Specifically for resolvconf, if the write succeeded, but the pclose()
failed error would be left NULL and SR_ERROR would be returned, which
caused a crash in nm_dns_manager_end_updates().
When the receive buffer is too small, we easily can hit ENOBUFS during recvmsg()
and need to resync the platform cache. But even worse, we possibly also loose
ACKs for pending netlink requests so that requests seem to fail (although they
might have succeeded).
Avoid that harder by increasing the buffer size to 8MB. This is also
done by networkd:
be660c371b
When we decide to add a new link, we alredy checked that no such link exists
(ignoring race conditions).
It is wrong to accept a EXITS failure when adding the link. There is no guarantee
that the existing link has all the same properties as the one we intend to add.
More importantly, this link was added externally outside of NetworkManager and it
should not be taken over.
Just treat EXISTS as a failure as any other.
When reading from netlink-socket fails with NLE_NOMEM, messages were
lost. In this case the cache must be resynced and all pending messages
from the socket are rejected via "event_handler_recvmsgs (platform, FALSE)".
In this case, we don't want to handle the received messages as the
cache anyway needs to resync. However, we are still interested in
all queued ACKs that are there.
We are also interested in RTM_NEWADDR messages which we use to detect
kernel support via _support_kernel_extended_ifa_flags_detect().
NM_DEVICE_CHECK_CON_AVAILABLE_FOR_USER_REQUEST is a multi-flag value combining all
the hooks that compose a user-request. Add a special value that has no esplicit
meaning except that it ~is~ a user-request.
For update, don't delete first and add it again. Just do it
in one step.
For recheck, don't delete all connections first to add them
all anew. Instead, check what changes and only emit the changed
signal if there are any actual changes.
When connection sharing is enabled, the removal of iptables rules is
delegated to the NMActRequest destructor; but for this to work it is
required that the object is properly dereferenced upon NM termination.
Clean up the active connections which are in DEACTIVATED state when
quitting, so that they are unexported and destroyed.
https://bugzilla.gnome.org/show_bug.cgi?id=692673
The rules were added to the list using g_slist_append() and then
applied one at time using "iptables --insert" which puts them at the
beginning of the chain, reversing the initial order.
Instead, list them in the desired order and use g_slist_prepend() to
achieve the same result. This has no functional changes.
Point in case:
# ip link add link dummy0 name dummy0.vlan type vlan id 4095
RTNETLINK answers: Numerical result out of range
This potentially causes existing (invalid) connections to disappear
as they now fail verification.
Instead of adjusting the range of the GObject property
NM_SETTING_VLAN_ID, reject it during vlan. This is a bit more
forgiving to an older client that isn't aware of this new restriction,
so he can first set the value without raising a critical warning.
Coverity: CID 59378 (#1 of 1): Nesting level does not match indentation
(NESTING_INDENT_MISMATCH) This statement is indented to column 41, as if
it were nested within the preceding parent statement, but it is not.
nm_supplicant_manager_iface_get() would cache and reuse the supplicant
interface. But no ref-counting was in place so that the first user returning
the interface via nm_supplicant_manager_iface_release() would destroy the
instance for others.
This is broken for a very long time. Which shows that we hardly ever
have a cache-hit and usually create a new instance. So, instead of
letting nm_supplicant_manager_create_interface() check for existing
supplicant interface, always create a new instance. This also makes
sense, because we would expect that per ifname only one instance is
requested at a time. Also add an assertion that we don't return
multiple supplicant interface instances for the same ifname.
Drop nm_supplicant_manager_iface_release() in favor of requiring users
to unref the returned instance.
Also, use a GSList instead of a GHashTable for the cache.
Also, previously callers would pass @is_wireless to nm_supplicant_manager_iface_get(),
but the cache lookup did not consider that value. That doesn't matter
now as we always create a new instance.
https://bugzilla.redhat.com/show_bug.cgi?id=1298007
Also, don't only consider the @die_count whether to start the supplicant,
but check for is_available() -- which already considers @die_count and
@running.
If the list is expected to be modified, it also means that possibly
instances will be unrefed. Probably, not yet visited instances will
not be unrefed so there is no real problem.
Just be extra cautious and take a reference to all instances first.
