5 * Copyright (C) 2007-2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
31 #include <sys/inotify.h>
34 #include <connman/provision.h>
37 struct connman_config_service {
42 unsigned int ssid_len;
46 char *client_cert_file;
47 char *private_key_file;
48 char *private_key_passphrase;
49 char *private_key_passphrase_type;
52 GSList *service_identifiers;
53 char *config_ident; /* file prefix */
54 char *config_entry; /* entry name */
55 connman_bool_t hidden;
58 struct connman_config {
62 connman_bool_t protected;
63 GHashTable *service_table;
66 static GHashTable *config_table = NULL;
67 static GSList *protected_services = NULL;
69 static int inotify_wd = -1;
71 static GIOChannel *inotify_channel = NULL;
72 static uint inotify_watch = 0;
73 static connman_bool_t cleanup = FALSE;
75 #define INTERNAL_CONFIG_PREFIX "__internal"
77 /* Definition of possible strings in the .config files */
78 #define CONFIG_KEY_NAME "Name"
79 #define CONFIG_KEY_DESC "Description"
80 #define CONFIG_KEY_PROT "Protected"
82 #define SERVICE_KEY_TYPE "Type"
83 #define SERVICE_KEY_NAME "Name"
84 #define SERVICE_KEY_SSID "SSID"
85 #define SERVICE_KEY_EAP "EAP"
86 #define SERVICE_KEY_CA_CERT "CACertFile"
87 #define SERVICE_KEY_CL_CERT "ClientCertFile"
88 #define SERVICE_KEY_PRV_KEY "PrivateKeyFile"
89 #define SERVICE_KEY_PRV_KEY_PASS "PrivateKeyPassphrase"
90 #define SERVICE_KEY_PRV_KEY_PASS_TYPE "PrivateKeyPassphraseType"
91 #define SERVICE_KEY_IDENTITY "Identity"
92 #define SERVICE_KEY_PHASE2 "Phase2"
93 #define SERVICE_KEY_PASSPHRASE "Passphrase"
94 #define SERVICE_KEY_HIDDEN "Hidden"
96 static const char *config_possible_keys[] = {
103 static const char *service_possible_keys[] = {
111 SERVICE_KEY_PRV_KEY_PASS,
112 SERVICE_KEY_PRV_KEY_PASS_TYPE,
113 SERVICE_KEY_IDENTITY,
115 SERVICE_KEY_PASSPHRASE,
120 static void unregister_config(gpointer data)
122 struct connman_config *config = data;
124 connman_info("Removing configuration %s", config->ident);
126 g_hash_table_destroy(config->service_table);
128 g_free(config->description);
129 g_free(config->name);
130 g_free(config->ident);
134 static void unregister_service(gpointer data)
136 struct connman_config_service *config_service = data;
137 struct connman_service *service;
144 connman_info("Removing service configuration %s",
145 config_service->ident);
147 protected_services = g_slist_remove(protected_services,
150 for (list = config_service->service_identifiers; list != NULL;
152 service_id = list->data;
154 service = __connman_service_lookup_from_ident(service_id);
155 if (service != NULL) {
156 __connman_service_set_immutable(service, FALSE);
157 __connman_service_remove(service);
160 if (__connman_storage_remove_service(service_id) == FALSE)
161 DBG("Could not remove all files for service %s",
166 g_free(config_service->ident);
167 g_free(config_service->type);
168 g_free(config_service->name);
169 g_free(config_service->ssid);
170 g_free(config_service->eap);
171 g_free(config_service->identity);
172 g_free(config_service->ca_cert_file);
173 g_free(config_service->client_cert_file);
174 g_free(config_service->private_key_file);
175 g_free(config_service->private_key_passphrase);
176 g_free(config_service->private_key_passphrase_type);
177 g_free(config_service->phase2);
178 g_free(config_service->passphrase);
179 g_slist_free_full(config_service->service_identifiers, g_free);
180 g_free(config_service->config_ident);
181 g_free(config_service->config_entry);
182 g_free(config_service);
185 static void check_keys(GKeyFile *keyfile, const char *group,
186 const char **possible_keys)
189 gsize nb_avail_keys, i, j;
191 avail_keys = g_key_file_get_keys(keyfile, group, &nb_avail_keys, NULL);
192 if (avail_keys == NULL)
196 * For each key in the configuration file,
197 * verify it is understood by connman
199 for (i = 0 ; i < nb_avail_keys; i++) {
