system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-07-08 19:55:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

release: bump version to 1.27.1 (development)

Browse Source
This commit is contained in:
Thomas Haller 2020-07-13 23:40:46 +02:00
commit 7b14686ae2
No known key found for this signature in database
GPG Key ID: 29C2366E4DFC5728
192 changed files with 4973 additions and 3259 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
.clang-format Normal file
View File

@ -0,0 +1,108 @@
Language: Cpp
TabWidth: 4
IndentWidth: 4
UseTab: Never
ColumnLimit: 100
ContinuationIndentWidth: 4
UseCRLF: false
AlignAfterOpenBracket: Align
AlignConsecutiveAssignments: true
AlignConsecutiveDeclarations: true
AlignConsecutiveMacros: true
AlignEscapedNewlines: Left
AlignOperands: true
AlignTrailingComments: true
AllowAllArgumentsOnNextLine: false
AllowAllParametersOfDeclarationOnNextLine: false
AllowShortBlocksOnASingleLine: Empty
AllowShortCaseLabelsOnASingleLine: false
AllowShortFunctionsOnASingleLine: Empty
AllowShortIfStatementsOnASingleLine: Never
AllowShortLoopsOnASingleLine: false
AlwaysBreakAfterReturnType: AllDefinitions
AlwaysBreakBeforeMultilineStrings: false
BinPackArguments: false
BinPackParameters: false
BreakBeforeBraces: Custom
BraceWrapping:
AfterCaseLabel: true
AfterControlStatement: Never
AfterEnum: false
AfterFunction: true
AfterStruct: false
AfterUnion: false
BeforeElse: false
IndentBraces: false
SplitEmptyFunction: false
BreakBeforeBinaryOperators: All
BreakBeforeTernaryOperators: true
BreakStringLiterals: true
IncludeBlocks: Preserve
IndentCaseLabels: false
IndentGotoLabels: false
IndentPPDirectives: BeforeHash
IndentWrappedFunctionNames: false
KeepEmptyLinesAtTheStartOfBlocks: false
MaxEmptyLinesToKeep: 1
DerivePointerAlignment: false
PointerAlignment: Right
ReflowComments: false
SortIncludes: false
SpaceAfterCStyleCast: true
SpaceAfterLogicalNot: false
SpaceBeforeAssignmentOperators: true
SpaceBeforeParens: Always
SpaceBeforeSquareBrackets: false
SpaceInEmptyBlock: false
SpaceInEmptyParentheses: false
SpacesBeforeTrailingComments: 2
SpacesInCStyleCastParentheses: false
SpacesInContainerLiterals: false
SpacesInParentheses: false
ForEachMacros: ['c_list_for_each',
'c_list_for_each_continue',
'c_list_for_each_entry',
'c_list_for_each_entry_continue',
'c_list_for_each_entry_safe',
'c_list_for_each_entry_safe_continue',
'c_list_for_each_entry_safe_unlink',
'c_list_for_each_safe',
'c_list_for_each_safe_continue',
'c_list_for_each_safe_unlink',
'c_rbtree_for_each',
'c_rbtree_for_each_entry',
'c_rbtree_for_each_entry_postorder',
'c_rbtree_for_each_entry_safe',
'c_rbtree_for_each_entry_safe_postorder',
'c_rbtree_for_each_entry_safe_postorder_unlink',
'c_rbtree_for_each_postorder',
'c_rbtree_for_each_safe',
'c_rbtree_for_each_safe_postorder',
'c_rbtree_for_each_safe_postorder_unlink',
'json_object_foreach_safe',
'ndp_msg_opt_dnssl_for_each_domain',
'ndp_msg_opt_for_each_offset',
'ndp_msg_opt_rdnss_for_each_addr',
'nla_for_each_attr',
'nla_for_each_nested',
'nm_c_list_for_each_entry_prev',
'nm_dedup_multi_iter_for_each',
'nm_ip_config_iter_ip4_address_for_each',
'nm_ip_config_iter_ip4_route_for_each',
'nm_ip_config_iter_ip6_address_for_each',
'nm_ip_config_iter_ip6_route_for_each',
'nm_json_array_foreach',
'nm_json_object_foreach',
'nm_manager_for_each_active_connection',
'nm_manager_for_each_active_connection_safe',
'nm_manager_for_each_device',
'nm_manager_for_each_device_safe',
'nmp_cache_iter_for_each',
'nmp_cache_iter_for_each_link',
]

1
.gitignore vendored
View File

@ -131,6 +131,7 @@ test-*.trs
/examples/C/qt/monitor-nm-running
/examples/C/qt/monitor-nm-running.moc
/shared/nm-glib-aux/tests/test-json-aux
/shared/nm-glib-aux/tests/test-shared-general
/shared/nm-version-macros.h

2
.gitlab-ci.yml
View File

@ -79,7 +79,7 @@ checkpatch:
script:
- date '+%Y%m%d-%H%M%S'; dnf install -y git black
- date '+%Y%m%d-%H%M%S'; NM_CHECKPATCH_FETCH_UPSTREAM=1 contrib/scripts/checkpatch-feature-branch.sh 2>&1 | tee checkpatch-out.txt
- date '+%Y%m%d-%H%M%S'; black --check .
- date '+%Y%m%d-%H%M%S'; black --check . examples/python/gi/nm-wg-set
allow_failure: true
artifacts:
when: on_failure

55
Makefile.am
View File

@ -356,6 +356,9 @@ shared_nm_std_aux_libnm_std_aux_la_SOURCES = \
shared/nm-std-aux/c-list-util.c \
shared/nm-std-aux/c-list-util.h \
shared/nm-std-aux/nm-dbus-compat.h \
shared/nm-std-aux/nm-std-aux.h \
shared/nm-std-aux/nm-std-utils.c \
shared/nm-std-aux/nm-std-utils.h \
shared/nm-std-aux/unaligned.h \
$(NULL)
@ -639,6 +642,39 @@ shared_nm_glib_aux_tests_test_shared_general_LDADD = \
###############################################################################
if WITH_JANSSON
check_programs += shared/nm-glib-aux/tests/test-json-aux
shared_nm_glib_aux_tests_test_json_aux_CPPFLAGS = \
$(dflt_cppflags) \
-I$(srcdir)/shared \
-DNETWORKMANAGER_COMPILATION_TEST \
-DNETWORKMANAGER_COMPILATION='(NM_NETWORKMANAGER_COMPILATION_GLIB|NM_NETWORKMANAGER_COMPILATION_WITH_GLIB_I18N_PROG)' \
$(CODE_COVERAGE_CFLAGS) \
$(GLIB_CFLAGS) \
$(JANSSON_CFLAGS) \
$(SANITIZER_LIB_CFLAGS) \
$(NULL)
shared_nm_glib_aux_tests_test_json_aux_LDFLAGS = \
$(CODE_COVERAGE_LDFLAGS) \
$(SANITIZER_EXEC_LDFLAGS) \
$(NULL)
shared_nm_glib_aux_tests_test_json_aux_LDADD = \
$(JANSSON_LIBS) \
shared/nm-glib-aux/libnm-glib-aux.la \
shared/systemd/libnm-systemd-logging-stub.la \
shared/nm-std-aux/libnm-std-aux.la \
shared/libcsiphash.la \
$(GLIB_LIBS) \
$(NULL)
endif
###############################################################################
noinst_LTLIBRARIES += introspection/libnmdbus.la
introspection_libnmdbus_la_CPPFLAGS = $(GLIB_CFLAGS)
@ -1028,13 +1064,6 @@ libnm_core_lib_c_real = \
libnm-core/nm-vpn-plugin-info.c \
$(NULL)
if WITH_JSON_VALIDATION
libnm_core_lib_h_priv += \
libnm-core/nm-json.h
libnm_core_lib_c_real += \
libnm-core/nm-json.c
endif
libnm_core_lib_c_mkenums = \
libnm-core/nm-core-enum-types.c
@ -1089,11 +1118,6 @@ libnm_core_libnm_core_la_CPPFLAGS = \
-DNETWORKMANAGER_COMPILATION=NM_NETWORKMANAGER_COMPILATION_LIBNM_CORE \
$(NULL)
if WITH_JSON_VALIDATION
libnm_core_libnm_core_la_CPPFLAGS += $(JANSSON_CFLAGS)
libnm_core_libnm_core_la_CPPFLAGS += -fcommon
endif
libnm_core_libnm_core_la_SOURCES = \
$(libnm_core_lib_h_pub_real) \
$(libnm_core_lib_h_priv) \
@ -3075,6 +3099,7 @@ EXTRA_DIST += \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_Team_Infiniband_Port.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_Team_Port.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_VLAN_reorder_hdr.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_WiFi_AP_Mode.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_WiFi_Band_A.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_WiFi_Hidden.cexpected \
src/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-Test_Write_WiFi_MAC_always.cexpected \
@ -5238,6 +5263,12 @@ CLEANFILES += \
include Makefile.examples
if WITH_PYTHON_BLACK
check-python-black:
test "$$NMTST_SKIP_PYTHON_BLACK" != 1 && $(BLACK) --check $(top_srcdir) $(top_srcdir)/examples/python/gi/nm-wg-set
check_local += check-python-black
endif
###############################################################################
check-local: $(check_local)

10
NEWS
View File

@ -1,3 +1,13 @@
=============================================
NetworkManager-1.28
Overview of changes since NetworkManager-1.26
=============================================
This is a snapshot of NetworkManager 1.28 development series.
The API is subject to change and not guaranteed to be compatible
with the later release.
USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE!
=============================================
NetworkManager-1.26
Overview of changes since NetworkManager-1.24

3
RELICENSE.md
View File

@ -73,6 +73,7 @@ Consent/Disapproval List
- [Y] Aleksander Morgado <aleksander@aleksander.es>
- [Y] Alfonso Sánchez-Beato <alfonso.sanchez-beato@canonical.com> (Canonical, Ltd.)
- [Y] Andrew Zaborowski <andrew.zaborowski@intel.com> (Intel Corporation)
- [Y] Antoine Faure <antoine.faure@sigfox.com> (Sigfox)
- [Y] Antony Mee <antony@onlymee.co.uk>
- [Y] Atul Anand <atulhjp@gmail.com>
@ -126,13 +127,13 @@ The contributors above may have contributed the code on behalf of a company
that holds the copyright. This list tracks such legal entities. The contributor
list above indicates whether a contributor provided code for a legal entity here.
- [?] Intel Corporation
- [?] Novell, Inc.
- [?] SUSE
- [Y] Canonical, Ltd.
- [Y] Endless Mobile, Inc.
- [Y] Endless OS LLC
- [Y] Intel Corporation
- [Y] One Laptop per Child
- [Y] Pengutronix
- [Y] Red Hat, Inc.

6
TODO
View File

@ -23,7 +23,7 @@ possibly get inspired by nm-connection-editor.
* Add Azure support to nm-cloud-setup.
nm-cloud-setup currently only works for EC2 (and only for IPv4). Add support for Azure
Currently, nm-cloud-setup only works for EC2 (and only for IPv4). Add support for Azure
cloud. See for example SUSE's cloud-netconfig which supports Azure
(https://github.com/SUSE-Enceladus/cloud-netconfig,
https://www.suse.com/c/multi-nic-cloud-netconfig-ec2-azure/). Note that cloud-netconfig
@ -33,7 +33,7 @@ anyway be almost impossible, because one is written in bash and the other in C.
* Improve our gitlab-ci integration.
Currently our .gitlab-ci starts various base containers and first installs
Currently, our .gitlab-ci starts various base containers and first installs
the necessary dependencies. That takes time and consumes bandwidth, we should
instead use more suitable containers. We should instead use ci-templates from
https://gitlab.freedesktop.org/freedesktop/ci-templates.
@ -110,7 +110,7 @@ connected before the drop.
* VPN IP Methods
Some VPNs (openvpn with TAP for example) require that DHCP is run on a
pseudo-ethernet device to obtain addressing information. This is not currently
pseudo-ethernet device to obtain addressing information. Currenty, this is not
possible, but NM already has all the code for DHCP. Thus, a new "method"
key should be defined in include/NetworkManagerVPN.h to allow for DHCP to
be performed if the VPN service daemon requests it in the IP4Config or IP6Config

4
clients/cli/connections.c
View File

@ -5372,7 +5372,7 @@ read_properties:
const char *slave_type = nm_setting_connection_get_slave_type (s_con);
/* If only bother when there's a type, which is not guaranteed at this point.
* Otherwise the validation will fail anyway. */
* Otherwise, the validation will fail anyway. */
if (type) {
gs_free char *try_name = NULL;
gs_free char *default_name = NULL;
@ -6709,7 +6709,7 @@ editor_sub_usage (const char *command)
g_print (_("remove [<value>|<index>|<option name>] :: delete the value\n\n"
"Removes the property value. For single-valued properties, this sets the\n"
"property back to its default value. For container-type properties, this removes\n"
"all the values of that property, or you can specify an argument to remove just\n"
"all the values of that property or you can specify an argument to remove just\n"
"a single item or option. The argument is either a value or index of the item to\n"
"remove, or an option name (for properties with named options).\n\n"
"Examples: nmcli ipv4.dns> remove 8.8.8.8\n"

2
clients/cli/devices.c
View File

@ -806,7 +806,7 @@ usage_device_modify (void)
"\n"
"ARGUMENTS := <ifname> ([+|-]<setting>.<property> <value>)+\n"
"\n"
"Modify one or more properties currently active on the device without modifying\n"
"Modify one or more properties that are currently active on the device without modifying\n"
"the connection profile. The changes have immediate effect. For multi-valued\n"
"properties you can use optional '+' or '-' prefix to the property name.\n"
"The '+' sign allows appending items instead of overwriting the whole value.\n"

2
clients/cli/nmcli.c
View File

@ -287,7 +287,7 @@ matches_arg (NmCli *nmc,
if (arg) {
/* If there's a "=" separator, replace it with NUL so that matches()
* works and consider the part after it to be the arguemnt's value. */
* works and consider the part after it to be the argument's value. */
s = strchr (opt, '=');
if (s) {
opt = nm_strndup_a (300, opt, s - opt, &opt_free);

4
clients/cli/settings.c
View File

@ -338,7 +338,7 @@ _set_fcn_precheck_connection_secondaries (NMClient *client,
g_print (_("Warning: %s is not an UUID of any existing connection profile\n"),
*iter);
} else {
/* Currently NM only supports VPN connections as secondaries */
/* Currently, NM only supports VPN connections as secondaries */
if (!nm_connection_is_type (con, NM_SETTING_VPN_SETTING_NAME)) {
g_set_error (error, 1, 0, _("'%s' is not a VPN connection profile"), *iter);
return FALSE;
@ -351,7 +351,7 @@ _set_fcn_precheck_connection_secondaries (NMClient *client,
return FALSE;
}
/* Currently NM only supports VPN connections as secondaries */
/* Currently, NM only supports VPN connections as secondaries */
if (!nm_connection_is_type (con, NM_SETTING_VPN_SETTING_NAME)) {
g_set_error (error, 1, 0, _("'%s' is not a VPN connection profile"), *iter);
return FALSE;

34
clients/cloud-setup/nm-cloud-setup-utils.c
View File

@ -6,6 +6,7 @@
#include "nm-glib-aux/nm-time-utils.h"
#include "nm-glib-aux/nm-logging-base.h"
#include "nm-glib-aux/nm-str-buf.h"
/*****************************************************************************/
@ -257,7 +258,6 @@ _poll_task_data_free (gpointer data)
static void
_poll_return (PollTaskData *poll_task_data,
gboolean success,
GError *error_take)
{
nm_clear_g_source_inst (&poll_task_data->source_next_poll);
@ -270,7 +270,7 @@ _poll_return (PollTaskData *poll_task_data,
if (error_take)
g_task_return_error (poll_task_data->task, g_steal_pointer (&error_take));
else
g_task_return_boolean (poll_task_data->task, success);
g_task_return_boolean (poll_task_data->task, TRUE);
g_object_unref (poll_task_data->task);
}
@ -301,7 +301,7 @@ _poll_done_cb (GObject *source,
if ( error
|| is_finished) {
_poll_return (poll_task_data, TRUE, g_steal_pointer (&error));
_poll_return (poll_task_data, g_steal_pointer (&error));
return;
}
@ -345,8 +345,8 @@ _poll_timeout_cb (gpointer user_data)
{
PollTaskData *poll_task_data = user_data;
_poll_return (poll_task_data, FALSE, nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN,
"timeout expired"));
_poll_return (poll_task_data, nm_utils_error_new (NM_UTILS_ERROR_UNKNOWN,
"timeout expired"));
return G_SOURCE_CONTINUE;
}
@ -356,23 +356,22 @@ _poll_cancelled_cb (GObject *object, gpointer user_data)
PollTaskData *poll_task_data = user_data;
GError *error = NULL;
_LOGD (">> poll cancelled");
nm_clear_g_signal_handler (g_task_get_cancellable (poll_task_data->task),
&poll_task_data->cancellable_id);
nm_utils_error_set_cancelled (&error, FALSE, NULL);
_poll_return (poll_task_data, FALSE, error);
_poll_return (poll_task_data, error);
}
/**
* nmcs_utils_poll:
* @poll_timeout_ms: if >= 0, then this is the overall timeout for how long we poll.
* When this timeout expires, the request completes with failure (but no error set).
* When this timeout expires, the request completes with failure (and error set).
* @ratelimit_timeout_ms: if > 0, we ratelimit the starts from one prope_start_fcn
* call to the next.
* @sleep_timeout_ms: if > 0, then we wait after a probe finished this timeout
* before the next. Together with @ratelimit_timeout_ms this determines how
* frequently we probe.
* @probe_start_fcn: used to start a (asynchrnous) probe. A probe must be completed
* @probe_start_fcn: used to start a (asynchronous) probe. A probe must be completed
* by calling the provided callback. While a probe is in progress, we will not
* start another. This function is already invoked the first time synchronously,
* during nmcs_utils_poll().
@ -459,7 +458,8 @@ nmcs_utils_poll (int poll_timeout_ms,
* %FALSE will be returned.
* If the probe returned a failure, this returns %FALSE and the error
* provided by @probe_finish_fcn.
* If the request times out, this returns %FALSE without error set.
* If the request times out, this returns %FALSE with error set.
* Error is always set if (and only if) the function returns %FALSE.
*/
gboolean
nmcs_utils_poll_finish (GAsyncResult *result,
@ -565,15 +565,13 @@ nmcs_utils_uri_build_concat_v (const char *base,
const char **components,
gsize n_components)
{
GString *uri;
NMStrBuf strbuf = NM_STR_BUF_INIT (NM_UTILS_GET_NEXT_REALLOC_SIZE_104, FALSE);
nm_assert (base);
nm_assert (base[0]);
nm_assert (!NM_STR_HAS_SUFFIX (base, "/"));
uri = g_string_sized_new (100);
g_string_append (uri, base);
nm_str_buf_append (&strbuf, base);
if ( n_components > 0
&& components[0]
@ -583,18 +581,18 @@ nmcs_utils_uri_build_concat_v (const char *base,
*
* We only do that for the first component. */
} else
g_string_append_c (uri, '/');
nm_str_buf_append_c (&strbuf, '/');
while (n_components > 0) {
if (!components[0]) {
/* we allow NULL, to indicate nothing to append*/
/* we allow NULL, to indicate nothing to append */
} else
g_string_append (uri, components[0]);
nm_str_buf_append (&strbuf, components[0]);
components++;
n_components--;
}
return g_string_free (uri, FALSE);
return nm_str_buf_finalize (&strbuf, NULL);
}
/*****************************************************************************/

67
clients/cloud-setup/nm-http-client.c
View File

@ -7,6 +7,7 @@
#include <curl/curl.h>
#include "nm-cloud-setup-utils.h"
#include "nm-glib-aux/nm-str-buf.h"
#define NM_CURL_DEBUG 0
@ -118,7 +119,7 @@ typedef struct {
CURLcode ehandle_result;
CURL *ehandle;
char *url;
GString *recv_data;
NMStrBuf recv_data;
struct curl_slist *headers;
gssize max_data;
gulong cancellable_id;
@ -144,8 +145,7 @@ _ehandle_free (EHandleData *edata)
g_object_unref (edata->task);
if (edata->recv_data)
g_string_free (edata->recv_data, TRUE);
nm_str_buf_destroy (&edata->recv_data);
if (edata->headers)
curl_slist_free_all (edata->headers);
g_free (edata->url);
@ -191,12 +191,15 @@ _ehandle_complete (EHandleData *edata,
_LOG2E (edata, "failed to get response code from curl easy handle");
_LOG2D (edata, "success getting %"G_GSIZE_FORMAT" bytes (response code %ld)",
edata->recv_data->len,
edata->recv_data.len,
response_code);
_LOG2T (edata, "received %"G_GSIZE_FORMAT" bytes: [[%s]]",
edata->recv_data->len,
nm_utils_buf_utf8safe_escape (edata->recv_data->str, edata->recv_data->len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, &str_tmp_1));
edata->recv_data.len,
nm_utils_buf_utf8safe_escape (nm_str_buf_get_str (&edata->recv_data),
edata->recv_data.len,
NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL,
&str_tmp_1));
_ehandle_free_ehandle (edata);
@ -205,7 +208,7 @@ _ehandle_complete (EHandleData *edata,
.response_code = response_code,
/* This ensures that response_data is always NUL terminated. This is an important guarantee
* that NMHttpClient makes. */
.response_data = g_string_free_to_bytes (g_steal_pointer (&edata->recv_data)),
.response_data = nm_str_buf_finalize_to_gbytes (&edata->recv_data),
};
g_task_return_pointer (edata->task, get_result, _get_result_free);
@ -225,14 +228,14 @@ _get_writefunction_cb (char *ptr, size_t size, size_t nmemb, void *user_data)
nmemb *= size;
if (edata->max_data >= 0) {
nm_assert (edata->recv_data->len <= edata->max_data);
nconsume = (((gsize) edata->max_data) - edata->recv_data->len);
nm_assert (edata->recv_data.len <= edata->max_data);
nconsume = (((gsize) edata->max_data) - edata->recv_data.len);
if (nconsume > nmemb)
nconsume = nmemb;
} else
nconsume = nmemb;
g_string_append_len (edata->recv_data, ptr, nconsume);
nm_str_buf_append_len (&edata->recv_data, ptr, nconsume);
return nconsume;
}
@ -283,7 +286,7 @@ nm_http_client_get (NMHttpClient *self,
edata = g_slice_new (EHandleData);
*edata = (EHandleData) {
.task = nm_g_task_new (self, cancellable, nm_http_client_get, callback, user_data),
.recv_data = g_string_sized_new (NM_MIN (max_data, 245)),
.recv_data = NM_STR_BUF_INIT (0, FALSE),
.max_data = max_data,
.url = g_strdup (url),
.headers = NULL,
@ -351,6 +354,21 @@ nm_http_client_get (NMHttpClient *self,
}
}
/**
* nm_http_client_get_finish:
* @self: the #NMHttpClient instance
* @result: the #GAsyncResult which to complete.
* @out_response_code: (allow-none) (out): the HTTP response code or -1 on other error.
* @out_response_data: (allow-none) (transfer full): the HTTP response data, if any.
* The GBytes buffer is guaranteed to have a trailing NUL character *after* the
* returned buffer size. That means, you can always trust that the buffer is NUL terminated
* and that there is one additional hidden byte after the data.
* Also, the returned buffer is allocated just for you. While GBytes is immutable, you are
* allowed to modify the buffer as it's not used by anybody else.
* @error: the error
*
* Returns: %TRUE on success or %FALSE with an error code.
*/
gboolean
nm_http_client_get_finish (NMHttpClient *self,
GAsyncResult *result,
@ -364,6 +382,9 @@ nm_http_client_get_finish (NMHttpClient *self,
g_return_val_if_fail (nm_g_task_is_valid (result, self, nm_http_client_get), FALSE);
get_result = g_task_propagate_pointer (G_TASK (result), error);
nm_assert (!error || (!!get_result) == (!*error));
if (!get_result) {
NM_SET_OUT (out_response_code, -1);
NM_SET_OUT (out_response_data, NULL);
@ -376,7 +397,6 @@ nm_http_client_get_finish (NMHttpClient *self,
NM_SET_OUT (out_response_data, g_steal_pointer (&get_result->response_data));
_get_result_free (get_result);
return TRUE;
}
@ -447,11 +467,14 @@ _poll_get_probe_finish_fcn (GObject *source,
&response_data,
&local_error);
if (!success) {
nm_assert ((!!success) == (!local_error));
if (local_error) {
if (nm_utils_error_is_cancelled (local_error)) {
g_propagate_error (error, g_steal_pointer (&local_error));
return TRUE;
}
/* any other error. Continue polling. */
return FALSE;
}
@ -468,8 +491,10 @@ _poll_get_probe_finish_fcn (GObject *source,
return TRUE;
}
if (!success)
if (!success) {
/* Not yet ready. Continue polling. */
return FALSE;
}
poll_get_data->response_code = response_code;
poll_get_data->response_data = g_steal_pointer (&response_data);
@ -487,10 +512,12 @@ _poll_get_done_cb (GObject *source,
success = nmcs_utils_poll_finish (result, NULL, &error);
nm_assert ((!!success) == (!error));
if (error)
g_task_return_error (poll_get_data->task, g_steal_pointer (&error));
else
g_task_return_boolean (poll_get_data->task, success);
g_task_return_boolean (poll_get_data->task, TRUE);
g_object_unref (poll_get_data->task);
}
@ -569,10 +596,11 @@ nm_http_client_poll_get_finish (NMHttpClient *self,
task = G_TASK (result);
success = g_task_propagate_boolean (task, &local_error);
if ( local_error
|| !success) {
if (local_error)
g_propagate_error (error, g_steal_pointer (&local_error));
nm_assert ((!!success) == (!local_error));
if (local_error) {
g_propagate_error (error, g_steal_pointer (&local_error));
NM_SET_OUT (out_response_code, -1);
NM_SET_OUT (out_response_data, NULL);
return FALSE;
@ -582,7 +610,6 @@ nm_http_client_poll_get_finish (NMHttpClient *self,
NM_SET_OUT (out_response_code, poll_get_data->response_code);
NM_SET_OUT (out_response_data, g_steal_pointer (&poll_get_data->response_data));
return TRUE;
}

87
clients/cloud-setup/nmcs-provider-ec2.c
View File

@ -90,13 +90,12 @@ _detect_get_meta_data_done_cb (GObject *source,
gs_unref_object GTask *task = user_data;
gs_free_error GError *get_error = NULL;
gs_free_error GError *error = NULL;
gboolean success;
success = nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source),
result,
NULL,
NULL,
&get_error);
nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source),
result,
NULL,
NULL,
&get_error);
if (nm_utils_error_is_cancelled (get_error)) {
g_task_return_error (task, g_steal_pointer (&get_error));
@ -112,14 +111,6 @@ _detect_get_meta_data_done_cb (GObject *source,
return;
}
if (!success) {
nm_utils_error_set (&error,
NM_UTILS_ERROR_UNKNOWN,
"failure to detect EC2 metadata");
g_task_return_error (task, g_steal_pointer (&error));
return;
}
g_task_return_boolean (task, TRUE);
}
@ -191,31 +182,28 @@ _get_config_fetch_done_cb (NMHttpClient *http_client,
gboolean is_local_ipv4)
{
GetConfigIfaceData *iface_data;
NMCSProviderGetConfigTaskData *get_config_data;
const char *hwaddr = NULL;
gs_unref_bytes GBytes *response_data = NULL;
gs_free_error GError *error = NULL;
gboolean success;
NMCSProviderGetConfigIfaceData *config_iface_data;
nm_utils_user_data_unpack (user_data, &iface_data, &hwaddr);
success = nm_http_client_poll_get_finish (http_client,
result,
NULL,
&response_data,
&error);
nm_http_client_poll_get_finish (http_client,
result,
NULL,
&response_data,
&error);
if (nm_utils_error_is_cancelled (error))
return;
get_config_data = iface_data->get_config_data;
config_iface_data = g_hash_table_lookup (get_config_data->result_dict, hwaddr);
if (success) {
if (!error) {
NMCSProviderGetConfigIfaceData *config_iface_data;
in_addr_t tmp_addr;
int tmp_prefix;
config_iface_data = g_hash_table_lookup (iface_data->get_config_data->result_dict, hwaddr);
if (is_local_ipv4) {
gs_free const char **s_addrs = NULL;
gsize i, len;
@ -436,7 +424,9 @@ _get_config_metadata_ready_check (long response_code,
GetConfigMetadataData *metadata_data = check_user_data;
gs_unref_hashtable GHashTable *response_parsed = NULL;
const guint8 *r_data;
const char *cur_line;
gsize r_len;
gsize cur_line_len;
GHashTableIter h_iter;
gboolean has_all;
const char *c_hwaddr;
@ -449,48 +439,33 @@ _get_config_metadata_ready_check (long response_code,
}
r_data = g_bytes_get_data (response_data, &r_len);
/* NMHttpClient guarantees that there is a trailing NUL after the data. */
nm_assert (r_data[r_len] == 0);
while (r_len > 0) {
const guint8 *p_eol;
const char *p_start;
gsize p_start_l;
gsize p_start_l_2;
char *hwaddr;
while (nm_utils_parse_next_line ((const char **) &r_data, &r_len, &cur_line, &cur_line_len)) {
GetConfigMetadataMac *mac_data;
char *hwaddr;
p_start = (const char *) r_data;
p_eol = memchr (r_data, '\n', r_len);
if (p_eol) {
p_start_l = (p_eol - r_data);
r_len -= p_start_l + 1;
r_data = &p_eol[1];
} else {
p_start_l = r_len;
r_data = &r_data[r_len];
r_len = 0;
}
if (p_start_l == 0)
if (cur_line_len == 0)
continue;
p_start_l_2 = p_start_l;
if (p_start[p_start_l_2 - 1] == '/') {
/* trim the trailing "/". */
p_start_l_2--;
}
/* Truncate the string. It's safe to do, because we own @response_data an it has an
* extra NUL character after the buffer. */
((char *) cur_line)[cur_line_len] = '\0';
hwaddr = nmcs_utils_hwaddr_normalize (p_start, p_start_l_2);
hwaddr = nmcs_utils_hwaddr_normalize (cur_line,
cur_line[cur_line_len - 1u] == '/'
? (gssize) (cur_line_len - 1u)
: -1);
if (!hwaddr)
continue;
if (!response_parsed)
response_parsed = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_free);
mac_data = g_malloc (sizeof (GetConfigMetadataData) + 1 + p_start_l);
mac_data = g_malloc (sizeof (GetConfigMetadataMac) + 1u + cur_line_len);
mac_data->iface_idx = iface_idx_counter++;
memcpy (mac_data->path, p_start, p_start_l);
mac_data->path[p_start_l] = '\0';
memcpy (mac_data->path, cur_line, cur_line_len + 1u);
g_hash_table_insert (response_parsed, hwaddr, mac_data);
}

