Add WPA2 Enterprise support
This commit is contained in:
Julian Metzler
parent
1fea1fdf5f
commit
dc9485f089
|
|
@ -22,7 +22,11 @@ nvs_handle_t config_nvs_handle;
|
|||
config_entry_t config_entries[] = {
|
||||
{.key = "hostname", .dataType = STR, .writeOnly = false},
|
||||
{.key = "sta_ssid", .dataType = STR, .writeOnly = false},
|
||||
{.key = "sta_anon_ident", .dataType = STR, .writeOnly = false},
|
||||
{.key = "sta_ident", .dataType = STR, .writeOnly = false},
|
||||
{.key = "sta_pass", .dataType = STR, .writeOnly = false},
|
||||
{.key = "sta_phase2", .dataType = U8, .writeOnly = false},
|
||||
{.key = "sta_phase2_ttls", .dataType = U8, .writeOnly = false},
|
||||
{.key = "sta_retries", .dataType = U8, .writeOnly = false},
|
||||
{.key = "ap_ssid", .dataType = STR, .writeOnly = false},
|
||||
{.key = "ap_pass", .dataType = STR, .writeOnly = false},
|
||||
|
|
|
|||
|
|
@ -4,5 +4,19 @@
|
|||
#include "esp_event.h"
|
||||
#include "nvs.h"
|
||||
|
||||
enum {
|
||||
WPA2E_PH2_TLS = 0,
|
||||
WPA2E_PH2_PEAP = 1,
|
||||
WPA2E_PH2_TTLS = 2
|
||||
};
|
||||
|
||||
enum {
|
||||
WPA2E_PH2_TTLS_NONE = 0,
|
||||
WPA2E_PH2_TTLS_MSCHAPV2 = 1,
|
||||
WPA2E_PH2_TTLS_MSCHAP = 2,
|
||||
WPA2E_PH2_TTLS_PAP = 3,
|
||||
WPA2E_PH2_TTLS_CHAP = 4
|
||||
};
|
||||
|
||||
void wifi_init_ap(void);
|
||||
void wifi_init(nvs_handle_t* nvsHandle);
|
||||
79
src/wifi.c
79
src/wifi.c
|
|
@ -3,6 +3,7 @@
|
|||
#include "freertos/event_groups.h"
|
||||
#include "esp_log.h"
|
||||
#include "esp_wifi.h"
|
||||
#include "esp_wpa2.h"
|
||||
#include "macros.h"
|
||||
|
||||
#include "wifi.h"
|
||||
|
|
@ -13,11 +14,17 @@
|
|||
|
||||
static uint16_t s_retry_num = 0;
|
||||
static uint8_t sta_retries = 0;
|
||||
static uint8_t sta_phase2 = 0;
|
||||
static uint8_t sta_phase2_ttls = 0;
|
||||
static size_t sta_ssid_len = 33;
|
||||
static size_t sta_anon_ident_len = 65;
|
||||
static size_t sta_ident_len = 65;
|
||||
static size_t sta_pass_len = 65;
|
||||
static size_t ap_ssid_len = 33;
|
||||
static size_t ap_pass_len = 65;
|
||||
static char sta_ssid[33];
|
||||
static char sta_anon_ident[65];
|
||||
static char sta_ident[65];
|
||||
static char sta_pass[65];
|
||||
static char ap_ssid[33];
|
||||
static char ap_pass[65];
|
||||
|
|
@ -119,7 +126,7 @@ void wifi_init_ap(void) {
|
|||
}
|
||||
|
||||
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_AP));
|
||||
ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_AP, &wifi_config));
|
||||
ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_AP, &wifi_config));
|
||||
ESP_ERROR_CHECK(esp_wifi_start());
|
||||
|
||||
ESP_LOGI(LOG_TAG, "AP started. SSID: %s, password: %s", ap_ssid, ap_pass);
|
||||
|
|
@ -129,8 +136,11 @@ void wifi_init_ap(void) {
|
|||
void wifi_init(nvs_handle_t* nvsHandle) {
|
||||
// Read STA and AP SSID and password from NVS
|
||||
esp_err_t ret;
|
||||
uint8_t sta_enterprise = 1;
|
||||
uint8_t sta_credentials_valid = 1;
|
||||
memset(sta_ssid, 0x00, sta_ssid_len);
|
||||
memset(sta_anon_ident, 0x00, sta_anon_ident_len);
|
||||
memset(sta_ident, 0x00, sta_ident_len);
|
||||
memset(sta_pass, 0x00, sta_pass_len);
|
||||
memset(ap_ssid, 0x00, ap_ssid_len);
|
||||
memset(ap_pass, 0x00, ap_pass_len);
|
||||
|
|
@ -140,6 +150,22 @@ void wifi_init(nvs_handle_t* nvsHandle) {
|
|||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
}
|
||||
ret = nvs_get_str(*nvsHandle, "sta_ident", sta_ident, &sta_ident_len);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
sta_enterprise = 0;
|
||||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
if (strlen(sta_ident) == 0) sta_enterprise = 0;
|
||||
}
|
||||
ret = nvs_get_str(*nvsHandle, "sta_anon_ident", sta_anon_ident, &sta_anon_ident_len);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
strncpy((char*)sta_anon_ident, sta_ident, sta_ident_len - 1);
|
||||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
if (strlen(sta_anon_ident) == 0) {
|
||||
strncpy((char*)sta_anon_ident, sta_ident, sta_ident_len - 1);
