| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
(cherry picked from commit 81833358786b0fdd0668ef92b0bdc1361fa980b3)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wpa_supplicant only advertises pmf support since commit [1], which is
after 2.6. When using a version without that commit (for example,
plain 2.6), we would unconditionally set the global Pmf property to 1
(optional) and then skip setting the per-network property. The result
was that pmf was enabled without the possibility to disable it by
user. The correct behavior is instead to disable pmf on such versions.
[1] https://w1.fi/cgit/hostap/commit/?id=3cdb4ac074f76accf24a51d143db545afad2c90b
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/129
(cherry picked from commit 560a35dd433cd6bf2268aaf757fda798f35712fe)
|
|
|
|
| |
(cherry picked from commit cab17ff8e0f4935cd3a4b8564edd1ed765987d9f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The defaults for test timeouts in meson is 30 seconds. That is not long
enough when running
$ NMTST_USE_VALGRIND=1 ninja -C build test
Note that meson supports --timeout-multiplier, and automatically
increases the timeout when running under valgrind. However, meson
does not understand that we are running tests under valgrind via
NMTST_USE_VALGRIND=1 environment variable.
Timeouts are really not expected to be reached and are a mean of last
resort. Hence, increasing the timeout to a large value is likely to
have no effect or to fix test failures where the timeout was too rigid.
It's unlikely that the test indeed hangs and the increase of timeout
causes a unnecessary increase of waittime before aborting.
|
|
|
|
|
|
|
|
|
|
|
| |
libnm exposes simplified variants of hexstr2bin in its public API. I
think that was a mistake, because libnm should provide NetworkManager
specific utils. It should not provide such string functions.
However, nmcli used to need this, so it was added to libnm.
The better approach is to add it to our internally shared static
library, so that all interested components can make use of it.
|
|
|
|
|
|
|
|
|
|
|
|
| |
G_VARIANT_BUILDER_INIT() was only added in glib 2.50, hence we cannot use
it.
Maybe nm-glib.h should provide a compat macro, but the macro relies
on the magic number GVSB_MAGIC_PARTIAL, which is private to glib.
It's not clear that we can savely provide such a compat implementation
for older glib variants.
Fixes: 642f15f2f6535eef1e615baea11440547e91211d
|
|
|
|
|
|
| |
This API allows setting the global WFDIEs property of wpa_supplicant.
Ideally it would be better if this property was per-device, but this is
a limitation of wpa_supplicant.
|
|
|
|
|
|
|
| |
Using strtol() correctly proves to be hard.
Usually, we want to also check that the end pointer is points to the end
of the string. Othewise, we silently accept trailing garbage.
|
|
|
|
|
| |
"nm-macros-interal.h" already includes <errno.h> and <string.h>.
No need to include it everywhere else too.
|
|
|
|
|
|
|
|
| |
For static functions inside a module, the compiler determines on its own
whether to inline the function.
Also, "inline" was used at some places that don't immediatly look like
candidates for inlining. It was most likely a copy&paste error.
|
|
|
|
| |
Don't accept any unsupported options.
|
|
|
|
|
|
| |
When SAE key managmenet is used, the supplicant can still use the "psk"
property. Only when the pass phrase doesn't conform to WPA-PSK
limitations, the sae_password must be used.
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/64
|
|
|
|
|
|
|
|
| |
When the supplicant does not support PMF we wrongly set
'ieee80211w=0', but since the option is not recognized the connection
fails. Don't set it when unsupported.
Fixes: a9ab50efb10dfb50cfe897c58afa300f8b07f6ba
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
wpa_supplicant is going to change the global default for PMF from 0
(disabled) to 1 (optional) [1], so NM code needs to be adjusted to
work with all wpa_supplicant versions. Furthermore, it is better to
set optional PMF using the 'Pmf' property instead of the 'ieee80211w'
configuration option because the former better handles missing support
in driver [2].
Note that each interface in wpa_supplicant has its own copy of global
configuration and so 'global' options must still be set on each
interface. So, let's set Pmf=1 when each interface gets created and
override it with ieee80211w={0,2} if needed during association.
[1] http://lists.infradead.org/pipermail/hostap/2018-November/039009.html
[2] http://lists.infradead.org/pipermail/hostap/2019-January/039215.html
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/104
|
|
|
|
|
|
|
| |
Add missing trailing commas that avoids getting noise when another
file/parameter is added and eases reviewing changes[0].
