fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-26 18:10:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

all: merge branch 'th/autoconnect-rh1401515-2'

Browse source 
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1401515
This commit is contained in:
Thomas Haller 2017-11-02 11:42:36 +01:00
commit eed8ea458b
16 changed files with 127 additions and 169 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
clients/common/nm-meta-setting-desc.c
View file

@ -4691,9 +4691,6 @@ static const NMMetaPropertyInfo *const property_infos_802_1X[] = {
PROPERTY_INFO_WITH_DESC (NM_SETTING_802_1X_AUTH_TIMEOUT,
.property_type = &_pt_gobject_int,
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_802_1X_AUTH_RETRIES,
.property_type = &_pt_gobject_int,
),
NULL
};
@ -4972,6 +4969,9 @@ static const NMMetaPropertyInfo *const property_infos_CONNECTION[] = {
),
),
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_CONNECTION_AUTH_RETRIES,
.property_type = &_pt_gobject_int,
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_CONNECTION_TIMESTAMP,
.property_type = &_pt_gobject_readonly,
),

2
clients/common/settings-docs.c.in
View file

@ -43,7 +43,6 @@
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_WPS_METHOD N_("Flags indicating which mode of WPS is to be used if any. There's little point in changing the default setting as NetworkManager will automatically determine whether it's feasible to start WPS enrollment from the Access Point capabilities. WPS can be disabled by setting this property to a value of 1.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_ALTSUBJECT_MATCHES N_("List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate's altSubjectName is performed.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_ANONYMOUS_IDENTITY N_("Anonymous identity string for EAP authentication methods. Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_AUTH_RETRIES N_("The number of retries for the authentication. Zero means to try indefinitely; -1 means to use a global default. If the global default is not set, the authentication retries for 3 times before failing the connection.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_AUTH_TIMEOUT N_("A timeout for the authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_CA_CERT N_("Contains the CA certificate if used by the EAP method specified in the \"eap\" property. Certificate data is specified using a \"scheme\"; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string \"file://\" and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.")
#define DESCRIBE_DOC_NM_SETTING_802_1X_CA_CERT_PASSWORD N_("The password used to access the CA certificate stored in \"ca-cert\" property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.")
@ -135,6 +134,7 @@
#define DESCRIBE_DOC_NM_SETTING_CDMA_PASSWORD N_("The password used to authenticate with the network, if required. Many providers do not require a password, or accept any password. But if a password is required, it is specified here.")
#define DESCRIBE_DOC_NM_SETTING_CDMA_PASSWORD_FLAGS N_("Flags indicating how to handle the \"password\" property.")
#define DESCRIBE_DOC_NM_SETTING_CDMA_USERNAME N_("The username used to authenticate with the network, if required. Many providers do not require a username, or accept any username. But if a username is required, it is specified here.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTH_RETRIES N_("The number of retries for the authentication. Zero means to try indefinitely; -1 means to use a global default. If the global default is not set, the authentication retries for 3 times before failing the connection. Currently this only applies to 802-1x authentication.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT N_("Whether or not the connection should be automatically connected by NetworkManager when the resources for the connection are available. TRUE to automatically activate the connection, FALSE to require manual intervention to activate the connection.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_PRIORITY N_("The autoconnect priority. If the connection is set to autoconnect, connections with higher priority will be preferred. Defaults to 0. The higher number means higher priority.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_RETRIES N_("The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden). Setting this to 1 means to try activation only once before blocking autoconnect. Note that after a timeout, NetworkManager will try to autoconnect again.")

