From d50526477ed510a011935747f18bd6b4ec3ec2f1 Mon Sep 17 00:00:00 2001
From: Christopher <root@teritum.dev>
Date: Mon, 10 Jun 2024 19:52:48 +0100
Subject: wireless: T6496: support for EAP-MSCHAPv2 client over wifi
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fix: attempt to fix indentation on `wpa_supplicant.conf.j2`

fix: attempt to fix indentation on `wpa_supplicant.conf.j2`

fix: incorrect bssid mapping

fix: use the correct jinja templating (I think)

fix: “remote blank space

fix: attempt to fix the formatting in j2

fix: attempt to fix the formatting in j2

feat: rename enterprise username and password + add checks in conf mode.

fix: move around `bssid` config option on `wpa_supplicant.conf.j2` and fix the security config part

fix: fix indentation on `wpa_supplicant.conf.j2`
(cherry picked from commit fc4263021acb72d2d8afb165922d9cb7e11b2bf1)
---
 data/templates/wifi/wpa_supplicant.conf.j2 | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'data/templates')

diff --git a/data/templates/wifi/wpa_supplicant.conf.j2 b/data/templates/wifi/wpa_supplicant.conf.j2
index ac857a04a..8839663e1 100644
--- a/data/templates/wifi/wpa_supplicant.conf.j2
+++ b/data/templates/wifi/wpa_supplicant.conf.j2
@@ -61,6 +61,8 @@ network={
     # If not set, this defaults to: WPA-PSK WPA-EAP
 {%     if security.wpa.mode is vyos_defined('wpa3') %}
     key_mgmt=SAE
+{%     elif security.wpa.username is vyos_defined %}
+    key_mgmt=WPA-EAP WPA-EAP-SHA256
 {%     else %}
     key_mgmt=WPA-PSK WPA-PSK-SHA256
 {%     endif %}
@@ -76,8 +78,18 @@ network={
     # from ASCII passphrase. This process uses lot of CPU and wpa_supplicant
     # startup and reconfiguration time can be optimized by generating the PSK only
     # only when the passphrase or SSID has actually changed.
+{%     if security.wpa.username is vyos_defined %}
+    identity="{{ security.wpa.username }}"
+    password="{{ security.wpa.passphrase }}"
+    phase2="auth=MSCHAPV2"
+    eap=PEAP
+{%     elif security.wpa.username is not vyos_defined %}
     psk="{{ security.wpa.passphrase }}"
-{% else %}
+{%     else %}
     key_mgmt=NONE
+{%     endif %}
+{% endif %}
+{% if security.bssid is vyos_defined %}
+    bssid={{ security.bssid }}
 {% endif %}
 }
-- 
cgit v1.2.3