Compare commits
6 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
c7129b6cc7 | ||
|
b0b96b60c2 | ||
|
8c6adc201c | ||
|
7f5da6cd9a | ||
|
c83e236863 | ||
|
a14f6a38fc |
2
.gitignore
vendored
2
.gitignore
vendored
@ -340,3 +340,5 @@ network-manager-applet-0.8.1.tar.bz2
|
|||||||
/NetworkManager-1.8.0.tar.xz
|
/NetworkManager-1.8.0.tar.xz
|
||||||
/NetworkManager-1.8.2.tar.xz
|
/NetworkManager-1.8.2.tar.xz
|
||||||
/NetworkManager-1.8.4.tar.xz
|
/NetworkManager-1.8.4.tar.xz
|
||||||
|
/NetworkManager-1.8.6.tar.xz
|
||||||
|
/NetworkManager-1.8.8.tar.xz
|
||||||
|
327
0001-dhcp-CVE-2018-15688.patch
Normal file
327
0001-dhcp-CVE-2018-15688.patch
Normal file
@ -0,0 +1,327 @@
|
|||||||
|
From aff13dd42efe390d72ad7a9605b06e44fefddfeb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Thomas Haller <thaller@redhat.com>
|
||||||
|
Date: Mon, 10 Sep 2018 15:22:28 +0200
|
||||||
|
Subject: [PATCH 1/6] systemd/dhcp: fix assertion starting DHCP client without
|
||||||
|
MAC address
|
||||||
|
|
||||||
|
An assertion in dhcp_network_bind_raw_socket() is triggered when
|
||||||
|
starting an sd_dhcp_client without setting setting a MAC address
|
||||||
|
first.
|
||||||
|
|
||||||
|
- sd_dhcp_client_start()
|
||||||
|
- client_start()
|
||||||
|
- client_start_delayed()
|
||||||
|
- dhcp_network_bind_raw_socket()
|
||||||
|
|
||||||
|
In that case, the arp-type and MAC address is still unset. Note that
|
||||||
|
dhcp_network_bind_raw_socket() already checks for a valid arp-type
|
||||||
|
and MAC address below, so we should just gracefully return -EINVAL.
|
||||||
|
|
||||||
|
Maybe sd_dhcp_client_start() should fail earlier when starting without
|
||||||
|
MAC address. But the failure here will be correctly propagated and
|
||||||
|
the start aborted.
|
||||||
|
|
||||||
|
See-also: https://github.com/systemd/systemd/pull/10054
|
||||||
|
(cherry picked from commit 34af574d5810ab2b0d6d354cbc28135cde4a55b1)
|
||||||
|
(cherry picked from commit 0a797bdc2a592385a21e7ed918c08ef54a346d99)
|
||||||
|
(cherry picked from commit f37ed84ca495ee212b1e82b9c5a5682c4acfebcd)
|
||||||
|
(cherry picked from commit 1031b2bb5c97bd48ff93f85537b3f5ce0f6f64bf)
|
||||||
|
(cherry picked from commit 4ca49f52fae5c7841f873bc0a01d654dc19c2152)
|
||||||
|
---
|
||||||
|
src/systemd/src/libsystemd-network/dhcp-network.c | 2 --
|
||||||
|
1 file changed, 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/dhcp-network.c b/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||||
|
index 7ad0ec375..f0b1b0a22 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||||
|
@@ -142,8 +142,6 @@ int dhcp_network_bind_raw_socket(int ifindex, union sockaddr_union *link,
|
||||||
|
const uint8_t *bcast_addr = NULL;
|
||||||
|
uint8_t dhcp_hlen = 0;
|
||||||
|
|
||||||
|
- assert_return(mac_addr_len > 0, -EINVAL);
|
||||||
|
-
|
||||||
|
if (arp_type == ARPHRD_ETHER) {
|
||||||
|
assert_return(mac_addr_len == ETH_ALEN, -EINVAL);
|
||||||
|
memcpy(ð_mac, mac_addr, ETH_ALEN);
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
||||||
|
|
||||||
|
From 141c3fe8f083449e2a9d223a4f8995ad89ca0501 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Sat, 29 Sep 2018 03:06:10 +0000
|
||||||
|
Subject: [PATCH 2/6] dhcp6: fix an off-by-one error in
|
||||||
|
dhcp6_option_parse_domainname
|
||||||
|
|
||||||
|
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200055fa9c at pc 0x0000005458f1 bp 0x7ffc78940d90 sp 0x7ffc78940d88
|
||||||
|
READ of size 1 at 0x60200055fa9c thread T0
|
||||||
|
#0 0x5458f0 in dhcp6_option_parse_domainname /work/build/../../src/systemd/src/libsystemd-network/dhcp6-option.c:555:29
|
||||||
|
#1 0x54706e in dhcp6_lease_set_domains /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-lease.c:242:13
|
||||||
|
#2 0x53fce0 in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:984:29
|
||||||
|
#3 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
|
||||||
|
#4 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
|
||||||
|
#5 0x7f0f7159deee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
|
||||||
|
#6 0x7f0f7159d431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
|
||||||
|
#7 0x7f0f7159ea8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
|
||||||
|
#8 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
|
||||||
|
#9 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
|
||||||
|
#10 0x57bec8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
|
||||||
|
#11 0x579d67 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
|
||||||
|
#12 0x57dc92 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
|
||||||
|
#13 0x580ca6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
|
||||||
|
#14 0x55e968 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
|
||||||
|
#15 0x551a1c in main /src/libfuzzer/FuzzerMain.cpp:20:10
|
||||||
|
#16 0x7f0f701a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
||||||
|
#17 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)
|
||||||
|
|
||||||
|
https://github.com/systemd/systemd/pull/10200
|
||||||
|
https://github.com/systemd/systemd/commit/b387d3c1327a3ad2a2509bd3d3491e674392ff21
|
||||||
|
(cherry picked from commit 7cb7cffc4962245a32e87017bcf264005c043250)
|
||||||
|
(cherry picked from commit cd3aacefdd0b91741b7b2e7b5ee5baab210addd9)
|
||||||
|
(cherry picked from commit 5b140a77bc7b01dc002dbf28a7a2507a27a63d7c)
|
||||||
|
(cherry picked from commit 0f25f47767794fb179edb9916566a208fbcfcb8f)
|
||||||
|
(cherry picked from commit c13e43979e10e636e3787bf85a4d56fa5187e70d)
|
||||||
|
---
|
||||||
|
src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
index 3a77e34d5..d8812c36f 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
@@ -366,7 +366,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||||
|
/* Literal label */
|
||||||
|
label = (const char *)&optval[pos];
|
||||||
|
pos += c;
|
||||||
|
- if (pos > optlen)
|
||||||
|
+ if (pos >= optlen)
|
||||||
|
return -EMSGSIZE;
|
||||||
|
|
||||||
|
if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX)) {
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
||||||
|
|
||||||
|
From c854e0c2eea17c9d2f49d0c416a25b35186de577 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||||
|
Date: Thu, 27 Sep 2018 18:04:59 +0900
|
||||||
|
Subject: [PATCH 3/6] sd-dhcp-lease: fix memleaks
|
||||||
|
|
||||||
|
(cherry picked from commit e2975f854831d08a25b4f5eb329b6d04102e115f)
|
||||||
|
(cherry picked from commit 157094abd83f933fad142758a7d177cfa1a347f7)
|
||||||
|
(cherry picked from commit 3fd9d11619a5e60d375076fbe13851dd1d3a4a63)
|
||||||
|
(cherry picked from commit 4439f07841bdddc6878132a993c229df032e8e85)
|
||||||
|
(cherry picked from commit cbd0609cc482168912c747bad883ba6d434c2a11)
|
||||||
|
---
|
||||||
|
src/systemd/src/libsystemd-network/sd-dhcp-lease.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||||
|
index 5a3bff2f7..d92441fc5 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||||
|
@@ -277,6 +277,8 @@ sd_dhcp_lease *sd_dhcp_lease_unref(sd_dhcp_lease *lease) {
|
||||||
|
free(option);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ free(lease->root_path);
|
||||||
|
+ free(lease->timezone);
|
||||||
|
free(lease->hostname);
|
||||||
|
free(lease->domainname);
|
||||||
|
free(lease->dns);
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
||||||
|
|
||||||
|
From 4f6f76aa79bb63c6fea356d702e80754e8291728 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||||
|
Date: Fri, 19 Oct 2018 03:42:10 +0900
|
||||||
|
Subject: [PATCH 4/6] sd-dhcp6: make dhcp6_option_parse_domainname() not store
|
||||||
|
empty domain
|
||||||
|
|
||||||
|
This improves performance of fuzzer.
