5 * Copyright (C) 2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 #include <sys/socket.h>
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/technology.h>
36 #include <connman/plugin.h>
37 #include <connman/log.h>
38 #include <connman/dbus.h>
39 #include <connman/provider.h>
40 #include <connman/ipaddress.h>
41 #include <connman/vpn-dbus.h>
42 #include <connman/inet.h>
43 #include <gweb/gresolv.h>
45 #define DBUS_TIMEOUT 10000
47 static DBusConnection *connection;
49 static GHashTable *vpn_connections = NULL;
51 static guint added_watch;
52 static guint removed_watch;
53 static guint property_watch;
62 struct config_create_data {
63 connection_ready_cb callback;
68 struct connection_data {
71 struct connman_provider *provider;
73 DBusPendingCall *call;
74 connman_bool_t connect_pending;
75 struct config_create_data *cb_data;
86 GHashTable *server_routes;
87 GHashTable *user_routes;
88 GHashTable *setting_strings;
90 struct connman_ipaddress *ip;
96 static int set_string(struct connman_provider *provider,
97 const char *key, const char *value)
99 struct connection_data *data;
101 data = connman_provider_get_data(provider);
105 DBG("data %p provider %p key %s value %s", data, provider, key, value);
107 if (g_str_equal(key, "Type") == TRUE) {
109 data->type = g_strdup(value);
110 } else if (g_str_equal(key, "Name") == TRUE) {
112 data->name = g_strdup(value);
113 } else if (g_str_equal(key, "Host") == TRUE) {
115 data->host = g_strdup(value);
116 } else if (g_str_equal(key, "VPN.Domain") == TRUE ||
117 g_str_equal(key, "Domain") == TRUE) {
118 g_free(data->domain);
119 data->domain = g_strdup(value);
121 g_hash_table_replace(data->setting_strings,
122 g_strdup(key), g_strdup(value));
126 static const char *get_string(struct connman_provider *provider,
129 struct connection_data *data;
131 data = connman_provider_get_data(provider);
135 DBG("data %p provider %p key %s", data, provider, key);
137 if (g_str_equal(key, "Type") == TRUE)
139 else if (g_str_equal(key, "Name") == TRUE)
141 else if (g_str_equal(key, "Host") == TRUE)
143 else if (g_str_equal(key, "HostIP") == TRUE) {
144 if (data->host_ip == NULL ||
145 data->host_ip[0] == NULL)
148 return data->host_ip[0];
149 } else if (g_str_equal(key, "VPN.Domain") == TRUE)
152 return g_hash_table_lookup(data->setting_strings, key);
155 static char *get_ident(const char *path)
162 pos = strrchr(path, '/');
169 static void cancel_host_resolv(struct connection_data *data)
171 if (data->resolv_id != 0)
172 g_resolv_cancel_lookup(data->resolv, data->resolv_id);
176 g_resolv_unref(data->resolv);
180 static gboolean remove_resolv(gpointer user_data)
182 struct connection_data *data = user_data;
184 cancel_host_resolv(data);
189 static void resolv_result(GResolvResultStatus status,
190 char **results, gpointer user_data)
192 struct connection_data *data = user_data;
194 DBG("status %d", status);
196 if (status == G_RESOLV_RESULT_STATUS_SUCCESS && results != NULL &&
197 g_strv_length(results) > 0)
198 data->host_ip = g_strdupv(results);
201 * We cannot unref the resolver here as resolv struct is manipulated
202 * by gresolv.c after we return from this callback.
204 g_timeout_add_seconds(0, remove_resolv, data);
209 static void resolv_host_addr(struct connection_data *data)
211 if (data->host == NULL)
214 if (connman_inet_check_ipaddress(data->host) > 0)
217 if (data->host_ip != NULL)
220 data->resolv = g_resolv_new(0);
221 if (data->resolv == NULL) {
222 DBG("Cannot resolv %s", data->host);
226 DBG("Trying to resolv %s", data->host);
228 data->resolv_id = g_resolv_lookup_hostname(data->resolv, data->host,
229 resolv_result, data);
232 static void free_config_cb_data(struct config_create_data *cb_data)
237 g_free(cb_data->path);
238 cb_data->path = NULL;
240 if (cb_data->message != NULL) {
241 dbus_message_unref(cb_data->message);
242 cb_data->message = NULL;
245 cb_data->callback = NULL;
250 static void set_provider_state(struct connection_data *data)
252 enum connman_provider_state state = CONNMAN_PROVIDER_STATE_UNKNOWN;
255 DBG("provider %p new state %s", data->provider, data->state);
257 if (g_str_equal(data->state, "ready") == TRUE) {
258 state = CONNMAN_PROVIDER_STATE_READY;
260 } else if (g_str_equal(data->state, "configuration") == TRUE) {
261 state = CONNMAN_PROVIDER_STATE_CONNECT;
262 } else if (g_str_equal(data->state, "idle") == TRUE) {
263 state = CONNMAN_PROVIDER_STATE_IDLE;
264 } else if (g_str_equal(data->state, "disconnect") == TRUE) {
266 state = CONNMAN_PROVIDER_STATE_DISCONNECT;
268 } else if (g_str_equal(data->state, "failure") == TRUE) {
270 state = CONNMAN_PROVIDER_STATE_FAILURE;
274 connman_provider_set_state(data->provider, state);
278 if (data->cb_data != NULL)
279 data->cb_data->callback(data->cb_data->message,
282 connman_provider_set_state(data->provider, state);
284 free_config_cb_data(data->cb_data);
285 data->cb_data = NULL;
288 static int create_provider(struct connection_data *data, void *user_data)
290 struct connman_provider_driver *driver = user_data;
293 DBG("%s", data->path);
295 data->provider = connman_provider_get(data->ident);
296 if (data->provider == NULL)
299 DBG("provider %p name %s", data->provider, data->name);
301 connman_provider_set_data(data->provider, data);
302 connman_provider_set_driver(data->provider, driver);
304 err = connman_provider_create_service(data->provider);
306 connman_provider_set_immutable(data->provider, data->immutable);
307 if (g_str_equal(data->state, "ready") == TRUE) {
308 connman_provider_set_index(data->provider,
310 if (data->ip != NULL)
