From 28babcb5daef50ebef99bfb66079d74c2b8c85d7 Mon Sep 17 00:00:00 2001 From: Jorik Cronenberg Date: Mon, 9 Sep 2024 15:44:17 +0200 Subject: [PATCH] WIP: Wireless-EAP migration --- rust/migrate-wicked/src/wireless.rs | 105 ++++++++++++++++++ .../tests/wireless/wicked_xml/wireless.xml | 39 +++++++ 2 files changed, 144 insertions(+) diff --git a/rust/migrate-wicked/src/wireless.rs b/rust/migrate-wicked/src/wireless.rs index 64b07917ed..bd24f43b7f 100644 --- a/rust/migrate-wicked/src/wireless.rs +++ b/rust/migrate-wicked/src/wireless.rs @@ -38,6 +38,8 @@ pub struct Network { #[serde(rename = "access-point")] pub access_point: Option, pub wep: Option, + #[serde(rename = "wpa-eap")] + pub wpa_eap: Option, } #[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)] @@ -73,6 +75,107 @@ pub struct Wep { pub key: Vec, } +#[derive(Debug, PartialEq, Serialize, Deserialize)] +pub struct WpaEap { + pub method: EapMethod, + #[serde(rename = "auth-proto")] + pub auth_proto: EapAuthProto, + #[serde(rename = "pairwise-cipher")] + pub pairwise_cipher: EapPairwiseCipher, + #[serde(rename = "group-cipher")] + pub group_cipher: EapGroupCipher, + pub identity: String, + pub tls: Option, +} + +#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)] +#[strum(serialize_all = "kebab-case")] +pub enum EapMethod { + #[default] + TLS, + PEAP, + TTLS, +} + +#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)] +// TODO i don't think this is correct +// but tbh this is probably overkill anyway +#[strum(serialize_all = "kebab-case")] +pub enum EapAuthProto { + #[default] + WPA, + NONE, + MD5, + TLS, + PAP, + CHAP, + MSCHAP, + MSCHAPV2, + PEAP, + TTLS, + GTC, + OTP, + LEAP, + PSK, + PAX, + SAKE, + GPSK, + WSC, + IKEV2, + TNC, + FAST, + AKA, + AkaPrime, + SIM, +} + +// TODO will have to look into wicked code into what options the "inner" and "outer" get translated +impl TryFrom for model::EAPMethod { + type Error = anyhow::Error; + + fn try_from(value: EapAuthProto) -> Result { + match value { + EapAuthProto::LEAP => Ok(model::EAPMethod::LEAP), + EapAuthProto::MD5 => Ok(model::EAPMethod::MD5), + EapAuthProto::TLS => Ok(model::EAPMethod::TLS), + EapAuthProto::PEAP => Ok(model::EAPMethod::PEAP), + EapAuthProto::TTLS => Ok(model::EAPMethod::TTLS), + EapAuthProto::FAST => Ok(model::EAPMethod::FAST), + _ => Err(anyhow!("EAP auth-proto isn't supported by NetworkManager")), + } + } +} + +#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)] +#[strum(serialize_all = "UPPERCASE")] +pub enum EapPairwiseCipher { + #[default] + TKIP, + CCMP, +} + +#[derive(Default, Debug, PartialEq, SerializeDisplay, DeserializeFromStr, EnumString, Display)] +#[strum(serialize_all = "UPPERCASE")] +pub enum EapGroupCipher { + #[default] + TKIP, + CCMP, + WEP104, + WEP40, +} + +#[derive(Debug, PartialEq, Serialize, Deserialize)] +pub struct WickedTLS { + #[serde(rename = "ca-cert")] + pub ca_cert: String, + #[serde(rename = "client-cert")] + pub client_cert: String, + #[serde(rename = "client-key")] + pub client_key: String, + #[serde(rename = "client-key-passwd")] + pub client_key_passwd: String, +} + fn unwrap_wireless_networks<'de, D>(deserializer: D) -> Result>, D::Error> where D: Deserializer<'de>, @@ -202,6 +305,7 @@ mod tests { key_management: vec!["wpa-psk".to_string()], access_point: None, wep: None, + wpa_eap: None, }]), ap_scan: 0, }), @@ -252,6 +356,7 @@ mod tests { default_key: 1, key: vec!["01020304ff".to_string(), "s:hello".to_string()], }), + wpa_eap: None, }]), ap_scan: 0, }), diff --git a/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml b/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml index 0edebaf1ce..e4ffc60cdc 100644 --- a/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml +++ b/rust/migrate-wicked/tests/wireless/wicked_xml/wireless.xml @@ -75,3 +75,42 @@ false + + wlan2 + + manual + + + + 1 + + + test + true + ap + 12:34:56:78:9a:bc + wpa-eap + + tls + wpa + TKIP + TKIP + test + + /etc/sysconfig/network/./ca_cert + /etc/sysconfig/network/./client_cert + /etc/sysconfig/network/./client_key + testclientpw + + + + + + + + false + + + false + +