5 * Copyright (C) 2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 #include <sys/socket.h>
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/technology.h>
36 #include <connman/plugin.h>
37 #include <connman/log.h>
38 #include <connman/dbus.h>
39 #include <connman/provider.h>
40 #include <connman/ipaddress.h>
41 #include <connman/vpn-dbus.h>
42 #include <connman/inet.h>
43 #include <gweb/gresolv.h>
45 #define DBUS_TIMEOUT 10000
47 static DBusConnection *connection;
49 static GHashTable *vpn_connections = NULL;
50 static gboolean starting_vpnd = TRUE;
52 static guint added_watch;
53 static guint removed_watch;
54 static guint property_watch;
63 struct connection_data {
65 struct connman_provider *provider;
67 DBusPendingCall *call;
77 GHashTable *server_routes;
78 GHashTable *user_routes;
79 GHashTable *setting_strings;
81 struct connman_ipaddress *ip;
87 static int set_string(struct connman_provider *provider,
88 const char *key, const char *value)
90 struct connection_data *data;
92 data = connman_provider_get_data(provider);
96 DBG("data %p provider %p key %s value %s", data, provider, key, value);
98 if (g_str_equal(key, "Type") == TRUE) {
100 data->type = g_strdup(value);
101 } else if (g_str_equal(key, "Name") == TRUE) {
103 data->name = g_strdup(value);
104 } else if (g_str_equal(key, "Host") == TRUE) {
106 data->host = g_strdup(value);
107 } else if (g_str_equal(key, "VPN.Domain") == TRUE ||
108 g_str_equal(key, "Domain") == TRUE) {
109 g_free(data->domain);
110 data->domain = g_strdup(value);
112 g_hash_table_replace(data->setting_strings,
113 g_strdup(key), g_strdup(value));
117 static const char *get_string(struct connman_provider *provider,
120 struct connection_data *data;
122 data = connman_provider_get_data(provider);
126 DBG("data %p provider %p key %s", data, provider, key);
128 if (g_str_equal(key, "Type") == TRUE)
130 else if (g_str_equal(key, "Name") == TRUE)
132 else if (g_str_equal(key, "Host") == TRUE)
134 else if (g_str_equal(key, "HostIP") == TRUE) {
135 if (data->host_ip == NULL ||
136 data->host_ip[0] == NULL)
139 return data->host_ip[0];
140 } else if (g_str_equal(key, "VPN.Domain") == TRUE)
143 return g_hash_table_lookup(data->setting_strings, key);
146 static char *get_ident(const char *path)
153 pos = strrchr(path, '/');
160 static void cancel_host_resolv(struct connection_data *data)
162 if (data->resolv_id != 0)
163 g_resolv_cancel_lookup(data->resolv, data->resolv_id);
167 g_resolv_unref(data->resolv);
171 static gboolean remove_resolv(gpointer user_data)
173 struct connection_data *data = user_data;
175 cancel_host_resolv(data);
180 static void resolv_result(GResolvResultStatus status,
181 char **results, gpointer user_data)
183 struct connection_data *data = user_data;
185 DBG("status %d", status);
187 if (status == G_RESOLV_RESULT_STATUS_SUCCESS && results != NULL &&
188 g_strv_length(results) > 0)
189 data->host_ip = g_strdupv(results);
192 * We cannot unref the resolver here as resolv struct is manipulated
193 * by gresolv.c after we return from this callback.
195 g_timeout_add_seconds(0, remove_resolv, data);
200 static void resolv_host_addr(struct connection_data *data)
202 if (data->host == NULL)
205 if (connman_inet_check_ipaddress(data->host) > 0)
208 if (data->host_ip != NULL)
211 data->resolv = g_resolv_new(0);
212 if (data->resolv == NULL) {
213 DBG("Cannot resolv %s", data->host);
217 DBG("Trying to resolv %s", data->host);
219 data->resolv_id = g_resolv_lookup_hostname(data->resolv, data->host,
220 resolv_result, data);
223 static void set_provider_state(struct connection_data *data)
225 if (g_str_equal(data->state, "ready") == TRUE)
226 connman_provider_set_state(data->provider,
227 CONNMAN_PROVIDER_STATE_READY);
228 else if (g_str_equal(data->state, "configuration") == TRUE)
229 connman_provider_set_state(data->provider,
230 CONNMAN_PROVIDER_STATE_CONNECT);
231 else if (g_str_equal(data->state, "idle") == TRUE)
232 connman_provider_set_state(data->provider,
233 CONNMAN_PROVIDER_STATE_IDLE);
234 else if (g_str_equal(data->state, "disconnect") == TRUE)
235 connman_provider_set_state(data->provider,
236 CONNMAN_PROVIDER_STATE_DISCONNECT);
237 else if (g_str_equal(data->state, "failure") == TRUE)
238 connman_provider_set_state(data->provider,
239 CONNMAN_PROVIDER_STATE_FAILURE);
241 connman_provider_set_state(data->provider,
242 CONNMAN_PROVIDER_STATE_UNKNOWN);
245 static int create_provider(struct connection_data *data, void *user_data)
247 struct connman_provider_driver *driver = user_data;
251 DBG("%s", data->path);
253 ident = g_strdup(get_ident(data->path));
