"connection" variable might be NULL, which fails an assertion in
g_dbus_connection_flush_sync(). Consequently, "error_flush" is also
NULL which leads to a crash of "nm-dhcp-helper".
Reported-by: Jules Maselbas <jmaselbas@zdiv.net>
Fixes: 240ec7f891 ('dhcp: implement ACD (address collision detection) for DHCPv4')
(cherry picked from commit 37e130232d)
See wpa_supplicant commit [1]:
macsec: Make pre-shared CKN variable length
IEEE Std 802.1X-2010, 9.3.1 defines following restrictions for
CKN:
"MKA places no restriction on the format of the CKN, save that it
comprise an integral number of octets, between 1 and 32
(inclusive), and that all potential members of the CA use the same
CKN. No further constraints are placed on the CKNs used with PSKs,
..."
Hence do not require a 32 octet long CKN but instead allow a
shorter CKN to be configured.
This fixes interoperability with some Aruba switches, that do not
accept a 32 octet long CKN (only support shorter ones).
[1] https://w1.fi/cgit/hostap/commit/?id=b678ed1efc50e8da4638d962f8eac13312a4048f
(cherry picked from commit df999d1fca)
When called with update_carrier=TRUE, nm_device_bring_up_full() checks
for carrier changes and it may queue a transition to DISCONNECTED
through the following call chain:
-> nm_device_bring_up_full()
-> nm_device_set_carrier_from_platform()
-> nm_device_set_carrier()
-> carrier_changed()
-> nm_device_queue_state()
In _set_state_full(state=UNAVAILABLE) after bringing the interface up
we also call nm_device_cleanup() which clears the enqueued state
change to DISCONNECTED. When this happens, the device remains in
UNAVAILABLE and never gets activated even if it was ready.
This was observed with macsec interfaces, but in theory can happen
with all those interfaces that get carrier immediately after being
brought up.
Avoid this issue by not checking the carrier synchronously from
_set_state_full(). The carrier change event will be processed in the
next asynchronous invocation of device_link_changed().
https://bugzilla.redhat.com/show_bug.cgi?id=2122564
(cherry picked from commit 07bc5121a7)
In some situations we need to avoid updating the carrier status
synchronously from nm_device_bring_up_full(). Add a flag for that.
(cherry picked from commit 9fd9eaf276)
In the next commit nm_device_bring_up() will be extended with a new
argument. Most callers just want to bring up the device synchronously
and don't care about the "no_firmware" argument. Introduce a
nm_device_bring_up_full() for callers that need special behavior.
(cherry picked from commit 861934a510)
Call teamdctl_port_config_update_raw() when we're attaching a port even
if all of team-slave setting properties are default.
This is done to ensure teamd "knows" about the port (that is,
"teamdctl ... port present" returns success) when we're done activating
the slave connection. It will pick it up anyway from netlink, but that
can happen after the activation is done, resulting in a possible race.
Fixes-test: @remove_active_team_profile
https://bugzilla.redhat.com/show_bug.cgi?id=2102375https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1421
(cherry picked from commit 6897f6e6df)
If teamd crashes, we restore it. That's very nice, but if it really
crashed then it left ports attached and the slave connections are not
going to fail and the port configuration (e.g. priority or link watcher) in
teamd's memory will be gone.
This will restore the port configuration when the teamd connection is
re-established. This probably also fixes a race where a slave connection
would be enslaved (only possible externally and manually?) while we
didn't establish a connection to teamd yet. We'll just send the port
configuration in once're connected.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1361
(cherry picked from commit f3327835c1)
We must consume the reference, like we would in the other case.
Interestingly, I am unable to reproduce a case where valgrind would
complain about the leak. But it is there nonetheless.
Fixes: 0a22f4e490 ('libnm: refactor tracking of NMSetting in NMConnection')
(cherry picked from commit 3e3b629586)
When creating NMPlatformRoutingRule from NMIPRouteRule object, the
protocol is being set to RTPROT_UNSPEC. According to linux kernel
documentation FRA_PROTOCOL indicates the originator of the rule.
In this case the route rule is coming from a connection and therefore
the originator of the rule is the user. The correct value is
RTPROT_STATIC which means the rule is installed by the administrator.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1457
Fixes: 3f9347745b ('core: add handling of IP routing rules to NMDevice')
(cherry picked from commit 82009e21d2)
This verifies that what's in our public headers has version nodes, and
that they match Since: tags.
Not pretty (because python) but discovered a *lot* of issues.