77
clients/cloud-setup/nmcs-provider-gcp.c
View File

@ -46,13 +46,12 @@ _detect_get_meta_data_done_cb (GObject *source,
gs_unref_object GTask *task = user_data;
gs_free_error GError *get_error = NULL;
gs_free_error GError *error = NULL;
gboolean success;
success = nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source),
result,
NULL,
NULL,
&get_error);
nm_http_client_poll_get_finish (NM_HTTP_CLIENT (source),
result,
NULL,
NULL,
&get_error);
if (nm_utils_error_is_cancelled (get_error)) {
g_task_return_error (task, g_steal_pointer (&get_error));
@ -68,14 +67,6 @@ _detect_get_meta_data_done_cb (GObject *source,
return;
}
if (!success) {
nm_utils_error_set (&error,
NM_UTILS_ERROR_UNKNOWN,
"failure to detect GCP metadata");
g_task_return_error (task, g_steal_pointer (&error));
return;
}
g_task_return_boolean (task, TRUE);
}
@ -246,29 +237,29 @@ _get_config_ips_list_cb (GObject *source,
if (error)
goto fips_error;
response_str = g_bytes_get_data (response, &response_len);
/* NMHttpClient guarantees that there is a trailing NUL after the data. */
nm_assert (response_str[response_len] == 0);
uri_arr = g_ptr_array_new_with_free_func (g_free);
response_str = g_bytes_get_data (response, &response_len);
while (nm_utils_parse_next_line (&response_str,
&response_len,
&line,
&line_len)) {
nm_auto_free_gstring GString *gstr = NULL;
gint64 fip_index;
gstr = g_string_new_len (line, line_len);
fip_index = _nm_utils_ascii_str_to_int64 (gstr->str, 10, 0, G_MAXINT64, -1);
/* Truncate the string. It's safe to do, because we own @response_data an it has an
* extra NUL character after the buffer. */
((char *) line)[line_len] = '\0';
if (fip_index < 0) {
fip_index = _nm_utils_ascii_str_to_int64 (line, 10, 0, G_MAXINT64, -1);
if (fip_index < 0)
continue;
}
g_string_printf (gstr,
"%"G_GSSIZE_FORMAT"/forwarded-ips/%"G_GINT64_FORMAT,
iface_data->iface_idx,
fip_index);
g_ptr_array_add (uri_arr, g_string_free (g_steal_pointer (&gstr), FALSE));
g_ptr_array_add (uri_arr,
g_strdup_printf ("%"G_GSSIZE_FORMAT"/forwarded-ips/%"G_GINT64_FORMAT,
iface_data->iface_idx,
fip_index));
}
iface_data->n_fips_pending = uri_arr->len;
@ -321,7 +312,7 @@ _get_config_iface_cb (GObject *source,
gs_free_error GError *error = NULL;
gs_free const char *hwaddr = NULL;
gs_free const char *uri = NULL;
gs_free char *str = NULL;
char sbuf[100];
GCPData *gcp_data;
gcp_data = iface_data->gcp_data;
@ -350,11 +341,10 @@ _get_config_iface_cb (GObject *source,
iface_data->iface_idx,
hwaddr);
str = g_strdup_printf ("%"G_GSSIZE_FORMAT"/forwarded-ips/",
iface_data->iface_idx);
nm_sprintf_buf (sbuf, "%"G_GSSIZE_FORMAT"/forwarded-ips/", iface_data->iface_idx);
nm_http_client_poll_get (NM_HTTP_CLIENT (source),
(uri = _gcp_uri_interfaces (str)),
(uri = _gcp_uri_interfaces (sbuf)),
HTTP_TIMEOUT_MS,
HTTP_REQ_MAX_DATA,
HTTP_POLL_TIMEOUT_MS,
@ -379,13 +369,10 @@ _get_net_ifaces_list_cb (GObject *source,
gpointer user_data)
{
gs_unref_ptrarray GPtrArray *ifaces_arr = NULL;
nm_auto_free_gstring GString *gstr = NULL;
gs_unref_bytes GBytes *response = NULL;
gs_free_error GError *error = NULL;
GCPData *gcp_data = user_data;
const char *response_str;
const char *token_start;
const char *token_end;
gsize response_len;
const char *line;
gsize line_len;
@ -403,8 +390,10 @@ _get_net_ifaces_list_cb (GObject *source,
}
response_str = g_bytes_get_data (response, &response_len);
/* NMHttpClient guarantees that there is a trailing NUL after the data. */
nm_assert (response_str[response_len] == 0);
ifaces_arr = g_ptr_array_new ();
gstr = g_string_new (NULL);
while (nm_utils_parse_next_line (&response_str,
&response_len,
@ -413,16 +402,16 @@ _get_net_ifaces_list_cb (GObject *source,
GCPIfaceData *iface_data;
gssize iface_idx;
token_start = line;
token_end = memchr (token_start, '/', line_len);
if (!token_end)
if (line_len == 0)
continue;
g_string_truncate (gstr, 0);
g_string_append_len (gstr, token_start, token_end - token_start);
iface_idx = _nm_utils_ascii_str_to_int64 (gstr->str, 10, 0, G_MAXSSIZE, -1);
/* Truncate the string. It's safe to do, because we own @response_data an it has an
* extra NUL character after the buffer. */
((char *) line)[line_len] = '\0';
if (line[line_len - 1] == '/')
((char *) line)[--line_len] = '\0';
iface_idx = _nm_utils_ascii_str_to_int64 (line, 10, 0, G_MAXSSIZE, -1);
if (iface_idx < 0)
continue;
@ -442,14 +431,15 @@ _get_net_ifaces_list_cb (GObject *source,
for (i = 0; i < ifaces_arr->len; ++i) {
GCPIfaceData *data = ifaces_arr->pdata[i];
gs_free const char *uri = NULL;
char sbuf[100];
_LOGD ("GCP interface[%"G_GSSIZE_FORMAT"]: retrieving configuration",
data->iface_idx);
g_string_printf (gstr, "%"G_GSSIZE_FORMAT"/mac", data->iface_idx);
nm_sprintf_buf (sbuf, "%"G_GSSIZE_FORMAT"/mac", data->iface_idx);
nm_http_client_poll_get (NM_HTTP_CLIENT (source),
(uri = _gcp_uri_interfaces (gstr->str)),
(uri = _gcp_uri_interfaces (sbuf)),
HTTP_TIMEOUT_MS,
HTTP_REQ_MAX_DATA,
HTTP_POLL_TIMEOUT_MS,
@ -484,7 +474,6 @@ get_config (NMCSProvider *provider,
.n_ifaces_pending = 0,
.error = NULL,
.success = FALSE,
};
nm_http_client_poll_get (nmcs_provider_get_http_client (provider),

2
clients/common/nm-client-utils.c
View File

@ -515,7 +515,7 @@ can_show_graphics (void)
* Converts @strength into a 4-character-wide graphical representation of
* strength suitable for printing to stdout. If the current locale and terminal
* support it, this will use unicode graphics characters to represent
* "bars". Otherwise it will use 0 to 4 asterisks.
* "bars". Otherwise, it will use 0 to 4 asterisks.
*
* Returns: the graphical representation of the access point strength
*/

9
clients/common/nm-meta-setting-desc.c
View File

@ -834,14 +834,14 @@ _get_fcn_gobject_impl (const NMMetaPropertyInfo *property_info,
G_TYPE_HASH_TABLE);
if (glib_handles_str_transform) {
/* We rely on the type convertion of the gobject property to string. */
/* We rely on the type conversion of the gobject property to string. */
g_value_init (&val, G_TYPE_STRING);
} else
g_value_init (&val, gtype_prop);
g_object_get_property (G_OBJECT (setting), property_info->property_name, &val);
/* Currently only one particular property asks us to "handle_emptyunset".
/* Currently, only one particular property asks us to "handle_emptyunset".
* So, don't implement it (yet) for the other types, where it's unneeded. */
nm_assert ( !handle_emptyunset
|| ( gtype_prop == G_TYPE_STRV
@ -3294,7 +3294,7 @@ _set_fcn_objlist (ARGS_SET_FCN)
}
for (i = 0; i < nstrv; i++) {
/* FIXME: there is the problem here that set_fcn() might succed on the first item
/* FIXME: there is the problem here that set_fcn() might succeed on the first item
* (modifying it), and fail to parse the second one.
*
* Optimally, we would first parse all input strings before starting the
@ -7507,6 +7507,9 @@ static const NMMetaPropertyInfo *const property_infos_WIRELESS[] = {
),
),
),
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_AP_ISOLATION,
.property_type = &_pt_gobject_enum,
),
NULL
};

2
clients/common/qrcodegen.c
View File

@ -970,7 +970,7 @@ struct qrcodegen_Segment qrcodegen_makeEci(long assignVal, uint8_t buf[]) {
// Calculates the number of bits needed to encode the given segments at the given version.
// Returns a non-negative number if successful. Otherwise returns -1 if a segment has too
// Returns a non-negative number if successful. Otherwise, returns -1 if a segment has too
// many characters to fit its length field, or the total bits exceeds INT16_MAX.
testable int getTotalBits(const struct qrcodegen_Segment segs[], size_t len, int version) {
assert(segs != NULL || len == 0);

27
clients/common/settings-docs.h.in
View File

@ -4,6 +4,7 @@
#define DESCRIBE_DOC_NM_SETTING_OLPC_MESH_CHANNEL N_("Channel on which the mesh network to join is located.")
#define DESCRIBE_DOC_NM_SETTING_OLPC_MESH_DHCP_ANYCAST_ADDRESS N_("Anycast DHCP MAC address used when requesting an IP address via DHCP. The specific anycast address used determines which DHCP server class answers the request.")
#define DESCRIBE_DOC_NM_SETTING_OLPC_MESH_SSID N_("SSID of the mesh network to join.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_AP_ISOLATION N_("Configures AP isolation, which prevents communication between wireless devices connected to this AP. This property can be set to a value different from NM_TERNARY_DEFAULT (-1) only when the interface is configured in AP mode. If set to NM_TERNARY_TRUE (1), devices are not able to communicate with each other. This increases security because it protects devices against attacks from other clients in the network. At the same time, it prevents devices to access resources on the same wireless networks as file shares, printers, etc. If set to NM_TERNARY_FALSE (0), devices can talk to each other. When set to NM_TERNARY_DEFAULT (-1), the global default is used; in case the global default is unspecified it is assumed to be NM_TERNARY_FALSE (0).")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_BAND N_("802.11 frequency band of the network. One of \"a\" for 5GHz 802.11a or \"bg\" for 2.4GHz 802.11. This will lock associations to the Wi-Fi network to the specific band, i.e. if \"a\" is specified, the device will not associate with the same network in the 2.4GHz band even if the network's settings are compatible. This setting depends on specific driver capability and may not work with all drivers.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_BSSID N_("If specified, directs the device to only associate with the given access point. This capability is highly driver dependent and not supported by all devices. Note: this property does not control the BSSID used when creating an Ad-Hoc network and is unlikely to in the future.")
#define DESCRIBE_DOC_NM_SETTING_WIRELESS_CHANNEL N_("Wireless channel to use for the Wi-Fi connection. The device will only join (or create for Ad-Hoc networks) a Wi-Fi network on the specified channel. Because channel numbers overlap between bands, this property also requires the \"band\" property to be set.")
@ -128,7 +129,7 @@
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_QUERY_INTERVAL N_("Interval (in deciseconds) between queries sent by the bridge after the end of the startup phase.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_QUERY_RESPONSE_INTERVAL N_("Set the Max Response Time/Max Response Delay (in deciseconds) for IGMP/MLD queries sent by the bridge.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_QUERY_USE_IFADDR N_("If enabled the bridge's own IP address is used as the source address for IGMP queries otherwise the default of 0.0.0.0 is used.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_ROUTER N_("Sets bridge's multicast router. Multicast-snooping must be enabled for this option to work. Supported values are: 'auto', 'disabled', 'enabled'. If not specified the default value is 'auto'.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_ROUTER N_("Sets bridge's multicast router. Multicast-snooping must be enabled for this option to work. Supported values are: 'auto', 'disabled', 'enabled' to which kernel assigns the numbers 1, 0, and 2, respectively. If not specified the default value is 'auto' (1).")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_SNOOPING N_("Controls whether IGMP snooping is enabled for this bridge. Note that if snooping was automatically disabled due to hash collisions, the system may refuse to enable the feature until the collisions are resolved.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_STARTUP_QUERY_COUNT N_("Set the number of IGMP queries to send during startup phase.")
#define DESCRIBE_DOC_NM_SETTING_BRIDGE_MULTICAST_STARTUP_QUERY_INTERVAL N_("Sets the time (in deciseconds) between queries sent out at startup to determine membership information.")
@ -148,7 +149,7 @@
#define DESCRIBE_DOC_NM_SETTING_CDMA_PASSWORD N_("The password used to authenticate with the network, if required. Many providers do not require a password, or accept any password. But if a password is required, it is specified here.")
#define DESCRIBE_DOC_NM_SETTING_CDMA_PASSWORD_FLAGS N_("Flags indicating how to handle the \"password\" property.")
#define DESCRIBE_DOC_NM_SETTING_CDMA_USERNAME N_("The username used to authenticate with the network, if required. Many providers do not require a username, or accept any username. But if a username is required, it is specified here.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTH_RETRIES N_("The number of retries for the authentication. Zero means to try indefinitely; -1 means to use a global default. If the global default is not set, the authentication retries for 3 times before failing the connection. Currently this only applies to 802-1x authentication.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTH_RETRIES N_("The number of retries for the authentication. Zero means to try indefinitely; -1 means to use a global default. If the global default is not set, the authentication retries for 3 times before failing the connection. Currently, this only applies to 802-1x authentication.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT N_("Whether or not the connection should be automatically connected by NetworkManager when the resources for the connection are available. TRUE to automatically activate the connection, FALSE to require manual intervention to activate the connection. Note that autoconnect is not implemented for VPN profiles. See \"secondaries\" as an alternative to automatically connect VPN profiles.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_PRIORITY N_("The autoconnect priority. If the connection is set to autoconnect, connections with higher priority will be preferred. Defaults to 0. The higher number means higher priority.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_RETRIES N_("The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden). Setting this to 1 means to try activation only once before blocking autoconnect. Note that after a timeout, NetworkManager will try to autoconnect again.")
@ -157,17 +158,17 @@
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_ID N_("A human readable unique identifier for the connection, like \"Work Wi-Fi\" or \"T-Mobile 3G\".")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_INTERFACE_NAME N_("The name of the network interface this connection is bound to. If not set, then the connection can be attached to any interface of the appropriate type (subject to restrictions imposed by other settings). For software devices this specifies the name of the created device. For connection types where interface names cannot easily be made persistent (e.g. mobile broadband or USB Ethernet), this property should not be used. Setting this property restricts the interfaces a connection can be used with, and if interface names change or are reordered the connection may be applied to the wrong interface.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_LLDP N_("Whether LLDP is enabled for the connection.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_LLMNR N_("Whether Link-Local Multicast Name Resolution (LLMNR) is enabled for the connection. LLMNR is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. The permitted values are: \"yes\" (2) register hostname and resolving for the connection, \"no\" (0) disable LLMNR for the interface, \"resolve\" (1) do not register hostname but allow resolving of LLMNR host names If unspecified, \"default\" ultimately depends on the DNS plugin (which for systemd-resolved currently means \"yes\"). This feature requires a plugin which supports LLMNR. Otherwise the setting has no effect. One such plugin is dns-systemd-resolved.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_LLMNR N_("Whether Link-Local Multicast Name Resolution (LLMNR) is enabled for the connection. LLMNR is a protocol based on the Domain Name System (DNS) packet format that allows both IPv4 and IPv6 hosts to perform name resolution for hosts on the same local link. The permitted values are: \"yes\" (2) register hostname and resolving for the connection, \"no\" (0) disable LLMNR for the interface, \"resolve\" (1) do not register hostname but allow resolving of LLMNR host names If unspecified, \"default\" ultimately depends on the DNS plugin (which for systemd-resolved currently means \"yes\"). This feature requires a plugin which supports LLMNR. Otherwise, the setting has no effect. One such plugin is dns-systemd-resolved.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_MASTER N_("Interface name of the master device or UUID of the master connection.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_MDNS N_("Whether mDNS is enabled for the connection. The permitted values are: \"yes\" (2) register hostname and resolving for the connection, \"no\" (0) disable mDNS for the interface, \"resolve\" (1) do not register hostname but allow resolving of mDNS host names and \"default\" (-1) to allow lookup of a global default in NetworkManager.conf. If unspecified, \"default\" ultimately depends on the DNS plugin (which for systemd-resolved currently means \"no\"). This feature requires a plugin which supports mDNS. Otherwise the setting has no effect. One such plugin is dns-systemd-resolved.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_MDNS N_("Whether mDNS is enabled for the connection. The permitted values are: \"yes\" (2) register hostname and resolving for the connection, \"no\" (0) disable mDNS for the interface, \"resolve\" (1) do not register hostname but allow resolving of mDNS host names and \"default\" (-1) to allow lookup of a global default in NetworkManager.conf. If unspecified, \"default\" ultimately depends on the DNS plugin (which for systemd-resolved currently means \"no\"). This feature requires a plugin which supports mDNS. Otherwise, the setting has no effect. One such plugin is dns-systemd-resolved.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_METERED N_("Whether the connection is metered. When updating this property on a currently activated connection, the change takes effect immediately.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_MUD_URL N_("If configured, set to a Manufacturer Usage Description (MUD) URL that points to manufacturer-recommended network policies for IoT devices. It is transmitted as a DHCPv4 or DHCPv6 option. The value must be a valid URL starting with \"https://\". The special value \"none\" is allowed to indicate that no MUD URL is used. If the per-profile value is unspecified (the default), a global connection default gets consulted. If still unspecified, the ultimate default is \"none\".")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_MULTI_CONNECT N_("Specifies whether the profile can be active multiple times at a particular moment. The value is of type NMConnectionMultiConnect.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_PERMISSIONS N_("An array of strings defining what access a given user has to this connection. If this is NULL or empty, all users are allowed to access this connection; otherwise users are allowed if and only if they are in this list. When this is not empty, the connection can be active only when one of the specified users is logged into an active session. Each entry is of the form \"[type]:[id]:[reserved]\"; for example, \"user:dcbw:blah\". At this time only the \"user\" [type] is allowed. Any other values are ignored and reserved for future use. [id] is the username that this permission refers to, which may not contain the \":\" character. Any [reserved] information present must be ignored and is reserved for future use. All of [type], [id], and [reserved] must be valid UTF-8.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_READ_ONLY N_("FALSE if the connection can be modified using the provided settings service's D-Bus interface with the right privileges, or TRUE if the connection is read-only and cannot be modified.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_SECONDARIES N_("List of connection UUIDs that should be activated when the base connection itself is activated. Currently only VPN connections are supported.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_SECONDARIES N_("List of connection UUIDs that should be activated when the base connection itself is activated. Currently, only VPN connections are supported.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_SLAVE_TYPE N_("Setting name of the device type of this slave's master connection (eg, \"bond\"), or NULL if this connection is not a slave.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_STABLE_ID N_("This represents the identity of the connection used for various purposes. It allows to configure multiple profiles to share the identity. Also, the stable-id can contain placeholders that are substituted dynamically and deterministically depending on the context. The stable-id is used for generating IPv6 stable private addresses with ipv6.addr-gen-mode=stable-privacy. It is also used to seed the generated cloned MAC address for ethernet.cloned-mac-address=stable and wifi.cloned-mac-address=stable. It is also used as DHCP client identifier with ipv4.dhcp-client-id=stable and to derive the DHCP DUID with ipv6.dhcp-duid=stable-[llt,ll,uuid]. Note that depending on the context where it is used, other parameters are also seeded into the generation algorithm. For example, a per-host key is commonly also included, so that different systems end up generating different IDs. Or with ipv6.addr-gen-mode=stable-privacy, also the device's name is included, so that different interfaces yield different addresses. The '$' character is treated special to perform dynamic substitutions at runtime. Currently supported are \"${CONNECTION}\", \"${DEVICE}\", \"${MAC}\", \"${BOOT}\", \"${RANDOM}\". These effectively create unique IDs per-connection, per-device, per-boot, or every time. Note that \"${DEVICE}\" corresponds to the interface name of the device and \"${MAC}\" is the permanent MAC address of the device. Any unrecognized patterns following '$' are treated verbatim, however are reserved for future use. You are thus advised to avoid '$' or escape it as \"$$\". For example, set it to \"${CONNECTION}-${BOOT}-${DEVICE}\" to create a unique id for this connection that changes with every reboot and differs depending on the interface where the profile activates. If the value is unset, a global connection default is consulted. If the value is still unset, the default is similar to \"${CONNECTION}\" and uses a unique, fixed ID for the connection.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_STABLE_ID N_("This represents the identity of the connection used for various purposes. It allows to configure multiple profiles to share the identity. Also, the stable-id can contain placeholders that are substituted dynamically and deterministically depending on the context. The stable-id is used for generating IPv6 stable private addresses with ipv6.addr-gen-mode=stable-privacy. It is also used to seed the generated cloned MAC address for ethernet.cloned-mac-address=stable and wifi.cloned-mac-address=stable. It is also used as DHCP client identifier with ipv4.dhcp-client-id=stable and to derive the DHCP DUID with ipv6.dhcp-duid=stable-[llt,ll,uuid]. Note that depending on the context where it is used, other parameters are also seeded into the generation algorithm. For example, a per-host key is commonly also included, so that different systems end up generating different IDs. Or with ipv6.addr-gen-mode=stable-privacy, also the device's name is included, so that different interfaces yield different addresses. The '$' character is treated special to perform dynamic substitutions at runtime. Currently, supported are \"${CONNECTION}\", \"${DEVICE}\", \"${MAC}\", \"${BOOT}\", \"${RANDOM}\". These effectively create unique IDs per-connection, per-device, per-boot, or every time. Note that \"${DEVICE}\" corresponds to the interface name of the device and \"${MAC}\" is the permanent MAC address of the device. Any unrecognized patterns following '$' are treated verbatim, however are reserved for future use. You are thus advised to avoid '$' or escape it as \"$$\". For example, set it to \"${CONNECTION}-${BOOT}-${DEVICE}\" to create a unique id for this connection that changes with every reboot and differs depending on the interface where the profile activates. If the value is unset, a global connection default is consulted. If the value is still unset, the default is similar to \"${CONNECTION}\" and uses a unique, fixed ID for the connection.")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_TIMESTAMP N_("The time, in seconds since the Unix Epoch, that the connection was last _successfully_ fully activated. NetworkManager updates the connection timestamp periodically when the connection is active to ensure that an active connection has the latest timestamp. The property is only meant for reading (changes to this property will not be preserved).")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_TYPE N_("Base type of the connection. For hardware-dependent connections, should contain the setting name of the hardware-type specific setting (ie, \"802-3-ethernet\" or \"802-11-wireless\" or \"bluetooth\", etc), and for non-hardware dependent connections like VPN or otherwise, should contain the setting name of that setting type (ie, \"vpn\" or \"bridge\", etc).")
#define DESCRIBE_DOC_NM_SETTING_CONNECTION_UUID N_("A universally unique identifier for the connection, for example generated with libuuid. It should be assigned when the connection is created, and never changed as long as the connection still applies to the same network. For example, it should not be changed when the \"id\" property or NMSettingIP4Config changes, but might need to be re-created when the Wi-Fi SSID, mobile broadband network provider, or \"type\" property changes. The UUID must be in the format \"2815492f-7e56-435e-b2e9-246bd7cdc664\" (ie, contains only hexadecimal characters and \"-\").")
@ -204,11 +205,11 @@
#define DESCRIBE_DOC_NM_SETTING_GSM_USERNAME N_("The username used to authenticate with the network, if required. Many providers do not require a username, or accept any username. But if a username is required, it is specified here.")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_MAC_ADDRESS N_("If specified, this connection will only apply to the IPoIB device whose permanent MAC address matches. This property does not change the MAC address of the device (i.e. MAC spoofing).")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_MTU N_("If non-zero, only transmit packets of the specified size or smaller, breaking larger packets up into multiple frames.")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_P_KEY N_("The InfiniBand P_Key to use for this device. A value of -1 means to use the default P_Key (aka \"the P_Key at index 0\"). Otherwise it is a 16-bit unsigned integer, whose high bit is set if it is a \"full membership\" P_Key.")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_P_KEY N_("The InfiniBand P_Key to use for this device. A value of -1 means to use the default P_Key (aka \"the P_Key at index 0\"). Otherwise, it is a 16-bit unsigned integer, whose high bit is set if it is a \"full membership\" P_Key.")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_PARENT N_("The interface name of the parent device of this device. Normally NULL, but if the \"p_key\" property is set, then you must specify the base device by setting either this property or \"mac-address\".")
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_TRANSPORT_MODE N_("The IP-over-InfiniBand transport mode. Either \"datagram\" or \"connected\".")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_ENCAPSULATION_LIMIT N_("How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLAGS N_("Tunnel flags. Currently the following values are supported: NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_TCLASS (0x2), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FLOWLABEL (0x4), NM_IP_TUNNEL_FLAG_IP6_MIP6_DEV (0x8), NM_IP_TUNNEL_FLAG_IP6_RCV_DSCP_COPY (0x10), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FWMARK (0x20). They are valid only for IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLAGS N_("Tunnel flags. Currently, the following values are supported: NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_TCLASS (0x2), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FLOWLABEL (0x4), NM_IP_TUNNEL_FLAG_IP6_MIP6_DEV (0x8), NM_IP_TUNNEL_FLAG_IP6_RCV_DSCP_COPY (0x10), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FWMARK (0x20). They are valid only for IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLOW_LABEL N_("The flow label to assign to tunnel packets. This property applies only to IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_INPUT_KEY N_("The key used for tunnel input packets; the property is valid only for certain tunnel modes (GRE, IP6GRE). If empty, no key is used.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_LOCAL N_("The local endpoint of the tunnel; the value can be empty, otherwise it must contain an IPv4 or IPv6 address.")
@ -225,7 +226,7 @@
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_CLIENT_ID N_("A string sent to the DHCP server to identify the local machine which the DHCP server may use to customize the DHCP lease and options. When the property is a hex string ('aa:bb:cc') it is interpreted as a binary client ID, in which case the first byte is assumed to be the 'type' field as per RFC 2132 section 9.14 and the remaining bytes may be an hardware address (e.g. '01:xx:xx:xx:xx:xx:xx' where 1 is the Ethernet ARP type and the rest is a MAC address). If the property is not a hex string it is considered as a non-hardware-address client ID and the 'type' field is set to 0. The special values \"mac\" and \"perm-mac\" are supported, which use the current or permanent MAC address of the device to generate a client identifier with type ethernet (01). Currently, these options only work for ethernet type of links. The special value \"duid\" generates a RFC4361-compliant client identifier based on a hash of the interface name as IAID and /etc/machine-id. The special value \"stable\" is supported to generate a type 0 client identifier based on the stable-id (see connection.stable-id) and a per-host key. If you set the stable-id, you may want to include the \"${DEVICE}\" or \"${MAC}\" specifier to get a per-device key. If unset, a globally configured default is used. If still unset, the default depends on the DHCP plugin.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_FQDN N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified FQDN will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-hostname\" are mutually exclusive and cannot be set at the same time.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently, this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The property is a 32-bit decimal value or a special value among \"mac\", \"perm-mac\", \"ifname\" and \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". Note that at the moment this property is ignored for IPv6 by dhclient, which always derives the IAID from the MAC address.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_SEND_HOSTNAME N_("If TRUE, a hostname is sent to the DHCP server when acquiring a lease. Some DHCP servers use this hostname to update DNS databases, essentially providing a static hostname for the computer. If the \"dhcp-hostname\" property is NULL and this property is TRUE, the current persistent hostname of the computer is sent.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_TIMEOUT N_("A timeout for a DHCP transaction in seconds. If zero (the default), a globally configured default is used. If still unspecified, a device specific timeout is used (usually 45 seconds). Set to 2147483647 (MAXINT32) for infinity.")
@ -247,7 +248,7 @@
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DAD_TIMEOUT N_("Timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. A zero value means that no duplicate address detection is performed, -1 means the default value (either configuration ipvx.dad-timeout override or zero). A value greater than zero is a timeout in milliseconds. The property is currently implemented only for IPv4.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_DUID N_("A string containing the DHCPv6 Unique Identifier (DUID) used by the dhcp client to identify itself to DHCPv6 servers (RFC 3315). The DUID is carried in the Client Identifier option. If the property is a hex string ('aa:bb:cc') it is interpreted as a binary DUID and filled as an opaque value in the Client Identifier option. The special value \"lease\" will retrieve the DUID previously used from the lease file belonging to the connection. If no DUID is found and \"dhclient\" is the configured dhcp client, the DUID is searched in the system-wide dhclient lease file. If still no DUID is found, or another dhcp client is used, a global and permanent DUID-UUID (RFC 6355) will be generated based on the machine-id. The special values \"llt\" and \"ll\" will generate a DUID of type LLT or LL (see RFC 3315) based on the current MAC address of the device. In order to try providing a stable DUID-LLT, the time field will contain a constant timestamp that is used globally (for all profiles) and persisted to disk. The special values \"stable-llt\", \"stable-ll\" and \"stable-uuid\" will generate a DUID of the corresponding type, derived from the connection's stable-id and a per-host unique key. You may want to include the \"${DEVICE}\" or \"${MAC}\" specifier in the stable-id, in case this profile gets activated on multiple devices. So, the link-layer address of \"stable-ll\" and \"stable-llt\" will be a generated address derived from the stable id. The DUID-LLT time value in the \"stable-llt\" option will be picked among a static timespan of three years (the upper bound of the interval is the same constant timestamp used in \"llt\"). When the property is unset, the global value provided for \"ipv6.dhcp-duid\" is used. If no global value is provided, the default \"lease\" value is assumed.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently, this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The property is a 32-bit decimal value or a special value among \"mac\", \"perm-mac\", \"ifname\" and \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". Note that at the moment this property is ignored for IPv6 by dhclient, which always derives the IAID from the MAC address.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_SEND_HOSTNAME N_("If TRUE, a hostname is sent to the DHCP server when acquiring a lease. Some DHCP servers use this hostname to update DNS databases, essentially providing a static hostname for the computer. If the \"dhcp-hostname\" property is NULL and this property is TRUE, the current persistent hostname of the computer is sent.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_TIMEOUT N_("A timeout for a DHCP transaction in seconds. If zero (the default), a globally configured default is used. If still unspecified, a device specific timeout is used (usually 45 seconds). Set to 2147483647 (MAXINT32) for infinity.")
@ -332,7 +333,7 @@
#define DESCRIBE_DOC_NM_SETTING_SERIAL_STOPBITS N_("Number of stop bits for communication on the serial port. Either 1 or 2. The 1 in \"8n1\" for example.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_AUTOPROBE_DRIVERS N_("Whether to autoprobe virtual functions by a compatible driver. If set to NM_TERNARY_TRUE (1), the kernel will try to bind VFs to a compatible driver and if this succeeds a new network interface will be instantiated for each VF. If set to NM_TERNARY_FALSE (0), VFs will not be claimed and no network interfaces will be created for them. When set to NM_TERNARY_DEFAULT (-1), the global default is used; in case the global default is unspecified it is assumed to be NM_TERNARY_TRUE (1).")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_TOTAL_VFS N_("The total number of virtual functions to create. Note that when the sriov setting is present NetworkManager enforces the number of virtual functions on the interface (also when it is zero) during activation and resets it upon deactivation. To prevent any changes to SR-IOV parameters don't add a sriov setting to the connection.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_VFS N_("Array of virtual function descriptors. Each VF descriptor is a dictionary mapping attribute names to GVariant values. The 'index' entry is mandatory for each VF. When represented as string a VF is in the form: \"INDEX [ATTR=VALUE[ ATTR=VALUE]...]\". for example: \"2 mac=00:11:22:33:44:55 spoof-check=true\". Multiple VFs can be specified using a comma as separator. Currently the following attributes are supported: mac, spoof-check, trust, min-tx-rate, max-tx-rate, vlans. The \"vlans\" attribute is represented as a semicolon-separated list of VLAN descriptors, where each descriptor has the form \"ID[.PRIORITY[.PROTO]]\". PROTO can be either 'q' for 802.1Q (the default) or 'ad' for 802.1ad.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_VFS N_("Array of virtual function descriptors. Each VF descriptor is a dictionary mapping attribute names to GVariant values. The 'index' entry is mandatory for each VF. When represented as string a VF is in the form: \"INDEX [ATTR=VALUE[ ATTR=VALUE]...]\". for example: \"2 mac=00:11:22:33:44:55 spoof-check=true\". Multiple VFs can be specified using a comma as separator. Currently, the following attributes are supported: mac, spoof-check, trust, min-tx-rate, max-tx-rate, vlans. The \"vlans\" attribute is represented as a semicolon-separated list of VLAN descriptors, where each descriptor has the form \"ID[.PRIORITY[.PROTO]]\". PROTO can be either 'q' for 802.1Q (the default) or 'ad' for 802.1ad.")
#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_QDISCS N_("Array of TC queueing disciplines.")
#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_TFILTERS N_("Array of TC traffic filters.")
#define DESCRIBE_DOC_NM_SETTING_TEAM_CONFIG N_("The JSON configuration for the team network interface. The property should contain raw JSON configuration data suitable for teamd, because the value is passed directly to teamd. If not specified, the default configuration is used. See man teamd.conf for the format details.")
@ -393,12 +394,12 @@
#define DESCRIBE_DOC_NM_SETTING_VXLAN_SOURCE_PORT_MIN N_("Specifies the minimum UDP source port to communicate to the remote VXLAN tunnel endpoint.")
#define DESCRIBE_DOC_NM_SETTING_VXLAN_TOS N_("Specifies the TOS value to use in outgoing packets.")
#define DESCRIBE_DOC_NM_SETTING_VXLAN_TTL N_("Specifies the time-to-live value to use in outgoing packets.")
#define DESCRIBE_DOC_NM_SETTING_WIFI_P2P_PEER N_("The P2P device that should be connected to. Currently this is the only way to create or join a group.")
#define DESCRIBE_DOC_NM_SETTING_WIFI_P2P_PEER N_("The P2P device that should be connected to. Currently, this is the only way to create or join a group.")
#define DESCRIBE_DOC_NM_SETTING_WIFI_P2P_WFD_IES N_("The Wi-Fi Display (WFD) Information Elements (IEs) to set. Wi-Fi Display requires a protocol specific information element to be set in certain Wi-Fi frames. These can be specified here for the purpose of establishing a connection. This setting is only useful when implementing a Wi-Fi Display client.")
#define DESCRIBE_DOC_NM_SETTING_WIFI_P2P_WPS_METHOD N_("Flags indicating which mode of WPS is to be used. There's little point in changing the default setting as NetworkManager will automatically determine the best method to use.")
#define DESCRIBE_DOC_NM_SETTING_WIMAX_MAC_ADDRESS N_("If specified, this connection will only apply to the WiMAX device whose MAC address matches. This property does not change the MAC address of the device (known as MAC spoofing). Deprecated: 1")
#define DESCRIBE_DOC_NM_SETTING_WIMAX_NETWORK_NAME N_("Network Service Provider (NSP) name of the WiMAX network this connection should use. Deprecated: 1")
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_FWMARK N_("The use of fwmark is optional and is by default off. Setting it to 0 disables it. Otherwise it is a 32-bit fwmark for outgoing packets. Note that \"ip4-auto-default-route\" or \"ip6-auto-default-route\" enabled, implies to automatically choose a fwmark.")
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_FWMARK N_("The use of fwmark is optional and is by default off. Setting it to 0 disables it. Otherwise, it is a 32-bit fwmark for outgoing packets. Note that \"ip4-auto-default-route\" or \"ip6-auto-default-route\" enabled, implies to automatically choose a fwmark.")
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_IP4_AUTO_DEFAULT_ROUTE N_("Whether to enable special handling of the IPv4 default route. If enabled, the IPv4 default route from wireguard.peer-routes will be placed to a dedicated routing-table and two policy routing rules will be added. The fwmark number is also used as routing-table for the default-route, and if fwmark is zero, an unused fwmark/table is chosen automatically. This corresponds to what wg-quick does with Table=auto and what WireGuard calls \"Improved Rule-based Routing\". Note that for this automatism to work, you usually don't want to set ipv4.gateway, because that will result in a conflicting default route. Leaving this at the default will enable this option automatically if ipv4.never-default is not set and there are any peers that use a default-route as allowed-ips.")
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_IP6_AUTO_DEFAULT_ROUTE N_("Like ip4-auto-default-route, but for the IPv6 default route.")
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_LISTEN_PORT N_("The listen-port. If listen-port is not specified, the port will be chosen randomly when the interface comes up.")

