fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-03 16:20:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src/core/nm-core-utils.h

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

471 lines
22 KiB
C
Raw Normal View History

all: update deprecated SPDX license identifiers These SPDX license identifiers are deprecated ([1]). Update them. [1] https://spdx.org/licenses/ sed \ -e '1 s%^/\* SPDX-License-Identifier: \(GPL-2.0\|LGPL-2.1\)+ \*/$%/* SPDX-License-Identifier: \1-or-later */%' \ -e '1,2 s%^\(--\|#\|//\) SPDX-License-Identifier: \(GPL-2.0\|LGPL-2.1\)+$%\1 SPDX-License-Identifier: \2-or-later%' \ -i \ $(git grep -l SPDX-License-Identifier -- \ ':(exclude)shared/c-*/' \ ':(exclude)shared/n-*/' \ ':(exclude)shared/systemd/src' \ ':(exclude)src/systemd/src')
2020-12-23 22:21:36 +01:00
/* SPDX-License-Identifier: GPL-2.0-or-later */
all: manually drop code comments with file description
2019-09-25 13:13:40 +02:00
/*
all: unify format of our Copyright source code comments ```bash readarray -d '' FILES < <( git ls-files -z \ ':(exclude)po' \ ':(exclude)shared/c-rbtree' \ ':(exclude)shared/c-list' \ ':(exclude)shared/c-siphash' \ ':(exclude)shared/c-stdaux' \ ':(exclude)shared/n-acd' \ ':(exclude)shared/n-dhcp4' \ ':(exclude)src/systemd/src' \ ':(exclude)shared/systemd/src' \ ':(exclude)m4' \ ':(exclude)COPYING*' ) sed \ -e 's/^\(--\|#\| \*\) *\(([cC]) *\)\?Copyright \+\(\(([cC])\) \+\)\?\(\(20\|19\)[0-9][0-9]\) *[-–] *\(\(20\|19\)[0-9][0-9]\) \+\([^ ].*\)$/\1 C1pyright#\5 - \7#\9/' \ -e 's/^\(--\|#\| \*\) *\(([cC]) *\)\?Copyright \+\(\(([cC])\) \+\)\?\(\(20\|19\)[0-9][0-9]\) *[,] *\(\(20\|19\)[0-9][0-9]\) \+\([^ ].*\)$/\1 C2pyright#\5, \7#\9/' \ -e 's/^\(--\|#\| \*\) *\(([cC]) *\)\?Copyright \+\(\(([cC])\) \+\)\?\(\(20\|19\)[0-9][0-9]\) \+\([^ ].*\)$/\1 C3pyright#\5#\7/' \ -e 's/^Copyright \(\(20\|19\)[0-9][0-9]\) \+\([^ ].*\)$/C4pyright#\1#\3/' \ -i \ "${FILES[@]}" echo ">>> untouched Copyright lines" git grep Copyright "${FILES[@]}" echo ">>> Copyright lines with unusual extra" git grep '\<C[0-9]pyright#' "${FILES[@]}" | grep -i reserved sed \ -e 's/\<C[0-9]pyright#\([^#]*\)#\(.*\)$/Copyright (C) \1 \2/' \ -i \ "${FILES[@]}" ``` https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/298
2019-10-01 09:20:35 +02:00
* Copyright (C) 2004 - 2016 Red Hat, Inc.
* Copyright (C) 2005 - 2008 Novell, Inc.
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
*/
#ifndef __NM_CORE_UTILS_H__
#define __NM_CORE_UTILS_H__
#include <stdio.h>
#include <arpa/inet.h>
#include "nm-connection.h"
build: move "shared/nm-{glib-aux,log-null,log-core}" to "src/libnm-{glib-aux,log-null,log-core}"
2021-02-18 17:37:47 +01:00
#include "libnm-glib-aux/nm-time-utils.h"
shared: move nm_utils_get_monotonic_timestamp*() to shared/nm-utils. This is independent functionality that only depends on linux API and glib. Note how "nm-logging" uses this for getting the timestamps. This makes "nm-logging.c" itself dependen on "src/nm-core-utils.c", for little reason.
2018-10-17 14:09:13 +02:00
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
/*****************************************************************************/
#define NM_DEFINE_SINGLETON_INSTANCE(TYPE) static TYPE *singleton_instance
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
#define NM_DEFINE_SINGLETON_REGISTER(TYPE) \
NM_DEFINE_SINGLETON_INSTANCE(TYPE); \
static void _singleton_instance_weak_ref_cb(gpointer data, GObject *where_the_object_was) \
{ \
core: don't log plain pointer values for singletons Logging pointer values allows to defeat ASLR. Don't do that.
2019-05-05 15:40:04 +02:00
nm_log_dbg(LOGD_CORE, \
"disposing %s singleton (" NM_HASH_OBFUSCATE_PTR_FMT ")", \
G_STRINGIFY(TYPE), \
NM_HASH_OBFUSCATE_PTR(singleton_instance)); \
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
singleton_instance = NULL; \
} \
static inline void nm_singleton_instance_register(void) \
{ \
g_object_weak_ref(G_OBJECT(singleton_instance), _singleton_instance_weak_ref_cb, NULL); \
_nm_singleton_instance_register_destruction(G_OBJECT(singleton_instance)); \
all: add trailing semicolon to NM_DEFINE_SINGLETON_REGISTER()
2020-07-19 12:15:39 +02:00
} \
_NM_DUMMY_STRUCT_FOR_TRAILING_SEMICOLON
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
void _nm_singleton_instance_register_destruction(GObject *instance);
/* By default, the getter will assert that the singleton will be created only once. You can
* change this by redefining NM_DEFINE_SINGLETON_ALLOW_MULTIPLE. */
#ifndef NM_DEFINE_SINGLETON_ALLOW_MULTIPLE
clang-format: use "IndentPPDirectives:None" instead of "BeforeHash" Subjectively, I think this looks better.
2021-07-09 08:48:48 +02:00
#define NM_DEFINE_SINGLETON_ALLOW_MULTIPLE FALSE
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
#endif
#define NM_DEFINE_SINGLETON_GETTER(TYPE, GETTER, GTYPE, ...) \
NM_DEFINE_SINGLETON_INSTANCE(TYPE); \
NM_DEFINE_SINGLETON_REGISTER(TYPE); \
core/tests: allow to reset singleton instantiations for testing Most singletons can only be instantiated once (unless NM_DEFINE_SINGLETON_ALLOW_MULTIPLE is defined). Otherwise, an assertion will be triggered if the singleton is destroyed and another instance is requested. For testing, we want to create multiple singleton instances and being able to reset the singleton getter. Add a function for that.
2018-10-24 10:52:42 +02:00
static char _already_created_##GETTER = FALSE; \
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
TYPE * GETTER(void) \
{ \
if (G_UNLIKELY(!singleton_instance)) { \
core/tests: allow to reset singleton instantiations for testing Most singletons can only be instantiated once (unless NM_DEFINE_SINGLETON_ALLOW_MULTIPLE is defined). Otherwise, an assertion will be triggered if the singleton is destroyed and another instance is requested. For testing, we want to create multiple singleton instances and being able to reset the singleton getter. Add a function for that.
2018-10-24 10:52:42 +02:00
g_assert(!(_already_created_##GETTER) || (NM_DEFINE_SINGLETON_ALLOW_MULTIPLE)); \
(_already_created_##GETTER) = TRUE; \
all: drop unnecessary cast of g_object_new() Our cast macros (like NM_AUTH_SUBJECT()) are plain C pointer casts, unless when building with more asserts enabled. Still, they are unnecessary and even their ability to check the type (with more asserts) is not needed, because we must trust glib's g_object_new() to return reasonable objects. That is a basic requirement, that we don't need to assert against. Also, in the majority of cases we don't do this either.
2021-02-08 16:55:35 +01:00
singleton_instance = g_object_new(GTYPE, ##__VA_ARGS__, NULL); \
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
g_assert(singleton_instance); \
nm_singleton_instance_register(); \
core: don't log plain pointer values for singletons Logging pointer values allows to defeat ASLR. Don't do that.
2019-05-05 15:40:04 +02:00
nm_log_dbg(LOGD_CORE, \
"create %s singleton (" NM_HASH_OBFUSCATE_PTR_FMT ")", \
G_STRINGIFY(TYPE), \
NM_HASH_OBFUSCATE_PTR(singleton_instance)); \
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
} \
return singleton_instance; \
core/tests: allow to reset singleton instantiations for testing Most singletons can only be instantiated once (unless NM_DEFINE_SINGLETON_ALLOW_MULTIPLE is defined). Otherwise, an assertion will be triggered if the singleton is destroyed and another instance is requested. For testing, we want to create multiple singleton instances and being able to reset the singleton getter. Add a function for that.
