5 * Copyright (C) 2007-2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
31 #include <sys/inotify.h>
34 #include <connman/provision.h>
37 struct connman_config_service {
42 unsigned int ssid_len;
46 char *client_cert_file;
47 char *private_key_file;
48 char *private_key_passphrase;
49 char *private_key_passphrase_type;
52 GSList *service_identifiers;
53 char *config_ident; /* file prefix */
54 char *config_entry; /* entry name */
55 connman_bool_t hidden;
58 struct connman_config {
62 connman_bool_t protected;
63 GHashTable *service_table;
66 static GHashTable *config_table = NULL;
67 static GSList *protected_services = NULL;
69 static int inotify_wd = -1;
71 static GIOChannel *inotify_channel = NULL;
72 static uint inotify_watch = 0;
73 static connman_bool_t cleanup = FALSE;
75 #define INTERNAL_CONFIG_PREFIX "__internal"
77 /* Definition of possible strings in the .config files */
78 #define CONFIG_KEY_NAME "Name"
79 #define CONFIG_KEY_DESC "Description"
80 #define CONFIG_KEY_PROT "Protected"
82 #define SERVICE_KEY_TYPE "Type"
83 #define SERVICE_KEY_NAME "Name"
84 #define SERVICE_KEY_SSID "SSID"
85 #define SERVICE_KEY_EAP "EAP"
86 #define SERVICE_KEY_CA_CERT "CACertFile"
87 #define SERVICE_KEY_CL_CERT "ClientCertFile"
88 #define SERVICE_KEY_PRV_KEY "PrivateKeyFile"
89 #define SERVICE_KEY_PRV_KEY_PASS "PrivateKeyPassphrase"
90 #define SERVICE_KEY_PRV_KEY_PASS_TYPE "PrivateKeyPassphraseType"
91 #define SERVICE_KEY_IDENTITY "Identity"
92 #define SERVICE_KEY_PHASE2 "Phase2"
93 #define SERVICE_KEY_PASSPHRASE "Passphrase"
94 #define SERVICE_KEY_HIDDEN "Hidden"
96 static const char *config_possible_keys[] = {
103 static const char *service_possible_keys[] = {
111 SERVICE_KEY_PRV_KEY_PASS,
112 SERVICE_KEY_PRV_KEY_PASS_TYPE,
113 SERVICE_KEY_IDENTITY,
115 SERVICE_KEY_PASSPHRASE,
120 static void unregister_config(gpointer data)
122 struct connman_config *config = data;
124 connman_info("Removing configuration %s", config->ident);
126 g_hash_table_destroy(config->service_table);
128 g_free(config->description);
129 g_free(config->name);
130 g_free(config->ident);
134 static void unregister_service(gpointer data)
136 struct connman_config_service *config_service = data;
137 struct connman_service *service;
144 connman_info("Removing service configuration %s",
145 config_service->ident);
147 protected_services = g_slist_remove(protected_services,
150 for (list = config_service->service_identifiers; list != NULL;
152 service_id = list->data;
154 service = __connman_service_lookup_from_ident(service_id);
155 if (service != NULL) {
156 __connman_service_set_immutable(service, FALSE);
157 __connman_service_remove(service);
160 if (__connman_storage_remove_service(service_id) == FALSE)
161 DBG("Could not remove all files for service %s",
166 g_free(config_service->ident);
167 g_free(config_service->type);
168 g_free(config_service->name);
169 g_free(config_service->ssid);
170 g_free(config_service->eap);
171 g_free(config_service->identity);
172 g_free(config_service->ca_cert_file);
173 g_free(config_service->client_cert_file);
174 g_free(config_service->private_key_file);
175 g_free(config_service->private_key_passphrase);
176 g_free(config_service->private_key_passphrase_type);
177 g_free(config_service->phase2);
178 g_free(config_service->passphrase);
179 g_slist_free_full(config_service->service_identifiers, g_free);
180 g_free(config_service->config_ident);
181 g_free(config_service->config_entry);
182 g_free(config_service);
185 static void check_keys(GKeyFile *keyfile, const char *group,
186 const char **possible_keys)
189 gsize nb_avail_keys, i, j;
191 avail_keys = g_key_file_get_keys(keyfile, group, &nb_avail_keys, NULL);
192 if (avail_keys == NULL)
196 * For each key in the configuration file,
197 * verify it is understood by connman
199 for (i = 0 ; i < nb_avail_keys; i++) {