10
clients/tests/test-client.check-on-disk/test_004.expected
View File

@ -58,12 +58,12 @@ location: clients/tests/test-client.py:test_004()/7
cmd: $NMCLI connection mod con-xx1 ipv4.addresses 192.168.77.5/24 ipv4.routes '2.3.4.5/32 192.168.77.1' ipv6.addresses 1:2:3:4::6/64 ipv6.routes 1:2:3:4:5:6::5/128
lang: C
returncode: 0
size: 4464
size: 4517
location: clients/tests/test-client.py:test_004()/8
cmd: $NMCLI con s con-xx1
lang: C
returncode: 0
stdout: 4336 bytes
stdout: 4389 bytes
>>>
connection.id: con-xx1
connection.uuid: UUID-con-xx1-REPLACED-REPLACED-REPLA
@ -106,6 +106,7 @@ connection.wait-device-timeout: -1
802-11-wireless.hidden: no
802-11-wireless.powersave: 0 (default)
802-11-wireless.wake-on-wlan: 0x1 (default)
802-11-wireless.ap-isolation: -1 (default)
ipv4.method: auto
ipv4.dns: --
ipv4.dns-search: --
@ -160,12 +161,12 @@ proxy.pac-url: --
proxy.pac-script: --
<<<
size: 4492
size: 4545
location: clients/tests/test-client.py:test_004()/9
cmd: $NMCLI con s con-xx1
lang: pl_PL.UTF-8
returncode: 0
stdout: 4354 bytes
stdout: 4407 bytes
>>>
connection.id: con-xx1
connection.uuid: UUID-con-xx1-REPLACED-REPLACED-REPLA
@ -208,6 +209,7 @@ connection.wait-device-timeout: -1
802-11-wireless.hidden: nie
802-11-wireless.powersave: 0 (default)
802-11-wireless.wake-on-wlan: 0x1 (default)
802-11-wireless.ap-isolation: -1 (default)
ipv4.method: auto
ipv4.dns: --
ipv4.dns-search: --

2
clients/tui/newt/nmt-newt-form.c
View File

@ -287,7 +287,7 @@ nmt_newt_form_iterate (NmtNewtForm *form)
if (es.reason == NEWT_EXIT_COMPONENT) {
/* The user hit Return/Space on a component; update the form focus
* to point that that component, and activate it.
* to point that component, and activate it.
*/
focus = nmt_newt_widget_find_component (priv->content, es.u.co);
if (focus) {

2
clients/tui/newt/nmt-newt-textbox.c
View File

@ -40,7 +40,7 @@ enum {
/**
* NmtNewtTextboxFlags:
* @NMT_NEWT_TEXTBOX_SCROLLABLE: the textbox should be scollable.
* @NMT_NEWT_TEXTBOX_SCROLLABLE: the textbox should be scrollable.
* @NMT_NEWT_TEXTBOX_SET_BACKGROUND: the textbox should have a
* white background
*

2
clients/tui/nmt-mtu-entry.c
View File

@ -13,7 +13,7 @@
* contains a valid MTU.
*
* The entry also has an attached #NmtNewtLabel. When the entry value
* is "0", the label will read "(default)". Otherwise it reads "bytes",
* is "0", the label will read "(default)". Otherwise, it reads "bytes",
* indicating the units used by the entry.
*/

3
config.h.meson
View File

@ -212,9 +212,6 @@
/* Define if JANSSON is enabled */
#mesondefine WITH_JANSSON
/* Define if JSON validation in libnm is enabled */
#mesondefine WITH_JSON_VALIDATION
/* Define if you have libpsl */
#mesondefine WITH_LIBPSL

33
configure.ac
View File

@ -7,8 +7,8 @@ dnl - add corresponding NM_VERSION_x_y_z macros in
dnl "shared/nm-version-macros.h.in"
dnl - update number in meson.build
m4_define([nm_major_version], [1])
m4_define([nm_minor_version], [26])
m4_define([nm_micro_version], [0])
m4_define([nm_minor_version], [27])
m4_define([nm_micro_version], [1])
m4_define([nm_version],
[nm_major_version.nm_minor_version.nm_micro_version])
@ -174,7 +174,7 @@ AC_ARG_ENABLE(ifupdown, AS_HELP_STRING([--enable-ifupdown], [enable ifupdown con
# Default alternative plugins by distribution
AS_IF([test -z "$enable_ifcfg_rh" -a -d /etc/sysconfig/network-scripts], enable_ifcfg_rh=yes)
AS_IF([test -z "$enable_ifupdown" -a -f /etc/debian_version], enable_ifupdown=yes)
# Otherwise plugins default to "no"
# Otherwise, plugins default to "no"
AS_IF([test -z "$enable_ifcfg_rh"], enable_ifcfg_rh=no)
AS_IF([test -z "$enable_ifupdown"], enable_ifupdown=no)
# Create automake conditionals
@ -583,7 +583,7 @@ PKG_CHECK_MODULES(UUID, uuid)
# Teamd control checks
PKG_CHECK_MODULES(JANSSON, [jansson >= 2.5], [have_jansson=yes], [have_jansson=no])
PKG_CHECK_MODULES(JANSSON, [jansson >= 2.7], [have_jansson=yes], [have_jansson=no])
if test "$have_jansson" = "yes"; then
AC_DEFINE(WITH_JANSSON, 1, [Define if JANSSON is enabled])
@ -596,6 +596,8 @@ if test "$have_jansson" = "yes"; then
fi
AC_DEFINE_UNQUOTED(JANSSON_SONAME, "$JANSSON_SONAME", [Define to path to the Jansson shared library])
else
have_jansson=no
JANSSON_SONAME=
AC_DEFINE(WITH_JANSSON, 0, [Define if JANSSON is enabled])
fi
AM_CONDITIONAL(WITH_JANSSON, test "${have_jansson}" = "yes")
@ -622,21 +624,6 @@ if test "${enable_teamdctl}" = "yes"; then
fi
AM_CONDITIONAL(WITH_TEAMDCTL, test "${enable_teamdctl}" = "yes")
# Jansson for team configuration validation
AC_ARG_ENABLE(json-validation,
AS_HELP_STRING([--enable-json-validation], [Enable JSON validation in libnm]),
[enable_json_validation=${enableval}],
[enable_json_validation=${have_jansson}])
if test "${enable_json_validation}" = "no"; then
AC_DEFINE(WITH_JSON_VALIDATION, 0, [Define if JSON validation in libnm is enabled])
else
if test "$have_jansson" = "no"; then
AC_MSG_ERROR([jansson is needed for team configuration validation. Use --disable-json-validation to build without it.])
fi
AC_DEFINE(WITH_JSON_VALIDATION, 1, [Define if JSON validation in libnm is enabled])
fi
AM_CONDITIONAL(WITH_JSON_VALIDATION, test "${enable_json_validation}" != "no")
# we usually compile with polkit support. --enable-polkit=yes|no only sets the
# default configuration for main.auth-polkit. User can always enable/disable polkit
# authorization via config.
@ -915,7 +902,7 @@ if test "$config_dns_rc_manager_default" != "" -a \
fi
# Use netconfig by default on SUSE
AS_IF([test -z "$with_netconfig" -a -f /etc/SuSE-release], with_netconfig=yes)
# Otherwise default to "no"
# Otherwise, default to "no"
AS_IF([test -z "$with_resolvconf"], with_resolvconf=no)
AS_IF([test -z "$with_netconfig"], with_netconfig=no)
@ -1272,6 +1259,10 @@ else
have_introspection=no
fi
# check for python black. And check if all files are formatted with python black
AC_PATH_PROG(BLACK, black)
AM_CONDITIONAL(WITH_PYTHON_BLACK, test "${BLACK}" != "")
# check for pregenerated manpages and documentation to be installed
use_pregen_docs=no
if test "$build_docs" != "yes" -a \
@ -1362,6 +1353,7 @@ echo " nmcli: $build_nmcli"
echo " nmtui: $build_nmtui"
echo " nm-cloud-setup: $with_nm_cloud_setup"
echo " iwd: $ac_with_iwd"
echo " jansson: $have_jansson${JANSSON_SONAME:+ (soname: $JANSSON_SONAME)}"
echo
echo "Configuration plugins (main.plugins=${config_plugins_default})"
@ -1394,7 +1386,6 @@ echo " valgrind: $with_valgrind $with_valgrind_suppressions"
echo " code coverage: $enable_code_coverage"
echo " LTO: $enable_lto"
echo " linker garbage collection: $enable_ld_gc"
echo " JSON validation for libnm: $enable_json_validation"
echo " crypto: $with_crypto (have-gnutls: $have_crypto_gnutls, have-nss: $have_crypto_nss)"
echo " sanitizers: $sanitizers"
echo " Mozilla Public Suffix List: $with_libpsl"

195
contrib/fedora/rpm/release.sh
View File

@ -1,12 +1,43 @@
#!/bin/bash
# Script for doing NetworkManager releases.
#
# You need to start with a clean working directory of NetworkManager
# and all branches up to date.
# Run with --help for usage.
#
# There are 5 modes:
#
# - "devel" : on master branch to tag "1.25.2-dev"
# - "rc1" : the first release candidate on "master" branch which branches off
# "nm-1-26" branch. The tag is "1.26-rc1" with version number 1.25.90.
# - "rc" : further release candidates on RC branch "nm-1-26". For example
# "1.26-rc2" with version number 1.25.91.
# - "major" : on stable branch nm-1-26 to release 1.26.0. This also merged
# the release with master branch and does a devel tag like "1.27.2-dev"
# - "major-post": after a "major" release, merge the release branch with master and
# do another devel snapshot on master.
# - "minor" : on a stable branch nm-1-26 to do minor release 1.26.4 and bump
# to "1.26.5-dev".
#
# Requisites:
#
# * You need to start with a clean working directory (git clean -fdx)
#
# * Run in a "clean" environment, no unusual environment variables set.
#
# * First, ensure that you have ssh keys for master.gnome.org installed (and ssh-agent running)
# Also, ensure you have a GPG key that you want to use for signing. Also, have gpg-agent running
# and possibly configure `git config --get user.signingkey` for the proper key.
#
# * Your git repository needs a remote "origin" that points to the upstream git repository.
#
# * All your (relevant) local branches (master and nm-1-*) must be up to date with their
# remote tracking branches for origin.
#
# Run with --no-test to do the actual release.
die() {
echo "FAIL: $@"
echo -n "FAIL: "
echo_color 31 "$@"
exit 1
}
@ -18,11 +49,21 @@ echo_color() {
echo -e -n '\033[0m'
}
die_usage() {
echo "FAIL: $@"
echo
print_usage() {
echo "Usage:"
echo " $0 [devel|rc1|rc|major|minor] [--no-test] [--no-find-backports] [--no-cleanup] [--allow-local-branches]"
echo " $BASH_SOURCE [devel|rc1|rc|major|major-post|minor] [--no-test] [--no-find-backports] [--no-cleanup] [--allow-local-branches]"
}
die_help() {
print_usage
exit 0
}
die_usage() {
echo -n "FAIL: "
echo_color 31 "$@"
echo
print_usage
exit 1
}
@ -40,11 +81,11 @@ do_command() {
}
parse_version() {
local MAJ="$(sed -n '1,20 s/^m4_define(\[nm_major_version\], \[\([0-9]\+\)\])$/\1/p' configure.ac)"
local MIN="$(sed -n '1,20 s/^m4_define(\[nm_minor_version\], \[\([0-9]\+\)\])$/\1/p' configure.ac)"
local MIC="$(sed -n '1,20 s/^m4_define(\[nm_micro_version\], \[\([0-9]\+\)\])$/\1/p' configure.ac)"
local MAJ="$(sed -n '1,20 s/^m4_define(\[nm_major_version\], \[\([0-9]\+\)\])$/\1/p' ./configure.ac)"
local MIN="$(sed -n '1,20 s/^m4_define(\[nm_minor_version\], \[\([0-9]\+\)\])$/\1/p' ./configure.ac)"
local MIC="$(sed -n '1,20 s/^m4_define(\[nm_micro_version\], \[\([0-9]\+\)\])$/\1/p' ./configure.ac)"
re='^[0-9]+ [0-9]+ [0-9]+$'
re='^[0-9][1-9]* [0-9][1-9]* [0-9][1-9]*$'
[[ "$MAJ $MIN $MIC" =~ $re ]] || return 1
echo "$MAJ $MIN $MIC"
}
@ -108,32 +149,15 @@ cd "$DIR" &&
test -f ./src/NetworkManagerUtils.h &&
test -f ./contrib/fedora/rpm/build_clean.sh || die "cannot find NetworkManager base directory"
TMP="$(git status --porcelain)" || die "git status failed"
test -z "$TMP" || die "git working directory is not clean (git status --porcelain)"
TMP="$(LANG=C git clean -ndx)" || die "git clean -ndx failed"
test -z "$TMP" || die "git working directory is not clean (git clean -ndx)"
VERSION_ARR=( $(parse_version) ) || die "cannot detect NetworkManager version"
VERSION_STR="$(IFS=.; echo "${VERSION_ARR[*]}")"
RELEASE_MODE=""
DRY_RUN=1
FIND_BACKPORTS=1
ALLOW_LOCAL_BRANCHES=0
HELP_AND_EXIT=1
while [ "$#" -ge 1 ]; do
A="$1"
shift
if [ -z "$RELEASE_MODE" ]; then
case "$A" in
devel|rc1|rc|major|minor)
RELEASE_MODE="$A"
;;
*)
;;
esac
continue
fi
HELP_AND_EXIT=0
case "$A" in
--no-test)
DRY_RUN=0
@ -150,28 +174,50 @@ while [ "$#" -ge 1 ]; do
# that differ from upstream. Set this flag to override that check.
ALLOW_LOCAL_BRANCHES=1
;;
--help|-h)
die_help
;;
devel|rc1|rc|major|major-post|minor)
[ -z "$RELEASE_MODE" ] || die_usage "duplicate release-mode"
RELEASE_MODE="$A"
;;
*)
die_usage "unknown argument \"$A\""
;;
esac
done
[ "$HELP_AND_EXIT" = 1 ] && die_help
[ -n "$RELEASE_MODE" ] || die_usage "specify the desired release mode"
echo "Current version before release: $VERSION_STR (do $RELEASE_MODE release)"
VERSION_ARR=( $(parse_version) ) || die "cannot detect NetworkManager version"
VERSION_STR="$(IFS=.; echo "${VERSION_ARR[*]}")"
echo "Current version before release: $VERSION_STR (do \"$RELEASE_MODE\" release)"
grep -q "version: '${VERSION_ARR[0]}.${VERSION_ARR[1]}.${VERSION_ARR[2]}'," ./meson.build || die "meson.build does not have expected version"
TMP="$(git status --porcelain)" || die "git status failed"
test -z "$TMP" || die "git working directory is not clean (git status --porcelain)"
TMP="$(LANG=C git clean -ndx)" || die "git clean -ndx failed"
test -z "$TMP" || die "git working directory is not clean? (git clean -ndx)"
CUR_BRANCH="$(git rev-parse --abbrev-ref HEAD)"
TMP_BRANCH=release-branch
if [ "$CUR_BRANCH" = master ]; then
number_is_odd "${VERSION_ARR[1]}" || die "Unexpected version number on master. Should be an odd development version"
[ "$RELEASE_MODE" = devel -o "$RELEASE_MODE" = rc1 -o "$RELEASE_MODE" = major-post ] || die "Unexpected branch name \"$CUR_BRANCH\" for \"$RELEASE_MODE\""
else
re='^nm-[0-9]+-[0-9]+$'
re='^nm-[0-9][1-9]*-[0-9][1-9]*$'
[[ "$CUR_BRANCH" =~ $re ]] || die "Unexpected current branch $CUR_BRANCH. Should be master or nm-?-??"
if number_is_odd "${VERSION_ARR[1]}"; then
# we are on a release candiate branch.
[ "$RELEASE_MODE" = rc ] || "Unexpected branch name \"$CUR_BRANCH\" for \"$RELEASE_MODE\""
[ "$RELEASE_MODE" = rc -o "$RELEASE_MODE" = major ] || die "Unexpected branch name \"$CUR_BRANCH\" for \"$RELEASE_MODE\""
[ "$CUR_BRANCH" == "nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))" ] || die "Unexpected current branch $CUR_BRANCH. Should be nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))"
else
[ "$RELEASE_MODE" = minor ] || die "Unexpected branch name \"$CUR_BRANCH\" for \"$RELEASE_MODE\""
[ "$CUR_BRANCH" == "nm-${VERSION_ARR[0]}-${VERSION_ARR[1]}" ] || die "Unexpected current branch $CUR_BRANCH. Should be nm-${VERSION_ARR[0]}-${VERSION_ARR[1]}"
fi
fi
@ -183,16 +229,26 @@ case "$RELEASE_MODE" in
number_is_odd "${VERSION_ARR[2]}" || die "cannot do minor release on top of version $VERSION_STR"
[ "$CUR_BRANCH" != master ] || die "cannot do a minor release on master"
;;
devel|rc)
devel)
number_is_odd "${VERSION_ARR[1]}" || die "cannot do devel release on top of version $VERSION_STR"
if [ "$RELEASE_MODE" = devel ]; then
[ "$((${VERSION_ARR[2]} + 1))" -lt 90 ] || die "devel release must have a micro version smaller than 90 but current version is $VERSION_STR"
[ "$CUR_BRANCH" == master ] || die "devel release can only be on master"
else
[ "${VERSION_ARR[2]}" -ge 90 ] || die "rc release must have a micro version larger than ${VERSION_ARR[0]}.90 but current version is $VERSION_STR"
RC_VERSION="$((${VERSION_ARR[2]} - 88))"
[ "$CUR_BRANCH" == "nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))" ] || die "devel release can only be on \"nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))\" branch"
fi
[ "$((${VERSION_ARR[2]} + 1))" -lt 90 ] || die "devel release must have a micro version smaller than 90 but current version is $VERSION_STR"
[ "$CUR_BRANCH" == master ] || die "devel release can only be on master"
;;
rc)
number_is_odd "${VERSION_ARR[1]}" || die "cannot do rc release on top of version $VERSION_STR"
[ "${VERSION_ARR[2]}" -ge 90 ] || die "rc release must have a micro version larger than ${VERSION_ARR[0]}.90 but current version is $VERSION_STR"
RC_VERSION="$((${VERSION_ARR[2]} - 88))"
[ "$CUR_BRANCH" == "nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))" ] || die "devel release can only be on \"nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))\" branch"
;;
major)
number_is_odd "${VERSION_ARR[1]}" || die "cannot do major release on top of version $VERSION_STR"
[ "${VERSION_ARR[2]}" -ge 90 ] || die "parent version for major release must have a micro version larger than ${VERSION_ARR[0]}.90 but current version is $VERSION_STR"
[ "$CUR_BRANCH" == "nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))" ] || die "major release can only be on \"nm-${VERSION_ARR[0]}-$((${VERSION_ARR[1]} + 1))\" branch"
;;
major-post)
number_is_odd "${VERSION_ARR[1]}" || die "cannot do major-post release on top of version $VERSION_STR"
[ "$((${VERSION_ARR[2]} + 1))" -lt 90 ] || die "major-post release must have a micro version smaller than 90 but current version is $VERSION_STR"
[ "$CUR_BRANCH" == master ] || die "major-post release can only be on master"
;;
*)
die "Release mode $RELEASE_MODE not yet implemented"
@ -203,7 +259,7 @@ git fetch || die "git fetch failed"
if [ "$ALLOW_LOCAL_BRANCHES" != 1 ]; then
git_same_ref "$CUR_BRANCH" "refs/heads/$CUR_BRANCH" || die "Current branch $CUR_BRANCH is not a branch??"
git_same_ref "$CUR_BRANCH" "refs/remotes/$ORIGIN/$CUR_BRANCH" || die "Current branch $CUR_BRANCH seems not up to date. Git pull?"
git_same_ref "$CUR_BRANCH" "refs/remotes/$ORIGIN/$CUR_BRANCH" || die "Current branch $CUR_BRANCH seems not up to date with refs/remotes/$ORIGIN/$CUR_BRANCH. Git pull?"
fi
NEWER_BRANCHES=()
@ -218,17 +274,21 @@ if [ "$CUR_BRANCH" != master ]; then
fi
if [ "$ALLOW_LOCAL_BRANCHES" != 1 ]; then
git_same_ref "$b" "refs/heads/$b" || die "branch $b is not a branch??"
git_same_ref "$b" "refs/remotes/$ORIGIN/$b" || die "branch $b seems not up to date. Git pull?"
git_same_ref "$b" "refs/remotes/$ORIGIN/$b" || die "branch $b seems not up to date with refs/remotes/$ORIGIN/$b. Git pull?"
fi
NEWER_BRANCHES+=("refs/heads/$b")
done
b=master
if [ "$ALLOW_LOCAL_BRANCHES" != 1 ]; then
git_same_ref "$b" "refs/heads/$b" || die "branch $b is not a branch??"
git_same_ref "$b" "refs/remotes/$ORIGIN/$b" || die "branch $b seems not up to date. Git pull?"
git_same_ref "$b" "refs/remotes/$ORIGIN/$b" || die "branch $b seems not up to date with refs/remotes/$ORIGIN/$b. Git pull?"
fi
fi
if [ "$ALLOW_LOCAL_BRANCHES" != 1 ]; then
cmp <(git show origin/master:contrib/fedora/rpm/release.sh) "$BASH_SOURCE" || die "$BASH_SOURCE is not identical to \`git show origin/master:contrib/fedora/rpm/release.sh\`"
fi
if [ $FIND_BACKPORTS = 1 ]; then
git show "$ORIGIN/automation:contrib/rh-utils/find-backports.sh" > ./.git/nm-find-backports.sh \
&& chmod +x ./.git/nm-find-backports.sh \
@ -243,12 +303,11 @@ BUILD_TAG=
CLEANUP_CHECKOUT_BRANCH="$CUR_BRANCH"
CLEANUP_REFS+=("$TMP_BRANCH")
git checkout -B "$TMP_BRANCH"
CLEANUP_REFS+=("refs/heads/$TMP_BRANCH")
case "$RELEASE_MODE" in
minor)
git checkout -B "$TMP_BRANCH"
CLEANUP_REFS+=("refs/heads/$TMP_BRANCH")
set_version_number "${VERSION_ARR[0]}" "${VERSION_ARR[1]}" $(("${VERSION_ARR[2]}" + 1))
git commit -m "release: bump version to ${VERSION_ARR[0]}.${VERSION_ARR[1]}.$(("${VERSION_ARR[2]}" + 1))" -a || die "failed to commit release"
set_version_number "${VERSION_ARR[0]}" "${VERSION_ARR[1]}" $(("${VERSION_ARR[2]}" + 2))
@ -266,8 +325,6 @@ case "$RELEASE_MODE" in
TAR_VERSION="$BUILD_TAG"
;;
devel)
git checkout -B "$TMP_BRANCH"
CLEANUP_REFS+=("refs/heads/$TMP_BRANCH")
set_version_number "${VERSION_ARR[0]}" "${VERSION_ARR[1]}" $(("${VERSION_ARR[2]}" + 1))
git commit -m "release: bump version to ${VERSION_ARR[0]}.${VERSION_ARR[1]}.$(("${VERSION_ARR[2]}" + 1)) (development)" -a || die "failed to commit devel version bump"
@ -279,8 +336,6 @@ case "$RELEASE_MODE" in
TAR_VERSION="$b"
;;
rc)
git checkout -B "$TMP_BRANCH"
CLEANUP_REFS+=("refs/heads/$TMP_BRANCH")
b="${VERSION_ARR[0]}.${VERSION_ARR[1]}.$(("${VERSION_ARR[2]}" + 1))"
t="${VERSION_ARR[0]}.$(("${VERSION_ARR[1]}" + 1))-rc$RC_VERSION"
set_version_number "${VERSION_ARR[0]}" "${VERSION_ARR[1]}" $(("${VERSION_ARR[2]}" + 1))
@ -292,6 +347,42 @@ case "$RELEASE_MODE" in
BUILD_TAG="$t"
TAR_VERSION="$b"
;;
major)
b="${VERSION_ARR[0]}.$((${VERSION_ARR[1]} + 1)).0"
b2="${VERSION_ARR[0]}.$((${VERSION_ARR[1]} + 1)).1"
set_version_number "${VERSION_ARR[0]}" "$((${VERSION_ARR[1]} + 1))" 0
git commit -m "release: bump version to $b" -a || die "failed to commit major version bump"
git tag -s -a -m "Tag $b" "$b" HEAD || die "failed to tag release"
TAGS+=("$b")
CLEANUP_REFS+=("refs/tags/$b")
set_version_number "${VERSION_ARR[0]}" "$((${VERSION_ARR[1]} + 1))" 1
git commit -m "release: bump version to $b2 (development)" -a || die "failed to commit another bump after major version bump"
git tag -s -a -m "Tag $b (development)" "$b2-dev" HEAD || die "failed to tag release"
TAGS+=("$b2-dev")
CLEANUP_REFS+=("refs/tags/$b2-dev")
BUILD_TAG="$b"
TAR_VERSION="$b"
;;
major-post)
git checkout -B "$TMP_BRANCH" "${VERSION_ARR[0]}.$((${VERSION_ARR[1]} - 1)).0" || die "merge0"
git merge -Xours --commit -m tmp master || die "merge1"
git rm --cached -r . || die "merge2"
git checkout master -- . || die "merge3"
b="${VERSION_ARR[0]}.${VERSION_ARR[1]}.$((${VERSION_ARR[2]} + 1))"
git commit --amend -m tmp -a || die "failed to commit major version bump"
test x = "x$(git diff master HEAD)" || die "there is a diff after merge!"
set_version_number "${VERSION_ARR[0]}" "${VERSION_ARR[1]}" "$((${VERSION_ARR[2]} + 1))"
git commit --amend -m "release: bump version to $b (development)" -a || die "failed to commit major version bump"
git tag -s -a -m "Tag $b (development)" "$b-dev" HEAD || die "failed to tag release"
TAGS+=("$b-dev")
CLEANUP_REFS+=("refs/tags/$b-dev")
BUILD_TAG="$b-dev"
TAR_VERSION="$b"
;;
*)
die "Release mode $RELEASE_MODE not yet implemented"
;;

2
docs/libnm/libnm-docs.xml
View File

@ -235,7 +235,7 @@ print ("NetworkManager version " + client.get_version())]]></programlisting></in
<listitem>
<para>
Instead of calling g_dbus_connection_call_sync(), use the
asynchronous g_dbus_connection_call(). If we would use a sepaate
asynchronous g_dbus_connection_call(). If we would use a separate
GMainContext for all D-Bus related calls, we could ensure that
while we block for the response, we iterate the internal main context.
This might be nice, because all events are processed in order and

