[raspbian] Added support for WPA-EAP mode

Ritwick DSouza · Ritwick DSouza · commit 33ec6dc64a71 · 2017-08-30T03:31:48.000+04:00
diff --git a/netjsonconfig/backends/raspbian/converters/wireless.py b/netjsonconfig/backends/raspbian/converters/wireless.py
@@ -75,23 +75,35 @@ def _get_encryption(self, wireless):
                 if encryption.get('cipher'):
                     wpa_pairwise = str(encryption.get('cipher').replace('+', ' ')).upper()
                     new_encryption.update({'wpa_pairwise': wpa_pairwise})
-            else:
-                if encryption.get('cipher'):
-                    cipher = str(encryption.get('cipher').replace('+', ' ').upper())
-                    new_encryption.update({'cipher': cipher})
-                if encryption.get('eap_type'):
-                    eap_type = encryption.get('eap_type').upper()
-                    new_encryption.update({'eap_type': eap_type})
-                new_encryption.update({
-                    'protocol': 'wpa',
-                    'method': 'enterprise',
-                    'identity': encryption.get('identity', None),
-                    'password': encryption.get('password', None),
-                    'ca_cert': encryption.get('ca_cert', None),
-                    'client_cert': encryption.get('client_cert', None),
-                    'priv_key': encryption.get('priv_key', None),
-                    'priv_key_pwd': encryption.get('priv_key_pwd', None)
-                })
+            elif method == 'enterprise':
+                if wireless.get('mode') == 'access_point':
+                    new_encryption.update({
+                        'protocol': 'wpa',
+                        'method': 'enterprise',
+                        'auth_algs': '1',
+                        'wpa': '1' if protocol == 'wpa' else '2',
+                        'wpa_key_mgmt': 'WPA-EAP',
+                        'auth_server_addr': encryption.get('server'),
+                        'auth_server_port': encryption.get('port', 1812),
+                        'auth_server_shared_secret': encryption.get('key', None),
+                    })
+                elif wireless.get('mode') == 'station':
+                    if encryption.get('cipher'):
+                        cipher = str(encryption.get('cipher').replace('+', ' ').upper())
+                        new_encryption.update({'cipher': cipher})
+                    if encryption.get('eap_type'):
+                        eap_type = encryption.get('eap_type').upper()
+                        new_encryption.update({'eap_type': eap_type})
+                    new_encryption.update({
+                        'protocol': 'wpa',
+                        'method': 'enterprise',
+                        'identity': encryption.get('identity', None),
+                        'password': encryption.get('password', None),
+                        'ca_cert': encryption.get('ca_cert', None),
+                        'client_cert': encryption.get('client_cert', None),
+                        'priv_key': encryption.get('priv_key', None),
+                        'priv_key_pwd': encryption.get('priv_key_pwd', None)
+                    })
         elif 'wep' in protocol:
             new_encryption.update({
                 'protocol': 'wep',
diff --git a/netjsonconfig/backends/raspbian/templates/hostapd.jinja2 b/netjsonconfig/backends/raspbian/templates/hostapd.jinja2
@@ -46,9 +46,24 @@
             auth_algs={{ wireless.encryption.auth_algs }}
             wpa={{ wireless.encryption.wpa }}
             wpa_key_mgmt={{ wireless.encryption.wpa_key_mgmt }}
-            wpa_passphrase={{ wireless.encryption.wpa_passphrase }}
-            {% if wireless.encryption.wpa_pairwise != 'AUTO' %}
-            wpa_pairwise={{ wireless.encryption.wpa_pairwise }}
+            {% if wireless.encryption.method == 'personal' %}
+                wpa_passphrase={{ wireless.encryption.wpa_passphrase }}
+                {% if wireless.encryption.wpa_pairwise != 'AUTO' %}
+                wpa_pairwise={{ wireless.encryption.wpa_pairwise }}
+                {% endif %}
+            {% elif wireless.encryption.method == 'enterprise'%}
+                ieee8021x=1
+                eap_server=1
+                eapol_version=1
+                {% if wireless.encryption.auth_server_addr %}
+                auth_server_addr={{ wireless.encryption.auth_server_addr }}
+                {% endif %}
+                {% if wireless.encryption.auth_server_port %}
+                auth_server_port={{ wireless.encryption.auth_server_port }}
+                {% endif %}
+                {% if wireless.encryption.auth_server_shared_secret %}
+                auth_server_shared_secret={{ wireless.encryption.auth_server_shared_secret }}
+                {% endif %}
             {% endif %}
         {% endif %}
 
