From 2a9113a2f9620ff5537f80d82e840d21ba1e9565 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Feb 23 2019 09:57:15 +0000
Subject: Update to 1.15.90 release (1.16-rc1)


---

diff --git a/.gitignore b/.gitignore
index f958ff2..2c419ee 100644
--- a/.gitignore
+++ b/.gitignore
@@ -351,3 +351,4 @@ network-manager-applet-0.8.1.tar.bz2
 /NetworkManager-1.14.0.tar.xz
 /NetworkManager-1.14.2.tar.xz
 /NetworkManager-1.14.4.tar.xz
+/NetworkManager-1.15.90.tar.xz
diff --git a/0001-dhcp-CVE-2018-15688.patch b/0001-dhcp-CVE-2018-15688.patch
deleted file mode 100644
index 77b7588..0000000
--- a/0001-dhcp-CVE-2018-15688.patch
+++ /dev/null
@@ -1,299 +0,0 @@
-From 157094abd83f933fad142758a7d177cfa1a347f7 Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Thu, 27 Sep 2018 18:04:59 +0900
-Subject: [PATCH 1/6] sd-dhcp-lease: fix memleaks
-
-(cherry picked from commit e2975f854831d08a25b4f5eb329b6d04102e115f)
----
- src/systemd/src/libsystemd-network/sd-dhcp-lease.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
-index d2402595c6..cac07d3e5f 100644
---- a/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
-+++ b/src/systemd/src/libsystemd-network/sd-dhcp-lease.c
-@@ -279,6 +279,8 @@ sd_dhcp_lease *sd_dhcp_lease_unref(sd_dhcp_lease *lease) {
-                 free(option);
-         }
- 
-+        free(lease->root_path);
-+        free(lease->timezone);
-         free(lease->hostname);
-         free(lease->domainname);
-         free(lease->dns);
--- 
-2.17.1
-
-
-From 91fb1673d5217aaf1461998fd2675630f5c265f9 Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Thu, 27 Sep 2018 23:48:51 +0900
-Subject: [PATCH 2/6] dhcp6: fix buffer size checking
-
-(cherry picked from commit cb1bdeaf56852275e6b0dd1fba932bb174767f70)
----
- src/systemd/src/libsystemd-network/sd-dhcp6-client.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-index 8444a750a4..0b261a2cba 100644
---- a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-+++ b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-@@ -818,8 +818,8 @@ static int client_parse_message(
-                 uint8_t *optval;
-                 be32_t iaid_lease;
- 
--                if (len < offsetof(DHCP6Option, data) ||
--                    len < offsetof(DHCP6Option, data) + be16toh(option->len))
-+                if (len < pos + offsetof(DHCP6Option, data) ||
-+                    len < pos + offsetof(DHCP6Option, data) + be16toh(option->len))
-                         return -ENOBUFS;
- 
-                 optcode = be16toh(option->code);
--- 
-2.17.1
-
-
-From 0e93fd895daa6f0f578ffa8fc4ed3e0ea85c62e8 Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Fri, 19 Oct 2018 03:44:56 +0900
-Subject: [PATCH 3/6] sd-dhcp6: fix argument and error handling of
- dhcp6_option_parse_status()
-
-(cherry picked from commit 91c43f3978fa7c8341550b9ca279e460ba7e74e6)
-(cherry picked from commit 373cbfc8c6e9591b3c8cc12d58c4b31ac35ab24f)
----
- src/systemd/src/libsystemd-network/dhcp6-option.c    | 10 ++++++----
- src/systemd/src/libsystemd-network/sd-dhcp6-client.c |  9 +++++----
- 2 files changed, 11 insertions(+), 8 deletions(-)
-
-diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
-index ff1cbf13d8..cfddefcb56 100644
---- a/src/systemd/src/libsystemd-network/dhcp6-option.c
-+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
-@@ -465,13 +465,15 @@ int dhcp6_option_parse_ia(DHCP6Option *iaoption, DHCP6IA *ia) {
- 
-                 case SD_DHCP6_OPTION_STATUS_CODE:
- 
--                        status = dhcp6_option_parse_status(option, optlen);
--                        if (status) {
-+                        status = dhcp6_option_parse_status(option, optlen + sizeof(DHCP6Option));
-+                        if (status < 0) {
-+                                r = status;
-+                                goto error;
-+                        }
-+                        if (status > 0) {
-                                 log_dhcp6_client(client, "IA status %d",
-                                                  status);
- 
--                                dhcp6_lease_free_ia(ia);
--
-                                 r = -EINVAL;
-                                 goto error;
-                         }
-diff --git a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-index 0b261a2cba..b694786a77 100644
---- a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-+++ b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
-@@ -870,13 +870,14 @@ static int client_parse_message(
-                         break;
- 
-                 case SD_DHCP6_OPTION_STATUS_CODE:
--                        status = dhcp6_option_parse_status(option, optlen);
--                        if (status) {
-+                        status = dhcp6_option_parse_status(option, optlen + sizeof(DHCP6Option));
-+                        if (status < 0)
-+                                return status;
-+
-+                        if (status > 0) {
-                                 log_dhcp6_client(client, "%s Status %s",
-                                                  dhcp6_message_type_to_string(message->type),
-                                                  dhcp6_message_status_to_string(status));
--                                dhcp6_lease_free_ia(&lease->ia);
--                                dhcp6_lease_free_ia(&lease->pd);
- 
-                                 return -EINVAL;
-                         }
--- 
-2.17.1
-
-
-From f11f5abb1a8b96b553d2d156f8b5cf440695c04d Mon Sep 17 00:00:00 2001
-From: Yu Watanabe <watanabe.yu+github@gmail.com>
-Date: Fri, 19 Oct 2018 03:42:10 +0900
-Subject: [PATCH 4/6] sd-dhcp6: make dhcp6_option_parse_domainname() not store
- empty domain
-
-This improves performance of fuzzer.
-C.f. oss-fuzz#11019.
-
-(cherry picked from commit 3c72b6ed4252e7ff5f7704bfe44557ec197b47fa)
-(cherry picked from commit 50403cccee28c7dcd54b138a0d3b3f69ea0204fe)
----
- .../src/libsystemd-network/dhcp6-option.c     | 66 ++++++++-----------
- 1 file changed, 29 insertions(+), 37 deletions(-)
