}
function iface_auth_type(config) {
- if (config.auth_type in [ 'sae', 'owe', 'eap2', 'eap192' ]) {
+ if (config.auth_type in [ 'sae', 'owe', 'eap2', 'eap192', 'dpp' ]) {
config.ieee80211w = 2;
config.sae_require_mfp = 1;
if (!config.ppsk)
]);
break;
+ case 'dpp':
+ append_vars(config, [
+ 'dpp_connector', 'dpp_csign', 'dpp_netaccesskey',
+ ]);
+ break;
+
case 'psk':
case 'psk2':
case 'sae':
'wpa_disable_eapol_key_retries', 'auth_algs', 'wpa', 'wpa_pairwise',
'erp_domain', 'fils_realm', 'erp_send_reauth_start', 'fils_cache_id'
]);
+
+ if (config.dpp && config.auth_type != 'dpp')
+ append_vars(config, [
+ 'dpp_connector', 'dpp_csign', 'dpp_netaccesskey',
+ ]);
}
function iface_ppsk(config) {
config.wpa = 0;
for (let k, v in { 'wpa2*': 2, 'wpa3*': 2, '*psk2*': 2, 'psk3*': 2, 'sae*': 2,
- 'owe*': 2, 'wpa*mixed*': 3, '*psk*mixed*': 3, 'wpa*': 1, '*psk*': 1, })
+ 'owe*': 2, 'dpp': 2, 'wpa*mixed*': 3, '*psk*mixed*': 3, 'wpa*': 1, '*psk*': 1, })
if (wildcard(config.encryption, k)) {
config.wpa = v;
break;
config.auth_type = 'owe';
break;
+ case 'dpp':
+ config.auth_type = 'dpp';
+ break;
+
case 'wpa3-192':
config.auth_type = 'eap192';
break;
case 'owe':
append_value(config, 'wpa_key_mgmt', 'OWE');
break;
+
+ case 'dpp':
+ append_value(config, 'wpa_key_mgmt', 'DPP');
+ break;
}
+ if (config.dpp && config.auth_type != 'dpp')
+ append_value(config, 'wpa_key_mgmt', 'DPP');
+
if (config.fils) {
switch(config.auth_type) {
case 'eap192':
function setup_sta(data, config) {
iface.parse_encryption(config);
- if (config.auth_type in [ 'sae', 'owe', 'eap2', 'eap192' ])
+ if (config.auth_type in [ 'sae', 'owe', 'eap2', 'eap192', 'dpp' ])
config.ieee80211w = 2;
else if (config.auth_type in [ 'psk-sae' ] && !config.ieee80211w)
config.ieee80211w = 1;
iface.wpa_key_mgmt(config);
break;
+ case 'dpp':
+ iface.wpa_key_mgmt(config);
+ break;
+
case 'wps':
config.key_mgmt = 'WPS';
break;
'bssid_blacklist', 'bssid_whitelist', 'erp', 'ca_cert', 'identity',
'anonymous_identity', 'client_cert', 'private_key', 'private_key_passwd',
'subject_match', 'altsubject_match', 'domain_match', 'domain_suffix_match',
- 'ca_cert2', 'client_cert2', 'private_key2', 'private_key2_passwd', 'password'
+ 'ca_cert2', 'client_cert2', 'private_key2', 'private_key2_passwd', 'password',
+ 'dpp_connector', 'dpp_csign', 'dpp_netaccesskey',
]);
}
owe)
append wpa_key_mgmt "OWE"
;;
+ dpp)
+ append wpa_key_mgmt "DPP"
+ ;;
esac
+ [ "$dpp" -gt 0 ] && [ "$auth_type" != "dpp" ] && append wpa_key_mgmt "DPP"
+
[ "$fils" -gt 0 ] && {
case "$auth_type" in
eap192)
;;
esac
}
+
}
hostapd_add_log_config() {
config_add_boolean fils
config_add_string fils_dhcp
+ config_add_boolean dpp
+ config_add_string dpp_connector dpp_csign dpp_netaccesskey
+
config_add_int ocv
config_add_boolean beacon_prot spp_amsdu
ppsk airtime_bss_weight airtime_bss_limit airtime_sta_weight \
multicast_to_unicast_all proxy_arp per_sta_vif na_mcast_to_ucast \
eap_server eap_user_file ca_cert server_cert private_key private_key_passwd server_id radius_server_clients radius_server_auth_port \
- vendor_elements fils ocv beacon_prot spp_amsdu apup rsn_override
+ vendor_elements fils ocv beacon_prot spp_amsdu apup rsn_override dpp
set_default rsn_override 1
+ set_default dpp 0
set_default fils 0
set_default isolate 0
set_default maxassoc 0
[ -n "$spp_amsdu" ] && append bss_conf "spp_amsdu=$spp_amsdu" "$N"
case "$auth_type" in
- sae|owe|eap2|eap192)
+ sae|owe|eap2|eap192|dpp)
