[Bug 2102097] Re: [SRU] Backport WPA2-PSK-SHA256 support to Ubuntu 22.04

[Lukas Märdian]

The fixes for Oracular and Noble will be tracked as part of a full-
version backport in LP: #2103603.

** Changed in: netplan.io (Ubuntu Oracular)
       Status: New => Invalid

** Changed in: netplan.io (Ubuntu Noble)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netplan.io in Ubuntu.
Matching subscriptions: foundations-bugs
https://bugs.launchpad.net/bugs/2102097

Title:
  [SRU] Backport WPA2-PSK-SHA256 support to Ubuntu 22.04

Status in netplan.io package in Ubuntu:
  Fix Released
Status in netplan.io source package in Jammy:
  New
Status in netplan.io source package in Noble:
  Invalid
Status in netplan.io source package in Oracular:
  Invalid
Status in netplan.io source package in Plucky:
  Fix Released

Bug description:
  Stable Release Update for WPA2-PSK-SHA256 support in netplan.io to
  Jammy.

  Another SRU, for Jammy, was prepared in a separate LP bug and is
  blocking this one:
  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988018.

  [ Impact ]
  This release fixes a bug with wifi feature. It adds support for WPA2-PSK-SHA256:
    https://github.com/canonical/netplan/pull/531

  [ Test Plan ]

  Test purpose:
  Test the WPA-PSK-SHA256 support WPA and WPA2 and the original WPA-PSK still can connect the AP with WPA security protocal.

  Scenario 1: 
    Test the yaml key-management is set to psk-sha256 can support **WPA2 only**.
    HW Setup:
      set up an AP security protocol set to **WPA2 only**.

      Install (Jammy, noble, Oracular) image on machine, and install the
  specific netplan version <need link here>

    Test on renderer is NetworkManager:
       1. Make sure the machine NetworkManager service is activated and the systemd-networkd is not working.
       ```
       $ systemctl status NetworkManager
       <...skip...>
            Active: active
       <...skip...>

       $ systemctl status systemd-networkd
       <...skip...>
            Active: inactive (dead)
       <...skip...>
       ```

       2. Create a testing yaml (ie. `testing_nm_psk256.yaml`) file under `/etc/netplan/` (Please make sure there is no other yaml file which will handle the wifi interface. Or you can just backup those original file to another place)
       ```
       network:
         version: 2
         renderer: NetworkManager
         wifis:
           <wifi interface>:
             access-points:
               <WPA2 only SSID>:
                 auth:
                   key-management: psk-sha256
                   password: insecure
             dhcp4: true
             nameservers: {}

       ```

       3. Run `sudo netplan apply`, and make sure it will not complain
  with any error.

       4. Run `nmcli device show <wifi interface>` to check if the
  connect is routable; Run `sudo wpa_cli status` to check the
  `key_mgmt=WPA2-PSK`

    Test on renderer is systemd-networkd:
       1. Make sure the machine service is systemd-networkd and the NetworkManager is not working (or not exist).
       ```
       $ systemctl status NetworkManager
       <...skip...>
            Active: inactive (dead)
       <...skip...>

       $ systemctl status systemd-networkd
       <...skip...>
            Active: active (running)
       <...skip...>
       ```

       2. Create a testing yaml (ie. `testing_nm_psk256.yaml`) file under `/etc/netplan/`. (Please make sure there is no other yaml file which will handle the wifi interface. Or you can just backup those original file to another place)
       ```
       network:
         version: 2
         wifis:
           <wifi interface>:
             access-points:
               <WPA2 only SSID>:
                 auth:
                   key-management: psk-sha256
                   password: insecure
             dhcp4: true
             nameservers: {}

       ```

       3. Run `sudo netplan apply`, and make sure it will not complain
  with any error.

       4. Run `networkctl status <wifi interface>` to check if the
  connect is routable; Run `sudo wpa_cli status` to check the
  `key_mgmt=WPA2-PSK`

  Scenario 2:
    Test the yaml key-management is set to psk-sha256 can support **WPA only**.
    HW Setup:
      set up an AP security protocol set to **WPA only**. (For now, it's hard to find the AP only support WPA only. We could skip this, is we can't find this AP.)

    The following step is same as the the above.
    The one difference thing is checking the `key_mgmt=WPA-PSK` in `sudo wpa_cli status`

  Scenario 3:
     Test the yaml key-management is set to psk-sha256 can support **WPA+WPA2**.
     HW Setup:
      set up an AP security protocol set to **WPA+WPA2** (For now, most APs are support this.)

     The following step is same as the above.
     Only need to seperate testing the `key-management: psk-sha256` and `key-management: psk` in testing yaml. And check we can correctly connect with the AP. (Checking the key_mgmt in `sudo wpa_cli status` is not necessary in here)

  [ Where problems could occur ]

  [ Other Info ]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2102097/+subscriptions