5 * Copyright (C) 2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 #include <sys/socket.h>
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/technology.h>
36 #include <connman/plugin.h>
37 #include <connman/log.h>
38 #include <connman/dbus.h>
39 #include <connman/provider.h>
40 #include <connman/ipaddress.h>
41 #include <connman/vpn-dbus.h>
42 #include <connman/inet.h>
43 #include <gweb/gresolv.h>
45 #define DBUS_TIMEOUT 10000
47 static DBusConnection *connection;
49 static GHashTable *vpn_connections = NULL;
50 static gboolean starting_vpnd = TRUE;
52 static guint added_watch;
53 static guint removed_watch;
54 static guint property_watch;
63 struct connection_data {
66 struct connman_provider *provider;
68 DBusPendingCall *call;
69 connman_bool_t connect_pending;
79 GHashTable *server_routes;
80 GHashTable *user_routes;
81 GHashTable *setting_strings;
83 struct connman_ipaddress *ip;
89 static int set_string(struct connman_provider *provider,
90 const char *key, const char *value)
92 struct connection_data *data;
94 data = connman_provider_get_data(provider);
98 DBG("data %p provider %p key %s value %s", data, provider, key, value);
100 if (g_str_equal(key, "Type") == TRUE) {
102 data->type = g_strdup(value);
103 } else if (g_str_equal(key, "Name") == TRUE) {
105 data->name = g_strdup(value);
106 } else if (g_str_equal(key, "Host") == TRUE) {
108 data->host = g_strdup(value);
109 } else if (g_str_equal(key, "VPN.Domain") == TRUE ||
110 g_str_equal(key, "Domain") == TRUE) {
111 g_free(data->domain);
112 data->domain = g_strdup(value);
114 g_hash_table_replace(data->setting_strings,
115 g_strdup(key), g_strdup(value));
119 static const char *get_string(struct connman_provider *provider,
122 struct connection_data *data;
124 data = connman_provider_get_data(provider);
128 DBG("data %p provider %p key %s", data, provider, key);
130 if (g_str_equal(key, "Type") == TRUE)
132 else if (g_str_equal(key, "Name") == TRUE)
134 else if (g_str_equal(key, "Host") == TRUE)
136 else if (g_str_equal(key, "HostIP") == TRUE) {
137 if (data->host_ip == NULL ||
138 data->host_ip[0] == NULL)
141 return data->host_ip[0];
142 } else if (g_str_equal(key, "VPN.Domain") == TRUE)
145 return g_hash_table_lookup(data->setting_strings, key);
148 static char *get_ident(const char *path)
155 pos = strrchr(path, '/');
162 static void cancel_host_resolv(struct connection_data *data)
164 if (data->resolv_id != 0)
165 g_resolv_cancel_lookup(data->resolv, data->resolv_id);
169 g_resolv_unref(data->resolv);
173 static gboolean remove_resolv(gpointer user_data)
175 struct connection_data *data = user_data;
177 cancel_host_resolv(data);
182 static void resolv_result(GResolvResultStatus status,
183 char **results, gpointer user_data)
185 struct connection_data *data = user_data;
187 DBG("status %d", status);
189 if (status == G_RESOLV_RESULT_STATUS_SUCCESS && results != NULL &&
190 g_strv_length(results) > 0)
191 data->host_ip = g_strdupv(results);
194 * We cannot unref the resolver here as resolv struct is manipulated
195 * by gresolv.c after we return from this callback.
197 g_timeout_add_seconds(0, remove_resolv, data);
202 static void resolv_host_addr(struct connection_data *data)
204 if (data->host == NULL)
207 if (connman_inet_check_ipaddress(data->host) > 0)
210 if (data->host_ip != NULL)
213 data->resolv = g_resolv_new(0);
214 if (data->resolv == NULL) {
215 DBG("Cannot resolv %s", data->host);
219 DBG("Trying to resolv %s", data->host);
221 data->resolv_id = g_resolv_lookup_hostname(data->resolv, data->host,
222 resolv_result, data);
225 static void set_provider_state(struct connection_data *data)
227 if (g_str_equal(data->state, "ready") == TRUE)
228 connman_provider_set_state(data->provider,
229 CONNMAN_PROVIDER_STATE_READY);
230 else if (g_str_equal(data->state, "configuration") == TRUE)
231 connman_provider_set_state(data->provider,
232 CONNMAN_PROVIDER_STATE_CONNECT);
233 else if (g_str_equal(data->state, "idle") == TRUE)
234 connman_provider_set_state(data->provider,
235 CONNMAN_PROVIDER_STATE_IDLE);
236 else if (g_str_equal(data->state, "disconnect") == TRUE)
237 connman_provider_set_state(data->provider,
238 CONNMAN_PROVIDER_STATE_DISCONNECT);
239 else if (g_str_equal(data->state, "failure") == TRUE)
240 connman_provider_set_state(data->provider,
241 CONNMAN_PROVIDER_STATE_FAILURE);
243 connman_provider_set_state(data->provider,
244 CONNMAN_PROVIDER_STATE_UNKNOWN);
247 static int create_provider(struct connection_data *data, void *user_data)
249 struct connman_provider_driver *driver = user_data;
252 DBG("%s", data->path);
254 data->provider = connman_provider_get(data->ident);
255 if (data->provider == NULL)
258 DBG("provider %p name %s", data->provider, data->name);
260 connman_provider_set_data(data->provider, data);
261 connman_provider_set_driver(data->provider, driver);
