5 * Copyright (C) 2012-2013 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
28 #include <sys/socket.h>
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/technology.h>
36 #include <connman/plugin.h>
37 #include <connman/log.h>
38 #include <connman/dbus.h>
39 #include <connman/provider.h>
40 #include <connman/ipaddress.h>
41 #include <connman/vpn-dbus.h>
42 #include <connman/inet.h>
43 #include <gweb/gresolv.h>
45 #define DBUS_TIMEOUT 10000
47 static DBusConnection *connection;
49 static GHashTable *vpn_connections = NULL;
51 static guint added_watch;
52 static guint removed_watch;
53 static guint property_watch;
62 struct config_create_data {
63 connection_ready_cb callback;
68 struct connection_data {
71 struct connman_provider *provider;
73 DBusPendingCall *call;
75 struct config_create_data *cb_data;
86 GHashTable *server_routes;
87 GHashTable *user_routes;
88 GHashTable *setting_strings;
90 struct connman_ipaddress *ip;
96 static int set_string(struct connman_provider *provider,
97 const char *key, const char *value)
99 struct connection_data *data;
101 data = connman_provider_get_data(provider);
105 DBG("data %p provider %p key %s value %s", data, provider, key, value);
107 if (g_str_equal(key, "Type")) {
109 data->type = g_strdup(value);
110 } else if (g_str_equal(key, "Name")) {
112 data->name = g_strdup(value);
113 } else if (g_str_equal(key, "Host")) {
115 data->host = g_strdup(value);
116 } else if (g_str_equal(key, "VPN.Domain") ||
117 g_str_equal(key, "Domain")) {
118 g_free(data->domain);
119 data->domain = g_strdup(value);
121 g_hash_table_replace(data->setting_strings,
122 g_strdup(key), g_strdup(value));
126 static const char *get_string(struct connman_provider *provider,
129 struct connection_data *data;
131 data = connman_provider_get_data(provider);
135 DBG("data %p provider %p key %s", data, provider, key);
137 if (g_str_equal(key, "Type"))
139 else if (g_str_equal(key, "Name"))
141 else if (g_str_equal(key, "Host"))
143 else if (g_str_equal(key, "HostIP")) {
144 if (!data->host_ip ||
148 return data->host_ip[0];
149 } else if (g_str_equal(key, "VPN.Domain"))
152 return g_hash_table_lookup(data->setting_strings, key);
155 static char *get_ident(const char *path)
162 pos = strrchr(path, '/');
169 static void cancel_host_resolv(struct connection_data *data)
171 if (data->resolv_id != 0)
172 g_resolv_cancel_lookup(data->resolv, data->resolv_id);
176 g_resolv_unref(data->resolv);
180 static gboolean remove_resolv(gpointer user_data)
182 struct connection_data *data = user_data;
184 cancel_host_resolv(data);
189 static void resolv_result(GResolvResultStatus status,
190 char **results, gpointer user_data)
192 struct connection_data *data = user_data;
194 DBG("status %d", status);
196 if (status == G_RESOLV_RESULT_STATUS_SUCCESS && results &&
197 g_strv_length(results) > 0) {
198 g_strfreev(data->host_ip);
199 data->host_ip = g_strdupv(results);
203 * We cannot unref the resolver here as resolv struct is manipulated
204 * by gresolv.c after we return from this callback.
206 g_idle_add(remove_resolv, data);
211 static void resolv_host_addr(struct connection_data *data)
216 if (connman_inet_check_ipaddress(data->host) > 0)
222 data->resolv = g_resolv_new(0);
224 DBG("Cannot resolv %s", data->host);
228 DBG("Trying to resolv %s", data->host);
230 data->resolv_id = g_resolv_lookup_hostname(data->resolv, data->host,
231 resolv_result, data);
234 static void free_config_cb_data(struct config_create_data *cb_data)
239 g_free(cb_data->path);
240 cb_data->path = NULL;
242 if (cb_data->message) {
243 dbus_message_unref(cb_data->message);
244 cb_data->message = NULL;
247 cb_data->callback = NULL;
252 static void set_provider_state(struct connection_data *data)
254 enum connman_provider_state state = CONNMAN_PROVIDER_STATE_UNKNOWN;
257 DBG("provider %p new state %s", data->provider, data->state);
259 if (g_str_equal(data->state, "ready")) {
260 state = CONNMAN_PROVIDER_STATE_READY;
262 } else if (g_str_equal(data->state, "configuration")) {
263 state = CONNMAN_PROVIDER_STATE_CONNECT;
264 } else if (g_str_equal(data->state, "idle")) {
265 state = CONNMAN_PROVIDER_STATE_IDLE;
266 } else if (g_str_equal(data->state, "disconnect")) {
268 state = CONNMAN_PROVIDER_STATE_DISCONNECT;
270 } else if (g_str_equal(data->state, "failure")) {
272 state = CONNMAN_PROVIDER_STATE_FAILURE;
276 connman_provider_set_state(data->provider, state);
281 data->cb_data->callback(data->cb_data->message,
284 connman_provider_set_state(data->provider, state);
286 free_config_cb_data(data->cb_data);
287 data->cb_data = NULL;
290 static int create_provider(struct connection_data *data, void *user_data)
292 struct connman_provider_driver *driver = user_data;
295 DBG("%s", data->path);
297 data->provider = connman_provider_get(data->ident);
301 DBG("provider %p name %s", data->provider, data->name);
303 connman_provider_set_data(data->provider, data);
