Commit Graph

21088 Commits

Author SHA1 Message Date
Thomas Haller
21ae09c1cc core: add assertions for network_id/stable_type
We require a network-id. Assert that it is set.

Also, we encode the stable-id as uint8. Thus, add
an assertion that we don't use more then 254 IDs.

If we ever make use of stable-type 255, we must extend
the encoding to allow for more values. The assertion
is there to catch that.
2017-01-09 14:50:33 +01:00
Thomas Haller
46d53e1101 keyfile: fix interpreting missing wifi.mac-address-randomization as permanent address
With commit 4f6c91d696, we aimed to
enable mac-address-randomization by default for Wi-Fi. That however
is not possible by default because it breaks various scenarios.
Also, later wifi.mac-address-randomization was deprecated in favor
of wifi.cloned-mac-address setting.

Both wifi.mac-address-randomization and wifi.cloned-mac-address support
global default values, so it is wrong to read a missing
mac-address-randomization as "NEVER" -- which due to
normalization also results in cloned-mac-address=permanent.
2017-01-09 14:50:33 +01:00
Thomas Haller
dea3c49ce2 utils: add nm_utils_get_boot_id() util to read "/proc/sys/kernel/random/boot_id" 2017-01-09 14:50:33 +01:00
Thomas Haller
142009c6a5 shared: add nm_str_realloc() 2017-01-09 14:50:33 +01:00
Beniamino Galvani
ae5adc9e21 vpn: add device route to VPN gateway if parent has no gateway
We set a dedicated route to reach the VPN gateway only if the parent
device has a gateway. If the parent device doesn't have a gateway (for
example in case of GSM connections) and the VPN gets the default
route, the VPN gateway will be contacted through the VPN itself, which
obviously doesn't work.

Set up a device route if the parent device doesn't provide a gateway.

https://bugzilla.redhat.com/show_bug.cgi?id=1403660
2017-01-07 15:05:03 +01:00
Lubomir Rintel
2b09cee6fa libnm-core/8021x: fix up scheme handling in setters
Fixes: 690e33bdf2
2017-01-06 16:14:13 +01:00
Lubomir Rintel
8386cb6ca6 merge: branch 'lr/pkcs11'
https://bugzilla.gnome.org/show_bug.cgi?id=776268
2017-01-06 15:57:57 +01:00
Lubomir Rintel
234a72cb91 supplicant: allow accessing certs and keys in PKCS#11 tokens 2017-01-06 15:56:11 +01:00
Lubomir Rintel
34b4a0e561 supplicant: allow specifying a replacement string for hidden items
Makes it possible to hide only a part of a value (such as inline PIN),
but still log useful info.
2017-01-06 15:56:11 +01:00
Lubomir Rintel
b4a31174ea cli: add support for pkcs11: URI scheme on relevant properties 2017-01-06 15:56:11 +01:00
Lubomir Rintel
d5a1a09567 cli: support printing the pkcs11: URI scheme 2017-01-06 15:56:11 +01:00
Lubomir Rintel
faed200b2b keyfile: add support for pkcs11: URI scheme 2017-01-06 15:56:11 +01:00
Lubomir Rintel
690e33bdf2 libnm-core/8021x: make cert/key setters handle pkcs11 URI scheme 2017-01-06 15:56:11 +01:00
Lubomir Rintel
84c57c34bc libnm-core/8021x: add pkcs11: scheme for certificates and keys
The getters just return the whole URI as-is, without any mangling.
2017-01-06 15:56:11 +01:00
Lubomir Rintel
afd2811028 cli: do not require a password when setting a PK
It results in a rather confusing behavior:

  # nmcli c modify wifi \
     802-1x.private-key /etc/pki/themostsecret.key \
     802-1x.private-key-password verystrong
  Error: failed to modify 802-1x.private-key: private key
  password not provided.

