Development

2026-06-06 14:25:01 -04:00 · 2026-06-06 14:25:01 -04:00 · 33ec9e7f1c
commit 33ec9e7f1c
parent ae0019f85d
4 changed files with 36 additions and 16 deletions
--- a/docker/routlin-dash/app/pages/radius/action.py
+++ b/docker/routlin-dash/app/pages/radius/action.py
@ -88,12 +88,20 @@ def auth_mode_save():
            after['inner_protocol'] = inner_protocol
        else:
            after.pop('inner_protocol', None)
+        if eap_protocol in ('eap_peap', 'eap_ttls'):
+            after['include_length'] = include_length
+        else:
+            after.pop('include_length', None)
+    elif auth_mode == 'eap_credential':
        after['include_length'] = include_length
-    else:
-        after.pop('eap_protocol',    None)
-        after.pop('tunneled_reply',  None)
-        after.pop('inner_protocol',  None)
-        after.pop('include_length',  None)
+        after.pop('eap_protocol',   None)
+        after.pop('tunneled_reply', None)
+        after.pop('inner_protocol', None)
+    else:  # mab
+        after.pop('eap_protocol',   None)
+        after.pop('tunneled_reply', None)
+        after.pop('inner_protocol', None)
+        after.pop('include_length', None)
    cfg.setdefault('radius', {})['options'] = after

    changes = diff_fields(before, after)
--- a/docker/routlin-dash/app/pages/radius/content.json
+++ b/docker/routlin-dash/app/pages/radius/content.json
@ -164,7 +164,7 @@
      "items": [
        {
          "type": "p",
-          "text": "Unknown or unregistered devices are assigned to this VLAN. For wired switch ports, also set the fallback network in your managed switch's configuration."
+          "text": "Unknown devices are assigned to this VLAN. For wired switch ports, also set the fallback network in your managed switch's configuration."
        },
        {
          "type": "raw_html",
@ -267,6 +267,18 @@
              "value": "%RADIUS_TUNNELED_REPLY%",
              "hint": "Copies VLAN and authorization attributes from the inner EAP exchange to the outer RADIUS Access-Accept. Required by some switches for VLAN assignment to work correctly."
            },
+            {
+              "type": "raw_html",
+              "html": "</div>"
+            },
+            {
+              "type": "raw_html",
+              "html": "</div>"
+            },
+            {
+              "type": "raw_html",
+              "html": "<div id=\"eap-include-length-row\">"
+            },
            {
              "type": "field",
              "label": "",
@ -280,10 +292,6 @@
              "type": "raw_html",
              "html": "</div>"
            },
-            {
-              "type": "raw_html",
-              "html": "</div>"
-            },
            {
              "type": "button_row",
              "items": [
--- a/docker/routlin-dash/app/pages/radius/view.py
+++ b/docker/routlin-dash/app/pages/radius/view.py
@ -104,9 +104,9 @@ def collect_tokens(cfg):
    all_radius_clients = [r for r in cfg.get('dhcp_reservations', []) if r.get('radius_client') is True]
    n = len(all_radius_clients)
    if n > 0:
-        tokens['RADIUS_CLIENT_STATUS_TEXT'] = f"RADIUS will be disabled if there are no RADIUS Clients specified on the DHCP Reservations page. There are currently {n} RADIUS Client{'s' if n != 1 else ''}. RADIUS is enabled."
+        tokens['RADIUS_CLIENT_STATUS_TEXT'] = f"RADIUS will be disabled if there are no RADIUS Clients (authenticators) specified on the DHCP Reservations page. There are currently {n} RADIUS Client{'s' if n != 1 else ''}. RADIUS is enabled."
    else:
-        tokens['RADIUS_CLIENT_STATUS_TEXT'] = "RADIUS will be disabled if there are no RADIUS Clients specified on the DHCP Reservations page. There are currently 0 RADIUS Clients. RADIUS is disabled."
+        tokens['RADIUS_CLIENT_STATUS_TEXT'] = "RADIUS will be disabled if there are no RADIUS Clients (authenticators) specified on the DHCP Reservations page. There are currently 0 RADIUS Clients. RADIUS is disabled."

    radius_client_reservations = [
        r for r in all_radius_clients
--- a/routlin/mod_radius.py
+++ b/routlin/mod_radius.py
@ -295,10 +295,14 @@ def set_freeradius_eap(data):
        inner_block = 'peap' if eap_protocol == 'eap_peap' else 'ttls'
        content4 = _patch_setting_in_block(content4, inner_block, 'default_eap_type', inner_protocol)

-    if eap_protocol in ('eap_peap', 'eap_ttls'):
-        il_val     = 'yes' if opts.get('include_length', False) else 'no'
-        inner_blk  = 'peap' if eap_protocol == 'eap_peap' else 'ttls'
-        content4   = _patch_setting_in_block(content4, inner_blk, 'include_length', il_val)
+    auth_mode = opts.get('auth_mode', 'mab')
+    if auth_mode == 'eap_credential':
+        il_val   = 'yes' if opts.get('include_length', False) else 'no'
+        content4 = _patch_setting_in_block(content4, 'tls', 'include_length', il_val)
+    elif eap_protocol in ('eap_peap', 'eap_ttls'):
+        il_val    = 'yes' if opts.get('include_length', False) else 'no'
+        inner_blk = 'peap' if eap_protocol == 'eap_peap' else 'ttls'
+        content4  = _patch_setting_in_block(content4, inner_blk, 'include_length', il_val)

    if content4 == content:
        return False