- use a more efficient implementation for prefix_to_netmask
- fix netmask_to_prefix to behave consistently in case of
invalid netmask
- remove unused duplicated functions from NetworkManagerUtils.c
- add test functions
Based-on-patch-by: Pavel Šimerda <psimerda@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Related: https://bugzilla.gnome.org/show_bug.cgi?id=721771
When generating a connection, if the device has no non-link-local IPv6
address, then it's unclear whether (a) the connection was link-local
originally, or (b) the connection was 'auto' but IPv6 failed or timed
out.
In this case, if there is a persistent connection that is 'auto' but
the generated connection is 'link-local', the persistent connection
should be used.
Add a more-testable framework for doing the connection matching to
handle this.
If the interface who's IP configuration is being captured has the default
route, then read DNS servers from resolv.conf into the NMIP[4|6]Config.
This allows NetworkManager to repopulate resolv.conf if anything changes.
For example, if the system does not define a persistent hostname, then
when a device which has generated a connection activates, a hostname
lookup will be performed. The results of that lookup may change resolv.conf,
and thus NetworkManager must rewrite resolv.conf. Without capturing
DNS information at startup when generating connections, an empty
resolv.conf would be written.
Although it's convenient in some places to have IP configs on all
connections, it makes more sense in other places to not have IP
configs on slaves. (eg, it's confusing for nmcli, etc, to report a
full NMSettingIP4Config on a slave device). So revert parts of the
earlier patch. However, it's still safe to assume that s_ip4 != NULL
if method != DISABLED, so some of the earlier simplifications can
stay.
Also, add nm_utils_get_ip_config_method(), which returns the correct
IP config method for a connection, whether the connection has IP4 and
IP6 settings objects or not, and use that to keep some more of the
simplifications from the earlier patch.
Make sure that all connections returned from NMSettings or created via
AddAndActivateConnection have an NMSettingIP4Config and an
NMSettingIP6Config, with non-NULL methods, and get rid of
now-unnecessary checks for those.
Also move the slaves-can't-have-IP-config checks into the
platform-independent code as well. This also gets rid of spurious
"ignoring IP4/IP6 configuration" warnings in ifcfg-rh when reading a
slave ifcfg file.
Partly based on a patch from Pavel.
https://bugzilla.gnome.org/show_bug.cgi?id=708875
Note that this patch doesn't effectively change any code.
Functions moved from nm-system:
* nm_system_apply_ip?_config → nm_ip?_config_commit
* ip?_dest_in_same_subnet → nm_ip?_config_destination_is_direct
Functions moved from NetworkManagerUtils:
* nm_utils_merge_ip?_config → nm_ip?_config_merge_setting
Functions renamed (and moved down to form one group):
* nm_ip?_config_new_for_interface → nm_ip?_config_capture
(The rationale for the rename is that from the achitectural point of
view it doesn't matter whether the function creates a new object or
updates an existing one. After the rename, it's obvious that
nm_ip?_config_capture() and nm_ip?_config_commit() are counterparts of
each other.)
ifcfg-rh didn't let you unmanage an InfiniBand device by hardware
address because it was recording the hardware address with uppercase
letters, while nm_match_spec_hwaddr() required lowercase. Fix this by
making nm_match_spec_hwaddr() match case-insensitively (and remove the
manual lowercasing that several other places were doing to work around
this.)
keyfile didn't let you unmanage an InfiniBand device by hardware
address because it only accepted ARPHRD_ETHER hardware addresses. Fix
that by using nm_utils_hwaddr_valid() instead.
Add NMConfigDevice, which is mostly just a wrapper around
nm_device_get_hw_address() and nm_device_spec_match_list(), and
implement it in NMDevice. This will be used for config options that
match devices. (We can't use NMDevice directly for dependency
reasons.)
This function gets used for both /proc/sys (ie, sysctl) and for
sysfs attributes. There are two issues with it:
1) most sysctl values don't care about a trailing LF, but some
sysfs attributes (infiniband) do; so we always have to add the
trailing LF. Just move that into the function to ensure that
callers don't forget to add it.
