Compare commits
31 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
dcdaefa75e | ||
|
a99f0b80ea | ||
|
631d934213 | ||
|
c1cbb3d3cf | ||
|
51939ebc60 | ||
|
d296fac843 | ||
|
70ab67a4ec | ||
|
91e80af0b7 | ||
|
51083bdcb6 | ||
|
0403647fbb | ||
|
1db3b8e581 | ||
|
d7751575c9 | ||
|
905b53b5b1 | ||
|
f53db99e24 | ||
|
0aad706ec9 | ||
|
a71990f645 | ||
|
85596bf315 | ||
|
a3ae10b400 | ||
|
69a8c60fae | ||
|
26165f2e69 | ||
|
4d25eb6f40 | ||
|
035415185f | ||
|
5717faa588 | ||
|
335e63c781 | ||
|
5dfc586442 | ||
|
8ad0f034e2 | ||
|
cc79957fc3 | ||
|
6c5b0cbaca | ||
|
e63b491005 | ||
|
f9d15b1a26 | ||
|
31af83963b |
8
.gitignore
vendored
8
.gitignore
vendored
@ -1,4 +1,5 @@
|
|||||||
*.makerepo-split.*
|
*.makerepo-split.*
|
||||||
|
makerepo.gitignore
|
||||||
network-manager-applet-0.6.5.tar.bz2
|
network-manager-applet-0.6.5.tar.bz2
|
||||||
NetworkManager-0.6.5.tar.bz2
|
NetworkManager-0.6.5.tar.bz2
|
||||||
NetworkManager-0.7.0.svn2736.tar.gz
|
NetworkManager-0.7.0.svn2736.tar.gz
|
||||||
@ -308,3 +309,10 @@ network-manager-applet-0.8.1.tar.bz2
|
|||||||
/NetworkManager-0.9.9.95.git20140609.1963adda.tar.bz2
|
/NetworkManager-0.9.9.95.git20140609.1963adda.tar.bz2
|
||||||
/NetworkManager-0.9.9.98.git20140620.63b0a2f5.tar.bz2
|
/NetworkManager-0.9.9.98.git20140620.63b0a2f5.tar.bz2
|
||||||
/NetworkManager-0.9.10.0.git20140704.6eb82acd.tar.bz2
|
/NetworkManager-0.9.10.0.git20140704.6eb82acd.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.1.git20150105.b00ad26.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.1.20150109git.ce3b386.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.1.20150115git.ea40551.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.1.20150115git.76c00cf.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.1.tar.xz
|
||||||
|
/NetworkManager-0.9.10.1.20150219git.e734eee2.tar.bz2
|
||||||
|
/NetworkManager-0.9.10.2.tar.xz
|
||||||
|
@ -0,0 +1,32 @@
|
|||||||
|
From 46c836e5cd5342cab5dfb4cd6eb5daf6170b70a0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dan Williams <dcbw@redhat.com>
|
||||||
|
Date: Mon, 16 Mar 2015 10:44:16 -0500
|
||||||
|
Subject: [PATCH] connectivity: disable HTTP keepalive for connectivity checks
|
||||||
|
|
||||||
|
There won't be any further requests, so there's no point in keeping
|
||||||
|
the connection alive. Even if the HTTP server doesn't care, proxy
|
||||||
|
servers in-between might keep the connection open for a couple seconds
|
||||||
|
for keepalive, and we might as well be nice to them and tell them we
|
||||||
|
don't need to keep it alive.
|
||||||
|
|
||||||
|
(cherry picked from commit 90692e3efff398f0e4420827fc6d7ac342360e5c)
|
||||||
|
---
|
||||||
|
src/nm-connectivity.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/nm-connectivity.c b/src/nm-connectivity.c
|
||||||
|
index 4d5feef..85bd70a 100644
|
||||||
|
--- a/src/nm-connectivity.c
|
||||||
|
+++ b/src/nm-connectivity.c
|
||||||
|
@@ -247,6 +247,8 @@ nm_connectivity_check_async (NMConnectivity *self,
|
||||||
|
if (priv->uri && priv->interval) {
|
||||||
|
msg = soup_message_new ("GET", priv->uri);
|
||||||
|
soup_message_set_flags (msg, SOUP_MESSAGE_NO_REDIRECT);
|
||||||
|
+ /* Disable HTTP/1.1 keepalive; the connection should not persist */
|
||||||
|
+ soup_message_headers_append (msg->request_headers, "Connection", "close");
|
||||||
|
soup_session_queue_message (priv->soup_session,
|
||||||
|
msg,
|
||||||
|
nm_connectivity_check_cb,
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
103
0003-kill-dns-plugin-child-synchronously-rh1161232.patch
Normal file
103
0003-kill-dns-plugin-child-synchronously-rh1161232.patch
Normal file
@ -0,0 +1,103 @@
|
|||||||
|
From a6ac4dd1176f7fc6f12e8513ec49da58607a6922 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lubomir Rintel <lkundrak@v3.sk>
|
||||||
|
Date: Wed, 6 May 2015 11:52:27 +0200
|
||||||
|
Subject: [PATCH] dns: kill plugin child synchronously to avoid restart race
|
||||||
|
(rh #1161232) (bgo #728342)
|
||||||
|
|
||||||
|
NM was killing the dnsmasq local caching nameserver process and immediately
|
||||||
|
starting a new one, and new process couldn't bind to 127.0.0.1 because the
|
||||||
|
old one hadn't quit yet. Thus the new process quit, and the user was
|
||||||
|
left with no split DNS at all.
|
||||||
|
|
||||||
|
While this does introduce more synchronous waiting into the connection
|
||||||
|
process, it's not that much time and NM will kill dnsmasq if it hasn't
|
||||||
|
quit after 1 second. The longer-term fix is to use dnsmasq's D-Bus
|
||||||
|
interface to update DNS without respawning it.
|
||||||
|
|
||||||
|
https://bugzilla.gnome.org/show_bug.cgi?id=728342
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1161232
|
||||||
|
|
||||||
|
This is a rework of 10aff12526a2fc4b2d099df2710fdb040ccd9e4c. The newer
|
||||||
|
branches have ff3b753 (core: use nm_utils_kill_child_async() and
|
||||||
|
nm_utils_kill_child_sync()) which in turn relies on 1f84185 (core: add
|
||||||
|
nm_utils_kill_child_async() and nm_utils_kill_child_sync() function) that is
|
||||||
|
not entirely trivial to backport.
|
||||||
|
---
|
||||||
|
src/dns-manager/nm-dns-plugin.c | 46 ++++++++++++++---------------------------
|
||||||
|
1 file changed, 16 insertions(+), 30 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/dns-manager/nm-dns-plugin.c b/src/dns-manager/nm-dns-plugin.c
|
||||||
|
index e85b2a0..4f86d63 100644
|
||||||
|
--- a/src/dns-manager/nm-dns-plugin.c
|
||||||
|
+++ b/src/dns-manager/nm-dns-plugin.c
|
||||||
|
@@ -196,29 +196,6 @@ nm_dns_plugin_child_spawn (NMDnsPlugin *self,
|
||||||
|
return priv->pid;
|
||||||
|
}
|
||||||
|
|
||||||
|
-typedef struct {
|
||||||
|
- int pid;
|
||||||
|
- char *progname;
|
||||||
|
-} KillInfo;
|
||||||
|
-
|
||||||
|
-static gboolean
|
||||||
|
-ensure_killed (gpointer data)
|
||||||
|
-{
|
||||||
|
- KillInfo *info = data;
|
||||||
|
-
|
||||||
|
- if (kill (info->pid, 0) == 0)
|
||||||
|
- kill (info->pid, SIGKILL);
|
||||||
|
-
|
||||||
|
- /* ensure the child is reaped */
|
||||||
|
- nm_log_dbg (LOGD_DNS, "waiting for %s pid %d to exit", info->progname, info->pid);
|
||||||
|
- waitpid (info->pid, NULL, 0);
|
||||||
|
- nm_log_dbg (LOGD_DNS, "dnsmasq pid %d cleaned up", info->pid);
|
||||||
|
-
|
||||||
|
- g_free (info->progname);
|
||||||
|
- g_free (info);
|
||||||
|
- return FALSE;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
gboolean nm_dns_plugin_child_kill (NMDnsPlugin *self)
|
||||||
|
{
|
||||||
|
NMDnsPluginPrivate *priv = NM_DNS_PLUGIN_GET_PRIVATE (self);
|
||||||
|
@@ -229,21 +206,30 @@ gboolean nm_dns_plugin_child_kill (NMDnsPlugin *self)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (priv->pid) {
|
||||||
|
- KillInfo *info;
|
||||||
|
|
||||||
|
if (kill (priv->pid, SIGTERM) == 0) {
|
||||||
|
- info = g_malloc0 (sizeof (KillInfo));
|
||||||
|
- info->pid = priv->pid;
|
||||||
|
- info->progname = g_strdup (priv->progname);
|
||||||
|
- g_timeout_add_seconds (2, ensure_killed, info);
|
||||||
|
- } else {
|
||||||
|
+ int counter = 20;
|
||||||
|
+
|
||||||
|
+ /* Wait up to 2 seconds synchronously. */
|
||||||
|
+ nm_log_dbg (LOGD_DNS, "waiting for %s pid %d to exit", priv->progname, priv->pid);
|
||||||
|
+ while (counter--) {
|
||||||
|
+ if (waitpid (priv->pid, NULL, WNOHANG))
|
||||||
|
+ goto killed;
|
||||||
|
+ g_usleep (100000);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (kill (priv->pid, 0) == 0) {
|
||||||
|
+ /* Not dead yet. */
|
||||||
|
kill (priv->pid, SIGKILL);
|
||||||
|
|
||||||
|
/* ensure the child is reaped */
|
||||||
|
nm_log_dbg (LOGD_DNS, "waiting for %s pid %d to exit", priv->progname, priv->pid);
|
||||||
|
waitpid (priv->pid, NULL, 0);
|
||||||
|
- nm_log_dbg (LOGD_DNS, "%s pid %d cleaned up", priv->progname, priv->pid);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+killed:
|
||||||
|
+ nm_log_dbg (LOGD_DNS, "%s pid %d cleaned up", priv->progname, priv->pid);
|
||||||
|
priv->pid = 0;
|
||||||
|
g_free (priv->progname);
|
||||||
|
priv->progname = NULL;
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
@ -0,0 +1,135 @@
|
|||||||
|
From 2171b984e3c9a17c032ac80054db79523d97d9dd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dan Williams <dcbw@redhat.com>
|
||||||
|
Date: Wed, 14 Jan 2015 17:03:22 -0600
|
||||||
|
Subject: [PATCH 2/4] dns: refactor building IP config lists for plugins (bgo
|
||||||
|
#728342)
|
||||||
|
|
||||||
|
Don't bother building the lists if no DNS plugins are enabled.