311 connman_provider_set_ipaddress(data->provider,
315 set_provider_state(data);
321 static void destroy_route(gpointer user_data)
323 struct vpn_route *route = user_data;
325 g_free(route->network);
326 g_free(route->netmask);
327 g_free(route->gateway);
331 static struct connection_data *create_connection_data(const char *path)
333 struct connection_data *data;
335 data = g_try_new0(struct connection_data, 1);
339 DBG("path %s", path);
341 data->path = g_strdup(path);
342 data->ident = g_strdup(get_ident(path));
345 data->setting_strings = g_hash_table_new_full(g_str_hash,
346 g_str_equal, g_free, g_free);
348 data->server_routes = g_hash_table_new_full(g_direct_hash,
349 g_str_equal, g_free, destroy_route);
350 data->user_routes = g_hash_table_new_full(g_str_hash,
351 g_str_equal, g_free, destroy_route);
356 static int extract_ip(DBusMessageIter *array, int family,
357 struct connection_data *data)
359 DBusMessageIter dict;
360 char *address = NULL, *gateway = NULL, *netmask = NULL, *peer = NULL;
361 unsigned char prefix_len;
363 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY)
366 dbus_message_iter_recurse(array, &dict);
368 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
369 DBusMessageIter entry, value;
372 dbus_message_iter_recurse(&dict, &entry);
373 dbus_message_iter_get_basic(&entry, &key);
375 dbus_message_iter_next(&entry);
376 dbus_message_iter_recurse(&entry, &value);
378 if (g_str_equal(key, "Address") == TRUE) {
379 dbus_message_iter_get_basic(&value, &address);
380 DBG("address %s", address);
381 } else if (g_str_equal(key, "Netmask") == TRUE) {
382 dbus_message_iter_get_basic(&value, &netmask);
383 DBG("netmask %s", netmask);
384 } else if (g_str_equal(key, "PrefixLength") == TRUE) {
385 dbus_message_iter_get_basic(&value, &netmask);
386 DBG("prefix length %s", netmask);
387 } else if (g_str_equal(key, "Peer") == TRUE) {
388 dbus_message_iter_get_basic(&value, &peer);
389 DBG("peer %s", peer);
390 } else if (g_str_equal(key, "Gateway") == TRUE) {
391 dbus_message_iter_get_basic(&value, &gateway);
392 DBG("gateway %s", gateway);
395 dbus_message_iter_next(&dict);
398 connman_ipaddress_free(data->ip);
399 data->ip = connman_ipaddress_alloc(family);
400 if (data->ip == NULL)
405 connman_ipaddress_set_ipv4(data->ip, address, netmask,
409 prefix_len = atoi(netmask);
410 connman_ipaddress_set_ipv6(data->ip, address, prefix_len,
417 connman_ipaddress_set_peer(data->ip, peer);
422 static int extract_nameservers(DBusMessageIter *array,
423 struct connection_data *data)
425 DBusMessageIter entry;
426 char **nameservers = NULL;
429 dbus_message_iter_recurse(array, &entry);
431 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
432 const char *nameserver;
434 dbus_message_iter_get_basic(&entry, &nameserver);
436 nameservers = g_try_renew(char *, nameservers, i + 2);
437 if (nameservers == NULL)
440 DBG("[%d] %s", i, nameserver);
442 nameservers[i] = g_strdup(nameserver);
443 if (nameservers[i] == NULL)
446 nameservers[++i] = NULL;
448 dbus_message_iter_next(&entry);
451 g_strfreev(data->nameservers);
452 data->nameservers = nameservers;
457 static int errorstr2val(const char *error) {
458 if (g_strcmp0(error, CONNMAN_ERROR_INTERFACE ".InProgress") == 0)
461 if (g_strcmp0(error, CONNMAN_ERROR_INTERFACE ".AlreadyConnected") == 0)
464 return -ECONNREFUSED;
467 static void connect_reply(DBusPendingCall *call, void *user_data)
471 struct connection_data *data = user_data;
472 struct config_create_data *cb_data = data->cb_data;
474 if (dbus_pending_call_get_completed(call) == FALSE)
477 DBG("user_data %p path %s", user_data, cb_data ? cb_data->path : NULL);
479 reply = dbus_pending_call_steal_reply(call);
481 dbus_error_init(&error);
483 if (dbus_set_error_from_message(&error, reply) == TRUE) {
484 int err = errorstr2val(error.name);
485 if (err != -EINPROGRESS) {
486 connman_error("Connect reply: %s (%s)", error.message,
488 dbus_error_free(&error);
490 DBG("data %p cb_data %p", data, cb_data);
491 if (cb_data != NULL) {
492 cb_data->callback(cb_data->message, err, NULL);
493 free_config_cb_data(cb_data);
494 data->cb_data = NULL;
498 dbus_error_free(&error);
502 * The vpn connection is up when we get a "ready" state
503 * property so at this point we do nothing for the provider
508 dbus_message_unref(reply);
510 dbus_pending_call_unref(call);
513 static int connect_provider(struct connection_data *data, void *user_data)
515 DBusPendingCall *call;
516 DBusMessage *message;
517 struct config_create_data *cb_data = user_data;
519 DBG("data %p user %p path %s", data, cb_data, data->path);
521 data->connect_pending = FALSE;
523 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
524 VPN_CONNECTION_INTERFACE,
529 if (dbus_connection_send_with_reply(connection, message,
530 &call, DBUS_TIMEOUT) == FALSE) {
531 connman_error("Unable to call %s.%s()",
532 VPN_CONNECTION_INTERFACE, VPN_CONNECT);
533 dbus_message_unref(message);
538 dbus_message_unref(message);
542 if (cb_data != NULL) {
543 g_free(cb_data->path);
544 cb_data->path = g_strdup(data->path);
547 dbus_pending_call_set_notify(call, connect_reply, data, NULL);
549 dbus_message_unref(message);
554 static void add_connection(const char *path, DBusMessageIter *properties,
557 struct connection_data *data;
559 char *ident = get_ident(path);
560 connman_bool_t found = FALSE;
562 data = g_hash_table_lookup(vpn_connections, ident);
565 * We might have a dummy connection struct here that
566 * was created by configuration_create_reply() so in
567 * that case just continue.
