| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
Fixes: 46819838e72b8e4a09f7d1b88d0ea93efac57764
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the plugin supports interactive mode, but the VPN binary (like vpnc
or openvpn) doesn't support it, then the plugin should return
NM_VPN_PLUGIN_ERROR_INTERACTIVE_NOT_SUPPORTED from its connect_interactive()
hook. This lets NetworkManager know to fall back to plain Connect().
Since this notification is done through an error return, the VPN service
plugin code sees the failure and moves the plugin state back to
STOPPED. NetworkManager sees that state change, and terminates the
connection attempt while waiting for a reply to the Connect() method.
(VPN service plugins that don't support interactive mode at all don't
have this problem because that error is returned before the plugin's
state is moved to STARTING.)
To fix this, do two things:
1) if the connect_interactive() hook fails and returns the error
NM_VPN_PLUGIN_ERROR_INTERACTIVE_NOT_SUPPORTED, postpone the STOPPED
state change for a few seconds to allow NM time to fall back to
plain Connect(). We still want to move the plugin state back to
STOPPED eventually, because otherwise it could stay in STARTING
forever.
2) change state to STARTING only if the connect/connect_interactive
plugin hooks were successful. Otherwise the plugin would still be
in STARTING state, and it's not valid to call Connect()/ConnectInteractive()
during the STARTING state.
https://mail.gnome.org/archives/networkmanager-list/2016-February/msg00091.html
https://bugzilla.redhat.com/show_bug.cgi?id=1298732
(cherry picked from commit abc700c5c71f474730f703c648b0b8dab455d7ba)
|
|
|
|
|
|
|
|
|
| |
Unenslaving from a bridge can cause a spurious RTM_DELLINK signal.
NMPlatform does raise those signals, but fixes the state of the
cache afterwards. Workaround the test failure.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1285719
(cherry picked from commit dec682f6d13ceabb94521dcc4cf513f6348abfba)
|
|
|
|
|
|
|
| |
When building fails, we should not run the tests. They clutter
the output.
(cherry picked from commit ad45d232fee8157baadb799f3867ddec95e2ef91)
|
|
|
|
| |
(cherry picked from commit 7ec5acdc66b396cd2623a4a99be08e0267d93489)
|
|
|
|
|
| |
Fixes: 1408b8c0a21105f3ea6d2e58d0fc03835f255d34
(cherry picked from commit c94a9372fafd138a05fe5790c7bcd7980868460e)
|
|
|
|
|
|
|
| |
It looks better in the .yml file as well as in the travis UI.
(cherry picked from commit 1408b8c0a21105f3ea6d2e58d0fc03835f255d34)
[bgalvani: dropped the coverity part]
|
|
|
|
|
|
| |
failed tests
(cherry picked from commit 34050e9c0b6bd079c9982f72537cd3be372aa6e7)
|
|
|
|
|
|
|
|
| |
If a monitor interface is created, NM will grab that interface
and change it to station mode. That's not very nice.
https://mail.gnome.org/archives/networkmanager-list/2016-February/msg00068.html
(cherry picked from commit 751a37bf433eb79653b6d498eea1ab01047dfd27)
|
|
|
|
|
|
|
|
|
|
| |
Often a netlink event doesn't contain enough information to determine
the link type. Then we consult sysctl or ethtool. However, if we already
have the same object cached, we want to reused the (once detected) link-type.
There was a bug in lookup of the cached object.
(cherry picked from commit 9c0cfbbae6f83f9b55c8848a62fff42cb40dd73a)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to a kernel bug [1], we sometimes receive spurious NEWLINK
messages after a wifi interface has disappeared. Since the link is not
present anymore we can't determine its type and thus it will show up
as a Ethernet one, with no address specified. Request the link again
to check if it really exists.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1302037
https://bugzilla.gnome.org/show_bug.cgi?id=761151
(cherry picked from commit 97be12b6625e738856814403195b60f7ebc13bfe)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
configuration
The existing checks assumed that all AP/AdHoc connections would use the
shared IP method. But what we really want to check for here is whether the
connection is AP/AdHoc. Leave the existing 'shared' check for backwards
compatibility.
Also move the check above the timestamp check, since the user shouldn't need
to manually set a timestamp just to get an AP-mode connection to autoconnect.
