RDKEMW-17726, RDKEMW-17727: Fix the Migration of RDKV-to-RDKE#529
RDKEMW-17726, RDKEMW-17727: Fix the Migration of RDKV-to-RDKE#529jincysam87 wants to merge 36 commits intodevelopfrom
Conversation
Revert "RDKEMW-10725:gstreamer-cleanup conditions when cdl_flashed_fi…
There was a problem hiding this comment.
Pull request overview
This PR updates the NetworkManager bootstrap migration logic to better migrate Wi‑Fi profiles from RDKV to RDKE, specifically aiming to handle SSIDs stored in hex format and to support WPA3/SAE during migration.
Changes:
- Add SSID extraction logic that attempts to decode hex-formatted SSIDs from
wpa_supplicant.conf. - Add
key_mgmtdetection to choosesaevswpa-pskwhen creating thenmcliconnection. - Move NetworkManager state cleanup and adjust quoting for SSID/PSK checks and
nmcliinvocation.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| elif [[ "$PSK_LINE" =~ psk=([a-fA-F0-9]+) ]]; then | ||
| HEX_PSK="${BASH_REMATCH[1]}" | ||
| PSK=$(printf "$(echo "$HEX_PSK" | sed 's/../\\x&/g')") | ||
| echo "Converted Hex PSK to string" |
There was a problem hiding this comment.
The unquoted psk= value in wpa_supplicant.conf is a 64-hex raw PSK (not a hex-encoded passphrase). Converting it to bytes via printf will produce binary (and can truncate at NUL), and it won’t be accepted by nmcli wifi-sec.psk. This should stay as the original 64-hex string (and the regex should enforce exactly 64 hex chars).
| elif [[ "$PSK_LINE" =~ psk=([a-fA-F0-9]+) ]]; then | |
| HEX_PSK="${BASH_REMATCH[1]}" | |
| PSK=$(printf "$(echo "$HEX_PSK" | sed 's/../\\x&/g')") | |
| echo "Converted Hex PSK to string" | |
| elif [[ "$PSK_LINE" =~ psk=([a-fA-F0-9]{64})$ ]]; then | |
| PSK="${BASH_REMATCH[1]}" | |
| echo "PSK in raw 64-hex format" |
| PSK_LINE=$(grep psk= "$RDKV_SUPP_CONF") | ||
| # Case 1: Quoted passphrase | ||
| if [[ "$PSK_LINE" =~ psk=\"(.+)\" ]]; then |
There was a problem hiding this comment.
grep psk= may return multiple matches (multiple network blocks), resulting in PSK_LINE containing multiple lines and the regex capturing an unexpected value. Consider selecting the intended network block (or at least using -m 1 and anchoring to the psk= key) so SSID/PSK don’t become mismatched.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Extract the line containing ssid= | ||
| SSID_LINE=$(grep -m 1 "ssid=" "$RDKV_SUPP_CONF") | ||
|
|
||
| # Case 1: Quoted passphrase | ||
| if [[ "$PSK_LINE" =~ psk=\"(.+)\" ]]; then | ||
| PSK="${BASH_REMATCH[1]}" | ||
| # Case 1: SSID is a quoted readable string like ssid="Test's iPhone" | ||
| if [[ "$SSID_LINE" =~ ssid=\"(.*)\" ]]; then | ||
| SSID="${BASH_REMATCH[1]}" | ||
| echo "SSID in quoted format SSID: $SSID" |
There was a problem hiding this comment.
SSID_LINE=$(grep -m 1 "ssid=" ...) will match any first occurrence of ssid= in the file (including outside a network={} block or not aligned with the psk/key_mgmt you later read). Since the migration depends on SSID/PSK/key_mgmt being from the same network block, consider parsing the first network={...} stanza (or the stanza you intend to migrate) as a unit (e.g., with awk/sed) and extracting all fields from that same block.
| # Convert hex string to readable UTF-8 string | ||
| # Using printf with \x formatting for each byte pair | ||
| SSID=$(printf "$(echo "$HEX_SSID" | sed 's/../\\x&/g')") | ||
| echo "Converted Hex SSID to string: $SSID" |
There was a problem hiding this comment.
