Change 802.1x parameters to be valid python identifiers

2026-01-23 02:15:17 +00:00 · 2020-04-21 12:11:35 +10:00 · 2020-04-21 12:11:35 +10:00 · 330729c6dd
commit 330729c6dd
parent 16ba71f303
7 changed files with 137 additions and 134 deletions
--- a/README.md
+++ b/README.md
@ -18,6 +18,7 @@ This role can be used to configure:
 - MacVLAN interfaces
 - Infiniband interfaces
 - IP configuration
+- 802.1x authentication

 Introduction
 ------------
@ -410,7 +411,7 @@ kernel and device, changing some features might not be supported.
      txvlan: yes|no  # optional
 ```

-### `802.1x`
+### `ieee802_1x`

 Configures 802.1x authentication for an interface.

@ -428,15 +429,15 @@ SSL certificates and keys must be deployed on the host prior to running the role

    Identity string for EAP authentication methods.

-* `private-key` (required)
+* `private_key` (required)

    Absolute path to the client's PEM or PKCS#12 encoded private key used for 802.1x authentication.

- * `private-key-password`
+ * `private_key_password`

-    Password to the private key specified in `private-key`.
+    Password to the private key specified in `private_key`.

- * `private-key-password-flags`
+ * `private_key_password_flags`

    List of flags to configure how the private key password is managed.

@ -450,15 +451,15 @@ SSL certificates and keys must be deployed on the host prior to running the role

    See NetworkManager documentation on "Secret flag types" more details (`man 5 nm-settings`).

- * `client-cert` (required)
+ * `client_cert` (required)

    Absolute path to the client's PEM encoded certificate used for 802.1x authentication.

- * `ca-cert`
+ * `ca_cert`

    Absolute path to the PEM encoded certificate authority used to verify the EAP server.

-  * `system-ca-certs`
+  * `system_ca_certs`

    If set to `True`, NetworkManager will use the system's trusted ca certificates to verify the EAP server.

@ -662,15 +663,15 @@ Configuring 802.1x:
 network_connections:
  - name: eth0
    type: ethernet
-    802.1x:
+    ieee802_1x:
      identity: myhost
      eap: tls
-      private-key: /etc/pki/tls/client.key
+      private_key: /etc/pki/tls/client.key
      # recommend vault encrypting the private key password
      # see https://docs.ansible.com/ansible/latest/user_guide/vault.html
-      private-key-password: "p@55w0rD"
-      client-cert: /etc/pki/tls/client.pem
-      ca-cert: /etc/pki/tls/cacert.pem
+      private_key_password: "p@55w0rD"
+      client_cert: /etc/pki/tls/client.pem
+      ca_cert: /etc/pki/tls/cacert.pem
 ```

 ### Invalid and Wrong Configuration
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -20,9 +20,9 @@ network_provider_current: "{{
 # Default to the auto-detected value
 network_provider: "{{ network_provider_current }}"

-# wpa_supplicant is required if any 802.1x connections are defined
+# wpa_supplicant is required if any ieee802_1x connections are defined
 wpa_supplicant_required: "{{ network_connections |
-      json_query('[*][\"802.1x\"]') | flatten | count > 0 }}"
+      json_query('[*][ieee802_1x]') | flatten | count > 0 }}"
 _network_packages_default_802_1x: ["{% if wpa_supplicant_required
      %}wpa_supplicant{% endif %}"]

--- a/examples/eth-with-802-1x.yml
+++ b/examples/eth-with-802-1x.yml
@ -5,15 +5,15 @@
    network_connections:
      - name: eth0
        type: ethernet
-        802.1x:
+        ieee802_1x:
          identity: myhost
          eap: tls
-          private-key: /etc/pki/tls/client.key
+          private_key: /etc/pki/tls/client.key
          # recommend vault encrypting the private key password
          # see https://docs.ansible.com/ansible/latest/user_guide/vault.html
-          private-key-password: "p@55w0rD"
-          client-cert: /etc/pki/tls/client.pem
-          ca-cert: /etc/pki/tls/cacert.pem
+          private_key_password: "p@55w0rD"
+          client_cert: /etc/pki/tls/client.pem
+          ca_cert: /etc/pki/tls/cacert.pem

