10000 Added another overloaded WiFiSTAClass::begin() function that provides… · doskoi/arduino-esp32@d977359 · GitHub
[go: up one dir, main page]
Skip to content

Commit d977359

Browse files
jpswensenjpswensen
authored
Added another overloaded WiFiSTAClass::begin() function that provides… (espressif#6398)
Summary The examples demonstrate how to create a WPA2 Enterprise connection, but it requires using various direct esp_idf functions. This patch is intended to create another overloaded version of the WiFi.begin() function that allows a user to create a WPA2 Enterprise connection in much the same way as different kinds of connections. My only question for the core maintainers is whether I should leave those #ifdef's in there. I added them so that it was easy to disable all the code I added via defines from my platformio.ini file, but they technically aren't necessary. Impact This should make it easier for novice users to create WPA2 Enterprise connections. For my university, I didn't need a root certificate or the client certificate or client key, so I haven't been able to debug those scenarios, but I built the begin functions to allow any one of those to be used, if needed. I can confirm that eduroam-style WPA2 Enterprise networks that only require authentication with a username and password works as expected.
1 parent ba8024c commit d977359

File tree

3 files changed

+91
-5
lines changed
  • libraries/WiFi
  • WiFiSTA.h

    • 3 files changed

    +91
    -5
    lines changed

    libraries/WiFi/examples/WiFiClientEnterprise/WiFiClientEnterprise.ino

    Lines changed: 23 additions & 5 deletions
    Original file line numberDiff line numberDiff line change
    @@ -1,10 +1,22 @@
    11
    #include <WiFi.h> //Wifi library
    22
    #include "esp_wpa2.h" //wpa2 library for connections to Enterprise networks
    33
    #define EAP_IDENTITY "login" //if connecting from another corporation, use identity@organisation.domain in Eduroam
    4+
    #define EAP_USERNAME "login" //oftentimes just a repeat of the identity
    45
    #define EAP_PASSWORD "password" //your Eduroam password
    56
    const char* ssid = "eduroam"; // Eduroam SSID
    67
    const char* host = "arduino.php5.sk"; //external server domain for HTTP connection after authentification
    78
    int counter = 0;
    9+
    10+
    // NOTE: For some systems, various certification keys are required to connect to the wifi system.
    11+
    // Usually you are provided these by the IT department of your organization when certs are required
    12+
    // and you can't connect with just an identity and password.
    13+
    // Most eduroam setups we have seen do not require this level of authentication, but you should contact
    14+
    // your IT department to verify.
    15+
    // You should uncomment these and populate with the contents of the files if this is required for your scenario (See Example 2 and Example 3 below).
    16+
    //const char *ca_pem = "insert your CA cert from your .pem file here";
    17+
    //const char *client_cert = "insert your client cert from your .crt file here";
    18+
    //const char *client_key = "insert your client key from your .key file here";
    19+
    820
    void setup() {
    921
    Serial.begin(115200);
    1022
    delay(10);
    @@ -13,11 +25,17 @@ void setup() {
    1325
    Serial.println(ssid);
    1426
    WiFi.disconnect(true); //disconnect form wifi to set new wifi connection
    1527
    WiFi.mode(WIFI_STA); //init wifi mode
    16-
    esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY)); //provide identity
    17-
    esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EAP_IDENTITY, strlen(EAP_IDENTITY)); //provide username --> identity and username is same
    18-
    esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EAP_PASSWORD, strlen(EAP_PASSWORD)); //provide password
    19-
    esp_wifi_sta_wpa2_ent_enable();
    20-
    WiFi.begin(ssid); //connect to wifi
    28+
    29+
    // Example1 (most common): a cert-file-free eduroam with PEAP (or TTLS)
    30+
    WiFi.begin(ssid, WPA2_AUTH_PEAP, EAP_IDENTITY, EAP_USERNAME, EAP_PASSWORD);
    31+
    32+
    // Example 2: a cert-file WPA2 Enterprise with PEAP
    33+
    //WiFi.begin(ssid, WPA2_AUTH_PEAP, EAP_IDENTITY, EAP_USERNAME, EAP_PASSWORD, ca_pem, client_cert, client_key);
    34+
    35+
    // Example 3: TLS with cert-files and no password
    36+
    //WiFi.begin(ssid, WPA2_AUTH_TLS, EAP_IDENTITY, NULL, NULL, ca_pem, client_cert, client_key);
    37+
    38+
    2139
    while (WiFi.status() != WL_CONNECTED) {
    2240
    delay(500);
    2341
    Serial.print(".");

    libraries/WiFi/src/WiFiSTA.cpp

    Lines changed: 62 additions & 0 deletions
    Original file line numberDiff line numberDiff line change
    @@ -42,6 +42,7 @@ extern "C" {
    4242
    #include "lwip/dns.h"
    4343
    #include <esp_smartconfig.h>
    4444
    #include <esp_netif.h>
    45+
    #include "esp_wpa2.h"
    4546
    }
    4647

    4748
    // -----------------------------------------------------------------------------------------------------------------------
    @@ -145,6 +146,67 @@ wl_status_t WiFiSTAClass::status()
    145146
    return (wl_status_t)xEventGroupClearBits(_sta_status_group, 0);
    146147
    }
    147148

