colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9bc9fde5066fd3fd00eeb3258f8e4700d8670706
NetworkManager/src/core/settings/nm-settings-connection.c
Thomas Haller 9bc9fde506 settings: refactor error handling in update_auth_cb()
2023-06-26 10:35:35 +02:00

2883 lines
111 KiB
C
Raw Blame History

/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
* Copyright (C) 2008 Novell, Inc.
* Copyright (C) 2008 - 2014 Red Hat, Inc.
*/
#include "src/core/nm-default-daemon.h"
#include "nm-settings-connection.h"
#include "c-list/src/c-list.h"
#include "libnm-glib-aux/nm-keyfile-aux.h"
#include "libnm-glib-aux/nm-c-list.h"
#include "libnm-core-aux-intern/nm-common-macros.h"
#include "nm-config.h"
#include "nm-config-data.h"
#include "nm-dbus-interface.h"
#include "nm-session-monitor.h"
#include "nm-auth-manager.h"
#include "nm-auth-utils.h"
#include "nm-agent-manager.h"
#include "NetworkManagerUtils.h"
#include "libnm-core-intern/nm-core-internal.h"
#include "nm-audit-manager.h"
#include "nm-settings.h"
#include "nm-manager.h"
#include "nm-dbus-manager.h"
#include "settings/plugins/keyfile/nms-keyfile-storage.h"
#define SEEN_BSSIDS_MAX 30
#define _NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES \
((NMSettingsUpdate2Flags) (NM_SETTINGS_UPDATE2_FLAG_TO_DISK \
| NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY \
| NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_DETACHED \
| NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_ONLY))
/*****************************************************************************/
NMConnection **
nm_settings_connections_array_to_connections(NMSettingsConnection *const *connections,
gssize n_connections)
{
NMConnection **arr;
gssize i;
if (n_connections < 0)
n_connections = NM_PTRARRAY_LEN(connections);
if (n_connections == 0)
return NULL;
arr = g_new(NMConnection *, n_connections + 1);
for (i = 0; i < n_connections; i++)
arr[i] = nm_settings_connection_get_connection(connections[i]);
arr[i] = NULL;
return arr;
}
/*****************************************************************************/
typedef struct {
char bssid[sizeof(NMEtherAddr) * 3];
CList seen_bssids_lst;
} SeenBssidEntry;
static inline SeenBssidEntry *
_seen_bssid_entry_init_stale(SeenBssidEntry *entry, const NMEtherAddr *bssid_bin)
{
_nm_utils_hwaddr_ntoa(bssid_bin, sizeof(NMEtherAddr), TRUE, entry->bssid, sizeof(entry->bssid));
return entry;
}
static inline SeenBssidEntry *
_seen_bssid_entry_new_stale_bin(const NMEtherAddr *bssid_bin)
{
return _seen_bssid_entry_init_stale(g_slice_new(SeenBssidEntry), bssid_bin);
}
static inline SeenBssidEntry *
_seen_bssid_entry_new_stale_copy(const SeenBssidEntry *src)
{
SeenBssidEntry *entry;
entry = g_slice_new(SeenBssidEntry);
memcpy(entry->bssid, src->bssid, sizeof(entry->bssid));
return entry;
}
static void
_seen_bssid_entry_free(gpointer data)
{
SeenBssidEntry *entry = data;
c_list_unlink_stale(&entry->seen_bssids_lst);
nm_g_slice_free(entry);
}
/*****************************************************************************/
static GHashTable *
_seen_bssids_hash_new(void)
{
return g_hash_table_new_full(nm_str_hash,
g_str_equal,
(GDestroyNotify) _seen_bssid_entry_free,
NULL);
}
/*****************************************************************************/
NM_GOBJECT_PROPERTIES_DEFINE(NMSettingsConnection, PROP_UNSAVED, PROP_FLAGS, PROP_FILENAME, );
enum { UPDATED_INTERNAL, FLAGS_CHANGED, LAST_SIGNAL };
static guint signals[LAST_SIGNAL] = {0};
typedef struct _NMSettingsConnectionPrivate {
NMSettings *settings;
NMKeyFileDB *kf_db_timestamps;
NMKeyFileDB *kf_db_seen_bssids;
NMAgentManager *agent_mgr;
/* List of pending authentication requests */
CList auth_lst_head;
CList call_ids_lst_head; /* in-progress secrets requests */
NMConnection *connection;
struct {
NMConnectionSerializationOptions options;
GVariant *variant;
} getsettings_cached;
NMSettingsStorage *storage;
char *filename;
NMDevice *default_wired_device;
/* Caches secrets from agents during the activation process; if new system
* secrets are returned from an agent, they get written out to disk,
* triggering a re-read of the connection, which reads only system
* secrets, and would wipe out any agent-owned or not-saved secrets the
* agent also returned.
