| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attaching a bond port, kernel will reset the MTU of the port ([1],
[2]). Configuring a different MTU on the port seems not a sensible
thing for the user to do.
Still, before commit e67ddd826fae ('device: commit MTU during stage2')
we would first attach the bond port before setting the MTU. That
changed, and now the MTU set by kernel wins.
Btw, this change in behavior happens because we attach the port in
stage3 (ip-config), which seems an ugly thing to do.
Anyway, fix this by setting the MTU after attaching the ports, but still
in stage3.
It is probably not sensible for the user to configure a different MTU.
Still, if the user requested it by configuration, we should apply it.
Note that NetworkManager has some logic to constrain the MTU based on
the parent/child and controller/port. In many regards however, NetworkManager
does not fully understand or enforce the correct MTU and relies on the
user to configure it correctly. After all, if the user misconfigures the
MTU, the setup will have problems anyway (and in many cases neither
kernel nor NetworkManager could know that the configuration is wrong).
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/net/bonding/bond_main.c?h=v5.17#n3603
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/net/bonding/bond_main.c?h=v5.17#n4372
https://bugzilla.redhat.com/show_bug.cgi?id=2071985
Fixes: e67ddd826fae ('device: commit MTU during stage2')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1199
(cherry picked from commit 6804c2ba0479a44c314a61bbdcc29e0cd6987166)
(cherry picked from commit 352e8bb86547f849ddd05cffce52a2e7760ce853)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This probably has no bad effects when building without more-asserts.
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1 0x00007f7ead0564a3 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78
#2 0x00007f7ead009d06 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#3 0x00007f7eacfdc7d3 in __GI_abort () at abort.c:79
#4 0x00007f7ead1fed4c in g_assertion_message (domain=<optimized out>, file=<optimized out>, line=<optimized out>, func=<optimized out>, message=<optimized out>) at ../glib/gtestutils.c:3065
#5 0x00007f7ead25f98f in g_assertion_message_expr (domain=0x560964f8b7e9 "nm", file=0x560964f83da8 "src/core/settings/nm-settings.c", line=640, func=0x56096504a390 <__func__.44.lto_priv.1> "_startup_complete_check", expr=<optimized out>) at ../glib/gtestutils.c:3091
#6 0x0000560964ed710e in _startup_complete_check (self=0x560966d1d030, now_msec=<optimized out>) at src/core/settings/nm-settings.c:640
#7 0x0000560964ed7d9b in _startup_complete_notify_connection (self=0x560966d1d030, sett_conn=<optimized out>, forget=<optimized out>) at src/core/settings/nm-settings.c:704
#8 0x0000560964edd070 in _connection_changed_delete (self=0x560966d1d030, storage=<optimized out>, sett_conn=0x560966cedbc0, allow_add_to_no_auto_default=<optimized out>) at src/core/settings/nm-settings.c:1244
#9 0x0000560964edd948 in _connection_changed_process_one (update_reason=(NM_SETTINGS_CONNECTION_UPDATE_REASON_IGNORE_PERSIST_FAILURE | NM_SETTINGS_CONNECTION_UPDATE_REASON_CLEAR_SYSTEM_SECRETS | NM_SETTINGS_CONNECTION_UPDATE_REASON_UPDATE_NON_SECRET | unknown: 0x5400), override_sett_flags=0, sett_mask=NM_SETTINGS_CONNECTION_INT_FLAGS_NONE, sett_flags=1725440360, allow_add_to_no_auto_default=0, sett_conn_entry=0x560966d1d030, self=<optimized out>) at src/core/settings/nm-settings.c:1294
#10 _connection_changed_process_all_dirty (self=<optimized out>, allow_add_to_no_auto_default=<optimized out>, sett_flags=<optimized out>, sett_mask=<optimized out>, override_sett_flags=<optimized out>, update_reason=<optimized out>) at src/core/settings/nm-settings.c:1335