53
libnm-core/nm-setting-8021x.c
View file

@ -116,7 +116,6 @@ typedef struct {
NMSettingSecretFlags phase2_private_key_password_flags;
gboolean system_ca_certs;
gint auth_timeout;
gint auth_retries;
} NMSetting8021xPrivate;
enum {
@ -165,7 +164,6 @@ enum {
PROP_PIN_FLAGS,
PROP_SYSTEM_CA_CERTS,
PROP_AUTH_TIMEOUT,
PROP_AUTH_RETRIES,
LAST_PROP
};
@ -2747,25 +2745,6 @@ nm_setting_802_1x_get_auth_timeout (NMSetting8021x *setting)
return NM_SETTING_802_1X_GET_PRIVATE (setting)->auth_timeout;
}
/**
* nm_setting_802_1x_get_auth_retries:
* @setting: the #NMSetting8021x
*
* Returns the value contained in the #NMSetting8021x:auth-retries property.
*
* Returns: the configured authentication retries in seconds. Zero means
* infinity and -1 means a global default value.
*
* Since: 1.10
**/
gint
nm_setting_802_1x_get_auth_retries (NMSetting8021x *setting)
{
g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), -1);
return NM_SETTING_802_1X_GET_PRIVATE (setting)->auth_retries;
}
static void
need_secrets_password (NMSetting8021x *self,
GPtrArray *secrets,
@ -3644,9 +3623,6 @@ set_property (GObject *object, guint prop_id,
case PROP_AUTH_TIMEOUT:
priv->auth_timeout = g_value_get_int (value);
break;
case PROP_AUTH_RETRIES:
priv->auth_retries = g_value_get_int (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -3793,9 +3769,6 @@ get_property (GObject *object, guint prop_id,
case PROP_AUTH_TIMEOUT:
g_value_set_int (value, priv->auth_timeout);
break;
case PROP_AUTH_RETRIES:
g_value_set_int (value, priv->auth_retries);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -4851,30 +4824,4 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class)
G_PARAM_READWRITE |
NM_SETTING_PARAM_FUZZY_IGNORE |
G_PARAM_STATIC_STRINGS));
/**
* NMSetting8021x:auth-retries:
*
* The number of retries for the authentication. Zero means to try indefinitely; -1 means
* to use a global default. If the global default is not set, the authentication
* retries for 3 times before failing the connection.
*
* Since: 1.10
**/
/* ---ifcfg-rh---
* property: auth-retries
* variable: IEEE_8021X_AUTH_RETRIES(+)
* default: 0
* description: Number of retries for the 802.1X authentication.
* ---end---
*/
g_object_class_install_property
(object_class, PROP_AUTH_RETRIES,
g_param_spec_int (NM_SETTING_802_1X_AUTH_RETRIES, "", "",
-1, G_MAXINT32, -1,
G_PARAM_READWRITE |
G_PARAM_CONSTRUCT |
NM_SETTING_PARAM_FUZZY_IGNORE |
G_PARAM_STATIC_STRINGS));
}

3
libnm-core/nm-setting-8021x.h
View file

@ -151,7 +151,6 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_auth_flags >*/
#define NM_SETTING_802_1X_PIN_FLAGS "pin-flags"
#define NM_SETTING_802_1X_SYSTEM_CA_CERTS "system-ca-certs"
#define NM_SETTING_802_1X_AUTH_TIMEOUT "auth-timeout"
#define NM_SETTING_802_1X_AUTH_RETRIES "auth-retries"
/* PRIVATE KEY NOTE: when setting PKCS#12 private keys directly via properties
* using the "blob" scheme, the data must be passed in PKCS#12 binary format.
@ -362,8 +361,6 @@ NM_AVAILABLE_IN_1_8
NMSetting8021xAuthFlags nm_setting_802_1x_get_phase1_auth_flags (NMSetting8021x *setting);
NM_AVAILABLE_IN_1_8
gint nm_setting_802_1x_get_auth_timeout (NMSetting8021x *setting);
NM_AVAILABLE_IN_1_10
gint nm_setting_802_1x_get_auth_retries (NMSetting8021x *setting);
G_END_DECLS