[0] https://gitlab.gnome.org/GNOME/dconf/merge_requests/11#note_291585
|
|
|
|
|
|
|
| |
The timeout is limited to be in the range of 1-600s. This is arbitrary,
but the point is that a timeout of 0 is not permitted to prevent a
client from making us run a find continuously simply by forgetting to
call the stop method.
|
| |
|
|
|
|
| |
This can be used to check whether a peer is joined to our group.
|
|
|
|
|
| |
Add basic tracking of P2P group information and the creation and
destruction of them.
|
|
|
|
|
|
|
| |
wpa_supplicant will create a new interface for P2P devices. In this case
we need to fetch the supplicant interface using the object path and then
fetch the interface name via dbus to setup the IP interface of the P2P
device later.
|
| |
|
|
|
|
|
|
| |
The wpa_supplicant interface has a P2PDevice when P2P is supported.
Create a proxy for this and wait for it to be ready before marking the
interface as ready.
|
|
|
|
|
| |
Add detection for P2P and WFD support in wpa_supplicant and pass the
information to the NMSupplicantInterface.
|
|
|
|
|
|
|
| |
The signal was not handled, potentially creating corner cases where
NetworkManager may not notice an interface removal. Add a handler and
ensure the supplicant interface is brought down when it is removed from
wpa_supplicant for a reason other than NetworkManager requesting it.
|
|
|
|
|
|
|
| |
- prefer nm_auto_free_checksum over explicit free.
- use nm_utils_checksum_get_digest*().
- prefer defines for digest length.
- assume g_checksum_new() cannot fail.
|
|
|
|
| |
Fixes: 3a2504f3ad6f2cf555131f9db0a632e3bb592a10
|
| |
|
|
|
|
| |
Fixes: 17da42704ab3510bd32bed1e6a4293c1e3424bad
|
|
|
|
| |
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/48
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remainder of typos found using `codespell -q 3 --skip="./shared,./src/systemd,*.po" -I ../NetworkManager-word-whitelist.txt` whereby whitelist consists of:
```
ans
busses
cace
cna
conexant
crasher
iff
liftime
creat
nd
sav
technik
uint
```
https://github.com/NetworkManager/NetworkManager/pull/205
|
|
|
|
|
| |
NMSetting8021x::verify() checks the string values for eap methods.
They must all be non-NULL and are not compared case-insensitive.
|
|
|
|
|
|
|
|
|
|
|
| |
To allow connections that mirror IWD's configured WPA-Enterprise
networks to be seen as valid by NM, add a new value for the eap key in
802-1x settings. 802-1x.eap stores EAP method names. In the IWD
connections we don't know what EAP method is configured and we don't
have any of the other 802-1x properties that would be required for the
settings to verify.
These connections can't be activated on devices managed by wpa_supplicant.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gboolean is a typedef for "int".
While older compilers might treat such bitfields as unsigned ([1]),
commonly such a bitfield is signed and can only contain the values 0
and -1.
We only want to use numeric 1 for TRUE, hence, creating such bitfields
is wrong, or at least error prone.
In fact, in this case it's a bug, because later we compare
it with a regular gboolean
if (priv->scanning != new_scanning)
[1] https://lgtm.com/rules/1506024027114/
Fixes: e0f96770188eeaada70a299bd6dab7a50ec34a53
|
|
|
|
|
|
|
|
|
| |
Use GBytes instead of GBytesArray. GBytes is immutable and
can be shared.
It is also the type that we natively get from
nm_setting_wireless_get_ssid(). This way we avoid some
conversions.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
via CFLAGS
1) the command line gets shorter. I frequently run `make V=1` to see
the command line arguments for the compiler, and there is a lot
of noise.
2) define each of these variables at one place. This makes it easy
to verify that for all compilation units, a particular
define has the same value. Previously that was not obvious or
even not the case (see commit e5d1a71396e107d1909744d26ad401f206c0c915
and commit d63cf1ef2faba57595112a82e962b9643cce4718).
The point is to avoid redundancy.
3) not all compilation units need all defines. In fact, most modules
would only need a few of these defines. We aimed to pass the necessary
minium of defines to each compilation unit, but that was non-obvious
to get right and often we set a define that wasn't used. See for example
"src_settings_plugins_ibft_cppflags" which needlessly had "-DSYSCONFDIR".
This question is now entirely avoided by just defining all variables in
a header. We don't care to find the minimum, because every component
gets anyway all defines from the header.
4) this also avoids the situation, where a module that previously did
not use a particular define gets modified to require it. Previously,
that would have required to identify the missing define, and add
it to the CFLAGS of the complation unit. Since every compilation
now includes "config-extra.h", all defines are available everywhere.
