diff options
Diffstat (limited to 'src/nm-policy.c')
| -rw-r--r-- | src/nm-policy.c | 140 |
1 files changed, 79 insertions, 61 deletions
diff --git a/src/nm-policy.c b/src/nm-policy.c index 0dc4d80e22..7f8c665c30 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -1242,23 +1242,26 @@ auto_activate_device (NMPolicy *self, /* Find the first connection that should be auto-activated */ best_connection = NULL; for (i = 0; i < len; i++) { - NMSettingsConnection *candidate = NM_SETTINGS_CONNECTION (connections[i]); + NMSettingsConnection *candidate = connections[i]; + NMConnection *cand_conn; NMSettingConnection *s_con; const char *permission; if (nm_settings_connection_autoconnect_is_blocked (candidate)) continue; - s_con = nm_connection_get_setting_connection (NM_CONNECTION (candidate)); + cand_conn = nm_settings_connection_get_connection (candidate); + + s_con = nm_connection_get_setting_connection (cand_conn); if (!nm_setting_connection_get_autoconnect (s_con)) continue; - permission = nm_utils_get_shared_wifi_permission (NM_CONNECTION (candidate)); + permission = nm_utils_get_shared_wifi_permission (cand_conn); if ( permission && !nm_settings_connection_check_permission (candidate, permission)) continue; - if (nm_device_can_auto_connect (device, (NMConnection *) candidate, &specific_object)) { + if (nm_device_can_auto_connect (device, candidate, &specific_object)) { best_connection = candidate; break; } @@ -1441,34 +1444,36 @@ reset_autoconnect_all (NMPolicy *self, connections = nm_settings_get_connections (priv->settings, NULL); for (i = 0; connections[i]; i++) { - NMSettingsConnection *connection = connections[i]; + NMSettingsConnection *sett_conn = connections[i]; if ( device - && !nm_device_check_connection_compatible (device, NM_CONNECTION (connection), NULL)) + && !nm_device_check_connection_compatible (device, + nm_settings_connection_get_connection (sett_conn), + NULL)) continue; if (only_no_secrets) { /* we only reset the no-secrets blocked flag. */ - if (nm_settings_connection_autoconnect_blocked_reason_set (connection, + if (nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS, FALSE)) { /* maybe the connection is still blocked afterwards for other reasons * and in the larger picture nothing changed. But it's too complicated * to find out exactly. Just assume, something changed to be sure. */ - if (!nm_settings_connection_autoconnect_is_blocked (connection)) + if (!nm_settings_connection_autoconnect_is_blocked (sett_conn)) changed = TRUE; } } else { /* we reset the tries-count and any blocked-reason */ - if (nm_settings_connection_autoconnect_retries_get (connection) == 0) + if (nm_settings_connection_autoconnect_retries_get (sett_conn) == 0) changed = TRUE; - nm_settings_connection_autoconnect_retries_reset (connection); + nm_settings_connection_autoconnect_retries_reset (sett_conn); - if (nm_settings_connection_autoconnect_blocked_reason_set (connection, + if (nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_ALL & ~NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_USER_REQUEST, FALSE)) { - if (!nm_settings_connection_autoconnect_is_blocked (connection)) + if (!nm_settings_connection_autoconnect_is_blocked (sett_conn)) changed = TRUE; } } @@ -1589,7 +1594,9 @@ static void activate_slave_connections (NMPolicy *self, NMDevice *device) { NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (self); - const char *master_device, *master_uuid_settings = NULL, *master_uuid_applied = NULL; + const char *master_device; + const char *master_uuid_settings = NULL; + const char *master_uuid_applied = NULL; guint i; NMActRequest *req; gboolean internal_activation = FALSE; @@ -1601,16 +1608,18 @@ activate_slave_connections (NMPolicy *self, NMDevice *device) req = nm_device_get_act_request (device); if (req) { - NMConnection *con; + NMConnection *connection; + NMSettingsConnection *sett_conn; NMAuthSubject *subject; - con = nm_active_connection_get_applied_connection (NM_ACTIVE_CONNECTION (req)); - if (con) - master_uuid_applied = nm_connection_get_uuid (con); - con = NM_CONNECTION (nm_active_connection_get_settings_connection (NM_ACTIVE_CONNECTION (req))); - if (con) { - master_uuid_settings = nm_connection_get_uuid (con); - if (!g_strcmp0 (master_uuid_settings, master_uuid_applied)) + connection = nm_active_connection_get_applied_connection (NM_ACTIVE_CONNECTION (req)); + if (connection) + master_uuid_applied = nm_connection_get_uuid (connection); + + sett_conn = nm_active_connection_get_settings_connection (NM_ACTIVE_CONNECTION (req)); + if (sett_conn) { + master_uuid_settings = nm_settings_connection_get_uuid (sett_conn); + if (nm_streq0 (master_uuid_settings, master_uuid_applied)) master_uuid_settings = NULL; } @@ -1621,11 +1630,11 @@ activate_slave_connections (NMPolicy *self, NMDevice *device) changed = FALSE; connections = nm_settings_get_connections (priv->settings, NULL); for (i = 0; connections[i]; i++) { - NMSettingsConnection *connection = connections[i]; + NMSettingsConnection *sett_conn = connections[i]; NMSettingConnection *s_slave_con; const char *slave_master; - s_slave_con = nm_connection_get_setting_connection (NM_CONNECTION (connection)); + s_slave_con = nm_connection_get_setting_connection (nm_settings_connection_get_connection (sett_conn)); slave_master = nm_setting_connection_get_master (s_slave_con); if (!slave_master) continue; @@ -1635,14 +1644,14 @@ activate_slave_connections (NMPolicy *self, NMDevice *device) continue; if (!internal_activation) { - if (nm_settings_connection_autoconnect_retries_get (connection) == 0) + if (nm_settings_connection_autoconnect_retries_get (sett_conn) == 0) changed = TRUE; - nm_settings_connection_autoconnect_retries_reset (connection); + nm_settings_connection_autoconnect_retries_reset (sett_conn); } - if (nm_settings_connection_autoconnect_blocked_reason_set (connection, + if (nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED, FALSE)) { - if (!nm_settings_connection_autoconnect_is_blocked (connection)) + if (!nm_settings_connection_autoconnect_is_blocked (sett_conn)) changed = TRUE; } } @@ -1658,7 +1667,6 @@ activate_secondary_connections (NMPolicy *self, { NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (self); NMSettingConnection *s_con; - NMSettingsConnection *settings_con; NMActiveConnection *ac; PendingSecondaryData *secondary_data; GSList *secondary_ac_list = NULL; @@ -1667,22 +1675,25 @@ activate_secondary_connections (NMPolicy *self, gboolean success = TRUE; s_con = nm_connection_get_setting_connection (connection); - g_assert (s_con); + nm_assert (s_con); for (i = 0; i < nm_setting_connection_get_num_secondaries (s_con); i++) { + NMSettingsConnection *sett_conn; const char *sec_uuid = nm_setting_connection_get_secondary (s_con, i); NMActRequest *req; - settings_con = nm_settings_get_connection_by_uuid (priv->settings, sec_uuid); - if (!settings_con) { + sett_conn = nm_settings_get_connection_by_uuid (priv->settings, sec_uuid); + if (!sett_conn) { _LOGW (LOGD_DEVICE, "secondary connection '%s' auto-activation failed: The connection doesn't exist.", sec_uuid); success = FALSE; break; } - if (!nm_connection_is_type (NM_CONNECTION (settings_con), NM_SETTING_VPN_SETTING_NAME)) { + + if (!nm_connection_is_type (nm_settings_connection_get_connection (sett_conn), + NM_SETTING_VPN_SETTING_NAME)) { _LOGW (LOGD_DEVICE, "secondary connection '%s (%s)' auto-activation failed: The connection is not a VPN.", - nm_settings_connection_get_id (settings_con), sec_uuid); + nm_settings_connection_get_id (sett_conn), sec_uuid); success = FALSE; break; } @@ -1691,10 +1702,10 @@ activate_secondary_connections (NMPolicy *self, g_assert (req); _LOGD (LOGD_DEVICE, "activating secondary connection '%s (%s)' for base connection '%s (%s)'", - nm_settings_connection_get_id (settings_con), sec_uuid, + nm_settings_connection_get_id (sett_conn), sec_uuid, nm_connection_get_id (connection), nm_connection_get_uuid (connection)); ac = nm_manager_activate_connection (priv->manager, - settings_con, + sett_conn, NULL, nm_dbus_object_get_path (NM_DBUS_OBJECT (req)), device, @@ -1706,7 +1717,7 @@ activate_secondary_connections (NMPolicy *self, secondary_ac_list = g_slist_append (secondary_ac_list, g_object_ref (ac)); else { _LOGW (LOGD_DEVICE, "secondary connection '%s (%s)' auto-activation failed: (%d) %s", - nm_settings_connection_get_id (settings_con), sec_uuid, + nm_settings_connection_get_id (sett_conn), sec_uuid, error->code, error->message); g_clear_error (&error); @@ -1734,7 +1745,7 @@ device_state_changed (NMDevice *device, NMPolicyPrivate *priv = user_data; NMPolicy *self = _PRIV_TO_SELF (priv); NMActiveConnection *ac; - NMSettingsConnection *connection = nm_device_get_settings_connection (device); + NMSettingsConnection *sett_conn = nm_device_get_settings_connection (device); NMIP4Config *ip4_config; NMIP6Config *ip6_config; NMSettingConnection *s_con = NULL; @@ -1752,8 +1763,8 @@ device_state_changed (NMDevice *device, /* Block autoconnect of the just-failed connection for situations * where a retry attempt would just fail again. */ - if (connection) { - nm_settings_connection_autoconnect_blocked_reason_set (connection, + if (sett_conn) { + nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED, TRUE); } @@ -1767,7 +1778,7 @@ device_state_changed (NMDevice *device, /* Mark the connection invalid if it failed during activation so that * it doesn't get automatically chosen over and over and over again. */ - if ( connection + if ( sett_conn && old_state >= NM_DEVICE_STATE_PREPARE && old_state <= NM_DEVICE_STATE_ACTIVATED) { gboolean block_no_secrets = FALSE; @@ -1788,7 +1799,7 @@ device_state_changed (NMDevice *device, * That can happen when nm_settings_connection_get_secrets() fails early without actually * consulting any agents. */ - con_v = nm_settings_connection_get_last_secret_agent_version_id (connection); + con_v = nm_settings_connection_get_last_secret_agent_version_id (sett_conn); if ( con_v == 0 || con_v == nm_agent_manager_get_agent_version_id (priv->agent_mgr)) block_no_secrets = TRUE; @@ -1796,33 +1807,35 @@ device_state_changed (NMDevice *device, if (block_no_secrets) { _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to no secrets", - nm_settings_connection_get_id (connection)); - nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS, TRUE); + nm_settings_connection_get_id (sett_conn)); + nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS, TRUE); } else { - tries = nm_settings_connection_autoconnect_retries_get (connection); + tries = nm_settings_connection_autoconnect_retries_get (sett_conn); if (tries > 0) { _LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; %d tries left", - nm_settings_connection_get_id (connection), tries - 1); - _connection_autoconnect_retries_set (self, connection, tries - 1); + nm_settings_connection_get_id (sett_conn), tries - 1); + _connection_autoconnect_retries_set (self, sett_conn, tries - 1); } else if (tries != 0) { _LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; infinite tries left", - nm_settings_connection_get_id (connection)); + nm_settings_connection_get_id (sett_conn)); } } - nm_connection_clear_secrets (NM_CONNECTION (connection)); + /* FIXME(copy-on-write-connection): avoid modifying NMConnection instances and share them via copy-on-write. */ + nm_connection_clear_secrets (nm_settings_connection_get_connection (sett_conn)); } break; case NM_DEVICE_STATE_ACTIVATED: - if (connection) { + if (sett_conn) { /* Reset auto retries back to default since connection was successful */ - nm_settings_connection_autoconnect_retries_reset (connection); + nm_settings_connection_autoconnect_retries_reset (sett_conn); /* And clear secrets so they will always be requested from the * settings service when the next connection is made. */ - nm_connection_clear_secrets (NM_CONNECTION (connection)); + /* FIXME(copy-on-write-connection): avoid modifying NMConnection instances and share them via copy-on-write. */ + nm_connection_clear_secrets (nm_settings_connection_get_connection (sett_conn)); } /* Add device's new IPv4 and IPv6 configs to DNS */ @@ -1846,7 +1859,7 @@ device_state_changed (NMDevice *device, update_routing_and_dns (self, FALSE); break; case NM_DEVICE_STATE_DEACTIVATING: - if (connection) { + if (sett_conn) { NMSettingsAutoconnectBlockedReason blocked_reason = NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE; switch (nm_device_state_reason_check (reason)) { @@ -1861,10 +1874,10 @@ device_state_changed (NMDevice *device, } if (blocked_reason != NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NONE) { _LOGD (LOGD_DEVICE, "blocking autoconnect of connection '%s': %s", - nm_settings_connection_get_id (connection), + nm_settings_connection_get_id (sett_conn), NM_UTILS_LOOKUP_STR (nm_device_state_reason_to_str, nm_device_state_reason_check (reason))); - nm_settings_connection_autoconnect_blocked_reason_set (connection, blocked_reason, TRUE); + nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, blocked_reason, TRUE); } } ip6_remove_device_prefix_delegations (self, device); @@ -1900,20 +1913,25 @@ device_state_changed (NMDevice *device, break; case NM_DEVICE_STATE_IP_CONFIG: /* We must have secrets if we got here. */ - if (connection) - nm_settings_connection_autoconnect_blocked_reason_set (connection, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_ALL, FALSE); + if (sett_conn) + nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_ALL, FALSE); break; case NM_DEVICE_STATE_SECONDARIES: - if (connection) - s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection)); - if (s_con && nm_setting_connection_get_num_secondaries (s_con) > 0) { + if (sett_conn) + s_con = nm_connection_get_setting_connection (nm_settings_connection_get_connection (sett_conn)); + if ( s_con + && nm_setting_connection_get_num_secondaries (s_con) > 0) { /* Make routes and DNS up-to-date before activating dependent connections */ update_routing_and_dns (self, FALSE); /* Activate secondary (VPN) connections */ - if (!activate_secondary_connections (self, NM_CONNECTION (connection), device)) - nm_device_queue_state (device, NM_DEVICE_STATE_FAILED, + if (!activate_secondary_connections (self, + nm_settings_connection_get_connection (sett_conn), + device)) { + nm_device_queue_state (device, + NM_DEVICE_STATE_FAILED, NM_DEVICE_STATE_REASON_SECONDARY_CONNECTION_FAILED); + } } else nm_device_queue_state (device, NM_DEVICE_STATE_ACTIVATED, NM_DEVICE_STATE_REASON_NONE); |