))
-
- ant2 = s:taboption("advanced", ListValue, "rxantenna", translate("Receiver Antenna"))
- ant2.widget = "radio"
- ant2:depends("diversity", "")
- ant2:value("3", translate("auto"))
- ant2:value("0", translate("Antenna 1"))
- ant2:value("1", translate("Antenna 2"))
-
- s:taboption("advanced", Flag, "frameburst", translate("Frame Bursting"))
-
- s:taboption("advanced", Value, "distance", translate("Distance Optimization"))
- --s:option(Value, "slottime", translate("Slot time"))
-
- s:taboption("advanced", Value, "country", translate("Country Code"))
- s:taboption("advanced", Value, "maxassoc", translate("Connection Limit"))
-end
-
-
---------------------- HostAP Device ---------------------
-
-if hwtype == "prism2" then
- s:taboption("advanced", Value, "txpower", translate("Transmit Power"), "att units").rmempty = true
-
- s:taboption("advanced", Flag, "diversity", translate("Diversity")).rmempty = false
-
- s:taboption("advanced", Value, "txantenna", translate("Transmitter Antenna"))
- s:taboption("advanced", Value, "rxantenna", translate("Receiver Antenna"))
-end
-
-
------------------------ Interface -----------------------
-
-s = m:section(NamedSection, wnet.sid, "wifi-iface", translate("Interface Configuration"))
-s.addremove = false
-s.anonymous = true
-s.defaults.device = wdev:name()
-
-s:tab("general", translate("General Setup"))
-s:tab("encryption", translate("Wireless Security"))
-s:tab("macfilter", translate("MAC-Filter"))
-s:tab("advanced", translate("Advanced Settings"))
-
-mode = s:taboption("general", ListValue, "mode", translate("Mode"))
-mode.override_values = true
-mode:value("ap", translate("Access Point"))
-mode:value("sta", translate("Client"))
-mode:value("adhoc", translate("Ad-Hoc"))
-
-meshid = s:taboption("general", Value, "mesh_id", translate("Mesh Id"))
-meshid:depends({mode="mesh"})
-
-meshfwd = s:taboption("advanced", Flag, "mesh_fwding", translate("Forward mesh peer traffic"))
-meshfwd.rmempty = false
-meshfwd.default = "1"
-meshfwd:depends({mode="mesh"})
-
-mesh_rssi_th = s:taboption("advanced", Value, "mesh_rssi_threshold",
- translate("RSSI threshold for joining"),
- translate("0 = not using RSSI threshold, 1 = do not change driver default"))
-mesh_rssi_th.rmempty = false
-mesh_rssi_th.default = "0"
-mesh_rssi_th.datatype = "range(-255,1)"
-mesh_rssi_th:depends({mode="mesh"})
-
-ssid = s:taboption("general", Value, "ssid", translate("<abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
-ssid.datatype = "maxlength(32)"
-ssid:depends({mode="ap"})
-ssid:depends({mode="sta"})
-ssid:depends({mode="adhoc"})
-ssid:depends({mode="ahdemo"})
-ssid:depends({mode="monitor"})
-ssid:depends({mode="ap-wds"})
-ssid:depends({mode="sta-wds"})
-ssid:depends({mode="wds"})
-
-bssid = s:taboption("general", Value, "bssid", translate("<abbr title=\"Basic Service Set Identifier\">BSSID</abbr>"))
-bssid.datatype = "macaddr"
-
-network = s:taboption("general", Value, "network", translate("Network"),
- translate("Choose the network(s) you want to attach to this wireless interface or " ..
- "fill out the <em>create</em> field to define a new network."))
-
-network.rmempty = true
-network.template = "cbi/network_netlist"
-network.widget = "checkbox"
-network.novirtual = true
-
-function network.write(self, section, value)
- local i = nw:get_interface(section)
- if i then
- local _, net, old, new = nil, nil, {}, {}
-
- for _, net in ipairs(i:get_networks()) do
- old[net:name()] = true
- end
-
- for net in ut.imatch(value) do
- new[net] = true
- if not old[net] then
- local n = nw:get_network(net) or nw:add_network(net, { proto = "none" })
- if n then
- if not n:is_empty() then
- n:set("type", "bridge")
- end
- n:add_interface(i)
- end
- end
- end
-
- for net, _ in pairs(old) do
- if not new[net] then
- local n = nw:get_network(net)
- if n then
- n:del_interface(i)
- end
- end
- end
- end
-end
-
--------------------- MAC80211 Interface ----------------------
-
-if hwtype == "mac80211" then
- if fs.access("/usr/sbin/iw") then
- mode:value("mesh", "802.11s")
- end
-
- mode:value("ahdemo", translate("Pseudo Ad-Hoc (ahdemo)"))
- mode:value("monitor", translate("Monitor"))
- bssid:depends({mode="adhoc"})
- bssid:depends({mode="sta"})
- bssid:depends({mode="sta-wds"})
-
- mp = s:taboption("macfilter", ListValue, "macfilter", translate("MAC-Address Filter"))
- mp:depends({mode="ap"})
- mp:depends({mode="ap-wds"})
- mp:value("", translate("disable"))
- mp:value("allow", translate("Allow listed only"))
- mp:value("deny", translate("Allow all except listed"))
-
- ml = s:taboption("macfilter", DynamicList, "maclist", translate("MAC-List"))
- ml.datatype = "macaddr"
- ml:depends({macfilter="allow"})
- ml:depends({macfilter="deny"})
- nt.mac_hints(function(mac, name) ml:value(mac, "%s (%s)" %{ mac, name }) end)
-
- mode:value("ap-wds", "%s (%s)" % {translate("Access Point"), translate("WDS")})
- mode:value("sta-wds", "%s (%s)" % {translate("Client"), translate("WDS")})
-
- function mode.write(self, section, value)
- if value == "ap-wds" then
- ListValue.write(self, section, "ap")
- m.uci:set("wireless", section, "wds", 1)
- elseif value == "sta-wds" then
- ListValue.write(self, section, "sta")
- m.uci:set("wireless", section, "wds", 1)
- else
- ListValue.write(self, section, value)
- m.uci:delete("wireless", section, "wds")
- end
- end
-
- function mode.cfgvalue(self, section)
- local mode = ListValue.cfgvalue(self, section)
- local wds = m.uci:get("wireless", section, "wds") == "1"
-
