From 5be0113b0953e109d25f0621be37d58ee85f74d4 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 8 Jun 2020 16:55:03 +0200
Subject: [PATCH 01/31] shared: add nm_utils_buf_utf8safe_escape_cp() helper

(cherry picked from commit 393bc8c8f66a852e04e2328675bdb0a26066cd0b)
(cherry picked from commit 10b0260d1931a768877da103515c891ee6a7abf9)
(cherry picked from commit ff8ba801f32504c87af7a0f977a47d2118898e78)
(cherry picked from commit 5838f827072fc774d3efec1b2262a36714543aa9)
---
 shared/nm-glib-aux/nm-shared-utils.c | 11 +++++++++++
 shared/nm-glib-aux/nm-shared-utils.h |  1 +
 2 files changed, 12 insertions(+)

diff --git a/shared/nm-glib-aux/nm-shared-utils.c b/shared/nm-glib-aux/nm-shared-utils.c
index 62753dc06e..c8ba114f8d 100644
--- a/shared/nm-glib-aux/nm-shared-utils.c
+++ b/shared/nm-glib-aux/nm-shared-utils.c
@@ -2095,6 +2095,17 @@ nm_utils_buf_utf8safe_escape_bytes (GBytes *bytes, NMUtilsStrUtf8SafeFlags flags
 	return nm_utils_buf_utf8safe_escape (p, l, flags, to_free);
 }
 
+char *
+nm_utils_buf_utf8safe_escape_cp (gconstpointer buf, gssize buflen, NMUtilsStrUtf8SafeFlags flags)
+{
+	const char *s_const;
+	char *s;
+
+	s_const = nm_utils_buf_utf8safe_escape (buf, buflen, flags, &s);
+	nm_assert (!s || s == s_const);
+	return s ?: g_strdup (s_const);
+}
+
 /*****************************************************************************/
 
 const char *
diff --git a/shared/nm-glib-aux/nm-shared-utils.h b/shared/nm-glib-aux/nm-shared-utils.h
index e069366afc..7e83078672 100644
--- a/shared/nm-glib-aux/nm-shared-utils.h
+++ b/shared/nm-glib-aux/nm-shared-utils.h
@@ -860,6 +860,7 @@ typedef enum {
 } NMUtilsStrUtf8SafeFlags;
 
 const char *nm_utils_buf_utf8safe_escape (gconstpointer buf, gssize buflen, NMUtilsStrUtf8SafeFlags flags, char **to_free);
+char *nm_utils_buf_utf8safe_escape_cp (gconstpointer buf, gssize buflen, NMUtilsStrUtf8SafeFlags flags);
 const char *nm_utils_buf_utf8safe_escape_bytes (GBytes *bytes, NMUtilsStrUtf8SafeFlags flags, char **to_free);
 gconstpointer nm_utils_buf_utf8safe_unescape (const char *str, gsize *out_len, gpointer *to_free);
 

From 91c0a3eb3465fa0c40493d90ae11e65993a9a828 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 7 May 2020 09:30:02 +0200
Subject: [PATCH 02/31] ifcfg-rh: check return value of fdopen()

Reported by coverity:

>>> CID 210222: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a pointer that might be "NULL" "f" when calling
    "fseek".

Fixes: ac5206aa9c5a ('2007-11-21')
(cherry picked from commit 581aa981c27d4bde17eb8772fe92697f586a6ed6)
(cherry picked from commit bb40de0ca02e4f41e17d3fdccd0df87c79182bdd)
(cherry picked from commit cde95a3c755cc350ea0b9d24f35f88b2b2aad067)
(cherry picked from commit 3293ad0fbcf58bb970868fb48b2329253c404282)
---
 src/settings/plugins/ifcfg-rh/shvar.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/settings/plugins/ifcfg-rh/shvar.c b/src/settings/plugins/ifcfg-rh/shvar.c
index d25eb13840..5690a82a4d 100644
--- a/src/settings/plugins/ifcfg-rh/shvar.c
+++ b/src/settings/plugins/ifcfg-rh/shvar.c
@@ -1421,6 +1421,13 @@ svWriteFile (shvarFile *s, int mode, GError **error)
 			return FALSE;
 		}
 		f = fdopen (tmpfd, "w");
+		if (!f) {
+			errsv = errno;
+			g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errsv),
+			             "Internal error writing file '%s': %s",
+			             s->fileName, nm_strerror_native (errsv));
+			return FALSE;
+		}
 		fseek (f, 0, SEEK_SET);
 		c_list_for_each (current, &s->lst_head) {
 			const shvarLine *line = c_list_entry (current, shvarLine, lst);

From 455371c258ab440a90b8601314c2d33557bfcafa Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 18 Jun 2020 17:25:42 +0200
Subject: [PATCH 03/31] ifcfg-rh: fix memory leak reading tc filters

Fixes: 902bbfdb1878 ('ifcfg-rh: add tc support')
(cherry picked from commit 88e8f2829e5f8f3ea78a323e617ae4ca0baa2f02)
(cherry picked from commit b1e00a58058378febafa0ec59c82fe14977f7c5f)
(cherry picked from commit 7a3f78d7eb81491c7d830c52483ea2c52dd787fe)
(cherry picked from commit f59af1021698d85d0ce7370bc6b49957b5ee1aa2)
(cherry picked from commit 0d0c324367b96364b0de1b9a30b0afcd9ab3c877)
---
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index ef234b823e..100b6d64f0 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -2302,7 +2302,7 @@ make_tc_setting (shvarFile *ifcfg)
 		NMTCTfilter *tfilter = NULL;
 		gs_free char *value_to_free = NULL;
 		const char *value = NULL;
-		GError *local = NULL;
+		gs_free_error GError *local = NULL;
 
 		value = svGetValueStr (ifcfg, numbered_tag (tag, "FILTER", i), &value_to_free);
 		if (!value)

From 463519766dc7e74ea93fb556d24a37dc89c36e05 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Sun, 14 Jun 2020 23:44:53 +0200
Subject: [PATCH 04/31] libnm: fix leak in nm_utils_is_json_object()

Fixes: 32f78ae6c3ba ('libnm: expose nm_utils_is_json_object() utility function')
(cherry picked from commit 1cf11ccbca12b545d6da8e963e9eeab7a2028b1e)
(cherry picked from commit 49ec86092b7838bdffcf64ccc232a4b9e5a24562)
(cherry picked from commit 7db30ad81187948ab3157805e3b22322f203c8b4)
(cherry picked from commit fef7d8467c644147bb2fb6d62219778df18a6244)
(cherry picked from commit 106528e829d847de7fa1969cb0f3b086e00fff48)
---
 libnm-core/nm-utils.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c
index c2f038dc80..d5e6949a9e 100644
--- a/libnm-core/nm-utils.c
+++ b/libnm-core/nm-utils.c
@@ -5814,7 +5814,7 @@ fail:
 gboolean
 nm_utils_is_json_object (const char *str, GError **error)
 {
-	json_t *json;
+	nm_auto_decref_json json_t *json = NULL;
 	json_error_t jerror;
 
 	g_return_val_if_fail (!error || !*error, FALSE);
@@ -5851,7 +5851,6 @@ nm_utils_is_json_object (const char *str, GError **error)
 		return FALSE;
 	}
 
-	json_decref (json);
 	return TRUE;
 }
 

From 2dd77af67846dcd18a095e4c1e7abf2b2554c3a6 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 8 Jun 2020 16:55:40 +0200
Subject: [PATCH 05/31] lldp: backslash escape untrusted chassis-id,port-id
 strings

This is a serious issue, because this is not guaranteed to be UTF-8
data.

