mirror of
https://github.com/esphome/esphome.git
synced 2024-12-25 23:14:54 +01:00
Add support for WPA2-EAP enterprise WiFi to ESP8266s. (#1332)
* Add support for WPA2-EAP enterprise WiFi to ESP8266s. This is fundamentally the same as on ESP32s only with different function names. Update config checker to remove requirement for ESP32 for EAP authentication. * Fix indent for clang
This commit is contained in:
parent
d3f03b7acb
commit
10e7abb579
2 changed files with 50 additions and 1 deletions
|
@ -60,7 +60,7 @@ STA_MANUAL_IP_SCHEMA = AP_MANUAL_IP_SCHEMA.extend({
|
|||
cv.Optional(CONF_DNS2, default="0.0.0.0"): cv.ipv4,
|
||||
})
|
||||
|
||||
EAP_AUTH_SCHEMA = cv.All(cv.only_on_esp32, cv.Schema({
|
||||
EAP_AUTH_SCHEMA = cv.All(cv.Schema({
|
||||
cv.Optional(CONF_IDENTITY): cv.string_strict,
|
||||
cv.Optional(CONF_USERNAME): cv.string_strict,
|
||||
cv.Optional(CONF_PASSWORD): cv.string_strict,
|
||||
|
|
|
@ -6,6 +6,9 @@
|
|||
|
||||
#include <utility>
|
||||
#include <algorithm>
|
||||
#ifdef ESPHOME_WIFI_WPA2_EAP
|
||||
#include <wpa2_enterprise.h>
|
||||
#endif
|
||||
|
||||
extern "C" {
|
||||
#include "lwip/err.h"
|
||||
|
@ -239,6 +242,52 @@ bool WiFiComponent::wifi_sta_connect_(WiFiAP ap) {
|
|||
return false;
|
||||
}
|
||||
|
||||
// setup enterprise authentication if required
|
||||
#ifdef ESPHOME_WIFI_WPA2_EAP
|
||||
if (ap.get_eap().has_value()) {
|
||||
// note: all certificates and keys have to be null terminated. Lengths are appended by +1 to include \0.
|
||||
EAPAuth eap = ap.get_eap().value();
|
||||
ret = wifi_station_set_enterprise_identity((uint8_t *) eap.identity.c_str(), eap.identity.length());
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_identity failed! %d", ret);
|
||||
}
|
||||
int ca_cert_len = strlen(eap.ca_cert);
|
||||
int client_cert_len = strlen(eap.client_cert);
|
||||
int client_key_len = strlen(eap.client_key);
|
||||
if (ca_cert_len) {
|
||||
ret = wifi_station_set_enterprise_ca_cert((uint8_t *) eap.ca_cert, ca_cert_len + 1);
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_ca_cert failed! %d", ret);
|
||||
}
|
||||
}
|
||||
// workout what type of EAP this is
|
||||
// validation is not required as the config tool has already validated it
|
||||
if (client_cert_len && client_key_len) {
|
||||
// if we have certs, this must be EAP-TLS
|
||||
ret = wifi_station_set_enterprise_cert_key((uint8_t *) eap.client_cert, client_cert_len + 1,
|
||||
(uint8_t *) eap.client_key, client_key_len + 1,
|
||||
(uint8_t *) eap.password.c_str(), strlen(eap.password.c_str()));
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_cert_key failed! %d", ret);
|
||||
}
|
||||
} else {
|
||||
// in the absence of certs, assume this is username/password based
|
||||
ret = wifi_station_set_enterprise_username((uint8_t *) eap.username.c_str(), eap.username.length());
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_username failed! %d", ret);
|
||||
}
|
||||
ret = wifi_station_set_enterprise_password((uint8_t *) eap.password.c_str(), eap.password.length());
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_password failed! %d", ret);
|
||||
}
|
||||
}
|
||||
ret = wifi_station_set_wpa2_enterprise_auth(true);
|
||||
if (ret) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_enable failed! %d", ret);
|
||||
}
|
||||
}
|
||||
#endif // ESPHOME_WIFI_WPA2_EAP
|
||||
|
||||
this->wifi_apply_hostname_();
|
||||
|
||||
ETS_UART_INTR_DISABLE();
|
||||
|
|
Loading…
Reference in a new issue