diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-08-14 18:09:11 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-08-14 18:09:11 +0000 |
commit | 8600af6f3053b09e80049d22634fd3eebffdbf0d (patch) | |
tree | 61b12f7078be23f35243f03124772680ecb174f6 /usr | |
parent | fcac7c4a13e4cd4b413f47fcb626a626d2089217 (diff) | |
download | pfsense-8600af6f3053b09e80049d22634fd3eebffdbf0d.zip pfsense-8600af6f3053b09e80049d22634fd3eebffdbf0d.tar.gz |
Enforce wep key sizes
Ticket #344
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/interfaces_wlan.inc | 244 |
1 files changed, 244 insertions, 0 deletions
diff --git a/usr/local/www/interfaces_wlan.inc b/usr/local/www/interfaces_wlan.inc new file mode 100755 index 0000000..08dee1a --- /dev/null +++ b/usr/local/www/interfaces_wlan.inc @@ -0,0 +1,244 @@ +<?php +/* $Id$ */ +/* + interfaces_wlan.inc + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +$wlchannels = array(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,36,40,42,44,48,50,52,56,58,60,64,149,152,153,157,160,161,165); + +function wireless_config_init() { + global $optcfg, $pconfig; + + $pconfig['standard'] = $optcfg['wireless']['standard']; + $pconfig['mode'] = $optcfg['wireless']['mode']; + $pconfig['ssid'] = $optcfg['wireless']['ssid']; + $pconfig['stationname'] = $optcfg['wireless']['stationname']; + $pconfig['channel'] = $optcfg['wireless']['channel']; + $pconfig['txpower'] = $optcfg['wireless']['txpower']; + $pconfig['wep_enable'] = isset($optcfg['wireless']['wep']['enable']); + + if (is_array($optcfg['wireless']['wep']['key'])) { + $i = 1; + foreach ($optcfg['wireless']['wep']['key'] as $wepkey) { + $pconfig['key' . $i] = $wepkey['value']; + if (isset($wepkey['txkey'])) + $pconfig['txkey'] = $i; + $i++; + } + if (!isset($wepkey['txkey'])) + $pconfig['txkey'] = 1; + } +} + +function wireless_config_post() { + global $optcfg, $pconfig; + + unset($input_errors); + + /* input validation */ + if ($_POST['enable']) { + $reqdfields = explode(" ", "mode ssid"); + $reqdfieldsn = explode(",", "Mode,SSID"); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (!$input_errors) { + /* bridge check (hostap only!) */ + if ($pconfig['bridge'] && ($pconfig['mode'] != "hostap")) + $input_errors[] = "Bridging a wireless interface is only possible in hostap mode."; + } + } + + /* loop through keys and enforce size */ + for ($i = 1; $i <= 4; $i++) { + if ($_POST['key' . $i]) { + if(strlen($_POST['key' . $i]) <> 40 and strlen($_POST['key' . $i]) <> 104) { + $input_errors[] = "Invalid wep key size. Sizes should be 40 (64) bit keys or 104 (128) bit."; + } + } + } + + if (!$input_errors) { + + $optcfg['wireless']['standard'] = $_POST['standard']; + $optcfg['wireless']['mode'] = $_POST['mode']; + $optcfg['wireless']['ssid'] = $_POST['ssid']; + $optcfg['wireless']['stationname'] = $_POST['stationname']; + $optcfg['wireless']['channel'] = $_POST['channel']; + $optcfg['wireless']['txpower'] = $_POST['txpower']; + $optcfg['wireless']['wep']['enable'] = $_POST['wep_enable'] ? true : false; + + $optcfg['wireless']['wep']['key'] = array(); + for ($i = 1; $i <= 4; $i++) { + if ($_POST['key' . $i]) { + $newkey = array(); + $newkey['value'] = $_POST['key' . $i]; + if ($_POST['txkey'] == $i) + $newkey['txkey'] = true; + $optcfg['wireless']['wep']['key'][] = $newkey; + } + } + } + + return $input_errors; +} + +function wireless_config_print() { + global $optcfg, $pconfig, $wlchannels, $g; +?> + <tr> + <td colspan="2" valign="top" height="16"></td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Wireless configuration</td> + </tr> + <?php if (preg_match($g['wireless_regex'], $optcfg['if'])): ?> + <tr> + <td valign="top" class="vncellreq">Standard</td> + <td class="vtable"><select name="standard" class="formfld" id="standard"> + <?php + $standards = array("11b" => "802.11b", "11g" => "802.11g", "11a" => "802.11a"); + foreach ($standards as $sn => $sv): ?> + <option value="<?=$sn;?>" <?php if ($sn == $pconfig['standard']) echo "selected";?>> + <?=$sv;?> + </option> + <?php endforeach; ?> + </select></td> + </tr> + <?php endif; ?