+
+static struct vpn_route *parse_user_route(const char *user_route)
+{
+ char *network, *netmask;
+ struct vpn_route *route = NULL;
+ int family = PF_UNSPEC;
+ char **elems = g_strsplit(user_route, "/", 0);
+
+ if (!elems)
+ return NULL;
+
+ network = elems[0];
+ if (!network || *network == '\0') {
+ DBG("no network/netmask set");
+ goto out;
+ }
+
+ netmask = elems[1];
+ if (netmask && *netmask == '\0') {
+ DBG("no netmask set");
+ goto out;
+ }
+
+ if (g_strrstr(network, ":"))
+ family = AF_INET6;
+ else if (g_strrstr(network, ".")) {
+ family = AF_INET;
+
+ if (!g_strrstr(netmask, ".")) {
+ /* We have netmask length */
+ in_addr_t addr;
+ struct in_addr netmask_in;
+ unsigned char prefix_len = 32;
+
+ if (netmask) {
+ char *ptr;
+ long int value = strtol(netmask, &ptr, 10);
+ if (ptr != netmask && *ptr == '\0' &&
+ value && value <= 32)
+ prefix_len = value;
+ }
+
+ addr = 0xffffffff << (32 - prefix_len);
+ netmask_in.s_addr = htonl(addr);
+ netmask = inet_ntoa(netmask_in);
+
+ DBG("network %s netmask %s", network, netmask);
+ }
+ }
+
+ route = g_try_new(struct vpn_route, 1);
+ if (!route)
+ goto out;
+
+ route->network = g_strdup(network);
+ route->netmask = g_strdup(netmask);
+ route->gateway = NULL;
+ route->family = family;
+
+out:
+ g_strfreev(elems);
+ return route;
+}
+
+static GSList *get_user_networks(DBusMessageIter *array)
+{
+ DBusMessageIter entry;
+ GSList *list = NULL;
+
+ dbus_message_iter_recurse(array, &entry);
+
+ while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
+ const char *val;
+ struct vpn_route *route;
+
+ dbus_message_iter_get_basic(&entry, &val);
+
+ route = parse_user_route(val);
+ if (route)
+ list = g_slist_prepend(list, route);
+
+ dbus_message_iter_next(&entry);
+ }
+
+ return list;
+}
+
+static void append_route(DBusMessageIter *iter, void *user_data)
+{
+ struct vpn_route *route = user_data;
+ DBusMessageIter item;
+ int family = 0;
+
+ connman_dbus_dict_open(iter, &item);
+
+ if (!route)
+ goto empty_dict;
+
+ if (route->family == AF_INET)
+ family = 4;
+ else if (route->family == AF_INET6)
+ family = 6;
+
+ if (family != 0)
+ connman_dbus_dict_append_basic(&item, "ProtocolFamily",
+ DBUS_TYPE_INT32, &family);
+
+ if (route->network)
+ connman_dbus_dict_append_basic(&item, "Network",
+ DBUS_TYPE_STRING, &route->network);
+
+ if (route->netmask)
+ connman_dbus_dict_append_basic(&item, "Netmask",
+ DBUS_TYPE_STRING, &route->netmask);
+
+ if (route->gateway)
+ connman_dbus_dict_append_basic(&item, "Gateway",
+ DBUS_TYPE_STRING, &route->gateway);
+
+empty_dict:
+ connman_dbus_dict_close(iter, &item);
+}
+
+static void append_routes(DBusMessageIter *iter, void *user_data)
+{
+ GSList *list, *routes = user_data;
+
+ DBG("routes %p", routes);
+
+ for (list = routes; list; list = g_slist_next(list)) {
+ DBusMessageIter dict;
+ struct vpn_route *route = list->data;
+
+ dbus_message_iter_open_container(iter, DBUS_TYPE_STRUCT, NULL,
+ &dict);
+ append_route(&dict, route);
+ dbus_message_iter_close_container(iter, &dict);
+ }
+}
+
+static int create_configuration(DBusMessage *msg, connection_ready_cb callback)
+{
+ DBusMessage *new_msg = NULL;
+ DBusPendingCall *call;
+ DBusMessageIter iter, array, new_iter, new_dict;
+ const char *type = NULL, *name = NULL;
+ const char *host = NULL, *domain = NULL;
+ char *ident, *me = NULL;
+ int err = 0;
+ dbus_bool_t result;
+ struct connection_data *data;
+ struct config_create_data *user_data = NULL;
+ GSList *networks = NULL;
+
+ /*
+ * We copy the old message data into new message. We cannot
+ * just use the old message as is because the user route
+ * information is not in the same format in vpnd.