  # certs have to be deployed first
  pre_tasks:
--- a/library/network_connections.py
+++ b/library/network_connections.py
@ -974,49 +974,51 @@ class NMUtil:
                else:
                    s_ip6.add_route(rr)

-        if connection["802.1x"]:
+        if connection["ieee802_1x"]:
            s_8021x = self.connection_ensure_setting(con, NM.Setting8021x)

-            s_8021x.set_property(NM.SETTING_802_1X_EAP, [connection["802.1x"]["eap"]])
            s_8021x.set_property(
-                NM.SETTING_802_1X_IDENTITY, connection["802.1x"]["identity"]
+                NM.SETTING_802_1X_EAP, [connection["ieee802_1x"]["eap"]]
+            )
+            s_8021x.set_property(
+                NM.SETTING_802_1X_IDENTITY, connection["ieee802_1x"]["identity"]
            )

            s_8021x.set_property(
                NM.SETTING_802_1X_PRIVATE_KEY,
-                Util.path_to_glib_bytes(connection["802.1x"]["private-key"]),
+                Util.path_to_glib_bytes(connection["ieee802_1x"]["private_key"]),
            )

-            if connection["802.1x"]["private-key-password"]:
+            if connection["ieee802_1x"]["private_key_password"]:
                s_8021x.set_property(
                    NM.SETTING_802_1X_PRIVATE_KEY_PASSWORD,
-                    connection["802.1x"]["private-key-password"],
+                    connection["ieee802_1x"]["private_key_password"],
                )

-            if connection["802.1x"]["private-key-password-flags"]:
+            if connection["ieee802_1x"]["private_key_password_flags"]:
                s_8021x.set_secret_flags(
                    NM.SETTING_802_1X_PRIVATE_KEY_PASSWORD,
                    Util.NM().SettingSecretFlags(
                        Util.convert_passwd_flags_nm(
-                            connection["802.1x"]["private-key-password-flags"]
+                            connection["ieee802_1x"]["private_key_password_flags"]
                        ),
                    ),
                )

            s_8021x.set_property(
                NM.SETTING_802_1X_CLIENT_CERT,
-                Util.path_to_glib_bytes(connection["802.1x"]["client-cert"]),
+                Util.path_to_glib_bytes(connection["ieee802_1x"]["client_cert"]),
            )

-            if connection["802.1x"]["ca-cert"]:
+            if connection["ieee802_1x"]["ca_cert"]:
                s_8021x.set_property(
                    NM.SETTING_802_1X_CA_CERT,
-                    Util.path_to_glib_bytes(connection["802.1x"]["ca-cert"]),
+                    Util.path_to_glib_bytes(connection["ieee802_1x"]["ca_cert"]),
                )

            s_8021x.set_property(
                NM.SETTING_802_1X_SYSTEM_CA_CERTS,
-                connection["802.1x"]["system-ca-certs"],
+                connection["ieee802_1x"]["system_ca_certs"],
            )

        try:
--- a/module_utils/network_lsr/argument_validator.py
+++ b/module_utils/network_lsr/argument_validator.py
@ -726,7 +726,7 @@ class ArgValidator_Dict802_1X(ArgValidatorDict):
    def __init__(self):
        ArgValidatorDict.__init__(
            self,
-            name="802.1x",
+            name="ieee802_1x",
            nested=[
                ArgValidatorStr(
                    "eap",
@ -734,19 +734,19 @@ class ArgValidator_Dict802_1X(ArgValidatorDict):
                    default_value="tls",
                ),
                ArgValidatorStr("identity", required=True),
-                ArgValidatorPath("private-key", required=True),
-                ArgValidatorStr("private-key-password"),
+                ArgValidatorPath("private_key", required=True),
+                ArgValidatorStr("private_key_password"),
                ArgValidatorList(
-                    "private-key-password-flags",
+                    "private_key_password_flags",
                    nested=ArgValidatorStr(
-                        "private-key-password-flags[?]",
+                        "private_key_password_flags[?]",
                        enum_values=ArgValidator_Dict802_1X.VALID_PRIVATE_KEY_FLAGS,
                    ),
                    default_value=None,
                ),
-                ArgValidatorPath("client-cert", required=True),
-                ArgValidatorPath("ca-cert"),
-                ArgValidatorBool("system-ca-certs", default_value=False),
+                ArgValidatorPath("client_cert", required=True),
+                ArgValidatorPath("ca_cert"),
+                ArgValidatorBool("system_ca_certs", default_value=False),
            ],
            default_value=None,
        )
@ -1265,7 +1265,7 @@ class ArgValidator_ListConnections(ArgValidatorList):
                )