#11 0x0000560964eeb8ec in nm_settings_delete_connection (allow_add_to_no_auto_default=648659760, sett_conn=<optimized out>, self=0x560966d1d030) at src/core/settings/nm-settings.c:2457
#12 nm_settings_connection_delete (self=<optimized out>, allow_add_to_no_auto_default=648659760) at src/core/settings/nm-settings-connection.c:637
#13 0x0000560964eebebd in delete_auth_cb (self=0x560966cedbc0, context=0x7f7e9c0170a0, subject=0x560966cc5ed0, error=0x0, data=<optimized out>) at src/core/settings/nm-settings-connection.c:1877
#14 0x0000560964ec9778 in pk_auth_cb (auth_manager=<optimized out>, auth_call_id=<optimized out>, is_authorized=1, is_challenge=<optimized out>, auth_error=<optimized out>, user_data=0x560966e16980) at src/core/settings/nm-settings-connection.c:1262
#15 0x0000560964db9a28 in _call_id_invoke_callback (error=0x0, is_challenge=0, is_authorized=1, call_id=0x560966ddeb00) at src/core/nm-auth-manager.c:180
#16 _call_on_idle (user_data=user_data@entry=0x560966ddeb00) at src/core/nm-auth-manager.c:284
#17 0x00007f7ead23111b in g_idle_dispatch (source=0x560966e50190, callback=0x560964db9900 <_call_on_idle>, user_data=0x560966ddeb00) at ../glib/gmain.c:5848
#18 0x00007f7ead234d4f in g_main_dispatch (context=0x560966cd1e20) at ../glib/gmain.c:3337
#19 g_main_context_dispatch (context=0x560966cd1e20) at ../glib/gmain.c:4055
#20 0x00007f7ead289608 in g_main_context_iterate.constprop.0 (context=0x560966cd1e20, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4131
#21 0x00007f7ead234463 in g_main_loop_run (loop=0x560966caf010) at ../glib/gmain.c:4329
#22 0x0000560964cb7515 in main (argc=<optimized out>, argv=<optimized out>) at src/core/main.c:509
Fixes: 3df662f534c4 ('settings: rework wait-device-timeout handling and consider device compatibility')
(cherry picked from commit 9046975a81cae3be0896bacceb84dc671e07f23c)
(cherry picked from commit 29fe4035c1c83b921ddeb9f74a2e97b4569ed66d)
|
| |
|
|
|
|
|
|
|
| |
This is severe. We cache the list of names, and we must invalidate the
cache when the names change. Otherwise, out-of-bound access and crash.
Fixes: d0192b698e68 ('libnm: add nm_setting_option_set(), nm_setting_option_get_boolean(), nm_setting_option_set_boolean()')
Fixes: 150af44e1042 ('libnm: add nm_setting_option_get_uint32(), nm_setting_option_set_uint32()')
(cherry picked from commit 22dcfb3a6770e9893440f6a99bed3aaf16e083b8)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently NetworkManager fails to establish a NAP bridge because it never gets
out of the stage2.
This is caused because when making the BlueZ callback reentrant we return
NM_ACT_STAGE_RETURN_POSTPONE even after registration has succeeded.
This patch changes registration to a three state automaton instead of a
boolean. This allows distinguishing when we are waiting for registration
to finish and when it is done and therefore ensures that when the stage2
is called again by the callback the result is success so NetworkManager
can proceed to the IP configuration.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1181
(cherry picked from commit 8f7e295cbf98ca220fbd13336bb0cdd4d477bd27)
|
| |\
| |
| |
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1164
(cherry picked from commit 979dbd6d0dfd96c3397b3d437822647b5a3fc0f5)
|
| | |
| |
| |
| |
| |
| | |
consume "QUIT" command
(cherry picked from commit b1b1ee8cc41af4f57902560f6769daf15852311e)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
fix test
We expect to read NUL terminated strings. Upon NUL, we should do
something. Treat it as a line break.
Fixes: 8ae9cf4698b4 ('Revert "libnm: buffer reads in nm_vpn_service_plugin_read_vpn_details()"')
(cherry picked from commit 6235815248314c0bd3deb485692881620a859cf9)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This partially reverts commit 4a9fcb0fc32e, which replaced one-byte
reads with buffered ones in the VPN service plugin.
