Creating a mode=ap connection (as GNOME control center does) would otherwise
assert in complete_connection despite having a proper SSID set:
NetworkManager-wifi:ERROR:nm-device-wifi.c:1118:complete_connection: assertion failed: (ssid)
Aborted
Most NMDevice types defined their own error domain but then never used
it. A few did use their errors, but some of those errors are redundant
with NMDeviceError, and others can be added to it.
Merge libnm's NMDeviceError and the daemon's NMDeviceError into a
single enum (in nm-errors.h). Register the domain with D-Bus, and add
a test that the client side decodes it correctly.
The daemon's NM_DEVICE_ERROR_CONNECTION_INVALID gets absorbed into
libnm's NM_DEVICE_ERROR_INVALID_CONNECTION, and
NM_DEVICE_ERROR_UNSUPPORTED_DEVICE_TYPE gets dropped, since it was
only returned from one place, which is now using
NM_DEVICE_ERROR_FAILED, since (a) it ought to be a "can't happen", and
(b) the only caller of that function just logs error->message and then
frees the error without ever looking at the code.
Each setting type was defining its own error type, but most of them
had exactly the same three errors ("unknown", "missing property", and
"invalid property"), and none of the other values was of much use
programmatically anyway.
So, this commit merges NMSettingError, NMSettingAdslError, etc, all
into NMConnectionError. (The reason for merging into NMConnectionError
rather than NMSettingError is that we also already have
"NMSettingsError", for errors related to the settings service, so
"NMConnectionError" is a less-confusable name for settings/connection
errors than "NMSettingError".)
Also, make sure that all of the affected error messages are localized,
and (where appropriate) prefix them with the relevant property name.
Renamed error codes:
NM_SETTING_ERROR_PROPERTY_NOT_FOUND -> NM_CONNECTION_ERROR_PROPERTY_NOT_FOUND
NM_SETTING_ERROR_PROPERTY_NOT_SECRET -> NM_CONNECTION_ERROR_PROPERTY_NOT_SECRET
Remapped error codes:
NM_SETTING_*_ERROR_MISSING_PROPERTY -> NM_CONNECTION_ERROR_MISSING_PROPERTY
NM_SETTING_*_ERROR_INVALID_PROPERTY -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_ERROR_PROPERTY_TYPE_MISMATCH -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_BLUETOOTH_ERROR_TYPE_SETTING_NOT_FOUND -> NM_CONNECTION_ERROR_INVALID_SETTING
NM_SETTING_BOND_ERROR_INVALID_OPTION -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_BOND_ERROR_MISSING_OPTION -> NM_CONNECTION_ERROR_MISSING_PROPERTY
NM_SETTING_CONNECTION_ERROR_TYPE_SETTING_NOT_FOUND -> NM_CONNECTION_ERROR_MISSING_SETTING
NM_SETTING_CONNECTION_ERROR_SLAVE_SETTING_NOT_FOUND -> NM_CONNECTION_ERROR_MISSING_SETTING
NM_SETTING_IP4_CONFIG_ERROR_NOT_ALLOWED_FOR_METHOD -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_IP6_CONFIG_ERROR_NOT_ALLOWED_FOR_METHOD -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_VLAN_ERROR_INVALID_PARENT -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_WIRELESS_SECURITY_ERROR_MISSING_802_1X_SETTING -> NM_CONNECTION_ERROR_MISSING_SETTING
NM_SETTING_WIRELESS_SECURITY_ERROR_LEAP_REQUIRES_802_1X -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_WIRELESS_SECURITY_ERROR_LEAP_REQUIRES_USERNAME -> NM_CONNECTION_ERROR_MISSING_PROPERTY
NM_SETTING_WIRELESS_SECURITY_ERROR_SHARED_KEY_REQUIRES_WEP -> NM_CONNECTION_ERROR_INVALID_PROPERTY
NM_SETTING_WIRELESS_ERROR_CHANNEL_REQUIRES_BAND -> NM_CONNECTION_ERROR_MISSING_PROPERTY
Dropped error codes (were previously defined but unused):
NM_SETTING_CDMA_ERROR_MISSING_SERIAL_SETTING
NM_SETTING_CONNECTION_ERROR_IP_CONFIG_NOT_ALLOWED
NM_SETTING_GSM_ERROR_MISSING_SERIAL_SETTING
NM_SETTING_PPP_ERROR_REQUIRE_MPPE_NOT_ALLOWED
NM_SETTING_PPPOE_ERROR_MISSING_PPP_SETTING
NM_SETTING_SERIAL_ERROR_MISSING_PPP_SETTING
NM_SETTING_WIRELESS_ERROR_MISSING_SECURITY_SETTING
The IPv6LL address handling in userspace patches failed to handle the
case where the IPv6 method was 'ignore'. Previously the kernel would
usually add the IPv6LL address itself, but if NM has turned off kernel
IPv6LL then obviously this wouldn't happen. So when the method is
'ignore', turn off userspace IPv6LL handling and bounce disable_ipv6
to make the kernel add the IPv6LL address if it wants to.