- if mode == "ap" and wds then
- return "ap-wds"
- elseif mode == "sta" and wds then
- return "sta-wds"
- else
- return mode
- end
- end
-
- hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
- hidden:depends({mode="ap"})
- hidden:depends({mode="ap-wds"})
-
- wmm = s:taboption("general", Flag, "wmm", translate("WMM Mode"))
- wmm:depends({mode="ap"})
- wmm:depends({mode="ap-wds"})
- wmm.default = wmm.enabled
-
- isolate = s:taboption("advanced", Flag, "isolate", translate("Isolate Clients"),
- translate("Prevents client-to-client communication"))
- isolate:depends({mode="ap"})
- isolate:depends({mode="ap-wds"})
-
- ifname = s:taboption("advanced", Value, "ifname", translate("Interface name"), translate("Override default interface name"))
- ifname.optional = true
-
- short_preamble = s:taboption("advanced", Flag, "short_preamble", translate("Short Preamble"))
- short_preamble.default = short_preamble.enabled
-
- dtim_period = s:taboption("advanced", Value, "dtim_period", translate("DTIM Interval"), translate("Delivery Traffic Indication Message Interval"))
- dtim_period.optional = true
- dtim_period.placeholder = 2
- dtim_period.datatype = "range(1,255)"
-
-
- wparekey = s:taboption("advanced", Value, "wpa_group_rekey", translate("Time interval for rekeying GTK"), translate("sec"))
- wparekey.optional = true
- wparekey.placeholder = 600
- wparekey.datatype = "uinteger"
-
- inactivitypool = s:taboption("advanced", Flag , "skip_inactivity_poll", translate("Disable Inactivity Polling"))
- inactivitypool.optional = true
- inactivitypool.datatype = "uinteger"
-
- maxinactivity = s:taboption("advanced", Value, "max_inactivity", translate("Station inactivity limit"), translate("sec"))
- maxinactivity.optional = true
- maxinactivity.placeholder = 300
- maxinactivity.datatype = "uinteger"
-
- listeninterval = s:taboption("advanced", Value, "max_listen_interval", translate("Maximum allowed Listen Interval"))
- listeninterval.optional = true
- listeninterval.placeholder = 65535
- listeninterval.datatype = "uinteger"
-
- disassoc_low_ack = s:taboption("advanced", Flag, "disassoc_low_ack", translate("Disassociate On Low Acknowledgement"),
- translate("Allow AP mode to disconnect STAs based on low ACK condition"))
- disassoc_low_ack.default = disassoc_low_ack.enabled
-end
-
-
--------------------- Broadcom Interface ----------------------
-
-if hwtype == "broadcom" then
- mode:value("wds", translate("WDS"))
- mode:value("monitor", translate("Monitor"))
-
- hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
- hidden:depends({mode="ap"})
- hidden:depends({mode="adhoc"})
- hidden:depends({mode="wds"})
-
- isolate = s:taboption("advanced", Flag, "isolate", translate("Separate Clients"),
- translate("Prevents client-to-client communication"))
- isolate:depends({mode="ap"})
-
- s:taboption("advanced", Flag, "doth", "802.11h")
- s:taboption("advanced", Flag, "wmm", translate("WMM Mode"))
-
- bssid:depends({mode="wds"})
- bssid:depends({mode="adhoc"})
-end
-
-
------------------------ HostAP Interface ---------------------
-
-if hwtype == "prism2" then
- mode:value("wds", translate("WDS"))
- mode:value("monitor", translate("Monitor"))
-
- hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
- hidden:depends({mode="ap"})
- hidden:depends({mode="adhoc"})
- hidden:depends({mode="wds"})
-
- bssid:depends({mode="sta"})
-
- mp = s:taboption("macfilter", ListValue, "macpolicy", translate("MAC-Address Filter"))
- mp:value("", translate("disable"))
- mp:value("allow", translate("Allow listed only"))
- mp:value("deny", translate("Allow all except listed"))
- ml = s:taboption("macfilter", DynamicList, "maclist", translate("MAC-List"))
- ml:depends({macpolicy="allow"})
- ml:depends({macpolicy="deny"})
- nt.mac_hints(function(mac, name) ml:value(mac, "%s (%s)" %{ mac, name }) end)
-
- s:taboption("advanced", Value, "rate", translate("Transmission Rate"))
- s:taboption("advanced", Value, "frag", translate("Fragmentation Threshold"))
- s:taboption("advanced", Value, "rts", translate("RTS/CTS Threshold"))
-end
-
-
-------------------- WiFI-Encryption -------------------
-
-encr = s:taboption("encryption", ListValue, "encryption", translate("Encryption"))
-encr.override_values = true
-encr.override_depends = true
-encr:depends({mode="ap"})
-encr:depends({mode="sta"})
-encr:depends({mode="adhoc"})
-encr:depends({mode="ahdemo"})
-encr:depends({mode="ap-wds"})
-encr:depends({mode="sta-wds"})
-encr:depends({mode="mesh"})
-
-cipher = s:taboption("encryption", ListValue, "cipher", translate("Cipher"))
-cipher:depends({encryption="wpa"})
-cipher:depends({encryption="wpa2"})
-cipher:depends({encryption="psk"})
-cipher:depends({encryption="psk2"})
-cipher:depends({encryption="wpa-mixed"})
-cipher:depends({encryption="psk-mixed"})
-cipher:value("auto", translate("auto"))
-cipher:value("ccmp", translate("Force CCMP (AES)"))
-cipher:value("tkip", translate("Force TKIP"))
-cipher:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
-
-function encr.cfgvalue(self, section)
- local v = tostring(ListValue.cfgvalue(self, section))
- if v == "wep" then
- return "wep-open"
- elseif v and v:match("%+") then
- return (v:gsub("%+.+$", ""))
- end
- return v
-end
-
-function encr.write(self, section, value)
- local e = tostring(encr:formvalue(section))
- local c = tostring(cipher:formvalue(section))
- if value == "wpa" or value == "wpa2" then
- self.map.uci:delete("wireless", section, "key")
- end
- if e and (c == "tkip" or c == "ccmp" or c == "tkip+ccmp") then
