summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorZhang zhengguang <zhengguang.zhang@intel.com>2014-07-17 02:37:39 (GMT)
committerZhang zhengguang <zhengguang.zhang@intel.com>2014-07-17 02:37:39 (GMT)
commit1b9d0a62f59bb48c8deb2f0b98d9acdffdd9abe7 (patch)
tree6e991827d28537f7f40f20786c2354fd04a9fdad /doc
parentfbe905ab58ecc31fe64c410c5f580cadc30e7f04 (diff)
downloadconnman-1b9d0a62f59bb48c8deb2f0b98d9acdffdd9abe7.zip
connman-1b9d0a62f59bb48c8deb2f0b98d9acdffdd9abe7.tar.gz
connman-1b9d0a62f59bb48c8deb2f0b98d9acdffdd9abe7.tar.bz2
Imported Upstream version 1.24upstream/1.24
Diffstat (limited to 'doc')
-rw-r--r--doc/Makefile.am38
-rw-r--r--doc/advanced-configuration.txt6
-rw-r--r--doc/coding-style.txt344
-rw-r--r--doc/config-format.txt54
-rw-r--r--doc/connman-docs.xml121
-rw-r--r--doc/connman-introduction.xml15
-rw-r--r--doc/connman.conf.52
-rw-r--r--doc/connmanctl.1190
-rw-r--r--doc/gtk-doc.make173
-rw-r--r--doc/manager-api.txt37
-rw-r--r--doc/overview-api.txt51
-rw-r--r--doc/plugin-api.txt140
-rw-r--r--doc/service-api.txt21
-rw-r--r--doc/session-overview.txt114
-rw-r--r--doc/technology-api.txt4
-rw-r--r--doc/valgrind.suppressions235
-rw-r--r--doc/version.xml.in1
-rw-r--r--doc/vpn-agent-api.txt137
-rw-r--r--doc/vpn-config-format.txt215
19 files changed, 331 insertions, 1567 deletions
diff --git a/doc/Makefile.am b/doc/Makefile.am
deleted file mode 100644
index ce3e433..0000000
--- a/doc/Makefile.am
+++ /dev/null
@@ -1,38 +0,0 @@
-
-DOC_MODULE = connman
-
-DOC_MAIN_SGML_FILE = $(DOC_MODULE)-docs.xml
-
-DOC_SOURCE_DIR = ../src
-
-SCAN_OPTIONS = --rebuild-sections --source-dir=../include
-
-MKDB_OPTIONS = --sgml-mode --output-format=xml --tmpl-dir=. \
- --ignore-files=connman \
- --source-dir=../include \
- --source-suffixes=c,h
-
-MKTMPL_OPTIONS = --output-dir=.
-
-HFILE_GLOB = $(top_srcdir)/include/*.h
-CFILE_GLOB = $(top_srcdir)/src/*.c $(top_srcdir)/src/*.h
-
-IGNORE_HFILES = connman connman.h
-
-HTML_IMAGES =
-
-content_files = connman-introduction.xml
-
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/gdbus \
- $(GTHREAD_CFLAGS) $(GMODULE_CFLAGS) $(GLIB_CFLAGS) $(DBUS_CFLAGS)
-
-GTKDOC_LIBS = $(DBUS_LIBS) $(GLIB_LIBS) $(GMODULE_LIBS) $(GTHREAD_LIBS)
-
-MAINTAINERCLEANFILES = Makefile.in \
- $(DOC_MODULE).types $(DOC_MODULE)-*.txt *.sgml *.bak
-
-if ENABLE_GTK_DOC
-include $(top_srcdir)/doc/gtk-doc.make
-else
-EXTRA_DIST = $(DOC_MAIN_SGML_FILE) connman-introduction.xml
-endif
diff --git a/doc/advanced-configuration.txt b/doc/advanced-configuration.txt
index 3c08c8f..12c2250 100644
--- a/doc/advanced-configuration.txt
+++ b/doc/advanced-configuration.txt
@@ -5,7 +5,7 @@ Advanced configuration interface
Configuration basics
====================
-The default configuration method for all servers is automatic or something
+The default configuration method for all services is automatic or something
like DHCP. In almost every case that should be just good enough, but if it
is not, Connection Manager supports manual configuration for Ethernet and
IP settings.
@@ -44,12 +44,12 @@ configuration this call could be used:
"Netmask": "255.255.255.0" })
The configuration itself is a dictionary with various fields. Not all of
-them need to present. A lot of combinations are valid.
+them need to be present. A lot of combinations are valid.
For example the "Method" field has valid settings of "off", "fixed", "manual"
and "dhcp". The "fixed" value however can not be set by any user program. It
is an internal value that some 3G cards require. Switching to "off" will
-remove and IP configuration from the interface. The "manual" method allows
+remove any IP configuration from the interface. The "manual" method allows
for static address configuration. And "dhcp" will use DHCP to retrieve all
required information automatically.
diff --git a/doc/coding-style.txt b/doc/coding-style.txt
deleted file mode 100644
index 30690b7..0000000
--- a/doc/coding-style.txt
+++ /dev/null
@@ -1,344 +0,0 @@
-´╗┐Every project has its coding style, and ConnMan is not an exception. This
-document describes the preferred coding style for ConnMan code, in order to keep
-some level of consistency among developers so that code can be easily
-understood and maintained, and also to help your code survive under
-maintainer's fastidious eyes so that you can get a passport for your patch
-ASAP.
-
-First of all, ConnMan coding style must follow every rule for Linux kernel
-(http://www.kernel.org/doc/Documentation/CodingStyle). There also exists a tool
-named checkpatch.pl to help you check the compliance with it. Just type
-"checkpatch.pl --no-tree patch_name" to check your patch. In theory, you need
-to clean up all the warnings and errors except this one: "ERROR: Missing
-Signed-off-by: line(s)". ConnMan does not used Signed-Off lines, so including
-them is actually an error. In certain circumstances one can ignore the 80
-character per line limit. This is generally only allowed if the alternative
-would make the code even less readable.
-
-Besides the kernel coding style above, ConnMan has special flavors for its own.
-Some of them are mandatory (marked as 'M'), while some others are optional
-(marked as 'O'), but generally preferred.
-
-M1: Blank line before and after an if/while/do/for statement
-============================================================
-There should be a blank line before if statement unless the if is nested and
-not preceded by an expression or variable declaration.
-
-Example:
-1)
-a = 1;
-if (b) { // wrong
-
-2)
-a = 1
-
-if (b) {
-}
-a = 2; // wrong
-
-3)
-if (a) {
- if (b) // correct
-
-4)
-b = 2;
-
-if (a) { // correct
-
-}
-
-b = 3;
-
-The only exception to this rule applies when a variable is being allocated:
-array = g_try_new0(int, 20);
-if (array == NULL) // Correct
- return;
-
-
-M2: Multiple line comment
-=========================
-If your comments have more then one line, please start it from the second line.
-
-Example:
-/*
- * first line comment // correct
- * ...
- * last line comment
- */
-
-
-M3: Space before and after operator
-===================================
-There should be a space before and after each operator.
-
-Example:
-a + b; // correct
-
-
-M4: Wrap long lines
-===================
-If your condition in if, while, for statement or a function declaration is too
-long to fit in one line, the new line needs to be indented not aligned with the
-body.
-
-Example:
-1)
-if (call->status == CALL_STATUS_ACTIVE ||
- call->status == CALL_STATUS_HELD) { // wrong
- connman_dbus_dict_append();
-
-2)
-if (call->status == CALL_STATUS_ACTIVE ||
- call->status == CALL_STATUS_HELD) { // correct
- connman_dbus_dict_append();
-
-3)
-gboolean sim_ust_is_available(unsigned char *service_ust, unsigned char len,
- num sim_ust_service index) // wrong
-{
- int a;
- ...
-}
-
-4)
-gboolean sim_ust_is_available(unsigned char *service_ust, unsigned char len,
- enum sim_ust_service index) // correct
-{
- int a;
- ...
-}
-
-If the line being wrapped is a function call or function declaration, the
-preferred style is to indent at least past the opening parenthesis. Indenting
-further is acceptable as well (as long as you don't hit the 80 character
-limit).
-
-If this is not possible due to hitting the 80 character limit, then indenting
-as far as possible to the right without hitting the limit is preferred.
-
-Example:
-
-1)
-gboolean sim_ust_is_available(unsigned char *service_ust, unsigned char len,
- enum sim_ust_service index); // worse
-
-2)
-gboolean sim_ust_is_available(unsigned char *service_ust, unsigned char len,
- enum sim_ust_service index);
- // better
-
-M5: Git commit message 50/72 formatting
-=======================================
-The commit message header should be within 50 characters. And if you have
-detailed explanatory text, wrap it to 72 character.
-
-
-M6: Space when doing type casting
-=================================
-There should be a space between new type and variable.
-
-Example:
-1)
-a = (int *)b; // wrong
-2)
-a = (int *) b; // correct
-
-
-M7: Don't initialize variable unnecessarily
-===========================================
-When declaring a variable, try not to initialize it unless necessary.
-
-Example:
-int i = 1; // wrong
-
-for (i = 0; i < 3; i++) {
-}
-
-
-M8: Use g_try_malloc instead of g_malloc
-========================================
-When g_malloc fails, the whole program would exit. Most of time, this is not
-the expected behavior, and you may want to use g_try_malloc instead.