Routing configuration fails to apply if the device is not IFF_UP, so if
we're going to apply IP configuration to the device, make sure it's IFF_UP
first.
https://bugzilla.gnome.org/show_bug.cgi?id=738479
A generated connection contains a copy of the device's existing
configuration, so it's entirely redundant to merge the connection
back into the device's IP config. But even though that should
result in no changes to the IP config, NMSettingIPxConfig treats a
route metric of '0' as the device priority, while NMIPxConfig
allows 0 as a valid route metric. Since the setting values
are preferred (they are supposed to be user-supplied and thus
override anythign else, but in this case they are generated and
thus not user-supplied) external routes with a metric of 0 are
overwritten with the device priority metric.
https://bugzilla.gnome.org/show_bug.cgi?id=738268
This adds service discovery via SDP and RFCOMM tty management to
NetworkManager, as it was dropped from Bluez.
Based on work by Dan Williams <dcbw@redhat.com>.
The SDP discovery is based on code from Bluez project.
We'll need it for bluez5 DUN support.
[lkundrak@v3.sk: Turn the addresses to strings from guint8[ETH_ALEN], as that
is what rest of NetworkManager uses for MAC addresses and what Bluez utility
functions expect as well.]
When secret providers return the connection hash in GetSecrets(),
this hash should only contain secrets. However, some providers also
return non-secret properties.
for_each_secret() iterated over all entries of the @secrets hash
and triggered the assertion in nm_setting_get_secret_flags() (see
below).
NM should not assert against user provided input. Change
nm_setting_get_secret_flags() to silently return FALSE, if the property
is not a secret.
Indeed, handling of secrets is very different for NMSettingVpn and
others. Hence nm_setting_get_secret_flags() has only an inconsistent
behavior and we have to fix all call sites to do the right thing
(depending on whether we have a VPN setting or not).
Now for_each_secret() checks whether the property is a secret
without hitting the assertion. Adjust all other calls of
nm_setting_get_secret_flags(), to anticipate non-secret flags and
assert/warn where appropriate.
Also, agent_secrets_done_cb() clears now all non-secrets properties
from the hash, using the new argument @remove_non_secrets when calling
for_each_secret().