+ */
+ new_msg = dbus_message_new(DBUS_MESSAGE_TYPE_METHOD_CALL);
+ dbus_message_iter_init_append(new_msg, &new_iter);
+ connman_dbus_dict_open(&new_iter, &new_dict);
+
+ dbus_message_iter_init(msg, &iter);
+ dbus_message_iter_recurse(&iter, &array);
+
+ while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_DICT_ENTRY) {
+ DBusMessageIter entry, value;
+ void *item_value;
+ const char *key;
+ int value_type;
+
+ dbus_message_iter_recurse(&array, &entry);
+ dbus_message_iter_get_basic(&entry, &key);
+
+ dbus_message_iter_next(&entry);
+ dbus_message_iter_recurse(&entry, &value);
+
+ value_type = dbus_message_iter_get_arg_type(&value);
+ item_value = NULL;
+
+ switch (value_type) {
+ case DBUS_TYPE_STRING:
+ dbus_message_iter_get_basic(&value, &item_value);
+
+ if (g_str_equal(key, "Type"))
+ type = (const char *)item_value;
+ else if (g_str_equal(key, "Name"))
+ name = (const char *)item_value;
+ else if (g_str_equal(key, "Host"))
+ host = (const char *)item_value;
+ else if (g_str_equal(key, "VPN.Domain"))
+ domain = (const char *)item_value;
+
+ DBG("%s %s", key, (char *)item_value);
+
+ if (item_value)
+ connman_dbus_dict_append_basic(&new_dict, key,
+ value_type, &item_value);
+ break;
+ case DBUS_TYPE_ARRAY:
+ if (g_str_equal(key, "Networks")) {
+ networks = get_user_networks(&value);
+ connman_dbus_dict_append_array(&new_dict,
+ "UserRoutes",
+ DBUS_TYPE_DICT_ENTRY,
+ append_routes,
+ networks);
+ }
+ break;
+ }
+
+ dbus_message_iter_next(&array);
+ }
+
+ connman_dbus_dict_close(&new_iter, &new_dict);
+
+ DBG("VPN type %s name %s host %s domain %s networks %p",
+ type, name, host, domain, networks);
+
+ if (!host || !domain) {
+ err = -EINVAL;
+ goto done;
+ }
+
+ if (!type || !name) {
+ err = -EOPNOTSUPP;
+ goto done;
+ }
+
+ ident = g_strdup_printf("%s_%s", host, domain);
+ set_dbus_ident(ident);
+
+ DBG("ident %s", ident);
+
+ data = g_hash_table_lookup(vpn_connections, ident);
+ if (data) {
+ if (data->call || data->cb_data) {
+ DBG("create configuration call already pending");
+ err = -EINPROGRESS;
+ goto done;
+ }
+ } else {
+ char *path = g_strdup_printf("%s/connection/%s", VPN_PATH,
+ ident);
+ data = create_connection_data(path);
+ g_free(path);
+
+ if (!data) {
+ err = -ENOMEM;
+ goto done;
+ }
+
+ g_hash_table_insert(vpn_connections, g_strdup(ident), data);
+ }
+
+ /*
+ * User called net.connman.Manager.ConnectProvider if we are here.
+ * So use the data from original message in the new msg.
