NetworkManager-1.8.0/src/supplicant/nm-supplicant-interface.c:232: check_return: Calling "g_async_initable_init_finish" without checking return value (as is done elsewhere 7 out of 8 times).
(cherry picked from commit 6f1ea8b8ee)
NetworkManager-1.8.0/src/supplicant/tests/test-supplicant-config.c:528: check_return: Calling "nm_setting_802_1x_set_ca_cert" without checking return value (as is done elsewhere 13 out of 16 times).
(cherry picked from commit 7087956870)
commit a955639 (connectivity: don't do periodic checks on interval=0)
broke scheduling connectivity checks.
That is because the timer is on only scheduled if
nm_connectivity_check_enabled(), which in turn only returns TRUE
if curl_mhandle is set. However, nm_connectivity_init() would only
initialize curl_mhandle after update_config(), missing to schedule
the periodic task.
https://mail.gnome.org/archives/networkmanager-list/2017-May/msg00076.html
Fixes: a95563996f
(cherry picked from commit f1eb1619f1)
Without it, clients can wrongly create VLan settings with
ID 4095, which triggers assertions in NetworkManager.
Fixes: 8715d61437
(cherry picked from commit 159cd4836f)
To support legacy scripts, we want to write out the NETMASK
key whenever the ifcfg file has a NETMASK key previously.
Note, that we anyway always write the relevant PREFIX key.
The NETMASK is redundant, only there to help legacy scripts.
That was broken, because we would svUnsetValue("NETMASK") before
checking whether the NETMASK key is present.
Also, when saving a connection to ifcfg-rh file that was created
by other tools, we might mix up the numbering. E.g. we never
write out IPADDR0. Hence, turn on legacy mode whenever the ifcfg-rh
file has any key starting with "NETMASK".
(cherry picked from commit 844bf3d1a2)
Otherwise a device which was set as unmanaged (updated to the REMOVED
internal sys-state) will never update its own sys-state if later set
back as managed.
Manage either when setting explictly the device to managed either when
just upping a connection on an unmanaged device.
(cherry picked from commit adbf383628)
Commits 39d0559d9a ("platform: sort links by name instead of
ifindex") and 529a0a1a7f ("manager: sort slaves to be autoconnected
by device name") changed the order of activation of slaves. Introduce
a system-wide configuration property to preserve the old behavior.
https://bugzilla.redhat.com/show_bug.cgi?id=1452585
(cherry picked from commit 31656a066b)
On cleanup, unconditionally release a device from its master if the
link is missing or it doesn't have a master, otherwise the master
would later try to release the slave, hitting the following assertion:
"nm_platform_link_release: assertion 'slave > 0' failed"
#0 g_logv
#1 g_log
#2 g_return_if_fail_warning
#3 nm_platform_link_release
#4 release_slave
#5 nm_device_master_release_one_slave
#6 slave_state_changed
#7 ffi_call_unix64
#8 ffi_call
#9 g_cclosure_marshal_generic
#10 g_closure_invoke
#11 signal_emit_unlocked_R
#12 g_signal_emit_valist
#14 _set_state_full
#15 nm_device_state_changed
#16 nm_device_unrealize
#17 _platform_link_cb_idle
#18 g_main_context_dispatch
#19 g_main_context_dispatch
#20 g_main_context_iterate
#21 g_main_loop_run
#22 main
Fixes: 9e8218f99ahttps://bugzilla.redhat.com/show_bug.cgi?id=1448907
(cherry picked from commit 3355a2823b)
Since commit 1afbf948a0,
"build: use different defaults for snapshot builds",
configure would enable debugging options if the version
number is odd.
Hence, on the master branch it was no longer possible to
build an RPM without debugging enabled. Especially,
./contrib/fedora/rpm/build_clean.sh -g -W debug
would not work as one would expect.
(cherry picked from commit 22ad5422cf)
Returning TRUE for zero makes no sense. Obviously, zero is not a power
of two.
Also, the function is used to check whether a number has only one bit
(flag) set, so, an alternative name would be "has-one-bit-set", which
also should return FALSE for zero. All callers didn't really care for
the previous meaning "has-at-most-one-bit-set".
This also avoids the issue of checking (x >= 0), which causes
-Wtype-limits warnings for unsigned types. Which was avoided
by doing (x == 0 || x > 0), which caused -Wlogical-op warning,
which then was avoided (x == 0 || (x > 0 && 1)). Just don't.
(cherry picked from commit a2663803c3)
We recently added -Wlogical-op in our build process
(commit #41e7fca59762dc928c9d67b555b1409c3477b2b0).
Seems that old versions of gcc (4.8.x) will hit that warning with our
implementation of our "nm_utils_is_power_of_two" and
"test_nm_utils_is_power_of_two_do" macros.
Fool it just adding an always TRUE check.
(cherry picked from commit 7c2ecaa4e0)
Use nm_device_get_ip_ifindex() to obtain the right ifindex for the
device. Fixes the following:
nm_platform_ip4_address_get_all: assertion 'ifindex > 0' failed
#0 _g_log_abort () from target:/lib64/libglib-2.0.so.0
#1 g_logv () from target:/lib64/libglib-2.0.so.0
#2 g_log () from target:/lib64/libglib-2.0.so.0
#3 nm_platform_ip4_address_get_all (self=self@entry=0x1181020, ifindex=ifindex@entry=0) at src/platform/nm-platform.c:2640
#4 nm_ip4_config_capture (platform=0x1181020, ifindex=ifindex@entry=0, capture_resolv_conf=capture_resolv_conf@entry=0) at src/nm-ip4-config.c:271
#5 ip4_config_merge_and_apply (self=self@entry=0x1254a70, config=config@entry=0x0, commit=commit@entry=1) at src/devices/nm-device.c:5447
#6 activate_stage5_ip4_config_commit (self=0x1254a70) at src/devices/nm-device.c:8299
#7 activation_source_handle_cb (self=0x1254a70, family=family@entry=2) at src/devices/nm-device.c:4421
#8 activation_source_handle_cb4 (user_data=<optimized out>) at src/devices/nm-device.c:4358
#9 g_idle_dispatch () from target:/lib64/libglib-2.0.so.0
#10 g_main_context_dispatch () from target:/lib64/libglib-2.0.so.0
#11 g_main_context_iterate.isra () from target:/lib64/libglib-2.0.so.0
#12 g_main_loop_run () from target:/lib64/libglib-2.0.so.0
#13 main (argc=<optimized out>, argv=<optimized out>) at src/main.c:435
Fixes: a21b8882cc
(cherry picked from commit 6389d637a7)
libnm-core.a should only be linked once in libnm.so. Previously,
it was linked twice, once as part of libnm-utils.a and once
directly in libnm.so.
Fixes: 8df944c7e4
(cherry picked from commit 5a67130e15)
Previously, internal parts of libnm were not testable.
Instead, add "libnm/nm-libnm-utils.c" and "libnm/libnm-utils.la"
to contain code that can be statically linked with a new
test "libnm/tests/test-general".
(cherry picked from commit 8df944c7e4)
ip link add name $'d\xccf\\c' type dummy
Use nm_utils_str_utf8safe_escape() to sanitize non UTF-8 sequences
before exposing them on D-Bus. The operation can be reverted client
side via nm_utils_str_utf8safe_unescape() or simply g_strcompress().
Note that this preserves all valid UTF-8 sequences as-is, with exception
of the backslash escape character and ASCII control characters. Thus, this
is a change in behavior for strings that contain such characters.
Note that nmcli is not changed to somehow unescape the string before
printing. As the string is not valid UTF-8 (or contains ASCII characters
that need escaping), they are not printable as-is, so unescaping before
printing makes little sense.
(cherry picked from commit 0870906540)
Use C-style backslash escaping to sanitize non-UTF-8 strings.
The functions are compatible with glib's g_strcompress() and
g_strescape().
The difference is only that g_strescape() escapes all non-printable,
non ASCII character as well, while nm_utils_str_utf8safe_escape()
-- depending on the flags -- preserves valid UTF-8 sequence except
backslash.
The flags allow to optionally escape ASCII control characters and
all non-ASCII (valid UTF-8) characters. But the option to preserve
valid UTF-8 (non-ASCII) characters verbatim, is what distinguishes
from g_strescape().
(cherry picked from commit df6d27b33a)
UDev never creates such invalid escape sequences. Anyway,
we cannot accept a NUL character at this point. Just take
the ill escape verbatim -- it should never happen anyway.
(cherry picked from commit c15eae92c0)
We already get a library dependency on
libnl-3.so.200()(64bit)
libnl-3.so.200(libnl_3)(64bit)
Drop the explicit package dependency, leaving only the
BuildRequires.
Also, all recent versions of libnl3 implement library versioning.
(cherry picked from commit 225f7e8602)
If the platform signaled that the external configuration changed (and
thus update_ipX_config() is scheduled) and we are doing a commit of
the new configuration, update priv->ext_ipX_config. Without this, the
commit will remove addresses added externally but not yet captured in
the external configuration.
https://bugzilla.redhat.com/show_bug.cgi?id=1449873
(cherry picked from commit a21b8882cc)
This basically reverts commit 31fe84e467 "core: Add host route for
DHCP4 server if outside assigned subnet (bgo #721767)" because the
additional route added by NM does more harm than good.
First, the code does not consider routes pushed by the server and thus
it can add a route conflicting with the ones from the network
administrator.
Second, there is no specification on what a DHCP client should do when
the server is not reachable via unicast, and adding arbitrary logic
into the client is likely to break things in specific cases. If
network administrators want to make the DHCP server reachable from a
client in a different subnet, they should push proper routes with the
lease.
In any case, if the DHCP server is not reachable through unicast,
before the lease expiration (after timeout T2) the client will resort
to broadcast and so there won't be any network disruption; the renewal
will only happen at a later time.
Fixes: 31fe84e467https://bugzilla.redhat.com/show_bug.cgi?id=1448987
(cherry picked from commit 36e97f5d7b)
