5 * Copyright (C) 2007-2010 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
31 #include <sys/inotify.h>
36 struct connman_config_service {
41 unsigned int ssid_len;
45 char *client_cert_file;
46 char *private_key_file;
47 char *private_key_passphrase;
48 char *private_key_passphrase_type;
53 struct connman_config {
57 connman_bool_t protected;
58 GHashTable *service_table;
61 static GHashTable *config_table = NULL;
62 static GSList *protected_services = NULL;
64 static int inotify_wd = -1;
66 static GIOChannel *inotify_channel = NULL;
67 static uint inotify_watch = 0;
69 #define INTERNAL_CONFIG_PREFIX "__internal"
71 /* Definition of possible strings in the .config files */
72 #define CONFIG_KEY_NAME "Name"
73 #define CONFIG_KEY_DESC "Description"
74 #define CONFIG_KEY_PROT "Protected"
76 #define SERVICE_KEY_TYPE "Type"
77 #define SERVICE_KEY_NAME "Name"
78 #define SERVICE_KEY_SSID "SSID"
79 #define SERVICE_KEY_EAP "EAP"
80 #define SERVICE_KEY_CA_CERT "CACertFile"
81 #define SERVICE_KEY_CL_CERT "ClientCertFile"
82 #define SERVICE_KEY_PRV_KEY "PrivateKeyFile"
83 #define SERVICE_KEY_PRV_KEY_PASS "PrivateKeyPassphrase"
84 #define SERVICE_KEY_PRV_KEY_PASS_TYPE "PrivateKeyPassphraseType"
85 #define SERVICE_KEY_IDENTITY "Identity"
86 #define SERVICE_KEY_PHASE2 "Phase2"
87 #define SERVICE_KEY_PASSPHRASE "Passphrase"
89 static const char *config_possible_keys[] = {
96 static const char *service_possible_keys[] = {
104 SERVICE_KEY_PRV_KEY_PASS,
105 SERVICE_KEY_PRV_KEY_PASS_TYPE,
106 SERVICE_KEY_IDENTITY,
108 SERVICE_KEY_PASSPHRASE,
112 static void unregister_config(gpointer data)
114 struct connman_config *config = data;
116 connman_info("Removing configuration %s", config->ident);
118 g_hash_table_destroy(config->service_table);
120 g_free(config->description);
121 g_free(config->name);
122 g_free(config->ident);
126 static void unregister_service(gpointer data)
128 struct connman_config_service *service = data;
130 connman_info("Removing service configuration %s", service->ident);
132 protected_services = g_slist_remove(protected_services, service);
134 g_free(service->ident);
135 g_free(service->type);
136 g_free(service->name);
137 g_free(service->ssid);
138 g_free(service->eap);
139 g_free(service->identity);
140 g_free(service->ca_cert_file);
141 g_free(service->client_cert_file);
142 g_free(service->private_key_file);
143 g_free(service->private_key_passphrase);
144 g_free(service->private_key_passphrase_type);
145 g_free(service->phase2);
146 g_free(service->passphrase);
150 static void check_keys(GKeyFile *keyfile, const char *group,
151 const char **possible_keys)
154 gsize nb_avail_keys, i, j;
156 avail_keys = g_key_file_get_keys(keyfile, group, &nb_avail_keys, NULL);
157 if (avail_keys == NULL)
161 * For each key in the configuration file,
162 * verify it is understood by connman
164 for (i = 0 ; i < nb_avail_keys; i++) {
165 for (j = 0; possible_keys[j] ; j++)
166 if (g_strcmp0(avail_keys[i], possible_keys[j]) == 0)
169 if (possible_keys[j] == NULL)
170 connman_warn("Unknown configuration key %s in [%s]",
171 avail_keys[i], group);
174 g_strfreev(avail_keys);
177 static connman_bool_t
178 is_protected_service(struct connman_config_service *service)
182 DBG("ident %s", service->ident);
184 for (list = protected_services; list; list = list->next) {
185 struct connman_config_service *s = list->data;
187 if (g_strcmp0(s->type, service->type) != 0)
190 if (s->ssid == NULL || service->ssid == NULL)
193 if (s->ssid_len != service->ssid_len)
196 if (g_strcmp0(service->type, "wifi") == 0 &&
197 strncmp(s->ssid, service->ssid, s->ssid_len) == 0) {
205 static int load_service(GKeyFile *keyfile, const char *group,
206 struct connman_config *config)
208 struct connman_config_service *service;
210 char *str, *hex_ssid;
211 gboolean service_created = FALSE;
214 /* Strip off "service_" prefix */
217 if (strlen(ident) < 1)
220 /* Verify that provided keys are good */
221 check_keys(keyfile, group, service_possible_keys);
223 service = g_hash_table_lookup(config->service_table, ident);