Moreover, the user might have a good reason for not specifying it on a command
liue and it's not strictly required anyway -- we'll do fine if we don't verify
a private key at addition time.
2017-01-06 15:14:46 +01:00
Lubomir Rintel
5209c034f2 merge: branch 'lr/ifname-validation' 2017-01-06 15:13:28 +01:00
Lubomir Rintel
f9be6540b0 libnm-core: deprecate nm_utils_iface_valid_name()
We don't use it internally and a better version exists. Not like we
could drop it or anything.
2017-01-06 15:11:56 +01:00
Lubomir Rintel
260563a7d9 all: use nm_utils_is_valid_iface_name() 2017-01-06 15:11:56 +01:00
Lubomir Rintel
ac0563d784 libnm-core: add nm_utils_is_valid_iface_name()
Version of nm_utils_iface_valid_name() with error reporting.
2017-01-06 15:11:56 +01:00
Thomas Haller
aef473f005 keyfile: merge branch 'th/keyfile-parsing-bgo776484'
https://bugzilla.gnome.org/show_bug.cgi?id=776484
2017-01-05 12:30:12 +01:00
Thomas Haller
e844df1099 keyfile: write also empty byte arrays to keyfiles
It's not the job of keyfile writer to enforce certain settings. A
%NULL GBytes property is shall be treated distinct from a byte array
with zero length.

The NMSetting may or may not reject such settings as invalid during
verify() or mangle them during normalize(). But reader/writer should
just serialize every property as-is.
2017-01-05 12:26:18 +01:00
Thomas Haller
932da77b5b keyfile: assert that write_array_of_uint() writes valid integer list
We use write_array_of_uint() for G_TYPE_ARRAY. In practice, only
NMSettingDcb has any properties of this type.

Furthermore, all valid values are either gboolean or guints of
restricted range. Thus, no valid NMSettingDcb should violate the
range check.

Same for reader.

It's really ugly to blindly use uint-list reader for G_TYPE_ARRAY.
Especially, because certain G_TYPE_ARRAY properties of NMSettingDcb
are actually arrays of gboolean, which only ~accidentally~ has the same
memory layout as guint.
2017-01-05 12:00:54 +01:00
Thomas Haller
138d1e3b7b keyfile: use nm_keyfile_plugin_kf_set_integer_list_uint8() helper 2017-01-05 12:00:54 +01:00
Thomas Haller
e965718ddd keyfile: add nm_keyfile_plugin_kf_set_integer_list_uint8() helper 2017-01-05 12:00:54 +01:00
Thomas Haller
5e7b14af03 keyfile: refactor parsing in get_bytes() to replace regex
No longer use a regex to pre-evaluate whether @tmp_string looks
like a integer list. Instead, parse the integer list ourself.

First, drop the nm_keyfile_plugin_kf_has_key() check.
Note that this merely verifies that such a key exits. It's rather
pointless, because get_bytes() is only called for existing keys.
Still, in case the check would actually yield differing results
from the following nm_keyfile_plugin_kf_get_string(), we want to
act depending on what nm_keyfile_plugin_kf_get_string() returns.

Note that nm_keyfile_plugin_kf_get_string() looks up the key, alternatively
fallback to the settings alias. Then, GKeyFile would parse the raw keyfile
value and return it as string.
Previously, we would first decide whether @tmp_string look like a integer list
to decide wether to parse it via nm_keyfile_plugin_kf_get_integer_list().

But note that it's not clear that nm_keyfile_plugin_kf_get_integer_list()
operates on the same string as nm_keyfile_plugin_kf_get_string().
Could it decide to return different strings based on whether such
a key exists?
E.g. when setting "802-11-wireless.ssid=foo" and "wifi.ssid=60;" they
clearly would yield differing results: "foo" vs. [60].
Ok, probably it is not an issue because we call first
nm_keyfile_plugin_kf_get_string(), decide whether it looks like a
integer list, and return "foo" right away.
This is still confusing and relyies on knowledge about how the value
is encoded as string-list.

Likewise, could our regex determine that the value looks like a integer
list but then the integer list is unable to parse it? Certainly that can
happen for values larger then 255.

Just make it consistent. Get *one* @tmp_string. Try (manually) to
interpret it as string list, or bail using it as plain text.