#0 0x0000003370c504e9 in g_logv () from /lib64/libglib-2.0.so.0
#1 0x0000003370c5063f in g_log () from /lib64/libglib-2.0.so.0
#2 0x00007fa4b0c1c156 in get_secret_flags (setting=0x1e3ac60, secret_name=0x1ea9180 "security", verify_secret=1, out_flags=0x7fff7507857c, error=0x0) at nm-setting.c:1091
#3 0x00007fa4b0c1c2b2 in nm_setting_get_secret_flags (setting=0x1e3ac60, secret_name=0x1ea9180 "security", out_flags=0x7fff7507857c, error=0x0) at nm-setting.c:1124
#4 0x0000000000463d03 in for_each_secret (connection=0x1deb2f0, secrets=0x1e9f860, callback=0x464f1b <has_system_owned_secrets>, callback_data=0x7fff7507865c) at settings/nm-settings-connection.c:203
#5 0x000000000046525f in agent_secrets_done_cb (manager=0x1dddf50, call_id=1, agent_dbus_owner=0x1ddb9e0 ":1.39", agent_username=0x1e51710 "thom", agent_has_modify=1, setting_name=0x1e91f90 "802-11-wireless-security",
flags=NM_SETTINGS_GET_SECRETS_FLAG_ALLOW_INTERACTION, secrets=0x1e9f860, error=0x0, user_data=0x1deb2f0, other_data2=0x477d61 <get_secrets_cb>, other_data3=0x1ea92a0) at settings/nm-settings-connection.c:757
#6 0x00000000004dc4fd in get_complete_cb (parent=0x1ea6300, secrets=0x1e9f860, agent_dbus_owner=0x1ddb9e0 ":1.39", agent_username=0x1e51710 "thom", error=0x0, user_data=0x1dddf50) at settings/nm-agent-manager.c:1139
#7 0x00000000004dab54 in req_complete_success (req=0x1ea6300, secrets=0x1e9f860, agent_dbus_owner=0x1ddb9e0 ":1.39", agent_uname=0x1e51710 "thom") at settings/nm-agent-manager.c:502
#8 0x00000000004db86e in get_done_cb (agent=0x1e89530, call_id=0x1, secrets=0x1e9f860, error=0x0, user_data=0x1ea6300) at settings/nm-agent-manager.c:856
#9 0x00000000004de9d0 in get_callback (proxy=0x1e47530, call=0x1, user_data=0x1ea10f0) at settings/nm-secret-agent.c:267
#10 0x000000337380cad2 in complete_pending_call_and_unlock () from /lib64/libdbus-1.so.3
#11 0x000000337380fdc1 in dbus_connection_dispatch () from /lib64/libdbus-1.so.3
#12 0x000000342800ad65 in message_queue_dispatch () from /lib64/libdbus-glib-1.so.2
#13 0x0000003370c492a6 in g_main_context_dispatch () from /lib64/libglib-2.0.so.0
#14 0x0000003370c49628 in g_main_context_iterate.isra.24 () from /lib64/libglib-2.0.so.0
#15 0x0000003370c49a3a in g_main_loop_run () from /lib64/libglib-2.0.so.0
#16 0x000000000042e5c6 in main (argc=1, argv=0x7fff75078e88) at main.c:644
Signed-off-by: Thomas Haller <thaller@redhat.com>
nm_device_get_best_auto_connection() was only used at one place.
It was a very simple function, just iterated over a list finding
the first can_auto_connect() connection. At the very least, the name
was misleading, because it did not return the 'best', but the 'first'
connection.
Get rid of the function altogether.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Setting 'lacp_rate' is only possible in '802.3ad' (4) mode.
Otherwise writing to sysctl fails and results in the following
error log:
<error> [1412337854.026285] [platform/nm-linux-platform.c:2093] sysctl_set(): sysctl: failed to set '/sys/class/net/nm-bond/bonding/lacp_rate' to '0': (13) Permission denied
<warn> (nm-bond): failed to set bonding attribute 'lacp_rate' to '0'
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1061702
Fixes: 47555449fa
Signed-off-by: Thomas Haller <thaller@redhat.com>
If DHCP fails to renew or rebind a lease, fail the device since the
IP config is no longer valid. Commit e2b7c482 was actually wrong for
dhcp[4|6]_fail(), since (ip_state == IP_FAIL) will never be true if
DHCP has ever been started, as IP_FAIL is only set from
nm_device_activate_ip[4|6]_config_timeout(), which obviously will not
be called in DHCP code paths if DHCP has previously succeeded.
For PAN devices we create an unsaved connection if no matching
connection exists. After the device gets removed, we want to clean
up that connection, unless it was modified/saved in the meantime.
