Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
|
c7129b6cc7 | |
|
b0b96b60c2 | |
|
8c6adc201c | |
|
7f5da6cd9a | |
|
c83e236863 | |
|
a14f6a38fc |
|
@ -340,94 +340,5 @@ network-manager-applet-0.8.1.tar.bz2
|
|||
/NetworkManager-1.8.0.tar.xz
|
||||
/NetworkManager-1.8.2.tar.xz
|
||||
/NetworkManager-1.8.4.tar.xz
|
||||
/NetworkManager-1.10.2.tar.xz
|
||||
/NetworkManager-1.10.4.tar.xz
|
||||
/NetworkManager-1.10.6.tar.xz
|
||||
/NetworkManager-1.10.8.tar.xz
|
||||
/NetworkManager-1.11.4.tar.xz
|
||||
/NetworkManager-1.11.90.tar.xz
|
||||
/NetworkManager-1.12.0.tar.xz
|
||||
/NetworkManager-1.12.2.tar.xz
|
||||
/NetworkManager-1.14.0.tar.xz
|
||||
/NetworkManager-1.14.2.tar.xz
|
||||
/NetworkManager-1.14.4.tar.xz
|
||||
/NetworkManager-1.15.90.tar.xz
|
||||
/NetworkManager-1.15.91.tar.xz
|
||||
/NetworkManager-1.16.0.tar.xz
|
||||
/NetworkManager-1.18.0.tar.xz
|
||||
/NetworkManager-1.19.2.tar.xz
|
||||
/NetworkManager-1.19.3.tar.xz
|
||||
/NetworkManager-1.19.5.tar.xz
|
||||
/NetworkManager-1.19.90.tar.xz
|
||||
/NetworkManager-1.20.0.tar.xz
|
||||
/NetworkManager-1.20.2.tar.xz
|
||||
/NetworkManager-1.20.4.tar.xz
|
||||
/NetworkManager-1.21.3.tar.xz
|
||||
/NetworkManager-1.21.90.tar.xz
|
||||
/NetworkManager-1.22.0.tar.xz
|
||||
/NetworkManager-1.22.2.tar.xz
|
||||
/NetworkManager-1.22.4.tar.xz
|
||||
/NetworkManager-1.22.6.tar.xz
|
||||
/NetworkManager-1.22.8.tar.xz
|
||||
/NetworkManager-1.22.10.tar.xz
|
||||
/NetworkManager-1.23.90.tar.xz
|
||||
/NetworkManager-1.23.91.tar.xz
|
||||
/NetworkManager-1.24.0.tar.xz
|
||||
/NetworkManager-1.24.2.tar.xz
|
||||
/NetworkManager-1.25.90.tar.xz
|
||||
/NetworkManager-1.26.0.tar.xz
|
||||
/NetworkManager-1.26.2.tar.xz
|
||||
/NetworkManager-1.27.90.tar.xz
|
||||
/NetworkManager-1.27.91.tar.xz
|
||||
/NetworkManager-1.28.0.tar.xz
|
||||
/NetworkManager-1.29.8.tar.xz
|
||||
/NetworkManager-1.29.9.tar.xz
|
||||
/NetworkManager-1.29.11.tar.xz
|
||||
/NetworkManager-1.29.90.tar.xz
|
||||
/NetworkManager-1.30.0.tar.xz
|
||||
/NetworkManager-1.30.2.tar.xz
|
||||
/NetworkManager-1.31.2.tar.xz
|
||||
/NetworkManager-1.31.3.tar.xz
|
||||
/NetworkManager-1.31.4.tar.xz
|
||||
/NetworkManager-1.31.90.tar.xz
|
||||
/NetworkManager-1.32.0.tar.xz
|
||||
/NetworkManager-1.32.4.tar.xz
|
||||
/NetworkManager-1.32.6.tar.xz
|
||||
/NetworkManager-1.32.8.tar.xz
|
||||
/NetworkManager-1.32.10.tar.xz
|
||||
/NetworkManager-1.32.12.tar.xz
