luci-mod-admin-full: improve 802.11r support

* Add WPA/WPA2-PSK mixed mode to the list of allowed modes
* Add datatype validation to some fields
* Add help texts
* Reformat longest lines

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua

@@ -902,10 +902,12 @@ end
 if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then
 
 	-- Probe EAP support as a proxy for determining if 802.11r support is present
-
 	local has_ap_eap  = (os.execute("hostapd -veap >/dev/null 2>/dev/null") == 0)
 
-	ieee80211r = s:taboption("encryption", Flag, "ieee80211r", translate("802.11r Fast Transition"))
+	ieee80211r = s:taboption("encryption", Flag, "ieee80211r",
+		translate("802.11r Fast Transition"),
+		translate("Enables fast roaming among access points that belong " ..
+			"to the same Mobility Domain"))
 	ieee80211r:depends({mode="ap", encryption="wpa"})
 	ieee80211r:depends({mode="ap", encryption="wpa2"})
 	ieee80211r:depends({mode="ap-wds", encryption="wpa"})
@@ -913,35 +915,47 @@ if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then
 	if has_ap_eap then
 		ieee80211r:depends({mode="ap", encryption="psk"})
 		ieee80211r:depends({mode="ap", encryption="psk2"})
+		ieee80211r:depends({mode="ap", encryption="psk-mixed"})
 	end
 	ieee80211r.rmempty = true
 
-	nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID"))
-
+	nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID"),
+		translate("Used for two different purposes: RADIUS NAS ID and " ..
+			"802.11r R0KH-ID. Not needed with normal WPA(2)-PSK."))
 	nasid:depends({mode="ap", encryption="wpa"})
 	nasid:depends({mode="ap", encryption="wpa2"})
 	nasid:depends({mode="ap-wds", encryption="wpa"})
 	nasid:depends({mode="ap-wds", encryption="wpa2"})
 	nasid:depends({ieee80211r="1"})
 	nasid.rmempty = true
-	mobility_domain = s:taboption("encryption", Value, "mobility_domain", translate("Mobility Domain"))
+
+	mobility_domain = s:taboption("encryption", Value, "mobility_domain",
+			translate("Mobility Domain"),
+			translate("4-character hexadecimal ID"))
 	mobility_domain:depends({ieee80211r="1"})
 	mobility_domain.placeholder = "4f57"
 	mobility_domain.rmempty = true
 
-	r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime", translate("R0 Key Lifetime"), translate("minutes"))
+	r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime",
+			translate("R0 Key Lifetime"), translate("minutes"))
 	r0_key_lifetime:depends({ieee80211r="1"})
 	r0_key_lifetime.placeholder = "10000"
+	r0_key_lifetime.datatype = "uinteger"
 	r0_key_lifetime.rmempty = true
 
-	r1_key_holder = s:taboption("encryption", Value, "r1_key_holder", translate("R1 Key Holder"), translate("6-octet identifier as a hex string - no colons"))
+	r1_key_holder = s:taboption("encryption", Value, "r1_key_holder",
+			translate("R1 Key Holder"),
+			translate("6-octet identifier as a hex string - no colons"))
 	r1_key_holder:depends({ieee80211r="1"})
 	r1_key_holder.placeholder = "00004f577274"
 	r1_key_holder.rmempty = true
 
-	reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline", translate("Reassociation Deadline"), translate("time units (TUs / 1.024 ms) [1000-65535]"))
+	reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline",
+		translate("Reassociation Deadline"),
+		translate("time units (TUs / 1.024 ms) [1000-65535]"))
 	reassociation_deadline:depends({ieee80211r="1"})
 	reassociation_deadline.placeholder = "1000"
+	reassociation_deadline.datatype = "range(1000,65535)"
 	reassociation_deadline.rmempty = true
 
 	pmk_r1_push = s:taboption("encryption", Flag, "pmk_r1_push", translate("PMK R1 Push"))
@@ -950,23 +964,24 @@ if hwtype == "atheros" or hwtype == "mac80211" or hwtype == "prism2" then
 	pmk_r1_push.rmempty = true
 
 	r0kh = s:taboption("encryption", DynamicList, "r0kh", translate("External R0 Key Holder List"),
-		translate("List of R0KHs in the same Mobility Domain. "..
-                           "<br>Format: MAC-address,NAS-Identifier,128-bit key as hex string. "..
-                           "<br>This list is used to map R0KH-ID (NAS Identifier) to a destination MAC address "..
-                           "when requesting PMK-R1 key from the R0KH that the STA "..
-                           "used during the Initial Mobility Domain Association."))
+		translate("List of R0KHs in the same Mobility Domain. " ..
+			"<br>Format: MAC-address,NAS-Identifier,128-bit key as hex string. " ..
+			"<br>This list is used to map R0KH-ID (NAS Identifier) to a destination " ..
+			"MAC address when requesting PMK-R1 key from the R0KH that the STA " ..
+			"used during the Initial Mobility Domain Association."))
 
 	r0kh:depends({ieee80211r="1"})
 	r0kh.rmempty = true
 
 	r1kh = s:taboption("encryption", DynamicList, "r1kh", translate("External R1 Key Holder List"),
 		translate ("List of R1KHs in the same Mobility Domain. "..
-					"<br>Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. "..
-					"<br>This list is used to map R1KH-ID to a destination MAC address "..
-					"when sending PMK-R1 key from the R0KH. This is also the "..
-					"list of authorized R1KHs in the MD that can request PMK-R1 keys."))
+			"<br>Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. "..
+			"<br>This list is used to map R1KH-ID to a destination MAC address " ..
+			"when sending PMK-R1 key from the R0KH. This is also the " ..
+			"list of authorized R1KHs in the MD that can request PMK-R1 keys."))
 	r1kh:depends({ieee80211r="1"})
 	r1kh.rmempty = true
+	-- End of 802.11r options
 
 	eaptype = s:taboption("encryption", ListValue, "eap_type", translate("EAP-Method"))
 	eaptype:value("tls",  "TLS")