Given linux bridge/bond holds DHCP config with
`ipv4.dhcp-send-release: ture` or `ipv6.dhcp-send-release: true`,
when stopping NetworkManager daemon, then NM daemon might
remove/deactivate physical interface first causing DHCP release packet
cannot be delivered.
To fix the issue, we sort the device deletion to let software device
that holds DHCP config to remove first.
Merge Request: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2379
Co-authored-by: Rahul Rajesh <rajeshrah22@gmail.com>
Add _dev_ipdhcpx_cleanup in __set_state_full in DEACTIVATING STATE
before STATE_CHANGED signal is emitted to ensure DHCP RELEASE
packet is sent.
Assisted-by: Cursor with Claude Opus 4.5
The inner condition at line 4086 duplicated the outer check for
NM_CONNECTION_SERIALIZE_ALL, making the else-if branch for
NM_CONNECTION_SERIALIZE_WITH_NON_SECRET unreachable. This meant
the non-secret serialization path was never actually tested.
Restructure to make both branches reachable.
Found by Coverity (CID: DEADCODE).
Fixes: 395a78618b ('libnm/tests: add tests for creating wireguard connection profiles')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The validation checks 'addr' (the extracted address portion before '/')
but the error message prints 'string' (the full input including the
prefix). For input like "192.168.1.999/24", the error would show the
full string instead of just the invalid address part.
Found by Coverity (CID: COPY_PASTE_ERROR).
Fixes: 539db43619 ('libnm: avoid heap allocation for checking valid routes in nm_ip_route_attribute_validate()')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The error variable is declared outside the loop but freed with
g_error_free() which does not reset the pointer to NULL. On the
next iteration, g_set_error() sees a non-NULL *err (dangling pointer)
and error->message dereferences freed memory.
Use g_clear_error() instead which also resets the pointer.
Found by Coverity (CID: USE_AFTER_FREE).
Fixes: ecc074b2f8 ('initrd: add command line parser')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
nm_wireguard_peer_new() returns a new peer with refcount 1.
nmt_wireguard_peer_editor_new() takes its own copy via
g_value_dup_boxed(), so the original peer was never unreffed.
Unref the peer after passing it to the editor.
Found by Coverity (CID: RESOURCE_LEAK).
Fixes: b0f5b1d97a ('tui: add WireGuard support to nmtui')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The loop condition checked the same pointer twice instead of checking
the array element: `ip_data->domains.search && ip_data->domains.search`
should be `ip_data->domains.search && ip_data->domains.search[i]`.
As written, the loop would never terminate when `search` is non-NULL
(only in debug builds with NM_MORE_ASSERTS > 5).
Found by Coverity (CID: CONSTANT_EXPRESSION_RESULT).
Fixes: b8dab47705 ('dns: fix handling default routing domains with systemd-resolved')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
find_port_info() can return NULL if the port is not registered.
The code dereferenced `info->port_state` before the null check,
which would crash. Move the null check before the dereference.
Found by Coverity (CID: REVERSE_INULL).
Fixes: a8329587c8 ('device: fix bug when deactivating port connections asynchronously')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The literal `1` is a 32-bit int. When prefix length is less than 33,
the shift `(64 - plen)` exceeds 31 bits, causing undefined behavior.
Cast to guint64 (same type as `num_subnets`) to perform the shift in
64-bit arithmetic.
Found by Coverity (CID: OVERFLOW_BEFORE_WIDEN).
Fixes: ec12fcf6bf ('policy: delegate IPv6 configuration to ipv6.method=shared connections')
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
while the default value of the same in NM is 0, which causes warnings to
arise, change this default value.
Allow the range in NM to stay 0-255 as 0 is used to indicate arp_missed_max
is unset (for modes that don't support the setting), however do not let it
be set beyond the kernel permissible range for the modes that support it, set
it to the kernel default of 2 instead.
Do not apply or reapply the arp_missed_max setting when it is not
supported.
Signed-off-by: Pradyumn Rahar <pradyumn.rahar@oracle.com>
Adjust %postun to handle missing udev, in the same way %post does.