2018-10-24 10:52:42 +02:00
} \
_nm_unused static void _nmtst_##GETTER##_reset(TYPE *instance) \
{ \
/* usually, the singleton can only be created once (and further instantiations
* are guarded by an assert). For testing, we need to reset the singleton to
* allow multiple instantiations. */ \
g_assert(G_IS_OBJECT(instance)); \
g_assert(instance == singleton_instance); \
g_assert(_already_created_##GETTER); \
g_object_unref(instance); \
\
/* require that the last unref also destroyed the singleton. If this fails,
* somebody still keeps a reference. Fix your test! */ \
g_assert(!singleton_instance); \
_already_created_##GETTER = FALSE; \
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
}
/* attach @instance to the data or @owner. @owner owns a reference
* to @instance thus the lifetime of @instance is at least as long
* as that of @owner. Use this when @owner depends on @instance. */
#define NM_UTILS_KEEP_ALIVE(owner, instance, unique_token) \
G_STMT_START \
{ \
g_object_set_data_full(G_OBJECT(owner), \
".nm-utils-keep-alive-" unique_token "", \
g_object_ref(instance), \
g_object_unref); \
} \
G_STMT_END
/*****************************************************************************/
core: refactor nm_ethernet_address_is_valid() The caller *always* needs to know whether the argument is an address in binary or text from. At that point, it's only inconvenient to require the user to either pass "-1" or ETH_ALEN as size (nothing else was supported anyway). Split the function and rename.
2020-11-19 11:20:19 +01:00
gboolean nm_ether_addr_is_valid(const NMEtherAddr *addr);
gboolean nm_ether_addr_is_valid_str(const char *str);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
all: refactor hashing by introducing NMHashState The privious NM_HASH_* macros directly operated on a guint value and were thus close to the actual implementation. Replace them by adding a NMHashState struct and accessors to update the hash state. This hides the implementation better and would allow us to carry more state. For example, we could switch to siphash24() transparently. For now, we still do a form basically djb2 hashing, albeit with differing start seed. Also add nm_hash_str() and nm_str_hash(): - nm_hash_str() is our own string hashing implementation - nm_str_hash() is our own string implementation, but with a GHashFunc signature, suitable to pass it to g_hash_table_new(). Also, it has this name in order to remind you of g_str_hash(), which it is replacing.
2017-10-13 14:00:22 +02:00
static inline void
nm_hash_update_in6addr(NMHashState *h, const struct in6_addr *addr)
platform: add compare functions for routes with different compare semantics Routes are complicated. `ip route add` and `ip route append` behaves differently with respect to determine whether an existing route is idential or not. Extend the cmp() and hash() functions to have a compare type, that covers the different semantics.
2017-07-26 10:50:23 +02:00
{
all: add helper functions for nm_hash_update*() By using a macro, we don't cast all the types to guint. Instead, we use their native types directly. Hence, we don't need nm_hash_update_uint64() nor nm_hash_update_ptr(). Also, for types smaller then guint like char, we save hashing the all zero bytes.
2017-10-16 12:38:16 +02:00
nm_assert(addr);
nm_hash_update(h, addr, sizeof(*addr));
platform: add compare functions for routes with different compare semantics Routes are complicated. `ip route add` and `ip route append` behaves differently with respect to determine whether an existing route is idential or not. Extend the cmp() and hash() functions to have a compare type, that covers the different semantics.
2017-07-26 10:50:23 +02:00
}
all: refactor hashing by introducing NMHashState The privious NM_HASH_* macros directly operated on a guint value and were thus close to the actual implementation. Replace them by adding a NMHashState struct and accessors to update the hash state. This hides the implementation better and would allow us to carry more state. For example, we could switch to siphash24() transparently. For now, we still do a form basically djb2 hashing, albeit with differing start seed. Also add nm_hash_str() and nm_str_hash(): - nm_hash_str() is our own string hashing implementation - nm_str_hash() is our own string implementation, but with a GHashFunc signature, suitable to pass it to g_hash_table_new(). Also, it has this name in order to remind you of g_str_hash(), which it is replacing.
2017-10-13 14:00:22 +02:00
static inline void
nm_hash_update_in6addr_prefix(NMHashState *h, const struct in6_addr *addr, guint8 plen)
platform: add compare functions for routes with different compare semantics Routes are complicated. `ip route add` and `ip route append` behaves differently with respect to determine whether an existing route is idential or not. Extend the cmp() and hash() functions to have a compare type, that covers the different semantics.
2017-07-26 10:50:23 +02:00
{
struct in6_addr a;
all: add helper functions for nm_hash_update*() By using a macro, we don't cast all the types to guint. Instead, we use their native types directly. Hence, we don't need nm_hash_update_uint64() nor nm_hash_update_ptr(). Also, for types smaller then guint like char, we save hashing the all zero bytes.
2017-10-16 12:38:16 +02:00
nm_assert(addr);
all: refactor hashing by introducing NMHashState The privious NM_HASH_* macros directly operated on a guint value and were thus close to the actual implementation. Replace them by adding a NMHashState struct and accessors to update the hash state. This hides the implementation better and would allow us to carry more state. For example, we could switch to siphash24() transparently. For now, we still do a form basically djb2 hashing, albeit with differing start seed. Also add nm_hash_str() and nm_str_hash(): - nm_hash_str() is our own string hashing implementation - nm_str_hash() is our own string implementation, but with a GHashFunc signature, suitable to pass it to g_hash_table_new(). Also, it has this name in order to remind you of g_str_hash(), which it is replacing.
2017-10-13 14:00:22 +02:00
platform: add compare functions for routes with different compare semantics Routes are complicated. `ip route add` and `ip route append` behaves differently with respect to determine whether an existing route is idential or not. Extend the cmp() and hash() functions to have a compare type, that covers the different semantics.
2017-07-26 10:50:23 +02:00
nm_utils_ip6_address_clear_host_address(&a, addr, plen);
/* we don't hash plen itself. The caller may want to do that.*/
all: refactor hashing by introducing NMHashState The privious NM_HASH_* macros directly operated on a guint value and were thus close to the actual implementation. Replace them by adding a NMHashState struct and accessors to update the hash state. This hides the implementation better and would allow us to carry more state. For example, we could switch to siphash24() transparently. For now, we still do a form basically djb2 hashing, albeit with differing start seed. Also add nm_hash_str() and nm_str_hash(): - nm_hash_str() is our own string hashing implementation - nm_str_hash() is our own string implementation, but with a GHashFunc signature, suitable to pass it to g_hash_table_new(). Also, it has this name in order to remind you of g_str_hash(), which it is replacing.
2017-10-13 14:00:22 +02:00
nm_hash_update_in6addr(h, &a);
platform: add compare functions for routes with different compare semantics Routes are complicated. `ip route add` and `ip route append` behaves differently with respect to determine whether an existing route is idential or not. Extend the cmp() and hash() functions to have a compare type, that covers the different semantics.
2017-07-26 10:50:23 +02:00
}
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
/**
* nm_utils_ip6_route_metric_normalize:
* @metric: the route metric
*
core: fix treating route metric zero of IPv6 routes special Userspace cannot add IPv6 routes with metric 0. Trying to do that, will be coerced by kernel to route metric 1024. For IPv4 this is different, and metric zero is commonly allowed. However, kernel itself can add IPv6 routes with metric zero: # ip -6 route show table local local fe80::2029:c7ff:fec9:698a dev v proto kernel metric 0 pref medium That means, we must not treat route metric zero special for most cases. Only, when we want to add routes (based on user configuration), we must coerce a route metric of zero to 1024. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/563
2020-07-03 15:25:51 +02:00
* For IPv6 route, when adding a route via netlink, kernel treats the value 0 as IP6_RT_PRIO_USER (1024).
* So, user space cannot add routes with such a metric, and 0 gets "normalized"
* to NM_PLATFORM_ROUTE_METRIC_DEFAULT_IP6.
*
* Note that kernel itself can add IPv6 routes with metric zero. Also, you can delete
* them, but mostly because with `ip -6 route delete ... metric 0` the 0 acts as a wildcard
* and kills the first matching route.
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
*
* Returns: @metric, if @metric is not zero, otherwise 1024.
*/
static inline guint32
nm_utils_ip6_route_metric_normalize(guint32 metric)
{
all: use the elvis operator wherever possible Coccinelle: @@ expression a, b; @@ -a ? a : b +a ?: b Applied with: spatch --sp-file ternary.cocci --in-place --smpl-spacing --dir . With some manual adjustments on spots that Cocci didn't catch for reasons unknown. Thanks to the marvelous effort of the GNU compiler developer we can now spare a couple of bits that could be used for more important things, like this commit message. Standards commitees yet have to catch up.
2018-04-24 11:20:03 +02:00
return metric ?: 1024 /*NM_PLATFORM_ROUTE_METRIC_DEFAULT_IP6*/;
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
}
core: nm_utils_ip_route_metric_normalize() util Functions that take and addr_family argument are just nicer to use at places where we treat IPv4 and IPv6 generically.
