1. 28 May, 2019 4 commits
  2. 20 May, 2019 1 commit
  3. 19 May, 2019 1 commit
  4. 14 May, 2019 1 commit
    • Thomas Haller's avatar
      core: fix file permissions for "/var/lib/NetworkManager/secret_key" · 7a0f8520
      Thomas Haller authored
      Ooherwise, the file has wrong permissions:
      
        # ls -la /var/lib/NetworkManager/secret_key
        ----r-xr-x. 1 root root 50 May 14 13:52 /var/lib/NetworkManager/secret_key
      
      Luckily, /var/lib/NetworkManager should be already
      
        # ls -lad /var/lib/NetworkManager
        drwx------. 2 root root 8192 May 14 13:57 /var/lib/NetworkManager
      
      which mitigates this a bit.
      
      Fixes: dbcb1d6d ('core: let nm_utils_secret_key_read() handle failures internally')
      
      #175
      (cherry picked from commit dc3a2f9b)
      (cherry picked from commit 2d46247c)
      7a0f8520
  5. 10 May, 2019 2 commits
    • Thomas Haller's avatar
      settings/d-bus: fix boolean return value of "LoadConnections" · 1337ebd9
      Thomas Haller authored
      The boolean value is intended to indicate success. It would indicated
      failure due to a bug.
      
      Fixes: 297d4985 ('core/dbus: rework D-Bus implementation to use lower layer GDBusConnection API'):
      (cherry picked from commit 22e830f0)
      (cherry picked from commit e73a5058)
      1337ebd9
    • Thomas Haller's avatar
      settings: avoid assertion for LoadConnections D-Bus method with relative paths · 8fe900d3
      Thomas Haller authored
        $ busctl call org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings LoadConnections as 1 relative/filename
      
      triggers a g_critical() assertion in nm_utils_file_is_in_path():
      
        ...
        #3  0x00007ffff7a19e7d in g_return_if_fail_warning
            (log_domain=log_domain@entry=0x55555586c333 "NetworkManager", pretty_function=pretty_function@entry=0x55555586c0a0 <__FUNCTION__.38585> "nm_utils_file_is_in_path", expression=expression@entry=0x55555586c010 "abs_filename && abs_filename[0] == '/'") at ../glib/gmessages.c:2767
        #4  0x00005555555f1128 in nm_utils_file_is_in_path (abs_filename=abs_filename@entry=0x555555b56670 "dfd", abs_path=<optimized out>) at src/NetworkManagerUtils.c:1077
        #5  0x00005555555a4779 in load_connection (config=<optimized out>, filename=0x555555b56670 "dfd") at src/settings/plugins/keyfile/nms-keyfile-plugin.c:522
        #6  0x00005555557ce291 in nm_settings_plugin_load_connection (self=0x5555559fd400 [NMSKeyfilePlugin], filename=0x555555b56670 "dfd") at src/settings/nm-settings-plugin.c:70
        #7  0x000055555559ccdf in impl_settings_load_connections
            (obj=<optimized out>, interface_info=<optimized out>, method_info=<optimized out>, connection=<optimized out>, sender=<optimized out>, invocation=0x7fffe0015ed0 [GDBusMethodInvocation], parameters=<optimized out>) at src/settings/nm-settings.c:1439
        #8  0x00005555555a9bf9 in dbus_vtable_method_call
            (connection=0x5555559b91b0 [GDBusConnection], sender=sender@entry=0x555555b5c360 ":1.32283", object_path=object_path@entry=0x7fffe0019070 "/org/freedesktop/NetworkManager/Settings", interface_name=<optimized out>, interface_name@entry=0x7fffe002aa70 "org.freedesktop.NetworkManager.Settings", method_name=<optimized out>,
            method_name@entry=0x7fffe00276b0 "LoadConnections", parameters=parameters@entry=0x555555c4a690, invocation=0x7fffe0015ed0 [GDBusMethodInvocation], user_data=0x5555559a1a00)
            at src/nm-dbus-manager.c:947
        #9  0x00007ffff7c506c4 in call_in_idle_cb (user_data=user_data@entry=0x7fffe0015ed0) at ../gio/gdbusconnection.c:4874
        #10 0x00007ffff7a0e8eb in g_idle_dispatch (source=source@entry=0x7fffe00208a0, callback=0x7ffff7c50590 <call_in_idle_cb>, user_data=0x7fffe0015ed0) at ../glib/gmain.c:5627
        #11 0x00007ffff7a11fd0 in g_main_dispatch (context=0x555555994d00) at ../glib/gmain.c:3189
        #12 0x00007ffff7a11fd0 in g_main_context_dispatch (context=context@entry=0x555555994d00) at ../glib/gmain.c:3854
        #13 0x00007ffff7a12368 in g_main_context_iterate (context=0x555555994d00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:3927
        #14 0x00007ffff7a126b3 in g_main_loop_run (loop=0x555555995e60) at ../glib/gmain.c:4123
        #15 0x000055555558a741 in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:444
      
