diff mbox series

[1/3] wireless client: Add support for WPA3

Message ID	20210106144314.2732-1-michael.tremer@ipfire.org
State	Accepted
Headers	From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 1/3] wireless client: Add support for WPA3 Date: Wed, 6 Jan 2021 14:43:12 +0000 Message-Id: <20210106144314.2732-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Cc: Michael Tremer <michael.tremer@ipfire.org> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	[1/3] wireless client: Add support for WPA3 \| [1/3] wireless client: Add support for WPA3 [2/3] wireless client: Try using SHA256 over SHA1 when possible [3/3] wpa_supplicant: Import fresh default configuration

Commit Message

Michael Tremer Jan. 6, 2021, 2:43 p.m. UTC

  Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 doc/language_issues.de            |  1 +
 doc/language_issues.en            |  1 +
 doc/language_issues.es            |  1 +
 doc/language_issues.fr            |  1 +
 doc/language_issues.it            |  1 +
 doc/language_issues.nl            |  1 +
 doc/language_issues.pl            |  1 +
 doc/language_issues.ru            |  1 +
 doc/language_issues.tr            |  1 +
 doc/language_missings             |  8 ++++++++
 html/cgi-bin/wirelessclient.cgi   |  5 +++--
 langs/en/cgi-bin/en.pl            |  1 +
 src/initscripts/system/wlanclient | 15 ++++++++++++++-
 13 files changed, 35 insertions(+), 3 deletions(-)