- e = e .. "+" .. c
- end
- self.map:set(section, "encryption", e)
-end
-
-function cipher.cfgvalue(self, section)
- local v = tostring(ListValue.cfgvalue(encr, section))
- if v and v:match("%+") then
- v = v:gsub("^[^%+]+%+", "")
- if v == "aes" then v = "ccmp"
- elseif v == "tkip+aes" then v = "tkip+ccmp"
- elseif v == "aes+tkip" then v = "tkip+ccmp"
- elseif v == "ccmp+tkip" then v = "tkip+ccmp"
- end
- end
- return v
-end
-
-function cipher.write(self, section)
- return encr:write(section)
-end
-
-
-encr:value("none", "No Encryption")
-encr:value("wep-open", translate("WEP Open System"), {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="ahdemo"}, {mode="wds"})
-encr:value("wep-shared", translate("WEP Shared Key"), {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="ahdemo"}, {mode="wds"})
-
-if hwtype == "mac80211" or hwtype == "prism2" then
- local supplicant = fs.access("/usr/sbin/wpa_supplicant")
- local hostapd = fs.access("/usr/sbin/hostapd")
-
- -- Probe EAP support
- local has_ap_eap = (os.execute("hostapd -veap >/dev/null 2>/dev/null") == 0)
- local has_sta_eap = (os.execute("wpa_supplicant -veap >/dev/null 2>/dev/null") == 0)
-
- -- Probe SAE support
- local has_ap_sae = (os.execute("hostapd -vsae >/dev/null 2>/dev/null") == 0)
- local has_sta_sae = (os.execute("wpa_supplicant -vsae >/dev/null 2>/dev/null") == 0)
-
- -- Probe OWE support
- local has_ap_owe = (os.execute("hostapd -vowe >/dev/null 2>/dev/null") == 0)
- local has_sta_owe = (os.execute("wpa_supplicant -vowe >/dev/null 2>/dev/null") == 0)
-
- if hostapd and supplicant then
- encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
- encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
- encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
- if has_ap_sae and has_sta_sae then
- encr:value("sae", "WPA3-SAE", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="mesh"})
- encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
- end
- if has_ap_eap and has_sta_eap then
- encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
- encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
- end
- if has_ap_owe and has_sta_owe then
- encr:value("owe", "OWE", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
- end
- elseif hostapd and not supplicant then
- encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="ap-wds"})
- encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="ap-wds"})
- encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="ap-wds"})
- if has_ap_sae then
- encr:value("sae", "WPA3-SAE", {mode="ap"}, {mode="ap-wds"})
- encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="ap"}, {mode="ap-wds"})
- end
- if has_ap_eap then
- encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="ap-wds"})
- encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="ap-wds"})
- end
- if has_ap_owe then
- encr:value("owe", "OWE", {mode="ap"}, {mode="ap-wds"})
- end
- encr.description = translate(
- "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
- "and ad-hoc mode) to be installed."
- )
- elseif not hostapd and supplicant then
- encr:value("psk", "WPA-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
- encr:value("psk2", "WPA2-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
- encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
- if has_sta_sae then
- encr:value("sae", "WPA3-SAE", {mode="sta"}, {mode="sta-wds"}, {mode="mesh"})
- encr:value("sae-mixed", "WPA2-PSK/WPA3-SAE Mixed Mode", {mode="sta"}, {mode="sta-wds"})
- end
- if has_sta_eap then
- encr:value("wpa", "WPA-EAP", {mode="sta"}, {mode="sta-wds"})
- encr:value("wpa2", "WPA2-EAP", {mode="sta"}, {mode="sta-wds"})
- end
- if has_sta_owe then
- encr:value("owe", "OWE", {mode="sta"}, {mode="sta-wds"})
- end
- encr.description = translate(
- "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
- "and ad-hoc mode) to be installed."
- )
- else
- encr.description = translate(
- "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
- "and ad-hoc mode) to be installed."
- )
- end
-elseif hwtype == "broadcom" then
- encr:value("psk", "WPA-PSK")
- encr:value("psk2", "WPA2-PSK")
- encr:value("psk+psk2", "WPA-PSK/WPA2-PSK Mixed Mode")
-end
-
-auth_server = s:taboption("encryption", Value, "auth_server", translate("Radius-Authentication-Server"))
-auth_server:depends({mode="ap", encryption="wpa"})
-auth_server:depends({mode="ap", encryption="wpa2"})
-auth_server:depends({mode="ap-wds", encryption="wpa"})
-auth_server:depends({mode="ap-wds", encryption="wpa2"})
-auth_server.rmempty = true
-auth_server.datatype = "host(0)"
-
-auth_port = s:taboption("encryption", Value, "auth_port", translate("Radius-Authentication-Port"), translatef("Default %d", 1812))
-auth_port:depends({mode="ap", encryption="wpa"})
-auth_port:depends({mode="ap", encryption="wpa2"})
-auth_port:depends({mode="ap-wds", encryption="wpa"})
-auth_port:depends({mode="ap-wds", encryption="wpa2"})
-auth_port.rmempty = true
-auth_port.datatype = "port"
-
-auth_secret = s:taboption("encryption", Value, "auth_secret", translate("Radius-Authentication-Secret"))
-auth_secret:depends({mode="ap", encryption="wpa"})
-auth_secret:depends({mode="ap", encryption="wpa2"})
-auth_secret:depends({mode="ap-wds", encryption="wpa"})
-auth_secret:depends({mode="ap-wds", encryption="wpa2"})
-auth_secret.rmempty = true
-auth_secret.password = true
-
-acct_server = s:taboption("encryption", Value, "acct_server", translate("Radius-Accounting-Server"))