255 data->provider = connman_provider_get(ident);
256 if (data->provider == NULL) {
261 DBG("provider %p name %s", data->provider, data->name);
263 connman_provider_set_data(data->provider, data);
264 connman_provider_set_driver(data->provider, driver);
266 err = connman_provider_create_service(data->provider);
268 if (g_str_equal(data->state, "ready") == TRUE) {
269 connman_provider_set_index(data->provider,
271 if (data->ip != NULL)
272 connman_provider_set_ipaddress(data->provider,
276 set_provider_state(data);
284 static void destroy_route(gpointer user_data)
286 struct vpn_route *route = user_data;
288 g_free(route->network);
289 g_free(route->netmask);
290 g_free(route->gateway);
294 static struct connection_data *create_connection_data(const char *path)
296 struct connection_data *data;
298 data = g_try_new0(struct connection_data, 1);
302 DBG("path %s", path);
304 data->path = g_strdup(path);
307 data->setting_strings = g_hash_table_new_full(g_str_hash,
308 g_str_equal, g_free, g_free);
310 data->server_routes = g_hash_table_new_full(g_direct_hash,
311 g_str_equal, g_free, destroy_route);
312 data->user_routes = g_hash_table_new_full(g_str_hash,
313 g_str_equal, g_free, destroy_route);
318 static int extract_ip(DBusMessageIter *array, int family,
319 struct connection_data *data)
321 DBusMessageIter dict;
322 char *address = NULL, *gateway = NULL, *netmask = NULL, *peer = NULL;
323 unsigned char prefix_len;
325 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY)
328 dbus_message_iter_recurse(array, &dict);
330 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
331 DBusMessageIter entry, value;
334 dbus_message_iter_recurse(&dict, &entry);
335 dbus_message_iter_get_basic(&entry, &key);
337 dbus_message_iter_next(&entry);
338 dbus_message_iter_recurse(&entry, &value);
340 if (g_str_equal(key, "Address") == TRUE) {
341 dbus_message_iter_get_basic(&value, &address);
342 DBG("address %s", address);
343 } else if (g_str_equal(key, "Netmask") == TRUE) {
344 dbus_message_iter_get_basic(&value, &netmask);
345 DBG("netmask %s", netmask);
346 } else if (g_str_equal(key, "PrefixLength") == TRUE) {
347 dbus_message_iter_get_basic(&value, &netmask);
348 DBG("prefix length %s", netmask);
349 } else if (g_str_equal(key, "Peer") == TRUE) {
350 dbus_message_iter_get_basic(&value, &peer);
351 DBG("peer %s", peer);
352 } else if (g_str_equal(key, "Gateway") == TRUE) {
353 dbus_message_iter_get_basic(&value, &gateway);
354 DBG("gateway %s", gateway);
357 dbus_message_iter_next(&dict);
360 data->ip = connman_ipaddress_alloc(family);
361 if (data->ip == NULL)
366 connman_ipaddress_set_ipv4(data->ip, address, netmask,
370 prefix_len = atoi(netmask);
371 connman_ipaddress_set_ipv6(data->ip, address, prefix_len,
378 connman_ipaddress_set_peer(data->ip, peer);
383 static int extract_nameservers(DBusMessageIter *array,
384 struct connection_data *data)
386 DBusMessageIter entry;
387 char **nameservers = NULL;
390 dbus_message_iter_recurse(array, &entry);
392 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
393 const char *nameserver;
395 dbus_message_iter_get_basic(&entry, &nameserver);
397 nameservers = g_try_renew(char *, nameservers, i + 2);
398 if (nameservers == NULL)
401 DBG("[%d] %s", i, nameserver);
403 nameservers[i] = g_strdup(nameserver);
404 if (nameservers[i] == NULL)
407 nameservers[++i] = NULL;
409 dbus_message_iter_next(&entry);
412 g_strfreev(data->nameservers);
413 data->nameservers = nameservers;
418 static void connect_reply(DBusPendingCall *call, void *user_data)
423 if (dbus_pending_call_get_completed(call) == FALSE)
426 DBG("user_data %p", user_data);
428 reply = dbus_pending_call_steal_reply(call);
430 dbus_error_init(&error);
432 if (dbus_set_error_from_message(&error, reply) == TRUE) {
433 if (dbus_error_has_name(&error, CONNMAN_ERROR_INTERFACE
434 ".InProgress") == FALSE) {
435 connman_error("Connect reply: %s (%s)", error.message,
437 dbus_error_free(&error);
440 dbus_error_free(&error);
444 * The vpn connection is up when we get a "ready" state
445 * property so at this point we do nothing for the provider
450 dbus_message_unref(reply);
452 dbus_pending_call_unref(call);
455 static int connect_provider(struct connection_data *data, void *user_data)
457 DBusPendingCall *call;
458 DBusMessage *message;
460 DBG("data %p", data);
462 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
463 VPN_CONNECTION_INTERFACE,
468 if (dbus_connection_send_with_reply(connection, message,
469 &call, DBUS_TIMEOUT) == FALSE) {
470 connman_error("Unable to call %s.%s()",