2017-08-30 19:10:59 +02:00
static inline guint32
nm_utils_ip_route_metric_normalize(int addr_family, guint32 metric)
{
core: cleanup IPv4/IPv6 checks using NM_IS_IPv4() - we commonly use "int addr_family" as parameters to functions. But then inside the function, we often need to do something for IPv4 or IPv6 specifically. Instead of having lots of redundant "if (addr_family == AF_INET)" checks, prefer to have a variable IS_IPv4 and/or use NM_IS_IPv4() macro. - don't make the "IS_IPv4" variable a gboolean but an int. gboolean is a typedef for int, so it's in practice exactly the same. However, we use "IS_IPv4" as index to arrays of length 2, where at position "1" we have the value related to IPv4. Using a gboolean to index an array is a bit odd. Maybe a "int" is preferable here. This is more about doing consistently one or the other. There are no strong reasons to prefer gboolean or int.
2020-10-30 12:13:18 +01:00
return NM_IS_IPv4(addr_family) ? metric : nm_utils_ip6_route_metric_normalize(metric);
core: nm_utils_ip_route_metric_normalize() util Functions that take and addr_family argument are just nicer to use at places where we treat IPv4 and IPv6 generically.
2017-08-30 19:10:59 +02:00
}
core: rework tracking of gateway/default-route in ip-config Instead of having 3 properties @gateway, @never_default and @has_gateway on NMIP4Config/NMIP6Config that determine the default-route, track the default-route as a regular route. The gateway setting is the configuration knob for the default-route. Since an NMIP4Config/NMIP6Config instance only has one gateway property, it cannot track more then one default-routes (see related bug rh#1445417). Especially with policy routing, it might be interesting to configure a default-route in multiple tables. Also, later it might be interesting to allow adding default-routes as regular static routes in a connection, so that the user can configure additional route parameters for the default-route or add default-routes in multiple tables. With this patch, default-routes now have a rt_source property according to their origin. Also, the previous commits of this branch broke handling of the default-route :) . That should be working now again.
2017-10-04 15:21:21 +02:00
static inline guint32
core: fix treating route metric zero of IPv6 routes special Userspace cannot add IPv6 routes with metric 0. Trying to do that, will be coerced by kernel to route metric 1024. For IPv4 this is different, and metric zero is commonly allowed. However, kernel itself can add IPv6 routes with metric zero: # ip -6 route show table local local fe80::2029:c7ff:fec9:698a dev v proto kernel metric 0 pref medium That means, we must not treat route metric zero special for most cases. Only, when we want to add routes (based on user configuration), we must coerce a route metric of zero to 1024. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/563
2020-07-03 15:25:51 +02:00
nm_utils_ip_route_metric_penalize(guint32 metric, guint32 penalty)
core: rework tracking of gateway/default-route in ip-config Instead of having 3 properties @gateway, @never_default and @has_gateway on NMIP4Config/NMIP6Config that determine the default-route, track the default-route as a regular route. The gateway setting is the configuration knob for the default-route. Since an NMIP4Config/NMIP6Config instance only has one gateway property, it cannot track more then one default-routes (see related bug rh#1445417). Especially with policy routing, it might be interesting to configure a default-route in multiple tables. Also, later it might be interesting to allow adding default-routes as regular static routes in a connection, so that the user can configure additional route parameters for the default-route or add default-routes in multiple tables. With this patch, default-routes now have a rt_source property according to their origin. Also, the previous commits of this branch broke handling of the default-route :) . That should be working now again.
2017-10-04 15:21:21 +02:00
{
if (metric < G_MAXUINT32 - penalty)
return metric + penalty;
return G_MAXUINT32;
}
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
void nm_utils_kill_process_sync(pid_t pid,
guint64 start_time,
int sig,
guint64 log_domain,
const char *log_name,
guint32 wait_before_kill_msec,
guint32 sleep_duration_msec,
guint32 max_wait_msec);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
typedef void (*NMUtilsKillChildAsyncCb)(pid_t pid,
gboolean success,
int child_status,
void * user_data);
void nm_utils_kill_child_async(pid_t pid,
int sig,
guint64 log_domain,
const char * log_name,
guint32 wait_before_kill_msec,
NMUtilsKillChildAsyncCb callback,
void * user_data);
gboolean nm_utils_kill_child_sync(pid_t pid,
int sig,
guint64 log_domain,
const char *log_name,
int * child_status,
guint32 wait_before_kill_msec,
guint32 sleep_duration_msec);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
const char *nm_utils_find_helper(const char *progname, const char *try_first, GError **error);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
utils: add nm_utils_read_link_absolute()
2016-04-27 14:47:59 +02:00
char *nm_utils_read_link_absolute(const char *link_file, GError **error);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: add and use NM_MATCH_SPEC_*_TAG defines instead of plain strings The define is better, because then we can grep for all the occurances where they are used. The plain text like "mac:" is not at all unique in our source-tree.
2019-07-18 15:37:55 +02:00
#define NM_MATCH_SPEC_MAC_TAG "mac:"
#define NM_MATCH_SPEC_S390_SUBCHANNELS_TAG "s390-subchannels:"
#define NM_MATCH_SPEC_INTERFACE_NAME_TAG "interface-name:"
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
typedef enum {
NM_MATCH_SPEC_NO_MATCH = 0,
NM_MATCH_SPEC_MATCH = 1,
NM_MATCH_SPEC_NEG_MATCH = 2,
} NMMatchSpecMatchType;
core: refactor evaluation of device's match-spec Previously, we would have different functions like - nm_match_spec_device_type() - nm_match_spec_hwaddr() - nm_match_spec_s390_subchannels() - nm_match_spec_interface_name() which all would handle one type of match-spec. So, to get the overall result whether the arguments match or not, nm_device_spec_match_list() had to stich them together and iterate the list multiple times. Refactor the code to have one nm_match_spec_device() function that gets all relevant paramters. The upside is: - the logic how to evaluate the match-spec is all at one place (match_device_eval()) instead of spread over multiple functions. - It requires iterating the list at most twice. Twice, because we do a fast pre-search for "*". One downside could be, that we have to pass all 4 arguments for the evaluation, even if the might no be needed. That is, because "nm-core-utils.c" shall be independend from NMDevice, it cannot receive a device instance to get the parameters as needed. As we would add new match-types, the argument list would grow. However, all arguments are cached and fetching them from the device's private data is very cheap. (cherry picked from commit b957403efd53ff7d826ac7a4f80487032c03824b)
2017-01-20 19:50:25 +01:00
NMMatchSpecMatchType nm_match_spec_device(const GSList *specs,
const char * interface_name,
device: fix order of params in nm_match_spec_device prototype The following commit: b869d9cc0 device: add spec "driver:" to match devices added two parameters ("driver" and "driver_version") to the nm_match_spec_device() function. However, the definition of the function and its declaration are not consistent. The prototype shows: nm_match_spec_device (const GSList *specs, const char *interface_name, const char *driver, const char *driver_version, const char *device_type, But the definition shows: nm_match_spec_device (const GSList *specs, const char *interface_name, const char *device_type, const char *driver, const char *driver_version, Since all parameters are pointers to const char, the type checking succeeds at compile time. All currently existing invocations of the function are correct and pass the arguments in the order described in the definition/implementation. This patch only changes the prototype so that potential future invocations don't end up buggy. Fixes: b869d9cc0dda4fe5300f5ec5b5a090199ecd4e3e
2018-07-06 14:35:33 +02:00
const char * device_type,
device: add spec "driver:" to match devices Changing the MAC address of devices is known to fail with certain drivers. Add a device-spec to allow disabling it for for such devices. Related: https://bugzilla.gnome.org/show_bug.cgi?id=777523
2017-03-17 16:18:48 +01:00
const char * driver,
const char * driver_version,
core: refactor evaluation of device's match-spec Previously, we would have different functions like - nm_match_spec_device_type() - nm_match_spec_hwaddr() - nm_match_spec_s390_subchannels() - nm_match_spec_interface_name() which all would handle one type of match-spec. So, to get the overall result whether the arguments match or not, nm_device_spec_match_list() had to stich them together and iterate the list multiple times. Refactor the code to have one nm_match_spec_device() function that gets all relevant paramters. The upside is: - the logic how to evaluate the match-spec is all at one place (match_device_eval()) instead of spread over multiple functions. - It requires iterating the list at most twice. Twice, because we do a fast pre-search for "*". One downside could be, that we have to pass all 4 arguments for the evaluation, even if the might no be needed. That is, because "nm-core-utils.c" shall be independend from NMDevice, it cannot receive a device instance to get the parameters as needed. As we would add new match-types, the argument list would grow. However, all arguments are cached and fetching them from the device's private data is very cheap. (cherry picked from commit b957403efd53ff7d826ac7a4f80487032c03824b)
2017-01-20 19:50:25 +01:00
const char * hwaddr,
device: add "dhcp-plugin" match spec for device The need for this is the following: "ipv4.dhcp-client-id" can be specified via global connection defaults. In absence of any configuration in NetworkManager, the default depends on the DHCP client plugin. In case of "dhclient", the default further depends on /etc/dhcp. For "internal" plugin, we may very well want to change the default client-id to "mac" by universally installing a configuration snippet [connection-use-mac-client-id] ipv4.dhcp-client-id=mac However, if we the user happens to enable "dhclient" plugin, this also forces the client-id and overrules configuration from /etc/dhcp. The real problem is, that dhclient can be configured via means outside of NetworkManager, so our defaults shall not overwrite defaults from /etc/dhcp. With the new device spec, we can avoid this issue: [connection-dhcp-client-id] match-device=except:dhcp-plugin:dhclient ipv4.dhcp-client-id=mac This will be part of the solution for rh#1640494. Note that merely dropping a configuration snippet is not yet enough. More fixes for DHCP will follow. Also, bug rh#1640494 may have alternative solutions as well. The nice part of this new feature is that it is generally useful for configuring connection defaults and not specifically for the client-id issue. Note that this match spec is per-device, although the plugin is selected globally. That makes some sense, because in the future we may or may not configure the DHCP plugin per-device or per address family. https://bugzilla.redhat.com/show_bug.cgi?id=1640494
2018-10-24 08:43:45 +02:00
const char * s390_subchannels,
const char * dhcp_plugin);
core: refactor evaluation of device's match-spec Previously, we would have different functions like - nm_match_spec_device_type() - nm_match_spec_hwaddr() - nm_match_spec_s390_subchannels() - nm_match_spec_interface_name() which all would handle one type of match-spec. So, to get the overall result whether the arguments match or not, nm_device_spec_match_list() had to stich them together and iterate the list multiple times. Refactor the code to have one nm_match_spec_device() function that gets all relevant paramters. The upside is: - the logic how to evaluate the match-spec is all at one place (match_device_eval()) instead of spread over multiple functions. - It requires iterating the list at most twice. Twice, because we do a fast pre-search for "*". One downside could be, that we have to pass all 4 arguments for the evaluation, even if the might no be needed. That is, because "nm-core-utils.c" shall be independend from NMDevice, it cannot receive a device instance to get the parameters as needed. As we would add new match-types, the argument list would grow. However, all arguments are cached and fetching them from the device's private data is very cheap. (cherry picked from commit b957403efd53ff7d826ac7a4f80487032c03824b)
2017-01-20 19:50:25 +01:00
NMMatchSpecMatchType nm_match_spec_config(const GSList *specs, guint nm_version, const char *env);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
GSList * nm_match_spec_split(const char *value);
char * nm_match_spec_join(GSList *specs);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
device: support match.interface-name Add support for matching a connection with the new match.interface-name property.
