diff options
| -rw-r--r-- | data/templates/wifi/cfg80211.conf.tmpl | 1 | ||||
| -rw-r--r-- | data/templates/wifi/crda.tmpl | 1 | ||||
| -rw-r--r-- | data/templates/wifi/hostapd.conf.j2 (renamed from data/templates/wifi/hostapd.conf.tmpl) | 309 | ||||
| -rw-r--r-- | data/templates/wifi/wpa_supplicant.conf.j2 (renamed from data/templates/wifi/wpa_supplicant.conf.tmpl) | 6 | ||||
| -rwxr-xr-x | src/conf_mode/interfaces-wireless.py | 4 |
5 files changed, 158 insertions, 163 deletions
diff --git a/data/templates/wifi/cfg80211.conf.tmpl b/data/templates/wifi/cfg80211.conf.tmpl deleted file mode 100644 index c029f1311..000000000 --- a/data/templates/wifi/cfg80211.conf.tmpl +++ /dev/null @@ -1 +0,0 @@ -{{ 'options cfg80211 ieee80211_regdom=' ~ regdom if regdom is vyos_defined }} diff --git a/data/templates/wifi/crda.tmpl b/data/templates/wifi/crda.tmpl deleted file mode 100644 index e6428f34d..000000000 --- a/data/templates/wifi/crda.tmpl +++ /dev/null @@ -1 +0,0 @@ -{{ 'REGDOMAIN=' ~ regdom if regdom is vyos_defined }} diff --git a/data/templates/wifi/hostapd.conf.tmpl b/data/templates/wifi/hostapd.conf.j2 index 79d005b15..f2312d2d4 100644 --- a/data/templates/wifi/hostapd.conf.tmpl +++ b/data/templates/wifi/hostapd.conf.j2 @@ -1,5 +1,6 @@ +{# j2lint: disable=operator-enclosed-by-spaces #} ### Autogenerated by interfaces-wireless.py ### -{% if description %} +{% if description is vyos_defined %} # Description: {{ description }} # User-friendly description of device; up to 32 octets encoded in UTF-8 device_name={{ description | truncate(32, True) }} @@ -24,9 +25,9 @@ interface={{ ifname }} # has been started to change the interface mode). If needed, the bridge # interface is also created. {# as there can only be one bridge interface it is save to loop #} -{% for bridge in is_bridge_member %} +{% for bridge in is_bridge_member %} bridge={{ bridge }} -{% endfor %} +{% endfor %} {% endif %} # Driver interface type (hostap/wired/none/nl80211/bsd); @@ -81,15 +82,15 @@ channel={{ channel }} # special value "any" can be used to indicate that any support band can be used. # This special case is currently supported only with drivers with which # offloaded ACS is used. -{% if mode is vyos_defined('n') %} +{% if mode is vyos_defined('n') %} hw_mode=g -{% elif mode is vyos_defined('ac') %} +{% elif mode is vyos_defined('ac') %} hw_mode=a ieee80211h=1 ieee80211ac=1 -{% else %} +{% else %} hw_mode={{ mode }} -{% endif %} +{% endif %} {% endif %} # ieee80211w: Whether management frame protection (MFP) is enabled @@ -138,58 +139,58 @@ ieee80211w=2 # DSSS/CCK Mode in 40 MHz: [DSSS_CCK-40] = allowed (not allowed if not set) # 40 MHz intolerant [40-INTOLERANT] (not advertised if not set) # L-SIG TXOP protection support: [LSIG-TXOP-PROT] (disabled if not set) -{% set output = namespace(value='') %} - -{% if capabilities.ht.fourtymhz_incapable is vyos_defined %} -{% set output.value = output.value ~ '[40-INTOLERANT]' %} -{% endif %} -{% if capabilities.ht.delayed_block_ack is vyos_defined %} -{% set output.value = output.value ~ '[DELAYED-BA]' %} -{% endif %} -{% if capabilities.ht.dsss_cck_40 is vyos_defined %} -{% set output.value = output.value ~ '[DSSS_CCK-40]' %} -{% endif %} -{% if capabilities.ht.greenfield is vyos_defined %} -{% set output.value = output.value ~ '[GF]' %} -{% endif %} -{% if capabilities.ht.ldpc is vyos_defined %} -{% set output.value = output.value ~ '[LDPC]' %} -{% endif %} -{% if capabilities.ht.lsig_protection is vyos_defined %} -{% set output.value = output.value ~ '[LSIG-TXOP-PROT]' %} -{% endif %} -{% if capabilities.ht.stbc.tx is vyos_defined %} -{% set output.value = output.value ~ '[TX-STBC]' %} -{% endif %} -{% if capabilities.ht.stbc.rx is vyos_defined %} -{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.ht.stbc.rx | upper ~ ']' %} -{% endif %} -{% if capabilities.ht.max_amsdu is vyos_defined %} -{% set output.value = output.value ~ '[MAX-AMSDU-' ~ capabilities.ht.max_amsdu ~ ']' %} -{% endif %} -{% if capabilities.ht.smps is vyos_defined %} -{% set output.value = output.value ~ '[SMPS-' ~ capabilities.ht.smps | upper ~ ']' %} -{% endif %} - -{% if capabilities.ht.channel_set_width is vyos_defined %} -{% for csw in capabilities.ht.channel_set_width %} -{% set output.value = output.value ~ '[' ~ csw | upper ~ ']' %} -{% endfor %} -{% endif %} +{% set output = namespace(value='') %} -{% if capabilities.ht.short_gi is vyos_defined %} -{% for short_gi in capabilities.ht.short_gi %} -{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} -{% endfor %} -{% endif %} +{% if capabilities.ht.fourtymhz_incapable is vyos_defined %} +{% set output.value = output.value ~ '[40-INTOLERANT]' %} +{% endif %} +{% if capabilities.ht.delayed_block_ack is vyos_defined %} +{% set output.value = output.value ~ '[DELAYED-BA]' %} +{% endif %} +{% if capabilities.ht.dsss_cck_40 is vyos_defined %} +{% set output.value = output.value ~ '[DSSS_CCK-40]' %} +{% endif %} +{% if capabilities.ht.greenfield is vyos_defined %} +{% set output.value = output.value ~ '[GF]' %} +{% endif %} +{% if capabilities.ht.ldpc is vyos_defined %} +{% set output.value = output.value ~ '[LDPC]' %} +{% endif %} +{% if capabilities.ht.lsig_protection is vyos_defined %} +{% set output.value = output.value ~ '[LSIG-TXOP-PROT]' %} +{% endif %} +{% if capabilities.ht.stbc.tx is vyos_defined %} +{% set output.value = output.value ~ '[TX-STBC]' %} +{% endif %} +{% if capabilities.ht.stbc.rx is vyos_defined %} +{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.ht.stbc.rx | upper ~ ']' %} +{% endif %} +{% if capabilities.ht.max_amsdu is vyos_defined %} +{% set output.value = output.value ~ '[MAX-AMSDU-' ~ capabilities.ht.max_amsdu ~ ']' %} +{% endif %} +{% if capabilities.ht.smps is vyos_defined %} +{% set output.value = output.value ~ '[SMPS-' ~ capabilities.ht.smps | upper ~ ']' %} +{% endif %} + +{% if capabilities.ht.channel_set_width is vyos_defined %} +{% for csw in capabilities.ht.channel_set_width %} +{% set output.value = output.value ~ '[' ~ csw | upper ~ ']' %} +{% endfor %} +{% endif %} + +{% if capabilities.ht.short_gi is vyos_defined %} +{% for short_gi in capabilities.ht.short_gi %} +{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} +{% endfor %} +{% endif %} ht_capab={{ output.value }} -{% if capabilities.ht.auto_powersave is vyos_defined %} +{% if capabilities.ht.auto_powersave is vyos_defined %} # WMM-PS Unscheduled Automatic Power Save Delivery [U-APSD] # Enable this flag if U-APSD supported outside hostapd (eg., Firmware/driver) uapsd_advertisement_enabled=1 -{% endif %} +{% endif %} {% endif %} # Required for full HT and VHT functionality @@ -320,86 +321,86 @@ require_ht=1 # 0 = Tx antenna pattern might change during the lifetime of an association # 1 = Tx antenna pattern does not change during the lifetime of an -{% if capabilities.vht.center_channel_freq.freq_1 is vyos_defined %} +{% if capabilities.vht.center_channel_freq.freq_1 is vyos_defined %} # center freq = 5 GHz ~ (5 * index) # So index 42 gives center freq 5.210 GHz # which is channel 42 in 5G