471 VPN_CONNECTION_INTERFACE, VPN_CONNECT);
472 dbus_message_unref(message);
477 dbus_message_unref(message);
481 dbus_pending_call_set_notify(call, connect_reply, NULL, NULL);
483 dbus_message_unref(message);
488 static void add_connection(const char *path, DBusMessageIter *properties,
491 struct connection_data *data;
494 data = g_hash_table_lookup(vpn_connections, path);
498 data = create_connection_data(path);
502 DBG("data %p path %s", data, path);
504 while (dbus_message_iter_get_arg_type(properties) ==
505 DBUS_TYPE_DICT_ENTRY) {
506 DBusMessageIter entry, value;
510 dbus_message_iter_recurse(properties, &entry);
511 dbus_message_iter_get_basic(&entry, &key);
513 dbus_message_iter_next(&entry);
514 dbus_message_iter_recurse(&entry, &value);
516 if (g_str_equal(key, "State") == TRUE) {
517 dbus_message_iter_get_basic(&value, &str);
518 DBG("state %s -> %s", data->state, str);
519 data->state = g_strdup(str);
520 } else if (g_str_equal(key, "IPv4") == TRUE) {
521 extract_ip(&value, AF_INET, data);
522 } else if (g_str_equal(key, "IPv6") == TRUE) {
523 extract_ip(&value, AF_INET6, data);
524 } else if (g_str_equal(key, "Name") == TRUE) {
525 dbus_message_iter_get_basic(&value, &str);
526 data->name = g_strdup(str);
527 } else if (g_str_equal(key, "Type") == TRUE) {
528 dbus_message_iter_get_basic(&value, &str);
529 data->type = g_strdup(str);
530 } else if (g_str_equal(key, "Host") == TRUE) {
531 dbus_message_iter_get_basic(&value, &str);
532 data->host = g_strdup(str);
533 } else if (g_str_equal(key, "Domain") == TRUE) {
534 dbus_message_iter_get_basic(&value, &str);
535 data->domain = g_strdup(str);
536 } else if (g_str_equal(key, "Nameservers") == TRUE) {
537 extract_nameservers(&value, data);
538 } else if (g_str_equal(key, "Index") == TRUE) {
539 dbus_message_iter_get_basic(&value, &data->index);
541 if (dbus_message_iter_get_arg_type(&value) ==
543 dbus_message_iter_get_basic(&value, &str);
544 g_hash_table_replace(data->setting_strings,
545 g_strdup(key), g_strdup(str));
547 DBG("unknown key %s", key);
551 dbus_message_iter_next(properties);
554 g_hash_table_insert(vpn_connections, g_strdup(path), data);
556 err = create_provider(data, user_data);
560 resolv_host_addr(data);
565 DBG("removing %s", path);
566 g_hash_table_remove(vpn_connections, path);
569 static void get_connections_reply(DBusPendingCall *call, void *user_data)
573 DBusMessageIter array, dict;
574 const char *signature = DBUS_TYPE_ARRAY_AS_STRING
575 DBUS_STRUCT_BEGIN_CHAR_AS_STRING
576 DBUS_TYPE_OBJECT_PATH_AS_STRING
577 DBUS_TYPE_ARRAY_AS_STRING
578 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
579 DBUS_TYPE_STRING_AS_STRING
580 DBUS_TYPE_VARIANT_AS_STRING
581 DBUS_DICT_ENTRY_END_CHAR_AS_STRING
582 DBUS_STRUCT_END_CHAR_AS_STRING;
586 reply = dbus_pending_call_steal_reply(call);
588 if (dbus_message_has_signature(reply, signature) == FALSE) {
589 connman_error("vpnd signature \"%s\" does not match "
591 dbus_message_get_signature(reply), signature);
595 dbus_error_init(&error);
597 if (dbus_set_error_from_message(&error, reply) == TRUE) {
598 connman_error("%s", error.message);
599 dbus_error_free(&error);
603 if (dbus_message_iter_init(reply, &array) == FALSE)
606 dbus_message_iter_recurse(&array, &dict);
608 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_STRUCT) {
609 DBusMessageIter value, properties;
612 dbus_message_iter_recurse(&dict, &value);
613 dbus_message_iter_get_basic(&value, &path);
615 dbus_message_iter_next(&value);
616 dbus_message_iter_recurse(&value, &properties);
618 add_connection(path, &properties, user_data);
620 dbus_message_iter_next(&dict);
624 dbus_message_unref(reply);
626 dbus_pending_call_unref(call);
629 static int get_connections(void *user_data)
631 DBusPendingCall *call;
632 DBusMessage *message;
636 message = dbus_message_new_method_call(VPN_SERVICE, "/",
637 VPN_MANAGER_INTERFACE,
642 if (dbus_connection_send_with_reply(connection, message,
643 &call, DBUS_TIMEOUT) == FALSE) {
644 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
646 dbus_message_unref(message);
651 dbus_message_unref(message);
655 dbus_pending_call_set_notify(call, get_connections_reply,
658 dbus_message_unref(message);
663 static int provider_probe(struct connman_provider *provider)
668 static void remove_connection_reply(DBusPendingCall *call, void *user_data)
675 reply = dbus_pending_call_steal_reply(call);
677 dbus_error_init(&error);
679 if (dbus_set_error_from_message(&error, reply) == TRUE) {
681 * If the returned error is NotFound, it means that we
682 * have actually removed the provider in vpnd already.