-
-diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
-index cfddefcb56..be5c222372 100644
---- a/src/systemd/src/libsystemd-network/dhcp6-option.c
-+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
-@@ -555,6 +555,7 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
-                 bool first = true;
- 
-                 for (;;) {
-+                        const char *label;
-                         uint8_t c;
- 
-                         c = optval[pos++];
-@@ -562,47 +563,41 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
-                         if (c == 0)
-                                 /* End of name */
-                                 break;
--                        else if (c <= 63) {
--                                const char *label;
--
--                                /* Literal label */
--                                label = (const char *)&optval[pos];
--                                pos += c;
--                                if (pos >= optlen)
--                                        return -EMSGSIZE;
--
--                                if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX)) {
--                                        r = -ENOMEM;
--                                        goto fail;
--                                }
--
--                                if (first)
--                                        first = false;
--                                else
--                                        ret[n++] = '.';
--
--                                r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
--                                if (r < 0)
--                                        goto fail;
--
--                                n += r;
--                                continue;
--                        } else {
--                                r = -EBADMSG;
--                                goto fail;
--                        }
--                }
-+                        if (c > 63)
-+                                return -EBADMSG;
-+
-+                        /* Literal label */
-+                        label = (const char *)&optval[pos];
-+                        pos += c;
-+                        if (pos >= optlen)
-+                                return -EMSGSIZE;
-+
-+                        if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX))
-+                                return -ENOMEM;
-+
-+                        if (first)
-+                                first = false;
-+                        else
-+                                ret[n++] = '.';
-+
-+                        r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
-+                        if (r < 0)
-+                                return r;
- 
--                if (!GREEDY_REALLOC(ret, allocated, n + 1)) {
--                        r = -ENOMEM;
--                        goto fail;
-+                        n += r;
-                 }
- 
-+                if (n == 0)
-+                        continue;
-+
-+                if (!GREEDY_REALLOC(ret, allocated, n + 1))
-+                        return -ENOMEM;
-+
-                 ret[n] = 0;
- 
-                 r = strv_extend(&names, ret);
-                 if (r < 0)
--                        goto fail;
-+                        return r;
- 
-                 idx++;
-         }
-@@ -610,7 +605,4 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
-         *str_arr = TAKE_PTR(names);
- 
-         return idx;
--
--fail:
--        return r;
- }
--- 
-2.17.1
-
-
-From cb77290a696dce924e2a993690634986ac035490 Mon Sep 17 00:00:00 2001
-From: Li Song <song.li@honeywell.com>
-Date: Fri, 19 Oct 2018 13:41:51 -0400
-Subject: [PATCH 5/6] sd-dhcp: remove unreachable route after rebinding return
- NAK
-
-(cherry picked from commit cc3981b1272b9ce37e7d734a7b2f42e84acac535)
-(cherry picked from commit 915c2f675a23b2ae16d292d1ac570706f76b384d)
----
- src/systemd/src/libsystemd-network/sd-dhcp-client.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/systemd/src/libsystemd-network/sd-dhcp-client.c b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
-index 42707f10d8..9158945372 100644
---- a/src/systemd/src/libsystemd-network/sd-dhcp-client.c
-+++ b/src/systemd/src/libsystemd-network/sd-dhcp-client.c
-@@ -1688,6 +1688,8 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
-                         client->timeout_resend =
-                                 sd_event_source_unref(client->timeout_resend);
- 
-+                        client_notify(client, SD_DHCP_CLIENT_EVENT_EXPIRED);
-+
-                         r = client_initialize(client);
-                         if (r < 0)
-                                 goto error;
--- 
-2.17.1
-
-
-From fc230dca139142f409d7bac99dbfabe9b004e2fb Mon Sep 17 00:00:00 2001
-From: Lennart Poettering <lennart@poettering.net>
-Date: Fri, 19 Oct 2018 12:12:33 +0200
-Subject: [PATCH 6/6] dhcp6: make sure we have enough space for the DHCP6
- option header
-
-Fixes a vulnerability originally discovered by Felix Wilhelm from
-Google.
-
-CVE-2018-15688
-LP: #1795921
-https://bugzilla.redhat.com/show_bug.cgi?id=1639067
-
-(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
-(cherry picked from commit 01ca2053bbea09f35b958c8cc7631e15469acb79)
----
- src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
-index be5c222372..22970443d6 100644
---- a/src/systemd/src/libsystemd-network/dhcp6-option.c
-+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
-@@ -105,7 +105,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
-                 return -EINVAL;
-         }
- 
--        if (*buflen < len)
-+        if (*buflen < offsetof(DHCP6Option, data) + len)
-                 return -ENOBUFS;
- 
-         ia_hdr = *buf;
--- 
-2.17.1
-
diff --git a/NetworkManager.spec b/NetworkManager.spec
index c2d0fa8..7b4b45e 100644
--- a/NetworkManager.spec
+++ b/NetworkManager.spec
@@ -8,9 +8,9 @@
 %global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
 