224 if (service == NULL) {
225 service = g_try_new0(struct connman_config_service, 1);
229 service->ident = g_strdup(ident);
231 service_created = TRUE;
234 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_TYPE, NULL);
236 g_free(service->type);
240 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_NAME, NULL);
242 g_free(service->name);
246 hex_ssid = g_key_file_get_string(keyfile, group, SERVICE_KEY_SSID,
248 if (hex_ssid != NULL) {
250 unsigned int i, j = 0, hex;
251 size_t hex_ssid_len = strlen(hex_ssid);
253 ssid = g_try_malloc0(hex_ssid_len / 2);
260 for (i = 0; i < hex_ssid_len; i += 2) {
261 sscanf(hex_ssid + i, "%02x", &hex);
267 g_free(service->ssid);
268 service->ssid = ssid;
269 service->ssid_len = hex_ssid_len / 2;
270 } else if (service->name != NULL) {
272 unsigned int ssid_len;
274 ssid_len = strlen(service->name);
275 ssid = g_try_malloc0(ssid_len);
281 memcpy(ssid, service->name, ssid_len);
282 g_free(service->ssid);
283 service->ssid = ssid;
284 service->ssid_len = ssid_len;
287 if (is_protected_service(service) == TRUE) {
288 connman_error("Trying to provision a protected service");
293 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_EAP, NULL);
295 g_free(service->eap);
299 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CA_CERT, NULL);
301 g_free(service->ca_cert_file);
302 service->ca_cert_file = str;
305 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CL_CERT, NULL);
307 g_free(service->client_cert_file);
308 service->client_cert_file = str;
311 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PRV_KEY, NULL);
313 g_free(service->private_key_file);
314 service->private_key_file = str;
317 str = g_key_file_get_string(keyfile, group,
318 SERVICE_KEY_PRV_KEY_PASS, NULL);
320 g_free(service->private_key_passphrase);
321 service->private_key_passphrase = str;
324 str = g_key_file_get_string(keyfile, group,
325 SERVICE_KEY_PRV_KEY_PASS_TYPE, NULL);
327 g_free(service->private_key_passphrase_type);
328 service->private_key_passphrase_type = str;
331 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_IDENTITY, NULL);
333 g_free(service->identity);
334 service->identity = str;
337 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PHASE2, NULL);
339 g_free(service->phase2);
340 service->phase2 = str;
343 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PASSPHRASE,
346 g_free(service->passphrase);
347 service->passphrase = str;
351 g_hash_table_insert(config->service_table, service->ident,
354 if (config->protected == TRUE)
356 g_slist_append(protected_services, service);
358 connman_info("Adding service configuration %s", service->ident);
363 if (service_created == TRUE) {
364 g_free(service->ident);
365 g_free(service->type);
366 g_free(service->name);
367 g_free(service->ssid);
374 static int load_config(struct connman_config *config)
377 GError *error = NULL;
381 gboolean protected, found = FALSE;
384 DBG("config %p", config);
386 keyfile = __connman_storage_load_config(config->ident);
390 /* Verify keys validity of the global section */
391 check_keys(keyfile, "global", config_possible_keys);
393 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_NAME, NULL);
395 g_free(config->name);
399 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_DESC, NULL);
401 g_free(config->description);
402 config->description = str;
405 protected = g_key_file_get_boolean(keyfile, "global",
406 CONFIG_KEY_PROT, &error);
408 config->protected = protected;
410 config->protected = TRUE;
412 groups = g_key_file_get_groups(keyfile, &length);
414 for (i = 0; groups[i] != NULL; i++) {
415 if (g_str_has_prefix(groups[i], "service_") == TRUE) {
416 if (load_service(keyfile, groups[i], config) == 0)
422 connman_warn("Config file %s/%s.config does not contain any "
423 "configuration that can be provisioned!",
424 STORAGEDIR, config->ident);
428 g_key_file_free(keyfile);
433 static struct connman_config *create_config(const char *ident)
435 struct connman_config *config;
437 DBG("ident %s", ident);
