diff --git a/src/firewall-manager/nm-firewall-manager.c b/src/firewall-manager/nm-firewall-manager.c index b3908e3cd..a278844c3 100644 --- a/src/firewall-manager/nm-firewall-manager.c +++ b/src/firewall-manager/nm-firewall-manager.c @@ -25,8 +25,7 @@ #include "nm-firewall-manager.h" #include "nm-dbus-manager.h" #include "nm-logging.h" - -#define DBUS_TYPE_G_STRING_VALUE_HASHTABLE (dbus_g_type_get_map ("GHashTable", G_TYPE_STRING, G_TYPE_VALUE)) +#include "nm-dbus-glib-types.h" #define NM_FIREWALL_MANAGER_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), \ NM_TYPE_FIREWALL_MANAGER, \ @@ -62,21 +61,20 @@ nm_firewall_manager_add_to_zone (NMFirewallManager *self, DBusGProxyCall * call = NULL; if (nm_firewall_manager_available (self)) { - nm_log_dbg (LOGD_DEVICE, "telling firewall to add ip_iface: %s to zone: %s", ip_iface, zone ); - call = dbus_g_proxy_begin_call_with_timeout(priv->proxy, - "AddInterface", - callback, - callback_data, /* NMDevice */ - NULL, /* destroy callback_data */ - 10000, /* timeout */ - G_TYPE_STRING, ip_iface, - G_TYPE_STRING, zone, - DBUS_TYPE_G_STRING_VALUE_HASHTABLE, NULL, /* a{sv}:options */ - G_TYPE_INVALID); - } - else { - nm_log_dbg (LOGD_DEVICE, "firewall isn't running."); - callback(NULL, NULL, callback_data); + nm_log_dbg (LOGD_DEVICE, "(%s) adding to firewall zone: %s", ip_iface, zone ); + call = dbus_g_proxy_begin_call_with_timeout (priv->proxy, + "AddInterface", + callback, + callback_data, /* NMDevice */ + NULL, /* destroy callback_data */ + 10000, /* timeout */ + G_TYPE_STRING, ip_iface, + G_TYPE_STRING, zone ? zone : "", + DBUS_TYPE_G_MAP_OF_VARIANT, NULL, /* a{sv}:options */ + G_TYPE_INVALID); + } else { + nm_log_dbg (LOGD_DEVICE, "Firewall zone add skipped because firewall isn't running"); + callback (NULL, NULL, callback_data); } return call; @@ -86,7 +84,7 @@ void nm_firewall_manager_cancel_add (NMFirewallManager *self, DBusGProxyCall * f { NMFirewallManagerPrivate *priv = NM_FIREWALL_MANAGER_GET_PRIVATE (self); - dbus_g_proxy_cancel_call(priv->proxy, fw_call); + dbus_g_proxy_cancel_call (priv->proxy, fw_call); } gboolean @@ -125,10 +123,10 @@ name_owner_changed (NMDBusManager *dbus_mgr, return; if (!old_owner_good && new_owner_good) { - nm_log_info (LOGD_DEVICE, "firewall started"); + nm_log_dbg (LOGD_DEVICE, "firewall started"); set_running (self, TRUE); } else if (old_owner_good && !new_owner_good) { - nm_log_info (LOGD_DEVICE, "firewall stopped"); + nm_log_dbg (LOGD_DEVICE, "firewall stopped"); set_running (self, FALSE); } } diff --git a/src/nm-device.c b/src/nm-device.c index 4612a3342..ebbf5570a 100644 --- a/src/nm-device.c +++ b/src/nm-device.c @@ -2443,29 +2443,23 @@ ip4_add_to_zone_cb (DBusGProxy *proxy, DBusGProxyCall *call_id, gpointer user_da error && error->message ? error->message : "(unknown)"); g_clear_error (&error); - /* - * TODO: do we need to do anything else here ? - */ - } else { - /* ip_iface was correctly added to zone by firewall */ + /* FIXME: fail the device activation? */ } - } else { - /* firewall isn't running or we couldn't determine zone */ } activation_source_schedule (self, nm_device_activate_ip4_config_commit, AF_INET); nm_log_info (LOGD_DEVICE | LOGD_IP4, - "Activation (%s) Stage 5 of 5 (IPv4 Configure Commit) scheduled...", - nm_device_get_iface (self)); + "Activation (%s) Stage 5 of 5 (IPv4 Configure Commit) scheduled...", + nm_device_get_iface (self)); } void nm_device_activate_schedule_ip4_config_result (NMDevice *self, NMIP4Config *config) { NMDevicePrivate *priv; - NMConnection *connection; - NMSettingConnection *s_con; + NMConnection *connection = NULL; + NMSettingConnection *s_con = NULL; g_return_if_fail (NM_IS_DEVICE (self)); @@ -2583,29 +2577,23 @@ ip6_add_to_zone_cb (DBusGProxy *proxy, DBusGProxyCall *call_id, gpointer user_da error && error->message ? error->message : "(unknown)"); g_clear_error (&error); - /* - * TODO: do we need to do anything else here ? - */ - } else { - /* ip_iface was correctly added to zone by firewall */ + /* FIXME: fail the device activation? */ } - } else { - /* firewall isn't running or we couldn't determine zone */ } activation_source_schedule (self, nm_device_activate_ip6_config_commit, AF_INET6); - nm_log_info (LOGD_DEVICE | LOGD_IP4, - "Activation (%s) Stage 5 of 5 (IPv6 Commit) scheduled...", - nm_device_get_iface (self)); + nm_log_info (LOGD_DEVICE | LOGD_IP6, + "Activation (%s) Stage 5 of 5 (IPv6 Commit) scheduled...", + nm_device_get_iface (self)); } void nm_device_activate_schedule_ip6_config_result (NMDevice *self, NMIP6Config *config) { NMDevicePrivate *priv; - NMConnection *connection; - NMSettingConnection *s_con; + NMConnection *connection = NULL; + NMSettingConnection *s_con = NULL; g_return_if_fail (NM_IS_DEVICE (self)); diff --git a/src/nm-policy.c b/src/nm-policy.c index efe0a00e6..3e70cc926 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -971,13 +971,10 @@ reset_connections_retries (gpointer user_data) static NMConnection * get_device_connection (NMDevice *device) { - NMActRequest *req; + NMActRequest *req = NULL; req = nm_device_get_act_request (device); - if (!req) - return NULL; - - return nm_act_request_get_connection (req); + return req ? nm_act_request_get_connection (req) : NULL; } static void @@ -1207,44 +1204,40 @@ add_to_zone_cb (DBusGProxy *proxy, DBusGProxyCall *call_id, void *user_data) { + NMDevice *device = NM_DEVICE (user_data); GError *error = NULL; - if (!proxy || !call_id) - return; + if (proxy && call_id) { + if (!dbus_g_proxy_end_call (proxy, call_id, &error, G_TYPE_INVALID)) { + nm_log_warn (LOGD_DEVICE, "(%s) addition to firewall zone failed: (%d) %s", + nm_device_get_ip_iface (device), + error ? error->code : -1, + error && error->message ? error->message : "(unknown)"); + g_clear_error (&error); - if (!dbus_g_proxy_end_call (proxy, call_id, &error, G_TYPE_INVALID)) { - nm_log_warn (LOGD_DEVICE, "adding iface to zone failed: (%d) %s", - error ? error->code : -1, - error && error->message ? error->message : "(unknown)"); - g_clear_error (&error); - - /* TODO: do we need to do anything else here ? */ + /* FIXME: fail connection since firewall zone add failed? */ + } } - + g_object_unref (device); } static void inform_firewall_about_zone (NMPolicy * policy, NMConnection *connection) { - NMSettingConnection *s_con = nm_connection_get_setting_connection(connection); - const char *zone = nm_setting_connection_get_zone(s_con); - const char *uuid = nm_setting_connection_get_uuid(s_con); + NMSettingConnection *s_con = nm_connection_get_setting_connection (connection); GSList *iter, *devices; - if (!zone) - return; - devices = nm_manager_get_devices (policy->manager); for (iter = devices; iter; iter = g_slist_next (iter)) { NMDevice *dev = NM_DEVICE (iter->data); - NMConnection *dev_connection = get_device_connection (dev); - if (g_strcmp0 (uuid, nm_connection_get_uuid (dev_connection)) == 0) { + + if (get_device_connection (dev) == connection) { nm_firewall_manager_add_to_zone (policy->fw_manager, - nm_device_get_ip_iface(dev), - zone, + nm_device_get_ip_iface (dev), + nm_setting_connection_get_zone (s_con), add_to_zone_cb, - NULL); + g_object_ref (dev)); } } }