      Filter out relative filenames early.
      
      (cherry picked from commit a1b102ea)
      (cherry picked from commit c21171e0)
      8fe900d3
  6. 08 May, 2019 6 commits
  7. 03 May, 2019 1 commit
  8. 18 Apr, 2019 2 commits
    • Thomas Haller's avatar
      platform: fix nm_platform_lnk_gre_to_string() for tap links · 400293d3
      Thomas Haller authored
      Why didn't we get a compiler warning about this bug?
      At least clang (3.8.0-2ubuntu4, Ubuntu 16.04) warns:
      
          CC       src/platform/src_libNetworkManagerBase_la-nm-platform.lo
        ../src/platform/nm-platform.c:5389:14: error: data argument not used by format string [-Werror,-Wformat-extra-args]
                            lnk->remote ? nm_sprintf_buf (str_remote, " remote %s", nm_utils_inet4_ntop (lnk->remote, str_remote1)) : "",
                            ^
      
      Fixes: 4c2862b9 ('platform: add gretap tunnels support')
      (cherry picked from commit dfb899f4)
      (cherry picked from commit ed88c71f)
      400293d3
    • Thomas Haller's avatar
      libnm-core/tests: fix "-Werror=logical-not-parentheses" warning in _sock_addr_endpoint() · 8190a68c
      Thomas Haller authored
          CC       libnm-core/tests/libnm_core_tests_test_general-test-general.o
        In file included from ../shared/nm-default.h:280:0,
                         from ../libnm-core/tests/test-general.c:24:
        ../libnm-core/tests/test-general.c: In function _sock_addr_endpoint:
        ../libnm-core/tests/test-general.c:5911:18: error: logical not is only applied to the left hand side of comparison [-Werror=logical-not-parentheses]
          g_assert (!host == (port == -1));
                          ^
        ../shared/nm-utils/nm-macros-internal.h:1793:7: note: in definition of macro __NM_G_BOOLEAN_EXPR_IMPL
           if (expr) \
               ^
        /usr/include/glib-2.0/glib/gmacros.h:376:43: note: in expansion of macro _G_BOOLEAN_EXPR
         #define G_LIKELY(expr) (__builtin_expect (_G_BOOLEAN_EXPR((expr)), 1))
                                                   ^
        /usr/include/glib-2.0/glib/gtestutils.h:116:49: note: in expansion of macro G_LIKELY
                                                      if G_LIKELY (expr) ; else \
                                                         ^
        ../libnm-core/tests/test-general.c:5911:2: note: in expansion of macro g_assert
          g_assert (!host == (port == -1));
          ^
      
      Fixes: 713e879d ('libnm: add NMSockAddrEndpoint API')
      (cherry picked from commit 1e8c0873)
      (cherry picked from commit fd8b78dd)
      8190a68c
  9. 15 Apr, 2019 1 commit
  10. 12 Apr, 2019 5 commits
  11. 11 Apr, 2019 10 commits
    • Thomas Haller's avatar
      build: merge branch 'build-cleanup-and-disable-ebpf' · a94403bb
      Thomas Haller authored
      - make contrib/rpm similar to master.
      
      - make .gitlab-ci.yml similar to master.
      
      - disable eBPF everywhere. Now it must be explicitly disabled.
        It seems to break unit tests on gitlab-ci, with something that
        looks like a kernel issue. Or maybe ulimit -l is so small?
        Anyway, disable it for now as there are problems with it.
      a94403bb
    • Thomas Haller's avatar
      contrib/rpm: disable eBPF for package builds on Fedora · 3443a800
      Thomas Haller authored
      We have random failures to build on gitlab-ci. Something is wrong,
      at least, eBPF is not working reliably. Disable it for now.
      
