fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-02-19 03:00:55 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

firewalld: merge branch 'th/firewalld-reloaded'

Browse source 
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/949

(cherry picked from commit a9279d1e89)
This commit is contained in:
Thomas Haller 2021-08-06 14:37:43 +02:00
commit f915a43eb2
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
3 changed files with 74 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
src/core/nm-firewalld-manager.c
View file

@ -15,6 +15,7 @@
#define FIREWALL_DBUS_SERVICE "org.fedoraproject.FirewallD1"
#define FIREWALL_DBUS_PATH "/org/fedoraproject/FirewallD1"
#define FIREWALL_DBUS_INTERFACE "org.fedoraproject.FirewallD1"
#define FIREWALL_DBUS_INTERFACE_ZONE "org.fedoraproject.FirewallD1.zone"
/*****************************************************************************/
@ -30,10 +31,12 @@ typedef struct {
CList pending_calls;
char *name_owner;
guint reloaded_id;
guint name_owner_changed_id;
bool dbus_inited : 1;
bool running : 1;
} NMFirewalldManagerPrivate;
struct _NMFirewalldManager {
@ -105,7 +108,7 @@ _ops_type_to_string(OpsType ops_type)
}
#define _NMLOG_DOMAIN LOGD_FIREWALL
#define _NMLOG_PREFIX_NAME "firewall"
#define _NMLOG_PREFIX_NAME "firewalld"
#define _NMLOG(level, call_id, ...) \
G_STMT_START \
{ \
@ -146,6 +149,14 @@ _ops_type_to_string(OpsType ops_type)
/*****************************************************************************/
static void
_signal_emit_state_changed(NMFirewalldManager *self, NMFirewalldManagerStateChangedType signal_type)
{
g_signal_emit(self, signals[STATE_CHANGED], 0, (int) signal_type);
}
/*****************************************************************************/
static gboolean
_get_running(NMFirewalldManagerPrivate *priv)
{
@ -154,7 +165,7 @@ _get_running(NMFirewalldManagerPrivate *priv)
* service is indeed running. That is the time when we queue the
* requests, and they will be started once the get-name-owner call
* returns. */
return priv->running || (priv->dbus_connection && !priv->dbus_inited);
return priv->name_owner || (priv->dbus_connection && !priv->dbus_inited);
}
gboolean
@ -315,7 +326,7 @@ _handle_dbus_start(NMFirewalldManager *self, NMFirewalldManagerCallId *call_id)
GVariant * arg;
nm_assert(call_id);
nm_assert(priv->running);
nm_assert(priv->name_owner);
nm_assert(!call_id->is_idle);
nm_assert(c_list_contains(&priv->pending_calls, &call_id->lst));
@ -341,7 +352,7 @@ _handle_dbus_start(NMFirewalldManager *self, NMFirewalldManagerCallId *call_id)
call_id->dbus.cancellable = g_cancellable_new();
g_dbus_connection_call(priv->dbus_connection,
FIREWALL_DBUS_SERVICE,
priv->name_owner,
FIREWALL_DBUS_PATH,
FIREWALL_DBUS_INTERFACE_ZONE,
dbus_method,
@ -378,10 +389,10 @@ _start_request(NMFirewalldManager * self,
iface,
NM_PRINT_FMT_QUOTED(zone, "\"", zone, "\"", "default"),
call_id->is_idle ? " (not running, simulate success)"
: (!priv->running ? " (waiting to initialize)" : ""));
: (!priv->name_owner ? " (waiting to initialize)" : ""));
if (!call_id->is_idle) {
if (priv->running)
if (priv->name_owner)
_handle_dbus_start(self, call_id);
if (!call_id->callback) {
/* if the user did not provide a callback, the call_id is useless.
@ -463,6 +474,7 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
gboolean was_running;
gboolean now_running;
gboolean just_initied;
gboolean name_owner_changed;
owner = nm_str_not_empty(owner);
@ -474,8 +486,8 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
was_running = _get_running(priv);
just_initied = !priv->dbus_inited;
priv->dbus_inited = TRUE;
priv->running = !!owner;
priv->dbus_inited = TRUE;
name_owner_changed = nm_strdup_reset(&priv->name_owner, owner);
now_running = _get_running(priv);
@ -495,7 +507,7 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
nm_assert(!call_id->is_idle);
nm_assert(call_id->dbus.arg);
if (priv->running) {
if (priv->name_owner) {
_LOGD(call_id, "initalizing: make D-Bus call");
_handle_dbus_start(self, call_id);
} else {
@ -511,8 +523,30 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
}
}
if (was_running != now_running)
g_signal_emit(self, signals[STATE_CHANGED], 0, FALSE);
if (just_initied)
_signal_emit_state_changed(self, NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED);
else if (was_running != now_running || name_owner_changed)
_signal_emit_state_changed(self,
NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_NAME_OWNER_CHANGED);
}
static void
reloaded_cb(GDBusConnection *connection,
const char * sender_name,
const char * object_path,
const char * interface_name,
const char * signal_name,
GVariant * parameters,
gpointer user_data)
{
NMFirewalldManager * self = user_data;
NMFirewalldManagerPrivate *priv = NM_FIREWALLD_MANAGER_GET_PRIVATE(self);
if (!nm_streq0(sender_name, priv->name_owner))
return;
_LOGT(NULL, "reloaded signal received");
_signal_emit_state_changed(self, NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_RELOADED);
}
static void
@ -541,7 +575,7 @@ get_name_owner_cb(const char *name_owner, GError *error, gpointer user_data)
NMFirewalldManager * self;
NMFirewalldManagerPrivate *priv;
if (!name_owner && g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
if (nm_utils_error_is_cancelled(error))
return;
self = user_data;
@ -568,6 +602,17 @@ nm_firewalld_manager_init(NMFirewalldManager *self)
return;
}
priv->reloaded_id = g_dbus_connection_signal_subscribe(priv->dbus_connection,
FIREWALL_DBUS_SERVICE,
FIREWALL_DBUS_INTERFACE,
"Reloaded",
FIREWALL_DBUS_PATH,
NULL,
G_DBUS_SIGNAL_FLAGS_NONE,
reloaded_cb,
self,
NULL);
priv->name_owner_changed_id =
nm_dbus_connection_signal_subscribe_name_owner_changed(priv->dbus_connection,
FIREWALL_DBUS_SERVICE,
@ -594,6 +639,7 @@ dispose(GObject *object)
* we don't expect pending operations at this point. */
nm_assert(c_list_is_empty(&priv->pending_calls));
nm_clear_g_dbus_connection_signal(priv->dbus_connection, &priv->reloaded_id);
nm_clear_g_dbus_connection_signal(priv->dbus_connection, &priv->name_owner_changed_id);
nm_clear_g_cancellable(&priv->get_name_owner_cancellable);
@ -616,8 +662,8 @@ nm_firewalld_manager_class_init(NMFirewalldManagerClass *klass)
0,
NULL,
NULL,
g_cclosure_marshal_VOID__BOOLEAN,
g_cclosure_marshal_VOID__INT,
G_TYPE_NONE,
1,
G_TYPE_BOOLEAN /* initialized_now */);
G_TYPE_INT /* signal-type */);
}

