schema: add multi-psk template support

Signed-off-by: John Crispin <john@phrozen.org>
2025-11-02 02:57:55 +00:00 · 2021-05-17 14:12:08 +02:00
parent 3ccfb8925c
commit 83a1f082a7
5 changed files with 87 additions and 74 deletions
--- a/renderer/templates/interface.uc
+++ b/renderer/templates/interface.uc
@@ -109,7 +109,8 @@
 		include('interface/ssid.uc', {
 			location: location + '/ssids/' + i,
 			ssid,
-			name
+			name,
+			count: i
 		});
 	}
 %}
--- a/renderer/templates/interface/ssid.uc
+++ b/renderer/templates/interface/ssid.uc
@@ -40,70 +40,79 @@
 %}

 # Wireless configuration
-{% for (let phy in phys): %}
-{%  let id = wiphy.allocate_ssid_section_id(phy) %}
-{%  let crypto = validate_encryption(); %}
-{%  if (!crypto) continue; %}
-add wireless wifi-iface
-set wireless.@wifi-iface[-1].ucentral_path={{ s(location) }}
-set wireless.@wifi-iface[-1].device={{ phy.section }}
-{% if (ssid.bss_mode == 'mesh'): %}
-set wireless.@wifi-iface[-1].mode={{ ssid.bss_mode }}
-set wireless.@wifi-iface[-1].mesh_id={{ s(ssid.name) }}
-set wireless.@wifi-iface[-1].mesh_fwding=0
-set wireless.@wifi-iface[-1].network={{ name }}_mesh
-{% endif %}
-{% if (ssid.bss_mode == 'ap'): %}
-{%  for (let i, name in ethernet.calculate_names(interface)): %}
-{{ i ? 'add_list' : 'set' }} wireless.@wifi-iface[-1].network={{ name }}
-{%  endfor %}
-set wireless.@wifi-iface[-1].ssid={{ s(ssid.name) }}
-set wireless.@wifi-iface[-1].mode={{ ssid.bss_mode }}
-set wireless.@wifi-iface[-1].bssid={{ ssid.bssid }}
-set wireless.@wifi-iface[-1].hidden={{ b(ssid.hidden_ssid) }}
-set wireless.@wifi-iface[-1].time_advertisement={{ ssid.broadcast_time }}
-set wireless.@wifi-iface[-1].isolate={{ b(ssid.isolate_clients) }}
-set wireless.@wifi-iface[-1].uapsd={{ b(ssid.power_save) }}
-set wireless.@wifi-iface[-1].rts_threshold={{ ssid.rts_threshold }}
-set wireless.@wifi-iface[-1].multicast_to_unicast={{ b(ssid.unicast_conversion) }}
-{%  if (ssid.rrm): %}
-set wireless.@wifi-iface[-1].ieee80211k={{ b(ssid.rrm.neighbor_reporting) }}
-set wireless.@wifi-iface[-1].ftm_responder={{ b(ssid.rrm.ftm_responder) }}
-set wireless.@wifi-iface[-1].stationary_ap={{ b(ssid.rrm.stationary_ap) }}
-set wireless.@wifi-iface[-1].lci={{ b(ssid.rrm.lci) }}
-set wireless.@wifi-iface[-1].civic={{ ssid.rrm.civic }}
-{%  endif %}
-{%  if (ssid.roaming): %}
-set wireless.@wifi-iface[-1].ieee80211r=1
-set wireless.@wifi-iface[-1].ft_over_ds={{ b(ssid.roaming.message_exchange == "ds") }}
-set wireless.@wifi-iface[-1].ft_psk_generate_local={{ b(ssid.roaming.generate_psk) }}
-set wireless.@wifi-iface[-1].mobility_domain={{ ssid.roaming.domain_identifier }}
-{%  endif %}
-{% endif %}
-{% if (ssid.rates): %}
-set wireless.@wifi-iface[-1].beacon_rate={{ ssid.rates.beacon }}
-set wireless.@wifi-iface[-1].mcast_rate={{ ssid.rates.multicast }}
-{% endif %}
-set wireless.@wifi-iface[-1].ieee80211w={{ match_ieee80211w() }}
-set wireless.@wifi-iface[-1].encryption={{ crypto.proto }}
-set wireless.@wifi-iface[-1].key={{ crypto.key }}
-{% if (crypto.auth): %}
-set wireless.@wifi-iface[-1].auth_server={{ crypto.auth.host }}
-set wireless.@wifi-iface[-1].auth_port={{ crypto.auth.port }}
-set wireless.@wifi-iface[-1].auth_secret={{ crypto.auth.secret }}
-{% endif %}
-{% if (crypto.acct): %}
-set wireless.@wifi-iface[-1].acct_server={{ crypto.acct.host }}
