diff --git a/NetworkManager.spec b/NetworkManager.spec index fd24237..18b1bf4 100644 --- a/NetworkManager.spec +++ b/NetworkManager.spec @@ -19,7 +19,7 @@ Name: NetworkManager Summary: Network connection manager and user applications Epoch: 1 Version: 0.9.9.0 -Release: 14%{snapshot}%{?dist} +Release: 15%{snapshot}%{?dist} Group: System Environment/Base License: GPLv2+ URL: http://www.gnome.org/projects/NetworkManager/ @@ -28,6 +28,11 @@ Source: %{name}-%{realversion}%{snapshot}.tar.bz2 Source1: NetworkManager.conf Source2: 00-server.conf Patch1: explain-dns1-dns2.patch +Patch2: rh1023571-fix-crash-ifcfg-rh-reload.patch +Patch3: rh1021112-fix-crash-never-default.patch +Patch4: rh1019021-fix-crash-ip6-routing.patch +Patch5: rh1025007-fix-crash-ifcfg-rh.patch +Patch6: rh1012151-ipv6-disable.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -152,6 +157,11 @@ deployments. %setup -q -n NetworkManager-%{realversion} %patch1 -p1 -b .explain-dns1-dns2 +%patch2 -p1 -b .patch2 +%patch3 -p1 -b .patch3 +%patch4 -p1 -b .patch4 +%patch5 -p1 -b .patch5 +%patch6 -p1 -b .patch6 %build @@ -350,6 +360,13 @@ fi %config %{_sysconfdir}/%{name}/conf.d/00-server.conf %changelog +* Fri Nov 8 2013 Jiří Klimeš - 0.9.9.0-15.git20131003 +- ifcfg-rh: fix crash in ifcfg-rh plugin when reloading connections (rh #1023571) +- ifcfg-rh: fix crash when having connections with NEVER_DEFAULT (rh #1021112) +- core: fix segfault in nm-policy when setting default route for vpn (rh #1019021) +- ifcfg-rh: fix crash when reading connection (assert) (rh #1025007) +- core: allow IPv4 to proceed if IPv6 is globally disabled but set to "auto" (rh #1012151) + * Thu Oct 3 2013 Dan Williams - 0.9.9.0-14.git20131003 - core: fix DHCPv6 address prefix length (rh #1013583) - cli: enhance bonding questionaire (rh #1007355) diff --git a/rh1012151-ipv6-disable.patch b/rh1012151-ipv6-disable.patch new file mode 100644 index 0000000..884c721 --- /dev/null +++ b/rh1012151-ipv6-disable.patch @@ -0,0 +1,27 @@ +commit 9543e45afe0746ac1c9c10e4f78f43264fd288b4 +Author: Dan Williams +Date: Mon Oct 7 11:40:16 2013 -0500 + + core: allow IPv4 to proceed if IPv6 is globally disabled but set to "auto" (rh #1012151) + + If the user disabled IPv6 support in the kernel with "ipv6.disable=1" on the + kernel boot line, then any attempts to open IPv6 sockets (which libndp does) + will fail. This failed the entire connection, even if IPv6's "may-fail" + property was TRUE. Instead, just fail IPv6 and allow IPv4 to proceed. If + IPv4 fails or is disabled, then other logic will fail the entire connection. + +diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c +index d99b3d7..6810afc 100644 +--- a/src/devices/nm-device.c ++++ b/src/devices/nm-device.c +@@ -3329,8 +3329,8 @@ act_stage3_ip6_config_start (NMDevice *self, + if ( strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_AUTO) == 0 + || strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_LINK_LOCAL) == 0) { + if (!addrconf6_start (self)) { +- *reason = NM_DEVICE_STATE_REASON_IP_CONFIG_UNAVAILABLE; +- ret = NM_ACT_STAGE_RETURN_FAILURE; ++ /* IPv6 might be disabled; allow IPv4 to proceed */ ++ ret = NM_ACT_STAGE_RETURN_STOP; + } else + ret = NM_ACT_STAGE_RETURN_POSTPONE; + } else if (strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_DHCP) == 0) { diff --git a/rh1019021-fix-crash-ip6-routing.patch b/rh1019021-fix-crash-ip6-routing.patch new file mode 100644 index 0000000..f001a69 --- /dev/null +++ b/rh1019021-fix-crash-ip6-routing.patch @@ -0,0 +1,62 @@ +commit 19b040236ec59fe8f9730d9da6d9262921d28936 +Author: Thomas Haller +Date: Wed Oct 30 20:18:58 2013 +0100 + + core: fix segfault in nm-policy when setting default route for vpn + + nm_vpn_connection_get_ip6_internal_gateway might return NULL. In this + case, we add a device route (to gateway '::') over the vpn. + + Before, in such a case, NM crashed with SEGFAULT. + + https://bugzilla.redhat.com/show_bug.cgi?id=1019021 + + Signed-off-by: Thomas Haller + +diff --git a/src/nm-policy.c b/src/nm-policy.c +index 6d15e01..49c005c 100644 +--- a/src/nm-policy.c ++++ b/src/nm-policy.c +@@ -860,12 +860,15 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update) + int parent_ifindex = nm_device_get_ip_ifindex (parent); + NMIP6Config *parent_ip6 = nm_device_get_ip6_config (parent); + guint32 parent_mss = parent_ip6 ? nm_ip6_config_get_mss (parent_ip6) : 0; +- struct in6_addr int_gw = *nm_vpn_connection_get_ip6_internal_gateway (vpn); ++ const struct in6_addr *int_gw = nm_vpn_connection_get_ip6_internal_gateway (vpn); + int mss = nm_ip6_config_get_mss (ip6_config); + +- if (!nm_platform_ip6_route_add (ip_ifindex, in6addr_any, 0, int_gw, 0, mss)) { ++ if (!int_gw) ++ int_gw = &in6addr_any; ++ ++ if (!nm_platform_ip6_route_add (ip_ifindex, in6addr_any, 0, *int_gw, 0, mss)) { + nm_platform_ip6_route_add (parent_ifindex, *gw_addr, 128, in6addr_any, 0, parent_mss); +- if (!nm_platform_ip6_route_add (ip_ifindex, in6addr_any, 0, int_gw, 0, mss)) { ++ if (!nm_platform_ip6_route_add (ip_ifindex, in6addr_any, 0, *int_gw, 0, mss)) { + nm_log_err (LOGD_IP6 | LOGD_VPN, "Failed to set default route."); + } + } +commit 886ca75ac33de252158a63074cc7cf9d0215c962 +Author: Thomas Haller +Date: Fri Nov 1 10:57:18 2013 +0100 + + core: fix crash when reading routes from VPN Ip6Config (bgo #706332) + + https://bugzilla.gnome.org/show_bug.cgi?id=706332 + + Reported-by: Nicolas Iooss + Signed-off-by: Thomas Haller + +diff --git a/src/vpn-manager/nm-vpn-connection.c b/src/vpn-manager/nm-vpn-connection.c +index 6962e30..263f253 100644 +--- a/src/vpn-manager/nm-vpn-connection.c ++++ b/src/vpn-manager/nm-vpn-connection.c +@@ -1084,7 +1084,7 @@ nm_vpn_connection_ip6_config_get (DBusGProxy *proxy, + * the VPN server, we want to use the NM created route instead of + * whatever the server provides. + */ +- if (IN6_ARE_ADDR_EQUAL (&route.network, priv->ip6_external_gw) && route.plen == 128) ++ if (priv->ip6_external_gw && IN6_ARE_ADDR_EQUAL (&route.network, priv->ip6_external_gw) && route.plen == 128) + continue; + + /* Otherwise accept the VPN-provided route */ diff --git a/rh1021112-fix-crash-never-default.patch b/rh1021112-fix-crash-never-default.patch new file mode 100644 index 0000000..58b7d29 --- /dev/null +++ b/rh1021112-fix-crash-never-default.patch @@ -0,0 +1,19 @@ +commit 0a557ac01d28340e43247eef52007a8b18bb24d8 +Author: Dan Winship +Date: Thu Oct 24 15:15:02 2013 -0400 + + core: fix crash when activating a never-default IPv4 connection + +diff --git a/src/nm-ip4-config.c b/src/nm-ip4-config.c +index 81c003e..ed1728d 100644 +--- a/src/nm-ip4-config.c ++++ b/src/nm-ip4-config.c +@@ -583,7 +583,7 @@ nm_ip4_config_replace (NMIP4Config *dst, const NMIP4Config *src, gboolean *relev + /* never_default */ + if (src_priv->never_default != dst_priv->never_default) { + dst_priv->never_default = src_priv->never_default; +- has_relevant_changes = TRUE; ++ has_minor_changes = TRUE; + } + + /* default gateway */ diff --git a/rh1023571-fix-crash-ifcfg-rh-reload.patch b/rh1023571-fix-crash-ifcfg-rh-reload.patch new file mode 100644 index 0000000..60929fd --- /dev/null +++ b/rh1023571-fix-crash-ifcfg-rh-reload.patch @@ -0,0 +1,55 @@ +commit 912152cf85d29db45f706522c8e3ce13eaf13197 +Author: Jiří Klimeš +Date: Tue Oct 29 15:02:30 2013 +0100 + + ifcfg-rh: fix crash when doing managed->unmanaged transition + + Testcase: + * add 'NM_CONTROLLED=no' to /etc/sysconfig/network-scripts/ifcfg-ABC + * sudo nmcli con reload + * ... NM asserts ... + + We need to ref() 'existing' connection before