+ */
+ me = g_strdup(dbus_message_get_destination(msg));
+
+ dbus_message_set_interface(new_msg, VPN_MANAGER_INTERFACE);
+ dbus_message_set_path(new_msg, "/");
+ dbus_message_set_destination(new_msg, VPN_SERVICE);
+ dbus_message_set_sender(new_msg, me);
+ dbus_message_set_member(new_msg, "Create");
+
+ user_data = g_try_new0(struct config_create_data, 1);
+ if (!user_data) {
+ err = -ENOMEM;
+ goto done;
+ }
+
+ user_data->callback = callback;
+ user_data->message = dbus_message_ref(msg);
+ user_data->path = NULL;
+
+ DBG("cb %p msg %p", user_data, msg);
+
+ result = dbus_connection_send_with_reply(connection, new_msg,
+ &call, DBUS_TIMEOUT);
+ if (!result || !call) {
+ err = -EIO;
+ goto done;
+ }
+
+ dbus_pending_call_set_notify(call, configuration_create_reply,
+ user_data, NULL);
+ data->call = call;
+
+done:
+ if (new_msg)
+ dbus_message_unref(new_msg);
+
+ if (networks)
+ g_slist_free_full(networks, destroy_route);
+
+ g_free(me);
+ return err;
+}
+
+static bool check_host(char **hosts, char *host)
+{
+ int i;
+
+ if (!hosts)
+ return false;
+
+ for (i = 0; hosts[i]; i++) {
+ if (g_strcmp0(hosts[i], host) == 0)
+ return true;
+ }
+
+ return false;
+}
+
+static void set_route(struct connection_data *data, struct vpn_route *route)
+{
+ /*
+ * If the VPN administrator/user has given a route to
+ * VPN server, then we must discard that because the
+ * server cannot be contacted via VPN tunnel.
+ */
+ if (check_host(data->host_ip, route->network)) {
+ DBG("Discarding VPN route to %s via %s at index %d",
+ route->network, route->gateway, data->index);
+ return;
+ }
+
+ if (route->family == AF_INET6) {
+ unsigned char prefix_len = atoi(route->netmask);
+
+ connman_inet_add_ipv6_network_route(data->index,
+ route->network,
+ route->gateway,
+ prefix_len);
+ } else {
+ connman_inet_add_network_route(data->index, route->network,
+ route->gateway,
+ route->netmask);
+ }
+}
+
+static int set_routes(struct connman_provider *provider,
+ enum connman_provider_route_type type)
+{
+ struct connection_data *data;
+ GHashTableIter iter;
+ gpointer value, key;
+
+ DBG("provider %p", provider);
+
+ data = connman_provider_get_data(provider);
+ if (!data)
+ return -EINVAL;
+
+ if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
+ type == CONNMAN_PROVIDER_ROUTE_USER) {
+ g_hash_table_iter_init(&iter, data->user_routes);
+
+ while (g_hash_table_iter_next(&iter, &key, &value))
+ set_route(data, value);
+ }
+
+ if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
+ type == CONNMAN_PROVIDER_ROUTE_SERVER) {
+ g_hash_table_iter_init(&iter, data->server_routes);
+
+ while (g_hash_table_iter_next(&iter, &key, &value))
+ set_route(data, value);
+ }
+
+ return 0;
+}
+
+static bool check_routes(struct connman_provider *provider)
+{
+ struct connection_data *data;
+
+ DBG("provider %p", provider);
+
+ data = connman_provider_get_data(provider);
+ if (!data)
+ return false;
+
+ if (data->user_routes &&
+ g_hash_table_size(data->user_routes) > 0)
+ return true;
+
+ if (data->server_routes &&
+ g_hash_table_size(data->server_routes) > 0)
+ return true;
+
+ return false;
+}
+
+static struct connman_provider_driver provider_driver = {
+ .name = "VPN",
+ .type = CONNMAN_PROVIDER_TYPE_VPN,
+ .probe = provider_probe,
+ .remove = provider_remove,
+ .connect = provider_connect,
+ .disconnect = provider_disconnect,
+ .set_property = set_string,
+ .get_property = get_string,