Also, allow returning empty GBytes arrays. If somebody specifies an
empty list, it's empty. Not NULL.
2017-01-05 12:00:54 +01:00
Thomas Haller
f779c51f87 shared: move nm_utils_strbuf_*() helper to shared/nm-utils 2017-01-05 11:13:17 +01:00
Thomas Haller
f4fb4d271f keyfile/tests: add test for reading dcb connection
Catches previously fixed memleak in read_array_of_uint()
2017-01-05 11:13:17 +01:00
Thomas Haller
8239edbb9b keyfile: fix memleak in keyfile reader's read_array_of_uint()
Fixes: 9559a7a260
2017-01-05 11:13:17 +01:00
Thomas Haller
a8afbb7299 systemd: merge branch systemd into master 2017-01-04 15:55:46 +01:00
Thomas Haller
17820bf42a systemd: update code from upstream
This is a direct dump from systemd git on 2017-01-04, git commit
6a47fd894d601f7e8e88dec4cb35dfb7d7c15eff.

======

SYSTEMD_DIR=../systemd
COMMIT=6a47fd894d601f7e8e88dec4cb35dfb7d7c15eff

(
  cd "$SYSTEMD_DIR"
  git checkout "$COMMIT"
  git reset --hard
  git clean -fdx
)

git ls-files :/src/systemd/src/ | xargs -d '\n' rm -f

nm_copy_sd() {
    mkdir -p "./src/systemd/$(dirname "$1")"
    cp "$SYSTEMD_DIR/$1" "./src/systemd/$1"
}

