diff options
| -rw-r--r-- | data/templates/wifi/hostapd.conf.tmpl | 5 | ||||
| -rw-r--r-- | interface-definitions/interfaces-wireless.xml.in | 8 | ||||
| -rwxr-xr-x | src/migration-scripts/interfaces/13-to-14 | 51 |
3 files changed, 59 insertions, 5 deletions
diff --git a/data/templates/wifi/hostapd.conf.tmpl b/data/templates/wifi/hostapd.conf.tmpl index ba1453583..409c9d3bc 100644 --- a/data/templates/wifi/hostapd.conf.tmpl +++ b/data/templates/wifi/hostapd.conf.tmpl @@ -532,8 +532,11 @@ wep_key{{ loop.index -1 }}={{ security.wep.key }} # and/or WPA2 (full IEEE 802.11i/RSN): # bit0 = WPA # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled) +# Note that WPA3 is also configured with bit1 since it uses RSN just like WPA2. +# In other words, for WPA3, wpa=2 is used the configuration (and +# wpa_key_mgmt=SAE for WPA3-Personal instead of wpa_key_mgmt=WPA-PSK). {% if security.wpa.mode is defined %} -{% if security.wpa.mode == 'both' %} +{% if security.wpa.mode == 'wpa+wpa2' %} wpa=3 {% elif security.wpa.mode == 'wpa2' %} wpa=2 diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in index 423ec7ba2..7d576648a 100644 --- a/interface-definitions/interfaces-wireless.xml.in +++ b/interface-definitions/interfaces-wireless.xml.in @@ -681,7 +681,7 @@ <properties> <help>WPA mode</help> <completionHelp> - <list>wpa wpa2 both</list> + <list>wpa wpa2 wpa+wpa2</list> </completionHelp> <valueHelp> <format>wpa</format> @@ -692,15 +692,15 @@ <description>WPA2 (full IEEE 802.11i/RSN)</description> </valueHelp> <valueHelp> - <format>both</format> + <format>wpa+wpa2</format> <description>Allow both WPA and WPA2</description> </valueHelp> <constraint> - <regex>^(wpa|wpa2|both)$</regex> + <regex>^(wpa|wpa2|wpa\+wpa2)$</regex> </constraint> <constraintErrorMessage>Unknown WPA mode</constraintErrorMessage> </properties> - <defaultValue>both</defaultValue> + <defaultValue>wpa+wpa2</defaultValue> </leafNode> <leafNode name="passphrase"> <properties> diff --git a/src/migration-scripts/interfaces/13-to-14 b/src/migration-scripts/interfaces/13-to-14 new file mode 100755 index 000000000..545b57ab2 --- /dev/null +++ b/src/migration-scripts/interfaces/13-to-14 @@ -0,0 +1,51 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# Rename Wireless interface security mode 'both' to 'wpa+wpa2' + +import os + +from sys import exit, argv +from vyos.configtree import ConfigTree + +if __name__ == '__main__': + if (len(argv) < 1): + print("Must specify file name!") + exit(1) + + file_name = argv[1] + with open(file_name, 'r') as f: + config_file = f.read() + + config = ConfigTree(config_file) + base = ['interfaces', 'wireless'] + if not config.exists(base): + # Nothing to do + exit(0) + + for wifi in config.list_nodes(base): + sec_mode = base + [wifi, 'security', 'wpa', 'mode'] + if config.exists(sec_mode): + mode = config.return_value(sec_mode) + if mode == 'both': + config.set(sec_mode, value='wpa+wpa2', replace=True) + + try: + with open(file_name, 'w') as f: + f.write(config.to_string()) + except OSError as e: + print("Failed to save the modified config: {}".format(e)) + exit(1) |