1. 28 Sep, 2010 1 commit
  2. 27 Sep, 2010 6 commits
  3. 25 Sep, 2010 1 commit
    • Dan Williams's avatar
      trivial: typo fixes · b80f31e1
      Dan Williams authored
      Sent by a Debian user to Michael Biebl.  No other attribution
      information available.  Thanks Debian user!
      b80f31e1
  4. 24 Sep, 2010 4 commits
    • Dan Williams's avatar
      6f2aa8a8
    • Dan Williams's avatar
      system-settings: fix use-after-free causing crashes when hostname is empty · 9e2ec0b7
      Dan Williams authored
      Should be returning NULL here since the actual hostname is returned in the
      for() loop if the plugin supports hostnames.  But if the plugin for some
      reason returns an empty string (which they aren't supposed to do) then
      hostname would be left assigned to an already-freed value, which was then
      returned to higher layers.
      
      ==12331== Invalid free() / delete / delete[]
      ==12331==    at 0x4024B3A: free (vg_replace_malloc.c:366)
      ==12331==    by 0x448BFC5: g_free (gmem.c:191)
      ==12331==    by 0x43E0E05: value_free_string (gvaluetypes.c:268)
      ==12331==    by 0x43DC587: g_value_unset (gvalue.c:276)
      ==12331==    by 0x80B297F: notify (nm-sysconfig-settings.c:229)
      ==12331==    by 0x43C64E7: g_cclosure_marshal_VOID__PARAM (gmarshal.c:531)
      ==12331==    by 0x43B78B8: g_type_class_meta_marshal (gclosure.c:878)
      ==12331==    by 0x43B9251: g_closure_invoke (gclosure.c:767)
      ==12331==    by 0x43CD239: signal_emit_unlocked_R (gsignal.c:3178)
      ==12331==    by 0x43CEDB3: g_signal_emit_valist (gsignal.c:2981)
      ==12331==    by 0x43CF255: g_signal_emit (gsignal.c:3038)
      ==12331==    by 0x43BD630: g_object_dispatch_properties_changed (gobject.c:801)
      ==12331==  Address 0x479f208 is 0 bytes inside a block of size 1 free'd
      ==12331==    at 0x4024B3A: free (vg_replace_malloc.c:366)
      ==12331==    by 0x448BFC5: g_free (gmem.c:191)
      ==12331==    by 0x80B1A08: nm_sysconfig_settings_get_hostname (nm-sysconfig-settings.c:280)
      ==12331==    by 0x80B27C7: get_property (nm-sysconfig-settings.c:1415)
      ==12331==    by 0x43BC707: g_object_get_property (gobject.c:935)
      ==12331==    by 0x80B288D: notify (nm-sysconfig-settings.c:225)
      ==12331==    by 0x43C64E7: g_cclosure_marshal_VOID__PARAM (gmarshal.c:531)
      ==12331==    by 0x43B78B8: g_type_class_meta_marshal (gclosure.c:878)
      ==12331==    by 0x43B9251: g_closure_invoke (gclosure.c:767)
      ==12331==    by 0x43CD239: signal_emit_unlocked_R (gsignal.c:3178)
      ==12331==    by 0x43CEDB3: g_signal_emit_valist (gsignal.c:2981)
      ==12331==    by 0x43CF255: g_signal_emit (gsignal.c:3038)
      9e2ec0b7
    • Dan Williams's avatar
      wifi: use PMKSA caching with PEAP-GTC (rh #615032) (rh #636877) · 596cf1a2
      Dan Williams authored
      We don't want to require a full 802.1x reauth when using OTP tokens
      and roaming between APs in the same ESS, since that takes a long time
      (user has to find the token and type in the code).
      596cf1a2
    • Jiří Klimeš's avatar
  5. 22 Sep, 2010 6 commits
    • Dan Williams's avatar
      dns: warn that the BIND plugin is experimental · 8199c727
      Dan Williams authored
      It's still got a bunch of issues that need debugging, like when VPN
      nameservers exist but no domain and thus not doing split DNS, sometimes
      hosts outside the VPN don't resolve correctly, which was previously
      masked by having the non-VPN nameservers in /etc/resolv.conf where
      glibc would erroneously use them instead of asking BIND.  To be fixed
      in a subsequent patch.