|
||||
}
|
||||
}
|
||||
ret = nvs_get_str(*nvsHandle, "sta_pass", sta_pass, &sta_pass_len);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
sta_credentials_valid = 0;
|
||||
|
|
@ -148,6 +174,23 @@ void wifi_init(nvs_handle_t* nvsHandle) {
|
|||
}
|
||||
if (strlen(sta_ssid) == 0) sta_credentials_valid = 0;
|
||||
ret = nvs_get_u8(*nvsHandle, "sta_retries", &sta_retries);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
sta_retries = 5;
|
||||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
}
|
||||
ret = nvs_get_u8(*nvsHandle, "sta_phase2", &sta_phase2);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
sta_enterprise = 0;
|
||||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
}
|
||||
ret = nvs_get_u8(*nvsHandle, "sta_phase2_ttls", &sta_phase2_ttls);
|
||||
if (ret == ESP_ERR_NVS_NOT_FOUND) {
|
||||
sta_phase2_ttls = WPA2E_PH2_TTLS_NONE;
|
||||
} else {
|
||||
ESP_ERROR_CHECK(ret);
|
||||
}
|
||||
|
||||
ESP_LOGI(LOG_TAG, "Getting AP SSID from NVS");
|
||||
ret = nvs_get_str(*nvsHandle, "ap_ssid", ap_ssid, &ap_ssid_len);
|
||||
|
|
@ -198,9 +241,9 @@ void wifi_init(nvs_handle_t* nvsHandle) {
|
|||
wifi_config = (wifi_config_t){
|
||||
.sta = {
|
||||
/* Setting a password implies station will connect to all security modes including WEP/WPA.
|
||||
* However these modes are deprecated and not advisable to be used. Incase your Access point
|
||||
* However these modes are deprecated and not advisable to be used. In case your access point
|
||||
* doesn't support WPA2, these mode can be enabled by commenting below line */
|
||||
.threshold.authmode = WIFI_AUTH_WPA2_PSK,
|
||||
.threshold.authmode = sta_enterprise ? WIFI_AUTH_WPA2_ENTERPRISE : WIFI_AUTH_WPA2_PSK,
|
||||
|
||||
.pmf_cfg = {
|
||||
.capable = false,
|
||||
|
|
@ -211,7 +254,32 @@ void wifi_init(nvs_handle_t* nvsHandle) {
|
|||
sta_ssid[sta_ssid_len - 1] = 0x00;
|
||||
sta_pass[sta_pass_len - 1] = 0x00;
|
||||
strncpy((char*)wifi_config.sta.ssid, sta_ssid, sta_ssid_len - 1);
|
||||
strncpy((char*)wifi_config.sta.password, sta_pass, sta_pass_len - 1);
|
||||
if (!sta_enterprise) strncpy((char*)wifi_config.sta.password, sta_pass, sta_pass_len - 1);
|
||||
|
||||
// If the parameters for WPA2 Enterprise are set, set corresponsding parameters
|
||||
if (sta_enterprise) {
|
||||
esp_wifi_sta_wpa2_ent_set_identity((uint8_t*)sta_anon_ident, strlen(sta_anon_ident));
|
||||
|
||||
switch (sta_phase2) {
|
||||
case WPA2E_PH2_TLS: {
|
||||
ESP_LOGE(LOG_TAG, "TLS as EAP phase 2 method is not supported yet!");
|
||||
return;
|
||||
}
|
||||
|
||||
case WPA2E_PH2_PEAP: {
|
||||
ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_set_username((uint8_t*)sta_ident, strlen(sta_ident)));
|
||||
ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_set_password((uint8_t*)sta_pass, strlen(sta_pass)));
|
||||
break;
|
||||
}
|
||||
|
||||
case WPA2E_PH2_TTLS: {
|
||||
ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_set_username((uint8_t*)sta_ident, strlen(sta_ident)));
|
||||
ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_set_password((uint8_t*)sta_pass, strlen(sta_pass)));
|
||||
ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_set_ttls_phase2_method((esp_eap_ttls_phase2_types)sta_phase2_ttls));
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
wifi_config = (wifi_config_t){
|
||||
.sta = {
|
||||
|
|
@ -225,7 +293,8 @@ void wifi_init(nvs_handle_t* nvsHandle) {
|
|||
strncpy((char*)wifi_config.sta.ssid, sta_ssid, sta_ssid_len - 1);
|
||||
}
|
||||
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA));
|
||||
ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config));
|
||||
ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config));
|
||||
if (sta_enterprise) ESP_ERROR_CHECK(esp_wifi_sta_wpa2_ent_enable());
|
||||
ESP_ERROR_CHECK(esp_wifi_start());
|
||||
ESP_ERROR_CHECK(tcpip_adapter_set_hostname(TCPIP_ADAPTER_IF_STA, hostname));
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue