From ec9bff293b5612ad7c293656a0abcd73b6e1334c Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 08:26:25 +0200 Subject: [PATCH 01/11] settings/trivial: rename settings-connection's autoconnect functions Names like - nm_settings_connection_get_autoconnect_retries - nm_settings_connection_set_autoconnect_retries - nm_settings_connection_reset_autoconnect_retries are about the same thing, but they are cumbersome to grep because they share not a common prefix. Rename them from SUBJECT_VERB_OBJECT to SUBJECT_OBJECT_VERB, which sounds odd in English, but seems preferred to me. Now you can grep for "nm_settings_connection_autoconnect_retries_" to get all accessors of the retry count, or "nm_settings_connection_autoconnect_" to get all accessors related to autoconnect in general. --- src/devices/nm-device-ethernet.c | 6 ++-- src/devices/nm-device-macsec.c | 6 ++-- src/devices/wwan/nm-device-modem.c | 2 +- src/nm-policy.c | 44 +++++++++++++-------------- src/settings/nm-settings-connection.c | 26 ++++++++-------- src/settings/nm-settings-connection.h | 12 ++++---- 6 files changed, 48 insertions(+), 48 deletions(-) diff --git a/src/devices/nm-device-ethernet.c b/src/devices/nm-device-ethernet.c index 90a96cda20..ef7530212d 100644 --- a/src/devices/nm-device-ethernet.c +++ b/src/devices/nm-device-ethernet.c @@ -266,7 +266,7 @@ reset_8021x_autoconnect_retries (NMDevice *device) connection = nm_act_request_get_settings_connection (req); g_return_if_fail (connection); /* Reset autoconnect retries on success, failure, or when deactivating */ - nm_settings_connection_reset_autoconnect_retries (connection); + nm_settings_connection_autoconnect_retries_reset (connection); } } @@ -688,11 +688,11 @@ handle_auth_or_fail (NMDeviceEthernet *self, applied_connection = nm_act_request_get_applied_connection (req); settings_connection = nm_act_request_get_settings_connection (req); - tries_left = nm_settings_connection_get_autoconnect_retries (settings_connection); + tries_left = nm_settings_connection_autoconnect_retries_get (settings_connection); if (tries_left == 0) return NM_ACT_STAGE_RETURN_FAILURE; if (tries_left > 0) - nm_settings_connection_set_autoconnect_retries (settings_connection, tries_left - 1); + nm_settings_connection_autoconnect_retries_set (settings_connection, tries_left - 1); nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); diff --git a/src/devices/nm-device-macsec.c b/src/devices/nm-device-macsec.c index 5b573d327b..cda175e175 100644 --- a/src/devices/nm-device-macsec.c +++ b/src/devices/nm-device-macsec.c @@ -485,11 +485,11 @@ handle_auth_or_fail (NMDeviceMacsec *self, applied_connection = nm_act_request_get_applied_connection (req); settings_connection = nm_act_request_get_settings_connection (req); - tries_left = nm_settings_connection_get_autoconnect_retries (settings_connection); + tries_left = nm_settings_connection_autoconnect_retries_get (settings_connection); if (tries_left == 0) return NM_ACT_STAGE_RETURN_FAILURE; if (tries_left > 0) - nm_settings_connection_set_autoconnect_retries (settings_connection, tries_left - 1); + nm_settings_connection_autoconnect_retries_set (settings_connection, tries_left - 1); nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); @@ -748,7 +748,7 @@ reset_autoconnect_retries (NMDevice *device) connection = nm_act_request_get_settings_connection (req); g_return_if_fail (connection); /* Reset autoconnect retries on success, failure, or when deactivating */ - nm_settings_connection_reset_autoconnect_retries (connection); + nm_settings_connection_autoconnect_retries_reset (connection); } } diff --git a/src/devices/wwan/nm-device-modem.c b/src/devices/wwan/nm-device-modem.c index b3e1064fc4..7f2bb9389a 100644 --- a/src/devices/wwan/nm-device-modem.c +++ b/src/devices/wwan/nm-device-modem.c @@ -391,7 +391,7 @@ device_state_changed (NMDevice *device, * where a retry attempt would just fail again. */ if (connection) { - nm_settings_connection_set_autoconnect_blocked_reason (connection, + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); } break; diff --git a/src/nm-policy.c b/src/nm-policy.c index 44944a23cd..916f8b7884 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -1193,7 +1193,7 @@ pending_ac_state_changed (NMActiveConnection *ac, guint state, guint reason, NMP * loop. */ con = nm_active_connection_get_settings_connection (ac); - nm_settings_connection_set_autoconnect_blocked_reason (con, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); + nm_settings_connection_autoconnect_blocked_reason_set (con, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); schedule_activate_check (self, nm_active_connection_get_device (ac)); /* Cleanup */ @@ -1266,7 +1266,7 @@ auto_activate_device (NMPolicy *self, error->code, error->message); g_error_free (error); - nm_settings_connection_set_autoconnect_blocked_reason (best_connection, + nm_settings_connection_autoconnect_blocked_reason_set (best_connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); schedule_activate_check (self, device); return; @@ -1424,8 +1424,8 @@ reset_autoconnect_all (NMPolicy *self, NMDevice *device) NMSettingsConnection *connection = connections[i]; if (!device || nm_device_check_connection_compatible (device, NM_CONNECTION (connection))) { - nm_settings_connection_reset_autoconnect_retries (connection); - nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); + nm_settings_connection_autoconnect_retries_reset (connection); + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); } } } @@ -1443,9 +1443,9 @@ reset_autoconnect_for_failed_secrets (NMPolicy *self) for (i = 0; connections[i]; i++) { NMSettingsConnection *connection = connections[i]; - if (nm_settings_connection_get_autoconnect_blocked_reason (connection) == NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS) { - nm_settings_connection_reset_autoconnect_retries (connection); - nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); + if (nm_settings_connection_autoconnect_blocked_reason_get (connection) == NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS) { + nm_settings_connection_autoconnect_retries_reset (connection); + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); } } } @@ -1472,7 +1472,7 @@ block_autoconnect_for_device (NMPolicy *self, NMDevice *device) NMSettingsConnection *connection = connections[i]; if (nm_device_check_connection_compatible (device, NM_CONNECTION (connection))) { - nm_settings_connection_set_autoconnect_blocked_reason (connection, + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_USER_REQUEST); } } @@ -1556,12 +1556,12 @@ reset_connections_retries (gpointer user_data) for (i = 0; connections[i]; i++) { NMSettingsConnection *connection = connections[i]; - con_stamp = nm_settings_connection_get_autoconnect_retry_time (connection); + con_stamp = nm_settings_connection_autoconnect_blocked_until_get (connection); if (con_stamp == 0) continue; if (con_stamp <= now) { - nm_settings_connection_reset_autoconnect_retries (connection); + nm_settings_connection_autoconnect_retries_reset (connection); changed = TRUE; } else if (min_stamp == 0 || min_stamp > con_stamp) min_stamp = con_stamp; @@ -1631,12 +1631,12 @@ activate_slave_connections (NMPolicy *self, NMDevice *device) NMSettingsAutoconnectBlockedReason reason; if (!internal_activation) - nm_settings_connection_reset_autoconnect_retries (settings); + nm_settings_connection_autoconnect_retries_reset (settings); - reason = nm_settings_connection_get_autoconnect_blocked_reason (settings); + reason = nm_settings_connection_autoconnect_blocked_reason_get (settings); if (reason == NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED) { reason = NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE; - nm_settings_connection_set_autoconnect_blocked_reason (settings, reason); + nm_settings_connection_autoconnect_blocked_reason_set (settings, reason); } } } @@ -1744,29 +1744,29 @@ device_state_changed (NMDevice *device, && old_state <= NM_DEVICE_STATE_ACTIVATED) { int tries; - tries = nm_settings_connection_get_autoconnect_retries (connection); + tries = nm_settings_connection_autoconnect_retries_get (connection); if (nm_device_state_reason_check (reason) == NM_DEVICE_STATE_REASON_NO_SECRETS) { _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to no secrets", nm_settings_connection_get_id (connection)); - nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS); + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS); } else if (tries != 0) { if (tries > 0) { _LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; %d tries left", nm_settings_connection_get_id (connection), tries); - nm_settings_connection_set_autoconnect_retries (connection, --tries); + nm_settings_connection_autoconnect_retries_set (connection, --tries); } else { _LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; infinite tries left", nm_settings_connection_get_id (connection)); } } - if (nm_settings_connection_get_autoconnect_retries (connection) == 0) { + if (nm_settings_connection_autoconnect_retries_get (connection) == 0) { _LOGI (LOGD_DEVICE, "disabling autoconnect for connection '%s'.", nm_settings_connection_get_id (connection)); /* Schedule a handler to reset retries count */ if (!priv->reset_retries_id) { - gint32 retry_time = nm_settings_connection_get_autoconnect_retry_time (connection); + gint32 retry_time = nm_settings_connection_autoconnect_blocked_until_get (connection); g_warn_if_fail (retry_time != 0); priv->reset_retries_id = g_timeout_add_seconds (MAX (0, retry_time - nm_utils_get_monotonic_timestamp_s ()), reset_connections_retries, self); @@ -1778,7 +1778,7 @@ device_state_changed (NMDevice *device, case NM_DEVICE_STATE_ACTIVATED: if (connection) { /* Reset auto retries back to default since connection was successful */ - nm_settings_connection_reset_autoconnect_retries (connection); + nm_settings_connection_autoconnect_retries_reset (connection); /* And clear secrets so they will always be requested from the * settings service when the next connection is made. @@ -1817,7 +1817,7 @@ device_state_changed (NMDevice *device, /* The connection was deactivated, so block just this connection */ _LOGD (LOGD_DEVICE, "blocking autoconnect of connection '%s' by user request", nm_settings_connection_get_id (connection)); - nm_settings_connection_set_autoconnect_blocked_reason (connection, + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_USER_REQUEST); } } @@ -1856,7 +1856,7 @@ device_state_changed (NMDevice *device, case NM_DEVICE_STATE_IP_CONFIG: /* We must have secrets if we got here. */ if (connection) - nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); + nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE); break; case NM_DEVICE_STATE_SECONDARIES: if (connection) @@ -2309,7 +2309,7 @@ connection_updated (NMSettings *settings, nm_device_reapply_settings_immediately (device); /* Reset auto retries back to default since connection was updated */ - nm_settings_connection_reset_autoconnect_retries (connection); + nm_settings_connection_autoconnect_retries_reset (connection); } schedule_activate_all (self); diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 3a3f9ba151..746c8954da 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -109,7 +109,7 @@ typedef struct _NMSettingsConnectionPrivate { GHashTable *seen_bssids; /* Up-to-date BSSIDs that's been seen for the connection */ int autoconnect_retries; - gint32 autoconnect_retry_time; + gint32 autoconnect_blocked_until; char *filename; } NMSettingsConnectionPrivate; @@ -2532,7 +2532,7 @@ nm_settings_connection_read_and_fill_seen_bssids (NMSettingsConnection *self) } /** - * nm_settings_connection_get_autoconnect_retries: + * nm_settings_connection_autoconnect_retries_get: * @self: the settings connection * * Returns the number of autoconnect retries left. If the value is @@ -2540,7 +2540,7 @@ nm_settings_connection_read_and_fill_seen_bssids (NMSettingsConnection *self) * with the global default. */ int -nm_settings_connection_get_autoconnect_retries (NMSettingsConnection *self) +nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self) { NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); @@ -2577,7 +2577,7 @@ nm_settings_connection_get_autoconnect_retries (NMSettingsConnection *self) } void -nm_settings_connection_set_autoconnect_retries (NMSettingsConnection *self, +nm_settings_connection_autoconnect_retries_set (NMSettingsConnection *self, int retries) { NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); @@ -2589,31 +2589,31 @@ nm_settings_connection_set_autoconnect_retries (NMSettingsConnection *self, priv->autoconnect_retries = retries; } if (retries) - priv->autoconnect_retry_time = 0; + priv->autoconnect_blocked_until = 0; else - priv->autoconnect_retry_time = nm_utils_get_monotonic_timestamp_s () + AUTOCONNECT_RESET_RETRIES_TIMER; + priv->autoconnect_blocked_until = nm_utils_get_monotonic_timestamp_s () + AUTOCONNECT_RESET_RETRIES_TIMER; } void -nm_settings_connection_reset_autoconnect_retries (NMSettingsConnection *self) +nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self) { - nm_settings_connection_set_autoconnect_retries (self, AUTOCONNECT_RETRIES_UNSET); + nm_settings_connection_autoconnect_retries_set (self, AUTOCONNECT_RETRIES_UNSET); } gint32 -nm_settings_connection_get_autoconnect_retry_time (NMSettingsConnection *self) +nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self) { - return NM_SETTINGS_CONNECTION_GET_PRIVATE (self)->autoconnect_retry_time; + return NM_SETTINGS_CONNECTION_GET_PRIVATE (self)->autoconnect_blocked_until; } NMSettingsAutoconnectBlockedReason -nm_settings_connection_get_autoconnect_blocked_reason (NMSettingsConnection *self) +nm_settings_connection_autoconnect_blocked_reason_get (NMSettingsConnection *self) { return NM_SETTINGS_CONNECTION_GET_PRIVATE (self)->autoconnect_blocked_reason; } void -nm_settings_connection_set_autoconnect_blocked_reason (NMSettingsConnection *self, +nm_settings_connection_autoconnect_blocked_reason_set (NMSettingsConnection *self, NMSettingsAutoconnectBlockedReason reason) { g_return_if_fail (NM_IN_SET (reason, @@ -2632,7 +2632,7 @@ nm_settings_connection_can_autoconnect (NMSettingsConnection *self) const char *permission; if ( !priv->visible - || nm_settings_connection_get_autoconnect_retries (self) == 0 + || nm_settings_connection_autoconnect_retries_get (self) == 0 || priv->autoconnect_blocked_reason != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) return FALSE; diff --git a/src/settings/nm-settings-connection.h b/src/settings/nm-settings-connection.h index 67b3d9b92f..a983bddd3d 100644 --- a/src/settings/nm-settings-connection.h +++ b/src/settings/nm-settings-connection.h @@ -213,15 +213,15 @@ void nm_settings_connection_add_seen_bssid (NMSettingsConnection *self, void nm_settings_connection_read_and_fill_seen_bssids (NMSettingsConnection *self); -int nm_settings_connection_get_autoconnect_retries (NMSettingsConnection *self); -void nm_settings_connection_set_autoconnect_retries (NMSettingsConnection *self, +int nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self); +void nm_settings_connection_autoconnect_retries_set (NMSettingsConnection *self, int retries); -void nm_settings_connection_reset_autoconnect_retries (NMSettingsConnection *self); +void nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self); -gint32 nm_settings_connection_get_autoconnect_retry_time (NMSettingsConnection *self); +gint32 nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self); -NMSettingsAutoconnectBlockedReason nm_settings_connection_get_autoconnect_blocked_reason (NMSettingsConnection *self); -void nm_settings_connection_set_autoconnect_blocked_reason (NMSettingsConnection *self, +NMSettingsAutoconnectBlockedReason nm_settings_connection_autoconnect_blocked_reason_get (NMSettingsConnection *self); +void nm_settings_connection_autoconnect_blocked_reason_set (NMSettingsConnection *self, NMSettingsAutoconnectBlockedReason reason); gboolean nm_settings_connection_can_autoconnect (NMSettingsConnection *self); From 262159be0084d444103bcbb61e02d4b0d0f6c10b Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 08:44:46 +0200 Subject: [PATCH 02/11] config: add nm_config_data_get_value_int64() util --- src/nm-config-data.c | 24 +++++++++++++++++++++++- src/nm-config-data.h | 1 + 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/src/nm-config-data.c b/src/nm-config-data.c index 2487b6aa62..4898510210 100644 --- a/src/nm-config-data.c +++ b/src/nm-config-data.c @@ -211,7 +211,7 @@ nm_config_data_get_value_boolean (const NMConfigData *self, const char *group, c g_return_val_if_fail (key && *key, default_value); /* when parsing the boolean, base it on the raw value from g_key_file_get_value(). */ - str = g_key_file_get_value (NM_CONFIG_DATA_GET_PRIVATE (self)->keyfile, group, key, NULL); + str = nm_config_keyfile_get_value (NM_CONFIG_DATA_GET_PRIVATE (self)->keyfile, group, key, NM_CONFIG_GET_VALUE_RAW); if (str) { value = nm_config_parse_boolean (str, default_value); g_free (str); @@ -219,6 +219,28 @@ nm_config_data_get_value_boolean (const NMConfigData *self, const char *group, c return value; } +gint64 +nm_config_data_get_value_int64 (const NMConfigData *self, const char *group, const char *key, guint base, gint64 min, gint64 max, gint64 fallback) +{ + int errsv; + gint64 val; + char *str; + + g_return_val_if_fail (NM_IS_CONFIG_DATA (self), fallback); + g_return_val_if_fail (group && *group, fallback); + g_return_val_if_fail (key && *key, fallback); + + str = nm_config_keyfile_get_value (NM_CONFIG_DATA_GET_PRIVATE (self)->keyfile, group, key, NM_CONFIG_GET_VALUE_NONE); + val = _nm_utils_ascii_str_to_int64 (str, base, min, max, fallback); + if (str) { + /* preserve errno from the parsing. */ + errsv = errno; + g_free (str); + errno = errsv; + } + return val; +} + char ** nm_config_data_get_plugins (const NMConfigData *self, gboolean allow_default) { diff --git a/src/nm-config-data.h b/src/nm-config-data.h index 1e1059be60..844eb9526b 100644 --- a/src/nm-config-data.h +++ b/src/nm-config-data.h @@ -158,6 +158,7 @@ gboolean nm_config_data_has_value (const NMConfigData *self, const char *group, char *nm_config_data_get_value (const NMConfigData *config_data, const char *group, const char *key, NMConfigGetValueFlags flags); const char *nm_config_data_get_value_cached (const NMConfigData *config_data, const char *group, const char *key, NMConfigGetValueFlags flags); gint nm_config_data_get_value_boolean (const NMConfigData *self, const char *group, const char *key, gint default_value); +gint64 nm_config_data_get_value_int64 (const NMConfigData *self, const char *group, const char *key, guint base, gint64 min, gint64 max, gint64 fallback); char **nm_config_data_get_plugins (const NMConfigData *config_data, gboolean allow_default); gboolean nm_config_data_get_connectivity_enabled (const NMConfigData *config_data); From 447dc874ce8c8a9f6669d73f655de17fe05365d4 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 08:35:42 +0200 Subject: [PATCH 03/11] config: remove nm_config_data_get_value_cached() It has almost no callers, and it is a bit of a strange API. Let's not cache the last accessed value inside NMConfigData. Instead, free it right after use. It was not reused anyway, it only hangs around as convenience for the caller. --- src/main.c | 14 +++++++++----- src/nm-config-data.c | 21 --------------------- src/nm-config-data.h | 1 - src/nm-manager.c | 21 +++++++++++---------- src/settings/nm-settings-connection.c | 14 +++++--------- 5 files changed, 25 insertions(+), 46 deletions(-) diff --git a/src/main.c b/src/main.c index c20928db11..d59da0522a 100644 --- a/src/main.c +++ b/src/main.c @@ -357,11 +357,15 @@ main (int argc, char *argv[]) /* Set up unix signal handling - before creating threads, but after daemonizing! */ nm_main_utils_setup_signals (main_loop); - nm_logging_syslog_openlog (nm_config_data_get_value_cached (NM_CONFIG_GET_DATA_ORIG, - NM_CONFIG_KEYFILE_GROUP_LOGGING, - NM_CONFIG_KEYFILE_KEY_LOGGING_BACKEND, - NM_CONFIG_GET_VALUE_STRIP | NM_CONFIG_GET_VALUE_NO_EMPTY), - nm_config_get_is_debug (config)); + { + gs_free char *v = NULL; + + v = nm_config_data_get_value (NM_CONFIG_GET_DATA_ORIG, + NM_CONFIG_KEYFILE_GROUP_LOGGING, + NM_CONFIG_KEYFILE_KEY_LOGGING_BACKEND, + NM_CONFIG_GET_VALUE_STRIP | NM_CONFIG_GET_VALUE_NO_EMPTY); + nm_logging_syslog_openlog (v, nm_config_get_is_debug (config)); + } nm_log_info (LOGD_CORE, "NetworkManager (version " NM_DIST_VERSION ") is starting... (%s)", nm_config_get_first_start (config) ? "for the first time" : "after a restart"); diff --git a/src/nm-config-data.c b/src/nm-config-data.c index 4898510210..5b06e00a16 100644 --- a/src/nm-config-data.c +++ b/src/nm-config-data.c @@ -108,9 +108,6 @@ typedef struct { char *rc_manager; NMGlobalDnsConfig *global_dns; - - /* mutable field */ - char *value_cached; } NMConfigDataPrivate; struct _NMConfigData { @@ -171,22 +168,6 @@ nm_config_data_get_value (const NMConfigData *self, const char *group, const cha return nm_config_keyfile_get_value (NM_CONFIG_DATA_GET_PRIVATE (self)->keyfile, group, key, flags); } -const char *nm_config_data_get_value_cached (const NMConfigData *self, const char *group, const char *key, NMConfigGetValueFlags flags) -{ - const NMConfigDataPrivate *priv; - - g_return_val_if_fail (NM_IS_CONFIG_DATA (self), NULL); - g_return_val_if_fail (group && *group, NULL); - g_return_val_if_fail (key && *key, NULL); - - priv = NM_CONFIG_DATA_GET_PRIVATE (self); - - /* we modify @value_cached. In C++ jargon, the field is mutable. */ - g_free (((NMConfigDataPrivate *) priv)->value_cached); - ((NMConfigDataPrivate *) priv)->value_cached = nm_config_keyfile_get_value (priv->keyfile, group, key, flags); - return priv->value_cached; -} - gboolean nm_config_data_has_value (const NMConfigData *self, const char *group, const char *key, NMConfigGetValueFlags flags) { @@ -1658,8 +1639,6 @@ finalize (GObject *gobject) g_key_file_unref (priv->keyfile_intern); G_OBJECT_CLASS (nm_config_data_parent_class)->finalize (gobject); - - g_free (priv->value_cached); } static void diff --git a/src/nm-config-data.h b/src/nm-config-data.h index 844eb9526b..3efe4259d5 100644 --- a/src/nm-config-data.h +++ b/src/nm-config-data.h @@ -156,7 +156,6 @@ const char *nm_config_data_get_config_description (const NMConfigData *config_da gboolean nm_config_data_has_group (const NMConfigData *self, const char *group); gboolean nm_config_data_has_value (const NMConfigData *self, const char *group, const char *key, NMConfigGetValueFlags flags); char *nm_config_data_get_value (const NMConfigData *config_data, const char *group, const char *key, NMConfigGetValueFlags flags); -const char *nm_config_data_get_value_cached (const NMConfigData *config_data, const char *group, const char *key, NMConfigGetValueFlags flags); gint nm_config_data_get_value_boolean (const NMConfigData *self, const char *group, const char *key, gint default_value); gint64 nm_config_data_get_value_int64 (const NMConfigData *self, const char *group, const char *key, guint base, gint64 min, gint64 max, gint64 fallback); diff --git a/src/nm-manager.c b/src/nm-manager.c index be64a868ba..3b2b4861e9 100644 --- a/src/nm-manager.c +++ b/src/nm-manager.c @@ -2548,13 +2548,13 @@ platform_query_devices (NMManager *self) gs_unref_ptrarray GPtrArray *links = NULL; int i; gboolean guess_assume; - const char *order; + gs_free char *order = NULL; guess_assume = nm_config_get_first_start (nm_config_get ()); - order = nm_config_data_get_value_cached (NM_CONFIG_GET_DATA, - NM_CONFIG_KEYFILE_GROUP_MAIN, - NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER, - NM_CONFIG_GET_VALUE_STRIP); + order = nm_config_data_get_value (NM_CONFIG_GET_DATA, + NM_CONFIG_KEYFILE_GROUP_MAIN, + NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER, + NM_CONFIG_GET_VALUE_STRIP); links = nm_platform_link_get_all (priv->platform, !nm_streq0 (order, "index")); if (!links) return; @@ -3139,14 +3139,15 @@ autoconnect_slaves (NMManager *self, if (should_connect_slaves (NM_CONNECTION (master_connection), master_device)) { gs_free SlaveConnectionInfo *slaves = NULL; guint i, n_slaves = 0; - const char *value; slaves = find_slaves (self, master_connection, master_device, &n_slaves); if (n_slaves > 1) { - value = nm_config_data_get_value_cached (NM_CONFIG_GET_DATA, - NM_CONFIG_KEYFILE_GROUP_MAIN, - NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER, - NM_CONFIG_GET_VALUE_STRIP); + gs_free char *value = NULL; + + value = nm_config_data_get_value (NM_CONFIG_GET_DATA, + NM_CONFIG_KEYFILE_GROUP_MAIN, + NM_CONFIG_KEYFILE_KEY_MAIN_SLAVES_ORDER, + NM_CONFIG_GET_VALUE_STRIP); g_qsort_with_data (slaves, n_slaves, sizeof (slaves[0]), compare_slaves, GINT_TO_POINTER (!nm_streq0 (value, "index"))); diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 746c8954da..6f66394c12 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -2547,7 +2547,6 @@ nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self) if (G_UNLIKELY (priv->autoconnect_retries == AUTOCONNECT_RETRIES_UNSET)) { NMSettingConnection *s_con; int retries = -1; - const char *value; s_con = nm_connection_get_setting_connection ((NMConnection *) self); if (s_con) @@ -2555,14 +2554,11 @@ nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self) /* -1 means 'default' */ if (retries == -1) { - value = nm_config_data_get_value_cached (NM_CONFIG_GET_DATA, - NM_CONFIG_KEYFILE_GROUP_MAIN, - "autoconnect-retries-default", - NM_CONFIG_GET_VALUE_STRIP); - - retries = _nm_utils_ascii_str_to_int64 (value, - 10, 0, G_MAXINT32, - AUTOCONNECT_RETRIES_DEFAULT); + retries = nm_config_data_get_value_int64 (NM_CONFIG_GET_DATA, + NM_CONFIG_KEYFILE_GROUP_MAIN, + "autoconnect-retries-default", + 10, 0, G_MAXINT32, + AUTOCONNECT_RETRIES_DEFAULT); } /* 0 means 'forever', which is translated to a retry count of -1 */ From 361a199a0639dd8a82c61912df301028efca5f33 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 09:10:49 +0200 Subject: [PATCH 04/11] device: move resetting autoconnect retries from subtype to NMDevice --- src/devices/nm-device-ethernet.c | 20 ++------------------ src/devices/nm-device-macsec.c | 17 +---------------- src/devices/nm-device.c | 23 +++++++++++++++++++++++ src/devices/nm-device.h | 1 + src/settings/nm-settings-connection.c | 5 ++++- 5 files changed, 31 insertions(+), 35 deletions(-) diff --git a/src/devices/nm-device-ethernet.c b/src/devices/nm-device-ethernet.c index ef7530212d..8b9ae1d8ba 100644 --- a/src/devices/nm-device-ethernet.c +++ b/src/devices/nm-device-ethernet.c @@ -254,22 +254,6 @@ _update_s390_subchannels (NMDeviceEthernet *self) _notify (self, PROP_S390_SUBCHANNELS); } -static void -reset_8021x_autoconnect_retries (NMDevice *device) -{ - NMActRequest *req; - NMSettingsConnection *connection; - - req = nm_device_get_act_request (device); - if ( req - && nm_device_get_applied_setting (device, NM_TYPE_SETTING_802_1X)) { - connection = nm_act_request_get_settings_connection (req); - g_return_if_fail (connection); - /* Reset autoconnect retries on success, failure, or when deactivating */ - nm_settings_connection_autoconnect_retries_reset (connection); - } -} - static void device_state_changed (NMDevice *device, NMDeviceState new_state, @@ -283,7 +267,7 @@ device_state_changed (NMDevice *device, NM_DEVICE_STATE_ACTIVATED, NM_DEVICE_STATE_FAILED, NM_DEVICE_STATE_DISCONNECTED)) - reset_8021x_autoconnect_retries (device); + nm_device_autoconnect_retries_reset (device, NM_TYPE_SETTING_802_1X); } static void @@ -1356,7 +1340,7 @@ deactivate (NMDevice *device) GError *error = NULL; /* Clear wired secrets tries when deactivating */ - reset_8021x_autoconnect_retries (device); + nm_device_autoconnect_retries_reset (device, NM_TYPE_SETTING_802_1X); nm_clear_g_source (&priv->pppoe_wait_id); diff --git a/src/devices/nm-device-macsec.c b/src/devices/nm-device-macsec.c index cda175e175..e5df99bd39 100644 --- a/src/devices/nm-device-macsec.c +++ b/src/devices/nm-device-macsec.c @@ -737,21 +737,6 @@ link_changed (NMDevice *device, } -static void -reset_autoconnect_retries (NMDevice *device) -{ - NMActRequest *req; - NMSettingsConnection *connection; - - req = nm_device_get_act_request (device); - if (req) { - connection = nm_act_request_get_settings_connection (req); - g_return_if_fail (connection); - /* Reset autoconnect retries on success, failure, or when deactivating */ - nm_settings_connection_autoconnect_retries_reset (connection); - } -} - static void device_state_changed (NMDevice *device, NMDeviceState new_state, @@ -764,7 +749,7 @@ device_state_changed (NMDevice *device, if ( new_state == NM_DEVICE_STATE_ACTIVATED || new_state == NM_DEVICE_STATE_FAILED || new_state == NM_DEVICE_STATE_DISCONNECTED) - reset_autoconnect_retries (device); + nm_device_autoconnect_retries_reset (device, G_TYPE_NONE); } /******************************************************************/ diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c index fc6d216690..a6ad278e6d 100644 --- a/src/devices/nm-device.c +++ b/src/devices/nm-device.c @@ -4213,6 +4213,29 @@ nm_device_set_enabled (NMDevice *self, gboolean enabled) NM_DEVICE_GET_CLASS (self)->set_enabled (self, enabled); } +void +nm_device_autoconnect_retries_reset (NMDevice *device, GType required_applied_setting) +{ + NMActRequest *req; + NMSettingsConnection *connection; + + req = nm_device_get_act_request (device); + if (!req) + return; + + if ( !NM_IN_SET (required_applied_setting, G_TYPE_INVALID, G_TYPE_NONE) + && !nm_device_get_applied_setting (device, required_applied_setting)) { + /* if the setting doesn't have the required setting in the applied + * connection, we do nothing. */ + return; + } + + connection = nm_act_request_get_settings_connection (req); + + /* Reset autoconnect retries on success, failure, or when deactivating */ + nm_settings_connection_autoconnect_retries_reset (connection); +} + /** * nm_device_get_autoconnect: * @self: the #NMDevice diff --git a/src/devices/nm-device.h b/src/devices/nm-device.h index 921db8aa5e..aafa31d3af 100644 --- a/src/devices/nm-device.h +++ b/src/devices/nm-device.h @@ -663,6 +663,7 @@ gboolean nm_device_unrealize (NMDevice *device, void nm_device_update_from_platform_link (NMDevice *self, const NMPlatformLink *plink); +void nm_device_autoconnect_retries_reset (NMDevice *device, GType required_applied_setting); gboolean nm_device_get_autoconnect (NMDevice *device); void nm_device_set_autoconnect_intern (NMDevice *device, gboolean autoconnect); void nm_device_emit_recheck_auto_activate (NMDevice *device); diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 6f66394c12..a7b28792b2 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -2576,10 +2576,13 @@ void nm_settings_connection_autoconnect_retries_set (NMSettingsConnection *self, int retries) { - NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); + NMSettingsConnectionPrivate *priv; + g_return_if_fail (NM_IS_SETTINGS_CONNECTION (self)); nm_assert (retries == AUTOCONNECT_RETRIES_UNSET || retries >= 0); + priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); + if (priv->autoconnect_retries != retries) { _LOGT ("autoconnect-retries: set %d", retries); priv->autoconnect_retries = retries; From 18f2d272ba9e76ff93aac9983dd0590923aaf7d0 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 09:18:16 +0200 Subject: [PATCH 05/11] settings: add and use nm_settings_connection_autoconnect_retries_try_next() --- src/devices/nm-device-ethernet.c | 6 +----- src/devices/nm-device-macsec.c | 6 +----- src/settings/nm-settings-connection.c | 13 +++++++++++++ src/settings/nm-settings-connection.h | 1 + 4 files changed, 16 insertions(+), 10 deletions(-) diff --git a/src/devices/nm-device-ethernet.c b/src/devices/nm-device-ethernet.c index 8b9ae1d8ba..bb71cf6222 100644 --- a/src/devices/nm-device-ethernet.c +++ b/src/devices/nm-device-ethernet.c @@ -667,16 +667,12 @@ handle_auth_or_fail (NMDeviceEthernet *self, const char *setting_name; NMConnection *applied_connection; NMSettingsConnection *settings_connection; - int tries_left; applied_connection = nm_act_request_get_applied_connection (req); settings_connection = nm_act_request_get_settings_connection (req); - tries_left = nm_settings_connection_autoconnect_retries_get (settings_connection); - if (tries_left == 0) + if (!nm_settings_connection_autoconnect_retries_try_next (settings_connection)) return NM_ACT_STAGE_RETURN_FAILURE; - if (tries_left > 0) - nm_settings_connection_autoconnect_retries_set (settings_connection, tries_left - 1); nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); diff --git a/src/devices/nm-device-macsec.c b/src/devices/nm-device-macsec.c index e5df99bd39..bd081a9108 100644 --- a/src/devices/nm-device-macsec.c +++ b/src/devices/nm-device-macsec.c @@ -478,18 +478,14 @@ handle_auth_or_fail (NMDeviceMacsec *self, gboolean new_secrets) { const char *setting_name; - int tries_left; NMConnection *applied_connection; NMSettingsConnection *settings_connection; applied_connection = nm_act_request_get_applied_connection (req); settings_connection = nm_act_request_get_settings_connection (req); - tries_left = nm_settings_connection_autoconnect_retries_get (settings_connection); - if (tries_left == 0) + if (!nm_settings_connection_autoconnect_retries_try_next (settings_connection)) return NM_ACT_STAGE_RETURN_FAILURE; - if (tries_left > 0) - nm_settings_connection_autoconnect_retries_set (settings_connection, tries_left - 1); nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index a7b28792b2..4ed69e16a2 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -2599,6 +2599,19 @@ nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self) nm_settings_connection_autoconnect_retries_set (self, AUTOCONNECT_RETRIES_UNSET); } +gboolean +nm_settings_connection_autoconnect_retries_try_next (NMSettingsConnection *self) +{ + int tries; + + tries = nm_settings_connection_autoconnect_retries_get (self); + if (tries == 0) + return FALSE; + if (tries > 0) + nm_settings_connection_autoconnect_retries_set (self, tries - 1); + return TRUE; +} + gint32 nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self) { diff --git a/src/settings/nm-settings-connection.h b/src/settings/nm-settings-connection.h index a983bddd3d..69aa792305 100644 --- a/src/settings/nm-settings-connection.h +++ b/src/settings/nm-settings-connection.h @@ -217,6 +217,7 @@ int nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self); void nm_settings_connection_autoconnect_retries_set (NMSettingsConnection *self, int retries); void nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self); +gboolean nm_settings_connection_autoconnect_retries_try_next (NMSettingsConnection *self); gint32 nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self); From ef60cf890fa741ac6d2f21d58cbe5e6d5b32a923 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 09:34:35 +0200 Subject: [PATCH 06/11] docs: clearify documentation of connection.autoconnect-retries --- clients/common/settings-docs.c.in | 