263 err = connman_provider_create_service(data->provider);
265 if (g_str_equal(data->state, "ready") == TRUE) {
266 connman_provider_set_index(data->provider,
268 if (data->ip != NULL)
269 connman_provider_set_ipaddress(data->provider,
273 set_provider_state(data);
279 static void destroy_route(gpointer user_data)
281 struct vpn_route *route = user_data;
283 g_free(route->network);
284 g_free(route->netmask);
285 g_free(route->gateway);
289 static struct connection_data *create_connection_data(const char *path)
291 struct connection_data *data;
293 data = g_try_new0(struct connection_data, 1);
297 DBG("path %s", path);
299 data->path = g_strdup(path);
300 data->ident = g_strdup(get_ident(path));
303 data->setting_strings = g_hash_table_new_full(g_str_hash,
304 g_str_equal, g_free, g_free);
306 data->server_routes = g_hash_table_new_full(g_direct_hash,
307 g_str_equal, g_free, destroy_route);
308 data->user_routes = g_hash_table_new_full(g_str_hash,
309 g_str_equal, g_free, destroy_route);
314 static int extract_ip(DBusMessageIter *array, int family,
315 struct connection_data *data)
317 DBusMessageIter dict;
318 char *address = NULL, *gateway = NULL, *netmask = NULL, *peer = NULL;
319 unsigned char prefix_len;
321 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY)
324 dbus_message_iter_recurse(array, &dict);
326 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
327 DBusMessageIter entry, value;
330 dbus_message_iter_recurse(&dict, &entry);
331 dbus_message_iter_get_basic(&entry, &key);
333 dbus_message_iter_next(&entry);
334 dbus_message_iter_recurse(&entry, &value);
336 if (g_str_equal(key, "Address") == TRUE) {
337 dbus_message_iter_get_basic(&value, &address);
338 DBG("address %s", address);
339 } else if (g_str_equal(key, "Netmask") == TRUE) {
340 dbus_message_iter_get_basic(&value, &netmask);
341 DBG("netmask %s", netmask);
342 } else if (g_str_equal(key, "PrefixLength") == TRUE) {
343 dbus_message_iter_get_basic(&value, &netmask);
344 DBG("prefix length %s", netmask);
345 } else if (g_str_equal(key, "Peer") == TRUE) {
346 dbus_message_iter_get_basic(&value, &peer);
347 DBG("peer %s", peer);
348 } else if (g_str_equal(key, "Gateway") == TRUE) {
349 dbus_message_iter_get_basic(&value, &gateway);
350 DBG("gateway %s", gateway);
353 dbus_message_iter_next(&dict);
356 data->ip = connman_ipaddress_alloc(family);
357 if (data->ip == NULL)
362 connman_ipaddress_set_ipv4(data->ip, address, netmask,
366 prefix_len = atoi(netmask);
367 connman_ipaddress_set_ipv6(data->ip, address, prefix_len,
374 connman_ipaddress_set_peer(data->ip, peer);
379 static int extract_nameservers(DBusMessageIter *array,
380 struct connection_data *data)
382 DBusMessageIter entry;
383 char **nameservers = NULL;
386 dbus_message_iter_recurse(array, &entry);
388 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
389 const char *nameserver;
391 dbus_message_iter_get_basic(&entry, &nameserver);
393 nameservers = g_try_renew(char *, nameservers, i + 2);
394 if (nameservers == NULL)
397 DBG("[%d] %s", i, nameserver);
399 nameservers[i] = g_strdup(nameserver);
400 if (nameservers[i] == NULL)
403 nameservers[++i] = NULL;
405 dbus_message_iter_next(&entry);
408 g_strfreev(data->nameservers);
409 data->nameservers = nameservers;
414 static void connect_reply(DBusPendingCall *call, void *user_data)
419 if (dbus_pending_call_get_completed(call) == FALSE)
422 DBG("user_data %p", user_data);
424 reply = dbus_pending_call_steal_reply(call);
426 dbus_error_init(&error);
428 if (dbus_set_error_from_message(&error, reply) == TRUE) {
429 if (dbus_error_has_name(&error, CONNMAN_ERROR_INTERFACE
430 ".InProgress") == FALSE) {
431 connman_error("Connect reply: %s (%s)", error.message,
433 dbus_error_free(&error);
436 dbus_error_free(&error);
440 * The vpn connection is up when we get a "ready" state
441 * property so at this point we do nothing for the provider
446 dbus_message_unref(reply);
448 dbus_pending_call_unref(call);
451 static int connect_provider(struct connection_data *data, void *user_data)
453 DBusPendingCall *call;
454 DBusMessage *message;
456 DBG("data %p", data);
458 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
459 VPN_CONNECTION_INTERFACE,
464 if (dbus_connection_send_with_reply(connection, message,
465 &call, DBUS_TIMEOUT) == FALSE) {
466 connman_error("Unable to call %s.%s()",
467 VPN_CONNECTION_INTERFACE, VPN_CONNECT);
468 dbus_message_unref(message);
473 dbus_message_unref(message);
477 dbus_pending_call_set_notify(call, connect_reply, NULL, NULL);
479 dbus_message_unref(message);
484 static void add_connection(const char *path, DBusMessageIter *properties,
487 struct connection_data *data;
489 char *ident = get_ident(path);
491 data = g_hash_table_lookup(vpn_connections, ident);
494 * We might have a dummy connection struct here that
495 * was created by configuration_create_reply() so in
496 * that case just continue.
