Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I174854914d9fd06a813270b57d1f7bc2bac63c6a
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
|
|
Change-Id: I2958446c35966d9ed72df0120b80561be7d89f54
Signed-off-by: Taesub Kim <taesub.kim@samsung.com>
|
|
|
|
|
|
An empty passphrase means that WPS is to be tried next. If WPS is not
supported by the service, passphrase can not be left empty.
|
|
Instead of having a global agent_input struct, make the structure a
member of the agent_data structure that gets passed around when
handling the RequestInput method call.
With this modification agent_data is self-contained with all needed
information and the RequestInput handling code can be shared between
ConnMan and VPN agent implementations.
|
|
|
|
ConnMan and ConnMan VPN daemon both send only one Agent message at
a time. Since they are two different daemons, they can be sending
messages at the same time independent of each other.
Implement a check for an agent request from the other daemon being
already processed and if so store the message for later. When the
current agent request has been processed, check if there are
pending requests from the other daemon and re-run the pending
function.
In order to support arbitrary queueing, make all method call
implementations asynchronous.
|
|
Create a new agent data structure for the VPN Agent and add the needed
minor modifications to Release, Cancel and ReportError method calls in
order to get them working both for Agent and VPN Agent.
Create new register and unregister functions for the VPN Agent code.
|
|
Collect the agent variables into a data structure and update the agent
functionality to pass this data structure around as function callback
user data.
Update the agent mode input functionality to store both the callback
function and user data pointers. Notice that only only one input
callback can be handled at any one time due to the input handling itself
and the simple storing of callback and user data pointers.
|
|
Agent messages need to be handled in the agent code, ignore them when
they get captured in the monitor code.
|
|
The previous pretty-printing fix causes another change to be
made for DBUS_TYPE_UINT16.
|
|
OPTION_DOMAIN_LIST(24) was not sent to server.
|
|
Existing tests did not test this scenario:
* new address is registered to 192.168.0.2
* new address is registered to 192.168.1.2
* ippool is created to 192.168.2.1 (no collision)
* ippool is created to 192.168.3.1 (no collision)
* new address is registered to 192.168.3.1 (collision detected)
|
|
Existing tests did not test this scenario:
* new address is registered to 192.168.1.2
* ippool is created to 192.168.0.1 (no collision)
* ippool is created to 192.168.2.1 (there is a collision and the
code should skip the 192.168.1.1 range)
|
|
Without this the unit tests might core dump as the allocated_block
pointer would point to already freed memory.
|
|
Fixes BMC#25993
|
|
Fixes BMC#26019
|
|
If all the technologies were powered off, then offline mode could
not be disabled.
Fixes BMC#26018
|
|
|
|
The hash table is now the owner of the service entry instead of the
service list.
|
|
The hash table is now the owner of the service entry instead of
the service list.
|
|
When a new session is created we need to get the initial list
of services which match the session AllowedBearers criteria. As soon
the session is running add or removed services are tracked via the
notifier interface.
We concluded that exposing all the services is not really necessary
and therefore we are using currently two callbacks to get the initial
list. That exposes implementation details from session to service, that
is GSequence. We also need to expose the type 'struct service_entry'.
Instead doing so we are using an iterator and keep all the
implementation details in session.c.
|
|
tech_data is allocated on the stack and is therefore not initilized
with NULL.
|
|
|
|
A basic type was always read independent of the argument type which
on some systems lead to a crash and on others only to a warning
printout.
|
|
To keep it more logical, rename the unsigned variable in the code.
|
|
When adding VPN monitoring capabilities, also clean up the monitor code.
|
|
Show a list of VPN connections known to the VPN daemon.
Also allow D-Bus path names to start with numbers, as it is fine with
the D-Bus library to define such path names. Fix up help command
pretty-printing as the VPN command is slightly longer.
|
|
Add helper function for printing VPN connections. Show also configuration
and failure states using 'C' and 'F' as configuration might take some
time and failure conveys practical information to the user.
|
|
|
|
|
|
Register an empty Release callback so that the message will be sent.
|
|
|
|
|
|
Use the UID as identification.
|
|
For SELinux we need to store the complete context for iptables
to work.
|
|
The session core needs to the know which kind of session
identification method has been selected in the plugin in order
to use the right iptables rules etc.
|
|
When the session core ask to create a configuration, then we
first ask the D-Bus server which UID/GID the session belongs to.
If possible we also ask for the SELinux context. Then we try
to figure out which file containts the configuration for
SElinux, UID or GID identification.
The order of matching preference is SELinux, UID and finally GID.
|
|
Use struct policy_data instead of struct create_data.
|
|
The old assumption was that a config file is associtated
with one session only. With introducing UID/GID support a policy
might be used for several sessions. Furthermore, it was assumed
that the file name is the key/ident to identify a session and
a file containts exactly one policy.
Here are the new rules for writing a policy file.
- A valid file name contains letters or numbers and must have a '.policy'
suffix.
- The file name has not semantical meaning
- A policy file may contain contain more than 1 policy
- Each policy entry starts with 'policy_'
- Each policy entry shall have one and exactly one valid key (e.g.
selinux)
The implementation has two main hash tables, file_hash and session_hash
which owns 'the file' respectively the session config. Additionally there
is a hash table which connects a policy with a session (selinux_hash).
|
|
|
|
The update flag can be removed as it is no longer needed.
|
|
g_strplit() will eventually strdup the tokens so no need to
strdup() 'context'. But we an ugly cast (from 'const unsigned char *'
to 'const char *') is needed for g_strsplit() to make the compiler happy.
|
|
Let's remove the small allocations error path because glib will
abort on memory exhausting anyway. Basically we remove dead code.
|
|
When removing the entry clear all references towards it.
|
|
Remember which session this struct service_entry belongs to when
removing the entries again.
|
|
|
|
The current situation is that a failed timeserver name resolution
removes the timeserver immediately from the list of used timeservers
and failing to connect to the nameserver IP address removes the
timeserver after a 2 second delay. Currently no mechanism exists to
re-create the list of nameservers once the list has been exhausted or
the more preferred timeservers have been removed from it.
This implementation combats both problems where less used timeservers
further away end up being used despite a more optimal closer one
becoming available as well as the problem of exhausting the
nameserver list. This is done by periodially waking up and checking
the timeserver in use. If the timeserver in use is not the most
preferred one or the list of timeservers is empty, the timeserver
list is recreated and the timeserver polling procedure is restarted.
|
|
xtables_find_match() returns two different kind of pointers.
The first type is pointing to the function pointer table loaded
via dlopen(). The second type is a copy (via plain malloc) of the
first type. xtables_find_match() marks the copies/clones with
m == m->next. So we need to free the struct xtables_match which
point back to themself.
Also fix the issue that we didn't handle multple match instances
at the same time.
The memory leak is only visible when having more than one match
of a kind.
|