| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
For refactoring the dnsproxy codebase using C99 language features will
come in handy (mostly for using more localized variable declarations).
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replace most of the fork/exec and output parsing with usage of
libopenconnect for authentication. The actual connection establishment
is still done by calling the openconnect binary using the token obtained
via the use of the library.
The library has a proprietary main loop and provides only a synchronous
API, which is worked around by using a thread to run the authentication.
Events from the library are delegated to the main thread via main loop.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
mnlg.c and mnlg.h are a copy from iproute2.
The call to nl_dump_ext_ack() and nl_dump_ext_ack_done() have been
removed from the code to avoid additional dependencies.
git://git.kernel.org/pub/scm/network/iproute2/iproute2.git
d035cc1b4e83e2589ea2115cdc2fa7c6d3693a5a
The helpers are needed for the WireGuard VPN plugin.
|
|
|
|
| |
Add an empty new plugin for WireGuard support.
|
|
|
|
|
| |
Instead searching for libmnl and nftables in one test, split into two
seperate tests. We need libmnl for WireGuard too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a DHCP ACK is received with non-UTF-8 data set as hostname or
domain-name option connman will crash on a D-Bus assert. This patch
sanitizes data in service.c and only allows ASCII characters (since
they shouldn't be anything else) for __connman_service_set_hostname()
and __connman_service_set_domainname().
Since the fix involves using g_str_is_ascii() we also need to bump
Glib dependency to 2.40 (which was released in March 2014).
See also
- IETF RFC 1123 ⟨http://www.ietf.org/rfc/rfc1123.txt⟩
- IETF RFC 1178 ⟨http://www.ietf.org/rfc/rfc1178.txt⟩
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds tests for IPv6 enabled iptables. The tests are
identical to the existing iptables tests, except IPv6 "nat" table rules
are not tested as IPv6 NAT is not enabled.
Also a test tool for IPv6 iptables (ip6tables-test) has been added,
which is a clone of iptables-test. iptables-test.c has been modified to
support the changes in iptables.c.
Added ip6tables-save program to configure.ac and use of it in
Makefile.am for the updated iptables-unit test.
|
|
|
|
|
|
|
| |
Instead of assuming that just glibc has this structure, check for it
at configure as musl also has it.
Based on work by Khem Raj <raj.khem@gmail.com>.
|
|
|
|
|
|
|
| |
Instead of using #define _GNU_SOURCE in some source files which causes
problems when building with musl as more files need the define, simply
use AC_USE_SYSTEM_EXTENSIONS in configure.ac to get it defined
globally.
|
| |
|
|
|
|
|
|
|
|
| |
Generation of interface statistics files can now be controlled at
compile-time using the --{enable,disable}-stats configure options.
Statistics files remain enabled by default.
Based on an idea by Feng Wang <wangfe@nestlabs.com>.
|
|
|
|
|
|
|
| |
The default location for DBus policy files should be
/usr/share/dbus-1/system.d and the corresponding directory under /etc
should be reserved for administrative changes to default/packaged
settings. This removes a dependency of connman on a populated /etc.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During configure, use --with-dns-backend to declare which DNS backend
you want to use during build. The two options available are "internal"
and "systemd-resolved".
The internal backend works as previously. The systemd-resolved backend
configures systemd-resolved over D-Bus.
The "-r" command line option for connmand still works. It means that the
DNS servers (either internal DNS proxy or systemd-resolved) aren't used,
and instead connmand just updates /etc/resolv.conf file.
|
| |
|
| |
|
|
|
|
|
| |
The plugin is disabled by default. The upstream project hasn't released
any version so far.
|
|
|
|
|
| |
Introduce --with-firewall configuration flag which is on default
iptables. You can enable nftables by providing --with-firewall=nftables.
|
|
|
|
|
|
|
|
| |
There is little point in keeping the orignal firewall implementation.
It is designed based on iptables.c API. For nftables it is just
better to start from fresh. The gives the necessary freedom to really
exploit the nftables API without fearing to break the working iptables
implementation. That should also make testing considerable more simpler.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not all toolchains have execinfo.h and backtrace(). For example,
support for it is optional in uClibc, while it is entirely missing
from musl.
In glibc, execinfo.h only declares backtrace() and no other function,
so we can rely on its presence/abscence to determine if we can use
backtrace().
We fix that by:
- adding a ./configure check for execinfo.h;
- moving backtrace to its own file;
- compiling backtrace.c only when execinfo.h was found.
|
| |
|
|
|
|
|
| |
Add tmpfiles.d support for creating the directory
[/var]/run/connman/ an making a link from /etc/resolv.conf.
|
|
|
|
|
| |
Provide an m4 macro defining runstatedir as $(localstatedir)/var. This
applies to automake versions < 2.70.
|
| |
|
| |
|
|
|
|
| |
User can set the path to client binary using --with-pptp option.
|
|
|
|
| |
User can set the path to client binary using --with-l2tp option.
|
|
|
|
|
|
|
|
| |
This solves the problem of '496f134ac1001dd2af17b1ee7172643be80edbae'
for all the generated files, while trying to be safe against partially
expanded variables.
[Patrik: Added init script handling to EXTRA_DIST and BUILT_SOURCES]
|
|
|
|
|
|
|
|
|
|
| |
This is because @sbindir@ is defined in terms of ${exec_prefix}, which
will cause this unexpanded variable to appear in the final .service file
causing connman systemd service to be unable to be loaded.
This problem is referenced (along with a suggested way to avoid it) here:
http://www.gnu.org/software/automake/manual/html_node/Scripts.html#Scripts
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Add D-Bus autostart support also for connmand but do not install the
file by default.
|
|
|
|
|
|
|
|
| |
Move Linux Gadget, i.e. USB client, device support into a separate
plug-in instead of being combined with the Ethernet plug-in. Change
the prefix of several ethernet driver function names to be more
consistent with the underlying driver (e.g. cable_ -> eth_network_,
ethernet_ -> eth_dev_, eth_ -> eth_tech_).
|
| |
|
|
|
|
|
|
| |
The gtk-doc documentation isn't buildable because the makefiles were
not hooked up, and after fixing that the documentation has bitrotted
sufficiently that it's not useful.
|
| |
|
| |
|
| |
|
| |
|