|
||||||
|
C.f. oss-fuzz#11019.
|
||||||
|
|
||||||
|
(cherry picked from commit 3c72b6ed4252e7ff5f7704bfe44557ec197b47fa)
|
||||||
|
(cherry picked from commit 50403cccee28c7dcd54b138a0d3b3f69ea0204fe)
|
||||||
|
(cherry picked from commit f11f5abb1a8b96b553d2d156f8b5cf440695c04d)
|
||||||
|
(cherry picked from commit c836279fca80fb22ca7ef02acaa5b987fee61123)
|
||||||
|
(cherry picked from commit 4ca0e57c46cf6861ec6f6b6c8e0d430edb3fa5b1)
|
||||||
|
(cherry picked from commit 32e71d5bc09494736866fd78606994f8bf93b31d)
|
||||||
|
---
|
||||||
|
.../src/libsystemd-network/dhcp6-option.c | 66 ++++++++-----------
|
||||||
|
1 file changed, 29 insertions(+), 37 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
index d8812c36f..d49624437 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
@@ -353,6 +353,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||||
|
bool first = true;
|
||||||
|
|
||||||
|
for (;;) {
|
||||||
|
+ const char *label;
|
||||||
|
uint8_t c;
|
||||||
|
|
||||||
|
c = optval[pos++];
|
||||||
|
@@ -360,47 +361,41 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||||
|
if (c == 0)
|
||||||
|
/* End of name */
|
||||||
|
break;
|
||||||
|
- else if (c <= 63) {
|
||||||
|
- const char *label;
|
||||||
|
-
|
||||||
|
- /* Literal label */
|
||||||
|
- label = (const char *)&optval[pos];
|
||||||
|
- pos += c;
|
||||||
|
- if (pos >= optlen)
|
||||||
|
- return -EMSGSIZE;
|
||||||
|
-
|
||||||
|
- if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX)) {
|
||||||
|
- r = -ENOMEM;
|
||||||
|
- goto fail;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (first)
|
||||||
|
- first = false;
|
||||||
|
- else
|
||||||
|
- ret[n++] = '.';
|
||||||
|
-
|
||||||
|
- r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
|
||||||
|
- if (r < 0)
|
||||||
|
- goto fail;
|
||||||
|
-
|
||||||
|
- n += r;
|
||||||
|
- continue;
|
||||||
|
- } else {
|
||||||
|
- r = -EBADMSG;
|
||||||
|
- goto fail;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
+ if (c > 63)
|
||||||
|
+ return -EBADMSG;
|
||||||
|
+
|
||||||
|
+ /* Literal label */
|
||||||
|
+ label = (const char *)&optval[pos];
|
||||||
|
+ pos += c;
|
||||||
|
+ if (pos >= optlen)
|
||||||
|
+ return -EMSGSIZE;
|
||||||
|
+
|
||||||
|
+ if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX))
|
||||||
|
+ return -ENOMEM;
|
||||||
|
+
|
||||||
|
+ if (first)
|
||||||
|
+ first = false;
|
||||||
|
+ else
|
||||||
|
+ ret[n++] = '.';
|
||||||
|
|
||||||
|
- if (!GREEDY_REALLOC(ret, allocated, n + 1)) {
|
||||||
|
- r = -ENOMEM;
|
||||||
|
- goto fail;
|
||||||
|
+ r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
|
||||||
|
+ if (r < 0)
|
||||||
|
+ return r;
|
||||||
|
+
|
||||||
|
+ n += r;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (n == 0)
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
+ if (!GREEDY_REALLOC(ret, allocated, n + 1))
|
||||||
|
+ return -ENOMEM;
|
||||||
|
+
|
||||||
|
ret[n] = 0;
|
||||||
|
|
||||||
|
r = strv_extend(&names, ret);
|
||||||
|
if (r < 0)
|
||||||
|
- goto fail;
|
||||||
|
+ return r;
|
||||||
|
|
||||||
|
idx++;
|
||||||
|
}
|
||||||
|
@@ -409,7 +404,4 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||||
|
names = NULL;
|
||||||
|
|
||||||
|
return idx;
|
||||||
|
-
|
||||||
|
-fail:
|
||||||
|
- return r;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
||||||
|
|
||||||
|
From 017d77c8c6c88fd4cfa1a2f8a2ac03b9a491f314 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Li Song <song.li@honeywell.com>
|
||||||
|
Date: Fri, 19 Oct 2018 13:41:51 -0400
|
||||||
|
Subject: [PATCH 5/6] sd-dhcp: remove unreachable route after rebinding return
|
||||||
|
NAK
|
||||||
|
|
||||||
|
(cherry picked from commit cc3981b1272b9ce37e7d734a7b2f42e84acac535)
|
||||||
|
(cherry picked from commit 915c2f675a23b2ae16d292d1ac570706f76b384d)
|
||||||
|
(cherry picked from commit cb77290a696dce924e2a993690634986ac035490)
|
||||||
|
(cherry picked from commit f211b140a5861ddedc2424946e3ab07d3b642b5f)
|
||||||
|
(cherry picked from commit 1cfefbb99ff3c2ab7a0f54829c6f3f787d9e6d77)
|
||||||
|
(cherry picked from commit f3f5441820d0ecd0ff6861480ace696a6bf34fbd)
|
||||||
|
---
|
||||||
|
src/systemd/src/libsystemd-network/sd-dhcp-client.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-client.c b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||||
|
index 17393e206..c9623a448 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||||
|
@@ -1580,6 +1580,8 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
|
||||||
|
client->timeout_resend =
|
||||||
|
sd_event_source_unref(client->timeout_resend);
|
||||||
|
|
||||||
|
+ client_notify(client, SD_DHCP_CLIENT_EVENT_EXPIRED);
|
||||||
|
+
|
||||||
|
r = client_initialize(client);
|
||||||
|
if (r < 0)
|
||||||
|
goto error;
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
||||||
|
|
||||||
|
From 35b634d535c8f151bcb6add9630305121349802c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Fri, 19 Oct 2018 12:12:33 +0200
|
||||||
|
Subject: [PATCH 6/6] dhcp6: make sure we have enough space for the DHCP6
|
||||||
|
option header
|
||||||
|
|
||||||
|
Fixes a vulnerability originally discovered by Felix Wilhelm from
|
||||||
|
Google.
