parse-nm: add unknown EAP methods to the passthrough section

It is used as a fallback for EAP methods we still don't support but are emitted by Network Manager.
canonical · Oct 11, 2023 · a9e021e · a9e021e
1 parent 62a2d52
commit a9e021e
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 2 deletions.
diff --git a/src/nm.c b/src/nm.c
@@ -484,7 +484,7 @@ write_wifi_auth_parameters(const NetplanAuthenticationSettings* auth, GKeyFile *
             break;
     }
 
-    if (auth->eap_method != NETPLAN_AUTH_EAP_NONE)
+    if (auth->eap_method != NETPLAN_AUTH_EAP_NONE || auth->key_management == NETPLAN_AUTH_KEY_MANAGEMENT_8021X)
         write_dot1x_auth_parameters(auth, kf);
     else if (auth->password)
         g_key_file_set_string(kf, "wifi-security", "psk", auth->password);

diff --git a/src/parse-nm.c b/src/parse-nm.c
@@ -398,8 +398,11 @@ parse_dot1x_auth(GKeyFile* kf, NetplanAuthenticationSettings* auth)
          * but Netplan accepts only one.
          *
          * TODO: eap_method needs to be fixed to store multiple methods.
+         *
+         * If at this point the eap_method is still NONE we also keep the property because
+         * it's probably a setting we still don't support.
          */
-        if (split[1] == NULL || !g_strcmp0(split[1], ""))
+        if (auth->eap_method != NETPLAN_AUTH_EAP_NONE && (split[1] == NULL || !g_strcmp0(split[1], "")))
             _kf_clear_key(kf, "802-1x", "eap");
 
         g_strfreev(split);

diff --git a/tests/parser/test_keyfile.py b/tests/parser/test_keyfile.py
@@ -620,6 +620,71 @@ def test_keyfile_type_wifi_eap_pwd(self):
         name: "myid with spaces"
 '''.format(UUID, UUID, UUID)})
 
+    def test_keyfile_type_wifi_eap_fast_passthrough(self):
+        '''The EAP-FAST method is not yet supported so it should
+        be put in the passthrough section'''
+        self.generate_from_keyfile('''[connection]
+id=Wi-Fi connection 3
+uuid={}
+type=wifi
+interface-name=wlan0
+
+[wifi]
+mode=infrastructure
+ssid=asdasdasd
+
+[wifi-security]
+key-mgmt=ieee8021x
+
+[802-1x]
+anonymous-identity=anonymous_user
+eap=fast;
+identity=username
+pac-file=/home/ubuntu/pac.pac
+password=password
+phase1-fast-provisioning=3
+phase2-auth=gtc
+
+[ipv4]
+method=auto
+
+[ipv6]
+addr-gen-mode=stable-privacy
+method=auto
+
+[proxy]'''.format(UUID))
+        self.assert_netplan({UUID: '''network:
+  version: 2
+  wifis:
+    NM-{}:
+      renderer: NetworkManager
+      match:
+        name: "wlan0"
+      dhcp4: true
+      dhcp6: true
+      ipv6-address-generation: "stable-privacy"
+      access-points:
+        "asdasdasd":
+          auth:
+            key-management: "802.1x"
+            anonymous-identity: "anonymous_user"
+            identity: "username"
+            phase2-auth: "gtc"
+            password: "password"
+          networkmanager:
+            uuid: "{}"
+            name: "Wi-Fi connection 3"
+            passthrough:
+              802-1x.eap: "fast;"
+              802-1x.pac-file: "/home/ubuntu/pac.pac"
+              802-1x.phase1-fast-provisioning: "3"
+              ipv6.ip6-privacy: "-1"
+              proxy._: ""
+      networkmanager:
+        uuid: "{}"
+        name: "Wi-Fi connection 3"
+'''.format(UUID, UUID, UUID)})
+
     def _template_keyfile_type_wifi(self, nd_mode, nm_mode):
         self.generate_from_keyfile('''[connection]
 type=wifi