-
-Example:
-additional = g_try_malloc(len - 1); // correct
-if (additional == NULL)
- return FALSE;
-
-
-M9: Follow the order of include header elements
-===============================================
-When writing an include header the various elements should be in the following
-order:
- - #includes
- - forward declarations
- - #defines
- - enums
- - typedefs
- - function declarations and inline function definitions
-
-
-M10: Internal headers must not use include guards
-=================================================
-Any time when creating a new header file with non-public API, that header
-must not contain include guards.
-
-
-M11: Naming of enums
-====================
-
-Enums must have a descriptive name. The enum type should be small caps and
-it should not be typedef-ed. Enum contents should be in CAPITAL letters and
-prefixed by the enum type name.
-
-Example:
-
-enum animal_type {
- ANIMAL_TYPE_FOUR_LEGS,
- ANIMAL_TYPE_EIGHT_LEGS,
- ANIMAL_TYPE_TWO_LEGS,
-};
-
-If the enum contents have values (e.g. from specification) the formatting
-should be as follows:
-
-enum animal_type {
- ANIMAL_TYPE_FOUR_LEGS = 4,
- ANIMAL_TYPE_EIGHT_LEGS = 8,
- ANIMAL_TYPE_TWO_LEGS = 2,
-};
-
-M12: Enum as switch variable
-====================
-
-If the variable of a switch is an enum, you must not include a default in
-switch body. The reason for this is: If later on you modify the enum by adding
-a new type, and forget to change the switch accordingly, the compiler will
-complain the new added type hasn't been handled.
-
-Example:
-
-enum animal_type {
- ANIMAL_TYPE_FOUR_LEGS = 4,
- ANIMAL_TYPE_EIGHT_LEGS = 8,
- ANIMAL_TYPE_TWO_LEGS = 2,
-};
-
-enum animal_type t;
-
-switch (t) {
-case ANIMAL_TYPE_FOUR_LEGS:
- ...
- break;
-case ANIMAL_TYPE_EIGHT_LEGS:
- ...
- break;
-case ANIMAL_TYPE_TWO_LEGS:
- ...
- break;
-default: // wrong
- break;
-}
-
-However if the enum comes from an external header file outside ConnMan
-we cannot make any assumption of how the enum is defined and this
-rule might not apply.
-
-M13: Check for pointer being NULL
-=================================
-
-When checking if a pointer or a return value is NULL, explicitly compare to
-NULL rather than use the shorter check with "!" operator.
-
-Example:
-1)
-array = g_try_new0(int, 20);
-if (!array) // Wrong
- return;
-
-2)
-if (!g_at_chat_get_slave(chat)) // Wrong
- return -EINVAL;
-
-3)
-array = g_try_new0(int, 20);
-if (array == NULL) // Correct
- return;
-
-
-M14: Always use parenthesis with sizeof
-=======================================
-The expression argument to the sizeof operator should always be in
-parenthesis, too.
-
-Example:
-1)
-memset(stuff, 0, sizeof(*stuff));
-
-2)
-memset(stuff, 0, sizeof *stuff); // Wrong
-
-
-M15: Use void if function has no parameters
-===========================================================
-A function with no parameters must use void in the parameter list.
-
-Example:
-1)
-void foo(void)
-{
-}
-
-2)
-void foo() // Wrong
-{
-}
-
-M16: Don't use hex value with shift operators
-==============================================
-The expression argument to the shift operators should not be in hex.
-
-Example:
-
-1)
-1 << y
-
-2)
-0x1 << y // Wrong
-
-O1: Shorten the name
-====================
-Better to use abbreviation, rather than full name, to name a variable,
-function, struct, etc.
-
-Example:
-supplementary_service // too long
-ss // better
-
-O2: Try to avoid complex if body
-================================
-It's better not to have a complicated statement for if. You may judge its
-contrary condition and return | break | continue | goto ASAP.
-
-Example:
-1)
-if (a) { // worse
- struct voicecall *v;
- call = synthesize_outgoing_call(vc, vc->pending);
- v = voicecall_create(vc, call);
- v->detect_time = time(NULL);
- DBG("Registering new call: %d", call->id);
- voicecall_dbus_register(v);
-} else
- return;
-
-2)
-if (!a)
- return;
-
-struct voicecall *v;
-call = synthesize_outgoing_call(vc, vc->pending);
-v = voicecall_create(vc, call);
-v->detect_time = time(NULL);
-DBG("Registering new call: %d", call->id);
-voicecall_dbus_register(v);
diff --git a/doc/config-format.txt b/doc/config-format.txt
index 2429927..d825070 100644
--- a/doc/config-format.txt
+++ b/doc/config-format.txt
@@ -5,27 +5,28 @@ Connman uses configuration files to provision existing services. Connman will
be looking for its configuration files at STORAGEDIR which by default points
to /var/lib/connman/. Configuration file names must not include other
characters than letters or numbers and must have a .config suffix.
-Those configuration files are text files with a simple format and we typically
-have one file per provisioned network.
+Those configuration files are text files with a simple key-value pair format,
+organized into sections. Values do not comprise leading or trailing whitespace.
+We typically have one file per provisioned network.
If the config file is removed, then Connman tries to remove the
-provisioned service. If individual service entry inside config is removed,
-then the corresponding provisioned service is removed. If service
-entry is changed, then corresponding service is removed and then
-immediately re-provisioned.
+provisioned services. If an individual service inside a config is removed,
+then the corresponding provisioned service is removed. If a service section
+is changed, then the corresponding service is removed and immediately
+re-provisioned.
-Global entry [global]
-=====================
+Global section [global]
+=======================
-These files can have an optional global entry describing the actual file.
-The 2 allowed fields for that entry are:
+These files can have an optional global section describing the actual file.
+The two allowed fields for this section are:
- Name: Name of the network.
- Description: Description of the network.
-Service entry [service_*]
-=========================
+Service sections [service_*]
+============================
Each provisioned service must start with the [service_*] tag. Replace * with
an identifier unique to the config file.
@@ -34,20 +35,25 @@ Allowed fields:
- Type: Service type. We currently only support wifi and ethernet.
- IPv4: The IPv4 address, netmask and gateway. Format of the entry
is network/netmask/gateway. The mask length can be used instead
- of netmask. The field can also contain the string "off" or "dhcp".
+ of netmask. The gateway can be omitted if necessary.
+ The IPv4 field can also contain the string "off" or "dhcp".
If the setting is "off", then no IPv4 address is set to the interface.
If the setting is "dhcp", then DHCPv4 address resolution is activated.
Example: 192.168.1.2/24/192.168.1.1
192.168.200.100/255.255.255.0/192.168.200.1
+ 10.0.0.2/24
- IPv6: The IPv6 address, prefix length and gateway. Format of the entry
is network/prefixlen/gateway. For IPv6 addresses only prefix length is
- accepted. The field can also contain the string "off" or "auto".
+ accepted. The gateway can be omitted if necessary.
+ The IPv6 field can also contain the string "off" or "auto".
If the setting is "off", then no IPv6 address is set to the interface.
If the setting is "auto", then SLAAC or DHCPv6 is used.
Example: 2001:db8::2/64/2001:db8::1
+ 2001:db8::1:2:3:4/64
- IPv6.Privacy: IPv6 privacy option. Value can be either "disabled",
- "enabled" or "prefered". See use_tempaddr variable description in Linux
- kernel Documentation/networking/ip-sysctl.txt file.
+ "enabled" or "preferred" (or the misspelled "prefered"). See use_tempaddr
+ variable description in Linux kernel Documentation/networking/ip-sysctl.txt
+ file.
- MAC: MAC address of the interface where this setting should be applied.
The MAC address is optional and if it is missing, then the first found
interface is used. The byte values must have prefix 0 added,
@@ -64,8 +70,9 @@ then SLAAC or DHCPv6 is used.
The following options are valid if Type is "wifi"
- Name: A string representation of an 802.11 SSID. If the SSID field is
present, the Name field is ignored.
-- SSID: A hexadecimal representation of an 802.11 SSID. If the SSID field is
- omitted, the Name field is used instead.
+- SSID: A hexadecimal representation of an 802.11 SSID. Use this format to
+ encode special characters including starting or ending spaces. If the SSID
+ field is omitted, the Name field is used instead.
- EAP: EAP type. We currently only support tls, ttls or peap.
- CACertFile: File path to CA certificate file (PEM/DER).
- ClientCertFile: File path to client certificate file (PEM/DER).
@@ -84,18 +91,17 @@ The following options are valid if Type is "wifi"
then AP is not hidden.
-Example
-=======
+Examples
+========
This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
-EAP-PEAP services.
-The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid and the file name
-is example.config.
+EAP-PEAP services. The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid
+and the file name is example.config.
+
Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
746c735f73736964"). If your SSID does not contain any exotic character then
you should use the Name entry instead (e.g. "Name = tls_ssid").