|
||||||
|
|
||||||
|
CVE-2018-15688
|
||||||
|
LP: #1795921
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1639067
|
||||||
|
|
||||||
|
(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
|
||||||
|
(cherry picked from commit 01ca2053bbea09f35b958c8cc7631e15469acb79)
|
||||||
|
(cherry picked from commit fc230dca139142f409d7bac99dbfabe9b004e2fb)
|
||||||
|
(cherry picked from commit cc1e5a7f5731f223d1eb8473fa0eecbedfc0ae5f)
|
||||||
|
(cherry picked from commit c3221cb0c5b4a2936c198e33b6f7853141991277)
|
||||||
|
(cherry picked from commit f4f765534191ed3c5d8e78b97333f3fd978a2b63)
|
||||||
|
---
|
||||||
|
src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
index d49624437..7615cb80e 100644
|
||||||
|
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||||
|
@@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
|
||||||
|
return -EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (*buflen < len)
|
||||||
|
+ if (*buflen < offsetof(DHCP6Option, data) + len)
|
||||||
|
return -ENOBUFS;
|
||||||
|
|
||||||
|
ia_hdr = *buf;
|
||||||
|
--
|
||||||
|
2.17.1
|
||||||
|
|
@ -1,34 +0,0 @@
|
|||||||
From 69f05c50c5b6ef960a8dcc5790bba4a916180a71 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Iain Lane <iain@orangesquash.org.uk>
|
|
||||||
Date: Wed, 20 Sep 2017 15:01:41 +0100
|
|
||||||
Subject: [PATCH 1/3] manager: Disconnect from signals on the proxy when we're
|
|
||||||
disposed
|
|
||||||
|
|
||||||
We're calling a callback on a proxy after it has been disposed. We
|
|
||||||
should make sure to disconnect from it when we go away.
|
|
||||||
|
|
||||||
https://bugzilla.gnome.org/show_bug.cgi?id=787897
|
|
||||||
(cherry picked from commit 91fa202379b417f146c9b14be7b9b08d2dc83a78)
|
|
||||||
(cherry picked from commit 297862b0e9a6b08e506a9976f2e464f68ba398d2)
|
|
||||||
---
|
|
||||||
libnm/nm-manager.c | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm/nm-manager.c b/libnm/nm-manager.c
|
|
||||||
index d3df73375..294b9de18 100644
|
|
||||||
--- a/libnm/nm-manager.c
|
|
||||||
+++ b/libnm/nm-manager.c
|
|
||||||
@@ -192,8 +192,8 @@ init_dbus (NMObject *object)
|
|
||||||
property_info);
|
|
||||||
|
|
||||||
/* Permissions */
|
|
||||||
- g_signal_connect (priv->proxy, "check-permissions",
|
|
||||||
- G_CALLBACK (manager_recheck_permissions), object);
|
|
||||||
+ g_signal_connect_object (priv->proxy, "check-permissions",
|
|
||||||
+ G_CALLBACK (manager_recheck_permissions), object, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
static NMClientPermission
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,78 +0,0 @@
|
|||||||
From b4f7cca1a3ee02d86ceec4fcea51a9ed349248b6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Iain Lane <iain@orangesquash.org.uk>
|
|
||||||
Date: Fri, 22 Sep 2017 11:48:05 +0100
|
|
||||||
Subject: [PATCH 2/3] {vpn,remote}-connection: disconnect signal handlers when
|
|
||||||
disposed
|
|
||||||
|
|
||||||
GNOME Settings 3.26 is crashing every time a VPN connection changed its
|
|
||||||
state. After some digging, a debug message was put on dispose, and this
|
|
||||||
issue was found:
|
|
||||||
|
|
||||||
libnm-Message: Object 0x55555633c070 disposed
|
|
||||||
libnm-Message: Object 0x55555633c730 disposed
|
|
||||||
libnm-Message: Object 0x55555633eae0 disposed
|
|
||||||
libnm-Message: Object 0x555556340a80 disposed
|
|
||||||
|
|
||||||
Thread 1 "gnome-control-c" received signal SIGSEGV, Segmentation fault.
|
|
||||||
g_type_check_instance_cast (type_instance=type_instance@entry=0x55555633c070, iface_type=93825006537856) at /.../glib/gobject/gtype.c:4057
|
|
||||||
4057 node = lookup_type_node_I (type_instance->g_class->g_type);
|
|
||||||
(gdb) bt
|
|
||||||
|
|
||||||
NetworkManager is calling callbacks on disposed objects, which leads to
|
|
||||||
crashes in clients (e.g. GNOME Settings).
|
|
||||||
|
|
||||||
Fix this issue by disconnecting signal handlers when the objects are
|
|
||||||
disposed.
|
|
||||||
|
|
||||||
Patch originally by Georges Basile Stavracas Neto <georges.stavracas@gmail.com>
|
|
||||||
|
|
||||||
https://bugzilla.gnome.org/show_bug.cgi?id=787893
|
|
||||||
(cherry picked from commit b18896f77048399e7a8b6ddd4fa0961e603836fa)
|
|
||||||
(cherry picked from commit b363a6cfad5996b5436b6f7c1d9337068fcb4c99)
|
|
||||||
---
|
|
||||||
libnm/nm-remote-connection.c | 6 +++---
|
|
||||||
libnm/nm-vpn-connection.c | 4 ++--
|
|
||||||
2 files changed, 5 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm/nm-remote-connection.c b/libnm/nm-remote-connection.c
|
|
||||||
index 0f7ea58ef..5cd42555f 100644
|
|
||||||
--- a/libnm/nm-remote-connection.c
|
|
||||||
+++ b/libnm/nm-remote-connection.c
|
|
||||||
@@ -641,7 +641,7 @@ init_sync (GInitable *initable, GCancellable *cancellable, GError **error)
|
|
||||||
GVariant *settings;
|
|
||||||
|
|
||||||
priv->proxy = NMDBUS_SETTINGS_CONNECTION (_nm_object_get_proxy (NM_OBJECT (initable), NM_DBUS_INTERFACE_SETTINGS_CONNECTION));
|
|
||||||
- g_signal_connect (priv->proxy, "updated", G_CALLBACK (updated_cb), initable);
|
|
||||||
+ g_signal_connect_object (priv->proxy, "updated", G_CALLBACK (updated_cb), initable, 0);
|
|
||||||
|
|
||||||
if (nmdbus_settings_connection_call_get_settings_sync (priv->proxy,
|
|
||||||
&settings,
|
|
||||||
@@ -730,8 +730,8 @@ init_async (GAsyncInitable *initable, int io_priority,
|
|
||||||
priv->proxy = NMDBUS_SETTINGS_CONNECTION (_nm_object_get_proxy (NM_OBJECT (initable),
|
|
||||||
NM_DBUS_INTERFACE_SETTINGS_CONNECTION));
|
|
||||||
|
|
||||||
- g_signal_connect (priv->proxy, "updated",
|
|
||||||
- G_CALLBACK (updated_cb), initable);
|
|
||||||
+ g_signal_connect_object (priv->proxy, "updated",
|
|
||||||
+ G_CALLBACK (updated_cb), initable, 0);
|
|
||||||
|
|
||||||
nmdbus_settings_connection_call_get_settings (NM_REMOTE_CONNECTION_GET_PRIVATE (init_data->initable)->proxy,
|
|
||||||
init_data->cancellable,
|
|
||||||
diff --git a/libnm/nm-vpn-connection.c b/libnm/nm-vpn-connection.c
|
|
||||||
index 814f45f0f..636c39507 100644
|
|
||||||
--- a/libnm/nm-vpn-connection.c
|
|
||||||
+++ b/libnm/nm-vpn-connection.c
|
|
||||||
@@ -144,8 +144,8 @@ init_dbus (NMObject *object)
|
|
||||||
property_info);
|
|
||||||
|
|
||||||
proxy = _nm_object_get_proxy (object, NM_DBUS_INTERFACE_VPN_CONNECTION);
|
|
||||||
- g_signal_connect (proxy, "vpn-state-changed",
|
|
||||||
- G_CALLBACK (vpn_state_changed_proxy), object);
|
|
||||||
+ g_signal_connect_object (proxy, "vpn-state-changed",
|
|
||||||
+ G_CALLBACK (vpn_state_changed_proxy), object, 0);
|
|
||||||
g_object_unref (proxy);
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,31 +0,0 @@
|
|||||||
From fad0790a27d693d02c4b8404f9327608a838b8e6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Mon, 25 Sep 2017 12:15:30 +0200
|
|
||||||
Subject: [PATCH 3/3] cli: fix crash in interactive mode for "describe ."
