From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/3] wireless client: Add support for WPA3
Date: Wed, 06 Jan 2021 14:43:12 +0000
Message-ID: <20210106144314.2732-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1278194243261786104=="
List-Id: <development.lists.ipfire.org>

--===============1278194243261786104==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 doc/language_issues.de            |  1 +
 doc/language_issues.en            |  1 +
 doc/language_issues.es            |  1 +
 doc/language_issues.fr            |  1 +
 doc/language_issues.it            |  1 +
 doc/language_issues.nl            |  1 +
 doc/language_issues.pl            |  1 +
 doc/language_issues.ru            |  1 +
 doc/language_issues.tr            |  1 +
 doc/language_missings             |  8 ++++++++
 html/cgi-bin/wirelessclient.cgi   |  5 +++--
 langs/en/cgi-bin/en.pl            |  1 +
 src/initscripts/system/wlanclient | 15 ++++++++++++++-
 13 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/doc/language_issues.de b/doc/language_issues.de
index 6d22fcea4..5d9cbcebc 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -887,6 +887,7 @@ WARNING: untranslated string: show tls-auth key =3D Show =
tls-auth key
 WARNING: untranslated string: smb daemon =3D SMB Daemon
 WARNING: untranslated string: user management =3D User Management
 WARNING: untranslated string: winbind daemon =3D Winbind Daemon
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlanap 802.11w disabled =3D Disabled
 WARNING: untranslated string: wlanap 802.11w enforced =3D Enforced
 WARNING: untranslated string: wlanap 802.11w optional =3D Optional
diff --git a/doc/language_issues.en b/doc/language_issues.en
index b3c46de5e..c1e0ec33f 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -2124,6 +2124,7 @@ WARNING: untranslated string: wlan client encryption no=
ne =3D None
 WARNING: untranslated string: wlan client encryption wep =3D WEP
 WARNING: untranslated string: wlan client encryption wpa =3D WPA
 WARNING: untranslated string: wlan client encryption wpa2 =3D WPA2
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client group cipher =3D Group cipher
 WARNING: untranslated string: wlan client group key algorithm =3D GKA
 WARNING: untranslated string: wlan client identity =3D Identity
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 9f62f03f2..9c41d68be 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -1499,6 +1499,7 @@ WARNING: untranslated string: wlan client encryption no=
ne =3D None
 WARNING: untranslated string: wlan client encryption wep =3D WEP
 WARNING: untranslated string: wlan client encryption wpa =3D WPA
 WARNING: untranslated string: wlan client encryption wpa2 =3D WPA2
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client group cipher =3D Group cipher
 WARNING: untranslated string: wlan client group key algorithm =3D GKA
 WARNING: untranslated string: wlan client identity =3D Identity
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 90a745360..aad3667c4 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -921,3 +921,4 @@ WARNING: untranslated string: tor guard country any =3D A=
ny country
 WARNING: untranslated string: tor guard nodes =3D Guard Nodes
 WARNING: untranslated string: tor use guard nodes =3D Use only these guard n=
odes (one fingerprint per line)
 WARNING: untranslated string: whois results from =3D WHOIS results from
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 62e4f9953..83229dad2 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -1191,6 +1191,7 @@ WARNING: untranslated string: wlan client eap authentic=
ation method =3D EAP Authen
 WARNING: untranslated string: wlan client eap phase2 method =3D EAP Phase 2 =
Method
 WARNING: untranslated string: wlan client eap state =3D EAP Status
 WARNING: untranslated string: wlan client encryption eap =3D EAP
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client identity =3D Identity
 WARNING: untranslated string: wlan client method =3D Method
