| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Fixes: 3bda3fb60c10 ('nmtui: initial import of nmtui')
|
|
|
|
|
|
|
| |
src/core/devices/nm-lldp-listener.c:911: check_after_deref:
Null-checking "self" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
Fixes: 04e72b6b4d79 ('lldp: use new libnm-lldp instead of systemd's sd_lldp_rx')
|
|
|
|
|
|
| |
src/libnm-platform/nmp-object.c:930: var_deref_op: Dereferencing null pointer "klass->cmd_plobj_to_string_id".
Fixes: 8feeb199ad4b ('platform: drop redundant hook implementations from NMPObject classes')
|
|
|
|
|
|
| |
src/nmcli/devices.c:1196: double_free: Calling "_nm_auto_strfreev" frees pointer "arg_arr" which has already been freed.
Fixes: c5d45848dd07 ('cli: mark argv argument for command line parsing as const')
|
|
|
|
|
|
|
| |
Older versions of iproute2 don't support the fwmark option. Remove it.
Fixes: 1cf8df2f35b6 ('platform: support VTI tunnels')
Fixes: b669a3ae46d8 ('platform: support VTI6 tunnels')
|
|
|
|
|
|
|
|
| |
Older kernel headers don't ship definitions for IFLA_VTI_*, redefine
them.
Fixes: 1cf8df2f35b6 ('platform: support VTI tunnels')
Fixes: b669a3ae46d8 ('platform: support VTI6 tunnels')
|
|\
| |
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/985
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1435
|
| | |
|
| |
| |
| |
| |
| | |
A VTI tunnel is similar to a IPIP one, but it allows adding a fwmark
to packets and supports IPsec encapsulation.
|
| |
| |
| |
| |
| | |
Add the fwmark property and allow setting input and output key for VTI
tunnels.
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With multi-connect enabled, this can cause infinite retries to autoconnect,
see [1].
That has bad consequences for example in initrd, where
nm-wait-online-initrd.service would wait up to one hour before failing
and blocking boot.
This reverts commit 1656d82045343b5af5b86cf129d4f2b12540b277.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2039734#c5
Fixes: 1656d8204534 ('policy: track the autoconnect retries in devices for multi-connect')
|
| |
|
|\
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1484
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Like for our other immutable/sealable types, make ref/unref thread safe.
That is important, as the boxed types only increase the ref-count on
copy. If ref/unref is not thread-safe, it means you cannot copy a boxed
type, and operate on the copy on another thread.
Fixes: 041e38b1514b ('libnm: add NMRange')
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The types NMBridgeVlan, NMIPRoutingRule, NMRange, NMWireGuardPeer
are immutable (or immutable, after the seal() function is called).
Immutable types are great, as it means a reference to them can be shared
without doing a full clone. Hence the G_DEFINE_BOXED_TYPE() for these
types prefers to take a reference instead of cloning the objects. Except
for sealable types, where it will prefer to clone unsealed values.
Likewise, nm_simple_connection_new_clone() probably will just take
another reference to the value, instead of doing a deep clone.
libnm is not a thread-safe library in the sense that you could pass a
NMConnection or NMClient instance to multiple threads and access them
without your own synchronization. However, it should be possible that
multiple threads access (seemingly) distinct objects.
As the copy function of these boxed types (and nm_simple_connection_new_clone()
and similar) prefers to share the references to immutable types, it is important
that the ref function is thread-safe too. Otherwise you cannot just clone a
NMConnection on thread1, hand the clone to thread2 and operate on the
clone and the original independently. If you do before this patch, you would
hit a subtle race condition.
Avoid that. While atomic operations have a runtime overhead, being safe
is more important. Also, we already save a full malloc()/free() by
having immutable, ref-counted types. We just need to make it safe to use
in order to fully benefit from it.
|
| | |
|
|/
|
|
|
|
| |
I think it's just a nicer pattern. It also ensures that all
fields are initialized to their type's default and don't
rely on memset().
|
|
|
|
| |
Fixes: 28d7f9b7c478 ('dhcp: drop NMDhcpClientClass.get_duid() hook')
|
|\
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1477
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we only set the "default-duid" line in the lease file. That
means, if the lease already contained a matching entry with a
"dhcp6.client-id" option, it was not honored. That is wrong.
If the profile has "ipv6.dhcp-duid" set, then we must use it and get
rid of those options from the lease.
It's easy to reproduce:
PROFILE=eth1
nmcli connection down "$PROFILE"
rm -f /var/lib/NetworkManager/*lease
nmcli connection modify "$PROFILE" ipv6.dhcp-duid "aa:bb:cc:dd:00:00:11"
nmcli connection up "$PROFILE"
# Verify the expected duid in /var/lib/NetworkManager/*lease and "/run/NetworkManager/devices/$IFINDEX"
nmcli connection modify "$PROFILE" ipv6.dhcp-duid "aa:bb:cc:dd:00:00:22"
nmcli connection up "$PROFILE"
# Check the DUID again.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Splitting by any of "\r\n" and then joining the lines with "\n"
leads to double-newlines. That's certainly wrong.
Maybe we shouldn't care about "\r", I don't know why this was done. But
handle it differently.
|
| |
| |
| |
| |
| | |
It updates the file timestamp, which seems undesirable. Skip the update,
if the content didn't change.
|
| | |
|
| |
| |
| |
| | |
So much duplicate, boilerplate code. Get rid of it.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dhclient writes binary data as colon-separated hex strings
like nm_utils_bin2hexstr_full() does. But it only writes single
digits for values smaller than 0x10. Add an option to support
that mode.
