config.h defines _GNU_SOURCE, which in turn defines the bits necessary
for kill, isblank, and isascii. So wherever we use those, we need
to make sure config.h is included.
priv->ip_iface gets destroyed in vpn_cleanup() when the class
signal handler handles FAILED/DISCONNECTED, but the dispatcher
is only called *after* that, so it gets a NULL ip_iface. Fix that
so that the dispatcher always gets the tunnel interface for
vpn-up and vpn-down.
Use the interfaces kernel index when we can to avoid unecessary
iface->index lookups; and let callers figure out which address
family they really want to flush.
Some stuff we build (the DHCP manager) gets built independently
so that we can use it for unit tests. For that, we need to build
the logging bits separately too, since the independent DHCP
library can't use them if they are embedded in NM.
NM previously only cleared secrets when the VPN service daemon quit,
and the service daemons are on a 10-second inactivity timer. So if
the user tried to re-activate the failed VPN connection within 10
seconds the old secrets would get used, which clearly isn't what we
want. Ensure that whenever the VPN connection fails or disconnects,
we ask the settings service for secrets again the next time.
Or really, any time the parent IP4 config is cleared which is pretty
much only when the device is going down. Avoids a warning when
nm_system_add_ip4_vpn_gateway_route() can't get the parent IP4Config
because it doesn't exist.
Since NM adds the gateway host route in the manner that's correct
for the current routing situation, we don't really want random
gateway host routes from the VPN server getting added instead.
The only thing that doesn't work yet is the system-settings service's
"auto eth" connections for ethernet devices that don't have an existing
connection. Might also have issues with unmanaged devices that can't
provide a MAC address until they are brought up, but we'll see.
0.7 requires dbus 1.1 or greater (for system bus activation), so make that
explicit, and remove compat code for D-Bus 0.6 and earlier. Consolidate
the various glib pkgconfig checks into one, since most anything will require
gthread, glib, and gobject anyway. Fixup the docs makefile to be more
automake-compatible and let 'make clean' actually work correctly when
docs are built.
Don't do anything with WINS servers (dispatcher scripts installed with
samba could certainly update samba's idea of WINS servers), but at least
provide them so that the VPNs that can get upstream WINS servers can
at least make other stuff aware of them.
* src/vpn-manager/nm-vpn-connection.c
- (plugin_state_changed): clear secrets before setting the connection
state to FAILED, since doing so may destroy the connection itself,
since the NMVPNService owning this NMVPNConnection will unref it
when the NMVPNConnection is failed or stopped
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/branches/NETWORKMANAGER_0_7@4374 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* vpn-manager/nm-vpn-connection.c
- (plugin_state_changed): clear VPN secrets on error to ensure they
are always requested from the settings service (rh #429287)
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4282 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Fix deletion of VPN gateway route on DHCP renew (bgo #558133)
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_device_set_ip4_route): return the route that was added
- (nm_system_add_ip4_vpn_gateway_route): make add_vpn_gateway_route()
public, clean up, and return the route that was added
- (nm_system_apply_ip4_config): remove VPN related stuff to simplify,
since nm_system_add_ip4_vpn_gateway_route() is now available; add
flags to allow only certain attributes of the NMIP4Config to be
applied
* src/nm-device.c
- (handle_dhcp_lease_change): don't touch the DHCP4 config on failure
- (nm_device_set_ip4_config): use nm_ip4_config_diff() to only apply
what's really changed between the old and new configs; don't export
the new IP4 config on failure; always send the DNS info to the
named manager
* src/vpn-manager/nm-vpn-connection.c
- (device_ip4_config_changed, nm_vpn_connection_new, dispose): track the
parent device's IP4Config and re-add the VPN gateway route when it
changes
- (nm_vpn_connection_ip4_config_get): add the VPN gateway route (since
nm_system_apply_ip4_config() no longer does) and cache it for later
- (connection_state_changed): move cleanup code to its own function
- (vpn_cleanup): delete any previously added VPN gateway route; and
re-apply the parent device's addresses and routes using
nm_system_apply_ip4_config(), not nm_device_set_ip4_config()
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4277 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* include/NetworkManager.h
introspection/nm-device.xml
include/NetworkManagerVPN.h
- Add a few more state reasons for the device deactivated state
* src/nm-device-interface.c
src/nm-device-interface.h
- (nm_device_interface_deactivate): add a 'reason' argument
* src/nm-device.c
src/nm-device.h
- (nm_device_deactivate, nm_device_take_down): add a 'reason' argument
- (nm_device_state_changed): pass the state change reason to
nm_device_take_down()
- (nm_device_set_managed): take a 'reason' argument, and pass it along
to the state change function
* src/nm-manager.c
src/nm-manager.h
- (remove_one_device, handle_unmanaged_devices, sync_devices,
impl_manager_sleep): pass a reason code to nm_device_set_managed()
- (nm_manager_deactivate_connection): add a 'reason' argument and pass
something reasonable along to VPN deactivation
* src/vpn-manager/nm-vpn-manager.c