2 +- libnm-core/nm-setting-connection.c | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/clients/common/settings-docs.c.in b/clients/common/settings-docs.c.in index f85372d24b..5ea7ea4059 100644 --- a/clients/common/settings-docs.c.in +++ b/clients/common/settings-docs.c.in @@ -136,7 +136,7 @@ #define DESCRIBE_DOC_NM_SETTING_CDMA_USERNAME N_("The username used to authenticate with the network, if required. Many providers do not require a username, or accept any username. But if a username is required, it is specified here.") #define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT N_("Whether or not the connection should be automatically connected by NetworkManager when the resources for the connection are available. TRUE to automatically activate the connection, FALSE to require manual intervention to activate the connection.") #define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_PRIORITY N_("The autoconnect priority. If the connection is set to autoconnect, connections with higher priority will be preferred. Defaults to 0. The higher number means higher priority.") -#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_RETRIES N_("The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden). Setting this to 1 means to try activation once and never retry.") +#define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_RETRIES N_("The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden). Setting this to 1 means to try activation only once before blocking autoconnect. Note that after a timeout, NetworkManager will try to autoconnect again.") #define DESCRIBE_DOC_NM_SETTING_CONNECTION_AUTOCONNECT_SLAVES N_("Whether or not slaves of this connection should be automatically brought up when NetworkManager activates this connection. This only has a real effect for master connections. The permitted values are: 0: leave slave connections untouched, 1: activate all the slave connections with this connection, -1: default. If -1 (default) is set, global connection.autoconnect-slaves is read to determine the real value. If it is default as well, this fallbacks to 0.") #define DESCRIBE_DOC_NM_SETTING_CONNECTION_GATEWAY_PING_TIMEOUT N_("If greater than zero, delay success of IP addressing until either the timeout is reached, or an IP gateway replies to a ping.") #define DESCRIBE_DOC_NM_SETTING_CONNECTION_ID N_("A human readable unique identifier for the connection, like \"Work Wi-Fi\" or \"T-Mobile 3G\".") diff --git a/libnm-core/nm-setting-connection.c b/libnm-core/nm-setting-connection.c index 28d7a8f6b7..22b1f3891d 100644 --- a/libnm-core/nm-setting-connection.c +++ b/libnm-core/nm-setting-connection.c @@ -1665,7 +1665,9 @@ nm_setting_connection_class_init (NMSettingConnectionClass *setting_class) * * The number of times a connection should be tried when autoactivating before * giving up. Zero means forever, -1 means the global default (4 times if not - * overridden). Setting this to 1 means to try activation once and never retry. + * overridden). Setting this to 1 means to try activation only once before + * blocking autoconnect. Note that after a timeout, NetworkManager will try + * to autoconnect again. */ /* ---ifcfg-rh--- * property: autoconnect-retries From 89e518db5a332e1f6320005bc1ee2619f11ac34b Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 10:13:11 +0200 Subject: [PATCH 07/11] libnm,cli,ifcfg-rh: add NMSetting8021x:auth-retries property --- clients/common/nm-meta-setting-desc.c | 3 ++ clients/common/settings-docs.c.in | 1 + libnm-core/nm-setting-8021x.c | 52 +++++++++++++++++++ libnm-core/nm-setting-8021x.h | 3 ++ man/NetworkManager.conf.xml | 5 ++ .../plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 5 +- .../plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 12 ++--- 7 files changed, 74 insertions(+), 7 deletions(-) diff --git a/clients/common/nm-meta-setting-desc.c b/clients/common/nm-meta-setting-desc.c index 0231fe06ce..573bee7cb8 100644 --- a/clients/common/nm-meta-setting-desc.c +++ b/clients/common/nm-meta-setting-desc.c @@ -4691,6 +4691,9 @@ static const NMMetaPropertyInfo *const property_infos_802_1X[] = { PROPERTY_INFO_WITH_DESC (NM_SETTING_802_1X_AUTH_TIMEOUT, .property_type = &_pt_gobject_int, ), + PROPERTY_INFO_WITH_DESC (NM_SETTING_802_1X_AUTH_RETRIES, + .property_type = &_pt_gobject_int, + ), NULL }; diff --git a/clients/common/settings-docs.c.in b/clients/common/settings-docs.c.in index 5ea7ea4059..c56f0a8af7 100644 --- a/clients/common/settings-docs.c.in +++ b/clients/common/settings-docs.c.in @@ -43,6 +43,7 @@ #define DESCRIBE_DOC_NM_SETTING_WIRELESS_SECURITY_WPS_METHOD N_("Flags indicating which mode of WPS is to be used if any. There's little point in changing the default setting as NetworkManager will automatically determine whether it's feasible to start WPS enrollment from the Access Point capabilities. WPS can be disabled by setting this property to a value of 1.") #define DESCRIBE_DOC_NM_SETTING_802_1X_ALTSUBJECT_MATCHES N_("List of strings to be matched against the altSubjectName of the certificate presented by the authentication server. If the list is empty, no verification of the server certificate's altSubjectName is performed.") #define DESCRIBE_DOC_NM_SETTING_802_1X_ANONYMOUS_IDENTITY N_("Anonymous identity string for EAP authentication methods. Used as the unencrypted identity with EAP types that support different tunneled identity like EAP-TTLS.") +#define DESCRIBE_DOC_NM_SETTING_802_1X_AUTH_RETRIES N_("The number of retries for the authentication. Zero means to try indefinitely; -1 means to use a global default. If the global default is not set, the authentication retries for 3 times before failing the connection.") #define DESCRIBE_DOC_NM_SETTING_802_1X_AUTH_TIMEOUT N_("A timeout for the authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.") #define DESCRIBE_DOC_NM_SETTING_802_1X_CA_CERT N_("Contains the CA certificate if used by the EAP method specified in the \"eap\" property. Certificate data is specified using a \"scheme\"; two are currently supported: blob and path. When using the blob scheme (which is backwards compatible with NM 0.7.x) this property should be set to the certificate's DER encoded data. When using the path scheme, this property should be set to the full UTF-8 encoded path of the certificate, prefixed with the string \"file://\" and ending with a terminating NUL byte. This property can be unset even if the EAP method supports CA certificates, but this allows man-in-the-middle attacks and is NOT recommended.") #define DESCRIBE_DOC_NM_SETTING_802_1X_CA_CERT_PASSWORD N_("The password used to access the CA certificate stored in \"ca-cert\" property. Only makes sense if the certificate is stored on a PKCS#11 token that requires a login.") diff --git a/libnm-core/nm-setting-8021x.c b/libnm-core/nm-setting-8021x.c index 82dc41dd55..b9f37df8d7 100644 --- a/libnm-core/nm-setting-8021x.c +++ b/libnm-core/nm-setting-8021x.c @@ -116,6 +116,7 @@ typedef struct { NMSettingSecretFlags phase2_private_key_password_flags; gboolean system_ca_certs; gint auth_timeout; + gint auth_retries; } NMSetting8021xPrivate; enum { @@ -164,6 +165,7 @@ enum { PROP_PIN_FLAGS, PROP_SYSTEM_CA_CERTS, PROP_AUTH_TIMEOUT, + PROP_AUTH_RETRIES, LAST_PROP }; @@ -2745,6 +2747,25 @@ nm_setting_802_1x_get_auth_timeout (NMSetting8021x *setting) return NM_SETTING_802_1X_GET_PRIVATE (setting)->auth_timeout; } +/** + * nm_setting_802_1x_get_auth_retries: + * @setting: the #NMSetting8021x + * + * Returns the value contained in the #NMSetting8021x:auth-retries property. + * + * Returns: the configured authentication retries in seconds. Zero means + * infinity and -1 means a global default value. + * + * Since: 1.10 + **/ +gint +nm_setting_802_1x_get_auth_retries (NMSetting8021x *setting) +{ + g_return_val_if_fail (NM_IS_SETTING_802_1X (setting), -1); + + return NM_SETTING_802_1X_GET_PRIVATE (setting)->auth_retries; +} + static void need_secrets_password (NMSetting8021x *self, GPtrArray *secrets, @@ -3623,6 +3644,9 @@ set_property (GObject *object, guint prop_id, case PROP_AUTH_TIMEOUT: priv->auth_timeout = g_value_get_int (value); break; + case PROP_AUTH_RETRIES: + priv->auth_retries = g_value_get_int (value); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -3769,6 +3793,9 @@ get_property (GObject *object, guint prop_id, case PROP_AUTH_TIMEOUT: g_value_set_int (value, priv->auth_timeout); break; + case PROP_AUTH_RETRIES: + g_value_set_int (value, priv->auth_retries); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -4825,4 +4852,29 @@ nm_setting_802_1x_class_init (NMSetting8021xClass *setting_class) NM_SETTING_PARAM_FUZZY_IGNORE | G_PARAM_STATIC_STRINGS)); + /** + * NMSetting8021x:auth-retries: + * + * The number of retries