Fixes: 07a9364d9c15 ('device: export list of LLDP neighbors through D-Bus')
(cherry picked from commit 8cd9b87c914e82e0e366b64b3b954761ba8135d9)
(cherry picked from commit 94f8e9fbdca92b1a1e3706e7653f0a19988336df)
(cherry picked from commit 90b1df47541484844eb9d168f0330c76b0de53e9)
(cherry picked from commit db7070c59d6bc6417a499a7bb855b76d7c5fcdcb)
---
 src/devices/nm-lldp-listener.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/devices/nm-lldp-listener.c b/src/devices/nm-lldp-listener.c
index f922e00878..09d2091d56 100644
--- a/src/devices/nm-lldp-listener.c
+++ b/src/devices/nm-lldp-listener.c
@@ -532,7 +532,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
 	case SD_LLDP_CHASSIS_SUBTYPE_INTERFACE_NAME:
 	case SD_LLDP_CHASSIS_SUBTYPE_LOCALLY_ASSIGNED:
 	case SD_LLDP_CHASSIS_SUBTYPE_CHASSIS_COMPONENT:
-		neigh->chassis_id = g_strndup ((const char *) chassis_id, chassis_id_len);
+		neigh->chassis_id =    nm_utils_buf_utf8safe_escape_cp (chassis_id, chassis_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
+		                    ?: g_new0 (char, 1);
 		break;
 	case SD_LLDP_CHASSIS_SUBTYPE_MAC_ADDRESS:
 		neigh->chassis_id = nm_utils_hwaddr_ntoa (chassis_id, chassis_id_len);
@@ -548,7 +549,8 @@ lldp_neighbor_new (sd_lldp_neighbor *neighbor_sd, GError **error)
 	case SD_LLDP_PORT_SUBTYPE_INTERFACE_NAME:
 	case SD_LLDP_PORT_SUBTYPE_LOCALLY_ASSIGNED:
 	case SD_LLDP_PORT_SUBTYPE_PORT_COMPONENT:
-		neigh->port_id = strndup ((char *) port_id, port_id_len);
+		neigh->port_id =    nm_utils_buf_utf8safe_escape_cp (port_id, port_id_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL | NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_NON_ASCII)
+		                 ?: g_new0 (char, 1);
 		break;
 	case SD_LLDP_PORT_SUBTYPE_MAC_ADDRESS:
 		neigh->port_id = nm_utils_hwaddr_ntoa (port_id, port_id_len);

From ecfc48eca52e5fefcddc4e0eac8e67f24d7334f0 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 5 Jun 2020 19:55:21 +0200
Subject: [PATCH 06/31] lldp: fix lldp_neighbor_equal() to compare lists of
 variants

Fixes: 6c52d946fc8c ('lldp: add support for management address TLV')
(cherry picked from commit 7c0d73d94a2824ef2cddedb100f2c1d47bbd5751)
(cherry picked from commit 0426681ab47f2a585c8145903bff3753900d0778)
(cherry picked from commit 321f9b51c37490a2eed7722edc7cccfdae0d4be5)
(cherry picked from commit 2e9d7c84d692fb48599a2fa0cb2817f8de13c961)
---
 src/devices/nm-lldp-listener.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/devices/nm-lldp-listener.c b/src/devices/nm-lldp-listener.c
index 09d2091d56..a56295a435 100644
--- a/src/devices/nm-lldp-listener.c
+++ b/src/devices/nm-lldp-listener.c
@@ -400,6 +400,19 @@ lldp_neighbor_equal (LldpNeighbor *a, LldpNeighbor *b)
 			if (!nm_streq (a->attrs[attr_id].v_string, b->attrs[attr_id].v_string))
 				return FALSE;
 			break;
+		case LLDP_ATTR_TYPE_ARRAY_OF_VARDICTS: {
+			NMCListElem *itr_a, *itr_b;
+
+			if (c_list_length (&a->attrs[attr_id].v_variant_list) != c_list_length (&b->attrs[attr_id].v_variant_list))
+				return FALSE;
+			itr_b = c_list_first_entry (&b->attrs[attr_id].v_variant_list, NMCListElem, lst);
+			c_list_for_each_entry (itr_a, &a->attrs[attr_id].v_variant_list, lst) {
+				if (!g_variant_equal (itr_a->data, itr_b->data))
+					return FALSE;
+				itr_b = c_list_entry (&itr_b->lst, NMCListElem, lst);
+			}
+			break;
+		}
 		default:
 			nm_assert (a->attrs[attr_id].attr_type == LLDP_ATTR_TYPE_NONE);
 			break;

From dc94723ad8f94a03e3bf3c5a12a13a18a14b2e59 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 5 Jun 2020 19:55:21 +0200
Subject: [PATCH 07/31] lldp: fix lldp_neighbor_equal() to compare variants

Fixes: 8200078ec5d5 ('lldp: support IEEE 802.3 TLVs')
(cherry picked from commit 9b7c5ca12d1c181c5965c8c0856897a6e4eb5d37)
(cherry picked from commit 4b84eeba5770903eb00577025393c09cad64a4ad)
(cherry picked from commit 739417ab85328b94905207f8a8fd3bf523a7484e)
(cherry picked from commit 284e3dd4faa32adedaf0ca235100b39964a30842)
---
 src/devices/nm-lldp-listener.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/devices/nm-lldp-listener.c b/src/devices/nm-lldp-listener.c
index a56295a435..ea48532b92 100644
--- a/src/devices/nm-lldp-listener.c
+++ b/src/devices/nm-lldp-listener.c
@@ -400,6 +400,10 @@ lldp_neighbor_equal (LldpNeighbor *a, LldpNeighbor *b)
 			if (!nm_streq (a->attrs[attr_id].v_string, b->attrs[attr_id].v_string))
 				return FALSE;
 			break;
+		case LLDP_ATTR_TYPE_VARDICT:
+			if (!g_variant_equal (a->attrs[attr_id].v_variant, b->attrs[attr_id].v_variant))
+				return FALSE;
+			break;
 		case LLDP_ATTR_TYPE_ARRAY_OF_VARDICTS: {
 			NMCListElem *itr_a, *itr_b;
 

From 8d37bb0d3a5b81460300e797ee02f352c1b637ab Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 1 Sep 2020 18:38:45 +0200
Subject: [PATCH 08/31] initrd: fix memory leak

Signed-off-by: Antonio Cardace <acardace@redhat.com>
Fixes: 9f9609555d1c ('initrd: add configuration generator')
(cherry picked from commit d5c05d07c7aff317284d2d5197d75e0f605b4364)
(cherry picked from commit bba54613eb4255166c921844e8b6d2a2bd0000a1)
(cherry picked from commit 67bb9896b33d8d7b527ce33919b33456672265d0)
(cherry picked from commit 5913e4cee97127eca26c6a74207cbe136fed7333)
(cherry picked from commit 9ed8b871bb6468cd018afb2675b85206645776cc)
---
 shared/nm-glib-aux/nm-macros-internal.h | 8 ++++++++
 src/initrd/nm-initrd-generator.c        | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/shared/nm-glib-aux/nm-macros-internal.h b/shared/nm-glib-aux/nm-macros-internal.h
index ec78ef5854..4c27f70cf8 100644
--- a/shared/nm-glib-aux/nm-macros-internal.h
+++ b/shared/nm-glib-aux/nm-macros-internal.h
@@ -232,6 +232,14 @@ NM_AUTO_DEFINE_FCN0 (GError *, gs_local_free_error, g_error_free)
 #define gs_unref_keyfile nm_auto(gs_local_keyfile_unref)
 NM_AUTO_DEFINE_FCN0 (GKeyFile *, gs_local_keyfile_unref, g_key_file_unref)
 
+/**
+ * gs_free_option_context:
+ *
+ * Call g_option_context_free() on a variable location when it goes out of scope.
+ */
+#define gs_free_option_context nm_auto(gs_local_option_context)
+NM_AUTO_DEFINE_FCN0 (GOptionContext *, gs_local_option_context, g_option_context_free);
+
 /*****************************************************************************/
 