+ .create = create_configuration,
+ .set_routes = set_routes,
+ .check_routes = check_routes,
+};
+
+static void destroy_provider(struct connection_data *data)
+{
+ DBG("data %p", data);
+
+ if (provider_is_connected(data))
+ connman_provider_disconnect(data->provider);
+
+ connman_provider_set_data(data->provider, NULL);
+ connman_provider_remove(data->provider);
+ data->provider = NULL;
+}
+
+static void connection_destroy(gpointer hash_data)
+{
+ struct connection_data *data = hash_data;
+
+ DBG("data %p", data);
+
+ if (data->provider)
+ destroy_provider(data);
+
+ if (data->call) {
+ dbus_pending_call_cancel(data->call);
+ dbus_pending_call_unref(data->call);
+ }
+
+ if (data->disconnect_call) {
+ dbus_pending_call_cancel(data->disconnect_call);
+ dbus_pending_call_unref(data->disconnect_call);
+ }
+
+ g_free(data->service_ident);
+ g_free(data->path);
+ g_free(data->ident);
+ g_free(data->state);
+ g_free(data->type);
+ g_free(data->name);
+ g_free(data->host);
+ g_strfreev(data->host_ip);
+ g_free(data->domain);
+ g_hash_table_destroy(data->server_routes);
+ g_hash_table_destroy(data->user_routes);
+ g_strfreev(data->nameservers);
+ g_hash_table_destroy(data->setting_strings);
+ connman_ipaddress_free(data->ip);
+
+ cancel_host_resolv(data);
+
+ g_free(data);
+}
+
+static void vpnd_created(DBusConnection *conn, void *user_data)
+{
+ DBG("connection %p", conn);
+
+ get_connections(user_data);
+}
+
+static void vpnd_removed(DBusConnection *conn, void *user_data)
+{
+ DBG("connection %p", conn);
+
+ g_hash_table_remove_all(vpn_connections);
+}
+
+static void remove_connection(DBusConnection *conn, const char *path)
+{
+ DBG("path %s", path);
+
+ g_hash_table_remove(vpn_connections, get_ident(path));
+}
+
+static gboolean connection_removed(DBusConnection *conn, DBusMessage *message,
+ void *user_data)
+{
+ const char *path;
+ const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
+ struct connection_data *data;
+
+ if (!dbus_message_has_signature(message, signature)) {
+ connman_error("vpn removed signature \"%s\" does not match "
+ "expected \"%s\"",
+ dbus_message_get_signature(message), signature);
+ return TRUE;
+ }
+
+ dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &path,
+ DBUS_TYPE_INVALID);
+
+ data = g_hash_table_lookup(vpn_connections, get_ident(path));
+ if (data)
+ remove_connection(conn, path);
+
+ return TRUE;
+}
+
+static gboolean connection_added(DBusConnection *conn, DBusMessage *message,
+ void *user_data)
+{
+ DBusMessageIter iter, properties;
+ const char *path;
+ const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING
+ DBUS_TYPE_ARRAY_AS_STRING
+ DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
+ DBUS_TYPE_STRING_AS_STRING
+ DBUS_TYPE_VARIANT_AS_STRING
+ DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
+
+ if (!dbus_message_has_signature(message, signature)) {
+ connman_error("vpn ConnectionAdded signature \"%s\" does not "
+ "match expected \"%s\"",
+ dbus_message_get_signature(message), signature);
+ return TRUE;
+ }
+
+ DBG("");
+
+ if (!dbus_message_iter_init(message, &iter))
+ return TRUE;
+
+ dbus_message_iter_get_basic(&iter, &path);
+
+ dbus_message_iter_next(&iter);
+ dbus_message_iter_recurse(&iter, &properties);
+
+ add_connection(path, &properties, user_data);
+
+ return TRUE;
+}
+
+static int save_route(GHashTable *routes, int family, const char *network,
