This is very similar to NMDeviceWifi but simplified to remove the things
currently unsupported and with calls to nm_platform_wifi_* and
nm_supplicant_* replaced with IWD DBus API calls. Only unsecured
infrastructure-mode networks are supported here.
[bgalvani@redhat.com: fix compilation error after rebase for
NMActRequestGetSecretsCallId]
[thaller@redhat.com: don't use _() macro strings server side.
Translating strings only makes sense for clients that set environment
variables accordingly.]
Systemd instroduces a macro _fallthrough_, see
https://github.com/systemd/systemd/pull/7389.
However, it does not yet seem conclusive how to
handle this properly in ever situation.
While shared/nm-utils/siphash24.c makes use of
the new macro, don't do that in our fork. siphash24.h
does not include all systemd headers, hence _fallthrough_
is not defined. We could re-implement it as _nm_fallthrough,
but given the open questions, that doesn't seem the
Systemd introduced a _fallthrough_ macro in
https://github.com/systemd/systemd/pull/7389.
There might still be some issue with it, but as
I am going to re-import the latest systemd code,
we get them too.
We need it, because "shared/nm-utils/siphash24.c"
will use it too, and that source file does not include
the other systemd macros. So, we will need to re-define
it.
In most cases, it copies the entire strv needlessly.
We can do better.
Also, the max_tokens argument is handled wrongly (albeit
not used anywhere anymore).
nmc_strsplit_set() handles max_token wrong. It cannot call
g_strsplit_set() with max_token first, and then split empty
words. You cannot use g_strsplit_set() to achieve what
nmc_strsplit_set() wants to do, unless you first split all
tokens, then them construct them together again -- thereby
loosing the delimiters.
Anyway, there are just a few caller that do essentially the same.
Refactor the code to not use nmc_strsplit_set().
nmc_strsplit_set()'s max_token argument is broken,
because it *first* calls g_strsplit_set() and then removes
empty tokens. It wasn't an issue, because DEFINE_SETTER_PRIV_KEY()
would first already remove leading spaces, and who uses multiple
spaces anyway...
Anyway, refactor DEFINE_SETTER_PRIV_KEY() to not use it.
nmcli calls nm_setting_802_1x_set_private_key() with a password pointer that
it just got from the setting connection itself. Make this less fragile, by
not freeing the current password before assigning it.
nm_platform_ip6_address_sync() must take care not only of adding
missing addresses and removing unknown addresses, but also of the
order in which they are added. The order is important because it
determines which address is preferred by kernel.
Since we can only add addresses at the top of the list, in order to
change the position of an address we must first remove it and then
re-add it in the right position.
Probably not critical, because it will still include
the terminating NULL, and just continue to fill the
temporary buffer with static addresses.
Found by coverity.
Fixes: bfb9fd0d2f
@kind might be NULL. There are 3 forms of the hash-update functions for
string: str(), str0(), and strarr().
- str0() is when the string might be NULL.
- str() does not allow the string to be NULL
- strarr() is like str(), except it adds a G_STATIC_ASSERT()
that the argument is a C array.
The reason why a difference between str() and str0() exists, is
because str0() hashes NULL different from a "" or any other string.
This has an overhead, because it effectively must hash another bit
of information that tells whether a string was passed or not.
The reason is, that hashing a tupple of two strings should always
yield a different hash value, even for "aa",""; "a","a"; "","aa",
where naive concatentation would yield identical hash values in all
three cases.
Fixes: e75fc8279b
There are a few cases where we don't want to clear a potential
nm-generated/volatile flag, but only mark the connection as
unsaved.
Otherwise, we wrongly end up clearing these flags and the connection
is wrongly not NM_DEVICE_SYS_IFACE_STATE_EXTERNAL.
Fixes: 35dc6421de
The idea is
tfilter.<parent>=[handle <handle>] <tfilter> [<options>] [action [<action options>...]]
What works now:
[tc]
qdisc.root=handle 1234: fq_codel
qdisc.ffff:fff1=ingress
tfilter.1234:=matchall action drop
tfilter.ffff:=matchall action simple sdata Hello
Printing a g_warning() from the library is not helpful.
Client-side, libnm should support newer server versions and changing
formats. To support forward-compatibility, it should parse the received
GVariant best-effort like, without complaining.
Server-side, libnm-core should return errors when receiving invalid
configuration. It must not maintain forward-compatibility, only
backward-compatibility -- which is implemented by handling old
and newer formats. But never should server allow a configuration
that is invalid.
Currently, the libnm API cannot yet fail at this point. Hence,
it cannot return an error. It would need a strict and relaxed
parsing mode. Until that exists, just comment out the warnings.
The format for qdiscs is
qdisc.<parent>=[handle <handle>] <qdisc> [<options>...]
E.g.:
[tc]
qdisc.root=fq_codel handle de4d:
qdisc.ffff:fff1=ingress
That is pretty much what is supported at this point.