|
|
||||||
|
|
||||||
https://bugzilla.gnome.org/show_bug.cgi?id=788104
|
|
||||||
(cherry picked from commit 54490be96d77ac2e34d247b58265dd393f5acba7)
|
|
||||||
(cherry picked from commit b18ff17d3d4495722745c701826880bf14672827)
|
|
||||||
---
|
|
||||||
clients/cli/connections.c | 5 ++++-
|
|
||||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/clients/cli/connections.c b/clients/cli/connections.c
|
|
||||||
index a93dc15fc..fac1227b7 100644
|
|
||||||
--- a/clients/cli/connections.c
|
|
||||||
+++ b/clients/cli/connections.c
|
|
||||||
@@ -7387,7 +7387,10 @@ editor_menu_main (NmCli *nmc, NMConnection *connection)
|
|
||||||
} else
|
|
||||||
ss = menu_ctx.curr_setting;
|
|
||||||
|
|
||||||
- if (descr_all) {
|
|
||||||
+ if (!ss) {
|
|
||||||
+ g_print (_("Error: no setting selected; valid are [%s]\n"), valid_settings_str);
|
|
||||||
+ g_print (_("use 'goto <setting>' first, or 'describe <setting>.<property>'\n"));
|
|
||||||
+ } else if (descr_all) {
|
|
||||||
/* Show description for all properties */
|
|
||||||
print_setting_description (ss);
|
|
||||||
} else {
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
|||||||
From 613a88779bf424c9bcae20ccd9c4c04574f37554 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Fri, 29 Sep 2017 17:08:55 +0200
|
|
||||||
Subject: [PATCH 4/5] device: fix delay startup complete for unrealized devices
|
|
||||||
|
|
||||||
Since commit 6845b9b80a9fcec9d2c9e7b56a37329f38089f2e ("device: delay
|
|
||||||
startup complete until device is initialized in platform", we also wait
|
|
||||||
for devices that are still initializing platform/UDEV.
|
|
||||||
|
|
||||||
Obviously, that only applies to realized devices.
|
|
||||||
|
|
||||||
Otherwise, an unrealized device is going to block startup complete.
|
|
||||||
|
|
||||||
Fixes: 6845b9b80a9fcec9d2c9e7b56a37329f38089f2e
|
|
||||||
(cherry picked from commit 9ad8010fe0c42291580e4a801ed85947ae660d38)
|
|
||||||
(cherry picked from commit 0ba498b17dc582dcbd9b7102e03496f391d67812)
|
|
||||||
---
|
|
||||||
src/devices/nm-device.c | 3 ++-
|
|
||||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
|
|
||||||
index bacbfb33e..a085e466d 100644
|
|
||||||
--- a/src/devices/nm-device.c
|
|
||||||
+++ b/src/devices/nm-device.c
|
|
||||||
@@ -12030,7 +12030,8 @@ nm_device_has_pending_action (NMDevice *self)
|
|
||||||
if (priv->pending_actions)
|
|
||||||
return TRUE;
|
|
||||||
|
|
||||||
- if (nm_device_get_unmanaged_flags (self, NM_UNMANAGED_PLATFORM_INIT)) {
|
|
||||||
+ if ( nm_device_is_real (self)
|
|
||||||
+ && nm_device_get_unmanaged_flags (self, NM_UNMANAGED_PLATFORM_INIT)) {
|
|
||||||
/* as long as the platform link is not yet initialized, we have a pending
|
|
||||||
* action. */
|
|
||||||
return TRUE;
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
|||||||
From 7d99bbea013d9f01d764e3394b77f1f709047129 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Beniamino Galvani <bgalvani@redhat.com>
|
|
||||||
Date: Wed, 4 Oct 2017 14:30:57 +0200
|
|
||||||
Subject: [PATCH 5/5] device: fix frozen notify signals on unrealize error path
|
|
||||||
|
|
||||||
If unrealize() failed we returned without thawing notify signals. Fix
|
|
||||||
this by moving g_object_freeze_notify() after the
|
|
||||||
unrealization/deletion but before the properties are reset in
|
|
||||||
unrealize_notify().
|
|
||||||
|
|
||||||
Fixes: a93807c288743f499362f7edfe0674020762811c
|
|
||||||
(cherry picked from commit 24a7f88bc56b66745c1e6b9444df8a80125de059)
|
|
||||||
(cherry picked from commit 5bd8269315fc7d41c62e258689a05bf062c6f592)
|
|
||||||
---
|
|
||||||
src/devices/nm-device.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
|
|
||||||
index a085e466d..6321d2b49 100644
|
|
||||||
--- a/src/devices/nm-device.c
|
|
||||||
+++ b/src/devices/nm-device.c
|
|
||||||
@@ -3257,7 +3257,6 @@ nm_device_unrealize (NMDevice *self, gboolean remove_resources, GError **error)
|
|
||||||
g_return_val_if_fail (priv->iface != NULL, FALSE);
|
|
||||||
g_return_val_if_fail (priv->real, FALSE);
|
|
||||||
|
|
||||||
- g_object_freeze_notify (G_OBJECT (self));
|
|
||||||
|
|
||||||
ifindex = nm_device_get_ifindex (self);
|
|
||||||
|
|
||||||
@@ -3274,6 +3273,7 @@ nm_device_unrealize (NMDevice *self, gboolean remove_resources, GError **error)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
+ g_object_freeze_notify (G_OBJECT (self));
|
|
||||||
NM_DEVICE_GET_CLASS (self)->unrealize_notify (self);
|
|
||||||
|
|
||||||
_parent_set_ifindex (self, 0, FALSE);
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,325 +0,0 @@
|
|||||||
From 5c5876732c51adcf0e1973021bc26a663b240ec9 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Wed, 4 Oct 2017 11:14:48 +0200
|
|
||||||
Subject: [PATCH 6/8] keyfile: minor cleanup in get_one_int() to use
|
|
||||||
_nm_utils_ascii_str_to_int64()
|
|
||||||
|
|
||||||
(cherry picked from commit 72c28cb6bcc26e6a63083e4d92f8f66ee5c121e4)
|
|
||||||
(cherry picked from commit 14f0f23e77219364c0ee7ae692aae35551101ed8)
|
|
||||||
---
|
|
||||||
libnm-core/nm-keyfile-reader.c | 11 +++++------
|
|
||||||
1 file changed, 5 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm-core/nm-keyfile-reader.c b/libnm-core/nm-keyfile-reader.c
|
|
||||||
index eb257eeb1..15a0e406f 100644
|
|
||||||
--- a/libnm-core/nm-keyfile-reader.c
|
|
||||||
+++ b/libnm-core/nm-keyfile-reader.c
|
|
||||||
@@ -133,8 +133,7 @@ read_array_of_uint (GKeyFile *file,
|
|
||||||
static gboolean
|
|
||||||
get_one_int (KeyfileReaderInfo *info, const char *property_name, const char *str, guint32 max_val, guint32 *out)
|
|
||||||
{
|
|
||||||
- long tmp;
|
|
||||||
- char *endptr;
|
|
||||||
+ gint64 tmp;
|
|
||||||
|
|
||||||
g_return_val_if_fail (!info == !property_name, FALSE);
|
|
||||||
|
|
||||||
@@ -145,13 +144,13 @@ get_one_int (KeyfileReaderInfo *info, const char *property_name, const char *str
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
- errno = 0;
|
|
||||||
- tmp = strtol (str, &endptr, 10);
|
|
||||||
- if (errno || (tmp < 0) || (tmp > max_val) || *endptr != 0) {
|
|
||||||
- if (property_name)
|
|
||||||
+ tmp = _nm_utils_ascii_str_to_int64 (str, 10, 0, max_val, -1);
|
|
||||||
+ if (tmp == -1) {
|
|
||||||
+ if (property_name) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
_("ignoring invalid number '%s'"),
|
|
||||||
str);
|
|
||||||
+ }
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
||||||
|
|
||||||
From e843259d6a13e9219cf151432ed3794246c7d067 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Wed, 4 Oct 2017 11:16:36 +0200
|
|
||||||
Subject: [PATCH 7/8] keyfile: cleanup error argument for read_field()
|
|
||||||
|
|
||||||
Rename @error to @out_err_str, because @error is usually used for GError
|
|
||||||
output arguments.