498 if (data->connect_pending == FALSE)
501 data = create_connection_data(path);
506 DBG("data %p path %s", data, path);
508 while (dbus_message_iter_get_arg_type(properties) ==
509 DBUS_TYPE_DICT_ENTRY) {
510 DBusMessageIter entry, value;
514 dbus_message_iter_recurse(properties, &entry);
515 dbus_message_iter_get_basic(&entry, &key);
517 dbus_message_iter_next(&entry);
518 dbus_message_iter_recurse(&entry, &value);
520 if (g_str_equal(key, "State") == TRUE) {
521 dbus_message_iter_get_basic(&value, &str);
522 DBG("state %s -> %s", data->state, str);
523 data->state = g_strdup(str);
524 } else if (g_str_equal(key, "IPv4") == TRUE) {
525 extract_ip(&value, AF_INET, data);
526 } else if (g_str_equal(key, "IPv6") == TRUE) {
527 extract_ip(&value, AF_INET6, data);
528 } else if (g_str_equal(key, "Name") == TRUE) {
529 dbus_message_iter_get_basic(&value, &str);
530 data->name = g_strdup(str);
531 } else if (g_str_equal(key, "Type") == TRUE) {
532 dbus_message_iter_get_basic(&value, &str);
533 data->type = g_strdup(str);
534 } else if (g_str_equal(key, "Host") == TRUE) {
535 dbus_message_iter_get_basic(&value, &str);
536 data->host = g_strdup(str);
537 } else if (g_str_equal(key, "Domain") == TRUE) {
538 dbus_message_iter_get_basic(&value, &str);
539 data->domain = g_strdup(str);
540 } else if (g_str_equal(key, "Nameservers") == TRUE) {
541 extract_nameservers(&value, data);
542 } else if (g_str_equal(key, "Index") == TRUE) {
543 dbus_message_iter_get_basic(&value, &data->index);
545 if (dbus_message_iter_get_arg_type(&value) ==
547 dbus_message_iter_get_basic(&value, &str);
548 g_hash_table_replace(data->setting_strings,
549 g_strdup(key), g_strdup(str));
551 DBG("unknown key %s", key);
555 dbus_message_iter_next(properties);
558 g_hash_table_insert(vpn_connections, g_strdup(data->ident), data);
560 err = create_provider(data, user_data);
564 resolv_host_addr(data);
566 if (data->connect_pending == TRUE) {
567 connect_provider(data, NULL);
568 data->connect_pending = FALSE;
574 DBG("removing %s", data->ident);
575 g_hash_table_remove(vpn_connections, data->ident);
578 static void get_connections_reply(DBusPendingCall *call, void *user_data)
582 DBusMessageIter array, dict;
583 const char *signature = DBUS_TYPE_ARRAY_AS_STRING
584 DBUS_STRUCT_BEGIN_CHAR_AS_STRING
585 DBUS_TYPE_OBJECT_PATH_AS_STRING
586 DBUS_TYPE_ARRAY_AS_STRING
587 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
588 DBUS_TYPE_STRING_AS_STRING
589 DBUS_TYPE_VARIANT_AS_STRING
590 DBUS_DICT_ENTRY_END_CHAR_AS_STRING
591 DBUS_STRUCT_END_CHAR_AS_STRING;
593 if (dbus_pending_call_get_completed(call) == FALSE)
598 reply = dbus_pending_call_steal_reply(call);
600 dbus_error_init(&error);
602 if (dbus_set_error_from_message(&error, reply) == TRUE) {
603 connman_error("%s", error.message);
604 dbus_error_free(&error);
608 if (dbus_message_has_signature(reply, signature) == FALSE) {
609 connman_error("vpnd signature \"%s\" does not match "
611 dbus_message_get_signature(reply), signature);
615 if (dbus_message_iter_init(reply, &array) == FALSE)
618 dbus_message_iter_recurse(&array, &dict);
620 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_STRUCT) {
621 DBusMessageIter value, properties;
624 dbus_message_iter_recurse(&dict, &value);
625 dbus_message_iter_get_basic(&value, &path);
627 dbus_message_iter_next(&value);
628 dbus_message_iter_recurse(&value, &properties);
630 add_connection(path, &properties, user_data);
632 dbus_message_iter_next(&dict);
636 dbus_message_unref(reply);
638 dbus_pending_call_unref(call);
641 static int get_connections(void *user_data)
643 DBusPendingCall *call;
644 DBusMessage *message;
648 message = dbus_message_new_method_call(VPN_SERVICE, "/",
649 VPN_MANAGER_INTERFACE,
654 if (dbus_connection_send_with_reply(connection, message,
655 &call, DBUS_TIMEOUT) == FALSE) {
656 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
658 dbus_message_unref(message);
663 dbus_message_unref(message);
667 dbus_pending_call_set_notify(call, get_connections_reply,
670 dbus_message_unref(message);
675 static int provider_probe(struct connman_provider *provider)
680 static void remove_connection_reply(DBusPendingCall *call, void *user_data)
685 if (dbus_pending_call_get_completed(call) == FALSE)
690 reply = dbus_pending_call_steal_reply(call);
692 dbus_error_init(&error);
694 if (dbus_set_error_from_message(&error, reply) == TRUE) {
696 * If the returned error is NotFound, it means that we
697 * have actually removed the provider in vpnd already.