684 if (dbus_error_has_name(&error, CONNMAN_ERROR_INTERFACE
685 ".NotFound") == FALSE)
686 connman_error("%s", error.message);
688 dbus_error_free(&error);
691 dbus_message_unref(reply);
693 dbus_pending_call_unref(call);
696 static int provider_remove(struct connman_provider *provider)
698 DBusPendingCall *call;
699 DBusMessage *message;
700 struct connection_data *data;
702 data = connman_provider_get_data(provider);
704 DBG("provider %p data %p", provider, data);
707 * When provider.c:provider_remove() calls this function,
708 * it will remove the provider itself after the call.
709 * This means that we cannot use the provider pointer later
710 * as it is no longer valid.
712 data->provider = NULL;
714 message = dbus_message_new_method_call(VPN_SERVICE, "/",
715 VPN_MANAGER_INTERFACE,
720 dbus_message_append_args(message, DBUS_TYPE_OBJECT_PATH, &data->path,
723 if (dbus_connection_send_with_reply(connection, message,
724 &call, DBUS_TIMEOUT) == FALSE) {
725 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
727 dbus_message_unref(message);
732 dbus_message_unref(message);
736 dbus_pending_call_set_notify(call, remove_connection_reply,
739 dbus_message_unref(message);
744 static int provider_connect(struct connman_provider *provider)
746 struct connection_data *data;
748 data = connman_provider_get_data(provider);
752 return connect_provider(data, NULL);
756 static void disconnect_reply(DBusPendingCall *call, void *user_data)
763 reply = dbus_pending_call_steal_reply(call);
765 dbus_error_init(&error);
767 if (dbus_set_error_from_message(&error, reply) == TRUE) {
768 connman_error("%s", error.message);
769 dbus_error_free(&error);
774 dbus_message_unref(reply);
776 dbus_pending_call_unref(call);
779 static int disconnect_provider(struct connection_data *data)
781 DBusPendingCall *call;
782 DBusMessage *message;
784 DBG("data %p path %s", data, data->path);
786 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
787 VPN_CONNECTION_INTERFACE,
792 if (dbus_connection_send_with_reply(connection, message,
793 &call, DBUS_TIMEOUT) == FALSE) {
794 connman_error("Unable to call %s.%s()",
795 VPN_CONNECTION_INTERFACE, VPN_DISCONNECT);
796 dbus_message_unref(message);
801 dbus_message_unref(message);
805 dbus_pending_call_set_notify(call, disconnect_reply, NULL, NULL);
807 dbus_message_unref(message);
809 connman_provider_set_state(data->provider,
810 CONNMAN_PROVIDER_STATE_DISCONNECT);
812 * We return 0 here instead of -EINPROGRESS because
813 * __connman_service_disconnect() needs to return something
814 * to gdbus so that gdbus will not call Disconnect() more
815 * than once. This way we do not need to pass the dbus reply
816 * message around the code.
821 static int provider_disconnect(struct connman_provider *provider)
823 struct connection_data *data;
825 DBG("provider %p", provider);
827 data = connman_provider_get_data(provider);
831 if (g_str_equal(data->state, "ready") == TRUE ||
832 g_str_equal(data->state, "configuration") == TRUE)
833 return disconnect_provider(data);
838 static void configuration_create_reply(DBusPendingCall *call, void *user_data)
842 DBusMessageIter iter;
843 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
846 DBG("user %p", user_data);
848 reply = dbus_pending_call_steal_reply(call);
850 if (dbus_message_has_signature(reply, signature) == FALSE) {
851 connman_error("vpn configuration signature \"%s\" does not "
852 "match expected \"%s\"",
853 dbus_message_get_signature(reply), signature);
857 dbus_error_init(&error);
859 if (dbus_set_error_from_message(&error, reply) == TRUE) {
860 connman_error("dbus error: %s", error.message);
861 dbus_error_free(&error);
865 if (dbus_message_iter_init(reply, &iter) == FALSE)
868 dbus_message_iter_get_basic(&iter, &path);
871 * Then try to connect the VPN as expected by ConnectProvider API
876 dbus_message_unref(reply);
878 dbus_pending_call_unref(call);
881 static void set_dbus_ident(char *ident)
883 int i, len = strlen(ident);
885 for (i = 0; i < len; i++) {
886 if (ident[i] >= '0' && ident[i] <= '9')
888 if (ident[i] >= 'a' && ident[i] <= 'z')
890 if (ident[i] >= 'A' && ident[i] <= 'Z')
896 static struct vpn_route *parse_user_route(const char *user_route)
898 char *network, *netmask;
899 struct vpn_route *route = NULL;
900 int family = PF_UNSPEC;
901 char **elems = g_strsplit(user_route, "/", 0);
907 if (network == NULL || *network == '\0') {
908 DBG("no network/netmask set");
913 if (netmask != NULL && *netmask == '\0') {
914 DBG("no netmask set");
918 if (g_strrstr(network, ":") != NULL)
920 else if (g_strrstr(network, ".") != NULL) {
923 if (g_strrstr(netmask, ".") == NULL) {
924 /* We have netmask length */
926 struct in_addr netmask_in;
927 unsigned char prefix_len = 32;