|
||||||
|
|
||||||
|
https://bugzilla.gnome.org/show_bug.cgi?id=728342
|
||||||
|
(cherry picked from commit cc8d9f778c2237b3e9e6815a2e0cc5635328edab)
|
||||||
|
---
|
||||||
|
src/dns-manager/nm-dns-manager.c | 70 ++++++++++++++++++++++++----------------
|
||||||
|
1 file changed, 43 insertions(+), 27 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/dns-manager/nm-dns-manager.c b/src/dns-manager/nm-dns-manager.c
|
||||||
|
index ddf31af..e6984e3 100644
|
||||||
|
--- a/src/dns-manager/nm-dns-manager.c
|
||||||
|
+++ b/src/dns-manager/nm-dns-manager.c
|
||||||
|
@@ -561,6 +561,42 @@ compute_hash (NMDnsManager *self, guint8 buffer[HASH_LEN])
|
||||||
|
g_checksum_free (sum);
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+build_plugin_config_lists (NMDnsManager *self,
|
||||||
|
+ GSList **out_vpn_configs,
|
||||||
|
+ GSList **out_dev_configs,
|
||||||
|
+ GSList **out_other_configs)
|
||||||
|
+{
|
||||||
|
+ NMDnsManagerPrivate *priv = NM_DNS_MANAGER_GET_PRIVATE (self);
|
||||||
|
+ GSList *iter;
|
||||||
|
+
|
||||||
|
+ g_return_if_fail (out_vpn_configs && !*out_vpn_configs);
|
||||||
|
+ g_return_if_fail (out_dev_configs && !*out_dev_configs);
|
||||||
|
+ g_return_if_fail (out_other_configs && !*out_other_configs);
|
||||||
|
+
|
||||||
|
+ /* Build up config lists for plugins; we use the raw configs here, not the
|
||||||
|
+ * merged information that we write to resolv.conf so that the plugins can
|
||||||
|
+ * still use the domain information in each config to provide split DNS if
|
||||||
|
+ * they want to.
|
||||||
|
+ */
|
||||||
|
+ if (priv->ip4_vpn_config)
|
||||||
|
+ *out_vpn_configs = g_slist_append (*out_vpn_configs, priv->ip4_vpn_config);
|
||||||
|
+ if (priv->ip6_vpn_config)
|
||||||
|
+ *out_vpn_configs = g_slist_append (*out_vpn_configs, priv->ip6_vpn_config);
|
||||||
|
+ if (priv->ip4_device_config)
|
||||||
|
+ *out_dev_configs = g_slist_append (*out_dev_configs, priv->ip4_device_config);
|
||||||
|
+ if (priv->ip6_device_config)
|
||||||
|
+ *out_dev_configs = g_slist_append (*out_dev_configs, priv->ip6_device_config);
|
||||||
|
+
|
||||||
|
+ for (iter = priv->configs; iter; iter = g_slist_next (iter)) {
|
||||||
|
+ if ( (iter->data != priv->ip4_vpn_config)
|
||||||
|
+ && (iter->data != priv->ip4_device_config)
|
||||||
|
+ && (iter->data != priv->ip6_vpn_config)
|
||||||
|
+ && (iter->data != priv->ip6_device_config))
|
||||||
|
+ *out_other_configs = g_slist_append (*out_other_configs, iter->data);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static gboolean
|
||||||
|
update_dns (NMDnsManager *self,
|
||||||
|
gboolean no_caching,
|
||||||
|
@@ -568,7 +604,7 @@ update_dns (NMDnsManager *self,
|
||||||
|
{
|
||||||
|
NMDnsManagerPrivate *priv;
|
||||||
|
NMResolvConfData rc;
|
||||||
|
- GSList *iter, *vpn_configs = NULL, *dev_configs = NULL, *other_configs = NULL;
|
||||||
|
+ GSList *iter;
|
||||||
|
const char *nis_domain = NULL;
|
||||||
|
char **searches = NULL;
|
||||||
|
char **nameservers = NULL;
|
||||||
|
@@ -674,32 +710,11 @@ update_dns (NMDnsManager *self,
|
||||||
|
|
||||||
|
nis_domain = rc.nis_domain;
|
||||||
|
|
||||||
|
- /* Build up config lists for plugins; we use the raw configs here, not the
|
||||||
|
- * merged information that we write to resolv.conf so that the plugins can
|
||||||
|
- * still use the domain information in each config to provide split DNS if
|
||||||
|
- * they want to.
|
||||||
|
- */
|
||||||
|
- if (priv->ip4_vpn_config)
|
||||||
|
- vpn_configs = g_slist_append (vpn_configs, priv->ip4_vpn_config);
|
||||||
|
- if (priv->ip6_vpn_config)
|
||||||
|
- vpn_configs = g_slist_append (vpn_configs, priv->ip6_vpn_config);
|
||||||
|
- if (priv->ip4_device_config)
|
||||||
|
- dev_configs = g_slist_append (dev_configs, priv->ip4_device_config);
|
||||||
|
- if (priv->ip6_device_config)
|
||||||
|
- dev_configs = g_slist_append (dev_configs, priv->ip6_device_config);
|
||||||
|
-
|
||||||
|
- for (iter = priv->configs; iter; iter = g_slist_next (iter)) {
|
||||||
|
- if ( (iter->data != priv->ip4_vpn_config)
|
||||||
|
- && (iter->data != priv->ip4_device_config)
|
||||||
|
- && (iter->data != priv->ip6_vpn_config)
|
||||||
|
- && (iter->data != priv->ip6_device_config))
|
||||||
|
- other_configs = g_slist_append (other_configs, iter->data);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
/* Let any plugins do their thing first */
|
||||||
|
if (priv->plugin) {
|
||||||
|
NMDnsPlugin *plugin = priv->plugin;
|
||||||
|
const char *plugin_name = nm_dns_plugin_get_name (plugin);
|
||||||
|
+ GSList *vpn_configs = NULL, *dev_configs = NULL, *other_configs = NULL;
|
||||||
|
|
||||||
|
if (nm_dns_plugin_is_caching (plugin)) {
|
||||||
|
if (no_caching) {
|
||||||
|
@@ -710,6 +725,8 @@ update_dns (NMDnsManager *self,
|
||||||
|
caching = TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ build_plugin_config_lists (self, &vpn_configs, &dev_configs, &other_configs);
|
||||||
|
+
|
||||||
|
nm_log_dbg (LOGD_DNS, "DNS: updating plugin %s", plugin_name);
|
||||||
|
if (!nm_dns_plugin_update (plugin,
|
||||||
|
vpn_configs,
|
||||||
|
@@ -723,15 +740,14 @@ update_dns (NMDnsManager *self,
|
||||||
|
*/
|
||||||
|
caching = FALSE;
|
||||||
|
}
|
||||||
|
+ g_slist_free (vpn_configs);
|
||||||
|
+ g_slist_free (dev_configs);
|
||||||
|
+ g_slist_free (other_configs);
|
||||||
|
|
||||||
|
skip:
|
||||||
|
;
|
||||||
|
}
|
||||||
|
|
||||||
|
- g_slist_free (vpn_configs);
|
||||||
|
- g_slist_free (dev_configs);
|
||||||
|
- g_slist_free (other_configs);
|
||||||
|
-
|
||||||
|
/* If caching was successful, we only send 127.0.0.1 to /etc/resolv.conf
|
||||||
|
* to ensure that the glibc resolver doesn't try to round-robin nameservers,
|
||||||
|
* but only uses the local caching nameserver.
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
@ -0,0 +1,300 @@
|
|||||||
|
From 991b8efca0d3136d8c63b202a9346572c8197da5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dan Williams <dcbw@redhat.com>
|
||||||
|
Date: Thu, 26 Feb 2015 15:04:36 -0600
|
||||||
|
Subject: [PATCH 3/4] dns: ensure that update_dns() always returns a GError on
|
||||||
|
failure
|
||||||
|
|
||||||
|
Callers may expect this, so make sure we do it.