6
src/core/nm-firewalld-manager.h
View file

@ -19,6 +19,12 @@
#define NM_FIREWALLD_MANAGER_STATE_CHANGED "state-changed"
typedef enum {
NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED,
NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_NAME_OWNER_CHANGED,
NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_RELOADED,
} NMFirewalldManagerStateChangedType;
typedef struct _NMFirewalldManagerCallId NMFirewalldManagerCallId;
typedef struct _NMFirewalldManager NMFirewalldManager;

13
src/core/nm-policy.c
View file

@ -2519,14 +2519,15 @@ connection_added(NMSettings *settings, NMSettingsConnection *connection, gpointe
}
static void
firewall_state_changed(NMFirewalldManager *manager, gboolean initialized_now, gpointer user_data)
firewall_state_changed(NMFirewalldManager *manager, int signal_type_i, gpointer user_data)
{
NMPolicy * self = (NMPolicy *) user_data;
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
const CList * tmp_lst;
NMDevice * device;
const NMFirewalldManagerStateChangedType signal_type = signal_type_i;
NMPolicy * self = user_data;
NMPolicyPrivate * priv = NM_POLICY_GET_PRIVATE(self);
const CList * tmp_lst;
NMDevice * device;
if (initialized_now) {
if (signal_type == NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED) {
/* the firewall manager was initializing, but all requests
* so fare were queued and are already sent. No need to
* re-update the firewall zone of the devices. */