929 if (netmask != NULL) {
931 long int value = strtol(netmask, &ptr, 10);
932 if (ptr != netmask && *ptr == '\0' &&
937 addr = 0xffffffff << (32 - prefix_len);
938 netmask_in.s_addr = htonl(addr);
939 netmask = inet_ntoa(netmask_in);
941 DBG("network %s netmask %s", network, netmask);
945 route = g_try_new(struct vpn_route, 1);
949 route->network = g_strdup(network);
950 route->netmask = g_strdup(netmask);
951 route->gateway = NULL;
952 route->family = family;
959 static GSList *get_user_networks(DBusMessageIter *array)
961 DBusMessageIter entry;
964 dbus_message_iter_recurse(array, &entry);
966 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
968 struct vpn_route *route;
970 dbus_message_iter_get_basic(&entry, &val);
972 route = parse_user_route(val);
974 list = g_slist_prepend(list, route);
976 dbus_message_iter_next(&entry);
982 static void append_route(DBusMessageIter *iter, void *user_data)
984 struct vpn_route *route = user_data;
985 DBusMessageIter item;
988 connman_dbus_dict_open(iter, &item);
993 if (route->family == AF_INET)
995 else if (route->family == AF_INET6)
999 connman_dbus_dict_append_basic(&item, "ProtocolFamily",
1000 DBUS_TYPE_INT32, &family);
1002 if (route->network != NULL)
1003 connman_dbus_dict_append_basic(&item, "Network",
1004 DBUS_TYPE_STRING, &route->network);
1006 if (route->netmask != NULL)
1007 connman_dbus_dict_append_basic(&item, "Netmask",
1008 DBUS_TYPE_STRING, &route->netmask);
1010 if (route->gateway != NULL)
1011 connman_dbus_dict_append_basic(&item, "Gateway",
1012 DBUS_TYPE_STRING, &route->gateway);
1015 connman_dbus_dict_close(iter, &item);
1018 static void append_routes(DBusMessageIter *iter, void *user_data)
1020 GSList *list, *routes = user_data;
1022 DBG("routes %p", routes);
1024 for (list = routes; list != NULL; list = g_slist_next(list)) {
1025 DBusMessageIter dict;
1026 struct vpn_route *route = list->data;
1028 dbus_message_iter_open_container(iter, DBUS_TYPE_STRUCT, NULL,
1030 append_route(&dict, route);
1031 dbus_message_iter_close_container(iter, &dict);
1035 static int create_configuration(DBusMessage *msg)
1037 DBusMessage *new_msg;
1038 DBusPendingCall *call;
1039 DBusMessageIter iter, array, new_iter, new_dict;
1040 const char *type = NULL, *name = NULL;
1041 const char *host = NULL, *domain = NULL;
1042 char *ident, *me = NULL;
1045 struct connection_data *data;
1046 GSList *networks = NULL;
1049 * We copy the old message data into new message. We cannot
1050 * just use the old message as is because the user route
1051 * information is not in the same format in vpnd.
1053 new_msg = dbus_message_new(DBUS_MESSAGE_TYPE_METHOD_CALL);
1054 dbus_message_iter_init_append(new_msg, &new_iter);
1055 connman_dbus_dict_open(&new_iter, &new_dict);
1057 dbus_message_iter_init(msg, &iter);
1058 dbus_message_iter_recurse(&iter, &array);
1060 while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_DICT_ENTRY) {
1061 DBusMessageIter entry, value;
1066 dbus_message_iter_recurse(&array, &entry);
1067 dbus_message_iter_get_basic(&entry, &key);
1069 dbus_message_iter_next(&entry);
1070 dbus_message_iter_recurse(&entry, &value);
1072 value_type = dbus_message_iter_get_arg_type(&value);
1075 switch (value_type) {
1076 case DBUS_TYPE_STRING:
1077 dbus_message_iter_get_basic(&value, &item_value);
1079 if (g_str_equal(key, "Type") == TRUE) {
1080 type = (const char *)item_value;
1081 } else if (g_str_equal(key, "Name") == TRUE) {
1082 name = (const char *)item_value;
1083 } else if (g_str_equal(key, "Host") == TRUE) {
1084 host = (const char *)item_value;
1085 } else if (g_str_equal(key, "VPN.Domain") == TRUE) {
1086 domain = (const char *)item_value;
1089 DBG("%s %s", key, (char *)item_value);
1091 if (item_value != NULL)
1092 connman_dbus_dict_append_basic(&new_dict, key,
1093 value_type, &item_value);
1095 case DBUS_TYPE_ARRAY:
1096 if (g_str_equal(key, "Networks") == TRUE) {
1097 networks = get_user_networks(&value);
1098 connman_dbus_dict_append_array(&new_dict,
1100 DBUS_TYPE_DICT_ENTRY,
1107 dbus_message_iter_next(&array);
1110 connman_dbus_dict_close(&new_iter, &new_dict);
1112 DBG("VPN type %s name %s host %s domain %s networks %p",
1113 type, name, host, domain, networks);
1115 if (host == NULL || domain == NULL) {
1120 if (type == NULL || name == NULL) {
1125 ident = g_strdup_printf("%s_%s", host, domain);
1126 set_dbus_ident(ident);
1128 DBG("ident %s", ident);
1130 data = g_hash_table_lookup(vpn_connections, ident);
1132 if (data->call != NULL) {
1133 connman_error("Dbus call already pending");
1138 data = create_connection_data(ident);
1144 g_hash_table_insert(vpn_connections, g_strdup(ident), data);
1148 * User called net.connman.Manager.ConnectProvider if we are here.
