1. 24 Jul, 2019 1 commit
  2. 15 Jul, 2019 1 commit
  3. 10 Jul, 2019 1 commit
  4. 04 Jul, 2019 4 commits
    • Jussi Laakkonen's avatar
      Add service_schedule_changed() proto before move_service() · f93b8475
      Jussi Laakkonen authored
      Get fork to build after including upstream commit, in fork:
      be165aa6 - in upstream:
      acf200507c9a9648f0839d9a11d0a1215ae99a41
      f93b8475
    • Jussi Laakkonen's avatar
      service: Prevent sending D-Bus error reply twice with hidden networks · 1a49ce63
      Jussi Laakkonen authored
      When the input request has timed out or some other error has occurred do
      not allow to send duplicate D-Bus error replies. This would result in
      crashes when hidden network is first informed with ETIMEDOUT and error
      is returned and if the __connman_device_request_hidden_scan() reports an
      error or that it is already running (EALREADY) and then second error
      reply is sent.
      
      After each reply to pending D-Bus message (reply_pending()) the
      service->pending is set NULL but since request_input_cb() holds the
      reference to the pending D-Bus message (user_data) there will be a
      second reply.
      
      This fixes the issue by 1) recording the error also when D-Bus error is
      other than Canceled to prevent connecting attempt at done label and 2)
      skipping hidden network connect in such case as well.
      1a49ce63
    • Benoît Monin's avatar
      service: Signal when services are moved · be165aa6
      Benoît Monin authored
      When calling MoveBefore or MoveAfter on a service, no signal is emitted
      by ConnMan. This makes it impossible for a D-Bus client to maintain an
      ordered list of services in sync with ConnMan.
      
      This patch schedules the emission of the signal ServicesChanged from the
      function move_service(), so the new list will get published over D-Bus.
      be165aa6
    • Daniel Wagner's avatar
      service: Return OperationAborted when agent gets Canceled · 2faa7972
      Daniel Wagner authored
      When the user decided to cancel the connect attempt, the agent sends
      net.connman.Agent.Error.Canceled. Currently, we return InvalidArgument
      for normal non-hidden networks and ConnectedAborted for hidden
      networks. Return OperationAborted also for non-hidden networks to
      avoid confusion on the user ends. That means the cancel operation was
      successful and nothing went wrong as invalid argument indicates.
      
      Reported by Vasyl Vavrychuk.
      2faa7972
  5. 02 Jul, 2019 3 commits
  6. 01 Jul, 2019 1 commit
  7. 27 Jun, 2019 3 commits
  8. 25 Jun, 2019 7 commits
  9. 24 Jun, 2019 4 commits
    • Jussi Laakkonen's avatar
      l2tp: Use vpn-agent.c error processing for VPN agent errors. · f77d49e3
      Jussi Laakkonen authored
      Use vpn_agent_check_and_process_reply_error() to check and process VPN
      agent errors. Clear callback and pending D-Bus message (user_data) if
      error was processed to avoid calling the callback twice.
      f77d49e3
    • Jussi Laakkonen's avatar
      [connman] Save VPN service if autoconnect changes. Contributes to JB#45903 · ca72d6fa
      Jussi Laakkonen authored
      It is imperative to save the VPN service when autoconnect changes since
      otherwise the change is done only to run-time service settings and not
      written to disk if user has canceled VPN agent dialog, for example.
      Otherwise the data within connman and service file is out of sync, and
      next restart of connman will be a race between each VPNs that were
      attempted to connect but canceled by user.
      ca72d6fa
    • Jussi Laakkonen's avatar
      vpn-provider: React to different error types in connect_cb() · 3b7259a4
      Jussi Laakkonen authored
      The connection callback (connect_cb()) can be called via vpn-agent.c to
      indicate that VPN agent dialog had an error or was cancelled in addition
      to calling the function via VPN plugin. Because of this the different
      error types should be handled properly.
      
