| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
config_parse_wireguard_preshared_key()
|
|
|
|
|
| |
We typically don't fail on config parse errors (to maximize compat),
let's not do this in these cases either.
|
|
|
|
|
|
| |
This really doesn't matter given that AF_xyz and PF_xyz are equivalent
in all ways, but we almost always use AF_xyz, hence stick to it
universally and convert the remaining PF_ to AF_
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Let's use the new flag wherever we read key material/passphrases/hashes
off disk, so that people can plug in their own IPC service as backend if
they like, easily.
(My main goal was actually to support this for crypttab key files — i.e.
that you can specify AF_UNIX sockets as third column in crypttab — but
that's harder to implement, since the keys are read via libcryptsetup's
API, not ours.)
|
|
|
|
| |
reading file
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for creating a MACVLAN interface in "source" mode by
specifying Mode=source in the [MACVLAN] section of a .netdev file.
A list of allowed MAC addresses for the corresponding MACVLAN can also
be specified with the SourceMACAddress= option of the [MACVLAN] section.
An example .netdev file:
[NetDev]
Name=macvlan0
Kind=macvlan
MACAddress=02:DE:AD:BE:EF:00
[MACVLAN]
Mode=source
SourceMACAddress=02:AB:AB:AB:AB:01 02:CD:CD:CD:CD:01
SourceMACAddress=02:EF:EF:EF:EF:01
The same keys can also be specified in [MACVTAP] for MACVTAP kinds of
interfaces, with the same semantics.
|
| |
|
| |
|
|
|
|
|
|
|
| |
We would say "ignoring", but invalidate the peer anyway.
Let's only do that if we modified the peer irreperably.
Also add comments explaining allocation handling.
|
|
|
|
|
|
|
|
|
| |
Patch contains a coccinelle script, but it only works in some cases. Many
parts were converted by hand.
Note: I did not fix errors in return value handing. This will be done separate
to keep the patch comprehensible. No functional change is intended in this
patch.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a follow-up for 9f83091e3cceb646a66fa9df89de6d9a77c21d86.
Instead of reading the mtime off the configuration files after reading,
let's do so before reading, but with the fd we read the data from. This
is not only cleaner (as it allows us to save one stat()), but also has
the benefit that we'll detect changes that happen while we read the
files.
This also reworks unit file drop-ins to use the common code for
determining drop-in mtime, instead of reading system clock for that.
|
|
|
|
| |
Fixes #15521.
|
|
|
|
|
| |
Fixes #15941.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22547
|
|
|
|
| |
Closes #15786.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
```
=220358== Invalid read of size 8
==220358== at 0x452F05: l2tp_session_free (l2tp-tunnel.c:46)
==220358== by 0x456926: l2tp_tunnel_done (l2tp-tunnel.c:725)
==220358== by 0x43CF4D: netdev_free (netdev.c:205)
==220358== by 0x43D045: netdev_unref (netdev.c:210)
==220358== by 0x4198B7: manager_free (networkd-manager.c:1877)
==220358== by 0x40D0B3: manager_freep (networkd-manager.h:105)
==220358== by 0x40DE1C: run (networkd.c:21)
==220358== by 0x40DE75: main (networkd.c:130)
==220358== Address 0x5c035d0 is 0 bytes inside a block of size 40 free'd
==220358== at 0x483A9F5: free (vg_replace_malloc.c:538)
==220358== by 0x452F87: l2tp_session_free (l2tp-tunnel.c:57)
==220358== by 0x456857: netdev_l2tp_tunnel_verify (l2tp-tunnel.c:710)
==220358== by 0x440947: netdev_load_one (netdev.c:738)
==220358== by 0x441222: netdev_load (netdev.c:851)
==220358== by 0x419C50: manager_load_config (networkd-manager.c:1934)
==220358== by 0x40D7BE: run (networkd.c:87)
==220358== by 0x40DE75: main (networkd.c:130)
==220358== Block was alloc'd at
==220358== at 0x4839809: malloc (vg_replace_malloc.c:307)
==220358== by 0x452A76: malloc_multiply (alloc-util.h:96)
==220358== by 0x4531E6: l2tp_session_new_static (l2tp-tunnel.c:82)
==220358== by 0x455C01: config_parse_l2tp_session_id (l2tp-tunnel.c:535)
==220358== by 0x48E6D72: next_assignment (conf-parser.c:133)
==220358== by 0x48E77A3: parse_line (conf-parser.c:271)
==220358== by 0x48E7E4F: config_parse (conf-parser.c:396)
==220358== by 0x48E80E5: config_parse_many_files (conf-parser.c:453)
==220358== by 0x48E8490: config_parse_many (conf-parser.c:512)
==220358== by 0x44089C: netdev_load_one (netdev.c:729)
==220358== by 0x441222: netdev_load (netdev.c:851)
==220358== by 0x419C50: manager_load_config (networkd-manager.c:1934)
```
|
| |
|
|\
| |
| | |
networkctl: Add support to display ipvlan
|
| |
| |
| |
| | |
Move ipvlan common to shared
|
|/ |
|
|
|
|
|
|
|
| |
Prompted by the discussions in #15180.