> + <tr> + <td valign="top" class="vncellreq">Mode</td> + <td class="vtable"><select name="mode" class="formfld" id="mode"> + <?php + $opts = array(); + if (preg_match($g['wireless_regex'], $optcfg['if'])) + $opts[] = "hostap"; + $opts[] = "BSS"; + $opts[] = "IBSS"; + foreach ($opts as $opt): ?> + <option <?php if ($opt == $pconfig['mode']) echo "selected";?>> + <?=htmlspecialchars($opt);?> + </option> + <?php endforeach; ?> + </select> <br> + Note: IBSS mode is sometimes also called "ad-hoc" + mode;<br> + BSS mode is also known as "infrastructure" mode</td> + </tr> + <tr> + <td valign="top" class="vncellreq">SSID</td> + <td class="vtable"><?=$mandfldhtml;?><input name="ssid" type="text" class="formfld" id="ssid" size="20" value="<?=htmlspecialchars($pconfig['ssid']);?>"> + </td> + </tr> + <tr> + <td valign="top" class="vncellreq">802.11g only</td> + <td class="vtable"> + <?php + if(isset($pconfig['pureg'])) + $CHECKED = " CHECKED"; + else + $CHECKED = ""; + ?> + <input name="pureg" type="checkbox" class="formfld" id="pureg"<?php echo $CHECKED; ?>><br> + When operating as an access point in 802.11g mode allow only 11g-capable stations to associate (11b-only stations are not permitted to associate). + </td> + </tr> + <tr> + <td valign="top" class="vncellreq">Transmit power</td> + <td class="vtable"> + <select name="txpower"> + <?php + for($x = 100; $x > 0; $x--) { + if($pconfig["txpower"] == $x) + $SELECTED = " SELECTED"; + else + $SELECTED = ""; + echo "<option {$SELECTED}>{$x}</option>\n"; + } + ?> + </select> <br> + Note: Typically only a few discreet power settings are available and the driver will use the setting closest to the specified value. Not all adaptors support changing the transmit power setting. + </td> + </tr> + <tr> + <td valign="top" class="vncellreq">Channel</td> + <td class="vtable"><select name="channel" class="formfld" id="channel"> + <option <?php if ($pconfig['channel'] == 0) echo "selected";?> value="0">Auto</option> + <?php + foreach ($wlchannels as $channel): ?> + <option <?php if ($channel == $pconfig['channel']) echo "selected";?> value="<?=$channel;?>"> + <?=$channel;?> + </option> + <?php endforeach; ?> + </select> <br> + Note: Not all channels may be supported by your card</td> + </tr> + <tr> + <td valign="top" class="vncell">Station name</td> + <td class="vtable"><input name="stationname" type="text" class="formfld" id="stationname" size="20" value="<?=htmlspecialchars($pconfig['stationname']);?>"> + <br> + Hint: this field can usually be left blank</td> + </tr> + <tr> + <td valign="top" class="vncell">WEP</td> + <td class="vtable"> <input name="wep_enable" type="checkbox" id="wep_enable" value="yes" <?php if ($pconfig['wep_enable']) echo "checked"; ?>> + <strong>Enable WEP</strong> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td> </td> + <td> </td> + <td> TX key </td> + </tr> + <tr> + <td>Key 1: </td> + <td> <input name="key1" type="text" class="formfld" id="key1" size="30" value="<?=htmlspecialchars($pconfig['key1']);?>"></td> + <td align="center"> <input name="txkey" type="radio" value="1" <?php if ($pconfig['txkey'] == 1) echo "checked";?>> + </td> + </tr> + <tr> + <td>Key 2: </td> + <td> <input name="key2" type="text" class="formfld" id="key2" size="30" value="<?=htmlspecialchars($pconfig['key2']);?>"></td> + <td align="center"> <input name="txkey" type="radio" value="2" <?php if ($pconfig['txkey'] == 2) echo "checked";?>></td> + </tr> + <tr> + <td>Key 3: </td> + <td> <input name="key3" type="text" class="formfld" id="key3" size="30" value="<?=htmlspecialchars($pconfig['key3']);?>"></td> + <td align="center"> <input name="txkey" type="radio" value="3" <?php if ($pconfig['txkey'] == 3) echo "checked";?>></td> + </tr> + <tr> + <td>Key 4: </td> + <td> <input name="key4" type="text" class="formfld" id="key4" size="30" value="<?=htmlspecialchars($pconfig['key4']);?>"></td> + <td align="center"> <input name="txkey" type="radio" value="4" <?php if ($pconfig['txkey'] == 4) echo "checked";?>></td> + </tr> + </table> + <br> + 40 (64) bit keys may be entered as 5 ASCII characters or 10 + hex digits preceded by '0x'.<br> + 104 (128) bit keys may be entered as 13 ASCII characters or + 26 hex digits preceded by '0x'.</td> + </tr> +<?php } ?> |