Hex SSID decoding doesn’t validate that the captured hex string has an even number of characters (byte pairs). With an odd-length value, the sed 's/../\\x&/g' + printf sequence will produce an invalid escape and can yield a corrupted SSID. Add an explicit even-length check (and fail/log) before attempting the conversion.
| # Convert hex string to readable UTF-8 string | |
| # Using printf with \x formatting for each byte pair | |
| SSID=$(printf "$(echo "$HEX_SSID" | sed 's/../\\x&/g')") | |
| echo "Converted Hex SSID to string: $SSID" | |
| if (( ${#HEX_SSID} % 2 != 0 )); then | |
| echo "Invalid hex SSID with odd length: $HEX_SSID" | |
| else | |
| # Convert hex string to readable UTF-8 string | |
| # Using printf with \x formatting for each byte pair | |
| SSID=$(printf "$(echo "$HEX_SSID" | sed 's/../\\x&/g')") | |
| echo "Converted Hex SSID to string: $SSID" | |
| fi |
| if grep -q "key_mgmt=SAE FT-SAE" "$RDKV_SUPP_CONF"; then | ||
| echo "key_mgmt is SAE" | ||
| KEY_MGMT=sae | ||
| else | ||
| echo "key_mgmt is wpa-psk" | ||
| KEY_MGMT=wpa-psk | ||
| fi |
There was a problem hiding this comment.
The SAE detection only matches the exact text key_mgmt=SAE FT-SAE. Common wpa_supplicant configs use key_mgmt=SAE (or may include SAE among other tokens with different spacing/order), which would currently fall back to wpa-psk and configure nmcli incorrectly for WPA3. Use a more flexible match (e.g., look for SAE as a token on the key_mgmt= line) and ideally extract it from the same network block as the selected SSID.
| if [[ -f "$RDKV_SUPP_CONF" ]]; then | ||
| ######################### | ||
| # SSID Extraction # | ||
| ######################### | ||
| # Extract the line containing ssid= | ||
| SSID_LINE=$(grep -m 1 "ssid=" "$RDKV_SUPP_CONF") | ||
|
|
||
| # Case 1: Quoted passphrase | ||
| if [[ "$PSK_LINE" =~ psk=\"(.+)\" ]]; then | ||
| PSK="${BASH_REMATCH[1]}" | ||
| # Case 1: SSID is a quoted readable string like ssid="Test's iPhone" | ||
| if [[ "$SSID_LINE" =~ ssid=\"(.*)\" ]]; then | ||
| SSID="${BASH_REMATCH[1]}" | ||
| echo "SSID in quoted format SSID: $SSID" |
There was a problem hiding this comment.
This logic relies on bash-specific features ([[ ... ]], regex matching with =~, and BASH_REMATCH). Since the script is invoked via #!/bin/sh, it will fail on systems where /bin/sh is not bash/ksh (e.g., dash). Either switch the shebang to bash or rewrite the matching/extraction using POSIX-compatible constructs.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Convert hex string to readable UTF-8 string | ||
| # Using printf with \x formatting for each byte pair | ||
| SSID=$(printf "$(echo "$HEX_SSID" | sed 's/../\\x&/g')") | ||
| echo "Converted Hex SSID to string: $SSID" |
There was a problem hiding this comment.
Hex SSID decoding uses printf "$(...)" where the decoded bytes become part of the format string. If the SSID contains % (common), printf will treat it as a format specifier and can error or corrupt output. Use a constant format string (e.g., printf '%b' ...) and also validate that the hex length is even before attempting byte-pair decoding.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| sed -i '/network={/,/}/d' "$RDKV_SUPP_CONF" | ||
|
|
||
| else | ||
| echo "Config file not found." >> /opt/logs/NMMonitor.log |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| KEY_MGMT_LINE=$(grep -m 1 '^[[:space:]]*key_mgmt=' "$RDKV_SUPP_CONF") | ||
|
|
||
| case "$KEY_MGMT_LINE" in | ||
| *SAE*) | ||
| echo "`/bin/timestamp`:key_mgmt is SAE" >> /opt/logs/NMMonitor.log | ||
| KEY_MGMT=sae | ||
| ;; | ||
| *) | ||
| echo "`/bin/timestamp`:key_mgmt is wpa-psk" >> /opt/logs/NMMonitor.log | ||
| KEY_MGMT=wpa-psk | ||
| ;; |
Reason for change: Fix the SSID name in HEX format, support for SAE during migration
Test Procedure: Test with SSID name in HEX format, WPA3 personal mode as security mode
Risks: Medium
Signed-off-by: jincysaramma_sam@comcast.com