src/vpn-manager/nm-vpn-manager.h
- (nm_vpn_manager_deactivate_connection): add a 'reason' argument and
pass that along to nm_vpn_connection_disconnect()
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4174 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Add support for VPN subnet gateways (bgo #549196)
* include/NetworkManager.h
- Add key for internal VPN subnet gateway
* src/vpn-manager/nm-vpn-connection.c
- (ip_address_to_string): return a const from a static buffer so we
don't leak a lot of strings
- (print_vpn_config): print internal VPN gateway as well
- (nm_vpn_connection_ip4_config_get): grab internal VPN gateway from
VPN service too
- (nm_vpn_connection_get_ip4_internal_gateway): new function
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_device_replace_default_ip4_route): split into two, one for
VPN connections and one for normal devices
- (replace_default_ip4_route): break out route stuff into its own function
- (nm_system_replace_default_ip4_route_vpn,
nm_system_replace_default_ip4_route): simplify by having two cases,
one for VPNs and one for normal devices
* src/NetworkManagerPolicy.c
- (update_routing_and_dns): simplify, use split default route replacement
functions
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4169 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Rework default route handling to consolidate decisions in the policy,
and to take active VPN connections into account when changing the default
route (bgo #545912)
* src/NetworkManager.c
- (main): pass the vpn_manager to the policy so it knows about active
VPN connections; clean up the named manager which wasn't done before
* src/NetworkManagerPolicy.c
src/NetworkManagerPolicy.h
- (nm_policy_new): get a clue about the vpn_manager
- (update_default_route): remove, fold into update_routing_and_dns()
- (update_routing_and_dns): handle active VPN connections too; an
active VPN connection becomes the default route if it does not have
server-specified or user-specified custom routes. Otherwise, the
best active device gets the default route
- (vpn_connection_activated, vpn_connection_deactivated, nm_policy_new,
nm_policy_destroy): track VPN connection activation and deactivation
and update the default route when appropriate
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_vpn_device_unset_from_ip4_config): remove, put functionality
in the VPN connection itself
- (nm_system_vpn_device_set_from_ip4_config,
nm_system_device_set_from_ip4_config): merge together to make
nm_system_apply_ip4_config()
- (add_vpn_gateway_route): add a route to the VPN's external gateway
via the parent device
- (nm_system_apply_ip4_config): simplify
- (add_ip4_route_to_gateway): new function; add a direct route to the
gateway if needed
- (nm_system_device_replace_default_ip4_route): simplify, break gateway
route stuff out into add_ip4_route_to_gateway() for clarity
* src/nm-device.c
- (nm_device_set_ip4_config): update for nm_system_apply_ip4_config()
* src/vpn-manager/nm-vpn-connection.c
src/vpn-manager/nm-vpn-connection.h
- (nm_vpn_connection_get_ip4_config, nm_vpn_connection_get_ip_iface,
nm_vpn_connection_get_parent_device): add
- (nm_vpn_connection_ip4_config_get): make the requirement of a tunnel
device explicit
- (connection_state_changed): update the named manager now that
nm_system_vpn_device_unset_from_ip4_config() is gone; do something
useful on errors
* src/vpn-manager/nm-vpn-manager.c
src/vpn-manager/nm-vpn-manager.h
- Add a 'connection-activated' signal
- (nm_vpn_manager_get_active_connections): new function; mainly for the
policy to find out about active VPN connections
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4167 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* src/vpn-manager/nm-vpn-connection.c: Add a signal handler for the
"Failure" signal from VPN plugins, store the failure reason, and
use it when the state is changed to failure.
* introspection/nm-vpn-plugin.xml: Fix the "Failure" signal's type
description.
* include/NetworkManagerVPN.h (NMVPNConnectionStateReason): Add a new
reason to the end of the list to not break the API.
(NMVPNPluginFailure): Move it here (from libnm-glib/nm-vpn-plugin.h)
so it can be shared by plugins and daemon.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4088 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-util/nm-setting-vpn.c
libnm-util/nm-setting-vpn.h
- Split VPN secrets from VPN data so that settings services can actually
figure out that they are secrets and store them accordingly
* system-settings/plugins/keyfile/nm-keyfile-connection.c
system-settings/plugins/keyfile/reader.c
system-settings/plugins/keyfile/reader.h
system-settings/plugins/keyfile/writer.c
- Store VPN secrets separately from VPN data so that they can be fetched
on demand
- Implement the get_secrets() call so that (a) secrets don't leak out
to unprivileged callers, and (b) secrets can be sent to privileged
callers when needed
* vpn-daemons/vpnc/src/nm-vpnc-service.c
- Handle split VPN secrets
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4031 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Ensure zombie children get cleaned up. To get notifications when children
die abnormally, g_spawn_async() requires G_SPAWN_DO_NOT_REAP_CHILD, but
that requires calling waitpid() yourself if you've removed the child watch
handler before the process has actually died, which NM needs to do in a few
places. So ensure that everything uses G_SPAWN_DO_NOT_REAP_CHILD and also
cleans up after the child when required. Should fix problems trying to
activate mobile broadband connections after a previous failure.