699 if (dbus_error_has_name(&error, CONNMAN_ERROR_INTERFACE
700 ".NotFound") == FALSE)
701 connman_error("%s", error.message);
703 dbus_error_free(&error);
706 dbus_message_unref(reply);
708 dbus_pending_call_unref(call);
711 static int provider_remove(struct connman_provider *provider)
713 DBusPendingCall *call;
714 DBusMessage *message;
715 struct connection_data *data;
717 data = connman_provider_get_data(provider);
719 DBG("provider %p data %p", provider, data);
722 * When provider.c:provider_remove() calls this function,
723 * it will remove the provider itself after the call.
724 * This means that we cannot use the provider pointer later
725 * as it is no longer valid.
727 data->provider = NULL;
729 message = dbus_message_new_method_call(VPN_SERVICE, "/",
730 VPN_MANAGER_INTERFACE,
735 dbus_message_append_args(message, DBUS_TYPE_OBJECT_PATH, &data->path,
738 if (dbus_connection_send_with_reply(connection, message,
739 &call, DBUS_TIMEOUT) == FALSE) {
740 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
742 dbus_message_unref(message);
747 dbus_message_unref(message);
751 dbus_pending_call_set_notify(call, remove_connection_reply,
754 dbus_message_unref(message);
759 static int provider_connect(struct connman_provider *provider)
761 struct connection_data *data;
763 data = connman_provider_get_data(provider);
767 return connect_provider(data, NULL);
771 static void disconnect_reply(DBusPendingCall *call, void *user_data)
776 if (dbus_pending_call_get_completed(call) == FALSE)
781 reply = dbus_pending_call_steal_reply(call);
783 dbus_error_init(&error);
785 if (dbus_set_error_from_message(&error, reply) == TRUE) {
786 connman_error("%s", error.message);
787 dbus_error_free(&error);
792 dbus_message_unref(reply);
794 dbus_pending_call_unref(call);
797 static int disconnect_provider(struct connection_data *data)
799 DBusPendingCall *call;
800 DBusMessage *message;
802 DBG("data %p path %s", data, data->path);
804 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
805 VPN_CONNECTION_INTERFACE,
810 if (dbus_connection_send_with_reply(connection, message,
811 &call, DBUS_TIMEOUT) == FALSE) {
812 connman_error("Unable to call %s.%s()",
813 VPN_CONNECTION_INTERFACE, VPN_DISCONNECT);
814 dbus_message_unref(message);
819 dbus_message_unref(message);
823 dbus_pending_call_set_notify(call, disconnect_reply, NULL, NULL);
825 dbus_message_unref(message);
827 connman_provider_set_state(data->provider,
828 CONNMAN_PROVIDER_STATE_DISCONNECT);
830 * We return 0 here instead of -EINPROGRESS because
831 * __connman_service_disconnect() needs to return something
832 * to gdbus so that gdbus will not call Disconnect() more
833 * than once. This way we do not need to pass the dbus reply
834 * message around the code.
839 static int provider_disconnect(struct connman_provider *provider)
841 struct connection_data *data;
843 DBG("provider %p", provider);
845 data = connman_provider_get_data(provider);
849 if (g_str_equal(data->state, "ready") == TRUE ||
850 g_str_equal(data->state, "configuration") == TRUE)
851 return disconnect_provider(data);
856 static void configuration_create_reply(DBusPendingCall *call, void *user_data)
860 DBusMessageIter iter;
861 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
864 struct connection_data *data;
866 if (dbus_pending_call_get_completed(call) == FALSE)
869 DBG("user %p", user_data);
871 reply = dbus_pending_call_steal_reply(call);
873 dbus_error_init(&error);
875 if (dbus_set_error_from_message(&error, reply) == TRUE) {
876 connman_error("dbus error: %s", error.message);
877 dbus_error_free(&error);
881 if (dbus_message_has_signature(reply, signature) == FALSE) {
882 connman_error("vpn configuration signature \"%s\" does not "
883 "match expected \"%s\"",
884 dbus_message_get_signature(reply), signature);
888 if (dbus_message_iter_init(reply, &iter) == FALSE)
891 dbus_message_iter_get_basic(&iter, &path);