279
examples/python/gi/nm-wg-set
View File

@ -61,23 +61,32 @@ import sys
import os
import gi
gi.require_version('NM', '1.0')
gi.require_version("NM", "1.0")
from gi.repository import NM
class MyError(Exception):
pass
def pr(v):
import pprint
pprint.pprint(v, indent=4, depth=5, width=60)
###############################################################################
def connection_is_wireguard(conn):
s_con = conn.get_setting(NM.SettingConnection)
return s_con \
and s_con.get_connection_type() == NM.SETTING_WIREGUARD_SETTING_NAME \
and conn.get_setting(NM.SettingWireGuard)
return (
s_con
and s_con.get_connection_type() == NM.SETTING_WIREGUARD_SETTING_NAME
and conn.get_setting(NM.SettingWireGuard)
)
def connection_to_str(conn):
if connection_is_wireguard(conn):
@ -85,52 +94,57 @@ def connection_to_str(conn):
if iface:
extra = ', interface: "%s"' % (iface)
else:
extra = ''
extra = ""
else:
extra = ', type: %s' % (conn.get_setting(NM.SettingConnection).get_connection_type())
extra = ", type: %s" % (
conn.get_setting(NM.SettingConnection).get_connection_type()
)
return '"%s" (%s%s)' % (conn.get_id(), conn.get_uuid(), extra)
def connections_wg(connections):
l = list([c for c in connections if connection_is_wireguard(c)])
l.sort(key = connection_to_str)
l.sort(key=connection_to_str)
return l
def connections_find(connections, con_spec, con_id):
connections = list(sorted(connections, key=connection_to_str))
l = []
if con_spec in [None, 'id']:
if con_spec in [None, "id"]:
for c in connections:
if con_id == c.get_id():
if c not in l:
l.append(c)
if con_spec in [None, 'interface']:
if con_spec in [None, "interface"]:
for c in connections:
s_con = c.get_setting(NM.SettingConnection)
if s_con \
and con_id == s_con.get_interface_name():
if s_con and con_id == s_con.get_interface_name():
if c not in l:
l.append(c)
if con_spec in [None, 'uuid']:
if con_spec in [None, "uuid"]:
for c in connections:
if con_id == c.get_uuid():
if c not in l:
l.append(c)
l.sort(key = connection_to_str)
l.sort(key=connection_to_str)
return l
def print_hint(nm_client):
print('Maybe you want to create a profile first with')
print(' nmcli connection add type wireguard ifname wg0 $MORE_ARGS')
print("Maybe you want to create a profile first with")
print(" nmcli connection add type wireguard ifname wg0 $MORE_ARGS")
connections = connections_wg(nm_client.get_connections())
if connections:
print('Or edit one of the following WireGuard profiles:')
print("Or edit one of the following WireGuard profiles:")
for c in connections:
print (' - %s' % (connection_to_str(c)))
print(" - %s" % (connection_to_str(c)))
###############################################################################
def argv_get_one(argv, idx, type_ctor=None, topic=None):
if topic is not None:
@ -146,7 +160,7 @@ def argv_get_one(argv, idx, type_ctor=None, topic=None):
try:
v = argv[idx]
except:
raise MyError('missing argument')
raise MyError("missing argument")
if type_ctor is not None:
try:
v = type_ctor(v)
@ -154,16 +168,18 @@ def argv_get_one(argv, idx, type_ctor=None, topic=None):
raise MyError('invalid argument "%s" (%s)' % (v, e.message))
return v
###############################################################################
def arg_parse_secret_flags(arg):
try:
f = arg.strip()
n = {
'none': NM.SettingSecretFlags.NONE,
'not-saved': NM.SettingSecretFlags.NOT_SAVED,
'not-required': NM.SettingSecretFlags.NOT_REQUIRED,
'agent-owned': NM.SettingSecretFlags.AGENT_OWNED,
"none": NM.SettingSecretFlags.NONE,
"not-saved": NM.SettingSecretFlags.NOT_SAVED,
"not-required": NM.SettingSecretFlags.NOT_REQUIRED,
"agent-owned": NM.SettingSecretFlags.AGENT_OWNED,
}.get(f)
if n is not None:
return n
@ -171,7 +187,8 @@ def arg_parse_secret_flags(arg):
except Exception as e:
raise MyError('invalid secret flags "%s"' % (arg))
def _arg_parse_int(arg, vmin, vmax, key, base = 0):
def _arg_parse_int(arg, vmin, vmax, key, base=0):
try:
v = int(arg, base)
if v >= vmin and vmax <= 0xFFFFFFFF:
@ -180,18 +197,22 @@ def _arg_parse_int(arg, vmin, vmax, key, base = 0):
raise MyError('invalid %s "%s"' % (key, arg))
raise MyError("%s out of range" % (key))
def arg_parse_listen_port(arg):
return _arg_parse_int(arg, 0, 0xFFFF, "listen-port")
def arg_parse_fwmark(arg):
return _arg_parse_int(arg, 0, 0xFFFFFFFF, "fwmark", base = 0)
return _arg_parse_int(arg, 0, 0xFFFFFFFF, "fwmark", base=0)
def arg_parse_persistent_keep_alive(arg):
return _arg_parse_int(arg, 0, 0xFFFFFFFF, "persistent-keepalive")
def arg_parse_allowed_ips(arg):
l = [s.strip() for s in arg.strip().split(',')]
l = [s for s in l if s != '']
l = [s.strip() for s in arg.strip().split(",")]
l = [s for s in l if s != ""]
l = list(l)
# use a peer to parse and validate the allowed-ips.
peer = NM.WireGuardPeer()
@ -200,40 +221,47 @@ def arg_parse_allowed_ips(arg):
raise MyError('invalid allowed-ip "%s"' % (aip))
return l
###############################################################################
def secret_flags_to_string(flags):
nick = {
NM.SettingSecretFlags.NONE: 'none',
NM.SettingSecretFlags.NOT_SAVED: 'not-saved',
NM.SettingSecretFlags.NOT_REQUIRED: 'not-required',
NM.SettingSecretFlags.AGENT_OWNED: 'agent-owned',
}.get(flags)
NM.SettingSecretFlags.NONE: "none",
NM.SettingSecretFlags.NOT_SAVED: "not-saved",
NM.SettingSecretFlags.NOT_REQUIRED: "not-required",
NM.SettingSecretFlags.AGENT_OWNED: "agent-owned",
}.get(flags)
num = str(int(flags))
if nick is None:
return num
return '%s (%s)' % (num, nick)
return "%s (%s)" % (num, nick)
def secret_to_string(secret):
if os.environ.get('WG_HIDE_KEYS', '') != 'never':
return '(hidden)'
if os.environ.get("WG_HIDE_KEYS", "") != "never":
return "(hidden)"
if not secret:
return ''
return ""
return secret
def val_to_str(val):
if val == NM.Ternary.DEFAULT:
return 'default'
return "default"
if val == NM.Ternary.TRUE:
return 'true'
return "true"
if val == NM.Ternary.FALSE:
return 'false'
return "false"
return repr(val)
###############################################################################
def wg_read_private_key(privkey_file):
import base64
try:
with open(privkey_file, "r") as f:
data = f.read()
@ -244,17 +272,20 @@ def wg_read_private_key(privkey_file):
except Exception as e:
raise MyError('failed to read private key "%s": %s' % (privkey_file, e.message))
def wg_peer_is_valid(peer, msg = None):
def wg_peer_is_valid(peer, msg=None):
try:
peer.is_valid(True, True)
except gi.repository.GLib.Error as e:
if msg is None:
raise MyError('%s' % (e.message))
raise MyError("%s" % (e.message))
else:
raise MyError('%s' % (msg))
raise MyError("%s" % (msg))
###############################################################################
def do_get(nm_client, connection):
s_con = conn.get_setting(NM.SettingConnection)
s_wg = conn.get_setting(NM.SettingWireGuard)
@ -262,24 +293,55 @@ def do_get(nm_client, connection):
# Fetching secrets is not implemented. For now show them all as
# <hidden>.
print('interface: %s' % (s_con.get_interface_name()))
print('uuid: %s' % (conn.get_uuid()))
print('id: %s' % (conn.get_id()))
print('private-key: %s' % (secret_to_string(s_wg.get_private_key())))
print('private-key-flags: %s' % (secret_flags_to_string(s_wg.get_private_key_flags())))
print('listen-port: %s' % (s_wg.get_listen_port()))
print('fwmark: 0x%x' % (s_wg.get_fwmark()))
print('peer-routes: %s' % (val_to_str(s_wg.get_peer_routes())))
print('ip4-auto-default-route: %s' % (val_to_str(s_wg.get_ip4_auto_default_route())))
print('ip6-auto-default-route: %s' % (val_to_str(s_wg.get_ip6_auto_default_route())))
print("interface: %s" % (s_con.get_interface_name()))
print("uuid: %s" % (conn.get_uuid()))
print("id: %s" % (conn.get_id()))
print(
"private-key: %s" % (secret_to_string(s_wg.get_private_key()))
)
print(
"private-key-flags: %s"
% (secret_flags_to_string(s_wg.get_private_key_flags()))
)
print("listen-port: %s" % (s_wg.get_listen_port()))
print("fwmark: 0x%x" % (s_wg.get_fwmark()))
print("peer-routes: %s" % (val_to_str(s_wg.get_peer_routes())))
print(
"ip4-auto-default-route: %s"
% (val_to_str(s_wg.get_ip4_auto_default_route()))
)
print(
"ip6-auto-default-route: %s"
% (val_to_str(s_wg.get_ip6_auto_default_route()))
)
for i in range(s_wg.get_peers_len()):
peer = s_wg.get_peer(i)
print('peer[%d].public-key: %s' % (i, peer.get_public_key()))
print('peer[%d].preshared-key: %s' % (i, secret_to_string(peer.get_preshared_key())))
print('peer[%d].preshared-key-flags: %s' % (i, secret_flags_to_string(peer.get_preshared_key_flags())))
print('peer[%d].endpoint: %s' % (i, peer.get_endpoint() if peer.get_endpoint() else ''))
print('peer[%d].persistent-keepalive: %s' % (i, peer.get_persistent_keepalive()))
print('peer[%d].allowed-ips: %s' % (i, ','.join([peer.get_allowed_ip(j) for j in range(peer.get_allowed_ips_len())])))
print("peer[%d].public-key: %s" % (i, peer.get_public_key()))
print(
"peer[%d].preshared-key: %s"
% (i, secret_to_string(peer.get_preshared_key()))
)
print(
"peer[%d].preshared-key-flags: %s"
% (i, secret_flags_to_string(peer.get_preshared_key_flags()))
)
print(
"peer[%d].endpoint: %s"
% (i, peer.get_endpoint() if peer.get_endpoint() else "")
)
print(
"peer[%d].persistent-keepalive: %s" % (i, peer.get_persistent_keepalive())
)
print(
"peer[%d].allowed-ips: %s"
% (
i,
",".join(
[peer.get_allowed_ip(j) for j in range(peer.get_allowed_ips_len())]
),
)
)
def do_set(nm_client, conn, argv):
s_wg = conn.get_setting(NM.SettingWireGuard)
@ -291,9 +353,7 @@ def do_set(nm_client, conn, argv):
try:
idx = 0
while True:
if peer \
and ( idx >= len(argv) \
or argv[idx] == 'peer'):
if peer and (idx >= len(argv) or argv[idx] == "peer"):
if peer_remove:
pp_peer, pp_idx = s_wg.get_peer_by_public_key(peer.get_public_key())
if pp_peer:
@ -312,29 +372,40 @@ def do_set(nm_client, conn, argv):
peer_secret_flags = None
if idx >= len(argv):
break;
break
if not peer and argv[idx] == 'private-key':
if not peer and argv[idx] == "private-key":
key = argv_get_one(argv, idx + 1, None, idx)
if key == '':
if key == "":
s_wg.set_property(NM.SETTING_WIREGUARD_PRIVATE_KEY, None)
else:
s_wg.set_property(NM.SETTING_WIREGUARD_PRIVATE_KEY, wg_read_private_key(key))
s_wg.set_property(
NM.SETTING_WIREGUARD_PRIVATE_KEY, wg_read_private_key(key)
)
idx += 2
continue
if not peer and argv[idx] == 'private-key-flags':
s_wg.set_property(NM.SETTING_WIREGUARD_PRIVATE_KEY_FLAGS, argv_get_one(argv, idx + 1, arg_parse_secret_flags, idx))
if not peer and argv[idx] == "private-key-flags":
s_wg.set_property(
NM.SETTING_WIREGUARD_PRIVATE_KEY_FLAGS,
argv_get_one(argv, idx + 1, arg_parse_secret_flags, idx),
)
idx += 2
continue
if not peer and argv[idx] == 'listen-port':
s_wg.set_property(NM.SETTING_WIREGUARD_LISTEN_PORT, argv_get_one(argv, idx + 1, arg_parse_listen_port, idx))
if not peer and argv[idx] == "listen-port":
s_wg.set_property(
NM.SETTING_WIREGUARD_LISTEN_PORT,
argv_get_one(argv, idx + 1, arg_parse_listen_port, idx),
)
idx += 2
continue
if not peer and argv[idx] == 'fwmark':
s_wg.set_property(NM.SETTING_WIREGUARD_FWMARK, argv_get_one(argv, idx + 1, arg_parse_fwmark, idx))
if not peer and argv[idx] == "fwmark":
s_wg.set_property(
NM.SETTING_WIREGUARD_FWMARK,
argv_get_one(argv, idx + 1, arg_parse_fwmark, idx),
)
idx += 2
continue
if argv[idx] == 'peer':
if argv[idx] == "peer":
public_key = argv_get_one(argv, idx + 1, None, idx)
peer, peer_idx = s_wg.get_peer_by_public_key(public_key)
if peer:
@ -347,13 +418,13 @@ def do_set(nm_client, conn, argv):
peer_remove = False
idx += 2
continue
if peer and argv[idx] == 'remove':
if peer and argv[idx] == "remove":
peer_remove = True
idx += 1
continue
if peer and argv[idx] == 'preshared-key':
if peer and argv[idx] == "preshared-key":
psk = argv_get_one(argv, idx + 1, None, idx)
if psk == '':
if psk == "":
peer.set_preshared_key(None, True)
if peer_secret_flags is not None:
peer_secret_flags = NM.SettingSecretFlags.NOT_REQUIRED
@ -363,20 +434,26 @@ def do_set(nm_client, conn, argv):
peer_secret_flags = NM.SettingSecretFlags.NONE
idx += 2
continue
if peer and argv[idx] == 'preshared-key-flags':
peer_secret_flags = argv_get_one(argv, idx + 1, arg_parse_secret_flags, idx)
if peer and argv[idx] == "preshared-key-flags":
peer_secret_flags = argv_get_one(
argv, idx + 1, arg_parse_secret_flags, idx
)
idx += 2
continue
if peer and argv[idx] == 'endpoint':
if peer and argv[idx] == "endpoint":
peer.set_endpoint(argv_get_one(argv, idx + 1, None, idx), True)
idx += 2
continue
if peer and argv[idx] == 'persistent-keepalive':
peer.set_persistent_keepalive(argv_get_one(argv, idx + 1, arg_parse_persistent_keep_alive, idx))
if peer and argv[idx] == "persistent-keepalive":
peer.set_persistent_keepalive(
argv_get_one(argv, idx + 1, arg_parse_persistent_keep_alive, idx)
)
idx += 2
continue
if peer and argv[idx] == 'allowed-ips':
allowed_ips = list(argv_get_one(argv, idx + 1, arg_parse_allowed_ips, idx))
if peer and argv[idx] == "allowed-ips":
allowed_ips = list(
argv_get_one(argv, idx + 1, arg_parse_allowed_ips, idx)
)
peer.clear_allowed_ips()
for aip in allowed_ips:
peer.append_allowed_ip(aip, False)
@ -386,21 +463,22 @@ def do_set(nm_client, conn, argv):
raise MyError('invalid argument "%s"' % (argv[idx]))
except MyError as e:
print('Error: %s' % (e.message))
print("Error: %s" % (e.message))
sys.exit(1)
try:
conn.commit_changes(True, None)
except Exception as e:
print('failure to commit connection: %s' % (e))
print("failure to commit connection: %s" % (e))
sys.exit(1)
print('Success')
print("Success")
sys.exit(0)
###############################################################################
if __name__ == '__main__':
if __name__ == "__main__":
nm_client = NM.Client.new(None)
@ -409,13 +487,17 @@ if __name__ == '__main__':
con_spec = None
if len(argv) >= 1:
if argv[0] in [ 'id', 'uuid', 'interface' ]:
if argv[0] in ["id", "uuid", "interface"]:
con_spec = argv[0]
del argv[0]
if len(argv) < 1:
print('Requires an existing NetworkManager connection profile as first argument')
print('Select it based on the connection ID, UUID, or interface-name (optionally qualify the selection with [id|uuid|interface])')
print(
"Requires an existing NetworkManager connection profile as first argument"
)
print(
"Select it based on the connection ID, UUID, or interface-name (optionally qualify the selection with [id|uuid|interface])"
)
print_hint(nm_client)
sys.exit(1)
con_id = argv[0]
@ -423,19 +505,29 @@ if __name__ == '__main__':
connections = connections_find(nm_client.get_connections(), con_spec, con_id)
if len(connections) == 0:
print('No matching connection %s\"%s\" found.' % ((con_spec+' ' if con_spec else ''), con_id))
print(
'No matching connection %s"%s" found.'
% ((con_spec + " " if con_spec else ""), con_id)
)
print_hint(nm_client)
sys.exit(1)
if len(connections) > 1:
print("Connection %s\"%s\" is not unique (%s)" % ((con_spec+' ' if con_spec else ''), con_id, ', '.join(['['+connection_to_str(c)+']' for c in connections])))
print(
'Connection %s"%s" is not unique (%s)'
% (
(con_spec + " " if con_spec else ""),
con_id,
", ".join(["[" + connection_to_str(c) + "]" for c in connections]),
)
)
if not con_spec:
print('Maybe qualify the name with [id|uuid|interface]?')
print("Maybe qualify the name with [id|uuid|interface]?")
sys.exit(1)
conn = connections[0]
if not connection_is_wireguard(conn):
print('Connection %s is not a WireGuard profile' % (connection_to_str(conn)))
print('See available profiles with `nmcli connection show`')
print("Connection %s is not a WireGuard profile" % (connection_to_str(conn)))
print("See available profiles with `nmcli connection show`")
sys.exit(1)
try:
@ -449,4 +541,3 @@ if __name__ == '__main__':
do_get(nm_client, conn)
else:
do_set(nm_client, conn, argv)

2
introspection/org.freedesktop.NetworkManager.Device.WifiP2P.xml
View File

@ -31,7 +31,7 @@
<!--
StartFind:
@options: Options of find. Currently 'timeout' option with value of "i"
@options: Options of find. Currently, 'timeout' option with value of "i"
in the range of 1-600 seconds is supported. The default is
30 seconds.

2
introspection/org.freedesktop.NetworkManager.Device.Wireless.xml
View File

@ -34,7 +34,7 @@
<!--
RequestScan:
@options: Options of scan. Currently 'ssids' option with value of "aay" type is supported.
@options: Options of scan. Currently, 'ssids' option with value of "aay" type is supported.
Request the device to scan. To know when the scan is finished, use the "PropertiesChanged" signal from "org.freedesktop.DBus.Properties" to listen to changes to the "LastScan" property.
-->

2
introspection/org.freedesktop.NetworkManager.Device.xml
View File

@ -312,7 +312,7 @@
<!--
Reapply:
@connection: The optional connection settings that will be reapplied on the device. If empty, the currently active settings-connection will be used. The connection cannot arbitrarly differ from the current applied-connection otherwise the call will fail. Only certain changes are supported, like adding or removing IP addresses.
@connection: The optional connection settings that will be reapplied on the device. If empty, the currently active settings-connection will be used. The connection cannot arbitrarily differ from the current applied-connection otherwise the call will fail. Only certain changes are supported, like adding or removing IP addresses.
@version_id: If non-zero, the current version id of the applied-connection must match. The current version id can be retrieved via GetAppliedConnection. This optional argument allows to catch concurrent modifications between the GetAppliedConnection call and Reapply.
@flags: Flags which would modify the behavior of the Reapply call. There are no flags defined currently and the users should use the value of 0.

2
introspection/org.freedesktop.NetworkManager.IP4Config.xml
View File

@ -62,7 +62,7 @@
<!--
NameserverData:
The nameservers in use. Currently only the value "address"
The nameservers in use. Currently, only the value "address"
is recognized (with an IP address string).
Since: 1.14

6
introspection/org.freedesktop.NetworkManager.Settings.Connection.xml
View File

@ -62,7 +62,7 @@
<!--
GetSecrets:
@setting_name: Name of the setting to return secrets for. If empty, all all secrets will be returned.
@setting_name: Name of the setting to return secrets for. If empty, all secrets will be returned.
@secrets: Nested settings maps containing secrets.
Get the secrets belonging to this network configuration. Only secrets from
@ -105,7 +105,7 @@
Update2:
@settings: New connection settings, properties, and (optionally) secrets.
Provide an empty array, to use the current settings.
@flags: optional flags argument. Currently supported flags are:
@flags: optional flags argument. Currently, supported flags are:
"0x1" (to-disk),
"0x2" (in-memory),
"0x4" (in-memory-detached),
@ -114,7 +114,7 @@
"0x20" (block-autoconnect),
"0x40" (no-reapply).
Unknown flags cause the call to fail.
@args: optional arguments dictionary, for extensibility. Currently no
@args: optional arguments dictionary, for extentibility. Currently, no
arguments are accepted. Specifying unknown keys causes the call
to fail.
@result: output argument, currently no results are returned.

6
introspection/org.freedesktop.NetworkManager.Settings.xml
View File

@ -66,12 +66,12 @@
<!--
AddConnection2:
@settings: New connection settings, properties, and (optionally) secrets.
@flags: optional flags argument. Currently the following flags are supported:
@flags: optional flags argument. Currently, the following flags are supported:
"0x1" (to-disk),
"0x2" (in-memory),
"0x20" (block-autoconnect).
Unknown flags cause the call to fail.
@args: optional arguments dictionary, for extensibility. Currently no
@args: optional arguments dictionary, for extentibility. Currently, no
arguments are accepted. Specifying unknown keys causes the call
to fail.
@path: Object path of the new connection that was just added.
@ -82,7 +82,7 @@
Either the flags 0x1 (to-disk) or 0x2 (in-memory) must be specified.
The effect is whether to behave like AddConnection or AddConnectionUnsaved.
If 0x20 (block-autoconnect) is specified, autoconnect for the new profile
is blocked from the beginnin. Otherwise, the profile might automatically
is blocked from the beginning. Otherwise, the profile might automatically
connect if a suitable device is around.
AddConnection2 is a extensible alternative to AddConnection, and AddConnectionUnsaved.

4
introspection/org.freedesktop.NetworkManager.xml
View File

@ -119,7 +119,7 @@
@options: Further options for the method call.
@path: Object path of the new connection that was just added.
@active_connection: The path of the active connection object representing this active connection.
@result: a dictionary of additional output arguments for future extension. Currently not additional
@result: a dictionary of additional output arguments for future extension. Currently, not additional
output arguments are supported.
Adds a new connection using the given details (if any) as a template
@ -523,7 +523,7 @@
ConnectivityCheckEnabled:
Indicates whether connectivity checking is enabled. This
property can also be written to to disable connectivity
property can also be written to disable connectivity
checking (as a privacy control panel might want to do).
-->
<property name="ConnectivityCheckEnabled" type="b" access="readwrite"/>

6
libnm-core/meson.build
View File

@ -196,12 +196,6 @@ links = [
libnm_core_c_args = common_c_flags
if enable_json_validation
libnm_core_sources += files('nm-json.c')
deps += jansson_dep
libnm_core_c_args += ['-fcommon']
endif
libnm_core = static_library(
'nm-core',
sources: libnm_core_sources + libnm_core_enum_sources + nm_meta_setting_source + [nm_version_macro_header],

8
libnm-core/nm-connection.c
View File

@ -2089,7 +2089,7 @@ _clear_secrets_by_secret_flags_cb (NMSetting *setting,
/* Can't use bitops with SECRET_FLAG_NONE so handle that specifically */
remove_secret = (flags != NM_SETTING_SECRET_FLAG_NONE);
} else {
/* Otherwise if the secret has at least one of the desired flags keep it */
/* Otherwise, if the secret has at least one of the desired flags keep it */
remove_secret = !NM_FLAGS_ANY (flags, filter_flags);
}
@ -2101,7 +2101,7 @@ _clear_secrets_by_secret_flags_cb (NMSetting *setting,
* @self: the #NMConnection to filter (will be modified)
* @filter_flags: the secret flags to control whether to drop/remove
* a secret or to keep it. The meaning of the filter flags is to
* preseve the secrets. The secrets that have matching (see below)
* preserve the secrets. The secrets that have matching (see below)
* flags are kept, the others are dropped.
*
* Removes/drops secrets from @self according to @filter_flags.
@ -2370,8 +2370,8 @@ nm_connection_for_each_setting_value (NMConnection *connection,
/**
* _nm_connection_aggregate:
* @connecition: the #NMConnection for which values are to be aggregated.
* @type: one of the supported aggrate types.
* @connection: the #NMConnection for which values are to be aggregated.
* @type: one of the supported aggregate types.
* @arg: the input/output argument that depends on @type.
*
* For example, with %NM_CONNECTION_AGGREGATE_ANY_SECRETS and

4
libnm-core/nm-core-internal.h
View File

@ -879,10 +879,6 @@ gboolean nm_utils_base64secret_normalize (const char *base64_key,
/*****************************************************************************/
void _nm_bridge_vlan_str_append_rest (const NMBridgeVlan *vlan,
GString *string,
gboolean leading_space);
gboolean nm_utils_connection_is_adhoc_wpa (NMConnection *connection);
const char *nm_utils_wifi_freq_to_band (guint32 freq);

4
libnm-core/nm-dbus-interface.h
View File

@ -1024,7 +1024,7 @@ typedef enum { /*< flags >*/
* @NM_ACTIVATION_STATE_FLAG_MASTER_HAS_SLAVES: The master has any slave devices attached.
* This only makes sense if the device is a master.
* @NM_ACTIVATION_STATE_FLAG_LIFETIME_BOUND_TO_PROFILE_VISIBILITY: the lifetime
* of the activation is bound to the visilibity of the connection profile,
* of the activation is bound to the visibility of the connection profile,
* which in turn depends on "connection.permissions" and whether a session
* for the user exists. Since: 1.16
* @NM_ACTIVATION_STATE_FLAG_EXTERNAL: the active connection was generated to
@ -1087,7 +1087,7 @@ typedef enum { /*< flags >*/
* as %NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY, with one difference: when later deleting
* the profile, the original profile will not be deleted. Instead a nmmeta
* file is written to /run to indicate that the profile is gone.
* Note that if such a nmmeta tombstone file exists and hides a file in persistant
* Note that if such a nmmeta tombstone file exists and hides a file in persistent
* storage, then when re-adding the profile with the same UUID, then the original
* storage is taken over again.
* @NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_ONLY: this is like %NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY,

2
libnm-core/nm-dbus-utils.c
View File

@ -201,7 +201,7 @@ _nm_dbus_typecheck_response (GVariant *response,
* will also check that the response matches that type signature, and return
* an error if not.
*
* Returns: %NULL if @error is set. Otherwise a #GVariant tuple with
* Returns: %NULL if @error is set. Otherwise, a #GVariant tuple with
* return values. Free with g_variant_unref().
*/
GVariant *

110
libnm-core/nm-json.c
View File

@ -1,110 +0,0 @@
// SPDX-License-Identifier: LGPL-2.1+
/*
* Copyright (C) 2017, 2018 Red Hat, Inc.
*/
#include "nm-default.h"
#define NM_JANSSON_C
#include "nm-json.h"
#include <dlfcn.h>
void *_nm_jansson_json_object_iter_value;
void *_nm_jansson_json_object_key_to_iter;
void *_nm_jansson_json_integer;
void *_nm_jansson_json_object_del;
void *_nm_jansson_json_array_get;
void *_nm_jansson_json_array_size;
void *_nm_jansson_json_array_append_new;
void *_nm_jansson_json_string;
void *_nm_jansson_json_object_iter_next;
void *_nm_jansson_json_loads;
void *_nm_jansson_json_dumps;
void *_nm_jansson_json_object_iter_key;
void *_nm_jansson_json_object;
void *_nm_jansson_json_object_get;
void *_nm_jansson_json_array;
void *_nm_jansson_json_false;
void *_nm_jansson_json_delete;
void *_nm_jansson_json_true;
void *_nm_jansson_json_object_size;
void *_nm_jansson_json_object_set_new;
void *_nm_jansson_json_object_iter;
void *_nm_jansson_json_integer_value;
void *_nm_jansson_json_string_value;
#define TRY_BIND_SYMBOL(symbol) \
G_STMT_START { \
void *sym = dlsym (handle, #symbol); \
if (_nm_jansson_ ## symbol && sym != _nm_jansson_ ## symbol) \
return FALSE; \
_nm_jansson_ ## symbol = sym; \
} G_STMT_END
static gboolean
bind_symbols (void *handle)
{
TRY_BIND_SYMBOL (json_object_iter_value);
TRY_BIND_SYMBOL (json_object_key_to_iter);
TRY_BIND_SYMBOL (json_integer);
TRY_BIND_SYMBOL (json_object_del);
TRY_BIND_SYMBOL (json_array_get);
TRY_BIND_SYMBOL (json_array_size);
TRY_BIND_SYMBOL (json_array_append_new);
TRY_BIND_SYMBOL (json_string);
TRY_BIND_SYMBOL (json_object_iter_next);
TRY_BIND_SYMBOL (json_loads);
TRY_BIND_SYMBOL (json_dumps);
TRY_BIND_SYMBOL (json_object_iter_key);
TRY_BIND_SYMBOL (json_object);
TRY_BIND_SYMBOL (json_object_get);
TRY_BIND_SYMBOL (json_array);
TRY_BIND_SYMBOL (json_false);
TRY_BIND_SYMBOL (json_delete);
TRY_BIND_SYMBOL (json_true);
TRY_BIND_SYMBOL (json_object_size);
TRY_BIND_SYMBOL (json_object_set_new);
TRY_BIND_SYMBOL (json_object_iter);
TRY_BIND_SYMBOL (json_integer_value);
TRY_BIND_SYMBOL (json_string_value);
return TRUE;
}
gboolean
nm_jansson_load (void)
{
static enum {
UNKNOWN,
AVAILABLE,
MISSING,
} state = UNKNOWN;
void *handle;
int mode;
if (G_LIKELY (state != UNKNOWN))
goto out;
/* First just resolve the symbols to see if there's a conflict already. */
if (!bind_symbols (RTLD_DEFAULT))
goto out;
mode = RTLD_LAZY | RTLD_LOCAL | RTLD_NODELETE | RTLD_DEEPBIND;
#if defined (ASAN_BUILD)
/* Address sanitizer is incompatible with RTLD_DEEPBIND. */
mode &= ~RTLD_DEEPBIND;
#endif
handle = dlopen (JANSSON_SONAME, mode);
if (!handle)
goto out;
/* Now do the actual binding. */
if (!bind_symbols (handle))
goto out;
state = AVAILABLE;
out:
return state == AVAILABLE;
}

39
libnm-core/nm-json.h
View File

@ -1,39 +0,0 @@
// SPDX-License-Identifier: LGPL-2.1+
/*
* Copyright (C) 2017, 2018 Red Hat, Inc.
*/
#ifndef __NM_JSON_H__
#define __NM_JSON_H__
gboolean nm_jansson_load (void);
#ifndef NM_JANSSON_C
#define json_object_iter_value (*_nm_jansson_json_object_iter_value)
#define json_object_key_to_iter (*_nm_jansson_json_object_key_to_iter)
#define json_integer (*_nm_jansson_json_integer)
#define json_object_del (*_nm_jansson_json_object_del)
#define json_array_get (*_nm_jansson_json_array_get)
#define json_array_size (*_nm_jansson_json_array_size)
#define json_array_append_new (*_nm_jansson_json_array_append_new)
#define json_string (*_nm_jansson_json_string)
#define json_object_iter_next (*_nm_jansson_json_object_iter_next)
#define json_loads (*_nm_jansson_json_loads)
#define json_dumps (*_nm_jansson_json_dumps)
#define json_object_iter_key (*_nm_jansson_json_object_iter_key)
#define json_object (*_nm_jansson_json_object)
#define json_object_get (*_nm_jansson_json_object_get)
#define json_array (*_nm_jansson_json_array)
#define json_false (*_nm_jansson_json_false)
#define json_delete (*_nm_jansson_json_delete)
#define json_true (*_nm_jansson_json_true)
#define json_object_size (*_nm_jansson_json_object_size)
#define json_object_set_new (*_nm_jansson_json_object_set_new)
#define json_object_iter (*_nm_jansson_json_object_iter)
#define json_integer_value (*_nm_jansson_json_integer_value)
#define json_string_value (*_nm_jansson_json_string_value)
#include "nm-glib-aux/nm-jansson.h"
#endif
#endif /* __NM_JSON_H__ */

48
libnm-core/nm-keyfile/nm-keyfile-utils.c
View File

@ -504,8 +504,9 @@ static const char *
_keyfile_key_encode (const char *name,
char **out_to_free)
{
gsize len, i;
GString *str;
NMStrBuf str;
gsize len;
gsize i;
nm_assert (name);
nm_assert (out_to_free && !*out_to_free);
@ -525,7 +526,7 @@ _keyfile_key_encode (const char *name,
*/
if (!name[0]) {
/* empty keys are are backslash encoded. Note that usually
/* empty keys are backslash encoded. Note that usually
* \\00 is not a valid encode, the only exception is the empty
* word. */
return "\\00";
@ -555,14 +556,15 @@ _keyfile_key_encode (const char *name,
len = i + strlen (&name[i]);
nm_assert (len == strlen (name));
str = g_string_sized_new (len + 15);
nm_str_buf_init (&str, len + 15u, FALSE);
if (name[0] == ' ') {
nm_assert (i == 0);
g_string_append (str, "\\20");
nm_str_buf_append (&str, "\\20");
i = 1;
} else
g_string_append_len (str, name, i);
nm_str_buf_append_len (&str, name, i);
for (;; i++) {
const guchar ch = (guchar) name[i];
@ -577,21 +579,24 @@ _keyfile_key_encode (const char *name,
&& g_ascii_isxdigit (name[i + 1])
&& g_ascii_isxdigit (name[i + 2]))
|| ( ch == ' '
&& name[i + 1] == '\0'))
g_string_append_printf (str, "\\%02X", ch);
else
g_string_append_c (str, (char) ch);
&& name[i + 1] == '\0')) {
nm_str_buf_append_c (&str, '\\');
nm_str_buf_append_c_hex (&str, ch, TRUE);
} else
nm_str_buf_append_c (&str, (char) ch);
}
return (*out_to_free = g_string_free (str, FALSE));
return (*out_to_free = nm_str_buf_finalize (&str, NULL));
}
static const char *
_keyfile_key_decode (const char *key,
char **out_to_free)
{
gsize i, len;
GString *str;
char *out;
gsize len;
gsize i;
gsize j;
nm_assert (key);
nm_assert (out_to_free && !*out_to_free);
@ -617,9 +622,12 @@ _keyfile_key_decode (const char *key,
return "";
nm_assert (len == strlen (key));
str = g_string_sized_new (len + 3);
g_string_append_len (str, key, i);
out = g_new (char, len + 1u);
memcpy (out, key, sizeof (char) * i);
j = i;
for (;;) {
const char ch = key[i];
char ch1, ch2;
@ -633,16 +641,18 @@ _keyfile_key_decode (const char *key,
&& g_ascii_isxdigit ((ch2 = key[i + 2]))) {
v = (g_ascii_xdigit_value (ch1) << 4) + g_ascii_xdigit_value (ch2);
if (v != 0) {
g_string_append_c (str, (char) v);
out[j++] = (char) v;
i += 3;
continue;
}
}
g_string_append_c (str, ch);
out[j++] = ch;
i++;
}
return (*out_to_free = g_string_free (str, FALSE));
nm_assert (j <= len);
out[j] = '\0';
return (*out_to_free = out);
}
/*****************************************************************************/
@ -689,7 +699,7 @@ nm_keyfile_key_decode (const char *key,
const char *key2;
key2 = _keyfile_key_encode (name, &to_free2);
/* key2, the result of decode+encode may not be idential
/* key2, the result of decode+encode may not be identical
* to the original key. That is, decode() is a surjective
* function mapping different keys to the same name.
* However, decode() behaves injective for input that