+ const char *netmask, const char *gateway)
+{
+ struct vpn_route *route;
+ char *key = g_strdup_printf("%d/%s/%s", family, network, netmask);
+
+ DBG("family %d network %s netmask %s", family, network, netmask);
+
+ route = g_hash_table_lookup(routes, key);
+ if (!route) {
+ route = g_try_new0(struct vpn_route, 1);
+ if (!route) {
+ connman_error("out of memory");
+ return -ENOMEM;
+ }
+
+ route->family = family;
+ route->network = g_strdup(network);
+ route->netmask = g_strdup(netmask);
+ route->gateway = g_strdup(gateway);
+
+ g_hash_table_replace(routes, key, route);
+ } else
+ g_free(key);
+
+ return 0;
+}
+
+static int read_route_dict(GHashTable *routes, DBusMessageIter *dicts)
+{
+ DBusMessageIter dict;
+ const char *network, *netmask, *gateway;
+ int family;
+
+ dbus_message_iter_recurse(dicts, &dict);
+
+ network = netmask = gateway = NULL;
+ family = PF_UNSPEC;
+
+ while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
+
+ DBusMessageIter entry, value;
+ const char *key;
+
+ dbus_message_iter_recurse(&dict, &entry);
+ dbus_message_iter_get_basic(&entry, &key);
+
+ dbus_message_iter_next(&entry);
+ dbus_message_iter_recurse(&entry, &value);
+
+ if (g_str_equal(key, "ProtocolFamily")) {
+ int pf;
+ dbus_message_iter_get_basic(&value, &pf);
+ switch (pf) {
+ case 4:
+ family = AF_INET;
+ break;
+ case 6:
+ family = AF_INET6;
+ break;
+ }
+ DBG("family %d", family);
+ } else if (g_str_equal(key, "Netmask")) {
+ dbus_message_iter_get_basic(&value, &netmask);
+ DBG("netmask %s", netmask);
+ } else if (g_str_equal(key, "Network")) {
+ dbus_message_iter_get_basic(&value, &network);
+ DBG("host %s", network);
+ } else if (g_str_equal(key, "Gateway")) {
+ dbus_message_iter_get_basic(&value, &gateway);
+ DBG("gateway %s", gateway);
+ }
+
+ dbus_message_iter_next(&dict);
+ }
+
+ if (!netmask || !network || !gateway) {
+ DBG("Value missing.");
+ return -EINVAL;
+ }
+
+ return save_route(routes, family, network, netmask, gateway);
+}
+
+static int routes_changed(DBusMessageIter *array, GHashTable *routes)
+{
+ DBusMessageIter entry;
+ int ret = -EINVAL;
+
+ if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY) {
+ DBG("Expecting array, ignoring routes.");
+ return -EINVAL;
+ }
+
+ while (dbus_message_iter_get_arg_type(array) == DBUS_TYPE_ARRAY) {
+
+ dbus_message_iter_recurse(array, &entry);
+
+ while (dbus_message_iter_get_arg_type(&entry) ==
+ DBUS_TYPE_STRUCT) {
+ DBusMessageIter dicts;
+
+ dbus_message_iter_recurse(&entry, &dicts);
+
+ while (dbus_message_iter_get_arg_type(&dicts) ==
+ DBUS_TYPE_ARRAY) {
+ int err = read_route_dict(routes, &dicts);
+ if (ret != 0)
+ ret = err;
+ dbus_message_iter_next(&dicts);
+ }
+
+ dbus_message_iter_next(&entry);
+ }
+
+ dbus_message_iter_next(array);
+ }
+
+ return ret;
+}
+
+static gboolean property_changed(DBusConnection *conn,
+ DBusMessage *message,
+ void *user_data)
+{
+ const char *path = dbus_message_get_path(message);
+ struct connection_data *data = NULL;
+ DBusMessageIter iter, value;
+ bool ip_set = false;
+ int err;
+ char *str;
+ const char *key;
+ const char *signature = DBUS_TYPE_STRING_AS_STRING
+ DBUS_TYPE_VARIANT_AS_STRING;
+
+ if (!dbus_message_has_signature(message, signature)) {
+ connman_error("vpn property signature \"%s\" does not match "
+ "expected \"%s\"",
+ dbus_message_get_signature(message), signature);
+ return TRUE;
+ }
+
+ data = g_hash_table_lookup(vpn_connections, get_ident(path));
