delta/NetworkManager.git/src/nm-auth-manager.c, branch th/strsplit gitlab.freedesktop.org: NetworkManager/NetworkManager.git auth-manager: use the correct function to deallocate a GError 2018-05-02T12:55:01+00:00 Lubomir Rintel lkundrak@v3.sk 2018-04-26T20:48:35+00:00 2244352583100166efe655f6fccba86039c8daab This one ruins the party. 
This one ruins the party.
auth-manager: drop an unused variable 2018-04-23T06:26:05+00:00 Lubomir Rintel lkundrak@v3.sk 2018-04-23T06:25:40+00:00 40ce80cb50c36dc0ee66175920a72bf918a5b7ba src/nm-auth-manager.c:673:24: error: unused variable 'error_disposing' [-Werror,-Wunused-variable] gs_free_error GError *error_disposing = NULL; ^ Fixes: 2ea2df3184d45567fa9c44f5ef90634a779bfb75 
src/nm-auth-manager.c:673:24: error: unused variable 'error_disposing' [-Werror,-Wunused-variable]
        gs_free_error GError *error_disposing = NULL;
                              ^

Fixes: 2ea2df3184d45567fa9c44f5ef90634a779bfb75
shared: drop duplicate c-list.h header 2018-04-18T13:22:14+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-06T14:40:23+00:00 19876b4cfed86f79c43ba8d6e57f6383deb43e6f Use the one from the project just imported. 
Use the one from the project just imported.
auth-manager: fix potential issue iterating modified CList in _dbus_new_proxy_cb() 2018-04-18T05:51:29+00:00 Thomas Haller thaller@redhat.com 2018-04-18T05:51:27+00:00 a99d51cb501d4a4022273aeb0622e1a8eaac2657 In the loop, we invoke callbacks. What the callbacks do, is out of control of NMAuthManager. For example, they could cancel or schedule new requests. Especially, cancelling invalidate the stored @safe pointer. Fix that, by always iterate from the start of the list. Fixes: d0563f0733ed293d67e9a0f6503e28c3f1c08f1b 
In the loop, we invoke callbacks. What the callbacks do, is out of control
of NMAuthManager. For example, they could cancel or schedule new
requests. Especially, cancelling invalidate the stored @safe pointer.

Fix that, by always iterate from the start of the list.

Fixes: d0563f0733ed293d67e9a0f6503e28c3f1c08f1b
auth-manager: fix processing calls in _dbus_new_proxy_cb() 2018-04-17T14:22:34+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-17T14:17:40+00:00 0fa57069ad98e9f2d98b93aba6a41cadd095b284 In the first loop, the element is removed only when the callback is executed. The second loop never removes the current element. Use the for_each macro for both. Fixes: d0563f0733ed293d67e9a0f6503e28c3f1c08f1b 
In the first loop, the element is removed only when the callback is
executed. The second loop never removes the current element. Use the
for_each macro for both.

Fixes: d0563f0733ed293d67e9a0f6503e28c3f1c08f1b
core: fix wrong assertion when disposing NMAuthManager 2018-04-17T14:01:36+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-17T14:01:36+00:00 cbeabaa00011ace3c6893427511eb36abee3d5a4 The list should be empty on disposal. Fixes: 2ea2df3184d45567fa9c44f5ef90634a779bfb75 
The list should be empty on disposal.

Fixes: 2ea2df3184d45567fa9c44f5ef90634a779bfb75
auth-manager: don't process idle calls when the proxy creation finishes 2018-04-17T08:17:25+00:00 Beniamino Galvani bgalvani@redhat.com 2018-04-16T12:32:06+00:00 d0563f0733ed293d67e9a0f6503e28c3f1c08f1b The list of calls contains two kinds of elements: (1) calls that don't need a D-Bus request and are only waiting for the asynchronous invocation of the callback in an idle function; (2) calls that need a D-Bus request and are waiting for the D-Bus proxy. When the proxy creation finishes, only (2) calls must be canceled (if the creation failed) or started (if the proxy was created). Fixes: 798b2a7527bddadcec37b48183da313fbc961e45 https://bugzilla.redhat.com/show_bug.cgi?id=1567807 
The list of calls contains two kinds of elements: (1) calls that don't
need a D-Bus request and are only waiting for the asynchronous
invocation of the callback in an idle function; (2) calls that need a
D-Bus request and are waiting for the D-Bus proxy.

When the proxy creation finishes, only (2) calls must be canceled (if
the creation failed) or started (if the proxy was created).

