Skip to content

Commit

Permalink
parse-nm: fix eap_method handling
Browse files Browse the repository at this point in the history 
Network Manager will append a ";" to the 802-1x.eap value. We were
failing to parse this field because of that and other 802-1x properties
wouldn't be emitted.

This addresses LP: #2016625
  • Loading branch information
@daniloegea
daniloegea committed May 11, 2023
1 parent 59aabf9 commit d1fdebf
Show file tree
Hide file tree
Showing 2 changed files with 126 additions and 9 deletions.
32 changes: 23 additions & 9 deletions src/parse-nm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,15 +352,29 @@ parse_dot1x_auth(GKeyFile* kf, NetplanAuthenticationSettings* auth)
g_assert(auth);
g_autofree gchar* method = g_key_file_get_string(kf, "802-1x", "eap", NULL);

if (method && g_strcmp0(method, "tls") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_TLS;
_kf_clear_key(kf, "802-1x", "eap");
} else if (method && g_strcmp0(method, "peap") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_PEAP;
_kf_clear_key(kf, "802-1x", "eap");
} else if (method && g_strcmp0(method, "ttls") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_TTLS;
_kf_clear_key(kf, "802-1x", "eap");
if (method && g_strcmp0(method, "") != 0) {
gchar** split = g_strsplit(method, ";", 2);
gchar* first_method = split[0];

if (g_strcmp0(first_method, "tls") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_TLS;
} else if (g_strcmp0(first_method, "peap") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_PEAP;
} else if (g_strcmp0(first_method, "ttls") == 0) {
auth->eap_method = NETPLAN_AUTH_EAP_TTLS;
}

/* If "method" (which is a list separated by ";") has more than one value,
* we keep the key so it will also be written as a passthrough key.
* That's required because Network Manager accepts multiple methods
* but Netplan accepts only one.
*
* TODO: eap_method needs to be fixed to store multiple methods.
*/
if (split[1] == NULL || !g_strcmp0(split[1], ""))
_kf_clear_key(kf, "802-1x", "eap");

g_strfreev(split);
}

handle_generic_str(kf, "802-1x", "identity", &auth->identity);
Expand Down
103 changes: 103 additions & 0 deletions tests/parser/test_keyfile.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1388,3 +1388,106 @@ def test_keyfile_nm_140_default_ethernet_group(self):
ipv6.ip6-privacy: "-1"
proxy._: ""
'''.format(UUID)})

def test_multiple_eap_methods(self):
self.generate_from_keyfile('''[connection]
id=MyWifi
uuid={}
type=wifi
interface-name=wlp2s0
[wifi]
mode=infrastructure
ssid=MyWifi
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[802-1x]
ca-cert=/path/to/my/crt.crt
eap=peap;tls
identity=username
password=123456
phase2-auth=mschapv2
[ipv4]
method=auto\n'''.format(UUID))
self.assert_netplan({UUID: '''network:
version: 2
wifis:
NM-{}:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
access-points:
"MyWifi":
auth:
key-management: "eap"
method: "peap"
identity: "username"
ca-certificate: "/path/to/my/crt.crt"
phase2-auth: "mschapv2"
password: "123456"
networkmanager:
uuid: "{}"
name: "MyWifi"
passthrough:
wifi-security.auth-alg: "open"
802-1x.eap: "peap;tls"
networkmanager:
uuid: "{}"
name: "MyWifi"
'''.format(UUID, UUID, UUID)})

def test_single_eap_method(self):
self.generate_from_keyfile('''[connection]
id=MyWifi
uuid={}
type=wifi
interface-name=wlp2s0
[wifi]
mode=infrastructure
ssid=MyWifi
[wifi-security]
auth-alg=open
key-mgmt=wpa-eap
[802-1x]
ca-cert=/path/to/my/crt.crt
eap=peap;
identity=username
password=123456
phase2-auth=mschapv2
[ipv4]
method=auto\n'''.format(UUID))
self.assert_netplan({UUID: '''network:
version: 2
wifis:
NM-{}:
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
access-points:
"MyWifi":
auth:
key-management: "eap"
method: "peap"
identity: "username"
ca-certificate: "/path/to/my/crt.crt"
phase2-auth: "mschapv2"
password: "123456"
networkmanager:
uuid: "{}"
name: "MyWifi"
passthrough:
wifi-security.auth-alg: "open"
networkmanager:
uuid: "{}"
name: "MyWifi"
'''.format(UUID, UUID, UUID)})

0 comments on commit d1fdebf

Please sign in to comment.