From 02bed261881dd60f212f81e7ed3e3afeb4bd890d Mon Sep 17 00:00:00 2001 From: Hannu Nyman Date: Thu, 9 Feb 2017 14:49:08 +0200 Subject: luci-mod-admin-full: improve 802.11r support * Add WPA/WPA2-PSK mixed mode to the list of allowed modes * Add datatype validation to some fields * Add help texts * Reformat longest lines Signed-off-by: Hannu Nyman --- .../luasrc/model/cbi/admin_network/wifi.lua | 49 ++++++++++++++-------- 1 file changed, 32 insertions(+), 17 deletions(-) (limited to 'modules/luci-mod-admin-full/luasrc/model/cbi') diff --git a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua index ee92d5e31e..e20dd6cf85 100644 --- a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua +++ b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua @@ -902,10 +902,12 @@ end if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then -- Probe EAP support as a proxy for determining if 802.11r support is present - local has_ap_eap = (os.execute("hostapd -veap >/dev/null 2>/dev/null") == 0) - ieee80211r = s:taboption("encryption", Flag, "ieee80211r", translate("802.11r Fast Transition")) + ieee80211r = s:taboption("encryption", Flag, "ieee80211r", + translate("802.11r Fast Transition"), + translate("Enables fast roaming among access points that belong " .. + "to the same Mobility Domain")) ieee80211r:depends({mode="ap", encryption="wpa"}) ieee80211r:depends({mode="ap", encryption="wpa2"}) ieee80211r:depends({mode="ap-wds", encryption="wpa"}) @@ -913,35 +915,47 @@ if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then if has_ap_eap then ieee80211r:depends({mode="ap", encryption="psk"}) ieee80211r:depends({mode="ap", encryption="psk2"}) + ieee80211r:depends({mode="ap", encryption="psk-mixed"}) end ieee80211r.rmempty = true - nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID")) - + nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID"), + translate("Used for two different purposes: RADIUS NAS ID and " .. + "802.11r R0KH-ID. Not needed with normal WPA(2)-PSK.")) nasid:depends({mode="ap", encryption="wpa"}) nasid:depends({mode="ap", encryption="wpa2"}) nasid:depends({mode="ap-wds", encryption="wpa"}) nasid:depends({mode="ap-wds", encryption="wpa2"}) nasid:depends({ieee80211r="1"}) nasid.rmempty = true - mobility_domain = s:taboption("encryption", Value, "mobility_domain", translate("Mobility Domain")) + + mobility_domain = s:taboption("encryption", Value, "mobility_domain", + translate("Mobility Domain"), + translate("4-character hexadecimal ID")) mobility_domain:depends({ieee80211r="1"}) mobility_domain.placeholder = "4f57" mobility_domain.rmempty = true - r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime", translate("R0 Key Lifetime"), translate("minutes")) + r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime", + translate("R0 Key Lifetime"), translate("minutes")) r0_key_lifetime:depends({ieee80211r="1"}) r0_key_lifetime.placeholder = "10000" + r0_key_lifetime.datatype = "uinteger" r0_key_lifetime.rmempty = true - r1_key_holder = s:taboption("encryption", Value, "r1_key_holder", translate("R1 Key Holder"), translate("6-octet identifier as a hex string - no colons")) + r1_key_holder = s:taboption("encryption", Value, "r1_key_holder", + translate("R1 Key Holder"), + translate("6-octet identifier as a hex string - no colons")) r1_key_holder:depends({ieee80211r="1"}) r1_key_holder.placeholder = "00004f577274" r1_key_holder.rmempty = true - reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline", translate("Reassociation Deadline"), translate("time units (TUs / 1.024 ms) [1000-65535]")) + reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline", + translate("Reassociation Deadline"), + translate("time units (TUs / 1.024 ms) [1000-65535]")) reassociation_deadline:depends({ieee80211r="1"}) reassociation_deadline.placeholder = "1000" + reassociation_deadline.datatype = "range(1000,65535)" reassociation_deadline.rmempty = true pmk_r1_push = s:taboption("encryption", Flag, "pmk_r1_push", translate("PMK R1 Push")) @@ -950,23 +964,24 @@ if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then pmk_r1_push.rmempty = true r0kh = s:taboption("encryption", DynamicList, "r0kh", translate("External R0 Key Holder List"), - translate("List of R0KHs in the same Mobility Domain. ".. - "
Format: MAC-address,NAS-Identifier,128-bit key as hex string. ".. - "
This list is used to map R0KH-ID (NAS Identifier) to a destination MAC address ".. - "when requesting PMK-R1 key from the R0KH that the STA ".. - "used during the Initial Mobility Domain Association.")) + translate("List of R0KHs in the same Mobility Domain. " .. + "
Format: MAC-address,NAS-Identifier,128-bit key as hex string. " .. + "
This list is used to map R0KH-ID (NAS Identifier) to a destination " .. + "MAC address when requesting PMK-R1 key from the R0KH that the STA " .. + "used during the Initial Mobility Domain Association.")) r0kh:depends({ieee80211r="1"}) r0kh.rmempty = true r1kh = s:taboption("encryption", DynamicList, "r1kh", translate("External R1 Key Holder List"), translate ("List of R1KHs in the same Mobility Domain. ".. - "
Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. ".. - "
This list is used to map R1KH-ID to a destination MAC address ".. - "when sending PMK-R1 key from the R0KH. This is also the ".. - "list of authorized R1KHs in the MD that can request PMK-R1 keys.")) + "
Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. ".. + "
This list is used to map R1KH-ID to a destination MAC address " .. + "when sending PMK-R1 key from the R0KH. This is also the " .. + "list of authorized R1KHs in the MD that can request PMK-R1 keys.")) r1kh:depends({ieee80211r="1"}) r1kh.rmempty = true + -- End of 802.11r options eaptype = s:taboption("encryption", ListValue, "eap_type", translate("EAP-Method")) eaptype:value("tls", "TLS") -- cgit v1.2.3