Age | Commit message (Collapse) | Author | Files | Lines |
|
If user has disabled dnsproxy with -r option, then fallback to
user specified nameservers instead of using the Google one.
|
|
The listener_table can be NULL if we have started connman with -r
option. Because we return < 0 value to caller in this case,
the caller, e.g. the tethering code, has a possibility to change
its functionality, e.g. the tethering code can fall back to some
other DNS servers.
|
|
If the user has enabled persistent tethering mode in main.conf, then
try to activate tethering when technology is re-enabled, or we are
returning from offline mode, or after the device has rebooted.
|
|
|
|
|
|
|
|
The __connman_technology_add_interface() needs to be called
after we have created the technology which is done by rtnl->newlink()
callback. If this is done the old way, the ethernet devices
will not get their interfaces set properly.
|
|
|
|
|
|
|
|
The UID is fetched via org.freedesktop.DBus.GetConnectionUnixUser D-Bus
method call.
|
|
The helper struct will be used by a new dbus function which uses
a different callback signature. Therefore, we need to use a
void pointer for storing the callback.
|
|
Do not handle the small alloc failures because glib will abort
when memory is tight anyway.
|
|
Streamline the callback typedefs with the rest of the code.
|
|
Match all is expressed via CONNMAN_SERVICE_TYPE_UNKNOWN. An empty
list means no match.
|
|
Make sure we never try to cleanup when the hash table has
been destroyed. In this case all resources have been
freed already.
|
|
By calling __connman_session_cleanup() before __connman_plugin_cleanup()
we make sure all resources allocated can released in the correct order.
The code assumes after an successful allocation, free will always work
and therefore we double free allocated memory.
|
|
This is related to fix d7d8f8bdb7c1ddae098893e10608fcb42034a9ff
We did not set the state to idle after disconnecting the
associating service.
Fixes BMC#25981
|
|
We must copy the response buffer before fixing the packet length.
Otherwise the packet length will go wrong if the request contained
EDNS0 data.
|
|
We were not handling client sent partial TCP messages correctly.
This meant that ConnMan would block if the client using TCP would
not send full DNS request.
When a new TCP client connects in tcp_listener_event(), a new
TCP channel is created to handle a partial client message if
all of the message is not already available. The partial TCP
message is patched together in tcp_client_event(). When all of
the TCP message has been received, the message is processed in
read_tcp_data(). The client has to send the DNS request within two
seconds before the connection is closed by ConnMan.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
We add IPv6 loopback address to resolv.conf if we have created
an IPv6 listening socket to port 53. Also remove ::1 from resolv.conf
when deleting the proxy.
|
|
Do not bind to ANY address so that other DNS server applications
can be used on the same host for interfaces that are not managed
by ConnMan. This means that we only create DNS listeners on loopback
and tethering interfaces.
|
|
The returned address is used when we need to have a listening
socket tied to specific interface and address, and do not want to
bind to any address.
|
|
If we receive nameservers from vpnd we must set them in provider.
The connman_provider_set_nameservers() function needs changes
because we get the nameservers as an array, it makes no sense to
convert the array to string and then back to array.
|
|
If we are trying to connect a service and there is another
service connecting, then we disconnect the pending service
and connect the new one.
Fixes BMC#25981
|
|
Highly inspired by:
https://git.kernel.org/cgit/linux/kernel/git/shemminger/bridge-utils.git/commit/?id=5eebb7f9288b7881ffb929b1fd494fe3ac3be27d
As Russel puts it in his commit message for bridge-utils:
Linux 3.8 has a header, include/uapi/linux/if_bridge.h that uses a
struct in6_addr but doesn't define it. The trivial seeming fix of
including the header that does define it causes more problems. The
problem was discussed on mailing lists in January 2013. The final
suggestion I found was here:
http://www.redhat.com/archives/libvir-list/2013-January/msg01253.html
This is intended to implement that suggestion.
This changeset transplants this trivial fix to connman.
|
|
We did not send the IP config changed signal during disconnect.
This can confuse the dbus signal listeners.
Fixes BMC#25989
|
|
If we are changing IPv4 config, then send only IPv4 changed signal
and not the IPv6 one. Same is done for IPv6 config when it changes.
|
|
If IPv4 address is missing then DHCPv4 is used. If IPv6 address is missing,
then SLAAC or DHCPv6 is used. This was specified in doc/config-format.txt
but implementation was missing.
We also allow the IP address to contain "off", "dhcp" or "auto" string,
so user can specify how the IP address can be set for the interface.
Fixes BMC#25985
|
|
Instead appending ConnMan iptables rules into the builtin chains
we append them into chains managed by ConnMan.
If a rule needs to be inserted into a bultin chain, ConnMan
will create a 'connman-' prefixed builtin chain name and appends
the user rules there. Then ConnMan will insert a unconditional jump
rule in the builtin chain.
Basically,
iptables -t filter -A INPUT -m mark --mark 1 -j LOG
will be translated to this:
iptables -t filter -N connman-INPUT
iptables -t filter -A connman-INPUT -m mark --mark 1 -j LOG
iptables -t filter -I INPUT -j connman-INPUT
When the last rule in a managed chain is removed, the managed
chain will also be removed.
|
|
The main idea behind this API is to collect several iptables rules
together and enable or disable in one go.
For this a context is created via __connman_firewall_create() and
the rules added to this context via __connman_firewall_add_rule().
In order to append all rules __connman_firewall_enable() has
to be called. To remove all rules associated with one context
__connman_firewall_disable() has to be used.
If something goes awry the code tries to get back to the initial
state.
|
|
ConnMan maintains its own chain per builtin chain. The managed
chain have a prefix 'connman-' and one rule in the corresponding
builtin chain which jumps uncoditional to the managed chain.
In case ConnMan crashed we need to cleanup first.
|
|
|
|
We will implement the ConnMan iptables specific part in a different
file and leave the iptables.c file as small as possible.
Therefore, we move the flushing part out, but we need a way to
find our chains on bootup (left over from a crash). Let's add an
interater which walks over all chains which allows a higher level
to find the chains it is looking for (e.g. connman-INPUT)
|
|
This was wrongly removed with commit 161efbae
|
|
Add a boolean helper to distinguish between insert and append operations.
When chain_head == chain_tail->prev, the builtin chain is empty which makes
an intended append operation equivalent to an insert operation.
|
|
If dnsproxy is not in use, like when connman has been started
with -r option, then the listener_table will be NULL which can
cause crash in hash table lookup call.
|
|
entry_head and entry_return are allocated via g_try_malloc0().
|
|
After removing one or more rules the builtin hooks need to be updated
accordingly. iptables_flush_chain() and iptables_delete_rule()
share a common code part.
|
|
The list pointer is invalid after remove_table_entry(). Since
we entering the 'if' body only for the first rule in a builtin
chain we can safely update list to point to the next element.
|
|
The second argument is not used anymore, let's remove it. The funciton
name doesn't really match to its implementation, so it's also time
to rename it.
|
|
We need to see a bit more in detail what happens when
CONNMAN_IPTABLES_DEBUG is not set, for example the removing/flushing
during bootup.
Also remove the DBG() from parse_rule_spec() because all callers
already have a DBG(). So not much additional information here.
|
|
pre_load_table() is called always with table == NULL, we end up
keep trying to load the kernel modules even though the table
is already loaded. Therefore, move the lookup one level up.
|
|
Streamline this file with the rest of ConnMan's code base.
|