54
libnm-core/nm-setting-connection.c
View file

@ -80,6 +80,7 @@ typedef struct {
guint gateway_ping_timeout;
NMMetered metered;
NMSettingConnectionLldp lldp;
gint auth_retries;
} NMSettingConnectionPrivate;
enum {
@ -103,6 +104,7 @@ enum {
PROP_METERED,
PROP_LLDP,
PROP_STABLE_ID,
PROP_AUTH_RETRIES,
LAST_PROP
};
@ -552,6 +554,25 @@ nm_setting_connection_get_autoconnect_retries (NMSettingConnection *setting)
return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->autoconnect_retries;
}
/**
* nm_setting_connection_get_auth_retries:
* @setting: the #NMSettingConnection
*
* Returns the value contained in the #NMSettingConnection:auth-retries property.
*
* Returns: the configured authentication retries. Zero means
* infinity and -1 means a global default value.
*
* Since: 1.10
**/
gint
nm_setting_connection_get_auth_retries (NMSettingConnection *setting)
{
g_return_val_if_fail (NM_IS_SETTING_CONNECTION (setting), -1);
return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->auth_retries;
}
/**
* nm_setting_connection_get_timestamp:
* @setting: the #NMSettingConnection
@ -1308,6 +1329,9 @@ set_property (GObject *object, guint prop_id,
case PROP_LLDP:
priv->lldp = g_value_get_int (value);
break;
case PROP_AUTH_RETRIES:
priv->auth_retries = g_value_get_int (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -1393,6 +1417,9 @@ get_property (GObject *object, guint prop_id,
case PROP_LLDP:
g_value_set_int (value, priv->lldp);
break;
case PROP_AUTH_RETRIES:
g_value_set_int (value, priv->auth_retries);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -1928,4 +1955,31 @@ nm_setting_connection_class_init (NMSettingConnectionClass *setting_class)
G_PARAM_READWRITE |
G_PARAM_CONSTRUCT |
G_PARAM_STATIC_STRINGS));
/**
* NMSettingConnection:auth-retries:
*
* The number of retries for the authentication. Zero means to try indefinitely; -1 means
* to use a global default. If the global default is not set, the authentication
* retries for 3 times before failing the connection.
*
* Currently this only applies to 802-1x authentication.
*
* Since: 1.10
**/
/* ---ifcfg-rh---
* property: auth-retries
* variable: AUTH_RETRIES(+)
* default: 0
* description: Number of retries for authentication.
* ---end---
*/
g_object_class_install_property
(object_class, PROP_AUTH_RETRIES,
g_param_spec_int (NM_SETTING_CONNECTION_AUTH_RETRIES, "", "",
-1, G_MAXINT32, -1,
G_PARAM_READWRITE |
G_PARAM_CONSTRUCT |
NM_SETTING_PARAM_FUZZY_IGNORE |
G_PARAM_STATIC_STRINGS));
}

4
libnm-core/nm-setting-connection.h
View file

@ -63,6 +63,7 @@ G_BEGIN_DECLS
#define NM_SETTING_CONNECTION_GATEWAY_PING_TIMEOUT "gateway-ping-timeout"
#define NM_SETTING_CONNECTION_METERED "metered"
#define NM_SETTING_CONNECTION_LLDP "lldp"
#define NM_SETTING_CONNECTION_AUTH_RETRIES "auth-retries"
/* Types for property values */
/**
@ -166,6 +167,9 @@ NMMetered nm_setting_connection_get_metered (NMSettingConnection *setting);
NM_AVAILABLE_IN_1_2
NMSettingConnectionLldp nm_setting_connection_get_lldp (NMSettingConnection *setting);
NM_AVAILABLE_IN_1_10
gint nm_setting_connection_get_auth_retries (NMSettingConnection *setting);
G_END_DECLS
#endif /* __NM_SETTING_CONNECTION_H__ */