 WARNING: untranslated string: wlan client password =3D Password
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 9a767322e..fc5915883 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -1232,6 +1232,7 @@ WARNING: untranslated string: wlan client eap authentic=
ation method =3D EAP Authen
 WARNING: untranslated string: wlan client eap phase2 method =3D EAP Phase 2 =
Method
 WARNING: untranslated string: wlan client eap state =3D EAP Status
 WARNING: untranslated string: wlan client encryption eap =3D EAP
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client identity =3D Identity
 WARNING: untranslated string: wlan client method =3D Method
 WARNING: untranslated string: wlan client password =3D Password
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 9f62f03f2..9c41d68be 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -1499,6 +1499,7 @@ WARNING: untranslated string: wlan client encryption no=
ne =3D None
 WARNING: untranslated string: wlan client encryption wep =3D WEP
 WARNING: untranslated string: wlan client encryption wpa =3D WPA
 WARNING: untranslated string: wlan client encryption wpa2 =3D WPA2
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client group cipher =3D Group cipher
 WARNING: untranslated string: wlan client group key algorithm =3D GKA
 WARNING: untranslated string: wlan client identity =3D Identity
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 5d16e0b18..3ec377f5e 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -1492,6 +1492,7 @@ WARNING: untranslated string: wlan client encryption no=
ne =3D None
 WARNING: untranslated string: wlan client encryption wep =3D WEP
 WARNING: untranslated string: wlan client encryption wpa =3D WPA
 WARNING: untranslated string: wlan client encryption wpa2 =3D WPA2
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlan client group cipher =3D Group cipher
 WARNING: untranslated string: wlan client group key algorithm =3D GKA
 WARNING: untranslated string: wlan client identity =3D Identity
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 26530a923..3c6b44a63 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -1061,6 +1061,7 @@ WARNING: untranslated string: vulnerability =3D Vulnera=
bility
 WARNING: untranslated string: vulnerable =3D Vulnerable
 WARNING: untranslated string: whois results from =3D WHOIS results from
 WARNING: untranslated string: winbind daemon =3D Winbind Daemon
+WARNING: untranslated string: wlan client encryption wpa3 =3D WPA3
 WARNING: untranslated string: wlanap 802.11w disabled =3D Disabled
 WARNING: untranslated string: wlanap 802.11w enforced =3D Enforced
 WARNING: untranslated string: wlanap 802.11w optional =3D Optional
diff --git a/doc/language_missings b/doc/language_missings
index 12e341402..946d7d1fe 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -64,6 +64,7 @@
 < wlanap 802.11w disabled
 < wlanap 802.11w enforced
 < wlanap 802.11w optional
+< wlan client encryption wpa3
 ############################################################################
 # Checking cgi-bin translations for language: es                           #
 ############################################################################
@@ -917,6 +918,7 @@
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -973,6 +975,7 @@
 < tor use guard nodes
 < upload fcdsl.o
 < whois results from
+< wlan client encryption wpa3
 ############################################################################
 # Checking cgi-bin translations for language: it                           #
 ############################################################################
@@ -1332,6 +1335,7 @@
 < wlan client eap phase2 method
 < wlan client eap state
 < wlan client encryption eap
+< wlan client encryption wpa3
 < wlan client identity
 < wlan client method
 < wlan client password
@@ -1767,6 +1771,7 @@
 < wlan client eap phase2 method
 < wlan client eap state
 < wlan client encryption eap
+< wlan client encryption wpa3
 < wlan client identity
