| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Change-Id: Ia8c78e122998da70565700d895dbf54688e7c8b9
|
|
Change-Id: Ia3923cb1ff35e7bfbd4e45f13dd18af15ed89f56
|
|
|
|
|
|
An empty passphrase means that WPS is to be tried next. If WPS is not
supported by the service, passphrase can not be left empty.
|
|
Instead of having a global agent_input struct, make the structure a
member of the agent_data structure that gets passed around when
handling the RequestInput method call.
With this modification agent_data is self-contained with all needed
information and the RequestInput handling code can be shared between
ConnMan and VPN agent implementations.
|
|
|
|
ConnMan and ConnMan VPN daemon both send only one Agent message at
a time. Since they are two different daemons, they can be sending
messages at the same time independent of each other.
Implement a check for an agent request from the other daemon being
already processed and if so store the message for later. When the
current agent request has been processed, check if there are
pending requests from the other daemon and re-run the pending
function.
In order to support arbitrary queueing, make all method call
implementations asynchronous.
|
|
Create a new agent data structure for the VPN Agent and add the needed
minor modifications to Release, Cancel and ReportError method calls in
order to get them working both for Agent and VPN Agent.
Create new register and unregister functions for the VPN Agent code.
|
|
Collect the agent variables into a data structure and update the agent
functionality to pass this data structure around as function callback
user data.
Update the agent mode input functionality to store both the callback
function and user data pointers. Notice that only only one input
callback can be handled at any one time due to the input handling itself
and the simple storing of callback and user data pointers.
|
|
Agent messages need to be handled in the agent code, ignore them when
they get captured in the monitor code.
|
|
The previous pretty-printing fix causes another change to be
made for DBUS_TYPE_UINT16.
|
|
OPTION_DOMAIN_LIST(24) was not sent to server.
|
|
Existing tests did not test this scenario:
* new address is registered to 192.168.0.2
* new address is registered to 192.168.1.2
* ippool is created to 192.168.2.1 (no collision)
* ippool is created to 192.168.3.1 (no collision)
* new address is registered to 192.168.3.1 (collision detected)
|
|
Existing tests did not test this scenario:
* new address is registered to 192.168.1.2
* ippool is created to 192.168.0.1 (no collision)
* ippool is created to 192.168.2.1 (there is a collision and the
code should skip the 192.168.1.1 range)
|
|
Without this the unit tests might core dump as the allocated_block
pointer would point to already freed memory.
|
|
Fixes BMC#25993
|
|
Fixes BMC#26019
|
|
If all the technologies were powered off, then offline mode could
not be disabled.
Fixes BMC#26018
|
|
|
|
The hash table is now the owner of the service entry instead of the
service list.
|
|
The hash table is now the owner of the service entry instead of
the service list.
|
|
When a new session is created we need to get the initial list
of services which match the session AllowedBearers criteria. As soon
the session is running add or removed services are tracked via the
notifier interface.
We concluded that exposing all the services is not really necessary
and therefore we are using currently two callbacks to get the initial
list. That exposes implementation details from session to service, that
is GSequence. We also need to expose the type 'struct service_entry'.
Instead doing so we are using an iterator and keep all the
implementation details in session.c.
|
|
tech_data is allocated on the stack and is therefore not initilized
with NULL.
|
|
|
|
A basic type was always read independent of the argument type which
on some systems lead to a crash and on others only to a warning
printout.
|
|
To keep it more logical, rename the unsigned variable in the code.
|
|
When adding VPN monitoring capabilities, also clean up the monitor code.
|
|
Show a list of VPN connections known to the VPN daemon.
Also allow D-Bus path names to start with numbers, as it is fine with
the D-Bus library to define such path names. Fix up help command
pretty-printing as the VPN command is slightly longer.
|
|
Add helper function for printing VPN connections. Show also configuration
and failure states using 'C' and 'F' as configuration might take some
time and failure conveys practical information to the user.
|
|
|
|
|
|
Register an empty Release callback so that the message will be sent.
|
|
|
|
|
|
Use the UID as identification.
|
|
For SELinux we need to store the complete context for iptables
to work.
|
|
The session core needs to the know which kind of session
identification method has been selected in the plugin in order
to use the right iptables rules etc.
|
|
When the session core ask to create a configuration, then we
first ask the D-Bus server which UID/GID the session belongs to.
If possible we also ask for the SELinux context. Then we try
to figure out which file containts the configuration for
SElinux, UID or GID identification.
The order of matching preference is SELinux, UID and finally GID.
|
|
Use struct policy_data instead of struct create_data.
|
|
The old assumption was that a config file is associtated
with one session only. With introducing UID/GID support a policy
might be used for several sessions. Furthermore, it was assumed
that the file name is the key/ident to identify a session and
a file containts exactly one policy.
Here are the new rules for writing a policy file.
- A valid file name contains letters or numbers and must have a '.policy'
suffix.
- The file name has not semantical meaning
- A policy file may contain contain more than 1 policy
- Each policy entry starts with 'policy_'
- Each policy entry shall have one and exactly one valid key (e.g.
selinux)
The implementation has two main hash tables, file_hash and session_hash
which owns 'the file' respectively the session config. Additionally there
is a hash table which connects a policy with a session (selinux_hash).
|
|
|
|
The update flag can be removed as it is no longer needed.
|
|
g_strplit() will eventually strdup the tokens so no need to
strdup() 'context'. But we an ugly cast (from 'const unsigned char *'
to 'const char *') is needed for g_strsplit() to make the compiler happy.
|
|
Let's remove the small allocations error path because glib will
abort on memory exhausting anyway. Basically we remove dead code.
|
|
When removing the entry clear all references towards it.
|
|
Remember which session this struct service_entry belongs to when
removing the entries again.
|
|
|