 #include "nm-glib.h"
diff --git a/src/initrd/nm-initrd-generator.c b/src/initrd/nm-initrd-generator.c
index c916459d5c..6732daa014 100644
--- a/src/initrd/nm-initrd-generator.c
+++ b/src/initrd/nm-initrd-generator.c
@@ -90,7 +90,7 @@ main (int argc, char *argv[])
 		{ G_OPTION_REMAINING, '\0', 0, G_OPTION_ARG_STRING_ARRAY, &remaining, NULL, NULL },
 		{ NULL }
 	};
-	GOptionContext *option_context;
+	gs_free_option_context GOptionContext *option_context = NULL;
 	GError *error = NULL;
 	int errsv;
 

From 8837bc7fe566776946625e966cfc465c836f191c Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 15 Jan 2020 13:17:53 +0100
Subject: [PATCH 09/31] introspection: belatedly add Wi-Fi P2P peer "Name"
 property to D-Bus introspection file

Fixes: 00e64d13320f ('core/devices: Add P2P Wifi device and peer tracking')
(cherry picked from commit 109a6fd5571bf8ca7bef82f86a0bebb2665efe57)
(cherry picked from commit 0c6ebcb6ed88f85405c6ddb0507547e0ffe90ac6)
(cherry picked from commit 323e8eadf335d0582c10661b90ee453eba7690dd)
---
 .../org.freedesktop.NetworkManager.WifiP2PPeer.xml       | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/introspection/org.freedesktop.NetworkManager.WifiP2PPeer.xml b/introspection/org.freedesktop.NetworkManager.WifiP2PPeer.xml
index 9068f071de..693d26b5f0 100644
--- a/introspection/org.freedesktop.NetworkManager.WifiP2PPeer.xml
+++ b/introspection/org.freedesktop.NetworkManager.WifiP2PPeer.xml
@@ -9,6 +9,15 @@
   <interface name="org.freedesktop.NetworkManager.WifiP2PPeer">
     <annotation name="org.gtk.GDBus.C.Name" value="Wifi_P2P_Peer"/>
 
+    <!--
+        Name:
+
+        Device name.
+
+        Since: 1.16
+    -->
+    <property name="Name" type="s" access="read"/>
+
     <!--
         Flags:
 

From a19aacae2353e9785815c4fe2d8bc267e1d7378b Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 14 Feb 2020 15:44:44 +0100
Subject: [PATCH 10/31] ifcfg-rh: fix potential crash with variadic argument
 make_ip6_setting()

It is undefined behavior and can lead to crashes or memory corruption.
In practice, this only had an issue on Big Endian systems.

Fixes: fdbf4ae5e6ae ('ifcfg-rh: add IPV4_DHCP_TIMEOUT key for ipv4.dhcp-timeout property')
(cherry picked from commit 9b82d29f5f576da81ad75ac827ebad73499af2dd)
(cherry picked from commit fe6c3f08676f6bde6d6f19e19a92016c7be046db)
(cherry picked from commit 63c976e002a56c8b630adff091cb46ef3769b7a6)
---
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index 100b6d64f0..ffc76d4f88 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -1613,7 +1613,7 @@ make_ip4_setting (shvarFile *ifcfg,
 
 	g_object_set (s_ip4,
 	              NM_SETTING_IP_CONFIG_DHCP_SEND_HOSTNAME, svGetValueBoolean (ifcfg, "DHCP_SEND_HOSTNAME", TRUE),
-	              NM_SETTING_IP_CONFIG_DHCP_TIMEOUT, svGetValueInt64 (ifcfg, "IPV4_DHCP_TIMEOUT", 10, 0, G_MAXINT32, 0),
+	              NM_SETTING_IP_CONFIG_DHCP_TIMEOUT, (int) svGetValueInt64 (ifcfg, "IPV4_DHCP_TIMEOUT", 10, 0, G_MAXINT32, 0),
 	              NULL);
 
 	nm_clear_g_free (&value);

From 53c81fa5a82a7d64f9d9b4691f377fbe3caa1c36 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 18 Feb 2020 18:30:19 +0100
Subject: [PATCH 11/31] ifcfg: fix writer when changing OVS slave to clear
 previous settings

We need to reset the OVS_PORT and OVS_PORT_UUID variables.
Otherwise, clearing the slave type doesn't work.

On master this is solved differently, by automatically clearing all
variables that are not explicitly set.

Reproducer:

    nmcli con del t-eth1
    nmcli con add type ethernet autoconnect no ifname eth1 master port0 con-name t-eth1 slave-type ovs-port
    echo "
    remove ovs-interface
    remove connection.master
    remove connection.slave-type
    print
    save
    quit
    " | nmcli c edit t-eth1
    nmcli con show t-eth1 | grep 'ovs\|slave-type'

Fixes: 1440fe6a8804 ('ifcfg: don't forget master of ovs interfaces')

https://bugzilla.redhat.com/show_bug.cgi?id=1804167
(cherry picked from commit 0c8046574e782ca926d265348d10866f1653aef1)
(cherry picked from commit cc73cc2eccf4ad3caff12b22a934a496ed754e0c)
---
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index daf173b0be..b0f72da0cc 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -1949,6 +1949,8 @@ write_connection_setting (NMSettingConnection *s_con, shvarFile *ifcfg)
 	svSetValueStr (ifcfg, "BRIDGE", NULL);
 	svSetValueStr (ifcfg, "TEAM_MASTER_UUID", NULL);
 	svSetValueStr (ifcfg, "TEAM_MASTER", NULL);
+	svSetValueStr (ifcfg, "OVS_PORT_UUID", NULL);
+	svSetValueStr (ifcfg, "OVS_PORT", NULL);
 
 	master = nm_setting_connection_get_master (s_con);
 	if (master) {

From 2d3094d4687c931274185d41a45a0750bfb0d7ed Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Thu, 27 Feb 2020 17:20:09 +0100
Subject: [PATCH 12/31] nm-setting-bond: fix '[up|down]delay', 'miimon'
 validation

Just looking at the hashtable entry of 'updelay' and 'downdelay' options
is wrong, we have to inspect their values to check if they're
actually enabled or not.

Otherwise bond connections with valid settings will fail
when created:

$ nmcli c add type bond ifname bond99 bond.options miimon=0,updelay=0,mode=0
Error: Failed to add 'bond-bond99' connection: bond.options: 'updelay' option requires 'miimon' option to be set

Also add unit tests.

https://bugzilla.redhat.com/show_bug.cgi?id=1805184

Fixes: d595f7843e31 ('libnm: add libnm/libnm-core (part 1)')
(cherry picked from commit 50da785be14ac976f909b29766195baaa49e1934)
(cherry picked from commit 2644b0c753a04f26e99c723d89aa13a63e56ce34)
(cherry picked from commit a8846619aaace6811d21149e5ce48f6b99851ca1)
---
 libnm-core/nm-setting-bond.c    | 25 ++++++++++++++++++++-----
 libnm-core/tests/test-setting.c |  9 +++++++++
 2 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/libnm-core/nm-setting-bond.c b/libnm-core/nm-setting-bond.c
index 33c01e3cdf..583e63be56 100644
--- a/libnm-core/nm-setting-bond.c
+++ b/libnm-core/nm-setting-bond.c
@@ -108,6 +108,16 @@ static const BondDefault defaults[] = {
 
