GitLab

- previously, parsing wireguard genl data resulted in memory corruption:

  - _wireguard_update_from_allowedips_nla() takes pointers to

      allowedip = &g_array_index (buf->allowedips, NMWireGuardAllowedIP, buf->allowedips->len - 1);

    but resizing the GArray will invalidate this pointer. This happens
    when there are multiple allowed-ips to parse.

  - there was some confusion who owned the allowedips pointers.
    _wireguard_peers_cpy() and _vt_cmd_obj_dispose_lnk_wireguard()
    assumed each peer owned their own chunk, but _wireguard_get_link_properties()
    would not duplicate the memory properly.

- rework memory handling for allowed_ips. Now, the NMPObjectLnkWireGuard
  keeps a pointer _allowed_ips_buf. This buffer contains the instances for
  all peers.
  The parsing of the netlink message is the complicated part, because
  we don't know upfront how many peers/allowed-ips we receive. During
  construction, the tracking of peers/allowed-ips is complicated,
  via a CList/GArray. At the end of that, we prettify the data
  representation and put everything into two buffers. That is more
  efficient and simpler for user afterwards. This moves complexity
  to the way how the object is created, vs. how it is used later.

- ensure that we nm_explicit_bzero() private-key and preshared-key. However,
  that only works to a certain point, because our netlink library does not
  ensure that no data is leaked.

- don't use a "struct sockaddr" union for the peer's endpoint. Instead,
  use a combintation of endpoint_family, endpoint_port, and
  endpoint_addr.

- a lot of refactoring.

We have such variables with similar purpose at various places.
Name them all the same.

Move NMLinuxPlatformPrivate earlier.

In the past, I moved the declaration of NMLinuxPlatformPrivate
after utility functions which are independent from platform
instance.

However, parsing netlink messages actually requires
NMLinuxPlatformPrivate, because we want to access the "genl"
socket.

So, move the types to the beginning of the file, like we do
for most other source files.

The _lookup_cached_link() function, should not skip over links which are
currently in the cache, but not in netlink. Instead, let the callers
skip them, as they see fit.

No change in behavior, because the few callers now explicitly check
for this.

- drop "goto error_label" in favor of returning right away.
  At most places, there was no need to do any cleanup or
  the cleanup is handled via nm_auto().

- adjust the return types of wireguard functions to return
  a boolean success/failure, instead of some error code which
  we didn't use.

- the change to _wireguard_get_link_properties() is intentional.
  This was wrong previously, because in _wireguard_get_link_properties()
  obj is always a newly created instance, and never has a genl
  family ID set. This will be improved later.

It was unused.

It's only used internally, and it seems not very useful to have.
As it is confusing to have multiple functions for doing something
similar, drop it -- since it's not really used. I also cannot imagine
a good use-case for it.

When we print info about the link, we also want to print
info about the referenced lnk instance, which commonly contains
link-specific data.

For NMP_OBJECT_TO_STRING_PUBLIC this was done correctly, by
calling to-string of public fields on the lnk object.

For NMP_OBJECT_TO_STRING_ALL, we wrongly just delegated to the
public to-string function, this means, for the lnk object we
would not print all fields.

Fix that.

By using nm_memdup().

Except in shared/nm-utils/nm-compat.c, which may not include
"shared/nm-utils/nm-shared-utils.h".

I think g_memdup() is dangerous for integer overflow. There
is no need for accepting this danger, just use our own nm_memdup()
which does not have this flaw.

In commit 297d4985 ("core/dbus: rework D-Bus implementation to use
lower layer GDBusConnection API") the Device.Wireless 'Bitrate'
property on D-Bus was accidentally changed to 'BitRate'. Revert the
old name.
Reported-by: Joseph Conley <joseph.j.conley@gmail.com>
Fixes: 297d4985

https://mail.gnome.org/archives/networkmanager-list/2018-September/msg00004.html

#13
https://github.com/NetworkManager/NetworkManager/pull/192

The DNS manager reacts to NM_DEVICE_IP4_CONFIG_CHANGED events, which
are generated when there is a relevant change to an IP4 configuration.

Until now, changes to the mdns,llmnr properties were not
considered relevant (and neither minor, this is already a bug).

Promote them to relevant so that the DNS manager is notified and will
rewrite the DNS configuration when one of this properties changes.

Note that the DNS priority should be considered relevant and added
into the checksum as well, but is a problem right now because in the
DNS manager we rely on the fact that an empty configuration (i.e. just
created) has a zero checksum. This is needed to avoid rewriting
resolv.conf when there is no change. The DNS priority initial value
depends on the connection type (VPN or not), so it's a bit difficult
to add it to checksum maintaining the assumption of checksum(empty)=0.
This should be improved in the future.

After an update of the connection.mdns property, a reactivation is
needed to apply the new value.

Also, the ifcfg-rh variable name was wrong.

Fixes: 2e2ff6f2

https://github.com/NetworkManager/NetworkManager/pull/190

Does not address the issues that the existing logging is much too verbose
and does not provide necessary context for what it's complaining. The
logging messages should be improved.

At least, the logging macro gives all messages a "ifupdown: " prefix.

We already have a linked-list implementation. Use it.

Don't listen to udev to find out about devices. First of all, using udev
for this is already very wrong, because we have the platform cache.

Anyway, all that the device information is used, is pointless as well.
Drop it.

It's pointless because:

The entires in eni_ifaces are already indexed by the interface name.
Likewise, all NMIfupdownConnection set "connection.interface-name" to
restict the profile by name.
/e/n/i matches devices is by name, that's it. We don't need udev to
look up the MAC address (by name!!) to later ignore/match devices
by MAC address. Especially, because NetworkMaanger can already
restrict profiles to devices based on the interface name.
Likewise, NetworkMaanger can use the interface name for the
unmanaged-specs.
It's wrong to extend the on-disk configuration from /e/n/i with runtime
information from udev, especially, because other NetworkMaanger layers
are perfectly content using the interface name for this purpose.

Also, bind_device_to_connection() was fundamentally wrong. It's wrong
to modify the settings connection at random moments (on udev event).
If at all, that should only happen during connection load/reload.

This may have been necessary a long time ago, when unmanaged devices were
not expressed by device-match-specs, but by the HAL UDI. That was since
improved, for example by commit c9067d8f.

The "connections" hash contains a mapping of block->name (iface) to the
NMSettingsConnection. The "eni_ifaces" hash contains the name of all
blocks which are mentioned, but for which no connection was created.

Merge the two hashes. We don't need to keep track of whether a
connections was successfully created ("connections"), but the
same name also has a non-connection block. This information is
unnecessary, so one hash is enough.

@unmanage_well_known directly depends on the "ifupdown.managed" setting from
NetworkManager.conf. Rename it (and invert the meaning) so that this
relation ship becomes clearer.

Also, the double negation of "if (!unmanaged_well_known)" hurts the
brain.