nm_copy_sd "src/basic/alloc-util.c"
nm_copy_sd "src/basic/alloc-util.h"
nm_copy_sd "src/basic/async.h"
nm_copy_sd "src/basic/escape.c"
nm_copy_sd "src/basic/escape.h"
nm_copy_sd "src/basic/ether-addr-util.c"
nm_copy_sd "src/basic/ether-addr-util.h"
nm_copy_sd "src/basic/extract-word.c"
nm_copy_sd "src/basic/extract-word.h"
nm_copy_sd "src/basic/fileio.c"
nm_copy_sd "src/basic/fileio.h"
nm_copy_sd "src/basic/fd-util.c"
nm_copy_sd "src/basic/fd-util.h"
nm_copy_sd "src/basic/fs-util.c"
nm_copy_sd "src/basic/fs-util.h"
nm_copy_sd "src/basic/hash-funcs.c"
nm_copy_sd "src/basic/hash-funcs.h"
nm_copy_sd "src/basic/hashmap.c"
nm_copy_sd "src/basic/hashmap.h"
nm_copy_sd "src/basic/hexdecoct.c"
nm_copy_sd "src/basic/hexdecoct.h"
nm_copy_sd "src/basic/hostname-util.c"
nm_copy_sd "src/basic/hostname-util.h"
nm_copy_sd "src/basic/in-addr-util.c"
nm_copy_sd "src/basic/in-addr-util.h"
nm_copy_sd "src/basic/io-util.c"
nm_copy_sd "src/basic/io-util.h"
nm_copy_sd "src/basic/list.h"
nm_copy_sd "src/basic/log.h"
nm_copy_sd "src/basic/macro.h"
nm_copy_sd "src/basic/mempool.h"
nm_copy_sd "src/basic/mempool.c"
nm_copy_sd "src/basic/parse-util.c"
nm_copy_sd "src/basic/parse-util.h"
nm_copy_sd "src/basic/path-util.c"
nm_copy_sd "src/basic/path-util.h"
nm_copy_sd "src/basic/prioq.h"
nm_copy_sd "src/basic/prioq.c"
nm_copy_sd "src/basic/random-util.c"
nm_copy_sd "src/basic/random-util.h"
nm_copy_sd "src/basic/refcnt.h"
nm_copy_sd "src/basic/set.h"
nm_copy_sd "src/basic/signal-util.h"
nm_copy_sd "src/basic/siphash24.c"
nm_copy_sd "src/basic/siphash24.h"
nm_copy_sd "src/basic/socket-util.c"
nm_copy_sd "src/basic/socket-util.h"
nm_copy_sd "src/basic/sparse-endian.h"
nm_copy_sd "src/basic/stdio-util.h"
nm_copy_sd "src/basic/string-table.c"
nm_copy_sd "src/basic/string-table.h"
nm_copy_sd "src/basic/string-util.c"
nm_copy_sd "src/basic/string-util.h"
nm_copy_sd "src/basic/strv.c"
nm_copy_sd "src/basic/strv.h"
nm_copy_sd "src/basic/time-util.c"
nm_copy_sd "src/basic/time-util.h"
nm_copy_sd "src/basic/umask-util.h"
nm_copy_sd "src/basic/unaligned.h"
nm_copy_sd "src/basic/utf8.c"
nm_copy_sd "src/basic/utf8.h"
nm_copy_sd "src/basic/util.c"
nm_copy_sd "src/basic/util.h"
nm_copy_sd "src/libsystemd-network/arp-util.c"
nm_copy_sd "src/libsystemd-network/arp-util.h"
nm_copy_sd "src/libsystemd-network/dhcp6-internal.h"
nm_copy_sd "src/libsystemd-network/dhcp6-lease-internal.h"
nm_copy_sd "src/libsystemd-network/dhcp6-network.c"
nm_copy_sd "src/libsystemd-network/dhcp6-option.c"
nm_copy_sd "src/libsystemd-network/dhcp6-protocol.h"
nm_copy_sd "src/libsystemd-network/dhcp-identifier.c"
nm_copy_sd "src/libsystemd-network/dhcp-identifier.h"
nm_copy_sd "src/libsystemd-network/dhcp-internal.h"
nm_copy_sd "src/libsystemd-network/dhcp-lease-internal.h"
nm_copy_sd "src/libsystemd-network/dhcp-network.c"
nm_copy_sd "src/libsystemd-network/dhcp-option.c"
nm_copy_sd "src/libsystemd-network/dhcp-packet.c"
nm_copy_sd "src/libsystemd-network/dhcp-protocol.h"
nm_copy_sd "src/libsystemd-network/lldp-internal.h"
nm_copy_sd "src/libsystemd-network/lldp-neighbor.c"
nm_copy_sd "src/libsystemd-network/lldp-neighbor.h"
nm_copy_sd "src/libsystemd-network/lldp-network.c"
nm_copy_sd "src/libsystemd-network/lldp-network.h"
nm_copy_sd "src/libsystemd-network/network-internal.c"
nm_copy_sd "src/libsystemd-network/network-internal.h"
nm_copy_sd "src/libsystemd-network/sd-dhcp6-client.c"
nm_copy_sd "src/libsystemd-network/sd-dhcp6-lease.c"
nm_copy_sd "src/libsystemd-network/sd-dhcp-client.c"
nm_copy_sd "src/libsystemd-network/sd-dhcp-lease.c"
nm_copy_sd "src/libsystemd-network/sd-ipv4ll.c"
nm_copy_sd "src/libsystemd-network/sd-ipv4acd.c"
nm_copy_sd "src/libsystemd-network/sd-lldp.c"
nm_copy_sd "src/libsystemd/sd-event/sd-event.c"
nm_copy_sd "src/libsystemd/sd-id128/id128-util.c"
nm_copy_sd "src/libsystemd/sd-id128/id128-util.h"
nm_copy_sd "src/libsystemd/sd-id128/sd-id128.c"
nm_copy_sd "src/shared/dns-domain.c"
nm_copy_sd "src/shared/dns-domain.h"
nm_copy_sd "src/systemd/_sd-common.h"
nm_copy_sd "src/systemd/sd-dhcp6-client.h"
nm_copy_sd "src/systemd/sd-dhcp6-lease.h"
nm_copy_sd "src/systemd/sd-dhcp-client.h"
nm_copy_sd "src/systemd/sd-dhcp-lease.h"
nm_copy_sd "src/systemd/sd-event.h"
nm_copy_sd "src/systemd/sd-ndisc.h"
nm_copy_sd "src/systemd/sd-id128.h"
nm_copy_sd "src/systemd/sd-ipv4acd.h"
nm_copy_sd "src/systemd/sd-ipv4ll.h"
nm_copy_sd "src/systemd/sd-lldp.h"
2017-01-04 15:46:38 +01:00
Thomas Haller
719d4902d8 device: merge branch 'th/device-parent-bgo776719'
https://bugzilla.gnome.org/show_bug.cgi?id=776719
2017-01-04 14:18:09 +01:00
Thomas Haller
2a14a1c7bd device: drop unused hook nm_device_notify_new_device_added()
The only implementations were there for tracking the parent device.
That is now donw via nm_device_parent_*(), parent_changed_notify()
and _parent_notify_changed().
2017-01-04 14:18:01 +01:00
Thomas Haller
992beb4f34 device: move tracking of peer device from NMDeviceVeth to NMDevice 2017-01-04 14:18:01 +01:00
Thomas Haller
6df235df74 device: move tracking of parent device from NMDeviceVxlan to NMDevice 2017-01-04 14:18:01 +01:00
Thomas Haller
b8bfdd99af device: move tracking of parent device from NMDeviceVlan to NMDevice 2017-01-04 14:18:01 +01:00
Thomas Haller
31682f7a3b device: move tracking of parent device from NMDeviceMacvlan to NMDevice 2017-01-04 14:18:01 +01:00
Thomas Haller
3be1811a7d device: move tracking of parent device from NMDeviceIPTunnel to NMDevice 2017-01-04 14:18:01 +01:00
Thomas Haller
f703f4bb65 device: track parent device in NMDevice
Multiple subclasses have a parent/link interface (NMDeviceIPTunnel,
NMDeviceVlan). Tracking the parent interface properly is midly
complicated to get right. So, instead of repeating it in each
subclass, track it in the parent device.
2017-01-04 14:18:01 +01:00
Thomas Haller
bd09decf16 device: only emit notify::ifindex when the value actually changes 2017-01-04 14:18:01 +01:00
Thomas Haller
78017f1bdc device: cleanup setting of ip-iface
Move the updating/setting of the ip-ifindex/ip-iface to one place.