-
example@example:[~]$ cat /var/lib/connman/example.config
[global]
Name = Example
diff --git a/doc/connman-docs.xml b/doc/connman-docs.xml
deleted file mode 100644
index d4059a4..0000000
--- a/doc/connman-docs.xml
+++ /dev/null
@@ -1,121 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [
-<!ENTITY version SYSTEM "version.xml">
-]>
-<book id="index" xmlns:xi="http://www.w3.org/2003/XInclude">
- <bookinfo>
- <title>Connection Manager Reference Manual</title>
- <releaseinfo>Version &version;</releaseinfo>
- <authorgroup>
- <author>
- <firstname>Marcel</firstname>
- <surname>Holtmann</surname>
- <affiliation>
- <address>
- <email>marcel@holtmann.org</email>
- </address>
- </affiliation>
- </author>
- </authorgroup>
-
- <copyright>
- <year>2007-2008</year>
- <holder>Intel Corporation. All rights reserved.</holder>
- </copyright>
-
- <legalnotice>
- <para>
- Permission is granted to copy, distribute and/or modify this
- document under the terms of the <citetitle>GNU Free
- Documentation License</citetitle>, Version 1.1 or any later
- version published by the Free Software Foundation with no
- Invariant Sections, no Front-Cover Texts, and no Back-Cover
- Texts. You may obtain a copy of the <citetitle>GNU Free
- Documentation License</citetitle> from the Free Software
- Foundation by visiting <ulink type="http"
- url="http://www.fsf.org">their Web site</ulink> or by writing
- to:
-
- <address>
- The Free Software Foundation, Inc.,
- <street>59 Temple Place</street> - Suite 330,
- <city>Boston</city>, <state>MA</state> <postcode>02111-1307</postcode>,
- <country>USA</country>
- </address>
- </para>
- </legalnotice>
- </bookinfo>
-
- <reference id="design">
- <title>Design Overview</title>
- <partintro>
- <para>
- This part presents the design documentation for Connection Manager.
- </para>
- </partintro>
- <xi:include href="connman-introduction.xml" />
- </reference>
-
- <reference id="manager">
- <title>Manager interface</title>
- <para>
-<programlisting><xi:include href="manager-api.txt" parse="text" /></programlisting>
- </para>
- </reference>
-
- <reference id="device">
- <title>Device interface</title>
- <para>
-<programlisting><xi:include href="device-api.txt" parse="text" /></programlisting>
- </para>
- </reference>
-
- <reference id="network">
- <title>Network interface</title>
- <para>
-<programlisting><xi:include href="network-api.txt" parse="text" /></programlisting>
- </para>
- </reference>
-
- <reference id="service">
- <title>Service interface</title>
- <para>
-<programlisting><xi:include href="service-api.txt" parse="text" /></programlisting>
- </para>
- </reference>
-
- <reference id="connection">
- <title>Connection interface</title>
- <para>
-<programlisting><xi:include href="connection-api.txt" parse="text" /></programlisting>
- </para>
- </reference>
-
- <reference id="reference">
- <title>Plugin API Reference</title>
- <partintro>
- <para>
- This part presents the function reference for Connection Manager.
- </para>
- </partintro>
- <xi:include href="xml/log.xml" />
- <xi:include href="xml/plugin.xml" />
- <xi:include href="xml/storage.xml" />
- <xi:include href="xml/security.xml" />
- <xi:include href="xml/resolver.xml" />
- <!-- <xi:include href="xml/device.xml" /> -->
- <!-- <xi:include href="xml/network.xml" /> -->
- </reference>
-
- <appendix id="license">
- <title>License</title>
- <para>
-<programlisting><xi:include href="../COPYING" parse="text" /></programlisting>
- </para>
- </appendix>
-
- <index>
- <title>Index</title>
- </index>
-</book>
diff --git a/doc/connman-introduction.xml b/doc/connman-introduction.xml
deleted file mode 100644
index 4672c2c..0000000
--- a/doc/connman-introduction.xml
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
-
-<chapter id="introduction">
- <title>Introduction</title>
-
- <sect1 id="intro-about">
- <title>About</title>
-
- <para>
- </para>
- </sect1>
-
-</chapter>
diff --git a/doc/connman.conf.5 b/doc/connman.conf.5
index 1a24467..626edfd 100644
--- a/doc/connman.conf.5
+++ b/doc/connman.conf.5
@@ -91,7 +91,7 @@ List of blacklisted network interfaces separated by ",".
Found interfaces will be compared to the list and will
not be handled by connman, if their first characters
match any of the list entries. Default value is
-vmnet,vboxnet,virbr.
+vmnet,vboxnet,virbr,ifb.
.TP
.B AllowHostnameUpdates=\fPtrue|false\fP
Allow connman to change the system hostname. This can
diff --git a/doc/connmanctl.1 b/doc/connmanctl.1
deleted file mode 100644
index b71c6e6..0000000
--- a/doc/connmanctl.1
+++ /dev/null
@@ -1,190 +0,0 @@
-.TH connmanctl 1 07/31/2012 "" "User Commands for Connman CLI"
-.SH
-NAME
-connmanctl \- Connman CLI
-.SH
-SYNOPSIS
-.BR connmanctl " ["
-.BR enable " <technology> | "
-.BR offlinemode "] ["
-.BR disable " <technology> | "
-.BR offlinemode "] ["
-.BR technologies "] ["
-.BR state "] ["
-.BR services " [\-\-properties <service>]] ["
-.BR scan " <technology>] ["
-.BR connect " <service>] ["
-.BR config " <service> \-\-<option> ARGS...] ["
-.BR help " | \-\-help]"
-.PP
-.SH
-DESCRIPTION
-Connmanctl is a Connman command line interface which can be run in two modes:
-a plain synchronous command input, and an asynchronous interactive shell.
-To run a specific command the user may enter connmanctl <command> [options]
-[args], or enter connmanctl; in this case, the program will drop into the
-interactive shell.
-.PP
-Connmantl can handle most simple network connections. It is able to enable/
-disable any technology that exists on the system, display a list of
-services available, connect to/disconnect from any unsecured networks,
-show properties of the system, the technologies, and any individual
-service, and configure all of the properties. It is also able to monitor
-changes in the properties of the services, technologies, and the system.
-.PP
-In the interactive shell, all of the same commands can be used. It
-provides quicker usage when needing to use connmanctl more extensively.
-.SH
-COMMANDS AND OPTIONS
-.TP
-.BR "help | \-\-help | " "(no arguments)"
-Shows the abbreviated help menu in the terminal.
-.PP
-.TP
-.BR enable " <technology>"
-Enables the given technology type (e.g. ethernet, wifi, 3g, etc.)
-Turns power on to the technology, but doesn't connect unless
-there is a service with autoconnect set to True.
-.PP
-.TP
-.BR disable " <technology>"
-Disables the given technology type. Turns power off to the
-technology and disconnects if it is already connected.
-.PP
-.TP
-.B enable offlinemode
-Enables offline mode. Disconnects and powers down all
-technologies system-wide, however each technology can be powered
-back on individually.
-.PP
-.TP
-.B disable offlinemode
-Disables offline mode. Technologies are powered back on according
-to their individual policies.
-.PP
-.TP
-.B technologies
-Shows a list of all technology types existing on the system and
-their properties. See the properties section of the Technology
-API for explanations of each property.
-.PP
-.TP
-.B state
-Shows the system properties. Includes ths online state of the
-system, offline mode, and session mode.
-.PP
-.TP
-.BR scan " <technology>"
-Scans for new services on the given technology.
-.PP
-.TP
-.B services
-Shows a list of all available service names. This includes the
-names of wifi networks, the wired ethernet connection, names of
-bluetooth devices, etc. These are the names used when a
-<service> command is called for. The service name
-(e.g. Joes-wifi), the service path (e.g.
-wifi_6834534139723_managed_none), or the full service path (e.g.
-/net/connman/Service/wifi_5467631...) are all accepted as valid
-input. An asterisk in front of the service indicates that the
-service is favorited, and a "C" indicates a service that is
-already connected.
-.PP
-.TP
-.BR "services \-\-properties" " <service>"
-Shows a list of all properties for that service. See the
-properties section of the Service API for explanations of each
-property.
-.PP
-.TP
-.BR connect " <service>"
-Connects to the given service if it is unsecured.
-.PP
-.TP
-.BR disconnect " <service>"
-Disconnects from the given service.
-.PP
-.TP
-.BR config " <service> " \-\-<option>
-Configures a writable property of the given service to the
-value(s) entered after --<option>.
-.PP
-.TP
-.BR monitor " [\-\-<option>]"
-Listens for and displays DBus signals sent by Connman. The option indicates
-which signals you want to subscribe to. If no option is entered, it displays
-all signals from all interfaces.
-.PP
-.SS
-Config Options:
-.PP
-.TP
-.B \-\-autoconnect=y/n
-Sets the autoconnect property of the service.
-.PP
-.TP
-.B \-\-ipv4
-Configures the IPv4 settings for the service. Enter the settings
-in the order "Method", "Address", "Netmask", then "Gateway"
-after the argument. See the properties section of the Service
-API for more information on these settings and the values
-accepted for them. It also displays a list of changes to both the
-IPv4 settings, and incidental changes to other values related to
-it.
-.PP
-.TP
-.B \-\-ipv6
-Configures the IPv6 settings for the service. Enter the settings
-in the order "Method", "Address", "PrefixLength", "Gateway", then
-"Privacy". See the properties section of the Service API for more
-information on these settings and the values accepted for them.
-It also displays a list of entered changes to the IPv6 settings,
-and incidental changes to other values related to it.
-.PP
-.TP
-.B \-\-nameservers
-Adds to the list of manually configured domain name servers.
-Enter the name servers after the argument separated by spaces.
-.PP
-.TP
-.B \-\-timeservers
-Adds to the list of manually configured time servers. Enter the
-time servers after the argument separated by spaces.