1
libnm-core/tests/test-general.c
View file

@ -2571,6 +2571,7 @@ test_connection_diff_a_only (void)
{ NM_SETTING_CONNECTION_GATEWAY_PING_TIMEOUT, NM_SETTING_DIFF_RESULT_IN_A },
{ NM_SETTING_CONNECTION_METERED, NM_SETTING_DIFF_RESULT_IN_A },
{ NM_SETTING_CONNECTION_LLDP, NM_SETTING_DIFF_RESULT_IN_A },
{ NM_SETTING_CONNECTION_AUTH_RETRIES, NM_SETTING_DIFF_RESULT_IN_A },
{ NULL, NM_SETTING_DIFF_RESULT_UNKNOWN }
} },
{ NM_SETTING_WIRED_SETTING_NAME, {

1
libnm/libnm.ver
View file

@ -1193,6 +1193,7 @@ global:
nm_device_ppp_get_type;
nm_ip_route_equal_full;
nm_setting_bridge_get_group_forward_mask;
nm_setting_connection_get_auth_retries;
nm_setting_ip_config_get_route_table;
nm_setting_ovs_bridge_get_fail_mode;
nm_setting_ovs_bridge_get_mcast_snooping_enable;

10
man/NetworkManager.conf.xml
View file

@ -641,6 +641,11 @@ ipv6.ip6-privacy=0
A default value is only consulted if the corresponding per-connection value
explicitly allows for that.
<variablelist>
<varlistentry>
<term><varname>connection.auth-retries</varname></term>
<listitem><para>If left unspecified, the default value is 3 tries before failing the connection.
</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>connection.autoconnect-slaves</varname></term>
</varlistentry>
@ -742,11 +747,6 @@ ipv6.ip6-privacy=0
<listitem><para>If left unspecified, the default value
"<literal>optional</literal>" will be used.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>802-1x.auth-retries</varname></term>
<listitem><para>If left unspecified, the default value is 3 tries before failing the connection.
</para></listitem>
</varlistentry>
</variablelist>
</para>
</refsect2>

19
src/devices/nm-device-ethernet.c
View file

@ -115,8 +115,6 @@ typedef struct _NMDeviceEthernetPrivate {
DcbWait dcb_wait;
guint dcb_timeout_id;
int auth_retries;
bool dcb_handle_carrier_changes:1;
} NMDeviceEthernetPrivate;
@ -262,18 +260,8 @@ device_state_changed (NMDevice *device,
NMDeviceState old_state,
NMDeviceStateReason reason)
{
NMDeviceEthernetPrivate *priv;
if (new_state > NM_DEVICE_STATE_ACTIVATED)
wired_secrets_cancel (NM_DEVICE_ETHERNET (device));
if (NM_IN_SET (new_state,
NM_DEVICE_STATE_ACTIVATED,
NM_DEVICE_STATE_FAILED,
NM_DEVICE_STATE_DISCONNECTED)) {
priv = NM_DEVICE_ETHERNET_GET_PRIVATE (NM_DEVICE_ETHERNET (device));
priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET;
}
}
static void
@ -284,7 +272,6 @@ nm_device_ethernet_init (NMDeviceEthernet *self)
priv = G_TYPE_INSTANCE_GET_PRIVATE (self, NM_TYPE_DEVICE_ETHERNET, NMDeviceEthernetPrivate);
self->_priv = priv;
priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET;
priv->s390_options = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_free);
}
@ -677,8 +664,7 @@ handle_auth_or_fail (NMDeviceEthernet *self,
priv = NM_DEVICE_ETHERNET_GET_PRIVATE (self);
if (!nm_device_802_1x_auth_retries_try_next (NM_DEVICE (self),
&priv->auth_retries))
if (!nm_device_auth_retries_try_next (NM_DEVICE (self)))
return NM_ACT_STAGE_RETURN_FAILURE;
nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE);
@ -1343,9 +1329,6 @@ deactivate (NMDevice *device)
NMSettingDcb *s_dcb;
GError *error = NULL;
/* Clear wired secrets tries when deactivating */
priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET;
nm_clear_g_source (&priv->pppoe_wait_id);
if (priv->ppp_manager) {

