| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We periodically re-resolve the DNS name for entpoints. Since WireGuard
has no concept of being connected, we want to eventually pick up
if the DNS name resolves to a different IP address.
However, on resolution failure, we will never clear the endpoint we
already have. Thus, resolving names can only give a better endpoint,
not remove and IP address entirely.
DNS names might do Round-Robin load distribution and the name of the
endpoint might resolve to multiple IP addresses.
Improve to stick to the IP address that we already have -- provided that
the IP address is still among the resolution result. Otherwise, we
continue to pick the first IP address that was resolved.
|
| |
|
|
|
|
| |
In C, initialization of a union does not define that excess memory
is initialized. Ensure that, by initializing the largest member of the
NMSockAddrUnion union.
|
| |
|
|
|
|
|
| |
Don't request new copies of strings from g_variant_get() to avoid
leaking memory as pointed out by Thomas Haller.
Fixes: dc0e31fb7014 ('iwd: Add the wifi.iwd.autoconnect setting')
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"--with test" does two things:
(1) it enables "-Werror" compiler option. We always enable all
compiler warnings we care about, but this option makes all
warnings fatal.
Compiler warnings depend on compiler version and build options.
It's hard to build without any compiler warnings, in particular
for *future* compiler versions which we don't know yet. It
is desirable that a SRPM from yesterday can also be build
tomorrow.
(2) it fails build if any unit tests fail. We always run all
unit tests, but "--with test" makes it fatal. Again, we
have many unit tests that interact with the system (that is,
make system calls, like creating IP addresses or write files).
It is surprisingly hard to get them pass 100% on all the systems
we care. For example, on copr a test setup randomly fails during
ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
nm_utils_ifname_cpy(ifr.ifr_name, TEST_IFNAME);
r = ioctl(fd, TUNSETIFF, &ifr);
It's not clear why, nor is it at all clear that there is a bug
in NetworkManager. Making tests fatal basically means that a build
on copr infrastructure fails with a probability from a few percent.
Enough to be seriously annoying.
Note that on copr we actually build "--with test", because we want to catch these
issues. Likewise for our CI builds we explicitly specify "--with test".
In general, we build with various build configurations (compiler warnings)
and run unit tests on a source package many times. Starting on the
developer machine (`make check`), gitlab-ci, copr builds,
NetworkManager-ci. If you build an SRPM with such sources, a failure
of the unit tests is much more likely a glitch than an actual issue.
This is about changing the default if you build a Fedora/RHEL package.
That is with the Fedora/RHEL packages that are build in koji/brew.
Well, at least usually. In practice, we don't build frequently on non
x64_86 archs, so what I said there is less true. But the package build
is not there to replace CI/testing. The package build is there to get
a (mostly) working binary.
Note that RHEL packages anyway go through rpmdiff too, and rpmdiff
parses the build log and complain if `make check` fails.
This reverts commit e68e5c0a4c36ab6fe7cf4793f77ca741179690ce.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Well, that was short. Seems we need CAP_DAC_OVERRIDE at least for the
OVS plugin. The OVS socket is
srwxr-x---. 1 openvswitch openvswitch 0 Xxx xx xx:xx /run/openvswitch/db.sock
and without CAP_DAC_OVERRIDE, NetworkManager cannot talk to OVS.
We should fix that differently by adding a nm-sudo D-Bus service that
can hand a file descriptor to NetworkManager.
This reverts commit 2e334f54b27f91f40c3aa8bdba3254e2284d30bd.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add new configure option to set the path to "polkit-agent-helper-1".
The path cannot be obtained from pkg-config and `pkg-config
--variable=prefix polkit-agent-1` is not good enough.
On Fedora, the path is "/usr/lib/polkit-1/polkit-agent-helper-1".
On Debian Buster, the path is "/usr/lib/policykit-1/polkit-agent-helper-1"
On Debian Sid, the path is "/usr/libexec/polkit-agent-helper-1" (but
currently it is also symlinked from "/usr/lib/policykit-1/polkit-agent-helper-1".
|
| |
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1921826
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/742
|
| | |
|
| | |
|
| |
|
|
|
| |
The object path DBus type wasn't being used correctly in the parameters
signatures, fix them.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
On copr build, it seems possible that the ioctl fails with
ERROR: src/core/devices/tests/test-lldp - Bail out! NetworkManager:ERROR:src/core/devices/tests/test-lldp.c:823:_test_recv_fixture_setup: assertion failed (errno == 0): (1 == 0)
(1 is EPERM). Unclear why this happens. But as it only affects the
test setup, retry a few times.
|
| |\
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/750
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Granted, for debugging this information is useful. However, to actually
debug an issue thoroughly, level=TRACE is anyway required. There is simply
no way how we can log useful debug information and not flood logging
messages for regular use.
For example, logging the DHCP lease options can easily print 30 lines.
And this, every time you get a lease update (e.g. every 30 minutes) and
for every interface that does DHCP.
It's simply too verbose. Downgrade the logging level.
Yes, now our default <info> level is even less useful to understand what
is going on. But the majority of time, users don't care so not spamming
the log is more important.
However, we still log the DHCP event (and the IP address) with <info>
level.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let's use binary search.