-set wireless.@wifi-iface[-1].acct_port={{ crypto.acct.port }}
-set wireless.@wifi-iface[-1].acct_secret={{ crypto.acct.secret }}
-set wireless.@wifi-iface[-1].acct_interval={{ crypto.acct.interval }}
-{% endif %}
+{% for (let n, phy in phys): %}
+{%   let section = name + '_' + n + '_' + count; %}
+{%   let id = wiphy.allocate_ssid_section_id(phy) %}
+{%   let crypto = validate_encryption(); %}
+{%   if (!crypto) continue; %}
+set wireless.{{ section }}=wifi-iface
+set wireless.{{ section }}.ucentral_path={{ s(location) }}
+set wireless.{{ section }}.device={{ phy.section }}
+{%   if (ssid.bss_mode == 'mesh'): %}
+set wireless.{{ section }}.mode={{ ssid.bss_mode }}
+set wireless.{{ section }}.mesh_id={{ s(ssid.name) }}
+set wireless.{{ section }}.mesh_fwding=0
+set wireless.{{ section }}.network={{ name }}_mesh
+{%   endif %}
+{%   if (ssid.bss_mode == 'ap'): %}
+{%     for (let i, name in ethernet.calculate_names(interface)): %}
+{{ i ? 'add_list' : 'set' }} wireless.{{ section }}.network={{ name }}
+{%     endfor %}
+set wireless.{{ section }}.ssid={{ s(ssid.name) }}
+set wireless.{{ section }}.mode={{ ssid.bss_mode }}
+set wireless.{{ section }}.bssid={{ ssid.bssid }}
+set wireless.{{ section }}.hidden={{ b(ssid.hidden_ssid) }}
+set wireless.{{ section }}.time_advertisement={{ ssid.broadcast_time }}
+set wireless.{{ section }}.isolate={{ b(ssid.isolate_clients) }}
+set wireless.{{ section }}.uapsd={{ b(ssid.power_save) }}
+set wireless.{{ section }}.rts_threshold={{ ssid.rts_threshold }}
+set wireless.{{ section }}.multicast_to_unicast={{ b(ssid.unicast_conversion) }}
+{%     if (ssid.rrm): %}
+set wireless.{{ section }}.ieee80211k={{ b(ssid.rrm.neighbor_reporting) }}
+set wireless.{{ section }}.ftm_responder={{ b(ssid.rrm.ftm_responder) }}
+set wireless.{{ section }}.stationary_ap={{ b(ssid.rrm.stationary_ap) }}
+set wireless.{{ section }}.lci={{ b(ssid.rrm.lci) }}
+set wireless.{{ section }}.civic={{ ssid.rrm.civic }}
+{%     endif %}
+{%     if (ssid.roaming): %}
+set wireless.{{ section }}.ieee80211r=1
+set wireless.{{ section }}.ft_over_ds={{ b(ssid.roaming.message_exchange == "ds") }}
+set wireless.{{ section }}.ft_psk_generate_local={{ b(ssid.roaming.generate_psk) }}
+set wireless.{{ section }}.mobility_domain={{ ssid.roaming.domain_identifier }}
+{%     endif %}
+{%   endif %}
+{%   if (ssid.rates): %}
+set wireless.{{ section }}.beacon_rate={{ ssid.rates.beacon }}
+set wireless.{{ section }}.mcast_rate={{ ssid.rates.multicast }}
+{%   endif %}
+set wireless.{{ section }}.ieee80211w={{ match_ieee80211w() }}
+set wireless.{{ section }}.encryption={{ crypto.proto }}
+set wireless.{{ section }}.key={{ crypto.key }}
+{%   if (crypto.auth): %}
+set wireless.{{ section }}.auth_server={{ crypto.auth.host }}
+set wireless.{{ section }}.auth_port={{ crypto.auth.port }}
+set wireless.{{ section }}.auth_secret={{ crypto.auth.secret }}
+{%   endif %}
+{%   if (crypto.acct): %}
+set wireless.{{ section }}.acct_server={{ crypto.acct.host }}
+set wireless.{{ section }}.acct_port={{ crypto.acct.port }}
+set wireless.{{ section }}.acct_secret={{ crypto.acct.secret }}
+set wireless.{{ section }}.acct_interval={{ crypto.acct.interval }}
+{%   endif %}
+{%   if (ssid.rate_limit && (ssid.rate_limit.ingress_rate || ssid.rate_limit.egress_rate)): %}

