adafruit-mirror/zephyr
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 9

hostap: support getting enterprise type by status cmd

Browse source 
For 'wifi status' and 'wifi ap status' cmd of the hostap case,
originally only support getting 'EAP-TLS' for the enterprise
mode, which is not correct. Now support getting the specific
enterprise mode, including the WPA3 enterprise mode and
the EAP method type.

Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
This commit is contained in:
Maochen Wang 2024-12-27 16:09:39 +08:00 committed by Benjamin Cabé
parent eb81fba890
commit f2f2fbb315
5 changed files with 95 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/zephyr/net/wifi.h
View file

@ -203,6 +203,9 @@ struct wifi_eap_config {
/** Helper function to get user-friendly security type name. */
const char *wifi_security_txt(enum wifi_security_type security);
/** Helper function to get user-friendly wpa3 enterprise security type name. */
const char *wifi_wpa3_enterprise_txt(enum wifi_wpa3_enterprise_type wpa3_ent);
/** @brief IEEE 802.11w - Management frame protection. */
enum wifi_mfp_options {
/** MFP disabled. */

2
include/zephyr/net/wifi_mgmt.h
View file

@ -684,6 +684,8 @@ struct wifi_iface_status {
enum wifi_iface_mode iface_mode;
/** Link mode, see enum wifi_link_mode */
enum wifi_link_mode link_mode;
/** WPA3 enterprise type */
enum wifi_wpa3_enterprise_type wpa3_ent_type;
/** Security type, see enum wifi_security_type */
enum wifi_security_type security;
/** MFP options, see enum wifi_mfp_options */

75
modules/hostap/src/supp_api.c
View file

@ -27,6 +27,9 @@
#include "hostapd_cli_zephyr.h"
#include "ap_drv_ops.h"
#endif
#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
#include "eap_peer/eap.h"
#endif
#include "supp_events.h"
#include "wpa_supplicant/bss.h"
@ -362,13 +365,77 @@ static inline enum wifi_frequency_bands wpas_band_to_zephyr(enum wpa_radio_work_
}
}
static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(int key_mgmt, int proto, int pwe)
static inline enum wifi_wpa3_enterprise_type wpas_key_mgmt_to_zephyr_wpa3_ent(int key_mgmt)
{
switch (key_mgmt) {
case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
return WIFI_WPA3_ENTERPRISE_SUITEB;
case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
return WIFI_WPA3_ENTERPRISE_SUITEB_192;
case WPA_KEY_MGMT_IEEE8021X_SHA256:
return WIFI_WPA3_ENTERPRISE_ONLY;
default:
return WIFI_WPA3_ENTERPRISE_NA;
}
}
static inline enum wifi_security_type wpas_key_mgmt_to_zephyr(bool is_hapd,
void *config, int key_mgmt, int proto, int pwe)
{
switch (key_mgmt) {
#ifdef CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
case WPA_KEY_MGMT_IEEE8021X:
case WPA_KEY_MGMT_IEEE8021X_SUITE_B:
case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192:
case WPA_KEY_MGMT_IEEE8021X_SHA256:
if (is_hapd) {
#ifdef CONFIG_WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE
struct hostapd_bss_config *conf = (struct hostapd_bss_config *)config;
switch (conf->eap_user->methods[0].method) {
case WIFI_EAP_TYPE_PEAP:
if (conf->eap_user->next && conf->eap_user->next->phase2) {
switch (conf->eap_user->next->methods[0].method) {
case WIFI_EAP_TYPE_MSCHAPV2:
return WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2;
case WIFI_EAP_TYPE_GTC:
return WIFI_SECURITY_TYPE_EAP_PEAP_GTC;
case WIFI_EAP_TYPE_TLS:
return WIFI_SECURITY_TYPE_EAP_PEAP_TLS;
}
}
case WIFI_EAP_TYPE_TTLS:
if (conf->eap_user->next && conf->eap_user->next->phase2) {
if (conf->eap_user->next->ttls_auth & 0x1E) {
return WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2;
}
}
}
#endif
} else {
struct wpa_ssid *ssid = (struct wpa_ssid *)config;
switch (ssid->eap.eap_methods->method) {
case WIFI_EAP_TYPE_TTLS:
if (!os_memcmp(ssid->eap.phase2, "auth=MSCHAPV2",
os_strlen(ssid->eap.phase2))) {
return WIFI_SECURITY_TYPE_EAP_TTLS_MSCHAPV2;
}
case WIFI_EAP_TYPE_PEAP:
if (!os_memcmp(ssid->eap.phase2, "auth=MSCHAPV2",
os_strlen(ssid->eap.phase2))) {
return WIFI_SECURITY_TYPE_EAP_PEAP_MSCHAPV2;
} else if (!os_memcmp(ssid->eap.phase2, "auth=GTC",
os_strlen(ssid->eap.phase2))) {
return WIFI_SECURITY_TYPE_EAP_PEAP_GTC;
} else if (!os_memcmp(ssid->eap.phase2, "auth=TLS",
os_strlen(ssid->eap.phase2))) {
return WIFI_SECURITY_TYPE_EAP_PEAP_TLS;
}
}
}
return WIFI_SECURITY_TYPE_EAP_TLS;
#endif
case WPA_KEY_MGMT_NONE:
return WIFI_SECURITY_TYPE_NONE;
case WPA_KEY_MGMT_PSK:
@ -1538,7 +1605,8 @@ int supplicant_status(const struct device *dev, struct wifi_iface_status *status
sae_pwe = wpa_s->conf->sae_pwe;
os_memcpy(status->bssid, wpa_s->bssid, WIFI_MAC_ADDR_LEN);
status->band = wpas_band_to_zephyr(wpas_freq_to_band(wpa_s->assoc_freq));
status->security = wpas_key_mgmt_to_zephyr(key_mgmt, proto, sae_pwe);
status->wpa3_ent_type = wpas_key_mgmt_to_zephyr_wpa3_ent(key_mgmt);
status->security = wpas_key_mgmt_to_zephyr(0, ssid, key_mgmt, proto, sae_pwe);
status->mfp = get_mfp(ssid->ieee80211w);
ieee80211_freq_to_chan(wpa_s->assoc_freq, &channel);
status->channel = channel;
@ -2527,7 +2595,8 @@ int supplicant_ap_status(const struct device *dev, struct wifi_iface_status *sta
key_mgmt = bss->wpa_key_mgmt;
proto = bss->wpa;
sae_pwe = bss->sae_pwe;
status->security = wpas_key_mgmt_to_zephyr(key_mgmt, proto, sae_pwe);
status->wpa3_ent_type = wpas_key_mgmt_to_zephyr_wpa3_ent(key_mgmt);
status->security = wpas_key_mgmt_to_zephyr(1, hapd->conf, key_mgmt, proto, sae_pwe);
status->mfp = get_mfp(bss->ieee80211w);
status->channel = conf->channel;
os_memcpy(status->ssid, ssid->ssid, ssid->ssid_len);

