Skip to content

Commit cfd8ba7

Browse files
masapnemesifier
masap
authored and
nemesifier
committed
[feature] OpenWrt: Added support for WPA3-Enterprise #194
This patch is tested on these. - OpenWrt: latest (4b587f25614f3f7215360f96807ce760fa4ef3aa) - hardware: TP-Link Archer C6 v2 Related to #194 Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
1 parent fe6a5aa commit cfd8ba7

3 files changed

Lines changed: 269 additions & 67 deletions

File tree

netjsonconfig/backends/openwrt/converters/wireless.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,7 @@ def __intermediate_encryption(self, wireless):
9797
'wpa_personal_mixed': 'psk-mixed',
9898
'wpa_enterprise': 'wpa',
9999
'wpa2_enterprise': 'wpa2',
100+
'wpa3_enterprise': 'wpa3',
100101
'wpa_enterprise_mixed': 'wpa-mixed',
101102
'wps': 'psk',
102103
}
@@ -122,7 +123,7 @@ def __intermediate_encryption(self, wireless):
122123
uci['key'] = encryption['key']
123124
# add ciphers
124125
cipher = encryption.get('cipher')
125-
if protocol == 'wpa3_personal':
126+
if protocol == 'wpa3_personal' or protocol == 'wpa3_enterprise':
126127
cipher = 'ccmp'
127128
if cipher and protocol.startswith('wpa') and cipher != 'auto':
128129
uci['encryption'] += '+{0}'.format(cipher)
@@ -261,6 +262,7 @@ def __netjson_encryption(self, wifi):
261262
'psk-mixed': 'wpa_personal_mixed',
262263
'wpa': 'wpa_enterprise',
263264
'wpa2': 'wpa2_enterprise',
265+
'wpa3': 'wpa3_enterprise',
264266
'wpa-mixed': 'wpa_enterprise_mixed',
265267
}
266268
settings['protocol'] = protocol_mapping[protocol]