 %global epoch_version 1
-%global rpm_version 1.14.4
-%global real_version 1.14.4
-%global release_version 2
+%global rpm_version 1.16.0
+%global real_version 1.15.90
+%global release_version 0.1
 %global snapshot %{nil}
 %global git_sha %{nil}
 
@@ -23,10 +23,10 @@
 
 %global _hardened_build 1
 
-%if x%{?snapshot} != x
+%if "x%{?snapshot}" != x
 %global snapshot_dot .%{snapshot}
 %endif
-%if x%{?git_sha} != x
+%if "x%{?git_sha}" != x
 %global git_sha_dot .%{git_sha}
 %endif
 
@@ -49,6 +49,7 @@
 %bcond_without regen_docs
 %bcond_with    debug
 %bcond_with    test
+%bcond_with    lto
 %bcond_with    sanitizer
 %if 0%{?fedora} > 28 || 0%{?rhel} > 7
 %bcond_with libnm_glib
@@ -99,18 +100,17 @@ Name: NetworkManager
 Summary: Network connection manager and user applications
 Epoch: %{epoch_version}
 Version: %{rpm_version}
-Release: %{release_version}%{?snap}%{?dist}.3
+Release: %{release_version}%{?snap}%{?dist}
 License: GPLv2+
 URL: http://www.gnome.org/projects/NetworkManager/
 
 Source: https://download.gnome.org/sources/NetworkManager/%{real_version_major}/%{name}-%{real_version}.tar.xz
 Source1: NetworkManager.conf
 Source2: 00-server.conf
-Source3: 20-connectivity-fedora.conf
-Source4: 20-connectivity-redhat.conf
+Source4: 20-connectivity-fedora.conf
+Source5: 20-connectivity-redhat.conf
 
 #Patch1: 0001-some.patch
-Patch1: 0001-dhcp-CVE-2018-15688.patch
 
 Requires(post): systemd
 Requires(post): /usr/sbin/update-alternatives
@@ -205,6 +205,18 @@ BuildRequires: libubsan
 %endif
 %endif
 
+# NetworkManager uses various parts of systemd-networkd internally, including
+# DHCP client, IPv4 Link-Local address negotiation or LLDP support.
+# This provide is essentially here so that NetworkManager shows on Security
+# Response Team's radar in case a flaw is found. The code is frequently
+# synchronized and thus it's not easy to establish a good version number
+# here. The version of zero is there just to have something conservative so
+# that the scripts that would parse the SPEC file naively would be unlikely
+# to fail. Refer to git log for the real date and commit number of last
+# synchronization:
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commits/master/src/systemd
+Provides: bundled(systemd) = 0
+
 