439 if (g_hash_table_lookup(config_table, ident) != NULL)
442 config = g_try_new0(struct connman_config, 1);
446 config->ident = g_strdup(ident);
448 config->service_table = g_hash_table_new_full(g_str_hash, g_str_equal,
449 NULL, unregister_service);
451 g_hash_table_insert(config_table, config->ident, config);
453 connman_info("Adding configuration %s", config->ident);
458 int __connman_config_load_service(GKeyFile *keyfile, const char *group,
459 connman_bool_t persistent)
461 struct connman_config *config;
462 const char *service_name;
463 char *ident, *content = NULL;
464 gsize content_length;
467 service_name = group + strlen("service_");
468 ident = g_strdup_printf("%s_%s", INTERNAL_CONFIG_PREFIX, service_name);
472 DBG("ident %s", ident);
474 config = g_hash_table_lookup(config_table, ident);
475 if (config == NULL) {
476 config = create_config(ident);
477 if (config == NULL) {
482 config->protected = FALSE;
485 err = load_service(keyfile, group, config);
486 if (persistent == FALSE || err < 0)
489 g_key_file_set_string(keyfile, "global", CONFIG_KEY_NAME,
491 g_key_file_set_string(keyfile, "global", CONFIG_KEY_DESC,
492 "Internal Config File");
493 g_key_file_set_boolean(keyfile, "global", CONFIG_KEY_PROT, FALSE);
495 content = g_key_file_to_data(keyfile, &content_length, NULL);
496 if (content == NULL) {
501 DBG("Saving %zu bytes to %s", content_length, service_name);
503 __connman_storage_save_config(keyfile, ident);
514 static connman_bool_t validate_ident(const char *ident)
521 for (i = 0; i < strlen(ident); i++)
522 if (g_ascii_isprint(ident[i]) == FALSE)
528 static int read_configs(void)
534 dir = g_dir_open(STORAGEDIR, 0, NULL);
538 while ((file = g_dir_read_name(dir)) != NULL) {
542 if (g_str_has_suffix(file, ".config") == FALSE)
545 ident = g_strrstr(file, ".config");
549 str = g_string_new_len(file, ident - file);
553 ident = g_string_free(str, FALSE);
555 if (validate_ident(ident) == TRUE) {
556 struct connman_config *config;
558 config = create_config(ident);
562 connman_error("Invalid config ident %s", ident);
573 static gboolean inotify_data(GIOChannel *channel, GIOCondition cond,
581 if (cond & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
586 status = g_io_channel_read_chars(channel, buffer,
587 sizeof(buffer) -1, &bytes_read, NULL);
590 case G_IO_STATUS_NORMAL:
592 case G_IO_STATUS_AGAIN:
595 connman_error("Reading from inotify channel failed");
602 while (bytes_read > 0) {
603 struct inotify_event *event;
608 event = (struct inotify_event *) next_event;
610 ident = next_event + sizeof(struct inotify_event);
614 len = sizeof(struct inotify_event) + event->len;
616 /* check if inotify_event block fit */
617 if (len > bytes_read)
626 if (g_str_has_suffix(ident, ".config") == FALSE)
629 ext = g_strrstr(ident, ".config");
635 if (validate_ident(ident) == FALSE) {
636 connman_error("Invalid config ident %s", ident);
640 if (event->mask & IN_CREATE)
641 create_config(ident);
643 if (event->mask & IN_MODIFY) {
644 struct connman_config *config;
646 config = g_hash_table_lookup(config_table, ident);
647 if (config != NULL) {
648 g_hash_table_remove_all(config->service_table);
650 __connman_service_provision_changed(ident);
654 if (event->mask & IN_DELETE)
655 g_hash_table_remove(config_table, ident);
661 static int create_watch(void)
669 inotify_wd = inotify_add_watch(fd, STORAGEDIR,
670 IN_MODIFY | IN_CREATE | IN_DELETE);
671 if (inotify_wd < 0) {
672 connman_error("Creation of STORAGEDIR watch failed");
677 inotify_channel = g_io_channel_unix_new(fd);
678 if (inotify_channel == NULL) {
679 connman_error("Creation of inotify channel failed");
680 inotify_rm_watch(fd, inotify_wd);
687 g_io_channel_set_close_on_unref(inotify_channel, TRUE);
688 g_io_channel_set_encoding(inotify_channel, NULL, NULL);
689 g_io_channel_set_buffered(inotify_channel, FALSE);
691 inotify_watch = g_io_add_watch(inotify_channel,
692 G_IO_IN | G_IO_HUP | G_IO_NVAL | G_IO_ERR,
698 static void remove_watch(void)
702 if (inotify_channel == NULL)
705 if (inotify_watch > 0) {
706 g_source_remove(inotify_watch);