netjsonconfig/schema.py

Lines changed: 97 additions & 66 deletions
Original file line numberDiff line numberDiff line change
@@ -359,6 +359,7 @@
359359
"oneOf": [
360360
{"$ref": "#/definitions/encryption_none"},
361361
{"$ref": "#/definitions/encryption_wpa3_personal"},
362+
{"$ref": "#/definitions/encryption_wpa3_enterprise_ap"},
362363
{"$ref": "#/definitions/encryption_wpa_personal"},
363364
{"$ref": "#/definitions/encryption_wpa_enterprise_ap"},
364365
{"$ref": "#/definitions/encryption_wps"},
@@ -377,6 +378,7 @@
377378
"oneOf": [
378379
{"$ref": "#/definitions/encryption_none"},
379380
{"$ref": "#/definitions/encryption_wpa3_personal"},
381+
{"$ref": "#/definitions/encryption_wpa3_enterprise_sta"},
380382
{"$ref": "#/definitions/encryption_wpa_personal"},
381383
{"$ref": "#/definitions/encryption_wpa_enterprise_sta"},
382384
{"$ref": "#/definitions/encryption_wep"},
@@ -512,6 +514,99 @@
512514
},
513515
],
514516
},
517+
"encryption_wpa_enterprise_ap_base_settings": {
518+
"required": ["server"],
519+
"properties": {
520+
"server": {
521+
"type": "string",
522+
"minLength": 3,
523+
"title": "radius server",
524+
"propertyOrder": 4,
525+
},
526+
"key": {"title": "shared secret", "minLength": 4, "propertyOrder": 5},
527+
"port": {
528+
"type": "integer",
529+
"title": "radius port",
530+
"default": 1812,
531+
"propertyOrder": 6,
532+
},
533+
"acct_server": {
534+
"type": "string",
535+
"title": "accounting server",
536+
"propertyOrder": 7,
537+
},
538+
"acct_server_port": {
539+
"type": "integer",
540+
"title": "accounting port",
541+
"default": 1813,
542+
"propertyOrder": 8,
543+
},
544+
},
545+
},
546+
"encryption_wpa_enterprise_sta_base_settings": {
547+
"properties": {
548+
"eap_type": {
549+
"title": "EAP protocol",
550+
"type": "string",
551+
"enum": ["tls", "ttls"],
552+
"options": {"enum_titles": ["EAP-TLS", "EAP-TTLS"]},
553+
"propertyOrder": 4,
554+
},
555+
"identity": {"type": "string", "propertyOrder": 5},
556+
"password": {"type": "string", "propertyOrder": 6},
557+
"ca_cert": {
558+
"type": "string",
559+
"title": "CA certificate (path)",
560+
"propertyOrder": 7,
561+
},
562+
"client_cert": {
563+
"type": "string",
564+
"title": "client certificate (path)",
565+
"propertyOrder": 8,
566+
},
567+
"priv_key": {
568+
"type": "string",
569+
"title": "private key (path)",
570+
"propertyOrder": 9,
571+
},
572+
"priv_key_pwd": {
573+
"type": "string",
574+
"title": "private key password",
575+
"propertyOrder": 10,
576+
},
577+
},
578+
},
579+
"encryption_wpa3_enterprise_base_settings": {
580+
"properties": {
581+
"protocol": {
582+
"type": "string",
583+
"title": "encryption protocol",
584+
"enum": ["wpa3_enterprise"],
585+
"options": {"enum_titles": ["WPA3 Enterprise"]},
586+
"propertyOrder": 1,
587+
}
588+
}
589+
},
590+
"encryption_wpa3_enterprise_ap": {
591+
"title": "WPA3 only Enterprise (access point)",
592+
"allOf": [
593+
{"$ref": "#/definitions/encryption_base_settings"},
594+
{"$ref": "#/definitions/encryption_cipher_property"},
595+
{"$ref": "#/definitions/encryption_mfp_property_required"},
596+
{"$ref": "#/definitions/encryption_wpa3_enterprise_base_settings"},
597+
{"$ref": "#/definitions/encryption_wpa_enterprise_ap_base_settings"},
598+
],
599+
},
600+
"encryption_wpa3_enterprise_sta": {
601+
"title": "WPA3 only Enterprise (client)",
602+
"additionalProperties": True,
603+
"allOf": [
604+
{"$ref": "#/definitions/encryption_cipher_property"},
605+
{"$ref": "#/definitions/encryption_mfp_property_required"},
606+
{"$ref": "#/definitions/encryption_wpa3_enterprise_base_settings"},
607+
{"$ref": "#/definitions/encryption_wpa_enterprise_sta_base_settings"},
608+
],
609+
},
515610
"encryption_wpa_enterprise_base_settings": {
516611
"properties": {
517612
"protocol": {
@@ -540,39 +635,7 @@
540635
{"$ref": "#/definitions/encryption_cipher_property"},
541636
{"$ref": "#/definitions/encryption_mfp_property"},
542637
{"$ref": "#/definitions/encryption_wpa_enterprise_base_settings"},
543-
{
544-
"required": ["server"],
545-
"properties": {
546-
"server": {
547-
"type": "string",
548-
"minLength": 3,
549-
"title": "radius server",
550-
"propertyOrder": 4,
551-
},
552-
"key": {
553-
"title": "shared secret",
554-
"minLength": 4,
555-
"propertyOrder": 5,
556-
},
557-
"port": {
558-
"type": "integer",
559-
"title": "radius port",
560-
"default": 1812,
561-
"propertyOrder": 6,
562-
},
563-
"acct_server": {
564-
"type": "string",
565-
"title": "accounting server",
566-
"propertyOrder": 7,
567-
},
568-
"acct_server_port": {
569-
"type": "integer",
570-
"title": "accounting port",
571-
"default": 1813,
572-
"propertyOrder": 8,
573-
},
574-
},
575-
},
638+
{"$ref": "#/definitions/encryption_wpa_enterprise_ap_base_settings"},
576639
],
577640
},
578641
"encryption_wpa_enterprise_sta": {
@@ -582,39 +645,7 @@
582645
{"$ref": "#/definitions/encryption_cipher_property"},
583646
{"$ref": "#/definitions/encryption_mfp_property"},
584647
{"$ref": "#/definitions/encryption_wpa_enterprise_base_settings"},
585-
{
586-
"properties": {
587-
"eap_type": {
588-
"title": "EAP protocol",
589-
"type": "string",
590-
"enum": ["tls", "ttls"],
591-
"options": {"enum_titles": ["EAP-TLS", "EAP-TTLS"]},
592-
"propertyOrder": 4,
593-
},
594-
"identity": {"type": "string", "propertyOrder": 5},
595-
"password": {"type": "string", "propertyOrder": 6},
596-
"ca_cert": {
597-
"type": "string",
598-
"title": "CA certificate (path)",
599-
"propertyOrder": 7,
600-
},
601-
"client_cert": {
602-
"type": "string",
603-
"title": "client certificate (path)",
604-
"propertyOrder": 8,
605-
},
606-
"priv_key": {
607-
"type": "string",
608-
"title": "private key (path)",
609-
"propertyOrder": 9,
610-
},
611-
"priv_key_pwd": {
612-
"type": "string",
613-
"title": "private key password",
614-
"propertyOrder": 10,
615-
},
616-
}
617-
},
648+
{"$ref": "#/definitions/encryption_wpa_enterprise_sta_base_settings"},
618649
],
619650
},
620651
"encryption_wep": {

0 commit comments

Comments
 (0)