200 for (j = 0; possible_keys[j] ; j++)
201 if (g_strcmp0(avail_keys[i], possible_keys[j]) == 0)
204 if (possible_keys[j] == NULL)
205 connman_warn("Unknown configuration key %s in [%s]",
206 avail_keys[i], group);
209 g_strfreev(avail_keys);
212 static connman_bool_t
213 is_protected_service(struct connman_config_service *service)
217 DBG("ident %s", service->ident);
219 for (list = protected_services; list; list = list->next) {
220 struct connman_config_service *s = list->data;
222 if (g_strcmp0(s->type, service->type) != 0)
225 if (s->ssid == NULL || service->ssid == NULL)
228 if (s->ssid_len != service->ssid_len)
231 if (g_strcmp0(service->type, "wifi") == 0 &&
232 strncmp(s->ssid, service->ssid, s->ssid_len) == 0) {
240 static int load_service(GKeyFile *keyfile, const char *group,
241 struct connman_config *config)
243 struct connman_config_service *service;
245 char *str, *hex_ssid;
246 gboolean service_created = FALSE;
249 /* Strip off "service_" prefix */
252 if (strlen(ident) < 1)
255 /* Verify that provided keys are good */
256 check_keys(keyfile, group, service_possible_keys);
258 service = g_hash_table_lookup(config->service_table, ident);
259 if (service == NULL) {
260 service = g_try_new0(struct connman_config_service, 1);
264 service->ident = g_strdup(ident);
266 service_created = TRUE;
269 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_TYPE, NULL);
271 g_free(service->type);
275 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_NAME, NULL);
277 g_free(service->name);
281 hex_ssid = g_key_file_get_string(keyfile, group, SERVICE_KEY_SSID,
283 if (hex_ssid != NULL) {
285 unsigned int i, j = 0, hex;
286 size_t hex_ssid_len = strlen(hex_ssid);
288 ssid = g_try_malloc0(hex_ssid_len / 2);
295 for (i = 0; i < hex_ssid_len; i += 2) {
296 if (sscanf(hex_ssid + i, "%02x", &hex) <= 0) {
297 connman_warn("Invalid SSID %s", hex_ssid);
308 g_free(service->ssid);
309 service->ssid = ssid;
310 service->ssid_len = hex_ssid_len / 2;
311 } else if (service->name != NULL) {
313 unsigned int ssid_len;
315 ssid_len = strlen(service->name);
316 ssid = g_try_malloc0(ssid_len);
322 memcpy(ssid, service->name, ssid_len);
323 g_free(service->ssid);
324 service->ssid = ssid;
325 service->ssid_len = ssid_len;
328 if (is_protected_service(service) == TRUE) {
329 connman_error("Trying to provision a protected service");
334 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_EAP, NULL);
336 g_free(service->eap);
340 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CA_CERT, NULL);
342 g_free(service->ca_cert_file);
343 service->ca_cert_file = str;
346 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CL_CERT, NULL);
348 g_free(service->client_cert_file);
349 service->client_cert_file = str;
352 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PRV_KEY, NULL);
354 g_free(service->private_key_file);
355 service->private_key_file = str;
358 str = g_key_file_get_string(keyfile, group,
359 SERVICE_KEY_PRV_KEY_PASS, NULL);
361 g_free(service->private_key_passphrase);
362 service->private_key_passphrase = str;
365 str = g_key_file_get_string(keyfile, group,
366 SERVICE_KEY_PRV_KEY_PASS_TYPE, NULL);
368 g_free(service->private_key_passphrase_type);
369 service->private_key_passphrase_type = str;
372 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_IDENTITY, NULL);
374 g_free(service->identity);
375 service->identity = str;
378 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PHASE2, NULL);
380 g_free(service->phase2);
381 service->phase2 = str;
384 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PASSPHRASE,
387 g_free(service->passphrase);
388 service->passphrase = str;
391 service->config_ident = g_strdup(config->ident);
392 service->config_entry = g_strdup_printf("service_%s", service->ident);
394 service->hidden = g_key_file_get_boolean(keyfile, group,