304 connman_provider_set_driver(data->provider, driver);
306 err = connman_provider_create_service(data->provider);
308 connman_provider_set_immutable(data->provider, data->immutable);
309 if (g_str_equal(data->state, "ready")) {
310 connman_provider_set_index(data->provider,
313 connman_provider_set_ipaddress(data->provider,
317 set_provider_state(data);
323 static void destroy_route(gpointer user_data)
325 struct vpn_route *route = user_data;
327 g_free(route->network);
328 g_free(route->netmask);
329 g_free(route->gateway);
333 static struct connection_data *create_connection_data(const char *path)
335 struct connection_data *data;
337 data = g_try_new0(struct connection_data, 1);
341 DBG("path %s", path);
343 data->path = g_strdup(path);
344 data->ident = g_strdup(get_ident(path));
347 data->setting_strings = g_hash_table_new_full(g_str_hash,
348 g_str_equal, g_free, g_free);
350 data->server_routes = g_hash_table_new_full(g_direct_hash,
351 g_str_equal, g_free, destroy_route);
352 data->user_routes = g_hash_table_new_full(g_str_hash,
353 g_str_equal, g_free, destroy_route);
358 static int extract_ip(DBusMessageIter *array, int family,
359 struct connection_data *data)
361 DBusMessageIter dict;
362 char *address = NULL, *gateway = NULL, *netmask = NULL, *peer = NULL;
363 unsigned char prefix_len;
365 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY)
368 dbus_message_iter_recurse(array, &dict);
370 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
371 DBusMessageIter entry, value;
374 dbus_message_iter_recurse(&dict, &entry);
375 dbus_message_iter_get_basic(&entry, &key);
377 dbus_message_iter_next(&entry);
378 dbus_message_iter_recurse(&entry, &value);
380 if (g_str_equal(key, "Address")) {
381 dbus_message_iter_get_basic(&value, &address);
382 DBG("address %s", address);
383 } else if (g_str_equal(key, "Netmask")) {
384 dbus_message_iter_get_basic(&value, &netmask);
385 DBG("netmask %s", netmask);
386 } else if (g_str_equal(key, "PrefixLength")) {
387 dbus_message_iter_get_basic(&value, &netmask);
388 DBG("prefix length %s", netmask);
389 } else if (g_str_equal(key, "Peer")) {
390 dbus_message_iter_get_basic(&value, &peer);
391 DBG("peer %s", peer);
392 } else if (g_str_equal(key, "Gateway")) {
393 dbus_message_iter_get_basic(&value, &gateway);
394 DBG("gateway %s", gateway);
397 dbus_message_iter_next(&dict);
400 connman_ipaddress_free(data->ip);
401 data->ip = connman_ipaddress_alloc(family);
407 connman_ipaddress_set_ipv4(data->ip, address, netmask,
411 prefix_len = atoi(netmask);
412 connman_ipaddress_set_ipv6(data->ip, address, prefix_len,
419 connman_ipaddress_set_peer(data->ip, peer);
424 static int extract_nameservers(DBusMessageIter *array,
425 struct connection_data *data)
427 DBusMessageIter entry;
428 char **nameservers = NULL;
431 dbus_message_iter_recurse(array, &entry);
433 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
434 const char *nameserver;
436 dbus_message_iter_get_basic(&entry, &nameserver);
438 nameservers = g_try_renew(char *, nameservers, i + 2);
442 DBG("[%d] %s", i, nameserver);
444 nameservers[i] = g_strdup(nameserver);
448 nameservers[++i] = NULL;
450 dbus_message_iter_next(&entry);
453 g_strfreev(data->nameservers);
454 data->nameservers = nameservers;
459 static int errorstr2val(const char *error) {
460 if (g_strcmp0(error, CONNMAN_ERROR_INTERFACE ".InProgress") == 0)
463 if (g_strcmp0(error, CONNMAN_ERROR_INTERFACE ".AlreadyConnected") == 0)
466 return -ECONNREFUSED;
469 static void connect_reply(DBusPendingCall *call, void *user_data)
473 struct connection_data *data = user_data;
474 struct config_create_data *cb_data = data->cb_data;
476 if (!dbus_pending_call_get_completed(call))
479 DBG("user_data %p path %s", user_data, cb_data ? cb_data->path : NULL);
481 reply = dbus_pending_call_steal_reply(call);
483 dbus_error_init(&error);
485 if (dbus_set_error_from_message(&error, reply)) {
486 int err = errorstr2val(error.name);
487 if (err != -EINPROGRESS) {
488 connman_error("Connect reply: %s (%s)", error.message,
490 dbus_error_free(&error);
492 DBG("data %p cb_data %p", data, cb_data);
494 cb_data->callback(cb_data->message, err, NULL);
495 free_config_cb_data(cb_data);
496 data->cb_data = NULL;
500 dbus_error_free(&error);
504 * The vpn connection is up when we get a "ready" state
505 * property so at this point we do nothing for the provider
510 dbus_message_unref(reply);
512 dbus_pending_call_unref(call);
515 static int connect_provider(struct connection_data *data, void *user_data,
516 const char *dbus_sender)
518 DBusPendingCall *call;
519 DBusMessage *message;
520 struct config_create_data *cb_data = user_data;
522 DBG("data %p user %p path %s sender %s", data, cb_data, data->path,
525 data->connect_pending = false;
527 #define VPN_CONNECT2 "Connect2"
529 /* We need to pass original dbus sender to connman-vpnd,
530 * use a Connect2 method for that.