253
libnm-core/nm-keyfile/nm-keyfile.c
View File

@ -16,6 +16,7 @@
#include <arpa/inet.h>
#include <linux/pkt_sched.h>
#include "nm-glib-aux/nm-str-buf.h"
#include "nm-glib-aux/nm-secret-utils.h"
#include "systemd/nm-sd-utils-shared.h"
#include "nm-libnm-core-intern/nm-common-macros.h"
@ -472,7 +473,7 @@ openconnect_fix_secret_flags (NMSetting *setting)
/* Huge hack. There were some openconnect changes that needed to happen
* pretty late, too late to get into distros. Migration has already
* happened for many people, and their secret flags are wrong. But we
* don't want to requrie re-migration, so we have to fix it up here. Ugh.
* don't want to require re-migration, so we have to fix it up here. Ugh.
*/
if (!NM_IS_SETTING_VPN (setting))
@ -2107,79 +2108,81 @@ write_ip_values (GKeyFile *file,
const char *gateway,
gboolean is_route)
{
nm_auto_free_gstring GString *output = NULL;
int addr_family;
guint i;
const char *addr;
const char *gw;
guint32 plen;
char key_name[64];
char *key_name_idx;
if (array->len > 0) {
nm_auto_str_buf NMStrBuf output = NM_STR_BUF_INIT (2*INET_ADDRSTRLEN + 10, FALSE);
int addr_family;
guint i;
const char *addr;
const char *gw;
guint32 plen;
char key_name[64];
char *key_name_idx;
if (!array->len)
return;
addr_family = nm_streq (setting_name, NM_SETTING_IP4_CONFIG_SETTING_NAME)
? AF_INET
: AF_INET6;
addr_family = nm_streq (setting_name, NM_SETTING_IP4_CONFIG_SETTING_NAME)
? AF_INET
: AF_INET6;
strcpy (key_name, is_route ? "route" : "address");
key_name_idx = key_name + strlen (key_name);
strcpy (key_name, is_route ? "route" : "address");
key_name_idx = key_name + strlen (key_name);
for (i = 0; i < array->len; i++) {
gint64 metric = -1;
output = g_string_sized_new (2*INET_ADDRSTRLEN + 10);
for (i = 0; i < array->len; i++) {
gint64 metric = -1;
if (is_route) {
NMIPRoute *route = array->pdata[i];
if (is_route) {
NMIPRoute *route = array->pdata[i];
addr = nm_ip_route_get_dest (route);
plen = nm_ip_route_get_prefix (route);
gw = nm_ip_route_get_next_hop (route);
metric = nm_ip_route_get_metric (route);
} else {
NMIPAddress *address = array->pdata[i];
addr = nm_ip_route_get_dest (route);
plen = nm_ip_route_get_prefix (route);
gw = nm_ip_route_get_next_hop (route);
metric = nm_ip_route_get_metric (route);
} else {
NMIPAddress *address = array->pdata[i];
addr = nm_ip_address_get_address (address);
plen = nm_ip_address_get_prefix (address);
gw = (i == 0)
? gateway
: NULL;
}
g_string_set_size (output, 0);
g_string_append_printf (output, "%s/%u", addr, plen);
if ( metric != -1
|| gw) {
/* Older versions of the plugin do not support the form
* "a.b.c.d/plen,,metric", so, we always have to write the
* gateway, even if there isn't one.
* The current version supports reading of the above form.
*/
if (!gw) {
if (addr_family == AF_INET)
gw = "0.0.0.0";
else
gw = "::";
addr = nm_ip_address_get_address (address);
plen = nm_ip_address_get_prefix (address);
gw = (i == 0)
? gateway
: NULL;
}
g_string_append_printf (output, ",%s", gw);
if ( is_route
&& metric != -1)
g_string_append_printf (output, ",%lu", (unsigned long) metric);
}
nm_str_buf_set_size (&output, 0, FALSE, FALSE);
nm_str_buf_append_printf (&output, "%s/%u", addr, plen);
if ( metric != -1
|| gw) {
/* Older versions of the plugin do not support the form
* "a.b.c.d/plen,,metric", so, we always have to write the
* gateway, even if there isn't one.
* The current version supports reading of the above form.
*/
if (!gw) {
if (addr_family == AF_INET)
gw = "0.0.0.0";
else
gw = "::";
}
sprintf (key_name_idx, "%u", i + 1);
nm_keyfile_plugin_kf_set_string (file, setting_name, key_name, output->str);
nm_str_buf_append_c (&output, ',');
nm_str_buf_append (&output, gw);
if ( is_route
&& metric != -1)
nm_str_buf_append_printf (&output, ",%lu", (unsigned long) metric);
}
if (is_route) {
gs_free char *attributes = NULL;
sprintf (key_name_idx, "%u", i + 1);
nm_keyfile_plugin_kf_set_string (file,
setting_name,
key_name,
nm_str_buf_get_str (&output));
attributes = nm_utils_format_variant_attributes (_nm_ip_route_get_attributes (array->pdata[i]),
',', '=');
if (attributes) {
g_strlcat (key_name, "_options", sizeof (key_name));
nm_keyfile_plugin_kf_set_string (file, setting_name, key_name, attributes);
if (is_route) {
gs_free char *attributes = NULL;
attributes = nm_utils_format_variant_attributes (_nm_ip_route_get_attributes (array->pdata[i]),
',', '=');
if (attributes) {
g_strlcat (key_name, "_options", sizeof (key_name));
nm_keyfile_plugin_kf_set_string (file, setting_name, key_name, attributes);
}
}
}
}
@ -2220,34 +2223,29 @@ bridge_vlan_writer (KeyfileWriterInfo *info,
const char *key,
const GValue *value)
{
NMBridgeVlan *vlan;
GPtrArray *vlans;
GString *string;
guint i;
vlans = (GPtrArray *) g_value_get_boxed (value);
if (!vlans || !vlans->len)
return;
vlans = g_value_get_boxed (value);
if ( vlans
&& vlans->len > 0) {
const guint string_initial_size = vlans->len * 10u;
nm_auto_str_buf NMStrBuf string = NM_STR_BUF_INIT (string_initial_size, FALSE);
guint i;
string = g_string_new ("");
for (i = 0; i < vlans->len; i++) {
gs_free char *vlan_str = NULL;
for (i = 0; i < vlans->len; i++) {
gs_free char *vlan_str = NULL;
vlan = vlans->pdata[i];
vlan_str = nm_bridge_vlan_to_str (vlan, NULL);
if (!vlan_str)
continue;
if (string->len > 0)
g_string_append (string, ",");
nm_utils_escaped_tokens_escape_gstr_assert (vlan_str, ",", string);
vlan_str = nm_bridge_vlan_to_str (vlans->pdata[i], NULL);
if (i > 0)
nm_str_buf_append_c (&string, ',');
nm_utils_escaped_tokens_escape_strbuf_assert (vlan_str, ",", &string);
}
nm_keyfile_plugin_kf_set_string (info->keyfile,
nm_setting_get_name (setting),
"vlans",
nm_str_buf_get_str (&string));
}
nm_keyfile_plugin_kf_set_string (info->keyfile,
nm_setting_get_name (setting),
"vlans",
string->str);
g_string_free (string, TRUE);
}
@ -2348,17 +2346,21 @@ qdisc_writer (KeyfileWriterInfo *info,
const char *key,
const GValue *value)
{
gsize i;
nm_auto_free_gstring GString *key_name = NULL;
nm_auto_free_gstring GString *value_str = NULL;
GPtrArray *array;
guint i;
array = (GPtrArray *) g_value_get_boxed (value);
if (!array || !array->len)
array = g_value_get_boxed (value);
if ( !array
|| !array->len)
return;
for (i = 0; i < array->len; i++) {
NMTCQdisc *qdisc = array->pdata[i];
GString *key_name = g_string_sized_new (16);
GString *value_str = g_string_sized_new (60);
nm_gstring_prepare (&key_name);
nm_gstring_prepare (&value_str);
g_string_append (key_name, "qdisc.");
_nm_utils_string_append_tc_parent (key_name, NULL,
@ -2369,9 +2371,6 @@ qdisc_writer (KeyfileWriterInfo *info,
NM_SETTING_TC_CONFIG_SETTING_NAME,
key_name->str,
value_str->str);
g_string_free (key_name, TRUE);
g_string_free (value_str, TRUE);
}
}
@ -2381,17 +2380,21 @@ tfilter_writer (KeyfileWriterInfo *info,
const char *key,
const GValue *value)
{
gsize i;
nm_auto_free_gstring GString *key_name = NULL;
nm_auto_free_gstring GString *value_str = NULL;
GPtrArray *array;
guint i;
array = (GPtrArray *) g_value_get_boxed (value);
if (!array || !array->len)
array = g_value_get_boxed (value);
if ( !array
|| !array->len)
return;
for (i = 0; i < array->len; i++) {
NMTCTfilter *tfilter = array->pdata[i];
GString *key_name = g_string_sized_new (16);
GString *value_str = g_string_sized_new (60);
nm_gstring_prepare (&key_name);
nm_gstring_prepare (&value_str);
g_string_append (key_name, "tfilter.");
_nm_utils_string_append_tc_parent (key_name, NULL,
@ -2402,9 +2405,6 @@ tfilter_writer (KeyfileWriterInfo *info,
NM_SETTING_TC_CONFIG_SETTING_NAME,
key_name->str,
value_str->str);
g_string_free (key_name, TRUE);
g_string_free (value_str, TRUE);
}
}
@ -4309,46 +4309,53 @@ char *
nm_keyfile_utils_create_filename (const char *name,
gboolean with_extension)
{
GString *str;
const char *f = name;
/* keyfile used to escape with '*', do not change that behavior.
*
* But for newly added escapings, use '_' instead.
* Also, @with_extension is new-style. */
const char ESCAPE_CHAR = with_extension ? '_' : '*';
const char ESCAPE_CHAR2 = '_';
NMStrBuf str;
char *p;
gsize len;
gsize i;
g_return_val_if_fail (name && name[0], NULL);
str = g_string_sized_new (60);
nm_str_buf_init (&str, 0, FALSE);
len = strlen (name);
p = nm_str_buf_append_len0 (&str, name, len);
/* Convert '/' to ESCAPE_CHAR */
for (f = name; f[0]; f++) {
if (f[0] == '/')
g_string_append_c (str, ESCAPE_CHAR);
else
g_string_append_c (str, f[0]);
for (i = 0; i < len; i++) {
if (p[i] == '/')
p[i] = ESCAPE_CHAR;
}
/* nm_keyfile_utils_create_filename() must avoid anything that ignore_filename() would reject.
* We can escape here more aggressivly then what we would read back. */
if (str->str[0] == '.')
str->str[0] = ESCAPE_CHAR2;
if (str->str[str->len - 1] == '~')
str->str[str->len - 1] = ESCAPE_CHAR2;
if ( check_mkstemp_suffix (str->str)
|| check_suffix (str->str, PEM_TAG)
|| check_suffix (str->str, DER_TAG))
g_string_append_c (str, ESCAPE_CHAR2);
* We can escape here more aggressively then what we would read back. */
if (p[0] == '.')
p[0] = ESCAPE_CHAR2;
if (p[str.len - 1] == '~')
p[str.len - 1] = ESCAPE_CHAR2;
if ( check_mkstemp_suffix (p)
|| check_suffix (p, PEM_TAG)
|| check_suffix (p, DER_TAG))
nm_str_buf_append_c (&str, ESCAPE_CHAR2);
if (with_extension)
g_string_append (str, NM_KEYFILE_PATH_SUFFIX_NMCONNECTION);
nm_str_buf_append (&str, NM_KEYFILE_PATH_SUFFIX_NMCONNECTION);
p = nm_str_buf_finalize (&str, NULL);
/* nm_keyfile_utils_create_filename() must mirror ignore_filename() */
nm_assert (!strchr (str->str, '/'));
nm_assert (!nm_keyfile_utils_ignore_filename (str->str, with_extension));
nm_assert (!strchr (p, '/'));
nm_assert (!nm_keyfile_utils_ignore_filename (p, with_extension));
return g_string_free (str, FALSE);;
return p;
}
/*****************************************************************************/

12
libnm-core/nm-setting-8021x.c
View File

@ -990,7 +990,7 @@ nm_setting_802_1x_get_ca_cert_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_ca_cert_blob() and
* nm_setting_802_1x_get_ca_cert_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*
@ -1321,7 +1321,7 @@ nm_setting_802_1x_get_client_cert_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_client_cert_blob() and
* nm_setting_802_1x_get_client_cert_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*
@ -1583,7 +1583,7 @@ nm_setting_802_1x_get_phase2_ca_cert_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_phase2_ca_cert_blob() and
* nm_setting_802_1x_get_phase2_ca_cert_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*
@ -1918,7 +1918,7 @@ nm_setting_802_1x_get_phase2_client_cert_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_phase2_ca_cert_blob() and
* nm_setting_802_1x_get_phase2_ca_cert_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*
@ -2154,7 +2154,7 @@ nm_setting_802_1x_get_private_key_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_private_key_blob() and
* nm_setting_802_1x_get_private_key_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*
@ -2357,7 +2357,7 @@ nm_setting_802_1x_get_phase2_private_key_path (NMSetting8021x *setting)
* nm_setting_802_1x_get_phase2_private_key_blob() and
* nm_setting_802_1x_get_phase2_private_key_path().
*
* Currently it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* Currently, it's limited to PKCS#11 URIs ('pkcs11' scheme as defined by RFC
* 7512), but may be extended to other schemes in future (such as 'file' URIs
* for local files and 'data' URIs for inline certificate data).
*

2
libnm-core/nm-setting-bond.c
View File

@ -370,7 +370,7 @@ static void
_ensure_options_idx_cache (NMSettingBondPrivate *priv)
{
if (!G_UNLIKELY (priv->options_idx_cache))
priv->options_idx_cache = nm_utils_named_values_from_str_dict_with_sort (priv->options, NULL, _get_option_sort, NULL);
priv->options_idx_cache = nm_utils_named_values_from_strdict_full (priv->options, NULL, _get_option_sort, NULL, NULL, 0, NULL);
}
/**

40
libnm-core/nm-setting-bridge.c
View File

@ -10,6 +10,7 @@
#include <ctype.h>
#include <stdlib.h>
#include "nm-glib-aux/nm-str-buf.h"
#include "nm-connection-private.h"
#include "nm-utils.h"
#include "nm-utils-private.h"
@ -407,25 +408,6 @@ nm_bridge_vlan_new_clone (const NMBridgeVlan *vlan)
return copy;
}
void
_nm_bridge_vlan_str_append_rest (const NMBridgeVlan *vlan,
GString *string,
gboolean leading_space)
{
if (nm_bridge_vlan_is_pvid (vlan)) {
if (leading_space)
g_string_append_c (string, ' ');
g_string_append (string, "pvid");
leading_space = TRUE;
}
if (nm_bridge_vlan_is_untagged (vlan)) {
if (leading_space)
g_string_append_c (string, ' ');
g_string_append (string, "untagged");
leading_space = TRUE;
}
}
/**
* nm_bridge_vlan_to_str:
* @vlan: the %NMBridgeVlan
@ -440,7 +422,7 @@ _nm_bridge_vlan_str_append_rest (const NMBridgeVlan *vlan,
char *
nm_bridge_vlan_to_str (const NMBridgeVlan *vlan, GError **error)
{
GString *string;
NMStrBuf string;
g_return_val_if_fail (vlan, NULL);
g_return_val_if_fail (!error || !*error, NULL);
@ -449,16 +431,19 @@ nm_bridge_vlan_to_str (const NMBridgeVlan *vlan, GError **error)
* future if more parameters are added to the object that could
* make it invalid. */
string = g_string_sized_new (28);
nm_str_buf_init (&string, NM_UTILS_GET_NEXT_REALLOC_SIZE_32, FALSE);
if (vlan->vid_start == vlan->vid_end)
g_string_append_printf (string, "%u", vlan->vid_start);
nm_str_buf_append_printf (&string, "%u", vlan->vid_start);
else
g_string_append_printf (string, "%u-%u", vlan->vid_start, vlan->vid_end);
nm_str_buf_append_printf (&string, "%u-%u", vlan->vid_start, vlan->vid_end);
_nm_bridge_vlan_str_append_rest (vlan, string, TRUE);
if (nm_bridge_vlan_is_pvid (vlan))
nm_str_buf_append (&string, " pvid");
if (nm_bridge_vlan_is_untagged (vlan))
nm_str_buf_append (&string, " untagged");
return g_string_free (string, FALSE);
return nm_str_buf_finalize (&string, NULL);
}
/**
@ -1988,8 +1973,9 @@ nm_setting_bridge_class_init (NMSettingBridgeClass *klass)
* Sets bridge's multicast router. Multicast-snooping must be enabled
* for this option to work.
*
* Supported values are: 'auto', 'disabled', 'enabled'.
* If not specified the default value is 'auto'.
* Supported values are: 'auto', 'disabled', 'enabled' to which kernel
* assigns the numbers 1, 0, and 2, respectively.
* If not specified the default value is 'auto' (1).
**/
/* ---ifcfg-rh---
* property: multicast-router

14
libnm-core/nm-setting-connection.c
View File

@ -808,7 +808,7 @@ nm_setting_connection_add_secondary (NMSettingConnection *setting,
* @setting: the #NMSettingConnection
* @idx: index number of the secondary connection UUID
*
* Removes the secondary coonnection UUID at index @idx.
* Removes the secondary connection UUID at index @idx.
**/
void
nm_setting_connection_remove_secondary (NMSettingConnection *setting, guint32 idx)
@ -832,7 +832,7 @@ nm_setting_connection_remove_secondary (NMSettingConnection *setting, guint32 id
* @setting: the #NMSettingConnection
* @sec_uuid: the secondary connection UUID to remove
*
* Removes the secondary coonnection UUID @sec_uuid.
* Removes the secondary connection UUID @sec_uuid.
*
* Returns: %TRUE if the secondary connection UUID was found and removed; %FALSE if it was not.
**/
@ -1758,7 +1758,7 @@ nm_setting_connection_class_init (NMSettingConnectionClass *klass)
* name is included, so that different interfaces yield different addresses.
*
* The '$' character is treated special to perform dynamic substitutions
* at runtime. Currently supported are "${CONNECTION}", "${DEVICE}", "${MAC}",
* at runtime. Currently, supported are "${CONNECTION}", "${DEVICE}", "${MAC}",
* "${BOOT}", "${RANDOM}".
* These effectively create unique IDs per-connection, per-device, per-boot,
* or every time. Note that "${DEVICE}" corresponds to the interface name of the
@ -2128,7 +2128,7 @@ nm_setting_connection_class_init (NMSettingConnectionClass *klass)
* NMSettingConnection:secondaries:
*
* List of connection UUIDs that should be activated when the base
* connection itself is activated. Currently only VPN connections are
* connection itself is activated. Currently, only VPN connections are
* supported.
**/
/* ---ifcfg-rh---
@ -2222,7 +2222,7 @@ nm_setting_connection_class_init (NMSettingConnectionClass *klass)
* to use a global default. If the global default is not set, the authentication
* retries for 3 times before failing the connection.
*
* Currently this only applies to 802-1x authentication.
* Currently, this only applies to 802-1x authentication.
*
* Since: 1.10
**/
@ -2252,7 +2252,7 @@ nm_setting_connection_class_init (NMSettingConnectionClass *klass)
* If unspecified, "default" ultimately depends on the DNS plugin (which
* for systemd-resolved currently means "no").
*
* This feature requires a plugin which supports mDNS. Otherwise the
* This feature requires a plugin which supports mDNS. Otherwise, the
* setting has no effect. One such plugin is dns-systemd-resolved.
*
* Since: 1.12
@ -2287,7 +2287,7 @@ nm_setting_connection_class_init (NMSettingConnectionClass *klass)
* If unspecified, "default" ultimately depends on the DNS plugin (which
* for systemd-resolved currently means "yes").
*
* This feature requires a plugin which supports LLMNR. Otherwise the
* This feature requires a plugin which supports LLMNR. Otherwise, the
* setting has no effect. One such plugin is dns-systemd-resolved.
*
* Since: 1.14

4
libnm-core/nm-setting-infiniband.c
View File

@ -97,7 +97,7 @@ nm_setting_infiniband_get_transport_mode (NMSettingInfiniband *setting)
* @setting: the #NMSettingInfiniband
*
* Returns the P_Key to use for this device. A value of -1 means to
* use the default P_Key (aka "the P_Key at index 0"). Otherwise it is
* use the default P_Key (aka "the P_Key at index 0"). Otherwise, it is
* a 16-bit unsigned integer.
*
* Returns: the IPoIB P_Key
@ -448,7 +448,7 @@ nm_setting_infiniband_class_init (NMSettingInfinibandClass *klass)
* NMSettingInfiniband:p-key:
*
* The InfiniBand P_Key to use for this device. A value of -1 means to use
* the default P_Key (aka "the P_Key at index 0"). Otherwise it is a 16-bit
* the default P_Key (aka "the P_Key at index 0"). Otherwise, it is a 16-bit
* unsigned integer, whose high bit is set if it is a "full membership"
* P_Key.
**/

164
libnm-core/nm-setting-ip-config.c
View File

@ -11,6 +11,7 @@
#include <arpa/inet.h>
#include <linux/fib_rules.h>
#include "nm-glib-aux/nm-str-buf.h"
#include "nm-setting-ip4-config.h"
#include "nm-setting-ip6-config.h"
#include "nm-utils.h"
@ -745,7 +746,7 @@ nm_ip_route_unref (NMIPRoute *route)
* nm_ip_route_equal_full:
* @route: the #NMIPRoute
* @other: the #NMIPRoute to compare @route to.
* @cmp_flags: tune how to compare attributes. Currently only
* @cmp_flags: tune how to compare attributes. Currently, only
* NM_IP_ROUTE_EQUAL_CMP_FLAGS_NONE (0) and NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS (1)
* is supported.
*
@ -1363,9 +1364,12 @@ nm_ip_route_attribute_validate (const char *name,
gboolean
_nm_ip_route_attribute_validate_all (const NMIPRoute *route, GError **error)
{
GHashTableIter iter;
const char *key;
NMUtilsNamedValue attrs_static[G_N_ELEMENTS (ip_route_attribute_spec)];
gs_free NMUtilsNamedValue *attrs_free = NULL;
const NMUtilsNamedValue *attrs;
guint attrs_len;
GVariant *val;
guint i;
guint8 u8;
g_return_val_if_fail (route, FALSE);
@ -1374,9 +1378,15 @@ _nm_ip_route_attribute_validate_all (const NMIPRoute *route, GError **error)
if (!route->attributes)
return TRUE;
g_hash_table_iter_init (&iter, route->attributes);
while (g_hash_table_iter_next (&iter, (gpointer *) &key, (gpointer *) &val)) {
if (!nm_ip_route_attribute_validate (key, val, route->family, NULL, error))
attrs = nm_utils_named_values_from_strdict (route->attributes,
&attrs_len,
attrs_static,
&attrs_free);
for (i = 0; i < attrs_len; i++) {
const char *key = attrs[i].name;
GVariant *val2 = attrs[i].value_ptr;
if (!nm_ip_route_attribute_validate (key, val2, route->family, NULL, NULL))
return FALSE;
}
@ -3021,7 +3031,7 @@ _rr_string_addr_family_from_flags (NMIPRoutingRuleAsStringFlags to_string_flags)
* @to_string_flags: #NMIPRoutingRuleAsStringFlags for controlling the
* string conversion.
* @extra_args: (allow-none): extra arguments for controlling the string
* conversion. Currently not extra arguments are supported.
* conversion. Currently, not extra arguments are supported.
* @error: (allow-none) (out): the error reason.
*
* Returns: (transfer full): the new #NMIPRoutingRule or %NULL on error.
@ -3081,7 +3091,7 @@ nm_ip_routing_rule_from_string (const char *str,
* - iproute2 in may regards is flexible about the command lines. For example
* - for tables it accepts table names from /etc/iproute2/rt_tables. We only
* accept the special aliases "main", "local", and "default".
* - key names like "preference" can be abbreviated to "prefe", we don't do that.
* - key names like "preference" can be abbreviated to "pref", we don't do that.
* - the "preference"/"priority" may be unspecified, in which kernel automatically
* chooses an unused priority (during `ip rule add`). We don't allow for that, the
* priority must be explicitly set.
@ -3117,7 +3127,7 @@ nm_ip_routing_rule_from_string (const char *str,
}
/* iproute2 matches keywords with any partial prefix. We don't allow
* for that flexiblity. */
* for that flexibility. */
if (NM_IN_STRSET (word0, "from")) {
if (!word1)
@ -3395,7 +3405,7 @@ next_words_consumed:
}
static void
_rr_string_append_inet_addr (GString *str,
_rr_string_append_inet_addr (NMStrBuf *str,
gboolean is_from /* or else is-to */,
gboolean required,
int addr_family,
@ -3406,26 +3416,26 @@ _rr_string_append_inet_addr (GString *str,
if (addr_len == 0) {
if (required) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"%s %s/0",
is_from ? "from" : "to",
(addr_family == AF_INET)
? "0.0.0.0"
: "::");
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (str, ' '),
"%s %s/0",
is_from ? "from" : "to",
(addr_family == AF_INET)
? "0.0.0.0"
: "::");
}
return;
}
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"%s %s",
is_from ? "from" : "to",
nm_utils_inet_ntop (addr_family,
addr_bin,
addr_str));
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (str, ' '),
"%s %s",
is_from ? "from" : "to",
nm_utils_inet_ntop (addr_family,
addr_bin,
addr_str));
if (addr_len != nm_utils_addr_family_to_size (addr_family) * 8) {
g_string_append_printf (str,
"/%u",
addr_len);
nm_str_buf_append_printf (str,
"/%u",
addr_len);
}
}
@ -3435,7 +3445,7 @@ _rr_string_append_inet_addr (GString *str,
* @to_string_flags: #NMIPRoutingRuleAsStringFlags for controlling the
* string conversion.
* @extra_args: (allow-none): extra arguments for controlling the string
* conversion. Currently not extra arguments are supported.
* conversion. Currently, not extra arguments are supported.
* @error: (allow-none) (out): the error reason.
*
* Returns: (transfer full): the string representation or %NULL on error.
@ -3448,8 +3458,8 @@ nm_ip_routing_rule_to_string (const NMIPRoutingRule *self,
GHashTable *extra_args,
GError **error)
{
nm_auto_free_gstring GString *str = NULL;
int addr_family;
NMStrBuf str;
g_return_val_if_fail (NM_IS_IP_ROUTING_RULE (self, TRUE), NULL);
@ -3485,18 +3495,18 @@ nm_ip_routing_rule_to_string (const NMIPRoutingRule *self,
}
}
str = g_string_sized_new (30);
nm_str_buf_init (&str, NM_UTILS_GET_NEXT_REALLOC_SIZE_32, FALSE);
if (self->priority_has) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"priority %u",
(guint) self->priority);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"priority %u",
(guint) self->priority);
}
if (self->invert)
g_string_append (nm_gstring_add_space_delimiter (str), "not");
nm_str_buf_append (nm_str_buf_append_required_delimiter (&str, ' '), "not");
_rr_string_append_inet_addr (str,
_rr_string_append_inet_addr (&str,
TRUE,
( !self->to_has
|| !self->to_valid),
@ -3506,7 +3516,7 @@ nm_ip_routing_rule_to_string (const NMIPRoutingRule *self,
? self->from_len
: 0);
_rr_string_append_inet_addr (str,
_rr_string_append_inet_addr (&str,
FALSE,
FALSE,
addr_family,
@ -3516,88 +3526,88 @@ nm_ip_routing_rule_to_string (const NMIPRoutingRule *self,
: 0);
if (self->tos != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"tos 0x%02x",
(guint) self->tos);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"tos 0x%02x",
(guint) self->tos);
}
if (self->ipproto != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"ipproto %u",
(guint) self->ipproto);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"ipproto %u",
(guint) self->ipproto);
}
if ( self->fwmark != 0
|| self->fwmask != 0) {
if (self->fwmark != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"fwmark 0x%x",
self->fwmark);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"fwmark 0x%x",
self->fwmark);
} else {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"fwmark 0");
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"fwmark 0");
}
if (self->fwmask != 0xFFFFFFFFu) {
if (self->fwmask != 0)
g_string_append_printf (str, "/0x%x", self->fwmask);
nm_str_buf_append_printf (&str, "/0x%x", self->fwmask);
else
g_string_append_printf (str, "/0");
nm_str_buf_append_printf (&str, "/0");
}
}
if ( self->sport_start != 0
|| self->sport_end != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"sport %u",
self->sport_start);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"sport %u",
self->sport_start);
if (self->sport_start != self->sport_end) {
g_string_append_printf (str,
"-%u",
self->sport_end);
nm_str_buf_append_printf (&str,
"-%u",
self->sport_end);
}
}
if ( self->dport_start != 0
|| self->dport_end != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"dport %u",
self->dport_start);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"dport %u",
self->dport_start);
if (self->dport_start != self->dport_end) {
g_string_append_printf (str,
"-%u",
self->dport_end);
nm_str_buf_append_printf (&str,
"-%u",
self->dport_end);
}
}
if (self->iifname) {
g_string_append (nm_gstring_add_space_delimiter (str),
"iif ");
nm_utils_escaped_tokens_escape_gstr (self->iifname,
NM_ASCII_SPACES,
str);
nm_str_buf_append (nm_str_buf_append_required_delimiter (&str, ' '),
"iif ");
nm_utils_escaped_tokens_escape_strbuf (self->iifname,
NM_ASCII_SPACES,
&str);
}
if (self->oifname) {
g_string_append (nm_gstring_add_space_delimiter (str),
"oif ");
nm_utils_escaped_tokens_escape_gstr (self->oifname,
NM_ASCII_SPACES,
str);
nm_str_buf_append (nm_str_buf_append_required_delimiter (&str, ' '),
"oif ");
nm_utils_escaped_tokens_escape_strbuf (self->oifname,
NM_ASCII_SPACES,
&str);
}
if (self->table != 0) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"table %u",
(guint) self->table);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"table %u",
(guint) self->table);
}
if (self->suppress_prefixlength != -1) {
g_string_append_printf (nm_gstring_add_space_delimiter (str),
"suppress_prefixlength %d",
(int) self->suppress_prefixlength);
nm_str_buf_append_printf (nm_str_buf_append_required_delimiter (&str, ' '),
"suppress_prefixlength %d",
(int) self->suppress_prefixlength);
}
return g_string_free (g_steal_pointer (&str), FALSE);
return nm_str_buf_finalize (&str, NULL);
}
/*****************************************************************************/
@ -5967,7 +5977,7 @@ nm_setting_ip_config_class_init (NMSettingIPConfigClass *klass)
*
* Flags for the DHCP hostname and FQDN.
*
* Currently this property only includes flags to control the FQDN flags
* Currently, this property only includes flags to control the FQDN flags
* set in the DHCP FQDN option. Supported FQDN flags are
* %NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE,
* %NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED and

2
libnm-core/nm-setting-ip-tunnel.c
View File

@ -816,7 +816,7 @@ nm_setting_ip_tunnel_class_init (NMSettingIPTunnelClass *klass)
/**
* NMSettingIPTunnel:flags:
*
* Tunnel flags. Currently the following values are supported:
* Tunnel flags. Currently, the following values are supported:
* %NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT, %NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_TCLASS,
* %NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FLOWLABEL, %NM_IP_TUNNEL_FLAG_IP6_MIP6_DEV,
* %NM_IP_TUNNEL_FLAG_IP6_RCV_DSCP_COPY, %NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FWMARK.