|
|
||||||
|
|
||||||
Also, make the string variables "const char *".
|
|
||||||
|
|
||||||
Use nm_assert() in read_field(), because it is a static function
|
|
||||||
with only four call sites. It's easily verified that the assertion
|
|
||||||
holds, so no need for a run-time check in production builds.
|
|
||||||
|
|
||||||
(cherry picked from commit 29e9b567f0938fd202a433e7098092f0a39723ed)
|
|
||||||
(cherry picked from commit f889aa783d776afa200587b5891e3578a3033518)
|
|
||||||
---
|
|
||||||
libnm-core/nm-keyfile-reader.c | 58 ++++++++++++++++++++++++------------------
|
|
||||||
1 file changed, 33 insertions(+), 25 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm-core/nm-keyfile-reader.c b/libnm-core/nm-keyfile-reader.c
|
|
||||||
index 15a0e406f..5934c833b 100644
|
|
||||||
--- a/libnm-core/nm-keyfile-reader.c
|
|
||||||
+++ b/libnm-core/nm-keyfile-reader.c
|
|
||||||
@@ -249,17 +249,17 @@ build_route (KeyfileReaderInfo *info,
|
|
||||||
* When @current target is %NULL, gracefully fail returning %NULL while
|
|
||||||
* leaving the @current target %NULL end setting @error to %NULL;
|
|
||||||
*/
|
|
||||||
-static char *
|
|
||||||
-read_field (char **current, char **error, const char *characters, const char *delimiters)
|
|
||||||
+static const char *
|
|
||||||
+read_field (char **current, const char **out_err_str, const char *characters, const char *delimiters)
|
|
||||||
{
|
|
||||||
- char *start;
|
|
||||||
+ const char *start;
|
|
||||||
|
|
||||||
- g_return_val_if_fail (current, NULL);
|
|
||||||
- g_return_val_if_fail (error, NULL);
|
|
||||||
- g_return_val_if_fail (characters, NULL);
|
|
||||||
- g_return_val_if_fail (delimiters, NULL);
|
|
||||||
+ nm_assert (current);
|
|
||||||
+ nm_assert (out_err_str);
|
|
||||||
+ nm_assert (characters);
|
|
||||||
+ nm_assert (delimiters);
|
|
||||||
|
|
||||||
- *error = NULL;
|
|
||||||
+ *out_err_str = NULL;
|
|
||||||
|
|
||||||
if (!*current) {
|
|
||||||
/* graceful failure, leave '*current' NULL */
|
|
||||||
@@ -282,8 +282,8 @@ read_field (char **current, char **error, const char *characters, const char *de
|
|
||||||
return start;
|
|
||||||
} else {
|
|
||||||
/* error, bad character */
|
|
||||||
- *error = *current;
|
|
||||||
- *current = start;
|
|
||||||
+ *out_err_str = *current;
|
|
||||||
+ *current = (char *) start;
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
@@ -332,42 +332,50 @@ read_one_ip_address_or_route (KeyfileReaderInfo *info,
|
|
||||||
char **out_gateway,
|
|
||||||
NMSetting *setting)
|
|
||||||
{
|
|
||||||
- guint32 plen = G_MAXUINT32;
|
|
||||||
+ guint plen;
|
|
||||||
gpointer result;
|
|
||||||
- char *address_str, *plen_str, *gateway_str, *metric_str, *current, *error;
|
|
||||||
- gs_free char *value = NULL, *value_orig = NULL;
|
|
||||||
+ const char *address_str;
|
|
||||||
+ const char *plen_str;
|
|
||||||
+ const char *gateway_str;
|
|
||||||
+ const char *metric_str;
|
|
||||||
+ const char *err_str = NULL;
|
|
||||||
+ char *current;
|
|
||||||
+ gs_free char *value = NULL;
|
|
||||||
+ gs_free char *value_orig = NULL;
|
|
||||||
|
|
||||||
#define VALUE_ORIG() (value_orig ? value_orig : (value_orig = nm_keyfile_plugin_kf_get_string (info->keyfile, setting_name, key_name, NULL)))
|
|
||||||
|
|
||||||
- current = value = nm_keyfile_plugin_kf_get_string (info->keyfile, setting_name, key_name, NULL);
|
|
||||||
+ value = nm_keyfile_plugin_kf_get_string (info->keyfile, setting_name, key_name, NULL);
|
|
||||||
if (!value)
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
+ current = value;
|
|
||||||
+
|
|
||||||
/* get address field */
|
|
||||||
- address_str = read_field (¤t, &error, IP_ADDRESS_CHARS, DELIMITERS);
|
|
||||||
- if (error) {
|
|
||||||
+ address_str = read_field (¤t, &err_str, IP_ADDRESS_CHARS, DELIMITERS);
|
|
||||||
+ if (err_str) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
_("unexpected character '%c' for address %s: '%s' (position %td)"),
|
|
||||||
- *error, key_name, VALUE_ORIG (), error - current);
|
|
||||||
+ *err_str, key_name, VALUE_ORIG (), err_str - current);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
/* get prefix length field (skippable) */
|
|
||||||
- plen_str = read_field (¤t, &error, DIGITS, DELIMITERS);
|
|
||||||
+ plen_str = read_field (¤t, &err_str, DIGITS, DELIMITERS);
|
|
||||||
/* get gateway field */
|
|
||||||
- gateway_str = read_field (¤t, &error, IP_ADDRESS_CHARS, DELIMITERS);
|
|
||||||
- if (error) {
|
|
||||||
+ gateway_str = read_field (¤t, &err_str, IP_ADDRESS_CHARS, DELIMITERS);
|
|
||||||
+ if (err_str) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
_("unexpected character '%c' for %s: '%s' (position %td)"),
|
|
||||||
- *error, key_name, VALUE_ORIG (), error - current);
|
|
||||||
+ *err_str, key_name, VALUE_ORIG (), err_str - current);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
/* for routes, get metric */
|
|
||||||
if (route) {
|
|
||||||
- metric_str = read_field (¤t, &error, DIGITS, DELIMITERS);
|
|
||||||
- if (error) {
|
|
||||||
+ metric_str = read_field (¤t, &err_str, DIGITS, DELIMITERS);
|
|
||||||
+ if (err_str) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
_("unexpected character '%c' in prefix length for %s: '%s' (position %td)"),
|
|
||||||
- *error, key_name, VALUE_ORIG (), error - current);
|
|
||||||
+ *err_str, key_name, VALUE_ORIG (), err_str - current);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
} else
|
|
||||||
@@ -393,7 +401,7 @@ read_one_ip_address_or_route (KeyfileReaderInfo *info,
|
|
||||||
|
|
||||||
/* parse plen, fallback to defaults */
|
|
||||||
if (plen_str) {
|
|
||||||
- if (!get_one_int (info, property_name, plen_str, ipv6 ? 128 : 32, &plen)
|
|
||||||
+ if ( !get_one_int (info, property_name, plen_str, ipv6 ? 128 : 32, &plen)
|
|
||||||
|| (route && plen == 0)) {
|
|
||||||
plen = DEFAULT_PREFIX (route, ipv6);
|
|
||||||
if ( info->error
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
||||||
|
|
||||||
From 0a76ddaad11baec08ab0826a5d635fa5b158c6e4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Wed, 4 Oct 2017 11:28:15 +0200
|
|
||||||
Subject: [PATCH 8/8] keyfile: fix reading/writing route metric zero
|
|
||||||
|
|
||||||
Zero is a valid route metric and distinct from -1, which means unspecified.
