bug: 802.1x configuration is not turned into an iwd KnownNetwork

bug: 802.1x configuration is not turned into an iwd KnownNetwork

[Jade Lovelace]

I just set up an 802.1x configuration with Connman and iwd and it
seems that Connman is not telling iwd about its network configuration
files and turning them into iwd KnownNetworks.

When I create a config file for a network in /var/lib/connman for an
802.1x network, then try to connect to it, it will get stuck in
"association":

connmanctl> services wifi_9cb6d0f7daaf_7075626c6963726f616d_managed_ieee8021x
/net/connman/service/wifi_9cb6d0f7daaf_7075626c6963726f616d_managed_ieee8021x
  Type = wifi
  Security = [ ieee8021x ]
  State = association
  Strength = 56
  Favorite = True
  Immutable = True
  AutoConnect = True
  Name = publicroam

I had a think about this and concluded it was probably that connman
didn't create the known network on the iwd side, which I confirmed by
manually creating /var/lib/iwd/publicroam.8021x with the correct
configuration, solving the issue. I suspect that if I was using some
UI for connman that creates networks via D-Bus rather than via
configuration files, it might work, but the fact that the connman
config files don't apply to iwd is inconsistent with the behaviour
under wpa_supplicant.

I am using connman-1.41 on NixOS.

Here is my config "publicroam.config":

[service_publicroam]
Type=wifi
Name=publicroam
EAP=peap
Phase2=MSCHAPV2
Identity=<REDACTED>
Passphrase=<REDACTED>

Here is the relevant connman log (with iwd debug logging on):

Dec 28 13:24:34 snowflake connmand[266352]:
plugins/iwd.c:object_added() net.connman.iwd.Network
/net/connman/iwd/0/5/7075626c6963726f616d_8021x
Dec 28 13:24:34 snowflake connmand[266352]:
plugins/iwd.c:create_network() device /net/connman/iwd/0/5 name
'publicroam' type 8021x connected 0 known_network (null)
Dec 28 13:24:34 snowflake connmand[266352]:
plugins/iwd.c:station_property_change() /net/connman/iwd/0/5 scanning
0
Dec 28 13:24:34 snowflake connmand[266352]:
plugins/iwd.c:station_property_change() /net/connman/iwd/0/5 scanning
1
Dec 28 13:24:34 snowflake connmand[266352]: plugins/iwd.c:ordered_networks_cb()
<<< REDACTED >>>
Dec 28 13:24:55 snowflake connmand[266352]: EAP type has not been
found. Most likely ConnMan is not able to find a configuration for
given 8021X network. Check SSID or Name match with the network name.

^^^^^^^ ------ This was when I tried to ask it to connect prior to
configuring it

<<< REDACTED >>>
Dec 28 13:27:04 snowflake connmand[266352]: Adding configuration publicroam
Dec 28 13:27:04 snowflake connmand[266352]: Adding service
configuration publicroam

^^^^^^^ ------ Then I added a configuration here

Dec 28 13:27:04 snowflake connmand[266352]:
plugins/iwd.c:cm_network_connect_cb()
/net/connman/iwd/0/5/7075626c6963726f616d_8021x connect failed:
net.connman.iwd.NotConfigured

^^^^^^^ ------ But connecting fails

Jade

Re: bug: 802.1x configuration is not turned into an iwd KnownNetwork

[Daniel Wagner]

On Wed, Dec 28, 2022 at 02:16:03PM +0100, Jade Lovelace wrote:
> I just set up an 802.1x configuration with Connman and iwd and it
> seems that Connman is not telling iwd about its network configuration
> files and turning them into iwd KnownNetworks.
> 
> When I create a config file for a network in /var/lib/connman for an
> 802.1x network, then try to connect to it, it will get stuck in
> "association":
> 
> connmanctl> services wifi_9cb6d0f7daaf_7075626c6963726f616d_managed_ieee8021x
> /net/connman/service/wifi_9cb6d0f7daaf_7075626c6963726f616d_managed_ieee8021x
>   Type = wifi
>   Security = [ ieee8021x ]
>   State = association
>   Strength = 56
>   Favorite = True
>   Immutable = True
>   AutoConnect = True
>   Name = publicroam
> 
> I had a think about this and concluded it was probably that connman
> didn't create the known network on the iwd side, which I confirmed by
> manually creating /var/lib/iwd/publicroam.8021x with the correct
> configuration, solving the issue. I suspect that if I was using some
> UI for connman that creates networks via D-Bus rather than via
> configuration files, it might work, but the fact that the connman
> config files don't apply to iwd is inconsistent with the behaviour
> under wpa_supplicant.