-acct_server:depends({mode="ap", encryption="wpa"})
-acct_server:depends({mode="ap", encryption="wpa2"})
-acct_server:depends({mode="ap-wds", encryption="wpa"})
-acct_server:depends({mode="ap-wds", encryption="wpa2"})
-acct_server.rmempty = true
-acct_server.datatype = "host(0)"
-
-acct_port = s:taboption("encryption", Value, "acct_port", translate("Radius-Accounting-Port"), translatef("Default %d", 1813))
-acct_port:depends({mode="ap", encryption="wpa"})
-acct_port:depends({mode="ap", encryption="wpa2"})
-acct_port:depends({mode="ap-wds", encryption="wpa"})
-acct_port:depends({mode="ap-wds", encryption="wpa2"})
-acct_port.rmempty = true
-acct_port.datatype = "port"
-
-acct_secret = s:taboption("encryption", Value, "acct_secret", translate("Radius-Accounting-Secret"))
-acct_secret:depends({mode="ap", encryption="wpa"})
-acct_secret:depends({mode="ap", encryption="wpa2"})
-acct_secret:depends({mode="ap-wds", encryption="wpa"})
-acct_secret:depends({mode="ap-wds", encryption="wpa2"})
-acct_secret.rmempty = true
-acct_secret.password = true
-
-dae_client = s:taboption("encryption", Value, "dae_client", translate("DAE-Client"))
-dae_client:depends({mode="ap", encryption="wpa"})
-dae_client:depends({mode="ap", encryption="wpa2"})
-dae_client:depends({mode="ap-wds", encryption="wpa"})
-dae_client:depends({mode="ap-wds", encryption="wpa2"})
-dae_client.rmempty = true
-dae_client.datatype = "host(0)"
-
-dae_port = s:taboption("encryption", Value, "dae_port", translate("DAE-Port"), translatef("Default %d", 3799))
-dae_port:depends({mode="ap", encryption="wpa"})
-dae_port:depends({mode="ap", encryption="wpa2"})
-dae_port:depends({mode="ap-wds", encryption="wpa"})
-dae_port:depends({mode="ap-wds", encryption="wpa2"})
-dae_port.rmempty = true
-dae_port.datatype = "port"
-
-dae_secret = s:taboption("encryption", Value, "dae_secret", translate("DAE-Secret"))
-dae_secret:depends({mode="ap", encryption="wpa"})
-dae_secret:depends({mode="ap", encryption="wpa2"})
-dae_secret:depends({mode="ap-wds", encryption="wpa"})
-dae_secret:depends({mode="ap-wds", encryption="wpa2"})
-dae_secret.rmempty = true
-dae_secret.password = true
-
-wpakey = s:taboption("encryption", Value, "_wpa_key", translate("Key"))
-wpakey:depends("encryption", "psk")
-wpakey:depends("encryption", "psk2")
-wpakey:depends("encryption", "psk+psk2")
-wpakey:depends("encryption", "psk-mixed")
-wpakey:depends("encryption", "sae")
-wpakey:depends("encryption", "sae-mixed")
-wpakey.datatype = "wpakey"
-wpakey.rmempty = true
-wpakey.password = true
-
-wpakey.cfgvalue = function(self, section, value)
- local key = m.uci:get("wireless", section, "key")
- if key == "1" or key == "2" or key == "3" or key == "4" then
- return nil
- end
- return key
-end
-
-wpakey.write = function(self, section, value)
- self.map.uci:set("wireless", section, "key", value)
- self.map.uci:delete("wireless", section, "key1")
-end
-
-
-wepslot = s:taboption("encryption", ListValue, "_wep_key", translate("Used Key Slot"))
-wepslot:depends("encryption", "wep-open")
-wepslot:depends("encryption", "wep-shared")
-wepslot:value("1", translatef("Key #%d", 1))
-wepslot:value("2", translatef("Key #%d", 2))
-wepslot:value("3", translatef("Key #%d", 3))
-wepslot:value("4", translatef("Key #%d", 4))
-
-wepslot.cfgvalue = function(self, section)
- local slot = tonumber(m.uci:get("wireless", section, "key"))
- if not slot or slot < 1 or slot > 4 then
- return 1
- end
- return slot
-end
-
-wepslot.write = function(self, section, value)
- self.map.uci:set("wireless", section, "key", value)
-end
-
-local slot
-for slot=1,4 do
- wepkey = s:taboption("encryption", Value, "key" .. slot, translatef("Key #%d", slot))
- wepkey:depends("encryption", "wep-open")
- wepkey:depends("encryption", "wep-shared")
- wepkey.datatype = "wepkey"
- wepkey.rmempty = true
- wepkey.password = true
-
- function wepkey.write(self, section, value)
- if value and (#value == 5 or #value == 13) then
- value = "s:" .. value
- end
- return Value.write(self, section, value)
- end
-end
-
-if hwtype == "mac80211" or hwtype == "prism2" then
-
- -- Probe 802.11r support (and EAP support as a proxy for Openwrt)
- local has_80211r = (os.execute("hostapd -v11r 2>/dev/null || hostapd -veap 2>/dev/null") == 0)
-
- ieee80211r = s:taboption("encryption", Flag, "ieee80211r",
- translate("802.11r Fast Transition"),
- translate("Enables fast roaming among access points that belong " ..
- "to the same Mobility Domain"))
- ieee80211r:depends({mode="ap", encryption="wpa"})
- ieee80211r:depends({mode="ap", encryption="wpa2"})
- ieee80211r:depends({mode="ap-wds", encryption="wpa"})
- ieee80211r:depends({mode="ap-wds", encryption="wpa2"})
- if has_80211r then
- ieee80211r:depends({mode="ap", encryption="psk"})
- ieee80211r:depends({mode="ap", encryption="psk2"})
- ieee80211r:depends({mode="ap", encryption="psk-mixed"})
- ieee80211r:depends({mode="ap", encryption="sae"})
- ieee80211r:depends({mode="ap", encryption="sae-mixed"})
- ieee80211r:depends({mode="ap-wds", encryption="psk"})
- ieee80211r:depends({mode="ap-wds", encryption="psk2"})
- ieee80211r:depends({mode="ap-wds", encryption="psk-mixed"})
- ieee80211r:depends({mode="ap-wds", encryption="sae"})
- ieee80211r:depends({mode="ap-wds", encryption="sae-mixed"})
- end
- ieee80211r.rmempty = true
-
- nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID"),
- translate("Used for two different purposes: RADIUS NAS ID and " ..
- "802.11r R0KH-ID. Not needed with normal WPA(2)-PSK."))