2018-08-09 09:29:51 +02:00
gboolean nm_wildcard_match_check(const char *str, const char *const *patterns, guint num_patterns);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: move matching of kernel command line to separate function
2020-06-23 08:39:04 +02:00
gboolean nm_utils_kernel_cmdline_match_check(const char *const *proc_cmdline,
const char *const *patterns,
guint num_patterns,
GError ** error);
core: add nm_utils_connection_match_spec_list() Add function nm_utils_connection_match_spec_list() to check whether a connection matches a spec list. Also document the supported syntax in the man page.
2021-06-03 09:01:18 +02:00
int nm_utils_connection_match_spec_list(NMConnection *connection,
const GSList *specs,
int no_match_value);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
/*****************************************************************************/
core: add nm_utils_connection_has_default_route() Taken from "src/nm-default-route-manager.c".
2017-08-30 19:17:29 +02:00
gboolean nm_utils_connection_has_default_route(NMConnection *connection,
int addr_family,
gboolean * out_is_never_default);
core: add nm_utils_cmp_connection_by_autoconnect_priority_p_with_data() function Have a proper cmp() function and a wrapper *_p_with_data() that can be used for g_qsort_with_data(). Thus, establish a naming scheme (*_p_with_data()) for these compare wrappers that we need all over the place. Note, we also have nm_strcmp_p_with_data() for the same reason and later more such functions will follow.
2017-02-03 15:38:58 +01:00
int nm_utils_cmp_connection_by_autoconnect_priority(NMConnection *a, NMConnection *b);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
core: explicitly pass D-Bus path to nm_utils_log_connection_diff() No longer rely on nm_connection_get_path() being meaningful in server. It also was wrong. During update, nm_settings_connection_update() would call nm_utils_log_connection_diff (replace_connection, NM_CONNECTION (self), ... where replace_connection has no path set, and nothing was logged. Fix it, by explicitly passing the D-Bus path. Also, because nm-core-utils.c should be independent of nm-dbus-object.h.
2018-03-29 11:47:52 +02:00
void nm_utils_log_connection_diff(NMConnection *connection,
NMConnection *diff_base,
guint32 level,
guint64 domain,
const char * name,
const char * prefix,
const char * dbus_path);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
gboolean nm_utils_is_specific_hostname(const char *name);
core: refactor loading machine-id and cache it Previously, whenever we needed /etc/machine-id we would re-load it from file. The are 3 downsides of that: - the smallest downside is the runtime overhead of repeatedly reading the file and parse it. - as we read it multiple times, it may change anytime. Most code in NetworkManager does not expect or handle a change of the machine-id. Generally, the admin should make sure that the machine-id is properly initialized before NetworkManager starts, and not change it. As such, a change of the machine-id should never happen in practice. But if it would change, we would get odd behaviors. Note for example how generate_duid_from_machine_id() already cached the generated DUID and only read it once. It's better to pick the machine-id once, and rely to use the same one for the remainder of the program. If the admin wants to change the machine-id, NetworkManager must be restarted as well (in case the admin cares). Also, as we now only load it once, it makes sense to log an error (once) when we fail to read the machine-id. - previously, loading the machine-id could fail each time. And we have to somehow handle that error. It seems, the best thing what we anyway can do, is to log an error once and continue with a fake machine-id. Here we add a fake machine-id based on the secret-key or the boot-id. Now obtaining a machine-id can no longer fail and error handling is no longer necessary. Also, ensure that a machine-id of all zeros is not valid. Technically, a machine-id is not an RFC 4122 UUID. But it's the same size, so we also use NMUuid data structure for it. While at it, also refactor caching of the boot-id and the secret key. In particular, fix the thread-safety of the double-checked locking implementations.
2018-10-30 14:07:11 +01:00
struct _NMUuid;
const char * nm_utils_machine_id_str(void);
const struct _NMUuid *nm_utils_machine_id_bin(void);
gboolean nm_utils_machine_id_is_fake(void);
core/trivial: rename nm_utils_get_boot_id_*() Rename to nm_utils_boot_id_*(), it matches nm_utils_machine_id_*() and nm_utils_host_id_get().
2018-12-12 10:14:51 +01:00
const char * nm_utils_boot_id_str(void);
const struct _NMUuid *nm_utils_boot_id_bin(void);
nm-core-utils: add nm_utils_proc_cmdline Add a new function to read /proc/cmdline. The function caches the content.
2020-03-15 11:25:33 +01:00
const char * nm_utils_proc_cmdline(void);
const char *const * nm_utils_proc_cmdline_split(void);
core: add nm_utils_machine_id_read() and parse() util
2016-04-25 21:18:06 +02:00
core/trivial: rename secret-key to host-key Now that the secret-key is hashed with the machine-id, the name is no longer best. Sure, part of the key are persisted in /var/lib/NetworkManager/secret_key file, which the user is well advised to keep secret. But what nm_utils_secret_key_get() returns is first and foremost a binary key that is per-host and used for hashing a per-host component. It's really the "host-id". Compare that to what we also have, the "machine-id" and the "boot-id". Rename.
2018-12-12 10:10:38 +01:00
gboolean nm_utils_host_id_get(const guint8 **out_host_id, gsize *out_host_id_len);
core: never fail reading host-id timestamp and never change it The timestamp of the host-id is the timestamp of the secret_key file. Under normal circumstances, reading the timestamp should never fail, and reading it multiple times should always yield the same result. If we unexpectedly fail to read the timestamp from the file we want: - log a warning, so that the user can find out what's wrong. But do so only once. - we don't want to handle errors or fail operation due to a missing timestamp. Remember, it's not supposed to ever fail, and if it does, just log a warning and proceed with a fake timestamp instead. In that case something is wrong, but using a non-stable, fake timestamp is the least of the problems here. We already have a stable identifier (the host-id) which we can use to generate a fake timestamp. Use it. In case the user would replace the secret_key file, we also don't want that accessing nm_utils_host_id_get_timestamp*() yields different results. It's not implemented (nor necessary) to support reloading a different timestamp. Hence, nm_utils_host_id_get_timestamp() should memoize the value and ensure that it never changes.
2018-12-12 11:04:12 +01:00
gint64 nm_utils_host_id_get_timestamp_ns(void);
core: add nm_utils_get_secret_key() util
2016-04-25 18:14:25 +02:00
core/tests: add nmtst_utils_host_id_{push,pop}() helpers to stub the host-id The host-id gets read from /var/lib/NetworkManager/secret_key, and cached in a global variable. Other parts of the code can get the host ID using a singleton function. For testing, we need to inject a different host-id. Add two push/pop functions for that. Unlike nm_utils_host_id_get(), these functions are not thread-safe (nor is it possible to make them thread-safe in a reasonable manner).