1149 * So use the data from original message in the new msg.
1151 me = g_strdup(dbus_message_get_destination(msg));
1153 dbus_message_set_interface(new_msg, VPN_MANAGER_INTERFACE);
1154 dbus_message_set_path(new_msg, "/");
1155 dbus_message_set_destination(new_msg, VPN_SERVICE);
1156 dbus_message_set_sender(new_msg, me);
1157 dbus_message_set_member(new_msg, "Create");
1159 result = dbus_connection_send_with_reply(connection, new_msg,
1160 &call, DBUS_TIMEOUT);
1161 if (result == FALSE || call == NULL) {
1166 dbus_pending_call_set_notify(call, configuration_create_reply,
1171 dbus_message_unref(new_msg);
1173 if (networks != NULL)
1174 g_slist_free_full(networks, destroy_route);
1181 static connman_bool_t check_host(char **hosts, char *host)
1188 for (i = 0; hosts[i] != NULL; i++) {
1189 if (g_strcmp0(hosts[i], host) == 0)
1196 static void set_route(struct connection_data *data, struct vpn_route *route)
1199 * If the VPN administrator/user has given a route to
1200 * VPN server, then we must discard that because the
1201 * server cannot be contacted via VPN tunnel.
1203 if (check_host(data->host_ip, route->network) == TRUE) {
1204 DBG("Discarding VPN route to %s via %s at index %d",
1205 route->network, route->gateway, data->index);
1209 if (route->family == AF_INET6) {
1210 unsigned char prefix_len = atoi(route->netmask);
1212 connman_inet_add_ipv6_network_route(data->index,
1217 connman_inet_add_network_route(data->index, route->network,
1223 static int set_routes(struct connman_provider *provider,
1224 enum connman_provider_route_type type)
1226 struct connection_data *data;
1227 GHashTableIter iter;
1228 gpointer value, key;
1230 DBG("provider %p", provider);
1232 data = connman_provider_get_data(provider);
1236 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1237 type == CONNMAN_PROVIDER_ROUTE_USER) {
1238 g_hash_table_iter_init(&iter, data->user_routes);
1240 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1241 set_route(data, value);
1244 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1245 type == CONNMAN_PROVIDER_ROUTE_SERVER) {
1246 g_hash_table_iter_init(&iter, data->server_routes);
1248 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE)
1249 set_route(data, value);
1255 static connman_bool_t check_routes(struct connman_provider *provider)
1257 struct connection_data *data;
1259 DBG("provider %p", provider);
1261 data = connman_provider_get_data(provider);
1265 if (data->user_routes != NULL &&
1266 g_hash_table_size(data->user_routes) > 0)
1269 if (data->server_routes != NULL &&
1270 g_hash_table_size(data->server_routes) > 0)
1276 static struct connman_provider_driver provider_driver = {
1278 .type = CONNMAN_PROVIDER_TYPE_VPN,
1279 .probe = provider_probe,
1280 .remove = provider_remove,
1281 .connect = provider_connect,
1282 .disconnect = provider_disconnect,
1283 .set_property = set_string,
1284 .get_property = get_string,
1285 .create = create_configuration,
1286 .set_routes = set_routes,
1287 .check_routes = check_routes,
1290 static void destroy_provider(struct connection_data *data)
1292 DBG("data %p", data);
1294 if (g_str_equal(data->state, "ready") == TRUE ||
1295 g_str_equal(data->state, "configuration") == TRUE)
1296 connman_provider_disconnect(data->provider);
1298 if (data->call != NULL)
1299 dbus_pending_call_cancel(data->call);
1301 connman_provider_put(data->provider);
1303 data->provider = NULL;
1306 static void connection_destroy(gpointer hash_data)
1308 struct connection_data *data = hash_data;
1310 DBG("data %p", data);
1312 if (data->provider != NULL)
1313 destroy_provider(data);
1316 g_free(data->state);
1320 g_free(data->domain);
1321 g_hash_table_destroy(data->server_routes);
1322 g_hash_table_destroy(data->user_routes);
1323 g_strfreev(data->nameservers);
1324 g_hash_table_destroy(data->setting_strings);
1325 connman_ipaddress_free(data->ip);
1327 cancel_host_resolv(data);
1332 static void vpnd_created(DBusConnection *conn, void *user_data)
1334 DBG("connection %p", conn);
1336 if (starting_vpnd == TRUE) {
1337 vpn_connections = g_hash_table_new_full(g_str_hash,
1339 g_free, connection_destroy);
1340 get_connections(user_data);