-.PP
-.TP
-.B \-\-domains
-Adds to the list of manually configured search domains. Enter
-the domains after the argument, separated by spaces.
-.PP
-.TP
-.B \-\-proxy
-Configures the IPv6 settings for the service. Enter the settings in the
-order "Method", "URL". If the Method is set to "direct", no other arguments
-are taken. If the Method is set to "auto", the URL is optional. To set the
-Servers and Excludes manually, enter "manual" followed by "servers" with a
-list of servers separated by spaces. Then, optionally, the word "excludes"
-followed by a list of excludes separated by spaces. e.g. "./connmanctl config
-joes-wifi \-\-proxy manual servers serv1 serv2 serv3 excludes excl1 excl2"
-.PP
-.SS
-Monitor Options:
-.PP
-.TP
-.B \-\-services
-Listens for and displays the PropertyChanged signal from the Service interface.
-Also displays the service name (e.g. Joes-wifi) that the property is part of.
-More information, including a list of possible properties can be found in the
-Service API.
-.PP
-.TP
-.B \-\-tech
-Listens for and displays the PropertyChanged signal from the Technology
-interface. More information, including a list of possible properties can be
-found in the Technology API.
-.PP
-.TP
-.B \-\-manager
-Listens for and displays the PropertyChanged, ServicesChanged, TechnologyAdded,
-and TechnologyRemoved signals from the Manager interface. More information on
-these signals and a list of possible properties can be found in the Manager API.
-.PP
diff --git a/doc/gtk-doc.make b/doc/gtk-doc.make
deleted file mode 100644
index 354ffb7..0000000
--- a/doc/gtk-doc.make
+++ /dev/null
@@ -1,173 +0,0 @@
-# -*- mode: makefile -*-
-
-####################################
-# Everything below here is generic #
-####################################
-
-if GTK_DOC_USE_LIBTOOL
-GTKDOC_CC = $(LIBTOOL) --mode=compile $(CC) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-GTKDOC_LD = $(LIBTOOL) --mode=link $(CC) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS)
-else
-GTKDOC_CC = $(CC) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-GTKDOC_LD = $(CC) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS)
-endif
-
-# We set GPATH here; this gives us semantics for GNU make
-# which are more like other make's VPATH, when it comes to
-# whether a source that is a target of one rule is then
-# searched for in VPATH/GPATH.
-#
-GPATH = $(srcdir)
-
-TARGET_DIR=$(HTML_DIR)/$(DOC_MODULE)
-
-EXTRA_DIST = \
- $(content_files) \
- $(HTML_IMAGES) \
- $(DOC_MAIN_SGML_FILE) \
- $(DOC_MODULE)-sections.txt \
- $(DOC_MODULE)-overrides.txt
-
-DOC_STAMPS=scan-build.stamp tmpl-build.stamp sgml-build.stamp html-build.stamp \
- $(srcdir)/tmpl.stamp $(srcdir)/sgml.stamp $(srcdir)/html.stamp
-
-SCANOBJ_FILES = \
- $(DOC_MODULE).args \
- $(DOC_MODULE).hierarchy \
- $(DOC_MODULE).interfaces \
- $(DOC_MODULE).prerequisites \
- $(DOC_MODULE).signals
-
-REPORT_FILES = \
- $(DOC_MODULE)-undocumented.txt \
- $(DOC_MODULE)-undeclared.txt \
- $(DOC_MODULE)-unused.txt
-
-CLEANFILES = $(SCANOBJ_FILES) $(REPORT_FILES) $(DOC_STAMPS)
-
-if ENABLE_GTK_DOC
-all-local: html-build.stamp
-else
-all-local:
-endif
-
-docs: html-build.stamp
-
-#### scan ####
-
-scan-build.stamp: $(HFILE_GLOB) $(CFILE_GLOB)
- @echo 'gtk-doc: Scanning header files'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && \
- gtkdoc-scan --module=$(DOC_MODULE) --source-dir=$(DOC_SOURCE_DIR) --ignore-headers="$(IGNORE_HFILES)" $(SCAN_OPTIONS) $(EXTRA_HFILES)
- if grep -l '^..*$$' $(srcdir)/$(DOC_MODULE).types > /dev/null 2>&1 ; then \
- CC="$(GTKDOC_CC)" LD="$(GTKDOC_LD)" CFLAGS="$(GTKDOC_CFLAGS)" LDFLAGS="$(GTKDOC_LIBS)" gtkdoc-scangobj $(SCANGOBJ_OPTIONS) --module=$(DOC_MODULE) --output-dir=$(srcdir) ; \
- else \
- cd $(srcdir) ; \
- for i in $(SCANOBJ_FILES) ; do \
- test -f $$i || touch $$i ; \
- done \
- fi
- touch scan-build.stamp
-
-$(DOC_MODULE)-decl.txt $(SCANOBJ_FILES) $(DOC_MODULE)-sections.txt $(DOC_MODULE)-overrides.txt: scan-build.stamp
- @true
-
-#### templates ####
-
-tmpl-build.stamp: $(DOC_MODULE)-decl.txt $(SCANOBJ_FILES) $(DOC_MODULE)-sections.txt $(DOC_MODULE)-overrides.txt
- @echo 'gtk-doc: Rebuilding template files'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && gtkdoc-mktmpl --module=$(DOC_MODULE) $(MKTMPL_OPTIONS)
- touch tmpl-build.stamp
-
-tmpl.stamp: tmpl-build.stamp
- @true
-
-tmpl/*.sgml:
- @true
-
-
-#### xml ####
-
-sgml-build.stamp: tmpl.stamp $(HFILE_GLOB) $(CFILE_GLOB) $(DOC_MODULE)-sections.txt $(srcdir)/tmpl/*.sgml $(expand_content_files)
- @echo 'gtk-doc: Building XML'
- @-chmod -R u+w $(srcdir)
- cd $(srcdir) && \
- gtkdoc-mkdb --module=$(DOC_MODULE) --source-dir=$(DOC_SOURCE_DIR) --output-format=xml --expand-content-files="$(expand_content_files)" --main-sgml-file=$(DOC_MAIN_SGML_FILE) $(MKDB_OPTIONS)
- touch sgml-build.stamp
-
-sgml.stamp: sgml-build.stamp
- @true
-
-#### html ####
-
-html-build.stamp: sgml.stamp $(DOC_MAIN_SGML_FILE) $(content_files)
- @echo 'gtk-doc: Building HTML'
- @-chmod -R u+w $(srcdir)
- rm -rf $(srcdir)/html
- mkdir $(srcdir)/html
- cd $(srcdir)/html && gtkdoc-mkhtml $(DOC_MODULE) ../$(DOC_MAIN_SGML_FILE)
- test "x$(HTML_IMAGES)" = "x" || ( cd $(srcdir) && cp $(HTML_IMAGES) html )
- @echo 'gtk-doc: Fixing cross-references'
- cd $(srcdir) && gtkdoc-fixxref --module-dir=html --html-dir=$(HTML_DIR) $(FIXXREF_OPTIONS)
- touch html-build.stamp
-
-##############
-
-clean-local:
- rm -f *~ *.bak
- rm -rf .libs
-
-distclean-local:
- cd $(srcdir) && \
- rm -rf xml $(REPORT_FILES) \
- $(DOC_MODULE)-decl-list.txt $(DOC_MODULE)-decl.txt
-
-maintainer-clean-local: clean
- cd $(srcdir) && rm -rf xml html
-
-install-data-local:
- -installfiles=`echo $(srcdir)/html/*`; \
- if test "$$installfiles" = '$(srcdir)/html/*'; \
- then echo '-- Nothing to install' ; \
- else \
- $(mkinstalldirs) $(DESTDIR)$(TARGET_DIR); \
- for i in $$installfiles; do \
- echo '-- Installing '$$i ; \
- $(INSTALL_DATA) $$i $(DESTDIR)$(TARGET_DIR); \
- done; \
- echo '-- Installing $(srcdir)/html/index.sgml' ; \
- $(INSTALL_DATA) $(srcdir)/html/index.sgml $(DESTDIR)$(TARGET_DIR) || :; \
- which gtkdoc-rebase >/dev/null && \
- gtkdoc-rebase --relative --dest-dir=$(DESTDIR) --html-dir=$(DESTDIR)$(TARGET_DIR) ; \
- fi
-
-
-uninstall-local:
- rm -f $(DESTDIR)$(TARGET_DIR)/*
-
-#
-# Require gtk-doc when making dist
-#
-if ENABLE_GTK_DOC
-dist-check-gtkdoc:
-else
-dist-check-gtkdoc:
- @echo "*** gtk-doc must be installed and enabled in order to make dist"
- @false
-endif
-
-dist-hook: dist-check-gtkdoc dist-hook-local
- mkdir $(distdir)/tmpl
- mkdir $(distdir)/xml
- mkdir $(distdir)/html
- -cp $(srcdir)/tmpl/*.sgml $(distdir)/tmpl
- -cp $(srcdir)/xml/*.xml $(distdir)/xml
- cp $(srcdir)/html/* $(distdir)/html
- -cp $(srcdir)/$(DOC_MODULE).types $(distdir)/
- -cp $(srcdir)/$(DOC_MODULE)-sections.txt $(distdir)/
- cd $(distdir) && rm -f $(DISTCLEANFILES)
- -gtkdoc-rebase --online --relative --html-dir=$(distdir)/html
-
-.PHONY : dist-hook-local docs
diff --git a/doc/manager-api.txt b/doc/manager-api.txt
index ad07c3d..05d2701 100644
--- a/doc/manager-api.txt
+++ b/doc/manager-api.txt
@@ -39,6 +39,13 @@ Methods dict GetProperties()
Possible Errors: [service].Error.InvalidArguments
+ array{object,dict} GetPeers() [experimental]
+
+ Returns a sorted list of tuples with peer object path
+ and dictionary of peer properties
+
+ Possible Errors: [service].Error.InvalidArguments
+
object ConnectProvider(dict provider) [deprecated]
Connect to a VPN specified by the given provider
@@ -186,6 +193,28 @@ Signals TechnologyAdded(object path, dict properties)
required to watch the PropertyChanged signal of
the service object.