+ if (!data)
+ return TRUE;
+
+ if (!dbus_message_iter_init(message, &iter))
+ return TRUE;
+
+ dbus_message_iter_get_basic(&iter, &key);
+
+ dbus_message_iter_next(&iter);
+ dbus_message_iter_recurse(&iter, &value);
+
+ DBG("key %s", key);
+
+ if (g_str_equal(key, "State")) {
+ dbus_message_iter_get_basic(&value, &str);
+
+ DBG("%s %s -> %s", data->path, data->state, str);
+
+ if (g_str_equal(data->state, str))
+ return TRUE;
+
+ g_free(data->state);
+ data->state = g_strdup(str);
+
+ set_provider_state(data);
+ } else if (g_str_equal(key, "Index")) {
+ dbus_message_iter_get_basic(&value, &data->index);
+ connman_provider_set_index(data->provider, data->index);
+ } else if (g_str_equal(key, "IPv4")) {
+ err = extract_ip(&value, AF_INET, data);
+ ip_set = true;
+ } else if (g_str_equal(key, "IPv6")) {
+ err = extract_ip(&value, AF_INET6, data);
+ ip_set = true;
+ } else if (g_str_equal(key, "ServerRoutes")) {
+ err = routes_changed(&value, data->server_routes);
+ /*
+ * Note that the vpnd will delay the route sending a bit
+ * (in order to collect the routes from VPN client),
+ * so we might have got the State changed property before
+ * we got ServerRoutes. This means that we must try to set
+ * the routes here because they would be left unset otherwise.
+ */
+ if (err == 0)
+ set_routes(data->provider,
+ CONNMAN_PROVIDER_ROUTE_SERVER);
+ } else if (g_str_equal(key, "UserRoutes")) {
+ err = routes_changed(&value, data->user_routes);
+ if (err == 0)
+ set_routes(data->provider,
+ CONNMAN_PROVIDER_ROUTE_USER);
+ } else if (g_str_equal(key, "Nameservers")) {
+ if (extract_nameservers(&value, data) == 0 &&
+ data->nameservers)
+ connman_provider_set_nameservers(data->provider,
+ data->nameservers);
+ } else if (g_str_equal(key, "Domain")) {
+ dbus_message_iter_get_basic(&value, &str);
+ g_free(data->domain);
+ data->domain = g_strdup(str);
+ connman_provider_set_domain(data->provider, data->domain);
+ }
+
+ if (ip_set && err == 0) {
+ err = connman_provider_set_ipaddress(data->provider, data->ip);
+ if (err < 0)
+ DBG("setting provider IP address failed (%s/%d)",
+ strerror(-err), -err);
+ }
+
+ return TRUE;
+}
+
+static int vpn_find_online_transport_cb(struct connman_service *service,
+ void *user_data)
+{
+ if (connman_service_get_type(service) != CONNMAN_SERVICE_TYPE_VPN) {
+ switch (connman_service_get_state(service)) {
+ case CONNMAN_SERVICE_STATE_ONLINE:
+ *((struct connman_service**)user_data) = service;
+ return 1;
+ default:
+ break;
+ }
+ }
+
+ return 0;
+}
+
+static struct connman_service *vpn_find_online_transport()
+{
+ struct connman_service *service = NULL;
+
+ connman_service_iterate_services(vpn_find_online_transport_cb,
+ &service);
+ return service;
+}
+
+static bool vpn_is_valid_transport(struct connman_service *transport)
+{
+ if (transport) {
+ struct connman_service *online;
+
+ switch (connman_service_get_state(transport)) {
+ case CONNMAN_SERVICE_STATE_READY:
+ online = vpn_find_online_transport();
+
+ /* Stay connected if there are no online services */
+ if (!online)
+ return true;
+
+ DBG("%s is ready, %s is online, disconnecting",
+ connman_service_get_identifier(transport),
+ connman_service_get_identifier(online));
+ break;
+
+ case CONNMAN_SERVICE_STATE_ONLINE:
+ online = vpn_find_online_transport();
+
+ /* Check if our transport is still the default */
+ if (online == transport)
+ return true;
+
