From 27c75f348a73b80e98b29a92cf0c0aa6de1bc746 Mon Sep 17 00:00:00 2001 From: David Lamparter Date: Sun, 7 Aug 2016 13:21:38 +0200 Subject: [PATCH 1/5] wifi: simplify connect handling --- lib/wifi.py | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/lib/wifi.py b/lib/wifi.py index eca5435..d41db15 100644 --- a/lib/wifi.py +++ b/lib/wifi.py @@ -43,19 +43,15 @@ def connect(wait = True, timeout = 10): return details = connection_details() + if not wait: + timeout = None if "pw" in details and details["pw"]: - if wait: - nic().connect(details["ssid"], details["pw"], timeout=timeout) - wait_for_connection() - else: - nic().connect(details["ssid"], details["pw"], timeout=None) + nic().connect(details["ssid"], details["pw"], timeout=timeout) else: - if wait: - nic().connect(details["ssid"], timeout=timeout) - wait_for_connection() - else: - nic().connect(details["ssid"], timeout=None) + nic().connect(details["ssid"], timeout=timeout) + if wait: + wait_for_connection() def wait_for_connection(): while not nic().is_connected(): From 4b323380249855cd06f7f2421934cc0452ab703b Mon Sep 17 00:00:00 2001 From: David Lamparter Date: Sun, 7 Aug 2016 13:22:11 +0200 Subject: [PATCH 2/5] wifi: add WPA-EAP connection support --- lib/wifi.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/wifi.py b/lib/wifi.py index d41db15..f47f53b 100644 --- a/lib/wifi.py +++ b/lib/wifi.py @@ -45,7 +45,12 @@ def connect(wait = True, timeout = 10): if not wait: timeout = None - if "pw" in details and details["pw"]: + if "username" in details and details["username"]: + _nic.connect(details["ssid"], details["pw"], timeout=timeout, + security=_nic.WPA_ENT, eapmethod=_nic.EAP_METHOD_TTLS_MSCHAPv2, + username=details["username"], + anonname=details.get("anonname", "badge")) + elif "pw" in details and details["pw"]: nic().connect(details["ssid"], details["pw"], timeout=timeout) else: nic().connect(details["ssid"], timeout=timeout) From 917790e76b8e4030dfc653dbfeed42ca32afefb5 Mon Sep 17 00:00:00 2001 From: David Lamparter Date: Sun, 7 Aug 2016 13:27:41 +0200 Subject: [PATCH 3/5] wifi: support certificate loading --- lib/wifi.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/lib/wifi.py b/lib/wifi.py index f47f53b..532c73d 100644 --- a/lib/wifi.py +++ b/lib/wifi.py @@ -38,6 +38,23 @@ def connection_details(): def ssid(): return connection_details()["ssid"] +def loadcert(filepath): + nic() + try: + _nic.file_del('/cert/ca.pem') + except: + pass + + size = os.stat(filepath)[6] + fi = open(filepath, 'rb') + fh = _nic.file_open('/cert/ca.pem', _nic.FILE_MODE_CREATE, size) + offs = 0 + while offs < size: + data = fi.read(1024) + _nic.file_write(fh, offs, data) + offs += len(data) + _nic.file_close(fh) + def connect(wait = True, timeout = 10): if nic().is_connected(): return @@ -46,6 +63,9 @@ def connect(wait = True, timeout = 10): if not wait: timeout = None if "username" in details and details["username"]: + if "certfile" in details: + loadcert('/flash/%s' % details["certfile"]) + _nic.connect(details["ssid"], details["pw"], timeout=timeout, security=_nic.WPA_ENT, eapmethod=_nic.EAP_METHOD_TTLS_MSCHAPv2, username=details["username"], From cd46561659bc9462dba512b54721641cd2bf70d6 Mon Sep 17 00:00:00 2001 From: David Lamparter Date: Sun, 7 Aug 2016 13:30:55 +0200 Subject: [PATCH 4/5] wifi: include wifi-eap.json for emfcamp 802.1X --- ca.chain | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++ wifi-eap.json | 1 + 2 files changed, 79 insertions(+) create mode 100755 ca.chain create mode 100644 wifi-eap.json diff --git a/ca.chain b/ca.chain new file mode 100755 index 0000000..554037e --- /dev/null +++ b/ca.chain @@ -0,0 +1,78 @@ +-----BEGIN CERTIFICATE----- +MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW +MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg +Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9 +MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi +U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh +cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk +pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf +OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C +Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT +Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi +HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM +Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w ++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+ +Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3 +Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B +26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID +AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE +FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j +ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js +LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM +BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0 +Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy +dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh +cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh +YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg +dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp +bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ +YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT +TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ +9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8 +jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW +FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz +ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1 +ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L +EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu +L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq +yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC +O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V +um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh +NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF5TCCA82gAwIBAgIQal3D5TtOT9B7aR6l/OxkazANBgkqhkiG9w0BAQsFADB9 +MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi +U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh +cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUxMjE2MDEwMDA1WhcN +MzAxMjE2MDEwMDA1WjB4MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g +THRkLjEpMCcGA1UECxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx +JjAkBgNVBAMTHVN0YXJ0Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uz0qohni7BLYmaWv8lEaObCK0ygM86s +eeN2w9FW4HWvQbQKRYDvy43kFuMmFD4RHkHn1Mk7sijXkJ/F8NH+5Tjbins7tFIC +ZXd+Qe2ODCMcWbOLoYB54sM514tsZk6m3M4lZi3gmT7ISFiNdKpf/C3dZwasWea+ +dbLpwQWZEcM6oCXmW/6L3kwQAhC0GhJm2rBVrYEDvZq1EK3Bv+g5gAW8DVfusUai +oyW0wfQdnKtOLv1M4rtezrKtE8T5tjyeKvFqMX93+LYVlT8Vs+sD12s3ncldqEDL +U89IiBjg6FsbLfM2Ket/3RbfvggfQMPQshipdhrZL8q10jibTlViGQIDAQABo4IB +ZDCCAWAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF +BQcDATASBgNVHRMBAf8ECDAGAQH/AgEAMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6 +Ly9jcmwuc3RhcnRzc2wuY29tL3Nmc2NhLmNybDBmBggrBgEFBQcBAQRaMFgwJAYI +KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbTAwBggrBgEFBQcwAoYk +aHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvY2EuY3J0MB0GA1UdDgQWBBTX +kU4BxLC/+Mhnk0Sc5zP6rZMMrzAfBgNVHSMEGDAWgBROC+8apEBbpRdphzDKNGhD +0EGu8jA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cDovL3d3 +dy5zdGFydHNzbC5jb20vcG9saWN5MA0GCSqGSIb3DQEBCwUAA4ICAQCO5z+95Eu6 +gog9K9e7DatQXfeUL8zq1Ycj0HKo3ZvFhRjULAVrMj7JrURtfoZziTDl39gvMDhL +voN5EFEYQWyre5ySsFgGeZQHIC0zhETILSyAE7JCKaEJ//APnkcQfx458GOuJvi+ +p2JpRxa8Sc/HVJ9HqA687QbbJFFZlUP5IqLtCb8yZVBURd4Nm/+01DXBzomoQPwA +K3cYl9br6Q+eKmCKPKN6X4IT1gwtwXuca1f3OpZTbUFPdPz1KvP1qCFt+rNieSmO +BN76Xa9ffzoBByzVdnvk2OHuopmJq/eHF+E3s+GFYT6Oxjrez/lEbBvgEmGyXZOZ +aj6XeDnBxOIYRODfnZG99cy2q5WtDLHKuiMogJGO89PWaI2jK1Aq5sa0j55jp2Je +FXbRieKw5CKreCIiNR9MpaffieLgbTcK1BSKjxUZtd7BqJ3x1lvD2jbe7WKqzusZ +btPhFgrDDsgdw27zQokNYBZZaa1LwYZGZgddiAcLcYkilGobA2wLKk6eYz6VnatD +dI4aQx6FkHWvKU0e7s/cUym6Px3vXrC4z6woAztC98XaorPO0pkL73P4dKSjnKYY +rYsqe7BnBGtANf1XaG5Pm8BUWJ9WZAWin6KsJXTo8Nj0G4CRq7dq17LBnCbi9Qmp +Szc2kuPNbrV8PvbTLIXupfZFFj0d9mpaFg== +-----END CERTIFICATE----- diff --git a/wifi-eap.json b/wifi-eap.json new file mode 100644 index 0000000..04ec3a2 --- /dev/null +++ b/wifi-eap.json @@ -0,0 +1 @@ +{"ssid": "emfcamp-legacy", "username": "badge", "pw": "badge", "certfile": "ca.chain"} From c44565f71b28a05d6a7375a93df6bbe33c70713d Mon Sep 17 00:00:00 2001 From: David Lamparter Date: Sun, 7 Aug 2016 13:34:02 +0200 Subject: [PATCH 5/5] wifi: fail nicely when WPA-EAP is not supported --- lib/wifi.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/wifi.py b/lib/wifi.py index 532c73d..8a164c3 100644 --- a/lib/wifi.py +++ b/lib/wifi.py @@ -63,6 +63,8 @@ def connect(wait = True, timeout = 10): if not wait: timeout = None if "username" in details and details["username"]: + if not hasattr(_nic, 'WPA_ENT'): + raise OSError("You are trying to use WPA-EAP, but haven't updated your Micropython.") if "certfile" in details: loadcert('/flash/%s' % details["certfile"])