Unfortunately the buffering means that commands coming after the magic
"DONE" string were being pulled into the buffer. Secrets agents expect
a "QUIT" to come after the "DONE", and since with buffering "QUIT" was
in the buffer, this led to a twenty-second delay on every VPN
connection using a secrets manager.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1164
Fixes: 4a9fcb0fc32e ('libnm: buffer reads in nm_vpn_service_plugin_read_vpn_details()')
(cherry picked from commit 8ae9cf4698b4fadae8cfbfbc801cf93d2385629d)
|
| |\
| |
| |
| |
| |
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1168
(cherry picked from commit 8b95693985f52df631b822fda754b81007c3ff5d)
(cherry picked from commit 14052c847c53c79549172f126a8cfb7eaba1049f)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The entire point of the dance in nm_platform_ip_address_sync() is to ensure that
conflicting IPv4 addresses are in their right order, that is, they have
the right primary/secondary flag.
Kernel only sets secondary flags for addresses that are in the same
subnet, and we also only care about the relative order of addresses
that are in the same subnet. In particular, because we rely on kernel's
"secondary" flag to implement this.
But kernel only treads addresses as secondary, if they share the exact
same subnet. For example, 192.168.0.5/24 and 192.168.0.6/25 would not
be treated as primary/secondary but just as unrelated addresses, even if
the address cleared of it's host part is the same.
This means, we must not only hash the network part of the addresses, but
also the prefix length. Implement that, by tracking the full NMPObject.
(cherry picked from commit 619dc2fcab809a1cae831c1866ce93189b575d53)
(cherry picked from commit 0bdb2e97d9a6bcd86889fb09765835a5886d13fb)
|
| | |
| |
| |
| |
| |
| |
| | |
nm_platform_ip_address_sync()
(cherry picked from commit e1431b43a2e02bdd010474df40ccf4417e8b7d08)
(cherry picked from commit a8e96e3c4b539391833b74432c3200df4e3a8223)
|
| | |
| |
| |
| |
| |
| |
| |
| | |
ip4_addr_subnets_is_plain_address()
Fixes: 2f68a5004153 ('platform: fix the order of addition of primary and secondary IPv4 addresses')
(cherry picked from commit 40f22e69c8c03fbbe40f3ba701c3540470f49dfe)
(cherry picked from commit 41b56cb2b9397407d24e00f95ba4ffb009212040)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
None of the callers really handle the return value of nm_platform_ip_address_sync()
or whether the function encountered problems. What would they anyway do
about that?
For IPv4 we were already ignoring errors to add addresses, but for IPv6 we
aborted. That seems wrong. As the caller does not really handle errors,
I think we should follow through and add all addresses in case of error.
Still, also collect a overall "success" of the function and return it.
(cherry picked from commit cedaa191d44fede4048a581f2cd132ec6b03d6e9)
(cherry picked from commit 8736cc86187d176ca7a7f1dbe5bdee0786c2e037)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the past, nm_platform_ip_address_sync() only had the @known_addresses
argument. We would figure out which addresses to delete and which to preserve,
based on what addresses were known. That means, @known_addresses must have contained
all the addresses we wanted to preserve, even the external ones. That approach
was inherently racy.
Instead, nowadays we have the addresses we want to configure (@known_addresses)
and the addresses we want to delete (@prune_addresses). This started to change in
commit dadfc3abd510 ('platform: allow injecting the list of addresses to prune'),
but only commit 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using
layer 3 configuration') actually changed to pass separate @prune_addresses argument.
However, the order of IP addresses matters and there is no sensible kernel API
to configure the order (short of adding them in the right order), we still need
to look at all the addresses, check their order, and possibly delete some.
That is, we need to handle addresses we want to delete (@prune_addresses)
but still look at all addresses in platform (@plat_addresses) to check
their order.
Now, first handle @prune_addresses. That's simple. These are just the
addresses we want to delete. Second, get the list of all addresses in
platform (@plat_addresses) and check the order.
Note that if there is an external address that interferes with our
desired order, we will leave it untouched. Thus, such external addresses
might prevent us from getting the order as desired. But that's just
how it is. Don't add addresses outside of NetworkManager to avoid that.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 80f8e23992b58aa0b6fd88de0d3973eea51691a4)
(cherry picked from commit 4c3197b37790c6c89c7b3df0e92a26e1f8719a5a)
|
| |/
|
|
|
| |
(cherry picked from commit a60a262574206976eacc405633c059e0f375f0a8)
(cherry picked from commit 0fc40735ab582f2ff9f319043d77d5f40253f103)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes this error:
checking whether more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
./configure: line 30294: ,as_fn_error: command not found
checking for a Python interpreter with version >= 3... python
checking for python... /usr/bin/python
Fixes: 3affccf29b53 ('tests: fix undefined references to pthread')
(cherry picked from commit a8284b1d3b967789066c76c39660a91565fb7833)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to WPA3_Specification_v3.0 section 2.3, when operating in
WPA3-Personal transition mode an AP:
- shall set MFPC to 1, MFPR to 0.