However, there are many callers of nm_utils_bin2hexstr_full() already,
and they all don't care about the new option. Maybe this should this
not be a boolean argument, instead the function should accept a
flags argument. That is not done for now. Just add another "fuller"
variant. It's still easy to understand, because the "full" variant
is just a more limited functionality of "fuller".
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
nm_dhcp_client_set_effective_client_id()
Of course, the old "priv->effective_client_id" and the new
"client_id" instances are truly separate, that is, they don't
share data, and destroying "priv->effective_client_id" before
taking a reference on "client_id" causes no problem.
It's still a code smell. It makes the function unnecessarily unsafe
under (very unusual) circumstances.
|
| |
| |
| |
| |
| | |
Also for the internal DHCP clients. And validate/normalize the setting
for the dhclient/dhcpcd/dhcdcanon plugins.
|
| |
| |
| |
| | |
This will be used to pre-fill the lease with client-specific options.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The point of using this trivial helper function is to have one function
that is related to the construction of the options dictionary, that we
can search for.
It answers the question, where do we create a option hash (at `git grep
nm_dhcp_option_create_options_dict`).
|
| |
| |
| |
| |
| | |
This is so that we can use the same function also to create the
hash for dhclient plugin.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "lease" mode is unusual, because it means to prefer the DUID
configuration from the DHCP plugin over the explicit configuration in
NetworkManager. It is only for the DHCPv6 DUID and not for the IPv4
client-id. It also is only special for the "dhclient" plugin, because
with the internal plugin, this always corresponds to a generated, stable
DUID.
Commit 58287cbcc0c8 ('core: rework IP configuration in NetworkManager
using layer 3 configuration') broke this. The commit refactored the code
to track the effective-client-id separately. Previously, the client-id which
was read from the dhclient lease, was overwriting NMDhcpClient.client_id. But
with the refactor, it broke because nm_dhcp_client_get_effective_client_id()
was never called.
Fix that.
Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Note that there are no callers of nm_dhcp_client_get_effective_client_id(),
hence calling the setter had no effect. This is a bug, that we will fix
later.
But before fixing the bug, change how this works. Drop the get_duid() hook.
It's only confusing and backward.
We will keep the nm_dhcp_client_[gs]et_effective_client_id() functions.
They will be used later.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
client
The "effective-client-id" is handled wrongly. Step 1 to clean this up.
Note that NMDhcpClientPrivate.effective_client_id is only ever get/set
via the nm_dhcp_client_[gs]et_effective_client_id() functions.
Note that only a NMDhcpDhclient instance ever calls
nm_dhcp_client_set_effective_client_id().
Hence, for NMDhcpSystemd the effective-client-id is really just the DUID
from the config. Clean this up by not calling nm_dhcp_client_get_effective_client_id()
but use the config directly. There is no change in behavior here.
|
| |
| |
| |
| | |
NM_DHCP_OPTION_DHCP6_{CLIENT,SERVER}_ID enums
|
|/ |
|
|\
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1483
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current implementation only checks that a device with name equal
to veth.peer exists and it has a parent device; it doesn't check that
its parent is actually the device we want to create. So for example,
if the profile specifies interface-name A and peer B, while in
platform we have a veth pair {B,C}, we'll skip the interface creation
and the device will remain without a ifindex, leading to a crash
later. Fix this by adding the missing check.
While at it, don't implement the check by inspecting NMDevices but
look directly at the platform cache; that seems more robust because
devices are often updated from platform events via idle handlers and
so the information there could be outdated.
Fixes: 07e0ab48d194 ('veth: drop iface peer check during create_and_realize()')
https://bugzilla.redhat.com/show_bug.cgi?id=2129829
|
|/ |
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1148
|
|\
| |
| |
| | |
git subtree pull --prefix src/c-stdaux git@github.com:c-util/c-stdaux.git main --squash
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
eceefe959250 doc: update README.md for typography
df7e0ac7a792 build: release v1.3.0
293d76aded19 test-basic: use `non_constant_expr`
12f8380286f3 generic: handle compile time expression in _c_boolean_expr_(),_c_likely_()/_c_unlikely_()
92b25e384e3b test/basic: add tests for _c_boolean_expr_
4c1765bc0b4d test/api: move _c_always_inline_ test to generic group
fe95c7a78fe9 test/api: add missing test for _c_boolean_expr_
git-subtree-dir: src/c-stdaux
git-subtree-split: eceefe9592501bce485db62966853b361e90ec2f
|
|\ \
| | |
| | |
| | | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1480
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
G_TYPE_CHECK_INSTANCE_CAST() can trigger a "-Wcast-align":
src/core/devices/nm-device-macvlan.c: In function 'parent_changed_notify':
/usr/include/glib-2.0/gobject/gtype.h:2421:42: error: cast increases required alignment of target type [-Werror=cast-align]
2421 | # define _G_TYPE_CIC(ip, gt, ct) ((ct*) ip)
| ^
/usr/include/glib-2.0/gobject/gtype.h:501:66: note: in expansion of macro '_G_TYPE_CIC'
501 | #define G_TYPE_CHECK_INSTANCE_CAST(instance, g_type, c_type) (_G_TYPE_CIC ((instance), (g_type), c_type))
| ^~~~~~~~~~~
src/core/devices/nm-device-macvlan.h:13:6: note: in expansion of macro 'G_TYPE_CHECK_INSTANCE_CAST'
13 | (G_TYPE_CHECK_INSTANCE_CAST((obj), NM_TYPE_DEVICE_MACVLAN, NMDeviceMacvlan))
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
Avoid that by using _NM_G_TYPE_CHECK_INSTANCE_CAST().
This can only be done for our internal usages. The public headers
of libnm are not changed.
|
| | |
| | |
| | |
| | | |
G_TYPE_CHECK_INSTANCE_CAST()
|