16
src/devices/nm-device-macsec.c
View file

@ -72,7 +72,6 @@ typedef struct {
Supplicant supplicant;
guint supplicant_timeout_id;
NMActRequestGetSecretsCallId macsec_secrets_id;
int auth_retries;
} NMDeviceMacsecPrivate;
struct _NMDeviceMacsec {
@ -484,8 +483,7 @@ handle_auth_or_fail (NMDeviceMacsec *self,
priv = NM_DEVICE_MACSEC_GET_PRIVATE (self);
if (!nm_device_802_1x_auth_retries_try_next (NM_DEVICE (self),
&priv->auth_retries))
if (!nm_device_auth_retries_try_next (NM_DEVICE (self)))
return NM_ACT_STAGE_RETURN_FAILURE;
nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE);
@ -741,17 +739,8 @@ device_state_changed (NMDevice *device,
NMDeviceState old_state,
NMDeviceStateReason reason)
{
NMDeviceMacsecPrivate *priv;
if (new_state > NM_DEVICE_STATE_ACTIVATED)
macsec_secrets_cancel (NM_DEVICE_MACSEC (device));
if (NM_IN_SET (new_state, NM_DEVICE_STATE_ACTIVATED,
NM_DEVICE_STATE_FAILED,
NM_DEVICE_STATE_DISCONNECTED)) {
priv = NM_DEVICE_MACSEC_GET_PRIVATE (NM_DEVICE_MACSEC (device));
priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET;
}
}
/******************************************************************/
@ -810,9 +799,6 @@ get_property (GObject *object, guint prop_id,
static void
nm_device_macsec_init (NMDeviceMacsec *self)
{
NMDeviceMacsecPrivate *priv = NM_DEVICE_MACSEC_GET_PRIVATE (self);
priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET;
}
static void