        # check if 802.1x connection is valid
-        if connection["802.1x"]:
+        if connection["ieee802_1x"]:
            if mode == self.VALIDATE_ONE_MODE_INITSCRIPTS:
                raise ValidationError.from_connection(
                    idx,
--- a/tests/playbooks/tests_802_1x.yml
+++ b/tests/playbooks/tests_802_1x.yml
@ -35,15 +35,15 @@
                    - 203.0.113.2/24
                  dhcp4: "no"
                  auto6: "no"
-                802.1x:
+                ieee802_1x:
                  identity: myhost
                  eap: tls
-                  private-key: /etc/pki/tls/client.key
-                  private-key-password: test
-                  private-key-password-flags:
+                  private_key: /etc/pki/tls/client.key
+                  private_key_password: test
+                  private_key_password_flags:
                    - none
-                  client-cert: /etc/pki/tls/client.pem
-                  ca-cert: /etc/pki/tls/cacert.pem
+                  client_cert: /etc/pki/tls/client.pem
+                  ca_cert: /etc/pki/tls/cacert.pem
        - name: "TEST: I can ping the EAP server"
          shell: ping -c1 203.0.113.1
        - import_role:
@ -78,14 +78,14 @@
                    - 203.0.113.2/24
                  dhcp4: "no"
                  auto6: "no"
-                802.1x:
+                ieee802_1x:
                  identity: myhost
                  eap: tls
-                  private-key: /etc/pki/tls/client.key.nocrypt
-                  client-cert: /etc/pki/tls/client.pem
-                  private-key-password-flags:
+                  private_key: /etc/pki/tls/client.key.nocrypt
+                  client_cert: /etc/pki/tls/client.pem
+                  private_key_password_flags:
                    - not-required
-                  system-ca-certs: True
+                  system_ca_certs: True
        - name: "TEST: I can ping the EAP server"
          shell: ping -c1 203.0.113.1
      always:
--- a/tests/unit/test_network_connections.py
+++ b/tests/unit/test_network_connections.py
@ -154,7 +154,7 @@ class TestValidator(unittest.TestCase):
            },
            "mac": None,
            "master": None,
-            "802.1x": None,
+            "ieee802_1x": None,
            "mtu": None,
            "name": "5",
            "parent": None,
@ -251,7 +251,7 @@ class TestValidator(unittest.TestCase):
                continue
            if "type" not in connection:
                continue
-            if connection["type"] in ["macvlan"] or connection["802.1x"]:
+            if connection["type"] in ["macvlan"] or connection["ieee802_1x"]:
                # initscripts do not support this type. Skip the test.
                continue
            content_current = kwargs.get("initscripts_content_current", None)
@ -397,7 +397,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "5",
                    "parent": None,
@ -448,7 +448,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "5",
                    "parent": None,
@ -493,7 +493,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "5",
                    "parent": None,
@ -581,7 +581,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": "52:54:00:44:9f:ba",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": 1450,
                    "name": "prod1",
                    "parent": None,
@ -643,7 +643,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "prod1",
                    "parent": None,
@ -707,7 +707,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": "52:54:00:44:9f:ba",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": 1450,
                    "name": "prod1",
                    "parent": None,
@ -763,7 +763,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "prod.100",
                    "parent": "prod1",
@ -846,7 +846,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": "52:54:00:44:9f:ba",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": 1450,
                    "name": "prod1",
                    "parent": None,
@ -902,7 +902,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "prod.100",
                    "parent": "prod1",
@ -980,7 +980,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": "33:24:10:24:2f:b9",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": 1450,
                    "name": "eth0-parent",
                    "parent": None,
@ -1031,7 +1031,7 @@ class TestValidator(unittest.TestCase):
                    "mac": None,
                    "macvlan": {"mode": "bridge", "promiscuous": True, "tap": False},
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "veth0.0",
                    "parent": "eth0-parent",
@ -1082,7 +1082,7 @@ class TestValidator(unittest.TestCase):
                    "mac": None,
                    "macvlan": {"mode": "passthru", "promiscuous": False, "tap": True},
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "veth0.1",
                    "parent": "eth0-parent",
@ -1168,7 +1168,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "prod2",
                    "parent": None,
@ -1205,7 +1205,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": "prod2",
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "prod2-slave1",
                    "parent": None,
@ -1266,7 +1266,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "bond1",
                    "parent": None,
@ -1312,7 +1312,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "bond1",
                    "parent": None,
@ -1368,7 +1368,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": "aa:bb:cc:dd:ee:ff",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "5",
                    "parent": None,
@ -1412,7 +1412,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "5",
                    "parent": None,
@ -1484,7 +1484,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "6643-master",
                    "parent": None,
@ -1521,7 +1521,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": "6643-master",
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "6643",
                    "parent": None,
@ -1574,7 +1574,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "infiniband.1",
                    "parent": None,
@ -1645,7 +1645,7 @@ class TestValidator(unittest.TestCase):
                    "mac": "11:22:33:44:55:66:77:88:99:00:"
                    "11:22:33:44:55:66:77:88:99:00",
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "infiniband.2",
                    "parent": None,
@ -1736,7 +1736,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "555",
                    "parent": None,
@ -1835,7 +1835,7 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": None,
+                    "ieee802_1x": None,
                    "mtu": None,
                    "name": "e556",
                    "parent": None,
@ -1929,7 +1929,7 @@ class TestValidator(unittest.TestCase):
                    "ethtool": ETHTOOL_DEFAULTS,
                    "force_state_change": None,
                    "ignore_errors": None,
-                    "interface_name": "802.1x-1",
+                    "interface_name": "eth0",
                    "ip": {
                        "gateway6": None,
                        "gateway4": None,
@ -1947,18 +1947,18 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "/etc/pki/tls/client.key",
-                        "private-key-password": "p@55w0rD",
-                        "private-key-password-flags": None,
-                        "client-cert": "/etc/pki/tls/client.pem",
-                        "ca-cert": "/etc/pki/tls/cacert.pem",
-                        "system-ca-certs": False,
+                        "private_key": "/etc/pki/tls/client.key",
+                        "private_key_password": "p@55w0rD",
+                        "private_key_password_flags": None,
+                        "client_cert": "/etc/pki/tls/client.pem",
+                        "ca_cert": "/etc/pki/tls/cacert.pem",
+                        "system_ca_certs": False,
                    },
                    "mtu": None,
-                    "name": "802.1x-1",
+                    "name": "eth0",
                    "parent": None,
                    "persistent_state": "present",
                    "slave_type": None,
@ -1970,16 +1970,16 @@ class TestValidator(unittest.TestCase):
            ],
            [
                {
-                    "name": "802.1x-1",
+                    "name": "eth0",
                    "state": "up",
                    "type": "ethernet",
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "/etc/pki/tls/client.key",
-                        "private-key-password": "p@55w0rD",
-                        "client-cert": "/etc/pki/tls/client.pem",
-                        "ca-cert": "/etc/pki/tls/cacert.pem",
+                        "private_key": "/etc/pki/tls/client.key",
+                        "private_key_password": "p@55w0rD",
+                        "client_cert": "/etc/pki/tls/client.pem",
+                        "ca_cert": "/etc/pki/tls/cacert.pem",
                    },
                }
            ],
@ -1987,7 +1987,7 @@ class TestValidator(unittest.TestCase):