2
libnm-core/nm-setting-ip4-config.c
View File

@ -197,7 +197,7 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
if ( NM_FLAGS_ANY (nm_setting_ip_config_get_dhcp_hostname_flags (s_ip),
NM_DHCP_HOSTNAME_FLAGS_FQDN_MASK)
&& !priv->dhcp_fqdn) {
/* Currently we send a FQDN option only when ipv4.dhcp-fqdn is set */
/* Currently, we send a FQDN option only when ipv4.dhcp-fqdn is set */
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,

2
libnm-core/nm-setting-sriov.c
View File

@ -1305,7 +1305,7 @@ nm_setting_sriov_class_init (NMSettingSriovClass *klass)
* "2 mac=00:11:22:33:44:55 spoof-check=true".
*
* Multiple VFs can be specified using a comma as separator.
* Currently the following attributes are supported: mac,
* Currently, the following attributes are supported: mac,
* spoof-check, trust, min-tx-rate, max-tx-rate, vlans.
*
* The "vlans" attribute is represented as a semicolon-separated

52
libnm-core/nm-setting-tc-config.c
View File

@ -174,13 +174,14 @@ nm_tc_qdisc_equal (NMTCQdisc *qdisc, NMTCQdisc *other)
static guint
_nm_tc_qdisc_hash (NMTCQdisc *qdisc)
{
gs_free const char **names = NULL;
GVariant *variant;
NMUtilsNamedValue attrs_static[30];
gs_free NMUtilsNamedValue *attrs_free = NULL;
const NMUtilsNamedValue *attrs;
NMHashState h;
guint length;
guint i;
names = nm_utils_strdict_get_keys (qdisc->attributes, TRUE, &length);
attrs = nm_utils_named_values_from_strdict (qdisc->attributes, &length, attrs_static, &attrs_free);
nm_hash_init (&h, 43869703);
nm_hash_update_vals (&h,
@ -189,13 +190,13 @@ _nm_tc_qdisc_hash (NMTCQdisc *qdisc)
length);
nm_hash_update_str0 (&h, qdisc->kind);
for (i = 0; i < length; i++) {
const char *key = attrs[i].name;
GVariant *variant = attrs[i].value_ptr;
const GVariantType *vtype;
variant = g_hash_table_lookup (qdisc->attributes, names[i]);
vtype = g_variant_get_type (variant);
nm_hash_update_str (&h, names[i]);
nm_hash_update_str (&h, key);
nm_hash_update_str (&h, (const char *) vtype);
if (g_variant_type_is_basic (vtype))
nm_hash_update_val (&h, g_variant_hash (variant));
@ -585,6 +586,8 @@ nm_tc_action_get_kind (NMTCAction *action)
* Gets an array of attribute names defined on @action.
*
* Returns: (transfer full): a %NULL-terminated array of attribute names,
*
* Since: 1.12
**/
char **
nm_tc_action_get_attribute_names (NMTCAction *action)
@ -614,6 +617,8 @@ _nm_tc_action_get_attributes (NMTCAction *action)
*
* Returns: (transfer none): the value of the attribute with name @name on
* @action, or %NULL if @action has no such attribute.
*
* Since: 1.12
**/
GVariant *
nm_tc_action_get_attribute (NMTCAction *action, const char *name)
@ -634,6 +639,8 @@ nm_tc_action_get_attribute (NMTCAction *action, const char *name)
* @value: (transfer none) (allow-none): the value
*
* Sets or clears the named attribute on @action to the given value.
*
* Since: 1.12
**/
void
nm_tc_action_set_attribute (NMTCAction *action, const char *name, GVariant *value)
@ -792,24 +799,31 @@ nm_tc_tfilter_equal (NMTCTfilter *tfilter, NMTCTfilter *other)
static guint
_nm_tc_tfilter_hash (NMTCTfilter *tfilter)
{
gs_free const char **names = NULL;
guint i, attr_hash;
GVariant *variant;
NMHashState h;
guint length;
nm_hash_init (&h, 63624437);
nm_hash_update_vals (&h,
tfilter->handle,
tfilter->parent);
nm_hash_update_str0 (&h, tfilter->kind);
if (tfilter->action) {
gs_free NMUtilsNamedValue *attrs_free = NULL;
NMUtilsNamedValue attrs_static[30];
const NMUtilsNamedValue *attrs;
guint length;
guint i;
nm_hash_update_str0 (&h, tfilter->action->kind);
names = nm_utils_strdict_get_keys (tfilter->action->attributes, TRUE, &length);
attrs = nm_utils_named_values_from_strdict (tfilter->action->attributes, &length, attrs_static, &attrs_free);
for (i = 0; i < length; i++) {
nm_hash_update_str (&h, names[i]);
variant = g_hash_table_lookup (tfilter->action->attributes, names[i]);
GVariant *variant = attrs[i].value_ptr;
nm_hash_update_str (&h, attrs[i].name);
if (g_variant_type_is_basic (g_variant_get_type (variant))) {
guint attr_hash;
/* g_variant_hash() works only for basic types, thus
* we ignore any non-basic attribute. Actions differing
* only for non-basic attributes will collide. */
@ -818,6 +832,7 @@ _nm_tc_tfilter_hash (NMTCTfilter *tfilter)
}
}
}
return nm_hash_complete (&h);
}
@ -1374,9 +1389,11 @@ _qdiscs_to_variant (GPtrArray *qdiscs)
if (qdiscs) {
for (i = 0; i < qdiscs->len; i++) {
NMUtilsNamedValue attrs_static[30];
gs_free NMUtilsNamedValue *attrs_free = NULL;
const NMUtilsNamedValue *attrs;
NMTCQdisc *qdisc = qdiscs->pdata[i];
guint length;
gs_free const char **attrs = nm_utils_strdict_get_keys (qdisc->attributes, TRUE, &length);
GVariantBuilder qdisc_builder;
guint y;
@ -1391,9 +1408,12 @@ _qdiscs_to_variant (GPtrArray *qdiscs)
g_variant_builder_add (&qdisc_builder, "{sv}", "parent",
g_variant_new_uint32 (nm_tc_qdisc_get_parent (qdisc)));
attrs = nm_utils_named_values_from_strdict (qdisc->attributes, &length, attrs_static, &attrs_free);
for (y = 0; y < length; y++) {
g_variant_builder_add (&qdisc_builder, "{sv}", attrs[y],
g_hash_table_lookup (qdisc->attributes, attrs[y]));
g_variant_builder_add (&qdisc_builder,
"{sv}",
attrs[y].name,
attrs[y].value_ptr);
}
g_variant_builder_add (&builder, "a{sv}", &qdisc_builder);

2
libnm-core/nm-setting-vlan.c
View File

@ -272,7 +272,7 @@ nm_setting_vlan_get_num_priorities (NMSettingVlan *setting, NMVlanPriorityMap ma
* Retrieve one of the entries of the #NMSettingVlan:ingress_priority_map
* or #NMSettingVlan:egress_priority_map properties of this setting.
*
* Returns: returns %TRUE if @idx is in range. Otherwise %FALSE.
* Returns: returns %TRUE if @idx is in range. Otherwise, %FALSE.
**/
gboolean
nm_setting_vlan_get_priority (NMSettingVlan *setting,

2
libnm-core/nm-setting-wifi-p2p.c
View File

@ -240,7 +240,7 @@ nm_setting_wifi_p2p_class_init (NMSettingWifiP2PClass *setting_wifi_p2p_class)
/**
* NMSettingWifiP2P:peer:
*
* The P2P device that should be connected to. Currently this is the only
* The P2P device that should be connected to. Currently, this is the only
* way to create or join a group.
*
* Since: 1.16

10
libnm-core/nm-setting-wireguard.c
View File

@ -30,7 +30,7 @@ G_DEFINE_BOXED_TYPE (NMWireGuardPeer, nm_wireguard_peer, _wireguard_peer_dup, nm
/* NMWireGuardPeer can also track invalid allowed-ip settings, and only reject
* them later during is_valid(). Such values are marked by a leading 'X' character
* in the @allowed_ips. It is expected, that such values are the expception, and
* in the @allowed_ips. It is expected, that such values are the exception, and
* commonly not present. */
#define ALLOWED_IP_INVALID_X 'X'
#define ALLOWED_IP_INVALID_X_STR "X"
@ -157,7 +157,7 @@ nm_wireguard_peer_ref (NMWireGuardPeer *self)
* @self: (allow-none): the #NMWireGuardPeer instance
*
* Drop a reference to @self. If the last reference is dropped,
* the instance is freed and all accociate data released.
* the instance is freed and all associate data released.
*
* This is not thread-safe.
*
@ -737,9 +737,9 @@ nm_wireguard_peer_remove_allowed_ip (NMWireGuardPeer *self,
* nm_wireguard_peer_is_valid:
* @self: the #NMWireGuardPeer instance
* @check_secrets: if %TRUE, non-secret properties are validated.
* Otherwise they are ignored for this purpose.
* Otherwise, they are ignored for this purpose.
* @check_non_secrets: if %TRUE, secret properties are validated.
* Otherwise they are ignored for this purpose.
* Otherwise, they are ignored for this purpose.
* @error: the #GError location for returning the failure reason.
*
* Returns: %TRUE if the peer is valid or fails with an error
@ -2458,7 +2458,7 @@ nm_setting_wireguard_class_init (NMSettingWireGuardClass *klass)
* NMSettingWireGuard:fwmark:
*
* The use of fwmark is optional and is by default off. Setting it to 0
* disables it. Otherwise it is a 32-bit fwmark for outgoing packets.
* disables it. Otherwise, it is a 32-bit fwmark for outgoing packets.
*
* Note that "ip4-auto-default-route" or "ip6-auto-default-route" enabled,
* implies to automatically choose a fwmark.

2
libnm-core/nm-setting-wireless-security.c
View File

@ -665,7 +665,7 @@ nm_setting_wireless_security_get_wep_key (NMSettingWirelessSecurity *setting, gu
* @setting: the #NMSettingWirelessSecurity
* @idx: the index of the key (0..3 inclusive)
* @key: the WEP key as a string, in either hexadecimal, ASCII, or passphrase
* form as determiend by the value of the #NMSettingWirelessSecurity:wep-key-type
* form as determined by the value of the #NMSettingWirelessSecurity:wep-key-type
* property.
*
* Sets a WEP key in the given index.

2
libnm-core/nm-setting-wireless-security.h
View File

@ -78,7 +78,7 @@ typedef enum {
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_DEFAULT: Attempt whichever method AP supports
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_DISABLED: WPS can not be used.
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_AUTO: Use WPS, any method
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_PBC: use WPS push-buthon method
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_PBC: use WPS push-button method
* @NM_SETTING_WIRELESS_SECURITY_WPS_METHOD_PIN: use PIN method
*
* Configure the use of WPS by a connection while it activates.

76
libnm-core/nm-setting-wireless.c
View File

@ -43,6 +43,7 @@ NM_GOBJECT_PROPERTIES_DEFINE (NMSettingWireless,
PROP_POWERSAVE,
PROP_MAC_ADDRESS_RANDOMIZATION,
PROP_WAKE_ON_WLAN,
PROP_AP_ISOLATION,
);
typedef struct {
@ -55,13 +56,14 @@ typedef struct {
char *device_mac_address;
char *cloned_mac_address;
char *generate_mac_address_mask;
NMSettingMacRandomization mac_address_randomization;
NMTernary ap_isolation;
guint32 channel;
guint32 rate;
guint32 tx_power;
guint32 mtu;
guint32 powersave;
guint32 wowl;
NMSettingMacRandomization mac_address_randomization;
bool hidden:1;
} NMSettingWirelessPrivate;
@ -739,6 +741,22 @@ _to_dbus_fcn_seen_bssids (const NMSettInfoSetting *sett_info,
return g_variant_new_strv ((const char *const*) priv->seen_bssids->pdata, priv->seen_bssids->len);
}
/**
* nm_setting_wireless_get_ap_isolation:
* @setting: the #NMSettingWireless
*
* Returns: the #NMSettingWireless:ap-isolation property of the setting
*
* Since: 1.28
*/
NMTernary
nm_setting_wireless_get_ap_isolation (NMSettingWireless *setting)
{
g_return_val_if_fail (NM_IS_SETTING_WIRELESS (setting), NM_TERNARY_DEFAULT);
return NM_SETTING_WIRELESS_GET_PRIVATE (setting)->ap_isolation;
}
/*****************************************************************************/
static gboolean
@ -934,6 +952,17 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
return FALSE;
}
if ( priv->ap_isolation != NM_TERNARY_DEFAULT
&& !nm_streq0 (priv->mode, NM_SETTING_WIRELESS_MODE_AP)) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
_("AP isolation can be set only in AP mode"));
g_prefix_error (error, "%s.%s: ", NM_SETTING_WIRELESS_SETTING_NAME,
NM_SETTING_WIRELESS_AP_ISOLATION);
return FALSE;
}
/* from here on, check for NM_SETTING_VERIFY_NORMALIZABLE conditions. */
if (priv->cloned_mac_address) {
@ -1094,6 +1123,9 @@ get_property (GObject *object, guint prop_id,
case PROP_WAKE_ON_WLAN:
g_value_set_uint (value, nm_setting_wireless_get_wake_on_wlan (setting));
break;
case PROP_AP_ISOLATION:
g_value_set_enum (value, priv->ap_isolation);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -1203,6 +1235,9 @@ set_property (GObject *object, guint prop_id,
case PROP_WAKE_ON_WLAN:
priv->wowl = g_value_get_uint (value);
break;
case PROP_AP_ISOLATION:
priv->ap_isolation = g_value_get_enum (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -1221,6 +1256,7 @@ nm_setting_wireless_init (NMSettingWireless *setting)
g_array_set_clear_func (priv->mac_address_blacklist, (GDestroyNotify) clear_blacklist_item);
priv->wowl = NM_SETTING_WIRELESS_WAKE_ON_WLAN_DEFAULT;
priv->ap_isolation = NM_TERNARY_DEFAULT;
}
/**
@ -1769,6 +1805,44 @@ nm_setting_wireless_class_init (NMSettingWirelessClass *klass)
G_PARAM_READWRITE |
G_PARAM_STATIC_STRINGS);
/**
* NMSettingWireless:ap-isolation
*
* Configures AP isolation, which prevents communication between
* wireless devices connected to this AP. This property can be set
* to a value different from %NM_TERNARY_DEFAULT only when the
* interface is configured in AP mode.
*
* If set to %NM_TERNARY_TRUE, devices are not able to communicate
* with each other. This increases security because it protects
* devices against attacks from other clients in the network. At
* the same time, it prevents devices to access resources on the
* same wireless networks as file shares, printers, etc.
*
* If set to %NM_TERNARY_FALSE, devices can talk to each other.
*
* When set to %NM_TERNARY_DEFAULT, the global default is used; in
* case the global default is unspecified it is assumed to be
* %NM_TERNARY_FALSE.
*
* Since: 1.28
**/
/* ---ifcfg-rh---
* property: ap-isolation
* variable: AP_ISOLATION(+)
* values: "yes", "no"
* default: missing variable means global default
* description: Whether AP isolation is enabled
* ---end---
*/
obj_properties[PROP_AP_ISOLATION] =
g_param_spec_enum (NM_SETTING_WIRELESS_AP_ISOLATION, "", "",
NM_TYPE_TERNARY,
NM_TERNARY_DEFAULT,
NM_SETTING_PARAM_FUZZY_IGNORE |
G_PARAM_READWRITE |
G_PARAM_STATIC_STRINGS);
g_object_class_install_properties (object_class, _PROPERTY_ENUMS_LAST, obj_properties);
_nm_setting_class_commit_full (setting_class, NM_META_SETTING_TYPE_WIRELESS,

4
libnm-core/nm-setting-wireless.h
View File

@ -84,6 +84,7 @@ typedef enum { /*< flags >*/
#define NM_SETTING_WIRELESS_POWERSAVE "powersave"
#define NM_SETTING_WIRELESS_MAC_ADDRESS_RANDOMIZATION "mac-address-randomization"
#define NM_SETTING_WIRELESS_WAKE_ON_WLAN "wake-on-wlan"
#define NM_SETTING_WIRELESS_AP_ISOLATION "ap-isolation"
/**
* NM_SETTING_WIRELESS_MODE_ADHOC:
@ -205,6 +206,9 @@ gboolean nm_setting_wireless_ap_security_compatible (NMSettingWireless
NM_AVAILABLE_IN_1_12
NMSettingWirelessWakeOnWLan nm_setting_wireless_get_wake_on_wlan (NMSettingWireless *setting);
NM_AVAILABLE_IN_1_28
NMTernary nm_setting_wireless_get_ap_isolation (NMSettingWireless *setting);
G_END_DECLS
#endif /* __NM_SETTING_WIRELESS_H__ */

2
libnm-core/nm-setting.c
View File

@ -2661,7 +2661,7 @@ nm_setting_option_get_uint32 (NMSetting *setting,
*
* Note that not all setting types support options. It is a bug
* setting a variant to a setting that doesn't support it.
* Currently only #NMSettingEthtool supports it.
* Currently, only #NMSettingEthtool supports it.
*
* Since: 1.26
*/

130
libnm-core/nm-team-utils.c
View File

@ -11,7 +11,6 @@
#include "nm-errors.h"
#include "nm-utils-private.h"
#include "nm-json.h"
#include "nm-glib-aux/nm-json-aux.h"
#include "nm-core-internal.h"
#include "nm-setting-team.h"
@ -460,9 +459,9 @@ _team_attr_data_to_json (const TeamAttrData *attr_data,
_team_attr_data_ASSERT (attr_data);
nm_assert (p_field);
nm_json_aux_gstr_append_obj_name (gstr,
attr_data->js_keys[attr_data->js_keys_len - 1],
'\0');
nm_json_gstr_append_obj_name (gstr,
attr_data->js_keys[attr_data->js_keys_len - 1],
'\0');
if (attr_data->value_type != NM_VALUE_TYPE_UNSPEC) {
nm_value_type_to_json (attr_data->value_type, gstr, p_field);
@ -482,7 +481,7 @@ _team_attr_data_to_json (const TeamAttrData *attr_data,
g_string_append (gstr, "[ ");
for (i = 0; i < v_ptrarray->len; i++) {
if (i > 0)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_gstr_append_delimiter (gstr);
_link_watcher_to_json (v_ptrarray->pdata[i], gstr);
}
g_string_append (gstr, " ]");
@ -500,8 +499,8 @@ _team_attr_data_to_json (const TeamAttrData *attr_data,
g_string_append (gstr, "[ ");
for (i = 0; i < v_ptrarray->len; i++) {
if (i > 0)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_aux_gstr_append_string (gstr, v_ptrarray->pdata[i]);
nm_json_gstr_append_delimiter (gstr);
nm_json_gstr_append_string (gstr, v_ptrarray->pdata[i]);
}
g_string_append (gstr, i > 0 ? " ]" : "]");
}
@ -671,7 +670,7 @@ _team_setting_field_to_json (const NMTeamSetting *self,
return FALSE;
if (prepend_delimiter)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_gstr_append_delimiter (gstr);
_team_attr_data_to_json (attr_data,
self->d.is_port,
gstr,
@ -1108,29 +1107,29 @@ _link_watcher_to_json (const NMTeamLinkWatcher *link_watcher,
if (is_first)
is_first = FALSE;
else
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_aux_gstr_append_obj_name (gstr, attr_data->js_key, '\0');
nm_json_gstr_append_delimiter (gstr);
nm_json_gstr_append_obj_name (gstr, attr_data->js_key, '\0');
nm_value_type_to_json (attr_data->value_type, gstr, &p_val->val);
}
g_string_append (gstr, " }");
}
#if WITH_JSON_VALIDATION
static NMTeamLinkWatcher *
_link_watcher_from_json (const json_t *root_js_obj,
_link_watcher_from_json (const NMJsonVt *vt,
const nm_json_t *root_js_obj,
gboolean *out_unrecognized_content)
{
NMValueTypUnioMaybe args[G_N_ELEMENTS (link_watcher_attr_datas)] = { };
const char *j_key;
json_t *j_val;
nm_json_t *j_val;
const char *v_name;
NMTeamLinkWatcher *result = NULL;
if (!json_is_object (root_js_obj))
if (!nm_json_is_object (root_js_obj))
goto fail;
json_object_foreach ((json_t *) root_js_obj, j_key, j_val) {
nm_json_object_foreach (vt, (nm_json_t *) root_js_obj, j_key, j_val) {
const LinkWatcherAttrData *attr_data = NULL;
NMValueTypUnioMaybe *parse_result;
@ -1154,7 +1153,7 @@ _link_watcher_from_json (const json_t *root_js_obj,
if (parse_result->has)
*out_unrecognized_content = TRUE;
if (!nm_value_type_from_json (attr_data->value_type, j_val, &parse_result->val))
if (!nm_value_type_from_json (vt, attr_data->value_type, j_val, &parse_result->val))
*out_unrecognized_content = TRUE;
else
parse_result->has = TRUE;
@ -1218,7 +1217,6 @@ fail:
*out_unrecognized_content = TRUE;
return NULL;
}
#endif
/*****************************************************************************/
@ -1575,15 +1573,15 @@ nm_team_setting_config_get (const NMTeamSetting *self)
nm_assert (list_is_empty);
nm_json_aux_gstr_append_obj_name (gstr, "runner", '{');
nm_json_gstr_append_obj_name (gstr, "runner", '{');
if (_team_setting_fields_to_json_maybe (self, gstr, !list_is_empty2, attr_lst_runner_pt1, G_N_ELEMENTS (attr_lst_runner_pt1)))
list_is_empty2 = FALSE;
if (_team_setting_has_fields_any_v (self, attr_lst_runner_pt2, G_N_ELEMENTS (attr_lst_runner_pt2))) {
if (!list_is_empty2)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_aux_gstr_append_obj_name (gstr, "tx_balancer", '{');
nm_json_gstr_append_delimiter (gstr);
nm_json_gstr_append_obj_name (gstr, "tx_balancer", '{');
if (!_team_setting_fields_to_json_maybe (self, gstr, FALSE, attr_lst_runner_pt2, G_N_ELEMENTS (attr_lst_runner_pt2)))
nm_assert_not_reached ();
g_string_append (gstr, " }");
@ -1600,8 +1598,8 @@ nm_team_setting_config_get (const NMTeamSetting *self)
if (_team_setting_has_fields_any_v (self, attr_lst_notify_peers, G_N_ELEMENTS (attr_lst_notify_peers))) {
if (!list_is_empty)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_aux_gstr_append_obj_name (gstr, "notify_peers", '{');
nm_json_gstr_append_delimiter (gstr);
nm_json_gstr_append_obj_name (gstr, "notify_peers", '{');
if (!_team_setting_fields_to_json_maybe (self, gstr, FALSE, attr_lst_notify_peers, G_N_ELEMENTS (attr_lst_notify_peers)))
nm_assert_not_reached ();
g_string_append (gstr, " }");
@ -1610,8 +1608,8 @@ nm_team_setting_config_get (const NMTeamSetting *self)
if (_team_setting_has_fields_any_v (self, attr_lst_mcast_rejoin, G_N_ELEMENTS (attr_lst_mcast_rejoin))) {
if (!list_is_empty)
nm_json_aux_gstr_append_delimiter (gstr);
nm_json_aux_gstr_append_obj_name (gstr, "mcast_rejoin", '{');
nm_json_gstr_append_delimiter (gstr);
nm_json_gstr_append_obj_name (gstr, "mcast_rejoin", '{');
if (!_team_setting_fields_to_json_maybe (self, gstr, FALSE, attr_lst_mcast_rejoin, G_N_ELEMENTS (attr_lst_mcast_rejoin)))
nm_assert_not_reached ();
g_string_append (gstr, " }");
@ -1641,7 +1639,6 @@ nm_team_setting_config_get (const NMTeamSetting *self)
/*****************************************************************************/
#if WITH_JSON_VALIDATION
static gboolean
_attr_data_match_keys (const TeamAttrData *attr_data,
const char *const*keys,
@ -1686,18 +1683,21 @@ _attr_data_find_by_json_key (gboolean is_port,
}
static void
_js_parse_locate_keys (NMTeamSetting *self,
json_t *root_js_obj,
json_t *found_keys[static _NM_TEAM_ATTRIBUTE_NUM],
_js_parse_locate_keys (const NMJsonVt *vt,
NMTeamSetting *self,
nm_json_t *root_js_obj,
nm_json_t *found_keys[static _NM_TEAM_ATTRIBUTE_NUM],
gboolean *out_unrecognized_content)
{
const char *keys[3];
const char *cur_key1;
const char *cur_key2;
const char *cur_key3;
json_t *cur_val1;
json_t *cur_val2;
json_t *cur_val3;
nm_json_t *cur_val1;
nm_json_t *cur_val2;
nm_json_t *cur_val3;
nm_assert (vt);
#define _handle(_self, _cur_key, _cur_val, _keys, _level, _found_keys, _out_unrecognized_content) \
({ \
@ -1713,18 +1713,18 @@ _js_parse_locate_keys (NMTeamSetting *self,
(_found_keys)[_attr_data->team_attr] = (_cur_val); \
_handled = TRUE; \
} else if ( !_attr_data \
|| !json_is_object ((_cur_val))) { \
|| !nm_json_is_object ((_cur_val))) { \
*(_out_unrecognized_content) = TRUE; \
_handled = TRUE; \
} \
_handled; \
})
json_object_foreach (root_js_obj, cur_key1, cur_val1) {
nm_json_object_foreach (vt, root_js_obj, cur_key1, cur_val1) {
if (!_handle (self, cur_key1, cur_val1, keys, 1, found_keys, out_unrecognized_content)) {
json_object_foreach (cur_val1, cur_key2, cur_val2) {
nm_json_object_foreach (vt, cur_val1, cur_key2, cur_val2) {
if (!_handle (self, cur_key2, cur_val2, keys, 2, found_keys, out_unrecognized_content)) {
json_object_foreach (cur_val2, cur_key3, cur_val3) {
nm_json_object_foreach (vt, cur_val2, cur_key3, cur_val3) {
if (!_handle (self, cur_key3, cur_val3, keys, 3, found_keys, out_unrecognized_content))
*out_unrecognized_content = TRUE;
}
@ -1737,8 +1737,9 @@ _js_parse_locate_keys (NMTeamSetting *self,
}
static void
_js_parse_unpack (gboolean is_port,
json_t *found_keys[static _NM_TEAM_ATTRIBUTE_NUM],
_js_parse_unpack (const NMJsonVt *vt,
gboolean is_port,
nm_json_t *found_keys[static _NM_TEAM_ATTRIBUTE_NUM],
bool out_has_lst[static _NM_TEAM_ATTRIBUTE_NUM],
NMValueTypUnion out_val_lst[static _NM_TEAM_ATTRIBUTE_NUM],
gboolean *out_unrecognized_content,
@ -1747,10 +1748,12 @@ _js_parse_unpack (gboolean is_port,
{
const TeamAttrData *attr_data;
nm_assert (vt);
for (attr_data = &team_attr_datas[TEAM_ATTR_IDX_CONFIG + 1]; attr_data < &team_attr_datas[G_N_ELEMENTS (team_attr_datas)]; attr_data++) {
NMValueTypUnion *p_out_val;
gboolean valid = FALSE;
json_t *arg_js_obj;
nm_json_t *arg_js_obj;
if (!_team_attr_data_is_relevant (attr_data, is_port))
continue;
@ -1764,25 +1767,27 @@ _js_parse_unpack (gboolean is_port,
p_out_val = &out_val_lst[attr_data->team_attr];
if (attr_data->value_type != NM_VALUE_TYPE_UNSPEC)
valid = nm_value_type_from_json (attr_data->value_type, arg_js_obj, p_out_val);
valid = nm_value_type_from_json (vt, attr_data->value_type, arg_js_obj, p_out_val);
else if (attr_data->team_attr == NM_TEAM_ATTRIBUTE_LINK_WATCHERS) {
GPtrArray *link_watchers = NULL;
NMTeamLinkWatcher *link_watcher;
nm_assert (out_ptr_array_link_watchers_free && !*out_ptr_array_link_watchers_free);
if (json_is_array (arg_js_obj)) {
if (nm_json_is_array (arg_js_obj)) {
gsize i, len;
len = json_array_size (arg_js_obj);
len = vt->nm_json_array_size (arg_js_obj);
link_watchers = g_ptr_array_new_full (len, (GDestroyNotify) nm_team_link_watcher_unref);
for (i = 0; i < len; i++) {
link_watcher = _link_watcher_from_json (json_array_get (arg_js_obj, i),
link_watcher = _link_watcher_from_json (vt,
vt->nm_json_array_get (arg_js_obj, i),
out_unrecognized_content);
if (link_watcher)
g_ptr_array_add (link_watchers, link_watcher);
}
} else {
link_watcher = _link_watcher_from_json (arg_js_obj,
link_watcher = _link_watcher_from_json (vt,
arg_js_obj,
out_unrecognized_content);
if (link_watcher) {
link_watchers = g_ptr_array_new_full (1, (GDestroyNotify) nm_team_link_watcher_unref);
@ -1799,16 +1804,17 @@ _js_parse_unpack (gboolean is_port,
GPtrArray *strv = NULL;
nm_assert (out_ptr_array_master_runner_tx_hash_free && !*out_ptr_array_master_runner_tx_hash_free);
if (json_is_array (arg_js_obj)) {
if (nm_json_is_array (arg_js_obj)) {
gsize i, len;
len = json_array_size (arg_js_obj);
len = vt->nm_json_array_size (arg_js_obj);
if (len > 0) {
strv = g_ptr_array_sized_new (len);
for (i = 0; i < len; i++) {
const char *v_string;
if ( nm_jansson_json_as_string (json_array_get (arg_js_obj, i),
if ( nm_jansson_json_as_string (vt,
vt->nm_json_array_get (arg_js_obj, i),
&v_string) <= 0
|| !v_string
|| v_string[0] == '\0') {
@ -1832,11 +1838,11 @@ _js_parse_unpack (gboolean is_port,
*out_unrecognized_content = TRUE;
}
}
#endif
guint32
nm_team_setting_config_set (NMTeamSetting *self, const char *js_str)
{
const NMJsonVt *vt;
guint32 changed_flags = 0;
gboolean do_set_default = TRUE;
gboolean new_js_str_invalid = FALSE;
@ -1866,30 +1872,29 @@ nm_team_setting_config_set (NMTeamSetting *self, const char *js_str)
} else
changed_flags |= nm_team_attribute_to_flags (NM_TEAM_ATTRIBUTE_CONFIG);
#if WITH_JSON_VALIDATION
{
nm_auto_decref_json json_t *root_js_obj = NULL;
if (nm_jansson_load ())
root_js_obj = json_loads (js_str, 0, NULL);
if ((vt = nm_json_vt ())) {
nm_auto_decref_json nm_json_t *root_js_obj = NULL;
root_js_obj = vt->nm_json_loads (js_str, 0, NULL);
if ( !root_js_obj
|| !json_is_object (root_js_obj))
|| !nm_json_is_object (root_js_obj))
new_js_str_invalid = TRUE;
else {
gboolean unrecognized_content = FALSE;
bool has_lst[_NM_TEAM_ATTRIBUTE_NUM] = { FALSE, };
NMValueTypUnion val_lst[_NM_TEAM_ATTRIBUTE_NUM];
json_t *found_keys[_NM_TEAM_ATTRIBUTE_NUM] = { NULL, };
nm_json_t *found_keys[_NM_TEAM_ATTRIBUTE_NUM] = { NULL, };
gs_unref_ptrarray GPtrArray *ptr_array_master_runner_tx_hash_free = NULL;
gs_unref_ptrarray GPtrArray *ptr_array_link_watchers_free = NULL;
_js_parse_locate_keys (self,
_js_parse_locate_keys (vt,
self,
root_js_obj,
found_keys,
&unrecognized_content);
_js_parse_unpack (self->d.is_port,
_js_parse_unpack (vt,
self->d.is_port,
found_keys,
has_lst,
val_lst,
@ -1906,8 +1911,6 @@ nm_team_setting_config_set (NMTeamSetting *self, const char *js_str)
}
}
#endif
if (do_set_default)
changed_flags |= _team_setting_set_default (self);
@ -2222,6 +2225,7 @@ nm_team_setting_reset_from_dbus (NMTeamSetting *self,
GVariantIter iter;
const char *v_key;
GVariant *v_val;
const NMJsonVt *vt;
*out_changed = 0;
@ -2271,10 +2275,12 @@ nm_team_setting_reset_from_dbus (NMTeamSetting *self,
variants[attr_data->team_attr] = g_steal_pointer (&v_val_free);
}
vt = nm_json_vt ();
if (variants[NM_TEAM_ATTRIBUTE_LINK_WATCHERS]) {
if ( variants[NM_TEAM_ATTRIBUTE_CONFIG]
&& WITH_JSON_VALIDATION
&& vt
&& !NM_FLAGS_HAS (parse_flags, NM_SETTING_PARSE_FLAGS_STRICT)) {
/* we don't require the content of the "link-watchers" and we also
* don't perform strict validation. No need to parse it. */
@ -2282,7 +2288,7 @@ nm_team_setting_reset_from_dbus (NMTeamSetting *self,
gs_free_error GError *local = NULL;
/* We might need the parsed v_link_watchers array below (because there is no JSON
* "config" present or because we don't build WITH_JSON_VALIDATION).
* "config" present or because we don't have json support).
*
* Or we might run with NM_SETTING_PARSE_FLAGS_STRICT. In that mode, we may not necessarily
* require that the entire setting as a whole validates (if a JSON config is present and
@ -2310,7 +2316,7 @@ nm_team_setting_reset_from_dbus (NMTeamSetting *self,
? g_variant_get_string (variants[NM_TEAM_ATTRIBUTE_CONFIG], NULL)
: NULL);
if ( WITH_JSON_VALIDATION
if ( vt
&& variants[NM_TEAM_ATTRIBUTE_CONFIG]) {
/* for team settings, the JSON must be able to express all possible options. That means,
* if the GVariant contains both the JSON "config" and other options, then the other options

10
libnm-core/nm-utils-private.h
View File

@ -13,16 +13,6 @@
#include "nm-setting-private.h"
#include "nm-setting-ip-config.h"
struct _NMVariantAttributeSpec {
char *name;
const GVariantType *type;
bool v4:1;
bool v6:1;
bool no_value:1;
bool consumes_rest:1;
char str_type;
};
#define NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(_name, _type, ...) \
(&((const NMVariantAttributeSpec) { \
.name = _name, \