47
src/devices/nm-device.c
View file

@ -89,6 +89,10 @@ _LOG_DECLARE_SELF (NMDevice);
#define CARRIER_WAIT_TIME_MS 5000
#define CARRIER_WAIT_TIME_AFTER_MTU_MS 10000
#define NM_DEVICE_AUTH_RETRIES_UNSET -1
#define NM_DEVICE_AUTH_RETRIES_INFINITY -2
#define NM_DEVICE_AUTH_RETRIES_DEFAULT 3
/*****************************************************************************/
typedef void (*ActivationHandleFunc) (NMDevice *self);
@ -238,6 +242,8 @@ typedef struct _NMDevicePrivate {
int parent_ifindex;
int auth_retries;
union {
const guint8 hw_addr_len; /* read-only */
guint8 hw_addr_len_;
@ -12877,6 +12883,10 @@ _set_state_full (NMDevice *self,
NM_DEVICE_SYS_IFACE_STATE_ASSUME))
nm_device_sys_iface_state_set (self, NM_DEVICE_SYS_IFACE_STATE_MANAGED);
if ( state <= NM_DEVICE_STATE_DISCONNECTED
|| state >= NM_DEVICE_STATE_ACTIVATED)
priv->auth_retries = NM_DEVICE_AUTH_RETRIES_UNSET;
if (state > NM_DEVICE_STATE_DISCONNECTED)
nm_device_assume_state_reset (self);
@ -14024,48 +14034,50 @@ nm_device_get_supplicant_timeout (NMDevice *self)
}
gboolean
nm_device_802_1x_auth_retries_try_next (NMDevice *self, int *p_auth_retries)
nm_device_auth_retries_try_next (NMDevice *self)
{
NMConnection *applied_connection;
NMSetting8021x *security;
int auth_retries = *p_auth_retries;
NMDevicePrivate *priv;
NMSettingConnection *s_con;
int auth_retries;
if (G_UNLIKELY (auth_retries == NM_DEVICE_802_1X_AUTH_RETRIES_UNSET)) {
g_return_val_if_fail (NM_IS_DEVICE (self), FALSE);
priv = NM_DEVICE_GET_PRIVATE (self);
auth_retries = priv->auth_retries;
if (G_UNLIKELY (auth_retries == NM_DEVICE_AUTH_RETRIES_UNSET)) {
auth_retries = -1;
applied_connection = nm_device_get_applied_connection (NM_DEVICE (self));
if (applied_connection) {
security = nm_connection_get_setting_802_1x (applied_connection);
if (security)
auth_retries = nm_setting_802_1x_get_auth_retries (security);
}
s_con = NM_SETTING_CONNECTION (nm_device_get_applied_setting (self, NM_TYPE_SETTING_CONNECTION));
if (s_con)
auth_retries = nm_setting_connection_get_auth_retries (s_con);
if (auth_retries == -1) {
gs_free char *value = NULL;
value = nm_config_data_get_connection_default (NM_CONFIG_GET_DATA,
"802-1x.auth-retries",
"connection.auth-retries",
self);
auth_retries = _nm_utils_ascii_str_to_int64 (value, 10, -1, G_MAXINT32, -1);
}
if (auth_retries == 0)
auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY;
auth_retries = NM_DEVICE_AUTH_RETRIES_INFINITY;
else if (auth_retries == -1)
auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_DEFAULT;
auth_retries = NM_DEVICE_AUTH_RETRIES_DEFAULT;
else
nm_assert (auth_retries > 0);
*p_auth_retries = auth_retries;
priv->auth_retries = auth_retries;
}
if (auth_retries == NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY)
if (auth_retries == NM_DEVICE_AUTH_RETRIES_INFINITY)
return TRUE;
if (auth_retries <= 0) {
nm_assert (auth_retries == 0);
return FALSE;
}
(*p_auth_retries)--;
priv->auth_retries--;
return TRUE;
}
@ -14104,6 +14116,7 @@ nm_device_init (NMDevice *self)
priv->netns = g_object_ref (NM_NETNS_GET);
priv->auth_retries = NM_DEVICE_AUTH_RETRIES_UNSET;
priv->type = NM_DEVICE_TYPE_UNKNOWN;
priv->capabilities = NM_DEVICE_CAP_NM_SUPPORTED;
priv->state = NM_DEVICE_STATE_UNMANAGED;

6
src/devices/nm-device.h
View file

@ -736,11 +736,7 @@ void nm_device_update_permanent_hw_address (NMDevice *self, gboolean force_freez
void nm_device_update_dynamic_ip_setup (NMDevice *self);
guint nm_device_get_supplicant_timeout (NMDevice *self);
#define NM_DEVICE_802_1X_AUTH_RETRIES_UNSET -1
#define NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY -2
#define NM_DEVICE_802_1X_AUTH_RETRIES_DEFAULT 3
gboolean nm_device_802_1x_auth_retries_try_next (NMDevice *self, int *p_auth_retry);
gboolean nm_device_auth_retries_try_next (NMDevice *self);
gboolean nm_device_hw_addr_get_cloned (NMDevice *self,
NMConnection *connection,