|
||||||
|
|
||||||
|
(cherry picked from commit 06f25a3ec7c07eac5785daeb99f648200abe3feb)
|
||||||
|
---
|
||||||
|
src/NetworkManagerUtils.c | 19 ++++----
|
||||||
|
src/NetworkManagerUtils.h | 2 +-
|
||||||
|
src/dns-manager/nm-dns-manager.c | 99 +++++++++++++++++++++-------------------
|
||||||
|
src/dns-manager/nm-dns-unbound.c | 2 +-
|
||||||
|
4 files changed, 62 insertions(+), 60 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/NetworkManagerUtils.c b/src/NetworkManagerUtils.c
|
||||||
|
index e6814e3..0a7a9b6 100644
|
||||||
|
--- a/src/NetworkManagerUtils.c
|
||||||
|
+++ b/src/NetworkManagerUtils.c
|
||||||
|
@@ -134,27 +134,26 @@ nm_utils_ip6_address_clear_host_address (struct in6_addr *dst, const struct in6_
|
||||||
|
|
||||||
|
|
||||||
|
int
|
||||||
|
-nm_spawn_process (const char *args)
|
||||||
|
+nm_spawn_process (const char *args, GError **error)
|
||||||
|
{
|
||||||
|
+ GError *local = NULL;
|
||||||
|
gint num_args;
|
||||||
|
char **argv = NULL;
|
||||||
|
int status = -1;
|
||||||
|
- GError *error = NULL;
|
||||||
|
|
||||||
|
g_return_val_if_fail (args != NULL, -1);
|
||||||
|
+ g_return_val_if_fail (!error || !*error, -1);
|
||||||
|
|
||||||
|
- if (!g_shell_parse_argv (args, &num_args, &argv, &error)) {
|
||||||
|
- nm_log_warn (LOGD_CORE, "could not parse arguments for '%s': %s", args, error->message);
|
||||||
|
- g_error_free (error);
|
||||||
|
- return -1;
|
||||||
|
+ if (g_shell_parse_argv (args, &num_args, &argv, &local)) {
|
||||||
|
+ g_spawn_sync ("/", argv, NULL, 0, nm_unblock_posix_signals, NULL, NULL, NULL, &status, &local);
|
||||||
|
+ g_strfreev (argv);
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (!g_spawn_sync ("/", argv, NULL, 0, nm_unblock_posix_signals, NULL, NULL, NULL, &status, &error)) {
|
||||||
|
- nm_log_warn (LOGD_CORE, "could not spawn process '%s': %s", args, error->message);
|
||||||
|
- g_error_free (error);
|
||||||
|
+ if (local) {
|
||||||
|
+ nm_log_warn (LOGD_CORE, "could not spawn process '%s': %s", args, local->message);
|
||||||
|
+ g_propagate_error (error, local);
|
||||||
|
}
|
||||||
|
|
||||||
|
- g_strfreev (argv);
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/src/NetworkManagerUtils.h b/src/NetworkManagerUtils.h
|
||||||
|
index 7be316e..22d665e 100644
|
||||||
|
--- a/src/NetworkManagerUtils.h
|
||||||
|
+++ b/src/NetworkManagerUtils.h
|
||||||
|
@@ -53,7 +53,7 @@ nm_utils_ip6_route_metric_normalize (guint32 metric)
|
||||||
|
return metric ? metric : 1024 /*NM_PLATFORM_ROUTE_METRIC_DEFAULT*/;
|
||||||
|
}
|
||||||
|
|
||||||
|
-int nm_spawn_process (const char *args);
|
||||||
|
+int nm_spawn_process (const char *args, GError **error);
|
||||||
|
|
||||||
|
/* macro to return strlen() of a compile time string. */
|
||||||
|
#define STRLEN(str) ( sizeof ("" str) - 1 )
|
||||||
|
diff --git a/src/dns-manager/nm-dns-manager.c b/src/dns-manager/nm-dns-manager.c
|
||||||
|
index e6984e3..e833ce4 100644
|
||||||
|
--- a/src/dns-manager/nm-dns-manager.c
|
||||||
|
+++ b/src/dns-manager/nm-dns-manager.c
|
||||||
|
@@ -323,12 +323,19 @@ dispatch_netconfig (char **searches,
|
||||||
|
|
||||||
|
again:
|
||||||
|
|
||||||
|
- ret = waitpid (pid, NULL, 0);
|
||||||
|
- if (ret < 0 && errno == EINTR)
|
||||||
|
- goto again;
|
||||||
|
- else if (ret < 0 && errno == ECHILD) {
|
||||||
|
- /* When the netconfig exist, the errno is ECHILD, it should return TRUE */
|
||||||
|
- return TRUE;
|
||||||
|
+ if (waitpid (pid, NULL, 0) < 0) {
|
||||||
|
+ if (errno == EINTR)
|
||||||
|
+ goto again;
|
||||||
|
+ else if (errno == ECHILD) {
|
||||||
|
+ /* child already exited */
|
||||||
|
+ ret = pid;
|
||||||
|
+ } else {
|
||||||
|
+ g_set_error_literal (error,
|
||||||
|
+ NM_MANAGER_ERROR,
|
||||||
|
+ NM_MANAGER_ERROR_FAILED,
|
||||||
|
+ "Error waiting for netconfig to exit: %s",
|
||||||
|
+ strerror (errno));
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
return ret > 0;
|
||||||
|
@@ -344,22 +351,13 @@ write_resolv_conf (FILE *f,
|
||||||
|
{
|
||||||
|
char *searches_str = NULL;
|
||||||
|
char *nameservers_str = NULL;
|
||||||
|
- int i;
|
||||||
|
gboolean retval = FALSE;
|
||||||
|
+ char *tmp_str;
|
||||||
|
GString *str;
|
||||||
|
|
||||||
|
- if (fprintf (f, "%s","# Generated by NetworkManager\n") < 0) {
|
||||||
|
- g_set_error (error,
|
||||||
|
- NM_DNS_MANAGER_ERROR,
|
||||||
|
- NM_DNS_MANAGER_ERROR_SYSTEM,
|
||||||
|
- "Could not write " _PATH_RESCONF ": %s\n",
|
||||||
|
- g_strerror (errno));
|
||||||
|
- return FALSE;
|
||||||
|
- }
|
||||||
|
+ int i;
|
||||||
|
|
||||||
|
if (searches) {
|
||||||
|
- char *tmp_str;
|
||||||
|
-
|
||||||
|
tmp_str = g_strjoinv (" ", searches);
|
||||||
|
searches_str = g_strconcat ("search ", tmp_str, "\n", NULL);
|
||||||
|
g_free (tmp_str);
|
||||||
|
@@ -387,10 +385,17 @@ write_resolv_conf (FILE *f,
|
||||||
|
|
||||||
|
nameservers_str = g_string_free (str, FALSE);
|
||||||
|
|
||||||
|
- if (fprintf (f, "%s%s",
|
||||||
|
+ if (fprintf (f, "# Generated by NetworkManager\n%s%s",
|
||||||
|
searches_str ? searches_str : "",
|
||||||
|
- strlen (nameservers_str) ? nameservers_str : "") != -1)
|
||||||
|
+ nameservers_str) > 0)
|
||||||
|
retval = TRUE;
|
||||||
|
+ else {
|
||||||
|
+ g_set_error (error,
|
||||||
|
+ NM_DNS_MANAGER_ERROR,
|
||||||
|
+ NM_DNS_MANAGER_ERROR_SYSTEM,
|
||||||
|
+ "Could not write " _PATH_RESCONF ": %s\n",
|
||||||
|
+ g_strerror (errno));
|
||||||
|
+ }
|
||||||
|
|
||||||
|
g_free (searches_str);
|
||||||
|
g_free (nameservers_str);
|
||||||
|
@@ -407,9 +412,15 @@ dispatch_resolvconf (char **searches,
|
||||||
|
char *cmd;
|
||||||
|
FILE *f;
|
||||||
|
gboolean retval = FALSE;
|
||||||
|
+ int errnosv, err;
|
||||||
|
|
||||||
|
- if (! g_file_test (RESOLVCONF_PATH, G_FILE_TEST_IS_EXECUTABLE))
|
||||||
|
+ if (!g_file_test (RESOLVCONF_PATH, G_FILE_TEST_IS_EXECUTABLE)) {
|
||||||
|
+ g_set_error_literal (error,
|
||||||
|
+ NM_MANAGER_ERROR,
|
||||||
|
+ NM_MANAGER_ERROR_FAILED,
|
||||||
|
+ RESOLVCONF_PATH " is not executable");
|
||||||
|
return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (searches || nameservers) {
|
||||||
|
cmd = g_strconcat (RESOLVCONF_PATH, " -a ", "NetworkManager", NULL);
|
||||||
|
@@ -423,12 +434,21 @@ dispatch_resolvconf (char **searches,
|
||||||
|
g_strerror (errno));
|
||||||
|
else {
|
||||||
|
retval = write_resolv_conf (f, searches, nameservers, error);
|
||||||
|
- retval &= (pclose (f) == 0);
|
||||||
|
+ err = pclose (f);
|
||||||
|
+ if (err < 0) {
|
||||||
|
+ errnosv = errno;
|
||||||
|
+ g_set_error (error, G_IO_ERROR, g_io_error_from_errno (errnosv),
|
||||||
|
+ "Failed to close pipe to resolvconf: %d", errnosv);
|
||||||
|
+ retval = FALSE;
|
||||||
|
+ } else if (err > 0) {
|
||||||
|
+ nm_log_warn (LOGD_DNS, "resolvconf failed with status %d", err);
|
||||||
|
+ retval = FALSE;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
cmd = g_strconcat (RESOLVCONF_PATH, " -d ", "NetworkManager", NULL);
|
||||||
|
nm_log_info (LOGD_DNS, "Removing DNS information from %s", RESOLVCONF_PATH);
|
||||||
|
- if (nm_spawn_process (cmd) == 0)
|
||||||
|
+ if (nm_spawn_process (cmd, error) == 0)
|
||||||
|
retval = TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -612,8 +632,7 @@ update_dns (NMDnsManager *self,
|
||||||
|
int num, i, len;
|
||||||
|
gboolean success = FALSE, caching = FALSE;
|
||||||
|
|
||||||
|
- g_return_val_if_fail (error != NULL, FALSE);
|
||||||
|
- g_return_val_if_fail (*error == NULL, FALSE);
|
||||||
|
+ g_return_val_if_fail (!error || !*error, FALSE);
|
||||||
|
|
||||||
|
priv = NM_DNS_MANAGER_GET_PRIVATE (self);
|
||||||
|
|
||||||
|
@@ -799,9 +818,7 @@ plugin_failed (NMDnsPlugin *plugin, gpointer user_data)
|
||||||
|
|
||||||
|
/* Disable caching until the next DNS update */
|
||||||
|
if (!update_dns (self, TRUE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -838,9 +855,7 @@ nm_dns_manager_add_ip4_config (NMDnsManager *mgr,
|
||||||
|
priv->configs = g_slist_append (priv->configs, g_object_ref (config));
|
||||||
|
|
||||||
|
if (!priv->updates_queue && !update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -872,9 +887,7 @@ nm_dns_manager_remove_ip4_config (NMDnsManager *mgr, NMIP4Config *config)
|
||||||
|
g_object_unref (config);
|
||||||
|
|
||||||
|
if (!priv->updates_queue && !update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -915,9 +928,7 @@ nm_dns_manager_add_ip6_config (NMDnsManager *mgr,
|
||||||
|
priv->configs = g_slist_append (priv->configs, g_object_ref (config));
|
||||||
|
|
||||||
|
if (!priv->updates_queue && !update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -949,9 +960,7 @@ nm_dns_manager_remove_ip6_config (NMDnsManager *mgr, NMIP6Config *config)
|
||||||
|
g_object_unref (config);
|
||||||
|
|
||||||
|
if (!priv->updates_queue && !update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -994,9 +1003,7 @@ nm_dns_manager_set_hostname (NMDnsManager *mgr,
|
||||||
|
priv->hostname = g_strdup (filtered);
|
||||||
|
|
||||||
|
if (!priv->updates_queue && !update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -1050,9 +1057,7 @@ nm_dns_manager_end_updates (NMDnsManager *mgr, const char *func)
|
||||||
|
/* Commit all the outstanding changes */
|
||||||
|
nm_log_dbg (LOGD_DNS, "(%s): committing DNS changes (%d)", func, priv->updates_queue);
|
||||||
|
if (!update_dns (mgr, FALSE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1152,9 +1157,7 @@ dispose (GObject *object)
|
||||||
|
* DNS updates yet, there's no reason to touch resolv.conf on shutdown.
|
||||||
|
*/
|
||||||
|
if (priv->dns_touched && !update_dns (self, TRUE, &error)) {
|
||||||
|
- nm_log_warn (LOGD_DNS, "could not commit DNS changes on shutdown: (%d) %s",
|
||||||
|
- error ? error->code : -1,
|
||||||
|
- error && error->message ? error->message : "(unknown)");
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes on shutdown: %s", error->message);
|
||||||
|
g_clear_error (&error);
|
||||||
|
priv->dns_touched = FALSE;
|
||||||
|
}
|
||||||
|
diff --git a/src/dns-manager/nm-dns-unbound.c b/src/dns-manager/nm-dns-unbound.c
|
||||||
|
index 137fd20..5520d38 100644
|
||||||
|
--- a/src/dns-manager/nm-dns-unbound.c
|
||||||
|
+++ b/src/dns-manager/nm-dns-unbound.c
|
||||||
|
@@ -40,7 +40,7 @@ update (NMDnsPlugin *plugin,
|
||||||
|
* without calling custom scripts. The dnssec-trigger functionality
|
||||||
|
* may be eventually merged into NetworkManager.