This is a bit more complex than I hoped, since for PID 1 we need to pass
in the synethetic environment block in we generate on demand.
|
|
|
|
| |
Signed-off-by: Rubens Figueiredo <rubens.figueiredo@bisdn.de>
|
| |
|
| |
|
|
|
|
|
| |
The whole thing is one name, and I think it's confusing to break it
up into separate words.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Builds with recent glibc would fail with:
../src/network/netdev/fou-tunnel.c: In function ‘config_parse_ip_protocol’:
../src/basic/macro.h:380:9: error: static assertion failed: "IPPROTO_MAX-1 <= UINT8_MAX"
380 | static_assert(expr, #expr)
| ^~~~~~~~~~~~~
../src/network/netdev/fou-tunnel.c:161:9: note: in expansion of macro ‘assert_cc’
161 | assert_cc(IPPROTO_MAX-1 <= UINT8_MAX);
| ^~~~~~~~~
This is because f9ac84f92f151e07586c55e14ed628d493a5929d (present in
glibc-2.31.9000-9.fc33.x86_64) added IPPROTO_MPTCP=262, following
v5.5-rc5-1002-gfaf391c382 in the kernel.
|
| |
|
| |
|
|
|
|
| |
In preparation for future changes...
|
|
|
|
| |
Fixes part of #14691.
|
| |
|
|\
| |
| | |
json bits from homed PR
|
| |
| |
| |
| | |
Let's introduce an "at" version of read_full_file().
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Intermediate Functional Block
The Intermediate Functional Block (ifb) pseudo network interface acts as a QoS concentrator for multiple different sources of traffic. Packets from or to other interfaces have to be redirected to it using the mirred action in order to be handled, regularly routed traffic will be dropped. This way, a single stack of qdiscs, classes and filters can be shared between multiple interfaces.
Here's a simple example to feed incoming traffic from multiple interfaces through a Stochastic Fairness Queue (sfq):
(1) # modprobe ifb
(2) # ip link set ifb0 up
(3) # tc qdisc add dev ifb0 root sfq
|
|/
|
|
|
|
| |
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1774242.
Now we'll emit the warning about unknown section [Netdev], making the issue
much easier to diagnose.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Closes #13516.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
```
$ for i in */*.[ch] */*/*.[ch]; do sed -e '/^$/ {N; s/\n$//g}' -i $i; done
$ git checkout HEAD -- basic/linux shared/linux
```
|
|
|
|
|
|
|
|
|
|
|
| |
let's add [static] where it was missing so far
Drop [static] on parameters that can be NULL.
Add an assert() around parameters that have [static] and can't be NULL
hence.
Add some "const" where it was forgotten.
|
|
|
|
|
|
|
|
| |
are any
This partially revert feb0c8b86f05330c8c7581463b8adf35ea68e5a9.
This also drop assertions about Tunnel.family.
|
|
|
|
|
| |
networkd does not manage loopback interface lo. So, previously, we have
no way to assign tunnel devices to lo.
|