(cherry picked from commit e2637760f160f8d790438f3ca26df1b888de7909)
|
|
|
|
|
|
| |
and rename realversion to real_version to follow the pattern.
(cherry picked from commit 6490dc154c35f3e0ff8e30a2fdfcc0dc05efbf51)
|
|
|
|
|
|
|
|
| |
We don't want to create backups of original files when
patching. Update the comment in the spec file to indicate
that.
(cherry picked from commit 455b981215648623c824b86a81cccd776d82a937)
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Only libnm-glib still requires dbus-glib.
(cherry picked from commit 804ec6fbcd9bae95b8fb17e1eab2b3a25a601b15)
|
| |
| |
| |
| |
| |
| | |
libnm doesn't use dbus-glib or dbus at all.
(cherry picked from commit 5e892819fcebb0ffe8e6797b3be8debb0aede335)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also add a new conditional "debug" to enable more assertions and
more logging, which is disabled by default.
Also add a conditional "test" to disable running the unit tests
(make check) while building the package.
http://rpm.org/wiki/PackagerDocs/ConditionalBuilds
(cherry picked from commit 87dc14476b81d6f540abbd935b611c4910dc91cd)
|
| |
| |
| |
| |
| |
| | |
We're building the plugins on s390 these days
(cherry picked from commit 20a56fa9a25cc95099c64a550e24dd9f3496c214)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
NetworkManager-devel package contained development headers that
are useful without libnm-glib and without glib. But it is also
based on the legacy libnm-glib library as it has headers like
"/usr/include/NetworkManager/NetworkManager.h".
A glib-free devel package based on the new libnm library would
be needed to provide "/usr/include/libnm/nm-dbus-interface.h".
But that would amount to 4 devel packages. Instead, just move
the content of NetworkManager-devel into NetworkManager-glib-devel
package.
Note that NetworkManager-devel already contained several truely
libnm-glib dependent files, like the vala bindings (which require
libnm-glib). So that was another bug in the packaging and is fixed
by moving it all to NetworkManager-glib-devel.
https://bugzilla.gnome.org/show_bug.cgi?id=755938
(cherry picked from commit e01c17523a85a2f238850aa8591888548e231e7e)
|
| |
| |
| |
| | |
(cherry picked from commit de5d98197f751c4ff4eed36af27131a024e47b73)
|
| |
| |
| |
| | |
(cherry picked from commit bb78d14467c2bb5c85d2efbe84e521148322b1ca)
|
|/
|
|
|
|
|
| |
Option to skip building the source package. Useful if you already
have a source tarball from a previous run.
(cherry picked from commit 3b01d25561d95974e6473c51b56103ce92e51af7)
|
|
|
|
|
| |
Fixes: 10f9b6c58bcf3679a117ea75913cdf3aeee15578
(cherry picked from commit dc4d0a4200f878656559c8292c1c3bc34cd3da27)
|
|
|
|
| |
(cherry picked from commit 2bf4960ec127cf5ab7fd00d93be8743e4116a408)
|
|
|
|
|
|
|
|
|
|
|
| |
Drivers are stupid, and just like the platform ignores an all zeros
permanent address, so should it ignore all ones.
NetworkManager[509]: <debug> [1453743778.854919] [devices/nm-device.c:8885] nm_device_update_hw_address(): [0x190370] (eth0): hardware address now 86:18:52:xx:xx:xx
NetworkManager[509]: <debug> [1453743778.855438] [devices/nm-device.c:9138] constructed(): [0x190370] (eth0): read initial MAC address 86:18:52:xx:xx:xx
NetworkManager[509]: <debug> [1453743778.861602] [devices/nm-device.c:9148] constructed(): [0x190370] (eth0): read permanent MAC address FF:FF:FF:FF:FF:FF
(cherry picked from commit d442dcd1747ea33d2322472faa744256a77a8fea)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Two of these raised Coverity's eyebrows.
CID 59389 (#1 of 1): Insecure temporary file (SECURE_TEMP)
5. secure_temp: Calling mkstemp without securely setting umask first.
CID 59388 (#1 of 1): Insecure temporary file (SECURE_TEMP)
1. secure_temp: Calling mkstemp without securely setting umask first.
Last one raised mine.