Therefore, do not operate in WPA3-Personal transition mode when PMF is set to
disabled. This also provides a way to be compatible with some devices that are
not fully compatible with WPA3-Personal transition mode.
Signed-off-by: 谢致邦 (XIE Zhibang) <Yeking@Red54.com>
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1186
(cherry picked from commit b6eb237a271c91f6ca9d74f0db8f7e80b9998d51)
(cherry picked from commit a0988868ba7b4390790cab43cca5103f80a6a300)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently wpa_supplicant doesn't support FT in AP mode. FT-PSK and
FT-EAP are simply not negotiated with the STA. FT-SAE gets negotiated
but then the key derivation is not supported, leading to a
authentication failure.
Even if support for FT in AP mode is introduced in wpa_supplicant in
the future, it will require additional parameters as the nas
identifier and the mobility domain, which are currently not provided
by NM.
Disable all FT key-mgmts in AP mode since they are useless and cause
issues (FT-SAE).
See-also: https://mail.gnome.org/archives/networkmanager-list/2022-March/msg00016.html
See-also: http://lists.infradead.org/pipermail/hostap/2022-April/040352.html
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1184
(cherry picked from commit 82980f7791660ede5f2982cdfbda266f3f6384a0)
(cherry picked from commit a66e054bd67432673b8cc022c862937b95dae348)
|
| | |
|
| |\
| |
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1175
(cherry picked from commit ca9a6c471f74c19c4a91d06b0c140944f9eac6dc)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have some reports of APs that advertise WPA2/WPA3 with
MFP-required=0/MFP-capable=0, and reject the association when the
client doesn't support 802.11w.
According to WPA3_Specification_v3.0 section 2.3, when operating in
WPA3-Personal transition mode a STA:
- should allow AKM suite selector: 00-0F-AC:6 (WPA-PSK-SHA256) to be
selected for an association;
- shall negotiate PMF when associating to an AP using SAE.
The first is guaranteed by capability PMF; the second by checking that
the interface supports BIP ciphers suitable for PMF.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/964
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003907
(cherry picked from commit 1a7db1d7f712d7696f64b089011bc45fc86e7924)
|
| |/
|
|
|
|
|
| |
Introduce a new capability indicating whether the interface supports
any of the BIP ciphers that can be used for 802.11w (PMF).
(cherry picked from commit cd1e0193abcf26f523bd52d83af5aab086ceaa92)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
IPv6 gets disabled at the beginning of the activation in
ip_ifindex_changed_cb(). Enable it again when the modem returns a IPv6
configuration.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/944
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1170
(cherry picked from commit 586afdfc5298285d09a5b4965690899833a21abb)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Curl's CURLOPT_RESOLVE expects one list entry per host. That
documentation ([1]) also makes that clear that the form is
"[+]HOST:PORT:ADDRESS[,ADDRESS]".
The way we constructed the list, only the last entry was honored:
<trace> [1647551393.5362] connectivity: (eth0,IPv4,25) adding 'fedoraproject.org:80:18.159.254.57' to curl resolve list
<trace> [1647551393.5363] connectivity: (eth0,IPv4,25) adding 'fedoraproject.org:80:152.19.134.142' to curl resolve list
<trace> [1647551393.5363] connectivity: (eth0,IPv4,25) adding 'fedoraproject.org:80:18.192.40.85' to curl resolve list
...
<trace> [1647551393.5366] connectivity: (eth0,IPv4,25) adding 'fedoraproject.org:80:85.236.55.6' to curl resolve list
<trace> [1647551393.5366] connectivity: (eth0,IPv4,25) adding 'fedoraproject.org:80:38.145.60.20' to curl resolve list
...