band vht_oper_centr_freq_seg0_idx={{ capabilities.vht.center_channel_freq.freq_1 }} -{% endif %} +{% endif %} -{% if capabilities.vht.center_channel_freq.freq_2 is vyos_defined %} +{% if capabilities.vht.center_channel_freq.freq_2 is vyos_defined %} # center freq = 5 GHz ~ (5 * index) # So index 159 gives center freq 5.795 GHz # which is channel 159 in 5G band vht_oper_centr_freq_seg1_idx={{ capabilities.vht.center_channel_freq.freq_2 }} -{% endif %} +{% endif %} -{% if capabilities.vht.channel_set_width is vyos_defined %} +{% if capabilities.vht.channel_set_width is vyos_defined %} vht_oper_chwidth={{ capabilities.vht.channel_set_width }} -{% endif %} - -{% set output = namespace(value='') %} -{% if capabilities.vht.stbc.tx is vyos_defined %} -{% set output.value = output.value ~ '[TX-STBC-2BY1]' %} -{% endif %} -{% if capabilities.vht.stbc.rx is vyos_defined %} -{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.vht.stbc.rx ~ ']' %} -{% endif %} -{% if capabilities.vht.ldpc is vyos_defined %} -{% set output.value = output.value ~ '[RXLDPC]' %} -{% endif %} -{% if capabilities.vht.tx_powersave is vyos_defined %} -{% set output.value = output.value ~ '[VHT-TXOP-PS]' %} -{% endif %} -{% if capabilities.vht.vht_cf is vyos_defined %} -{% set output.value = output.value ~ '[HTC-VHT]' %} -{% endif %} -{% if capabilities.vht.antenna_pattern_fixed is vyos_defined %} -{% set output.value = output.value ~ '[RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]' %} -{% endif %} -{% if capabilities.vht.max_mpdu is vyos_defined %} -{% set output.value = output.value ~ '[MAX-MPDU-' ~ capabilities.vht.max_mpdu ~ ']' %} -{% endif %} -{% if capabilities.vht.max_mpdu_exp is vyos_defined %} -{% set output.value = output.value ~ '[MAX-A-MPDU-LEN-EXP-' ~ capabilities.vht.max_mpdu_exp ~ ']' %} -{% if capabilities.vht.max_mpdu_exp is vyos_defined('2') %} -{% set output.value = output.value ~ '[VHT160]' %} -{% endif %} -{% if capabilities.vht.max_mpdu_exp is vyos_defined('3') %} -{% set output.value = output.value ~ '[VHT160-80PLUS80]' %} -{% endif %} -{% endif %} -{% if capabilities.vht.link_adaptation is vyos_defined('unsolicited') %} -{% set output.value = output.value ~ '[VHT-LINK-ADAPT2]' %} -{% elif capabilities.vht.link_adaptation is vyos_defined('both') %} -{% set output.value = output.value ~ '[VHT-LINK-ADAPT3]' %} -{% endif %} - -{% for short_gi in capabilities.vht.short_gi if capabilities.vht.short_gi is vyos_defined %} -{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} -{% endfor %} - -{% for beamform in capabilities.vht.beamform if capabilities.vht.beamform is vyos_defined %} -{% set output.value = output.value ~ '[SU-BEAMFORMER]' if beamform is vyos_defined('single-user-beamformer') else '' %} -{% set output.value = output.value ~ '[SU-BEAMFORMEE]' if beamform is vyos_defined('single-user-beamformee') else '' %} -{% set output.value = output.value ~ '[MU-BEAMFORMER]' if beamform is vyos_defined('multi-user-beamformer') else '' %} -{% set output.value = output.value ~ '[MU-BEAMFORMEE]' if beamform is vyos_defined('multi-user-beamformee') else '' %} -{% endfor %} - -{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 %} -{% if capabilities.vht.beamform is vyos_defined %} -{% if capabilities.vht.beamform == 'single-user-beamformer' %} -{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 6 %} -{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} -{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} +{% endif %} + +{% set output = namespace(value='') %} +{% if