    def test_802_1x_2(self):
        """
-        Test private key without password and system-ca-certs
+        Test private key without password and system_ca_certs
        """
        self.maxDiff = None
        self.do_connections_validate(
@ -2000,7 +2000,7 @@ class TestValidator(unittest.TestCase):
                    "ethtool": ETHTOOL_DEFAULTS,
                    "force_state_change": None,
                    "ignore_errors": None,
-                    "interface_name": "802.1x-2",
+                    "interface_name": "eth0",
                    "ip": {
                        "gateway6": None,
                        "gateway4": None,
@ -2018,18 +2018,18 @@ class TestValidator(unittest.TestCase):
                    },
                    "mac": None,
                    "master": None,
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "/etc/pki/tls/client.key",
-                        "private-key-password": None,
-                        "private-key-password-flags": ["not-required"],
-                        "client-cert": "/etc/pki/tls/client.pem",
-                        "ca-cert": None,
-                        "system-ca-certs": True,
+                        "private_key": "/etc/pki/tls/client.key",
+                        "private_key_password": None,
+                        "private_key_password_flags": ["not-required"],
+                        "client_cert": "/etc/pki/tls/client.pem",
+                        "ca_cert": None,
+                        "system_ca_certs": True,
                    },
                    "mtu": None,
-                    "name": "802.1x-2",
+                    "name": "eth0",
                    "parent": None,
                    "persistent_state": "present",
                    "slave_type": None,
@ -2041,16 +2041,16 @@ class TestValidator(unittest.TestCase):
            ],
            [
                {
-                    "name": "802.1x-2",
+                    "name": "eth0",
                    "state": "up",
                    "type": "ethernet",
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "/etc/pki/tls/client.key",
-                        "client-cert": "/etc/pki/tls/client.pem",
-                        "private-key-password-flags": ["not-required"],
-                        "system-ca-certs": True,
+                        "private_key": "/etc/pki/tls/client.key",
+                        "client_cert": "/etc/pki/tls/client.pem",
+                        "private_key_password_flags": ["not-required"],
+                        "system_ca_certs": True,
                    },
                }
            ],
@ -2064,16 +2064,16 @@ class TestValidator(unittest.TestCase):
        self.do_connections_check_invalid(
            [
                {
-                    "name": "802.1x-bad",
+                    "name": "eth0",
                    "state": "up",
                    "type": "ethernet",
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "client.key",
-                        "client-cert": "client.pem",
-                        "private-key-password-flags": ["not-required"],
-                        "system-ca-certs": True,
+                        "private_key": "client.key",
+                        "client_cert": "client.pem",
+                        "private_key_password_flags": ["not-required"],
+                        "system_ca_certs": True,
                    },
                }
            ]
@ -2087,16 +2087,16 @@ class TestValidator(unittest.TestCase):
        self.do_connections_check_invalid(
            [
                {
-                    "name": "802.1x-bad",
+                    "name": "eth0",
                    "state": "up",
                    "type": "ethernet",
-                    "802.1x": {
+                    "ieee802_1x": {
                        "identity": "myhost",
                        "eap": "tls",
-                        "private-key": "/etc/pki/tls/client.key",
-                        "client-cert": "/etc/pki/tls/client.pem",
-                        "private-key-password-flags": ["bad-flag"],
-                        "system-ca-certs": True,
+                        "private_key": "/etc/pki/tls/client.key",
+                        "client_cert": "/etc/pki/tls/client.pem",
+                        "private_key_password_flags": ["bad-flag"],
+                        "system_ca_certs": True,
                    },
                }
            ]
@ -2104,20 +2104,20 @@ class TestValidator(unittest.TestCase):

