libnm/proxy: add proxy setting for non-slave connection during normalization
And reject slave settings with proxies.
This commit is contained in:
Thomas Haller
@@ -724,6 +724,7 @@ _normalize_ip_config (NMConnection *self, GHashTable *parameters)
|
||||
const char *default_ip4_method = NM_SETTING_IP4_CONFIG_METHOD_AUTO;
|
||||
const char *default_ip6_method = NULL;
|
||||
NMSettingIPConfig *s_ip4, *s_ip6;
|
||||
NMSettingProxy *s_proxy;
|
||||
NMSetting *setting;
|
||||
gboolean changed = FALSE;
|
||||
guint num, i;
|
||||
@@ -735,6 +736,7 @@ _normalize_ip_config (NMConnection *self, GHashTable *parameters)
|
||||
|
||||
s_ip4 = nm_connection_get_setting_ip4_config (self);
|
||||
s_ip6 = nm_connection_get_setting_ip6_config (self);
|
||||
s_proxy = nm_connection_get_setting_proxy (self);
|
||||
|
||||
if (nm_setting_connection_get_master (s_con)) {
|
||||
/* Slave connections don't have IP configuration. */
|
||||
@@ -745,7 +747,10 @@ _normalize_ip_config (NMConnection *self, GHashTable *parameters)
|
||||
if (s_ip6)
|
||||
nm_connection_remove_setting (self, NM_TYPE_SETTING_IP6_CONFIG);
|
||||
|
||||
return s_ip4 || s_ip6;
|
||||
if (s_proxy)
|
||||
nm_connection_remove_setting (self, NM_TYPE_SETTING_PROXY);
|
||||
|
||||
return s_ip4 || s_ip6 || s_proxy;
|
||||
} else {
|
||||
/* Ensure all non-slave connections have IP4 and IP6 settings objects. If no
|
||||
* IP6 setting was specified, then assume that means IP6 config is allowed
|
||||
@@ -822,7 +827,13 @@ _normalize_ip_config (NMConnection *self, GHashTable *parameters)
|
||||
changed = TRUE;
|
||||
}
|
||||
}
|
||||
return !s_ip4 || !s_ip6 || changed;
|
||||
|
||||
if (!s_proxy) {
|
||||
setting = nm_setting_proxy_new ();
|
||||
nm_connection_add_setting (self, setting);
|
||||
}
|
||||
|
||||
return !s_ip4 || !s_ip6 || !s_proxy || changed;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -986,6 +997,7 @@ _nm_connection_verify (NMConnection *connection, GError **error)
|
||||
NMConnectionPrivate *priv;
|
||||
NMSettingConnection *s_con;
|
||||
NMSettingIPConfig *s_ip4, *s_ip6;
|
||||
NMSettingProxy *s_proxy;
|
||||
GHashTableIter iter;
|
||||
gpointer value;
|
||||
GSList *all_settings = NULL, *setting_i;
|
||||
@@ -1059,11 +1071,12 @@ _nm_connection_verify (NMConnection *connection, GError **error)
|
||||
|
||||
s_ip4 = nm_connection_get_setting_ip4_config (connection);
|
||||
s_ip6 = nm_connection_get_setting_ip6_config (connection);
|
||||
s_proxy = nm_connection_get_setting_proxy (connection);
|
||||
|
||||
if (nm_setting_connection_get_master (s_con)) {
|
||||
if ( NM_IN_SET (normalizable_error_type, NM_SETTING_VERIFY_SUCCESS,
|
||||
NM_SETTING_VERIFY_NORMALIZABLE)
|
||||
&& (s_ip4 || s_ip6)) {
|
||||
&& (s_ip4 || s_ip6 || s_proxy)) {
|
||||
g_clear_error (&normalizable_error);
|
||||
g_set_error_literal (&normalizable_error,
|
||||
NM_CONNECTION_ERROR,
|
||||
@@ -1072,13 +1085,15 @@ _nm_connection_verify (NMConnection *connection, GError **error)
|
||||
g_prefix_error (&normalizable_error, "%s: ",
|
||||
s_ip4
|
||||
? NM_SETTING_IP4_CONFIG_SETTING_NAME
|
||||
: NM_SETTING_IP6_CONFIG_SETTING_NAME);
|
||||
: (s_ip6
|
||||
? NM_SETTING_IP6_CONFIG_SETTING_NAME
|
||||
: NM_SETTING_PROXY_SETTING_NAME));
|
||||
/* having a slave with IP config *was* and is a verify() error. */
|
||||
normalizable_error_type = NM_SETTING_VERIFY_NORMALIZABLE_ERROR;
|
||||
}
|
||||
} else {
|
||||
if ( NM_IN_SET (normalizable_error_type, NM_SETTING_VERIFY_SUCCESS)
|
||||
&& (!s_ip4 || !s_ip6)) {
|
||||
&& (!s_ip4 || !s_ip6 || !s_proxy)) {
|
||||
g_set_error_literal (&normalizable_error,
|
||||
NM_CONNECTION_ERROR,
|
||||
NM_CONNECTION_ERROR_MISSING_SETTING,
|
||||
@@ -1086,7 +1101,9 @@ _nm_connection_verify (NMConnection *connection, GError **error)
|
||||
g_prefix_error (&normalizable_error, "%s: ",
|
||||
!s_ip4
|
||||
? NM_SETTING_IP4_CONFIG_SETTING_NAME
|
||||
: NM_SETTING_IP6_CONFIG_SETTING_NAME);
|
||||
: (!s_ip6
|
||||
? NM_SETTING_IP6_CONFIG_SETTING_NAME
|
||||
: NM_SETTING_PROXY_SETTING_NAME));
|
||||
/* having a master without IP config was not a verify() error, accept
|
||||
* it for backward compatibility. */
|
||||
normalizable_error_type = NM_SETTING_VERIFY_NORMALIZABLE;
|
||||
|
||||
@@ -3900,6 +3900,7 @@ test_connection_normalize_gateway_never_default (void)
|
||||
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip4);
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip6);
|
||||
nm_connection_add_setting (con, nm_setting_proxy_new ());
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (con);
|
||||
g_assert_cmpstr ("1.1.1.254", ==, nm_setting_ip_config_get_gateway (s_ip4));
|
||||