|
||||||
|
*/
|
||||||
|
- return nm_spawn_process ("/usr/libexec/dnssec-trigger-script --async --update") == 0;
|
||||||
|
+ return nm_spawn_process ("/usr/libexec/dnssec-trigger-script --async --update", NULL) == 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static gboolean
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
@ -0,0 +1,67 @@
|
|||||||
|
From e6b47236f00ab91056be9fc3f9b8611fb16d9e57 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dan Williams <dcbw@redhat.com>
|
||||||
|
Date: Thu, 15 Jan 2015 11:38:33 -0600
|
||||||
|
Subject: [PATCH 4/4] dns: refresh DNS if plugin child quits unexpectedly (bgo
|
||||||
|
#728342)
|
||||||
|
|
||||||
|
If the child dies, or something kills the child externally, refresh
|
||||||
|
DNS which should respawn the child, similar to what we do with
|
||||||
|
wpa_supplicant, teamd, etc.
|
||||||
|
|
||||||
|
https://bugzilla.gnome.org/show_bug.cgi?id=728342
|
||||||
|
(cherry picked from commit 09a05f6c3e0b4502252d70cb121654e7312520c5)
|
||||||
|
---
|
||||||
|
src/dns-manager/nm-dns-manager.c | 23 ++++++++++++++++++++++-
|
||||||
|
1 file changed, 22 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/dns-manager/nm-dns-manager.c b/src/dns-manager/nm-dns-manager.c
|
||||||
|
index e833ce4..c81bfd6 100644
|
||||||
|
--- a/src/dns-manager/nm-dns-manager.c
|
||||||
|
+++ b/src/dns-manager/nm-dns-manager.c
|
||||||
|
@@ -823,6 +823,22 @@ plugin_failed (NMDnsPlugin *plugin, gpointer user_data)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+plugin_child_quit (NMDnsPlugin *plugin, int exit_status, gpointer user_data)
|
||||||
|
+{
|
||||||
|
+ NMDnsManager *self = NM_DNS_MANAGER (user_data);
|
||||||
|
+ GError *error = NULL;
|
||||||
|
+
|
||||||
|
+ nm_log_warn (LOGD_DNS, "DNS: plugin %s child quit unexpectedly; refreshing DNS",
|
||||||
|
+ nm_dns_plugin_get_name (plugin));
|
||||||
|
+
|
||||||
|
+ /* Let the plugin try to spawn the child again */
|
||||||
|
+ if (!update_dns (self, FALSE, &error)) {
|
||||||
|
+ nm_log_warn (LOGD_DNS, "could not commit DNS changes: %s", error->message);
|
||||||
|
+ g_clear_error (&error);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
gboolean
|
||||||
|
nm_dns_manager_add_ip4_config (NMDnsManager *mgr,
|
||||||
|
const char *iface,
|
||||||
|
@@ -1139,6 +1155,7 @@ nm_dns_manager_init (NMDnsManager *self)
|
||||||
|
if (priv->plugin) {
|
||||||
|
nm_log_info (LOGD_DNS, "DNS: loaded plugin %s", nm_dns_plugin_get_name (priv->plugin));
|
||||||
|
g_signal_connect (priv->plugin, NM_DNS_PLUGIN_FAILED, G_CALLBACK (plugin_failed), self);
|
||||||
|
+ g_signal_connect (priv->plugin, NM_DNS_PLUGIN_CHILD_QUIT, G_CALLBACK (plugin_child_quit), self);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1149,7 +1166,11 @@ dispose (GObject *object)
|
||||||
|
NMDnsManagerPrivate *priv = NM_DNS_MANAGER_GET_PRIVATE (self);
|
||||||
|
GError *error = NULL;
|
||||||
|
|
||||||
|
- g_clear_object (&priv->plugin);
|
||||||
|
+ if (priv->plugin) {
|
||||||
|
+ g_signal_handlers_disconnect_by_func (priv->plugin, plugin_failed, self);
|
||||||
|
+ g_signal_handlers_disconnect_by_func (priv->plugin, plugin_child_quit, self);
|
||||||
|
+ g_clear_object (&priv->plugin);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* If we're quitting, leave a valid resolv.conf in place, not one
|
||||||
|
* pointing to 127.0.0.1 if any plugins were active. Thus update
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
55
0007-cli-add-PHYS_PORT_ID-property-rh1168573.patch
Normal file
55
0007-cli-add-PHYS_PORT_ID-property-rh1168573.patch
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
From 1974b8b50cf00e706c795a99f13120d509b42a33 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
|
||||||
|
Date: Tue, 14 Apr 2015 12:08:15 +0200
|
||||||
|
Subject: [PATCH] cli: add PHYS_PORT_ID property to devices
|
||||||
|
|
||||||
|
The physical-port-id property was added to libnm (libnm-glib) in commit
|
||||||
|
47cc8b25f2efe015defde7e76e49e67086603bb3.
|
||||||
|
|
||||||
|
(cherry picked from commit 825255361565588a428aad69eb7ea9ffe9475fc2)
|
||||||
|
---
|
||||||
|
cli/src/devices.c | 19 +++++++++++--------
|
||||||
|
1 file changed, 11 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cli/src/devices.c b/cli/src/devices.c
|
||||||
|
index 5a3ab45..3b20186 100644
|
||||||
|
--- a/cli/src/devices.c
|
||||||
|
+++ b/cli/src/devices.c
|
||||||
|
@@ -103,13 +103,15 @@ static NmcOutputField nmc_fields_dev_show_general[] = {
|
||||||
|
{"NM-MANAGED", N_("NM-MANAGED"), 15}, /* 14 */
|
||||||
|
{"AUTOCONNECT", N_("AUTOCONNECT"), 15}, /* 15 */
|
||||||
|
{"FIRMWARE-MISSING", N_("FIRMWARE-MISSING"), 18}, /* 16 */
|
||||||
|
- {"CONNECTION", N_("CONNECTION"), 20}, /* 17 */
|
||||||
|
- {"CON-UUID", N_("CON-UUID"), 38}, /* 18 */
|
||||||
|
- {"CON-PATH", N_("CON-PATH"), 51}, /* 19 */
|
||||||
|
+ {"PHYS-PORT-ID", N_("PHYS-PORT-ID"), 18}, /* 17 */
|
||||||
|
+ {"CONNECTION", N_("CONNECTION"), 20}, /* 18 */
|
||||||
|
+ {"CON-UUID", N_("CON-UUID"), 38}, /* 19 */
|
||||||
|
+ {"CON-PATH", N_("CON-PATH"), 51}, /* 20 */
|
||||||
|
{NULL, NULL, 0}
|
||||||
|
};
|
||||||
|
-#define NMC_FIELDS_DEV_SHOW_GENERAL_ALL "NAME,DEVICE,TYPE,VENDOR,PRODUCT,DRIVER,DRIVER-VERSION,FIRMWARE-VERSION,HWADDR,MTU,STATE,REASON,"\
|
||||||
|
- "UDI,IP-IFACE,NM-MANAGED,AUTOCONNECT,FIRMWARE-MISSING,CONNECTION,CON-UUID,CON-PATH"
|
||||||
|
+#define NMC_FIELDS_DEV_SHOW_GENERAL_ALL "NAME,DEVICE,TYPE,VENDOR,PRODUCT,DRIVER,DRIVER-VERSION,FIRMWARE-VERSION,HWADDR,MTU,"\
|
||||||
|
+ "STATE,REASON,UDI,IP-IFACE,NM-MANAGED,AUTOCONNECT,FIRMWARE-MISSING,PHYS-PORT-ID,"\
|
||||||
|
+ "CONNECTION,CON-UUID,CON-PATH"
|
||||||
|
#define NMC_FIELDS_DEV_SHOW_GENERAL_COMMON "NAME,DEVICE,TYPE,VENDOR,PRODUCT,DRIVER,HWADDR,STATE"
|
||||||
|
|
||||||
|
/* Available fields for 'device show' - CONNECTIONS part */
|
||||||
|
@@ -801,9 +803,10 @@ show_device_info (NMDevice *device, NmCli *nmc)
|
||||||
|
set_val_strc (arr, 14, nm_device_get_managed (device) ? _("yes") : _("no"));
|
||||||
|
set_val_strc (arr, 15, nm_device_get_autoconnect (device) ? _("yes") : _("no"));
|
||||||
|
set_val_strc (arr, 16, nm_device_get_firmware_missing (device) ? _("yes") : _("no"));
|
||||||
|
- set_val_strc (arr, 17, get_active_connection_id (device));
|
||||||
|
- set_val_strc (arr, 18, acon ? nm_active_connection_get_uuid (acon) : NULL);
|
||||||
|
- set_val_strc (arr, 19, acon ? nm_object_get_path (NM_OBJECT (acon)) : NULL);
|
||||||
|
+ set_val_strc (arr, 17, nm_device_get_physical_port_id (device));
|
||||||
|
+ set_val_strc (arr, 18, get_active_connection_id (device));
|
||||||
|
+ set_val_strc (arr, 19, acon ? nm_active_connection_get_uuid (acon) : NULL);
|
||||||
|
+ set_val_strc (arr, 20, acon ? nm_object_get_path (NM_OBJECT (acon)) : NULL);
|
||||||
|
g_ptr_array_add (nmc->output_data, arr);
|
||||||
|
|
||||||
|
print_data (nmc); /* Print all data */
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
153
0008-cli-better-indicate-Wi-Fi-plugin-missing-rh1168573.patch
Normal file
153
0008-cli-better-indicate-Wi-Fi-plugin-missing-rh1168573.patch
Normal file
@ -0,0 +1,153 @@
|
|||||||
|
From e304f04932304f896ca3f95f499217496334ec83 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
|
||||||
|
Date: Tue, 14 Apr 2015 14:35:14 +0200
|
||||||
|
Subject: [PATCH] cli: better indicate when a Wi-Fi plugin might not be
|
||||||
|
available (rh #1168573)
|
||||||
|
|
||||||
|
* print an error message indicating NM Wi-Fi plugin may be missing, for
|
||||||
|
nmcli device wifi ifname <dev-name>
|
||||||
|
nmcli device wifi connect ifname <dev-name>
|
||||||
|
|
||||||
|
* add NM-TYPE to 'nmcli device show' command displaying internal NM device type
|
||||||
|
(like NMDeviceWifi, NMDeviceGeneric, ...)