- nasid:depends({mode="ap", encryption="wpa"})
- nasid:depends({mode="ap", encryption="wpa2"})
- nasid:depends({mode="ap-wds", encryption="wpa"})
- nasid:depends({mode="ap-wds", encryption="wpa2"})
- nasid:depends({ieee80211r="1"})
- nasid.rmempty = true
-
- mobility_domain = s:taboption("encryption", Value, "mobility_domain",
- translate("Mobility Domain"),
- translate("4-character hexadecimal ID"))
- mobility_domain:depends({ieee80211r="1"})
- mobility_domain.placeholder = "4f57"
- mobility_domain.datatype = "and(hexstring,rangelength(4,4))"
- mobility_domain.rmempty = true
-
- reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline",
- translate("Reassociation Deadline"),
- translate("time units (TUs / 1.024 ms) [1000-65535]"))
- reassociation_deadline:depends({ieee80211r="1"})
- reassociation_deadline.placeholder = "1000"
- reassociation_deadline.datatype = "range(1000,65535)"
- reassociation_deadline.rmempty = true
-
- ft_protocol = s:taboption("encryption", ListValue, "ft_over_ds", translate("FT protocol"))
- ft_protocol:depends({ieee80211r="1"})
- ft_protocol:value("1", translatef("FT over DS"))
- ft_protocol:value("0", translatef("FT over the Air"))
- ft_protocol.rmempty = true
-
- ft_psk_generate_local = s:taboption("encryption", Flag, "ft_psk_generate_local",
- translate("Generate PMK locally"),
- translate("When using a PSK, the PMK can be automatically generated. When enabled, the R0/R1 key options below are not applied. Disable this to use the R0 and R1 key options."))
- ft_psk_generate_local:depends({ieee80211r="1"})
- ft_psk_generate_local.default = ft_psk_generate_local.enabled
- ft_psk_generate_local.rmempty = false
-
- r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime",
- translate("R0 Key Lifetime"), translate("minutes"))
- r0_key_lifetime:depends({ieee80211r="1"})
- r0_key_lifetime.placeholder = "10000"
- r0_key_lifetime.datatype = "uinteger"
- r0_key_lifetime.rmempty = true
-
- r1_key_holder = s:taboption("encryption", Value, "r1_key_holder",
- translate("R1 Key Holder"),
- translate("6-octet identifier as a hex string - no colons"))
- r1_key_holder:depends({ieee80211r="1"})
- r1_key_holder.placeholder = "00004f577274"
- r1_key_holder.datatype = "and(hexstring,rangelength(12,12))"
- r1_key_holder.rmempty = true
-
- pmk_r1_push = s:taboption("encryption", Flag, "pmk_r1_push", translate("PMK R1 Push"))
- pmk_r1_push:depends({ieee80211r="1"})
- pmk_r1_push.placeholder = "0"
- pmk_r1_push.rmempty = true
-
- r0kh = s:taboption("encryption", DynamicList, "r0kh", translate("External R0 Key Holder List"),
- translate("List of R0KHs in the same Mobility Domain. " ..
- "<br />Format: MAC-address,NAS-Identifier,128-bit key as hex string. " ..
- "<br />This list is used to map R0KH-ID (NAS Identifier) to a destination " ..
- "MAC address when requesting PMK-R1 key from the R0KH that the STA " ..
- "used during the Initial Mobility Domain Association."))
- r0kh:depends({ieee80211r="1"})
- r0kh.rmempty = true
-
- r1kh = s:taboption("encryption", DynamicList, "r1kh", translate("External R1 Key Holder List"),
- translate ("List of R1KHs in the same Mobility Domain. "..
- "<br />Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. "..
- "<br />This list is used to map R1KH-ID to a destination MAC address " ..
- "when sending PMK-R1 key from the R0KH. This is also the " ..
- "list of authorized R1KHs in the MD that can request PMK-R1 keys."))
- r1kh:depends({ieee80211r="1"})
- r1kh.rmempty = true
- -- End of 802.11r options
-
- eaptype = s:taboption("encryption", ListValue, "eap_type", translate("EAP-Method"))
- eaptype:value("tls", "TLS")
- eaptype:value("ttls", "TTLS")
- eaptype:value("peap", "PEAP")
- eaptype:value("fast", "FAST")
- eaptype:depends({mode="sta", encryption="wpa"})
- eaptype:depends({mode="sta", encryption="wpa2"})
- eaptype:depends({mode="sta-wds", encryption="wpa"})
- eaptype:depends({mode="sta-wds", encryption="wpa2"})
-
- cacert = s:taboption("encryption", FileUpload, "ca_cert", translate("Path to CA-Certificate"))
- cacert:depends({mode="sta", encryption="wpa"})
- cacert:depends({mode="sta", encryption="wpa2"})
- cacert:depends({mode="sta-wds", encryption="wpa"})
- cacert:depends({mode="sta-wds", encryption="wpa2"})
- cacert.rmempty = true
-
- clientcert = s:taboption("encryption", FileUpload, "client_cert", translate("Path to Client-Certificate"))
- clientcert:depends({mode="sta", eap_type="tls", encryption="wpa"})
- clientcert:depends({mode="sta", eap_type="tls", encryption="wpa2"})
- clientcert:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
- clientcert:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
-
- privkey = s:taboption("encryption", FileUpload, "priv_key", translate("Path to Private Key"))
- privkey:depends({mode="sta", eap_type="tls", encryption="wpa2"})
- privkey:depends({mode="sta", eap_type="tls", encryption="wpa"})
- privkey:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
- privkey:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
-
- privkeypwd = s:taboption("encryption", Value, "priv_key_pwd", translate("Password of Private Key"))
- privkeypwd:depends({mode="sta", eap_type="tls", encryption="wpa2"})
- privkeypwd:depends({mode="sta", eap_type="tls", encryption="wpa"})
- privkeypwd:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
- privkeypwd:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
- privkeypwd.rmempty = true
- privkeypwd.password = true
-
- auth = s:taboption("encryption", ListValue, "auth", translate("Authentication"))
- auth:value("PAP", "PAP", {eap_type="ttls"})
- auth:value("CHAP", "CHAP", {eap_type="ttls"})
- auth:value("MSCHAP", "MSCHAP", {eap_type="ttls"})
- auth:value("MSCHAPV2", "MSCHAPv2", {eap_type="ttls"})
- auth:value("EAP-GTC")
- auth:value("EAP-MD5")
- auth:value("EAP-MSCHAPV2")
- auth:value("EAP-TLS")
- auth:depends({mode="sta", eap_type="fast", encryption="wpa2"})
- auth:depends({mode="sta", eap_type="fast", encryption="wpa"})
- auth:depends({mode="sta", eap_type="peap", encryption="wpa2"})
- auth:depends({mode="sta", eap_type="peap", encryption="wpa"})
- auth:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
- auth:depends({mode="sta", eap_type="ttls", encryption="wpa"})
- auth:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
- auth:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
- auth:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
- auth:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
- auth:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
- auth:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
-
- cacert2 = s:taboption("encryption", FileUpload, "ca_cert2", translate("Path to inner CA-Certificate"))
- cacert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
- cacert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
- cacert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
- cacert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
-
- clientcert2 = s:taboption("encryption", FileUpload, "client_cert2", translate("Path to inner Client-Certificate"))
- clientcert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
- clientcert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
- clientcert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