 /*****************************************************************************/
 
+static int
+_atoi (const char *value)
+{
+	int v;
+
+	v = _nm_utils_ascii_str_to_int64 (value, 10, 0, G_MAXINT, -1);
+	nm_assert (v >= 0);
+	return v;
+};
+
 /**
  * nm_setting_bond_get_num_options:
  * @setting: the #NMSettingBond
@@ -663,21 +673,26 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
 	}
 
 	if (miimon == 0) {
-		/* updelay and downdelay can only be used with miimon */
-		if (g_hash_table_lookup (priv->options, NM_SETTING_BOND_OPTION_UPDELAY)) {
+		gpointer delayopt;
+
+		/* updelay and downdelay need miimon to be enabled to be valid */
+		delayopt = g_hash_table_lookup (priv->options, NM_SETTING_BOND_OPTION_UPDELAY);
+		if (delayopt && _atoi (delayopt) > 0) {
 			g_set_error (error,
 			             NM_CONNECTION_ERROR,
 			             NM_CONNECTION_ERROR_INVALID_PROPERTY,
-			             _("'%s' option requires '%s' option to be set"),
+			             _("'%s' option requires '%s' option to be enabled"),
 			             NM_SETTING_BOND_OPTION_UPDELAY, NM_SETTING_BOND_OPTION_MIIMON);
 			g_prefix_error (error, "%s.%s: ", NM_SETTING_BOND_SETTING_NAME, NM_SETTING_BOND_OPTIONS);
 			return FALSE;
 		}
-		if (g_hash_table_lookup (priv->options, NM_SETTING_BOND_OPTION_DOWNDELAY)) {
+
+		delayopt = g_hash_table_lookup (priv->options, NM_SETTING_BOND_OPTION_DOWNDELAY);
+		if (delayopt && _atoi (delayopt) > 0) {
 			g_set_error (error,
 			             NM_CONNECTION_ERROR,
 			             NM_CONNECTION_ERROR_INVALID_PROPERTY,
-			             _("'%s' option requires '%s' option to be set"),
+			             _("'%s' option requires '%s' option to be enabled"),
 			             NM_SETTING_BOND_OPTION_DOWNDELAY, NM_SETTING_BOND_OPTION_MIIMON);
 			g_prefix_error (error, "%s.%s: ", NM_SETTING_BOND_SETTING_NAME, NM_SETTING_BOND_OPTIONS);
 			return FALSE;
diff --git a/libnm-core/tests/test-setting.c b/libnm-core/tests/test-setting.c
index 5c9c614fb5..8bd5538ee6 100644
--- a/libnm-core/tests/test-setting.c
+++ b/libnm-core/tests/test-setting.c
@@ -590,6 +590,15 @@ test_bond_verify (void)
 	test_verify_options (TRUE,
 	                     "mode", "802.3ad",
 	                     "ad_actor_system", "ae:00:11:33:44:55");
+	test_verify_options (TRUE,
+	                     "mode", "0",
+	                     "miimon", "0",
+	                     "updelay", "0",
+	                     "downdelay", "0");
+	test_verify_options (TRUE,
+	                     "mode", "0",
+	                     "downdelay", "0",
+	                     "updelay", "0");
 }
 
 static void

From cab1713fcd2c7542389ee1b41f2bd241d9c7b9d3 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 1 Jan 2020 09:58:12 +0100
Subject: [PATCH 13/31] tui: fix signature for
 nmt_newt_form_keypress_callback() callback

Fixes: 3bda3fb60c10 ('nmtui: initial import of nmtui')
(cherry picked from commit 38323216f57997fede010f78435d284e85546a2b)
(cherry picked from commit 5ab7794266e6875b0209fd75a66d680dfe0622cf)
(cherry picked from commit 4245319eaf18d12061aec0f6801e34ac8b68a982)
---
 clients/tui/newt/nmt-newt-form.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/clients/tui/newt/nmt-newt-form.c b/clients/tui/newt/nmt-newt-form.c
index cd87a2160a..b227c543eb 100644
--- a/clients/tui/newt/nmt-newt-form.c
+++ b/clients/tui/newt/nmt-newt-form.c
@@ -325,7 +325,7 @@ static GSList *form_stack;
 static GSource *keypress_source;
 
 static gboolean
-nmt_newt_form_keypress_callback (int          fd,
+nmt_newt_form_keypress_callback (GIOChannel   *channel,
                                  GIOCondition condition,
                                  gpointer     user_data)
 {

From f58849e2aeeeeafddb6f10600a6de20d00ecfea0 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 25 Mar 2020 11:16:11 +0100
Subject: [PATCH 14/31] rdisc: fix parsing ndp_msg_opt_dnssl_lifetime() from
 IPv6 RA

Fixes: c3a4656a68f9 ('rdisc: libndp implementation')
(cherry picked from commit d1181533b8aaaa6918bcf3592fc4de62d20acaa5)
(cherry picked from commit b28eee1c4ba7e3d170158cb018333a052b0ff8d3)
(cherry picked from commit dec168b525305ff8812bdc18eca3a858cf026c9a)
---
 src/ndisc/nm-lndp-ndisc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ndisc/nm-lndp-ndisc.c b/src/ndisc/nm-lndp-ndisc.c
index 2dd7e7d8d2..ea573b2080 100644
--- a/src/ndisc/nm-lndp-ndisc.c
+++ b/src/ndisc/nm-lndp-ndisc.c
@@ -274,7 +274,7 @@ receive_ra (struct ndp *ndp, struct ndp_msg *msg, gpointer user_data)
 			NMNDiscDNSDomain dns_domain = {
 				.domain = domain,
 				.timestamp = now,
-				.lifetime = ndp_msg_opt_rdnss_lifetime (msg, offset),
+				.lifetime = ndp_msg_opt_dnssl_lifetime (msg, offset),
 			};
 
 			/* Pad the lifetime somewhat to give a bit of slack in cases

From 92b7c3698ab71f7fd0ceed570548da49e77e8c06 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 25 Mar 2020 11:16:49 +0100
Subject: [PATCH 15/31] rdisc: avoid static variable in receive_ra()

It's unnecessary and makes the function unnecessarily not thread safe.
Of course, also ndp_msg_opt_route_prefix() uses static variables, so
it's still not thread safe.

Fixes: c3a4656a68f9 ('rdisc: libndp implementation')
(cherry picked from commit fbb65de32ed129d0551d05e2b820a142fd301db0)
(cherry picked from commit a1a3cce6efb94eea0fe4e0a3fc3191911d3d7ade)
(cherry picked from commit 2f419e84c883dd7cea0b7a465f059cfbc020bfc0)
---
 src/ndisc/nm-lndp-ndisc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ndisc/nm-lndp-ndisc.c b/src/ndisc/nm-lndp-ndisc.c
index ea573b2080..49212349d3 100644
--- a/src/ndisc/nm-lndp-ndisc.c
+++ b/src/ndisc/nm-lndp-ndisc.c
@@ -245,7 +245,7 @@ receive_ra (struct ndp *ndp, struct ndp_msg *msg, gpointer user_data)
 
 	/* DNS information */
 	ndp_msg_opt_for_each_offset(offset, msg, NDP_MSG_OPT_RDNSS) {
-		static struct in6_addr *addr;
+		struct in6_addr *addr;
 		int addr_index;
 
 		ndp_msg_opt_rdnss_for_each_addr (addr, addr_index, msg, offset) {

From 59cdb25144209d2eace9bd5ba94af0bbbbc47ae5 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 4 Oct 2019 12:05:50 +0200
Subject: [PATCH 17/31] libnm/tests: fix test for
 nm_client_add_and_activate_connection_async()

nm_client_add_and_activate_connection_async() must be completed by
nm_client_add_and_activate_connection_finish().