set_default ieee80211w 2
set_default sae_require_mfp 1
[ "$ppsk" -eq 0 ] && set_default sae_pwe 2
# with WPS enabled, we got to be in unconfigured state.
wps_not_configured=1
;;
+ dpp)
+ json_get_vars dpp_connector dpp_csign dpp_netaccesskey
+
+ [ -n "$dpp_connector" ] && append bss_conf "dpp_connector=$dpp_connector" "$N"
+ [ -n "$dpp_csign" ] && append bss_conf "dpp_csign=$dpp_csign" "$N"
+ [ -n "$dpp_netaccesskey" ] && append bss_conf "dpp_netaccesskey=$dpp_netaccesskey" "$N"
+ ;;
psk|sae|psk-sae)
json_get_vars key wpa_psk_file sae_password_file
if [ "$ppsk" -ne 0 ]; then
fi
fi
+ [ "$dpp" -gt 0 ] && [ "$auth_type" != "dpp" ] && {
+ json_get_vars dpp_connector dpp_csign dpp_netaccesskey
+
+ [ -n "$dpp_connector" ] && append bss_conf "dpp_connector=$dpp_connector" "$N"
+ [ -n "$dpp_csign" ] && append bss_conf "dpp_csign=$dpp_csign" "$N"
+ [ -n "$dpp_netaccesskey" ] && append bss_conf "dpp_netaccesskey=$dpp_netaccesskey" "$N"
+ }
+
json_get_values opts hostapd_bss_options
for val in $opts; do
append bss_conf "$val" "$N"
set_default rsn_override 1
case "$auth_type" in
- sae|owe|eap2|eap192)
+ sae|owe|eap2|eap192|dpp)
set_default ieee80211w 2
;;
psk-sae)
hostapd_append_wpa_key_mgmt
key_mgmt="$wpa_key_mgmt"
;;
+ dpp)
+ hostapd_append_wpa_key_mgmt
+ key_mgmt="$wpa_key_mgmt"
+ ;;
wep)
local wep_keyidx=0
hostapd_append_wep_key network_data
append network_data "mcast_rate=$mc_rate" "$N$T"
}
+ [ "$auth_type" = "dpp" ] && {
+ json_get_vars dpp_connector dpp_csign dpp_netaccesskey
+
+ [ -n "$dpp_connector" ] && append network_data "dpp_connector=$dpp_connector" "$N$T"
+ [ -n "$dpp_csign" ] && append network_data "dpp_csign=$dpp_csign" "$N$T"
+ [ -n "$dpp_netaccesskey" ] && append network_data "dpp_netaccesskey=$dpp_netaccesskey" "$N$T"
+ }
+
if [ "$key_mgmt" = "WPS" ]; then
echo "wps_cred_processing=1" >> "$_config"
else
# wpa2/tkip+aes => WPA2 RADIUS, CCMP+TKIP
case "$encryption" in
- wpa2*|wpa3*|*psk2*|psk3*|sae*|owe*)
+ wpa2*|wpa3*|*psk2*|psk3*|sae*|owe*|dpp)
wpa=2
;;
wpa*mixed*|*psk*mixed*)
owe*)
auth_type=owe
;;
+ dpp)
+ auth_type=dpp
+ ;;
wpa3-192*)
auth_type=eap192
;;
projects / thirdparty / openwrt.git / commitdiff