|
|
||||||
Fix reader and writer.
|
|
||||||
|
|
||||||
Fixes: e374923bbe4a9f608644756f749b9bae9aa5f349
|
|
||||||
(cherry picked from commit 099be8e4db0b00d4ff3ded60a4a3cb65d55bbd40)
|
|
||||||
(cherry picked from commit 482fcb507e0b7d611701d9537321cdc6d58d3b84)
|
|
||||||
---
|
|
||||||
libnm-core/nm-keyfile-reader.c | 15 +++++++++------
|
|
||||||
libnm-core/nm-keyfile-writer.c | 12 +++++++-----
|
|
||||||
src/settings/plugins/keyfile/tests/test-keyfile.c | 6 +++---
|
|
||||||
3 files changed, 19 insertions(+), 14 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm-core/nm-keyfile-reader.c b/libnm-core/nm-keyfile-reader.c
|
|
||||||
index 5934c833b..0ac417cdb 100644
|
|
||||||
--- a/libnm-core/nm-keyfile-reader.c
|
|
||||||
+++ b/libnm-core/nm-keyfile-reader.c
|
|
||||||
@@ -185,7 +185,8 @@ build_route (KeyfileReaderInfo *info,
|
|
||||||
const char *gateway_str, const char *metric_str)
|
|
||||||
{
|
|
||||||
NMIPRoute *route;
|
|
||||||
- guint32 metric = 0;
|
|
||||||
+ guint32 u32;
|
|
||||||
+ gint64 metric = -1;
|
|
||||||
GError *error = NULL;
|
|
||||||
|
|
||||||
g_return_val_if_fail (plen, NULL);
|
|
||||||
@@ -204,9 +205,10 @@ build_route (KeyfileReaderInfo *info,
|
|
||||||
**/
|
|
||||||
if ( family == AF_INET6
|
|
||||||
&& !metric_str
|
|
||||||
- && get_one_int (NULL, NULL, gateway_str, G_MAXUINT32, &metric))
|
|
||||||
+ && get_one_int (NULL, NULL, gateway_str, G_MAXUINT32, &u32)) {
|
|
||||||
+ metric = u32;
|
|
||||||
gateway_str = NULL;
|
|
||||||
- else {
|
|
||||||
+ } else {
|
|
||||||
if (!info->error) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
_("ignoring invalid gateway '%s' for %s route"),
|
|
||||||
@@ -218,14 +220,15 @@ build_route (KeyfileReaderInfo *info,
|
|
||||||
} else
|
|
||||||
gateway_str = NULL;
|
|
||||||
|
|
||||||
- /* parse metric, default to 0 */
|
|
||||||
+ /* parse metric, default to -1 */
|
|
||||||
if (metric_str) {
|
|
||||||
- if (!get_one_int (info, property_name, metric_str, G_MAXUINT32, &metric))
|
|
||||||
+ if (!get_one_int (info, property_name, metric_str, G_MAXUINT32, &u32))
|
|
||||||
return NULL;
|
|
||||||
+ metric = u32;
|
|
||||||
}
|
|
||||||
|
|
||||||
route = nm_ip_route_new (family, dest_str, plen, gateway_str,
|
|
||||||
- metric ? (gint64) metric : -1,
|
|
||||||
+ metric,
|
|
||||||
&error);
|
|
||||||
if (!route) {
|
|
||||||
handle_warn (info, property_name, NM_KEYFILE_WARN_SEVERITY_WARN,
|
|
||||||
diff --git a/libnm-core/nm-keyfile-writer.c b/libnm-core/nm-keyfile-writer.c
|
|
||||||
index 6a3d9a9f4..19b734a05 100644
|
|
||||||
--- a/libnm-core/nm-keyfile-writer.c
|
|
||||||
+++ b/libnm-core/nm-keyfile-writer.c
|
|
||||||
@@ -137,7 +137,7 @@ write_ip_values (GKeyFile *file,
|
|
||||||
GString *output;
|
|
||||||
int family, i;
|
|
||||||
const char *addr, *gw;
|
|
||||||
- guint32 plen, metric;
|
|
||||||
+ guint32 plen;
|
|
||||||
char key_name[64], *key_name_idx;
|
|
||||||
|
|
||||||
if (!array->len)
|
|
||||||
@@ -150,25 +150,27 @@ write_ip_values (GKeyFile *file,
|
|
||||||
|
|
||||||
output = g_string_sized_new (2*INET_ADDRSTRLEN + 10);
|
|
||||||
for (i = 0; i < array->len; i++) {
|
|
||||||
+ gint64 metric = -1;
|
|
||||||
+
|
|
||||||
if (is_route) {
|
|
||||||
NMIPRoute *route = array->pdata[i];
|
|
||||||
|
|
||||||
addr = nm_ip_route_get_dest (route);
|
|
||||||
plen = nm_ip_route_get_prefix (route);
|
|
||||||
gw = nm_ip_route_get_next_hop (route);
|
|
||||||
- metric = MAX (0, nm_ip_route_get_metric (route));
|
|
||||||
+ metric = nm_ip_route_get_metric (route);
|
|
||||||
} else {
|
|
||||||
NMIPAddress *address = array->pdata[i];
|
|
||||||
|
|
||||||
addr = nm_ip_address_get_address (address);
|
|
||||||
plen = nm_ip_address_get_prefix (address);
|
|
||||||
gw = i == 0 ? gateway : NULL;
|
|
||||||
- metric = 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
g_string_set_size (output, 0);
|
|
||||||
g_string_append_printf (output, "%s/%u", addr, plen);
|
|
||||||
- if (metric || gw) {
|
|
||||||
+ if ( metric != -1
|
|
||||||
+ || gw) {
|
|
||||||
/* Older versions of the plugin do not support the form
|
|
||||||
* "a.b.c.d/plen,,metric", so, we always have to write the
|
|
||||||
* gateway, even if there isn't one.