|
||||||
|
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1168573
|
||||||
|
|
||||||
|
(cherry picked from commit 823df334eda48a8e2cec897d6123f7b2158c12ff)
|
||||||
|
---
|
||||||
|
cli/src/devices.c | 96 +++++++++++++++++++++++++++++++------------------------
|
||||||
|
1 file changed, 55 insertions(+), 41 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cli/src/devices.c b/cli/src/devices.c
|
||||||
|
index 3b20186..71198fb 100644
|
||||||
|
--- a/cli/src/devices.c
|
||||||
|
+++ b/cli/src/devices.c
|
||||||
|
@@ -89,27 +89,28 @@ static NmcOutputField nmc_fields_dev_show_general[] = {
|
||||||
|
{"NAME", N_("NAME"), 10}, /* 0 */
|
||||||
|
{"DEVICE", N_("DEVICE"), 10}, /* 1 */
|
||||||
|
{"TYPE", N_("TYPE"), 17}, /* 2 */
|
||||||
|
- {"VENDOR", N_("VENDOR"), 20}, /* 3 */
|
||||||
|
- {"PRODUCT", N_("PRODUCT"), 50}, /* 4 */
|
||||||
|
- {"DRIVER", N_("DRIVER"), 9}, /* 5 */
|
||||||
|
- {"DRIVER-VERSION", N_("DRIVER-VERSION"), 18}, /* 6 */
|
||||||
|
- {"FIRMWARE-VERSION", N_("FIRMWARE-VERSION"), 18}, /* 7 */
|
||||||
|
- {"HWADDR", N_("HWADDR"), 19}, /* 8 */
|
||||||
|
- {"MTU", N_("MTU"), 10}, /* 9 */
|
||||||
|
- {"STATE", N_("STATE"), 14}, /* 10 */
|
||||||
|
- {"REASON", N_("REASON"), 25}, /* 11 */
|
||||||
|
- {"UDI", N_("UDI"), 64}, /* 12 */
|
||||||
|
- {"IP-IFACE", N_("IP-IFACE"), 10}, /* 13 */
|
||||||
|
- {"NM-MANAGED", N_("NM-MANAGED"), 15}, /* 14 */
|
||||||
|
- {"AUTOCONNECT", N_("AUTOCONNECT"), 15}, /* 15 */
|
||||||
|
- {"FIRMWARE-MISSING", N_("FIRMWARE-MISSING"), 18}, /* 16 */
|
||||||
|
- {"PHYS-PORT-ID", N_("PHYS-PORT-ID"), 18}, /* 17 */
|
||||||
|
- {"CONNECTION", N_("CONNECTION"), 20}, /* 18 */
|
||||||
|
- {"CON-UUID", N_("CON-UUID"), 38}, /* 19 */
|
||||||
|
- {"CON-PATH", N_("CON-PATH"), 51}, /* 20 */
|
||||||
|
+ {"NM-TYPE", N_("NM-TYPE"), 17}, /* 3 */
|
||||||
|
+ {"VENDOR", N_("VENDOR"), 20}, /* 4 */
|
||||||
|
+ {"PRODUCT", N_("PRODUCT"), 50}, /* 5 */
|
||||||
|
+ {"DRIVER", N_("DRIVER"), 9}, /* 6 */
|
||||||
|
+ {"DRIVER-VERSION", N_("DRIVER-VERSION"), 18}, /* 7 */
|
||||||
|
+ {"FIRMWARE-VERSION", N_("FIRMWARE-VERSION"), 18}, /* 8 */
|
||||||
|
+ {"HWADDR", N_("HWADDR"), 19}, /* 9 */
|
||||||
|
+ {"MTU", N_("MTU"), 10}, /* 10 */
|
||||||
|
+ {"STATE", N_("STATE"), 14}, /* 11 */
|
||||||
|
+ {"REASON", N_("REASON"), 25}, /* 12 */
|
||||||
|
+ {"UDI", N_("UDI"), 64}, /* 13 */
|
||||||
|
+ {"IP-IFACE", N_("IP-IFACE"), 10}, /* 14 */
|
||||||
|
+ {"NM-MANAGED", N_("NM-MANAGED"), 15}, /* 15 */
|
||||||
|
+ {"AUTOCONNECT", N_("AUTOCONNECT"), 15}, /* 16 */
|
||||||
|
+ {"FIRMWARE-MISSING", N_("FIRMWARE-MISSING"), 18}, /* 17 */
|
||||||
|
+ {"PHYS-PORT-ID", N_("PHYS-PORT-ID"), 18}, /* 18 */
|
||||||
|
+ {"CONNECTION", N_("CONNECTION"), 20}, /* 19 */
|
||||||
|
+ {"CON-UUID", N_("CON-UUID"), 38}, /* 20 */
|
||||||
|
+ {"CON-PATH", N_("CON-PATH"), 51}, /* 21 */
|
||||||
|
{NULL, NULL, 0}
|
||||||
|
};
|
||||||
|
-#define NMC_FIELDS_DEV_SHOW_GENERAL_ALL "NAME,DEVICE,TYPE,VENDOR,PRODUCT,DRIVER,DRIVER-VERSION,FIRMWARE-VERSION,HWADDR,MTU,"\
|
||||||
|
+#define NMC_FIELDS_DEV_SHOW_GENERAL_ALL "NAME,DEVICE,TYPE,NM-TYPE,VENDOR,PRODUCT,DRIVER,DRIVER-VERSION,FIRMWARE-VERSION,HWADDR,MTU,"\
|
||||||
|
"STATE,REASON,UDI,IP-IFACE,NM-MANAGED,AUTOCONNECT,FIRMWARE-MISSING,PHYS-PORT-ID,"\
|
||||||
|
"CONNECTION,CON-UUID,CON-PATH"
|
||||||
|
#define NMC_FIELDS_DEV_SHOW_GENERAL_COMMON "NAME,DEVICE,TYPE,VENDOR,PRODUCT,DRIVER,HWADDR,STATE"
|
||||||
|
@@ -789,24 +790,25 @@ show_device_info (NMDevice *device, NmCli *nmc)
|
||||||
|
set_val_strc (arr, 0, nmc_fields_dev_show_sections[0].name); /* "GENERAL"*/
|
||||||
|
set_val_strc (arr, 1, nm_device_get_iface (device));
|
||||||
|
set_val_strc (arr, 2, nm_device_get_type_description (device));
|
||||||
|
- set_val_strc (arr, 3, nm_device_get_vendor (device));
|
||||||
|
- set_val_strc (arr, 4, nm_device_get_product (device));
|
||||||
|
- set_val_strc (arr, 5, nm_device_get_driver (device) ? nm_device_get_driver (device) : _("(unknown)"));
|
||||||
|
- set_val_strc (arr, 6, nm_device_get_driver_version (device));
|
||||||
|
- set_val_strc (arr, 7, nm_device_get_firmware_version (device));
|
||||||
|
- set_val_strc (arr, 8, hwaddr ? hwaddr : _("(unknown)"));
|
||||||
|
- set_val_str (arr, 9, mtu_str);
|
||||||
|
- set_val_str (arr, 10, state_str);
|
||||||
|
- set_val_str (arr, 11, reason_str);
|
||||||
|
- set_val_strc (arr, 12, nm_device_get_udi (device));
|
||||||
|
- set_val_strc (arr, 13, nm_device_get_ip_iface (device));
|
||||||
|
- set_val_strc (arr, 14, nm_device_get_managed (device) ? _("yes") : _("no"));
|
||||||
|
- set_val_strc (arr, 15, nm_device_get_autoconnect (device) ? _("yes") : _("no"));
|
||||||
|
- set_val_strc (arr, 16, nm_device_get_firmware_missing (device) ? _("yes") : _("no"));
|
||||||
|
- set_val_strc (arr, 17, nm_device_get_physical_port_id (device));
|
||||||
|
- set_val_strc (arr, 18, get_active_connection_id (device));
|
||||||
|
- set_val_strc (arr, 19, acon ? nm_active_connection_get_uuid (acon) : NULL);
|
||||||
|
- set_val_strc (arr, 20, acon ? nm_object_get_path (NM_OBJECT (acon)) : NULL);
|
||||||
|
+ set_val_strc (arr, 3, G_OBJECT_TYPE_NAME (device));
|
||||||
|
+ set_val_strc (arr, 4, nm_device_get_vendor (device));
|
||||||
|
+ set_val_strc (arr, 5, nm_device_get_product (device));
|
||||||
|
+ set_val_strc (arr, 6, nm_device_get_driver (device) ? nm_device_get_driver (device) : _("(unknown)"));
|
||||||
|
+ set_val_strc (arr, 7, nm_device_get_driver_version (device));
|
||||||
|
+ set_val_strc (arr, 8, nm_device_get_firmware_version (device));
|
||||||
|
+ set_val_strc (arr, 9, hwaddr ? hwaddr : _("(unknown)"));
|
||||||
|
+ set_val_str (arr, 10, mtu_str);
|
||||||
|
+ set_val_str (arr, 11, state_str);
|
||||||
|
+ set_val_str (arr, 12, reason_str);
|
||||||
|
+ set_val_strc (arr, 13, nm_device_get_udi (device));
|
||||||
|
+ set_val_strc (arr, 14, nm_device_get_ip_iface (device));
|
||||||
|
+ set_val_strc (arr, 15, nm_device_get_managed (device) ? _("yes") : _("no"));
|
||||||
|
+ set_val_strc (arr, 16, nm_device_get_autoconnect (device) ? _("yes") : _("no"));
|
||||||
|
+ set_val_strc (arr, 17, nm_device_get_firmware_missing (device) ? _("yes") : _("no"));
|
||||||
|
+ set_val_strc (arr, 18, nm_device_get_physical_port_id (device));
|
||||||
|
+ set_val_strc (arr, 19, get_active_connection_id (device));
|
||||||
|
+ set_val_strc (arr, 20, acon ? nm_active_connection_get_uuid (acon) : NULL);
|
||||||
|
+ set_val_strc (arr, 21, acon ? nm_object_get_path (NM_OBJECT (acon)) : NULL);
|
||||||
|
g_ptr_array_add (nmc->output_data, arr);
|
||||||
|
|
||||||
|
print_data (nmc); /* Print all data */
|
||||||
|
@@ -1752,7 +1754,13 @@ do_device_wifi_list (NmCli *nmc, int argc, char **argv)
|
||||||
|
show_acces_point_info (device, nmc);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
- g_string_printf (nmc->return_text, _("Error: Device '%s' is not a Wi-Fi device."), ifname);
|
||||||
|
+ const char *err_msg;
|
||||||
|
+ if ( nm_device_get_device_type (device) == NM_DEVICE_TYPE_GENERIC
|
||||||
|
+ && g_strcmp0 (nm_device_get_type_description (device), "wifi") == 0)
|
||||||
|
+ err_msg = _("Error: Device '%s' was not recognized as a Wi-Fi device, check NetworkManager Wi-Fi plugin.");
|
||||||
|
+ else
|
||||||
|
+ err_msg = _("Error: Device '%s' is not a Wi-Fi device.");
|
||||||
|
+ g_string_printf (nmc->return_text, err_msg, ifname);
|
||||||
|
nmc->return_value = NMC_RESULT_ERROR_UNKNOWN;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
@@ -2317,9 +2325,15 @@ do_device_wifi_rescan (NmCli *nmc, int argc, char **argv)
|
||||||
|
device = find_wifi_device_by_iface (devices, ifname, &devices_idx);
|
||||||
|
|
||||||
|
if (!device) {
|
||||||
|
- if (ifname)
|
||||||
|
- g_string_printf (nmc->return_text, _("Error: Device '%s' is not a Wi-Fi device."), ifname);
|
||||||
|
- else
|
||||||
|
+ if (ifname) {
|
||||||
|
+ const char *err_msg;
|
||||||
|
+ if ( nm_device_get_device_type (device) == NM_DEVICE_TYPE_GENERIC
|
||||||
|
+ && g_strcmp0 (nm_device_get_type_description (device), "wifi") == 0)
|
||||||
|
+ err_msg = _("Error: Device '%s' was not recognized as a Wi-Fi device, check NetworkManager Wi-Fi plugin.");
|
||||||
|
+ else
|
||||||
|
+ err_msg = _("Error: Device '%s' is not a Wi-Fi device.");
|
||||||
|
+ g_string_printf (nmc->return_text, err_msg, ifname);
|
||||||
|
+ } else
|
||||||
|
g_string_printf (nmc->return_text, _("Error: No Wi-Fi device found."));