894 * Then try to connect the VPN as expected by ConnectProvider API
896 ident = get_ident(path);
898 data = g_hash_table_lookup(vpn_connections, ident);
901 * We have not yet received service created message
902 * from vpnd. So create a dummy connection struct
905 data = create_connection_data(path);
906 data->connect_pending = TRUE;
908 g_hash_table_insert(vpn_connections, g_strdup(ident), data);
911 connect_provider(data, NULL);
915 dbus_message_unref(reply);
917 dbus_pending_call_unref(call);
920 static void set_dbus_ident(char *ident)
922 int i, len = strlen(ident);
924 for (i = 0; i < len; i++) {
925 if (ident[i] >= '0' && ident[i] <= '9')
927 if (ident[i] >= 'a' && ident[i] <= 'z')
929 if (ident[i] >= 'A' && ident[i] <= 'Z')
935 static struct vpn_route *parse_user_route(const char *user_route)
937 char *network, *netmask;
938 struct vpn_route *route = NULL;
939 int family = PF_UNSPEC;
940 char **elems = g_strsplit(user_route, "/", 0);
946 if (network == NULL || *network == '\0') {
947 DBG("no network/netmask set");
952 if (netmask != NULL && *netmask == '\0') {
953 DBG("no netmask set");
957 if (g_strrstr(network, ":") != NULL)
959 else if (g_strrstr(network, ".") != NULL) {
962 if (g_strrstr(netmask, ".") == NULL) {
963 /* We have netmask length */
965 struct in_addr netmask_in;
966 unsigned char prefix_len = 32;
968 if (netmask != NULL) {
970 long int value = strtol(netmask, &ptr, 10);
971 if (ptr != netmask && *ptr == '\0' &&
976 addr = 0xffffffff << (32 - prefix_len);
977 netmask_in.s_addr = htonl(addr);
978 netmask = inet_ntoa(netmask_in);
980 DBG("network %s netmask %s", network, netmask);
984 route = g_try_new(struct vpn_route, 1);
988 route->network = g_strdup(network);
989 route->netmask = g_strdup(netmask);
990 route->gateway = NULL;
991 route->family = family;
998 static GSList *get_user_networks(DBusMessageIter *array)
1000 DBusMessageIter entry;
1001 GSList *list = NULL;
1003 dbus_message_iter_recurse(array, &entry);
1005 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
1007 struct vpn_route *route;
1009 dbus_message_iter_get_basic(&entry, &val);
1011 route = parse_user_route(val);
1013 list = g_slist_prepend(list, route);
1015 dbus_message_iter_next(&entry);
1021 static void append_route(DBusMessageIter *iter, void *user_data)
1023 struct vpn_route *route = user_data;
1024 DBusMessageIter item;
1027 connman_dbus_dict_open(iter, &item);
1032 if (route->family == AF_INET)
1034 else if (route->family == AF_INET6)
1038 connman_dbus_dict_append_basic(&item, "ProtocolFamily",
1039 DBUS_TYPE_INT32, &family);
1041 if (route->network != NULL)
1042 connman_dbus_dict_append_basic(&item, "Network",
1043 DBUS_TYPE_STRING, &route->network);
1045 if (route->netmask != NULL)
1046 connman_dbus_dict_append_basic(&item, "Netmask",
1047 DBUS_TYPE_STRING, &route->netmask);
1049 if (route->gateway != NULL)
1050 connman_dbus_dict_append_basic(&item, "Gateway",
1051 DBUS_TYPE_STRING, &route->gateway);
1054 connman_dbus_dict_close(iter, &item);
1057 static void append_routes(DBusMessageIter *iter, void *user_data)
1059 GSList *list, *routes = user_data;
1061 DBG("routes %p", routes);
1063 for (list = routes; list != NULL; list = g_slist_next(list)) {
1064 DBusMessageIter dict;
1065 struct vpn_route *route = list->data;
1067 dbus_message_iter_open_container(iter, DBUS_TYPE_STRUCT, NULL,
1069 append_route(&dict, route);
1070 dbus_message_iter_close_container(iter, &dict);
1074 static int create_configuration(DBusMessage *msg)
1076 DBusMessage *new_msg;
1077 DBusPendingCall *call;
1078 DBusMessageIter iter, array, new_iter, new_dict;
1079 const char *type = NULL, *name = NULL;
1080 const char *host = NULL, *domain = NULL;
1081 char *ident, *me = NULL;
1084 struct connection_data *data;
1085 GSList *networks = NULL;
1088 * We copy the old message data into new message. We cannot
1089 * just use the old message as is because the user route
1090 * information is not in the same format in vpnd.
