Age | Commit message (Collapse) | Author | Files | Lines |
|
It updates the file timestamp, which seems undesirable. Skip the update,
if the content didn't change.
(cherry picked from commit 0e63fe58a7ea38250d79214be22eb2eab3f524d6)
|
|
(cherry picked from commit 7d1cfec0b8154cd359f5ea3d3c80488572fb51e6)
|
|
So much duplicate, boilerplate code. Get rid of it.
(cherry picked from commit 5ee2f3d1dc9d37803b40480dc54c3b37ca6a9780)
|
|
dhclient writes binary data as colon-separated hex strings
like nm_utils_bin2hexstr_full() does. But it only writes single
digits for values smaller than 0x10. Add an option to support
that mode.
However, there are many callers of nm_utils_bin2hexstr_full() already,
and they all don't care about the new option. Maybe this should this
not be a boolean argument, instead the function should accept a
flags argument. That is not done for now. Just add another "fuller"
variant. It's still easy to understand, because the "full" variant
is just a more limited functionality of "fuller".
(cherry picked from commit b23c505fca64718bcb28d76d5884110ae64461cb)
|
|
(cherry picked from commit df0408f0f6a9c38e8c9a4aed43efa02cb23de9b6)
|
|
nm_dhcp_client_set_effective_client_id()
Of course, the old "priv->effective_client_id" and the new
"client_id" instances are truly separate, that is, they don't
share data, and destroying "priv->effective_client_id" before
taking a reference on "client_id" causes no problem.
It's still a code smell. It makes the function unnecessarily unsafe
under (very unusual) circumstances.
(cherry picked from commit a3e4f764d1a668a5a806d6e80d575189722f4d14)
|
|
Also for the internal DHCP clients. And validate/normalize the setting
for the dhclient/dhcpcd/dhcdcanon plugins.
(cherry picked from commit ef5333e5cfb422ea562ce04304d90c17a7f10887)
|
|
This will be used to pre-fill the lease with client-specific options.
(cherry picked from commit c020f618ed9446ab163980b2456766a840ed7f65)
|
|
The point of using this trivial helper function is to have one function
that is related to the construction of the options dictionary, that we
can search for.
It answers the question, where do we create a option hash (at `git grep
nm_dhcp_option_create_options_dict`).
(cherry picked from commit ccbe76b81d2bb49d290b01dcf5e9f391279115c6)
|
|
This is so that we can use the same function also to create the
hash for dhclient plugin.
(cherry picked from commit 492818b52940f70d4fd7c553c07770030b56de2e)
|
|
(cherry picked from commit 84b90fbdd38aa6b39a7ac018e9216aecbb6f298c)
|
|
The "lease" mode is unusual, because it means to prefer the DUID
configuration from the DHCP plugin over the explicit configuration in
NetworkManager. It is only for the DHCPv6 DUID and not for the IPv4
client-id. It also is only special for the "dhclient" plugin, because
with the internal plugin, this always corresponds to a generated, stable
DUID.
Commit 58287cbcc0c8 ('core: rework IP configuration in NetworkManager
using layer 3 configuration') broke this. The commit refactored the code
to track the effective-client-id separately. Previously, the client-id which
was read from the dhclient lease, was overwriting NMDhcpClient.client_id. But
with the refactor, it broke because nm_dhcp_client_get_effective_client_id()
was never called.
Fix that.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit bea72c3d6de5a294a89fc659e475fe9db0abf6ac)
|
|
Note that there are no callers of nm_dhcp_client_get_effective_client_id(),
hence calling the setter had no effect. This is a bug, that we will fix
later.
But before fixing the bug, change how this works. Drop the get_duid() hook.
It's only confusing and backward.
We will keep the nm_dhcp_client_[gs]et_effective_client_id() functions.
They will be used later.
(cherry picked from commit 28d7f9b7c4787db101e30a549c6b05aad2ce89c3)
|
|
client
The "effective-client-id" is handled wrongly. Step 1 to clean this up.
Note that NMDhcpClientPrivate.effective_client_id is only ever get/set
via the nm_dhcp_client_[gs]et_effective_client_id() functions.
Note that only a NMDhcpDhclient instance ever calls
nm_dhcp_client_set_effective_client_id().
Hence, for NMDhcpSystemd the effective-client-id is really just the DUID
from the config. Clean this up by not calling nm_dhcp_client_get_effective_client_id()
but use the config directly. There is no change in behavior here.
(cherry picked from commit 05ae48d64e3e5afd2fc8433ac965bc61b0a1f647)
|
|
NM_DHCP_OPTION_DHCP6_{CLIENT,SERVER}_ID enums
(cherry picked from commit 9073628bd61a71ada5d87cfc0304c28d0bdc4291)
|
|
(cherry picked from commit 191a1c74bf19cd00c7f630a0bcdd47a15ad68829)
|
|
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1483
(cherry picked from commit 37ee8ee097ebdb16168fe5e0bdbc69c2ddbd102d)
|
|
The current implementation only checks that a device with name equal
to veth.peer exists and it has a parent device; it doesn't check that
its parent is actually the device we want to create. So for example,
if the profile specifies interface-name A and peer B, while in
platform we have a veth pair {B,C}, we'll skip the interface creation
and the device will remain without a ifindex, leading to a crash
later. Fix this by adding the missing check.