*/
GVariant *agent_secrets;
CList seen_bssids_lst_head;
GHashTable *seen_bssids_hash;
guint64 timestamp; /* Up-to-date timestamp of connection use */
guint64 last_secret_agent_version_id;
bool timestamp_set : 1;
NMSettingsAutoconnectBlockedReason autoconnect_blocked_reason : 4;
NMSettingsConnectionIntFlags flags : 5;
} NMSettingsConnectionPrivate;
struct _NMSettingsConnectionClass {
NMDBusObjectClass parent;
};
G_DEFINE_TYPE(NMSettingsConnection, nm_settings_connection, NM_TYPE_DBUS_OBJECT)
#define NM_SETTINGS_CONNECTION_GET_PRIVATE(self) \
_NM_GET_PRIVATE_PTR(self, NMSettingsConnection, NM_IS_SETTINGS_CONNECTION)
/*****************************************************************************/
#define _NMLOG_DOMAIN LOGD_SETTINGS
#define _NMLOG_PREFIX_NAME "settings-connection"
#define _NMLOG(level, ...) \
G_STMT_START \
{ \
const NMLogLevel __level = (level); \
\
if (nm_logging_enabled(__level, _NMLOG_DOMAIN)) { \
char __prefix[128]; \
const char *__p_prefix = _NMLOG_PREFIX_NAME; \
const char *__uuid = (self) ? nm_settings_connection_get_uuid(self) : NULL; \
\
if (self) { \
g_snprintf(__prefix, \
sizeof(__prefix), \
"%s[" NM_HASH_OBFUSCATE_PTR_FMT "%s%s]", \
_NMLOG_PREFIX_NAME, \
NM_HASH_OBFUSCATE_PTR(self), \
__uuid ? "," : "", \
__uuid ?: ""); \
__p_prefix = __prefix; \
} \
_nm_log(__level, \
_NMLOG_DOMAIN, \
0, \
NULL, \
__uuid, \
"%s: " _NM_UTILS_MACRO_FIRST(__VA_ARGS__), \
__p_prefix _NM_UTILS_MACRO_REST(__VA_ARGS__)); \
} \
} \
G_STMT_END
/*****************************************************************************/
static const GDBusSignalInfo signal_info_updated;
static const GDBusSignalInfo signal_info_removed;
static const NMDBusInterfaceInfoExtended interface_info_settings_connection;
static void update_agent_secrets_cache(NMSettingsConnection *self, NMConnection *new);
static guint _get_seen_bssids(NMSettingsConnection *self,
const char *strv_buf[static(SEEN_BSSIDS_MAX + 1)]);
/*****************************************************************************/
NMSettings *
nm_settings_connection_get_settings(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->settings;
}
NMManager *
nm_settings_connection_get_manager(NMSettingsConnection *self)
{
return nm_settings_get_manager(nm_settings_connection_get_settings(self));
}
/*****************************************************************************/
NMDevice *
nm_settings_connection_default_wired_get_device(NMSettingsConnection *self)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
nm_assert(!priv->default_wired_device || NM_IS_DEVICE(priv->default_wired_device));
return priv->default_wired_device;
}
void
nm_settings_connection_default_wired_set_device(NMSettingsConnection *self, NMDevice *device)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
nm_assert(!priv->default_wired_device || NM_IS_DEVICE(priv->default_wired_device));
nm_assert(!device || NM_IS_DEVICE(device));
nm_assert((!!priv->default_wired_device) != (!!device));
priv->default_wired_device = device;
}
/*****************************************************************************/
NMSettingsStorage *
nm_settings_connection_get_storage(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->storage;
}
void
_nm_settings_connection_set_storage(NMSettingsConnection *self, NMSettingsStorage *storage)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
const char *filename;
nm_assert(NM_IS_SETTINGS_STORAGE(storage));
nm_assert(!priv->storage
|| nm_streq(nm_settings_storage_get_uuid(storage),
nm_settings_storage_get_uuid(priv->storage)));
nm_g_object_ref_set(&priv->storage, storage);
filename = nm_settings_storage_get_filename(priv->storage);
if (!nm_streq0(priv->filename, filename)) {
g_free(priv->filename);
priv->filename = g_strdup(filename);
_notify(self, PROP_FILENAME);
}
}
/*****************************************************************************/
gboolean
nm_settings_connection_still_valid(NMSettingsConnection *self)
{
gboolean valid;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
valid = !c_list_is_empty(&self->_connections_lst);
nm_assert(
valid
== nm_settings_has_connection(NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->settings, self));
return valid;
}
/*****************************************************************************/
static void
_getsettings_cached_clear(NMSettingsConnectionPrivate *priv)
{
if (nm_clear_pointer(&priv->getsettings_cached.variant, g_variant_unref)) {
priv->getsettings_cached.options.timestamp.has = FALSE;
priv->getsettings_cached.options.timestamp.val = 0;
nm_clear_g_free((gpointer *) &priv->getsettings_cached.options.seen_bssids);
}
}
static GVariant *
_getsettings_cached_get(NMSettingsConnection *self, const NMConnectionSerializationOptions *options)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
GVariant *variant;
if (priv->getsettings_cached.variant) {
if (nm_connection_serialization_options_equal(&priv->getsettings_cached.options, options)) {
#if NM_MORE_ASSERTS > 10
gs_unref_variant GVariant *variant2 = NULL;
variant = nm_connection_to_dbus_full(priv->connection,
NM_CONNECTION_SERIALIZE_WITH_NON_SECRET,
options);
nm_assert(variant);
variant2 = g_variant_new("(@a{sa{sv}})", variant);
nm_assert(g_variant_equal(priv->getsettings_cached.variant, variant2));
#endif
return priv->getsettings_cached.variant;
}
_getsettings_cached_clear(priv);
}
nm_assert(!priv->getsettings_cached.options.seen_bssids);
variant = nm_connection_to_dbus_full(priv->connection,
NM_CONNECTION_SERIALIZE_WITH_NON_SECRET,
options);
nm_assert(variant);
priv->getsettings_cached.variant = g_variant_ref_sink(g_variant_new("(@a{sa{sv}})", variant));
priv->getsettings_cached.options = *options;
priv->getsettings_cached.options.seen_bssids =
nm_strv_dup_packed(priv->getsettings_cached.options.seen_bssids, -1);
return priv->getsettings_cached.variant;
}
/*****************************************************************************/
NMConnection *
nm_settings_connection_get_connection(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->connection;
}
gpointer
nm_settings_connection_get_setting(NMSettingsConnection *self, NMMetaSettingType meta_type)
{
NMConnection *connection;
nm_assert(NM_IS_SETTINGS_CONNECTION(self));
connection = NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->connection;
nm_assert(NM_IS_SIMPLE_CONNECTION(connection));
return _nm_connection_get_setting_by_metatype_unsafe(connection, meta_type);
}
void
_nm_settings_connection_set_connection(NMSettingsConnection *self,
NMConnection *new_connection,
NMConnection **out_connection_old,
NMSettingsConnectionUpdateReason update_reason)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
gs_unref_object NMConnection *connection_old = NULL;
nm_assert(NM_IS_CONNECTION(new_connection));
nm_assert(NM_IS_SETTINGS_STORAGE(priv->storage));
nm_assert(nm_streq0(nm_settings_storage_get_uuid(priv->storage),
nm_connection_get_uuid(new_connection)));
nm_assert(!out_connection_old || !*out_connection_old);
if (!priv->connection
|| !nm_connection_compare(priv->connection,
new_connection,
NM_SETTING_COMPARE_FLAG_EXACT)) {
connection_old = priv->connection;
priv->connection = g_object_ref(new_connection);
nm_assert_connection_unchanging(priv->connection);
_getsettings_cached_clear(priv);
_nm_settings_notify_sorted_by_autoconnect_priority_maybe_changed(priv->settings);
/* note that we only return @connection_old if the new connection actually differs from
* before.