+ PeersChanged(array{object, dict}, array{object}) [experimental]
+
+ Signals a list of peers that have been changed via the
+ first array. And a list of peer that have been removed
+ via the second array.
+
+ The list of changed peers is sorted. The dictionary
+ with the properties might be empty in case none of the
+ properties have changed. Or only contains the
+ properties that have changed.
+
+ For newly added peers the whole set of properties will
+ be present.
+
+ The list of removed peers can be empty.
+
+ This signal will only be triggered when the sort order
+ of the peer list or the number of peers changes. It
+ will not be emitted if only a property of the peer
+ object changes. For that it is required to watch the
+ PropertyChanged signal of the peer object.
+
PropertyChanged(string name, variant value)
This signal indicates a changed value of the given
@@ -232,11 +261,9 @@ Properties string State [readonly]
the limited usage of WiFi or Bluetooth devices might
be allowed in some situations.
- boolean SessionMode [readwrite] [experminental]
+ boolean SessionMode [readwrite] [experminental][deprecated]
- This disables the auto connect feature. It should be
- enabled when the Session API is used. When SessionMode
- is enabled, 'ConnectService' and 'ConnectProvider'
- method calls are disallowed.
+ This property exists only for compatibility reasons
+ and does not affect ConnMan in any way.
The default value is false.
diff --git a/doc/overview-api.txt b/doc/overview-api.txt
index 7268adc..f126887 100644
--- a/doc/overview-api.txt
+++ b/doc/overview-api.txt
@@ -99,13 +99,11 @@ delete/remove button.
| |
Ethernet is special here since the unplugging of the network cable will
-remove the favorite selection.
+remove the service from the list
+---------------------------------------+
| Ethernet with cable | order=1 - favorite=yes
+---------------------------------------+
- | Ethernet without cable | order=0 - favorite=no
- +---------------------------------------+
| Guest (strength 90, none) | order=0
+---------------------------------------+
| |
@@ -143,14 +141,13 @@ A working connection is considered top priority.
+---------------------------------------+
| |
-Another possible user interaction would be to unplug the Ethernet cable and
-in this case the favorite setting will be removed and the service falls back
-down in the list.
+Another possible user interaction would be to disconnect the Ethernet service
+and in this case the service falls back down in the list.
+---------------------------------------+
| My WiFi AP (strength 80, rsn) | order=1 - connected=yes
+---------------------------------------+
- | Ethernet | order=0
+ | Ethernet | order=1 - connected=no
+---------------------------------------+
| Guest (strength 90, none) | order=0
+---------------------------------------+
@@ -174,15 +171,11 @@ and are sorted above all others.
+---------------------------------------+
| |
-Unplugging the Ethernet cable will remove the favorite setting, but due to
-the basic ordering of services it will be at the top of the services with an
-order number of 0 (directly after all favorite services).
+Unplugging the Ethernet cable will remove the Ethernet service.
+---------------------------------------+
| My WiFi AP (strength 80, rsn) | order=1 - connected=no
+---------------------------------------+
- | Ethernet | order=0 - connected=no
- +---------------------------------------+
| Guest (strength 90, none) | order=0
+---------------------------------------+
| |
@@ -197,7 +190,7 @@ included in this list. They will only show up once a carrier is detected.
The service interface is not meant for basic device configuration task. So
switching a device on and off (via RFKILL for example) should be done via
-the technology interface.
+the technology interface. See "Technology interfaces" chapter in this document.
Due to limited screen size of small devices and the big amount of WiFi
access points that are deployed right now it might be sensible to not show
@@ -408,3 +401,35 @@ gives detailed information about the current progress.
All state changes are also sent via the PropertyChanged signal on the
service interface. This allows asynchronous monitoring without having to poll
Connection Manager for changes.
+
+
+Technology interfaces
+=====================
+
+When ConnMan is started first time, all technologies except ethernet are
+powered off by default. The reason is that the user needs to decide which
+technologies are relevant to him and what bearers the user wants to use.
+User can use the Technology Powered property to turn on or off a given
+technology. See doc/technology-api.txt document for details.
+
+User can activate offline (flight) mode via Manager OfflineMode property.
+While in offline mode, all the technologies including ethernet are
+powered off. During the offline mode, the user can temporarily activate
+individual technologies by using the Technology Powered property or by
+using the rfkill command or Fn-Fx key combination found in some laptops.
+
+If the host supports rfkill switch, then all the radios can be turned off
+by the kernel when the switch is activated. ConnMan will notice this and
+remove corresponding technologies from D-Bus. Technologies cannot be
+activated while rfkill switch is turned on. When rfkill switch is turned
+off (radios are activated), then ConnMan restores the original Powered
+status for each activated technology.
+
+User can use the rfkill command from command line or indirectly via
+some UI component to activate/deactivate individual radios found in
+the host. ConnMan will listen these rfkill events and set the Powered
+property accordingly. ConnMan will not save the rfkill status it has
+received. This means that after restarting ConnMan, the original and
+saved technology status is used when deciding which technologies should
+be powered. If the user uses the Technology D-Bus API to set the Powered
+property, then that information is saved and used when ConnMan is restarted.
diff --git a/doc/plugin-api.txt b/doc/plugin-api.txt
index b39c043..616938b 100644
--- a/doc/plugin-api.txt
+++ b/doc/plugin-api.txt
@@ -22,3 +22,143 @@ static void example_exit(void)
CONNMAN_PLUGIN_DEFINE(example, "Example plugin", CONNMAN_VERSION,
example_init, example_exit)
+
+
+Infrastructure for plugins
+==========================
+
+The Connection Manager provides a very good infrastructure for plugins to
+interface with the core functionalities of ConnMan. The infrastructure is
+well divided into the concepts of Technology, Device and Network, among
+others.
+
+Technology infrastructure
+=========================
+
+A Technology in ConnMan is an abstract representation of the different
+kinds of technologies it supports such as WiFi, Ethernet, Bluetooth and
+Celullar. The technologies support are added to ConnMan through plugins, such
+as plugins/bluetooth.c for the Bluetooth Technology or plugins/wifi.c for the
+WiFi Technology. Each new technology plugin needs to register itself as a
+Technology with ConnMan. As an example we will take a look at the Bluetooth
+plugin registration. As a first step 'struct connman_technology_driver' needs
+to be defined:
+
+ static struct connman_technology_driver tech_driver = {
+ .name = "bluetooth",
+ .type = CONNMAN_SERVICE_TYPE_BLUETOOTH,
+ .probe = bluetooth_tech_probe,
+ .remove = bluetooth_tech_remove,
+ .set_tethering = bluetooth_tech_set_tethering,
+ };
+
+More functions can be defined depending on the purpose of the plugin. All
+vtable's supported functions can be seen in include/technology.h. If a
+completely new technology type is added 'enum connman_service_type' in
+include/service.h needs to be extended accordingly. This inclusion comes in
+the form of Service because ultimately a new technology introduces a new
+Service. New technologies can also reuse existing Services types.
+
+To make the Connection Manager aware of the new Technology plugin we need to
+register its driver by calling 'connman_technology_driver_register()' in the
+plugin initialization function, bluetooth_init() in this example:
+
+ connman_technology_driver_register(&tech_driver);
+
+In this document the error check is supressed for the sake of simplicity.
+All plugins should check return values in driver registration functions.
+
+After this call ConnMan becomes aware of the new Technology plugin and will
+call the probe() method when the new technology is recognized by the system. For
+the Bluetooth plugin for example probe() would be called when a Bluetooth
+adapter is recognized. A Technology is only probed if there exists at least
+one device of such technology plugged into the system.
+
+Complementary, the technology must be unregistered on the plugin exit function
+through 'connman_technology_driver_unregister()'.
+
+Device infrastructure
+=====================
+
+A Device represents a real device of a given Technology, there could be many
+devices per technology. To enable ConnMan to handle Devices a device driver
+needs to be registered. Using the Bluetooth plugin as example it would have to
+define a 'struct connman_device_driver':
+
+ static struct connman_device_driver device_driver = {
+ .name = "bluetooth",
+ .type = CONNMAN_DEVICE_TYPE_BLUETOOTH,
+ .probe = bluetooth_device_probe,
+ .remove = bluetooth_device_remove,
+ .enable = bluetooth_device_enable,
+ .disable = bluetooth_device_disable,
+ };
+
+And to register the driver:
+
+ connman_device_driver_register(&device_driver);
+
+'connman_device_driver_register()' is called during the plugin initialization
+process, not necessarily at the plugin init function.
+
+In this document the error check is supressed for the sake of simplicity.
+All plugins should check return values in driver registration functions.