When a connection is edited and saved, there's a small window during which and
unprivileged authenticated local user can read out connection secrets (e.g. a
VPN or Wi-Fi password). The security impact is perhaps of low severity as
there's no way to force another user to save their connection.
(cherry picked from commit 60b7ed3bdc3941a3b7c56824fba4b7291e79041f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
First, cb751012a2f4b8ef236eab2a7c65687c99205806 mistakenly converted the
act_stage_context_step() in connect_ready() to connect_context_clear()
instead of connect_context_step(). This would cause the IP Type retry
logic to fail and no further types to be tried. It also throws
away the ctx->first_error and causes all errors that MM returns on the
connect attempt to be dropped on the floor.
Second, not all errors should cause an advance to the next IP Type,
since some errors aren't related to it. Specifically, MM_CORE_ERROR_RETRY
when using Simple.Connect() means that a timeout was reached
in the internal connect logic, not a modem or network error. In
that case, try the connect again with the same IP Type before advancing
to the next type.
Fixes: cb751012a2f4b8ef236eab2a7c65687c99205806
Tested-by: Ladislav Michl <ladis@linux-mips.org>
Tested-by: Tore Anderson <tore@fud.no>
(cherry picked from commit 1cf47277662eda3bf3e049dc26c78f1022100169)
|
|
|
|
| |
(cherry picked from commit 53233bb04ccb65cc24ad186c98a46963f437850e)
|
|
|
|
| |
(cherry picked from commit 94dcffc4758e3c14f56e7cb45436056318fb11d9)
|
|
|
|
|
| |
Fixes: bf5a6ad4431c50b19ca954071900c4235c0f44a3
(cherry picked from commit 7cc54d5bb90102d8a563b51a50fd0bc81e833769)
|
|
|
|
|
|
|
|
| |
This time in init_async_got_permissions().
Thereby, just use gs_unref_hash and gs_free_error for cleanup.
(cherry picked from commit 8029f59e4fcefe9786fb79d04ede5ea10e3c33c2)
|
|
|
|
|
|
|
|
|
| |
If the D-Bus call failed with error, @permissions would stay uninitialized.
Fixes: f2399a69760e8d14b91e523127eb187d6337530f
Fixes: 808f0126035a09c946c559c9b1c464c4523a8a0e
(cherry picked from commit e0601d501a09d2ea24c7d9d966056cb8042a49b3)
|
|
|
|
| |
(cherry picked from commit f2399a69760e8d14b91e523127eb187d6337530f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Modems often don't expose all the required properties until they have
been unlocked, and that includes the IP types supported by the modem.
With an autoconnect WWAN connection where the SIM requires a PIN, there
were two problems:
1) the PIN is a secret and we don't have it until it's explicitly requested
during the activation process, so we cannot gate GSM connection availability
on whether a PIN is present since this happens long before we request secrets
2) when the modem is locked it may not report the supported IP types, which
caused an auto-activation to fail early becuase IP compatibility is checked
before the PIN is sent to the modem
Rework connection activation flow into a series of concrete steps, where the
PIN is sent to the modem if required, and only after the modem is actually
unlocked does the connection proceed. This does mean that any connection
marked 'autoconnect' can theoretically enable a PIN-locked modem even if
the connection has no PIN defined, but there's no good way around that.
NetworkManager would activate the connection
(cherry picked from commit cb751012a2f4b8ef236eab2a7c65687c99205806)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Device subclasses can call nm_device_recheck_available() at any time,
and the function would change the device's state to UNKNOWN in cases
where the device was available already. For WWAN devices, availability
is rechecked every time the modem state changes, resulting in:
NetworkManager[28919]: <info> (ttyUSB4): modem state changed, 'disabled' --> 'enabling' (reason: user-requested)
NetworkManager[28919]: <debug> [1445538582.116727] [devices/nm-device.c:2769] recheck_available(): [0x23bd710] (ttyUSB4): device is available, will transition to unknown
NetworkManager[28919]: <info> (ttyUSB4): modem state changed, 'enabling' --> 'searching' (reason: user-requested)
NetworkManager[28919]: <debug> [1445538582.776317] [devices/nm-device.c:2769] recheck_available(): [0x23bd710] (ttyUSB4): device is available, will transition to unknown
(cherry picked from commit d9c6b9f3dd8463dc636115c20e2d84a1a07b4fbe)
|
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=761001
(cherry picked from commit 9c3187027c9435e2c0007335e1c8503098cbce7c)
|
|
|
|
|
|
|
|
|
|
|
|
| |
When connection sharing is enabled, the removal of iptables rules is
delegated to the NMActRequest destructor; but for this to work it is
required that the object is properly dereferenced upon NM termination.