1341 starting_vpnd = FALSE;
1345 static void vpnd_removed(DBusConnection *conn, void *user_data)
1347 DBG("connection %p", conn);
1349 g_hash_table_destroy(vpn_connections);
1350 vpn_connections = NULL;
1351 starting_vpnd = TRUE;
1354 static void remove_connection(DBusConnection *conn, const char *path)
1356 DBG("path %s", path);
1358 g_hash_table_remove(vpn_connections, path);
1361 static gboolean connection_removed(DBusConnection *conn, DBusMessage *message,
1365 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
1367 if (dbus_message_has_signature(message, signature) == FALSE) {
1368 connman_error("vpn removed signature \"%s\" does not match "
1370 dbus_message_get_signature(message), signature);
1374 dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &path,
1376 remove_connection(conn, path);
1380 static gboolean connection_added(DBusConnection *conn, DBusMessage *message,
1383 DBusMessageIter iter, properties;
1385 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING
1386 DBUS_TYPE_ARRAY_AS_STRING
1387 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
1388 DBUS_TYPE_STRING_AS_STRING
1389 DBUS_TYPE_VARIANT_AS_STRING
1390 DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
1392 if (dbus_message_has_signature(message, signature) == FALSE) {
1393 connman_error("vpn ConnectionAdded signature \"%s\" does not "
1394 "match expected \"%s\"",
1395 dbus_message_get_signature(message), signature);
1401 if (dbus_message_iter_init(message, &iter) == FALSE)
1404 dbus_message_iter_get_basic(&iter, &path);
1406 dbus_message_iter_next(&iter);
1407 dbus_message_iter_recurse(&iter, &properties);
1409 add_connection(path, &properties, user_data);
1414 static int save_route(GHashTable *routes, int family, const char *network,
1415 const char *netmask, const char *gateway)
1417 struct vpn_route *route;
1418 char *key = g_strdup_printf("%d/%s/%s", family, network, netmask);
1420 DBG("family %d network %s netmask %s", family, network, netmask);
1422 route = g_hash_table_lookup(routes, key);
1423 if (route == NULL) {
1424 route = g_try_new0(struct vpn_route, 1);
1425 if (route == NULL) {
1426 connman_error("out of memory");
1430 route->family = family;
1431 route->network = g_strdup(network);
1432 route->netmask = g_strdup(netmask);
1433 route->gateway = g_strdup(gateway);
1435 g_hash_table_replace(routes, key, route);
1442 static int read_route_dict(GHashTable *routes, DBusMessageIter *dicts)
1444 DBusMessageIter dict;
1445 const char *network, *netmask, *gateway;
1448 dbus_message_iter_recurse(dicts, &dict);
1450 network = netmask = gateway = NULL;
1453 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
1455 DBusMessageIter entry, value;
1458 dbus_message_iter_recurse(&dict, &entry);
1459 dbus_message_iter_get_basic(&entry, &key);
1461 dbus_message_iter_next(&entry);
1462 dbus_message_iter_recurse(&entry, &value);
1464 if (g_str_equal(key, "ProtocolFamily") == TRUE) {
1466 dbus_message_iter_get_basic(&value, &pf);
1475 DBG("family %d", family);
1476 } else if (g_str_equal(key, "Netmask") == TRUE) {
1477 dbus_message_iter_get_basic(&value, &netmask);
1478 DBG("netmask %s", netmask);
1479 } else if (g_str_equal(key, "Network") == TRUE) {
1480 dbus_message_iter_get_basic(&value, &network);
1481 DBG("host %s", network);
1482 } else if (g_str_equal(key, "Gateway") == TRUE) {
1483 dbus_message_iter_get_basic(&value, &gateway);
1484 DBG("gateway %s", gateway);
1487 dbus_message_iter_next(&dict);
1490 if (netmask == NULL || network == NULL || gateway == NULL) {
1491 DBG("Value missing.");
1495 return save_route(routes, family, network, netmask, gateway);
1498 static int routes_changed(DBusMessageIter *array, GHashTable *routes)
1500 DBusMessageIter entry;
1503 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY) {
1504 DBG("Expecting array, ignoring routes.");
1508 while (dbus_message_iter_get_arg_type(array) == DBUS_TYPE_ARRAY) {
1510 dbus_message_iter_recurse(array, &entry);
1512 while (dbus_message_iter_get_arg_type(&entry) ==
1514 DBusMessageIter dicts;
1516 dbus_message_iter_recurse(&entry, &dicts);
1518 while (dbus_message_iter_get_arg_type(&dicts) ==
