DNS searches from the ipv4 and ipv6 settings were joined and written
to the same ifcfg-rh "DOMAIN" variable and so the connection read back
from disk was different from the one written.
Instead, introduce a separate variable for ipv6 searches; to preserve
backwards compatibility, still read the "DOMAIN" variable for ipv6
when ipv4 is disabled so that we don't lose DNS searches on upgrade.
https://bugzilla.redhat.com/show_bug.cgi?id=1517794
This is now required as we instance inotify-helper only on need:
we have to init them to the unset value, otherwise...
Thread 1 "NetworkManager" received signal SIGSEGV, Segmentation fault.
nm_inotify_helper_remove_watch (self=0x0, wd=0) at src/settings/plugins/ifcfg-rh/nm-inotify-helper.c:100
100 if (priv->ifd < 0)
(gdb) backtrace
#0 0x00007fffe35da6c0 in nm_inotify_helper_remove_watch (self=0x0, wd=0) at src/settings/plugins/ifcfg-rh/nm-inotify-helper.c:100
#1 0x00007fffe35d45b1 in nm_inotify_helper_clear_watch (wd=0x7fffdc008628, helper=<optimized out>) at src/settings/plugins/ifcfg-rh/nm-inotify-helper.h:53
#2 0x00007fffe35d45b1 in path_watch_stop (self=0x7fffdc0085f0) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-connection.c:223
#3 0x00007fffe35d467c in filename_changed (object=0x7fffdc0085f0, pspec=<optimized out>, user_data=<optimized out>) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-connection.c:242
#4 0x00007ffff61b230d in g_closure_invoke () at /lib64/libgobject-2.0.so.0
#5 0x00007ffff61c498e in signal_emit_unlocked_R () at /lib64/libgobject-2.0.so.0
#6 0x00007ffff61cd1a5 in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#7 0x00007ffff61cdb0f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#8 0x00007ffff61b6594 in g_object_dispatch_properties_changed () at /lib64/libgobject-2.0.so.0
#9 0x00007ffff61b5f3e in g_object_notify_queue_thaw () at /lib64/libgobject-2.0.so.0
#10 0x00007ffff61b7776 in g_object_new_internal () at /lib64/libgobject-2.0.so.0
#11 0x00007ffff61b924d in g_object_new_valist () at /lib64/libgobject-2.0.so.0
#12 0x00007ffff61b9691 in g_object_new () at /lib64/libgobject-2.0.so.0
#13 0x00007fffe35d5018 in nm_ifcfg_connection_new (source=source@entry=0x0, full_path=full_path@entry=0x555555a9a590 "/etc/sysconfig/network-scripts/ifcfg-team3", error=error@entry=0x7fffffffdc30, out_ignore_error=out_ignore_error@entry=0x7fffffffdc2c) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-connection.c:429
#14 0x00007fffe35d5e96 in update_connection (self=self@entry=0x555555a59ea0, source=source@entry=0x0, full_path=0x555555a9a590 "/etc/sysconfig/network-scripts/ifcfg-team3", connection=connection@entry=0x0, protect_existing_connection=protect_existing_connection@entry=0, protected_connections=protected_connections@entry=Python Exception <class 'gdb.error'> There is no member named keys.:
0x555555a9fc00, error=0x0) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-plugin.c:218
#15 0x00007fffe35d7073 in read_connections (plugin=plugin@entry=0x555555a59ea0) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-plugin.c:545
#16 0x00007fffe35d72f1 in get_connections (config=0x555555a59ea0) at src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-plugin.c:581
#17 0x00005555556bb513 in load_connections (self=0x555555a1a920) at src/settings/nm-settings.c:239
#18 0x00005555556bb513 in nm_settings_start (self=0x555555a1a920, error=<optimized out>) at src/settings/nm-settings.c:1800
#19 0x00005555555ada1f in nm_manager_start (self=0x555555a490c0, error=<optimized out>) at src/nm-manager.c:5262
#20 0x00005555555851ae in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:417
Fixes: 31f2a46639
When building with assertions, they nm_assert() for the
type. Otherwise, they are identical to a C cast.
Also, where possible, don't cast at all, but adjust
the type instead.
Also, there were a few missing casts.
Commonly, we don't monitor files and hence don't need the inotify-helper
instance. We already access and construct the instance lazy, by
accessing the singleton getter only when needed.
However, path_watch_stop() would always access the singleton, hence
always create such an instance. In most cases there is nothing to clean,
and no such instance shall be created.
ifnet shall use the new_connection argument, not NM_CONNECTION(self).
Also, let the caller of the virtual function provide the right new_connection,
not having the virtual function figure that out.
The current behavior of update_unsaved is confusing. Give the argument
an enum with a name that describes better what's happening. Also, it
makes the uses grep-able.
The wireless-security setting has a 'wep-key-type' property that is
used to specify the WEP key type and is needed because some keys could
be interpreted both as a passphrase or a hex/ascii key.
The ifcfg-rh plugin currently stores the key type implicitly: if
wep-key-type is 'passphrase' it uses the KEY_PASSPHRASE%d variable, if
it's 'key' the KEY%d variable and when it's 'unknown' it uses either
variables depending on the detected type (preferring 'key' in case
both are compatible).