      (cherry picked from commit 0d16b037)
      3443a800
    • Thomas Haller's avatar
      contrib/rpm: make spec file more similar to rhel-7's · 9fc91c23
      Thomas Haller authored
      (cherry picked from commit b3997312)
      9fc91c23
    • Thomas Haller's avatar
      contrib/rpm: from Fedora 31 onwards use internal DHCP client by default · 7bbb6a20
      Thomas Haller authored
      In RHEL-8.0 we already switched the default DHCP plugin.
      It's past time that we do the same for Fedora.
      
      (cherry picked from commit b1f556ba)
      7bbb6a20
    • Thomas Haller's avatar
      contrib/rpm: disable NDEBUG for meson builds · 46dce6e6
      Thomas Haller authored
      For better or worse, our release builds commonly do not disable assertions.
      That means,
      
       - NDEBUG is not set, and assert() is in effect
       - G_DISABLE_ASSERT is not set, and g_assert() is in effect
       - G_DISABLE_CHECKS is not set, and g_return*() is in effect.
      
      On the other hand, NM_MORE_ASSERTS is not enabled by default and nm_assert()
      is stripped away. That is the actual purpose of nm_assert(): it is
      commonly disabled on release builds, while all other assertions are
      enabled.
      
      Note that it is fully supported to build NetworkManager with all kind of
      assertions disabled. However, such a configuration is not much tested
      and I would not recommend it for that reason.
      
      %meson expands to
      
        $ /usr/bin/meson --buildtype=plain --prefix=/usr --libdir=/usr/lib64 --libexecdir=/usr/libexec --bindir=/usr/bin --sbindir=/usr/sbin --includedir=/usr/include --datadir=/usr/share --mandir=/usr/share/man --infodir=/usr/share/info --localedir=/usr/share/locale --sysconfdir=/etc --localstatedir=/var --sharedstatedir=/var/lib --wrap-mode=nodownload --auto-features=enabled -Db_ndebug=true . x86_64-redhat-linux-gnu $OTHER_ARGS
      
      thus passing -DNDEBUG to the meson build. Override that.
      
      (cherry picked from commit ef338667)
      46dce6e6
    • Thomas Haller's avatar
      build: disable eBPF by default · 38ee0c78
      Thomas Haller authored
      We have random failures to build on gitlab-ci. Something is wrong,
      at least, eBPF is not working reliably. Disable it for now.
      
      (cherry picked from commit 52ea426b)
      38ee0c78
    • Thomas Haller's avatar
      gitlab-ci: run unit tests for n-acd with eBPF disabled · 114ce3cb
      Thomas Haller authored
      Enabling eBPF causes src/devices/tests/test-acd to fail:
      
          strace: bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_HASH, key_size=4, value_size=1, max_entries=8, map_flags=0, inner_map_fd=0, map_name="", map_ifindex=0, btf_fd=0, btf_key_type_id=0, btf_value_type_id=0}, 112) = -1 EPERM (Operation not permitted)
      
          NetworkManager-Message: 10:07:04.404: <warn>  [1554631624.4046] acd[0xa2b400,10]: couldn't init ACD for announcing addresses on interface 'nm-test-veth0': Operation not permitted
      
      Interestingly it does not always fail. Seems to depend on the kernel
      which is used in the containerized test environments of gitlab-ci.
      
      For now, just disable eBPF and use the fallback implementation.
      
      (cherry picked from commit a5869d1b)
      114ce3cb
    • Thomas Haller's avatar
      gitlab-ci: add test on Fedora 30 image · ed39bf76
      Thomas Haller authored
      And no longer use "fedora:lastest". While "fedora:rawhide" names the very
      latest branch (and we want to test that), for all proper releases we want
      name them explicitly.
      
      (cherry picked from commit 2955d5e6)
      ed39bf76
    • Thomas Haller's avatar
      gitlab-ci: print information about test environment in tests · 54a525c1
      Thomas Haller authored
      It's just interesting to see in the logs.
      
