WIP: Wireless-EAP migration

jcronenberg · Sep 10, 2024 · 28babcb · 28babcb
1 parent fc13b26
commit 28babcb
Show file tree

Hide file tree

Showing 2 changed files with 144 additions and 0 deletions.
diff --git a/rust/migrate-wicked/src/wireless.rs b/rust/migrate-wicked/src/wireless.rs
@@ -38,6 +38,8 @@ pub struct Network {
     #[serde(rename = "access-point")]
     pub access_point: Option<String>,
     pub wep: Option<Wep>,
+    #[serde(rename = "wpa-eap")]
+    pub wpa_eap: Option<WpaEap>,
 }
 
 #[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)]
@@ -73,6 +75,107 @@ pub struct Wep {
     pub key: Vec<String>,
 }
 
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct WpaEap {
+    pub method: EapMethod,
+    #[serde(rename = "auth-proto")]
+    pub auth_proto: EapAuthProto,
+    #[serde(rename = "pairwise-cipher")]
+    pub pairwise_cipher: EapPairwiseCipher,
+    #[serde(rename = "group-cipher")]
+    pub group_cipher: EapGroupCipher,
+    pub identity: String,
+    pub tls: Option<WickedTLS>,
+}
+
+#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)]
+#[strum(serialize_all = "kebab-case")]
+pub enum EapMethod {
+    #[default]
+    TLS,
+    PEAP,
+    TTLS,
+}
+
+#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)]
+// TODO i don't think this is correct
+// but tbh this is probably overkill anyway
+#[strum(serialize_all = "kebab-case")]
+pub enum EapAuthProto {
+    #[default]
+    WPA,
+    NONE,
+    MD5,
+    TLS,
+    PAP,
+    CHAP,
+    MSCHAP,
+    MSCHAPV2,
+    PEAP,
+    TTLS,
+    GTC,
+    OTP,
+    LEAP,
+    PSK,
+    PAX,
+    SAKE,
+    GPSK,
+    WSC,
+    IKEV2,
+    TNC,
+    FAST,
+    AKA,
+    AkaPrime,
+    SIM,
+}
+
+// TODO will have to look into wicked code into what options the "inner" and "outer" get translated
+impl TryFrom<EapAuthProto> for model::EAPMethod {
+    type Error = anyhow::Error;
+
+    fn try_from(value: EapAuthProto) -> Result<Self, Self::Error> {
+        match value {
+            EapAuthProto::LEAP => Ok(model::EAPMethod::LEAP),
+            EapAuthProto::MD5 => Ok(model::EAPMethod::MD5),
+            EapAuthProto::TLS => Ok(model::EAPMethod::TLS),
+            EapAuthProto::PEAP => Ok(model::EAPMethod::PEAP),
+            EapAuthProto::TTLS => Ok(model::EAPMethod::TTLS),
+            EapAuthProto::FAST => Ok(model::EAPMethod::FAST),
+            _ => Err(anyhow!("EAP auth-proto isn't supported by NetworkManager")),
+        }
+    }
+}
+
+#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)]
+#[strum(serialize_all = "UPPERCASE")]
+pub enum EapPairwiseCipher {
+    #[default]
+    TKIP,
+    CCMP,
+}
+
+#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)]
+#[strum(serialize_all = "UPPERCASE")]
+pub enum EapGroupCipher {
+    #[default]
+    TKIP,
+    CCMP,
+    WEP104,
+    WEP40,
+}
+
+#[derive(Debug, PartialEq, Serialize, Deserialize)]
+pub struct WickedTLS {
+    #[serde(rename = "ca-cert")]
+    pub ca_cert: String,
+    #[serde(rename = "client-cert")]
+    pub client_cert: String,
+    #[serde(rename = "client-key")]
+    pub client_key: String,
+    #[serde(rename = "client-key-passwd")]
+    pub client_key_passwd: String,
+}
+
 fn unwrap_wireless_networks<'de, D>(deserializer: D) -> Result<Option<Vec<Network>>, D::Error>
 where
     D: Deserializer<'de>,
@@ -202,6 +305,7 @@ mod tests {
                     key_management: vec!["wpa-psk".to_string()],
                     access_point: None,
                     wep: None,
+                    wpa_eap: None,
                 }]),
                 ap_scan: 0,
             }),
@@ -252,6 +356,7 @@ mod tests {
                         default_key: 1,
                         key: vec!["01020304ff".to_string(), "s:hello".to_string()],
                     }),
+                    wpa_eap: None,
                 }]),
                 ap_scan: 0,
             }),

diff --git a/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml b/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml
@@ -75,3 +75,42 @@
     <enabled>false</enabled>
   </ipv6>
 </interface>
+<interface origin="compat:suse:/etc/sysconfig/network/ifcfg-wlan2">
+  <name>wlan2</name>
+  <control>
+    <mode>manual</mode>
+  </control>
+  <firewall/>
+  <wireless>
+    <ap-scan>1</ap-scan>
+    <networks>
+      <network>
+        <essid>test</essid>
+        <scan-ssid>true</scan-ssid>
+        <mode>ap</mode>
+        <access-point>12:34:56:78:9a:bc</access-point>
+        <key-management>wpa-eap</key-management>
+        <wpa-eap>
+          <method>tls</method>
+          <auth-proto>wpa</auth-proto>
+          <pairwise-cipher>TKIP</pairwise-cipher>
+          <group-cipher>TKIP</group-cipher>
+          <identity>test</identity>
+          <tls>
+            <ca-cert type="path">/etc/sysconfig/network/./ca_cert</ca-cert>
+            <client-cert type="path">/etc/sysconfig/network/./client_cert</client-cert>
+            <client-key type="path">/etc/sysconfig/network/./client_key</client-key>
+            <client-key-passwd>testclientpw</client-key-passwd>
+          </tls>
+        </wpa-eap>
+      </network>
+    </networks>
+  </wireless>
+  <link/>
+  <ipv4>
+    <enabled>false</enabled>
+  </ipv4>
+  <ipv6>
+    <enabled>false</enabled>
+  </ipv6>
+</interface>