|
||||
/NetworkManager-1.35.1.tar.xz
|
||||
/NetworkManager-1.35.2.tar.xz
|
||||
/NetworkManager-1.35.3.tar.xz
|
||||
/NetworkManager-1.35.4.tar.xz
|
||||
/NetworkManager-1.35.6.tar.xz
|
||||
/NetworkManager-1.35.7.tar.xz
|
||||
/NetworkManager-1.35.90.tar.xz
|
||||
/NetworkManager-1.35.91.tar.xz
|
||||
/NetworkManager-1.35.92.tar.xz
|
||||
/NetworkManager-1.36.0.tar.xz
|
||||
/NetworkManager-1.36.2.tar.xz
|
||||
/NetworkManager-1.36.4.tar.xz
|
||||
/NetworkManager-1.37.3.tar.xz
|
||||
/NetworkManager-1.37.90.tar.xz
|
||||
/NetworkManager-1.37.91.tar.xz
|
||||
/NetworkManager-1.37.92.tar.xz
|
||||
/NetworkManager-1.38.0.tar.xz
|
||||
/NetworkManager-1.39.8.tar.xz
|
||||
/NetworkManager-1.39.10.tar.xz
|
||||
/NetworkManager-1.39.11.tar.xz
|
||||
/NetworkManager-1.39.90.tar.xz
|
||||
/NetworkManager-1.40.0.tar.xz
|
||||
/NetworkManager-1.41.3.tar.xz
|
||||
/NetworkManager-1.41.4.tar.xz
|
||||
/NetworkManager-1.41.5.tar.xz
|
||||
/NetworkManager-1.41.6.tar.xz
|
||||
/NetworkManager-1.41.7.tar.xz
|
||||
/NetworkManager-1.41.8.tar.xz
|
||||
/NetworkManager-1.41.90.tar.xz
|
||||
/NetworkManager-1.41.91.tar.xz
|
||||
/NetworkManager-1.42.0.tar.xz
|
||||
/NetworkManager-1.43.3.tar.xz
|
||||
/NetworkManager-1.43.4.tar.xz
|
||||
/NetworkManager-1.43.5.tar.xz
|
||||
/NetworkManager-1.43.6.tar.xz
|
||||
/NetworkManager-1.8.6.tar.xz
|
||||
/NetworkManager-1.8.8.tar.xz
|
||||
|
|
|
@ -0,0 +1,327 @@
|
|||
From aff13dd42efe390d72ad7a9605b06e44fefddfeb Mon Sep 17 00:00:00 2001
|
||||
From: Thomas Haller <thaller@redhat.com>
|
||||
Date: Mon, 10 Sep 2018 15:22:28 +0200
|
||||
Subject: [PATCH 1/6] systemd/dhcp: fix assertion starting DHCP client without
|
||||
MAC address
|
||||
|
||||
An assertion in dhcp_network_bind_raw_socket() is triggered when
|
||||
starting an sd_dhcp_client without setting setting a MAC address
|
||||
first.
|
||||
|
||||
- sd_dhcp_client_start()
|
||||
- client_start()
|
||||
- client_start_delayed()
|
||||
- dhcp_network_bind_raw_socket()
|
||||
|
||||
In that case, the arp-type and MAC address is still unset. Note that
|
||||
dhcp_network_bind_raw_socket() already checks for a valid arp-type
|
||||
and MAC address below, so we should just gracefully return -EINVAL.
|
||||
|
||||
Maybe sd_dhcp_client_start() should fail earlier when starting without
|
||||
MAC address. But the failure here will be correctly propagated and
|
||||
the start aborted.
