Add a new 'ignore' option to NMSettingWired.wake-on-lan which disables
management of wake-on-lan by NetworkManager (i.e. the pre-existing
option will not be touched). Also, change the default behavior to be
'ignore' instead of 'disabled'.
https://bugzilla.gnome.org/show_bug.cgi?id=755182
(cherry picked from commit e587dcb16e)
Otherwise the callers would free the address and it would result in
double-free.
Ideally, the function would return const pointer, but changing it now
would require changing also other prototypes and much code due to
snowball effect of const.
https://bugzilla.gnome.org/show_bug.cgi?id=756380
(cherry picked from commit 237030ce2b)
The kernel defaults REORDER_HDR to 1 when creating a new VLAN, but
NetworkManager's VLAN flags property defaulted to 0. Thus REORDER_HDR was not
set for NM-created VLANs with default values.
We want to match the kernel default, so we change the default value for the
vlan.flags property. However, we do not want to change the flags for existing
connections if the property is missing in connection files. Thus we have to
update plugins for that. We also make sure that vlan.flags is always written
by 'keyfile' when the value is default. That way new connections have flags
property explicitly written and it will be loaded as expected.
https://bugzilla.redhat.com/show_bug.cgi?id=1250225
(cherry picked from commit 687b651598)
For libnm library, "nm-dbus-interface.h" contains defines like the D-Bus
paths of NetworkManager. It is desirable to have this header usable without
having a dependency on "glib.h", for example for a QT application. For that,
commit c0852964a8 removed that dependancy.
For libnm-glib library, the analog to "nm-dbus-interface.h" is
"NetworkManager.h", and the same applies there. Commit
159e827a72 removed that include.
However, that broke build on PackageKit [1] which expected to get the
version macros by including "NetworkManager.h". So at least for libnm-glib,
we need to preserve old behavior so that a user including
"NetworkManager.h" gets the version macros, but not "glib.h".
Extract the version macros to a new header file "nm-version-macros.h".
This header doesn't include "glib.h" and can be included from
"NetworkManager.h". This gives as previous behavior and a glib-free
include.
For libnm we still don't include "nm-version-macros.h" to "nm-dbus-interface.h".
Very few users will actually need the version macros, but not using
libnm.
Users that use libnm, should just include (libnm's) "NetworkManager.h" to
get all headers.
As a special case, a user who doesn't want to use glib/libnm, but still
needs both "nm-dbus-interface.h" and "nm-version-macros.h", can include
them both separately.
[1] https://github.com/hughsie/PackageKit/issues/85
Fixes: 4545a7fe96
(cherry picked from commit 7bf10a75db)
"nm-dbus-interface.h" can be used without glib/libnm, hence we must
workaround a missing NM_AVAILABLE_IN_1_0_6 macro.
(cherry picked from commit c60ff9e7e0)
We want "nm-dbus-interface.h" to have no dependancy on libnm and glib.
That way, it is usable for example in the QT examples without dragging
in dependencies to glib.
Also drop all the unneccessary include to "nm-dbus-interface.h", which
we already get by directly or indirectly including "nm-core-types.h".
(cherry picked from commit c0852964a8)
- accept a numeric value (decimal or hex (0x prefix))
- display a numeric value of the property in addition to the strings
- add/accept spaces between string names
to behave similar to other flags' properties.
(cherry picked from commit 4485b4ec2f)
Avoid a new line in the definition of enum value to fix the following
glib-mkenums warning:
glib-mkenums: nm-setting-wired.h:71:
Failed to parse ` - 1 - NM_SETTING_WIRED_WAKE_ON_LAN_DEFAULT) '
Fixes: 5622461c04
(cherry picked from commit f8ae5f1671)
Add functions nm_utils_enum_to_str() and nm_utils_enum_from_str()
which can be used to perform conversions between enum values and
strings, passing the GType automatically generated for every enum by
glib-mkenums.
(cherry picked from commit 8be9814793)
We want to call nm_connection_get_uuid() also on connections that don't verify.
Otherwise it is chumbersome to check first for verified connection.
(cherry picked from commit 61eed191a9)
All current users of NM_IN_SET() would rather use short-circuit evalation
(or don't care). It seems that doing it by default seems favorable.
The only downside is, that this might have somewhat unexpected behavior
to a user who expects a regular function (which would evaluate always
all arguments).
Fixes: 7860ef959a
(cherry picked from commit 96cacc07e8)
Let the preprocessor do more work, but generate a simple expression that
the compiler can optimize (presumably) better.
(cherry picked from commit 7860ef959a)
Remove an assertion in canonicalize_ip() to assert that either a
non-NULL @ip is given, or @null_any is TRUE.
The condition of the assert is not easy to understand without context.
Instead the caller should already handle %NULL properly.
All callers that pass @null_any=FALSE to canonicalize_ip(), already assert
that the argument is not %NULL. With the exception of nm_ip_route_new()
which however checks for a valid @dest early on.
(cherry picked from commit 7f129b976c)
We call valid_ip() from nm_ip_route_new() to check whether an untrusted string
is a valid ip address. Properly handle %NULL argument.
Fixes: 21c8a6b20e
(cherry picked from commit 9342568694)
A is_valid() function should just accept NULL as input and
return "invalid". It certainly should not crash.
Fixes: 21c8a6b20e
(cherry picked from commit 2b55de8560)
Add a 'metered' enum property to NMSettingConnection with possible
values: unknown,yes,no. The value indicates the presence of limitations
in the amount of traffic flowing through the connection.
(cherry picked from commit 6f647fe689)
g_convert_with_fallback() will fail if the SSID contains characters that
are not legal in the source encoding, which, if $LANG is not set, will
be ASCII. If this happens, replace all non-ASCII and non-printable
characters with '?'. It is possible that nm_utils_ssid_to_utf8() will
now return an empty string (e.g., the source string is actually
big-endian UTF-16 and g_strcanon() stops on the first byte), but it will
not return NULL.
https://bugzilla.redhat.com/show_bug.cgi?id=1243078
(cherry picked from commit 568b4ad31f)
NetworkManager uses wpa_supplicant, which in turn calls OpenSSL for verifying
certificates. wpa_supplicant calls
SSL_CTX_load_verify_locations(ctx, CAfile, CApath)
using its ca_cert and ca_path options as CAfile and CApath parameters.
We have a configure time option with_system_ca_path to override ca_path.
However, it doesn't work when a system (like Fedora) only uses bundled PEM
certificates instead of a directory with hashed certificates ([1], [2]).
So this commit allows setting --with_system_ca_path to a file name (the
trusted certificate bundle). Then the name is used to populate wpa_supplicant's
ca_cert instead of ca_path.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1053882
[2] https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/https://bugzilla.redhat.com/show_bug.cgi?id=1236548
(cherry picked from commit 640eb8f284)
GKeyFile considers the order of the files, so add a possibility
to check whether to keyfiles are equal -- also with respect to
the order of the elements.
(cherry picked from commit 7fbfaf567d)
Under certain cases, if g_key_file_get_groups() fails, it might not set the
out argument @length. Play it safe and initialize it.
(cherry picked from commit aa7a53bc67)
_keyfile_convert() should really test for successful round-trip
conversion of keyfile-connection and vice versa.
(cherry picked from commit 81119c69d8)