569 if (data->connect_pending == FALSE)
574 data = create_connection_data(path);
579 DBG("data %p path %s", data, path);
581 while (dbus_message_iter_get_arg_type(properties) ==
582 DBUS_TYPE_DICT_ENTRY) {
583 DBusMessageIter entry, value;
587 dbus_message_iter_recurse(properties, &entry);
588 dbus_message_iter_get_basic(&entry, &key);
590 dbus_message_iter_next(&entry);
591 dbus_message_iter_recurse(&entry, &value);
593 if (g_str_equal(key, "State") == TRUE) {
594 dbus_message_iter_get_basic(&value, &str);
595 DBG("state %s -> %s", data->state, str);
596 data->state = g_strdup(str);
597 } else if (g_str_equal(key, "IPv4") == TRUE) {
598 extract_ip(&value, AF_INET, data);
599 } else if (g_str_equal(key, "IPv6") == TRUE) {
600 extract_ip(&value, AF_INET6, data);
601 } else if (g_str_equal(key, "Name") == TRUE) {
602 dbus_message_iter_get_basic(&value, &str);
603 data->name = g_strdup(str);
604 } else if (g_str_equal(key, "Type") == TRUE) {
605 dbus_message_iter_get_basic(&value, &str);
606 data->type = g_strdup(str);
607 } else if (g_str_equal(key, "Immutable") == TRUE) {
608 dbus_message_iter_get_basic(&value, &data->immutable);
609 } else if (g_str_equal(key, "Host") == TRUE) {
610 dbus_message_iter_get_basic(&value, &str);
611 data->host = g_strdup(str);
612 } else if (g_str_equal(key, "Domain") == TRUE) {
613 dbus_message_iter_get_basic(&value, &str);
614 g_free(data->domain);
615 data->domain = g_strdup(str);
616 } else if (g_str_equal(key, "Nameservers") == TRUE) {
617 extract_nameservers(&value, data);
618 } else if (g_str_equal(key, "Index") == TRUE) {
619 dbus_message_iter_get_basic(&value, &data->index);
620 } else if (g_str_equal(key, "ServerRoutes") == TRUE) {
622 } else if (g_str_equal(key, "UserRoutes") == TRUE) {
625 if (dbus_message_iter_get_arg_type(&value) ==
627 dbus_message_iter_get_basic(&value, &str);
628 g_hash_table_replace(data->setting_strings,
629 g_strdup(key), g_strdup(str));
631 DBG("unknown key %s", key);
635 dbus_message_iter_next(properties);
639 g_hash_table_insert(vpn_connections, g_strdup(data->ident),
642 err = create_provider(data, user_data);
646 resolv_host_addr(data);
648 if (data->nameservers != NULL)
649 connman_provider_set_nameservers(data->provider,
652 if (data->domain != NULL)
653 connman_provider_set_domain(data->provider,
656 if (data->connect_pending == TRUE)
657 connect_provider(data, data->cb_data);
662 DBG("removing %s", data->ident);
663 g_hash_table_remove(vpn_connections, data->ident);
666 static void get_connections_reply(DBusPendingCall *call, void *user_data)
670 DBusMessageIter array, dict;
671 const char *signature = DBUS_TYPE_ARRAY_AS_STRING
672 DBUS_STRUCT_BEGIN_CHAR_AS_STRING
673 DBUS_TYPE_OBJECT_PATH_AS_STRING
674 DBUS_TYPE_ARRAY_AS_STRING
675 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
676 DBUS_TYPE_STRING_AS_STRING
677 DBUS_TYPE_VARIANT_AS_STRING
678 DBUS_DICT_ENTRY_END_CHAR_AS_STRING
679 DBUS_STRUCT_END_CHAR_AS_STRING;
681 if (dbus_pending_call_get_completed(call) == FALSE)
686 reply = dbus_pending_call_steal_reply(call);
688 dbus_error_init(&error);
690 if (dbus_set_error_from_message(&error, reply) == TRUE) {
691 connman_error("%s", error.message);
692 dbus_error_free(&error);
696 if (dbus_message_has_signature(reply, signature) == FALSE) {
697 connman_error("vpnd signature \"%s\" does not match "
699 dbus_message_get_signature(reply), signature);
703 if (dbus_message_iter_init(reply, &array) == FALSE)
706 dbus_message_iter_recurse(&array, &dict);
708 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_STRUCT) {
709 DBusMessageIter value, properties;
712 dbus_message_iter_recurse(&dict, &value);
713 dbus_message_iter_get_basic(&value, &path);
715 dbus_message_iter_next(&value);
716 dbus_message_iter_recurse(&value, &properties);
718 add_connection(path, &properties, user_data);
720 dbus_message_iter_next(&dict);
724 dbus_message_unref(reply);
726 dbus_pending_call_unref(call);
729 static int get_connections(void *user_data)
731 DBusPendingCall *call;
732 DBusMessage *message;
736 message = dbus_message_new_method_call(VPN_SERVICE, "/",
737 VPN_MANAGER_INTERFACE,
742 if (dbus_connection_send_with_reply(connection, message,
743 &call, DBUS_TIMEOUT) == FALSE) {
744 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
746 dbus_message_unref(message);
751 dbus_message_unref(message);
755 dbus_pending_call_set_notify(call, get_connections_reply,
758 dbus_message_unref(message);
763 static int provider_probe(struct connman_provider *provider)
768 static void remove_connection_reply(DBusPendingCall *call, void *user_data)
773 if (dbus_pending_call_get_completed(call) == FALSE)
778 reply = dbus_pending_call_steal_reply(call);
780 dbus_error_init(&error);
782 if (dbus_set_error_from_message(&error, reply) == TRUE) {
784 * If the returned error is NotFound, it means that we
785 * have actually removed the provider in vpnd already.