5) the fact that each define is now available in all compilation units
could be perceived as a downside. But it isn't, because these defines
should have a unique name and one specific value. Defining the same
name with different values, or refer to the same value by different
names is a bug, not a desirable feature. Since these defines should
be unique accross the entire tree, there is no problem in providing
them to every compilation unit.
6) the reason why we generate "config-extra.h" this way, instead of using
AC_DEFINE() in configure.ac, is due to the particular handling of
autoconf for directory variables. See [1].
With meson, it would be trivial to put them into "config.h.meson".
While that is not easy with autoconf, the "config-extra.h" workaround
seems still preferable to me.
[1] https://www.gnu.org/software/autoconf/manual/autoconf-2.63/html_node/Installation-Directory-Variables.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We commonly don't use the glib typedefs for char/short/int/long,
but their C types directly.
$ git grep '\<g\(char\|short\|int\|long\|float\|double\)\>' | wc -l
587
$ git grep '\<\(char\|short\|int\|long\|float\|double\)\>' | wc -l
21114
One could argue that using the glib typedefs is preferable in
public API (of our glib based libnm library) or where it clearly
is related to glib, like during
g_object_set (obj, PROPERTY, (gint) value, NULL);
However, that argument does not seem strong, because in practice we don't
follow that argument today, and seldomly use the glib typedefs.
Also, the style guide for this would be hard to formalize, because
"using them where clearly related to a glib" is a very loose suggestion.
Also note that glib typedefs will always just be typedefs of the
underlying C types. There is no danger of glib changing the meaning
of these typedefs (because that would be a major API break of glib).
A simple style guide is instead: don't use these typedefs.
No manual actions, I only ran the bash script:
FILES=($(git ls-files '*.[hc]'))
sed -i \
-e 's/\<g\(char\|short\|int\|long\|float\|double\)\>\( [^ ]\)/\1\2/g' \
-e 's/\<g\(char\|short\|int\|long\|float\|double\)\> /\1 /g' \
-e 's/\<g\(char\|short\|int\|long\|float\|double\)\>/\1/g' \
"${FILES[@]}"
|
|
|
|
|
| |
This doesn't wrap around in 68 years of uptime and is consistent with
o.fd.NM.Checkpoint.Created.
|
|
|
|
|
|
|
|
|
| |
Use two common defines NM_BUILD_SRCDIR and NM_BUILD_BUILDDIR
for specifying the location of srcdir and builddir.
Note that this is only relevant for tests, as they expect
a certain layout of the directories, to find files that concern
them.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Coccinelle:
@@
expression a, b;
@@
-a ? a : b
+a ?: b
Applied with:
spatch --sp-file ternary.cocci --in-place --smpl-spacing --dir .
With some manual adjustments on spots that Cocci didn't catch for
reasons unknown.
Thanks to the marvelous effort of the GNU compiler developer we can now
spare a couple of bits that could be used for more important things,
like this commit message. Standards commitees yet have to catch up.
|
|
|
|
|
|
|
| |
Normalize coding style by removing consecutive empty lines from C
sources and headers.
https://github.com/NetworkManager/NetworkManager/pull/108
|
| |
|
|
|
|
|
|
| |
There are multiple tests with the same in different directories; add a
unique prefix to test names so that it is clear from the output which
one is running.
|
|
|
|
|
| |
Like autotools, use the wrapper script 'run-nm-test.sh' that starts a
separate D-Bus session when needed.
|
|
|
|
|
|
|
|
|
| |
The g_clear_pointer() macro already contains a cast to GDestroyNotify. No
need to do it ourself. In fact, with the cast, this only works with the
particular g_clear_pointer() implementation, that first assigns the
destroy function to a local variable.
See-also: https://bugzilla.gnome.org/show_bug.cgi?id=674634#c52
|
|
|
|
|
|
| |
We commonly only allow tabs at the beginning of a line, not
afterwards. The reason for this style is so that the code
looks formated right with tabstop=4 and tabstop=8.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 87ec5e90fe79 ("supplicant: set key_mgmt independent of pmf
value") enabled WPA-PSK-SHA256 or WPA-EAP-SHA256 even when the
supplicant didn't support them, potentially causing connection
failures. Instead, use the 'pmf' capability to detect when they can
be enabled.
Fixes: 87ec5e90fe79fcb2ac315cf1604e757dcab60bb9
https://mail.gnome.org/archives/networkmanager-list/2018-January/msg00096.html
|
|
|
|
| |
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
|