Watch for NMSettingConnection changes and creation signals and convert
them to IWD format and write them to the configured IWD profile storage
directory. The logic is off by default and gets enabled when the new
iwd-config-path setting in nm.conf's [main] group is set to a path to
an existing directory.
The idea here is that when a user edits an NM connection profile, the
change is immediately mirrored in IWD since IWD watches its
configuration directory using inotify. This way NM clients can be used
to edit 802.1x settings, the PSK passphrase or the SSID -- changes that
would previously not take effect with the IWD backend.
Some precautions are taken to not make connections owned by a user
available to other users, such connections are not converted at all.
In all other cases where a connection cannot be converted sufficiently
well to the IWD format, for various reasons, we also give up and not
mirror these connections.
Due to IWD limitations and design differences with NM this logic has
many problems where it may not do its task properly. It's meant to work
on a best-effort and "better than nothing" basis, but it should be safe
in that it shouldn't delete users data or reveal secrets, etc. The most
obvious limitation is that there can be multiple NM connections
referring to the same SSID+Security tuple and only one IWD profile can
exist because the filename is based on only the SSID+Security type. We
already had one NM connection selected for each IWD KnownNetwork and
referenced by a pointer, so we ignore changes in NM connections other
than that selected one.
Add code that can take an NMConnection and convert it to the IWD
network config file format so as to be able to mirror NM connection
profiles to IWD connection profiles and make basic editing IWD
profile possible from nm-connection-editor. The focus here is on 802.1x
settings.
When using IWD-side autoconnect mode (current default), in .deactivate()
and .deactivate_async() refrain from commanding IWD to actually
disconnect until the device is managed. Likely the device is already
disconnected but in any case it's up to IWD to decide in this mode.
Calling IWD device's .Disconnect() D-Bus method has the side effect of
disabling autoconnect and doing this while NM is still in platform-init
was unexpectedly leaving the device without autoconnect after
platform-init was done, according to user reports.
Fixes: dc0e31fb70 ('iwd: Add the wifi.iwd.autoconnect setting')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/786
nm_utils_ptrarray_find_binary_search() had two additional output
arguments: the first and last index -- in case the sorted list contains
duplicates.
That's nice, and was used in the past. But now, those output arguments
are no longer used.
So drop them from nm_utils_ptrarray_find_binary_search().
Actually, we could now also drop the previous variant
nm_utils_ptrarray_find_binary_search_range(), as it's only used by unit
tests. However, although not rocket science, getting this right is not
entirely trivial, so lets keep the code in case we need it again.
Asserting against user input is not nice, because it always requires the
caller to check the value first. Don't do that.
Also, don't even check. You can set NM_SETTING_WIRED_S390_OPTIONS
property to any values (except duplicated keys). The C add function
should not be more limited than that. This is also right because
we have verify() which checks for valid settings. And it does so beyond
only checking the keys.
So you could set NM_SETTING_WIRED_S390_OPTIONS properties to invalid
keys. And you could use nm_setting_wired_add_s390_option() to set
invalid values. No need to let nm_setting_wired_add_s390_option() check
for valid keys.
Note that we take defines from "src/core/nm-config.h" which
are GPL-2.0-or-later licensed.
libnm-base we want to include in other LGPL licensed sources,
we it must also be LGPL.
"relicense" the code that I take. I don't think it's a problem, because:
- these are only plain defines. To which extend is that even
copyrightable?
- as far as I see, all the code was contributed by people who agreed
to such relicensing. See RELICENSE.md file.
src/core/initrd/tests/test-cmdline-reader.c: In function test_if_off:
src/core/initrd/tests/test-cmdline-reader.c:564:5: error: for loop initial declarations are only allowed in C99 mode
for (int i = 0; i < G_N_ELEMENTS(conn_expected); ++i) {
^
src/core/initrd/tests/test-cmdline-reader.c:564:5: note: use option -std=c99 or -std=gnu99 to compile your code
If the modem is connected, and registrations drops, and then is restored, the
connection isn't re-activated.
The fix was simply to change modem_state_cb to not return after setting the
state to failed, which allows nm_device_queue_recheck_available to be called,
which queues a state transition to UNAVAILABLE.
This patch fixes two issues,
- If ofono returns InProgress, don't treat as a PREPARE_FAILURE.
- If context in question is already active, instead of trying to wait
for "Active" property to change, check the current state of context
properties, and if it is Active = true, fetch the rest of context
settings and process them
Original bug: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1565717
Co-Authored-by: Bhushan Shah <bshah@kde.org> [rebase patch to upstream,
and adjust it to newer coding style]
If an existing connection has an interface name set and the generator
finds a BOOTIF argument, it creates a new connection for BOOTIF.
Instead, the generator should set the MAC in the existing connection;
this sounds more correct and it is what the network-legacy module
does.
https://bugzilla.redhat.com/show_bug.cgi?id=1915493
802-1x.optional=yes means that NM should tolerate a failure or a
timeout of the 802.1X authentication and should keep the connection
up. Even if the authentication doesn't succeed, NM keeps the
supplicant running so that it can continue trying.
If the supplicant disappears because it crashed or was killed
externally, NM should fail the connection so that it can be retried.
The current code is wrong also because after releasing the supplicant
interface, it calls wired_auth_cond_fail() which tries to connect a
signal to priv->supplicant.iface (which is NULL).
https://bugzilla.redhat.com/show_bug.cgi?id=1934291https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/776
Currently we unconditionally reset the MAC to the previous value after
releasing ports. This has some disadvantages:
- by default, after the last port is removed the bond will have one
of the previous port's address, which could conflict with the port;
- in some cases, changing the bond MAC is not possible. For example
when the bond is active-backup and has fail_over_mac=1|2. In such
case the netlink call succeeds, but the address doesn't
change; then NM would keep waiting for some time.
Don't try to restore the MAC unless the bond connection has a cloned
MAC set.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/775
In core, NMPlatform is (also) a singleton instance. As we will move platform code
to libnm-platform, this singleton part makes no sense there. Move the code
to NetworkManagerUtils.c.
It is a bit odd to do this, because usually libnm-glib-aux is not
about network related stuff. But that is not true entirely, because
it also contains NMIPAddr and other related helper funcitons.
NMLinkType is only a plain enum, there is no logic beyond it.
As such, I think it's acceptable to move it here.
There reason to do this, is that I want to move NMUtilsIPv6IfaceId and
nm_utils_get_ipv6_interface_identifier() out of src/core/, and since
that API is also trival helpers without complex state, it fits to
libnm-glib-aux. As such, we will need also NMLinkType there.