532 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
533 VPN_CONNECTION_INTERFACE,
539 dbus_message_append_args(message, DBUS_TYPE_STRING,
544 if (!dbus_connection_send_with_reply(connection, message,
545 &call, DBUS_TIMEOUT)) {
546 connman_error("Unable to call %s.%s()",
547 VPN_CONNECTION_INTERFACE, VPN_CONNECT2);
548 dbus_message_unref(message);
553 dbus_message_unref(message);
558 g_free(cb_data->path);
559 cb_data->path = g_strdup(data->path);
562 dbus_pending_call_set_notify(call, connect_reply, data, NULL);
564 dbus_message_unref(message);
569 static void add_connection(const char *path, DBusMessageIter *properties,
572 struct connection_data *data;
574 char *ident = get_ident(path);
577 data = g_hash_table_lookup(vpn_connections, ident);
580 * We might have a dummy connection struct here that
581 * was created by configuration_create_reply() so in
582 * that case just continue.
584 if (!data->connect_pending)
589 data = create_connection_data(path);
594 DBG("data %p path %s", data, path);
596 while (dbus_message_iter_get_arg_type(properties) ==
597 DBUS_TYPE_DICT_ENTRY) {
598 DBusMessageIter entry, value;
602 dbus_message_iter_recurse(properties, &entry);
603 dbus_message_iter_get_basic(&entry, &key);
605 dbus_message_iter_next(&entry);
606 dbus_message_iter_recurse(&entry, &value);
608 if (g_str_equal(key, "State")) {
609 dbus_message_iter_get_basic(&value, &str);
610 DBG("state %s -> %s", data->state, str);
611 data->state = g_strdup(str);
612 } else if (g_str_equal(key, "IPv4")) {
613 extract_ip(&value, AF_INET, data);
614 } else if (g_str_equal(key, "IPv6")) {
615 extract_ip(&value, AF_INET6, data);
616 } else if (g_str_equal(key, "Name")) {
617 dbus_message_iter_get_basic(&value, &str);
618 data->name = g_strdup(str);
619 } else if (g_str_equal(key, "Type")) {
620 dbus_message_iter_get_basic(&value, &str);
621 data->type = g_strdup(str);
622 } else if (g_str_equal(key, "Immutable")) {
623 dbus_bool_t immutable;
625 dbus_message_iter_get_basic(&value, &immutable);
626 data->immutable = immutable;
627 } else if (g_str_equal(key, "Host")) {
628 dbus_message_iter_get_basic(&value, &str);
629 data->host = g_strdup(str);
630 } else if (g_str_equal(key, "Domain")) {
631 dbus_message_iter_get_basic(&value, &str);
632 g_free(data->domain);
633 data->domain = g_strdup(str);
634 } else if (g_str_equal(key, "Nameservers")) {
635 extract_nameservers(&value, data);
636 } else if (g_str_equal(key, "Index")) {
637 dbus_message_iter_get_basic(&value, &data->index);
638 } else if (g_str_equal(key, "ServerRoutes")) {
640 } else if (g_str_equal(key, "UserRoutes")) {
643 if (dbus_message_iter_get_arg_type(&value) ==
645 dbus_message_iter_get_basic(&value, &str);
646 g_hash_table_replace(data->setting_strings,
647 g_strdup(key), g_strdup(str));
649 DBG("unknown key %s", key);
653 dbus_message_iter_next(properties);
657 g_hash_table_insert(vpn_connections, g_strdup(data->ident),
660 err = create_provider(data, user_data);
664 resolv_host_addr(data);
666 if (data->nameservers)
667 connman_provider_set_nameservers(data->provider,
671 connman_provider_set_domain(data->provider,
674 if (data->connect_pending) {
675 const char *dbus_sender = NULL;
677 if (data->cb_data && data->cb_data->message) {
679 dbus_message_get_sender(data->cb_data->message);
681 connect_provider(data, data->cb_data, dbus_sender);
687 DBG("removing %s", data->ident);
688 g_hash_table_remove(vpn_connections, data->ident);
691 static void get_connections_reply(DBusPendingCall *call, void *user_data)
695 DBusMessageIter array, dict;
696 const char *signature = DBUS_TYPE_ARRAY_AS_STRING
697 DBUS_STRUCT_BEGIN_CHAR_AS_STRING
698 DBUS_TYPE_OBJECT_PATH_AS_STRING
699 DBUS_TYPE_ARRAY_AS_STRING
700 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
701 DBUS_TYPE_STRING_AS_STRING
702 DBUS_TYPE_VARIANT_AS_STRING
703 DBUS_DICT_ENTRY_END_CHAR_AS_STRING
704 DBUS_STRUCT_END_CHAR_AS_STRING;
706 if (!dbus_pending_call_get_completed(call))
711 reply = dbus_pending_call_steal_reply(call);
713 dbus_error_init(&error);
715 if (dbus_set_error_from_message(&error, reply)) {
716 connman_error("%s", error.message);
717 dbus_error_free(&error);
721 if (!dbus_message_has_signature(reply, signature)) {
722 connman_error("vpnd signature \"%s\" does not match "
724 dbus_message_get_signature(reply), signature);
728 if (!dbus_message_iter_init(reply, &array))
731 dbus_message_iter_recurse(&array, &dict);
733 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_STRUCT) {
734 DBusMessageIter value, properties;
737 dbus_message_iter_recurse(&dict, &value);
738 dbus_message_iter_get_basic(&value, &path);
740 dbus_message_iter_next(&value);
741 dbus_message_iter_recurse(&value, &properties);
743 add_connection(path, &properties, user_data);
745 dbus_message_iter_next(&dict);
749 dbus_message_unref(reply);
751 dbus_pending_call_unref(call);
754 static int get_connections(void *user_data)
756 DBusPendingCall *call;
757 DBusMessage *message;
761 message = dbus_message_new_method_call(VPN_SERVICE, "/",
762 VPN_MANAGER_INTERFACE,
767 if (!dbus_connection_send_with_reply(connection, message,
768 &call, DBUS_TIMEOUT)) {
769 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
771 dbus_message_unref(message);
776 dbus_message_unref(message);
780 dbus_pending_call_set_notify(call, get_connections_reply,
783 dbus_message_unref(message);
788 static int provider_probe(struct connman_provider *provider)
793 static void remove_connection_reply(DBusPendingCall *call, void *user_data)
798 if (!dbus_pending_call_get_completed(call))
803 reply = dbus_pending_call_steal_reply(call);
805 dbus_error_init(&error);
807 if (dbus_set_error_from_message(&error, reply)) {
809 * If the returned error is NotFound, it means that we
810 * have actually removed the provider in vpnd already.