787 if (dbus_error_has_name(&error, CONNMAN_ERROR_INTERFACE
788 ".NotFound") == FALSE)
789 connman_error("%s", error.message);
791 dbus_error_free(&error);
794 dbus_message_unref(reply);
796 dbus_pending_call_unref(call);
799 static int provider_remove(struct connman_provider *provider)
801 DBusPendingCall *call;
802 DBusMessage *message;
803 struct connection_data *data;
805 data = connman_provider_get_data(provider);
807 DBG("provider %p data %p", provider, data);
811 * This means the provider is already removed,
812 * just ignore the dbus in this case.
818 * When provider.c:provider_remove() calls this function,
819 * it will remove the provider itself after the call.
820 * This means that we cannot use the provider pointer later
821 * as it is no longer valid.
823 data->provider = NULL;
825 message = dbus_message_new_method_call(VPN_SERVICE, "/",
826 VPN_MANAGER_INTERFACE,
831 dbus_message_append_args(message, DBUS_TYPE_OBJECT_PATH, &data->path,
834 if (dbus_connection_send_with_reply(connection, message,
835 &call, DBUS_TIMEOUT) == FALSE) {
836 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
838 dbus_message_unref(message);
843 dbus_message_unref(message);
847 dbus_pending_call_set_notify(call, remove_connection_reply,
850 dbus_message_unref(message);
855 static int provider_connect(struct connman_provider *provider)
857 struct connection_data *data;
859 data = connman_provider_get_data(provider);
863 return connect_provider(data, NULL);
866 static void disconnect_reply(DBusPendingCall *call, void *user_data)
871 if (dbus_pending_call_get_completed(call) == FALSE)
874 DBG("user %p", user_data);
876 reply = dbus_pending_call_steal_reply(call);
878 dbus_error_init(&error);
880 if (dbus_set_error_from_message(&error, reply) == TRUE) {
881 connman_error("%s", error.message);
882 dbus_error_free(&error);
887 dbus_message_unref(reply);
889 dbus_pending_call_unref(call);
892 static int disconnect_provider(struct connection_data *data)
894 DBusPendingCall *call;
895 DBusMessage *message;
897 DBG("data %p path %s", data, data->path);
899 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
900 VPN_CONNECTION_INTERFACE,
905 if (dbus_connection_send_with_reply(connection, message,
906 &call, DBUS_TIMEOUT) == FALSE) {
907 connman_error("Unable to call %s.%s()",
908 VPN_CONNECTION_INTERFACE, VPN_DISCONNECT);
909 dbus_message_unref(message);
914 dbus_message_unref(message);
918 dbus_pending_call_set_notify(call, disconnect_reply, NULL, NULL);
920 dbus_message_unref(message);
922 connman_provider_set_state(data->provider,
923 CONNMAN_PROVIDER_STATE_DISCONNECT);
925 * We return 0 here instead of -EINPROGRESS because
926 * __connman_service_disconnect() needs to return something
927 * to gdbus so that gdbus will not call Disconnect() more
928 * than once. This way we do not need to pass the dbus reply
929 * message around the code.
934 static int provider_disconnect(struct connman_provider *provider)
936 struct connection_data *data;
938 DBG("provider %p", provider);
940 data = connman_provider_get_data(provider);
944 if (g_str_equal(data->state, "ready") == TRUE ||
945 g_str_equal(data->state, "configuration") == TRUE)
946 return disconnect_provider(data);
951 static void configuration_create_reply(DBusPendingCall *call, void *user_data)
955 DBusMessageIter iter;
956 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
959 struct connection_data *data;
960 struct config_create_data *cb_data = user_data;
962 if (dbus_pending_call_get_completed(call) == FALSE)
965 DBG("user %p", cb_data);
967 reply = dbus_pending_call_steal_reply(call);
969 dbus_error_init(&error);
971 if (dbus_set_error_from_message(&error, reply) == TRUE) {
972 connman_error("dbus error: %s", error.message);
973 dbus_error_free(&error);
977 if (dbus_message_has_signature(reply, signature) == FALSE) {
978 connman_error("vpn configuration signature \"%s\" does not "
979 "match expected \"%s\"",
980 dbus_message_get_signature(reply), signature);
984 if (dbus_message_iter_init(reply, &iter) == FALSE)
987 dbus_message_iter_get_basic(&iter, &path);
990 * Then try to connect the VPN as expected by ConnectProvider API
992 ident = get_ident(path);
994 data = g_hash_table_lookup(vpn_connections, ident);
997 * Someone removed the data. We cannot really continue.
