From 2ee436b9b226909bec70d05aa36ecc4907bb2622 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20Bene=C5=A1?= <vbenes@redhat.com>
Date: Thu, 23 Oct 2025 16:15:49 +0200
Subject: [PATCH] Fix potentional crash in malformed items import

Resolves: RHEL-122626
Resolves: RHEL-122306
---
 ...n-t-crash-with-malformed-connections.patch | 61 +++++++++++++++++++
 NetworkManager-libreswan.spec                 |  6 +-
 2 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 0005-service-don-t-crash-with-malformed-connections.patch

diff --git a/0005-service-don-t-crash-with-malformed-connections.patch b/0005-service-don-t-crash-with-malformed-connections.patch
new file mode 100644
index 0000000..e5f1a54
--- /dev/null
+++ b/0005-service-don-t-crash-with-malformed-connections.patch
@@ -0,0 +1,61 @@
+From 397096f85c155d18834e8f7b90b1ea439344cd32 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@riseup.net>
+Date: Thu, 23 Oct 2025 11:54:46 +0200
+Subject: [PATCH] service: don't crash with malformed connections
+
+If a connection is malformed, i.e. by having incorrect values, a crash
+(or something worse) could happen in _connect_common because we were
+assuming that the value returned from sanitize_setting_vpn() must be
+non-NULL. If the connection is malformed, it will be NULL.
+
+Fix it by gracefully handling this scenario.
+
+This is a RHEL-only patch, as this is fixed by a later commit that we
+didn't want to backport yet. When we rebase, this patch can be dropped.
+
+Fixes: 50d0fc5a265b ('Fix PSK authentication when leftid starts with `@`')
+---
+ src/nm-libreswan-service.c | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
+index 58ada03..a093547 100644
+--- a/src/nm-libreswan-service.c
++++ b/src/nm-libreswan-service.c
+@@ -1756,7 +1756,8 @@ _connect_common (NMVpnServicePlugin   *plugin,
+ {
+ 	NMLibreswanPlugin *self = NM_LIBRESWAN_PLUGIN (plugin);
+ 	NMLibreswanPluginPrivate *priv = NM_LIBRESWAN_PLUGIN_GET_PRIVATE (self);
+-	gs_unref_object NMSettingVpn *s_vpn = NULL;
++	NMSettingVpn *s_vpn;
++	gs_unref_object NMSettingVpn *s_vpn_sanitized = NULL;
+ 	const char *con_name = nm_connection_get_uuid (connection);
+ 	gs_free char *ipsec_banner = NULL;
+ 	gs_free char *ifupdown_script = NULL;
+@@ -1794,9 +1795,20 @@ _connect_common (NMVpnServicePlugin   *plugin,
+ 			return FALSE;
+ 	}
+ 
+-	s_vpn = sanitize_setting_vpn(nm_connection_get_setting_vpn (connection),
+-				     error);
+-	g_assert (s_vpn);
++	s_vpn = nm_connection_get_setting_vpn(connection);
++	if (!s_vpn) {
++		g_set_error_literal(error,
++		                    NM_VPN_PLUGIN_ERROR,
++		                    NM_VPN_PLUGIN_ERROR_INVALID_CONNECTION,
++		                    _("Empty VPN setting."));
++		return FALSE;
++	}
++
++	s_vpn_sanitized = sanitize_setting_vpn(s_vpn, error);
++	if (!s_vpn_sanitized)
++		return FALSE;
++
++	s_vpn = s_vpn_sanitized;
+ 
+ 	g_object_get (self, NM_VPN_SERVICE_PLUGIN_DBUS_SERVICE_NAME, &bus_name, NULL);
+ 
+-- 
+2.51.0
+
diff --git a/NetworkManager-libreswan.spec b/NetworkManager-libreswan.spec
index 0bd29fb..7bd7c5b 100644
--- a/NetworkManager-libreswan.spec
+++ b/NetworkManager-libreswan.spec
@@ -11,7 +11,7 @@
 
 %global real_version     1.2.27
 %global rpm_version      1.2.27
-%global release_version  3
+%global release_version  4
 
 %global real_version_major %(printf '%s' '%{real_version}' | sed -n 's/^\\([1-9][0-9]*\\.[1-9][0-9]*\\)\\.[1-9][0-9]*$/\\1/p')
 
@@ -31,6 +31,7 @@ Patch0:    0001-Export-esp-option.patch
 Patch1:    0002-fix-psk-auth-when-leftid-starts-with-at.patch
 Patch2:    0003-import-export-nm-auto-defaults-no.patch
 Patch3:    0004-sanitize-before-exporting-RHEL-only.patch
+Patch4:    0005-service-don-t-crash-with-malformed-connections.patch
 
 BuildRequires: make
 BuildRequires: gcc
@@ -132,6 +133,9 @@ rm -f %{buildroot}%{_libdir}/NetworkManager/lib*.la
 %endif
 
 %changelog
+* Thu Oct 23 2025 Vladimír Beneš <vbenes@redhat.com> - 1.2.27-4
+- Fix potentional crash in malformed items import
+
 * Tue Oct 21 2025 Vladimír Beneš <vbenes@redhat.com> - 1.2.27-3
 * Fix small nm-auto-defaults issue