395 SERVICE_KEY_HIDDEN, NULL);
398 g_hash_table_insert(config->service_table, service->ident,
401 if (config->protected == TRUE)
403 g_slist_append(protected_services, service);
405 connman_info("Adding service configuration %s", service->ident);
410 if (service_created == TRUE) {
411 g_free(service->ident);
412 g_free(service->type);
413 g_free(service->name);
414 g_free(service->ssid);
421 static int load_config(struct connman_config *config)
424 GError *error = NULL;
428 gboolean protected, found = FALSE;
431 DBG("config %p", config);
433 keyfile = __connman_storage_load_config(config->ident);
437 /* Verify keys validity of the global section */
438 check_keys(keyfile, "global", config_possible_keys);
440 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_NAME, NULL);
442 g_free(config->name);
446 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_DESC, NULL);
448 g_free(config->description);
449 config->description = str;
452 protected = g_key_file_get_boolean(keyfile, "global",
453 CONFIG_KEY_PROT, &error);
455 config->protected = protected;
457 config->protected = TRUE;
459 groups = g_key_file_get_groups(keyfile, &length);
461 for (i = 0; groups[i] != NULL; i++) {
462 if (g_str_has_prefix(groups[i], "service_") == TRUE) {
463 if (load_service(keyfile, groups[i], config) == 0)
469 connman_warn("Config file %s/%s.config does not contain any "
470 "configuration that can be provisioned!",
471 STORAGEDIR, config->ident);
475 g_key_file_free(keyfile);
480 static struct connman_config *create_config(const char *ident)
482 struct connman_config *config;
484 DBG("ident %s", ident);
486 if (g_hash_table_lookup(config_table, ident) != NULL)
489 config = g_try_new0(struct connman_config, 1);
493 config->ident = g_strdup(ident);
495 config->service_table = g_hash_table_new_full(g_str_hash, g_str_equal,
496 NULL, unregister_service);
498 g_hash_table_insert(config_table, config->ident, config);
500 connman_info("Adding configuration %s", config->ident);
505 static connman_bool_t validate_ident(const char *ident)
512 for (i = 0; i < strlen(ident); i++)
513 if (g_ascii_isprint(ident[i]) == FALSE)
519 static int read_configs(void)
525 dir = g_dir_open(STORAGEDIR, 0, NULL);
529 while ((file = g_dir_read_name(dir)) != NULL) {
533 if (g_str_has_suffix(file, ".config") == FALSE)
536 ident = g_strrstr(file, ".config");
540 str = g_string_new_len(file, ident - file);
544 ident = g_string_free(str, FALSE);
546 if (validate_ident(ident) == TRUE) {
547 struct connman_config *config;
549 config = create_config(ident);
553 connman_error("Invalid config ident %s", ident);
564 static gboolean inotify_data(GIOChannel *channel, GIOCondition cond,
572 if (cond & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
577 status = g_io_channel_read_chars(channel, buffer,
578 sizeof(buffer) -1, &bytes_read, NULL);
581 case G_IO_STATUS_NORMAL:
583 case G_IO_STATUS_AGAIN:
586 connman_error("Reading from inotify channel failed");
593 while (bytes_read > 0) {
594 struct inotify_event *event;
599 event = (struct inotify_event *) next_event;
601 ident = next_event + sizeof(struct inotify_event);
605 len = sizeof(struct inotify_event) + event->len;
607 /* check if inotify_event block fit */
608 if (len > bytes_read)
617 if (g_str_has_suffix(ident, ".config") == FALSE)
620 ext = g_strrstr(ident, ".config");
626 if (validate_ident(ident) == FALSE) {
627 connman_error("Invalid config ident %s", ident);
631 if (event->mask & IN_CREATE)
632 create_config(ident);
634 if (event->mask & IN_MODIFY) {
635 struct connman_config *config;
637 config = g_hash_table_lookup(config_table, ident);
638 if (config != NULL) {
641 g_hash_table_remove_all(config->service_table);
643 ret = __connman_service_provision_changed(ident);
646 * Re-scan the config file for any
649 g_hash_table_remove_all(config->service_table);