2021-09-07 09:34:43 +02:00
void nmtst_utils_host_id_push(const guint8 *host_id,
gssize host_id_len,
gboolean is_good,
const gint64 *timestamp_ns);
void nmtst_utils_host_id_pop(void);
static inline void
_nmtst_auto_utils_host_id_context_pop(const char *const *unused)
{
nmtst_utils_host_id_pop();
}
#define _NMTST_UTILS_HOST_ID_CONTEXT(uniq, host_id) \
_nm_unused nm_auto(_nmtst_auto_utils_host_id_context_pop) \
const char *const NM_UNIQ_T(_host_id_context_, uniq) = ({ \
const gint64 _timestamp_ns = 1631000672; \
\
nmtst_utils_host_id_push((const guint8 *) "" host_id "", \
NM_STRLEN(host_id), \
TRUE, \
&_timestamp_ns); \
"" host_id ""; \
})
#define NMTST_UTILS_HOST_ID_CONTEXT(host_id) _NMTST_UTILS_HOST_ID_CONTEXT(NM_UNIQ, host_id)
dhcp: move nm_utils_dhcp_client_id_mac() to "nm-core-utils.c" We will need it outside of "src/devices/nm-device.c".
2018-12-20 08:38:05 +01:00
/*****************************************************************************/
core/trivial: rename nm_utils_detect_arp_type_from_addrlen() to nm_utils_arp_type_detect_from_hwaddrlen() Rename the function so that the function name's prefix is the topic what this is about: arp-type.
2018-12-20 08:50:07 +01:00
int nm_utils_arp_type_detect_from_hwaddrlen(gsize hwaddr_len);
core: add nm_utils_detect_arp_type_from_addrlen() helper and use it in "nm-dhcp-systemd.c".
2018-12-14 08:45:09 +01:00
dhcp: move nm_utils_dhcp_client_id_mac() to "nm-core-utils.c" We will need it outside of "src/devices/nm-device.c".
2018-12-20 08:38:05 +01:00
gboolean nm_utils_arp_type_validate_hwaddr(int arp_type, const guint8 *hwaddr, gsize hwaddr_len);
gboolean
nm_utils_arp_type_get_hwaddr_relevant_part(int arp_type, const guint8 **hwaddr, gsize *hwaddr_len);
/*****************************************************************************/
core: add assertions for network_id/stable_type We require a network-id. Assert that it is set. Also, we encode the stable-id as uint8. Thus, add an assertion that we don't use more then 254 IDs. If we ever make use of stable-type 255, we must extend the encoding to allow for more values. The assertion is there to catch that.
2016-12-18 14:03:38 +01:00
typedef enum {
/* The stable type. Note that this value is encoded in the
* generated addresses, thus the numbers MUST not change.
*
* Also note, if we ever allocate ID 255, we must take care
* that nm_utils_ipv6_addr_set_stable_privacy() extends the
* uint8 encoding of this value. */
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
NM_UTILS_STABLE_TYPE_UUID = 0,
core: prefer connection.stable-id to generate IPv6 stable privacy addresses The Network_ID for generating RFC 7217 stable privacy IPv6 addresses is by default the UUID of the connection. Alternatively, prefer "connection.stable-id" as Network_ID to generate the stable addresses. This allows to configure a set of connections that all use the same Network_ID for generating stable addresses. Note that the stable-id and the UUID do no overlap, that is two connections [connection] uuid=uuid1 stable-id= and [connection] uuid=uuid2 stable-id=uuid1 generate distinct addresses.
2016-06-21 18:07:56 +02:00
NM_UTILS_STABLE_TYPE_STABLE_ID = 1,
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
NM_UTILS_STABLE_TYPE_GENERATED = 2,
NM_UTILS_STABLE_TYPE_RANDOM = 3,
core: prefer connection.stable-id to generate IPv6 stable privacy addresses The Network_ID for generating RFC 7217 stable privacy IPv6 addresses is by default the UUID of the connection. Alternatively, prefer "connection.stable-id" as Network_ID to generate the stable addresses. This allows to configure a set of connections that all use the same Network_ID for generating stable addresses. Note that the stable-id and the UUID do no overlap, that is two connections [connection] uuid=uuid1 stable-id= and [connection] uuid=uuid2 stable-id=uuid1 generate distinct addresses.
2016-06-21 18:07:56 +02:00
} NMUtilsStableType;
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
NMUtilsStableType nm_utils_stable_id_parse(const char *stable_id,
all: add stable-id specifier "${DEVICE}" Add new stable-id specifier "${DEVICE}" to explicitly declare that the connection's identity differs per-device. Note that for settings like "ipv6.addr-gen-mode=stable" we already hash the interface's name. So, in combination with addr-gen-mode, using this specifier has no real use. But for example, we don't do that for "ipv4.dhcp-client-id=stable". Point being, in various context we possibly already include a per-device token into the generation algorithm. But that is not the case for all contexts and uses. Especially the DHCPv4 client identifier is supposed to differ between interfaces (according to RFC). We don't do that by default with "ipv4.dhcp-client-id=stable", but with "${DEVICE}" can can now be configured by the user. Note that the fact that the client-id is the same accross interfaces, is not a common problem, because profiles are usually restricted to one device via connection.interface-name.
2018-05-22 18:35:43 +02:00
const char *deviceid,
all: add "${MAC}" substituion for "connection.stable-id" We already had "${DEVICE}" which uses the interface name. In times of predictable interface naming, that works well. It allows the user to generate IDs per device which don't change when the hardware is replaced. "${MAC}" is similar, except that is uses the permanent MAC address of the device. The substitution results in the empty word, if the device has no permanent MAC address (like software devices). The per-device substitutions "${DEVICE}" and "${MAC}" are especially interesting with "connection.multi-connect=multiple".
2018-11-02 12:07:09 +01:00
const char *hwaddr,
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
const char *bootid,
all: add stable-id specifier "${DEVICE}" Add new stable-id specifier "${DEVICE}" to explicitly declare that the connection's identity differs per-device. Note that for settings like "ipv6.addr-gen-mode=stable" we already hash the interface's name. So, in combination with addr-gen-mode, using this specifier has no real use. But for example, we don't do that for "ipv4.dhcp-client-id=stable". Point being, in various context we possibly already include a per-device token into the generation algorithm. But that is not the case for all contexts and uses. Especially the DHCPv4 client identifier is supposed to differ between interfaces (according to RFC). We don't do that by default with "ipv4.dhcp-client-id=stable", but with "${DEVICE}" can can now be configured by the user. Note that the fact that the client-id is the same accross interfaces, is not a common problem, because profiles are usually restricted to one device via connection.interface-name.
2018-05-22 18:35:43 +02:00
const char *uuid,
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
char ** out_generated);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
device: support dynamic "connection.stable-id" in form of text-substitution Usecase: when connecting to a public Wi-Fi with MAC address randomization ("wifi.cloned-mac-address=random") you get on every re-connect a new IP address due to the changing MAC address. "wifi.cloned-mac-address=stable" is the solution for that. But that means, every time when reconnecting to this network, the same ID will be reused. We want an ID that is stable for a while, but at a later point a new ID should e generated when revisiting the Wi-Fi network. Extend the stable-id to become dynamic and support templates/substitutions. Currently supported is "${CONNECTION}", "${BOOT}" and "${RANDOM}". Any unrecognized pattern is treated verbaim/untranslated. "$$" is treated special to allow escaping the '$' character. This allows the user to still embed verbatim '$' characters with the guarantee that future versions of NetworkManager will still generate the same ID. Of course, a user could just avoid '$' in the stable-id unless using it for dynamic substitutions. Later we might want to add more recognized substitutions. For example, it could be useful to generate new IDs based on the current time. The ${} syntax is extendable to support arguments like "${PERIODIC:weekly}". Also allow "connection.stable-id" to be set as global default value. Previously that made no sense because the stable-id was static and is anyway strongly tied to the identity of the connection profile. Now, with dynamic stable-ids it gets much more useful to specify a global default. Note that pre-existing stable-ids don't change and still generate the same addresses -- unless they contain one of the new ${} patterns.
2016-12-18 13:54:26 +01:00
char *nm_utils_stable_id_random(void);
char *nm_utils_stable_id_generated_complete(const char *msg);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
core: refactor nm_utils_ipv6_addr_set_stable_privacy() to not fail It's great to have functions that cannot fail, because it allows to skip any error handling. _set_stable_privacy() as it was could not fail, so the only reason why nm_utils_ipv6_addr_set_stable_privacy() could fail is because the DAD counter exhausted. Also, it will be useful to have a function that does not do the counter check, where the caller wants to handle that differently. Rename some functions, and make the core nm_utils_ipv6_addr_set_stable_privacy() not failable.