*
* So, there are three cases:
*
* - return %NULL when setting the connection the first time.
* - return %NULL if setting a profile with the same content that we already have.
* - return the previous pointer if the connection changed. */
NM_SET_OUT(out_connection_old, g_steal_pointer(&connection_old));
}
if (NM_FLAGS_HAS(update_reason, NM_SETTINGS_CONNECTION_UPDATE_REASON_CLEAR_AGENT_SECRETS))
update_agent_secrets_cache(self, NULL);
else if (NM_FLAGS_HAS(update_reason, NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_AGENT_SECRETS))
update_agent_secrets_cache(self, priv->connection);
}
/*****************************************************************************/
gboolean
nm_settings_connection_has_unmodified_applied_connection(NMSettingsConnection *self,
NMConnection *applied_connection,
NMSettingCompareFlags compare_flags)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
g_return_val_if_fail(NM_IS_CONNECTION(applied_connection), FALSE);
/* for convenience, we *always* ignore certain settings. */
compare_flags |=
NM_SETTING_COMPARE_FLAG_IGNORE_SECRETS | NM_SETTING_COMPARE_FLAG_IGNORE_TIMESTAMP;
return nm_connection_compare(nm_settings_connection_get_connection(self),
applied_connection,
compare_flags);
}
/*****************************************************************************/
guint64
nm_settings_connection_get_last_secret_agent_version_id(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), 0);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->last_secret_agent_version_id;
}
/*****************************************************************************/
gboolean
nm_settings_connection_check_visibility(NMSettingsConnection *self,
NMSessionMonitor *session_monitor)
{
NMSettingConnection *s_con;
guint32 num, i;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
nm_assert(NM_IS_SESSION_MONITOR(session_monitor));
s_con = nm_connection_get_setting_connection(nm_settings_connection_get_connection(self));
/* Check every user in the ACL for a session */
num = nm_setting_connection_get_num_permissions(s_con);
if (num == 0)
return TRUE;
for (i = 0; i < num; i++) {
const char *ptype;
const char *user;
uid_t uid;
if (!nm_setting_connection_get_permission(s_con, i, &ptype, &user, NULL))
continue;
if (!nm_streq(ptype, NM_SETTINGS_CONNECTION_PERMISSION_USER))
continue;
if (!nm_utils_name_to_uid(user, &uid))
continue;
if (!nm_session_monitor_session_exists(session_monitor, uid, FALSE))
continue;
return TRUE;
}
return FALSE;
}
/*****************************************************************************/
/* Return TRUE if any active user in the connection's ACL has the given
* permission without having to authorize for it via PolicyKit. Connections
* visible to everyone automatically pass the check.
*/
gboolean
nm_settings_connection_check_permission(NMSettingsConnection *self, const char *permission)
{
NMSettingsConnectionPrivate *priv;
NMSettingConnection *s_con;
guint32 num, i;
const char *puser;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
if (!NM_FLAGS_HAS(nm_settings_connection_get_flags(self),
NM_SETTINGS_CONNECTION_INT_FLAGS_VISIBLE))
return FALSE;
s_con = nm_connection_get_setting_connection(nm_settings_connection_get_connection(self));
/* Check every user in the ACL for a session */
num = nm_setting_connection_get_num_permissions(s_con);
if (num == 0) {
/* Visible to all so it's OK to auto-activate */
return TRUE;
}
for (i = 0; i < num; i++) {
const char *ptype;
/* For each user get their secret agent and check if that agent has the
* required permission.
*
* FIXME: what if the user isn't running an agent? PolKit needs a bus
* name or a PID but if the user isn't running an agent they won't have
* either.