+
+Additionally code to handle the detection of new devices needs to be written
+for each plugin, the bluetooth plugin does so by registering watchers for the
+BlueZ D-Bus interface. Once a new Bluetooth Device appears the plugin needs to
+notify ConnMan core by calling connman_device_create(), for the bluetooth
+plugin the call would be:
+
+ struct connman_device *device;
+
+ device = connman_device_create("bluetooth",
+ CONNMAN_DEVICE_TYPE_BLUETOOTH)
+
+ConnMan core will then register the bluetooth device as a Device entity and
+call the probe() function from the bluetooth plugin device driver. If a
+Technology entity for the Device type doesn't exist it will be created and
+Technology probe() function in the bluetooth technology driver is called.
+
+For the Bluetooth plugin a Device represents the local Bluetooth Adapter
+plugged in the system.
+
+To learn how to use the connman_device_*() functions such as
+connman_device_set_powered() and connman_device_ref() see src/device.c for
+its API documentation.
+
+Network infrastructure
+======================
+
+The Connection Manager provides a mean to plugins handle the specifics of
+establishing/handling a connection for each type of Technology. For the
+bluetooth plugin a connman_network_driver needs to be registered:
+
+ static struct connman_network_driver network_driver = {
+ .name = "bluetooth",
+ .type = CONNMAN_NETWORK_TYPE_BLUETOOTH_PAN,
+ .probe = bluetooth_pan_probe,
+ .remove = bluetooth_pan_remove,
+ .connect = bluetooth_pan_connect,
+ .disconnect = bluetooth_pan_disconnect,
+ };
+
+And then call the register function:
+
+ connman_network_driver_register(&network_driver);
+
+In this document the error check is supressed for the sake of simplicity.
+All plugins should check return values in driver registration functions.
+
+The next step would be the probe of a Network entity, for the bluetooth
+plugin this would happen when a new device that supports the PAN NAP role is
+paired with the system. ConnMan then call connman_device_add_network() to
+associate the new Network with the existing Device entity (the local Bluetooth
+Adapter).
+
+Then in the vtable's connect method all the needed pieces to perform a
+connection shall be perfomed.
+
+To learn how to use the connman_network_*() functions such as
+connman_network_set_index() and connman_network_set_connected() see
+src/network.c for its API documentation.
diff --git a/doc/service-api.txt b/doc/service-api.txt
index 54b77a4..c9dd7e2 100644
--- a/doc/service-api.txt
+++ b/doc/service-api.txt
@@ -22,6 +22,9 @@ Methods dict GetProperties() [deprecated]
changeable. On success a PropertyChanged signal
will be emitted.
+ Properties cannot be set for hidden WiFi service
+ entries or provisioned services.
+
Possible Errors: [service].Error.InvalidArguments
[service].Error.InvalidProperty
@@ -29,6 +32,9 @@ Methods dict GetProperties() [deprecated]
Clears the value of the specified property.
+ Properties cannot be cleared for hidden WiFi service
+ entries or provisioned services.
+
Possible Errors: [service].Error.InvalidArguments
[service].Error.InvalidProperty
@@ -48,6 +54,11 @@ Methods dict GetProperties() [deprecated]
setting a longer D-Bus timeout might be a really
good idea.
+ Calling Connect() on a hidden WiFi service entry will
+ query the missing SSID via the Agent API causing a
+ WiFi service with the given SSID to be scanned,
+ created and connected.
+
Possible Errors: [service].Error.InvalidArguments
void Disconnect()
@@ -63,6 +74,9 @@ Methods dict GetProperties() [deprecated]
This method can also be used to abort a previous
connection attempt via the Connect method.
+ Hidden WiFi service entries cannot be disconnected
+ as they always stay in idle state.
+
Possible Errors: [service].Error.InvalidArguments
void Remove()
@@ -81,9 +95,10 @@ Methods dict GetProperties() [deprecated]
service is in the State=failure, this method can
also be used to reset the service.
- Calling this method on Ethernet devices will cause
- an error message. It is not possible to remove these
- kind of devices.
+ Calling this method on Ethernet devices, hidden WiFi
+ services or provisioned services will cause an error
+ message. It is not possible to remove these kind of
+ services.
Possible Errors: [service].Error.InvalidArguments
diff --git a/doc/session-overview.txt b/doc/session-overview.txt
index d42c6d1..9af6a67 100644
--- a/doc/session-overview.txt
+++ b/doc/session-overview.txt
@@ -5,55 +5,14 @@ Session API
Connection management algorithm basics
======================================
-When a session is created, a sorted list of services is added to the
-session. The services are filtered and sorted according AllowedBearers.
-
-There are three triggers which lead to evaluate the connect
-algorithm:
-
- - Session.Connect()
- - Offline
-
-Connect algorithm:
-
- Session.Connect()
- |
- +------+-------+
- +-----+ECall Session ?+-----+
- Yes| +--------------+ |No
- | |
- Connect to +--------------+
- first available +---+AvoidHandover?+---+
- Service | +--------------+ |
- Yes| |No
- +----------------+ |
- +---+In service_list +---+ |
- Yes| |and online? | |No |
- | +----------------+ | |
- | | |
- Take that one Take first in
- the service list
-
-Disconnect algorithm
-
- - Session.Disconnect()
-
-Disconnect algorithm:
-
- Session.Disconnect()
- |
- +--- Session.Change()
- |
-+-----------------+ Yes
-|service not used +-------------+
-|by other session?| |
-+------.----------+ |
- |No |
- | |
- Service.Disconnect() Do nothing
-
-Session.Disconnect() will be blocked whenever a ongoing
-emergency call is active.
+The Session core uses the normal auto-connect algorithm for selecting
+which services will be connected or disconnected. That means only
+Services with AutoConnect to set to true will be used. The Session
+core will assign a connected Service to a Session if the Service
+is matching the AllowedBearer filter.
+
+By using the normal auto-connect algorithm, it is possible to
+use the Session API and the Service API at the same time.
Session States and Transitions
@@ -76,3 +35,60 @@ Connnect()
| ^
+-----+
Disconnect()
+
+
+If an application wants to stay offline it can set an empty
+AllowedBearers list.
+
+
+Session application identification
+==================================
+
+Application using session can be identified through different means.
+
+ - SELinux
+ - UID
+ - GID
+
+ConnMan will try to identify the application in the given order above.
+If SELinux is not supported by the system or not configured, ConnMan
+will ignore it and fallback asking the D-Bus daemon about the UID of
+the application.
+
+The identification is only useful in combination with the policy plugin.
+
+
+Policy Plugin
+=============
+
+The policy plugin allows the administrator to provision/configure
+sessions. Each policy needs an application identification in order to
+match the policy to a session.
+
+See session-policy-format.txt for more details.
+
+
+Per application routing
+=======================
+
+For each session a policy routing table is maintained. Each policy
+routing table contains a default route to the selected service.
+
+Per session iptables rules:
+
+iptables -t mangle -A OUTPUT -m owner [--uid-owner|--gid-owner] $OWNER \
+ -j MARK --set-mark $MARK
+
+Global rules for all sessions:
+
+iptables -t mangle -A INPUT -j CONNMARK --restore-mark
+iptables -t mangle -A POSTROUTING -j CONNMARK --save-mark
+
+Per application routing is only available when policy files are
+used. Without the policy plugin or a valid configuration, the default
+session configuration is applied.
+
+The default session configuration does not enable the per application
+routing. Sessions are still useful in this setup, because the
+notification of sessions is still available, e.g. the online/offline
+notification.
diff --git a/doc/technology-api.txt b/doc/technology-api.txt
index 81adcbc..f97eac0 100644
--- a/doc/technology-api.txt
+++ b/doc/technology-api.txt
@@ -36,6 +36,10 @@ Methods dict GetProperties() [deprecated]
Results will be signaled via the ServicesChanged
signal from the manager interface.
+ In case of P2P technology, results will be signaled
+ via the PeersChanged signal from the manager
+ interface.
+
Signals PropertyChanged(string name, variant value)
This signal indicates a changed value of the given
diff --git a/doc/valgrind.suppressions b/doc/valgrind.suppressions
deleted file mode 100644
index c1c7bca..0000000
--- a/doc/valgrind.suppressions
+++ /dev/null
@@ -1,235 +0,0 @@
-{
- <syslog error>
- Memcheck:Cond
- obj:/lib/libc-*.so
- ...
- fun:localtime_r
- fun:__vsyslog_chk
- fun:__syslog_chk
- fun:__connman_log_init
- ...
-}
-{
- <iconv open>
- Memcheck:Addr4
- obj:/lib/libc-*.so
- obj:/lib/libglib-2.0.so*
- fun:g_iconv_open
- ...
- fun:g_convert
- fun:g_locale_to_utf8
- fun:g_strerror
- fun:g_key_file_load_from_file
- ...
-}
-{
- <ioctl ADDRT/DELRT>
- Memcheck:Param
- ioctl(SIOCADDRT/DELRT)
- obj:/lib/ld-*.so
- ...
-}
-{
- <g_main_loop>
- Memcheck:Leak
- fun:memalign
- ...
- fun:g_slice_alloc
- ...
- fun:g_main_loop_new
- ...
-}
-{
- <g_option_context_parse>
- Memcheck:Leak
- ...
- fun:g_slice_alloc
- ...
- fun:g_option_context_parse
- ...
-}
-{
- <g_key_file_load_from_data>
- Memcheck:Leak
- ...
- fun:g_slice_alloc
- ...
- fun:g_key_file_load_from_data
- ...