|
||||||
|
nmc->return_value = NMC_RESULT_ERROR_UNKNOWN;
|
||||||
|
goto error;
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
102
0009-CVE-2015-2924-don-t-let-RA-lower-hop-limit-rh1209903.patch
Normal file
102
0009-CVE-2015-2924-don-t-let-RA-lower-hop-limit-rh1209903.patch
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
From d195edb95a543f7eebbd0a164e8ff3bef599370a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Thomas Haller <thaller@redhat.com>
|
||||||
|
Date: Wed, 8 Apr 2015 15:54:30 +0200
|
||||||
|
Subject: [PATCH] platform: don't accept lowering IPv6 hop-limit from RA
|
||||||
|
(CVE-2015-2924)
|
||||||
|
|
||||||
|
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
|
||||||
|
http://seclists.org/oss-sec/2015/q2/46
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1209902
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1209903
|
||||||
|
(cherry picked from commit bdaaf9849b0cacf131b71fa2ae168f5db796874f)
|
||||||
|
|
||||||
|
Conflicts:
|
||||||
|
src/devices/nm-device.c
|
||||||
|
src/nm-iface-helper.c
|
||||||
|
src/platform/nm-platform.h
|
||||||
|
---
|
||||||
|
src/devices/nm-device.c | 10 ++--------
|
||||||
|
src/platform/nm-platform.c | 32 ++++++++++++++++++++++++++++++++
|
||||||
|
src/platform/nm-platform.h | 2 ++
|
||||||
|
3 files changed, 36 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
|
||||||
|
index 7ab51e4..8cdf01b 100644
|
||||||
|
--- a/src/devices/nm-device.c
|
||||||
|
+++ b/src/devices/nm-device.c
|
||||||
|
@@ -3716,14 +3716,8 @@ rdisc_config_changed (NMRDisc *rdisc, NMRDiscConfigMap changed, NMDevice *device
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* hop_limit == 0 is a special value "unspecified", so do not touch
|
||||||
|
- * in this case */
|
||||||
|
- if (changed & NM_RDISC_CONFIG_HOP_LIMIT && rdisc->hop_limit > 0) {
|
||||||
|
- char val[16];
|
||||||
|
-
|
||||||
|
- g_snprintf (val, sizeof (val), "%d", rdisc->hop_limit);
|
||||||
|
- nm_device_ipv6_sysctl_set (device, "hop_limit", val);
|
||||||
|
- }
|
||||||
|
+ if (changed & NM_RDISC_CONFIG_HOP_LIMIT)
|
||||||
|
+ nm_platform_sysctl_set_ip6_hop_limit_safe (nm_device_get_ip_iface (device), rdisc->hop_limit);
|
||||||
|
|
||||||
|
nm_device_activate_schedule_ip6_config_result (device);
|
||||||
|
}
|
||||||
|
diff --git a/src/platform/nm-platform.c b/src/platform/nm-platform.c
|
||||||
|
index e95d6af..9629d9d 100644
|
||||||
|
--- a/src/platform/nm-platform.c
|
||||||
|
+++ b/src/platform/nm-platform.c
|
||||||
|
@@ -240,6 +240,38 @@ nm_platform_sysctl_set (const char *path, const char *value)
|
||||||
|
return klass->sysctl_set (platform, path, value);
|
||||||
|
}
|
||||||
|
|
||||||
|
+gboolean
|
||||||
|
+nm_platform_sysctl_set_ip6_hop_limit_safe (const char *iface, int value)
|
||||||
|
+{
|
||||||
|
+ const char *path;
|
||||||
|
+ gint64 cur;
|
||||||
|
+
|
||||||
|
+ /* the hop-limit provided via RA is uint8. */
|
||||||
|
+ if (value > 0xFF)
|
||||||
|
+ return FALSE;
|
||||||
|
+
|
||||||
|
+ /* don't allow unreasonable small values */
|
||||||
|
+ if (value < 10)
|
||||||
|
+ return FALSE;
|
||||||
|
+
|
||||||
|
+ path = nm_utils_ip6_property_path (iface, "hop_limit");
|
||||||
|
+ cur = nm_platform_sysctl_get_int_checked (path, 10, 1, G_MAXINT32, -1);
|
||||||
|
+
|
||||||
|
+ /* only allow increasing the hop-limit to avoid DOS by an attacker
|
||||||
|
+ * setting a low hop-limit (CVE-2015-2924, rh#1209902) */
|
||||||
|
+
|
||||||
|
+ if (value < cur)
|
||||||
|
+ return FALSE;
|
||||||
|
+ if (value != cur) {
|
||||||
|
+ char svalue[20];
|
||||||
|
+
|
||||||
|
+ sprintf (svalue, "%d", value);
|
||||||
|
+ nm_platform_sysctl_set (path, svalue);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return TRUE;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/**
|
||||||
|
* nm_platform_sysctl_get:
|
||||||
|
* @path: Absolute path to sysctl
|
||||||
|
diff --git a/src/platform/nm-platform.h b/src/platform/nm-platform.h
|
||||||
|
index 275557c..6a1e503 100644
|
||||||
|
--- a/src/platform/nm-platform.h
|
||||||
|
+++ b/src/platform/nm-platform.h
|
||||||
|
@@ -504,6 +504,8 @@ char *nm_platform_sysctl_get (const char *path);
|
||||||
|
gint32 nm_platform_sysctl_get_int32 (const char *path, gint32 fallback);
|
||||||
|
gint64 nm_platform_sysctl_get_int_checked (const char *path, guint base, gint64 min, gint64 max, gint64 fallback);
|
||||||
|
|
||||||
|
+gboolean nm_platform_sysctl_set_ip6_hop_limit_safe (const char *iface, int value);
|
||||||
|
+
|
||||||
|
gboolean nm_platform_link_get (int ifindex, NMPlatformLink *link);
|
||||||
|
GArray *nm_platform_link_get_all (void);
|
||||||
|
gboolean nm_platform_dummy_add (const char *name);
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
29
0010-load-libnl-3.so.200-rh1205195.patch
Normal file
29
0010-load-libnl-3.so.200-rh1205195.patch
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
From 15420eb0a2c5b3ba248068e33b5464c3f7d2e752 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
|
||||||
|
Date: Wed, 25 Mar 2015 15:30:57 +0100
|
||||||
|
Subject: [PATCH] platform: load libnl-3.so.200, not libnl-3.so (rh #1205195)
|
||||||
|
|
||||||
|
libnl-3.so link is only present in devel package (libnl3-devel).
|
||||||
|
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1205195
|
||||||
|
(cherry picked from commit d767fb160c36bd9dc339e343ebac58274204ad4f)
|
||||||
|
---
|
||||||
|
src/platform/nm-linux-platform.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c
|
||||||
|
index cf2164d..0f8b80d 100644
|
||||||
|
--- a/src/platform/nm-linux-platform.c
|
||||||
|
+++ b/src/platform/nm-linux-platform.c
|
||||||
|
@@ -113,7 +113,7 @@ _nl_get_vtable ()
|
||||||
|
if (G_UNLIKELY (!vtable.f_nl_has_capability)) {
|
||||||
|
void *handle;
|
||||||
|
|
||||||
|
- handle = dlopen ("libnl-3.so", RTLD_LAZY | RTLD_NOLOAD);
|
||||||
|
+ handle = dlopen ("libnl-3.so.200", RTLD_LAZY | RTLD_NOLOAD);
|
||||||
|
if (handle) {
|
||||||
|
vtable.handle = handle;
|
||||||
|
vtable.f_nl_has_capability = dlsym (handle, "nl_has_capability");
|
||||||
|
--
|
||||||
|
2.4.0
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
[connectivity]
|
[connectivity]
|
||||||
uri=http://fedoraproject.org/static/hotspot.txt
|
uri=https://fedoraproject.org/static/hotspot.txt
|
||||||
response=OK
|
response=OK
|
||||||
|
interval=300
|
||||||
|
@ -1,19 +1,18 @@
|
|||||||
%define dbus_version 1.1
|
%define dbus_version 1.1
|
||||||
%define dbus_glib_version 0.100
|
%define dbus_glib_version 0.104
|
||||||
|
|
||||||
%define glib2_version 2.32.0
|
%define glib2_version 2.32.0
|
||||||
%define wireless_tools_version 1:28-0pre9
|
%define wireless_tools_version 1:28-0pre9
|
||||||
%define libnl3_version 3.2.7
|
%define libnl3_version 3.2.25-5
|
||||||
|
|
||||||
%define ppp_version 2.4.5
|
%define ppp_version 2.4.5
|
||||||
%if (0%{?fedora} && 0%{?fedora} > 20)
|
%if (0%{?fedora} && 0%{?fedora} > 20)
|
||||||
%define ppp_version 2.4.6
|
%define ppp_version 2.4.7
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%define snapshot .git20140704
|
%define snapshot %{nil}
|
||||||
%define git_sha 6eb82acd
|
%define realversion 0.9.10.2
|
||||||
%define realversion 0.9.10.0
|
%define release_version 5
|
||||||
%define release_version 1
|
|
||||||
%define epoch_version 1
|
%define epoch_version 1
|
||||||
|
|
||||||
%define obsoletes_nmver 1:0.9.9.95-1
|
%define obsoletes_nmver 1:0.9.9.95-1
|
||||||
@ -61,23 +60,45 @@
|
|||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
|
|
||||||
%define git_sha_version %(test -n '%{git_sha}' && echo '.%{git_sha}')
|
%define git_sha_version %{?git_sha:.%{git_sha}}
|
||||||
|
|
||||||
Name: NetworkManager
|
Name: NetworkManager
|
||||||
Summary: Network connection manager and user applications
|
Summary: Network connection manager and user applications
|
||||||
Epoch: %{epoch_version}
|
Epoch: %{epoch_version}
|
||||||
Version: %{realversion}
|
Version: %{realversion}
|
||||||
Release: %{release_version}%{snapshot}%{?dist}.1
|
Release: %{release_version}%{?snapshot}%{?dist}
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://www.gnome.org/projects/NetworkManager/
|
URL: http://www.gnome.org/projects/NetworkManager/
|
||||||
|
|
||||||
Source: %{name}-%{realversion}%{snapshot}%{git_sha_version}.tar.bz2
|
Source0: https://download.gnome.org/sources/%{name}/0.9/%{name}-%{realversion}%{?snapshot}%{git_sha_version}.tar.xz