1092 new_msg = dbus_message_new(DBUS_MESSAGE_TYPE_METHOD_CALL);
1093 dbus_message_iter_init_append(new_msg, &new_iter);
1094 connman_dbus_dict_open(&new_iter, &new_dict);
1096 dbus_message_iter_init(msg, &iter);
1097 dbus_message_iter_recurse(&iter, &array);
1099 while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_DICT_ENTRY) {
1100 DBusMessageIter entry, value;
1105 dbus_message_iter_recurse(&array, &entry);
1106 dbus_message_iter_get_basic(&entry, &key);
1108 dbus_message_iter_next(&entry);
1109 dbus_message_iter_recurse(&entry, &value);
1111 value_type = dbus_message_iter_get_arg_type(&value);
1114 switch (value_type) {
1115 case DBUS_TYPE_STRING:
1116 dbus_message_iter_get_basic(&value, &item_value);
1118 if (g_str_equal(key, "Type") == TRUE) {
1119 type = (const char *)item_value;
1120 } else if (g_str_equal(key, "Name") == TRUE) {
1121 name = (const char *)item_value;
1122 } else if (g_str_equal(key, "Host") == TRUE) {
1123 host = (const char *)item_value;
1124 } else if (g_str_equal(key, "VPN.Domain") == TRUE) {
1125 domain = (const char *)item_value;
1128 DBG("%s %s", key, (char *)item_value);
1130 if (item_value != NULL)
1131 connman_dbus_dict_append_basic(&new_dict, key,
1132 value_type, &item_value);
1134 case DBUS_TYPE_ARRAY:
1135 if (g_str_equal(key, "Networks") == TRUE) {
1136 networks = get_user_networks(&value);
1137 connman_dbus_dict_append_array(&new_dict,
1139 DBUS_TYPE_DICT_ENTRY,
1146 dbus_message_iter_next(&array);
1149 connman_dbus_dict_close(&new_iter, &new_dict);
1151 DBG("VPN type %s name %s host %s domain %s networks %p",
1152 type, name, host, domain, networks);
1154 if (host == NULL || domain == NULL) {
1159 if (type == NULL || name == NULL) {
1164 ident = g_strdup_printf("%s_%s", host, domain);
1165 set_dbus_ident(ident);
1167 DBG("ident %s", ident);
1169 data = g_hash_table_lookup(vpn_connections, ident);
1171 if (data->call != NULL) {
1172 connman_error("Dbus call already pending");
1177 data = create_connection_data(ident);
1183 g_hash_table_insert(vpn_connections, g_strdup(ident), data);
1187 * User called net.connman.Manager.ConnectProvider if we are here.
1188 * So use the data from original message in the new msg.
1190 me = g_strdup(dbus_message_get_destination(msg));
1192 dbus_message_set_interface(new_msg, VPN_MANAGER_INTERFACE);
1193 dbus_message_set_path(new_msg, "/");
1194 dbus_message_set_destination(new_msg, VPN_SERVICE);
1195 dbus_message_set_sender(new_msg, me);
1196 dbus_message_set_member(new_msg, "Create");
1198 result = dbus_connection_send_with_reply(connection, new_msg,
1199 &call, DBUS_TIMEOUT);
1200 if (result == FALSE || call == NULL) {
1205 dbus_pending_call_set_notify(call, configuration_create_reply,
1210 dbus_message_unref(new_msg);
1212 if (networks != NULL)
1213 g_slist_free_full(networks, destroy_route);
1220 static connman_bool_t check_host(char **hosts, char *host)
1227 for (i = 0; hosts[i] != NULL; i++) {
1228 if (g_strcmp0(hosts[i], host) == 0)
1235 static void set_route(struct connection_data *data, struct vpn_route *route)
1238 * If the VPN administrator/user has given a route to
1239 * VPN server, then we must discard that because the
1240 * server cannot be contacted via VPN tunnel.
1242 if (check_host(data->host_ip, route->network) == TRUE) {
1243 DBG("Discarding VPN route to %s via %s at index %d",
1244 route->network, route->gateway, data->index);
1248 if (route->family == AF_INET6) {
1249 unsigned char prefix_len = atoi(route->netmask);
1251 connman_inet_add_ipv6_network_route(data->index,
1256 connman_inet_add_network_route(data->index, route->network,
1262 static int set_routes(struct connman_provider *provider,
1263 enum connman_provider_route_type type)
1265 struct connection_data *data;
1266 GHashTableIter iter;
1267 gpointer value, key;
1269 DBG("provider %p", provider);
1271 data = connman_provider_get_data(provider);
1275 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1276 type == CONNMAN_PROVIDER_ROUTE_USER) {
1277 g_hash_table_iter_init(&iter, data->user_routes);
1279 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1280 set_route(data, value);
1283 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1284 type == CONNMAN_PROVIDER_ROUTE_SERVER) {
1285 g_hash_table_iter_init(&iter, data->server_routes);
1287 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1288 set_route(data, value);
1294 static connman_bool_t check_routes(struct connman_provider *provider)
1296 struct connection_data *data;
1298 DBG("provider %p", provider);
1300 data = connman_provider_get_data(provider);
1304 if (data->user_routes != NULL &&
1305 g_hash_table_size(data->user_routes) > 0)
1308 if (data->server_routes != NULL &&
1309 g_hash_table_size(data->server_routes) > 0)
1315 static struct connman_provider_driver provider_driver = {
1317 .type = CONNMAN_PROVIDER_TYPE_VPN,
1318 .probe = provider_probe,