diff mbox series

Patch

diff --git a/doc/language_issues.de b/doc/language_issues.de
index 6d22fcea4..5d9cbcebc 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -887,6 +887,7 @@  WARNING: untranslated string: show tls-auth key = Show tls-auth key
 WARNING: untranslated string: smb daemon = SMB Daemon
 WARNING: untranslated string: user management = User Management
 WARNING: untranslated string: winbind daemon = Winbind Daemon
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlanap 802.11w disabled = Disabled
 WARNING: untranslated string: wlanap 802.11w enforced = Enforced
 WARNING: untranslated string: wlanap 802.11w optional = Optional
diff --git a/doc/language_issues.en b/doc/language_issues.en
index b3c46de5e..c1e0ec33f 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -2124,6 +2124,7 @@  WARNING: untranslated string: wlan client encryption none = None
 WARNING: untranslated string: wlan client encryption wep = WEP
 WARNING: untranslated string: wlan client encryption wpa = WPA
 WARNING: untranslated string: wlan client encryption wpa2 = WPA2
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client group cipher = Group cipher
 WARNING: untranslated string: wlan client group key algorithm = GKA
 WARNING: untranslated string: wlan client identity = Identity
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 9f62f03f2..9c41d68be 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -1499,6 +1499,7 @@  WARNING: untranslated string: wlan client encryption none = None
 WARNING: untranslated string: wlan client encryption wep = WEP
 WARNING: untranslated string: wlan client encryption wpa = WPA
 WARNING: untranslated string: wlan client encryption wpa2 = WPA2
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client group cipher = Group cipher
 WARNING: untranslated string: wlan client group key algorithm = GKA
 WARNING: untranslated string: wlan client identity = Identity
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 90a745360..aad3667c4 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -921,3 +921,4 @@  WARNING: untranslated string: tor guard country any = Any country
 WARNING: untranslated string: tor guard nodes = Guard Nodes
 WARNING: untranslated string: tor use guard nodes = Use only these guard nodes (one fingerprint per line)
 WARNING: untranslated string: whois results from = WHOIS results from
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 62e4f9953..83229dad2 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -1191,6 +1191,7 @@  WARNING: untranslated string: wlan client eap authentication method = EAP Authen
 WARNING: untranslated string: wlan client eap phase2 method = EAP Phase 2 Method
 WARNING: untranslated string: wlan client eap state = EAP Status
 WARNING: untranslated string: wlan client encryption eap = EAP
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client identity = Identity
 WARNING: untranslated string: wlan client method = Method
 WARNING: untranslated string: wlan client password = Password
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 9a767322e..fc5915883 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -1232,6 +1232,7 @@  WARNING: untranslated string: wlan client eap authentication method = EAP Authen
 WARNING: untranslated string: wlan client eap phase2 method = EAP Phase 2 Method
 WARNING: untranslated string: wlan client eap state = EAP Status
 WARNING: untranslated string: wlan client encryption eap = EAP
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client identity = Identity
 WARNING: untranslated string: wlan client method = Method
 WARNING: untranslated string: wlan client password = Password
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 9f62f03f2..9c41d68be 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -1499,6 +1499,7 @@  WARNING: untranslated string: wlan client encryption none = None
 WARNING: untranslated string: wlan client encryption wep = WEP
 WARNING: untranslated string: wlan client encryption wpa = WPA
 WARNING: untranslated string: wlan client encryption wpa2 = WPA2
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client group cipher = Group cipher
 WARNING: untranslated string: wlan client group key algorithm = GKA
 WARNING: untranslated string: wlan client identity = Identity
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 5d16e0b18..3ec377f5e 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -1492,6 +1492,7 @@  WARNING: untranslated string: wlan client encryption none = None
 WARNING: untranslated string: wlan client encryption wep = WEP
 WARNING: untranslated string: wlan client encryption wpa = WPA
 WARNING: untranslated string: wlan client encryption wpa2 = WPA2
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlan client group cipher = Group cipher
 WARNING: untranslated string: wlan client group key algorithm = GKA
 WARNING: untranslated string: wlan client identity = Identity
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 26530a923..3c6b44a63 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -1061,6 +1061,7 @@  WARNING: untranslated string: vulnerability = Vulnerability
 WARNING: untranslated string: vulnerable = Vulnerable
 WARNING: untranslated string: whois results from = WHOIS results from
 WARNING: untranslated string: winbind daemon = Winbind Daemon
+WARNING: untranslated string: wlan client encryption wpa3 = WPA3
 WARNING: untranslated string: wlanap 802.11w disabled = Disabled
 WARNING: untranslated string: wlanap 802.11w enforced = Enforced
 WARNING: untranslated string: wlanap 802.11w optional = Optional
diff --git a/doc/language_missings b/doc/language_missings
index 12e341402..946d7d1fe 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -64,6 +64,7 @@ 
 < wlanap 802.11w disabled
 < wlanap 802.11w enforced
 < wlanap 802.11w optional
+< wlan client encryption wpa3
 ############################################################################
 # Checking cgi-bin translations for language: es                           #
 ############################################################################
@@ -917,6 +918,7 @@ 
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -973,6 +975,7 @@ 
 < tor use guard nodes
 < upload fcdsl.o
 < whois results from
+< wlan client encryption wpa3
 ############################################################################
 # Checking cgi-bin translations for language: it                           #
 ############################################################################
@@ -1332,6 +1335,7 @@ 
 < wlan client eap phase2 method
 < wlan client eap state
 < wlan client encryption eap
+< wlan client encryption wpa3
 < wlan client identity
 < wlan client method
 < wlan client password
@@ -1767,6 +1771,7 @@ 
 < wlan client eap phase2 method
 < wlan client eap state
 < wlan client encryption eap
+< wlan client encryption wpa3
 < wlan client identity
 < wlan client method
 < wlan client password
@@ -2625,6 +2630,7 @@ 
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -3506,6 +3512,7 @@ 
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -3714,6 +3721,7 @@ 
 < wlanap neighbor scan
 < wlanap neighbor scan warning
 < wlanap ssid
+< wlan client encryption wpa3
 < working
 < zoneconf access native
 < zoneconf access none
diff --git a/html/cgi-bin/wirelessclient.cgi b/html/cgi-bin/wirelessclient.cgi
index bbb71a984..440a9e887 100644
--- a/html/cgi-bin/wirelessclient.cgi
+++ b/html/cgi-bin/wirelessclient.cgi
@@ -462,6 +462,7 @@  sub showEditBox() {
 	my %selected = ();
 	$selected{'ENCRYPTION'} = ();
 	$selected{'ENCRYPTION'}{'NONE'} = '';
+	$selected{'ENCRYPTION'}{'WPA3'} = '';
 	$selected{'ENCRYPTION'}{'WPA2'} = '';
 	$selected{'ENCRYPTION'}{'WPA'} = '';
 	$selected{'ENCRYPTION'}{'WEP'} = '';
@@ -505,9 +506,10 @@  sub showEditBox() {
 						<select name='ENCRYPTION'>
 							<option value="NONE" $selected{'ENCRYPTION'}{'NONE'}>$Lang::tr{'wlan client encryption none'}</option>
 							<option value="EAP"  $selected{'ENCRYPTION'}{'EAP'}>$Lang::tr{'wlan client encryption eap'}</option>
+							<option value="WPA3" $selected{'ENCRYPTION'}{'WPA3'}>$Lang::tr{'wlan client encryption wpa3'}</option>
 							<option value="WPA2" $selected{'ENCRYPTION'}{'WPA2'}>$Lang::tr{'wlan client encryption wpa2'}</option>
 							<option value="WPA"  $selected{'ENCRYPTION'}{'WPA'}>$Lang::tr{'wlan client encryption wpa'}</option>
-							<option value="WEP"  $selected{'ENCRYPTION'}{'WEP'}>$Lang::tr{'wlan client encryption wep'}</option>							
+							<option value="WEP"  $selected{'ENCRYPTION'}{'WEP'}>$Lang::tr{'wlan client encryption wep'}</option>
 						</select>
 					</td>
 					<td colspan="2" width='40%'></td>
@@ -839,7 +841,6 @@  sub ValidateInput($) {
 	# Check for invalid key length.
 	} elsif (ValidKeyLength($settings{'ENCRYPTION'}, $settings{'PSK'})) {
 		return "$Lang::tr{'wlan client invalid key length'}";
-
 	}
 