<trace> [1647551393.5415] connectivity: (eth0,IPv4,25) libcurl: == Info: Added fedoraproject.org:80:18.159.254.57 to DNS cache\012
<trace> [1647551393.5416] connectivity: (eth0,IPv4,25) libcurl: == Info: RESOLVE fedoraproject.org:80 is - old addresses discarded!\012
<trace> [1647551393.5416] connectivity: (eth0,IPv4,25) libcurl: == Info: Added fedoraproject.org:80:152.19.134.142 to DNS cache\012
<trace> [1647551393.5417] connectivity: (eth0,IPv4,25) libcurl: == Info: RESOLVE fedoraproject.org:80 is - old addresses discarded!\012
...
<trace> [1647551393.5422] connectivity: (eth0,IPv4,25) libcurl: == Info: RESOLVE fedoraproject.org:80 is - old addresses discarded!\012
<trace> [1647551393.5423] connectivity: (eth0,IPv4,25) libcurl: == Info: Added fedoraproject.org:80:38.145.60.20 to DNS cache\012
<trace> [1647551393.5424] connectivity: (eth0,IPv4,25) libcurl: == Info: Hostname fedoraproject.org was found in DNS cache\012
<trace> [1647551393.5424] connectivity: (eth0,IPv4,25) libcurl: == Info: Trying 38.145.60.20:80...\012
There are two possible fixes. Either join all addresses in one
entry, or use the '+' modifier. Do the former.
Now we get:
<trace> [1647551967.0378] connectivity: (eth0,IPv4,25) set curl resolve list to 'fedoraproject.org:80:38.145.60.21,152.19.134.142,152...
...
<trace> [1647551967.0559] connectivity: (eth0,IPv4,25) libcurl: == Info: Added fedoraproject.org:80:38.145.60.21,152.19.134.142,152.1...
<trace> [1647551967.0560] connectivity: (eth0,IPv4,25) libcurl: == Info: Hostname fedoraproject.org was found in DNS cache\012
<trace> [1647551967.0561] connectivity: (eth0,IPv4,25) libcurl: == Info: Trying 38.145.60.21:80...\012
[1] https://curl.se/libcurl/c/CURLOPT_RESOLVE.html
Reported-by: Bastien Nocera <hadess@hadess.net>
Fixes: 2cec94bacce4 ('connectivity: use systemd-resolved for resolving the check endpoint')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/648#note_1301596
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1153
(cherry picked from commit 14b9a9bd9db722812cff2290362a668df2a6b585)
|
| |
|
|
|
|
|
|
|
|
|
| |
I think we should move away from using the source-ids.
Having a "GSource*" pointer makes it clearer what this is, compared to a
guint source ID. Also, g_source_remove() always needs to first do a hash
lookup (with locking) to resolve the source ID to the GSource. This is
unnecessary.
(cherry picked from commit ca9c67565a710eb6b371bc72da266014225a3e3f)
|
| |
|
|
|
|
| |
And change code so that clang-format produces nicer alignment.
(cherry picked from commit 63d68e7f42b7377b34cfa58fb4b7994df3f3a98b)
|
| |
|
|
|
|
|
| |
In practice, systemd-resolved will give us always AF_INET/AF_INET6. Still,
check for that.
(cherry picked from commit 593d08db81f2c52ddd7bde6c1b4381f9fbfef875)
|
| |
|
|
|
|
|
|
|
| |
../src/core/devices/nm-device-ethernet.c:1164:35: error: unused variable error [-Werror,-Wunused-variable]
gs_free_error GError *error = NULL;
^
Fixes: aa9b5e28eb6d ('ethernet: fix setting ip-ifindex for PPPoE connections')
(cherry picked from commit 18d0ab14bc7e31dec830c08e2eb6d4de01c57f82)
|
| |
|
|
|
| |
Fixes: e874ccc9177c ('wifi: add WPA-EAP-SUITE-B-192 support')
(cherry picked from commit 78c937cb2330311cf97dedc7c2a6ef453081a518)
|
| |
|
|
|
| |
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 9ac143d2d577fd8c03e491b97107b9545603ba55)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I got a report of a scenario where multiple servers reply to a REQUEST
in SELECTING, and all servers send NAKs except the one which sent the
offer, which replies with a ACK. In that scenario, n-dhcp4 is not able
to obtain a lease because it restarts from INIT as soon as the first
NAK is received. For comparison, dhclient can get a lease because it
ignores all NAKs in SELECTING.