Test patch:
diff --git a/src/core/dhcp/tests/test-dhcp-utils.c b/src/core/dhcp/tests/test-dhcp-utils.c
index 9b54e2cd0228..007993341672 100644
--- a/src/core/dhcp/tests/test-dhcp-utils.c
+++ b/src/core/dhcp/tests/test-dhcp-utils.c
@@ -788,6 +788,24 @@ NMTST_DEFINE();
int
main(int argc, char **argv)
{
+ int i;
+ guint idx;
+ guint c;
+
+ idx = 0;
+ c = 0;
+ for (i = 0; i < 1000000; i++) {
+ const guint option = _nm_dhcp_option_dhcp4_options[idx % G_N_ELEMENTS(_nm_dhcp_option_dhcp4_options)].option_num;
+
+ idx += 2010055757;
+
+ if (nm_dhcp_option_find(AF_INET, option)->name)
+ c++;
+ }
+ g_print(">%u\n", c);
+
+ return 0;
+
nmtst_init_assert_logging(&argc, &argv, "WARN", "DEFAULT");
g_test_add_func("/dhcp/generic-options", test_generic_options);
Build:
CFLAGS='-O2' ./autogen.sh --with-more-asserts=0
make -j 10 src/core/dhcp/tests/test-dhcp-utils && \
src/core/dhcp/tests/test-dhcp-utils && \
perf stat -r 200 -B src/core/dhcp/tests/test-dhcp-utils
Before:
Performance counter stats for 'src/core/dhcp/tests/test-dhcp-utils' (200 runs):
82.83 msec task-clock:u # 0.994 CPUs utilized ( +- 0.21% )
0 context-switches:u # 0.000 K/sec
0 cpu-migrations:u # 0.000 K/sec
579 page-faults:u # 0.007 M/sec ( +- 0.03% )
264,676,245 cycles:u # 3.195 GHz ( +- 0.06% )
544,792,266 instructions:u # 2.06 insn per cycle ( +- 0.00% )
151,624,848 branches:u # 1830.472 M/sec ( +- 0.00% )
1,083,780 branch-misses:u # 0.71% of all branches ( +- 0.01% )
0.083328 +- 0.000178 seconds time elapsed ( +- 0.21% )
After:
Performance counter stats for 'src/core/dhcp/tests/test-dhcp-utils' (200 runs):
39.21 msec task-clock:u # 0.987 CPUs utilized ( +- 0.57% )
0 context-switches:u # 0.000 K/sec
0 cpu-migrations:u # 0.000 K/sec
579 page-faults:u # 0.015 M/sec ( +- 0.03% )
115,396,123 cycles:u # 2.943 GHz ( +- 0.23% )
137,664,630 instructions:u # 1.19 insn per cycle ( +- 0.00% )
25,866,025 branches:u # 659.597 M/sec ( +- 0.00% )
1,919,616 branch-misses:u # 7.42% of all branches ( +- 0.12% )
0.039717 +- 0.000227 seconds time elapsed ( +- 0.57% )
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we would pass around the list of options. However,
- that isn't too nice to read. Also, usually when we want to treat
IP address families generically, then we have an addr_family argument.
Having to first resolve the addr_family to another set of variables
is inconvenient.
- the option array itself doesn't have enough information. For example,
we don't know how many elements there are, we don't know which address
family it is (unless we compare it to one of the two well known
lists).
For example, I'd like to do a binary search for the option. But that's
not immediately possible, because the length is unknown.
- in practice, there are only two address families: AF_INET and
AF_INET6. It is extremely unlikely that we will require a third
DHCP options list, and even if we had that, the addr_family argument
still abstracts them nicely.
We also don't need two different lists for one DHCP type. While that
would currently be possible (and afterwards not anymore), it would
be wrong to do.
- also add a new accessor nm_dhcp_option_find() to find the NMDhcpOption
instance by option number.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://tools.ietf.org/html/rfc2132#section-2 says:
Options containing NVT ASCII data SHOULD NOT include a trailing NULL;
however, the receiver of such options MUST be prepared to delete trailing
nulls if they exist.
It speaks in plurals.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
No change in behavior.
|
| | |
| |
| |
| | |
No change in behavior.
|
| | | |
|
| | |
| |
| |
| | |
No change in behavior.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, we would check that all characters are ASCII. But we would
also accept NUL characters (and truncate on the first NUL).
Now:
- reject any NUL characters inside the string (except trailing NUL).
- accept all characters, and if necessary backslash-encode non UTF-8.
|
| | | |
|
| | |
| |
| |
| | |
And make it UTF-8 (by backslash escaping).
|
| | | |
|
| | |
| |
| |
| | |
NUL characters
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The hostname is in the end a string, which means it must be in a known,
sensible encoding (UTF-8). Previously, we would not ensure the encoding,
nor that the hostname was valid.
Fix that. Follow what systemd does with lease_parse_domain().
See-also: https://tools.ietf.org/html/rfc2132#section-3.14
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
It's not clear why the option argument would be optional.
Also, it's not optional for nm_dhcp_option_take_option().
Add an nm_assert() to catch such wrong uses.
|
| | | |
|
| | |
| |
| |
| |
| | |
it can be useful for chaining, and it costs nothing to do this
on an inline function.
|
| |/
|
|
|
|
|
| |
NMStrBuf's API is all about convenience. When you reset the buffer,
is it convenient to immediately append a new string?
It seems not. Make nm_str_buf_reset() simpler by doing only one thing.
|
| | |
|
| |\
| |
| |
| | |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/747
|
| | | |
|