200 for (j = 0; possible_keys[j] ; j++)
201 if (g_strcmp0(avail_keys[i], possible_keys[j]) == 0)
204 if (possible_keys[j] == NULL)
205 connman_warn("Unknown configuration key %s in [%s]",
206 avail_keys[i], group);
209 g_strfreev(avail_keys);
212 static connman_bool_t
213 is_protected_service(struct connman_config_service *service)
217 DBG("ident %s", service->ident);
219 for (list = protected_services; list; list = list->next) {
220 struct connman_config_service *s = list->data;
222 if (g_strcmp0(s->type, service->type) != 0)
225 if (s->ssid == NULL || service->ssid == NULL)
228 if (s->ssid_len != service->ssid_len)
231 if (g_strcmp0(service->type, "wifi") == 0 &&
232 strncmp(s->ssid, service->ssid, s->ssid_len) == 0) {
240 static int load_service(GKeyFile *keyfile, const char *group,
241 struct connman_config *config)
243 struct connman_config_service *service;
245 char *str, *hex_ssid;
246 gboolean service_created = FALSE;
249 /* Strip off "service_" prefix */
252 if (strlen(ident) < 1)
255 /* Verify that provided keys are good */
256 check_keys(keyfile, group, service_possible_keys);
258 service = g_hash_table_lookup(config->service_table, ident);
259 if (service == NULL) {
260 service = g_try_new0(struct connman_config_service, 1);
264 service->ident = g_strdup(ident);
266 service_created = TRUE;
269 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_TYPE, NULL);
271 g_free(service->type);
275 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_NAME, NULL);
277 g_free(service->name);
281 hex_ssid = g_key_file_get_string(keyfile, group, SERVICE_KEY_SSID,
283 if (hex_ssid != NULL) {
285 unsigned int i, j = 0, hex;
286 size_t hex_ssid_len = strlen(hex_ssid);
288 ssid = g_try_malloc0(hex_ssid_len / 2);
295 for (i = 0; i < hex_ssid_len; i += 2) {
296 if (sscanf(hex_ssid + i, "%02x", &hex) <= 0) {
297 connman_warn("Invalid SSID %s", hex_ssid);
308 g_free(service->ssid);
309 service->ssid = ssid;
310 service->ssid_len = hex_ssid_len / 2;
311 } else if (service->name != NULL) {
313 unsigned int ssid_len;
315 ssid_len = strlen(service->name);
316 ssid = g_try_malloc0(ssid_len);
322 memcpy(ssid, service->name, ssid_len);
323 g_free(service->ssid);
324 service->ssid = ssid;
325 service->ssid_len = ssid_len;
328 if (is_protected_service(service) == TRUE) {
329 connman_error("Trying to provision a protected service");
334 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_EAP, NULL);
336 g_free(service->eap);
340 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CA_CERT, NULL);
342 g_free(service->ca_cert_file);
343 service->ca_cert_file = str;
346 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_CL_CERT, NULL);
348 g_free(service->client_cert_file);
349 service->client_cert_file = str;
352 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PRV_KEY, NULL);
354 g_free(service->private_key_file);
355 service->private_key_file = str;
358 str = g_key_file_get_string(keyfile, group,
359 SERVICE_KEY_PRV_KEY_PASS, NULL);
361 g_free(service->private_key_passphrase);
362 service->private_key_passphrase = str;
365 str = g_key_file_get_string(keyfile, group,
366 SERVICE_KEY_PRV_KEY_PASS_TYPE, NULL);
368 g_free(service->private_key_passphrase_type);
369 service->private_key_passphrase_type = str;
372 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_IDENTITY, NULL);
374 g_free(service->identity);
375 service->identity = str;
378 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PHASE2, NULL);
380 g_free(service->phase2);
381 service->phase2 = str;
384 str = g_key_file_get_string(keyfile, group, SERVICE_KEY_PASSPHRASE,
387 g_free(service->passphrase);
388 service->passphrase = str;
391 service->config_ident = g_strdup(config->ident);
392 service->config_entry = g_strdup_printf("service_%s", service->ident);
394 service->hidden = g_key_file_get_boolean(keyfile, group,