*/
if (!nm_setting_connection_get_permission(s_con, i, &ptype, &puser, NULL))
continue;
if (!nm_streq(ptype, NM_SETTINGS_CONNECTION_PERMISSION_USER))
continue;
if (nm_agent_manager_has_agent_with_permission(priv->agent_mgr, puser, permission))
return TRUE;
}
return FALSE;
}
/*****************************************************************************/
static void
update_agent_secrets_cache(NMSettingsConnection *self, NMConnection *new)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
gs_unref_variant GVariant *old_secrets = NULL;
old_secrets = g_steal_pointer(&priv->agent_secrets);
if (new) {
priv->agent_secrets = nm_g_variant_ref_sink(
nm_connection_to_dbus(new,
NM_CONNECTION_SERIALIZE_WITH_SECRETS_AGENT_OWNED
| NM_CONNECTION_SERIALIZE_WITH_SECRETS_NOT_SAVED));
}
if (_LOGT_ENABLED()) {
if ((!!old_secrets) != (!!priv->agent_secrets)) {
_LOGT("update agent secrets: secrets %s", old_secrets ? "cleared" : "set");
} else if (priv->agent_secrets && !g_variant_equal(old_secrets, priv->agent_secrets))
_LOGT("update agent secrets: secrets updated");
}
}
static gboolean
_secrets_update(NMConnection *connection,
const char *setting_name,
GVariant *secrets,
NMConnection **out_new_connection,
GError **error)
{
gs_unref_variant GVariant *secrets_setting = NULL;
nm_assert(NM_IS_CONNECTION(connection));
if (setting_name && !nm_connection_get_setting_by_name(connection, setting_name)) {
g_set_error_literal(error,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_SETTING_NOT_FOUND,
setting_name);
return FALSE;
}
if (!secrets)
return TRUE;
nm_assert(g_variant_is_of_type(secrets, NM_VARIANT_TYPE_SETTING)
|| g_variant_is_of_type(secrets, NM_VARIANT_TYPE_CONNECTION));
if (g_variant_n_children(secrets) == 0)
return TRUE;
if (setting_name && g_variant_is_of_type(secrets, NM_VARIANT_TYPE_CONNECTION)) {
secrets_setting = g_variant_lookup_value(secrets, setting_name, NM_VARIANT_TYPE_SETTING);
if (!secrets_setting) {
/* The connection dictionary didn't contain any secrets for
* @setting_name; just return success.
*/
return TRUE;
}
secrets = secrets_setting;
}
/* if @out_new_connection is provided, we don't modify @connection but clone
* and return it. Otherwise, we update @connection inplace. */
if (out_new_connection) {
nm_assert(!*out_new_connection);
connection = nm_simple_connection_new_clone(connection);
*out_new_connection = connection;
}
if (!nm_connection_update_secrets(connection, setting_name, secrets, error))
return FALSE;
return TRUE;
}
gboolean
nm_settings_connection_update(NMSettingsConnection *self,
const char *plugin_name,
NMConnection *new_connection,
NMSettingsConnectionPersistMode persist_mode,
NMSettingsConnectionIntFlags sett_flags,
NMSettingsConnectionIntFlags sett_mask,
NMSettingsConnectionUpdateReason update_reason,
const char *log_context_name,
GError **error)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
return nm_settings_update_connection(NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->settings,
self,
plugin_name,
new_connection,
persist_mode,
sett_flags,
sett_mask,
update_reason,
log_context_name,
error);
}
void
nm_settings_connection_delete(NMSettingsConnection *self, gboolean allow_add_to_no_auto_default)
{
g_return_if_fail(NM_IS_SETTINGS_CONNECTION(self));
nm_settings_delete_connection(NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->settings,
self,
allow_add_to_no_auto_default);
}
/*****************************************************************************/
typedef enum {
CALL_ID_TYPE_REQ,
CALL_ID_TYPE_IDLE,
} CallIdType;
struct _NMSettingsConnectionCallId {
NMSettingsConnection *self;
CList call_ids_lst;
gboolean had_applied_connection;
NMConnection *applied_connection;
NMSettingsConnectionSecretsFunc callback;
gpointer callback_data;
CallIdType type;
union {
struct {
NMAgentManagerCallId id;
} req;
struct {
guint32 id;
GError *error;
} idle;
} t;
};
static void
_get_secrets_info_callback(NMSettingsConnectionCallId *call_id,
const char *agent_username,
const char *setting_name,
GError *error)
{
if (call_id->callback) {
call_id->callback(call_id->self,
call_id,
agent_username,
setting_name,
error,
call_id->callback_data);
}
}
static void
_get_secrets_info_free(NMSettingsConnectionCallId *call_id)
{
g_return_if_fail(call_id && call_id->self);
nm_assert(!c_list_is_linked(&call_id->call_ids_lst));
if (call_id->applied_connection)
g_object_remove_weak_pointer(G_OBJECT(call_id->applied_connection),
(gpointer *) &call_id->applied_connection);
if (call_id->type == CALL_ID_TYPE_IDLE)
g_clear_error(&call_id->t.idle.error);
memset(call_id, 0, sizeof(*call_id));
g_slice_free(NMSettingsConnectionCallId, call_id);
}
typedef struct {
NMSettingSecretFlags required;
NMSettingSecretFlags forbidden;
} ForEachSecretFlags;
static gboolean
validate_secret_flags_cb(NMSettingSecretFlags flags, gpointer user_data)
{
ForEachSecretFlags *cmp_flags = user_data;
if (!NM_FLAGS_ALL(flags, cmp_flags->required))
return FALSE;
if (NM_FLAGS_ANY(flags, cmp_flags->forbidden))
return FALSE;
return TRUE;
}
static GVariant *
validate_secret_flags(NMConnection *connection, GVariant *secrets, ForEachSecretFlags *cmp_flags)
{
return g_variant_ref_sink(_nm_connection_for_each_secret(connection,
secrets,
TRUE,
validate_secret_flags_cb,
cmp_flags));
}
static gboolean
secret_is_system_owned(NMSettingSecretFlags flags, gpointer user_data)
{
return !NM_FLAGS_HAS(flags, NM_SETTING_SECRET_FLAG_AGENT_OWNED);
}
static void
get_cmp_flags(NMSettingsConnection *self, /* only needed for logging */
NMSettingsConnectionCallId *call_id, /* only needed for logging */
NMConnection *connection,
const char *agent_dbus_owner,
gboolean agent_has_modify,
const char *setting_name, /* only needed for logging */
NMSecretAgentGetSecretsFlags flags,
GVariant *secrets,
gboolean *agent_had_system,
ForEachSecretFlags *cmp_flags)
{
gboolean is_self = (nm_settings_connection_get_connection(self) == connection);
g_return_if_fail(secrets);
cmp_flags->required = NM_SETTING_SECRET_FLAG_NONE;
cmp_flags->forbidden = NM_SETTING_SECRET_FLAG_NONE;
*agent_had_system = FALSE;
if (agent_dbus_owner) {
if (is_self) {
_LOGD("(%s:%p) secrets returned from agent %s",
setting_name,
call_id,
agent_dbus_owner);
}
/* If the agent returned any system-owned secrets (initial connect and no
* secrets given when the connection was created, or something like that)
* make sure the agent's UID has the 'modify' permission before we use or
* save those system-owned secrets. If not, discard them and use the
* existing secrets, or fail the connection.