710 fd = g_io_channel_unix_get_fd(inotify_channel);
712 if (inotify_wd >= 0) {
713 inotify_rm_watch(fd, inotify_wd);
717 g_io_channel_unref(inotify_channel);
720 int __connman_config_init(void)
724 config_table = g_hash_table_new_full(g_str_hash, g_str_equal,
725 NULL, unregister_config);
729 return read_configs();
732 void __connman_config_cleanup(void)
738 g_hash_table_destroy(config_table);
742 static char *config_pem_fsid(const char *pem_file)
745 unsigned *fsid = (unsigned *) &buf.f_fsid;
746 unsigned long long fsid64;
748 if (pem_file == NULL)
751 if (statfs(pem_file, &buf) < 0) {
752 connman_error("statfs error %s for %s",
753 strerror(errno), pem_file);
757 fsid64 = ((unsigned long long) fsid[0] << 32) | fsid[1];
759 return g_strdup_printf("%llx", fsid64);
762 static void provision_service(gpointer key, gpointer value, gpointer user_data)
764 struct connman_service *service = user_data;
765 struct connman_config_service *config = value;
766 struct connman_network *network;
768 unsigned int ssid_len;
770 /* For now only WiFi service entries are supported */
771 if (g_strcmp0(config->type, "wifi") != 0)
774 network = __connman_service_get_network(service);
775 if (network == NULL) {
776 connman_error("Service has no network set");
780 ssid = connman_network_get_blob(network, "WiFi.SSID", &ssid_len);
782 connman_error("Network SSID not set");
786 if (config->ssid == NULL || ssid_len != config->ssid_len)
789 if (memcmp(config->ssid, ssid, ssid_len) != 0)
792 __connman_service_set_immutable(service, TRUE);
794 __connman_service_set_favorite(service, TRUE);
796 if (config->eap != NULL)
797 __connman_service_set_string(service, "EAP", config->eap);
799 if (config->identity != NULL)
800 __connman_service_set_string(service, "Identity",
803 if (config->ca_cert_file != NULL)
804 __connman_service_set_string(service, "CACertFile",
805 config->ca_cert_file);
807 if (config->client_cert_file != NULL)
808 __connman_service_set_string(service, "ClientCertFile",
809 config->client_cert_file);
811 if (config->private_key_file != NULL)
812 __connman_service_set_string(service, "PrivateKeyFile",
813 config->private_key_file);
815 if (g_strcmp0(config->private_key_passphrase_type, "fsid") == 0 &&
816 config->private_key_file != NULL) {
819 fsid = config_pem_fsid(config->private_key_file);
823 g_free(config->private_key_passphrase);
824 config->private_key_passphrase = fsid;
827 if (config->private_key_passphrase != NULL) {
828 __connman_service_set_string(service, "PrivateKeyPassphrase",
829 config->private_key_passphrase);
831 * TODO: Support for PEAP with both identity and key passwd.
832 * In that case, we should check if both of them are found
833 * from the config file. If not, we should not set the
834 * service passphrase in order for the UI to request for an
835 * additional passphrase.
839 if (config->phase2 != NULL)
840 __connman_service_set_string(service, "Phase2", config->phase2);
842 if (config->passphrase != NULL)
843 __connman_service_set_string(service, "Passphrase", config->passphrase);
846 int __connman_config_provision_service(struct connman_service *service)
848 enum connman_service_type type;
852 DBG("service %p", service);
854 /* For now only WiFi services are supported */
855 type = connman_service_get_type(service);
856 if (type != CONNMAN_SERVICE_TYPE_WIFI)
859 g_hash_table_iter_init(&iter, config_table);
861 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) {
862 struct connman_config *config = value;
864 g_hash_table_foreach(config->service_table,
865 provision_service, service);
871 int __connman_config_provision_service_ident(struct connman_service *service,
874 enum connman_service_type type;
875 struct connman_config *config;
877 DBG("service %p", service);
879 /* For now only WiFi services are supported */
880 type = connman_service_get_type(service);
881 if (type != CONNMAN_SERVICE_TYPE_WIFI)
884 config = g_hash_table_lookup(config_table, ident);
886 g_hash_table_foreach(config->service_table,
887 provision_service, service);