|
||||||
Source1: NetworkManager.conf
|
Source1: NetworkManager.conf
|
||||||
Source2: 00-server.conf
|
Source2: 00-server.conf
|
||||||
Source3: 20-connectivity-fedora.conf
|
Source3: 20-connectivity-fedora.conf
|
||||||
|
|
||||||
Patch1: 0001-explain-dns1-dns2.patch
|
# Not upstream.
|
||||||
|
Patch0: 0000-explain-dns1-dns2.patch
|
||||||
|
Patch1: 0001-connectivity-disable-HTTP-keepalive-for-connectivity.patch
|
||||||
|
Patch2: rh1203904-NM-loop-fix.patch
|
||||||
|
|
||||||
|
# Cherry-picks from upstream:
|
||||||
|
# http://cgit.freedesktop.org/NetworkManager/NetworkManager/log/?h=nm-0-9-10
|
||||||
|
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1161232
|
||||||
|
Patch3: 0003-kill-dns-plugin-child-synchronously-rh1161232.patch
|
||||||
|
Patch4: 0004-refactor-building-IP-config-lists-for-dns-plugins-rh1161232.patch
|
||||||
|
Patch5: 0005-ensure-that-update_dns-always-returns-a-GError-rh1161232.patch
|
||||||
|
Patch6: 0006-refresh-DNS-if-plugin-child-quits-unexpectedly-rh1161232.patch
|
||||||
|
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1168573
|
||||||
|
Patch7: 0007-cli-add-PHYS_PORT_ID-property-rh1168573.patch
|
||||||
|
Patch8: 0008-cli-better-indicate-Wi-Fi-plugin-missing-rh1168573.patch
|
||||||
|
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1209903
|
||||||
|
Patch9: 0009-CVE-2015-2924-don-t-let-RA-lower-hop-limit-rh1209903.patch
|
||||||
|
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1205195
|
||||||
|
Patch10: 0010-load-libnl-3.so.200-rh1205195.patch
|
||||||
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
|
|
||||||
@ -139,13 +160,16 @@ BuildRequires: libuuid-devel
|
|||||||
BuildRequires: libgudev1-devel >= 143
|
BuildRequires: libgudev1-devel >= 143
|
||||||
BuildRequires: vala-tools
|
BuildRequires: vala-tools
|
||||||
BuildRequires: iptables
|
BuildRequires: iptables
|
||||||
|
%if 0%{?with_bluetooth} && 0%{?fedora} > 19
|
||||||
|
BuildRequires: bluez-libs-devel
|
||||||
|
%endif
|
||||||
%if 0%{?with_wimax}
|
%if 0%{?with_wimax}
|
||||||
BuildRequires: wimax-devel
|
BuildRequires: wimax-devel
|
||||||
%endif
|
%endif
|
||||||
BuildRequires: systemd >= 200-3 systemd-devel
|
BuildRequires: systemd >= 200-3 systemd-devel
|
||||||
BuildRequires: libsoup-devel
|
BuildRequires: libsoup-devel
|
||||||
BuildRequires: libndp-devel >= 1.0
|
BuildRequires: libndp-devel >= 1.0
|
||||||
%if 0%{?with_wwan} && (0%{?rhel} || (0%{?fedora} && 0%{?fedora} > 19))
|
%if (0%{?rhel} || (0%{?fedora} && 0%{?fedora} > 19))
|
||||||
BuildRequires: ModemManager-glib-devel >= 1.0
|
BuildRequires: ModemManager-glib-devel >= 1.0
|
||||||
%endif
|
%endif
|
||||||
%if 0%{?with_nmtui}
|
%if 0%{?with_nmtui}
|
||||||
@ -169,6 +193,7 @@ services.
|
|||||||
Summary: ADSL device plugin for NetworkManager
|
Summary: ADSL device plugin for NetworkManager
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
||||||
|
Requires: rp-pppoe
|
||||||
Obsoletes: NetworkManager < %{obsoletes_nmver}
|
Obsoletes: NetworkManager < %{obsoletes_nmver}
|
||||||
Obsoletes: NetworkManager-atm
|
Obsoletes: NetworkManager-atm
|
||||||
|
|
||||||
@ -275,7 +300,6 @@ NetworkManager functionality from applications that use glib.
|
|||||||
%package config-connectivity-fedora
|
%package config-connectivity-fedora
|
||||||
Summary: NetworkManager config file for connectivity checking via Fedora servers
|
Summary: NetworkManager config file for connectivity checking via Fedora servers
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
|
||||||
|
|
||||||
%description config-connectivity-fedora
|
%description config-connectivity-fedora
|
||||||
This adds a NetworkManager configuration file to enable connectivity checking
|
This adds a NetworkManager configuration file to enable connectivity checking
|
||||||
@ -312,7 +336,17 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n NetworkManager-%{realversion}
|
%setup -q -n NetworkManager-%{realversion}
|
||||||
|
|
||||||
%patch1 -p1 -b .0001.explain-dns1-dns2.orig
|
%patch0 -p1 -b .explain-dns1-dns2.orig
|
||||||
|
%patch1 -p1 -b .0001-connectivity-disable-HTTP-keepalive-for-connectivity.orig
|
||||||
|
%patch2 -p1 -b .rh1203904-NM-loop-fix.orig
|
||||||
|
%patch3 -p1 -b .kill-dns-plugin-child-synchronously-rh1161232.orig
|
||||||
|
%patch4 -p1 -b .refactor-building-IP-config-lists-for-dns-plugins-rh1161232.orig
|
||||||
|
%patch5 -p1 -b .ensure-that-update_dns-always-returns-a-GError-rh1161232.orig
|
||||||
|
%patch6 -p1 -b .refresh-DNS-if-plugin-child-quits-unexpectedly-rh1161232.orig
|
||||||
|
%patch7 -p1 -b .cli-add-PHYS_PORT_ID-property-rh1168573.orig
|
||||||
|
%patch8 -p1 -b .cli-better-indicate-Wi-Fi-plugin-missing-rh1168573.orig
|
||||||
|
%patch9 -p1 -b .CVE-2015-2924-don-t-let-RA-lower-hop-limit-rh1209903.orig
|
||||||
|
%patch10 -p1 -b .load-libnl-3.so.200-rh1205195.orig
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
|
||||||
@ -322,8 +356,9 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
|
|||||||
%{__cp} -R docs ORIG-docs
|
%{__cp} -R docs ORIG-docs
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
#autopoint --force
|
autoreconf -f -i
|
||||||
#intltoolize --force
|
autopoint --force
|
||||||
|
intltoolize --force
|
||||||
%configure \
|
%configure \
|
||||||
--disable-static \
|
--disable-static \
|
||||||
--with-dhclient=yes \
|
--with-dhclient=yes \
|
||||||
@ -565,13 +600,14 @@ fi
|
|||||||
|
|
||||||
%files config-connectivity-fedora
|
%files config-connectivity-fedora
|
||||||
%defattr(-,root,root,0755)
|
%defattr(-,root,root,0755)
|
||||||
|
%dir %{_sysconfdir}/%{name}
|
||||||
%dir %{_sysconfdir}/%{name}/conf.d
|
%dir %{_sysconfdir}/%{name}/conf.d
|
||||||
%config %{_sysconfdir}/%{name}/conf.d/20-connectivity-fedora.conf
|
%config(noreplace) %{_sysconfdir}/%{name}/conf.d/20-connectivity-fedora.conf
|
||||||
|
|
||||||
%files config-server
|
%files config-server
|
||||||
%defattr(-,root,root,0755)
|
%defattr(-,root,root,0755)
|
||||||
%dir %{_sysconfdir}/%{name}/conf.d
|
%dir %{_sysconfdir}/%{name}/conf.d
|
||||||
%config %{_sysconfdir}/%{name}/conf.d/00-server.conf
|
%config(noreplace) %{_sysconfdir}/%{name}/conf.d/00-server.conf
|
||||||
|
|
||||||
%if 0%{?with_nmtui}
|
%if 0%{?with_nmtui}
|
||||||
%files tui
|
%files tui
|
||||||
@ -582,6 +618,90 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon May 11 2015 Lubomir Rintel <lkundrak@v3.sk> - 1:0.9.10.2-5
|
||||||
|
- The split DNS patches are now upstream (rh #1161232)
|
||||||
|
|
||||||
|
* Wed May 6 2015 Lubomir Rintel <lkundrak@v3.sk> - 1:0.9.10.2-4
|
||||||
|
- Fix split DNS configuration with dnsmasq and VPN connections (rh #1161232)
|
||||||
|
- Fix indication that a WiFi plugin is missing (rh #1168573)
|
||||||
|
- Don't let IPv6 Router Advertisements lower Hop Limit (CVE-2015-2924) (rh #1209903)
|
||||||
|
- User a proper SONAME when loading libnl (rh #1205195)
|
||||||
|
|
||||||
|
* Fri Mar 20 2015 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.2-3
|
||||||
|
- Fix NetworkManager loop when 0.0.0.0/1 is added (rh #1203924)
|
||||||
|
|
||||||
|
* Tue Mar 17 2015 Stef Walter <stefw@redhat.com> - 1:0.9.10.2-3
|
||||||
|
- Fix dbus-glib dependency
|
||||||
|
|
||||||
|
* Mon Mar 16 2015 Dan Williams <dcbw@redhat.com> - 1:0.9.10.2-2
|
||||||
|
- Turn off keepalive for connectivity checking
|
||||||
|
|
||||||
|
* Wed Mar 4 2015 Dan Williams <dcbw@redhat.com> - 1:0.9.10.2-1
|
||||||
|
- Update to 0.9.10.2 release
|
||||||
|
|
||||||
|
* Thu Feb 19 2015 Dan Williams <dcbw@redhat.com> - 1:0.9.10.1-3
|
||||||
|
- Update to 0.9.10.2 pre-release snapshot
|
||||||
|
|
||||||
|
* Fri Jan 23 2015 Lubomir Rintel <lkundrak@v3.sk> - 1:0.9.10.1-2
|
||||||
|
- Update to 0.9.10.1, a 0.9.10.2 release candidate 1 tarball
|
||||||
|
|
||||||
|
* Thu Jan 15 2015 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.1-1.4.20150115git
|
||||||
|
- connectivity: fix an connectivity check endless loop (bgo #742823)
|
||||||
|
|
||||||
|
* Thu Jan 15 2015 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.1-1.3.20150115git
|
||||||
|
- update to latest snapshot of 0.9.10
|
||||||
|
- dhcp: fix connection failures due to stale dhclient lease (rh #1181477)