Arguably, the network is misconfigured there, but it would be great if
n-dhcp4 could still work in such scenario.
According to RFC 2131, ACK and NAK messages from server must contain a
server-id option. The RFC doesn't explicitly say that the client
should check the option, but I think it's a reasonable thing to do, at
least for NAKs.
This patch stores the server-id of the REQUEST in SELECTING, and
compares it with the server-id from NAKs, to discard other servers'
replies.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1144
(cherry picked from commit 118561e284ff7f28421b19530d4471075b89645c)
|
| |\
| |
| |
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1148
(cherry picked from commit 3a8a1b0e26ef156ba579ff3aa6d1eb91a88496bd)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a NMDevice is involved in a PPPoE activation, it means that the
connection has connection.interface-name=<ethernet-interface>. In such
case, the ppp ifindex should be set as ip-ifindex of the ethernet
device.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit aa9b5e28eb6d85262c785b0ccd9c1d98c222089c)
|
| | |
| |
| |
| |
| |
| |
| | |
It's not going to work.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 7b2bea7ceb2cb95cf6f45b7d17abc552490c68a5)
|
| |/
|
|
|
|
|
| |
PPP supports IPv6 autoconfiguration.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 041df05f3cad687b3aa30879687d9c1eb3de5746)
|
| |
|
|
|
|
|
| |
Recent python-black (22.0) dropped support for Python 2 and thus fail
for those files. Make the examples Python3 compatible.
(cherry picked from commit 95e6a0a6e253dfdcd77ebc65d629fb3789f5f0e3)
|
| |
|
|
|
|
|
|
|
|
|
| |
nm_g_idle_add_source() is supposed to work like g_idle_add(). Use the correct
priority.
I think this causes little actual problems, because usually we don't
carefully tune the priorities and would be mostly fine with either.
Fixes: 6b18fc252d1e ('shared: add nm_g_{idle,timeout}_add_source() helpers')
(cherry picked from commit 15e88379452e231d1821c0d7f8e4df89ccd86e8b)
|
| |
|
|
|
|
|
| |
Found with `git grep 'GError.*[^,)];'| grep ' *= *NULL;' -v`
Fixes: a2abd15fe001 ('DHCP: Support dhcpcd-9.x')
(cherry picked from commit fd50323232a2f754d8b62c84354d3f781f9a4e69)
|
| |
|
|
|
|
|
| |
Found with `git grep 'GError.*[^,)];'| grep ' *= *NULL;' -v`
Fixes: d689380cfc57 ('team: support operation without D-Bus')
(cherry picked from commit 43748d298047f66804b4e48aec4f6ec37b333263)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NMClient is strongly tied to the GMainContext with which it was created.
Several operations must only be called from within the context. There
was an assertion for that.
However, creating (and init_async()) should be allowed to call not
from within the GMainContext. So if the current context has no owner
(is not acquired), then it's also OK.
Fix the assertion for that.
Fixes: ce0e898fb476 ('libnm: refactor caching of D-Bus objects in NMClient')
(cherry picked from commit ae0cc9618c49bb74bbe54a073dc337e9a3b0005b)
|
| |
|
|
| |
(cherry picked from commit 5dc9307a34271c50d6850e02c48d623879ae4d72)
|
| |
|
|
|
|
|
| |
Found with `git grep 'GError.*[^,)];'| grep ' *= *NULL;' -v`
Fixes: ce0e898fb476 ('libnm: refactor caching of D-Bus objects in NMClient')
(cherry picked from commit a9d521bf8c183b9bb95375545ac514de170e3484)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When cloud-init job (metadata service crawler) starts, it sends the
SIGTERM signal to nm-cloud-setup and force the nm-cloud-setup to
restart, however, because the error is not initialized as NULL in
`_init_start_cancelled_cb()` before it is set, nm-cloud-setup will hit
a dumped core.