      
      The dnsmasq plugin seems to work great though.
      8199c727
    • Dan Williams's avatar
      Merge remote branch 'origin/cachingdns' · a211fadc
      Dan Williams authored
      Caching DNS with dnsmasq works well enough to merge for now.  THere
      are still some issues with the BIND plugin because BIND is god-awful
      unecessarily complex so we'll disable that in a further commit.
      a211fadc
    • Dan Williams's avatar
      libnm-util: fix max APN length · a1731c60
      Dan Williams authored
      It's not 20, it's DNS domain name length.
      a1731c60
    • Dan Williams's avatar
      libnm-util: enforce APN character restrictions · 0ec9bf2c
      Dan Williams authored
      APNs can only contain alphanumeric characters, '.', and '-'.  To be
      helpful we strip spaces off before setting the APN internally so that
      previously (and incorrectly) valid APNs don't cause the whole
      connection to fail validation and thus disappear.  The only case seen
      in the wild was a Pelephone IL APN which erroneously had a trailing
      space in the mobile broadband provider database.  Bad characters
      cause the connection to fail with vague error messages about being
      unable to activate the PDP context during PPP negotiation.
      0ec9bf2c
    • Jiří Klimeš's avatar
      man: update nmcli man page · 5e7b4e7d
      Jiří Klimeš authored
      5e7b4e7d
    • Jiří Klimeš's avatar
      cli: add D-Bus object path field for active connections (e.g.: nmcli -f... · b008a486
      Jiří Klimeš authored
      cli: add D-Bus object path field for active connections (e.g.: nmcli -f name,uuid,dbus-path con status)
      b008a486
  6. 21 Sep, 2010 2 commits
    • Dan Williams's avatar
      dns: write only 127.0.0.1 to resolv.conf when caching · 06bd99f6
      Dan Williams authored
      If all nameservers are listed in resolv.conf, glibc apparently
      tries them all (even if 'options rotate' isn't specified??).  Leading
      to queries for internet hosts being directed to VPN-specific DNS
      servers in split-DNS situations.  I've verified this with wireshark;
      I see queries going out over the tunnel to VPN nameservers for
      non-internal addresses, while BIND itself never logs anything about
      queries to VPN nameservers for that same address.  Thus the only
      thing left is to blame glibc...
      06bd99f6
    • Dan Williams's avatar
      dns: allow random source ports for BIND caching DNS · 20acb482
      Dan Williams authored
      Despite most guides saying that without restricting to port 53 queries
      won't get through a firewall, I cannot make it work with this option.
      DNS queries through a WRT54G just time out even when the WRT54G isn't
      caching anything itself (ie, explicit upstream nameservers are the
      forwarders in the bind config).
      20acb482
  7. 20 Sep, 2010 6 commits
  8. 17 Sep, 2010 3 commits
  9. 16 Sep, 2010 5 commits
  10. 15 Sep, 2010 3 commits
    • Dan Williams's avatar
      dns: remove unused Chromium bits · 1e33d1e9
      Dan Williams authored
      This was supposed to hook up to the bits Adam Langley did last year
      for his local-dns-cache DBus service, but I misunderstood the
      architecture.  It was a separate service, not Chromium itself.  But
      it's unclear what happened to his local-dns-cache since the project
      doesn't seem to have any commits in a year and I'm unsure if it's
      actually being used.  So remove this stuff for now.
      1e33d1e9
    • Dan Williams's avatar
    • Dan Williams's avatar
      dns: only write out new DNS config if it really changed · 57f6feb1
      Dan Williams authored
      Use a pseudo-hash to quickly check whether the DNS config has really
      changed or not.  This is certainly better than the 500 line patch I
      did then scrapped in favor of this approach... yay.  This helps ensure
      that we don't kill then respawn caching DNS servers more often than
      we have to.
      57f6feb1
  11. 13 Sep, 2010 3 commits