2021-08-25 15:13:36 +02:00
#define NM_STABLE_PRIVACY_RFC7217_IDGEN_RETRIES 3
void nm_utils_ipv6_addr_set_stable_privacy_with_host_id(NMUtilsStableType stable_type,
struct in6_addr * addr,
const char * ifname,
const char * network_id,
guint32 dad_counter,
const guint8 * host_id,
gsize host_id_len);
void nm_utils_ipv6_addr_set_stable_privacy(NMUtilsStableType stable_type,
struct in6_addr * addr,
const char * ifname,
const char * network_id,
guint32 dad_counter);
gboolean nm_utils_ipv6_addr_set_stable_privacy_may_fail(NMUtilsStableType stable_type,
struct in6_addr * addr,
const char * ifname,
const char * network_id,
guint32 dad_counter,
GError ** error);
all: reformat all with new clang-format style Run: ./contrib/scripts/nm-code-format.sh -i ./contrib/scripts/nm-code-format.sh -i Yes, it needs to run twice because the first run doesn't yet produce the final result. Signed-off-by: Antonio Cardace <acardace@redhat.com>
2020-09-28 16:03:33 +02:00
all: make MAC address randomization algorithm configurable For the per-connection settings "ethernet.cloned-mac-address" and "wifi.cloned-mac-address", and for the per-device setting "wifi.scan-rand-mac-address", we may generate MAC addresses using either the "random" or "stable" algorithm. Add new properties "generate-mac-address-mask" that allow to configure which bits of the MAC address will be scrambled. By default, the "random" and "stable" algorithms scamble all bits of the MAC address, including the OUI part and generate a locally- administered, unicast address. By specifying a MAC address mask, we can now configure to perserve parts of the current MAC address of the device. For example, setting "FF:FF:FF:00:00:00" will preserve the first 3 octects of the current MAC address. One can also explicitly specify a MAC address to use instead of the current MAC address. For example, "FF:FF:FF:00:00:00 68:F7:28:00:00:00" sets the OUI part of the MAC address to "68:F7:28" while scrambling the last 3 octects. Similarly, "02:00:00:00:00:00 00:00:00:00:00:00" will scamble all bits of the MAC address, except clearing the second-least significant bit. Thus, creating a burned-in address, globally administered. One can also supply a list of MAC addresses like "FF:FF:FF:00:00:00 68:F7:28:00:00:00 00:0C:29:00:00:00 ..." in which case a MAC address is choosen randomly. To fully scamble the MAC address one can configure "02:00:00:00:00:00 00:00:00:00:00:00 02:00:00:00:00:00". which also randomly creates either a locally or globally administered address. With this, the following macchanger options can be implemented: `macchanger --random` This is the default if no mask is configured. -> "" while is the same as: -> "00:00:00:00:00:00" -> "02:00:00:00:00:00 02:00:00:00:00:00" `macchanger --random --bia` -> "02:00:00:00:00:00 00:00:00:00:00:00" `macchanger --ending` This option cannot be fully implemented, because macchanger uses the current MAC address but also implies --bia. -> "FF:FF:FF:00:00:00" This would yields the same result only if the current MAC address is already a burned-in address too. Otherwise, it has not the same effect as --ending. -> "FF:FF:FF:00:00:00 <MAC_ADDR>" Alternatively, instead of using the current MAC address, spell the OUI part out. But again, that is not really the same as macchanger does because you explictly have to name the OUI part to use. `machanger --another` `machanger --another_any` -> "FF:FF:FF:00:00:00 <MAC_ADDR> <MAC_ADDR> ..." "$(printf "FF:FF:FF:00:00:00 %s\n" "$(sed -n 's/^\([0-9a-fA-F][0-9a-fA-F]\) \([0-9a-fA-F][0-9a-fA-F]\) \([0-9a-fA-F][0-9a-fA-F]\) .*/\1:\2:\3:00:00:00/p' /usr/share/macchanger/wireless.list | xargs)")"
2016-06-22 20:31:39 +02:00
char *nm_utils_hw_addr_gen_random_eth(const char *current_mac_address,
const char *generate_mac_address_mask);
build: merge "src/tests/Makefile.am" into toplevel Makefile
2016-10-18 11:54:58 +02:00
char *nm_utils_hw_addr_gen_stable_eth_impl(NMUtilsStableType stable_type,
const char * stable_id,
core/trivial: rename secret-key to host-key Now that the secret-key is hashed with the machine-id, the name is no longer best. Sure, part of the key are persisted in /var/lib/NetworkManager/secret_key file, which the user is well advised to keep secret. But what nm_utils_secret_key_get() returns is first and foremost a binary key that is per-host and used for hashing a per-host component. It's really the "host-id". Compare that to what we also have, the "machine-id" and the "boot-id". Rename.
2018-12-12 10:10:38 +01:00
const guint8 * host_id,
gsize host_id_len,
build: merge "src/tests/Makefile.am" into toplevel Makefile
2016-10-18 11:54:58 +02:00
const char * ifname,
const char * current_mac_address,
const char * generate_mac_address_mask);
device: extend MAC address handling including randomization for ethernet and wifi Extend the "ethernet.cloned-mac-address" and "wifi.cloned-mac-address" settings. Instead of specifying an explicit MAC address, the additional special values "permanent", "preserve", "random", "random-bia", "stable" and "stable-bia" are supported. "permanent" means to use the permanent hardware address. Previously that was the default if no explict cloned-mac-address was set. The default is thus still "permanent", but it can be overwritten by global configuration. "preserve" means not to configure the MAC address when activating the device. That was actually the default behavior before introducing MAC address handling with commit 1b49f941a69af910b0e68530be7339e8053068e5. "random" and "random-bia" use a randomized MAC address for each connection. "stable" and "stable-bia" use a generated, stable address based on some token. The "bia" suffix says to generate a burned-in address. The stable method by default uses as token the connection UUID, but the token can be explicitly choosen via "stable:<TOKEN>" and "stable-bia:<TOKEN>". On a D-Bus level, the "cloned-mac-address" is a bytestring and thus cannot express the new forms. It is replaced by the new "assigned-mac-address" field. For the GObject property, libnm's API, nmcli, keyfile, etc. the old name "cloned-mac-address" is still used. Deprecating the old field seems more complicated then just extending the use of the existing "cloned-mac-address" field, although the name doesn't match well with the extended meaning. There is some overlap with the "wifi.mac-address-randomization" setting. https://bugzilla.gnome.org/show_bug.cgi?id=705545 https://bugzilla.gnome.org/show_bug.cgi?id=708820 https://bugzilla.gnome.org/show_bug.cgi?id=758301
2016-05-24 15:57:16 +02:00
char *nm_utils_hw_addr_gen_stable_eth(NMUtilsStableType stable_type,
const char * stable_id,
all: make MAC address randomization algorithm configurable For the per-connection settings "ethernet.cloned-mac-address" and "wifi.cloned-mac-address", and for the per-device setting "wifi.scan-rand-mac-address", we may generate MAC addresses using either the "random" or "stable" algorithm. Add new properties "generate-mac-address-mask" that allow to configure which bits of the MAC address will be scrambled. By default, the "random" and "stable" algorithms scamble all bits of the MAC address, including the OUI part and generate a locally- administered, unicast address. By specifying a MAC address mask, we can now configure to perserve parts of the current MAC address of the device. For example, setting "FF:FF:FF:00:00:00" will preserve the first 3 octects of the current MAC address. One can also explicitly specify a MAC address to use instead of the current MAC address. For example, "FF:FF:FF:00:00:00 68:F7:28:00:00:00" sets the OUI part of the MAC address to "68:F7:28" while scrambling the last 3 octects. Similarly, "02:00:00:00:00:00 00:00:00:00:00:00" will scamble all bits of the MAC address, except clearing the second-least significant bit. Thus, creating a burned-in address, globally administered. One can also supply a list of MAC addresses like "FF:FF:FF:00:00:00 68:F7:28:00:00:00 00:0C:29:00:00:00 ..." in which case a MAC address is choosen randomly. To fully scamble the MAC address one can configure "02:00:00:00:00:00 00:00:00:00:00:00 02:00:00:00:00:00". which also randomly creates either a locally or globally administered address. With this, the following macchanger options can be implemented: `macchanger --random` This is the default if no mask is configured. -> "" while is the same as: -> "00:00:00:00:00:00" -> "02:00:00:00:00:00 02:00:00:00:00:00" `macchanger --random --bia` -> "02:00:00:00:00:00 00:00:00:00:00:00" `macchanger --ending` This option cannot be fully implemented, because macchanger uses the current MAC address but also implies --bia. -> "FF:FF:FF:00:00:00" This would yields the same result only if the current MAC address is already a burned-in address too. Otherwise, it has not the same effect as --ending. -> "FF:FF:FF:00:00:00 <MAC_ADDR>" Alternatively, instead of using the current MAC address, spell the OUI part out. But again, that is not really the same as macchanger does because you explictly have to name the OUI part to use. `machanger --another` `machanger --another_any` -> "FF:FF:FF:00:00:00 <MAC_ADDR> <MAC_ADDR> ..." "$(printf "FF:FF:FF:00:00:00 %s\n" "$(sed -n 's/^\([0-9a-fA-F][0-9a-fA-F]\) \([0-9a-fA-F][0-9a-fA-F]\) \([0-9a-fA-F][0-9a-fA-F]\) .*/\1:\2:\3:00:00:00/p' /usr/share/macchanger/wireless.list | xargs)")"