      Errors:
       - EACCES is an authentication error: VPN_PROVIDER_ERROR_AUTH_FAILED.
       - ENOMSG and ETIMEDOUT are system reported errors and then the agent
         request needs to be canceled and error set unknown error.
       - ECANCELED is reported when user canceled VPN agent dialog, treat this
         as same as ECONNABORTED as the VPN may have been initialized already.
       - ECONNABORTED is set when connect_cb() is called via VPN plugin.  To
         ensure that proper disconnect -> idle cycle is done both driver and
         provider are set to disconnect state and eventually killed and put to
         idle state if the provider was 1) being connected or 2) already
         connected.
       - In other cases the VPN provider is set to failure state and connect
         error is indicated.
      3b7259a4
    • Jussi Laakkonen's avatar
      vpn-agent: Implement generic D-Bus error checker for plugins. · e83819bb
      Jussi Laakkonen authored
      It is not feasible for every VPN plugin to check the errors in D-Bus
      reply sent by VPN agent in their own way. This kind of general use makes
      reacting to the canceled, timed out or no response replies sent by VPN
      agent more common and less error prone.
      
      The check function (vpn_agent_check_and_process_reply_error()) takes in
      the reply, callback to provider connect function and the pending D-Bus
      message, that will be utilized by the callback
      (vpn-provider.c:connect_cb()). This way proper notifications are passed
      forwards and appropriate reply is sent to the caller of the VPN plugin
      connection request (connmand). By sending the reply the caller
      (connmand) can then disable autoconnection from the VPN to avoid
      re-connection in case the user canceled the VPN agent dialog.
      
      The errors that are reacted to:
       - net.connman.vpn.Agent.Error.Canceled -> ECANCELED
       - org.freedesktop.DBus.Error.Timeout -> ETIMEDOUT
       - org.freedesktop.DBus.Error.NoReply -> ENOMSG
       - any other error from VPN agent is EACCES
      
      Error in VPN agent or canceling the VPN agent should not be an error in
      the VPN provider and, therefore, set the provider state to idle. Also,
      if task was already running stop it to avoid leaving VPN processes
      running.
      e83819bb
  10. 14 Jun, 2019 1 commit
  11. 13 Jun, 2019 1 commit
    • chriadam's avatar
      [connman] Initialise counter table entry before registering service counter.... · db0374b5
      chriadam authored
      [connman] Initialise counter table entry before registering service counter. Contributes to JB#45681
      
      __connman_service_counter_register() calls service_send_initial_stats()
      which calls __connman_counter_send_usage() which attempts to look
      up the counter entry in the global counter table.
      
      This commit ensures that the counter entry is inserted into the
      global counter table prior to calling
      __connman_service_counter_register() to ensure that the initial
      statistics are sent to the counter.
      db0374b5
  12. 11 Jun, 2019 1 commit
  13. 10 Jun, 2019 1 commit
  14. 04 Jun, 2019 5 commits
  15. 03 Jun, 2019 1 commit
    • flypig's avatar
      [connman] Add access control to connman-vpn dbus interface. Contributes to JB#45379 · 9c30b7d1
      flypig authored
      Currently access to the connman-vpn dbus interfaces (connection and
      manager) are controlled only by the policy config, which sets `<policy
      at_console="true">`, allowing access to all users.
      
      This change adds internal access control to the connection dbus
      interface, which is configurable using a similar plugin approach as the
      existing access method implemented for connman. It also adds a
      Sailfish-specific plugin that blocks access for non-privileged users
      base on a policy file installed at /etc/connman/vpn-dbus-access.conf.
      
      The exceptions are the GetProperties and GetConnections dbus methods
      which are available to all users (including nemo).
      
      This Sailfish configuration is needed for MDM, to prevent users from
      being able to connect to and disconnect from VPNs when this capability
      is being restricted by the MDM policy.
      9c30b7d1
  16. 29 May, 2019 5 commits