651 __connman_service_provision_changed(ident);
656 if (event->mask & IN_DELETE)
657 g_hash_table_remove(config_table, ident);
663 static int create_watch(void)
671 inotify_wd = inotify_add_watch(fd, STORAGEDIR,
672 IN_MODIFY | IN_CREATE | IN_DELETE);
673 if (inotify_wd < 0) {
674 connman_error("Creation of STORAGEDIR watch failed");
679 inotify_channel = g_io_channel_unix_new(fd);
680 if (inotify_channel == NULL) {
681 connman_error("Creation of inotify channel failed");
682 inotify_rm_watch(fd, inotify_wd);
689 g_io_channel_set_close_on_unref(inotify_channel, TRUE);
690 g_io_channel_set_encoding(inotify_channel, NULL, NULL);
691 g_io_channel_set_buffered(inotify_channel, FALSE);
693 inotify_watch = g_io_add_watch(inotify_channel,
694 G_IO_IN | G_IO_HUP | G_IO_NVAL | G_IO_ERR,
700 static void remove_watch(void)
704 if (inotify_channel == NULL)
707 if (inotify_watch > 0) {
708 g_source_remove(inotify_watch);
712 fd = g_io_channel_unix_get_fd(inotify_channel);
714 if (inotify_wd >= 0) {
715 inotify_rm_watch(fd, inotify_wd);
719 g_io_channel_unref(inotify_channel);
722 int __connman_config_init(void)
726 config_table = g_hash_table_new_full(g_str_hash, g_str_equal,
727 NULL, unregister_config);
731 return read_configs();
734 void __connman_config_cleanup(void)
742 g_hash_table_destroy(config_table);
748 static char *config_pem_fsid(const char *pem_file)
751 unsigned *fsid = (unsigned *) &buf.f_fsid;
752 unsigned long long fsid64;
754 if (pem_file == NULL)
757 if (statfs(pem_file, &buf) < 0) {
758 connman_error("statfs error %s for %s",
759 strerror(errno), pem_file);
763 fsid64 = ((unsigned long long) fsid[0] << 32) | fsid[1];
765 return g_strdup_printf("%llx", fsid64);
768 static void provision_service(gpointer key, gpointer value, gpointer user_data)
770 struct connman_service *service = user_data;
771 struct connman_config_service *config = value;
772 struct connman_network *network;
773 const void *ssid, *service_id;
774 unsigned int ssid_len;
776 /* For now only WiFi service entries are supported */
777 if (g_strcmp0(config->type, "wifi") != 0)
780 network = __connman_service_get_network(service);
781 if (network == NULL) {
782 connman_error("Service has no network set");
786 ssid = connman_network_get_blob(network, "WiFi.SSID", &ssid_len);
788 connman_error("Network SSID not set");
792 if (config->ssid == NULL || ssid_len != config->ssid_len)
795 if (memcmp(config->ssid, ssid, ssid_len) != 0)
798 service_id = __connman_service_get_ident(service);
799 config->service_identifiers =
800 g_slist_prepend(config->service_identifiers,
801 g_strdup(service_id));
803 __connman_service_set_immutable(service, TRUE);
805 __connman_service_set_favorite_delayed(service, TRUE, TRUE);
807 __connman_service_set_config(service, config->config_ident,
808 config->config_entry);
810 if (config->eap != NULL)
811 __connman_service_set_string(service, "EAP", config->eap);
813 if (config->identity != NULL)
814 __connman_service_set_string(service, "Identity",
817 if (config->ca_cert_file != NULL)
818 __connman_service_set_string(service, "CACertFile",
819 config->ca_cert_file);
821 if (config->client_cert_file != NULL)
822 __connman_service_set_string(service, "ClientCertFile",
823 config->client_cert_file);
825 if (config->private_key_file != NULL)
826 __connman_service_set_string(service, "PrivateKeyFile",
827 config->private_key_file);
829 if (g_strcmp0(config->private_key_passphrase_type, "fsid") == 0 &&
830 config->private_key_file != NULL) {
833 fsid = config_pem_fsid(config->private_key_file);
837 g_free(config->private_key_passphrase);
838 config->private_key_passphrase = fsid;
841 if (config->private_key_passphrase != NULL) {
842 __connman_service_set_string(service, "PrivateKeyPassphrase",
843 config->private_key_passphrase);
845 * TODO: Support for PEAP with both identity and key passwd.