Fixes: be8060f42fd3 ('libnm: add an object-creation-failed test')
(cherry picked from commit 256ba8c4cd385455d8588519c0dc9a023e6dbf74)
(cherry picked from commit 23d9f55c1024d8b79faeb01fe96bb921994ae74a)
---
 libnm/tests/test-nm-client.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libnm/tests/test-nm-client.c b/libnm/tests/test-nm-client.c
index 35ae33be26..fa88771c63 100644
--- a/libnm/tests/test-nm-client.c
+++ b/libnm/tests/test-nm-client.c
@@ -1141,7 +1141,7 @@ activate_failed_cb (GObject *object,
 	NMActiveConnection *ac;
 	GError *error = NULL;
 
-	ac = nm_client_activate_connection_finish (client, result, &error);
+	ac = nm_client_add_and_activate_connection_finish (client, result, &error);
 	g_assert (ac == NULL);
 	g_assert_error (error, NM_CLIENT_ERROR, NM_CLIENT_ERROR_OBJECT_CREATION_FAILED);
 	g_clear_error (&error);

From 4c704043c6964e47c3c47a911ccb5ea7aa136dc8 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Sun, 6 Oct 2019 14:33:11 +0200
Subject: [PATCH 18/31] libnm/device: fix memleak in
 nm_device_wifi_request_scan_options*()

Fixes: 7691fe575377 ('libnm: add new functions allowing passing options to RequestScan() D-Bus call')
(cherry picked from commit 92285cfd3e48cb2889d40dd27336fa9e727b3ff8)
(cherry picked from commit d35055ceee46cc5b28605b54bfdd81bed0e91a18)
---
 libnm/nm-device-wifi.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libnm/nm-device-wifi.c b/libnm/nm-device-wifi.c
index 9af3639d70..530c49f193 100644
--- a/libnm/nm-device-wifi.c
+++ b/libnm/nm-device-wifi.c
@@ -303,7 +303,7 @@ prepare_scan_options (GVariant *options)
 	else {
 		g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
 		g_variant_iter_init (&iter, options);
-		while (g_variant_iter_loop (&iter, "{sv}", &key, &value))
+		while (g_variant_iter_loop (&iter, "{&sv}", &key, &value))
 		{
 			// FIXME: verify options here?
 			g_variant_builder_add (&builder, "{sv}", key, value);

From 07ccbdd828abd3010fea0713d4ae3ce6b40b34de Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Sun, 6 Oct 2019 14:33:11 +0200
Subject: [PATCH 19/31] libnm/device: fix memleak options variant in
 nm_device_wifi_request_scan_options*()

A function that accepts a floating variant must consume it.

Fixes: 7691fe575377 ('libnm: add new functions allowing passing options to RequestScan() D-Bus call')
(cherry picked from commit 40911fb99b893ae26577cb808b380b20df3f3117)
(cherry picked from commit 27301fe2687b33d896cd9e03dbe886465c17ac82)
---
 libnm/nm-device-wifi.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libnm/nm-device-wifi.c b/libnm/nm-device-wifi.c
index 530c49f193..1bdefeba17 100644
--- a/libnm/nm-device-wifi.c
+++ b/libnm/nm-device-wifi.c
@@ -309,6 +309,7 @@ prepare_scan_options (GVariant *options)
 			g_variant_builder_add (&builder, "{sv}", key, value);
 		}
 		variant = g_variant_builder_end (&builder);
+		nm_g_variant_unref_floating (options);
 	}
 	return variant;
 }
@@ -324,7 +325,7 @@ _device_wifi_request_scan (NMDeviceWifi *device,
 
 	g_return_val_if_fail (NM_IS_DEVICE_WIFI (device), FALSE);
 
-	variant = prepare_scan_options (options);
+	variant = prepare_scan_options (g_steal_pointer (&options));
 
 	ret = nmdbus_device_wifi_call_request_scan_sync (NM_DEVICE_WIFI_GET_PRIVATE (device)->proxy,
 	                                                 variant,
@@ -443,7 +444,7 @@ _device_wifi_request_scan_async (NMDeviceWifi *device,
 	info->device = device;
 	info->simple = simple;
 
-	variant = prepare_scan_options (options);
+	variant = prepare_scan_options (g_steal_pointer (&options));
 
 	priv->scan_info = info;
 	nmdbus_device_wifi_call_request_scan (NM_DEVICE_WIFI_GET_PRIVATE (device)->proxy,

From c13cef1b58b347d733bdf4739523cb5b05409b10 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 9 Sep 2020 08:32:44 +0200
Subject: [PATCH 20/31] libnm: fix memleak in
 nm_device_wifi_request_scan_options_async() for floating options argument

Fixes: 7691fe575377 ('libnm: add new functions allowing passing options to RequestScan() D-Bus call')
(cherry picked from commit 187003882e31180be9420204d37c0045be9c61c9)
---
 libnm/nm-device-wifi.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/libnm/nm-device-wifi.c b/libnm/nm-device-wifi.c
index 1bdefeba17..29366e5681 100644
--- a/libnm/nm-device-wifi.c
+++ b/libnm/nm-device-wifi.c
@@ -415,10 +415,10 @@ request_scan_cb (GObject *source,
 
 static void
 _device_wifi_request_scan_async (NMDeviceWifi *device,
-                                   GVariant *options,
-                                   GCancellable *cancellable,
-                                   GAsyncReadyCallback callback,
-                                   gpointer user_data)
+                                 GVariant *options,
+                                 GCancellable *cancellable,
+                                 GAsyncReadyCallback callback,
+                                 gpointer user_data)
 {
 	NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (device);
 	RequestScanInfo *info;
@@ -437,6 +437,8 @@ _device_wifi_request_scan_async (NMDeviceWifi *device,
 		g_simple_async_result_set_op_res_gboolean (simple, TRUE);
 		g_simple_async_result_complete_in_idle (simple);
 		g_object_unref (simple);
+		if (options)
+			nm_g_variant_unref_floating (options);
 		return;
 	}
 

From 386b6ebd123183e20e23df67ef7ebd02f8630acd Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 27 Nov 2019 15:19:44 +0100
Subject: [PATCH 21/31] ifcfg-rh: fix accepting onlink flag also for IPv6
 routes

In the past, kernel (and NetworkManager) did not support the onlink
flags for IPv6 routes. That is no longer the case.

Fixes: f5e8bbc8e082 ('libnm,core: enable "onlink" flags also for IPv6 routes')
(cherry picked from commit e7816a25083b5d642b6895adac68e93763852e3d)
(cherry picked from commit 98c4bdec39c4c1c0491badcb4bf4107358014d37)
---
 src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index ffc76d4f88..2c6d421422 100644
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -838,8 +838,7 @@ parse_route_line (const char *line,
 		                                      .int_base_16 = TRUE,
 		                                      .ignore = (addr_family != AF_INET), },
 		[PARSE_LINE_ATTR_ROUTE_ONLINK]    = { .key = NM_IP_ROUTE_ATTRIBUTE_ONLINK,
-		                                      .type = PARSE_LINE_TYPE_FLAG,
-		                                      .ignore = (addr_family != AF_INET), },
+		                                      .type = PARSE_LINE_TYPE_FLAG, },
 		[PARSE_LINE_ATTR_ROUTE_WINDOW]    = { .key = NM_IP_ROUTE_ATTRIBUTE_WINDOW,
 		                                      .type = PARSE_LINE_TYPE_UINT32_WITH_LOCK, },
 		[PARSE_LINE_ATTR_ROUTE_CWND]      = { .key = NM_IP_ROUTE_ATTRIBUTE_CWND,

From 728881f51b338a467ddf2e4cb398876fecc784f6 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 8 Jun 2020 11:29:01 +0200
Subject: [PATCH 22/31] manager: change autoconnect-slaves logic for already
 active slaves

Autoconnect-slaves currently forces an activation of all slaves, even
if there is already an active connection for them. This is bad because
at boot slaves first try to autoconnect, then the autoconnect-slaves
of the master kicks in and disconnects/reactivates them.

The only reason why the forceful reactivation was added was to fix
[1]; in that scenario, a slave connection is already active as
non-slave; then it is updated to be a slave; later, the master with
autoconnect-slaves is manually activated. NetworkManager should detect
that the slave connection must now be activated by autoconnect-slaves.