-}
-{
- <g_key_file_new 1>
- Memcheck:Leak
- ...
- fun:g_slice_alloc
- ...
- fun:g_key_file_new
- ...
-}
-{
- <g_key_file_new 2>
- Memcheck:Leak
- fun:*alloc
- ...
- fun:g_key_file_new
- fun:main
-}
-{
- <connman plugin cleanup>
- Memcheck:Leak
- ...
- fun:__connman_plugin_cleanup
- ...
-}
-{
- <cmd line option parsing>
- Memcheck:Leak
- fun:malloc
- fun:g_malloc
- fun:g_strdup
- fun:g_set_prgname
- fun:g_option_context_parse
- fun:main
-}
-{
- <dbus system bus setup 1>
- Memcheck:Leak
- ...
- fun:dbus_malloc*
- ...
- fun:g_dbus_setup_bus
- fun:main
-}
-{
- <dbus system bus setup 2>
- Memcheck:Leak
- ...
- fun:g_malloc*
- ...
- fun:dbus_connection_set_watch_functions
- fun:setup_bus
- ...
-}
-{
- <key file get charset>
- Memcheck:Leak
- ...
- fun:g_*alloc*
- ...
- fun:g_strerror
- fun:g_key_file_load_from_file
- fun:main
-}
-{
- <dbus disconnect func set>
- Memcheck:Leak
- ...
- fun:filter_data_get
- fun:g_dbus_add_signal_watch
- fun:g_dbus_set_disconnect_function
- fun:main
-}
-{
- <plugin dlopen>
- Memcheck:Leak
- ...
- fun:dlopen
- fun:__connman_plugin_init
- fun:main
-}
-{
- <dbus system bus setup 3>
- Memcheck:Leak
- ...
- fun:dbus_malloc0
- ...
- fun:dbus_parse_address
- ...
- fun:g_dbus_setup_bus
- fun:main
-}
-{
- <libdbus internals 1>
- Memcheck:Leak
- fun:*malloc
- ...
- obj:/lib/libdbus-1.so.3.5.3
-}
-{
- <dbus system bus setup 4>
- Memcheck:Leak
- fun:*alloc
- ...
- fun:dbus_*alloc*
- ...
- fun:g_dbus_setup_bus
- fun:main
-}
-{
- <dbus system bus setup 5>
- Memcheck:Leak
- fun:calloc
- fun:g_malloc0
- ...
- fun:g_dbus_set_disconnect_function
- fun:main
-}
-{
- <dbus bus remove match>
- Memcheck:Leak
- fun:malloc
- fun:g_malloc
- fun:g_source_set_callback
- fun:g_timeout_add_full
- fun:g_timeout_add
- ...
- fun:dbus_pending_call_block
- fun:dbus_connection_send_with_reply_and_block
- ...
- fun:dbus_bus_remove_match
-}
-{
- <g_main_loop_run/new>
- Memcheck:Leak
- fun:*alloc
- ...
- fun:g_main_loop_*
- fun:main
-}
-{
- <g_main_context_dispatch>
- Memcheck:Leak
- fun:*alloc
- ...
- fun:g_main_context_dispatch
-}
-{
- <libdbus internals 2>
- Memcheck:Leak
- fun:realloc
- fun:dbus_realloc
- ...
- fun:dbus_message_set_reply_serial
- fun:dbus_message_new_error
- ...
-}
-{
- <libdbus internals 3>
- Memcheck:Leak
- fun:realloc
- fun:dbus_realloc
- ...
- fun:dbus_message_new_signal
- ...
-}
-{
- <dbus_bus_register>
- Memcheck:Leak
- fun:malloc
- fun:realloc
- fun:dbus_realloc
- ...
- fun:dbus_pending_call_block
- fun:dbus_connection_send_with_reply_and_block
- fun:dbus_bus_register
-}
diff --git a/doc/version.xml.in b/doc/version.xml.in
deleted file mode 100644
index d78bda9..0000000
--- a/doc/version.xml.in
+++ /dev/null
@@ -1 +0,0 @@
-@VERSION@
diff --git a/doc/vpn-agent-api.txt b/doc/vpn-agent-api.txt
deleted file mode 100644
index bdef9f3..0000000
--- a/doc/vpn-agent-api.txt
+++ /dev/null
@@ -1,137 +0,0 @@
-Agent hierarchy
-===============
-
-Service unique name
-Interface net.connman.vpn.Agent
-Object path freely definable
-
-Methods void Release()
-
- This method gets called when the service daemon
- unregisters the agent. An agent can use it to do
- cleanup tasks. There is no need to unregister the
- agent, because when this method gets called it has
- already been unregistered.
-
- void ReportError(object service, string error)
-
- This method gets called when an error has to be
- reported to the user.
-
- A special return value can be used to trigger a
- retry of the failed transaction.
-
- Possible Errors: net.connman.vpn.Agent.Error.Retry
-
- dict RequestInput(object service, dict fields)
-
- This method gets called when trying to connect to
- a service and some extra input is required. For
- example a password or username.
-
- The return value should be a dictionary where the
- keys are the field names and the values are the
- actual fields. Alternatively an error indicating that
- the request got canceled can be returned.
-
- Most common return field names are "Username" and of
- course "Password".
-
- The dictionary arguments contains field names with
- their input parameters.
-
- Possible Errors: net.connman.vpn.Agent.Error.Canceled
-
- void Cancel()
-
- This method gets called to indicate that the agent
- request failed before a reply was returned.
-
-Fields string Username
-
- Username for authentication. This field will be
- requested when connecting to L2TP and PPTP.
-
- string Password
-
- Password for authentication.
-
- boolean SaveCredentials
-
- Tells if the user wants the user credentials
- be saved by connman-vpnd.
-
- string Host
-
- End point of this VPN link i.e., the VPN gateway
- we are trying to connect to.
-
- string Name
-
- Name of the VPN connection we are trying to connect to.
-
- string OpenConnect.Cookie
-
- Return the OpenConnect cookie value that is used to
- authenticate the user and is specific to this user.
-
-Arguments string Type
-
- Contains the type of a field. For example "password",
- "response", "boolean" or plain "string".
-
- string Requirement
-
- Contains the requirement option. Valid values are
- "mandatory", "optional", "alternate" or
- "informational".
-
- The "alternate" value specifies that this field can be
- returned as an alternative to another one.
-
- All "mandatory" fields must be returned, while the
- "optional" can be returned if available.
-
- Nothing needs to be returned for "informational", as it
- is here only to provide an information so a value is
- attached to it.
-
- array{string} Alternates
-
- Contains the list of alternate field names this
- field can be represented by.
-
- string Value
-
- Contains data as a string, relatively to an
- "informational" argument.
-
-Examples Requesting a username and password for L2TP network
-
- RequestInput("/vpn1",
- { "Username" : { "Type" : "string",
- "Requirement" : "mandatory"
- } }
- { "Password" : { "Type" : "password",
- "Requirement" : "mandatory"
- } }
- { "SaveCredentials" : { "Type" : "boolean",
- "Requirement" : "optional"
- }
- }
- ==> { "Username" : "foo", "Password" : "secret123",
- "SaveCredentials" : true }
-
- Requesting a OpenConnect cookie
-
- RequestInput("/vpn2",
- { "OpenConnect.Cookie" : { "Type" : "string",
- "Requirement" : "mandatory"
- } }
- { "Host" : { "Type" : "string",
- "Requirement" : "informational"
- } }
- { "Name" : { "Type" : "string",
- "Requirement" : "informational"
- } }
- ==> { "OpenConnect.Cookie" : "0123456@adfsf@asasdf" }
diff --git a/doc/vpn-config-format.txt b/doc/vpn-config-format.txt
deleted file mode 100644
index f3c4569..0000000
--- a/doc/vpn-config-format.txt
+++ /dev/null
@@ -1,215 +0,0 @@
-Connman configuration file format for VPN
-*****************************************
-
-Connman VPN uses configuration files to provision existing providers.
-vpnd will be looking for its configuration files at VPN_STORAGEDIR
-which by default points to /var/lib/connman-vpn. Configuration file names
-must not include other characters than letters or numbers and must have
-a .config suffix. Those configuration files are text files with a simple
-format and we typically have one file per provisioned network.
-
-If the config file is removed, then vpnd tries to remove the
-provisioned service. If individual service entry inside config is removed,
-then the corresponding provisioned service is removed. If service
-entry is changed, then corresponding service is removed and then
-immediately re-provisioned.
-
-
-Global entry [global]
-=====================
-
-These files can have an optional global entry describing the actual file.
-The 2 allowed fields for that entry are:
-- Name: Name of the network.
-- Description: Description of the network.
-
-
-Provider entry [provider_*]
-===========================
-
-Each provisioned provider must start with the [provider_*] tag.
-Replace * with an identifier unique to the config file.