31
src/devices/wifi/nm-device-wifi.c
View file

@ -63,8 +63,6 @@ _LOG_DECLARE_SELF(NMDeviceWifi);
#define SCAN_RAND_MAC_ADDRESS_EXPIRE_MIN 5
static NM_CACHED_QUARK_FCN ("wireless-secrets-tries", wireless_secrets_tries_quark)
/*****************************************************************************/
NM_GOBJECT_PROPERTIES_DEFINE (NMDeviceWifi,
@ -2336,7 +2334,6 @@ handle_auth_or_fail (NMDeviceWifi *self,
{
NMDeviceWifiPrivate *priv = NM_DEVICE_WIFI_GET_PRIVATE (self);
const char *setting_name;
guint32 tries;
NMConnection *applied_connection;
NMSettingWirelessSecurity *s_wsec;
const char *bssid = NULL;
@ -2352,14 +2349,12 @@ handle_auth_or_fail (NMDeviceWifi *self,
g_return_val_if_fail (req, FALSE);
}
applied_connection = nm_act_request_get_applied_connection (req);
tries = GPOINTER_TO_UINT (g_object_get_qdata (G_OBJECT (applied_connection), wireless_secrets_tries_quark ()));
if (tries > 3)
if (!nm_device_auth_retries_try_next (NM_DEVICE (self)))
return FALSE;
nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE);
applied_connection = nm_act_request_get_applied_connection (req);
s_wsec = nm_connection_get_setting_wireless_security (applied_connection);
wps_method = nm_setting_wireless_security_get_wps_method (s_wsec);
@ -2408,7 +2403,6 @@ handle_auth_or_fail (NMDeviceWifi *self,
if (new_secrets)
get_secret_flags |= NM_SECRET_AGENT_GET_SECRETS_FLAG_REQUEST_NEW;
wifi_secrets_get_secrets (self, setting_name, get_secret_flags);
g_object_set_qdata (G_OBJECT (applied_connection), wireless_secrets_tries_quark (), GUINT_TO_POINTER (++tries));
return TRUE;
}
@ -3074,9 +3068,6 @@ activation_success_handler (NMDevice *device)
/* Clear any critical protocol notification in the wifi stack */
nm_platform_wifi_indicate_addressing_running (nm_device_get_platform (device), ifindex, FALSE);
/* Clear wireless secrets tries on success */
g_object_set_qdata (G_OBJECT (applied_connection), wireless_secrets_tries_quark (), NULL);
/* There should always be a current AP, either a fake one because we haven't
* seen a scan result for the activated AP yet, or a real one from the
* supplicant's scan list.
@ -3122,21 +3113,6 @@ activation_success_handler (NMDevice *device)
priv->scan_interval = SCAN_INTERVAL_MIN + (SCAN_INTERVAL_STEP * 2);
}
static void
activation_failure_handler (NMDevice *device)
{
NMConnection *applied_connection;
applied_connection = nm_device_get_applied_connection (device);
g_assert (applied_connection);
/* Clear wireless secrets tries on failure */
g_object_set_qdata (G_OBJECT (applied_connection), wireless_secrets_tries_quark (), NULL);
/* Clear any critical protocol notification in the wifi stack */
nm_platform_wifi_indicate_addressing_running (nm_device_get_platform (device), nm_device_get_ifindex (device), FALSE);
}
static void
device_state_changed (NMDevice *device,
NMDeviceState new_state,
@ -3191,7 +3167,8 @@ device_state_changed (NMDevice *device,
activation_success_handler (device);
break;
case NM_DEVICE_STATE_FAILED:
activation_failure_handler (device);
/* Clear any critical protocol notification in the wifi stack */
nm_platform_wifi_indicate_addressing_running (nm_device_get_platform (device), nm_device_get_ifindex (device), FALSE);
break;
case NM_DEVICE_STATE_DISCONNECTED:
/* Kick off a scan to get latest results */

7
src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
View file

@ -193,6 +193,7 @@ make_connection_setting (const char *file,
const char *v;
gs_free char *stable_id = NULL;
const char *const *iter;
int vint64;
ifcfg_name = utils_get_ifcfg_name (file, TRUE);
if (!ifcfg_name)
@ -329,6 +330,9 @@ make_connection_setting (const char *file,
break;
}
vint64 = svGetValueInt64 (ifcfg, "AUTH_RETRIES", 10, -1, G_MAXINT32, -1);
g_object_set (s_con, NM_SETTING_CONNECTION_AUTH_RETRIES, (gint) vint64, NULL);
return NM_SETTING (s_con);
}
@ -3358,9 +3362,6 @@ next:
timeout = svGetValueInt64 (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", 10, 0, G_MAXINT32, 0);
g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_TIMEOUT, (gint) timeout, NULL);
timeout = svGetValueInt64 (ifcfg, "IEEE_8021X_AUTH_RETRIES", 10, -1, G_MAXINT32, -1);
g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_RETRIES, (gint) timeout, NULL);
return g_steal_pointer (&s_8021x);
}