(cherry picked from commit 133540763c)
Turns out automake doesn't like either that we add dependencies to a
target conditionally. Not sure why, but it's a tasteless thing to do
nevertheless:
gtk-doc.make:174: warning: $(DOC_MAIN_SGML_FILE) was already defined in condition BUILD_DOCS, which is included in condition TRUE ...
docs/api/Makefile.am:112: 'gtk-doc.make' included from here
docs/api/Makefile.am:14: ... '$(DOC_MAIN_SGML_FILE)' previously defined here
In any case, the dependency is wrong in the first place -- the source
document doesn't depend on other source. The target (which is a stamp
file, since the xslt processor produces multiple files) does! Moreover,
there's a dependency of the stamp file on $(content_files) already, so
including GENERATED_FILES (like we already do) in content_files should
be sufficient.
While at that, deal with other not-so-nice things; don't extend "all"
target needlessly and don't define a target conditionally.
(cherry picked from commit 4c49d67cc8)
Add them to @libnm_1_40_4 as opposed to @libnm_1_42_0 because we now know
this is going to be backported to 1.40.4 first.
(cherry picked from commit 45d9f1c01c)
Compared to version in main branch, the Since tags and
NM_AVAILABLE_IN_* macros indicate the branched version.
These are present in a public header yet are not properly commented,
versioned or exported.
Export them now. Another option would be to move them to a private
header; but I suspect someone has intended them to be exported at some
point.
Add them to @libnm_1_40_4 as opposed to @libnm_1_42_0 because we now know
this is going to be backported to 1.40.4 first.
(cherry picked from commit d78000d921)
Compared to version in main branch, the Since tags and
NM_AVAILABLE_IN_* macros indicate the branched version.
Some comments are malformed, some are missing altogether.
(cherry picked from commit 117a440cd9)
Compared to version in main branch, the Since tags document the
branched version as well.
The backport omits changes to nm_client_wait_shutdown(), since that one
is not yet present in 1.40.
Remove the functions from a public header. They were missing from
libnm.ver and thus never actually exported.
There's no point in salvaging them now as the whole NMVpnPluginOld has
been replaced NMVpnServicePlugin and new uses are discouraged.
(cherry picked from commit 1c6b0edb30)
Remove the function from a public header. It was missing from libnm.ver
and thus never actually exported.
There's no point in salvaging it now as it nm_device_get_hw_address()
exists as a better option.
(cherry picked from commit ecb9a48040)
Remove the function from a public header. It was missing from libnm.ver
and thus never actually exported.
There's no point in salvaging it now as it nm_device_get_hw_address()
exists as a better option.
(cherry picked from commit bd3239cf6c)
The export was left out when the symbol was added; apparently by
accident.
Let's also bump the documented version of when is the symbol supposed to
be available, because it actually wasn't.
Fixes: 56a1a5426a ('all: add ipvX.dhcp-iaid properties')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1447
(cherry picked from commit 941e8b70f8)
Compared to version in main branch, the Since tags and
NM_AVAILABLE_IN_* macros indicate the branched version.
Backport also includes commit c7f6a506ef ('libnm: move
nm_setting_ip_config_get_dhcp_iaid() to @libnm_1_40_4 version node'),
it wouldn't be possible to backport both separately.
- the static assertions were wrong, there was a "," instead of "==".
- the numeric values were wrong, as shown by the static assertions.
- move the code comment to the implementation. This does not seem
relevant for the library user and should not be in the public header.
Fixes: 08e845f651 ('nm-setting: mangle public constant to make g-ir-scanner happy')
(cherry picked from commit c884d4d347)
NMSettingWired does not reject invalid flags. Filter them out in wake_on_lan_enable().
In practice, it makes no difference, the unknown flags were ignored anyway.
(cherry picked from commit c593834842)
If there were any pause options and any non-pause options,
the created setting was invalid.
I don't think it's reasonably possible to parse the broken settings.
So there is no workaround trying to read the existing broken settings
from disk. Luckily, the broken setting was just silently ignored by
the parser, so you simply could not persist certain settings.
https://bugzilla.redhat.com/show_bug.cgi?id=2134569
Fixes: 652ddca04c ('ethtool: Introducing PAUSE support')
(cherry picked from commit 21661c6f71)
[thaller@redhat.com: modified original patch.]
Fixes: 58287cbcc0 ('core: rework IP configuration in NetworkManager using layer 3 configuration')
(cherry picked from commit 61e99ed715)
The if-else-if was wrong. It meant that if an object did not implement
cmd_plobj_id_copy(), nothign was copied (for id-only).
I think this code path was not actually hit, because we never clone
an object only by ID.
Fixes: c91a4617a1 ('nmp-object: allow missing implementations for certain virtual functions')
(cherry picked from commit ee34eeafb9)
Fix up the doc comment so that the gir data gets that right.
Fixes: 90d0ae0faf ('libnm: implement nm_client_activate_connection()/nm_client_add_and_activate_connection*() by using GDBusConnection directly')
(cherry picked from commit a0373a72db)
On rhel-8.7, we use a different gettext version, so the Makefile
looks different. Adjust patch the source.
Fixes: 7ee0da3eaf ('build: don't "update-po" during make dist')
(cherry picked from commit b2d1d14772)
