nm: use netplan_netdef_get_output_filename() for connection file paths#583
Draft
rone-oliver wants to merge 6 commits intocanonical:mainfrom
Draft
Conversation
SSIDs containing multi-byte UTF-8 characters (e.g. emojis) are percent-encoded by g_uri_escape_string(), expanding each byte to 3 characters. This causes the .nmconnection filename basename to exceed NAME_MAX (255 bytes), crashing NetworkManager with "File name too long". If the candidate basename exceeds NAME_MAX, replace the percent-encoded SSID with a SHA-256 hex digest of the raw SSID bytes. This guarantees a valid-length (91-byte), unique filename regardless of SSID content. Apply the same fix in netplan_get_id_from_nm_filepath() so the reverse lookup falls back to the hashed suffix when the escaped form is absent. Fixes: LP: #2147259
Add test_write_wifi_long_ssid_uses_hash() to test_netplan_nm.c to exercise the NAME_MAX overflow path in write_nm_conf_access_point(). A 20-emoji SSID in NM decimal-byte format (320 chars with semicolons) produces a 507-byte candidate basename when percent-encoded, exceeding NAME_MAX (255). The test verifies that _netplan_netdef_write_nm() falls back to a SHA-256 digest filename and that the basename is within NAME_MAX. Closes the coverage gap introduced by LP: #2147259 fix.
The 'long_ssid' ctests used raw UTF-8 emoji bytes, but
g_uri_escape_string() with allow_utf8=TRUE passes valid UTF-8
sequences through unescaped (80 bytes → 107-byte basename, well
under NAME_MAX). Those tests never triggered the SHA-256 hash
fallback, leaving lines 649-651 and 690-691 of util.c uncovered.
Change the SSID in both tests to the NM decimal-byte format
("240;159;152;128;" × 20). Semicolons encode to '%3B', yielding a
480-char escaped SSID and a 507-byte candidate basename > NAME_MAX,
which correctly exercises the hash path.
Also add the expected-hash assertion to
test_netplan_netdef_get_output_filename_nm_with_long_ssid to verify
the SHA-256 digest (not the escaped form) appears in the filename.
Fix a missing LCOV_EXCL_LINE on the chown() failure branch in
_netplan_g_string_free_to_file_with_permissions (consistent with the
surrounding getpwnam/getgrnam failure lines already marked).
Replace the duplicate inline filename construction logic in write_nm_conf_access_point() with a call to the centralized netplan_netdef_get_output_filename() API, resolving two TODO comments. The NAME_MAX overflow fix for multi-byte SSIDs (LP: #2147259) now lives in exactly one place. nm.c no longer constructs or escapes filenames directly.
…x/nm-ssid-filename-name-max-overflow
…ub.com/rone-oliver/netplan into refactor/nm-use-netplan-netdef-get-output-filename
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Stacked on #580 — review commit
761b3aeonly. The earliercommits belong to PR #580 > and will disappear from this diff once
that PR merges and this branch is rebased.
Replaces the duplicate inline filename construction logic in
write_nm_conf_access_point()with a call to the centralizednetplan_netdef_get_output_filename()API, resolving the two TODOcomments left in the original fix.
The NAME_MAX overflow fix for multi-byte SSIDs (LP: #2147259) now lives
in exactly one place (
src/util.c).nm.cno longer constructs,escapes, or hashes filenames directly.
No behaviour change — all existing tests pass unchanged.
Checklist
make checksuccessfully.make check-coverage).