We should enable tests by default, probably we even should drop
the configure flags to enable tests and just always build them.
Anyway, at this point there is no use in guarding check-local
with a check for ENABLE_TESTS. A user who does't want to run
the tests, should just not call `make check`.
crypto_verify_private_key_data() must try to decrypt the key only when
a password is supplied.
Previously the decrypt test always passed because we detected an
unsupported cipher and faked success. Now since version 3.5.4 gnutls
supports PBES1-DES-CBC-MD5 and the key is actually decrypted when a
password is supplied.
Also, don't assert that a wrong password works because we're now able
to actually verify it (only with recent gnutls).
https://bugzilla.gnome.org/show_bug.cgi?id=771623
- don't include "nm-default.h" in header files. Every source file must
include as first header "nm-default.h", thus our headers get the
default include already implicitly.
- we don't support compiling NetworkManager itself with a C++ compiler. Remove
G_BEGIN_DECLS/G_END_DECLS from internal headers. We do however support
users of libnm to use C++, thus they stay in public headers.
We use statement expressions all over the place without explicitly
marking them. If that would be a problem, we'd have to change a
*lot* of code. We simply require that as a mandatory feature from
our compiler.
The "shared" directory contains files that are possibly used by all components
of NetworkManager repository.
Some of these files are even copied as-is to other projects (VPN plugins, nm-applet)
and used there without modification. Move those files to a separate directory.
By moving them to a common directory, it is clearer that they belong
together. Also, you can easier compare the copied versions to their
original via
$ diff -r ./shared/nm-utils/ /path/to/nm-vpn-plugin/shared/nm-utils/
A failure to g_return*() by default prints a g_critical() with stringifing the
condition. Add a macro NMTST_G_RETURN_MSG() that reproduces that line to more
accurately match the failure message.
The linking test causes a crash to check whether libnm and libnm-util
are both linked. If abrt or systemd-coredump are enabled, the core
dump processing will take a long time when the address sanitizer is
enabled, due to the huge process address space. It seems a good choice
to disable the test when NM was compiled with -fsanitize=address.
This adds two new options to the configure scripts to compile NM,
clients and libraries with the address and undefined-behavior
sanitizers available in recent GCC versions. Clang is not supported at
moment.
nmcli> set 802-1x.ca-cert file:///tmp/certs/eaptest_ca_cert.pem
(process:31015): libnm-CRITICAL **: crypto_is_pkcs12_data: assertion 'data != NULL' failed
Error: failed to set 'ca-cert' property: PEM certificate had no start tag '-----BEGIN CERTIFICATE-----'.
For internal compilation we want to be able to use deprecated
API without warnings.
Define the version min/max macros to effectively disable deprecation
warnings.
However, don't do it via CFLAGS option in the makefiles, instead hack it
to "nm-default.h". After all, *every* source file that is for internal
compilation needs to include this header as first.
The problem is that you cannot be sure which patches
were applied on top of a source tree, so the __nm_git_sha
value is unreliable.
Also, after running autoreconf during the package build,
NM_GIT_SHA is reset as well.
Add internal functions _nm_connection_replace_settings() and
_nm_connection_new_from_hash() that cannot fail.
Altough they are not public API, we have to expose them via
libnm-util.ver so that they can be used from libnm-glib.
Warnings aren't great, especially if they can realistically be triggered
by a newer NetworkManager version. Just accept what we can and ignore
the rest silently.
nm_connection_replace_settings_from_connection() would return whether the
connection verifies at the end of the operation. While that is not very
useful, the API is like that and cannot be changed.
For consistency, also perform the verification step in case of self-assignment.
Self-assigment is anyway a case that probably never happens.
nm_connection_replace_settings_from_connection() can safely be used
to copy an invalid connection. The return value only says, whether
the connection is valid after the fact.
GError codes are only unique per domain, so logging the code without
also indicating the domain is not helpful. And anyway, if the error
messages are not distinctive enough to tell the whole story then we
should fix the error messages.
Based-on-patch-by: Dan Winship <danw@gnome.org>
Functions that take a GError** MUST fill it in on error. There is no
need to check whether error is NULL if the function it was passed to
had a failing return value.
Likewise, a proper GError must have a non-NULL message, so there's no
need to double-check that either.
Based-on-patch-by: Dan Winship <danw@gnome.org>
Althoug we don't fully backport the new device types, at least
add the types to the NMDeviceType enum.
Based-on-patch-by: Jiří Klimeš <jklimes@redhat.com>
- All internal source files (except "examples", which are not internal)
should include "config.h" first. As also all internal source
files should include "nm-default.h", let "config.h" be included
by "nm-default.h" and include "nm-default.h" as first in every
source file.