36
src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
View file

@ -560,9 +560,6 @@ write_8021x_setting (NMConnection *connection,
vint = nm_setting_802_1x_get_auth_timeout (s_8021x);
svSetValueInt64_cond (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", vint > 0, vint);
vint = nm_setting_802_1x_get_auth_retries (s_8021x);
svSetValueInt64_cond (ifcfg, "IEEE_8021X_AUTH_RETRIES", vint > 0, vint);
if (!write_8021x_certs (s_8021x, secrets, blobs, FALSE, ifcfg, error))
return FALSE;
@ -1723,7 +1720,8 @@ write_connection_setting (NMSettingConnection *s_con, shvarFile *ifcfg)
guint32 n, i;
GString *str;
const char *master, *master_iface = NULL, *type;
gint i_int;
gint vint;
guint32 vuint32;
const char *tmp;
svSetValueStr (ifcfg, "NAME", nm_setting_connection_get_id (s_con));
@ -1732,17 +1730,15 @@ write_connection_setting (NMSettingConnection *s_con, shvarFile *ifcfg)
svSetValueStr (ifcfg, "DEVICE", nm_setting_connection_get_interface_name (s_con));
svSetValueBoolean (ifcfg, "ONBOOT", nm_setting_connection_get_autoconnect (s_con));
i_int = nm_setting_connection_get_autoconnect_priority (s_con);
if (i_int != NM_SETTING_CONNECTION_AUTOCONNECT_PRIORITY_DEFAULT)
svSetValueInt64 (ifcfg, "AUTOCONNECT_PRIORITY", i_int);
else
svUnsetValue (ifcfg, "AUTOCONNECT_PRIORITY");
vint = nm_setting_connection_get_autoconnect_priority (s_con);
svSetValueInt64_cond (ifcfg, "AUTOCONNECT_PRIORITY",
vint != NM_SETTING_CONNECTION_AUTOCONNECT_PRIORITY_DEFAULT,
vint);
i_int = nm_setting_connection_get_autoconnect_retries (s_con);
if (i_int != -1)
svSetValueInt64 (ifcfg, "AUTOCONNECT_RETRIES", i_int);
else
svUnsetValue (ifcfg, "AUTOCONNECT_RETRIES");
vint = nm_setting_connection_get_autoconnect_retries (s_con);
svSetValueInt64_cond (ifcfg, "AUTOCONNECT_RETRIES",
vint != -1,
vint);
/* Only save the value for master connections */
type = nm_setting_connection_get_connection_type (s_con);
@ -1858,11 +1854,10 @@ write_connection_setting (NMSettingConnection *s_con, shvarFile *ifcfg)
g_string_free (str, TRUE);
}
if (nm_setting_connection_get_gateway_ping_timeout (s_con)) {
svSetValueInt64 (ifcfg, "GATEWAY_PING_TIMEOUT",
nm_setting_connection_get_gateway_ping_timeout (s_con));
} else
svUnsetValue (ifcfg, "GATEWAY_PING_TIMEOUT");
vuint32 = nm_setting_connection_get_gateway_ping_timeout (s_con);
svSetValueInt64_cond (ifcfg, "GATEWAY_PING_TIMEOUT",
vuint32 != 0,
vuint32);
switch (nm_setting_connection_get_metered (s_con)) {
case NM_METERED_YES:
@ -1874,6 +1869,9 @@ write_connection_setting (NMSettingConnection *s_con, shvarFile *ifcfg)
default:
svUnsetValue (ifcfg, "CONNECTION_METERED");
}
vint = nm_setting_connection_get_auth_retries (s_con);
svSetValueInt64_cond (ifcfg, "AUTH_RETRIES", vint >= 0, vint);
}
static char *