From 67f1da27fe95fbe09999a953558a0b3e4dcfdd69 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 26 May 2020 15:26:04 +0200
Subject: [PATCH] ifcfg-rh: fix handling "802-1x.{phase2-,}ca-path" in ifcfg-rh
 settings plugin

https://bugzilla.redhat.com/show_bug.cgi?id=1840210
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/448
(cherry picked from commit b6b6639c7c8fa667b8fcbc310b65d88124fdc260)
---
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 8 ++++++++
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c  | 2 ++
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h  | 2 +-
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 5 +++++
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index 7adafb5877..b86481fb6c 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -3682,6 +3682,14 @@ next:
 	timeout = svGetValueInt64 (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", 10, 0, G_MAXINT32, 0);
 	g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_TIMEOUT, (int) timeout, NULL);
 
+	nm_clear_g_free (&value);
+	v = svGetValueStr (ifcfg, "IEEE_8021X_CA_PATH", &value);
+	g_object_set (s_8021x, NM_SETTING_802_1X_CA_PATH, v, NULL);
+
+	nm_clear_g_free (&value);
+	v = svGetValueStr (ifcfg, "IEEE_8021X_PHASE2_CA_PATH", &value);
+	g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_CA_PATH, v, NULL);
+
 	g_object_set (s_8021x,
 	              NM_SETTING_802_1X_OPTIONAL,
 	              svGetValueBoolean (ifcfg, "IEEE_8021X_OPTIONAL", FALSE),
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
index d324361756..bc6f1fa4b3 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
@@ -812,6 +812,7 @@ const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[] = {
 	_KEY_TYPE ("IEEE_8021X_CA_CERT",                          NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_CA_CERT_PASSWORD",                 NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_CA_CERT_PASSWORD_FLAGS",           NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
+	_KEY_TYPE ("IEEE_8021X_CA_PATH",                          NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_CLIENT_CERT",                      NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_CLIENT_CERT_PASSWORD",             NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_CLIENT_CERT_PASSWORD_FLAGS",       NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
@@ -840,6 +841,7 @@ const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[] = {
 	_KEY_TYPE ("IEEE_8021X_PEAP_VERSION",                     NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_PHASE1_AUTH_FLAGS",                NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_PHASE2_ALTSUBJECT_MATCHES",        NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
+	_KEY_TYPE ("IEEE_8021X_PHASE2_CA_PATH",                   NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_PHASE2_DOMAIN_MATCH",              NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_PHASE2_DOMAIN_SUFFIX_MATCH",       NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("IEEE_8021X_PHASE2_SUBJECT_MATCH",             NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
index 056d03fabe..3ee75fe5ac 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
@@ -33,7 +33,7 @@ typedef struct {
 	NMSIfcfgKeyTypeFlags key_flags;
 } NMSIfcfgKeyTypeInfo;
 
-extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[232];
+extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[234];
 
 const NMSIfcfgKeyTypeInfo *nms_ifcfg_well_known_key_find_info (const char *key, gssize *out_idx);
 
diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index a0797fdc79..fde4194c72 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -515,6 +515,11 @@ write_8021x_setting (NMConnection *connection,
 	                             "IEEE_8021X_OPTIONAL",
 	                             nm_setting_802_1x_get_optional (s_8021x));
 
+	svSetValue (ifcfg, "IEEE_8021X_CA_PATH",
+	            nm_setting_802_1x_get_ca_path (s_8021x));
+	svSetValue (ifcfg, "IEEE_8021X_PHASE2_CA_PATH",
+	            nm_setting_802_1x_get_phase2_ca_path (s_8021x));
+
 	if (!write_8021x_certs (s_8021x, secrets, blobs, FALSE, ifcfg, error))
 		return FALSE;