|
||||||
|
|
||||||
|
* Fri Jan 9 2015 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.1-1.2.20150109git
|
||||||
|
- dhcp: fix killing wrong process ID on dhclient release (rh #1179913)
|
||||||
|
|
||||||
|
* Mon Jan 5 2015 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.1-1.git20150105
|
||||||
|
- update to latest snapshot of 0.9.10
|
||||||
|
- dhcp: fix dhclient abnormal exit due to SIGPIPE (bgo #735962) (rh #1178666)
|
||||||
|
|
||||||
|
* Mon Nov 24 2014 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.0-14.git20140704
|
||||||
|
- vpn: propagate daemon exec error correctly (bgo #739436)
|
||||||
|
- core: do not assert when a device is enslaved externally (rh #1167345)
|
||||||
|
|
||||||
|
* Thu Nov 6 2014 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.0-13.git20140704
|
||||||
|
- cli: fix crash in `nmcli device wifi` with multiple wifi devices (rh #1159408)
|
||||||
|
|
||||||
|
* Wed Oct 29 2014 Dan Winship <danw@redhat.com> - 1:0.9.10.0-12.git20140704
|
||||||
|
- platform: fix a routing-related bug that could cause NM and other apps to spin (rh #1151665)
|
||||||
|
|
||||||
|
* Wed Oct 29 2014 Lubomir Rintel <lkundrak@v3.sk> 1:0.9.10.0-11.git20140704
|
||||||
|
- Fix IPv6 next hop default setting
|
||||||
|
|
||||||
|
* Fri Oct 24 2014 Lubomir Rintel <lkundrak@v3.sk> 1:0.9.10.0-10.git20140704
|
||||||
|
- Avoid unowned /etc/NetworkManager in config-connectivity-fedora
|
||||||
|
|
||||||
|
* Thu Oct 23 2014 Adam Williamson <awilliam@redhat.com> - 1:0.9.10.0-9.git20140704
|
||||||
|
- connectivity-fedora: don't require NetworkManager (#1156198)
|
||||||
|
|
||||||
|
* Thu Oct 16 2014 Lubomir Rintel <lkundrak@v3.sk> 1:0.9.10.0-8.git20140704
|
||||||
|
- bluetooth: Restore DUN support (rh #1055628)
|
||||||
|
|
||||||
|
* Mon Oct 06 2014 Stef Walter <stefw@redhat.com> - 1:0.9.10.0-7.git20140704
|
||||||
|
- Allow non-local users network control after PolicyKit authentication (rh #1145646)
|
||||||
|
|
||||||
|
* Fri Sep 5 2014 Jiří Klimeš <jklimes@redhat.com> - 1:0.9.10.0-6.git20140704
|
||||||
|
- connectivity: use HTTPS for connectivity checking (rh #113577)
|
||||||
|
|
||||||
|
* Sat Aug 30 2014 Peter Robinson <pbrobinson@fedoraproject.org> 1:0.9.10.0-5.git20140704
|
||||||
|
- adsl plugin needs rp-pppoe to work
|
||||||
|
|
||||||
|
* Mon Aug 18 2014 Dan Horák <dan[at]danny.cz> - 1:0.9.10.0-4.git20140704
|
||||||
|
- always include ModemManager-glib-devel (#1129632)
|
||||||
|
|
||||||
|
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.9.10.0-3.git20140704.1
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Aug 11 2014 Kalev Lember <kalevlember@gmail.com> - 1:0.9.10.0-3.git20140704
|
||||||
|
- Rebuilt for ppp 2.4.7
|
||||||
|
|
||||||
|
* Wed Jul 30 2014 Dan Williams <dcbw@redhat.com> - 1:0.9.10.0-2.git20140704
|
||||||
|
- connectivity: ensure interval is set to enable connectivity checking (rh #1123772)
|
||||||
|
|
||||||
* Tue Jul 22 2014 Kalev Lember <kalevlember@gmail.com> - 1:0.9.10.0-1.git20140704.1
|
* Tue Jul 22 2014 Kalev Lember <kalevlember@gmail.com> - 1:0.9.10.0-1.git20140704.1
|
||||||
- Rebuilt for gobject-introspection 1.41.4
|
- Rebuilt for gobject-introspection 1.41.4
|
||||||
|
|
||||||
|
1371
makerepo.gitignore
1371
makerepo.gitignore
File diff suppressed because it is too large
Load Diff
113
rh1203904-NM-loop-fix.patch
Normal file
113
rh1203904-NM-loop-fix.patch
Normal file
@ -0,0 +1,113 @@
|
|||||||
|
From 5a09a1205cea2c5d223f97f5d91a2e46d91c55ce Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Ji=C5=99=C3=AD=20Klime=C5=A1?= <jklimes@redhat.com>
|
||||||
|
Date: Fri, 20 Mar 2015 14:02:19 +0100
|
||||||
|
Subject: [PATCH] libnm-util: allow 0.0.0.0/1 route in verify() (rh #1203904)
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
OpenVPN uses a trick to override default route by adding these two routes:
|
||||||
|
0.0.0.0/1 and 128.0.0.0/1.
|
||||||
|
We should allow this and only refuse real default route (i.e. prefix == 0).
|
||||||
|
|
||||||
|
Also verify IPv6 addresses and routes.
|
||||||
|
|
||||||
|
See:
|
||||||
|
man openvpn (search for def1)
|
||||||
|
https://community.openvpn.net/openvpn/wiki/IgnoreRedirectGateway
|
||||||
|
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1203904
|
||||||
|
|
||||||
|
(cherry picked from commit ba35c63db60aa652528e492aa483c971b9217f1e)
|
||||||
|
Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
|
||||||
|
---
|
||||||
|
libnm-util/nm-setting-ip4-config.c | 10 ---------
|
||||||
|
libnm-util/nm-setting-ip6-config.c | 44 ++++++++++++++++++++++++++++++++++++++
|
||||||
|
2 files changed, 44 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libnm-util/nm-setting-ip4-config.c b/libnm-util/nm-setting-ip4-config.c
|
||||||
|
index 26ce4e5..c967f62 100644
|
||||||
|
--- a/libnm-util/nm-setting-ip4-config.c
|
||||||
|
+++ b/libnm-util/nm-setting-ip4-config.c
|
||||||
|
@@ -1018,16 +1018,6 @@ verify (NMSetting *setting, GSList *all_settings, GError **error)
|
||||||
|
NMIP4Route *route = (NMIP4Route *) iter->data;
|
||||||
|
guint32 prefix = nm_ip4_route_get_prefix (route);
|
||||||
|
|
||||||
|
- if (!nm_ip4_route_get_dest (route)) {
|
||||||
|
- g_set_error (error,
|
||||||
|
- NM_SETTING_IP4_CONFIG_ERROR,
|
||||||
|
- NM_SETTING_IP4_CONFIG_ERROR_INVALID_PROPERTY,
|
||||||
|
- _("%d. route is invalid"),
|
||||||
|
- i+1);
|
||||||
|
- g_prefix_error (error, "%s.%s: ", NM_SETTING_IP4_CONFIG_SETTING_NAME, NM_SETTING_IP4_CONFIG_ROUTES);
|
||||||
|
- return FALSE;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
if (!prefix || prefix > 32) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_SETTING_IP4_CONFIG_ERROR,
|
||||||
|
diff --git a/libnm-util/nm-setting-ip6-config.c b/libnm-util/nm-setting-ip6-config.c
|
||||||
|
index 78be723..fb35932 100644
|
||||||
|
--- a/libnm-util/nm-setting-ip6-config.c
|
||||||
|
+++ b/libnm-util/nm-setting-ip6-config.c
|
||||||
|
@@ -804,6 +804,8 @@ static gboolean
|
||||||
|
verify (NMSetting *setting, GSList *all_settings, GError **error)
|
||||||
|
{
|
||||||
|
NMSettingIP6ConfigPrivate *priv = NM_SETTING_IP6_CONFIG_GET_PRIVATE (setting);
|
||||||
|
+ GSList *iter;
|
||||||
|
+ int i;
|
||||||
|
|
||||||
|
if (!priv->method) {
|
||||||
|
g_set_error_literal (error,
|
||||||
|
@@ -878,6 +880,48 @@ verify (NMSetting *setting, GSList *all_settings, GError **error)
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* Validate addresses */
|
||||||
|
+ for (iter = priv->addresses, i = 0; iter; iter = g_slist_next (iter), i++) {
|
||||||
|
+ NMIP6Address *addr = (NMIP6Address *) iter->data;
|
||||||
|
+ guint32 prefix = nm_ip6_address_get_prefix (addr);
|
||||||
|
+
|
||||||
|
+ if (IN6_IS_ADDR_UNSPECIFIED (nm_ip6_address_get_address (addr))) {
|
||||||
|
+ g_set_error (error,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR_INVALID_PROPERTY,
|
||||||
|
+ _("%d. IPv6 address is invalid"),
|
||||||
|
+ i+1);
|
||||||
|
+ g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP6_CONFIG_ADDRESSES);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!prefix || prefix > 128) {
|
||||||
|
+ g_set_error (error,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR_INVALID_PROPERTY,
|
||||||
|
+ _("%d. IPv6 address has invalid prefix"),
|
||||||
|
+ i+1);
|
||||||
|
+ g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP6_CONFIG_ADDRESSES);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Validate routes */
|
||||||
|
+ for (iter = priv->routes, i = 0; iter; iter = g_slist_next (iter), i++) {
|
||||||
|
+ NMIP6Route *route = (NMIP6Route *) iter->data;
|
||||||
|
+ guint32 prefix = nm_ip6_route_get_prefix (route);
|
||||||
|
+
|
||||||
|
+ if (!prefix || prefix > 128) {
|
||||||
|
+ g_set_error (error,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR,
|
||||||
|
+ NM_SETTING_IP6_CONFIG_ERROR_INVALID_PROPERTY,
|
||||||
|
+ _("%d. route has invalid prefix"),
|
||||||
|
+ i+1);
|
||||||
|
+ g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP6_CONFIG_ROUTES);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.1.0
|
||||||
|
|
Loading…
Reference in New Issue
Block a user