*/
*agent_had_system =
_nm_connection_find_secret(connection, secrets, secret_is_system_owned, NULL);
if (*agent_had_system) {
if (flags == NM_SECRET_AGENT_GET_SECRETS_FLAG_NONE) {
/* No user interaction was allowed when requesting secrets; the
* agent is being bad. Remove system-owned secrets.
*/
if (is_self) {
_LOGD("(%s:%p) interaction forbidden but agent %s returned system secrets",
setting_name,
call_id,
agent_dbus_owner);
}
cmp_flags->required |= NM_SETTING_SECRET_FLAG_AGENT_OWNED;
} else if (agent_has_modify == FALSE) {
/* Agent didn't successfully authenticate; clear system-owned secrets
* from the secrets the agent returned.
*/
if (is_self) {
_LOGD("(%s:%p) agent failed to authenticate but provided system secrets",
setting_name,
call_id);
}
cmp_flags->required |= NM_SETTING_SECRET_FLAG_AGENT_OWNED;
}
}
} else {
if (is_self) {
_LOGD("(%s:%p) existing secrets returned", setting_name, call_id);
}
}
/* If no user interaction was allowed, make sure that no "unsaved" secrets
* came back. Unsaved secrets by definition require user interaction.
*/
if (flags == NM_SECRET_AGENT_GET_SECRETS_FLAG_NONE) {
cmp_flags->forbidden |=
(NM_SETTING_SECRET_FLAG_NOT_SAVED | NM_SETTING_SECRET_FLAG_NOT_REQUIRED);
}
}
gboolean
nm_settings_connection_new_secrets(NMSettingsConnection *self,
NMConnection *applied_connection,
const char *setting_name,
GVariant *secrets,
GError **error)
{
gs_unref_object NMConnection *new_connection = NULL;
NMConnection *connection;
if (!nm_settings_connection_has_unmodified_applied_connection(self,
applied_connection,
NM_SETTING_COMPARE_FLAG_NONE)) {
g_set_error_literal(error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"The connection was modified since activation");
return FALSE;
}
connection = nm_settings_connection_get_connection(self);
if (!_secrets_update(connection, setting_name, secrets, &new_connection, error))
return FALSE;
if (!nm_settings_connection_update(
self,
NULL,
new_connection ?: connection,
NM_SETTINGS_CONNECTION_PERSIST_MODE_KEEP,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_UPDATE_REASON_IGNORE_PERSIST_FAILURE
| NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_SYSTEM_SECRETS
| NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_AGENT_SECRETS,
"new-secrets",
NULL))
nm_assert_not_reached();
return TRUE;
}
static gboolean
match_secret_by_setting_name_and_flags_cb(NMSetting *setting,
const char *secret,
NMSettingSecretFlags flags,
gpointer user_data)
{
const char *get_secrets_setting_name = user_data;
return nm_streq(nm_setting_get_name(setting), get_secrets_setting_name)
&& NM_FLAGS_HAS(flags, NM_SETTING_SECRET_FLAG_AGENT_OWNED);
}
static void
get_secrets_done_cb(NMAgentManager *manager,
NMAgentManagerCallId call_id_a,
const char *agent_dbus_owner,
const char *agent_username,
gboolean agent_has_modify,
const char *setting_name,
NMSecretAgentGetSecretsFlags flags,
GVariant *secrets,
GError *error,
gpointer user_data)
{
NMSettingsConnectionCallId *call_id = user_data;
NMSettingsConnection *self;
NMSettingsConnectionPrivate *priv;
NMConnection *applied_connection;
gs_free_error GError *local = NULL;
gs_unref_object NMConnection *new_connection = NULL;
gboolean agent_had_system = FALSE;
ForEachSecretFlags cmp_flags = {NM_SETTING_SECRET_FLAG_NONE, NM_SETTING_SECRET_FLAG_NONE};
gs_unref_variant GVariant *filtered_secrets = NULL;
if (g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
return;
self = call_id->self;
g_return_if_fail(NM_IS_SETTINGS_CONNECTION(self));
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
nm_assert(c_list_contains(&priv->call_ids_lst_head, &call_id->call_ids_lst));
c_list_unlink(&call_id->call_ids_lst);
if (error) {
_LOGD("(%s:%p) secrets request error: %s", setting_name, call_id, error->message);
_get_secrets_info_callback(call_id, NULL, setting_name, error);
goto out;
}
if (call_id->had_applied_connection && !call_id->applied_connection) {
g_set_error_literal(&local,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_SETTING_NOT_FOUND,
"Applied connection deleted since requesting secrets");
_get_secrets_info_callback(call_id, NULL, setting_name, local);
goto out;
}
if (call_id->had_applied_connection
&& !nm_settings_connection_has_unmodified_applied_connection(
self,
call_id->applied_connection,
NM_SETTING_COMPARE_FLAG_NONE)) {
g_set_error_literal(&local,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"The connection was modified since activation");
_get_secrets_info_callback(call_id, NULL, setting_name, local);