Clean up the active connections which are in DEACTIVATED state when
quitting, so that they are unexported and destroyed.
https://bugzilla.gnome.org/show_bug.cgi?id=692673
(cherry picked from commit e3a6ba6756620b5ed64459141567dd7a760e2c30)
|
|
|
|
|
|
|
|
|
|
|
| |
The rules were added to the list using g_slist_append() and then
applied one at time using "iptables --insert" which puts them at the
beginning of the chain, reversing the initial order.
Instead, list them in the desired order and use g_slist_prepend() to
achieve the same result. This has no functional changes.
(cherry picked from commit 8cba3e046eb8e3db9ab0bd55bbadc6cb8043096d)
|
|
|
|
|
|
|
| |
Also, don't manage them by default. Whatver created it should take care of
management.
(cherry picked from commit c1cf3c25c836f5beeecc4589b0aea52da7379587)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nm_supplicant_manager_iface_get() returning a cached instance leads to
a crash when the first owner releases the object, as no ownership is
transferred.
That was fixed on master by commit f1fba3eb02c5d102a1b0e85c371dce81e5bd0d3b.
Instead of backporting the entire refactoring (which also asserts against
reuse), just disallow reusing here.
The assertion should not be hit. If it would we need to investigate.
Also, this way the assertion avoids a hard crash.
https://bugzilla.redhat.com/show_bug.cgi?id=1298007
|
|
|
|
|
|
|
|
|
|
| |
Order NetworkManager after dbus. Otherwise during shutdown, both service are killed
together and possibly NetworkManager can no longer use D-Bus during shutdown. It
will need it however to communicate with VPN plugins and wpa-supplicant.
Related: https://bugs.freedesktop.org/show_bug.cgi?id=89847#c14
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1214466
(cherry picked from commit bf54a5bfbaf05021fe738a7da254760a5bcf1e97)
|
|
|
|
| |
(cherry picked from commit 701c05ad692566527322db6dade4f7d363d9de02)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dispose() calls _cleanup_generic_pre() which in turn already calls
nm_device_queued_state_clear(). So we would expect that at the end
of dispose() no queued-state is pending.
However, there there are crashes reports in queued_set_state() with the
device instance already destructed (rh#1270247). Add this check trying
to avoid the crash and closing in on the cause.
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1180827
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1270247
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1298009
(cherry picked from commit 76f90812f456dd5dc2bfd12b1d56573a7c65f3d0)
|
|\
| |
| |
| | |
https://bugzilla.redhat.com/show_bug.cgi?id=1288110
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In certain situations, ethernet links first appear with a zero MAC
address and then the MAC changes some time later. Currently NM does
not deal correctly with this scenario since it initializes wrong
@initial_hwaddr and @permanent_hwaddr on the device and tries to
immediately activate it.
To fix this, initialize the device's addresses only when the MAC
becomes valid and make the device available only at that point.
(cherry picked from commit 92149f223fbd4068f30f31d14c6aa6c8e2146161)
|
| |
| |
| |
| | |
(cherry picked from commit 2a0a9aa2e45b064304f827c7eed49bc80c6e3702)
|
|/
|
|
|
|
|
|
|
|
|
| |
Instead of using a signal for triggering the generation of a default
connection when the device becomes managed, let the manager wait for a
transition to UNAVAILABLE or DISCONNECTED states.
This partially reverts b3b0b4625053 ("device: retry creation of
default connection after link is initialized").
(cherry picked from commit 44789e32912c48358dbb7971be57682bd330719d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When compiling with
./configure \
--without-libsoup \
--disable-concheck \
--with-resolvconf=/xx/yy/resolvconf
we must explicitly include <gio/gio.h>.
https://bugzilla.gnome.org/show_bug.cgi?id=760447
[thaller@redhat.com: original patch modified to always include gio.h]
|