Fields missing from eap-config

[jornane]

Issue type

• Defect - Non-compliance with a standards document or incorrect OS API usage.
• Defect - Unexpected behaviour (obvious or has been verified by a project member).

Defect/Feature description

How to reproduce issue

Set any or all of the following options in a profile:

• Mandatory Content Filtering Proxy
• Remove/Disable SSID
• Configure Wired Ethernet

Download the eap-config file for the profile. None of these settings are represented in the file.

Detail of issue

These settings should be reflected in the eap-config file.

[restena-sw]

There are three issues in one here. What I can confirm (and that's why I assign it to @mgw) is that there is an element in XML Schema for wired ethernet, but it is never set by current code. See CredentialApplicabilityType in schema (it has IEEE8023 as one of the applicable types) but the code never sets it (see devices/xml/DeviceXML.php / getCredentialApplicability() ).

This should be fixed in branch and part of the next patchlevel release.

[restena-sw]

Eh it's @majagw actually, not @mgw, sorry

[restena-sw]

In what relates to the "Mandatory Content Filtering Proxy": this was never more than an experiment, and implemented exclusively for macOS/iOS installers.

Please read issue https://github.com/GEANT/CAT/issues/96 for the - very - long history behind this option.

There are many discussion points in there which make clear that it is really a very very bad idea to enforce a specific proxy on the IdP side. To be honest, I would much rather remove this option entirely. Especially since we never got sufficiently substantiated feedback on the implementation for macOS/iOS. I supect it simply doesn't solve the problem of the people who proposed it, so it should rather not exist any more.

[jornane]

FWIW, I would also like to see the proxy setting go away, so if that is the proposed solution I'm all for it; it would save us work implementing the feature in geteduroam. As it stands now, however, there is a discrepancy between the profile settings and how the eap-config file represents it. This may make it easy for users to circumvent the policy.

As for documentation on wired ethernet, do you have an authoritative copy of the schema and the documentation? The IETF link in the CAT description has been expired for a while now.

[twoln]

We have been implementing this essentially for Android phones therefore the wired part was left alone as unlikely to be used. With the current wider adoption of the profile it does of course make sense to add this and it will be done.

[twoln]

About the remove/disable - is there a matching element in the schema?

[restena-sw]

@twoln commit https://github.com/GEANT/CAT/commit/fb07bbe0ab5155e457e569d7494e3646d696f88c fixed the part about wired not being set

[restena-sw]

I've asked the only one I know who wanted the proxy feature if he still sees utlity in it. Let's see...

[restena-sw]

And since the question of remove/disable is now part of #190, that proxy item is now the only sub-issue remaining here.

[restena-sw]

After checking back with the person who wanted the "proxy" feature initially, they asked to keep the option in the source code please. In order to get geteduroam off the hook, the tooltip for this option now makes it explicit that it won't work anywhere except Apple installers and that it is experimental.

[restena-sw]

Okay, and now with schema changes tracked in #190, nothing remains to be done here. Closing the issue.