- clientcert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
-
- privkey2 = s:taboption("encryption", FileUpload, "priv_key2", translate("Path to inner Private Key"))
- privkey2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
- privkey2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
- privkey2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
- privkey2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
-
- privkeypwd2 = s:taboption("encryption", Value, "priv_key2_pwd", translate("Password of inner Private Key"))
- privkeypwd2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
- privkeypwd2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
- privkeypwd2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
- privkeypwd2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
- privkeypwd2.rmempty = true
- privkeypwd2.password = true
-
- identity = s:taboption("encryption", Value, "identity", translate("Identity"))
- identity:depends({mode="sta", eap_type="fast", encryption="wpa2"})
- identity:depends({mode="sta", eap_type="fast", encryption="wpa"})
- identity:depends({mode="sta", eap_type="peap", encryption="wpa2"})
- identity:depends({mode="sta", eap_type="peap", encryption="wpa"})
- identity:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
- identity:depends({mode="sta", eap_type="ttls", encryption="wpa"})
- identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
- identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
- identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
- identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
- identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
- identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
- identity:depends({mode="sta", eap_type="tls", encryption="wpa2"})
- identity:depends({mode="sta", eap_type="tls", encryption="wpa"})
- identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
- identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
-
- anonymous_identity = s:taboption("encryption", Value, "anonymous_identity", translate("Anonymous Identity"))
- anonymous_identity:depends({mode="sta", eap_type="fast", encryption="wpa2"})
- anonymous_identity:depends({mode="sta", eap_type="fast", encryption="wpa"})
- anonymous_identity:depends({mode="sta", eap_type="peap", encryption="wpa2"})
- anonymous_identity:depends({mode="sta", eap_type="peap", encryption="wpa"})
- anonymous_identity:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
- anonymous_identity:depends({mode="sta", eap_type="ttls", encryption="wpa"})
- anonymous_identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
- anonymous_identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
- anonymous_identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
- anonymous_identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
- anonymous_identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
- anonymous_identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
- anonymous_identity:depends({mode="sta", eap_type="tls", encryption="wpa2"})
- anonymous_identity:depends({mode="sta", eap_type="tls", encryption="wpa"})
- anonymous_identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
- anonymous_identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
-
- password = s:taboption("encryption", Value, "password", translate("Password"))
- password:depends({mode="sta", eap_type="fast", encryption="wpa2"})
- password:depends({mode="sta", eap_type="fast", encryption="wpa"})
- password:depends({mode="sta", eap_type="peap", encryption="wpa2"})
- password:depends({mode="sta", eap_type="peap", encryption="wpa"})
- password:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
- password:depends({mode="sta", eap_type="ttls", encryption="wpa"})
- password:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
- password:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
- password:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
- password:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
- password:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
- password:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
- password.rmempty = true
- password.password = true
-end
-
--- ieee802.11w options
-if hwtype == "mac80211" then
- local has_80211w = (os.execute("hostapd -v11w 2>/dev/null || hostapd -veap 2>/dev/null") == 0)
- if has_80211w then
- ieee80211w = s:taboption("encryption", ListValue, "ieee80211w",
- translate("802.11w Management Frame Protection"),
- translate("Requires the 'full' version of wpad/hostapd " ..
- "and support from the wifi driver <br />(as of Jan 2019: " ..
- "ath9k, ath10k, mwlwifi and mt76)"))
- ieee80211w.default = ""
- ieee80211w.rmempty = true
- ieee80211w:value("", translate("Disabled (default)"))
- ieee80211w:value("1", translate("Optional"))
- ieee80211w:value("2", translate("Required"))
- ieee80211w:depends({mode="ap", encryption="wpa2"})
- ieee80211w:depends({mode="ap-wds", encryption="wpa2"})
- ieee80211w:depends({mode="ap", encryption="psk2"})
- ieee80211w:depends({mode="ap", encryption="psk-mixed"})
- ieee80211w:depends({mode="ap", encryption="sae"})
- ieee80211w:depends({mode="ap", encryption="sae-mixed"})
- ieee80211w:depends({mode="ap", encryption="owe"})
- ieee80211w:depends({mode="ap-wds", encryption="psk2"})
- ieee80211w:depends({mode="ap-wds", encryption="psk-mixed"})
- ieee80211w:depends({mode="ap-wds", encryption="sae"})
- ieee80211w:depends({mode="ap-wds", encryption="sae-mixed"})
- ieee80211w:depends({mode="ap-wds", encryption="owe"})
- ieee80211w:depends({mode="sta", encryption="wpa2"})
- ieee80211w:depends({mode="sta-wds", encryption="wpa2"})
- ieee80211w:depends({mode="sta", encryption="psk2"})
- ieee80211w:depends({mode="sta", encryption="psk-mixed"})
- ieee80211w:depends({mode="sta", encryption="sae"})
- ieee80211w:depends({mode="sta", encryption="sae-mixed"})
- ieee80211w:depends({mode="sta", encryption="owe"})
- ieee80211w:depends({mode="sta-wds", encryption="psk2"})
- ieee80211w:depends({mode="sta-wds", encryption="psk-mixed"})
- ieee80211w:depends({mode="sta-wds", encryption="sae"})
- ieee80211w:depends({mode="sta-wds", encryption="sae-mixed"})
- ieee80211w:depends({mode="sta-wds", encryption="owe"})
-
- max_timeout = s:taboption("encryption", Value, "ieee80211w_max_timeout",
- translate("802.11w maximum timeout"),
- translate("802.11w Association SA Query maximum timeout"))
- max_timeout:depends({ieee80211w="1"})
- max_timeout:depends({ieee80211w="2"})
- max_timeout.datatype = "uinteger"
- max_timeout.placeholder = "1000"
- max_timeout.rmempty = true
-
- retry_timeout = s:taboption("encryption", Value, "ieee80211w_retry_timeout",
- translate("802.11w retry timeout"),
- translate("802.11w Association SA Query retry timeout"))
- retry_timeout:depends({ieee80211w="1"})
- retry_timeout:depends({ieee80211w="2"})
- retry_timeout.datatype = "uinteger"
- retry_timeout.placeholder = "201"
- retry_timeout.rmempty = true
- end
-
- key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries",
- translate("Enable key reinstallation (KRACK) countermeasures"),
- translate("Complicates key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load."))