Properties should be for the most part immutable/read-only, and only
at particular places modified. That way, it's easier to track who
changes a property.

Also, add a logging line with "ip-ifname" prefix.
2017-01-04 14:18:01 +01:00
Thomas Haller
87076d9345 platform: use wrappers for if_nametoindex() and if_indextoname() 2017-01-04 14:18:01 +01:00
Thomas Haller
e8d5a8356c platform: add wrappers for if_nametoindex() and if_indextoname() 2017-01-04 14:18:01 +01:00
Thomas Haller
d481489804 device: mark _nm_device_log_self_to_device() as unused 2017-01-04 14:18:01 +01:00
Thomas Haller
15d8634b9a trivial: rename reload_tun_properties() to update_properties()
That is what the function is called in other device implementations.
2017-01-04 14:18:01 +01:00
Thomas Haller
0eb4b404f2 device: have realize_start_notify() call link_changed()
Most implementations of realize_start_notify() do the same
for link_changed().

Let NMDevice's base implementation of realize_start_notify() call
link_changed() -- which by default does notthing. This allows subclasses
to only overwrite link_changed().
2017-01-04 14:18:01 +01:00
Thomas Haller
0bb84d1b85 device/ethernet: refactor loading s390 subchannels during realize
Instead of overwriting constructed(), update the s390 subchannels via
realize_start_notify(). This makes more sense and is also more similar
to what other device implementations do.
2017-01-04 14:18:01 +01:00
Thomas Haller
7e4120860f device/vlan: update vlan properties when link changes
For example, when the parent link is moved to a different netns,
we must update (clear) the vlan's parent.
2017-01-04 14:18:01 +01:00
Thomas Haller
a2dce28fc8 device: do nothing in NMDevice's link_changed() function
All implementations of link_changed() chain up to NMDevice's
base implementation. Thus, everybody wants to set the carrier.

Refactor the code to set the carrier outside of link_changed().
2017-01-04 14:18:01 +01:00
Thomas Haller
c2bc2fbac3 device: make @pllink argument in link_changed() function const 2017-01-04 14:18:01 +01:00
Thomas Haller
9473943ef3 wifi: merge refactor tracking of APs 2017-01-04 14:05:38 +01:00