999 DBG("Pending data not found for %s, cannot continue!", ident);
1002 data->connect_pending = TRUE;
1004 if (data->cb_data == NULL)
1005 data->cb_data = cb_data;
1007 DBG("Connection callback data already in use!");
1010 * Connection is created in add_connections() after
1011 * we have received the ConnectionAdded signal.
1014 DBG("cb %p msg %p", data->cb_data,
1015 data->cb_data ? data->cb_data->message : NULL);
1019 dbus_message_unref(reply);
1021 dbus_pending_call_unref(call);
1024 static void set_dbus_ident(char *ident)
1026 int i, len = strlen(ident);
1028 for (i = 0; i < len; i++) {
1029 if (ident[i] >= '0' && ident[i] <= '9')
1031 if (ident[i] >= 'a' && ident[i] <= 'z')
1033 if (ident[i] >= 'A' && ident[i] <= 'Z')
1039 static struct vpn_route *parse_user_route(const char *user_route)
1041 char *network, *netmask;
1042 struct vpn_route *route = NULL;
1043 int family = PF_UNSPEC;
1044 char **elems = g_strsplit(user_route, "/", 0);
1050 if (network == NULL || *network == '\0') {
1051 DBG("no network/netmask set");
1056 if (netmask != NULL && *netmask == '\0') {
1057 DBG("no netmask set");
1061 if (g_strrstr(network, ":") != NULL)
1063 else if (g_strrstr(network, ".") != NULL) {
1066 if (g_strrstr(netmask, ".") == NULL) {
1067 /* We have netmask length */
1069 struct in_addr netmask_in;
1070 unsigned char prefix_len = 32;
1072 if (netmask != NULL) {
1074 long int value = strtol(netmask, &ptr, 10);
1075 if (ptr != netmask && *ptr == '\0' &&
1080 addr = 0xffffffff << (32 - prefix_len);
1081 netmask_in.s_addr = htonl(addr);
1082 netmask = inet_ntoa(netmask_in);
1084 DBG("network %s netmask %s", network, netmask);
1088 route = g_try_new(struct vpn_route, 1);
1092 route->network = g_strdup(network);
1093 route->netmask = g_strdup(netmask);
1094 route->gateway = NULL;
1095 route->family = family;
1102 static GSList *get_user_networks(DBusMessageIter *array)
1104 DBusMessageIter entry;
1105 GSList *list = NULL;
1107 dbus_message_iter_recurse(array, &entry);
1109 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
1111 struct vpn_route *route;
1113 dbus_message_iter_get_basic(&entry, &val);
1115 route = parse_user_route(val);
1117 list = g_slist_prepend(list, route);
1119 dbus_message_iter_next(&entry);
1125 static void append_route(DBusMessageIter *iter, void *user_data)
1127 struct vpn_route *route = user_data;
1128 DBusMessageIter item;
1131 connman_dbus_dict_open(iter, &item);
1136 if (route->family == AF_INET)
1138 else if (route->family == AF_INET6)
1142 connman_dbus_dict_append_basic(&item, "ProtocolFamily",
1143 DBUS_TYPE_INT32, &family);
1145 if (route->network != NULL)
1146 connman_dbus_dict_append_basic(&item, "Network",
1147 DBUS_TYPE_STRING, &route->network);
1149 if (route->netmask != NULL)
1150 connman_dbus_dict_append_basic(&item, "Netmask",
1151 DBUS_TYPE_STRING, &route->netmask);
1153 if (route->gateway != NULL)
1154 connman_dbus_dict_append_basic(&item, "Gateway",
1155 DBUS_TYPE_STRING, &route->gateway);
1158 connman_dbus_dict_close(iter, &item);
1161 static void append_routes(DBusMessageIter *iter, void *user_data)
1163 GSList *list, *routes = user_data;
1165 DBG("routes %p", routes);
1167 for (list = routes; list != NULL; list = g_slist_next(list)) {
1168 DBusMessageIter dict;
1169 struct vpn_route *route = list->data;
1171 dbus_message_iter_open_container(iter, DBUS_TYPE_STRUCT, NULL,
1173 append_route(&dict, route);
1174 dbus_message_iter_close_container(iter, &dict);
1178 static int create_configuration(DBusMessage *msg, connection_ready_cb callback)
1180 DBusMessage *new_msg = NULL;
1181 DBusPendingCall *call;
1182 DBusMessageIter iter, array, new_iter, new_dict;
1183 const char *type = NULL, *name = NULL;
1184 const char *host = NULL, *domain = NULL;
1185 char *ident, *me = NULL;
1188 struct connection_data *data;
1189 struct config_create_data *user_data = NULL;
1190 GSList *networks = NULL;
1193 * We copy the old message data into new message. We cannot
1194 * just use the old message as is because the user route
1195 * information is not in the same format in vpnd.