 < wlan client method
 < wlan client password
@@ -2625,6 +2630,7 @@
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -3506,6 +3512,7 @@
 < wlan client encryption wep
 < wlan client encryption wpa
 < wlan client encryption wpa2
+< wlan client encryption wpa3
 < wlan client group cipher
 < wlan client group key algorithm
 < wlan client identity
@@ -3714,6 +3721,7 @@
 < wlanap neighbor scan
 < wlanap neighbor scan warning
 < wlanap ssid
+< wlan client encryption wpa3
 < working
 < zoneconf access native
 < zoneconf access none
diff --git a/html/cgi-bin/wirelessclient.cgi b/html/cgi-bin/wirelessclient.cgi
index bbb71a984..440a9e887 100644
--- a/html/cgi-bin/wirelessclient.cgi
+++ b/html/cgi-bin/wirelessclient.cgi
@@ -462,6 +462,7 @@ sub showEditBox() {
 	my %selected =3D ();
 	$selected{'ENCRYPTION'} =3D ();
 	$selected{'ENCRYPTION'}{'NONE'} =3D '';
+	$selected{'ENCRYPTION'}{'WPA3'} =3D '';
 	$selected{'ENCRYPTION'}{'WPA2'} =3D '';
 	$selected{'ENCRYPTION'}{'WPA'} =3D '';
 	$selected{'ENCRYPTION'}{'WEP'} =3D '';
@@ -505,9 +506,10 @@ sub showEditBox() {
 						<select name=3D'ENCRYPTION'>
 							<option value=3D"NONE" $selected{'ENCRYPTION'}{'NONE'}>$Lang::tr{'wla=
n client encryption none'}</option>
 							<option value=3D"EAP"  $selected{'ENCRYPTION'}{'EAP'}>$Lang::tr{'wlan=
 client encryption eap'}</option>
+							<option value=3D"WPA3" $selected{'ENCRYPTION'}{'WPA3'}>$Lang::tr{'wla=
n client encryption wpa3'}</option>
 							<option value=3D"WPA2" $selected{'ENCRYPTION'}{'WPA2'}>$Lang::tr{'wla=
n client encryption wpa2'}</option>
 							<option value=3D"WPA"  $selected{'ENCRYPTION'}{'WPA'}>$Lang::tr{'wlan=
 client encryption wpa'}</option>
-							<option value=3D"WEP"  $selected{'ENCRYPTION'}{'WEP'}>$Lang::tr{'wlan=
 client encryption wep'}</option>						=09
+							<option value=3D"WEP"  $selected{'ENCRYPTION'}{'WEP'}>$Lang::tr{'wlan=
 client encryption wep'}</option>
 						</select>
 					</td>
 					<td colspan=3D"2" width=3D'40%'></td>
@@ -839,7 +841,6 @@ sub ValidateInput($) {
 	# Check for invalid key length.
 	} elsif (ValidKeyLength($settings{'ENCRYPTION'}, $settings{'PSK'})) {
 		return "$Lang::tr{'wlan client invalid key length'}";
-
 	}
=20
 	# Reset WPA mode, if WPA(2) is not selected.
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index b5284effa..9190eab57 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -2948,6 +2948,7 @@
 'wlan client encryption wep' =3D> 'WEP',
 'wlan client encryption wpa' =3D> 'WPA',
 'wlan client encryption wpa2' =3D> 'WPA2',
+'wlan client encryption wpa3' =3D> 'WPA3',
 'wlan client group cipher' =3D> 'Group cipher',
 'wlan client group key algorithm' =3D> 'GKA',
 'wlan client identity' =3D> 'Identity',
diff --git a/src/initscripts/system/wlanclient b/src/initscripts/system/wlanc=
lient
index b32a4cb4a..27a144f72 100644
--- a/src/initscripts/system/wlanclient
+++ b/src/initscripts/system/wlanclient
@@ -86,6 +86,7 @@ function wpa_supplicant_config_line() {
 	local config=3D${2}
 	shift 2
=20
+	local ieee80211w
 	local anonymous_identity
 	local auth_alg
 	local auth_mode
@@ -144,6 +145,11 @@ function wpa_supplicant_config_line() {
 		EAP)
 			key_mgmt=3D"WPA-EAP"
 			;;
+		WPA3)
+			key_mgmt=3D"SAE"
+
+			ieee80211w=3D"2"
+			;;
 		WPA2)
 			auth_alg=3D"OPEN"
 			proto=3D"RSN"
@@ -209,7 +215,11 @@ function wpa_supplicant_config_line() {
 			echo "	key_mgmt=3D${key_mgmt}"
 		fi
 		if [ -n "${psk}" ]; then
-			echo "	psk=3D\"${psk}\""
+			if [ "${key_mgmt}" =3D "SAE" ]; then
+				echo "	sae_password=3D\"${psk}\""
+			else
+				echo "	psk=3D\"${psk}\""
+			fi
 		fi
 		if [ -n "${wep_tx_keyidx}" ]; then
 			echo "	wep_tx_keyidx=3D${wep_tx_keyidx}"
@@ -227,6 +237,9 @@ function wpa_supplicant_config_line() {
 		if [ -n "${priority}" ]; then
 			echo "	priority=3D${priority}"
 		fi
+		if [ -n "${ieee80211w}" ]; then
+			echo "	ieee80211w=3D${ieee80211w}"
+		fi
=20
 		# EAP
 		if [ "${mode}" =3D "EAP" ]; then
--=20
2.20.1


--===============1278194243261786104==--