Fixes: 798b2a7527bddadcec37b48183da313fbc961e45

https://bugzilla.redhat.com/show_bug.cgi?id=1567807
auth-manager: let NMAuthChain always call to NMAuthManager for dummy requests 2018-04-13T07:09:46+00:00 Thomas Haller thaller@redhat.com 2018-04-09T14:04:46+00:00 798b2a7527bddadcec37b48183da313fbc961e45 NMAuthChain's nm_auth_chain_add_call() used to add special handling for the NMAuthSubject. This handling really belongs to NMAuthManager for two reasons: - NMAuthManager already goes through the effort of scheduling an idle handler to handle the case where no GDBusProxy is present. It can just as well handle the special cases where polkit-auth is disabled or when we have internal requests. - by NMAuthChain doing special handling, it makes it more complicated to call nm_auth_manager_check_authorization() directly. Previously, the NMAuthChain had additional logic, which means you either were forced to create an NMAuthChain, or you had to reimplement special handling like nm_auth_chain_add_call(). 
NMAuthChain's nm_auth_chain_add_call() used to add special handling for
the NMAuthSubject. This handling really belongs to NMAuthManager for two
reasons:
 - NMAuthManager already goes through the effort of scheduling an idle
   handler to handle the case where no GDBusProxy is present. It can
   just as well handle the special cases where polkit-auth is disabled
   or when we have internal requests.
 - by NMAuthChain doing special handling, it makes it more complicated
   to call nm_auth_manager_check_authorization() directly. Previously,
   the NMAuthChain had additional logic, which means you either were
   forced to create an NMAuthChain, or you had to reimplement special
   handling like nm_auth_chain_add_call().
auth-manager: always compile D-Bus calls to polkit 2018-04-13T07:09:46+00:00 Thomas Haller thaller@redhat.com 2018-04-09T16:13:28+00:00 41abf9f8e81423eff0ef888d17a5454d0b5750bf Supporting PolicyKit required no additional library, just extra code to handle the D-Bus calls. For that, there was a compile time option to even stip out that code. Note, that you could (and still can) configure the system not to use policy-kit. The point was to reduce the binary size in case you don't need it. Remove this. I guess, we we aim for such aggressive optimization of the binary size, we should instead make all device types disablable at configuration time. We don't do that either and other low hanging fruits, because it's better to always enable features, unless they require external dependencies. Also, the next commit will make more use of NMAuthManager. So, having it disabled at compile time, makes even less sense. 
Supporting PolicyKit required no additional library, just extra code
to handle the D-Bus calls. For that, there was a compile time option
to even stip out that code. Note, that you could (and still can)
configure the system not to use policy-kit. The point was to reduce
the binary size in case you don't need it.

Remove this. I guess, we we aim for such aggressive optimization of
the binary size, we should instead make all device types disablable
at configuration time. We don't do that either and other low hanging
fruits, because it's better to always enable features, unless they
require external dependencies.

Also, the next commit will make more use of NMAuthManager. So, having
it disabled at compile time, makes even less sense.
auth-manager: rework auth-manager's API 2018-04-13T07:09:46+00:00 Thomas Haller thaller@redhat.com 2018-04-09T11:27:03+00:00 2ea2df3184d45567fa9c44f5ef90634a779bfb75 Don't use the GAsyncResult pattern for internal API of auth-manager. Instead, use a simpler API that has a more strict API and simpler use. - return a call-id handle when scheduling the authorization request. The request is always scheduled asynchronsously and thus call-id is never %NULL. - the call-id can be used to cancel the request. It can be used exactly once, and only before the callback is invoked. - the async keeps the auth-manager alive. It needs to do so, because when cancelling the request we might not yet be done: instead we might still need to issue a CancelCheckAuthorization call (which we need to handle as well). - the callback is always invoked exactly once. Currently NMAuthManager's API effectivly is only called by NMAuthChain. The point of this is to make NMAuthManager's API more consumable, and thus let users use it directly (instead of using the NMAuthChain layer). As well known, we don't do a good job during shutdown of NetworkManager to release all resources and cancel pending requests. This rework also makes it possible to actually get this right. See the comment in nm_auth_manager_force_shutdown(). But yes, it is still a bit complicated to do a controlled shutdown, because we cannot just synchronously complete. We need to issue CancelCheckAuthorization D-Bus calls, and give these requests time to complete. The new API introduced by this patch would make that easier. 
Don't use the GAsyncResult pattern for internal API of auth-manager. Instead,
use a simpler API that has a more strict API and simpler use.

- return a call-id handle when scheduling the authorization request.
  The request is always scheduled asynchronsously and thus call-id
  is never %NULL.
- the call-id can be used to cancel the request. It can be used exactly
  once, and only before the callback is invoked.
- the async keeps the auth-manager alive. It needs to do so, because
  when cancelling the request we might not yet be done: instead we
  might still need to issue a CancelCheckAuthorization call (which
  we need to handle as well).
- the callback is always invoked exactly once.

Currently NMAuthManager's API effectivly is only called by NMAuthChain.
The point of this is to make NMAuthManager's API more consumable, and
thus let users use it directly (instead of using the NMAuthChain layer).

As well known, we don't do a good job during shutdown of NetworkManager
to release all resources and cancel pending requests. This rework also
makes it possible to actually get this right. See the comment in
nm_auth_manager_force_shutdown(). But yes, it is still a bit complicated
to do a controlled shutdown, because we cannot just synchronously
complete. We need to issue CancelCheckAuthorization D-Bus calls, and
give these requests time to complete. The new API introduced by this patch
would make that easier.