    149+
    /**
    150+
    * Start Wifi connection with a WPA2 Enterprise AP
    151+
    * if passphrase is set the most secure supported mode will be automatically selected
    152+
    * @param ssid const char* Pointer to the SSID string.
    153+
    * @param method wpa2_method_t The authentication method of WPA2 (WPA2_AUTH_TLS, WPA2_AUTH_PEAP, WPA2_AUTH_TTLS)
    154+
    * @param wpa2_identity const char* Pointer to the entity
    155+
    * @param wpa2_username const char* Pointer to the username
    156+
    * @param password const char * Pointer to the password.
    157+
    * @param ca_pem const char* Pointer to a string with the contents of a .pem file with CA cert
    158+
    * @param client_crt const char* Pointer to a string with the contents of a .crt file with client cert
    159+
    * @param client_key const char* Pointer to a string with the contants of a .key file with client key
    160+
    * @param bssid uint8_t[6] Optional. BSSID / MAC of AP
    161+
    * @param channel Optional. Channel of AP
    162+
    * @param connect Optional. call connect
    163+
    * @return
    164+
    */
    165+
    wl_status_t WiFiSTAClass::begin(const char* wpa2_ssid, wpa2_auth_method_t method, const char* wpa2_identity, const char* wpa2_username, const char *wpa2_password, const char* ca_pem, const char* client_crt, const char* client_key, int32_t channel, const uint8_t* bssid, bool connect)
    166+
    {
    167+
    if(!WiFi.enableSTA(true)) {
    168+
    log_e("STA enable failed!");
    169+
    return WL_CONNECT_FAILED;
    170+
    }
    171+
    172+
    if(!wpa2_ssid || *wpa2_ssid == 0x00 || strlen(wpa2_ssid) > 32) {
    173+
    log_e("SSID too long or missing!");
    174+
    return WL_CONNECT_FAILED;
    175+
    }
    176+
    177+
    if(wpa2_identity && strlen(wpa2_identity) > 64) {
    178+
    log_e("identity too long!");
    179+
    return WL_CONNECT_FAILED;
    180+
    }
    181+
    182+
    if(wpa2_username && strlen(wpa2_username) > 64) {
    183+
    log_e("username too long!");
    184+
    return WL_CONNECT_FAILED;
    185+
    }
    186+
    187+
    if(wpa2_password && strlen(wpa2_password) > 64) {
    188+
    log_e("password too long!");
    189+
    }
    190+
    191+
    if(ca_pem) {
    192+
    esp_wifi_sta_wpa2_ent_set_ca_cert((uint8_t *)ca_pem, strlen(ca_pem));
    193+
    }
    194+
    195+
    if(client_crt) {
    196+
    esp_wifi_sta_wpa2_ent_set_cert_key((uint8_t *)client_crt, strlen(client_crt), (uint8_t *)client_key, strlen(client_key), NULL, 0);
    197+
    }
    198+
    199+
    esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)wpa2_identity, strlen(wpa2_identity));
    200+
    if(method == WPA2_AUTH_PEAP || method == WPA2_AUTH_TTLS) {
    201+
    esp_wifi_sta_wpa2_ent_set_username((uint8_t *)wpa2_username, strlen(wpa2_username));
    202+
    esp_wifi_sta_wpa2_ent_set_password((uint8_t *)wpa2_password, strlen(wpa2_password));
    203+
    }
    204+
    esp_wifi_sta_wpa2_ent_enable(); //set config settings to enable function
    205+
    WiFi.begin(wpa2_ssid); //connect to wifi
    206+
    207+
    return status();
    208+
    }
    209+
    148210
    /**
    149211
    * Start Wifi connection
    150212
    * if passphrase is set the most secure supported mode will be automatically selected

    libraries/WiFi/src/WiFiSTA.h

    Lines changed: 6 additions & 0 deletions
    Original file line numberDiff line numberDiff line change
    @@ -30,6 +30,11 @@
    3030
    #include "esp_event.h"
    3131
    #endif
    3232

    33+
    typedef enum {
    34+
    WPA2_AUTH_TLS = 0,
    35+
    WPA2_AUTH_PEAP = 1,
    36+
    WPA2_AUTH_TTLS = 2
    37+
    } wpa2_auth_method_t;
    3338

    3439
    class WiFiSTAClass
    3540
    {
    @@ -39,6 +44,7 @@ class WiFiSTAClass
    3944

    4045
    public:
    4146

    47+
    wl_status_t begin(const char* wpa2_ssid, wpa2_auth_method_t method, const char* wpa2_identit 4E62 y=NULL, const char* wpa2_username=NULL, const char *wpa2_password=NULL, const char* ca_pem=NULL, const char* client_crt=NULL, const char* client_key=NULL, int32_t channel=0, const uint8_t* bssid=0, bool connect=true);
    4248
    wl_status_t begin(const char* ssid, const char *passphrase = NULL, int32_t channel = 0, const uint8_t* bssid = NULL, bool connect = true);
    4349
    wl_status_t begin(char* ssid, char *passphrase = NULL, int32_t channel = 0, const uint8_t* bssid = NULL, bool connect = true);
    4450
    wl_status_t begin();

    0 commit comments

    Comments
     (0)
    0