2008-04-25 Dan Williams <dcbw@redhat.com>

Patch from Benoit Boissinot <bboissin+networkmanager@gmail.com>

	* src/NetworkManagerSystem.c
		- (validate_ip4_route): remove; use nl_addr_parse() instead
		- (nm_system_device_add_ip4_route_via_device_with_iface): new function,
			replace nm_system_device_add_route_via_device_with_iface() in the
			backends

	* src/backends/NetworkManagerArch.c
	  src/backends/NetworkManagerDebian.c
	  src/backends/NetworkManagerFrugalware.c
	  src/backends/NetworkManagerGeneric.c
	  src/backends/NetworkManagerGeneric.h
	  src/backends/NetworkManagerGentoo.c
	  src/backends/NetworkManagerMandriva.c
	  src/backends/NetworkManagerPaldo.c
	  src/backends/NetworkManagerRedHat.c
	  src/backends/NetworkManagerSlackware.c
	  src/backends/NetworkManagerSuSE.c
		- Remove nm_system_device_add_route_via_device_with_iface()



git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3596 4912f4e0-d625-0410-9fb7-b9a5a253dbdc

ChangeLog

@@ -1,3 +1,26 @@
+2008-04-25  Dan Williams  <dcbw@redhat.com>
+
+	Patch from Benoit Boissinot <bboissin+networkmanager@gmail.com>
+
+	* src/NetworkManagerSystem.c
+		- (validate_ip4_route): remove; use nl_addr_parse() instead
+		- (nm_system_device_add_ip4_route_via_device_with_iface): new function,
+			replace nm_system_device_add_route_via_device_with_iface() in the
+			backends
+
+	* src/backends/NetworkManagerArch.c
+	  src/backends/NetworkManagerDebian.c
+	  src/backends/NetworkManagerFrugalware.c
+	  src/backends/NetworkManagerGeneric.c
+	  src/backends/NetworkManagerGeneric.h
+	  src/backends/NetworkManagerGentoo.c
+	  src/backends/NetworkManagerMandriva.c
+	  src/backends/NetworkManagerPaldo.c
+	  src/backends/NetworkManagerRedHat.c
+	  src/backends/NetworkManagerSlackware.c
+	  src/backends/NetworkManagerSuSE.c
+		- Remove nm_system_device_add_route_via_device_with_iface()
+
 2008-04-25  Dan Williams  <dcbw@redhat.com>
 
 	* system-settings/plugins/ifcfg-fedora/parser.c

src/NetworkManagerSystem.c

@@ -52,7 +52,11 @@
 #include "nm-utils.h"
 #include "nm-netlink.h"
 
+/* Because of a bug in libnl, rtnl.h should be included before route.h */
+#include <netlink/route/rtnl.h>
+
 #include <netlink/route/addr.h>
+#include <netlink/route/route.h>
 #include <netlink/netlink.h>
 #include <netlink/utils.h>
 #include <netlink/route/link.h>
@@ -284,83 +288,6 @@ out:
 	return success;
 }
 
-
-/*
- * validate_ip4_route
- *
- * Ensure that IP4 routes are in the correct format
- *
- */
-static char *validate_ip4_route (const char *route)
-{
-	char *		ret = NULL;
-	char *		temp = NULL;
-	int			slash_pos = -1;
-	char *		p = NULL;
-	int			len, i;
-	int			dot_count = 0;
-	gboolean		have_slash = FALSE;
-	struct in_addr	addr;
-
-	g_return_val_if_fail (route != NULL, NULL);
-
-	len = strlen (route);
-	/* Minimum length, ie 1.1.1.1/8 */
-	if (len < 9)
-		return NULL;
-
-	for (i = 0; i < len; i++)
-	{
-		/* Ensure there is only one slash */
-		if (route[i] == '/')
-		{
-			if (have_slash)
-				goto out;
-
-			have_slash = TRUE;
-			slash_pos = i;
-			continue;
-		}
-
-		if (route[i] == '.')
-		{
-			if (dot_count >= 4)
-				goto out;
-
-			dot_count++;
-			continue;
-		}
-
-		if (!isdigit (route[i]))
-			goto out;
-	}
-
-	/* Make sure there is at least one slash and 3 dots */
-	if (!have_slash || !slash_pos || (dot_count != 3))
-		goto out;
-
-	/* Valid IP address part */
-	temp = g_strdup (route);
-	temp[slash_pos] = '\0';
-	memset (&addr, 0, sizeof (struct in_addr));
-	if (inet_aton (temp, &addr) == 0)
-		goto out;
-
-	/* Ensure the network # is valid */
-	p = temp + slash_pos + 1;
-	i = (int) strtol (p, NULL, 10);
-	if ((i < 0) || (i > 32))
-		goto out;
-
-	/* Success! */
-	ret = g_strdup (route);
-
-out:
-	g_free (temp);
-	return ret;
-}
-
-
 /*
  * nm_system_vpn_device_set_from_ip4_config
  *
@@ -424,22 +351,8 @@ nm_system_vpn_device_set_from_ip4_config (NMDevice *active_device,
 	} else {
 		GSList *iter;
 
