Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

luci-mod-network: skip check for 802.11w feature

Browse source 
OpenWrt commit 1a9b896d ("treewide: nuke DRIVER_11W_SUPPORT") enables
802.11w feature for all wpad/hostapd configurations. The feature flag
was removed at all but for the compatibility reasons 11w is still
advertised (but there's a plan to nuke it also) [1].

Remove conditional 802.11w LuCI support to match current behavior.

[1]: https://github.com/openwrt/openwrt/pull/3347

Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
This commit is contained in:
Dobroslaw Kijowski 2020-08-26 10:05:30 +02:00 committed by Hannu Nyman
parent 96b8f43f6b
commit ab01040663
2 changed files with 24 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/luci-base/root/usr/libexec/rpcd/luci
View file

@ -219,7 +219,7 @@ local methods = {
rv.cabundle = fs.access("/etc/ssl/certs/ca-certificates.crt")
rv.relayd = fs.access("/usr/sbin/relayd")
local wifi_features = { "eap", "11n", "11ac", "11r", "11w", "acs", "sae", "owe", "suiteb192", "wep", "wps" }
local wifi_features = { "eap", "11n", "11ac", "11r", "acs", "sae", "owe", "suiteb192", "wep", "wps" }
if fs.access("/usr/sbin/hostapd") then
rv.hostapd = { cli = fs.access("/usr/sbin/hostapd_cli") }

48
modules/luci-mod-network/htdocs/luci-static/resources/view/network/wireless.js
View file

@ -1613,34 +1613,32 @@ return view.extend({
if (hwtype == 'mac80211') {
// ieee802.11w options
if (L.hasSystemFeature('hostapd', '11w')) {
o = ss.taboption('encryption', form.ListValue, 'ieee80211w', _('802.11w Management Frame Protection'), _("Requires the 'full' version of wpad/hostapd and support from the wifi driver <br />(as of Jan 2019: ath9k, ath10k, mwlwifi and mt76)"));
o.value('', _('Disabled'));
o.value('1', _('Optional'));
o.value('2', _('Required'));
add_dependency_permutations(o, { mode: ['ap', 'ap-wds', 'sta', 'sta-wds'], encryption: ['owe', 'psk2', 'psk-mixed', 'sae', 'sae-mixed', 'wpa2', 'wpa3', 'wpa3-mixed'] });
o = ss.taboption('encryption', form.ListValue, 'ieee80211w', _('802.11w Management Frame Protection'), _("Requires support from the wifi driver <br />(as of Jan 2019: ath9k, ath10k, mwlwifi and mt76)"));
o.value('', _('Disabled'));
o.value('1', _('Optional'));
o.value('2', _('Required'));
add_dependency_permutations(o, { mode: ['ap', 'ap-wds', 'sta', 'sta-wds'], encryption: ['owe', 'psk2', 'psk-mixed', 'sae', 'sae-mixed', 'wpa2', 'wpa3', 'wpa3-mixed'] });
o.defaults = {
'2': [{ encryption: 'sae' }, { encryption: 'owe' }, { encryption: 'wpa3' }, { encryption: 'wpa3-mixed' }],
'1': [{ encryption: 'sae-mixed'}],
'': []
};
o = ss.taboption('encryption', form.Value, 'ieee80211w_max_timeout', _('802.11w maximum timeout'), _('802.11w Association SA Query maximum timeout'));
o.depends('ieee80211w', '1');
o.depends('ieee80211w', '2');
o.datatype = 'uinteger';
o.placeholder = '1000';
o.rmempty = true;
o = ss.taboption('encryption', form.Value, 'ieee80211w_retry_timeout', _('802.11w retry timeout'), _('802.11w Association SA Query retry timeout'));
o.depends('ieee80211w', '1');
o.depends('ieee80211w', '2');
o.datatype = 'uinteger';
o.placeholder = '201';
o.rmempty = true;
o.defaults = {
'2': [{ encryption: 'sae' }, { encryption: 'owe' }, { encryption: 'wpa3' }, { encryption: 'wpa3-mixed' }],
'1': [{ encryption: 'sae-mixed'}],
'': []
};
o = ss.taboption('encryption', form.Value, 'ieee80211w_max_timeout', _('802.11w maximum timeout'), _('802.11w Association SA Query maximum timeout'));
o.depends('ieee80211w', '1');
o.depends('ieee80211w', '2');
o.datatype = 'uinteger';
o.placeholder = '1000';
o.rmempty = true;
o = ss.taboption('encryption', form.Value, 'ieee80211w_retry_timeout', _('802.11w retry timeout'), _('802.11w Association SA Query retry timeout'));
o.depends('ieee80211w', '1');
o.depends('ieee80211w', '2');
o.datatype = 'uinteger';
o.placeholder = '201';
o.rmempty = true;
o = ss.taboption('encryption', form.Flag, 'wpa_disable_eapol_key_retries', _('Enable key reinstallation (KRACK) countermeasures'), _('Complicates key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load.'));
add_dependency_permutations(o, { mode: ['ap', 'ap-wds'], encryption: ['psk2', 'psk-mixed', 'sae', 'sae-mixed', 'wpa2', 'wpa3', 'wpa3-mixed'] });