|
||||
|
||||
See-also: https://github.com/systemd/systemd/pull/10054
|
||||
(cherry picked from commit 34af574d5810ab2b0d6d354cbc28135cde4a55b1)
|
||||
(cherry picked from commit 0a797bdc2a592385a21e7ed918c08ef54a346d99)
|
||||
(cherry picked from commit f37ed84ca495ee212b1e82b9c5a5682c4acfebcd)
|
||||
(cherry picked from commit 1031b2bb5c97bd48ff93f85537b3f5ce0f6f64bf)
|
||||
(cherry picked from commit 4ca49f52fae5c7841f873bc0a01d654dc19c2152)
|
||||
---
|
||||
src/systemd/src/libsystemd-network/dhcp-network.c | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/dhcp-network.c b/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||
index 7ad0ec375..f0b1b0a22 100644
|
||||
--- a/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||
+++ b/src/systemd/src/libsystemd-network/dhcp-network.c
|
||||
@@ -142,8 +142,6 @@ int dhcp_network_bind_raw_socket(int ifindex, union sockaddr_union *link,
|
||||
const uint8_t *bcast_addr = NULL;
|
||||
uint8_t dhcp_hlen = 0;
|
||||
|
||||
- assert_return(mac_addr_len > 0, -EINVAL);
|
||||
-
|
||||
if (arp_type == ARPHRD_ETHER) {
|
||||
assert_return(mac_addr_len == ETH_ALEN, -EINVAL);
|
||||
memcpy(ð_mac, mac_addr, ETH_ALEN);
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
From 141c3fe8f083449e2a9d223a4f8995ad89ca0501 Mon Sep 17 00:00:00 2001
|
||||
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||
Date: Sat, 29 Sep 2018 03:06:10 +0000
|
||||
Subject: [PATCH 2/6] dhcp6: fix an off-by-one error in
|
||||
dhcp6_option_parse_domainname
|
||||
|
||||
==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200055fa9c at pc 0x0000005458f1 bp 0x7ffc78940d90 sp 0x7ffc78940d88
|
||||
READ of size 1 at 0x60200055fa9c thread T0
|
||||
#0 0x5458f0 in dhcp6_option_parse_domainname /work/build/../../src/systemd/src/libsystemd-network/dhcp6-option.c:555:29
|
||||
#1 0x54706e in dhcp6_lease_set_domains /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-lease.c:242:13
|
||||
#2 0x53fce0 in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:984:29
|
||||
#3 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
|
||||
#4 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
|
||||
#5 0x7f0f7159deee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
|
||||
#6 0x7f0f7159d431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
|
||||
#7 0x7f0f7159ea8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
|
||||
#8 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
|
||||
#9 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
|
||||
#10 0x57bec8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
|
||||
#11 0x579d67 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
|
||||
#12 0x57dc92 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
|
||||
#13 0x580ca6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
|
||||
#14 0x55e968 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
|
||||
#15 0x551a1c in main /src/libfuzzer/FuzzerMain.cpp:20:10
|
||||
#16 0x7f0f701a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
||||
#17 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)
|
||||
|
||||
https://github.com/systemd/systemd/pull/10200
|
||||
https://github.com/systemd/systemd/commit/b387d3c1327a3ad2a2509bd3d3491e674392ff21
|
||||
(cherry picked from commit 7cb7cffc4962245a32e87017bcf264005c043250)
|
||||
(cherry picked from commit cd3aacefdd0b91741b7b2e7b5ee5baab210addd9)
|
||||
(cherry picked from commit 5b140a77bc7b01dc002dbf28a7a2507a27a63d7c)
|
||||
(cherry picked from commit 0f25f47767794fb179edb9916566a208fbcfcb8f)
|
||||
(cherry picked from commit c13e43979e10e636e3787bf85a4d56fa5187e70d)
|
||||
---
|
||||
src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
index 3a77e34d5..d8812c36f 100644
|
||||