1520 int err = read_route_dict(routes, &dicts);
1523 dbus_message_iter_next(&dicts);
1526 dbus_message_iter_next(&entry);
1529 dbus_message_iter_next(array);
1535 static gboolean property_changed(DBusConnection *conn,
1536 DBusMessage *message,
1539 const char *path = dbus_message_get_path(message);
1540 struct connection_data *data = NULL;
1541 DBusMessageIter iter, value;
1542 connman_bool_t ip_set = FALSE;
1546 const char *signature = DBUS_TYPE_STRING_AS_STRING
1547 DBUS_TYPE_VARIANT_AS_STRING;
1549 if (dbus_message_has_signature(message, signature) == FALSE) {
1550 connman_error("vpn property signature \"%s\" does not match "
1552 dbus_message_get_signature(message), signature);
1556 data = g_hash_table_lookup(vpn_connections, path);
1560 if (dbus_message_iter_init(message, &iter) == FALSE)
1563 dbus_message_iter_get_basic(&iter, &key);
1565 dbus_message_iter_next(&iter);
1566 dbus_message_iter_recurse(&iter, &value);
1570 if (g_str_equal(key, "State") == TRUE) {
1571 dbus_message_iter_get_basic(&value, &str);
1573 DBG("%s %s -> %s", data->path, data->state, str);
1575 if (g_str_equal(data->state, str) == TRUE)
1578 g_free(data->state);
1579 data->state = g_strdup(str);
1581 set_provider_state(data);
1582 } else if (g_str_equal(key, "Index") == TRUE) {
1583 dbus_message_iter_get_basic(&value, &data->index);
1584 connman_provider_set_index(data->provider, data->index);
1585 } else if (g_str_equal(key, "IPv4") == TRUE) {
1586 err = extract_ip(&value, AF_INET, data);
1588 } else if (g_str_equal(key, "IPv6") == TRUE) {
1589 err = extract_ip(&value, AF_INET6, data);
1591 } else if (g_str_equal(key, "ServerRoutes") == TRUE) {
1592 err = routes_changed(&value, data->server_routes);
1594 * Note that the vpnd will delay the route sending a bit
1595 * (in order to collect the routes from VPN client),
1596 * so we might have got the State changed property before
1597 * we got ServerRoutes. This means that we must try to set
1598 * the routes here because they would be left unset otherwise.
1601 set_routes(data->provider,
1602 CONNMAN_PROVIDER_ROUTE_SERVER);
1603 } else if (g_str_equal(key, "UserRoutes") == TRUE) {
1604 err = routes_changed(&value, data->user_routes);
1606 set_routes(data->provider,
1607 CONNMAN_PROVIDER_ROUTE_USER);
1608 } else if (g_str_equal(key, "Nameservers") == TRUE) {
1609 extract_nameservers(&value, data);
1612 if (ip_set == TRUE && err == 0) {
1613 err = connman_provider_set_ipaddress(data->provider, data->ip);
1615 DBG("setting provider IP address failed (%s/%d)",
1616 strerror(-err), -err);
1622 static int vpn_init(void)
1626 connection = connman_dbus_get_connection();
1627 if (connection == NULL)
1630 watch = g_dbus_add_service_watch(connection, VPN_SERVICE,
1631 vpnd_created, vpnd_removed, &provider_driver, NULL);
1633 added_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1634 VPN_MANAGER_INTERFACE,
1635 CONNECTION_ADDED, connection_added,
1636 &provider_driver, NULL);
1638 removed_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1639 VPN_MANAGER_INTERFACE,
1640 CONNECTION_REMOVED, connection_removed,
1643 property_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1644 VPN_CONNECTION_INTERFACE,
1645 PROPERTY_CHANGED, property_changed,
1648 if (added_watch == 0 || removed_watch == 0 || property_watch == 0) {
1653 err = connman_provider_driver_register(&provider_driver);
1655 vpnd_created(connection, &provider_driver);
1660 g_dbus_remove_watch(connection, watch);
1661 g_dbus_remove_watch(connection, added_watch);
1662 g_dbus_remove_watch(connection, removed_watch);
1663 g_dbus_remove_watch(connection, property_watch);
1665 dbus_connection_unref(connection);
1670 static void vpn_exit(void)
1672 g_dbus_remove_watch(connection, watch);
1673 g_dbus_remove_watch(connection, added_watch);
1674 g_dbus_remove_watch(connection, removed_watch);
1675 g_dbus_remove_watch(connection, property_watch);
1677 connman_provider_driver_unregister(&provider_driver);
1679 g_hash_table_destroy(vpn_connections);
1681 dbus_connection_unref(connection);
1684 CONNMAN_PLUGIN_DEFINE(vpn, "VPN plugin", VERSION,
1685 CONNMAN_PLUGIN_PRIORITY_DEFAULT, vpn_init, vpn_exit)