Add a specific check for such situation, instead of always
reactivating all slaves.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1845018

Fixes: 4985ca5ada9b ('manager: allow autoconnect-slaves to reconnect the same connection')
(cherry picked from commit 024e983c8e38d1f325ac64b9d84b2332afcd6549)
(cherry picked from commit d07d515dd74aeff7149248a2d348fa72ccc47bb4)
(cherry picked from commit 4df63b205e9f54d5f0d0628fac64d0bcb4f6c3fd)
(cherry picked from commit a2e3f70e83228a8eef2bfd78e3873248ff8a6dd8)
---
 src/nm-manager.c | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/nm-manager.c b/src/nm-manager.c
index e702fd90a5..62ba239c2c 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -4875,6 +4875,27 @@ _new_active_connection (NMManager *self,
 	                                                  device);
 }
 
+static gboolean
+active_connection_master_changed (NMActiveConnection *ac)
+{
+	NMConnection *applied, *connection;
+	NMSettingsConnection *settings;
+	NMSettingConnection *s_con1, *s_con2;
+
+	applied = nm_active_connection_get_applied_connection (ac);
+	settings = nm_active_connection_get_settings_connection (ac);
+	connection = nm_settings_connection_get_connection (settings);
+
+	if (applied == connection)
+		return FALSE;
+
+	s_con1 = nm_connection_get_setting_connection (applied);
+	s_con2 = nm_connection_get_setting_connection (connection);
+
+	return !nm_streq0 (nm_setting_connection_get_master (s_con1),
+	                   nm_setting_connection_get_master (s_con2));
+}
+
 static void
 _internal_activation_auth_done (NMManager *self,
                                 NMActiveConnection *active,
@@ -4884,6 +4905,7 @@ _internal_activation_auth_done (NMManager *self,
 	NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE (self);
 	NMActiveConnection *ac;
 	gs_free_error GError *error = NULL;
+	NMActivationReason reason;
 
 	nm_assert (NM_IS_ACTIVE_CONNECTION (active));
 
@@ -4895,13 +4917,20 @@ _internal_activation_auth_done (NMManager *self,
 	 * We also check this earlier, but there we may fail to detect a duplicate
 	 * if the existing active connection was undergoing authorization.
 	 */
-	if (NM_IN_SET (nm_active_connection_get_activation_reason (active), NM_ACTIVATION_REASON_EXTERNAL,
-	                                                                    NM_ACTIVATION_REASON_ASSUME,
-	                                                                    NM_ACTIVATION_REASON_AUTOCONNECT)) {
+	reason = nm_active_connection_get_activation_reason (active);
+	if (NM_IN_SET (reason, NM_ACTIVATION_REASON_EXTERNAL,
+	                       NM_ACTIVATION_REASON_ASSUME,
+	                       NM_ACTIVATION_REASON_AUTOCONNECT,
+	                       NM_ACTIVATION_REASON_AUTOCONNECT_SLAVES)) {
 		c_list_for_each_entry (ac, &priv->active_connections_lst_head, active_connections_lst) {
 			if (   nm_active_connection_get_device (ac) == nm_active_connection_get_device (active)
 			    && nm_active_connection_get_settings_connection (ac) == nm_active_connection_get_settings_connection (active)
 			    && nm_active_connection_get_state (ac) <= NM_ACTIVE_CONNECTION_STATE_ACTIVATED) {
+
+				if (   reason == NM_ACTIVATION_REASON_AUTOCONNECT_SLAVES
+				    && active_connection_master_changed (ac))
+					break;
+
 				g_set_error (&error,
 				             NM_MANAGER_ERROR,
 				             NM_MANAGER_ERROR_CONNECTION_ALREADY_ACTIVE,

From 058232ceeeda408362357ef0b008008f5ba0bde1 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 19 May 2020 09:27:08 +0200
Subject: [PATCH 23/31] core: signal parent-active only when the parent AC is
 activated

The parent-active signal is used by the manager to determine when the
parent active-connection is ready and a connection that depend on it
can proceed.

The AC state could transition from ACTIVATING directly to
DEACTIVATING; in such case we should not emit the signal but instead
just stop watching the parent AC.

Fixes: 6e382ea91d5f ('active-connection: add parent active connection tracking')
https://bugzilla.redhat.com/show_bug.cgi?id=1778073
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/510
(cherry picked from commit 02ea74c92094a69cd09b16cf7a9a3e494791dd1d)
(cherry picked from commit 30be025e5979f3dc97d749209d19fb175bb24ae7)
(cherry picked from commit 678c6b6a6aef878bafa1a8b052f0e2de48b9a28a)
(cherry picked from commit 197b4e7b158f158ff8e53e95a423679dec94d85a)
---
 src/nm-active-connection.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/nm-active-connection.c b/src/nm-active-connection.c
index 6a058bc7e1..48b9dd59e3 100644
--- a/src/nm-active-connection.c
+++ b/src/nm-active-connection.c
@@ -1006,7 +1006,9 @@ parent_state_cb (NMActiveConnection *parent_ac,
 		return;
 
 	unwatch_parent (self, TRUE);
-	g_signal_emit (self, signals[PARENT_ACTIVE], 0, parent_ac);
+
+	if (parent_state == NM_ACTIVE_CONNECTION_STATE_ACTIVATED)
+		g_signal_emit (self, signals[PARENT_ACTIVE], 0, parent_ac);
 }
 
 static void

From 325da5a92c2608bd7f04678497f2ce9025812292 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 9 Oct 2019 11:55:27 +0200
Subject: [PATCH 24/31] supplicant: allow PMF with SAE

PMF can be used with SAE, allow it. Actually, it is required according
to WPA3 specifications but there are implementations that don't
require it (hostapd can be configured in a such way); so let's not
make it mandatory for WPA3.

Fixes: 6640fb4b3615 ('supplicant: add support for SAE key management')

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/257
(cherry picked from commit e36c297fd8c6b1b57cd120739cc5ee8eab57aa08)
(cherry picked from commit 299fbc0888511a6359f9d2acddbcc850f6eb3460)
---
 src/supplicant/nm-supplicant-config.c         | 4 ++--
 src/supplicant/tests/test-supplicant-config.c | 1 -
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/supplicant/nm-supplicant-config.c b/src/supplicant/nm-supplicant-config.c
index 7708224b35..97ca1f0c3c 100644
--- a/src/supplicant/nm-supplicant-config.c
+++ b/src/supplicant/nm-supplicant-config.c
@@ -849,8 +849,8 @@ nm_supplicant_config_add_setting_wireless_security (NMSupplicantConfig *self,
 		}
 	}
 
-	/* Don't try to enable PMF on non-WPA networks */
-	if (!NM_IN_STRSET (key_mgmt, "wpa-eap", "wpa-psk"))
+	/* Don't try to enable PMF on non-WPA/SAE networks */
+	if (!NM_IN_STRSET (key_mgmt, "wpa-eap", "wpa-psk", "sae"))
 		pmf = NM_SETTING_WIRELESS_SECURITY_PMF_DISABLE;
 
 	/* Check if we actually support PMF */
diff --git a/src/supplicant/tests/test-supplicant-config.c b/src/supplicant/tests/test-supplicant-config.c
index 2c7a71a3ea..aaf07ce390 100644
--- a/src/supplicant/tests/test-supplicant-config.c
+++ b/src/supplicant/tests/test-supplicant-config.c
@@ -431,7 +431,6 @@ test_wifi_sae_psk (const char *psk)
 	NMTST_EXPECT_NM_INFO ("Config: added 'proto' value 'RSN'");
 	NMTST_EXPECT_NM_INFO ("Config: added 'pairwise' value 'TKIP CCMP'");
 	NMTST_EXPECT_NM_INFO ("Config: added 'group' value 'TKIP CCMP'");
-	NMTST_EXPECT_NM_INFO ("Config: added 'ieee80211w' value '0'");
 	config_dict = build_supplicant_config (connection, 1500, 0, TRUE, TRUE);
 
 	g_test_assert_expected_messages ();

From 230eaa861b1c644a29e6776c4b682e3fe7f7b006 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 2 Oct 2019 10:35:04 +0200
Subject: [PATCH 25/31] bluetooth: don't set the ifindex after the device has
 been activated

The Bluetooth DUN device's NMModem would signal the reset of ifindex to zero
when it's disconnected and the NMDeviceBt would accordingly update the
bluetooth device's ip ifindex. This is not okay since commit ab4578302d69
('device: refactor nm_device_set_ip_ifindex() and set_ip_iface()') which,
although claiming to be a refactoring, made such use of
nm_device_set_ip_ifindex() illegal. Resetting the ifindex is anyway not
necessary, since it's taken care of _cleanup_generic_post().