nm_settings_connection_signal_remove(), + because the function unref()s ithe connection via connection_removed_cb(). + + Backtrace: + ... + #4 0x00007fbcf0ea0cba in g_assertion_message_expr (domain=domain@entry=0x0, + file=file@entry=0x7fbcf4e5805d "nm-dbus-manager.c", line=line@entry=848, + func=func@entry=0x7fbcf4e585e0 <__FUNCTION__.15088> "nm_dbus_manager_unregister_object", expr=expr@entry=0x7fbcf4e5820b "G_IS_OBJECT (object)") + at gtestutils.c:2293 + #5 0x00007fbcf4de69d9 in nm_dbus_manager_unregister_object ( + self=0x7fbcf6fdc9c0, object=0x7fbcf70235c0) at nm-dbus-manager.c:848 + #6 0x00007fbcf4dd6a23 in nm_settings_connection_signal_remove ( + self=) at settings/nm-settings-connection.c:1541 + #7 0x00007fbce6fee884 in connection_new_or_changed ( + self=self@entry=0x7fbcf7006f80, + path=path@entry=0x7fbcf70c3f80 "/etc/sysconfig/network-scripts/ifcfg-ABC", + existing=existing@entry=0x7fbcf70235c0, + out_old_path=out_old_path@entry=0x7fff2b7b8988) at plugin.c:327 + #8 0x00007fbce6feeca2 in read_connections (plugin=0x7fbcf7006f80) + at plugin.c:453 + #9 0x00007fbcf4dd8e98 in impl_settings_reload_connections ( + self=0x7fbcf6fd98c0, context=0x7fbcf70bcb30) at settings/nm-settings.c:1262 + ... + +diff --git a/src/settings/plugins/ifcfg-rh/plugin.c b/src/settings/plugins/ifcfg-rh/plugin.c +index dbfc496..5cd24b0 100644 +--- a/src/settings/plugins/ifcfg-rh/plugin.c ++++ b/src/settings/plugins/ifcfg-rh/plugin.c +@@ -320,6 +320,7 @@ connection_new_or_changed (SCPluginIfcfg *self, + + if (new_unmanaged) { + if (!old_unmanaged) { ++ g_object_ref (existing); + /* Unexport the connection by telling the settings service it's + * been removed, and notify the settings service by signalling that + * unmanaged specs have changed. +@@ -331,6 +332,7 @@ connection_new_or_changed (SCPluginIfcfg *self, + + g_object_set (existing, NM_IFCFG_CONNECTION_UNMANAGED, new_unmanaged, NULL); + g_signal_emit_by_name (self, NM_SYSTEM_CONFIG_INTERFACE_UNMANAGED_SPECS_CHANGED); ++ g_object_unref (existing); + } + } else { + if (old_unmanaged) { /* now managed */ diff --git a/rh1025007-fix-crash-ifcfg-rh.patch b/rh1025007-fix-crash-ifcfg-rh.patch new file mode 100644 index 0000000..bc60c77 --- /dev/null +++ b/rh1025007-fix-crash-ifcfg-rh.patch @@ -0,0 +1,35 @@ +commit 25428882839ff17c531887bfc58f6669c9708fc8 +Author: Thomas Haller +Date: Thu Oct 31 12:42:01 2013 +0100 + + ifcfg-rh: fix crash when reading connection (assert in connection_new_or_changed) + + rh #1025007 reports a crash on g_assert_no_error() in + connection_new_or_changed() of src/settings/plugins/ifcfg-rh/plugin.c. + From the back trace I am not 100% sure, what the problem was, but I + think that nm_settings_connection_replace_settings failed because of + nm_connection_update_secrets. Apparently such a situation can + happen and it should simply be accepted as valid. + + What might have happened, is that the connection used to have + secrets (maybe it had 802.1x configured?) and then it got changed, + so update_secrets() fails because the connection no longer has a + setting to which the secrets would apply. + + https://bugzilla.redhat.com/show_bug.cgi?id=1025007 + + Signed-off-by: Thomas Haller + +diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c +index 59b29ad..7dce397 100644 +--- a/src/settings/nm-settings-connection.c ++++ b/src/settings/nm-settings-connection.c +@@ -462,7 +462,7 @@ nm_settings_connection_replace_settings (NMSettingsConnection *self, + if (priv->agent_secrets) { + hash = nm_connection_to_hash (priv->agent_secrets, NM_SETTING_HASH_FLAG_ONLY_SECRETS); + if (hash) { +- success = nm_connection_update_secrets (NM_CONNECTION (self), NULL, hash, error); ++ nm_connection_update_secrets (NM_CONNECTION (self), NULL, hash, NULL); + g_hash_table_destroy (hash); + } + }