383
libnm-core/nm-utils.c
View File

@ -16,10 +16,8 @@
#include <sys/stat.h>
#include <linux/pkt_sched.h>
#if WITH_JSON_VALIDATION
#include "nm-json.h"
#endif
#include "nm-glib-aux/nm-json-aux.h"
#include "nm-glib-aux/nm-str-buf.h"
#include "nm-glib-aux/nm-enum-utils.h"
#include "nm-glib-aux/nm-time-utils.h"
#include "nm-glib-aux/nm-secret-utils.h"
@ -2067,8 +2065,8 @@ nm_utils_ip_addresses_from_variant (GVariant *value,
g_variant_iter_init (&attrs_iter, addr_var);
while (g_variant_iter_next (&attrs_iter, "{&sv}", &attr_name, &attr_val)) {
if ( strcmp (attr_name, "address") != 0
&& strcmp (attr_name, "prefix") != 0)
if (!NM_IN_STRSET (attr_name, "address",
"prefix"))
nm_ip_address_set_attribute (addr, attr_name, attr_val);
g_variant_unref (attr_val);
}
@ -2193,10 +2191,10 @@ nm_utils_ip_routes_from_variant (GVariant *value,
g_variant_iter_init (&attrs_iter, route_var);
while (g_variant_iter_next (&attrs_iter, "{&sv}", &attr_name, &attr_val)) {
if ( strcmp (attr_name, "dest") != 0
&& strcmp (attr_name, "prefix") != 0
&& strcmp (attr_name, "next-hop") != 0
&& strcmp (attr_name, "metric") != 0)
if (!NM_IN_STRSET (attr_name, "dest",
"prefix",
"next-hop",
"metric"))
nm_ip_route_set_attribute (route, attr_name, attr_val);
g_variant_unref (attr_val);
}
@ -2227,7 +2225,7 @@ _string_append_tc_handle (GString *string, guint32 handle)
*
* This is used to either write out the parent handle to the tc qdisc string
* or to pretty-format (use symbolic name for root) the key in keyfile.
* The presence of prefix determnines which one is the case.
* The presence of prefix determines which one is the case.
*
* Private API due to general ugliness and overall uselessness for anything
* sensible.
@ -2376,7 +2374,8 @@ _nm_utils_string_append_tc_qdisc_rest (GString *string, NMTCQdisc *qdisc)
const char *kind = nm_tc_qdisc_get_kind (qdisc);
gs_free char *str = NULL;
if (handle != TC_H_UNSPEC && strcmp (kind, "ingress") != 0) {
if ( handle != TC_H_UNSPEC
&& !nm_streq (kind, "ingress")) {
g_string_append (string, "handle ");
_string_append_tc_handle (string, handle);
g_string_append_c (string, ' ');
@ -2468,7 +2467,7 @@ _tc_read_common_opts (const char *str,
variant = g_hash_table_lookup (ht, "kind");
if (variant) {
*kind = g_variant_dup_string (variant, NULL);
if (strcmp (*kind, "ingress") == 0) {
if (nm_streq (*kind, "ingress")) {
if (*parent == TC_H_UNSPEC)
*parent = TC_H_INGRESS;
if (*handle == TC_H_UNSPEC)
@ -2524,7 +2523,7 @@ nm_utils_tc_qdisc_from_str (const char *str, GError **error)
return NULL;
for (i = 0; rest && tc_qdisc_attribute_spec[i]; i++) {
if (strcmp (tc_qdisc_attribute_spec[i]->kind, kind) == 0) {
if (nm_streq (tc_qdisc_attribute_spec[i]->kind, kind)) {
options = nm_utils_parse_variant_attributes (rest,
' ', ' ', FALSE,
tc_qdisc_attribute_spec[i]->attrs,
@ -2589,11 +2588,21 @@ _string_append_tc_action (GString *string, NMTCAction *action, GError **error)
{
const char *kind = nm_tc_action_get_kind (action);
gs_free char *str = NULL;
const NMVariantAttributeSpec *const *attrs;
if (nm_streq (kind, "simple"))
attrs = tc_action_simple_attribute_spec;
else if (nm_streq (kind, "mirred"))
attrs = tc_action_mirred_attribute_spec;
else
attrs = NULL;
g_string_append (string, kind);
str = nm_utils_format_variant_attributes (_nm_tc_action_get_attributes (action),
' ', ' ');
str = _nm_utils_format_variant_attributes (_nm_tc_action_get_attributes (action),
attrs,
' ', ' ');
if (str) {
g_string_append_c (string, ' ');
g_string_append (string, str);
@ -2670,9 +2679,9 @@ nm_utils_tc_action_from_str (const char *str, GError **error)
}
kind = g_variant_get_string (variant, NULL);
if (strcmp (kind, "simple") == 0)
if (nm_streq (kind, "simple"))
attrs = tc_action_simple_attribute_spec;
else if (strcmp (kind, "mirred") == 0)
else if (nm_streq (kind, "mirred"))
attrs = tc_action_mirred_attribute_spec;
else
attrs = NULL;
@ -2893,7 +2902,7 @@ nm_utils_sriov_vf_to_str (const NMSriovVF *vf, gboolean omit_index, GError **err
if (num_attrs > 0) {
if (!omit_index)
g_string_append_c (str, ' ');
_nm_utils_format_variant_attributes_full (str, values, num_attrs, ' ', '=');
_nm_utils_format_variant_attributes_full (str, values, num_attrs, NULL, ' ', '=');
}
vlan_ids = nm_sriov_vf_get_vlan_ids (vf, &num_vlans);
@ -3300,30 +3309,29 @@ nm_utils_uuid_generate_from_string (const char *s, gssize slen, int uuid_type, g
char *
_nm_utils_uuid_generate_from_strings (const char *string1, ...)
{
GString *str;
va_list args;
const char *s;
char *uuid;
if (!string1)
return nm_utils_uuid_generate_from_string (NULL, 0, NM_UTILS_UUID_TYPE_VERSION3, NM_UTILS_UUID_NS);
str = g_string_sized_new (120); /* effectively allocates power of 2 (128)*/
{
nm_auto_str_buf NMStrBuf str = NM_STR_BUF_INIT (NM_UTILS_GET_NEXT_REALLOC_SIZE_104, FALSE);
va_list args;
const char *s;
g_string_append_len (str, string1, strlen (string1) + 1);
nm_str_buf_append_len (&str, string1, strlen (string1) + 1u);
va_start (args, string1);
s = va_arg (args, const char *);
while (s) {
g_string_append_len (str, s, strlen (s) + 1);
va_start (args, string1);
s = va_arg (args, const char *);
while (s) {
nm_str_buf_append_len (&str, s, strlen (s) + 1u);
s = va_arg (args, const char *);
}
va_end (args);
return nm_utils_uuid_generate_from_string (nm_str_buf_get_str_unsafe (&str),
str.len,
NM_UTILS_UUID_TYPE_VERSION3,
NM_UTILS_UUID_NS);
}
va_end (args);
uuid = nm_utils_uuid_generate_from_string (str->str, str->len, NM_UTILS_UUID_TYPE_VERSION3, NM_UTILS_UUID_NS);
g_string_free (str, TRUE);
return uuid;
}
/*****************************************************************************/
@ -3571,9 +3579,6 @@ nm_utils_file_search_in_paths (const char *progname,
gpointer user_data,
GError **error)
{
GString *tmp;
const char *ret;
g_return_val_if_fail (!error || !*error, NULL);
g_return_val_if_fail (progname && progname[0] && !strchr (progname, '/'), NULL);
g_return_val_if_fail (file_test_flags || predicate, NULL);
@ -3582,32 +3587,35 @@ nm_utils_file_search_in_paths (const char *progname,
* it simpler to pass in a path from configure checks. */
if ( try_first
&& try_first[0] == '/'
&& (file_test_flags == 0 || g_file_test (try_first, file_test_flags))
&& (!predicate || predicate (try_first, user_data)))
&& ( file_test_flags == 0
|| g_file_test (try_first, file_test_flags))
&& ( !predicate
|| predicate (try_first, user_data)))
return g_intern_string (try_first);
if (!paths || !*paths)
goto NOT_FOUND;
if ( paths
&& paths[0]) {
nm_auto_str_buf NMStrBuf strbuf = NM_STR_BUF_INIT (NM_UTILS_GET_NEXT_REALLOC_SIZE_104, FALSE);
tmp = g_string_sized_new (50);
for (; *paths; paths++) {
if (!*paths)
continue;
g_string_append (tmp, *paths);
if (tmp->str[tmp->len - 1] != '/')
g_string_append_c (tmp, '/');
g_string_append (tmp, progname);
if ( (file_test_flags == 0 || g_file_test (tmp->str, file_test_flags))
&& (!predicate || predicate (tmp->str, user_data))) {
ret = g_intern_string (tmp->str);
g_string_free (tmp, TRUE);
return ret;
for (; *paths; paths++) {
const char *path = *paths;
const char *s;
if (!path[0])
continue;
nm_str_buf_reset (&strbuf, path);
nm_str_buf_ensure_trailing_c (&strbuf, '/');
s = nm_str_buf_append0 (&strbuf, progname);
if ( ( file_test_flags == 0
|| g_file_test (s, file_test_flags))
&& ( !predicate
|| predicate (s, user_data)))
return g_intern_string (s);
}
g_string_set_size (tmp, 0);
}
g_string_free (tmp, TRUE);
NOT_FOUND:
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND, _("Could not find \"%s\" binary"), progname);
return NULL;
}
@ -3620,7 +3628,7 @@ struct cf_pair {
guint32 freq;
};
static struct cf_pair a_table[] = {
static const struct cf_pair a_table[] = {
/* A band */
{ 7, 5035 },
{ 8, 5040 },
@ -3667,10 +3675,60 @@ static struct cf_pair a_table[] = {
{ 188, 4945 },
{ 192, 4960 },
{ 196, 4980 },
{ 0, -1 }
{ 0, 0 }
};
static struct cf_pair bg_table[] = {
static const guint a_table_freqs[G_N_ELEMENTS (a_table)] = {
/* A band */
5035,
5040,
5045,
5055,
5060,
5080,
5170,
5180,
5190,
5200,
5210,
5220,
5230,
5240,
5250,
5260,
5280,
5290,
5300,
5320,
5500,
5520,
5540,
5560,
5580,
5600,
5620,
5640,
5660,
5680,
5700,
5745,
5760,
5765,
5785,
5800,
5805,
5825,
4915,
4920,
4925,
4935,
4945,
4960,
4980,
0,
};
static const struct cf_pair bg_table[] = {
/* B/G band */
{ 1, 2412 },
{ 2, 2417 },
@ -3686,7 +3744,26 @@ static struct cf_pair bg_table[] = {
{ 12, 2467 },
{ 13, 2472 },
{ 14, 2484 },
{ 0, -1 }
{ 0, 0 }
};
static const guint bg_table_freqs[G_N_ELEMENTS (bg_table)] = {
/* B/G band */
2412,
2417,
2422,
2427,
2432,
2437,
2442,
2447,
2452,
2457,
2462,
2467,
2472,
2484,
0,
};
/**
@ -3703,16 +3780,16 @@ nm_utils_wifi_freq_to_channel (guint32 freq)
int i = 0;
if (freq > 4900) {
while (a_table[i].chan && (a_table[i].freq != freq))
while ( a_table[i].freq
&& (a_table[i].freq != freq))
i++;
return a_table[i].chan;
} else {
while (bg_table[i].chan && (bg_table[i].freq != freq))
i++;
return bg_table[i].chan;
}
return 0;
while ( bg_table[i].freq
&& (bg_table[i].freq != freq))
i++;
return bg_table[i].chan;
}
/**
@ -3748,16 +3825,24 @@ nm_utils_wifi_freq_to_band (guint32 freq)
guint32
nm_utils_wifi_channel_to_freq (guint32 channel, const char *band)
{
int i = 0;
int i;
if (!strcmp (band, "a")) {
while (a_table[i].chan && (a_table[i].chan != channel))
i++;
return a_table[i].freq;
} else if (!strcmp (band, "bg")) {
while (bg_table[i].chan && (bg_table[i].chan != channel))
i++;
return bg_table[i].freq;
g_return_val_if_fail (band, 0);
if (nm_streq (band, "a")) {
for (i = 0; a_table[i].chan; i++) {
if (a_table[i].chan == channel)
return a_table[i].freq;
}
return ((guint32) -1);
}
if (nm_streq (band, "bg")) {
for (i = 0; bg_table[i].chan; i++) {
if (bg_table[i].chan == channel)
return bg_table[i].freq;
}
return ((guint32) -1);
}
return 0;
@ -3776,26 +3861,24 @@ nm_utils_wifi_channel_to_freq (guint32 channel, const char *band)
guint32
nm_utils_wifi_find_next_channel (guint32 channel, int direction, char *band)
{
size_t a_size = sizeof (a_table) / sizeof (struct cf_pair);
size_t bg_size = sizeof (bg_table) / sizeof (struct cf_pair);
struct cf_pair *pair = NULL;
size_t a_size = G_N_ELEMENTS (a_table);
size_t bg_size = G_N_ELEMENTS (bg_table);
const struct cf_pair *pair;
if (!strcmp (band, "a")) {
if (nm_streq (band, "a")) {
if (channel < a_table[0].chan)
return a_table[0].chan;
if (channel > a_table[a_size - 2].chan)
return a_table[a_size - 2].chan;
pair = &a_table[0];
} else if (!strcmp (band, "bg")) {
} else if (nm_streq (band, "bg")) {
if (channel < bg_table[0].chan)
return bg_table[0].chan;
if (channel > bg_table[bg_size - 2].chan)
return bg_table[bg_size - 2].chan;
pair = &bg_table[0];
} else {
g_assert_not_reached ();
return 0;
}
} else
g_return_val_if_reached (0);
while (pair->chan) {
if (channel == pair->chan)
@ -3823,49 +3906,32 @@ nm_utils_wifi_find_next_channel (guint32 channel, int direction, char *band)
gboolean
nm_utils_wifi_is_channel_valid (guint32 channel, const char *band)
{
struct cf_pair *table = NULL;
int i = 0;
guint32 freq;
if (!strcmp (band, "a"))
table = a_table;
else if (!strcmp (band, "bg"))
table = bg_table;
else
return FALSE;
freq = nm_utils_wifi_channel_to_freq (channel, band);
while (table[i].chan && (table[i].chan != channel))
i++;
if (table[i].chan != 0)
return TRUE;
else
return FALSE;
return !NM_IN_SET (freq, 0u, (guint32) -1);
}
static const guint *
_wifi_freqs (gboolean bg_band)
{
static guint *freqs_2ghz = NULL;
static guint *freqs_5ghz = NULL;
guint *freqs;
freqs = bg_band ? freqs_2ghz : freqs_5ghz;
if (G_UNLIKELY (freqs == NULL)) {
struct cf_pair *table;
int i;
table = bg_band ? bg_table : a_table;
freqs = g_new0 (guint, bg_band ? G_N_ELEMENTS (bg_table) : G_N_ELEMENTS (a_table));
for (i = 0; table[i].chan; i++)
freqs[i] = table[i].freq;
freqs[i] = 0;
if (bg_band)
freqs_2ghz = freqs;
else
freqs_5ghz = freqs;
}
return freqs;
}
#define _nm_assert_wifi_freqs(table, table_freqs) \
G_STMT_START { \
if (NM_MORE_ASSERT_ONCE (5)) { \
int i, j; \
\
G_STATIC_ASSERT (G_N_ELEMENTS (table) > 0); \
G_STATIC_ASSERT (G_N_ELEMENTS (table) == G_N_ELEMENTS (table_freqs)); \
\
for (i = 0; i < G_N_ELEMENTS (table); i++) { \
nm_assert ((i == G_N_ELEMENTS (table) - 1) == (table[i].chan == 0)); \
nm_assert ((i == G_N_ELEMENTS (table) - 1) == (table[i].freq == 0)); \
nm_assert (table[i].freq == table_freqs[i]); \
for (j = 0; j < i; j++) { \
nm_assert (table[j].chan != table[i].chan); \
nm_assert (table[j].freq != table[i].freq); \
} \
} \
} \
} G_STMT_END
/**
* nm_utils_wifi_2ghz_freqs:
@ -3879,7 +3945,8 @@ _wifi_freqs (gboolean bg_band)
const guint *
nm_utils_wifi_2ghz_freqs (void)
{
return _wifi_freqs (TRUE);
_nm_assert_wifi_freqs (bg_table, bg_table_freqs);
return bg_table_freqs;
}
/**
@ -3894,7 +3961,8 @@ nm_utils_wifi_2ghz_freqs (void)
const guint *
nm_utils_wifi_5ghz_freqs (void)
{
return _wifi_freqs (FALSE);
_nm_assert_wifi_freqs (a_table, a_table_freqs);
return a_table_freqs;
}
/**
@ -4019,7 +4087,7 @@ fail:
* @out_length: the output length in case of success.
*
* Parses @asc and converts it to binary form in @buffer.
* Bytes in @asc can be sepatared by colons (:), or hyphens (-), but not mixed.
* Bytes in @asc can be separated by colons (:), or hyphens (-), but not mixed.
*
* It is like nm_utils_hwaddr_aton(), but contrary to that it
* can parse addresses of any length. That is, you don't need
@ -4046,7 +4114,7 @@ _nm_utils_hwaddr_aton (const char *asc, gpointer buffer, gsize buffer_length, gs
* the size of the buffer in bytes.
*
* Parses @asc and converts it to binary form in @buffer.
* Bytes in @asc can be sepatared by colons (:), or hyphens (-), but not mixed.
* Bytes in @asc can be separated by colons (:), or hyphens (-), but not mixed.
*
* Return value: @buffer, or %NULL if @asc couldn't be parsed
* or would be shorter or longer than @length.
@ -5028,7 +5096,7 @@ typedef struct {
const char *num;
} BondMode;
static BondMode bond_mode_table[] = {
static const BondMode bond_mode_table[] = {
[0] = { "balance-rr", "0" },
[1] = { "active-backup", "1" },
[2] = { "balance-xor", "2" },
@ -5080,8 +5148,8 @@ nm_utils_bond_mode_string_to_int (const char *mode)
return -1;
for (i = 0; i < G_N_ELEMENTS (bond_mode_table); i++) {
if ( strcmp (mode, bond_mode_table[i].str) == 0
|| strcmp (mode, bond_mode_table[i].num) == 0)
if (NM_IN_STRSET (mode, bond_mode_table[i].str,
bond_mode_table[i].num))
return i;
}
return -1;
@ -5139,13 +5207,13 @@ _nm_utils_strstrdictkey_equal (gconstpointer a, gconstpointer b)
return FALSE;
if (k1->type & STRSTRDICTKEY_ALL_SET) {
if (strcmp (k1->data, k2->data) != 0)
if (!nm_streq (k1->data, k2->data))
return FALSE;
if (k1->type == STRSTRDICTKEY_ALL_SET) {
gsize l = strlen (k1->data) + 1;
return strcmp (&k1->data[l], &k2->data[l]) == 0;
return nm_streq (&k1->data[l], &k2->data[l]);
}
}
@ -5196,7 +5264,7 @@ validate_dns_option (const char *name,
return !!*name;
for (desc = option_descs; desc->name; desc++) {
if (!strcmp (name, desc->name) &&
if (nm_streq (name, desc->name) &&
numeric == desc->numeric &&
(!desc->ipv6_only || ipv6))
return TRUE;
@ -5286,26 +5354,21 @@ _nm_utils_dns_option_validate (const char *option,
*/
gssize _nm_utils_dns_option_find_idx (GPtrArray *array, const char *option)
{
gboolean ret;
char *option_name, *tmp_name;
gs_free char *option_name = NULL;
guint i;
if (!_nm_utils_dns_option_validate (option, &option_name, NULL, FALSE, NULL))
return -1;
for (i = 0; i < array->len; i++) {
if (_nm_utils_dns_option_validate (array->pdata[i], &tmp_name, NULL, FALSE, NULL)) {
ret = strcmp (tmp_name, option_name);
g_free (tmp_name);
if (!ret) {
g_free (option_name);
return i;
}
}
gs_free char *tmp_name = NULL;
if (_nm_utils_dns_option_validate (array->pdata[i], &tmp_name, NULL, FALSE, NULL)) {
if (nm_streq (tmp_name, option_name))
return i;
}
}
g_free (option_name);
return -1;
}
@ -5427,9 +5490,9 @@ _nm_utils_is_json_object_no_validation (const char *str, GError **error)
gboolean
nm_utils_is_json_object (const char *str, GError **error)
{
#if WITH_JSON_VALIDATION
nm_auto_decref_json json_t *json = NULL;
json_error_t jerror;
nm_auto_decref_json nm_json_t *json = NULL;
const NMJsonVt *vt;
nm_json_error_t jerror;
g_return_val_if_fail (!error || !*error, FALSE);
@ -5441,10 +5504,10 @@ nm_utils_is_json_object (const char *str, GError **error)
return FALSE;
}
if (!nm_jansson_load ())
if (!(vt = nm_json_vt ()))
return _nm_utils_is_json_object_no_validation (str, error);
json = json_loads (str, JSON_REJECT_DUPLICATES, &jerror);
json = vt->nm_json_loads (str, NM_JSON_REJECT_DUPLICATES, &jerror);
if (!json) {
g_set_error (error,
NM_CONNECTION_ERROR,
@ -5457,7 +5520,7 @@ nm_utils_is_json_object (const char *str, GError **error)
/* valid JSON (depending on the definition) can also be a literal.
* Here we only allow objects. */
if (!json_is_object (json)) {
if (!nm_json_is_object (json)) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
@ -5466,19 +5529,6 @@ nm_utils_is_json_object (const char *str, GError **error)
}
return TRUE;
#else /* !WITH_JSON_VALIDATION */
g_return_val_if_fail (!error || !*error, FALSE);
if (!str || !str[0]) {
g_set_error_literal (error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_INVALID_PROPERTY,
str ? _("value is NULL") : _("value is empty"));
return FALSE;
}
return _nm_utils_is_json_object_no_validation (str, error);
#endif
}
static char *
@ -5752,6 +5802,7 @@ nm_utils_format_variant_attributes (GHashTable *attributes,
char key_value_separator)
{
return _nm_utils_format_variant_attributes (attributes,
NULL,
attr_separator,
key_value_separator);
}

14
libnm-core/nm-version.h
View File

@ -243,6 +243,20 @@
# define NM_AVAILABLE_IN_1_26
#endif
#if NM_VERSION_MIN_REQUIRED >= NM_VERSION_1_28
# define NM_DEPRECATED_IN_1_28 G_DEPRECATED
# define NM_DEPRECATED_IN_1_28_FOR(f) G_DEPRECATED_FOR(f)
#else
# define NM_DEPRECATED_IN_1_28
# define NM_DEPRECATED_IN_1_28_FOR(f)
#endif
#if NM_VERSION_MAX_ALLOWED < NM_VERSION_1_28
# define NM_AVAILABLE_IN_1_28 G_UNAVAILABLE(1,28)
#else
# define NM_AVAILABLE_IN_1_28
#endif
/*
* Synchronous API for calling D-Bus in libnm is deprecated. See
* https://developer.gnome.org/libnm/stable/usage.html#sync-api

2
libnm-core/nm-vpn-plugin-info.c
View File

@ -640,7 +640,7 @@ nm_vpn_plugin_info_list_find_service_type (GSList *list, const char *name)
if (info)
return g_strdup (NM_VPN_PLUGIN_INFO_GET_PRIVATE (info)->service);
/* check the hard-coded list of short-names. They all have have the same
/* check the hard-coded list of short-names. They all have the same
* well-known prefix org.freedesktop.NetworkManager and the name. */
if (nm_utils_strv_find_first ((char **) known_names, G_N_ELEMENTS (known_names), name) >= 0)
return g_strdup_printf ("%s.%s", NM_DBUS_INTERFACE, name);

235
libnm-core/tests/test-general.c
View File

@ -14,6 +14,7 @@
#include "nm-std-aux/c-list-util.h"
#include "nm-glib-aux/nm-enum-utils.h"
#include "nm-glib-aux/nm-str-buf.h"
#include "nm-glib-aux/nm-json-aux.h"
#include "systemd/nm-sd-utils-shared.h"
#include "nm-utils.h"
@ -269,7 +270,7 @@ _do_test_nm_utils_strsplit_set_f_one (NMUtilsStrsplitSetFlags flags,
g_assert (!NM_FLAGS_ANY (flags, ~( NM_UTILS_STRSPLIT_SET_FLAGS_ALLOW_ESCAPING
| NM_UTILS_STRSPLIT_SET_FLAGS_PRESERVE_EMPTY)));
/* assert that the epected words are valid (and don't contain unescaped delimiters). */
/* assert that the expected words are valid (and don't contain unescaped delimiters). */
for (i = 0; i < words_len; i++) {
const char *w = exp_words[i];
@ -7125,17 +7126,19 @@ test_nm_utils_check_valid_json (void)
{
_json_config_check_valid (NULL, FALSE);
_json_config_check_valid ("", FALSE);
#if WITH_JSON_VALIDATION
_json_config_check_valid ("{ }", TRUE);
_json_config_check_valid ("{ \"a\" : 1 }", TRUE);
_json_config_check_valid ("{ \"a\" : }", FALSE);
#else
/* Without JSON library everything except empty string is considered valid */
nmtst_json_vt_reset (FALSE);
_json_config_check_valid ("{ }", TRUE);
_json_config_check_valid ("{'%!-a1} ", TRUE);
_json_config_check_valid (" {'%!-a1}", TRUE);
_json_config_check_valid ("{'%!-a1", FALSE);
#endif
if (nmtst_json_vt_reset (TRUE)) {
_json_config_check_valid ("{ }", TRUE);
_json_config_check_valid ("{ \"a\" : 1 }", TRUE);
_json_config_check_valid ("{ \"a\" : }", FALSE);
}
}
static void
@ -7172,86 +7175,96 @@ _team_config_equal_check (const char *conf1,
static void
test_nm_utils_team_config_equal (void)
{
_team_config_equal_check ("",
"",
TRUE,
TRUE);
_team_config_equal_check ("",
" ",
TRUE,
TRUE);
_team_config_equal_check ("{}",
"{ }",
TRUE,
TRUE);
_team_config_equal_check ("{}",
"{",
TRUE,
TRUE);
_team_config_equal_check ("{ \"a\": 1 }",
"{ \"a\": 1 }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"a\": 1 }",
"{ \"a\": 1 }",
TRUE,
TRUE);
int with_json_vt;
/* team config */
_team_config_equal_check ("{ }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"roundrobin\"} }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"random\"} }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"loadbalance\"} }",
"{ \"runner\" : { \"name\" : \"loadbalance\"} }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"random\"}, \"ports\" : { \"eth0\" : {} } }",
"{ \"runner\" : { \"name\" : \"random\"}, \"ports\" : { \"eth1\" : {} } }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"lacp\"} }",
"{ \"runner\" : { \"name\" : \"lacp\", \"tx_hash\" : [ \"eth\", \"ipv4\", \"ipv6\" ] } }",
FALSE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"roundrobin\"} }",
"{ \"runner\" : { \"name\" : \"roundrobin\", \"tx_hash\" : [ \"eth\", \"ipv4\", \"ipv6\" ] } }",
FALSE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"lacp\"} }",
"{ \"runner\" : { \"name\" : \"lacp\", \"tx_hash\" : [ \"eth\" ] } }",
FALSE,
!WITH_JSON_VALIDATION);
for (with_json_vt = 0; with_json_vt < 2; with_json_vt++) {
const NMJsonVt *vt;
/* team port config */
_team_config_equal_check ("{ }",
"{ \"link_watch\" : { \"name\" : \"ethtool\"} }",
TRUE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"ethtool\"} }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
!WITH_JSON_VALIDATION);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"arp_ping\"}, \"ports\" : { \"eth0\" : {} } }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"}, \"ports\" : { \"eth1\" : {} } }",
TRUE,
TRUE);
vt = nmtst_json_vt_reset (!!with_json_vt);
_team_config_equal_check ("",
"",
TRUE,
TRUE);
_team_config_equal_check ("",
" ",
TRUE,
TRUE);
_team_config_equal_check ("{}",
"{ }",
TRUE,
TRUE);
_team_config_equal_check ("{}",
"{",
TRUE,
TRUE);
_team_config_equal_check ("{ \"a\": 1 }",
"{ \"a\": 1 }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"a\": 1 }",
"{ \"a\": 1 }",
TRUE,
TRUE);
/* team config */
_team_config_equal_check ("{ }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
!vt);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"roundrobin\"} }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
!vt);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"random\"} }",
"{ \"runner\" : { \"name\" : \"random\"} }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"loadbalance\"} }",
"{ \"runner\" : { \"name\" : \"loadbalance\"} }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"random\"}, \"ports\" : { \"eth0\" : {} } }",
"{ \"runner\" : { \"name\" : \"random\"}, \"ports\" : { \"eth1\" : {} } }",
FALSE,
TRUE);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"lacp\"} }",
"{ \"runner\" : { \"name\" : \"lacp\", \"tx_hash\" : [ \"eth\", \"ipv4\", \"ipv6\" ] } }",
FALSE,
!vt);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"roundrobin\"} }",
"{ \"runner\" : { \"name\" : \"roundrobin\", \"tx_hash\" : [ \"eth\", \"ipv4\", \"ipv6\" ] } }",
FALSE,
!vt);
_team_config_equal_check ("{ \"runner\" : { \"name\" : \"lacp\"} }",
"{ \"runner\" : { \"name\" : \"lacp\", \"tx_hash\" : [ \"eth\" ] } }",
FALSE,
!vt);
/* team port config */
_team_config_equal_check ("{ }",
"{ \"link_watch\" : { \"name\" : \"ethtool\"} }",
TRUE,
!vt);
_team_config_equal_check ("{ }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"ethtool\"} }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
!vt);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"} }",
TRUE,
TRUE);
_team_config_equal_check ("{ \"link_watch\" : { \"name\" : \"arp_ping\"}, \"ports\" : { \"eth0\" : {} } }",
"{ \"link_watch\" : { \"name\" : \"arp_ping\"}, \"ports\" : { \"eth1\" : {} } }",
TRUE,
TRUE);
}
nmtst_json_vt_reset (TRUE);
}
/*****************************************************************************/
@ -7845,7 +7858,7 @@ _do_test_utils_str_utf8safe_unescape (const char *str, const char *expected, gsi
if ( expected
&& l == strlen (expected)) {
/* there are no embeeded NULs. Check that nm_utils_str_utf8safe_unescape() yields the same result. */
/* there are no embedded NULs. Check that nm_utils_str_utf8safe_unescape() yields the same result. */
s = nm_utils_str_utf8safe_unescape (str, NM_UTILS_STR_UTF8_SAFE_FLAG_NONE, &str_free_1);
g_assert_cmpstr (s, ==, expected);
if (strchr (str, '\\')) {
@ -9100,6 +9113,55 @@ test_strsplit_quoted (void)
/*****************************************************************************/
static void
_do_wifi_ghz_freqs (const guint *freqs, const char *band)
{
int len;
int j;
int i;
g_assert (NM_IN_STRSET (band, "a", "bg"));
g_assert (freqs);
g_assert (freqs[0] != 0);
for (i = 0; freqs[i]; i++) {
for (j = 0; j < i; j++)
g_assert (freqs[i] != freqs[j]);
}
len = i;
g_assert (nm_utils_wifi_freq_to_channel (0) == 0);
g_assert (nm_utils_wifi_channel_to_freq (0, "bg") == -1);
g_assert (nm_utils_wifi_channel_to_freq (0, "foo") == 0);
g_assert (!nm_utils_wifi_is_channel_valid (0, "bg"));
g_assert (!nm_utils_wifi_is_channel_valid (0, "foo"));
for (i = 0; i < len; i++) {
guint freq = freqs[i];
guint32 chan;
guint32 freq2;
chan = nm_utils_wifi_freq_to_channel (freq);
g_assert (chan != 0);
freq2 = nm_utils_wifi_channel_to_freq (chan, band);
g_assert (freq2 == freq);
g_assert (nm_utils_wifi_is_channel_valid (chan, band));
}
g_assert (freqs[len] == 0);
}
static void
test_nm_utils_wifi_ghz_freqs (void)
{
_do_wifi_ghz_freqs (nm_utils_wifi_2ghz_freqs (), "bg");
_do_wifi_ghz_freqs (nm_utils_wifi_5ghz_freqs (), "a");
}
/*****************************************************************************/
NMTST_DEFINE ();
int main (int argc, char **argv)
@ -9273,6 +9335,7 @@ int main (int argc, char **argv)
g_test_add_data_func ("/core/general/test_integrate_maincontext/2", GUINT_TO_POINTER (2), test_integrate_maincontext);
g_test_add_func ("/core/general/test_nm_ip_addr_zero", test_nm_ip_addr_zero);
g_test_add_func ("/core/general/test_nm_utils_wifi_ghz_freqs", test_nm_utils_wifi_ghz_freqs);
g_test_add_func ("/core/general/test_strsplit_quoted", test_strsplit_quoted);

3
libnm-core/tests/test-keyfile.c
View File

@ -5,6 +5,7 @@
#include "nm-default.h"
#include "nm-glib-aux/nm-json-aux.h"
#include "nm-keyfile/nm-keyfile-utils.h"
#include "nm-keyfile/nm-keyfile-internal.h"
#include "nm-simple-connection.h"
@ -627,7 +628,7 @@ test_team_conf_read_invalid (void)
gs_unref_object NMConnection *con = NULL;
NMSettingTeam *s_team;
if (!WITH_JSON_VALIDATION) {
if (!nm_json_vt ()) {
g_test_skip ("team test requires JSON validation");
return;
}

