delta/NetworkManager.git/examples, branch th/strsplit gitlab.freedesktop.org: NetworkManager/NetworkManager.git examples: drop rtl drivers from the mac address change blacklist 2019-04-08T08:10:25+00:00 Lubomir Rintel lkundrak@v3.sk 2019-04-08T08:10:25+00:00 a4a6a6b6ee907ad0ca4304f5f332354278bdcdc3 Just in case anyone uses this file as-is; I believe that these drivers don't need to be in a blacklist. There's a good chance they either work or we can detect failure to change a MAC address on runtime and act accordingly. Blacklisting the driver gives the driver maintainers no chance to fix the behavior and we are not able to log a warning on failure. 
Just in case anyone uses this file as-is; I believe that these drivers
don't need to be in a blacklist. There's a good chance they either work
or we can detect failure to change a MAC address on runtime and act
accordingly.

Blacklisting the driver gives the driver maintainers no chance to fix
the behavior and we are not able to log a warning on failure.
examples: don't set "ethernet.cloned-mac-address" in "10-no-wifi-scan-rand-mac-address.conf" 2019-04-08T07:49:05+00:00 Thomas Haller thaller@redhat.com 2019-04-05T14:48:45+00:00 ce7a631ae6464290e3abfaa38a6905f7d88c6657 These are workarounds for Wi-Fi drivers. Don't set the unrelated "ethernet.cloned-mac-address" property. 
These are workarounds for Wi-Fi drivers. Don't set the unrelated
"ethernet.cloned-mac-address" property.
examples: blacklist drivers "wl" and "8188eu" in "31-mac-addr-change.conf" for "wifi.scan-rand-mac-address" 2019-04-05T14:13:32+00:00 Thomas Haller thaller@redhat.com 2019-04-05T13:36:26+00:00 78d9bd62ff152523489226b0bc7fd4f2b8ddc80d These drivers work bad with changing the MAC address. See [1], [2], [3] for reports about failures with "wl" driver. [3] also blacklists driver "8188eu". While we already blacklist "r8188eu", it seems that some installations use the alternative name "8188eu" [4]. "wpasupplicant" package on Ubuntu 18.04 (bionic) provides the file "/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf", which blacklists the same drivers. See also bug [3] which added the file. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1695696 [2] https://bugzilla.gnome.org/show_bug.cgi?id=777523#c27 [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833507 [4] https://github.com/lwfinger/rtl8188eu/blob/9a56f32c2a46be5b81f0eedf49ad44ea8f10bfae/dkms.conf 
These drivers work bad with changing the MAC address.

See [1], [2], [3] for reports about failures with "wl" driver.

[3] also blacklists driver "8188eu". While we already blacklist "r8188eu",
it seems that some installations use the alternative name "8188eu" [4].

"wpasupplicant" package on Ubuntu 18.04 (bionic) provides the file
"/usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf", which
blacklists the same drivers. See also bug [3] which added the file.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1695696
[2] https://bugzilla.gnome.org/show_bug.cgi?id=777523#c27
[3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833507
[4] https://github.com/lwfinger/rtl8188eu/blob/9a56f32c2a46be5b81f0eedf49ad44ea8f10bfae/dkms.conf
all: codespell fixes 2019-03-11T11:03:46+00:00 Lubomir Rintel lkundrak@v3.sk 2019-03-11T11:00:32+00:00 4251f4e4764a4ec11765390bc36c2a007382009d Codespel run with the same arguments as described in commit 58510ed56679 ('docs: misc. typos pt2'). (cherry picked from commit bf0c4e6ac2855088e3962693886bb6ab71856f7b) 
Codespel run with the same arguments as described in
commit 58510ed56679 ('docs: misc. typos pt2').

(cherry picked from commit bf0c4e6ac2855088e3962693886bb6ab71856f7b)
libnm: change nm_wireguard_peer_set_endpoint() API to allow validation 2019-03-07T21:22:39+00:00 Thomas Haller thaller@redhat.com 2019-03-01T14:52:19+00:00 f617d5e8b4c421f0812d4fc9bf6780cc51a74d90 This is an API break since 1.16-rc1. Similar to previous commit. (cherry picked from commit 8ae9aa2428c10aafb837c692fb39bfd04ef4235c) 
This is an API break since 1.16-rc1.

Similar to previous commit.