 	# Reset WPA mode, if WPA(2) is not selected.
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index b5284effa..9190eab57 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2948,6 +2948,7 @@ 
 'wlan client encryption wep' => 'WEP',
 'wlan client encryption wpa' => 'WPA',
 'wlan client encryption wpa2' => 'WPA2',
+'wlan client encryption wpa3' => 'WPA3',
 'wlan client group cipher' => 'Group cipher',
 'wlan client group key algorithm' => 'GKA',
 'wlan client identity' => 'Identity',
diff --git a/src/initscripts/system/wlanclient b/src/initscripts/system/wlanclient
index b32a4cb4a..27a144f72 100644
--- a/src/initscripts/system/wlanclient
+++ b/src/initscripts/system/wlanclient
@@ -86,6 +86,7 @@  function wpa_supplicant_config_line() {
 	local config=${2}
 	shift 2
 
+	local ieee80211w
 	local anonymous_identity
 	local auth_alg
 	local auth_mode
@@ -144,6 +145,11 @@  function wpa_supplicant_config_line() {
 		EAP)
 			key_mgmt="WPA-EAP"
 			;;
+		WPA3)
+			key_mgmt="SAE"
+
+			ieee80211w="2"
+			;;
 		WPA2)
 			auth_alg="OPEN"
 			proto="RSN"
@@ -209,7 +215,11 @@  function wpa_supplicant_config_line() {
 			echo "	key_mgmt=${key_mgmt}"
 		fi
 		if [ -n "${psk}" ]; then
-			echo "	psk=\"${psk}\""
+			if [ "${key_mgmt}" = "SAE" ]; then
+				echo "	sae_password=\"${psk}\""
+			else
+				echo "	psk=\"${psk}\""
+			fi
 		fi
 		if [ -n "${wep_tx_keyidx}" ]; then
 			echo "	wep_tx_keyidx=${wep_tx_keyidx}"
@@ -227,6 +237,9 @@  function wpa_supplicant_config_line() {
 		if [ -n "${priority}" ]; then
 			echo "	priority=${priority}"
 		fi
+		if [ -n "${ieee80211w}" ]; then
+			echo "	ieee80211w=${ieee80211w}"
+		fi
 
 		# EAP
 		if [ "${mode}" = "EAP" ]; then