92
libnm-core/tests/test-setting.c
View File

@ -8,6 +8,7 @@
#include <linux/pkt_sched.h>
#include <net/if.h>
#include "nm-glib-aux/nm-json-aux.h"
#include "nm-core-internal.h"
#include "nm-utils.h"
#include "nm-utils-private.h"
@ -32,15 +33,6 @@
/*****************************************************************************/
/* assert that the define is just a plain integer (boolean). */
G_STATIC_ASSERT ( (WITH_JSON_VALIDATION) == 1
|| (WITH_JSON_VALIDATION) == 0);
_nm_unused static const int _with_json_validation = WITH_JSON_VALIDATION;
/*****************************************************************************/
/* converts @dict to a connection. In this case, @dict must be good, without warnings, so that
* NM_SETTING_PARSE_FLAGS_STRICT and NM_SETTING_PARSE_FLAGS_BEST_EFFORT yield the exact same results. */
static NMConnection *
@ -978,6 +970,24 @@ test_dcb_bandwidth_sums (void)
/*****************************************************************************/
static void
test_nm_json (void)
{
g_assert (NM_IN_SET (WITH_JANSSON, 0, 1));
#if WITH_JANSSON
g_assert (nm_json_vt ());
#else
g_assert (!nm_json_vt ());
#endif
#if WITH_JANSSON != defined (JANSSON_SONAME)
#error "WITH_JANSON and JANSSON_SONAME are defined inconsistently."
#endif
}
/*****************************************************************************/
static void
_test_team_config_sync (const char *team_config,
int notify_peer_count,
@ -1000,7 +1010,7 @@ _test_team_config_sync (const char *team_config,
guint i, j;
gboolean found;
if (!WITH_JSON_VALIDATION) {
if (!nm_json_vt ()) {
g_test_skip ("team test requires JSON validation");
return;
}
@ -1265,7 +1275,7 @@ _test_team_port_config_sync (const char *team_port_config,
guint i, j;
gboolean found;
if (!WITH_JSON_VALIDATION) {
if (!nm_json_vt ()) {
g_test_skip ("team test requires JSON validation");
return;
}
@ -1397,7 +1407,7 @@ _check_team_setting (NMSetting *setting)
: nm_setting_team_get_config (NM_SETTING_TEAM (setting)),
NULL);
if (WITH_JSON_VALIDATION)
if (nm_json_vt ())
nmtst_assert_setting_is_equal (setting, setting2, NM_SETTING_COMPARE_FLAG_EXACT);
g_clear_object (&setting2);
@ -2389,7 +2399,7 @@ test_tc_config_action (void)
}
static void
test_tc_config_tfilter (void)
test_tc_config_tfilter_matchall_sdata (void)
{
NMTCAction *action1;
NMTCTfilter *tfilter1, *tfilter2;
@ -2443,6 +2453,50 @@ test_tc_config_tfilter (void)
nm_tc_tfilter_unref (tfilter2);
}
static void
test_tc_config_tfilter_matchall_mirred (void)
{
NMTCAction *action;
NMTCTfilter *tfilter1;
GError *error = NULL;
gs_strfreev char **attr_names = NULL;
gs_free char *str;
GVariant *variant;
tfilter1 = nm_utils_tc_tfilter_from_str ("parent ffff: matchall action mirred ingress mirror dev eth0", &error);
nmtst_assert_success (tfilter1, error);
g_assert_cmpint (nm_tc_tfilter_get_parent (tfilter1), ==, TC_H_MAKE (0xffff << 16, 0));
g_assert_cmpstr (nm_tc_tfilter_get_kind (tfilter1), ==, "matchall");
action = nm_tc_tfilter_get_action (tfilter1);
nm_assert (action);
g_assert_cmpstr (nm_tc_action_get_kind (action), ==, "mirred");
attr_names = nm_tc_action_get_attribute_names (action);
g_assert (attr_names);
g_assert_cmpint (g_strv_length (attr_names), ==, 3);
variant = nm_tc_action_get_attribute (action, "ingress");
g_assert (variant);
g_assert (g_variant_is_of_type (variant, G_VARIANT_TYPE_BOOLEAN));
g_assert (g_variant_get_boolean (variant));
variant = nm_tc_action_get_attribute (action, "mirror");
g_assert (variant);
g_assert (g_variant_is_of_type (variant, G_VARIANT_TYPE_BOOLEAN));
g_assert (g_variant_get_boolean (variant));
variant = nm_tc_action_get_attribute (action, "dev");
g_assert (variant);
g_assert (g_variant_is_of_type (variant, G_VARIANT_TYPE_STRING));
g_assert_cmpstr (g_variant_get_string (variant, NULL), ==, "eth0");
str = nm_utils_tc_tfilter_to_str (tfilter1, &error);
nmtst_assert_success (str, error);
g_assert_cmpstr (str, ==, "parent ffff: matchall action mirred dev eth0 ingress mirror");
nm_tc_tfilter_unref (tfilter1);
}
static void
test_tc_config_setting_valid (void)
{
@ -3977,10 +4031,10 @@ test_setting_metadata (void)
|| (pt == &nm_sett_info_propert_type_plain_u && pt_2 == &nm_sett_info_propert_type_deprecated_ignore_u)
|| (pt_2 == &nm_sett_info_propert_type_plain_u && pt == &nm_sett_info_propert_type_deprecated_ignore_u)) {
/* These are known to be duplicated. This is the case for
* "gsm.network-type" and plain properies like "802-11-wireless-security.fils" ("i" D-Bus type)
* "gsm.allowed-bands" and plain properies like "802-11-olpc-mesh.channel" ("u" D-Bus type)
* "gsm.network-type" and plain properties like "802-11-wireless-security.fils" ("i" D-Bus type)
* "gsm.allowed-bands" and plain properties like "802-11-olpc-mesh.channel" ("u" D-Bus type)
* While the content/behaviour of the property types are identical, their purpose
* is different. So allowe them.
* is different. So allow them.
*/
continue;
}
@ -4040,7 +4094,10 @@ main (int argc, char **argv)
g_test_add_func ("/libnm/settings/tc_config/qdisc", test_tc_config_qdisc);
g_test_add_func ("/libnm/settings/tc_config/action", test_tc_config_action);
g_test_add_func ("/libnm/settings/tc_config/tfilter", test_tc_config_tfilter);
g_test_add_func ("/libnm/settings/tc_config/tfilter/matchall_sdata",
test_tc_config_tfilter_matchall_sdata);
g_test_add_func ("/libnm/settings/tc_config/tfilter/matchall_mirred",
test_tc_config_tfilter_matchall_mirred);
g_test_add_func ("/libnm/settings/tc_config/setting/valid", test_tc_config_setting_valid);
g_test_add_func ("/libnm/settings/tc_config/setting/duplicates", test_tc_config_setting_duplicates);
g_test_add_func ("/libnm/settings/tc_config/dbus", test_tc_config_dbus);
@ -4048,6 +4105,7 @@ main (int argc, char **argv)
g_test_add_func ("/libnm/settings/bridge/vlans", test_bridge_vlans);
g_test_add_func ("/libnm/settings/bridge/verify", test_bridge_verify);
g_test_add_func ("/libnm/test_nm_json", test_nm_json);
g_test_add_func ("/libnm/settings/team/sync_runner_from_config_roundrobin",
test_runner_roundrobin_sync_from_config);
g_test_add_func ("/libnm/settings/team/sync_runner_from_config_broadcast",

5
libnm/libnm.ver
View File

@ -1741,3 +1741,8 @@ global:
nm_setting_option_set_boolean;
nm_setting_option_set_uint32;
} libnm_1_24_0;
libnm_1_28_0 {
global:
nm_setting_wireless_get_ap_isolation;
} libnm_1_26_0;

2
libnm/nm-active-connection.c
View File

@ -158,7 +158,7 @@ nm_active_connection_get_connection_type (NMActiveConnection *connection)
*
* Gets the path of the "specific object" used at activation.
*
* Currently there is no single method that will allow you to automatically turn
* Currently, there is no single method that will allow you to automatically turn
* this into an appropriate #NMObject; you need to know what kind of object it
* is based on other information. (Eg, if @connection corresponds to a Wi-Fi
* connection, then the specific object will be an #NMAccessPoint, and you can

12
libnm/nm-client.c
View File

@ -2580,7 +2580,7 @@ _obj_handle_dbus_iface_changes (NMClient *self,
nm_assert (db_prop_data < &db_iface_data->prop_datas[db_iface_data->dbus_iface.meta->n_dbus_properties]);
nm_assert (db_prop_data->prop_data_value);
/* Currently NMLDBusObject forgets about the variant. Theoretically, it could cache
/* Currently, NMLDBusObject forgets about the variant. Theoretically, it could cache
* it, but there is no need because we update the property in nmobj (which extracts and
* keeps the property value itself).
*
@ -2610,7 +2610,7 @@ _obj_handle_dbus_changes (NMClient *self,
_ASSERT_dbobj (dbobj, self);
/* In a first step we only remember all the changes that that a D-Bus message brings
/* In a first step we only remember all the changes that a D-Bus message brings
* and queue the object to process them.
*
* Here (in step 2) we look at what changed on D-Bus and propagate those changes
@ -4425,7 +4425,7 @@ nm_client_get_permission_result (NMClient *client, NMClientPermission permission
* means that no permissions result was yet received. All permissions
* are unknown. %NM_TERNARY_TRUE means that the permissions got received
* and are cached. %%NM_TERNARY_FALSE means that permissions are cached,
* but they are invalided as as "CheckPermissions" signal was received
* but they are invalided as "CheckPermissions" signal was received
* in the meantime.
*
* Since: 1.24
@ -5235,7 +5235,7 @@ nm_client_add_and_activate_connection_finish (NMClient *client,
* track the activation to its completion.
*
* This is identical to nm_client_add_and_activate_connection_async() but takes
* a further @options parameter. Currently the following options are supported
* a further @options parameter. Currently, the following options are supported
* by the daemon:
* * "persist": A string describing how the connection should be stored.
* The default is "disk", but it can be modified to "memory" (until
@ -5274,7 +5274,7 @@ nm_client_add_and_activate_connection2 (NMClient *client,
* @result: the result passed to the #GAsyncReadyCallback
* @error: location for a #GError, or %NULL
* @out_result: (allow-none) (transfer full): the output result
* of type "a{sv}" returned by D-Bus' AddAndActivate2 call. Currently no
* of type "a{sv}" returned by D-Bus' AddAndActivate2 call. Currently, no
* output is implemented yet.
*
* Gets the result of a call to nm_client_add_and_activate_connection2().
@ -8356,7 +8356,7 @@ nm_client_class_init (NMClientClass *client_class)
* NMClient:capabilities: (type GArray(guint32))
*
* The list of capabilities numbers as guint32 or %NULL if
* there are no capabitilies. The numeric value correspond
* there are no capabilities. The numeric value correspond
* to %NMCapability enum.
*
* Since: 1.24

4
libnm/nm-device.c
View File

@ -2315,7 +2315,7 @@ nm_device_reapply_finish (NMDevice *device,
/**
* nm_device_get_applied_connection:
* @device: a #NMDevice
* @flags: the flags argument. Currently this value must always be zero.
* @flags: the flags argument. Currently, this value must always be zero.
* @version_id: (out) (allow-none): returns the current version id of
* the applied connection
* @cancellable: a #GCancellable, or %NULL
@ -2379,7 +2379,7 @@ nm_device_get_applied_connection (NMDevice *device,
/**
* nm_device_get_applied_connection_async:
* @device: a #NMDevice
* @flags: the flags argument. Currently this value must always be zero.
* @flags: the flags argument. Currently, this value must always be zero.
* @cancellable: a #GCancellable, or %NULL
* @callback: callback to be called when the reapply operation completes
* @user_data: caller-specific data passed to @callback

2
libnm/nm-libnm-utils.h
View File

@ -38,7 +38,7 @@ typedef enum {
* for unknown D-Bus API that could just result because we run against a
* newer NetworkManager version (such warnings are more graceful, because
* we want that libnm can be forward compatible against newer servers).
* Critial warnings should be emitted when NetworkManager exposes something
* Critical warnings should be emitted when NetworkManager exposes something
* on D-Bus that breaks the current expectations. Usually NetworkManager
* should not break API, hence such issues are more severe. */
_NML_DBUS_LOG_LEVEL_WARN = 0x08,

4
libnm/nm-secret-agent-old.c
View File

@ -234,7 +234,7 @@ nm_secret_agent_old_get_context_busy_watcher (NMSecretAgentOld *self)
* Returns: the current D-Bus name owner. While this property
* is set while registering, it really only makes sense when
* the nm_secret_agent_old_get_registered() indicates that
* registration is successfull.
* registration is successful.
*
* Since: 1.24
*/
@ -1974,7 +1974,7 @@ nm_secret_agent_old_class_init (NMSecretAgentOldClass *class)
* In particular, if this property is %TRUE at construct time, then the
* agent will register itself with NetworkManager during
* construction/initialization and initialization will only complete
* after registration is completed (either successfully or unsucessfully).
* after registration is completed (either successfully or unsuccessfully).
* Since 1.24, a failure to register will no longer cause initialization
* of #NMSecretAgentOld to fail.
*

14
man/NetworkManager.conf.xml
View File

@ -403,7 +403,7 @@ no-auto-default=*
<term><varname>debug</varname></term>
<listitem><para>Comma separated list of options to aid
debugging. This value will be combined with the environment
variable <literal>NM_DEBUG</literal>. Currently the following
variable <literal>NM_DEBUG</literal>. Currently, the following
values are supported:</para>
<para>
<literal>RLIMIT_CORE</literal>: set ulimit -c unlimited
@ -478,7 +478,7 @@ no-auto-default=*
<listitem><para>Set devices that should be ignored by
NetworkManager.
</para>
<para>See <xref linkend="device-spec"/> for the syntax how to
<para>See <xref linkend="device-spec"/> for the syntax on how to
specify a device.
</para>
<para>
@ -805,6 +805,10 @@ ipv6.ip6-privacy=0
<term><varname>vpn.timeout</varname></term>
<listitem><para>If left unspecified, default value of 60 seconds is used.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>wifi.ap-isolation</varname></term>
<listitem><para>If left unspecified, AP isolation is disabled.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>wifi.cloned-mac-address</varname></term>
<listitem><para>If left unspecified, it defaults to "preserve".</para></listitem>
@ -1027,7 +1031,7 @@ managed=1
<term><varname>wifi.backend</varname></term>
<listitem>
<para>
Specify the Wi-Fi backend used for the device. Currently supported
Specify the Wi-Fi backend used for the device. Currently, supported
are <literal>wpa_supplicant</literal> and <literal>iwd</literal> (experimental).
</para>
</listitem>
@ -1044,7 +1048,7 @@ managed=1
</listitem>
</varlistentry>
<varlistentry id="sriov-num-vfs">
<term><varname>sriov-num-vfs</varname></term>
, <term><varname>sriov-num-vfs</varname></term>
<listitem>
<para>
Specify the number of virtual functions (VF) to enable
@ -1247,7 +1251,7 @@ enable=nm-version-min:1.2
# Match against the maximum allowed version. The example matches
# versions 1.2.0, 1.2.2, 1.2.4. Again, only the last version digit
# is allowed to be smaller. So this would not match match on 1.1.10.
# is allowed to be smaller. So this would not match on 1.1.10.
[.config]
enable=nm-version-max:1.2.6
</programlisting>

4
man/nmcli-examples.xml
View File

@ -222,7 +222,7 @@ B,DISPATCH</screen>
change the configuration with <emphasis>modify</emphasis> command
(<emphasis role="bold">nmcli con modify Team1 team.config team1-master-another-json.conf</emphasis>).
The last two commands add slaves profiles, both enslaved to <emphasis>Team1</emphasis>.
The first slave will be bound to <emphasis>em1</emphasis> interface, the second to
The first slave will be bound to the <emphasis>em1</emphasis> interface, the second to
<emphasis>em2</emphasis>. The slaves don't specify <emphasis>config</emphasis> and thus
<emphasis>teamd</emphasis> will use its default configuration. You will activate the whole setup
by activating both slaves:
@ -302,7 +302,7 @@ IP4:192.168.1.12/24:192.168.1.1::192.168.1.1::</screen>
VF is configured with MAC address 00:11:22:33:44:55 and VLAN
10, the second one has the <emphasis>trust</emphasis> and
<emphasis>spoof-check</emphasis> features respectively enabled
and disabled. VF number 2 has a maximux transmission rate of
and disabled. VF number 2 has a maximum transmission rate of
20Mbps. The kernel is instructed to not automatically
instantiate a network interface for the VFs.
</para>

14
man/nmcli.xml
View File

@ -1506,7 +1506,7 @@
<term><option>private</option></term>
<listitem>
<para>if set to <literal>yes</literal>, the connection will only be visible
to the user who created it. Otherwise the connection is system-wide, which is
to the user who created it. Otherwise, the connection is system-wide, which is
the default.</para>
</listitem>
</varlistentry>
@ -1514,7 +1514,7 @@
<term><option>hidden</option></term>
<listitem>
<para>set to <literal>yes</literal> when connecting for the first time to an
AP not broadcasting its SSID. Otherwise the SSID would not be found and the
AP not broadcasting its SSID. Otherwise, the SSID would not be found and the
connection attempt would fail.</para>
</listitem>
</varlistentry>
@ -1749,35 +1749,35 @@
<varlistentry>
<term><option>connectivity-full</option></term>
<listitem>
<para>Conectivity state when Internet is reachable.</para>
<para>Connectivity state when Internet is reachable.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>connectivity-limited</option></term>
<listitem>
<para>Conectivity state when only a local network reachable.</para>
<para>Connectivity state when only a local network reachable.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>connectivity-none</option></term>
<listitem>
<para>Conectivity state when the network is disconnected.</para>
<para>Connectivity state when the network is disconnected.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>connectivity-portal</option></term>
<listitem>
<para>Conectivity state when a captive portal hijacked the connection.</para>
<para>Connectivity state when a captive portal hijacked the connection.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>connectivity-unknown</option></term>
<listitem>
<para>Conectivity state when a connectivity check didn't run.</para>
<para>Connectivity state when a connectivity check didn't run.</para>
</listitem>
</varlistentry>

14
meson.build
View File

@ -6,7 +6,7 @@ project(
# - add corresponding NM_VERSION_x_y_z macros in
# "shared/nm-version-macros.h.in"
# - update number in configure.ac
version: '1.26.0',
version: '1.27.1',
license: 'GPL2+',
default_options: [
'buildtype=debugoptimized',
@ -253,9 +253,10 @@ libudev_dep = dependency('libudev', version: '>= 175')
dbus_dep = dependency('dbus-1', version: '>= 1.1')
libndp_dep = dependency('libndp')
jansson_dep = dependency('jansson', version: '>= 2.5', required: false)
jansson_dep = dependency('jansson', version: '>= 2.7', required: false)
config_h.set10('WITH_JANSSON', jansson_dep.found())
jansson_msg = 'no'
if jansson_dep.found()
jansson_libdir = jansson_dep.get_pkgconfig_variable('libdir')
res = run_command(find_program('eu-readelf', 'readelf'), '-d', join_paths(jansson_libdir, 'libjansson.so'))
@ -267,6 +268,7 @@ if jansson_dep.found()
endforeach
assert(jansson_soname != '', 'Unable to determine Jansson SONAME')
config_h.set_quoted('JANSSON_SONAME', jansson_soname)
jansson_msg = 'yes (soname: ' + jansson_soname + ')'
endif
libsystemd_dep = dependency('libsystemd', version: '>= 209', required: false)
@ -497,12 +499,6 @@ if enable_teamdctl
assert(libteamdctl_dep.found(), 'You must have libteamdctl installed to build. Use -Dteamdctl=false to disable it')
endif
enable_json_validation = get_option('json_validation')
if enable_json_validation
assert(jansson_dep.found(), 'jansson is needed for team configuration validation. Use -Djson_validation=false to disable it')
endif
config_h.set10('WITH_JSON_VALIDATION', enable_json_validation)
# polkit
enable_polkit = get_option('polkit')
if enable_polkit
@ -1013,6 +1009,7 @@ if enable_ppp
output += ' ' + pppd_path + ' plugins:' + pppd_plugin_dir
endif
output += '\n'
output += ' jansson: ' + jansson_msg + '\n'
output += ' modemmanager-1: ' + enable_modem_manager.to_string() + '\n'
output += ' ofono: ' + enable_ofono.to_string() + '\n'
output += ' concheck: ' + enable_concheck.to_string() + '\n'
@ -1047,7 +1044,6 @@ output += '\n'
output += ' code coverage: ' + get_option('b_coverage').to_string() + '\n'
output += ' LTO: ' + enable_lto.to_string() + '\n'
output += ' Linker garbage collection: ' + enable_ld_gc.to_string() + '\n'
output += ' JSON validation for libnm: ' + enable_json_validation.to_string() + '\n'
output += ' crypto: ' + crypto + '\n'
output += ' sanitizers: ' + get_option('b_sanitize') + '\n'
output += ' Mozilla Public Suffix List: ' + enable_libpsl.to_string() + '\n'

1
meson_options.txt
View File

@ -69,6 +69,5 @@ option('valgrind', type: 'array', value: ['no'], description: 'Use valgrind to m
option('valgrind_suppressions', type: 'string', value: '', description: 'Use specific valgrind suppression file')
option('ld_gc', type: 'boolean', value: true, description: 'Enable garbage collection of unused symbols on linking')
option('libpsl', type: 'boolean', value: true, description: 'Link against libpsl')
option('json_validation', type: 'boolean', value: true, description: 'Enable JSON validation in libnm')
option('crypto', type: 'combo', choices: ['nss', 'gnutls'], value: 'nss', description: 'Cryptography library to use for certificate and key operations')
option('qt', type: 'boolean', value: true, description: 'enable Qt examples')

1746
po/uk.po
View File

File diff suppressed because it is too large Load Diff

2
shared/c-siphash/src/c-siphash.c
View File

@ -227,7 +227,7 @@ _c_public_ uint64_t c_siphash_finalize(CSipHash *state) {
*
* CSipHash state;
* c_siphash_init(&state, seed);
* c_siphash_apend(&state, bytes, n_bytes);
* c_siphash_append(&state, bytes, n_bytes);
* return c_siphash_finalize(&state);
*
* Unlike the streaming API, this is a one-shot call suitable for any data that

2
shared/c-stdaux/src/test-basic.c
View File

@ -203,7 +203,7 @@ static void test_misc(int non_constant_expr) {
/*
* Div Round Up: Normal division, but round up to next integer, instead
* of clipping. Also verify that it does not suffer from the integer
* overflow in the prevalant, alternative implementation:
* overflow in the prevalent, alternative implementation:
* [(x + y - 1) / y].
*/
{

16
shared/meson.build
View File

@ -113,15 +113,17 @@ nm_test_utils_impl_source = files('nm-test-utils-impl.c')
nm_vpn_plugin_utils_source = files('nm-utils/nm-vpn-plugin-utils.c')
c_flags = [
'-DG_LOG_DOMAIN="@0@"'.format(libnm_name),
'-DNETWORKMANAGER_COMPILATION=0',
]
libnm_std_aux = static_library(
'nm-std-aux',
sources: 'nm-std-aux/c-list-util.c',
c_args: c_flags,
sources: [
'nm-std-aux/c-list-util.c',
'nm-std-aux/nm-std-utils.c',
],
include_directories: top_inc,
c_args: [
'-DG_LOG_DOMAIN="@0@"'.format(libnm_name),
'-DNETWORKMANAGER_COMPILATION=0',
],
)
sources = files(

4
shared/n-acd/src/n-acd-probe.c
View File

@ -682,7 +682,7 @@ _c_public_ void n_acd_probe_get_userdata(NAcdProbe *probe, void **userdatap) {
/**
* n_acd_probe_announce() - announce the configured IP address
* @probe: probe to operate on
* @defend: defence policy
* @defend: defense policy
*
* Announce the IP address on the local link, and start defending it according
* to the given policy, which mut be one of N_ACD_DEFEND_ONCE,
@ -691,7 +691,7 @@ _c_public_ void n_acd_probe_get_userdata(NAcdProbe *probe, void **userdatap) {
* This must be called in response to an N_ACD_EVENT_READY event, and only
* after the given address has been configured on the given network interface.
*
* Return: 0 on success, N_ACD_E_INVALID_ARGUMENT in case the defence policy
* Return: 0 on success, N_ACD_E_INVALID_ARGUMENT in case the defense policy
* is invalid, negative error code on failure.
*/
_c_public_ int n_acd_probe_announce(NAcdProbe *probe, unsigned int defend) {

4
shared/n-acd/src/n-acd.c
View File

@ -578,11 +578,11 @@ static int n_acd_handle_timeout(NAcd *acd) {
int r;
/*
* Read the current time once, and handle all timouts that triggered
* Read the current time once, and handle all timeouts that triggered
* before the current time. Rereading the current time in each loop
* might risk creating a live-lock, and the fact that we read the
* time after reading the timer guarantees that the timeout which
* woke us up is hanlded.
* woke us up is handled.
*
* When there are no more timeouts to handle at the given time, we
* rearm the timer to potentially wake us up again in the future.

2
shared/n-acd/src/test.h
View File

@ -191,7 +191,7 @@ static inline void test_setup(void) {
/*
* Move into a new network and mount namespace both associated
* with a new user namespace where the current eUID is mapped to
* 0. Then create a a private instance of /run/netns. This ensures
* 0. Then create a private instance of /run/netns. This ensures
* that any network devices or network namespaces are private to
* the test process.
*/

2
shared/n-acd/src/util/timer.c
View File

@ -55,7 +55,7 @@ void timer_rearm(Timer *timer) {
int r;
/*
* A timeout value of 0 clears the timer, we sholud only set that if
* A timeout value of 0 clears the timer, we should only set that if
* no timeout exists in the tree.
*/

2
shared/n-dhcp4/src/n-dhcp4-c-connection.c
View File

@ -1236,7 +1236,7 @@ int n_dhcp4_c_connection_dispatch_io(NDhcp4CConnection *connection,
/*
* Remember the start time of the transaction, and the base
* time of any relative timestamps from the pending request.
* Thes same times applies to the response, and sholud be
* The same time applies to the response, and should be
* copied over.
*/
message->userdata.start_time = connection->request->userdata.start_time;

8
shared/n-dhcp4/src/n-dhcp4-c-lease.c
View File

@ -2,7 +2,7 @@
* DHCP4 Client Leases
*
* This implements the public API wrapping DHCP4 client leases. A lease object
* conists of the information given to us from the server, together with the
* consists of the information given to us from the server, together with the
* timestamp recording the start of the validity of the lease.
*
* A probe may yield many OFFERS, each of which contains a lease object. One of
@ -98,7 +98,7 @@ static int n_dhcp4_incoming_get_timeouts(NDhcp4Incoming *message, uint64_t *t1p,
/**
* n_dhcp4_client_lease_new() - allocate new client lease object
* @leasep: output argumnet for new client lease object
* @leasep: output argument for new client lease object
* @message: incoming message representing the lease
*
* This creates a new client lease object. Client lease objects are simple
@ -194,7 +194,7 @@ void n_dhcp4_client_lease_unlink(NDhcp4ClientLease *lease) {
* @lease: the lease to operate on
* @yiaddr: return argument for the IP address
*
* Gets the IP address cotained in the lease. Or INADDR_ANY if the lease
* Gets the IP address contained in the lease. Or INADDR_ANY if the lease
* does not contain an IP address.
*/
_c_public_ void n_dhcp4_client_lease_get_yiaddr(NDhcp4ClientLease *lease, struct in_addr *yiaddr) {
@ -208,7 +208,7 @@ _c_public_ void n_dhcp4_client_lease_get_yiaddr(NDhcp4ClientLease *lease, struct
* @lease: the lease to operate on
* @siaddr: return argument for the IP address
*
* Gets the server IP address cotained in the lease. Or INADDR_ANY if the
* Gets the server IP address contained in the lease. Or INADDR_ANY if the
* lease does not contain an IP address.
*/
_c_public_ void n_dhcp4_client_lease_get_siaddr(NDhcp4ClientLease *lease, struct in_addr *siaddr) {

18
shared/n-dhcp4/src/n-dhcp4-c-probe.c
View File

@ -221,7 +221,7 @@ _c_public_ void n_dhcp4_client_probe_config_set_requested_ip(NDhcp4ClientProbeCo
* delay is specified to be a random value in the range 1000 to 10.000 ms.
* However, there does not appear to be any particular reason to
* unconditionally wait at least one second, so we move the range down to
* start at 0 ms. The reaon for the random delay is to avoid network-wide
* start at 0 ms. The reason for the random delay is to avoid network-wide
* events causing too much simultaneous network traffic. However, on modern
* networks, a more reasonable value may be in the 10 ms range.
*/
@ -236,7 +236,7 @@ _c_public_ void n_dhcp4_client_probe_config_set_start_delay(NDhcp4ClientProbeCon
*
* This adds an option to the list of options to request from the server.
*
* A server may send options that we do not requst, and it may omit options
* A server may send options that we do not request, and it may omit options
* that we do request. However, to increase the likelyhood of uniform behavior
* between server implementations, we do not expose options that were not
* explicitly requested.
@ -316,10 +316,9 @@ static void n_dhcp4_client_probe_config_initialize_random_seed(NDhcp4ClientProbe
unsigned short int seed16v[3];
const uint8_t *p;
uint64_t u64;
int r;
/*
* Initialize seed48_r(3)
* Initialize config's entropy buffer for successive jrand48(3) calls.
*
* We need random jitter for all timeouts and delays, used to reduce
* network traffic during bursts. This is not meant as security measure
@ -360,8 +359,7 @@ static void n_dhcp4_client_probe_config_initialize_random_seed(NDhcp4ClientProbe
seed16v[1] = (u64 >> 16) ^ (u64 >> 0);
seed16v[2] = (u64 >> 32) ^ (u64 >> 16);
r = seed48_r(seed16v, &config->entropy);
c_assert(!r);
memcpy(config->entropy, seed16v, sizeof(seed16v));
}
/**
@ -374,13 +372,7 @@ static void n_dhcp4_client_probe_config_initialize_random_seed(NDhcp4ClientProbe
* Return: the random data.
*/
uint32_t n_dhcp4_client_probe_config_get_random(NDhcp4ClientProbeConfig *config) {
long int result;
int r;
r = mrand48_r(&config->entropy, &result);
c_assert(!r);
return result;
return jrand48(config->entropy);
};
/**

8
shared/n-dhcp4/src/n-dhcp4-client.c
View File

@ -146,14 +146,14 @@ _c_public_ void n_dhcp4_client_config_set_transport(NDhcp4ClientConfig *config,
*
* Background: OFFER and ACK messages from DHCP servers to clients are unicast
* to the IP address handed out, even before the IP address has
* been configured on the taregt interface. This usually works
* been configured on the target interface. This usually works
* because the correct destination hardware address is explicitly
* set on the outgoing packets, rather than being resolved (which
* would not work). However, some hardware does not accept incoming
* IP packets destined for addresses they do not own, even if the
* hardware address is correct. In this case, the server must
* broadcast the replies in order for the client to receive them.
* In general, unneccesary broadcasting is something one wants to
* In general, unnecessary broadcasting is something one wants to
* avoid, and some networks will not deliver broadcasts to the
* client at all, in which case this flag must not be set.
*/
@ -549,7 +549,7 @@ void n_dhcp4_log_queue_fmt(NDhcp4LogQueue *log_queue,
if (level > log_queue->log_level)
return;
/* Currently the logging queue is only implemented for
/* Currently, the logging queue is only implemented for
* the client. Nobody would enable logging except a
* client instance. */
c_assert(log_queue->is_client);
@ -953,7 +953,7 @@ _c_public_ int n_dhcp4_client_update_mtu(NDhcp4Client *client, uint16_t mtu) {
* This creates a new probe on @client. Probes represent DHCP requests and
* track the state over the entire lifetime of a lease. Once a probe is created
* it will start looking for DHCP servers, request a lease from them, and renew
* the lease continously whenever it expires. Furthermore, if a lease cannot be
* the lease continuously whenever it expires. Furthermore, if a lease cannot be
* renewed, a new lease will be requested.
*
* The API allows for many probes to be run at the same time. However, the DHCP

2
shared/n-dhcp4/src/n-dhcp4-private.h
View File

@ -263,7 +263,7 @@ struct NDhcp4ClientProbeConfig {
bool inform_only;
bool init_reboot;
struct in_addr requested_ip;
struct drand48_data entropy; /* entropy pool */
unsigned short int entropy[3];
uint64_t ms_start_delay; /* max ms to wait before starting probe */
NDhcp4ClientProbeOption *options[UINT8_MAX + 1];
int8_t request_parameters[UINT8_MAX + 1];

2
shared/n-dhcp4/src/n-dhcp4-s-connection.c
View File

@ -375,7 +375,7 @@ int n_dhcp4_s_connection_nak_new(NDhcp4SConnection *connection,
/*
* The RFC is a bit unclear on how NAK should be sent, on the
* one hand it says that they should be unconditinoally broadcast
* one hand it says that they should be unconditionally broadcast
* (unless going through a relay agent), on the other, when they
* do go through a relay agent, they will not be. We treat them
* as any other reply and only broadcast when the broadcast bit

8
shared/n-dhcp4/src/n-dhcp4-socket.c
View File

@ -22,7 +22,7 @@
/**
* n_dhcp4_c_socket_packet_new() - create a new DHCP4 client packet socket
* @sockfdp: return argumnet for the new socket
* @sockfdp: return argument for the new socket
* @ifindex: interface index to bind to
*
* Create a new AF_PACKET/SOCK_DGRAM socket usable to listen to and send DHCP client
@ -129,7 +129,7 @@ int n_dhcp4_c_socket_packet_new(int *sockfdp, int ifindex) {
/**
* n_dhcp4_c_socket_udp_new() - create a new DHCP4 client UDP socket
* @sockfdp: return argumnet for the new socket
* @sockfdp: return argument for the new socket
* @ifindex: interface index to bind to
* @client_addr: client address to bind to
* @server_addr: server address to connect to
@ -230,7 +230,7 @@ int n_dhcp4_c_socket_udp_new(int *sockfdp,
/**
* n_dhcp4_s_socket_packet_new() - create a new DHCP4 server packet socket
* @sockfdp: return argumnet for the new socket
* @sockfdp: return argument for the new socket
*
* Create a new AF_PACKET/SOCK_DGRAM socket usable to send DHCP packets to clients
* before they have an IP address configured, on the given interface.
@ -251,7 +251,7 @@ int n_dhcp4_s_socket_packet_new(int *sockfdp) {
/**
* n_dhcp4_s_socket_udp_new() - create a new DHCP4 server UDP socket
* @sockfdp: return argumnet for the new socket
* @sockfdp: return argument for the new socket
* @ifindex: intercafe index to bind to
*
* Create a new AF_INET/SOCK_DGRAM socket usable to listen to DHCP server packets,

2
shared/n-dhcp4/src/test-run-client.c
View File

@ -440,7 +440,7 @@ static void print_help(void) {
" --ifindex IDX Index of interface to run on\n"
" --mac HEX Hardware address to use\n"
" --broadcast-mac HEX Broadcast hardware address to use\n"
" --requested-ip IP Requested IP adress\n"
" --requested-ip IP Requested IP address\n"
" --requested-lifetime SECS Requested lease lifetime in seconds\n"
" --requested-parameters P1,P2,... Requested parameters\n"
" --client-id HEX Client Identifier to use\n"

2
shared/n-dhcp4/src/test.h
View File

@ -85,7 +85,7 @@ static inline void test_setup(void) {
/*
* Move into a new network and mount namespace both associated
* with a new user namespace where the current eUID is mapped to
* 0. Then create a a private instance of /run/netns. This ensures
* 0. Then create a private instance of /run/netns. This ensures
* that any network devices or network namespaces are private to
* the test process.
*/

2
shared/n-dhcp4/src/util/packet.c
View File

@ -244,7 +244,7 @@ int packet_sendto_udp(int sockfd,
* @buf: buffor for payload
* @n_buf: max length of payload in bytes
* @n_transmittedp: output argument for number transmitted bytes
* @src: return argumnet for source address, or NULL, see ip(7)
* @src: return argument for source address, or NULL, see ip(7)
*
* Receives an UDP packet on a AF_PACKET socket. The difference between
* this and recvfrom() on an AF_INET socket is that the packet will be

2
shared/nm-default.h
View File

@ -261,6 +261,8 @@ _nm_g_return_if_fail_warning (const char *log_domain,
/*****************************************************************************/
#include "nm-std-aux/nm-std-aux.h"
#include "nm-std-aux/nm-std-utils.h"
#include "nm-glib-aux/nm-macros-internal.h"
#include "nm-glib-aux/nm-shared-utils.h"
#include "nm-glib-aux/nm-errno.h"

Some files were not shown because too many files have changed in this diff Show More