Before this was accomplished by creating a clone of the original
connection. When deciding whether the temporary connection was
modified, we would compare the current state with the original.
This can now be simplified, because we have the nm-generated flag
that gets cleared whenever the user modifies or saves the connection.
This code is also more robust, because the previous implementation
was a hack, but could not reliably detect whether the connection
was modified by the user.
Signed-off-by: Thomas Haller <thaller@redhat.com>
At a few places, we checked for nm_device_uses_generated_connection()
whether to touch the device or not. nm_device_uses_generated_connection() used
to look at the "nm-generated" property of the NMSettingsConnection.
We are about to change the meaning of "nm-generated", which will mean
"any connection generated by NM, for whatever reason".
Instead now use the new "nm-generated-assumed" connection flag that has
the meaning "nm-generated" used to have.
So rename nm_device_uses_generated_connection() to nm_device_uses_generated_assumed_connection()
which looks at the "nm-generated-assumed" flag instead.
Also, be more strict in nm_device_uses_generated_assumed_connection() to require
both an "nm-generated-assumed" connection *and* an active connection that is
nm_active_connection_get_assumed().
Signed-off-by: Thomas Haller <thaller@redhat.com>
In preparation for internal device types exposing factories too, it's
easier to have the device type that the factory creates be returned
by the factory object instead of the plugin, because internal device
types don't have plugins.
This requires that we create the factory objects earlier, which
further requires that any operations that trigger signals must be
moved out of each factory's construction path to a separate start()
function.
Instead of creating it in NMSettings, where we must use
NM_IS_DEVICE_ETHERNET() (not NM_DEVICE_TYPE_ETHERNET because various generic
devices masquerade as NM_DEVICE_TYPE_ETHERNET too), push knowledge
of which device types create default wired connections into the device
types themselves. This solves a problem with testcases where
libNetworkManager.a (which testcases link to) requires the symbol
nm_type_device_ethernet().
Instead of having basically the same code in a bunch of different
place to find helper programs, just have one place do it. Yes, this
does mean that the same sequence of paths is searched for all helpers
(so for example, dnsmasq will no longer be found first in /usr/local)
but I think consistency is the better option here.
https://bugzilla.gnome.org/show_bug.cgi?id=734131
NM keeps interfaces IFF_UP when possible to receive link layer
events like carrier changes. Unfortunately, the kernel also
uses IFF_UP as a flag to assign an IPv6LL address to the interface,
which results in IPv6 connectivity on the link even if the interface
is not supposed to be activated/connected.
NM sets disable_ipv6=1 to ensure that the kernel does not set up
IPv6LL connectivity on interfaces when they are not supposed to
be active and connected. Unfortunately, that prevents users from
manually adding IPv6 addresses to the interface, since they expect
previous kernel behavior where IPv6 is enabled whenever the
interface is IFF_UP.
Furthermore, interfaces like PPP and some WWAN devices provide
misleading information to the kernel which causes the kernel to
create the wrong IPv6LL address for the interface. The IPv6LL
address for these devices is obtained through control channels
instead (IPV6CP for PPP, proprietary protocols for WWAN devices)
and should be used instead of the kernel address. So we'd like
to suppress kernel IPv6LL address generation on these interfaces
anyway.
This patch makes use of the netlink IFLA_INET6_ADDR_GEN_MODE
attribute to take over assignment of IPv6LL addresses while
keeping the interface IFF_UP, to ensure there is only IPv6
connectivity when the user requests it.
To remain compliant with standards, if a user adds IPv6 addresses
externally, NetworkManager must also immediately add an IPv6LL
address for that interface too.
https://bugzilla.gnome.org/show_bug.cgi?id=734149
Change all DBUS_TYPE_G_UCHAR_ARRAY properties to G_TYPE_BYTES, and
update corresponding APIs. Notably, this means they are now refcounted
rather than being copied.
Update the rest of NM for the changes. The daemon still converts SSIDs
to GByteArrays internally, because changing it to use GBytes has lots
of trickle-down effects. It can possibly be changed later.
