When a Wi-Fi is switched to AP mode, NMDeviceWifi forgets the AP scan list.
Later, when the device goes back to normal managed mode, the device was not
able to acquire the AP list again (for a long time), because the list is only
populated when a new BSS is signalled. And that could take very long or never
happen as the supplicant would have to lost the BSS and announce it later.
Fix the problem by announcing known BSSs as a response to ScanDone signal.
Testcase:
$ nmcli con add type wifi ifname wlan0 con-name my-wifi-ap autoconnect off ssid MYSSID
$ nmcli con modify my-wifi-ap wifi.mode ap ipv4.method shared
$ nmcli con up my-wifi-ap
$ nmcli con down my-wifi-ap
$ nmcli device wifi list
https://bugzilla.redhat.com/show_bug.cgi?id=1267327
For libnm library, "nm-dbus-interface.h" contains defines like the D-Bus
paths of NetworkManager. It is desirable to have this header usable without
having a dependency on "glib.h", for example for a QT application. For that,
commit c0852964a8 removed that dependancy.
For libnm-glib library, the analog to "nm-dbus-interface.h" is
"NetworkManager.h", and the same applies there. Commit
159e827a72 removed that include.
However, that broke build on PackageKit [1] which expected to get the
version macros by including "NetworkManager.h". So at least for libnm-glib,
we need to preserve old behavior so that a user including
"NetworkManager.h" gets the version macros, but not "glib.h".
Extract the version macros to a new header file "nm-version-macros.h".
This header doesn't include "glib.h" and can be included from
"NetworkManager.h". This gives as previous behavior and a glib-free
include.
For libnm we still don't include "nm-version-macros.h" to "nm-dbus-interface.h".
Very few users will actually need the version macros, but not using
libnm.
Users that use libnm, should just include (libnm's) "NetworkManager.h" to
get all headers.
As a special case, a user who doesn't want to use glib/libnm, but still
needs both "nm-dbus-interface.h" and "nm-version-macros.h", can include
them both separately.
[1] https://github.com/hughsie/PackageKit/issues/85
Fixes: 4545a7fe96
NetworkManager set wpa_supplicant's fragment_size option to 1300. But if MTU
was lower, wpa_supplicant failed with "l2_packet_send - sendto: Message too
long" due to fragmentation of EAP-TLS or EAP-PEAP packets.
Actually, MTU has to be 14 bytes bigger than the "fragment_size" parameter.
Ideally, wpa_supplicant would take MTU in the account and adjust the
fragmentation limit accordingly. See discussion in
http://lists.shmoo.com/pipermail/hostap/2015-August/033546.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=755145
This downgrades the following warning down to debug-level.
<warn> Could not get scan request result: GDBus.Error:fi.w1.wpa_supplicant1.Interface.ScanError: Scan request rejected
It seems this ~error~ happens regularly, so warning about it is overly
alarming.
Port remaining bits to gdbus and remove stray dbus-glib references
Drop the dbus-glib version check from configure, since nothing depends
on new dbus-glib any more.
Move nm-dbus-glib-types.h and nm-gvaluearray-compat.h from include/ to
libnm-util/ since they are now only used by libnm-util and libnm-glib.
This internal header file should be included by our internal source
code files and header files. It includes in one place other headers
that constitute to a minimal set of required headers. Most notably
this is <glib.h> and our "nm-glib.h" header.
Note that public header files and example source code cannot include
this file as "nm-default.h" is internal only.
Rather than randomly including one or more of <glib.h>,
<glib-object.h>, and <gio/gio.h> everywhere (and forgetting to include
"nm-glib-compat.h" most of the time), rename nm-glib-compat.h to
nm-glib.h, include <gio/gio.h> from there, and then change all .c
files in NM to include "nm-glib.h" rather than including the glib
headers directly.
(Public headers files still have to include the real glib headers,
since nm-glib.h isn't installed...)
Also, remove glib includes from header files that are already
including a base object header file (which must itself already include
the glib headers).
Add a file containing the defines like DBUS_INTERFACE_DBUS from
dbus-shared.h, and use it from the gdbus-using files.
Also, convert a bunch of other places that were previously hardcoding
the string values to use the defines instead, and fix the ifcfg-rh
plugin to properly namespace its own D-Bus-related defines.
NetworkManager uses wpa_supplicant, which in turn calls OpenSSL for verifying
certificates. wpa_supplicant calls
SSL_CTX_load_verify_locations(ctx, CAfile, CApath)
using its ca_cert and ca_path options as CAfile and CApath parameters.
We have a configure time option with_system_ca_path to override ca_path.