2016-06-22 20:31:39 +02:00
const char * ifname,
const char * current_mac_address,
const char * generate_mac_address_mask);
device: extend MAC address handling including randomization for ethernet and wifi Extend the "ethernet.cloned-mac-address" and "wifi.cloned-mac-address" settings. Instead of specifying an explicit MAC address, the additional special values "permanent", "preserve", "random", "random-bia", "stable" and "stable-bia" are supported. "permanent" means to use the permanent hardware address. Previously that was the default if no explict cloned-mac-address was set. The default is thus still "permanent", but it can be overwritten by global configuration. "preserve" means not to configure the MAC address when activating the device. That was actually the default behavior before introducing MAC address handling with commit 1b49f941a69af910b0e68530be7339e8053068e5. "random" and "random-bia" use a randomized MAC address for each connection. "stable" and "stable-bia" use a generated, stable address based on some token. The "bia" suffix says to generate a burned-in address. The stable method by default uses as token the connection UUID, but the token can be explicitly choosen via "stable:<TOKEN>" and "stable-bia:<TOKEN>". On a D-Bus level, the "cloned-mac-address" is a bytestring and thus cannot express the new forms. It is replaced by the new "assigned-mac-address" field. For the GObject property, libnm's API, nmcli, keyfile, etc. the old name "cloned-mac-address" is still used. Deprecating the old field seems more complicated then just extending the use of the existing "cloned-mac-address" field, although the name doesn't match well with the extended meaning. There is some overlap with the "wifi.mac-address-randomization" setting. https://bugzilla.gnome.org/show_bug.cgi?id=705545 https://bugzilla.gnome.org/show_bug.cgi?id=708820 https://bugzilla.gnome.org/show_bug.cgi?id=758301
2016-05-24 15:57:16 +02:00
dhcp: reimplement node-specific DHCP client-id generation from systemd Our internal DHCP client (from systemd) defaults to a particular client ID. It is currently exposed as nm_sd_utils_generate_default_dhcp_client_id() and is based on the systemd implementation. One problem with that is, that it internally looks up the interface name with if_indextoname() and reads /etc/machine-id. Both makes it harder for testing. Another problem is, that this way of generating the client-id is currently limited to internal client. Why? If you use dhclient plugin, you may still want to use the same algorithm. Also, there is no explict "ipv4.dhcp-client-id" mode to select this client-id (so that it could be used in combination with "dhclient" plugin). As such, this code will be useful also aside systemd DHCP plugin. Hence, the function should not be obviously tied to systemd code. The implementation is simple enough, and since we already have a unit-test, refactor the code to our own implementation.
2018-10-30 08:37:48 +01:00
/*****************************************************************************/
dhcp: move nm_utils_dhcp_client_id_mac() to "nm-core-utils.c" We will need it outside of "src/devices/nm-device.c".
2018-12-20 08:38:05 +01:00
GBytes *nm_utils_dhcp_client_id_mac(int arp_type, const guint8 *hwaddr, gsize hwaddr_len);
core: add nm_utils_create_dhcp_iaid() util Split out nm_utils_create_dhcp_iaid(), we will need it later. This is also a re-implementation of systemd's dhcp_identifier_set_iaid().
2018-11-23 13:00:07 +01:00
guint32 nm_utils_create_dhcp_iaid(gboolean legacy_unstable_byteorder,
const guint8 *interface_id,
gsize interface_id_len);
device: add "ipv4.dhcp-client-id=ipv6-duid" property for RFC4361 RFC4361 intends to set the same IAID/DUID for both DHCPv4 and DHCPv6. Previously, we didn't have a mode for that. Of course, you could always set "ipv4.dhcp-client-id" and "ipv6.dhcp-duid" to (the same) hex string, but there was no automatic mode. Instead we had: - "ipv4.dhcp-client-id=duid" which sets the client ID to a stable, generated DUID. However, there was no option so that the same DUID/IAID would be automatically used for DHCPv6. - there are various special values for "ipv6.dhcp-duid" which generate a stable DUIDs. However, those values did not work for "ipv4.dhcp-client-id". Solve that by adding "ipv4.dhcp-client-id=ipv6-duid" which indicates to use the DUID from DHCPv6's "ipv6.dhcp-duid" setting. As IAID it will prefer "ipv4.dhcp-iaid" (if set), but fallback to "ipv6.dhcp-iaid". https://tools.ietf.org/html/rfc4361 https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/618 https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/718
2021-01-04 17:32:47 +01:00
GBytes *nm_utils_dhcp_client_id_duid(guint32 iaid, const guint8 *duid, gsize duid_len);
core: remove 'legacy_unstable_byteorder' argument from client-id helpers The argument has no effect because the order only influences IAID generation. (cherry picked from commit 4fcff3f34ca61610f00cd30926d5e0d36db6271f)
2019-12-02 11:29:13 +01:00
GBytes *nm_utils_dhcp_client_id_systemd_node_specific_full(guint32 iaid,
dhcp: reimplement node-specific DHCP client-id generation from systemd Our internal DHCP client (from systemd) defaults to a particular client ID. It is currently exposed as nm_sd_utils_generate_default_dhcp_client_id() and is based on the systemd implementation. One problem with that is, that it internally looks up the interface name with if_indextoname() and reads /etc/machine-id. Both makes it harder for testing. Another problem is, that this way of generating the client-id is currently limited to internal client. Why? If you use dhclient plugin, you may still want to use the same algorithm. Also, there is no explict "ipv4.dhcp-client-id" mode to select this client-id (so that it could be used in combination with "dhclient" plugin). As such, this code will be useful also aside systemd DHCP plugin. Hence, the function should not be obviously tied to systemd code. The implementation is simple enough, and since we already have a unit-test, refactor the code to our own implementation.
2018-10-30 08:37:48 +01:00
const guint8 *machine_id,
gsize machine_id_len);
core: remove 'legacy_unstable_byteorder' argument from client-id helpers The argument has no effect because the order only influences IAID generation. (cherry picked from commit 4fcff3f34ca61610f00cd30926d5e0d36db6271f)
2019-12-02 11:29:13 +01:00
GBytes *nm_utils_dhcp_client_id_systemd_node_specific(guint32 iaid);
dhcp: reimplement node-specific DHCP client-id generation from systemd Our internal DHCP client (from systemd) defaults to a particular client ID. It is currently exposed as nm_sd_utils_generate_default_dhcp_client_id() and is based on the systemd implementation. One problem with that is, that it internally looks up the interface name with if_indextoname() and reads /etc/machine-id. Both makes it harder for testing. Another problem is, that this way of generating the client-id is currently limited to internal client. Why? If you use dhclient plugin, you may still want to use the same algorithm. Also, there is no explict "ipv4.dhcp-client-id" mode to select this client-id (so that it could be used in combination with "dhclient" plugin). As such, this code will be useful also aside systemd DHCP plugin. Hence, the function should not be obviously tied to systemd code. The implementation is simple enough, and since we already have a unit-test, refactor the code to our own implementation.
2018-10-30 08:37:48 +01:00
/*****************************************************************************/
core: move nm_utils_generate_duid_from_machine_id() to "nm-core-utils.c"
2020-09-10 12:46:53 +02:00
/* RFC 3315 defines the epoch for the DUID-LLT time field on Jan 1st 2000. */
#define NM_UTILS_EPOCH_DATETIME_200001010000 946684800
struct _NMUuid;
GBytes *
nm_utils_generate_duid_llt(int arp_type, const guint8 *hwaddr, gsize hwaddr_len, gint64 time);
GBytes *nm_utils_generate_duid_ll(int arp_type, const guint8 *hwaddr, gsize hwaddr_len);
GBytes *nm_utils_generate_duid_uuid(const struct _NMUuid *uuid);
GBytes *nm_utils_generate_duid_from_machine_id(void);
/*****************************************************************************/
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
void nm_utils_array_remove_at_indexes(GArray *array, const guint *indexes_to_delete, gsize len);
void nm_utils_setpgid(gpointer unused);
typedef enum {
NM_UTILS_TEST_NONE = 0,
/* Internal flag, marking that either nm_utils_get_testing() or _nm_utils_set_testing() was called. */
_NM_UTILS_TEST_INITIALIZED = (1LL << 0),
/* Indicate that test mode is enabled in general. Explicitly calling _nm_utils_set_testing() will always set this flag. */
_NM_UTILS_TEST_GENERAL = (1LL << 1),
/* Don't check the owner of keyfiles during testing. */
NM_UTILS_TEST_NO_KEYFILE_OWNER_CHECK = (1LL << 2),
_NM_UTILS_TEST_LAST,
NM_UTILS_TEST_ALL = (((_NM_UTILS_TEST_LAST - 1) << 1) - 1) & ~(_NM_UTILS_TEST_INITIALIZED),
} NMUtilsTestFlags;
gboolean nm_utils_get_testing_initialized(void);
NMUtilsTestFlags nm_utils_get_testing(void);
void _nm_utils_set_testing(NMUtilsTestFlags flags);
void nm_utils_g_value_set_strv(GValue *value, GPtrArray *strings);
core: move nm_utils_ip4_address_is_link_local() to header file It's so simple, let's move it so it can be inlined.