|
|
||||||
@@ -182,7 +184,7 @@ write_ip_values (GKeyFile *file,
|
|
||||||
}
|
|
||||||
|
|
||||||
g_string_append_printf (output, ",%s", gw);
|
|
||||||
- if (metric)
|
|
||||||
+ if (is_route && metric != -1)
|
|
||||||
g_string_append_printf (output, ",%lu", (unsigned long) metric);
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/src/settings/plugins/keyfile/tests/test-keyfile.c b/src/settings/plugins/keyfile/tests/test-keyfile.c
|
|
||||||
index d9da53173..2584a7229 100644
|
|
||||||
--- a/src/settings/plugins/keyfile/tests/test-keyfile.c
|
|
||||||
+++ b/src/settings/plugins/keyfile/tests/test-keyfile.c
|
|
||||||
@@ -312,11 +312,11 @@ test_read_valid_wired_connection (void)
|
|
||||||
check_ip_route (s_ip4, 3, "1.1.1.3", 13, NULL, -1);
|
|
||||||
check_ip_route (s_ip4, 4, "1.1.1.4", 14, "2.2.2.4", -1);
|
|
||||||
check_ip_route (s_ip4, 5, "1.1.1.5", 15, "2.2.2.5", -1);
|
|
||||||
- check_ip_route (s_ip4, 6, "1.1.1.6", 16, "2.2.2.6", -1);
|
|
||||||
+ check_ip_route (s_ip4, 6, "1.1.1.6", 16, "2.2.2.6", 0);
|
|
||||||
check_ip_route (s_ip4, 7, "1.1.1.7", 17, NULL, -1);
|
|
||||||
check_ip_route (s_ip4, 8, "1.1.1.8", 18, NULL, -1);
|
|
||||||
- check_ip_route (s_ip4, 9, "1.1.1.9", 19, NULL, -1);
|
|
||||||
- check_ip_route (s_ip4, 10, "1.1.1.10", 20, NULL, -1);
|
|
||||||
+ check_ip_route (s_ip4, 9, "1.1.1.9", 19, NULL, 0);
|
|
||||||
+ check_ip_route (s_ip4, 10, "1.1.1.10", 20, NULL, 0);
|
|
||||||
check_ip_route (s_ip4, 11, "1.1.1.11", 21, NULL, 21);
|
|
||||||
|
|
||||||
/* Route attributes */
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,29 +0,0 @@
|
|||||||
From 51c7520752d09c2d3a5c7e19b9a5d86b889ed456 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Lubomir Rintel <lkundrak@v3.sk>
|
|
||||||
Date: Thu, 5 Oct 2017 22:35:25 +0200
|
|
||||||
Subject: [PATCH] platform: treat dsa devices as regular wired ethernet
|
|
||||||
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1371289
|
|
||||||
(cherry picked from commit 5c2ee8b26e540e0afaae2063d6e6121f9dce7c7f)
|
|
||||||
---
|
|
||||||
src/platform/nm-linux-platform.c | 4 ++++
|
|
||||||
1 file changed, 4 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c
|
|
||||||
index 6b84c185f..8b59cec45 100644
|
|
||||||
--- a/src/platform/nm-linux-platform.c
|
|
||||||
+++ b/src/platform/nm-linux-platform.c
|
|
||||||
@@ -762,6 +762,10 @@ _linktype_get_type (NMPlatform *platform,
|
|
||||||
* aside from the DEVTYPE. */
|
|
||||||
if (!g_strcmp0 (devtype, "gadget"))
|
|
||||||
return NM_LINK_TYPE_ETHERNET;
|
|
||||||
+
|
|
||||||
+ /* Distributed Switch Architecture switch chips */
|
|
||||||
+ if (!g_strcmp0 (devtype, "dsa"))
|
|
||||||
+ return NM_LINK_TYPE_ETHERNET;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,43 +0,0 @@
|
|||||||
From e9bdc531b64c5603b0c3a5a6e784122b8be1e8ef Mon Sep 17 00:00:00 2001
|
|
||||||
From: Thomas Haller <thaller@redhat.com>
|
|
||||||
Date: Thu, 2 Nov 2017 15:14:18 +0100
|
|
||||||
Subject: [PATCH 1/1] systemd: let "NetworkManager-wait-online.service" require
|
|
||||||
"NetworkManager.service"
|
|
||||||
|
|
||||||
`systemctl start network-online.target` should suffice to start
|
|
||||||
"NetworkManager.service".
|
|
||||||
|
|
||||||
That would work because
|
|
||||||
- "network-online.target" has "Wants=NetworkManager-wait-online.service"
|
|
||||||
- "NetworkManager-wait-online.service" has "Require=NetworkManager.service".
|
|
||||||
|
|
||||||
But previously, "NetworkManager-wait-online.service" would just
|
|
||||||
fail with missing dependency.
|
|
||||||
|
|
||||||
See also https://github.com/systemd/systemd/pull/6065 which does the
|
|
||||||
same for networkd's wait-online serice, and see rh#1452866 for a
|
|
||||||
use-case.
|
|
||||||
|
|
||||||
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1452866
|
|
||||||
(cherry picked from commit 28b97f02f64ecf94e22c8929dfd0ba64151bd9d3)
|
|
||||||
(cherry picked from commit eeedf51f087d1cd6c5c4b79f7299b6060d28024f)
|
|
||||||
---
|
|
||||||
data/NetworkManager-wait-online.service.in | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/data/NetworkManager-wait-online.service.in b/data/NetworkManager-wait-online.service.in
|
|
||||||
index 1753d2039..896324685 100644
|
|
||||||
--- a/data/NetworkManager-wait-online.service.in
|
|
||||||
+++ b/data/NetworkManager-wait-online.service.in
|
|
||||||
@@ -1,7 +1,7 @@
|
|
||||||
[Unit]
|
|
||||||
Description=Network Manager Wait Online
|
|
||||||
Documentation=man:nm-online(1)
|
|
||||||
-Requisite=NetworkManager.service
|
|
||||||
+Requires=NetworkManager.service
|
|
||||||
After=NetworkManager.service
|
|
||||||
Before=network-online.target
|
|
||||||
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -1,57 +0,0 @@
|
|||||||
From a3900f1ab74a7ff17f87ed3485af2cd327fee091 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Lubomir Rintel <lkundrak@v3.sk>
|
|
||||||
Date: Wed, 1 Nov 2017 21:29:39 +0100
|
|
||||||
Subject: [PATCH 1/1] libnm/client: proxy *_enabled and metered properties to
|
|
||||||
the right object
|
|
||||||
|
|
||||||
They're provided by the Manager, not by the RemoteSettings.