However, it doesn't work when a system (like Fedora) only uses bundled PEM
certificates instead of a directory with hashed certificates ([1], [2]).
So this commit allows setting --with_system_ca_path to a file name (the
trusted certificate bundle). Then the name is used to populate wpa_supplicant's
ca_cert instead of ca_path.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1053882
[2] https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/https://bugzilla.redhat.com/show_bug.cgi?id=1236548
g_dbus_proxy_get_cached_property_names() function can return NULL.
Program received signal SIGSEGV, Segmentation fault.
on_bss_proxy_acquired (proxy=0x7fffe4003880 [GDBusProxy], result=0x895490, user_data=<optimized out>) at supplicant-manager/nm-supplicant-interface.c:159
159 while (*iter) {
(gdb) bt
#0 0x000000000048fac7 in on_bss_proxy_acquired (proxy=0x7fffe4003880 [GDBusProxy], result=0x895490, user_data=<optimized out>)
at supplicant-manager/nm-supplicant-interface.c:159
#1 0x0000003bf84728b7 in g_simple_async_result_complete (simple=0x895490 [GSimpleAsyncResult]) at gsimpleasyncresult.c:763
#2 0x0000003bf8472919 in complete_in_idle_cb (data=<optimized out>) at gsimpleasyncresult.c:775
#3 0x0000003bf5c497fb in g_main_context_dispatch (context=0x7d6420) at gmain.c:3111
#4 0x0000003bf5c497fb in g_main_context_dispatch (context=context@entry=0x7d6420) at gmain.c:3710
#5 0x0000003bf5c49b98 in g_main_context_iterate (context=0x7d6420, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3781
#6 0x0000003bf5c49ec2 in g_main_loop_run (loop=0x7d64e0) at gmain.c:3975
#7 0x00000000004349d6 in main (argc=1, argv=0x7fffffffe598) at main.c:486
Instead of tricky logic to merge APs and age them, just tell the
supplicant what our aging parameters are, and rely on it to handle
removal from the list. Notable behavioral changes are:
* APs will now be removed when they haven't been seen for two
consecutive scans in which they would have been included. This
means that when the scan interval is short, out-of-range APs will
be removed much more quickly than the previous 360 seconds.
* APs now live at most 250 seconds (twice our longest scan interval)
instead of the previous 360 seconds.
* The problem with wpa_supplicant < 2.3 not notifying that a BSS has
been seen in the scan if none of its properties actually changed is
now avoided, because an AP is only removed when the supplicant removes it
In general these changes should make the scan list more responsive, at
the cost of slightly more instability in the list due to the unreliability
of WiFi scanning. But it also removes a layer of complexity and
abstraction from NetworkManager, pushing the scan results list closer
to that which the hardware reports.
A few places in the NMSupplicantInterface API and in NMDeviceWifi's
use of it were still using "GHashTable *properties" where they should
have been using "GVariant *properties". (This didn't cause any actual
problems because nothing was looking at those arguments.)
(Also fix a comment typo.)
libnm-core treated the UNKNOWN WEP key type as KEY. Relax that
and try to guess the correct type based on the key.
This is for example important if you have a valid connection with
wep-key-type=0 (unknown)
If you request passwords for such a connection, the user cannot
enter them in password format -- but there is no UI indication
that the password must be KEY.
The supplicant interface's proxy may outlive the interface object
itself, so we must ensure that all signal handlers are disconnected.
Fixes a crash on suspend/resume.
Fixes: 59c8192b22
The Interface held a reference to the manager to listen for the 'available'
signal. Instead of that, let's make the child unaware of the master to
keep the inheritance cleaner.
config.h should be included from every .c file, and it should be
included before any other include. Fix that.
(As a side effect of how I did this, this also changes us to
consistently use "config.h" rather than <config.h>. To the extent that
it matters [which is not much], quotes are more correct anyway, since
we're talking about a file in our own build tree, not a system
include.)
Make the type return GBytes since most in-tree users want that.
Allow the function to accept many more formats as valid hex, including
bytes delimited by ':' and a leading '0x'.
Split a base NMSettingIPConfig class out of NMSettingIP4Config and
NMSettingIP6Config, and update things accordingly.
Further simplifications of now-redundant IPv4-vs-IPv6 code are
possible, and should happen in the future.
Add nm-core-types.h, typedefing all of the GObject types in
libnm-core; this is needed so that nm-setting.h can reference
NMConnection in addition to nm-connection.h referencing NMSetting.