2) neither sysfs or sysctl support partial writes, while the
existing function did partial writes. Practically, both the
write handlers for sysfs and sysctl should always handle all
the data, but if they don't, partial writes are wrong. So
instead, try three times to write all the data.
The ctype macros (eg, isalnum(), tolower()) are locale-dependent. Use
glib's ASCII-only versions instead.
Also, replace isascii() with g_ascii_isprint(), since isascii()
accepts control characters, which isn't what the code wanted in any of
the places where it was using it.
If the interface already exists, the compat code would fail. Fix that
and clean up the function. Also double-check that an existing VLAN
interface that has the name we expect also has the master and VLAN
ID we expect.
Commit 217c5bf6ac fixed processing of unix
signals: signals are blocked in all threads and a dedicated thread handles the
signals using sigwait().
However, the commit forgot that child processes inherit signal mask as well.
That is why we have to unblock signals for child processes we spawn from NM, so
that they can receive signals.
- changes nm_utils_get_proc_sys_net_value() to allow all values, not just 0,1
- adds nm_utils_get_proc_sys_net_value_with_bounds() for limiting valid values
nm_utils_hwaddr_ntoa() and nm_utils_hwaddr_aton() are like
ether_ntoa()/ether_aton(), but handle IPoIB too.
nm_utils_hwaddr_atoba() is like _aton() but returns a GByteArray,
since that's what's wanted in many places.
Also remove nm_ether_ntop() and replace uses of it with
nm_utils_hwaddr_ntoa().
For VPN connections, the interface name would be that of the VPN's
IP interface, but the script environment would be the that of the
VPN's parent device. Enhance the environment by adding any VPN
specific details as additional environment variables prefixed by
"VPN_". Leave the existing environment setup intact for backwards
compatiblity.
Additionally, the dispatcher never got updated for IPv6 support,
so push IPv6 configuration and DHCPv6 configuration into the
environment too.
Even better, push everything the dispatcher needs to it instead
of making the dispatcher make D-Bus requests back to NM, which
sometimes fails if NM has already torn down the device or the
connection which the device was using.
And add some testcases to ensure that we don't break backwards compat,
the testcases here were grabbed from a 0.8.4 machine with a hacked up
dispatcher to dump everything it was given from NM.
It's really dbus-glib's fault, but the problem seems to be that when
short-lived D-Bus calls are made (with dbus_g_proxy_call_no_reply)
and the service is activated, then quits immediately like the
dispatcher does, there's not enough time for internal dbus-glib
housekeeping. The GetNameOwner call that's kicked off when the
DBusGProxy is created hasn't returned by the time the proxy is
being unrefed, so the proxy doesn't end up on the
unassociated_proxies list. But when the proxy is destroyed, and
it destroys it's DBusGProxyManager, the manager expects that
the proxy is on unassociated_proxies. Thus the crash.
I'm not entirely sure why we hit this only at shutdown with
systemd; it could be that systemd is killing the bus daemon at
the same time as we're running the dispatcher and that's why the
GetNameOwner call doesn't complete.
Work around all this by expecting a message return, which works fine
during normal operation, but on shutdown allows us to avoid urefing
the proxy until everything in dbus-glib has been handled, which at
shutdown time really just means leaking it. But then we exit, so
it's cleaned up anyway.
Simplifies code internally, and makes it easier for clients as well in
some cases where they want to control what ends up in the resulting
hash and what does not.
Remove the org.freedesktop.NetworkManagerSystemSettings bus name and
have everybody talk to org.freedesktop.NetworkManager. Now that we have
a single settings service that's embedded in the main daemon, we don't
need separate names anymore.
Remove all references to connection scope and user-settings services
from the various internal APIs of the daemon. The external DBus API
remains unchanged, albeit in stub form for scope stuff.
The only thing that doesn't work yet is the system-settings service's
"auto eth" connections for ethernet devices that don't have an existing
connection. Might also have issues with unmanaged devices that can't
provide a MAC address until they are brought up, but we'll see.