We already wanted to include "nm-default.h" before other headers
because it might contains some fixes (like "nm-glib.h" compatibility)
that is required first.
- After including "nm-default.h", we optinally allow for including the
corresponding header file for the source file at hand. The idea
is to ensure that each header file is self contained.
- Don't include "config.h" or "nm-default.h" in any header file
(except "nm-sd-adapt.h"). Public headers anyway must not include
these headers, and internal headers are never included after
"nm-default.h", as of the first previous point.
- Include all internal headers with quotes instead of angle brackets.
In practice it doesn't matter, because in our public headers we must
include other headers with angle brackets. As we use our public
headers also to compile our interal source files, effectively the
result must be the same. Still do it for consistency.
- Except for <config.h> itself. Include it with angle brackets as suggested by
https://www.gnu.org/software/autoconf/manual/autoconf.html#Configuration-Headers
- "gsystem-local-alloc.h" and <gio/gio.h> are already included via
"nm-default.h". No need to include them separately.
- include "nm-macros-internal.h" via "nm-default.h" and drop all
explict includes.
- in the modified files, ensure that we always include "config.h"
and "nm-default.h" first. As second, include the header file
for the current source file (if applicable). Then follow external
includes and finally internal nm includes.
- include nm headers inside source code files with quotes
- internal header files don't need to include default headers.
They can savely assume that "nm-default.h" is already included
and with it glib, nm-glib.h, nm-macros-internal.h, etc.
Point in case:
# ip link add link dummy0 name dummy0.vlan type vlan id 4095
RTNETLINK answers: Numerical result out of range
This potentially causes existing (invalid) connections to disappear
as they now fail verification.
Instead of adjusting the range of the GObject property
NM_SETTING_VLAN_ID, reject it during vlan. This is a bit more
forgiving to an older client that isn't aware of this new restriction,
so he can first set the value without raising a critical warning.
This is an Ubuntu-specific patch to enable wireless powersave by default.
Should it not work for you for some reason, you can safely add:
powersave=0
to the section:
[802-11-wireless]
In the configuration file for your connection under
/etc/NetworkManager/system-connections/.
Up to now, the "include" directory contained (only) header files that were
used project-wide by libs, core, clients, et al.
Since the directory now also contains a non-header file, the "include"
name is misleading. Instead of adding yet another directory that is
project-wide, with non-header-only content, rename the "include"
directory to "shared".
Allow calling nm_connection_get_virtual_iface_name() on a non-verified
connection by not asserting asserting against a valid base-setting.
On nma-1-0 branch, nm-applet can crash with:
#3 0x00007ffff2993a7a in g_assertion_message_expr (domain=0x7ffff51fad86 "libnm-util", file=0x7ffff51fb728 "nm-connection.c", line=320, func=0x7ffff51fc028 "_get_type_setting", expr=<optimized out>) at gtestutils.c:2444
#4 0x00007ffff51ac52f in _get_type_setting (connection=0xa3c160 [NMRemoteConnection]) at nm-connection.c:320
#5 0x00007ffff51ac341 in nm_connection_get_virtual_iface_name (connection=0xa3c160 [NMRemoteConnection]) at nm-connection.c:1436
#6 0x0000000000415bdc in add_virtual_items (type=type@entry=0x43c11d "bridge", all_devices=all_devices@entry=0x7f6580, all_connections=all_connections@entry=0x9354a0, menu=menu@entry=0x922990 [GtkMenu], applet=applet@entry=0x6cc000 [NMApplet]) at applet.c:1640
#7 0x00000000004176f6 in nma_menu_add_devices (menu=menu@entry=0x922990 [GtkMenu], applet=applet@entry=0x6cc000 [NMApplet]) at applet.c:1713
#8 0x0000000000418315 in nma_menu_show_cb (menu=0x922990 [GtkMenu], applet=0x6cc000 [NMApplet]) at applet.c:1974
where the connection type is "tun".
Note that libnm accepts invalid connections and exposes them to the
user (albeit issuing a warning). Later on there are many places where
that can lead to further g_return*(), which is ugly indeed.
At least, we should not assert against valid connections (because that
crashes the user) and there is a well known fact that the base setting
will be missing for tun settings. No need to even warn about that in
nm_connection_get_virtual_iface_name() (we already got the warning
during replace_settings).
Since libnm is the preferred way to interact with NM now, we don't
want to add new device types to libnm-glib.
Make libnm-glib recognize TUN devices as generic ones and modify
NMDeviceGeneric to use the correct D-Bus interface based on the actual
device type.