Removing the cross-includes from the various headers causes lots of
fallout elsewhere. (In particular, nm-utils.h used to include
nm-connection.h, which included every setting header, so any file that
included nm-utils.h automatically got most of the rest of libnm-core
without needing to pay attention to specifics.) Fix this up by
including nm-core-internal.h from those files that are now missing
includes.
Calling dbus_g_proxy_begin_call() on a closed DBUS connection will
return NULL. All the call sites of nm_call_store_add() don't check
for NULL and therefore might hit an assertion.
This can easily reproduced by stopping the DBUS daemon.
Backtrace:
#0 0x000000381d0504e9 in g_logv (log_domain=0x59cd8b "NetworkManager", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=args@entry=0x7fff42cce5c0) at gmessages.c:989
#1 0x000000381d05063f in g_log (log_domain=<optimized out>, log_level=<optimized out>, format=<optimized out>) at gmessages.c:1025
#2 0x00000000004b64e9 in nm_call_store_add (store=0x7f8e1c003d20, proxy=0x219c0d0, call=0x0) at supplicant-manager/nm-call-store.c:47
#3 0x00000000004b0b7b in interface_add (self=0x20e2500, is_wireless=1) at supplicant-manager/nm-supplicant-interface.c:907
#4 0x00000000004b0865 in nm_supplicant_interface_new (smgr=0x216c870, ifname=0x211e840 "wlp3s0", is_wireless=1, fast_supported=1, ap_support=AP_SUPPORT_YES, start_now=1) at supplicant-manager/nm-supplicant-interface.c:1355
#5 0x00000000004b47da in nm_supplicant_manager_iface_get (self=0x216c870, ifname=0x211e840 "wlp3s0", is_wireless=1) at supplicant-manager/nm-supplicant-manager.c:91
#6 0x00007f8e250f8b3f in supplicant_interface_acquire (self=0x218a350) at nm-device-wifi.c:253
#7 0x00007f8e250fc22e in supplicant_iface_state_cb (iface=0x20e2290, new_state=13, old_state=9, disconnect_reason=0, user_data=0x218a350) at nm-device-wifi.c:2274
#8 0x000000381dc05d8c in ffi_call_unix64 () at ../src/x86/unix64.S:76
#9 0x000000381dc056bc in ffi_call (cif=cif@entry=0x7fff42cced00, fn=0x7f8e250fbb20 <supplicant_iface_state_cb>, rvalue=0x7fff42ccec30, avalue=avalue@entry=0x7fff42ccebb0) at ../src/x86/ffi64.c:522
#10 0x000000381e010f35 in g_cclosure_marshal_generic_va (closure=0x20fd2b0, return_value=0x0, instance=0x20e2290, args_list=<optimized out>, marshal_data=0x0, n_params=3, param_types=0x2189ee0) at gclosure.c:1550
#11 0x000000381e0104c7 in _g_closure_invoke_va (closure=closure@entry=0x20fd2b0, return_value=return_value@entry=0x0, instance=instance@entry=0x20e2290, args=args@entry=0x7fff42ccef40, n_params=3, param_types=0x2189ee0)
at gclosure.c:840
#12 0x000000381e029749 in g_signal_emit_valist (instance=0x20e2290, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7fff42ccef40) at gsignal.c:3238
#13 0x000000381e02a3af in g_signal_emit (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>) at gsignal.c:3386
#14 0x00000000004b0e4b in set_state (self=0x20e2290, new_state=13) at supplicant-manager/nm-supplicant-interface.c:344
Signed-off-by: Thomas Haller <thaller@redhat.com>
The supplicant has a custom parsing function for freq_list which
handles the list as a string. Having NM marshal the option
as TYPE_BYTES causes the supplicant to interpret the values that
NM passes (which are in ASCII) as a byte-array and thus the
supplicant gets a bogus frequency list. Instead, NM should
marshal freq_list as a simple string (using TYPE_KEYWORD without
value checking).
https://bugzilla.gnome.org/show_bug.cgi?id=737795
Change all DBUS_TYPE_G_UCHAR_ARRAY properties to G_TYPE_BYTES, and
update corresponding APIs. Notably, this means they are now refcounted
rather than being copied.
Update the rest of NM for the changes. The daemon still converts SSIDs
to GByteArrays internally, because changing it to use GBytes has lots
of trickle-down effects. It can possibly be changed later.
Make all mac-address properties (including NMSettingBluetooth:bdaddr,
NMSettingOlpcMesh:dhcp-anycast-addr, and NMSettingWireless:bssid) be
strings, using _nm_setting_class_transform_property() to handle
translating to/from binary form when dealing with D-Bus.
Update everything accordingly for the change, and also add a test for
transformed setting properties to test-general.