395 SERVICE_KEY_HIDDEN, NULL);
398 g_hash_table_insert(config->service_table, service->ident,
401 if (config->protected == TRUE)
403 g_slist_prepend(protected_services, service);
405 connman_info("Adding service configuration %s", service->ident);
410 if (service_created == TRUE) {
411 g_free(service->ident);
412 g_free(service->type);
413 g_free(service->name);
414 g_free(service->ssid);
421 static int load_config(struct connman_config *config)
424 GError *error = NULL;
428 gboolean protected, found = FALSE;
431 DBG("config %p", config);
433 keyfile = __connman_storage_load_config(config->ident);
437 /* Verify keys validity of the global section */
438 check_keys(keyfile, "global", config_possible_keys);
440 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_NAME, NULL);
442 g_free(config->name);
446 str = g_key_file_get_string(keyfile, "global", CONFIG_KEY_DESC, NULL);
448 g_free(config->description);
449 config->description = str;
452 protected = g_key_file_get_boolean(keyfile, "global",
453 CONFIG_KEY_PROT, &error);
455 config->protected = protected;
457 config->protected = TRUE;
458 g_clear_error(&error);
460 groups = g_key_file_get_groups(keyfile, &length);
462 for (i = 0; groups[i] != NULL; i++) {
463 if (g_str_has_prefix(groups[i], "service_") == TRUE) {
464 if (load_service(keyfile, groups[i], config) == 0)
470 connman_warn("Config file %s/%s.config does not contain any "
471 "configuration that can be provisioned!",
472 STORAGEDIR, config->ident);
476 g_key_file_free(keyfile);
481 static struct connman_config *create_config(const char *ident)
483 struct connman_config *config;
485 DBG("ident %s", ident);
487 if (g_hash_table_lookup(config_table, ident) != NULL)
490 config = g_try_new0(struct connman_config, 1);
494 config->ident = g_strdup(ident);
496 config->service_table = g_hash_table_new_full(g_str_hash, g_str_equal,
497 NULL, unregister_service);
499 g_hash_table_insert(config_table, config->ident, config);
501 connman_info("Adding configuration %s", config->ident);
506 static connman_bool_t validate_ident(const char *ident)
513 for (i = 0; i < strlen(ident); i++)
514 if (g_ascii_isprint(ident[i]) == FALSE)
520 static int read_configs(void)
526 dir = g_dir_open(STORAGEDIR, 0, NULL);
530 while ((file = g_dir_read_name(dir)) != NULL) {
534 if (g_str_has_suffix(file, ".config") == FALSE)
537 ident = g_strrstr(file, ".config");
541 str = g_string_new_len(file, ident - file);
545 ident = g_string_free(str, FALSE);
547 if (validate_ident(ident) == TRUE) {
548 struct connman_config *config;
550 config = create_config(ident);
554 connman_error("Invalid config ident %s", ident);
565 static gboolean inotify_data(GIOChannel *channel, GIOCondition cond,
573 if (cond & (G_IO_NVAL | G_IO_ERR | G_IO_HUP)) {
578 status = g_io_channel_read_chars(channel, buffer,
579 sizeof(buffer) -1, &bytes_read, NULL);
582 case G_IO_STATUS_NORMAL:
584 case G_IO_STATUS_AGAIN:
587 connman_error("Reading from inotify channel failed");
594 while (bytes_read > 0) {
595 struct inotify_event *event;
600 event = (struct inotify_event *) next_event;
602 ident = next_event + sizeof(struct inotify_event);
606 len = sizeof(struct inotify_event) + event->len;
608 /* check if inotify_event block fit */
609 if (len > bytes_read)
618 if (g_str_has_suffix(ident, ".config") == FALSE)
621 ext = g_strrstr(ident, ".config");
627 if (validate_ident(ident) == FALSE) {
628 connman_error("Invalid config ident %s", ident);
632 if (event->mask & IN_CREATE)
633 create_config(ident);
635 if (event->mask & IN_MODIFY) {
636 struct connman_config *config;
638 config = g_hash_table_lookup(config_table, ident);
639 if (config != NULL) {
642 g_hash_table_remove_all(config->service_table);
644 ret = __connman_service_provision_changed(ident);
647 * Re-scan the config file for any
650 g_hash_table_remove_all(config->service_table);