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
@@ -366,7 +366,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||
/* Literal label */
|
||||
label = (const char *)&optval[pos];
|
||||
pos += c;
|
||||
- if (pos > optlen)
|
||||
+ if (pos >= optlen)
|
||||
return -EMSGSIZE;
|
||||
|
||||
if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX)) {
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
From c854e0c2eea17c9d2f49d0c416a25b35186de577 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 27 Sep 2018 18:04:59 +0900
|
||||
Subject: [PATCH 3/6] sd-dhcp-lease: fix memleaks
|
||||
|
||||
(cherry picked from commit e2975f854831d08a25b4f5eb329b6d04102e115f)
|
||||
(cherry picked from commit 157094abd83f933fad142758a7d177cfa1a347f7)
|
||||
(cherry picked from commit 3fd9d11619a5e60d375076fbe13851dd1d3a4a63)
|
||||
(cherry picked from commit 4439f07841bdddc6878132a993c229df032e8e85)
|
||||
(cherry picked from commit cbd0609cc482168912c747bad883ba6d434c2a11)
|
||||
---
|
||||
src/systemd/src/libsystemd-network/sd-dhcp-lease.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||
index 5a3bff2f7..d92441fc5 100644
|
||||
--- a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||
+++ b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
|
||||
@@ -277,6 +277,8 @@ sd_dhcp_lease *sd_dhcp_lease_unref(sd_dhcp_lease *lease) {
|
||||
free(option);
|
||||
}
|
||||
|
||||
+ free(lease->root_path);
|
||||
+ free(lease->timezone);
|
||||
free(lease->hostname);
|
||||
free(lease->domainname);
|
||||
free(lease->dns);
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
From 4f6f76aa79bb63c6fea356d702e80754e8291728 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Fri, 19 Oct 2018 03:42:10 +0900
|
||||
Subject: [PATCH 4/6] sd-dhcp6: make dhcp6_option_parse_domainname() not store
|
||||
empty domain
|
||||
|
||||
This improves performance of fuzzer.
|
||||
C.f. oss-fuzz#11019.
|
||||
|
||||
(cherry picked from commit 3c72b6ed4252e7ff5f7704bfe44557ec197b47fa)
|
||||
(cherry picked from commit 50403cccee28c7dcd54b138a0d3b3f69ea0204fe)
|
||||
(cherry picked from commit f11f5abb1a8b96b553d2d156f8b5cf440695c04d)
|
||||
(cherry picked from commit c836279fca80fb22ca7ef02acaa5b987fee61123)
|
||||
(cherry picked from commit 4ca0e57c46cf6861ec6f6b6c8e0d430edb3fa5b1)
|
||||
(cherry picked from commit 32e71d5bc09494736866fd78606994f8bf93b31d)
|
||||
---
|
||||
.../src/libsystemd-network/dhcp6-option.c | 66 ++++++++-----------
|
||||
1 file changed, 29 insertions(+), 37 deletions(-)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
index d8812c36f..d49624437 100644
|
||||
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
@@ -353,6 +353,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||
bool first = true;
|
||||
|
||||
for (;;) {
|
||||
+ const char *label;
|
||||
uint8_t c;
|
||||
|
||||
c = optval[pos++];
|
||||
@@ -360,47 +361,41 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||
if (c == 0)
|
||||
/* End of name */
|
||||
break;
|
||||
- else if (c <= 63) {
|
||||
- const char *label;
|
||||
-
|
||||
- /* Literal label */
|
||||
- label = (const char *)&optval[pos];
|
||||
- pos += c;
|
||||
- if (pos >= optlen)
|
||||
- return -EMSGSIZE;
|
||||
-
|
||||
- if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX)) {
|
||||
- r = -ENOMEM;
|
||||
- goto fail;
|
||||
- }
|
||||
-
|
||||
- if (first)
|
||||
- first = false;
|
||||
- else
|
||||
- ret[n++] = '.';
|
||||
-
|
||||
- r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
|
||||
- if (r < 0)
|
||||
- goto fail;
|
||||
-
|
||||
- n += r;
|
||||
- continue;
|
||||
- } else {
|
||||
- r = -EBADMSG;
|
||||
- goto fail;
|
||||
- }
|
||||
- }
|
||||
+ if (c > 63)
|
||||
+ return -EBADMSG;
|
||||
+
|
||||
+ /* Literal label */