goto out;
}
if (!nm_connection_get_setting_by_name(nm_settings_connection_get_connection(self),
setting_name)) {
g_set_error(&local,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_SETTING_NOT_FOUND,
"Connection didn't have requested setting '%s'.",
setting_name);
_get_secrets_info_callback(call_id, NULL, setting_name, local);
goto out;
}
get_cmp_flags(self,
call_id,
nm_settings_connection_get_connection(self),
agent_dbus_owner,
agent_has_modify,
setting_name,
flags,
secrets,
&agent_had_system,
&cmp_flags);
_LOGD("(%s:%p) secrets request completed", setting_name, call_id);
new_connection = nm_simple_connection_new_clone(nm_settings_connection_get_connection(self));
/* Remove old agent-owned secrets in the requested setting */
nm_connection_clear_secrets_with_flags(new_connection,
match_secret_by_setting_name_and_flags_cb,
(gpointer) setting_name);
/* Update the connection with the agent's secrets; by this point if any
* system-owned secrets exist in 'secrets' the agent that provided them
* will have been authenticated, so those secrets can replace the existing
* system secrets.
*/
filtered_secrets = validate_secret_flags(new_connection, secrets, &cmp_flags);
if (!_secrets_update(new_connection, setting_name, filtered_secrets, NULL, &local)) {
_LOGD("(%s:%p) failed to update with agent secrets: %s",
setting_name,
call_id,
local->message);
}
/* Only save secrets to backing storage if the agent returned any
* new system secrets. If it didn't, then the secrets are agent-
* owned and there's no point to writing out the connection when
* nothing has changed, since agent-owned secrets don't get saved here.
*/
if (agent_had_system) {
_LOGD("(%s:%p) saving new secrets to backing storage", setting_name, call_id);
} else {
_LOGD("(%s:%p) new agent secrets processed", setting_name, call_id);
}
if (!nm_settings_connection_update(
self,
NULL,
new_connection,
agent_had_system ? NM_SETTINGS_CONNECTION_PERSIST_MODE_KEEP
: NM_SETTINGS_CONNECTION_PERSIST_MODE_NO_PERSIST,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_UPDATE_REASON_IGNORE_PERSIST_FAILURE
| (agent_had_system ? NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_SYSTEM_SECRETS
: NM_SETTINGS_CONNECTION_UPDATE_REASON_NONE)
| NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_AGENT_SECRETS,
"get-new-secrets",
NULL))
nm_assert_not_reached();
applied_connection = call_id->applied_connection;
if (applied_connection) {
gs_unref_variant GVariant *filtered_secrets2 = NULL;
get_cmp_flags(self,
call_id,
applied_connection,
agent_dbus_owner,
agent_has_modify,
setting_name,
flags,
secrets,
&agent_had_system,
&cmp_flags);
nm_connection_clear_secrets_with_flags(applied_connection,
match_secret_by_setting_name_and_flags_cb,
(gpointer) setting_name);
filtered_secrets2 = validate_secret_flags(applied_connection, secrets, &cmp_flags);
nm_connection_update_secrets(applied_connection, setting_name, filtered_secrets2, NULL);
}
_get_secrets_info_callback(call_id, agent_username, setting_name, local);
g_clear_error(&local);
out:
_get_secrets_info_free(call_id);
}
static gboolean
get_secrets_idle_cb(NMSettingsConnectionCallId *call_id)
{
NMSettingsConnectionPrivate *priv;
g_return_val_if_fail(call_id && NM_IS_SETTINGS_CONNECTION(call_id->self), G_SOURCE_REMOVE);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(call_id->self);
nm_assert(c_list_contains(&priv->call_ids_lst_head, &call_id->call_ids_lst));
c_list_unlink(&call_id->call_ids_lst);
_get_secrets_info_callback(call_id, NULL, NULL, call_id->t.idle.error);
_get_secrets_info_free(call_id);
return G_SOURCE_REMOVE;
}
/**
* nm_settings_connection_get_secrets:
* @self: the #NMSettingsConnection
* @applied_connection: (nullable): if provided, only request secrets
* if @self equals to @applied_connection. Also, update the secrets
* in the @applied_connection.
* @subject: the #NMAuthSubject originating the request
* @setting_name: the setting to return secrets for
* @flags: flags to modify the secrets request
* @hints: key names in @setting_name for which secrets may be required, or some
* other information about the request
* @callback: the function to call with returned secrets
* @callback_data: user data to pass to @callback
*
* Retrieves secrets from persistent storage and queries any secret agents for
* additional secrets.
*
* With the returned call-id, the call can be cancelled. It is an error
* to cancel a call more then once or a call that already completed.
