[thaller@redhat.com: the code is effectively key_is_zero() by
<Jason@zx2c4.com> (LGPL2.1+). I took it into our source tree
and adjusted it to our style]
- For PSK, an all-zero PSK means to don't do symmetric encryption. As such,
at first it seems a bit odd when the user sets
- preshared-key-flags != "4 (not-required)"
- preshared-key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
Here the user indicates that a PSK is required, but then provides an
all-zero PSK that effectively disables it. Still, we should not reject
such a configuration. This has the benefit that it allos the user for
being prompted for a PSK, only to disable it by entering the all-zero key.
- For the private-key (and consequently the public-key), "public-key-flags=4"
is rejected by libnm. A private key is always required for NetworkManager to
configure the link. However, let's not care for all-zero keys either. If the user
configures that, we just set that key. It's a valid setting as far as WireGuard
(the kernel module) is concerned, so we shouldn't reject it.
In newer RPM file triggers in glibc package take care of this. While
these scriptlets whould do no harm there, removing them yields a tiny
theoretical performance improvement.
Group tag is not required, though is harmless. We could either remove it,
or keep it, but there's absolutely no excuse for conditionalizing it.
Let's keep it for now, because rpm -i still prints it.
This reverts commit 1feeba6f1a.
The condition got accidentally reversed, which means we're always
undecided and thus wrongly assuming support and never being able to set
any addresses.
This would bother the few that are struck with 3.4 android kernels. Very
few indeed, given this got unnoticed since 1.10.
Fixes: 8670aacc7c ('platform: cleanup detecting kernel support for IFA_FLAGS and IPv6LL')
The "vala-tools" package was merged into "vala" [1]. While "vala"
now "Provides: vala-tools", update the build requirements for
Fedora 30 and newer.
[1] 82b21cc302f6c878a04a
Fix the following failed assertion:
<debug> device[0x11dfec0] (p2p-dev-wlp4s0): P2P: Releasing WPA supplicant interface.
<debug> supplicant: setting WFD IEs for P2P operation
(../src/devices/nm-device.c:14769):_set_state_full: runtime check failed: (priv->in_state_changed == FALSE)
<info> device (p2p-dev-wlp4s0): state change: unmanaged -> unavailable (reason 'supplicant-failed', sys-iface-state: 'external')
<debug> device[0x11dfec0] (p2p-dev-wlp4s0): add_pending_action (1): 'waiting-for-supplicant'
supplicant_interfaces_release() can be called during a state change
(for example by device_state_changed()) and so it can't trigger
another state change.
nm_device_wifi_p2p_set_mgmt_iface() now doesn't force an immediate
state change and only schedules a recheck-available. This means that
the device can be in an available state without
priv->mgmt_iface. Adapt the code to deal gracefully with that
situation. In particular, we need to cancel pending timeout sources
(priv->sup_timeout_id) that use the management interface.
Fixes: 27bc2cb22ahttps://github.com/NetworkManager/NetworkManager/pull/302
CC clients/nm_online-nm-online.o
In file included from ./shared/nm-default.h:311:0,
from clients/nm-online.c:34:
./libnm/NetworkManager.h:60:10: fatal error: nm-enum-types.h: No such file or directory
#include "nm-enum-types.h"
^~~~~~~~~~~~~~~~~
dev2_ip_config (formerly wwan_ip_config) is only set by nm_device_set_dev2_ip_config()
(formerly nm_device_set_wwan_ip_config()), which is only called by NMDeviceModem.
For NMDeviceWireGuard we will also inject additional configuration
in the parent class. Rename and give it a wider purpose. The new name
merely indicates that this IP configuration is injected by a subclass
of NMDevice.
It is preferable to treat IPv4 and IPv6 in a similar manner.
This moves the places where we differ down the call-stack.
It also make it clearer how IPv6 behaves differently. I think this
is a bug, but leave it for now.
+ /* If IP had previously failed, move it back to IP_CONF since we
+ * clearly now have configuration.
+ */
+ if (priv->ip6_state == IP_FAIL)
+ _set_ip_state (self, AF_INET6, IP_CONF);
When setting any secrets via D-Bus' Update2 call, then
it assumes that all settings are reset. That means, when
we modify any secrets in the client, we need to first load
them all.
Anyway, load always all secrets, then we can also print them
in the get output.
Honor WG_HIDE_KEYS like `wg` does.