* src/dhcp-manager/nm-dhcp-dhclient.c
src/dhcp-manager/nm-dhcp-dhcpcd.c
- Use G_SPAWN_DO_NOT_REAP_CHILD
* src/dhcp-manager/nm-dhcp-manager.c
- (nm_dhcp_device_destroy): ensure child is cleaned up
- (nm_dhcp_client_stop, nm_dhcp_manager_cancel_transaction_real): always
block on child quitting, since the non-blocking functionality was
never actually used
* src/dnsmasq-manager/nm-dnsmasq-manager.c
- (dm_watch_cb): child is already reaped here
- (ensure_killed, nm_dnsmasq_manager_stop): block until child is dead
* src/nm-device.c
- (aipd_cleanup): block until child is dead
* src/named-manager/nm-named-manager.c
- (run_netconfig): don't use G_SPAWN_DO_NOT_REAP_CHILD if we aren't
event bothering to watch the child
* src/ppp-manager/nm-ppp-manager.c
- (ppp_watch_cb): child is already reaped here
- (ensure_killed, nm_ppp_manager_stop): block until child is dead
* src/vpn-manager/nm-vpn-service.c
- (vpn_service_watch_cb): child is already reaped here
- (nm_vpn_service_daemon_exec): use G_SPAWN_DO_NOT_REAP_CHILD so that
status of the child is actually tracked
- (ensure_killed, finalize): block until child is dead
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4020 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* include/NetworkManager.h
introspection/nm-device.xml
- Add a "missing firmware" device state reason
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_device_set_up_down): add a no_firmware argument
- (nm_system_device_set_up_down_with_iface): if the result of setting
IFF_UP is ENOENT, that almost always means missing firmware
* src/backends/NetworkManagerGeneric.c
src/nm-device-ethernet.c
src/nm-device-private.h
src/nm-device-wifi.c
src/nm-device.c
src/nm-device.h
src/nm-hso-gsm-device.c
src/vpn-manager/nm-vpn-connection.c
- Pass no_firmware along; check it where appropriate
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3983 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Merge the vpn-properties setting with the vpn setting since it was pointless
to keep both of them around. Convert the vpn 'data' hash table to a hash
of string:string (instead of string:variant) so that system settings plugins
can have an easier time dealing with the arbitrary key/value pairs.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3923 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* libnm-glib/nm-ip4-config.c
libnm-glib/nm-ip4-config.h
- Add 'routes' property
* libnm-util/nm-setting-vpn.c
libnm-util/nm-setting-vpn.h
- Remove 'routes' property
* libnm-util/nm-setting-ip4-config.c
libnm-util/nm-setting-ip4-config.h
- 'ignore-dhcp-dns' renamed to 'ignore-auto-dns'
- Add 'ignore-auto-routes' property
- 'routes' exposed over D-Bus is now an array of array of uint (4) to
accomodate route metrics
- 'routes' exposed in C is now a list of NMSettingIP4Route structures
* libnm-util/nm-utils.c
libnm-util/nm-utils.h
- Add helpers for marshalling IP4 routes
* src/NetworkManagerUtils.c
- (nm_utils_merge_ip4_config): handle property renames and new route
structure
* src/NetworkManagerSystem.c
- (nm_system_device_set_ip4_route, nm_system_device_set_from_ip4_config,
nm_system_vpn_device_set_from_ip4_config): respect route metrics
* src/dhcp-manager/nm-dhcp-manager.c
- (nm_dhcp_manager_get_ip4_config): handle new route structure
* system-settings/plugins/ifcfg-fedora/reader.c
system-settings/plugins/ifcfg-fedora/writer.c
- Handle routes separately from addresses now that routes have a different
format
* introspection/nm-ip4-config.xml
src/nm-ip4-config.c
src/nm-ip4-config.h
- Rename internal routing functions
- 'static-routes' renamed to 'routes'
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3898 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
* src/nm-activation-request.c
src/vpn-manager/nm-vpn-connection.c
- Correct GetSecrets D-Bus pending call usage; the GetSecrets call
itself should be attached to the activation request or the VPN
connection, not the NMConnection object, since the call is not
expected to live as long as the NMConnection itself
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3880 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
Modify the NMDevice::state-changed signal to include the previous state
and reason. Enables the applet to provide more information why device
activation failed.
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3819 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