Let's leave the ifindex alone once the device is activated, in a manner
analogous to what NMDeviceModem.

Fixes: ab4578302d69 ('device: refactor nm_device_set_ip_ifindex() and set_ip_iface()')
Fixes: 78ca2a70c719 ('device: don't set invalid ip-iface'):
(cherry picked from commit a5ca504b5be77ef1fefbb6e8d159377e2b7bbe68)
(cherry picked from commit fb874e6cda2ca332d692225d77325354435dfc6c)
---
 src/devices/bluetooth/nm-device-bt.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/devices/bluetooth/nm-device-bt.c b/src/devices/bluetooth/nm-device-bt.c
index e79251ced3..cb243085aa 100644
--- a/src/devices/bluetooth/nm-device-bt.c
+++ b/src/devices/bluetooth/nm-device-bt.c
@@ -550,6 +550,9 @@ ip_ifindex_changed_cb (NMModem *modem, GParamSpec *pspec, gpointer user_data)
 {
 	NMDevice *device = NM_DEVICE (user_data);
 
+	if (!nm_device_is_activating (device))
+		return;
+
 	if (!nm_device_set_ip_ifindex (device,
 	                               nm_modem_get_ip_ifindex (modem))) {
 		nm_device_state_changed (device,

From d8664e81e0a9707803a5d7b42b83323366537fba Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 27 Aug 2019 18:16:21 +0200
Subject: [PATCH 26/31] acd: fix memleak in acd_event()

Only happens with debug logging enabled. So, not a large problem.

Found by Coverity.

Fixes: d9a4b59c18e3 ('acd: adapt NM code and build options')
(cherry picked from commit 0300c1823ae4f13d3f0c3df10edc84fc217013c7)
(cherry picked from commit faf12086c1b809a5211fb3a875ce9a8116844e6f)
---
 src/devices/nm-acd-manager.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/devices/nm-acd-manager.c b/src/devices/nm-acd-manager.c
index 6d39df1414..24a3617d05 100644
--- a/src/devices/nm-acd-manager.c
+++ b/src/devices/nm-acd-manager.c
@@ -188,7 +188,6 @@ acd_event (GIOChannel *source, GIOCondition condition, gpointer data)
 	AddressInfo *info;
 	gboolean emit_probe_terminated = FALSE;
 	char address_str[INET_ADDRSTRLEN];
-	gs_free char *hwaddr_str = NULL;
 	int r;
 
 	if (n_acd_dispatch (self->acd))
@@ -197,6 +196,7 @@ acd_event (GIOChannel *source, GIOCondition condition, gpointer data)
 	while (   !n_acd_pop_event (self->acd, &event)
 	       && event) {
 		char to_string_buffer[ACD_EVENT_TO_STRING_BUF_SIZE];
+		gs_free char *hwaddr_str = NULL;
 		gboolean check_probing_done = FALSE;
 
 		switch (event->event) {

From 42621dfdca9eccc011a37029f5fd44f2be6f53db Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Sat, 3 Aug 2019 18:33:22 +0200
Subject: [PATCH 27/31] settings: fix registering
 AgentManager.RegisterWithCapabilities() twice

Fixes: 297d4985abcc7b571b8c090ee90622357fc60e16
(cherry picked from commit 1634fff1adf71b01e494056669d150fde96018f4)
(cherry picked from commit 8b017dc2fbc281b4b56dc7b9130c10fd6d8e5f17)
---
 src/settings/nm-agent-manager.c | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/src/settings/nm-agent-manager.c b/src/settings/nm-agent-manager.c
index 814dee85a6..3c4f275064 100644
--- a/src/settings/nm-agent-manager.c
+++ b/src/settings/nm-agent-manager.c
@@ -1626,16 +1626,6 @@ static const NMDBusInterfaceInfoExtended interface_info_agent_manager = {
 				),
 				.handle = impl_agent_manager_register_with_capabilities,
 			),
-			NM_DEFINE_DBUS_METHOD_INFO_EXTENDED (
-				NM_DEFINE_GDBUS_METHOD_INFO_INIT (
-					"RegisterWithCapabilities",
-					.in_args = NM_DEFINE_GDBUS_ARG_INFOS (
-						NM_DEFINE_GDBUS_ARG_INFO ("identifier",   "s"),
-						NM_DEFINE_GDBUS_ARG_INFO ("capabilities", "u"),
-					),
-				),
-				.handle = impl_agent_manager_register_with_capabilities,
-			),
 			NM_DEFINE_DBUS_METHOD_INFO_EXTENDED (
 				NM_DEFINE_GDBUS_METHOD_INFO_INIT (
 					"Unregister",

From c28f9780d9fdce2165a7ba110f9e06ce17322413 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 2 Jul 2019 11:46:47 +0200
Subject: [PATCH 28/31] device: properly honor flags when checking connection
 availability

The previous code returned that the device was available when it had
only unmanaged-flags that can be overridden by user, without actually
considering the @flags argument.

Fixes: 920346a5b98c ('device: add and use overrule-unmanaged flag for nm_device_check_connection_available()')
(cherry picked from commit c7fd4aeecf899733d736c95bb6104401aecef5a0)
---
 src/devices/nm-device.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
index 7fea915858..ed544571cf 100644
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@@ -13390,7 +13390,7 @@ _get_managed_by_flags(NMUnmanagedFlags flags, NMUnmanagedFlags mask, gboolean fo
 			return TRUE;
 
 		/* A for-user-request, is effectively the same as pretending
-		 * that user-dbus flag is cleared. */
+		 * that user-explicit flag is cleared. */
 		mask |= NM_UNMANAGED_USER_EXPLICIT;
 		flags &= ~NM_UNMANAGED_USER_EXPLICIT;
 	}
@@ -13442,6 +13442,9 @@ _get_managed_by_flags(NMUnmanagedFlags flags, NMUnmanagedFlags mask, gboolean fo
  * nm_device_get_managed:
  * @self: the #NMDevice
  * @for_user_request: whether to check the flags for an explicit user-request
+ *   Setting this to %TRUE has the same effect as if %NM_UNMANAGED_USER_EXPLICIT
+ *   unmanaged flag would be unset (meaning: explicitly not-unmanaged).
+ *   If this parameter is %TRUE, the device can only appear more managed.
  *
  * Whether the device is unmanaged according to the unmanaged flags.
  *
@@ -14011,13 +14014,17 @@ _nm_device_check_connection_available (NMDevice *self,
 		return FALSE;
 	}
 	if (state < NM_DEVICE_STATE_UNAVAILABLE) {
-		if (!nm_device_get_managed (self, TRUE)) {
-			if (!nm_device_get_managed (self, FALSE)) {
+		if (nm_device_get_managed (self, FALSE)) {
+			/* device is managed, both for user-requests and non-user-requests alike. */
+		} else {
+			if (!nm_device_get_managed (self, TRUE)) {
+				/* device is strictly unmanaged by authoritative unmanaged reasons. */
 				nm_utils_error_set_literal (error, NM_UTILS_ERROR_CONNECTION_AVAILABLE_UNMANAGED_DEVICE,
 				                            "device is strictly unmanaged");
 				return FALSE;
 			}
 			if (!NM_FLAGS_HAS (flags, _NM_DEVICE_CHECK_CON_AVAILABLE_FOR_USER_REQUEST_OVERRULE_UNMANAGED)) {
+				/* device could be managed for an explict user-request, but this is not such a request. */
 				nm_utils_error_set_literal (error, NM_UTILS_ERROR_CONNECTION_AVAILABLE_UNMANAGED_DEVICE,
 				                            "device is currently unmanaged");
 				return FALSE;