This means that some connections will be read differently from how
they were written, because once the KEY (or KEY_PASSPHRASE) is read
there is no way to know whether the 'wep-key-type' property was 'key'
(or 'passphrase') or 'unknown'.
Fix this by persisting the key type explicitly in the file. The new
variable is redundant in most cases because the variables used for
keys also determine the key type.
https://bugzilla.redhat.com/show_bug.cgi?id=1518177
Until now the ifcfg-rh plugin merged the values of 'ipv4.dns-options'
and 'ipv6.dns-options' and wrote the result to the RES_OPTIONS
variable. This is wrong because writing a connection and reading it
back gives a different connection compared to the original.
This behavior existed since when DNS options were introduced, but it
became more evident now that we reread the connection after write,
because after doing a:
$ nmcli connection modify ethie ipv4.dns-options ndots:2
the connection has both ipv4.dns-options and ipv6.dns-options set. In
order to delete the option, an user has to delete it from both
settings:
$ nmcli connection modify ethie ipv4.dns-options "" ipv6.dns-options ""
To improve this let's use different variables for IPv4 and IPv6. To
keep backwards compatibility IPv4 still uses RES_OPTIONS, while IPv6
uses a new IPV6_RES_OPTIONS variable.
https://bugzilla.redhat.com/show_bug.cgi?id=1517794
We cannot just call g_object_set() with an integer that is out of bound.
Otherwise, glib will warn. We can use nm_g_object_set_property*() to return
an error without asserting.
Currently both bridge.mac-address and ethernet.cloned-mac-address get
written to the same MACADDR ifcfg-rh variable; the ethernet property
wins if both are present.
When one property is set and the connection is saved (and thus reread)
both properties are populated with the same value. This is wrong
because, even if the properties have the same meaning, the setting
plugin should not read something different from what was written. Also
consider that after the following steps:
$ nmcli con mod c ethernet.cloned-mac-address 00:11:22:33:44:55
$ nmcli con mod c ethernet.cloned-mac-address ""
the connection will still have the new mac address set in the
bridge.mac-address property, which is certainly unexpected.
In general, mapping multiple properties to the same variable is
harmful and must be avoided. Therefore, let's use a different variable
for bridge.mac-address. This changes behavior, but not so much:
- connections that have MACADDR set will behave as before; the only
difference will be that the MAC will be present in the wired
setting instead of the bridge one;
- initscripts compatibility is not relevant because MACADDR for
bridges was a NM extension;
- if someone creates a new connection and sets bridge.mac-address NM
will set the BRIDGE_MACADDR property instead of MACADDR. But this
shouldn't be a big concern as bridge.mac-address is documented as
deprecated and should not be used for new connections.
https://bugzilla.redhat.com/show_bug.cgi?id=1516659
Bond options are stored in a hash table and the order in which they
are returned by the API is not guaranteed. Sort them alphabetically so
that a connection will always be written in the same way, even if the
internal implementation of the hash table or the hashing function
changes, as it did in commit a6be2f4aa9 ("all: use nm_str_hash()
instead of g_str_hash()").
We also do this for libnm, where it causes visible changes
in behavior. But if somebody would rely on the hashing implementation
for hash tables, it would be seriously flawed.
Next we will use siphash24() instead of the glib version g_direct_hash() or
g_str_hash(). Hence, the "nm-utils/nm-hash-utils.h" header becomes very
fundamental and will be needed basically everywhere.
Instead of requiring the users to include them, let it be included via
"nm-default.h" header.
Comparing @secrets_keys indicates to coverity that it might be NULL.
Below, we access @secrets_keys without check, and coverity doesn't realize
that this cannot crash, because secrets_keys_n would be zero too.
Anyway, this way we safe the sorting, in case we only have
one element.
Kernel doesn't support it for IPv6.
This is especially useful, if you combine static routes
with DHCP. In that case, you might want to get the device-route
to the gateway automatically, but add a static-route for it.
Currently the ifcfg-rh plugin doesn't explicitly store the connection
type for team slaves and is only able to read back ethernet and vlan
connections.
Leave this unchanged for ethernet and vlan slaves, but store the TYPE
variable for other connection types (Wi-Fi and Infiniband) so that we
can properly determine their type when the connection is read.
The number of authentication retires is useful also for passwords aside
802-1x settings. For example, src/devices/wifi/nm-device-wifi.c also has
a retry counter and uses a hard-coded value of 3.
Move the setting, so that it can be used in general. Although it is still
not implemented for other settings.
This is an API and ABI break.
When the ifcfg-rh plugin writes a 802-1x setting it currently ignores
the password-raw property and so the password disappears when the
connection is saved. Add support for the property.
31. NetworkManager-1.9.2/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c:974:
uninit_use_in_call: Using uninitialized value "contents_rest" when
calling "__strtok_r_1c".
33. NetworkManager-1.9.2/src/nm-core-utils.c:1957:
uninit_use: Using uninitialized value "s".
148. NetworkManager-1.9.2/src/nm-core-utils.c:1924:
uninit_use_in_call: Using uninitialized value "s" when calling
"nm_strstrip_avoid_copy".
We want to support large number of routes. Reduce the number
of copies, by adding internal accessor functions.
Also, work around a complaint from coverity:
46. NetworkManager-1.9.2/libnm-core/nm-utils.c:1987:
dereference: Dereferencing a null pointer "names".