812 if (!dbus_error_has_name(&error,
813 CONNMAN_ERROR_INTERFACE".NotFound"))
814 connman_error("%s", error.message);
816 dbus_error_free(&error);
819 dbus_message_unref(reply);
821 dbus_pending_call_unref(call);
824 static int provider_remove(struct connman_provider *provider)
826 DBusPendingCall *call;
827 DBusMessage *message;
828 struct connection_data *data;
830 data = connman_provider_get_data(provider);
832 DBG("provider %p data %p", provider, data);
836 * This means the provider is already removed,
837 * just ignore the dbus in this case.
843 * When provider.c:provider_remove() calls this function,
844 * it will remove the provider itself after the call.
845 * This means that we cannot use the provider pointer later
846 * as it is no longer valid.
848 data->provider = NULL;
850 message = dbus_message_new_method_call(VPN_SERVICE, "/",
851 VPN_MANAGER_INTERFACE,
856 dbus_message_append_args(message, DBUS_TYPE_OBJECT_PATH, &data->path,
859 if (!dbus_connection_send_with_reply(connection, message,
860 &call, DBUS_TIMEOUT)) {
861 connman_error("Unable to call %s.%s()", VPN_MANAGER_INTERFACE,
863 dbus_message_unref(message);
868 dbus_message_unref(message);
872 dbus_pending_call_set_notify(call, remove_connection_reply,
875 dbus_message_unref(message);
880 static int provider_connect(struct connman_provider *provider,
881 const char *dbus_sender)
883 struct connection_data *data;
885 data = connman_provider_get_data(provider);
889 return connect_provider(data, NULL, dbus_sender);
892 static void disconnect_reply(DBusPendingCall *call, void *user_data)
897 if (!dbus_pending_call_get_completed(call))
900 DBG("user %p", user_data);
902 reply = dbus_pending_call_steal_reply(call);
904 dbus_error_init(&error);
906 if (dbus_set_error_from_message(&error, reply)) {
907 connman_error("%s", error.message);
908 dbus_error_free(&error);
913 dbus_message_unref(reply);
915 dbus_pending_call_unref(call);
918 static int disconnect_provider(struct connection_data *data)
920 DBusPendingCall *call;
921 DBusMessage *message;
923 DBG("data %p path %s", data, data->path);
925 message = dbus_message_new_method_call(VPN_SERVICE, data->path,
926 VPN_CONNECTION_INTERFACE,
931 if (!dbus_connection_send_with_reply(connection, message,
932 &call, DBUS_TIMEOUT)) {
933 connman_error("Unable to call %s.%s()",
934 VPN_CONNECTION_INTERFACE, VPN_DISCONNECT);
935 dbus_message_unref(message);
940 dbus_message_unref(message);
944 dbus_pending_call_set_notify(call, disconnect_reply, NULL, NULL);
946 dbus_message_unref(message);
948 connman_provider_set_state(data->provider,
949 CONNMAN_PROVIDER_STATE_DISCONNECT);
951 * We return 0 here instead of -EINPROGRESS because
952 * __connman_service_disconnect() needs to return something
953 * to gdbus so that gdbus will not call Disconnect() more
954 * than once. This way we do not need to pass the dbus reply
955 * message around the code.
960 static int provider_disconnect(struct connman_provider *provider)
962 struct connection_data *data;
964 DBG("provider %p", provider);
966 data = connman_provider_get_data(provider);
970 if (g_str_equal(data->state, "ready") ||
971 g_str_equal(data->state, "configuration"))
972 return disconnect_provider(data);
977 static void configuration_create_reply(DBusPendingCall *call, void *user_data)
981 DBusMessageIter iter;
982 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
985 struct connection_data *data;
986 struct config_create_data *cb_data = user_data;
988 if (!dbus_pending_call_get_completed(call))
991 DBG("user %p", cb_data);
993 reply = dbus_pending_call_steal_reply(call);
995 dbus_error_init(&error);
997 if (dbus_set_error_from_message(&error, reply)) {
998 connman_error("dbus error: %s", error.message);
999 dbus_error_free(&error);
1003 if (!dbus_message_has_signature(reply, signature)) {
1004 connman_error("vpn configuration signature \"%s\" does not "
1005 "match expected \"%s\"",
1006 dbus_message_get_signature(reply), signature);
1010 if (!dbus_message_iter_init(reply, &iter))
1013 dbus_message_iter_get_basic(&iter, &path);
1016 * Then try to connect the VPN as expected by ConnectProvider API
1018 ident = get_ident(path);
1020 data = g_hash_table_lookup(vpn_connections, ident);
1023 * Someone removed the data. We cannot really continue.