-
- key_retries:depends({mode="ap", encryption="wpa2"})
- key_retries:depends({mode="ap", encryption="psk2"})
- key_retries:depends({mode="ap", encryption="psk-mixed"})
- key_retries:depends({mode="ap", encryption="sae"})
- key_retries:depends({mode="ap", encryption="sae-mixed"})
- key_retries:depends({mode="ap-wds", encryption="wpa2"})
- key_retries:depends({mode="ap-wds", encryption="psk2"})
- key_retries:depends({mode="ap-wds", encryption="psk-mixed"})
- key_retries:depends({mode="ap-wds", encryption="sae"})
- key_retries:depends({mode="ap-wds", encryption="sae-mixed"})
-end
-
-if hwtype == "mac80211" or hwtype == "prism2" then
- local wpasupplicant = fs.access("/usr/sbin/wpa_supplicant")
- local hostcli = fs.access("/usr/sbin/hostapd_cli")
- if hostcli and wpasupplicant then
- wps = s:taboption("encryption", Flag, "wps_pushbutton", translate("Enable WPS pushbutton, requires WPA(2)-PSK"))
- wps.enabled = "1"
- wps.disabled = "0"
- wps.rmempty = false
- wps:depends("encryption", "psk")
- wps:depends("encryption", "psk2")
- wps:depends("encryption", "psk-mixed")
- end
-end
-
-return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua
deleted file mode 100644
index e8a3058826..0000000000
--- a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua
+++ /dev/null
@@ -1,168 +0,0 @@
--- Copyright 2009 Jo-Philipp Wich <jow@openwrt.org>
--- Licensed to the public under the Apache License 2.0.
-
-local fs = require "nixio.fs"
-local nw = require "luci.model.network"
-local fw = require "luci.model.firewall"
-local uci = require "luci.model.uci".cursor()
-local http = require "luci.http"
-
-local iw = luci.sys.wifi.getiwinfo(http.formvalue("device"))
-
-local has_firewall = fs.access("/etc/config/firewall")
-
-if not iw then
- luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless"))
- return
-end
-
-m = SimpleForm("network", translatef("Joining Network: %q", http.formvalue("join")))
-m.cancel = translate("Back to scan results")
-m.reset = false
-
-function m.on_cancel()
- local dev = http.formvalue("device")
- http.redirect(luci.dispatcher.build_url(
- dev and "admin/network/wireless_join?device=" .. dev
- or "admin/network/wireless"
- ))
-end
-
-nw.init(uci)
-fw.init(uci)
-
-m.hidden = {
- device = http.formvalue("device"),
- join = http.formvalue("join"),
- channel = http.formvalue("channel"),
- mode = http.formvalue("mode"),
- bssid = http.formvalue("bssid"),
- wep = http.formvalue("wep"),
- wpa_suites = http.formvalue("wpa_suites"),
- wpa_version = http.formvalue("wpa_version")
-}
-
-if iw and iw.mbssid_support then
- replace = m:field(Flag, "replace", translate("Replace wireless configuration"),
- translate("Check this option to delete the existing networks from this radio."))
-
- function replace.cfgvalue() return "0" end
-else
- replace = m:field(DummyValue, "replace", translate("Replace wireless configuration"))
- replace.default = translate("The hardware is not multi-SSID capable and the existing " ..
- "configuration will be replaced if you proceed.")
-
- function replace.formvalue() return "1" end
-end
-
-if http.formvalue("wep") == "1" then
- key = m:field(Value, "key", translate("WEP passphrase"),
- translate("Specify the secret encryption key here."))
-
- key.password = true
- key.datatype = "wepkey"
-
-elseif (tonumber(m.hidden.wpa_version) or 0) > 0 and
- (m.hidden.wpa_suites == "PSK" or m.hidden.wpa_suites == "PSK2")
-then
- key = m:field(Value, "key", translate("WPA passphrase"),
- translate("Specify the secret encryption key here."))
-
- key.password = true
- key.datatype = "wpakey"
- --m.hidden.wpa_suite = (tonumber(http.formvalue("wpa_version")) or 0) >= 2 and "psk2" or "psk"
-end
-
-newnet = m:field(Value, "_netname_new", translate("Name of the new network"),
- translate("The allowed characters are: <code>A-Z</code>, <code>a-z</code>, " ..
- "<code>0-9</code> and <code>_</code>"
- ))
-
-newnet.default = m.hidden.mode == "Ad-Hoc" and "mesh" or "wwan"
-newnet.datatype = "uciname"
-
-if has_firewall then
- fwzone = m:field(Value, "_fwzone",
- translate("Create / Assign firewall-zone"),
- translate("Choose the firewall zone you want to assign to this interface. Select <em>unspecified</em> to remove the interface from the associated zone or fill out the <em>create</em> field to define a new zone and attach the interface to it."))