(cherry picked from commit 8ae9aa2428c10aafb837c692fb39bfd04ef4235c)
libnm: change nm_wireguard_peer_set_public_key() API to allow validation 2019-03-07T21:22:39+00:00 Thomas Haller thaller@redhat.com 2019-03-01T14:52:19+00:00 6452d2d0e54cbb4a4acb380d5f8a4a76326bb700 This is an API break since 1.16-rc1. Similar to previous commit. (cherry picked from commit 7962653918fbfd66b549d389a1cb2cf96ae0d3eb) 
This is an API break since 1.16-rc1.

Similar to previous commit.

(cherry picked from commit 7962653918fbfd66b549d389a1cb2cf96ae0d3eb)
libnm: change nm_wireguard_peer_set_preshared_key() API to allow validation 2019-03-07T21:22:39+00:00 Thomas Haller thaller@redhat.com 2019-03-01T14:52:19+00:00 76828262299729e718924d5c14a69cfdc5cf48fa This is an API break since 1.16-rc1. The functions like _nm_utils_wireguard_decode_key() are internal API and not accessible to a libnm user. Maybe this should be public API, but for now it is not. That makes it cumbersome for a client to validate the setting. The client could only reimplement the validation (bad) or go ahead and set invalid value. When setting an invalid value, the user can afterwards detect it via nm_wireguard_peer_is_valid(), but at that point, it's not clear which exact property is invalid. First I wanted to keep the API conservative and not promissing too much. For example, not promising to do any validation when setting the key. However, libnm indeed validates the key at the time of setting it instead of doing lazy validation later. This makes sense, so we can keep this promise and just expose the validation result to the caller. Another downside of this is that the API just got more complicated. But it not provides a validation API, that we previously did not have. (cherry picked from commit d7bc1750c1bcc5082528d1f277e09454b2cbf1c2) 
This is an API break since 1.16-rc1.

The functions like _nm_utils_wireguard_decode_key() are internal API
and not accessible to a libnm user. Maybe this should be public API,
but for now it is not.

That makes it cumbersome for a client to validate the setting. The client
could only reimplement the validation (bad) or go ahead and set invalid
value.

When setting an invalid value, the user can afterwards detect it via
nm_wireguard_peer_is_valid(), but at that point, it's not clear which
exact property is invalid.

First I wanted to keep the API conservative and not promissing too much.
For example, not promising to do any validation when setting the key.
However, libnm indeed validates the key at the time of setting it
instead of doing lazy validation later. This makes sense, so we can
keep this promise and just expose the validation result to the caller.

Another downside of this is that the API just got more complicated.
But it not provides a validation API, that we previously did not have.

(cherry picked from commit d7bc1750c1bcc5082528d1f277e09454b2cbf1c2)
examples: fix handling secrets in nm-wg-set 2019-02-26T08:40:57+00:00 Thomas Haller thaller@redhat.com 2019-02-26T07:52:17+00:00 4c8ff6f2207cb49d8770c46bac49afc8214da86e When setting any secrets via D-Bus' Update2 call, then it assumes that all settings are reset. That means, when we modify any secrets in the client, we need to first load them all. Anyway, load always all secrets, then we can also print them in the get output. Honor WG_HIDE_KEYS like `wg` does. (cherry picked from commit 6aa9e52bd88670f10861e402a8c61c282a1e97c2) 
When setting any secrets via D-Bus' Update2 call, then
it assumes that all settings are reset. That means, when
we modify any secrets in the client, we need to first load
them all.

Anyway, load always all secrets, then we can also print them
in the get output.

Honor WG_HIDE_KEYS like `wg` does.

(cherry picked from commit 6aa9e52bd88670f10861e402a8c61c282a1e97c2)
examples: improve hints about existing WireGuard profiles in nm-wg-set 2019-02-26T08:40:56+00:00 Thomas Haller thaller@redhat.com 2019-02-25T20:59:03+00:00 8b4247d31d8cba5d16cf3f9046a87bd4b257d6b9 (cherry picked from commit b5a458c5ffeec091cc60abbabaed4d1a49952872) 
(cherry picked from commit b5a458c5ffeec091cc60abbabaed4d1a49952872)
examples: add python example script "nm-wg-set" for modifying WireGuard profile 2019-02-22T10:00:11+00:00 Thomas Haller thaller@redhat.com 2019-01-08T10:10:25+00:00 debd022a6d23e372d7940231e12f17bc5578c3d4 Use the script to test how GObject introspection with libnm's WireGuard support works. Also, since support for WireGuard peers is not yet implemented in nmcli (or other clients), this script is rather useful. 
Use the script to test how GObject introspection with libnm's WireGuard
support works.

Also, since support for WireGuard peers is not yet implemented in nmcli
(or other clients), this script is rather useful.