From 794ed1c9efc8ddd3677e125795acd40c69a5ed5a Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 18 Feb 2014 22:00:26 +0100
Subject: [PATCH] libnm-util: validate master/slave-type property in
 NMSettingConnection::verify()

- Before, when setting the slave-type to an invalid type, the setting
  was silently accepted. Now verification fails with "Unknown slave type '%s'"

- Before, the @master property was not checked. So you could have a @slave-type,
  without having @master set. And similarly, you could have @master, but
  no @slave-type. Fix both issues.

Signed-off-by: Thomas Haller <thaller@redhat.com>
---
 libnm-util/nm-setting-connection.c | 36 ++++++++++++++++++++++++++----
 1 file changed, 32 insertions(+), 4 deletions(-)

diff --git a/libnm-util/nm-setting-connection.c b/libnm-util/nm-setting-connection.c
index 036914d08b..16541f398e 100644
--- a/libnm-util/nm-setting-connection.c
+++ b/libnm-util/nm-setting-connection.c
@@ -867,15 +867,34 @@ verify (NMSetting *setting, GSList *all_settings, GError **error)
 		return FALSE;
 	}
 
-	is_slave = (   !g_strcmp0 (priv->slave_type, NM_SETTING_BOND_SETTING_NAME)
-	            || !g_strcmp0 (priv->slave_type, NM_SETTING_BRIDGE_SETTING_NAME)
-	            || !g_strcmp0 (priv->slave_type, NM_SETTING_TEAM_SETTING_NAME));
+	is_slave = (   priv->slave_type
+	            && (   !strcmp (priv->slave_type, NM_SETTING_BOND_SETTING_NAME)
+	                || !strcmp (priv->slave_type, NM_SETTING_BRIDGE_SETTING_NAME)
+	                || !strcmp (priv->slave_type, NM_SETTING_TEAM_SETTING_NAME)));
+
+	if (priv->slave_type && !is_slave) {
+		g_set_error (error,
+		             NM_SETTING_CONNECTION_ERROR,
+		             NM_SETTING_CONNECTION_ERROR_INVALID_PROPERTY,
+		             _("Unknown slave type '%s'"), priv->slave_type);
+		g_prefix_error (error, "%s.%s: ", NM_SETTING_CONNECTION_SETTING_NAME, NM_SETTING_CONNECTION_SLAVE_TYPE);
+		return NM_SETTING_VERIFY_ERROR;
+	}
 
-	/* Bond/bridge/team slaves are not allowed to have any IP configuration. */
 	if (is_slave) {
 		NMSettingIP4Config *s_ip4;
 		NMSettingIP6Config *s_ip6;
 
+		if (!priv->master) {
+			g_set_error_literal (error,
+			                     NM_SETTING_CONNECTION_ERROR,
+			                     NM_SETTING_CONNECTION_ERROR_MISSING_PROPERTY,
+			                     _("Slave connections need a valid '" NM_SETTING_CONNECTION_MASTER "' property"));
+			g_prefix_error (error, "%s.%s: ", NM_SETTING_CONNECTION_SETTING_NAME, NM_SETTING_CONNECTION_MASTER);
+			return NM_SETTING_VERIFY_ERROR;
+		}
+
+		/* Bond/bridge/team slaves are not allowed to have any IP configuration. */
 		s_ip4 = NM_SETTING_IP4_CONFIG (nm_setting_find_in_list (all_settings, NM_SETTING_IP4_CONFIG_SETTING_NAME));
 		if (s_ip4) {
 			if (strcmp (nm_setting_ip4_config_get_method (s_ip4),
@@ -901,6 +920,15 @@ verify (NMSetting *setting, GSList *all_settings, GError **error)
 				return FALSE;
 			}
 		}
+	} else {
+		if (priv->master) {
+			g_set_error_literal (error,
+			                     NM_SETTING_CONNECTION_ERROR,
+			                     NM_SETTING_CONNECTION_ERROR_MISSING_PROPERTY,
+			                     _("Cannot set '" NM_SETTING_CONNECTION_MASTER "' without '" NM_SETTING_CONNECTION_SLAVE_TYPE "'"));
+			g_prefix_error (error, "%s.%s: ", NM_SETTING_CONNECTION_SETTING_NAME, NM_SETTING_CONNECTION_SLAVE_TYPE);
+			return NM_SETTING_VERIFY_ERROR;
+		}
 	}
 
 	return TRUE;