-{% if (ssid.rate_limit && (ssid.rate_limit.ingress_rate || ssid.rate_limit.egress_rate)): %}
 add ratelimit rate
 set ratelimit.@rate[-1].ssid={{ s(ssid.name) }}
 set ratelimit.@rate[-1].ingress={{ ssid.rate_limit.ingress_rate }}
 set ratelimit.@rate[-1].egress={{ ssid.rate_limit.egress_rate }}
+{%   endif %}
+{%   for (let psk in ssid.multi_psk): %}
+{%     if (!psk.key) continue %}

-{% endif %}
+add wireless wifi-station
+set wireless.@wifi-station[-1].iface={{ s(section) }}
+set wireless.@wifi-station[-1].mac={{ psk.mac }}
+set wireless.@wifi-station[-1].key={{ psk.key }}
+set wireless.@wifi-station[-1].vid={{ psk.vlan_id }}
+{%   endfor %}
 {% endfor %}
--- a/schema/interface.ssid.multi-psk.yml
+++ b/schema/interface.ssid.multi-psk.yml
@@ -6,11 +6,14 @@ properties:
  mac:
    type: string
    format: uc-mac
-  psk:
+  key:
+    description:
+      The Pre Shared Key (PSK) that is used for encryption on the BSS when
+      using any of the WPA-PSK modes.
    type: string
    maxLength: 63
    minLength: 8
-  vid:
+  vlan-id:
    type: integer
    maximum: 4096
    examples:
--- a/schemareader.uc
+++ b/schemareader.uc
@@ -504,19 +504,19 @@ function instantiateInterfaceSsidMultiPsk(value) {
 		obj.mac = value["mac"];
 	}

-	if (exists(value, "psk")) {
-		assert(type(value["psk"]) == "string", "Property interface.ssid.multi-psk.psk must be of type string");
-		assert(length(value["psk"]) <= 63, "Property interface.ssid.multi-psk.psk must be <= 63 characters long");
+	if (exists(value, "key")) {
+		assert(type(value["key"]) == "string", "Property interface.ssid.multi-psk.key must be of type string");
+		assert(length(value["key"]) <= 63, "Property interface.ssid.multi-psk.key must be <= 63 characters long");

-		assert(length(value["psk"]) >= 8, "Property interface.ssid.multi-psk.psk must be >= 8 characters long");
+		assert(length(value["key"]) >= 8, "Property interface.ssid.multi-psk.key must be >= 8 characters long");

-		obj.psk = value["psk"];
+		obj.key = value["key"];
 	}

-	if (exists(value, "vid")) {
-		assert(type(value["vid"]) == "int", "Property interface.ssid.multi-psk.vid must be of type integer");
-		assert(value["vid"] <= 4096, "Property interface.ssid.multi-psk.vid must be <= 4096");
-		obj.vid = value["vid"];
+	if (exists(value, "vlan-id")) {
+		assert(type(value["vlan-id"]) == "int", "Property interface.ssid.multi-psk.vlan-id must be of type integer");
+		assert(value["vlan-id"] <= 4096, "Property interface.ssid.multi-psk.vlan-id must be <= 4096");
+		obj.vlan_id = value["vlan-id"];
 	}

 	return obj;
--- a/ucentral.schema.json
+++ b/ucentral.schema.json
@@ -462,12 +462,12 @@
                    "type": "string",
                    "format": "uc-mac"
                },
-                "psk": {
+                "key": {
                    "type": "string",
                    "maxLength": 63,
                    "minLength": 8
                },
-                "vid": {
+                "vlan-id": {
                    "type": "integer",
                    "maximum": 4096,
                    "examples": [