* The callback will always be invoked exactly once, also for cancellation
* and disposing of @self. In those latter cases, the callback will be invoked
* synchronously during cancellation/disposing.
*
* Returns: a call ID which may be used to cancel the ongoing secrets request.
**/
NMSettingsConnectionCallId *
nm_settings_connection_get_secrets(NMSettingsConnection *self,
NMConnection *applied_connection,
NMAuthSubject *subject,
const char *setting_name,
NMSecretAgentGetSecretsFlags flags,
const char *const *hints,
NMSettingsConnectionSecretsFunc callback,
gpointer callback_data)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
NMAgentManagerCallId call_id_a;
gs_free char *joined_hints = NULL;
NMSettingsConnectionCallId *call_id;
GError *local = NULL;
gs_unref_variant GVariant *system_secrets = NULL;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
g_return_val_if_fail(
!applied_connection
|| (NM_IS_CONNECTION(applied_connection)
&& (nm_settings_connection_get_connection(self) != applied_connection)),
NULL);
call_id = g_slice_new0(NMSettingsConnectionCallId);
call_id->self = self;
if (applied_connection) {
call_id->had_applied_connection = TRUE;
call_id->applied_connection = applied_connection;
g_object_add_weak_pointer(G_OBJECT(applied_connection),
(gpointer *) &call_id->applied_connection);
}
call_id->callback = callback;
call_id->callback_data = callback_data;
c_list_link_tail(&priv->call_ids_lst_head, &call_id->call_ids_lst);
/* Make sure the request actually requests something we can return */
if (!nm_connection_get_setting_by_name(nm_settings_connection_get_connection(self),
setting_name)) {
g_set_error(&local,
NM_CONNECTION_ERROR,
NM_CONNECTION_ERROR_SETTING_NOT_FOUND,
"Connection didn't have requested setting '%s'.",
setting_name);
goto schedule_dummy;
}
if (applied_connection
&& !nm_settings_connection_has_unmodified_applied_connection(
self,
applied_connection,
NM_SETTING_COMPARE_FLAG_NONE)) {
g_set_error_literal(&local,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"The connection was modified since activation");
goto schedule_dummy;
}
/* we remember the current version-id of the secret-agents. The version-id is strictly increasing,
* as new agents register the number. We know hence, that this request was made against a certain
* set of secret-agents.
* If after making this request a new secret-agent registers, the version-id increases.
* Then we know that the this request probably did not yet include the latest secret-agent. */
priv->last_secret_agent_version_id = nm_agent_manager_get_agent_version_id(priv->agent_mgr);
system_secrets = nm_g_variant_ref_sink(
nm_connection_to_dbus(nm_settings_connection_get_connection(self),
NM_CONNECTION_SERIALIZE_WITH_SECRETS_SYSTEM_OWNED));
call_id_a = nm_agent_manager_get_secrets(priv->agent_mgr,
nm_dbus_object_get_path(NM_DBUS_OBJECT(self)),
nm_settings_connection_get_connection(self),
subject,
system_secrets,
setting_name,
flags,
hints,
get_secrets_done_cb,
call_id);
nm_assert(call_id_a);
_LOGD("(%s:%p) secrets requested flags 0x%X hints '%s'",
setting_name,
call_id_a,
flags,
(hints && hints[0]) ? (joined_hints = g_strjoinv(",", (char **) hints)) : "(none)");
if (call_id_a) {
call_id->type = CALL_ID_TYPE_REQ;
call_id->t.req.id = call_id_a;
} else {
schedule_dummy:
call_id->type = CALL_ID_TYPE_IDLE;
g_propagate_error(&call_id->t.idle.error, local);
call_id->t.idle.id = g_idle_add((GSourceFunc) get_secrets_idle_cb, call_id);
}
return call_id;
}
static void
_get_secrets_cancel(NMSettingsConnection *self,
NMSettingsConnectionCallId *call_id,
gboolean is_disposing)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
gs_free_error GError *error = NULL;
nm_assert(c_list_contains(&priv->call_ids_lst_head, &call_id->call_ids_lst));
c_list_unlink(&call_id->call_ids_lst);
if (call_id->type == CALL_ID_TYPE_REQ)
nm_agent_manager_cancel_secrets(priv->agent_mgr, call_id->t.req.id);
else
g_source_remove(call_id->t.idle.id);
nm_utils_error_set_cancelled(&error, is_disposing, "NMSettingsConnection");
_get_secrets_info_callback(call_id, NULL, NULL, error);
_get_secrets_info_free(call_id);
}
void
nm_settings_connection_cancel_secrets(NMSettingsConnection *self,
NMSettingsConnectionCallId *call_id)
{
_LOGD("(%p) secrets canceled", call_id);
_get_secrets_cancel(self, call_id, FALSE);
}
/*****************************************************************************/
typedef void (*AuthCallback)(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer data);
typedef struct {
CList auth_lst;
NMAuthManagerCallId *call_id;
NMSettingsConnection *self;
AuthCallback callback;
gpointer callback_data;
GDBusMethodInvocation *invocation;
NMAuthSubject *subject;
} AuthData;
static void
pk_auth_cb(NMAuthManager *auth_manager,
NMAuthManagerCallId *auth_call_id,
gboolean is_authorized,
gboolean is_challenge,
GError *auth_error,
gpointer user_data)
{
AuthData *auth_data = user_data;
NMSettingsConnection *self;
gs_free_error GError *error = NULL;
nm_assert(auth_data);
nm_assert(NM_IS_SETTINGS_CONNECTION(auth_data->self));
self = auth_data->self;
auth_data->call_id = NULL;
c_list_unlink(&auth_data->auth_lst);
if (g_error_matches(auth_error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) {
error = g_error_new(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"Error checking authorization: connection was deleted");
} else if (auth_error) {
error = g_error_new(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_FAILED,
"Error checking authorization: %s",
auth_error->message);
} else if (nm_auth_call_result_eval(is_authorized, is_challenge, auth_error)
!= NM_AUTH_CALL_RESULT_YES) {
error = g_error_new_literal(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_PERMISSION_DENIED,
NM_UTILS_ERROR_MSG_INSUFF_PRIV);
}
auth_data->callback(self,
auth_data->invocation,
auth_data->subject,
error,
auth_data->callback_data);
g_object_unref(auth_data->invocation);
g_object_unref(auth_data->subject);
g_slice_free(AuthData, auth_data);
}
/**
* _new_auth_subject:
* @context: the D-Bus method invocation context
* @error: on failure, a #GError
*
* Creates an NMAuthSubject for the caller.