for the authentication. Zero means to try indefinitely; -1 means + * to use a global default. If the global default is not set, the authentication + * retries for 3 times before failing the connection. + * + * Since: 1.10 + **/ + /* ---ifcfg-rh--- + * property: auth-retries + * variable: IEEE_8021X_AUTH_RETRIES(+) + * default: 0 + * description: Number of retries for the 802.1X authentication. + * ---end--- + */ + g_object_class_install_property + (object_class, PROP_AUTH_RETRIES, + g_param_spec_int (NM_SETTING_802_1X_AUTH_RETRIES, "", "", + -1, G_MAXINT32, -1, + G_PARAM_READWRITE | + G_PARAM_CONSTRUCT | + NM_SETTING_PARAM_FUZZY_IGNORE | + G_PARAM_STATIC_STRINGS)); + } diff --git a/libnm-core/nm-setting-8021x.h b/libnm-core/nm-setting-8021x.h index e1631e2d51..53f5bb5239 100644 --- a/libnm-core/nm-setting-8021x.h +++ b/libnm-core/nm-setting-8021x.h @@ -151,6 +151,7 @@ typedef enum { /*< underscore_name=nm_setting_802_1x_auth_flags >*/ #define NM_SETTING_802_1X_PIN_FLAGS "pin-flags" #define NM_SETTING_802_1X_SYSTEM_CA_CERTS "system-ca-certs" #define NM_SETTING_802_1X_AUTH_TIMEOUT "auth-timeout" +#define NM_SETTING_802_1X_AUTH_RETRIES "auth-retries" /* PRIVATE KEY NOTE: when setting PKCS#12 private keys directly via properties * using the "blob" scheme, the data must be passed in PKCS#12 binary format. @@ -361,6 +362,8 @@ NM_AVAILABLE_IN_1_8 NMSetting8021xAuthFlags nm_setting_802_1x_get_phase1_auth_flags (NMSetting8021x *setting); NM_AVAILABLE_IN_1_8 gint nm_setting_802_1x_get_auth_timeout (NMSetting8021x *setting); +NM_AVAILABLE_IN_1_10 +gint nm_setting_802_1x_get_auth_retries (NMSetting8021x *setting); G_END_DECLS diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml index 611c7d0798..357474eaf8 100644 --- a/man/NetworkManager.conf.xml +++ b/man/NetworkManager.conf.xml @@ -742,6 +742,11 @@ ipv6.ip6-privacy=0 If left unspecified, the default value "optional" will be used. + + 802-1x.auth-retries + If left unspecified, the default value is 3 tries before failing the connection. + + diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c index be7226533e..7b487f0f93 100644 --- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c +++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c @@ -3356,7 +3356,10 @@ next: g_object_set (s_8021x, NM_SETTING_802_1X_PHASE2_DOMAIN_SUFFIX_MATCH, v, NULL); timeout = svGetValueInt64 (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", 10, 0, G_MAXINT32, 0); - g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_TIMEOUT, (gint32) timeout, NULL); + g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_TIMEOUT, (gint) timeout, NULL); + + timeout = svGetValueInt64 (ifcfg, "IEEE_8021X_AUTH_RETRIES", 10, -1, G_MAXINT32, -1); + g_object_set (s_8021x, NM_SETTING_802_1X_AUTH_RETRIES, (gint) timeout, NULL); return g_steal_pointer (&s_8021x); } diff --git a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c index 61a04b6696..ea2e4af3e2 100644 --- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c +++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c @@ -409,8 +409,8 @@ write_8021x_setting (NMConnection *connection, GString *phase2_auth; GString *str; guint32 i, num; - gint timeout; gsize size; + int vint; s_8021x = nm_connection_get_setting_802_1x (connection); if (!s_8021x) { @@ -562,11 +562,11 @@ write_8021x_setting (NMConnection *connection, svSetValueStr (ifcfg, "IEEE_8021X_PHASE2_DOMAIN_SUFFIX_MATCH", nm_setting_802_1x_get_phase2_domain_suffix_match (s_8021x)); - timeout = nm_setting_802_1x_get_auth_timeout (s_8021x); - if (timeout > 0) - svSetValueInt64 (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", timeout); - else - svUnsetValue (ifcfg, "IEEE_8021X_AUTH_TIMEOUT"); + vint = nm_setting_802_1x_get_auth_timeout (s_8021x); + svSetValueInt64_cond (ifcfg, "IEEE_8021X_AUTH_TIMEOUT", vint > 0, vint); + + vint = nm_setting_802_1x_get_auth_retries (s_8021x); + svSetValueInt64_cond (ifcfg, "IEEE_8021X_AUTH_RETRIES", vint > 0, vint); if (!write_8021x_certs (s_8021x, secrets, blobs, FALSE, ifcfg, error)) return FALSE; From e62e52dfe11c2ae3d5074f92d83c3daa8f6aa114 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 24 Oct 2017 11:11:18 +0200 Subject: [PATCH 08/11] device: handle authentication retries using 802-1x.auth-retries setting Since commit 4a6fd0e83ec0d83547b1f3a1a916f85e9f450d8c (device: honor the connection.autoconnect-retries for 802.1X) and the related bug bgo#723084, we reuse the autoconnect-retries setting to control the retry count for requesting passwords. I think that is wrong. These are two different settings, we should not reuse the autoconnect retry counter while the device is still active. For example, the user might wish to set autoconnect-retries to infinity (zero). In that case, we would retry indefinitly to request a password. That could be problematic, if there is a different issue with the connection, that makes it appear tha the password is wrong. A full re-activation might succeed, but we would never stop retrying to authenticate. Instead, we should have two different settings for retrying to authenticate and to autoconnect. This is a change in behavior compared to 1.8. --- src/devices/nm-device-ethernet.c | 22 ++++++--- src/devices/nm-device-macsec.c | 27 +++++++---- src/devices/nm-device.c | 69 ++++++++++++++++++--------- src/devices/nm-device.h | 8 +++- src/settings/nm-settings-connection.c | 13 ----- src/settings/nm-settings-connection.h | 1 - 6 files changed, 86 insertions(+), 54 deletions(-) diff --git a/src/devices/nm-device-ethernet.c b/src/devices/nm-device-ethernet.c index bb71cf6222..672ae3cd52 100644 --- a/src/devices/nm-device-ethernet.c +++ b/src/devices/nm-device-ethernet.c @@ -115,6 +115,8 @@ typedef struct _NMDeviceEthernetPrivate { DcbWait dcb_wait; guint dcb_timeout_id; + int auth_retries; + bool dcb_handle_carrier_changes:1; } NMDeviceEthernetPrivate; @@ -260,14 +262,18 @@ device_state_changed (NMDevice *device, NMDeviceState old_state, NMDeviceStateReason reason) { + NMDeviceEthernetPrivate *priv; + if (new_state > NM_DEVICE_STATE_ACTIVATED) wired_secrets_cancel (NM_DEVICE_ETHERNET (device)); if (NM_IN_SET (new_state, NM_DEVICE_STATE_ACTIVATED, NM_DEVICE_STATE_FAILED, - NM_DEVICE_STATE_DISCONNECTED)) - nm_device_autoconnect_retries_reset (device, NM_TYPE_SETTING_802_1X); + NM_DEVICE_STATE_DISCONNECTED)) { + priv = NM_DEVICE_ETHERNET_GET_PRIVATE (NM_DEVICE_ETHERNET (device)); + priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET; + } } static void @@ -278,6 +284,7 @@ nm_device_ethernet_init (NMDeviceEthernet *self) priv = G_TYPE_INSTANCE_GET_PRIVATE (self, NM_TYPE_DEVICE_ETHERNET, NMDeviceEthernetPrivate); self->_priv = priv; + priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET; priv->s390_options = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_free); } @@ -664,20 +671,21 @@ handle_auth_or_fail (NMDeviceEthernet *self, NMActRequest *req, gboolean new_secrets) { + NMDeviceEthernetPrivate *priv; const char *setting_name; NMConnection *applied_connection; - NMSettingsConnection *settings_connection; - applied_connection = nm_act_request_get_applied_connection (req); - settings_connection = nm_act_request_get_settings_connection (req); + priv = NM_DEVICE_ETHERNET_GET_PRIVATE (self); - if (!nm_settings_connection_autoconnect_retries_try_next (settings_connection)) + if (!nm_device_802_1x_auth_retries_try_next (NM_DEVICE (self), + &priv->auth_retries)) return NM_ACT_STAGE_RETURN_FAILURE; nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); nm_active_connection_clear_secrets (NM_ACTIVE_CONNECTION (req)); + applied_connection = nm_act_request_get_applied_connection (req); setting_name = nm_connection_need_secrets (applied_connection, NULL); if (setting_name) { wired_secrets_get_secrets (self, setting_name, @@ -1336,7 +1344,7 @@ deactivate (NMDevice *device) GError *error = NULL; /* Clear wired secrets tries when deactivating */ - nm_device_autoconnect_retries_reset (device, NM_TYPE_SETTING_802_1X); + priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET; nm_clear_g_source (&priv->pppoe_wait_id); diff --git a/src/devices/nm-device-macsec.c b/src/devices/nm-device-macsec.c index bd081a9108..d8e2cc9dbb 100644 --- a/src/devices/nm-device-macsec.c +++ b/src/devices/nm-device-macsec.c @@ -72,6 +72,7 @@ typedef struct { Supplicant supplicant; guint supplicant_timeout_id; NMActRequestGetSecretsCallId macsec_secrets_id; + int auth_retries; } NMDeviceMacsecPrivate; struct _NMDeviceMacsec { @@ -477,20 +478,21 @@ handle_auth_or_fail (NMDeviceMacsec *self, NMActRequest *req, gboolean new_secrets) { + NMDeviceMacsecPrivate *priv; const char *setting_name; NMConnection *applied_connection; - NMSettingsConnection *settings_connection; - applied_connection = nm_act_request_get_applied_connection (req); - settings_connection = nm_act_request_get_settings_connection (req); + priv = NM_DEVICE_MACSEC_GET_PRIVATE (self); - if (!nm_settings_connection_autoconnect_retries_try_next (settings_connection)) + if (!nm_device_802_1x_auth_retries_try_next (NM_DEVICE (self), + &priv->auth_retries)) return NM_ACT_STAGE_RETURN_FAILURE; nm_device_state_changed (NM_DEVICE (self), NM_DEVICE_STATE_NEED_AUTH, NM_DEVICE_STATE_REASON_NONE); nm_active_connection_clear_secrets (NM_ACTIVE_CONNECTION (req)); + applied_connection = nm_act_request_get_applied_connection (req); setting_name = nm_connection_need_secrets (applied_connection, NULL); if (setting_name) { macsec_secrets_get_secrets (self, setting_name, @@ -739,13 +741,17 @@ device_state_changed (NMDevice *device, NMDeviceState old_state, NMDeviceStateReason reason) { + NMDeviceMacsecPrivate *priv; + if (new_state > NM_DEVICE_STATE_ACTIVATED) macsec_secrets_cancel (NM_DEVICE_MACSEC (device)); - if ( new_state == NM_DEVICE_STATE_ACTIVATED - || new_state == NM_DEVICE_STATE_FAILED - || new_state == NM_DEVICE_STATE_DISCONNECTED) - nm_device_autoconnect_retries_reset (device, G_TYPE_NONE); + if (NM_IN_SET (new_state, NM_DEVICE_STATE_ACTIVATED, + NM_DEVICE_STATE_FAILED, + NM_DEVICE_STATE_DISCONNECTED)) { + priv = NM_DEVICE_MACSEC_GET_PRIVATE (NM_DEVICE_MACSEC (device)); + priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET; + } } /******************************************************************/ @@ -802,8 +808,11 @@ get_property (GObject *object, guint prop_id, } static void -nm_device_macsec_init (NMDeviceMacsec * self) +nm_device_macsec_init (NMDeviceMacsec *self) { + NMDeviceMacsecPrivate *priv = NM_DEVICE_MACSEC_GET_PRIVATE (self); + + priv->auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_UNSET; } static void diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c index a6ad278e6d..36cfc9c9af 100644 --- a/src/devices/nm-device.c +++ b/src/devices/nm-device.c @@ -4213,29 +4213,6 @@ nm_device_set_enabled (NMDevice *self, gboolean enabled) NM_DEVICE_GET_CLASS (self)->set_enabled (self, enabled); } -void -nm_device_autoconnect_retries_reset (NMDevice *device, GType required_applied_setting) -{ - NMActRequest *req; - NMSettingsConnection *connection; - - req = nm_device_get_act_request (device); - if (!req) - return; - - if ( !NM_IN_SET (required_applied_setting, G_TYPE_INVALID, G_TYPE_NONE) - && !nm_device_get_applied_setting (device, required_applied_setting)) { - /* if the setting doesn't have the required setting in the applied - * connection, we do nothing. */ - return; - } - - connection = nm_act_request_get_settings_connection (req); - - /* Reset autoconnect retries on success, failure, or when deactivating */ - nm_settings_connection_autoconnect_retries_reset (connection); -} - /** * nm_device_get_autoconnect: * @self: the #NMDevice @@ -14046,6 +14023,52 @@ nm_device_get_supplicant_timeout (NMDevice *self) SUPPLICANT_DEFAULT_TIMEOUT); } +gboolean +nm_device_802_1x_auth_retries_try_next (NMDevice *self, int *p_auth_retries) +{ + NMConnection *applied_connection; + NMSetting8021x *security; + int auth_retries = *p_auth_retries; + + if (G_UNLIKELY (auth_retries == NM_DEVICE_802_1X_AUTH_RETRIES_UNSET)) { + auth_retries = -1; + + applied_connection = nm_device_get_applied_connection (NM_DEVICE (self)); + if (applied_connection) { + security = nm_connection_get_setting_802_1x (applied_connection); + if (security) + auth_retries = nm_setting_802_1x_get_auth_retries (security); + } + + if (auth_retries == -1) { + gs_free char *value = NULL; + + value = nm_config_data_get_connection_default (NM_CONFIG_GET_DATA, + "802-1x.auth-retries", + self); + auth_retries = _nm_utils_ascii_str_to_int64 (value, 10, -1, G_MAXINT32, -1); + } + + if (auth_retries == 0) + auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY; + else if (auth_retries == -1) + auth_retries = NM_DEVICE_802_1X_AUTH_RETRIES_DEFAULT; + else + nm_assert (auth_retries > 0); + + *p_auth_retries = auth_retries; + } + + if (auth_retries == NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY) + return TRUE; + if (auth_retries <= 0) { + nm_assert (auth_retries == 0); + return FALSE; + } + (*p_auth_retries)--; + return TRUE; +} + /*****************************************************************************/ static const char * diff --git a/src/devices/nm-device.h b/src/devices/nm-device.h index aafa31d3af..6e4aa0d9e2 100644 --- a/src/devices/nm-device.h +++ b/src/devices/nm-device.h @@ -663,7 +663,6 @@ gboolean nm_device_unrealize (NMDevice *device, void nm_device_update_from_platform_link (NMDevice *self, const NMPlatformLink *plink); -void nm_device_autoconnect_retries_reset (NMDevice *device, GType required_applied_setting); gboolean nm_device_get_autoconnect (NMDevice *device); void nm_device_set_autoconnect_intern (NMDevice *device, gboolean autoconnect); void nm_device_emit_recheck_auto_activate (NMDevice *device); @@ -736,6 +735,13 @@ void nm_device_update_initial_hw_address (NMDevice *self); void nm_device_update_permanent_hw_address (NMDevice *self, gboolean force_freeze); void nm_device_update_dynamic_ip_setup (NMDevice *self); guint nm_device_get_supplicant_timeout (NMDevice *self); + +#define NM_DEVICE_802_1X_AUTH_RETRIES_UNSET -1 +#define NM_DEVICE_802_1X_AUTH_RETRIES_INFINITY -2 +#define NM_DEVICE_802_1X_AUTH_RETRIES_DEFAULT 3 + +gboolean nm_device_802_1x_auth_retries_try_next (NMDevice *self, int *p_auth_retry); + gboolean nm_device_hw_addr_get_cloned (NMDevice *self, NMConnection *connection, gboolean is_wifi, diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index 4ed69e16a2..a7b28792b2 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -2599,19 +2599,6 @@ nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self) nm_settings_connection_autoconnect_retries_set (self, AUTOCONNECT_RETRIES_UNSET); } -gboolean -nm_settings_connection_autoconnect_retries_try_next (NMSettingsConnection *self) -{ - int tries; - - tries = nm_settings_connection_autoconnect_retries_get (self); - if (tries == 0) - return FALSE; - if (tries > 0) - nm_settings_connection_autoconnect_retries_set (self, tries - 1); - return TRUE; -} - gint32 nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self) { diff --git a/src/settings/nm-settings-connection.h b/src/settings/nm-settings-connection.h index 69aa792305..a983bddd3d 100644 --- a/src/settings/nm-settings-connection.h +++ b/src/settings/nm-settings-connection.h @@ -217,7 +217,6 @@ int nm_settings_connection_autoconnect_retries_get (NMSettingsConnection *self); void nm_settings_connection_autoconnect_retries_set (NMSettingsConnection *self, int retries); void nm_settings_connection_autoconnect_retries_reset (NMSettingsConnection *self); -gboolean nm_settings_connection_autoconnect_retries_try_next (NMSettingsConnection *self); gint32 nm_settings_connection_autoconnect_blocked_until_get (NMSettingsConnection *self); From 1a9d4869edeef2784e96c2337e8b9f57ed9510e0 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Wed, 25 Oct 2017 18:36:47 +0200 Subject: [PATCH 09/11] policy: move nm_settings_connection_can_autoconnect() to policy Step by step, we move all tracking of autoconnect to NMPolicy. --- src/nm-policy.c | 28 ++++++++++++++++++++++++++- src/settings/nm-settings-connection.c | 27 +++----------------------- src/settings/nm-settings-connection.h | 2 -- 3 files changed, 30 insertions(+), 27 deletions(-) diff --git a/src/nm-policy.c b/src/nm-policy.c index 916f8b7884..acd731a236 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -146,6 +146,32 @@ static void schedule_activate_check (NMPolicy *self, NMDevice *device); /*****************************************************************************/ +static gboolean +_autocnct_can_autoconnect (NMSettingsConnection *connection) +{ + NMSettingConnection *s_con; + const char *permission; + + if ( !nm_settings_connection_is_visible (connection) + || nm_settings_connection_autoconnect_retries_get (connection) == 0 + || nm_settings_connection_autoconnect_blocked_reason_get (connection) != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) + return FALSE; + + s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection)); + if (!nm_setting_connection_get_autoconnect (s_con)) + return FALSE; + + permission = nm_utils_get_shared_wifi_permission (NM_CONNECTION (connection)); + if (permission) { + if (nm_settings_connection_check_permission (connection, permission) == FALSE) + return FALSE; + } + + return TRUE; +} + +/*****************************************************************************/ + typedef struct { NMPlatformIP6Address prefix; NMDevice *device; /* The requesting ("uplink") device */ @@ -1236,7 +1262,7 @@ auto_activate_device (NMPolicy *self, for (i = 0; i < len; i++) { NMSettingsConnection *candidate = NM_SETTINGS_CONNECTION (connections[i]); - if (!nm_settings_connection_can_autoconnect (candidate)) + if (!