@@ -3942,7 +3943,7 @@ test_connection_normalize_may_fail (void)
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip4);
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip6);
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (con);
|
||||
nmtst_assert_connection_verifies_and_normalizable (con);
|
||||
|
||||
/* Now set method=disabled/ignore and check that may-fail becomes TRUE
|
||||
* after normalization
|
||||
@@ -3989,7 +3990,7 @@ test_connection_normalize_shared_addresses (void)
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip4);
|
||||
nm_connection_add_setting (con, (NMSetting *) s_ip6);
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (con);
|
||||
nmtst_assert_connection_verifies_and_normalizable (con);
|
||||
|
||||
/* Now we add other addresses and check that they are
|
||||
* removed during normalization
|
||||
|
||||
@@ -28,6 +28,7 @@
|
||||
#include "nm-setting-wired.h"
|
||||
#include "nm-setting-8021x.h"
|
||||
#include "nm-setting-team.h"
|
||||
#include "nm-setting-proxy.h"
|
||||
|
||||
#include "nm-utils/nm-test-utils.h"
|
||||
|
||||
@@ -115,8 +116,21 @@ _nm_keyfile_read (GKeyFile *keyfile,
|
||||
if (needs_normalization) {
|
||||
nmtst_assert_connection_verifies_after_normalization (con, 0, 0);
|
||||
nmtst_connection_normalize (con);
|
||||
} else
|
||||
} else {
|
||||
{
|
||||
NMSettingConnection *s_con;
|
||||
|
||||
/* a non-slave connection must have a proxy setting, but
|
||||
* keyfile reader does not add that (unless a [proxy] section
|
||||
* is present. */
|
||||
s_con = nm_connection_get_setting_connection (con);
|
||||
if ( s_con
|
||||
&& !nm_setting_connection_get_master (s_con)
|
||||
&& !nm_connection_get_setting_proxy (con))
|
||||
nm_connection_add_setting (con, nm_setting_proxy_new ());
|
||||
}
|
||||
nmtst_assert_connection_verifies_without_normalization (con);
|
||||
}
|
||||
return con;
|
||||
}
|
||||
|
||||
|
||||
@@ -3645,6 +3645,8 @@ test_write_wired_static (void)
|
||||
g_assert_cmpint (nm_setting_ip_config_get_route_metric (reread_s_ip4), ==, 204);
|
||||
g_assert_cmpint (nm_setting_ip_config_get_route_metric (reread_s_ip6), ==, 206);
|
||||
|
||||
nm_connection_add_setting (connection, nm_setting_proxy_new ());
|
||||
|
||||
nmtst_assert_connection_equals (connection, FALSE, reread, FALSE);
|
||||
|
||||
route6file = utils_get_route6_path (testfile);
|
||||
@@ -7149,6 +7151,8 @@ test_write_bridge_main (void)
|
||||
NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_IGNORE,
|
||||
NULL);
|
||||
|
||||
nm_connection_add_setting (connection, nm_setting_proxy_new ());
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (connection);
|
||||
|
||||
_writer_new_connection (connection,
|
||||
@@ -7760,6 +7764,8 @@ test_write_bond_main (void)
|
||||
NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_IGNORE,
|
||||
NULL);
|
||||
|
||||
nm_connection_add_setting (connection, nm_setting_proxy_new ());
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (connection);
|
||||
|
||||
_writer_new_connection (connection,
|
||||
@@ -8538,6 +8544,8 @@ test_write_team_master (void)
|
||||
NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_AUTO,
|
||||
NULL);
|
||||
|
||||
nm_connection_add_setting (connection, nm_setting_proxy_new ());
|
||||
|
||||
nmtst_assert_connection_verifies_without_normalization (connection);
|
||||
|
||||
_writer_new_connection (connection,
|
||||
|
||||
@@ -81,8 +81,10 @@ static void
|
||||
assert_reread (NMConnection *connection, gboolean normalize_connection, const char *testfile)
|
||||
{
|
||||
gs_unref_object NMConnection *reread = NULL;
|
||||
gs_unref_object NMConnection *connection_clone = NULL;
|
||||
GError *error = NULL;
|
||||
GError **p_error = (nmtst_get_rand_int () % 2) ? &error : NULL;
|
||||
NMSettingConnection *s_con;
|
||||
|
||||
g_assert (NM_IS_CONNECTION (connection));
|
||||
g_assert (testfile && testfile[0]);
|
||||
@@ -91,6 +93,15 @@ assert_reread (NMConnection *connection, gboolean normalize_connection, const ch
|
||||
g_assert_no_error (error);
|
||||
g_assert (NM_IS_CONNECTION (reread));
|
||||
|
||||
if ( !normalize_connection
|
||||
&& (s_con = nm_connection_get_setting_connection (connection))
|
||||
&& !nm_setting_connection_get_master (s_con)
|
||||
&& !nm_connection_get_setting_proxy (connection)) {
|
||||
connection_clone = nmtst_clone_connection (connection);
|
||||
connection = connection_clone;
|
||||
nm_connection_add_setting (connection, nm_setting_proxy_new ());
|
||||
}
|
||||
|
||||
nmtst_assert_connection_equals (connection, normalize_connection, reread, FALSE);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user