From 3309af1a2eb81420589c64c84673ad274fa23bfa Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 22 May 2019 12:54:53 +0200
Subject: [PATCH 29/31] libnm: fix parsing "nsna_ping" team link watcher from
 GVariant

Fixes: ba4ce843fa79 ('libnm-core: add backend for GVariant de/serialization of link_watchers.')
(cherry picked from commit 61b1d1e96314f8afbe1bf2ff087a062bc938879a)
---
 libnm-core/nm-utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libnm-core/nm-utils.c b/libnm-core/nm-utils.c
index d5e6949a9e..eb57e91795 100644
--- a/libnm-core/nm-utils.c
+++ b/libnm-core/nm-utils.c
@@ -6354,7 +6354,7 @@ _nm_utils_team_link_watchers_from_variant (GVariant *value)
 		} else {
 			if (!g_variant_lookup (watcher_var, "target-host", "&s", &target_host))
 				goto next;
-			if (!g_variant_lookup (watcher_var, "init_wait", "i", &val1))
+			if (!g_variant_lookup (watcher_var, "init-wait", "i", &val1))
 				val1 = 0;
 			if (!g_variant_lookup (watcher_var, "interval", "i", &val2))
 				val2 = 0;

From 034a1011e9037da3b4214356e168dcffb3eddfe3 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 14 May 2019 13:37:35 +0200
Subject: [PATCH 30/31] logging: fix stack overflow in logging for iov_data
 array

This overflow could only happen when we would try to log a message
with "NM_DEVICE=", "NM_CONNECTION=", and more than 8 logging domains
(_NUM_MAX_FIELDS_SYSLOG_FACILITY - 2).

The latter is never the case. While we sometimes log messages with
more than one logging domain, there are no logging statements that
use most as 8 different logging domains. So, this overflow is not
actually reachable from current code (I think).

Fixes: ed552c732c76 ('logging: log device and connection along with the message'):
(cherry picked from commit 138c187376cff1c14c66a3fdc502d260178081bb)
---
 src/nm-logging.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nm-logging.c b/src/nm-logging.c
index 48e51421b9..664926c12e 100644
--- a/src/nm-logging.c
+++ b/src/nm-logging.c
@@ -738,7 +738,7 @@ _nm_log_impl (const char *file,
 		{
 			gint64 now, boottime;
 #define _NUM_MAX_FIELDS_SYSLOG_FACILITY 10
-			struct iovec iov_data[12 + _NUM_MAX_FIELDS_SYSLOG_FACILITY];
+			struct iovec iov_data[14 + _NUM_MAX_FIELDS_SYSLOG_FACILITY];
 			struct iovec *iov = iov_data;
 			gpointer iov_free_data[5];
 			gpointer *iov_free = iov_free_data;

From 05c933356c95dab53d1bcdbaf5c0c431ecbc259a Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 14 May 2019 12:28:22 +0200
Subject: [PATCH 31/31] logging: don't misuse SYSLOG_FACILITY field in journal

Syslog's "facility" is a well defined thing and must be
one of a few well-known numbers. Don't re-use it for our
own purposes.

Fixes: 1b808d3b255c ('logging: add native systemd-journald support to nm-logging')

https://bugzilla.redhat.com/show_bug.cgi?id=1709741
(cherry picked from commit cc2553e871ca7cff7e4e3f5d92321a6789731b4d)
---
 src/nm-logging.c | 24 +++++++-----------------
 1 file changed, 7 insertions(+), 17 deletions(-)

diff --git a/src/nm-logging.c b/src/nm-logging.c
index 664926c12e..255b0e0ceb 100644
--- a/src/nm-logging.c
+++ b/src/nm-logging.c
@@ -618,6 +618,8 @@ _iovec_set_string (struct iovec *iov, const char *str)
 	_iovec_set (iov, str, strlen (str));
 }
 
+#define _iovec_set_string_literal(iov, str) _iovec_set ((iov), ""str"", NM_STRLEN (str))
+
 _nm_printf (3, 4)
 static void
 _iovec_set_format (struct iovec *iov, gpointer *iov_free, const char *format, ...)
@@ -737,8 +739,7 @@ _nm_log_impl (const char *file,
 	case LOG_BACKEND_JOURNAL:
 		{
 			gint64 now, boottime;
-#define _NUM_MAX_FIELDS_SYSLOG_FACILITY 10
-			struct iovec iov_data[14 + _NUM_MAX_FIELDS_SYSLOG_FACILITY];
+			struct iovec iov_data[15];
 			struct iovec *iov = iov_data;
 			gpointer iov_free_data[5];
 			gpointer *iov_free = iov_free_data;
@@ -753,12 +754,10 @@ _nm_log_impl (const char *file,
 			_iovec_set_format_a (iov++, 30, "SYSLOG_PID=%ld", (long) getpid ());
 			{
 				const LogDesc *diter;
-				int i_domain = _NUM_MAX_FIELDS_SYSLOG_FACILITY;
 				const char *s_domain_1 = NULL;
 				NMLogDomain dom_all = domain;
-				NMLogDomain dom = dom_all & cur_log_state[level];
 
-				for (diter = &domain_desc[0]; diter->name; diter++) {
+				for (diter = &domain_desc[0]; dom_all != 0 && diter->name; diter++) {
 					if (!NM_FLAGS_ANY (dom_all, diter->num))
 						continue;
 
@@ -776,23 +775,14 @@ _nm_log_impl (const char *file,
 						g_string_append_c (s_domain_all, ',');
 						g_string_append (s_domain_all, diter->name);
 					}
-
-					if (NM_FLAGS_ANY (dom, diter->num)) {
-						if (i_domain > 0) {
-							/* SYSLOG_FACILITY is specified multiple times for each domain that is actually enabled. */
-							_iovec_set_format_str_a (iov++, 30, "SYSLOG_FACILITY=%s", diter->name);
-							i_domain--;
-						}
-						dom &= ~diter->num;
-					}
-					if (!dom && !dom_all)
-						break;
 				}
 				if (s_domain_all)
 					_iovec_set (iov++, s_domain_all->str, s_domain_all->len);
 				else
 					_iovec_set_format_str_a (iov++, 30, "NM_LOG_DOMAINS=%s", s_domain_1);
 			}
+			G_STATIC_ASSERT_EXPR (LOG_FAC (LOG_DAEMON) == 3);
+			_iovec_set_string_literal (iov++, "SYSLOG_FACILITY=3");
 			_iovec_set_format_str_a (iov++, 15, "NM_LOG_LEVEL=%s", level_desc[level].name);
 			if (func)
 				_iovec_set_format (iov++, iov_free++, "CODE_FUNC=%s", func);
@@ -907,7 +897,7 @@ nm_log_handler (const char *log_domain,
 			                 "MESSAGE=%s%s", gl.imm.prefix, message ?: "",
 			                 syslog_identifier_full (gl.imm.syslog_identifier),
 			                 "SYSLOG_PID=%ld", (long) getpid (),
-			                 "SYSLOG_FACILITY=GLIB",
+			                 "SYSLOG_FACILITY=3",
 			                 "GLIB_DOMAIN=%s", log_domain ?: "",
 			                 "GLIB_LEVEL=%d", (int) (level & G_LOG_LEVEL_MASK),
 			                 "TIMESTAMP_MONOTONIC=%lld.%06lld", (long long) (now / NM_UTILS_NS_PER_SECOND), (long long) ((now % NM_UTILS_NS_PER_SECOND) / 1000),