652 __connman_service_provision_changed(ident);
657 if (event->mask & IN_DELETE)
658 g_hash_table_remove(config_table, ident);
664 static int create_watch(void)
672 inotify_wd = inotify_add_watch(fd, STORAGEDIR,
673 IN_MODIFY | IN_CREATE | IN_DELETE);
674 if (inotify_wd < 0) {
675 connman_error("Creation of STORAGEDIR watch failed");
680 inotify_channel = g_io_channel_unix_new(fd);
681 if (inotify_channel == NULL) {
682 connman_error("Creation of inotify channel failed");
683 inotify_rm_watch(fd, inotify_wd);
690 g_io_channel_set_close_on_unref(inotify_channel, TRUE);
691 g_io_channel_set_encoding(inotify_channel, NULL, NULL);
692 g_io_channel_set_buffered(inotify_channel, FALSE);
694 inotify_watch = g_io_add_watch(inotify_channel,
695 G_IO_IN | G_IO_HUP | G_IO_NVAL | G_IO_ERR,
701 static void remove_watch(void)
705 if (inotify_channel == NULL)
708 if (inotify_watch > 0) {
709 g_source_remove(inotify_watch);
713 fd = g_io_channel_unix_get_fd(inotify_channel);
715 if (inotify_wd >= 0) {
716 inotify_rm_watch(fd, inotify_wd);
720 g_io_channel_unref(inotify_channel);
723 int __connman_config_init(void)
727 config_table = g_hash_table_new_full(g_str_hash, g_str_equal,
728 NULL, unregister_config);
732 return read_configs();
735 void __connman_config_cleanup(void)
743 g_hash_table_destroy(config_table);
749 static char *config_pem_fsid(const char *pem_file)
752 unsigned *fsid = (unsigned *) &buf.f_fsid;
753 unsigned long long fsid64;
755 if (pem_file == NULL)
758 if (statfs(pem_file, &buf) < 0) {
759 connman_error("statfs error %s for %s",
760 strerror(errno), pem_file);
764 fsid64 = ((unsigned long long) fsid[0] << 32) | fsid[1];
766 return g_strdup_printf("%llx", fsid64);
769 static void provision_service(gpointer key, gpointer value, gpointer user_data)
771 struct connman_service *service = user_data;
772 struct connman_config_service *config = value;
773 struct connman_network *network;
774 const void *ssid, *service_id;
775 unsigned int ssid_len;
777 /* For now only WiFi service entries are supported */
778 if (g_strcmp0(config->type, "wifi") != 0)
781 network = __connman_service_get_network(service);
782 if (network == NULL) {
783 connman_error("Service has no network set");
787 ssid = connman_network_get_blob(network, "WiFi.SSID", &ssid_len);
789 connman_error("Network SSID not set");
793 if (config->ssid == NULL || ssid_len != config->ssid_len)
796 if (memcmp(config->ssid, ssid, ssid_len) != 0)
799 service_id = __connman_service_get_ident(service);
800 config->service_identifiers =
801 g_slist_prepend(config->service_identifiers,
802 g_strdup(service_id));
804 __connman_service_set_immutable(service, TRUE);
806 __connman_service_set_favorite_delayed(service, TRUE, TRUE);
808 __connman_service_set_config(service, config->config_ident,
809 config->config_entry);
811 if (config->eap != NULL)
812 __connman_service_set_string(service, "EAP", config->eap);
814 if (config->identity != NULL)
815 __connman_service_set_string(service, "Identity",
818 if (config->ca_cert_file != NULL)
819 __connman_service_set_string(service, "CACertFile",
820 config->ca_cert_file);
822 if (config->client_cert_file != NULL)
823 __connman_service_set_string(service, "ClientCertFile",
824 config->client_cert_file);
826 if (config->private_key_file != NULL)
827 __connman_service_set_string(service, "PrivateKeyFile",
828 config->private_key_file);
830 if (g_strcmp0(config->private_key_passphrase_type, "fsid") == 0 &&
831 config->private_key_file != NULL) {
834 fsid = config_pem_fsid(config->private_key_file);
838 g_free(config->private_key_passphrase);
839 config->private_key_passphrase = fsid;
842 if (config->private_key_passphrase != NULL) {
843 __connman_service_set_string(service, "PrivateKeyPassphrase",
844 config->private_key_passphrase);
846 * TODO: Support for PEAP with both identity and key passwd.