-		for (iter = routes; iter; iter = iter->next) {
+		for (iter = routes; iter; iter = iter->next)
-			char *valid_ip4_route;
+			nm_system_device_add_ip4_route_via_device_with_iface (iface, (char *) iter->data);
-
-			/* Make sure the route is valid, otherwise it's a security risk as the route
-			 * text is simply taken from the user, and passed directly to system().  If
-			 * we did not check the route, think of:
-			 *
-			 *     system("/sbin/ip route add `rm -rf /` dev eth0")
-			 *
-			 * where `rm -rf /` was the route text.  As UID 0 (root), we have to be careful.
-			 */
-			if ((valid_ip4_route = validate_ip4_route ((char *) iter->data))) {
-				nm_system_device_add_route_via_device_with_iface (iface, valid_ip4_route);
-				g_free (valid_ip4_route);
-			}
-		}
 	}
 
 out:
@@ -553,5 +466,40 @@ nm_system_device_set_mtu (const char *iface, guint32 mtu)
 	return success;
 }
 
+/*
+ * nm_system_device_add_ip4_route_via_device_with_iface
+ *
+ * Add route to the given device
+ *
+ */
+void nm_system_device_add_ip4_route_via_device_with_iface (const char *iface, const char *addr)
+{
+	struct rtnl_route *route;
+	struct nl_handle *nlh;
+	struct nl_addr *dst;
+	int iface_idx, err;
 
+	nlh = nm_netlink_get_default_handle ();
+	g_return_if_fail (nlh != NULL);
+
+	route = rtnl_route_alloc ();
+	g_return_if_fail (route != NULL);
+
+	iface_idx = nm_netlink_iface_to_index (iface);
+	if (iface_idx < 0)
+		goto out;
+	rtnl_route_set_oif (route, iface_idx);
+
+	if (!(dst = nl_addr_parse (addr, AF_INET)))
+		goto out;
+	rtnl_route_set_dst (route, dst);
+	nl_addr_put (dst);
+
+	err = rtnl_route_add (nlh, route, 0);
+	if (err)
+		nm_warning ("rtnl_route_add() returned error %s (%d)", strerror (err), err);
+
+out:
+	rtnl_route_put (route);
+}
 

src/NetworkManagerSystem.h

@@ -42,7 +42,7 @@ void			nm_system_device_replace_default_route      (const char *iface,
                                                              guint32 gw,
                                                              guint32 mss);
 
-void			nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route);
+void			nm_system_device_add_ip4_route_via_device_with_iface (const char *iface, const char *route);
 
 void			nm_system_device_flush_ip4_addresses			(NMDevice *dev);
 void			nm_system_device_flush_ip4_addresses_with_iface	(const char *iface);

src/backends/NetworkManagerArch.c

@@ -81,18 +81,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_flush_ip4_addresses
  *

src/backends/NetworkManagerDebian.c

@@ -70,18 +70,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_flush_ip4_addresses
  *

src/backends/NetworkManagerFrugalware.c

@@ -178,25 +178,6 @@ void nm_system_restart_mdns_responder (void)
 	}
 }
 
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	char	*buf;
-
-	g_return_if_fail (iface != NULL);
-
-	/* Add default gateway */
-	buf = g_strdup_printf ("/usr/sbin/ip route add %s dev %s", route, iface);
-	nm_spawn_process (buf);
-	g_free (buf);
-}
-
-
 /*
  * nm_system_device_replace_default_route
  *

src/backends/NetworkManagerGeneric.c

@@ -84,25 +84,6 @@ nm_generic_device_replace_default_route (const char *iface, guint32 gw, guint32
 	g_free (buf);
 }
 
-/*
- * nm_generic_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_generic_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	char	*buf;
-
-	g_return_if_fail (iface != NULL);
-
-	/* Add default gateway */
-	buf = g_strdup_printf (IP_BINARY_PATH" route add %s dev %s", route, iface);
-	nm_spawn_process (buf);
-	g_free (buf);
-}
-
-
 /*
  * nm_generic_device_flush_ip4_addresses
  *

src/backends/NetworkManagerGeneric.h

@@ -41,8 +41,6 @@ void			nm_generic_device_flush_ip4_routes_with_iface	(const char *iface);
 
 void            nm_generic_device_replace_default_route (const char *iface, guint32 gw, guint32 mss);
 
-void			nm_generic_device_add_route_via_device_with_iface (const char *iface, const char *route);
-
 void			nm_generic_device_flush_ip4_addresses			(NMDevice *dev);
 void			nm_generic_device_flush_ip4_addresses_with_iface	(const char *iface);
 

src/backends/NetworkManagerGentoo.c

@@ -124,18 +124,6 @@ void nm_system_device_flush_ip4_addresses_with_iface (const char *iface)
 	g_free (buf);
 #endif
 
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_enable_loopback
  *

src/backends/NetworkManagerMandriva.c

@@ -91,19 +91,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_has_active_routes
  *

src/backends/NetworkManagerPaldo.c

@@ -92,19 +92,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_has_active_routes
  *

src/backends/NetworkManagerRedHat.c

@@ -89,19 +89,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_has_active_routes
  *

src/backends/NetworkManagerSlackware.c

@@ -158,16 +158,6 @@ void nm_system_restart_mdns_responder (void)
 {
 }
 
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
 
 /*
  * nm_system_device_replace_default_route

src/backends/NetworkManagerSuSE.c

@@ -98,19 +98,6 @@ nm_system_device_replace_default_route (const char *iface,
 	nm_generic_device_replace_default_route (iface, gw, mss);
 }
 
-
-/*
- * nm_system_device_add_route_via_device_with_iface
- *
- * Add route to the given device
- *
- */
-void nm_system_device_add_route_via_device_with_iface (const char *iface, const char *route)
-{
-	nm_generic_device_add_route_via_device_with_iface (iface, route);
-}
-
-
 /*
  * nm_system_device_has_active_routes
  *