|
||||
+ label = (const char *)&optval[pos];
|
||||
+ pos += c;
|
||||
+ if (pos >= optlen)
|
||||
+ return -EMSGSIZE;
|
||||
+
|
||||
+ if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX))
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ if (first)
|
||||
+ first = false;
|
||||
+ else
|
||||
+ ret[n++] = '.';
|
||||
|
||||
- if (!GREEDY_REALLOC(ret, allocated, n + 1)) {
|
||||
- r = -ENOMEM;
|
||||
- goto fail;
|
||||
+ r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ n += r;
|
||||
}
|
||||
|
||||
+ if (n == 0)
|
||||
+ continue;
|
||||
+
|
||||
+ if (!GREEDY_REALLOC(ret, allocated, n + 1))
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
ret[n] = 0;
|
||||
|
||||
r = strv_extend(&names, ret);
|
||||
if (r < 0)
|
||||
- goto fail;
|
||||
+ return r;
|
||||
|
||||
idx++;
|
||||
}
|
||||
@@ -409,7 +404,4 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
|
||||
names = NULL;
|
||||
|
||||
return idx;
|
||||
-
|
||||
-fail:
|
||||
- return r;
|
||||
}
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
From 017d77c8c6c88fd4cfa1a2f8a2ac03b9a491f314 Mon Sep 17 00:00:00 2001
|
||||
From: Li Song <song.li@honeywell.com>
|
||||
Date: Fri, 19 Oct 2018 13:41:51 -0400
|
||||
Subject: [PATCH 5/6] sd-dhcp: remove unreachable route after rebinding return
|
||||
NAK
|
||||
|
||||
(cherry picked from commit cc3981b1272b9ce37e7d734a7b2f42e84acac535)
|
||||
(cherry picked from commit 915c2f675a23b2ae16d292d1ac570706f76b384d)
|
||||
(cherry picked from commit cb77290a696dce924e2a993690634986ac035490)
|
||||
(cherry picked from commit f211b140a5861ddedc2424946e3ab07d3b642b5f)
|
||||
(cherry picked from commit 1cfefbb99ff3c2ab7a0f54829c6f3f787d9e6d77)
|
||||
(cherry picked from commit f3f5441820d0ecd0ff6861480ace696a6bf34fbd)
|
||||
---
|
||||
src/systemd/src/libsystemd-network/sd-dhcp-client.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-client.c b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||
index 17393e206..c9623a448 100644
|
||||
--- a/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||
+++ b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
|
||||
@@ -1580,6 +1580,8 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
|
||||
client->timeout_resend =
|
||||
sd_event_source_unref(client->timeout_resend);
|
||||
|
||||
+ client_notify(client, SD_DHCP_CLIENT_EVENT_EXPIRED);
|
||||
+
|
||||
r = client_initialize(client);
|
||||
if (r < 0)
|
||||
goto error;
|
||||
--
|
||||
2.17.1
|
||||
|
||||
|
||||
From 35b634d535c8f151bcb6add9630305121349802c Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 19 Oct 2018 12:12:33 +0200
|
||||
Subject: [PATCH 6/6] dhcp6: make sure we have enough space for the DHCP6
|
||||
option header
|
||||
|
||||
Fixes a vulnerability originally discovered by Felix Wilhelm from
|
||||
Google.
|
||||
|
||||
CVE-2018-15688
|
||||
LP: #1795921
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1639067
|
||||
|
||||
(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
|
||||
(cherry picked from commit 01ca2053bbea09f35b958c8cc7631e15469acb79)
|
||||
(cherry picked from commit fc230dca139142f409d7bac99dbfabe9b004e2fb)
|
||||
(cherry picked from commit cc1e5a7f5731f223d1eb8473fa0eecbedfc0ae5f)
|
||||
(cherry picked from commit c3221cb0c5b4a2936c198e33b6f7853141991277)
|
||||
(cherry picked from commit f4f765534191ed3c5d8e78b97333f3fd978a2b63)
|
||||
---
|
||||
src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
index d49624437..7615cb80e 100644
|
||||
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
|
||||
@@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
- if (*buflen < len)
|
||||
+ if (*buflen < offsetof(DHCP6Option, data) + len)
|
||||
return -ENOBUFS;
|
||||
|
||||
ia_hdr = *buf;