1197 new_msg = dbus_message_new(DBUS_MESSAGE_TYPE_METHOD_CALL);
1198 dbus_message_iter_init_append(new_msg, &new_iter);
1199 connman_dbus_dict_open(&new_iter, &new_dict);
1201 dbus_message_iter_init(msg, &iter);
1202 dbus_message_iter_recurse(&iter, &array);
1204 while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_DICT_ENTRY) {
1205 DBusMessageIter entry, value;
1210 dbus_message_iter_recurse(&array, &entry);
1211 dbus_message_iter_get_basic(&entry, &key);
1213 dbus_message_iter_next(&entry);
1214 dbus_message_iter_recurse(&entry, &value);
1216 value_type = dbus_message_iter_get_arg_type(&value);
1219 switch (value_type) {
1220 case DBUS_TYPE_STRING:
1221 dbus_message_iter_get_basic(&value, &item_value);
1223 if (g_str_equal(key, "Type") == TRUE) {
1224 type = (const char *)item_value;
1225 } else if (g_str_equal(key, "Name") == TRUE) {
1226 name = (const char *)item_value;
1227 } else if (g_str_equal(key, "Host") == TRUE) {
1228 host = (const char *)item_value;
1229 } else if (g_str_equal(key, "VPN.Domain") == TRUE) {
1230 domain = (const char *)item_value;
1233 DBG("%s %s", key, (char *)item_value);
1235 if (item_value != NULL)
1236 connman_dbus_dict_append_basic(&new_dict, key,
1237 value_type, &item_value);
1239 case DBUS_TYPE_ARRAY:
1240 if (g_str_equal(key, "Networks") == TRUE) {
1241 networks = get_user_networks(&value);
1242 connman_dbus_dict_append_array(&new_dict,
1244 DBUS_TYPE_DICT_ENTRY,
1251 dbus_message_iter_next(&array);
1254 connman_dbus_dict_close(&new_iter, &new_dict);
1256 DBG("VPN type %s name %s host %s domain %s networks %p",
1257 type, name, host, domain, networks);
1259 if (host == NULL || domain == NULL) {
1264 if (type == NULL || name == NULL) {
1269 ident = g_strdup_printf("%s_%s", host, domain);
1270 set_dbus_ident(ident);
1272 DBG("ident %s", ident);
1274 data = g_hash_table_lookup(vpn_connections, ident);
1276 if (data->call != NULL || data->cb_data != NULL) {
1277 DBG("create configuration call already pending");
1282 char *path = g_strdup_printf("%s/connection/%s", VPN_PATH,
1284 data = create_connection_data(path);
1292 g_hash_table_insert(vpn_connections, g_strdup(ident), data);
1296 * User called net.connman.Manager.ConnectProvider if we are here.
1297 * So use the data from original message in the new msg.
1299 me = g_strdup(dbus_message_get_destination(msg));
1301 dbus_message_set_interface(new_msg, VPN_MANAGER_INTERFACE);
1302 dbus_message_set_path(new_msg, "/");
1303 dbus_message_set_destination(new_msg, VPN_SERVICE);
1304 dbus_message_set_sender(new_msg, me);
1305 dbus_message_set_member(new_msg, "Create");
1307 user_data = g_try_new0(struct config_create_data, 1);
1308 if (user_data == NULL) {
1313 user_data->callback = callback;
1314 user_data->message = dbus_message_ref(msg);
1315 user_data->path = NULL;
1317 DBG("cb %p msg %p", user_data, msg);
1319 result = dbus_connection_send_with_reply(connection, new_msg,
1320 &call, DBUS_TIMEOUT);
1321 if (result == FALSE || call == NULL) {
1326 dbus_pending_call_set_notify(call, configuration_create_reply,
1331 if (new_msg != NULL)
1332 dbus_message_unref(new_msg);
1334 if (networks != NULL)
1335 g_slist_free_full(networks, destroy_route);
1341 static connman_bool_t check_host(char **hosts, char *host)
1348 for (i = 0; hosts[i] != NULL; i++) {
1349 if (g_strcmp0(hosts[i], host) == 0)
1356 static void set_route(struct connection_data *data, struct vpn_route *route)
1359 * If the VPN administrator/user has given a route to
1360 * VPN server, then we must discard that because the
1361 * server cannot be contacted via VPN tunnel.
1363 if (check_host(data->host_ip, route->network) == TRUE) {
1364 DBG("Discarding VPN route to %s via %s at index %d",
1365 route->network, route->gateway, data->index);
1369 if (route->family == AF_INET6) {
1370 unsigned char prefix_len = atoi(route->netmask);
1372 connman_inet_add_ipv6_network_route(data->index,
1377 connman_inet_add_network_route(data->index, route->network,
1383 static int set_routes(struct connman_provider *provider,
1384 enum connman_provider_route_type type)
1386 struct connection_data *data;
1387 GHashTableIter iter;
1388 gpointer value, key;
1390 DBG("provider %p", provider);
1392 data = connman_provider_get_data(provider);
1396 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1397 type == CONNMAN_PROVIDER_ROUTE_USER) {
1398 g_hash_table_iter_init(&iter, data->user_routes);
1400 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1401 set_route(data, value);
1404 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1405 type == CONNMAN_PROVIDER_ROUTE_SERVER) {
1406 g_hash_table_iter_init(&iter, data->server_routes);
1408 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1409 set_route(data, value);
1415 static connman_bool_t check_routes(struct connman_provider *provider)
1417 struct connection_data *data;
1419 DBG("provider %p", provider);
1421 data = connman_provider_get_data(provider);
1425 if (data->user_routes != NULL &&
1426 g_hash_table_size(data->user_routes) > 0)
1429 if (data->server_routes != NULL &&
1430 g_hash_table_size(data->server_routes) > 0)