1025 DBG("Pending data not found for %s, cannot continue!", ident);
1028 data->connect_pending = true;
1031 data->cb_data = cb_data;
1033 DBG("Connection callback data already in use!");
1036 * Connection is created in add_connections() after
1037 * we have received the ConnectionAdded signal.
1040 DBG("cb %p msg %p", data->cb_data,
1041 data->cb_data ? data->cb_data->message : NULL);
1045 dbus_message_unref(reply);
1047 dbus_pending_call_unref(call);
1050 static void set_dbus_ident(char *ident)
1052 int i, len = strlen(ident);
1054 for (i = 0; i < len; i++) {
1055 if (ident[i] >= '0' && ident[i] <= '9')
1057 if (ident[i] >= 'a' && ident[i] <= 'z')
1059 if (ident[i] >= 'A' && ident[i] <= 'Z')
1065 static struct vpn_route *parse_user_route(const char *user_route)
1067 char *network, *netmask;
1068 struct vpn_route *route = NULL;
1069 int family = PF_UNSPEC;
1070 char **elems = g_strsplit(user_route, "/", 0);
1076 if (!network || *network == '\0') {
1077 DBG("no network/netmask set");
1082 if (netmask && *netmask == '\0') {
1083 DBG("no netmask set");
1087 if (g_strrstr(network, ":"))
1089 else if (g_strrstr(network, ".")) {
1092 if (!g_strrstr(netmask, ".")) {
1093 /* We have netmask length */
1095 struct in_addr netmask_in;
1096 unsigned char prefix_len = 32;
1100 long int value = strtol(netmask, &ptr, 10);
1101 if (ptr != netmask && *ptr == '\0' &&
1102 value && value <= 32)
1106 addr = 0xffffffff << (32 - prefix_len);
1107 netmask_in.s_addr = htonl(addr);
1108 netmask = inet_ntoa(netmask_in);
1110 DBG("network %s netmask %s", network, netmask);
1114 route = g_try_new(struct vpn_route, 1);
1118 route->network = g_strdup(network);
1119 route->netmask = g_strdup(netmask);
1120 route->gateway = NULL;
1121 route->family = family;
1128 static GSList *get_user_networks(DBusMessageIter *array)
1130 DBusMessageIter entry;
1131 GSList *list = NULL;
1133 dbus_message_iter_recurse(array, &entry);
1135 while (dbus_message_iter_get_arg_type(&entry) == DBUS_TYPE_STRING) {
1137 struct vpn_route *route;
1139 dbus_message_iter_get_basic(&entry, &val);
1141 route = parse_user_route(val);
1143 list = g_slist_prepend(list, route);
1145 dbus_message_iter_next(&entry);
1151 static void append_route(DBusMessageIter *iter, void *user_data)
1153 struct vpn_route *route = user_data;
1154 DBusMessageIter item;
1157 connman_dbus_dict_open(iter, &item);
1162 if (route->family == AF_INET)
1164 else if (route->family == AF_INET6)
1168 connman_dbus_dict_append_basic(&item, "ProtocolFamily",
1169 DBUS_TYPE_INT32, &family);
1172 connman_dbus_dict_append_basic(&item, "Network",
1173 DBUS_TYPE_STRING, &route->network);
1176 connman_dbus_dict_append_basic(&item, "Netmask",
1177 DBUS_TYPE_STRING, &route->netmask);
1180 connman_dbus_dict_append_basic(&item, "Gateway",
1181 DBUS_TYPE_STRING, &route->gateway);
1184 connman_dbus_dict_close(iter, &item);
1187 static void append_routes(DBusMessageIter *iter, void *user_data)
1189 GSList *list, *routes = user_data;
1191 DBG("routes %p", routes);
1193 for (list = routes; list; list = g_slist_next(list)) {
1194 DBusMessageIter dict;
1195 struct vpn_route *route = list->data;
1197 dbus_message_iter_open_container(iter, DBUS_TYPE_STRUCT, NULL,
1199 append_route(&dict, route);
1200 dbus_message_iter_close_container(iter, &dict);
1204 static int create_configuration(DBusMessage *msg, connection_ready_cb callback)
1206 DBusMessage *new_msg = NULL;
1207 DBusPendingCall *call;
1208 DBusMessageIter iter, array, new_iter, new_dict;
1209 const char *type = NULL, *name = NULL;
1210 const char *host = NULL, *domain = NULL;
1211 char *ident, *me = NULL;
1214 struct connection_data *data;
1215 struct config_create_data *user_data = NULL;
1216 GSList *networks = NULL;
1219 * We copy the old message data into new message. We cannot
1220 * just use the old message as is because the user route
1221 * information is not in the same format in vpnd.