TO fix it, initialize the error as NULL in `_init_start_cancelled_cb()`.
https://bugzilla.redhat.com/show_bug.cgi?id=2027674
Fixes: ce0e898fb476 ('libnm: refactor caching of D-Bus objects in NMClient')
Backtrace:
#0 g_logv (log_domain=0x7f833a872071 "GLib", log_level=G_LOG_LEVEL_WARNING, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1413
#1 0x00007f833a81f043 in g_log (log_domain=<optimized out>, log_level=<optimized out>, format=<optimized out>) at ../glib/gmessages.c:1451
#2 0x00007f833ab97230 in nm_utils_error_set_cancelled (is_disposing=<optimized out>, instance_name=<optimized out>, error=0x7ffff79cb980) at src/libnm-glib-aux/nm-shared-utils.c:2599
#3 nm_utils_error_set_cancelled (is_disposing=0, instance_name=0x0, error=0x7ffff79cb980) at src/libnm-glib-aux/nm-shared-utils.c:2590
#4 _init_start_cancelled_cb (cancellable=<optimized out>, user_data=0x5640ca292150) at src/libnm-client-impl/nm-client.c:7324
#5 _init_start_cancelled_cb (cancellable=<optimized out>, user_data=0x5640ca292150) at src/libnm-client-impl/nm-client.c:7307
#6 0x00007f833a93094a in _g_closure_invoke_va (param_types=0x0, n_params=<optimized out>, args=0x7ffff79cbb40, instance=0x5640ca267020, return_value=0x0, closure=0x5640ca29d430)
at ../gobject/gclosure.c:873
#7 g_signal_emit_valist (instance=0x5640ca267020, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7ffff79cbb40) at ../gobject/gsignal.c:3406
#8 0x00007f833a930a93 in g_signal_emit (instance=instance@entry=0x5640ca267020, signal_id=<optimized out>, detail=detail@entry=0) at ../gobject/gsignal.c:3553
#9 0x00007f833a9a6475 in g_cancellable_cancel (cancellable=0x5640ca267020) at ../gio/gcancellable.c:513
#10 g_cancellable_cancel (cancellable=0x5640ca267020) at ../gio/gcancellable.c:487
#11 0x00005640ca1a8bd4 in sigterm_handler (user_data=0x5640ca267020) at src/nm-cloud-setup/main.c:599
#12 0x00007f833a819d4f in g_main_dispatch (context=0x5640ca268ef0) at ../glib/gmain.c:3337
#13 g_main_context_dispatch (context=0x5640ca268ef0) at ../glib/gmain.c:4055
#14 0x00007f833a86e608 in g_main_context_iterate.constprop.0 (context=0x5640ca268ef0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4131
#15 0x00007f833a819463 in g_main_loop_run (loop=0x5640ca24fdb0) at ../glib/gmain.c:4329
#16 0x00005640ca1a6d04 in nmc_client_new_waitsync (cancellable=0x5640ca267020, out_nmc=0x7ffff79cbfa0, error=0x7ffff79cbf98, first_property_name=0x5640ca1b11db "instance-flags",
first_property_name=0x5640ca1b11db "instance-flags") at src/libnm-client-aux-extern/nm-libnm-aux.c:129
#17 0x00005640ca1a3863 in main (argc=1, argv=<optimized out>) at src/nm-cloud-setup/main.c:639
(cherry picked from commit 549761b0adfc0ce1ceb1fd101ae458e1720f23b6)
|
| |
|
|
|
|
|
|
|
|
|
| |
The length argument is optional. That makes sense, because the returned
array is NUL-terminated.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1136
Fixes: 21b008d0ff72 ('libnm: add nm_client_get_capabilities() to expose server Capabilities')
(cherry picked from commit 7f1840bbb6fd444164762ce0eb3532f95b835d04)
|
| |
|
|
|
|
|
|
|
| |
These were added without documentation.
Fixes: 16cff1149a76 ('core: fix taking over external connection after restart')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1137
(cherry picked from commit d3d2e9b5089f202d590a071ca0d7919710c4f952)
|
| |
|
|
|
|
|
|
| |
See-also: https://fedoraproject.org/wiki/Changes/CurlMinimal_as_Default#Benefit_to_Fedora
See-also: https://github.com/systemd/systemd/commit/55b90ee00b78a449c8f187a5e8141f8ccb100bf4
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1121
(cherry picked from commit 7a1734926a4d053080c1d57fb29602bc5bb49f20)
|