1436 static struct connman_provider_driver provider_driver = {
1438 .type = CONNMAN_PROVIDER_TYPE_VPN,
1439 .probe = provider_probe,
1440 .remove = provider_remove,
1441 .connect = provider_connect,
1442 .disconnect = provider_disconnect,
1443 .set_property = set_string,
1444 .get_property = get_string,
1445 .create = create_configuration,
1446 .set_routes = set_routes,
1447 .check_routes = check_routes,
1450 static void destroy_provider(struct connection_data *data)
1452 DBG("data %p", data);
1454 if (g_str_equal(data->state, "ready") == TRUE ||
1455 g_str_equal(data->state, "configuration") == TRUE)
1456 connman_provider_disconnect(data->provider);
1458 if (data->call != NULL)
1459 dbus_pending_call_cancel(data->call);
1461 connman_provider_set_data(data->provider, NULL);
1463 connman_provider_remove(data->provider);
1465 data->provider = NULL;
1468 static void connection_destroy(gpointer hash_data)
1470 struct connection_data *data = hash_data;
1472 DBG("data %p", data);
1474 if (data->provider != NULL)
1475 destroy_provider(data);
1478 g_free(data->ident);
1479 g_free(data->state);
1483 g_free(data->domain);
1484 g_hash_table_destroy(data->server_routes);
1485 g_hash_table_destroy(data->user_routes);
1486 g_strfreev(data->nameservers);
1487 g_hash_table_destroy(data->setting_strings);
1488 connman_ipaddress_free(data->ip);
1490 cancel_host_resolv(data);
1495 static void vpnd_created(DBusConnection *conn, void *user_data)
1497 DBG("connection %p", conn);
1499 get_connections(user_data);
1502 static void vpnd_removed(DBusConnection *conn, void *user_data)
1504 DBG("connection %p", conn);
1506 g_hash_table_remove_all(vpn_connections);
1509 static void remove_connection(DBusConnection *conn, const char *path)
1511 DBG("path %s", path);
1513 g_hash_table_remove(vpn_connections, get_ident(path));
1516 static gboolean connection_removed(DBusConnection *conn, DBusMessage *message,
1520 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
1521 struct connection_data *data;
1523 if (dbus_message_has_signature(message, signature) == FALSE) {
1524 connman_error("vpn removed signature \"%s\" does not match "
1526 dbus_message_get_signature(message), signature);
1530 dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &path,
1533 data = g_hash_table_lookup(vpn_connections, get_ident(path));
1535 remove_connection(conn, path);
1540 static gboolean connection_added(DBusConnection *conn, DBusMessage *message,
1543 DBusMessageIter iter, properties;
1545 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING
1546 DBUS_TYPE_ARRAY_AS_STRING
1547 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
1548 DBUS_TYPE_STRING_AS_STRING
1549 DBUS_TYPE_VARIANT_AS_STRING
1550 DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
1552 if (dbus_message_has_signature(message, signature) == FALSE) {
1553 connman_error("vpn ConnectionAdded signature \"%s\" does not "
1554 "match expected \"%s\"",
1555 dbus_message_get_signature(message), signature);
1561 if (dbus_message_iter_init(message, &iter) == FALSE)
1564 dbus_message_iter_get_basic(&iter, &path);
1566 dbus_message_iter_next(&iter);
1567 dbus_message_iter_recurse(&iter, &properties);
1569 add_connection(path, &properties, user_data);
1574 static int save_route(GHashTable *routes, int family, const char *network,
1575 const char *netmask, const char *gateway)
1577 struct vpn_route *route;
1578 char *key = g_strdup_printf("%d/%s/%s", family, network, netmask);
1580 DBG("family %d network %s netmask %s", family, network, netmask);
1582 route = g_hash_table_lookup(routes, key);
1583 if (route == NULL) {
1584 route = g_try_new0(struct vpn_route, 1);
1585 if (route == NULL) {
1586 connman_error("out of memory");
1590 route->family = family;
1591 route->network = g_strdup(network);
1592 route->netmask = g_strdup(netmask);
1593 route->gateway = g_strdup(gateway);
1595 g_hash_table_replace(routes, key, route);
1602 static int read_route_dict(GHashTable *routes, DBusMessageIter *dicts)
1604 DBusMessageIter dict;
1605 const char *network, *netmask, *gateway;
1608 dbus_message_iter_recurse(dicts, &dict);
1610 network = netmask = gateway = NULL;
1613 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
1615 DBusMessageIter entry, value;
1618 dbus_message_iter_recurse(&dict, &entry);
1619 dbus_message_iter_get_basic(&entry, &key);
1621 dbus_message_iter_next(&entry);
1622 dbus_message_iter_recurse(&entry, &value);
1624 if (g_str_equal(key, "ProtocolFamily") == TRUE) {
1626 dbus_message_iter_get_basic(&value, &pf);
1635 DBG("family %d", family);
1636 } else if (g_str_equal(key, "Netmask") == TRUE) {
1637 dbus_message_iter_get_basic(&value, &netmask);
1638 DBG("netmask %s", netmask);
1639 } else if (g_str_equal(key, "Network") == TRUE) {
1640 dbus_message_iter_get_basic(&value, &network);
1641 DBG("host %s", network);
1642 } else if (g_str_equal(key, "Gateway") == TRUE) {
1643 dbus_message_iter_get_basic(&value, &gateway);
1644 DBG("gateway %s", gateway);
1647 dbus_message_iter_next(&dict);
1650 if (netmask == NULL || network == NULL || gateway == NULL) {
1651 DBG("Value missing.");
1655 return save_route(routes, family, network, netmask, gateway);