846 * In that case, we should check if both of them are found
847 * from the config file. If not, we should not set the
848 * service passphrase in order for the UI to request for an
849 * additional passphrase.
853 if (config->phase2 != NULL)
854 __connman_service_set_string(service, "Phase2", config->phase2);
856 if (config->passphrase != NULL)
857 __connman_service_set_string(service, "Passphrase", config->passphrase);
859 if (config->hidden == TRUE)
860 __connman_service_set_hidden(service);
862 __connman_service_mark_dirty();
864 __connman_service_save(service);
867 int __connman_config_provision_service(struct connman_service *service)
869 enum connman_service_type type;
873 DBG("service %p", service);
875 /* For now only WiFi services are supported */
876 type = connman_service_get_type(service);
877 if (type != CONNMAN_SERVICE_TYPE_WIFI)
880 g_hash_table_iter_init(&iter, config_table);
882 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) {
883 struct connman_config *config = value;
885 g_hash_table_foreach(config->service_table,
886 provision_service, service);
892 int __connman_config_provision_service_ident(struct connman_service *service,
893 const char *ident, const char *file, const char *entry)
895 enum connman_service_type type;
896 struct connman_config *config;
899 DBG("service %p", service);
901 /* For now only WiFi services are supported */
902 type = connman_service_get_type(service);
903 if (type != CONNMAN_SERVICE_TYPE_WIFI)
906 config = g_hash_table_lookup(config_table, ident);
907 if (config != NULL) {
910 gboolean found = FALSE;
912 g_hash_table_iter_init(&iter, config->service_table);
915 * Check if we need to remove individual service if it
916 * is missing from config file.
918 if (file != NULL && entry != NULL) {
919 while (g_hash_table_iter_next(&iter, &key,
921 struct connman_config_service *config_service;
923 config_service = value;
925 if (g_strcmp0(config_service->config_ident,
929 if (g_strcmp0(config_service->config_entry,
937 DBG("found %d ident %s file %s entry %s", found, ident,
940 if (found == FALSE) {
942 * The entry+8 will skip "service_" prefix
944 g_hash_table_remove(config->service_table,
950 g_hash_table_foreach(config->service_table,
951 provision_service, service);
957 struct connman_config_entry **connman_config_get_entries(void)
959 GHashTableIter iter_file, iter_config;
961 struct connman_config_entry **entries = NULL;
964 g_hash_table_iter_init(&iter_file, config_table);
965 while (g_hash_table_iter_next(&iter_file, &key, &value) == TRUE) {
966 struct connman_config *config_file = value;
968 count = g_hash_table_size(config_file->service_table);
970 entries = g_try_realloc(entries, (i + count + 1) *
971 sizeof(struct connman_config_entry *));
975 g_hash_table_iter_init(&iter_config,
976 config_file->service_table);
977 while (g_hash_table_iter_next(&iter_config, &key,
979 struct connman_config_service *config = value;
981 entries[i] = g_try_new0(struct connman_config_entry,
983 if (entries[i] == NULL)
986 entries[i]->ident = g_strdup(config->ident);
987 entries[i]->name = g_strdup(config->name);
988 entries[i]->ssid = g_try_malloc0(config->ssid_len + 1);
989 if (entries[i]->ssid == NULL)
992 memcpy(entries[i]->ssid, config->ssid,
994 entries[i]->ssid_len = config->ssid_len;
995 entries[i]->hidden = config->hidden;
1001 if (entries != NULL) {
1002 entries = g_try_realloc(entries, (i + 1) *
1003 sizeof(struct connman_config_entry *));
1004 if (entries == NULL)
1009 DBG("%d provisioned AP found", i);
1015 connman_config_free_entries(entries);
1019 void connman_config_free_entries(struct connman_config_entry **entries)
1023 if (entries == NULL)
1026 for (i = 0; entries[i]; i++) {
1027 g_free(entries[i]->ident);
1028 g_free(entries[i]->name);
1029 g_free(entries[i]->ssid);