14
subsys/net/l2/wifi/wifi_mgmt.c
View file

@ -97,6 +97,20 @@ const char *wifi_security_txt(enum wifi_security_type security)
}
}
const char *wifi_wpa3_enterprise_txt(enum wifi_wpa3_enterprise_type wpa3_ent)
{
switch (wpa3_ent) {
case WIFI_WPA3_ENTERPRISE_SUITEB:
return "WPA3-SuiteB";
case WIFI_WPA3_ENTERPRISE_SUITEB_192:
return "WPA3-SuiteB-192";
case WIFI_WPA3_ENTERPRISE_ONLY:
return "WPA3-Enterprise-Only";
default:
return "";
}
}
const char *wifi_mfp_txt(enum wifi_mfp_options mfp)
{
switch (mfp) {

6
subsys/net/l2/wifi/wifi_shell.c
View file

@ -1144,7 +1144,8 @@ static int cmd_wifi_status(const struct shell *sh, size_t argc, char *argv[])
sizeof(mac_string_buf)));
PR("Band: %s\n", wifi_band_txt(status.band));
PR("Channel: %d\n", status.channel);
PR("Security: %s\n", wifi_security_txt(status.security));
PR("Security: %s %s\n", wifi_wpa3_enterprise_txt(status.wpa3_ent_type),
wifi_security_txt(status.security));
PR("MFP: %s\n", wifi_mfp_txt(status.mfp));
if (status.iface_mode == WIFI_MODE_INFRA) {
PR("RSSI: %d\n", status.rssi);
@ -1210,7 +1211,8 @@ static int cmd_wifi_ap_status(const struct shell *sh, size_t argc, char *argv[])
sizeof(mac_string_buf)));
PR("Band: %s\n", wifi_band_txt(status.band));
PR("Channel: %d\n", status.channel);
PR("Security: %s\n", wifi_security_txt(status.security));
PR("Security: %s %s\n", wifi_wpa3_enterprise_txt(status.wpa3_ent_type),
wifi_security_txt(status.security));
PR("MFP: %s\n", wifi_mfp_txt(status.mfp));
if (status.iface_mode == WIFI_MODE_INFRA) {
PR("RSSI: %d\n", status.rssi);