      (cherry picked from commit 645b195f)
      54a525c1
    • Beniamino Galvani's avatar
      clients: fix assertion when requesting gsm pin secret · eee2eda4
      Beniamino Galvani authored
        [root@gsm-r5s4-01 ~]# nmcli  connection up id gsm
        **
        libnmc:ERROR:clients/common/nm-secret-agent-simple.c:171:_secret_real_new_plain: assertion failed: ((secret_type == NM_SECRET_AGENT_SECRET_TYPE_SECRET) == nm_setting_get_secret_flags (setting, property, ((void *)0), ((void *)0)))
        Aborted (core dumped)
      
      The pin is a secret property.
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1698495
      (cherry picked from commit a94ccc9a)
      eee2eda4
  12. 10 Apr, 2019 2 commits
  13. 09 Apr, 2019 1 commit
    • Beniamino Galvani's avatar
      libnm-core: fix invalid memory access · 3fa39f61
      Beniamino Galvani authored
      When we delete the runner.name property, the runner object itself gets
      deleted if that was the only property, and @runner becomes invalid.
      
       ==13818== Invalid read of size 1
       ==13818==    at 0x55EAF4: nm_streq (nm-macros-internal.h:869)
       ==13818==    by 0x55EAF4: _json_team_normalize_defaults (nm-utils.c:5573)
       ==13818==    by 0x566C89: _nm_utils_team_config_set (nm-utils.c:6057)
       ==13818==    by 0x5498A6: _nm_utils_json_append_gvalue (nm-utils-private.h:228)
       ==13818==    by 0x5498A6: set_property (nm-setting-team.c:1622)
       ==13818==  Address 0x182a9330 is 0 bytes inside a block of size 13 free'd
       ==13818==    at 0x4839A0C: free (vg_replace_malloc.c:530)
       ==13818==    by 0x4857868: json_delete_string (value.c:763)
       ==13818==    by 0x4857868: json_delete (value.c:975)
       ==13818==    by 0x4851FA1: UnknownInlinedFun (jansson.h:129)
       ==13818==    by 0x4851FA1: hashtable_do_del (hashtable.c:131)
       ==13818==    by 0x4851FA1: hashtable_del (hashtable.c:289)
       ==13818==    by 0x55DFDD: _json_del_object (nm-utils.c:5384)
       ==13818==    by 0x55EA70: _json_delete_object_on_string_match (nm-utils.c:5532)
       ==13818==    by 0x55EADB: _json_team_normalize_defaults (nm-utils.c:5549)
       ==13818==    by 0x566C89: _nm_utils_team_config_set (nm-utils.c:6057)
       ==13818==    by 0x5498A6: _nm_utils_json_append_gvalue (nm-utils-private.h:228)
       ==13818==    by 0x5498A6: set_property (nm-setting-team.c:1622)
       ==13818==  Block was alloc'd at
       ==13818==    at 0x483880B: malloc (vg_replace_malloc.c:299)
       ==13818==    by 0x4852E8C: lex_scan_string (load.c:389)
       ==13818==    by 0x4852E8C: lex_scan (load.c:620)
       ==13818==    by 0x4853458: parse_object (load.c:738)
       ==13818==    by 0x4853458: parse_value (load.c:862)
       ==13818==    by 0x4853466: parse_object (load.c:739)
       ==13818==    by 0x4853466: parse_value (load.c:862)
       ==13818==    by 0x4853655: parse_json.constprop.7 (load.c:899)
       ==13818==    by 0x48537CF: json_loads (load.c:959)
       ==13818==    by 0x566780: _nm_utils_team_config_set (nm-utils.c:5961)
       ==13818==    by 0x5498A6: _nm_utils_json_append_gvalue (nm-utils-private.h:228)
       ==13818==    by 0x5498A6: set_property (nm-setting-team.c:1622)
      
      Fixes: a5642fd9 ('libnm-core: team: rework defaults management on runner properties')
      (cherry picked from commit 80a3031a)
      3fa39f61
  14. 02 Apr, 2019 2 commits
  15. 31 Mar, 2019 1 commit
    • Beniamino Galvani's avatar
      build: fix searching dlopen in configure · 1fa0914b
      Beniamino Galvani authored
      The 4th argument of AC_SEARCH_LIBS is a list of additional libraries,
      not the name of the variable to hold the result which is always
      ac_cv_search_$function. Also, we should ignore the result when it is
      "none required".
      
      Fixes: 1f2eeb85 ('build: rename $(LIBDL) to $(DL_LIBS) and modify detection')
      (cherry picked from commit bd4957fc)
      1fa0914b