While at it, don't implement the check by inspecting NMDevices but
look directly at the platform cache; that seems more robust because
devices are often updated from platform events via idle handlers and
so the information there could be outdated.
Fixes: 07e0ab48d194 ('veth: drop iface peer check during create_and_realize()')
https://bugzilla.redhat.com/show_bug.cgi?id=2129829
(cherry picked from commit 50f738bde5b441b5ca52024c1a0998399b87337b)
|
|
(cherry picked from commit bdd826a0441965e4f8c6f2936f0e69c3c0621828)
|
|
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1148
(cherry picked from commit 0da9f059e106e669209460bc54faf675454d958a)
|
|
|
|
|
|
The code isn't actually used outside of tests.
Fixes: 15f5d1035254 ('l3cfg: add nm_netns_get_l3cfg() accessor')
(cherry picked from commit e3d3b001e024e7ff6a0250d43076eec16004d42a)
|
|
|
|
For MACsec interfaces, kernel announces the parent ifindex in the
generic IFLA_LINK netlink attribute, which we save in
NMPlatformLink.parent. There is no need to have a dedicate member in
NMPlatformLnkMacsec.
The dedicate member was never set and during a restart of
NetworkManager the parent of the MACsec device could be unset leading
to a failed assertion:
act_stage2_config: assertion 'parent' failed
Fixes: 85103656e97b ('platform: add support for macsec links')
https://bugzilla.redhat.com/show_bug.cgi?id=2122564
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1481
(cherry picked from commit cf11884a85fae8bc34f7c9b3dec7199983c2114a)
|
|
Fixes: 3ce3ed4c92fb ('examples: improve finding last checkpoint in "checkpoint.py"')
(cherry picked from commit 135bbcc0e4f587770ef059ef48cb5501ab72e318)
|
|
Fixes: 0da0293f7ed6 ('nmtst: add nmtst_connection_normalize() function')
(cherry picked from commit afac3d810216652afa114aee91e2d87d1db1ca69)
|
|
Fixes: df30651b8906 ('libnm, cli, ifcfg-rh: add NMSettingEthtool setting')
(cherry picked from commit 373cbcb749941dcecc83bdea010a01ee3037cc87)
|
|
Fixes: de6d069dcedb ('ndisc: send router solicitations before expiry')
(cherry picked from commit 3f04778df291b9e719634dd36c81916cb1971c93)
|
|
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 21887f88fa8e072702cde2dad70e11473ccc028b)
|
|
nm_utils_get_ipv6_interface_identifier() has non-obvious requirements on
the hardware address. If the caller passes a wrong length, it will
trigger an assertion or even cause out of bound read. This would mean
that the caller needs to carefully check the length. Such requirements
on the caller are wrong.
Also, in practice the hardware length comes from platform/kernel. We
don't want to trust that what kernel tells us always has the required
address length, so the caller would always have to double check before
calling the function.
Instead, handle unexpected address lengths.
Fixes: e2270040c0a2 ('core: use Interface Identifiers for IPv6 SLAAC addresses')
Fixes: 1d396e997221 ('core-utils: use 64-bit WPAN address for a 6LoWPAN IID')
(cherry picked from commit 5d86db699bc9c549bf1cd23574f8990a762f60e3)
|
|
For link type NM_LINK_TYPE_6LOWPAN, nm_utils_get_ipv6_interface_identifier()
expects 8 bytes hardware address. It even just accesses the buffer
without checking (that needs to be fixed too).
For 6lowpan devices, the caller might construct a fake ethernet MAC
address, which is only 6 bytes long. So wrong.
Fixes: 49844ea55f1c ('device: generate pseudo 48-bit address from the WPAN short one')
(cherry picked from commit 53d1d8ba91252fa545bd7d8779af3d3f88ef61e4)
|
|
Fixes: e2270040c0a2 ('core: use Interface Identifiers for IPv6 SLAAC addresses')
(cherry picked from commit 0f4114c27c82ce9bfb2e38ff6f7269f6376cb9f8)
|
|
The fields "l3cfg" and "l3cfg_" are union aliases. One of them is const,
the other is not. The idea is that all places that modify the field need
to use the special name "l3cfg_", and grepping for that will lead you to
all the relevant places.
This mistake happened, because g_clear_object() casts constness away.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 8cb739031d0f129dca2dbefaf0bc38ca33216901)
|
|
g_dbus_connection_flush_sync()
"connection" variable might be NULL, which fails an assertion in
g_dbus_connection_flush_sync(). Consequently, "error_flush" is also
NULL which leads to a crash of "nm-dhcp-helper".