-
- fwzone.template = "cbi/firewall_zonelist"
- fwzone.default = m.hidden.mode == "Ad-Hoc" and "mesh" or "wan"
-end
-
-function newnet.parse(self, section)
- local net, zone
-
- if has_firewall then
- local value = fwzone:formvalue(section)
- if value and #value > 0 then
- zone = fw:get_zone(value) or fw:add_zone(value)
- end
- end
-
- local wdev = nw:get_wifidev(m.hidden.device)
-
- wdev:set("disabled", false)
- wdev:set("channel", m.hidden.channel)
-
- if replace:formvalue(section) then
- local n
- for _, n in ipairs(wdev:get_wifinets()) do
- wdev:del_wifinet(n)
- end
- end
-
- local wconf = {
- device = m.hidden.device,
- ssid = m.hidden.join,
- mode = (m.hidden.mode == "Ad-Hoc" and "adhoc" or "sta")
- }
-
- if m.hidden.wep == "1" then
- wconf.encryption = "wep-open"
- wconf.key = "1"
- wconf.key1 = key and key:formvalue(section) or ""
- elseif (tonumber(m.hidden.wpa_version) or 0) > 0 then
- wconf.encryption = (tonumber(m.hidden.wpa_version) or 0) >= 2 and "psk2" or "psk"
- wconf.key = key and key:formvalue(section) or ""
- else
- wconf.encryption = "none"
- end
-
- if wconf.mode == "adhoc" or wconf.mode == "sta" then
- wconf.bssid = m.hidden.bssid
- end
-
- local value = self:formvalue(section)
- net = nw:add_network(value, { proto = "dhcp" })
-
- if not net then
- self.error = { [section] = "missing" }
- else
- wconf.network = net:name()
-
- local wnet = wdev:add_wifinet(wconf)
- if wnet then
- if zone then
- fw:del_network(net:name())
- zone:add_network(net:name())
- end
-
- uci:save("wireless")
- uci:save("network")
- uci:save("firewall")
-
- luci.http.redirect(wnet:adminlink())
- end
- end
-end
-
-if has_firewall then
- function fwzone.cfgvalue(self, section)
- self.iface = section
- local z = fw:get_zone_by_network(section)
- return z and z:name()
- end
-end
-
-return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua
deleted file mode 100644
index 54720d6889..0000000000
--- a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua
+++ /dev/null
@@ -1,153 +0,0 @@
--- Copyright 2018 Jo-Philipp Wich <jo@mein.io>
--- Licensed to the public under the Apache License 2.0.
-
-local fs = require "nixio.fs"
-local utl = require "luci.util"
-local tpl = require "luci.template"
-local ntm = require "luci.model.network"
-
-local has_iwinfo = pcall(require, "iwinfo")
-
-function guess_wifi_hw(dev)
- local bands = ""
- local ifname = dev:name()
- local name, idx = ifname:match("^([a-z]+)(%d+)")
- idx = tonumber(idx)
-
- if has_iwinfo then
- local bl = dev.iwinfo.hwmodelist
- if bl and next(bl) then
- if bl.a then bands = bands .. "a" end
- if bl.b then bands = bands .. "b" end
- if bl.g then bands = bands .. "g" end
- if bl.n then bands = bands .. "n" end
- if bl.ac then bands = bands .. "ac" end
- end
-
- local hw = dev.iwinfo.hardware_name
- if hw then
- return "%s 802.11%s" %{ hw, bands }
- end
- end
-
- -- wl.o
- if name == "wl" then
- local name = translatef("Broadcom 802.11%s Wireless Controller", bands)
- local nm = 0
-
- local fd = nixio.open("/proc/bus/pci/devices", "r")
- if fd then
- local ln
- for ln in fd:linesource() do
- if ln:match("wl$") then
- if nm == idx then
- local version = ln:match("^%S+%s+%S%S%S%S([0-9a-f]+)")
- name = translatef(
- "Broadcom BCM%04x 802.11 Wireless Controller",
- tonumber(version, 16)
- )
-
- break
- else
- nm = nm + 1
- end
- end
- end
- fd:close()
- end
-
- return name
-
- -- dunno yet
- else
- return translatef("Generic 802.11%s Wireless Controller", bands)
- end
-end
-
-
-m = Map("wireless", translate("Wireless Overview"))
-m:chain("network")
-m.pageaction = false
-
-if not has_iwinfo then
- s = m:section(NamedSection, "__warning__")
-
- function s.render(self)
- tpl.render_string([[
- <div class="alert-message warning">
- <h4><%:Package libiwinfo required!%></h4>
- <p><%_The <em>libiwinfo-lua</em> package is not installed. You must install this component for working wireless configuration!%></p>
- </div>
- ]])
- end
-end
-
-local _, dev, net
-for _, dev in ipairs(ntm:get_wifidevs()) do
- s = m:section(TypedSection)
- s.template = "admin_network/wifi_overview"
- s.wnets = dev:get_wifinets()
- s.dev = dev
- s.hw = guess_wifi_hw(dev)
-
- function s.cfgsections(self)
- local _, net, sl = nil, nil, { }
- for _, net in ipairs(self.wnets) do
- sl[#sl+1] = net:name()
- self.wnets[net:name()] = net
- end
- return sl
- end
-
- o = s:option(Value, "__disable__")
-
- function o.cfgvalue(self, sid)
- local wnet = self.section.wnets[sid]
- local wdev = wnet:get_device()
-
- return ((wnet and wnet:get("disabled") == "1") or
- (wdev and wdev:get("disabled") == "1")) and "1" or "0"
- end
-
- function o.write(self, sid, value)
- local wnet = self.section.wnets[sid]
- local wdev = wnet:get_device()
-
- if value ~= "1" then
- wnet:set("disabled", nil)
- wdev:set("disabled", nil)
- else
- wnet:set("disabled", "1")
- end
- end
-
- o.remove = o.write
-
-
- o = s:option(Value, "__delete__")
-
- function o.write(self, sid, value)
- local wnet = self.section.wnets[sid]
- local nets = wnet:get_networks()
-
- ntm:del_wifinet(wnet:id())
-
- local _, net
- for _, net in ipairs(nets) do
- if net:is_empty() then
- ntm:del_network(net:name())
- end
- end
- end
-end
-
-s = m:section(NamedSection, "__assoclist__")
-
-function s.render(self, sid)
- tpl.render_string([[
- <h2><%:Associated Stations%></h2>
- <%+wifi_assoclist%>
- ]])
-end
-
-return m