Also, implement nm_remote_connection_commit_changes_async() by calling
nm_remote_connection_update2(). It already was also calling the
Update2() D-Bus method.
No longer keep track if a request is already pending. Previously,
in that case, the function would return success in an idle handler.
Instead, just always issue the new request. It's up to the caller to
rate-limit the requests and trigger a scan whenever appropriate. libnm
should not add additional logic to that.
Drop uses of nmdbus_manager_call_get_permissions_sync().
Of course, we should ever call synchronous API while initizliaing the
NMClient. Needs to be fixed eventually.
We still need the bits in "nm-manager.c", to wait until the
NMActiveConnection instance is ready. This is now done by
nm_manager_complete_active_connection().
Eventually, I will refactor libnm to no longer use gdbus-codegen and
no GDBusProxy. In preparation of that, we must stop using that
API.
As first step, change nm_client_deactivate_connection(). Note how this
was done previously:
- nm_client_deactivate_connection() calls nm_manager_deactivate_connection()
- nmdbus_manager_call_deactivate_connection_sync() calls g_dbus_proxy_call_sync()
- g_dbus_proxy_call_sync() calls g_dbus_connection_call_sync()
Currently this is still a bit ugly, because NMClient doesn't directly
track the GDBusConnection nor the name owner. Instead, we need to peel
it out of the object manager. One day, that will all be nicer, but first
get rid of gdbus-codegen.
We will drop GDBusProxy and the gdbus-codegen classes. First, we need to
replace all D-Bus calls from nmdbus_*() API with plain uses of GDBusConnection.
For that, add accessors to get the dbus-connection and the name-owner.
This API is not beautiful, it's an interim solution for now.
Public API should validate input arguments with g_return_*().
Tag the task with the source function (using nm_g_task_new())
and check it in the corresponding _finish() function.
Note that we should always set the source-tag of our GTask.
This allows us to better assert that the user uses the right
_finish() method for the task.
The plain g_task_new() does not have a souce-tag argument. Hence, we would
always need to explicitly call g_task_set_source_tag().
Likewise, to check the source tag, we would always need to write
g_return_val_if_fail (g_task_is_valid (result, self), FALSE);
g_return_val_if_fail (g_async_result_is_tagged (result, tag), FALSE);
Actually, g_async_result_is_tagged() uses the GAsyncResultIface to
call iface->is_tagged(). This has unnecessary overhead, so we should
just call g_task_get_source_tag() directly.
Add helper functions for that.
nm_client_add_and_activate_connection_async() must be completed by
nm_client_add_and_activate_connection_finish().
Fixes: be8060f42f ('libnm: add an object-creation-failed test')
Note that the server always returns TRUE for the boolean return value
of ReloadConnections. Hence, this should not change in behavior, because
the server would never have returned FALSE.
However, change behavior of the API. It's odd that the function might
return %FALSE without setting the error output. It's also not clear
what the boolean value of the "ReloadConnections" D-Bus would mean
anyway.
nm_remote_settings_load_connections() and nm_remote_settings_load_connections_async()
behave inconsistently.
It's unexpected, that a FALSE return value may leave @error unset.
Note that before commit 22e830f046 ('settings/d-bus: fix boolean
return value of "LoadConnections"'), the server boolean response
would have been bogus anyway (at least for some versions).
Unify the behavior, and ignore the boolean return value.
A function that accepts a floating variant must consume it.
Fixes: 7691fe5753 ('libnm: add new functions allowing passing options to RequestScan() D-Bus call')
If the 802.1X authentication fails and 802-1x.optional is set,
continue with activation. In this case, subscribe to the auth-state
supplicant property so that any dynamic IP method can be restarted
when the authentication succeeds. This is because upon authentication
the switch could have changed the VLAN we are connected to.
Refactor reading the phase2 authentication method for 802.1X.
Previously the reader only considered the first item of the
space-separated list; but since the 802.1x setting can hold distinct
phase2-auth and phase2-autheap properties - both mapped to the same
ifcfg-rh variable - we should parse the whole list. We only emit a
warning when multiple methods of the same type are found to avoid
breaking existing manually written ifcfg files.
Moreover, the reader implemented different checks for each of the
outer tunneled methods (PEAP, TTLS and FAST); drop those checks and
accept whatever the 802.1X setting also consider as valid. Note that
some combinations that are in principle valid, like PEAP + EAP-MD5,
were dropped before.
The pending action gets logged. We should not log plain pointer
values because they may be used to defeat ASLR.
Instead, construct the pending action using the "version_id". This
number is also unique, and suits sufficiently well. With debug logging
you can still grep the log for the corresponding active-connection (and
anyway it's obvious from the context).