 %description
 NetworkManager is a system service that manages network interfaces and
@@ -292,7 +304,9 @@ devices.
 %package ovs
 Summary: Open vSwitch device plugin for NetworkManager
 Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
+%if 0%{?rhel} == 0
 Requires: openvswitch
+%endif
 
 %description ovs
 This package contains NetworkManager support for Open vSwitch bridges.
@@ -434,6 +448,10 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
 %build
 %if %{with meson}
 %meson \
+	--warnlevel 2 \
+%if %{with test}
+	--werror \
+%endif
 	-Ddhcpcanon=no \
 	-Ddhcpcd=no \
 	-Dconfig_dhcp_default=%{dhcp_default} \
@@ -450,6 +468,11 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
 	-Dmore_asserts=0 \
 %endif
 	-Dld_gc=true \
+%if %{with lto}
+	-D b_lto=true \
+%else
+	-D b_lto=false \
+%endif
 	-Dlibaudit=yes-disabled-by-default \
 %if 0%{?with_modem_manager_1}
 	-Dmodem_manager=true \
@@ -489,14 +512,16 @@ by nm-connection-editor and nm-applet in a non-graphical environment.
 	-Dovs=false \
 %endif
 	-Dselinux=true \
-	-Dpolkit=yes  \
+	-Dpolkit=true  \
 	-Dpolkit_agent=true \
 	-Dmodify_system=true \
 	-Dconcheck=true \
 %if 0%{?fedora}
 	-Dlibpsl=true \
+	-Debpf=true \
 %else
 	-Dlibpsl=false \
+	-Debpf=false \
 %endif
 	-Dsession_tracking=systemd \
 	-Dsuspend_resume=systemd \
@@ -559,6 +584,11 @@ intltoolize --automake --copy --force
 	--without-more-asserts \
 %endif
 	--enable-ld-gc \
+%if %{with lto}
+	--enable-lto \
+%else
+	--disable-lto \
+%endif
 	--with-libaudit=yes-disabled-by-default \
 %if 0%{?with_modem_manager_1}
 	--with-modem-manager-1=yes \
@@ -604,8 +634,10 @@ intltoolize --automake --copy --force
 	--enable-concheck \
 %if 0%{?fedora}
 	--with-libpsl \
+	--with-ebpf \
 %else
 	--without-libpsl \
+	--without-ebpf \
 %endif
 	--with-session-tracking=systemd \
 	--with-suspend-resume=systemd \
@@ -651,11 +683,11 @@ cp %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/
 cp %{SOURCE2} %{buildroot}%{nmlibdir}/conf.d/
 
 %if %{with connectivity_fedora}
-cp %{SOURCE3} %{buildroot}%{nmlibdir}/conf.d/
+cp %{SOURCE4} %{buildroot}%{nmlibdir}/conf.d/
 %endif
 
 %if %{with connectivity_redhat}
-cp %{SOURCE4} %{buildroot}%{nmlibdir}/conf.d/
+cp %{SOURCE5} %{buildroot}%{nmlibdir}/conf.d/
 %endif
 
 cp examples/dispatcher/10-ifcfg-rh-routes.sh %{buildroot}%{_sysconfdir}/%{name}/dispatcher.d/
@@ -789,7 +821,6 @@ fi
 %dir %{_localstatedir}/lib/NetworkManager
 %dir %{_sysconfdir}/NetworkManager/system-connections
 %dir %{_sysconfdir}/sysconfig/network-scripts
-%{_datadir}/dbus-1/system-services/org.freedesktop.NetworkManager.service
 %{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service
 %{_datadir}/polkit-1/actions/*.policy
 %{_prefix}/lib/udev/rules.d/*.rules
@@ -951,6 +982,9 @@ fi
 
 
 %changelog
+* Sat Feb 23 2019 Thomas Haller <thaller@redhat.com> - 1:1.16.0-0.1
+- Update to 1.15.90 release (1.16-rc1)
+
 * Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:1.14.4-2.3
 - Rebuild for readline 8.0
 
diff --git a/sources b/sources
index 9dc2c5a..e3080fe 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (NetworkManager-1.14.4.tar.xz) = 4199d6d7bbbee318b0f69cf2c1bf46cc3721c764121634751753c3cc833c4c5ac0856467896536e3d403ba8783fe452aaa79bfcd71a5ec324a4274989fb656c7
+SHA512 (NetworkManager-1.15.90.tar.xz) = 8d9555599113887252f7588aabe9121ca7bd5ee9cd723dc9ff32c5a745d8d85f09855a899baa3726c4f54c843a15ae78b2eb8b74fe09828b14794f1a891db413