|
||||
--
|
||||
2.17.1
|
||||
|
|
@ -1,10 +1,4 @@
|
|||
# Enable connectivity checking for NetworkManager.
|
||||
# See `man NetworkManager.conf`.
|
||||
#
|
||||
# Note that connectivity checking works badly with rp_filter set to
|
||||
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
|
||||
[connectivity]
|
||||
enabled=true
|
||||
uri=http://fedoraproject.org/static/hotspot.txt
|
||||
response=OK
|
||||
interval=300
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
# Enable connectivity checking for NetworkManager.
|
||||
# See `man NetworkManager.conf`.
|
||||
#
|
||||
# Note that connectivity checking works badly with rp_filter set to
|
||||
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
|
||||
[connectivity]
|
||||
enabled=true
|
||||
uri=http://static.redhat.com/test/rhel-networkmanager.txt
|
||||
response=OK
|
||||
interval=300
|
|
@ -1,15 +0,0 @@
|
|||
# The Strict mode of RFC3704 Reverse Path filtering breaks some pretty
|
||||
# common and reasonable use cases.
|
||||
#
|
||||
# Notably, it makes it impossible for NetworkManager to do connectivity
|
||||
# check on a newly arriving default route (it starts with a higher metric
|
||||
# and is bumped lower if there's connectivity).
|
||||
#
|
||||
# Kernel's default is 0 (no filter), systemd configures a Loose filter since
|
||||
# commit 230450d4e4f1 ('sysctl.d: switch net.ipv4.conf.all.rp_filter from 1
|
||||
# to 2'). However, RHEL systemd package happens to default to Strict mode
|
||||
# for historic reasons. Let's override it if we're doing connectivity
|
||||
# checking.
|
||||
|
||||
# Source route verification
|
||||
net.ipv4.conf.all.rp_filter = 0
|
|
@ -2,25 +2,27 @@
|
|||
#
|
||||
# See "man 5 NetworkManager.conf" for details.
|
||||
#
|
||||
# The directories /usr/lib/NetworkManager/conf.d/ and /run/NetworkManager/conf.d/
|
||||
# can contain additional .conf snippets installed by packages. These files are
|
||||
# The directories /usr/lib/NetworkManager/conf.d/ and /var/run/NetworkManager/conf.d/
|
||||
# can contain additional configuration snippets installed by packages. These files are
|
||||
# read before NetworkManager.conf and have thus lowest priority.
|
||||
# The directory /etc/NetworkManager/conf.d/ can contain additional .conf
|
||||
# The directory /etc/NetworkManager/conf.d/ can contain additional configuration
|
||||
# snippets. Those snippets are merged last and overwrite the settings from this main
|
||||
# file.
|
||||
#
|
||||
# The files within one conf.d/ directory are read in asciibetical order.
|
||||
#
|
||||
# You can prevent loading a file /usr/lib/NetworkManager/conf.d/NAME.conf
|
||||
# by having a file NAME.conf in either /run/NetworkManager/conf.d/ or /etc/NetworkManager/conf.d/.
|
||||
# Likewise, snippets from /run can be prevented from loading by placing
|
||||
# a file with the same name in /etc/NetworkManager/conf.d/.
|
||||
# If /etc/NetworkManager/conf.d/ contains a file with the same name as
|
||||
# /usr/lib/NetworkManager/conf.d/, the latter file is shadowed and thus ignored.
|
||||
# Hence, to disable loading a file from /usr/lib/NetworkManager/conf.d/ you can
|
||||
# put an empty file to /etc with the same name. The same applies with respect
|
||||
# to the directory /var/run/NetworkManager/conf.d where files in /var/run shadow
|
||||
# /usr/lib and are themselves shadowed by files under /etc.
|
||||
#
|
||||
# If two files define the same key, the one that is read afterwards will overwrite
|
||||
# the previous one.
|
||||
|
||||
[main]
|
||||
#plugins=keyfile,ifcfg-rh
|
||||
#plugins=ifcfg-rh,ibft
|
||||
|
||||
|