1658 static int routes_changed(DBusMessageIter *array, GHashTable *routes)
1660 DBusMessageIter entry;
1663 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY) {
1664 DBG("Expecting array, ignoring routes.");
1668 while (dbus_message_iter_get_arg_type(array) == DBUS_TYPE_ARRAY) {
1670 dbus_message_iter_recurse(array, &entry);
1672 while (dbus_message_iter_get_arg_type(&entry) ==
1674 DBusMessageIter dicts;
1676 dbus_message_iter_recurse(&entry, &dicts);
1678 while (dbus_message_iter_get_arg_type(&dicts) ==
1680 int err = read_route_dict(routes, &dicts);
1683 dbus_message_iter_next(&dicts);
1686 dbus_message_iter_next(&entry);
1689 dbus_message_iter_next(array);
1695 static gboolean property_changed(DBusConnection *conn,
1696 DBusMessage *message,
1699 const char *path = dbus_message_get_path(message);
1700 struct connection_data *data = NULL;
1701 DBusMessageIter iter, value;
1702 connman_bool_t ip_set = FALSE;
1706 const char *signature = DBUS_TYPE_STRING_AS_STRING
1707 DBUS_TYPE_VARIANT_AS_STRING;
1709 if (dbus_message_has_signature(message, signature) == FALSE) {
1710 connman_error("vpn property signature \"%s\" does not match "
1712 dbus_message_get_signature(message), signature);
1716 data = g_hash_table_lookup(vpn_connections, get_ident(path));
1720 if (dbus_message_iter_init(message, &iter) == FALSE)
1723 dbus_message_iter_get_basic(&iter, &key);
1725 dbus_message_iter_next(&iter);
1726 dbus_message_iter_recurse(&iter, &value);
1730 if (g_str_equal(key, "State") == TRUE) {
1731 dbus_message_iter_get_basic(&value, &str);
1733 DBG("%s %s -> %s", data->path, data->state, str);
1735 if (g_str_equal(data->state, str) == TRUE)
1738 g_free(data->state);
1739 data->state = g_strdup(str);
1741 set_provider_state(data);
1742 } else if (g_str_equal(key, "Index") == TRUE) {
1743 dbus_message_iter_get_basic(&value, &data->index);
1744 connman_provider_set_index(data->provider, data->index);
1745 } else if (g_str_equal(key, "IPv4") == TRUE) {
1746 err = extract_ip(&value, AF_INET, data);
1748 } else if (g_str_equal(key, "IPv6") == TRUE) {
1749 err = extract_ip(&value, AF_INET6, data);
1751 } else if (g_str_equal(key, "ServerRoutes") == TRUE) {
1752 err = routes_changed(&value, data->server_routes);
1754 * Note that the vpnd will delay the route sending a bit
1755 * (in order to collect the routes from VPN client),
1756 * so we might have got the State changed property before
1757 * we got ServerRoutes. This means that we must try to set
1758 * the routes here because they would be left unset otherwise.
1761 set_routes(data->provider,
1762 CONNMAN_PROVIDER_ROUTE_SERVER);
1763 } else if (g_str_equal(key, "UserRoutes") == TRUE) {
1764 err = routes_changed(&value, data->user_routes);
1766 set_routes(data->provider,
1767 CONNMAN_PROVIDER_ROUTE_USER);
1768 } else if (g_str_equal(key, "Nameservers") == TRUE) {
1769 if (extract_nameservers(&value, data) == 0 &&
1770 data->nameservers != NULL)
1771 connman_provider_set_nameservers(data->provider,
1773 } else if (g_str_equal(key, "Domain") == TRUE) {
1774 dbus_message_iter_get_basic(&value, &str);
1775 g_free(data->domain);
1776 data->domain = g_strdup(str);
1777 connman_provider_set_domain(data->provider, data->domain);
1780 if (ip_set == TRUE && err == 0) {
1781 err = connman_provider_set_ipaddress(data->provider, data->ip);
1783 DBG("setting provider IP address failed (%s/%d)",
1784 strerror(-err), -err);
1790 static int vpn_init(void)
1794 connection = connman_dbus_get_connection();
1795 if (connection == NULL)
1798 watch = g_dbus_add_service_watch(connection, VPN_SERVICE,
1799 vpnd_created, vpnd_removed, &provider_driver, NULL);
1801 added_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1802 VPN_MANAGER_INTERFACE,
1803 CONNECTION_ADDED, connection_added,
1804 &provider_driver, NULL);
1806 removed_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1807 VPN_MANAGER_INTERFACE,
1808 CONNECTION_REMOVED, connection_removed,
1811 property_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1812 VPN_CONNECTION_INTERFACE,
1813 PROPERTY_CHANGED, property_changed,
1816 if (added_watch == 0 || removed_watch == 0 || property_watch == 0) {
1821 err = connman_provider_driver_register(&provider_driver);
1823 vpn_connections = g_hash_table_new_full(g_str_hash,
1825 g_free, connection_destroy);
1827 vpnd_created(connection, &provider_driver);
1833 g_dbus_remove_watch(connection, watch);
1834 g_dbus_remove_watch(connection, added_watch);
1835 g_dbus_remove_watch(connection, removed_watch);
1836 g_dbus_remove_watch(connection, property_watch);
1838 dbus_connection_unref(connection);
1843 static void vpn_exit(void)
1845 g_dbus_remove_watch(connection, watch);
1846 g_dbus_remove_watch(connection, added_watch);
1847 g_dbus_remove_watch(connection, removed_watch);
1848 g_dbus_remove_watch(connection, property_watch);
1850 connman_provider_driver_unregister(&provider_driver);
1852 if (vpn_connections != NULL)
1853 g_hash_table_destroy(vpn_connections);
1855 dbus_connection_unref(connection);
1858 CONNMAN_PLUGIN_DEFINE(vpn, "VPN plugin", VERSION,
1859 CONNMAN_PLUGIN_PRIORITY_DEFAULT, vpn_init, vpn_exit)