ConnMan interacts with iwd only via the D-Bus interface. I can't remember that
we added any code to do any provisioning in iwd (also a quick glance over the
iwd plugin code doesn't ring any bell). Also I couldn't find any API doc in iwd
which covers this topic. So I don't know if it is currently possible to
provision iwd via the D-Bus API.

> I am using connman-1.41 on NixOS.
> 
> Here is my config "publicroam.config":
> 
> [service_publicroam]
> Type=wifi
> Name=publicroam
> EAP=peap
> Phase2=MSCHAPV2
> Identity=<REDACTED>
> Passphrase=<REDACTED>
> 
> Here is the relevant connman log (with iwd debug logging on):
> 
> Dec 28 13:24:34 snowflake connmand[266352]:
> plugins/iwd.c:object_added() net.connman.iwd.Network
> /net/connman/iwd/0/5/7075626c6963726f616d_8021x
> Dec 28 13:24:34 snowflake connmand[266352]:
> plugins/iwd.c:create_network() device /net/connman/iwd/0/5 name
> 'publicroam' type 8021x connected 0 known_network (null)
> Dec 28 13:24:34 snowflake connmand[266352]:
> plugins/iwd.c:station_property_change() /net/connman/iwd/0/5 scanning
> 0
> Dec 28 13:24:34 snowflake connmand[266352]:
> plugins/iwd.c:station_property_change() /net/connman/iwd/0/5 scanning
> 1
> Dec 28 13:24:34 snowflake connmand[266352]: plugins/iwd.c:ordered_networks_cb()
> <<< REDACTED >>>
> Dec 28 13:24:55 snowflake connmand[266352]: EAP type has not been
> found. Most likely ConnMan is not able to find a configuration for
> given 8021X network. Check SSID or Name match with the network name.
> 
> ^^^^^^^ ------ This was when I tried to ask it to connect prior to
> configuring it
> 
> <<< REDACTED >>>
> Dec 28 13:27:04 snowflake connmand[266352]: Adding configuration publicroam
> Dec 28 13:27:04 snowflake connmand[266352]: Adding service
> configuration publicroam
> 
> ^^^^^^^ ------ Then I added a configuration here
> 
> Dec 28 13:27:04 snowflake connmand[266352]:
> plugins/iwd.c:cm_network_connect_cb()
> /net/connman/iwd/0/5/7075626c6963726f616d_8021x connect failed:
> net.connman.iwd.NotConfigured
> 
> ^^^^^^^ ------ But connecting fails
> 
> Jade
> 

Re: bug: 802.1x configuration is not turned into an iwd KnownNetwork

[Denis Kenzior]

Hi Daniel,

> ConnMan interacts with iwd only via the D-Bus interface. I can't remember that
> we added any code to do any provisioning in iwd (also a quick glance over the
> iwd plugin code doesn't ring any bell). Also I couldn't find any API doc in iwd
> which covers this topic. So I don't know if it is currently possible to
> provision iwd via the D-Bus API.

There's no way to provision 802.1x networks over D-Bus.  However, connman can 
write provisioning files to iwd's storage dir (/var/lib/iwd typically) and iwd 
will pick these up.  This is what the NM backend does.

Regards,
-Denis

Re: bug: 802.1x configuration is not turned into an iwd KnownNetwork

[Daniel Wagner]

Hi Denis

On Tue, Jan 03, 2023 at 09:20:46AM -0600, Denis Kenzior wrote:
> > ConnMan interacts with iwd only via the D-Bus interface. I can't remember that
> > we added any code to do any provisioning in iwd (also a quick glance over the
> > iwd plugin code doesn't ring any bell). Also I couldn't find any API doc in iwd
> > which covers this topic. So I don't know if it is currently possible to
> > provision iwd via the D-Bus API.
> 
> There's no way to provision 802.1x networks over D-Bus.  However, connman
> can write provisioning files to iwd's storage dir (/var/lib/iwd typically)
> and iwd will pick these up.  This is what the NM backend does.

Thanks for the feedback. ConnMan has also no D-Bus API for provisioning a 802.1x
network. The user has to provide a config file for ConnMan for this use case as
too.

Not really sold on the idea to add code to copy over the config settings.

Thanks,
Daniel