|
|
||||||
|
|
||||||
(cherry picked from commit c81005b84650b8e6d709ce6afda96fb55987cdb8)
|
|
||||||
(cherry picked from commit 34035ceee8e75d8cb7deb6f4aa211067bddcfe97)
|
|
||||||
---
|
|
||||||
libnm/nm-client.c | 8 ++++----
|
|
||||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libnm/nm-client.c b/libnm/nm-client.c
|
|
||||||
index c8707f50e..4d7931756 100644
|
|
||||||
--- a/libnm/nm-client.c
|
|
||||||
+++ b/libnm/nm-client.c
|
|
||||||
@@ -2630,7 +2630,7 @@ get_property (GObject *object, guint prop_id,
|
|
||||||
break;
|
|
||||||
case PROP_WIRELESS_HARDWARE_ENABLED:
|
|
||||||
if (priv->manager)
|
|
||||||
- g_object_get_property (G_OBJECT (priv->settings), pspec->name, value);
|
|
||||||
+ g_object_get_property (G_OBJECT (priv->manager), pspec->name, value);
|
|
||||||
else
|
|
||||||
g_value_set_boolean (value, FALSE);
|
|
||||||
break;
|
|
||||||
@@ -2639,7 +2639,7 @@ get_property (GObject *object, guint prop_id,
|
|
||||||
break;
|
|
||||||
case PROP_WWAN_HARDWARE_ENABLED:
|
|
||||||
if (priv->manager)
|
|
||||||
- g_object_get_property (G_OBJECT (priv->settings), pspec->name, value);
|
|
||||||
+ g_object_get_property (G_OBJECT (priv->manager), pspec->name, value);
|
|
||||||
else
|
|
||||||
g_value_set_boolean (value, FALSE);
|
|
||||||
break;
|
|
||||||
@@ -2648,7 +2648,7 @@ get_property (GObject *object, guint prop_id,
|
|
||||||
break;
|
|
||||||
case PROP_WIMAX_HARDWARE_ENABLED:
|
|
||||||
if (priv->manager)
|
|
||||||
- g_object_get_property (G_OBJECT (priv->settings), pspec->name, value);
|
|
||||||
+ g_object_get_property (G_OBJECT (priv->manager), pspec->name, value);
|
|
||||||
else
|
|
||||||
g_value_set_boolean (value, FALSE);
|
|
||||||
break;
|
|
||||||
@@ -2669,7 +2669,7 @@ get_property (GObject *object, guint prop_id,
|
|
||||||
break;
|
|
||||||
case PROP_METERED:
|
|
||||||
if (priv->manager)
|
|
||||||
- g_object_get_property (G_OBJECT (priv->settings), pspec->name, value);
|
|
||||||
+ g_object_get_property (G_OBJECT (priv->manager), pspec->name, value);
|
|
||||||
else
|
|
||||||
g_value_set_uint (value, NM_METERED_UNKNOWN);
|
|
||||||
break;
|
|
||||||
--
|
|
||||||
2.13.6
|
|
||||||
|
|
@ -7,9 +7,9 @@
|
|||||||
%global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
|
%global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
|
||||||
|
|
||||||
%global epoch_version 1
|
%global epoch_version 1
|
||||||
%global rpm_version 1.8.4
|
%global rpm_version 1.8.8
|
||||||
%global real_version 1.8.4
|
%global real_version 1.8.8
|
||||||
%global release_version 7
|
%global release_version 2
|
||||||
%global snapshot %{nil}
|
%global snapshot %{nil}
|
||||||
%global git_sha %{nil}
|
%global git_sha %{nil}
|
||||||
|
|
||||||
@ -85,15 +85,7 @@ Source2: 00-server.conf
|
|||||||
Source3: 20-connectivity-fedora.conf
|
Source3: 20-connectivity-fedora.conf
|
||||||
|
|
||||||
#Patch1: 0001-some.patch
|
#Patch1: 0001-some.patch
|
||||||
Patch1: 0001-manager-Disconnect-from-signals-on-the-proxy-when-we.patch
|
Patch1: 0001-dhcp-CVE-2018-15688.patch
|
||||||
Patch2: 0002-vpn-remote-connection-disconnect-signal-handlers-whe.patch
|
|
||||||
Patch3: 0003-cli-fix-crash-in-interactive-mode-for-describe.patch
|
|
||||||
Patch4: 0004-device-fix-delay-startup-complete-for-unrealized-dev.patch
|
|
||||||
Patch5: 0005-device-fix-frozen-notify-signals-on-unrealize-error-.patch
|
|
||||||
Patch6: 0006-keyfile-route-metric-zero-fix.patch
|
|
||||||
Patch7: 0007-platform-treat-dsa-devices-as-regular-wired-ethernet.patch
|
|
||||||
Patch8: 0008-systemd-let-NetworkManager-wait-online.service-requi.patch
|
|
||||||
Patch9: 0009-libnm-client-proxy-_enabled-and-metered-properties-t.patch
|
|
||||||
|
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd
|
||||||
@ -350,14 +342,6 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
|
|||||||
|
|
||||||
#%patch1 -p1
|
#%patch1 -p1
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
|
||||||
%patch3 -p1
|
|
||||||
%patch4 -p1
|
|
||||||
%patch5 -p1
|
|
||||||
%patch6 -p1
|
|
||||||
%patch7 -p1
|
|
||||||
%patch8 -p1
|
|
||||||
%patch9 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%if %{with regen_docs}
|
%if %{with regen_docs}
|
||||||
@ -687,15 +671,25 @@ fi
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Oct 29 2018 Thomas Haller <thaller@redhat.com> - 1:1.8.8-2
|
||||||
|
- dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688)
|
||||||
|
|
||||||
|
* Sat Jun 16 2018 Thomas Haller <thaller@redhat.com> - 1:1.8.8-1
|
||||||
|
- Update to 1.8.8
|
||||||
|
- device: fix crash during reapply of connection settings
|
||||||
|
|
||||||
|
* Mon Jan 15 2018 Lubomir Rintel <lkundrak@v3.sk> - 1:1.8.6-1
|
||||||
|
- Update to 1.8.6
|
||||||
|
|
||||||
* Fri Nov 17 2017 Björn Esser <besser82@fedoraproject.org> - 1:1.8.4-7
|
* Fri Nov 17 2017 Björn Esser <besser82@fedoraproject.org> - 1:1.8.4-7
|
||||||
- Apply patch from previous commit
|
- Apply patch from previous commit
|
||||||
|
|
||||||
* Mon Nov 2 2017 Thomas Haller <thaller@redhat.com> - 1:1.8.4-6
|
* Thu Nov 2 2017 Thomas Haller <thaller@redhat.com> - 1:1.8.4-6
|
||||||
- systemd: let NM-w-o.service require NetworkManager service (rh #1452866)
|
- systemd: let NM-w-o.service require NetworkManager service (rh #1452866)
|
||||||
- platform: really treat dsa devices as regular wired ethernet (rh #1371289)
|
- platform: really treat dsa devices as regular wired ethernet (rh #1371289)
|
||||||
- libnm: fix accessing enabled and metered properties
|
- libnm: fix accessing enabled and metered properties
|
||||||
|
|
||||||
* Mon Oct 8 2017 Lubomir Rintel <lkundrak@v3.sk> - 1:1.8.4-5
|
* Sun Oct 8 2017 Lubomir Rintel <lkundrak@v3.sk> - 1:1.8.4-5
|
||||||
- platform: treat dsa devices as regular wired ethernet (rh #1371289)
|
- platform: treat dsa devices as regular wired ethernet (rh #1371289)
|
||||||
|
|
||||||
* Thu Oct 5 2017 Thomas Haller <thaller@redhat.com> - 1:1.8.4-4
|
* Thu Oct 5 2017 Thomas Haller <thaller@redhat.com> - 1:1.8.4-4
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (NetworkManager-1.8.4.tar.xz) = e9aa26e2abe4537c6cbba53e281493e32be8a9f0624d5323212848f286d1279ad2ab79a39de34ad0ea188c888b1b61c4ba4d4d053c4d227e68f9236955f69bb1
|
SHA512 (NetworkManager-1.8.8.tar.xz) = 7468313ea251cfaa157e6bd359537b3a4846436ceca2ce121acfbf322db80d19a83b036c28115162936b246db6a0f8d0f752dc143bbf62180ee53e2e16fc8271
|
||||||
|
13
tests/tests.yml
Normal file
13
tests/tests.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
# Tests for NetworkManager
|
||||||
|
- hosts: localhost
|
||||||
|
roles:
|
||||||
|
- role: standard-test-basic
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
repositories:
|
||||||
|
- repo: "https://github.com/NetworkManager/NetworkManager-ci"
|
||||||
|
dest: "NetworkManager-ci"
|
||||||
|
tests:
|
||||||
|
- sanity-tests:
|
||||||
|
dir: NetworkManager-ci
|
||||||
|
run: run/osci/run-tests fedora27
|
Loading…
Reference in New Issue
Block a user