Reported-by: Jules Maselbas <jmaselbas@zdiv.net>
Fixes: 240ec7f89119 ('dhcp: implement ACD (address collision detection) for DHCPv4')
(cherry picked from commit 37e130232d1e5f9d6d55f550dc2234545f2fabf7)
|
|
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1460
(cherry picked from commit 8d6cba655574e25d8a08c58e87c9dbd8e6a1bc23)
|
|
(cherry picked from commit dfe63d9eb3e11e67c0d4c5e1e64148e21a822d99)
|
|
See wpa_supplicant commit [1]:
macsec: Make pre-shared CKN variable length
IEEE Std 802.1X-2010, 9.3.1 defines following restrictions for
CKN:
"MKA places no restriction on the format of the CKN, save that it
comprise an integral number of octets, between 1 and 32
(inclusive), and that all potential members of the CA use the same
CKN. No further constraints are placed on the CKNs used with PSKs,
..."
Hence do not require a 32 octet long CKN but instead allow a
shorter CKN to be configured.
This fixes interoperability with some Aruba switches, that do not
accept a 32 octet long CKN (only support shorter ones).
[1] https://w1.fi/cgit/hostap/commit/?id=b678ed1efc50e8da4638d962f8eac13312a4048f
(cherry picked from commit df999d1fca209767a235b5aaa6e3e7e5294746fc)
|
|
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1459
https://bugzilla.redhat.com/show_bug.cgi?id=2122564
(cherry picked from commit fb3be35b8b97ad045044ac8628f5069e1a087554)
|
|
When called with update_carrier=TRUE, nm_device_bring_up_full() checks
for carrier changes and it may queue a transition to DISCONNECTED
through the following call chain:
-> nm_device_bring_up_full()
-> nm_device_set_carrier_from_platform()
-> nm_device_set_carrier()
-> carrier_changed()
-> nm_device_queue_state()
In _set_state_full(state=UNAVAILABLE) after bringing the interface up
we also call nm_device_cleanup() which clears the enqueued state
change to DISCONNECTED. When this happens, the device remains in
UNAVAILABLE and never gets activated even if it was ready.
This was observed with macsec interfaces, but in theory can happen
with all those interfaces that get carrier immediately after being
brought up.
Avoid this issue by not checking the carrier synchronously from
_set_state_full(). The carrier change event will be processed in the
next asynchronous invocation of device_link_changed().
https://bugzilla.redhat.com/show_bug.cgi?id=2122564
(cherry picked from commit 07bc5121a771b54a2c1e8d14e72cd1e263561f66)
|
|
In some situations we need to avoid updating the carrier status
synchronously from nm_device_bring_up_full(). Add a flag for that.
(cherry picked from commit 9fd9eaf27619375a24f87dab36fee0f2ecae6629)
|
|
In the next commit nm_device_bring_up() will be extended with a new
argument. Most callers just want to bring up the device synchronously
and don't care about the "no_firmware" argument. Introduce a
nm_device_bring_up_full() for callers that need special behavior.
(cherry picked from commit 861934a5101163ddb45af18ba0604df8796684f5)
|
|
|
|
|
|
|
|
gcc-12.2.1_git20220924-r4 (on Alpine Linux) warns:
../src/libnm-core-impl/nm-utils.c: In function 'nm_sock_addr_endpoint_new':
../src/libnm-core-impl/nm-utils.c:168:18: error: 'port' may be used uninitialized [-Werror=maybe-uninitialized]
168 | ep->port = port;
| ~~~~~~~~~^~~~~~
../src/libnm-core-impl/nm-utils.c:150:25: note: 'port' was declared here
150 | guint16 port;
| ^~~~
Workaround.
Fixes: 713e879d769f ('libnm: add NMSockAddrEndpoint API')
(cherry picked from commit 3515324e90f1f6605a4690fafd53c7d41fd0f55a)
|
|
Call teamdctl_port_config_update_raw() when we're attaching a port even
if all of team-slave setting properties are default.
This is done to ensure teamd "knows" about the port (that is,
"teamdctl ... port present" returns success) when we're done activating
the slave connection. It will pick it up anyway from netlink, but that
can happen after the activation is done, resulting in a possible race.
Fixes-test: @remove_active_team_profile
https://bugzilla.redhat.com/show_bug.cgi?id=2102375
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1421
(cherry picked from commit 6897f6e6df9f8a36950694bdd6146d27349f353d)
|
|
If teamd crashes, we restore it. That's very nice, but if it really
crashed then it left ports attached and the slave connections are not
going to fail and the port configuration (e.g. priority or link watcher) in
teamd's memory will be gone.
This will restore the port configuration when the teamd connection is
re-established. This probably also fixes a race where a slave connection
would be enslaved (only possible externally and manually?) while we
didn't establish a connection to teamd yet. We'll just send the port
configuration in once're connected.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1361
(cherry picked from commit f3327835c1c90840315692fb10a624dcc89386f9)
|
|
This reads a little better and performs marginally better.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1361
(cherry picked from commit 38251ad59f41ea2b5ec66febeb82948e15f10dbb)
|
|
|