847 * In that case, we should check if both of them are found
848 * from the config file. If not, we should not set the
849 * service passphrase in order for the UI to request for an
850 * additional passphrase.
854 if (config->phase2 != NULL)
855 __connman_service_set_string(service, "Phase2", config->phase2);
857 if (config->passphrase != NULL)
858 __connman_service_set_string(service, "Passphrase", config->passphrase);
860 if (config->hidden == TRUE)
861 __connman_service_set_hidden(service);
863 __connman_service_mark_dirty();
865 __connman_service_save(service);
868 int __connman_config_provision_service(struct connman_service *service)
870 enum connman_service_type type;
874 DBG("service %p", service);
876 /* For now only WiFi services are supported */
877 type = connman_service_get_type(service);
878 if (type != CONNMAN_SERVICE_TYPE_WIFI)
881 g_hash_table_iter_init(&iter, config_table);
883 while (g_hash_table_iter_next(&iter, &key, &value) == TRUE) {
884 struct connman_config *config = value;
886 g_hash_table_foreach(config->service_table,
887 provision_service, service);
893 int __connman_config_provision_service_ident(struct connman_service *service,
894 const char *ident, const char *file, const char *entry)
896 enum connman_service_type type;
897 struct connman_config *config;
900 DBG("service %p", service);
902 /* For now only WiFi services are supported */
903 type = connman_service_get_type(service);
904 if (type != CONNMAN_SERVICE_TYPE_WIFI)
907 config = g_hash_table_lookup(config_table, ident);
908 if (config != NULL) {
911 gboolean found = FALSE;
913 g_hash_table_iter_init(&iter, config->service_table);
916 * Check if we need to remove individual service if it
917 * is missing from config file.
919 if (file != NULL && entry != NULL) {
920 while (g_hash_table_iter_next(&iter, &key,
922 struct connman_config_service *config_service;
924 config_service = value;
926 if (g_strcmp0(config_service->config_ident,
930 if (g_strcmp0(config_service->config_entry,
938 DBG("found %d ident %s file %s entry %s", found, ident,
941 if (found == FALSE) {
943 * The entry+8 will skip "service_" prefix
945 g_hash_table_remove(config->service_table,
951 g_hash_table_foreach(config->service_table,
952 provision_service, service);
958 struct connman_config_entry **connman_config_get_entries(void)
960 GHashTableIter iter_file, iter_config;
962 struct connman_config_entry **entries = NULL;
965 g_hash_table_iter_init(&iter_file, config_table);
966 while (g_hash_table_iter_next(&iter_file, &key, &value) == TRUE) {
967 struct connman_config *config_file = value;
969 count = g_hash_table_size(config_file->service_table);
971 entries = g_try_realloc(entries, (i + count + 1) *
972 sizeof(struct connman_config_entry *));
976 g_hash_table_iter_init(&iter_config,
977 config_file->service_table);
978 while (g_hash_table_iter_next(&iter_config, &key,
980 struct connman_config_service *config = value;
982 entries[i] = g_try_new0(struct connman_config_entry,
984 if (entries[i] == NULL)
987 entries[i]->ident = g_strdup(config->ident);
988 entries[i]->name = g_strdup(config->name);
989 entries[i]->ssid = g_try_malloc0(config->ssid_len + 1);
990 if (entries[i]->ssid == NULL)
993 memcpy(entries[i]->ssid, config->ssid,
995 entries[i]->ssid_len = config->ssid_len;
996 entries[i]->hidden = config->hidden;
1002 if (entries != NULL) {
1003 entries = g_try_realloc(entries, (i + 1) *
1004 sizeof(struct connman_config_entry *));
1005 if (entries == NULL)
1010 DBG("%d provisioned AP found", i);
1016 connman_config_free_entries(entries);
1020 void connman_config_free_entries(struct connman_config_entry **entries)
1024 if (entries == NULL)
1027 for (i = 0; entries[i]; i++) {
1028 g_free(entries[i]->ident);
1029 g_free(entries[i]->name);
1030 g_free(entries[i]->ssid);