_autocnct_can_autoconnect (candidate)) continue; if (nm_device_can_auto_connect (device, (NMConnection *) candidate, &specific_object)) { best_connection = candidate; diff --git a/src/settings/nm-settings-connection.c b/src/settings/nm-settings-connection.c index a7b28792b2..ed69115c8b 100644 --- a/src/settings/nm-settings-connection.c +++ b/src/settings/nm-settings-connection.c @@ -2531,6 +2531,8 @@ nm_settings_connection_read_and_fill_seen_bssids (NMSettingsConnection *self) } } +/*****************************************************************************/ + /** * nm_settings_connection_autoconnect_retries_get: * @self: the settings connection @@ -2623,30 +2625,7 @@ nm_settings_connection_autoconnect_blocked_reason_set (NMSettingsConnection *sel NM_SETTINGS_CONNECTION_GET_PRIVATE (self)->autoconnect_blocked_reason = reason; } -gboolean -nm_settings_connection_can_autoconnect (NMSettingsConnection *self) -{ - NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self); - NMSettingConnection *s_con; - const char *permission; - - if ( !priv->visible - || nm_settings_connection_autoconnect_retries_get (self) == 0 - || priv->autoconnect_blocked_reason != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) - return FALSE; - - s_con = nm_connection_get_setting_connection (NM_CONNECTION (self)); - if (!nm_setting_connection_get_autoconnect (s_con)) - return FALSE; - - permission = nm_utils_get_shared_wifi_permission (NM_CONNECTION (self)); - if (permission) { - if (nm_settings_connection_check_permission (self, permission) == FALSE) - return FALSE; - } - - return TRUE; -} +/*****************************************************************************/ /** * nm_settings_connection_get_nm_generated: diff --git a/src/settings/nm-settings-connection.h b/src/settings/nm-settings-connection.h index a983bddd3d..faacd94909 100644 --- a/src/settings/nm-settings-connection.h +++ b/src/settings/nm-settings-connection.h @@ -224,8 +224,6 @@ NMSettingsAutoconnectBlockedReason nm_settings_connection_autoconnect_blocked_re void nm_settings_connection_autoconnect_blocked_reason_set (NMSettingsConnection *self, NMSettingsAutoconnectBlockedReason reason); -gboolean nm_settings_connection_can_autoconnect (NMSettingsConnection *self); - gboolean nm_settings_connection_get_nm_generated (NMSettingsConnection *self); gboolean nm_settings_connection_get_volatile (NMSettingsConnection *self); From 3828ba3b0e3ab9868372b3df143ffa11613a99b9 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Wed, 25 Oct 2017 22:17:47 +0200 Subject: [PATCH 10/11] policy: inline can_autoconnect check in auto_activate_device() --- src/nm-policy.c | 42 +++++++++++++++--------------------------- 1 file changed, 15 insertions(+), 27 deletions(-) diff --git a/src/nm-policy.c b/src/nm-policy.c index acd731a236..7472dd54f7 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -146,32 +146,6 @@ static void schedule_activate_check (NMPolicy *self, NMDevice *device); /*****************************************************************************/ -static gboolean -_autocnct_can_autoconnect (NMSettingsConnection *connection) -{ - NMSettingConnection *s_con; - const char *permission; - - if ( !nm_settings_connection_is_visible (connection) - || nm_settings_connection_autoconnect_retries_get (connection) == 0 - || nm_settings_connection_autoconnect_blocked_reason_get (connection) != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) - return FALSE; - - s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection)); - if (!nm_setting_connection_get_autoconnect (s_con)) - return FALSE; - - permission = nm_utils_get_shared_wifi_permission (NM_CONNECTION (connection)); - if (permission) { - if (nm_settings_connection_check_permission (connection, permission) == FALSE) - return FALSE; - } - - return TRUE; -} - -/*****************************************************************************/ - typedef struct { NMPlatformIP6Address prefix; NMDevice *device; /* The requesting ("uplink") device */ @@ -1261,9 +1235,23 @@ auto_activate_device (NMPolicy *self, best_connection = NULL; for (i = 0; i < len; i++) { NMSettingsConnection *candidate = NM_SETTINGS_CONNECTION (connections[i]); + NMSettingConnection *s_con; + const char *permission; - if (!_autocnct_can_autoconnect (candidate)) + if ( !nm_settings_connection_is_visible (candidate) + || nm_settings_connection_autoconnect_retries_get (candidate) == 0 + || nm_settings_connection_autoconnect_blocked_reason_get (candidate) != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) continue; + + s_con = nm_connection_get_setting_connection (NM_CONNECTION (candidate)); + if (!nm_setting_connection_get_autoconnect (s_con)) + continue; + + permission = nm_utils_get_shared_wifi_permission (NM_CONNECTION (candidate)); + if ( permission + && !nm_settings_connection_check_permission (candidate, permission)) + continue; + if (nm_device_can_auto_connect (device, (NMConnection *) candidate, &specific_object)) { best_connection = candidate; break; From cb2aa6bd4c75234bfb1faf1a3a2bb3ab64a0ccf8 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Wed, 25 Oct 2017 21:29:45 +0200 Subject: [PATCH 11/11] policy: move blocking autoconnect from NMDeviceModem to NMPolicy Only NMPolicy should be concerned with handling autoconnect, and blocking it. Move the code. Note that there is a slight possible change in behavior, as the order of when the connection is blocked changes, based on the different times when the device changed signal gets executed. But that shouldn't be a problem. --- src/devices/wwan/nm-device-modem.c | 26 +------------------------- src/nm-policy.c | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 25 deletions(-) diff --git a/src/devices/wwan/nm-device-modem.c b/src/devices/wwan/nm-device-modem.c index 7f2bb9389a..22fb8c673d 100644 --- a/src/devices/wwan/nm-device-modem.c +++ b/src/devices/wwan/nm-device-modem.c @@ -364,9 +364,8 @@ device_state_changed (NMDevice *device, { NMDeviceModem *self = NM_DEVICE_MODEM (device); NMDeviceModemPrivate *priv = NM_DEVICE_MODEM_GET_PRIVATE (self); - NMSettingsConnection *connection = nm_device_get_settings_connection (device); - g_assert (priv->modem); + g_return_if_fail (priv->modem); if (new_state == NM_DEVICE_STATE_UNAVAILABLE && old_state < NM_DEVICE_STATE_UNAVAILABLE) { @@ -374,30 +373,7 @@ device_state_changed (NMDevice *device, _LOGI (LOGD_MB, "modem state '%s'", nm_modem_state_to_string (nm_modem_get_state (priv->modem))); } - nm_modem_device_state_changed (priv->modem, new_state, old_state); - - switch (nm_device_state_reason_check (reason)) { - case NM_DEVICE_STATE_REASON_GSM_REGISTRATION_DENIED: - case NM_DEVICE_STATE_REASON_GSM_REGISTRATION_NOT_SEARCHING: - case NM_DEVICE_STATE_REASON_GSM_SIM_NOT_INSERTED: - case NM_DEVICE_STATE_REASON_GSM_SIM_PIN_REQUIRED: - case NM_DEVICE_STATE_REASON_GSM_SIM_PUK_REQUIRED: - case NM_DEVICE_STATE_REASON_GSM_SIM_WRONG: - case NM_DEVICE_STATE_REASON_SIM_PIN_INCORRECT: - case NM_DEVICE_STATE_REASON_MODEM_INIT_FAILED: - case NM_DEVICE_STATE_REASON_GSM_APN_FAILED: - /* Block autoconnect of the just-failed connection for situations - * where a retry attempt would just fail again. - */ - if (connection) { - nm_settings_connection_autoconnect_blocked_reason_set (connection, - NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); - } - break; - default: - break; - } } static NMDeviceCapabilities diff --git a/src/nm-policy.c b/src/nm-policy.c index 7472dd54f7..3cfb1f7c4a 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -1748,6 +1748,28 @@ device_state_changed (NMDevice *device, NMIP6Config *ip6_config; NMSettingConnection *s_con = NULL; + switch (nm_device_state_reason_check (reason)) { + case NM_DEVICE_STATE_REASON_GSM_REGISTRATION_DENIED: + case NM_DEVICE_STATE_REASON_GSM_REGISTRATION_NOT_SEARCHING: + case NM_DEVICE_STATE_REASON_GSM_SIM_NOT_INSERTED: + case NM_DEVICE_STATE_REASON_GSM_SIM_PIN_REQUIRED: + case NM_DEVICE_STATE_REASON_GSM_SIM_PUK_REQUIRED: + case NM_DEVICE_STATE_REASON_GSM_SIM_WRONG: + case NM_DEVICE_STATE_REASON_SIM_PIN_INCORRECT: + case NM_DEVICE_STATE_REASON_MODEM_INIT_FAILED: + case NM_DEVICE_STATE_REASON_GSM_APN_FAILED: + /* Block autoconnect of the just-failed connection for situations + * where a retry attempt would just fail again. + */ + if (connection) { + nm_settings_connection_autoconnect_blocked_reason_set (connection, + NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED); + } + break; + default: + break; + } + switch (new_state) { case NM_DEVICE_STATE_FAILED: /* Mark the connection invalid if it failed during activation so that