wpa2 enterprise fixes: also copy eap parameters, don't require psk password to be set (#1215)

This commit is contained in:
dr-oblivium 2020-07-29 18:18:53 +02:00 committed by Otto Winter
parent dbc0d500d8
commit 44af5e439c
No known key found for this signature in database
GPG key ID: 48ED2DDB96D7682C

View file

@ -201,7 +201,26 @@ void WiFiComponent::start_connecting(const WiFiAP &ap, bool two) {
} else { } else {
ESP_LOGV(TAG, " BSSID: Not Set"); ESP_LOGV(TAG, " BSSID: Not Set");
} }
ESP_LOGV(TAG, " Password: " LOG_SECRET("'%s'"), ap.get_password().c_str());
#ifdef ESPHOME_WIFI_WPA2_EAP
if (ap.get_eap().has_value()) {
ESP_LOGV(TAG, " WPA2 Enterprise authentication configured:");
EAPAuth eap_config = ap.get_eap().value();
ESP_LOGV(TAG, " Identity: " LOG_SECRET("'%s'"), eap_config.identity.c_str());
ESP_LOGV(TAG, " Username: " LOG_SECRET("'%s'"), eap_config.username.c_str());
ESP_LOGV(TAG, " Password: " LOG_SECRET("'%s'"), eap_config.password.c_str());
bool ca_cert_present = eap_config.ca_cert != nullptr && strlen(eap_config.ca_cert);
bool client_cert_present = eap_config.client_cert != nullptr && strlen(eap_config.client_cert);
bool client_key_present = eap_config.client_key != nullptr && strlen(eap_config.client_key);
ESP_LOGV(TAG, " CA Cert: %s", ca_cert_present ? "present" : "not present");
ESP_LOGV(TAG, " Client Cert: %s", client_cert_present ? "present" : "not present");
ESP_LOGV(TAG, " Client Key: %s", client_key_present ? "present" : "not present");
} else {
#endif
ESP_LOGV(TAG, " Password: " LOG_SECRET("'%s'"), ap.get_password().c_str());
#ifdef ESPHOME_WIFI_WPA2_EAP
}
#endif
if (ap.get_channel().has_value()) { if (ap.get_channel().has_value()) {
ESP_LOGV(TAG, " Channel: %u", *ap.get_channel()); ESP_LOGV(TAG, " Channel: %u", *ap.get_channel());
} else { } else {
@ -400,9 +419,17 @@ void WiFiComponent::check_scanning_finished() {
connect_params.set_channel(scan_res.get_channel()); connect_params.set_channel(scan_res.get_channel());
connect_params.set_bssid(scan_res.get_bssid()); connect_params.set_bssid(scan_res.get_bssid());
} }
// set manual IP+password (if any) // copy manual IP (if set)
connect_params.set_manual_ip(config.get_manual_ip()); connect_params.set_manual_ip(config.get_manual_ip());
#ifdef ESPHOME_WIFI_WPA2_EAP
// copy EAP parameters (if set)
connect_params.set_eap(config.get_eap());
#endif
// copy password (if set)
connect_params.set_password(config.get_password()); connect_params.set_password(config.get_password());
break; break;
} }
@ -576,9 +603,21 @@ bool WiFiScanResult::matches(const WiFiAP &config) {
// If BSSID configured, only match for correct BSSIDs // If BSSID configured, only match for correct BSSIDs
if (config.get_bssid().has_value() && *config.get_bssid() != this->bssid_) if (config.get_bssid().has_value() && *config.get_bssid() != this->bssid_)
return false; return false;
// If PW given, only match for networks with auth (and vice versa)
#ifdef ESPHOME_WIFI_WPA2_EAP
// BSSID requires auth but no PSK or EAP credentials given
if (this->with_auth_ && (config.get_password().empty() && !config.get_eap().has_value()))
return false;
// BSSID does not require auth, but PSK or EAP credentials given
if (!this->with_auth_ && (!config.get_password().empty() || config.get_eap().has_value()))
return false;
#else
// If PSK given, only match for networks with auth (and vice versa)
if (config.get_password().empty() == this->with_auth_) if (config.get_password().empty() == this->with_auth_)
return false; return false;
#endif
// If channel configured, only match networks on that channel. // If channel configured, only match networks on that channel.
if (config.get_channel().has_value() && *config.get_channel() != this->channel_) { if (config.get_channel().has_value() && *config.get_channel() != this->channel_) {
return false; return false;