-
-Allowed fields:
-- Type: Provider type. Value of OpenConnect, OpenVPN, VPNC, L2TP or PPTP
-
-VPN related parameters (M = mandatory, O = optional):
-- Name: A user defined name for the VPN (M)
-- Host: VPN server IP address (M)
-- Domain: Domain name for the VPN service (M)
-- Networks: The networks behind the VPN link can be defined here. This can
- be missing if all traffic should go via VPN tunnel. If there are more
- than one network, then separate them by comma. Format of the entry
- is network/netmask/gateway. The gateway can be left out. (O)
- Example: 192.168.100.0/24/10.1.0.1,192.168.200.0/255.255.255.0/10.1.0.2
- For IPv6 addresses only prefix length is accepted like this 2001:db8::1/64
-
-OpenConnect VPN supports following options (see openconnect(8) for details):
- Option name OpenConnect option Description
- OpenConnect.ServerCert --servercert Accept server's SSL certificate
- only if its fingerprint matches
- this value (SHA1) (M)
- OpenConnect.CACert --cafile Cert file for server
- verification (M)
- VPN.MTU --mtu Request MTU from server as the
- MTU of the tunnel (O)
-
-OpenVPN VPN supports following options (see openvpn(8) for details):
- Option name OpenVPN option Description
- OpenVPN.CACert --ca Certificate authority file (M)
- OpenVPN.Cert --cert Local peer's signed certificate (M)
- OpenVPN.Key --key Local peer's private key (M)
- OpenVPN.MTU --mtu MTU of the tunnel (O)
- OpenVPN.NSCertType --ns-cert-type Peer certificate type, value of
- either server or client (O)
- OpenVPN.Proto --proto Use protocol (O)
- OpenVPN.Port --port TCP/UDP port number (O)
- OpenVPN.AuthUserPass --auth-user-pass Authenticate with server using
- username/password (O)
- OpenVPN.AskPass --askpass Get certificate password from file (O)
- OpenVPN.AuthNoCache --auth-nocache Don't cache --askpass or
- --auth-user-pass value (O)
- OpenVPN.TLSRemote --tls-remote Accept connections only from a host
- with X509 name or common name equal
- to name parameter (O)
- OpenVPN.TLSAuth sub-option of --tls-remote (O)
- OpenVPN.TLSAuthDir sub-option of --tls-remote (O)
- OpenVPN.Cipher --cipher Encrypt packets with cipher algorithm
- given as parameter (O)
- OpenVPN.Auth --auth Authenticate packets with HMAC using
- message digest algorithm alg (O)
- OpenVPN.CompLZO --comp-lzo Use fast LZO compression. Value can
- be "yes", "no", or "adaptive". Default
- is adaptive (O)
- OpenVPN.RemoteCertTls --remote-cert-tls Require that peer certificate was
- signed based on RFC3280 TLS rules.
- Value is "client" or "server" (O)
-
-VPNC VPN supports following options (see vpnc(8) for details):
- Option name VPNC config value Description
- VPNC.IPSec.ID IPSec ID your group username (M)
- VPNC.IPSec.Secret IPSec secret your group password (cleartext) (O)
- VPNC.Xauth.Username Xauth username your username (O)
- VPNC.Xauth.Password Xauth password your password (cleartext) (O)
- VPNC.IKE.Authmode IKE Authmode IKE Authentication mode (O)
- VPNC.IKE.DHGroup IKE DH Group name of the IKE DH Group (O)
- VPNC.PFS Perfect Forward Secrecy Diffie-Hellman group to use for PFS (O)
- VPNC.Domain Domain Domain name for authentication (O)
- VPNC.Vendor Vendor vendor of your IPSec gateway (O)
- VPNC.LocalPort Local Port local ISAKMP port number to use
- VPNC.CiscoPort Cisco UDP Encapsulation Port Local UDP port number to use (O)
- VPNC.AppVersion Application Version Application Version to report (O)
- VPNC.NATTMode NAT Traversal Mode Which NAT-Traversal Method to use (O)
- VPNC.DPDTimeout DPD idle timeout (our side) Send DPD packet after timeout (O)
- VPNC.SingleDES Enable Single DES enables single DES encryption (O)
- VPNC.NoEncryption Enable no encryption enables using no encryption for data traffic (O)
-
-L2TP VPN supports following options (see xl2tpd.conf(5) and pppd(8) for details)
- Option name xl2tpd config value Description
- L2TP.User - L2TP user name, asked from the user
- if not set here (O)
- L2TP.Password - L2TP password, asked from the user
- if not set here (O)
- L2TP.BPS bps Max bandwith to use (O)
- L2TP.TXBPS tx bps Max transmit bandwith to use (O)
- L2TP.RXBPS rx bps Max receive bandwith to use (O)
- L2TP.LengthBit length bit Use length bit (O)
- L2TP.Challenge challenge Use challenge authentication (O)
- L2TP.DefaultRoute defaultroute Default route (O)
- L2TP.FlowBit flow bit Use seq numbers (O)
- L2TP.TunnelRWS tunnel rws Window size (O)
- L2TP.Exclusive exclusive Use only one control channel (O)
- L2TP.Redial redial Redial if disconnected (O)
- L2TP.RedialTimeout redial timeout Redial timeout (O)
- L2TP.MaxRedials max redials How many times to try redial (O)
- L2TP.RequirePAP require pap Need pap (O)
- L2TP.RequireCHAP require chap Need chap (O)
- L2TP.ReqAuth require authentication Need auth (O)
- L2TP.AccessControl access control Accept only these peers (O)
- L2TP.AuthFile auth file Authentication file location (O)
- L2TP.ListenAddr listen-addr Listen address (O)
- L2TP.IPsecSaref ipsec saref Use IPSec SA (O)
- L2TP.Port port What UDP port is used (O)
-
- Option name pppd config value Description
- PPPD.EchoFailure lcp-echo-failure Dead peer check count (O)
- PPPD.EchoInterval lcp-echo-interval Dead peer check interval (O)
- PPPD.Debug debug Debug level (O)
- PPPD.RefuseEAP refuse-eap Deny eap auth (O)
- PPPD.RefusePAP refuse-pap Deny pap auth (O)
- PPPD.RefuseCHAP refuse-chap Deny chap auth (O)
- PPPD.RefuseMSCHAP refuse-mschap Deny mschap auth (O)
- PPPD.RefuseMSCHAP2 refuse-mschapv2 Deny mschapv2 auth (O)
- PPPD.NoBSDComp nobsdcomp Disables BSD compression (O)
- PPPD.NoPcomp nopcomp Disable protocol compression (O)
- PPPD.UseAccomp accomp Disable address/control compression (O)
- PPPD.NoDeflate nodeflate Disable deflate compression (O)
- PPPD.ReqMPPE require-mppe Require the use of MPPE (O)
- PPPD.ReqMPPE40 require-mppe-40 Require the use of MPPE 40 bit (O)
- PPPD.ReqMPPE128 require-mppe-128 Require the use of MPPE 128 bit (O)
- PPPD.ReqMPPEStateful mppe-stateful Allow MPPE to use stateful mode (O)
- PPPD.NoVJ no-vj-comp No Van Jacobson compression (O)
-
-
-PPTP VPN supports following options (see pptp(8) and pppd(8) for details)
- Option name pptp config value Description
- PPTP.User - PPTP user name, asked from the user
- if not set here (O)
- PPTP.Password - PPTP password, asked from the user
- if not set here (O)
-
- Option name pppd config value Description
- PPPD.EchoFailure lcp-echo-failure Dead peer check count (O)
- PPPD.EchoInterval lcp-echo-interval Dead peer check interval (O)
- PPPD.Debug debug Debug level (O)
- PPPD.RefuseEAP refuse-eap Deny eap auth (O)
- PPPD.RefusePAP refuse-pap Deny pap auth (O)
- PPPD.RefuseCHAP refuse-chap Deny chap auth (O)
- PPPD.RefuseMSCHAP refuse-mschap Deny mschap auth (O)
- PPPD.RefuseMSCHAP2 refuse-mschapv2 Deny mschapv2 auth (O)
- PPPD.NoBSDComp nobsdcomp Disables BSD compression (O)
- PPPD.NoDeflate nodeflate Disable deflate compression (O)
- PPPD.RequirMPPE require-mppe Require the use of MPPE (O)
- PPPD.RequirMPPE40 require-mppe-40 Require the use of MPPE 40 bit (O)
- PPPD.RequirMPPE128 require-mppe-128 Require the use of MPPE 128 bit (O)
- PPPD.RequirMPPEStateful mppe-stateful Allow MPPE to use stateful mode (O)
- PPPD.NoVJ no-vj-comp No Van Jacobson compression (O)
-
-
-Example
-=======
-
-This is a configuration file for a VPN providing L2TP, OpenVPN and
-OpenConnect services.
-
-
-example@example:[~]$ cat /var/lib/connman/vpn/example.config
-[global]
-Name = Example
-Description = Example VPN configuration
-
-[provider_l2tp]
-Type = L2TP
-Name = Connection to corporate network
-Host = 1.2.3.4
-Domain = corporate.com
-Networks = 10.10.30.0/24
-L2TP.User = username
-
-[provider_openconnect]
-Type = OpenConnect
-Name = Connection to corporate network using Cisco VPN
-Host = 7.6.5.4
-Domain = corporate.com
-Networks = 10.10.20.0/255.255.255.0/10.20.1.5,192.168.99.1/24,2001:db8::1/64
-OpenConnect.ServerCert = 263AFAB4CB2E6621D12E90182008AEF44AEFA031
-OpenConnect.CACert = /etc/certs/certificate.p12
-
-[provider_openvpn]
-Type = OpenVPN
-Name = Connection to corporate network using OpenVPN
-Host = 3.2.5.6
-Domain = my.home.network
-OpenVPN.CACert = /etc/certs/cacert.pem
-OpenVPN.Cert = /etc/certs/cert.pem
-OpenVPN.Key = /etc/certs/cert.key