1319 .remove = provider_remove,
1320 .connect = provider_connect,
1321 .disconnect = provider_disconnect,
1322 .set_property = set_string,
1323 .get_property = get_string,
1324 .create = create_configuration,
1325 .set_routes = set_routes,
1326 .check_routes = check_routes,
1329 static void destroy_provider(struct connection_data *data)
1331 DBG("data %p", data);
1333 if (g_str_equal(data->state, "ready") == TRUE ||
1334 g_str_equal(data->state, "configuration") == TRUE)
1335 connman_provider_disconnect(data->provider);
1337 if (data->call != NULL)
1338 dbus_pending_call_cancel(data->call);
1340 connman_provider_put(data->provider);
1342 data->provider = NULL;
1345 static void connection_destroy(gpointer hash_data)
1347 struct connection_data *data = hash_data;
1349 DBG("data %p", data);
1351 if (data->provider != NULL)
1352 destroy_provider(data);
1355 g_free(data->ident);
1356 g_free(data->state);
1360 g_free(data->domain);
1361 g_hash_table_destroy(data->server_routes);
1362 g_hash_table_destroy(data->user_routes);
1363 g_strfreev(data->nameservers);
1364 g_hash_table_destroy(data->setting_strings);
1365 connman_ipaddress_free(data->ip);
1367 cancel_host_resolv(data);
1372 static void vpnd_created(DBusConnection *conn, void *user_data)
1374 DBG("connection %p", conn);
1376 if (starting_vpnd == TRUE) {
1377 vpn_connections = g_hash_table_new_full(g_str_hash,
1379 g_free, connection_destroy);
1380 get_connections(user_data);
1381 starting_vpnd = FALSE;
1385 static void vpnd_removed(DBusConnection *conn, void *user_data)
1387 DBG("connection %p", conn);
1389 g_hash_table_destroy(vpn_connections);
1390 vpn_connections = NULL;
1391 starting_vpnd = TRUE;
1394 static void remove_connection(DBusConnection *conn, const char *path)
1396 DBG("path %s", path);
1398 g_hash_table_remove(vpn_connections, get_ident(path));
1401 static gboolean connection_removed(DBusConnection *conn, DBusMessage *message,
1405 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
1407 if (dbus_message_has_signature(message, signature) == FALSE) {
1408 connman_error("vpn removed signature \"%s\" does not match "
1410 dbus_message_get_signature(message), signature);
1414 dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &path,
1416 remove_connection(conn, path);
1420 static gboolean connection_added(DBusConnection *conn, DBusMessage *message,
1423 DBusMessageIter iter, properties;
1425 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING
1426 DBUS_TYPE_ARRAY_AS_STRING
1427 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
1428 DBUS_TYPE_STRING_AS_STRING
1429 DBUS_TYPE_VARIANT_AS_STRING
1430 DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
1432 if (dbus_message_has_signature(message, signature) == FALSE) {
1433 connman_error("vpn ConnectionAdded signature \"%s\" does not "
1434 "match expected \"%s\"",
1435 dbus_message_get_signature(message), signature);
1441 if (dbus_message_iter_init(message, &iter) == FALSE)
1444 dbus_message_iter_get_basic(&iter, &path);
1446 dbus_message_iter_next(&iter);
1447 dbus_message_iter_recurse(&iter, &properties);
1449 add_connection(path, &properties, user_data);
1454 static int save_route(GHashTable *routes, int family, const char *network,
1455 const char *netmask, const char *gateway)
1457 struct vpn_route *route;
1458 char *key = g_strdup_printf("%d/%s/%s", family, network, netmask);
1460 DBG("family %d network %s netmask %s", family, network, netmask);
1462 route = g_hash_table_lookup(routes, key);
1463 if (route == NULL) {
1464 route = g_try_new0(struct vpn_route, 1);
1465 if (route == NULL) {
1466 connman_error("out of memory");
1470 route->family = family;
1471 route->network = g_strdup(network);
1472 route->netmask = g_strdup(netmask);
1473 route->gateway = g_strdup(gateway);
1475 g_hash_table_replace(routes, key, route);
1482 static int read_route_dict(GHashTable *routes, DBusMessageIter *dicts)
1484 DBusMessageIter dict;
1485 const char *network, *netmask, *gateway;
1488 dbus_message_iter_recurse(dicts, &dict);
1490 network = netmask = gateway = NULL;
1493 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
1495 DBusMessageIter entry, value;
1498 dbus_message_iter_recurse(&dict, &entry);
1499 dbus_message_iter_get_basic(&entry, &key);
1501 dbus_message_iter_next(&entry);
1502 dbus_message_iter_recurse(&entry, &value);
1504 if (g_str_equal(key, "ProtocolFamily") == TRUE) {
1506 dbus_message_iter_get_basic(&value, &pf);
1515 DBG("family %d", family);
1516 } else if (g_str_equal(key, "Netmask") == TRUE) {
1517 dbus_message_iter_get_basic(&value, &netmask);
1518 DBG("netmask %s", netmask);
1519 } else if (g_str_equal(key, "Network") == TRUE) {
1520 dbus_message_iter_get_basic(&value, &network);
1521 DBG("host %s", network);
1522 } else if (g_str_equal(key, "Gateway") == TRUE) {
1523 dbus_message_iter_get_basic(&value, &gateway);
1524 DBG("gateway %s", gateway);