This permits installation inside a container without udev.
/usr/sbin/update-alternatives is needed for the initscripts-updown
subpackage only.
When creating the first device in a veth pair, the peer ifindex is
valid, but the peer device does not exist yet. This should be set
when update_properties() is called for the second device, but fix
the conditional.
Bond connections can have options that are not exposed by any widget
in the bond editor. The presence of certain mode-specific options makes
it impossible to change the mode, e.g. from 802.3ad to active-backup
when `lacp_rate` is set.
Introduce an "Other options" list that shows all bond options not
already configurable by a specific widget, and allow the user to edit
them as key=value entries.
Resolves#1805
Resolves: https://redhat.atlassian.net/browse/NMT-1888
During the dbus-glib to GDBus port in 89228569f (2014), the last-resort
gateway in nm_ip_up() was accidentally changed from peer_opts.hisaddr to
peer_opts.ouraddr. peer_opts.ouraddr is typically 0 when IPCP does not
provide a peer address, causing gateway=0 and broken PPP connectivity
probing/routing behavior.
Restore the original behavior from 369299271 (2008).
Fixes: 89228569f8 ('ppp-manager: port nm-pppd-plugin from dbus-glib to gdbus')
Strip newline from GI_TYPELIB_PATH and LD_LIBRARY_PATH
run_command().stdout() returns the raw shell output including a trailing
newline. When the value is used to build a colon-separated path, the newline
gets embedded at the end of the last path component, making the directory
invalid and causing GObject Introspection to fail with:
ImportError: Typelib file for namespace 'Gio', version '2.0' not found
Use .strip() to remove leading/trailing whitespace from both env variable
reads.
Fix jansson SONAME detection for cross-compilation
When cross-compiling, jansson's pkg-config 'libdir' variable returns a
path relative to the sysroot (e.g., /usr/lib) without the actual sysroot
prefix. The host readelf binary cannot find the library at that path.
Fix this by using meson.get_external_property('sys_root', '') to obtain
the sysroot path set by the cross-compilation environment and prepend it
to the library path before calling readelf.
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Replace GFile with GDir to avoid libgvfs and other DBus infra
initialization.
This was done mainly to avoid heavy initialization just for executing
NetworkManager --print-config command.
Resolves: https://redhat.atlassian.net/browse/RHEL-140113
If a DHCP plugin is unknown, the logs says "DHCP client 'x' not
available". This is the same message that is shown if, for example, it
is a valid DHCP plugin name, but the program is not installed in the
system.
For example, after 'dhclient' was deprecated, now NM is built without
support for it. Then, people with old configs `dhcp=dhclient` get the
message "DHCP client 'dhclient' not available". That seems to mean that
dhclient is not installed.
Show a message "unknown DHCP client" instead.
Fixes https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/work_items/1917
In Fedora there were complains about needing sudo to do changes. We
decided to allow doing changes without additional authentication if
they're done from a local console and an admin account.
Fixes the following warning when building without CLAT:
../src/core/nm-l3cfg.c:4157:1: warning: ‘_clat_prefix_is_better’ defined but not used [-Wunused-function]
4157 | _clat_prefix_is_better(const NMPlatformIP6Address *best,
| ^~~~~~~~~~~~~~~~~~~~~~
Fixes: a03a245819 ('l3cfg: fix selection of the CLAT IPv6 prefix')
If the router advertises both ULA and GUA prefixes, the CLAT should
select the one that better matches the NAT64 prefix when generating
the additional IPv6 address, as recommended by Internet Draft
draft-ietf-v6ops-claton.
The current implementation just takes the first one, which can cause
problems. For example, if the network is using a public NAT64 server,
the NAT64 prefix is in the GUA range. Choosing a ULA as source address
would not work.
Fixes: f0e77a4354 ('Add support for CLAT to l3cfg')
Remove the redundant OK button from the main menu, as menu items are activated with Enter.
This simplifies the UI and avoids unnecessary actions.
Closes#1816