    def test_802_1x_initscripts(self):
        """
-        should fail to create 802.1x connection with initscripts
+        should fail to create ieee802_1x connection with initscripts
        """
        input_connections = [
            {
-                "name": "802.1x-is",
+                "name": "eth0",
                "state": "up",
                "type": "ethernet",
-                "802.1x": {
+                "ieee802_1x": {
                    "identity": "myhost",
                    "eap": "tls",
-                    "private-key": "/etc/pki/tls/client.key",
-                    "client-cert": "/etc/pki/tls/client.pem",
-                    "private-key-password-flags": ["not-required"],
-                    "system-ca-certs": True,
+                    "private_key": "/etc/pki/tls/client.key",
+                    "client_cert": "/etc/pki/tls/client.pem",
+                    "private_key_password_flags": ["not-required"],
+                    "system_ca_certs": True,
                },
            }
        ]
@ -2139,16 +2139,16 @@ class TestValidator(unittest.TestCase):

        input_connections = [
            {
-                "name": "802.1x-bond",
+                "name": "bond0",
                "state": "up",
                "type": "bond",
-                "802.1x": {
+                "ieee802_1x": {
                    "identity": "myhost",
                    "eap": "tls",
-                    "private-key": "/etc/pki/tls/client.key",
-                    "client-cert": "/etc/pki/tls/client.pem",
-                    "private-key-password-flags": ["not-required"],
-                    "system-ca-certs": True,
+                    "private_key": "/etc/pki/tls/client.key",
+                    "client_cert": "/etc/pki/tls/client.pem",
+                    "private_key_password_flags": ["not-required"],
+                    "system_ca_certs": True,
                },
            }
        ]