1223 new_msg = dbus_message_new(DBUS_MESSAGE_TYPE_METHOD_CALL);
1224 dbus_message_iter_init_append(new_msg, &new_iter);
1225 connman_dbus_dict_open(&new_iter, &new_dict);
1227 dbus_message_iter_init(msg, &iter);
1228 dbus_message_iter_recurse(&iter, &array);
1230 while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_DICT_ENTRY) {
1231 DBusMessageIter entry, value;
1236 dbus_message_iter_recurse(&array, &entry);
1237 dbus_message_iter_get_basic(&entry, &key);
1239 dbus_message_iter_next(&entry);
1240 dbus_message_iter_recurse(&entry, &value);
1242 value_type = dbus_message_iter_get_arg_type(&value);
1245 switch (value_type) {
1246 case DBUS_TYPE_STRING:
1247 dbus_message_iter_get_basic(&value, &item_value);
1249 if (g_str_equal(key, "Type"))
1250 type = (const char *)item_value;
1251 else if (g_str_equal(key, "Name"))
1252 name = (const char *)item_value;
1253 else if (g_str_equal(key, "Host"))
1254 host = (const char *)item_value;
1255 else if (g_str_equal(key, "VPN.Domain"))
1256 domain = (const char *)item_value;
1258 DBG("%s %s", key, (char *)item_value);
1261 connman_dbus_dict_append_basic(&new_dict, key,
1262 value_type, &item_value);
1264 case DBUS_TYPE_ARRAY:
1265 if (g_str_equal(key, "Networks")) {
1266 networks = get_user_networks(&value);
1267 connman_dbus_dict_append_array(&new_dict,
1269 DBUS_TYPE_DICT_ENTRY,
1276 dbus_message_iter_next(&array);
1279 connman_dbus_dict_close(&new_iter, &new_dict);
1281 DBG("VPN type %s name %s host %s domain %s networks %p",
1282 type, name, host, domain, networks);
1284 if (!host || !domain) {
1289 if (!type || !name) {
1294 ident = g_strdup_printf("%s_%s", host, domain);
1295 set_dbus_ident(ident);
1297 DBG("ident %s", ident);
1299 data = g_hash_table_lookup(vpn_connections, ident);
1301 if (data->call || data->cb_data) {
1302 DBG("create configuration call already pending");
1307 char *path = g_strdup_printf("%s/connection/%s", VPN_PATH,
1309 data = create_connection_data(path);
1317 g_hash_table_insert(vpn_connections, g_strdup(ident), data);
1321 * User called net.connman.Manager.ConnectProvider if we are here.
1322 * So use the data from original message in the new msg.
1324 me = g_strdup(dbus_message_get_destination(msg));
1326 dbus_message_set_interface(new_msg, VPN_MANAGER_INTERFACE);
1327 dbus_message_set_path(new_msg, "/");
1328 dbus_message_set_destination(new_msg, VPN_SERVICE);
1329 dbus_message_set_sender(new_msg, me);
1330 dbus_message_set_member(new_msg, "Create");
1332 user_data = g_try_new0(struct config_create_data, 1);
1338 user_data->callback = callback;
1339 user_data->message = dbus_message_ref(msg);
1340 user_data->path = NULL;
1342 DBG("cb %p msg %p", user_data, msg);
1344 result = dbus_connection_send_with_reply(connection, new_msg,
1345 &call, DBUS_TIMEOUT);
1346 if (!result || !call) {
1351 dbus_pending_call_set_notify(call, configuration_create_reply,
1357 dbus_message_unref(new_msg);
1360 g_slist_free_full(networks, destroy_route);
1366 static bool check_host(char **hosts, char *host)
1373 for (i = 0; hosts[i]; i++) {
1374 if (g_strcmp0(hosts[i], host) == 0)
1381 static void set_route(struct connection_data *data, struct vpn_route *route)
1384 * If the VPN administrator/user has given a route to
1385 * VPN server, then we must discard that because the
1386 * server cannot be contacted via VPN tunnel.
1388 if (check_host(data->host_ip, route->network)) {
1389 DBG("Discarding VPN route to %s via %s at index %d",
1390 route->network, route->gateway, data->index);
1394 if (route->family == AF_INET6) {
1395 unsigned char prefix_len = atoi(route->netmask);
1397 connman_inet_add_ipv6_network_route(data->index,
1402 connman_inet_add_network_route(data->index, route->network,
1408 static int set_routes(struct connman_provider *provider,
1409 enum connman_provider_route_type type)
1411 struct connection_data *data;
1412 GHashTableIter iter;
1413 gpointer value, key;
1415 DBG("provider %p", provider);
1417 data = connman_provider_get_data(provider);
1421 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1422 type == CONNMAN_PROVIDER_ROUTE_USER) {
1423 g_hash_table_iter_init(&iter, data->user_routes);
1425 while (g_hash_table_iter_next(&iter, &key, &value))
1426 set_route(data, value);
1429 if (type == CONNMAN_PROVIDER_ROUTE_ALL ||
1430 type == CONNMAN_PROVIDER_ROUTE_SERVER) {
1431 g_hash_table_iter_init(&iter, data->server_routes);
1433 while (g_hash_table_iter_next(&iter, &key, &value))
1434 set_route(data, value);
1440 static bool check_routes(struct connman_provider *provider)
1442 struct connection_data *data;
1444 DBG("provider %p", provider);
1446 data = connman_provider_get_data(provider);
1450 if (data->user_routes &&
1451 g_hash_table_size(data->user_routes) > 0)
1454 if (data->server_routes &&
1455 g_hash_table_size(data->server_routes) > 0)
1461 static struct connman_provider_driver provider_driver = {
1463 .type = CONNMAN_PROVIDER_TYPE_VPN,