+ DBG("%s is replaced by %s as default, disconnecting",
+ connman_service_get_identifier(transport),
+ connman_service_get_identifier(online));
+ break;
+
+ default:
+ break;
+ }
+ } else {
+ DBG("transport gone");
+ }
+
+ return false;
+}
+
+static void vpn_disconnect_check_provider(struct connection_data *data)
+{
+ if (provider_is_connected(data)) {
+ /* With NULL service ident NULL is returned immediately */
+ struct connman_service *service =
+ connman_service_lookup_from_identifier
+ (data->service_ident);
+
+ if (!vpn_is_valid_transport(service)) {
+ connman_provider_disconnect(data->provider);
+ }
+ }
+}
+
+static void vpn_disconnect_check()
+{
+ GHashTableIter iter;
+ gpointer value;
+
+ DBG("");
+ g_hash_table_iter_init(&iter, vpn_connections);
+ while (g_hash_table_iter_next(&iter, NULL, &value))
+ vpn_disconnect_check_provider(value);
+}
+
+static void vpn_service_add(struct connman_service *service, const char *name)
+{
+ vpn_disconnect_check();
+}
+
+static void vpn_service_list_changed(struct connman_service *service)
+{
+ vpn_disconnect_check();
+}
+
+static void vpn_service_state_changed(struct connman_service *service,
+ enum connman_service_state state)
+{
+ vpn_disconnect_check();
+}
+
+static const struct connman_notifier vpn_notifier = {
+ .name = "vpn",
+ .priority = CONNMAN_NOTIFIER_PRIORITY_DEFAULT,
+ .default_changed = vpn_service_list_changed,
+ .service_add = vpn_service_add,
+ .service_remove = vpn_service_list_changed,
+ .service_state_changed = vpn_service_state_changed
+};
+
+static int vpn_init(void)
+{
+ int err;
+
+ connection = connman_dbus_get_connection();
+ if (!connection)
+ return -EIO;
+
+ watch = g_dbus_add_service_watch(connection, VPN_SERVICE,
+ vpnd_created, vpnd_removed, &provider_driver, NULL);
+
+ added_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
+ VPN_MANAGER_INTERFACE,
+ CONNECTION_ADDED, connection_added,
+ &provider_driver, NULL);
+
+ removed_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
+ VPN_MANAGER_INTERFACE,
+ CONNECTION_REMOVED, connection_removed,
+ NULL, NULL);
+
+ property_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
+ VPN_CONNECTION_INTERFACE,
+ PROPERTY_CHANGED, property_changed,
+ NULL, NULL);
+
+ if (added_watch == 0 || removed_watch == 0 || property_watch == 0) {
+ err = -EIO;
+ goto remove;
+ }
+
+ err = connman_provider_driver_register(&provider_driver);
+ if (err == 0) {
+ vpn_connections = g_hash_table_new_full(g_str_hash,
+ g_str_equal,
+ g_free, connection_destroy);
+
+ vpnd_created(connection, &provider_driver);
+ }
+
+ connman_notifier_register(&vpn_notifier);
+ return err;
+
+remove:
+ g_dbus_remove_watch(connection, watch);
+ g_dbus_remove_watch(connection, added_watch);
+ g_dbus_remove_watch(connection, removed_watch);
+ g_dbus_remove_watch(connection, property_watch);
+
+ dbus_connection_unref(connection);
+
+ return err;
+}
+
+static void vpn_exit(void)
+{
+ g_dbus_remove_watch(connection, watch);
+ g_dbus_remove_watch(connection, added_watch);
+ g_dbus_remove_watch(connection, removed_watch);
+ g_dbus_remove_watch(connection, property_watch);
+
+ connman_notifier_unregister(&vpn_notifier);
+ connman_provider_driver_unregister(&provider_driver);
+
+ if (vpn_connections)
+ g_hash_table_destroy(vpn_connections);
+
+ dbus_connection_unref(connection);
+}
+
+CONNMAN_PLUGIN_DEFINE(vpn, "VPN plugin", VERSION,
+ CONNMAN_PLUGIN_PRIORITY_DEFAULT, vpn_init, vpn_exit)