1527 dbus_message_iter_next(&dict);
1530 if (netmask == NULL || network == NULL || gateway == NULL) {
1531 DBG("Value missing.");
1535 return save_route(routes, family, network, netmask, gateway);
1538 static int routes_changed(DBusMessageIter *array, GHashTable *routes)
1540 DBusMessageIter entry;
1543 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY) {
1544 DBG("Expecting array, ignoring routes.");
1548 while (dbus_message_iter_get_arg_type(array) == DBUS_TYPE_ARRAY) {
1550 dbus_message_iter_recurse(array, &entry);
1552 while (dbus_message_iter_get_arg_type(&entry) ==
1554 DBusMessageIter dicts;
1556 dbus_message_iter_recurse(&entry, &dicts);
1558 while (dbus_message_iter_get_arg_type(&dicts) ==
1560 int err = read_route_dict(routes, &dicts);
1563 dbus_message_iter_next(&dicts);
1566 dbus_message_iter_next(&entry);
1569 dbus_message_iter_next(array);
1575 static gboolean property_changed(DBusConnection *conn,
1576 DBusMessage *message,
1579 const char *path = dbus_message_get_path(message);
1580 struct connection_data *data = NULL;
1581 DBusMessageIter iter, value;
1582 connman_bool_t ip_set = FALSE;
1586 const char *signature = DBUS_TYPE_STRING_AS_STRING
1587 DBUS_TYPE_VARIANT_AS_STRING;
1589 if (dbus_message_has_signature(message, signature) == FALSE) {
1590 connman_error("vpn property signature \"%s\" does not match "
1592 dbus_message_get_signature(message), signature);
1596 data = g_hash_table_lookup(vpn_connections, get_ident(path));
1600 if (dbus_message_iter_init(message, &iter) == FALSE)
1603 dbus_message_iter_get_basic(&iter, &key);
1605 dbus_message_iter_next(&iter);
1606 dbus_message_iter_recurse(&iter, &value);
1610 if (g_str_equal(key, "State") == TRUE) {
1611 dbus_message_iter_get_basic(&value, &str);
1613 DBG("%s %s -> %s", data->path, data->state, str);
1615 if (g_str_equal(data->state, str) == TRUE)
1618 g_free(data->state);
1619 data->state = g_strdup(str);
1621 set_provider_state(data);
1622 } else if (g_str_equal(key, "Index") == TRUE) {
1623 dbus_message_iter_get_basic(&value, &data->index);
1624 connman_provider_set_index(data->provider, data->index);
1625 } else if (g_str_equal(key, "IPv4") == TRUE) {
1626 err = extract_ip(&value, AF_INET, data);
1628 } else if (g_str_equal(key, "IPv6") == TRUE) {
1629 err = extract_ip(&value, AF_INET6, data);
1631 } else if (g_str_equal(key, "ServerRoutes") == TRUE) {
1632 err = routes_changed(&value, data->server_routes);
1634 * Note that the vpnd will delay the route sending a bit
1635 * (in order to collect the routes from VPN client),
1636 * so we might have got the State changed property before
1637 * we got ServerRoutes. This means that we must try to set
1638 * the routes here because they would be left unset otherwise.
1641 set_routes(data->provider,
1642 CONNMAN_PROVIDER_ROUTE_SERVER);
1643 } else if (g_str_equal(key, "UserRoutes") == TRUE) {
1644 err = routes_changed(&value, data->user_routes);
1646 set_routes(data->provider,
1647 CONNMAN_PROVIDER_ROUTE_USER);
1648 } else if (g_str_equal(key, "Nameservers") == TRUE) {
1649 extract_nameservers(&value, data);
1652 if (ip_set == TRUE && err == 0) {
1653 err = connman_provider_set_ipaddress(data->provider, data->ip);
1655 DBG("setting provider IP address failed (%s/%d)",
1656 strerror(-err), -err);
1662 static int vpn_init(void)
1666 connection = connman_dbus_get_connection();
1667 if (connection == NULL)
1670 watch = g_dbus_add_service_watch(connection, VPN_SERVICE,
1671 vpnd_created, vpnd_removed, &provider_driver, NULL);
1673 added_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1674 VPN_MANAGER_INTERFACE,
1675 CONNECTION_ADDED, connection_added,
1676 &provider_driver, NULL);
1678 removed_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1679 VPN_MANAGER_INTERFACE,
1680 CONNECTION_REMOVED, connection_removed,
1683 property_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1684 VPN_CONNECTION_INTERFACE,
1685 PROPERTY_CHANGED, property_changed,
1688 if (added_watch == 0 || removed_watch == 0 || property_watch == 0) {
1693 err = connman_provider_driver_register(&provider_driver);
1695 vpnd_created(connection, &provider_driver);
1700 g_dbus_remove_watch(connection, watch);
1701 g_dbus_remove_watch(connection, added_watch);
1702 g_dbus_remove_watch(connection, removed_watch);
1703 g_dbus_remove_watch(connection, property_watch);
1705 dbus_connection_unref(connection);
1710 static void vpn_exit(void)
1712 g_dbus_remove_watch(connection, watch);
1713 g_dbus_remove_watch(connection, added_watch);
1714 g_dbus_remove_watch(connection, removed_watch);
1715 g_dbus_remove_watch(connection, property_watch);
1717 connman_provider_driver_unregister(&provider_driver);
1719 g_hash_table_destroy(vpn_connections);
1721 dbus_connection_unref(connection);
1724 CONNMAN_PLUGIN_DEFINE(vpn, "VPN plugin", VERSION,
1725 CONNMAN_PLUGIN_PRIORITY_DEFAULT, vpn_init, vpn_exit)