||||
[logging]
|
||||
|
@ -28,7 +30,8 @@
|
|||
#
|
||||
# Logfiles contain no passwords and little sensitive information. But please
|
||||
# check before posting the file online. You can also personally hand over the
|
||||
# logfile to a NM developer to treat it confidential. Meet us on #nm on Libera.Chat.
|
||||
# logfile to a NM developer to treat it confidential. Meet us on #nm on freenode.
|
||||
# Please post full logfiles except minimal modifications of private data.
|
||||
#
|
||||
# You can also change the log-level at runtime via
|
||||
# $ nmcli general logging level TRACE domains ALL
|
||||
|
@ -39,14 +42,9 @@
|
|||
# You will find the logfiles in syslog, for example via
|
||||
# $ journalctl -u NetworkManager
|
||||
#
|
||||
# Please post full logfiles for bug reports without pre-filtering or truncation.
|
||||
# Also, for debugging the entire `journalctl` output can be interesting. Don't
|
||||
# limit unnecessarily with `journalctl -u`. Exceptions are if you are worried
|
||||
# about private data. Check before posting logfiles!
|
||||
#
|
||||
# Note that debug logging of NetworkManager can be quite verbose. Some messages
|
||||
# might be rate-limited by the logging daemon (see RateLimitIntervalSec, RateLimitBurst
|
||||
# in man journald.conf). Please disable rate-limiting before collecting debug logs!
|
||||
# in man journald.conf).
|
||||
#
|
||||
#level=TRACE
|
||||
#domains=ALL
|
||||
|
|
1386
NetworkManager.spec
1386
NetworkManager.spec
File diff suppressed because it is too large
Load Diff
|
@ -1,31 +0,0 @@
|
|||
NetworkManager stores new network profiles in keyfile format in the
|
||||
/etc/NetworkManager/system-connections/ directory.
|
||||
|
||||
Previously, NetworkManager stored network profiles in ifcfg format
|
||||
in this directory (/etc/sysconfig/network-scripts/). However, the ifcfg
|
||||
format is deprecated. By default, NetworkManager no longer creates
|
||||
new profiles in this format.
|
||||
|
||||
Connection profiles in keyfile format have many benefits. For example,
|
||||
this format is INI file-based and can easily be parsed and generated.
|
||||
|
||||
Each section in NetworkManager keyfiles corresponds to a NetworkManager
|
||||
setting name as described in the nm-settings(5) and nm-settings-keyfile(5)
|
||||
man pages. Each key-value-pair in a section is one of the properties
|
||||
listed in the settings specification of the man page.
|
||||
|
||||
If you still use network profiles in ifcfg format, consider migrating
|
||||
them to keyfile format. To migrate all profiles at once, enter:
|
||||
|
||||
# nmcli connection migrate
|
||||
|
||||
This command migrates all profiles from ifcfg format to keyfile
|
||||
format and stores them in /etc/NetworkManager/system-connections/.
|
||||
|
||||
Alternatively, to migrate only a specific profile, enter:
|
||||
|
||||
# nmcli connection migrate <profile_name|UUID|D-Bus_path>
|
||||
|
||||
For further details, see:
|
||||
* nm-settings-keyfile(5)
|
||||
* nmcli(1)
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (NetworkManager-1.43.6.tar.xz) = e1d898d3e6154018defcf189bc017a962ed93b9f5d7bafd90642cd70f9bbd4885874b24f716d524e52cf9e44c7ba338e3c416e78bd7b6ec6eaa1cb5066244504
|
||||
SHA512 (NetworkManager-1.8.8.tar.xz) = 7468313ea251cfaa157e6bd359537b3a4846436ceca2ce121acfbf322db80d19a83b036c28115162936b246db6a0f8d0f752dc143bbf62180ee53e2e16fc8271
|
||||
|
|
|
@ -10,4 +10,4 @@
|
|||
tests:
|
||||
- sanity-tests:
|
||||
dir: NetworkManager-ci
|
||||
run: run/osci/run-tests fedora28
|
||||
run: run/osci/run-tests fedora27
|
||||
|
|
Loading…
Reference in New Issue