mirror of
https://github.com/esphome/esphome.git
synced 2024-11-21 22:48:10 +01:00
WPA2 Enterprise - Explicitly set TTLS Phase 2 (#6436)
Co-authored-by: Jesse Hills <3060199+jesserockz@users.noreply.github.com>
This commit is contained in:
parent
08509f7755
commit
2921831b55
5 changed files with 42 additions and 0 deletions
|
@ -33,6 +33,7 @@ from esphome.const import (
|
|||
CONF_KEY,
|
||||
CONF_USERNAME,
|
||||
CONF_EAP,
|
||||
CONF_TTLS_PHASE_2,
|
||||
CONF_ON_CONNECT,
|
||||
CONF_ON_DISCONNECT,
|
||||
)
|
||||
|
@ -98,6 +99,14 @@ STA_MANUAL_IP_SCHEMA = AP_MANUAL_IP_SCHEMA.extend(
|
|||
}
|
||||
)
|
||||
|
||||
TTLS_PHASE_2 = {
|
||||
"pap": cg.global_ns.ESP_EAP_TTLS_PHASE2_PAP,
|
||||
"chap": cg.global_ns.ESP_EAP_TTLS_PHASE2_CHAP,
|
||||
"mschap": cg.global_ns.ESP_EAP_TTLS_PHASE2_MSCHAP,
|
||||
"mschapv2": cg.global_ns.ESP_EAP_TTLS_PHASE2_MSCHAPV2,
|
||||
"eap": cg.global_ns.ESP_EAP_TTLS_PHASE2_EAP,
|
||||
}
|
||||
|
||||
EAP_AUTH_SCHEMA = cv.All(
|
||||
cv.Schema(
|
||||
{
|
||||
|
@ -105,6 +114,9 @@ EAP_AUTH_SCHEMA = cv.All(
|
|||
cv.Optional(CONF_USERNAME): cv.string_strict,
|
||||
cv.Optional(CONF_PASSWORD): cv.string_strict,
|
||||
cv.Optional(CONF_CERTIFICATE_AUTHORITY): wpa2_eap.validate_certificate,
|
||||
cv.Optional(CONF_TTLS_PHASE_2): cv.All(
|
||||
cv.enum(TTLS_PHASE_2), cv.only_with_esp_idf
|
||||
),
|
||||
cv.Inclusive(
|
||||
CONF_CERTIFICATE, "certificate_and_key"
|
||||
): wpa2_eap.validate_certificate,
|
||||
|
@ -338,6 +350,7 @@ def eap_auth(config):
|
|||
("ca_cert", ca_cert),
|
||||
("client_cert", client_cert),
|
||||
("client_key", key),
|
||||
("ttls_phase_2", config.get(CONF_TTLS_PHASE_2, TTLS_PHASE_2["mschapv2"])),
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
#include "wifi_component.h"
|
||||
#include <cinttypes>
|
||||
#include <map>
|
||||
|
||||
#ifdef USE_ESP_IDF
|
||||
#include <esp_wpa2.h>
|
||||
#endif
|
||||
|
||||
#if defined(USE_ESP32) || defined(USE_ESP_IDF)
|
||||
#include <esp_wifi.h>
|
||||
|
@ -318,6 +323,16 @@ void WiFiComponent::start_connecting(const WiFiAP &ap, bool two) {
|
|||
ESP_LOGV(TAG, " Identity: " LOG_SECRET("'%s'"), eap_config.identity.c_str());
|
||||
ESP_LOGV(TAG, " Username: " LOG_SECRET("'%s'"), eap_config.username.c_str());
|
||||
ESP_LOGV(TAG, " Password: " LOG_SECRET("'%s'"), eap_config.password.c_str());
|
||||
#ifdef USE_ESP_IDF
|
||||
#if ESPHOME_LOG_LEVEL >= ESPHOME_LOG_LEVEL_VERBOSE
|
||||
std::map<esp_eap_ttls_phase2_types, std::string> phase2types = {{ESP_EAP_TTLS_PHASE2_PAP, "pap"},
|
||||
{ESP_EAP_TTLS_PHASE2_CHAP, "chap"},
|
||||
{ESP_EAP_TTLS_PHASE2_MSCHAP, "mschap"},
|
||||
{ESP_EAP_TTLS_PHASE2_MSCHAPV2, "mschapv2"},
|
||||
{ESP_EAP_TTLS_PHASE2_EAP, "eap"}};
|
||||
ESP_LOGV(TAG, " TTLS Phase 2: " LOG_SECRET("'%s'"), phase2types[eap_config.ttls_phase_2].c_str());
|
||||
#endif
|
||||
#endif
|
||||
bool ca_cert_present = eap_config.ca_cert != nullptr && strlen(eap_config.ca_cert);
|
||||
bool client_cert_present = eap_config.client_cert != nullptr && strlen(eap_config.client_cert);
|
||||
bool client_key_present = eap_config.client_key != nullptr && strlen(eap_config.client_key);
|
||||
|
|
|
@ -19,6 +19,10 @@
|
|||
#include <WiFi.h>
|
||||
#endif
|
||||
|
||||
#if defined(USE_ESP_IDF) && defined(USE_WIFI_WPA2_EAP)
|
||||
#include <esp_wpa2.h>
|
||||
#endif
|
||||
|
||||
#ifdef USE_ESP8266
|
||||
#include <ESP8266WiFi.h>
|
||||
#include <ESP8266WiFiType.h>
|
||||
|
@ -102,6 +106,10 @@ struct EAPAuth {
|
|||
// used for EAP-TLS
|
||||
const char *client_cert;
|
||||
const char *client_key;
|
||||
// used for EAP-TTLS
|
||||
#ifdef USE_ESP_IDF
|
||||
esp_eap_ttls_phase2_types ttls_phase_2;
|
||||
#endif
|
||||
};
|
||||
#endif // USE_WIFI_WPA2_EAP
|
||||
|
||||
|
|
|
@ -396,6 +396,11 @@ bool WiFiComponent::wifi_sta_connect_(const WiFiAP &ap) {
|
|||
if (err != ESP_OK) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_password failed! %d", err);
|
||||
}
|
||||
// set TTLS Phase 2, defaults to MSCHAPV2
|
||||
err = esp_wifi_sta_wpa2_ent_set_ttls_phase2_method(eap.ttls_phase_2);
|
||||
if (err != ESP_OK) {
|
||||
ESP_LOGV(TAG, "esp_wifi_sta_wpa2_ent_set_ttls_phase2_method failed! %d", err);
|
||||
}
|
||||
}
|
||||
err = esp_wifi_sta_wpa2_ent_enable();
|
||||
if (err != ESP_OK) {
|
||||
|
|
|
@ -856,6 +856,7 @@ CONF_TRANSFORM = "transform"
|
|||
CONF_TRANSITION_LENGTH = "transition_length"
|
||||
CONF_TRIGGER_ID = "trigger_id"
|
||||
CONF_TRIGGER_PIN = "trigger_pin"
|
||||
CONF_TTLS_PHASE_2 = "ttls_phase_2"
|
||||
CONF_TUNE_ANTENNA = "tune_antenna"
|
||||
CONF_TURN_OFF_ACTION = "turn_off_action"
|
||||
CONF_TURN_ON_ACTION = "turn_on_action"
|
||||
|
|
Loading…
Reference in a new issue