1464 .probe = provider_probe,
1465 .remove = provider_remove,
1466 .connect = provider_connect,
1467 .disconnect = provider_disconnect,
1468 .set_property = set_string,
1469 .get_property = get_string,
1470 .create = create_configuration,
1471 .set_routes = set_routes,
1472 .check_routes = check_routes,
1475 static void destroy_provider(struct connection_data *data)
1477 DBG("data %p", data);
1479 if (g_str_equal(data->state, "ready") ||
1480 g_str_equal(data->state, "configuration"))
1481 connman_provider_disconnect(data->provider);
1484 dbus_pending_call_cancel(data->call);
1486 connman_provider_set_data(data->provider, NULL);
1488 connman_provider_remove(data->provider);
1490 data->provider = NULL;
1493 static void connection_destroy(gpointer hash_data)
1495 struct connection_data *data = hash_data;
1497 DBG("data %p", data);
1500 destroy_provider(data);
1503 g_free(data->ident);
1504 g_free(data->state);
1508 g_free(data->host_ip);
1509 g_free(data->domain);
1510 g_hash_table_destroy(data->server_routes);
1511 g_hash_table_destroy(data->user_routes);
1512 g_strfreev(data->nameservers);
1513 g_hash_table_destroy(data->setting_strings);
1514 connman_ipaddress_free(data->ip);
1516 cancel_host_resolv(data);
1521 static void vpnd_created(DBusConnection *conn, void *user_data)
1523 DBG("connection %p", conn);
1525 get_connections(user_data);
1528 static void vpnd_removed(DBusConnection *conn, void *user_data)
1530 DBG("connection %p", conn);
1532 g_hash_table_remove_all(vpn_connections);
1535 static void remove_connection(DBusConnection *conn, const char *path)
1537 DBG("path %s", path);
1539 g_hash_table_remove(vpn_connections, get_ident(path));
1542 static gboolean connection_removed(DBusConnection *conn, DBusMessage *message,
1546 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING;
1547 struct connection_data *data;
1549 if (!dbus_message_has_signature(message, signature)) {
1550 connman_error("vpn removed signature \"%s\" does not match "
1552 dbus_message_get_signature(message), signature);
1556 dbus_message_get_args(message, NULL, DBUS_TYPE_OBJECT_PATH, &path,
1559 data = g_hash_table_lookup(vpn_connections, get_ident(path));
1561 remove_connection(conn, path);
1566 static gboolean connection_added(DBusConnection *conn, DBusMessage *message,
1569 DBusMessageIter iter, properties;
1571 const char *signature = DBUS_TYPE_OBJECT_PATH_AS_STRING
1572 DBUS_TYPE_ARRAY_AS_STRING
1573 DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
1574 DBUS_TYPE_STRING_AS_STRING
1575 DBUS_TYPE_VARIANT_AS_STRING
1576 DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
1578 if (!dbus_message_has_signature(message, signature)) {
1579 connman_error("vpn ConnectionAdded signature \"%s\" does not "
1580 "match expected \"%s\"",
1581 dbus_message_get_signature(message), signature);
1587 if (!dbus_message_iter_init(message, &iter))
1590 dbus_message_iter_get_basic(&iter, &path);
1592 dbus_message_iter_next(&iter);
1593 dbus_message_iter_recurse(&iter, &properties);
1595 add_connection(path, &properties, user_data);
1600 static int save_route(GHashTable *routes, int family, const char *network,
1601 const char *netmask, const char *gateway)
1603 struct vpn_route *route;
1604 char *key = g_strdup_printf("%d/%s/%s", family, network, netmask);
1606 DBG("family %d network %s netmask %s", family, network, netmask);
1608 route = g_hash_table_lookup(routes, key);
1610 route = g_try_new0(struct vpn_route, 1);
1612 connman_error("out of memory");
1616 route->family = family;
1617 route->network = g_strdup(network);
1618 route->netmask = g_strdup(netmask);
1619 route->gateway = g_strdup(gateway);
1621 g_hash_table_replace(routes, key, route);
1628 static int read_route_dict(GHashTable *routes, DBusMessageIter *dicts)
1630 DBusMessageIter dict;
1631 const char *network, *netmask, *gateway;
1634 dbus_message_iter_recurse(dicts, &dict);
1636 network = netmask = gateway = NULL;
1639 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
1641 DBusMessageIter entry, value;
1644 dbus_message_iter_recurse(&dict, &entry);
1645 dbus_message_iter_get_basic(&entry, &key);
1647 dbus_message_iter_next(&entry);
1648 dbus_message_iter_recurse(&entry, &value);
1650 if (g_str_equal(key, "ProtocolFamily")) {
1652 dbus_message_iter_get_basic(&value, &pf);
1661 DBG("family %d", family);
1662 } else if (g_str_equal(key, "Netmask")) {
1663 dbus_message_iter_get_basic(&value, &netmask);
1664 DBG("netmask %s", netmask);
1665 } else if (g_str_equal(key, "Network")) {
1666 dbus_message_iter_get_basic(&value, &network);
1667 DBG("host %s", network);
1668 } else if (g_str_equal(key, "Gateway")) {
1669 dbus_message_iter_get_basic(&value, &gateway);
1670 DBG("gateway %s", gateway);
1673 dbus_message_iter_next(&dict);
1676 if (!netmask || !network || !gateway) {
1677 DBG("Value missing.");
1681 return save_route(routes, family, network, netmask, gateway);
1684 static int routes_changed(DBusMessageIter *array, GHashTable *routes)