capabilities.vht.stbc.tx is vyos_defined %} +{% set output.value = output.value ~ '[TX-STBC-2BY1]' %} +{% endif %} +{% if capabilities.vht.stbc.rx is vyos_defined %} +{% set output.value = output.value ~ '[RX-STBC-' ~ capabilities.vht.stbc.rx ~ ']' %} +{% endif %} +{% if capabilities.vht.ldpc is vyos_defined %} +{% set output.value = output.value ~ '[RXLDPC]' %} +{% endif %} +{% if capabilities.vht.tx_powersave is vyos_defined %} +{% set output.value = output.value ~ '[VHT-TXOP-PS]' %} +{% endif %} +{% if capabilities.vht.vht_cf is vyos_defined %} +{% set output.value = output.value ~ '[HTC-VHT]' %} +{% endif %} +{% if capabilities.vht.antenna_pattern_fixed is vyos_defined %} +{% set output.value = output.value ~ '[RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]' %} +{% endif %} +{% if capabilities.vht.max_mpdu is vyos_defined %} +{% set output.value = output.value ~ '[MAX-MPDU-' ~ capabilities.vht.max_mpdu ~ ']' %} +{% endif %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined %} +{% set output.value = output.value ~ '[MAX-A-MPDU-LEN-EXP-' ~ capabilities.vht.max_mpdu_exp ~ ']' %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined('2') %} +{% set output.value = output.value ~ '[VHT160]' %} +{% endif %} +{% if capabilities.vht.max_mpdu_exp is vyos_defined('3') %} +{% set output.value = output.value ~ '[VHT160-80PLUS80]' %} +{% endif %} +{% endif %} +{% if capabilities.vht.link_adaptation is vyos_defined('unsolicited') %} +{% set output.value = output.value ~ '[VHT-LINK-ADAPT2]' %} +{% elif capabilities.vht.link_adaptation is vyos_defined('both') %} +{% set output.value = output.value ~ '[VHT-LINK-ADAPT3]' %} +{% endif %} + +{% for short_gi in capabilities.vht.short_gi if capabilities.vht.short_gi is vyos_defined %} +{% set output.value = output.value ~ '[SHORT-GI-' ~ short_gi | upper ~ ']' %} +{% endfor %} + +{% for beamform in capabilities.vht.beamform if capabilities.vht.beamform is vyos_defined %} +{% set output.value = output.value ~ '[SU-BEAMFORMER]' if beamform is vyos_defined('single-user-beamformer') else '' %} +{% set output.value = output.value ~ '[SU-BEAMFORMEE]' if beamform is vyos_defined('single-user-beamformee') else '' %} +{% set output.value = output.value ~ '[MU-BEAMFORMER]' if beamform is vyos_defined('multi-user-beamformer') else '' %} +{% set output.value = output.value ~ '[MU-BEAMFORMEE]' if beamform is vyos_defined('multi-user-beamformee') else '' %} +{% endfor %} + +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 %} +{% if capabilities.vht.beamform is vyos_defined %} +{% if capabilities.vht.beamform == 'single-user-beamformer' %} +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 6 %} +{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} +{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count | int -1 ~ ']' %} +{% endif %} +{% endif %} +{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 5 %} +{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count ~ ']' %} +{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count ~ ']' %} +{% endif %} {% endif %} -{% endif %} -{% if capabilities.vht.antenna_count is vyos_defined and capabilities.vht.antenna_count | int > 1 and capabilities.vht.antenna_count | int < 5 %} -{% set output.value = output.value ~ '[BF-ANTENNA-' ~ capabilities.vht.antenna_count ~ ']' %} -{% set output.value = output.value ~ '[SOUNDING-DIMENSION-' ~ capabilities.vht.antenna_count ~ ']' %} -{% endif %} {% endif %} -{% endif %} vht_capab={{ output.value }} {% endif %} @@ -414,11 +415,7 @@ ieee80211n=0 # Require stations to support VHT PHY (reject association if they do not) require_vht=1 {% else %} -{% if 'n' in mode or 'ac' in mode %} -ieee80211n=1 -{% else %} -ieee80211n=0 -{% endif %} +ieee80211n={{ '1' if 'n' in mode or 'ac' in mode else '0' }} {% endif %} {% if disable_broadcast_ssid is vyos_defined %} @@ -502,11 +499,11 @@ wep_default_key=0 # digits, depending on whether 40-bit (64-bit), 104-bit (128-bit), or # 128-bit (152-bit) WEP is used. # Only the default key must be supplied; the others are optional. -{% if security.wep.key is vyos_defined %} -{% for key in sec_wep_key %} +{% if security.wep.key is vyos_defined %} +{% for key in sec_wep_key %} wep_key{{ loop.index -1 }}={{ security.wep.key }} -{% endfor %} -{% endif %} +{% endfor %} +{% endif %} {% elif security.wpa is vyos_defined %} @@ -526,15 +523,15 @@ wep_key{{ loop.index -1 }}={{ security.wep.key }} # Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2. # In other words, for WPA3, wpa 2 is used the configuration (and # wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK). -{% if security.wpa.mode is vyos_defined('wpa+wpa2') %} +{% if security.wpa.mode is vyos_defined('wpa+wpa2') %} wpa=3 -{% elif security.wpa.mode is vyos_defined('wpa2') or security.wpa.mode is vyos_defined('wpa3') %} +{% elif security.wpa.mode is vyos_defined('wpa2') or security.wpa.mode is vyos_defined('wpa3') %} wpa=2 -{% elif security.wpa.mode is vyos_defined('wpa') %} +{% elif security.wpa.mode is vyos_defined('wpa') %} wpa=1 -{% endif %} +{% endif %} -{% if security.wpa.cipher is vyos_defined %} +{% if security.wpa.cipher is vyos_defined %} # Set of accepted cipher suites (encryption algorithms) for pairwise keys # (unicast packets). This is a space separated list of algorithms: # CCMP = AES in Counter mode with CBC-MAC (CCMP-128) @@ -548,16 +545,16 @@ wpa=1 # TKIP will be used as the group cipher. The optional group_cipher parameter can # be used to override this automatic selection. -{% if security.wpa.mode is vyos_defined('wpa2') %} +{% if security.wpa.mode is vyos_defined('wpa2') %} # Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value) rsn_pairwise={{ security.wpa.cipher | join(" ") }} -{% else %} +{% else %} # Pairwise cipher for WPA (v1) (default: TKIP) wpa_pairwise={{ security.wpa.cipher | join(" ") }} +{% endif %} {% endif %} -{% endif %} -{% if security.wpa.group_cipher is vyos_defined %} +{% if security.wpa.group_cipher is vyos_defined %} # Optional override for automatic group cipher selection # This can be used to select a specific group cipher regardless of which # pairwise ciphers were enabled for WPA and RSN. It should be noted that @@ -565,9 +562,9 @@ wpa_pairwise={{ security.wpa.cipher | join(" ") }} # interoperability issues and in general, this parameter is mainly used for # testing purposes. group_cipher={{ security.wpa.group_cipher | join(" ") }} -{% endif %} +{% endif %} -{% if security.wpa.passphrase is vyos_defined %} +{% if security.wpa.passphrase is vyos_defined %} # IEEE 802.11 specifies two authentication algorithms. hostapd can be # configured to allow both of these or only one. Open system authentication # should be used with IEEE 802.1X. @@ -591,13 +588,13 @@ wpa_passphrase={{ security.wpa.passphrase }} # WPA-EAP-SHA256 = WPA2-Enterprise using SHA256 # SAE = SAE (WPA3-Personal) # WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite -{% if security.wpa.mode is vyos_defined('wpa3') %} +{% if security.wpa.mode is vyos_defined('wpa3') %} wpa_key_mgmt=SAE -{% else %} +{% else %} wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 -{% endif %} +{% endif %} -{% elif security.wpa.radius is vyos_defined %} +{% elif security.wpa.radius is vyos_defined %} ##### IEEE 802.1X-2004 related configuration ################################## # Require IEEE 802.1X authorization ieee8021x=1 @@ -611,43 +608,43 @@ ieee8021x=1 # WPA-EAP-SHA256 = WPA2-Enterprise using SHA256 # SAE = SAE (WPA3-Personal) # WPA-EAP-SUITE-B-192 = WPA3-Enterprise with 192-bit security/CNSA suite -{% if security.wpa.mode is vyos_defined('wpa3') %} +{% if security.wpa.mode is vyos_defined('wpa3') %} wpa_key_mgmt=WPA-EAP-SUITE-B-192 -{% else %} +{% else %} wpa_key_mgmt=WPA-EAP WPA-EAP-SHA256 -{% endif %} +{% endif %} -{% if security.wpa.radius.server is vyos_defined %} +{% if security.wpa.radius.server is vyos_defined %} # RADIUS client forced local IP address for the access point # Normally the local IP address is determined automatically based on configured # IP addresses, but this field can be used to force a specific address to be # used, e.g., when the device has multiple IP addresses. # The own IP address of the access point (used as NAS-IP-Address) -{% if security.wpa.radius.source_address is vyos_defined %} +{% if security.wpa.radius.source_address is vyos_defined %} radius_client_addr={{ security.wpa.radius.source_address }} own_ip_addr={{ security.wpa.radius.source_address }} -{% else %} +{% else %} own_ip_addr=127.0.0.1 -{% endif %} +{% endif %} -{% for radius in security.wpa.radius.server if not radius.disabled %} +{% for radius in security.wpa.radius.server if not radius.disabled %} # RADIUS authentication server auth_server_addr={{ radius.server }} auth_server_port={{ radius.port }} auth_server_shared_secret={{ radius.key }} -{% if radius.acc_port %} +{% if radius.acc_port %} # RADIUS accounting server acct_server_addr={{ radius.server }} acct_server_port={{ radius.acc_port }} acct_server_shared_secret={{ radius.key }} -{% endif %} -{% endfor %} -{% else %} +{% endif %} +{% endfor %} +{% else %} # Open system auth_algs=1 +{% endif %} {% endif %} -{% endif %} {% endif %} # TX queue parameters (EDCF / bursting) diff --git a/data/templates/wifi/wpa_supplicant.conf.tmpl b/data/templates/wifi/wpa_supplicant.conf.j2 index 56cd35a35..01e0d632f 100644 --- a/data/templates/wifi/wpa_supplicant.conf.tmpl +++ b/data/templates/wifi/wpa_supplicant.conf.j2 @@ -59,11 +59,11 @@ network={ # OWE = Opportunistic Wireless Encryption (a.k.a. Enhanced Open) # DPP = Device Provisioning Protocol # If not set, this defaults to: WPA-PSK WPA-EAP -{% if security.wpa.mode is vyos_defined('wpa3') %} +{% if security.wpa.mode is vyos_defined('wpa3') %} key_mgmt=SAE -{% else %} +{% else %} key_mgmt=WPA-PSK WPA-PSK-SHA256 -{% endif %} +{% endif %} # psk: WPA preshared key; 256-bit pre-shared key # The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e., diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py index 500952df1..7fc22cdab 100755 --- a/src/conf_mode/interfaces-wireless.py +++ b/src/conf_mode/interfaces-wireless.py @@ -244,11 +244,11 @@ def generate(wifi): # render appropriate new config files depending on access-point or station mode if wifi['type'] == 'access-point': - render(hostapd_conf.format(**wifi), 'wifi/hostapd.conf.tmpl', + render(hostapd_conf.format(**wifi), 'wifi/hostapd.conf.j2', wifi) elif wifi['type'] == 'station': - render(wpa_suppl_conf.format(**wifi), 'wifi/wpa_supplicant.conf.tmpl', + render(wpa_suppl_conf.format(**wifi), 'wifi/wpa_supplicant.conf.j2', wifi) return None |