2020-07-22 18:28:12 +02:00
/*****************************************************************************/
core: reuse common static string buffer in nm_utils_dnsmasq_status_to_string() Instead of declaring our local string buffer @buffer, reuse nm_utils_to_string_buffer_init(). https://github.com/NetworkManager/NetworkManager/pull/8
2016-06-02 19:17:35 +02:00
const char *nm_utils_dnsmasq_status_to_string(int status, char *dest, gsize size);
core: introduce nm_utils_dnsmasq_status_to_string()
2016-05-01 22:24:41 +02:00
core/trivial: rename nm_utils_get_reverse_dns_domains_ip*() functions Let's add a nm_utils_get_reverse_dns_domains_ip() function, which can operate on both address families. We frequently do that, but then our address family specific functions tend to have an underscore in the name. Rename.
2020-11-20 20:08:37 +01:00
void nm_utils_get_reverse_dns_domains_ip_4(guint32 ip, guint8 plen, GPtrArray *domains);
dns: add reverse DNS IPv6 entries to dnsmasq https://bugzilla.gnome.org/show_bug.cgi?id=767174
2016-06-03 22:07:42 +02:00
void
core/trivial: rename nm_utils_get_reverse_dns_domains_ip*() functions Let's add a nm_utils_get_reverse_dns_domains_ip() function, which can operate on both address families. We frequently do that, but then our address family specific functions tend to have an underscore in the name. Rename.
2020-11-20 20:08:37 +01:00
nm_utils_get_reverse_dns_domains_ip_6(const struct in6_addr *ip, guint8 plen, GPtrArray *domains);
dns: add CIDR reverse DNS IPv4 entries to dnsmasq When a reverse DNS entry must be added to dnsmasq, instead of considering IP addresses as classful use the prefix to compute one or more "in-addr.arpa" according to CIDR rules. https://bugzilla.gnome.org/show_bug.cgi?id=767174
2016-06-03 22:07:38 +02:00
core: add nm_utils_get_reverse_dns_domains_ip() helper
2020-11-20 20:10:57 +01:00
static inline void
nm_utils_get_reverse_dns_domains_ip(int addr_family,
gconstpointer addr,
guint8 plen,
GPtrArray * domains)
{
if (NM_IS_IPv4(addr_family))
nm_utils_get_reverse_dns_domains_ip_4(*((const in_addr_t *) addr), plen, domains);
else
nm_utils_get_reverse_dns_domains_ip_6(addr, plen, domains);
}
core: factor out plugin validation The new function will be used to validate other plugins we load.
2016-11-17 09:56:16 +01:00
struct stat;
gboolean nm_utils_validate_plugin(const char *path, struct stat *stat, GError **error);
core: move plugin path reading function to nm-core-utils.c Even if it's called only from one place, it can be considered an utility function.
2016-11-03 18:07:11 +01:00
char ** nm_utils_read_plugin_paths(const char *dirname, const char *prefix);
core: split nm_utils_format_con_diff_for_audit() The function will be called to display in audit logs the changes done to connections.
2017-03-03 23:59:16 +01:00
char * nm_utils_format_con_diff_for_audit(GHashTable *diff);
ndisc: rename NMNDiscPreference to NMIcmpv6RouterPref We encounter the same enum in 3 forms: - NMNDiscPreference in NetworkManager - "enum ndp_route_preference" in <ndp.h> - ICMPV6_ROUTER_PREF_* in <linux/icmpv6.h> Move our enum to nm-core-utils.h, so that it can be used by platform code as well (platform code should not include ndisc/nm-ndisc.h). Also, NMNDiscPreference was not numerically identical to their native values (meaning: it shuffled the names and numbers). Make them all numerically equal, so that they can be used in the same context. This means, while previously we could compare NMNDiscPreference directly according to their priority, we now need _preference_to_priority(). On the other hand, we could omit translate_preference() -- but actually, we still have _route_preference_coerce() because pref comes from libndp and is thus untrusted. We still have to range check it.
2017-10-09 11:56:51 +02:00
/*****************************************************************************/
core: add activation-type property to active-connection It is still unused, but will be useful to mark a connection whether it is a full activation or assumed.
2017-03-07 11:04:36 +01:00
const char *nm_activation_type_to_string(NMActivationType activation_type);
/*****************************************************************************/
dns: introduce routing domains Similarly to what systemd-resolved does, introduce the concept of "routing" domain, which is a domain in the search list that is used only to decide the interface over which a query must be forwarded, but is not used to complete unqualified host names. Routing domains are those starting with a tilde ('~') before the actual domain name. Domains without the initial tilde are used both for completing unqualified names and for the routing decision.
2018-01-10 11:23:33 +01:00
const char *nm_utils_parse_dns_domain(const char *domain, gboolean *is_routing);
policy: treat WireGuard devices as VPN for DNS WireGuard devices are (will be) regular NMDevice implementations, but NMDnsManager should treat them like VPN. For that, reuse the device's type and nm_device_get_route_metric_default().
2019-02-09 11:46:47 +01:00
/*****************************************************************************/
wifi: move nm_wifi_utils_parse_ies() to "src/nm-core-utils.h" We will need it in "src/supplicant".
2020-01-27 20:16:22 +01:00
void nm_wifi_utils_parse_ies(const guint8 *bytes,
gsize len,
guint32 * out_max_rate,
nm-supplicant-interface: enable OWE security when transition mode is available This pull requests sets the OWE flag for an open network advertising an OWE enabled transition BSSID. This way, hostapd will automatically connect to the OWE secured BSSID advertised in the transition mode information element. Signed-off-by: David Bauer <mail@david-bauer.net> https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/442
2020-03-16 03:03:32 +01:00
gboolean * out_metered,
core/wifi: always set owe_transition_mode output in nm_wifi_utils_parse_ies() ... and rename output variable.
2020-03-22 11:04:28 +01:00
gboolean * out_owe_transition_mode);
wifi: move nm_wifi_utils_parse_ies() to "src/nm-core-utils.h" We will need it in "src/supplicant".
2020-01-27 20:16:22 +01:00
wifi: move nm_wifi_utils_level_to_quality() to "src/nm-core-utils.h" It will be used outside of Wi-Fi device plugin. Namely, NMSupplicantInterface needs to convert the signal strength from supplicant to percent.
2020-01-27 19:31:23 +01:00
guint8 nm_wifi_utils_level_to_quality(int val);
/*****************************************************************************/
policy: treat WireGuard devices as VPN for DNS WireGuard devices are (will be) regular NMDevice implementations, but NMDnsManager should treat them like VPN. For that, reuse the device's type and nm_device_get_route_metric_default().
2019-02-09 11:46:47 +01:00
#define NM_VPN_ROUTE_METRIC_DEFAULT 50
core: add defines for common authentication-related error messages All D-Bus method call implementations use similar error messages when authenticating requests; add defines for them to ensure the same exact message is reused.
2019-09-04 10:18:56 +02:00
#define NM_UTILS_ERROR_MSG_REQ_AUTH_FAILED "Unable to authenticate the request"
#define NM_UTILS_ERROR_MSG_REQ_UID_UKNOWN "Unable to determine UID of the request"
#define NM_UTILS_ERROR_MSG_INSUFF_PRIV "Insufficient privileges"
core: add infrastructure for spawning a helper process (cherry picked from commit 6ac21ba916b3def3172773b774989c9f4d66ec6d)
2021-05-24 21:49:35 +02:00
/*****************************************************************************/
void nm_utils_spawn_helper(const char *const * args,
GCancellable * cancellable,
GAsyncReadyCallback callback,
gpointer cb_data);
char *nm_utils_spawn_helper_finish(GAsyncResult *result, GError **error);
core: split "nm-core-utils.h" out of "NetworkManagerUtils.h" "NetworkManagerUtils.h" contains a bunch of helper tools for core daemon ("src/"). Unfortunately, it has dependencies to other parts of core, such as "nm-device.h" and "nm-platform.h". Split out a part of tools that are independent so that they can be used without dragging in other dependencies. "nm-core-utils.h" should only use libnm-core, "nm-logging.h" and shared. "NetworkManagerUtils.h" should provide all "nm-core-utils.h" and possibly other utilities that have larger dependencies.
2016-03-01 09:56:51 +01:00
#endif /* __NM_CORE_UTILS_H__ */
Reference in a new issue Copy permalink