1686 DBusMessageIter entry;
1689 if (dbus_message_iter_get_arg_type(array) != DBUS_TYPE_ARRAY) {
1690 DBG("Expecting array, ignoring routes.");
1694 while (dbus_message_iter_get_arg_type(array) == DBUS_TYPE_ARRAY) {
1696 dbus_message_iter_recurse(array, &entry);
1698 while (dbus_message_iter_get_arg_type(&entry) ==
1700 DBusMessageIter dicts;
1702 dbus_message_iter_recurse(&entry, &dicts);
1704 while (dbus_message_iter_get_arg_type(&dicts) ==
1706 int err = read_route_dict(routes, &dicts);
1709 dbus_message_iter_next(&dicts);
1712 dbus_message_iter_next(&entry);
1715 dbus_message_iter_next(array);
1721 static gboolean property_changed(DBusConnection *conn,
1722 DBusMessage *message,
1725 const char *path = dbus_message_get_path(message);
1726 struct connection_data *data = NULL;
1727 DBusMessageIter iter, value;
1728 bool ip_set = false;
1732 const char *signature = DBUS_TYPE_STRING_AS_STRING
1733 DBUS_TYPE_VARIANT_AS_STRING;
1735 if (!dbus_message_has_signature(message, signature)) {
1736 connman_error("vpn property signature \"%s\" does not match "
1738 dbus_message_get_signature(message), signature);
1742 data = g_hash_table_lookup(vpn_connections, get_ident(path));
1746 if (!dbus_message_iter_init(message, &iter))
1749 dbus_message_iter_get_basic(&iter, &key);
1751 dbus_message_iter_next(&iter);
1752 dbus_message_iter_recurse(&iter, &value);
1756 if (g_str_equal(key, "State")) {
1757 dbus_message_iter_get_basic(&value, &str);
1759 DBG("%s %s -> %s", data->path, data->state, str);
1761 if (g_str_equal(data->state, str))
1764 g_free(data->state);
1765 data->state = g_strdup(str);
1767 set_provider_state(data);
1768 } else if (g_str_equal(key, "Index")) {
1769 dbus_message_iter_get_basic(&value, &data->index);
1770 connman_provider_set_index(data->provider, data->index);
1771 } else if (g_str_equal(key, "IPv4")) {
1772 err = extract_ip(&value, AF_INET, data);
1774 } else if (g_str_equal(key, "IPv6")) {
1775 err = extract_ip(&value, AF_INET6, data);
1777 } else if (g_str_equal(key, "ServerRoutes")) {
1778 err = routes_changed(&value, data->server_routes);
1780 * Note that the vpnd will delay the route sending a bit
1781 * (in order to collect the routes from VPN client),
1782 * so we might have got the State changed property before
1783 * we got ServerRoutes. This means that we must try to set
1784 * the routes here because they would be left unset otherwise.
1787 set_routes(data->provider,
1788 CONNMAN_PROVIDER_ROUTE_SERVER);
1789 } else if (g_str_equal(key, "UserRoutes")) {
1790 err = routes_changed(&value, data->user_routes);
1792 set_routes(data->provider,
1793 CONNMAN_PROVIDER_ROUTE_USER);
1794 } else if (g_str_equal(key, "Nameservers")) {
1795 if (extract_nameservers(&value, data) == 0 &&
1797 connman_provider_set_nameservers(data->provider,
1799 } else if (g_str_equal(key, "Domain")) {
1800 dbus_message_iter_get_basic(&value, &str);
1801 g_free(data->domain);
1802 data->domain = g_strdup(str);
1803 connman_provider_set_domain(data->provider, data->domain);
1806 if (ip_set && err == 0) {
1807 err = connman_provider_set_ipaddress(data->provider, data->ip);
1809 DBG("setting provider IP address failed (%s/%d)",
1810 strerror(-err), -err);
1816 static int vpn_init(void)
1820 connection = connman_dbus_get_connection();
1824 watch = g_dbus_add_service_watch(connection, VPN_SERVICE,
1825 vpnd_created, vpnd_removed, &provider_driver, NULL);
1827 added_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1828 VPN_MANAGER_INTERFACE,
1829 CONNECTION_ADDED, connection_added,
1830 &provider_driver, NULL);
1832 removed_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1833 VPN_MANAGER_INTERFACE,
1834 CONNECTION_REMOVED, connection_removed,
1837 property_watch = g_dbus_add_signal_watch(connection, VPN_SERVICE, NULL,
1838 VPN_CONNECTION_INTERFACE,
1839 PROPERTY_CHANGED, property_changed,
1842 if (added_watch == 0 || removed_watch == 0 || property_watch == 0) {
1847 err = connman_provider_driver_register(&provider_driver);
1849 vpn_connections = g_hash_table_new_full(g_str_hash,
1851 g_free, connection_destroy);
1853 vpnd_created(connection, &provider_driver);
1859 g_dbus_remove_watch(connection, watch);
1860 g_dbus_remove_watch(connection, added_watch);
1861 g_dbus_remove_watch(connection, removed_watch);
1862 g_dbus_remove_watch(connection, property_watch);
1864 dbus_connection_unref(connection);
1869 static void vpn_exit(void)
1871 g_dbus_remove_watch(connection, watch);
1872 g_dbus_remove_watch(connection, added_watch);
1873 g_dbus_remove_watch(connection, removed_watch);
1874 g_dbus_remove_watch(connection, property_watch);
1876 connman_provider_driver_unregister(&provider_driver);
1878 if (vpn_connections)
1879 g_hash_table_destroy(vpn_connections);
1881 dbus_connection_unref(connection);
1884 CONNMAN_PLUGIN_DEFINE(vpn, "VPN plugin", VERSION,
1885 CONNMAN_PLUGIN_PRIORITY_DEFAULT, vpn_init, vpn_exit)