*
* Returns: the #NMAuthSubject on success, or %NULL on failure and sets @error
*/
static NMAuthSubject *
_new_auth_subject(GDBusMethodInvocation *context, GError **error)
{
NMAuthSubject *subject;
subject = nm_dbus_manager_new_auth_subject_from_context(context);
if (!subject) {
g_set_error_literal(error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_PERMISSION_DENIED,
NM_UTILS_ERROR_MSG_REQ_UID_UKNOWN);
}
return subject;
}
/* may either invoke callback synchronously or asynchronously. */
static void
auth_start(NMSettingsConnection *self,
GDBusMethodInvocation *invocation,
NMAuthSubject *subject,
const char *check_permission,
AuthCallback callback,
gpointer callback_data)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
AuthData *auth_data;
GError *error = NULL;
nm_assert(nm_dbus_object_is_exported(NM_DBUS_OBJECT(self)));
nm_assert(G_IS_DBUS_METHOD_INVOCATION(invocation));
nm_assert(NM_IS_AUTH_SUBJECT(subject));
if (!nm_auth_is_subject_in_acl_set_error(nm_settings_connection_get_connection(self),
subject,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_PERMISSION_DENIED,
&error)) {
callback(self, invocation, subject, error, callback_data);
g_clear_error(&error);
return;
}
if (!check_permission) {
/* Don't need polkit auth, automatic success */
callback(self, invocation, subject, NULL, callback_data);
return;
}
auth_data = g_slice_new(AuthData);
auth_data->self = self;
auth_data->callback = callback;
auth_data->callback_data = callback_data;
auth_data->invocation = g_object_ref(invocation);
auth_data->subject = g_object_ref(subject);
c_list_link_tail(&priv->auth_lst_head, &auth_data->auth_lst);
auth_data->call_id = nm_auth_manager_check_authorization(nm_auth_manager_get(),
subject,
check_permission,
TRUE,
pk_auth_cb,
auth_data);
}
/**** DBus method handlers ************************************/
static void
get_settings_auth_cb(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer data)
{
const char *seen_bssids_strv[SEEN_BSSIDS_MAX + 1];
NMConnectionSerializationOptions options = {};
if (error) {
g_dbus_method_invocation_return_gerror(context, error);
return;
}
/* Timestamp is not updated in connection's 'timestamp' property,
* because it would force updating the connection and in turn
* writing to /etc periodically, which we want to avoid. Rather real
* timestamps are kept track of in a private variable. So, substitute
* timestamp property with the real one here before returning the settings.
*/
options.timestamp.has = TRUE;
nm_settings_connection_get_timestamp(self, &options.timestamp.val);
/* Seen BSSIDs are not updated in 802-11-wireless 'seen-bssids' property
* from the same reason as timestamp. Thus we put it here to GetSettings()
* return settings too.
*/
_get_seen_bssids(self, seen_bssids_strv);
options.seen_bssids = seen_bssids_strv;
/* Secrets should *never* be returned by the GetSettings method, they
* get returned by the GetSecrets method which can be better
* protected against leakage of secrets to unprivileged callers.
*/
g_dbus_method_invocation_return_value(context, _getsettings_cached_get(self, &options));
}
static void
impl_settings_connection_get_settings(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_object NMAuthSubject *subject = NULL;
GError *error = NULL;
subject = _new_auth_subject(invocation, &error);
if (!subject) {
g_dbus_method_invocation_take_error(invocation, error);
return;
}
auth_start(self, invocation, subject, NULL, get_settings_auth_cb, NULL);
}
typedef struct {
GDBusMethodInvocation *context;
NMAgentManager *agent_mgr;
NMAuthSubject *subject;
NMConnection *new_settings;
NMSettingsUpdate2Flags flags;
char *audit_args;
char *plugin_name;
bool is_update2 : 1;
} UpdateInfo;
static void
update_complete(NMSettingsConnection *self, UpdateInfo *info, GError *error)
{
if (error)
g_dbus_method_invocation_return_gerror(info->context, error);
else if (info->is_update2) {
GVariantBuilder result;
g_variant_builder_init(&result, G_VARIANT_TYPE("a{sv}"));
g_dbus_method_invocation_return_value(info->context, g_variant_new("(a{sv})", &result));
} else
g_dbus_method_invocation_return_value(info->context, NULL);
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_UPDATE,
self,
!error,
info->audit_args,
info->subject,
error ? error->message : NULL);
g_clear_object(&info->subject);
g_clear_object(&info->agent_mgr);
g_clear_object(&info->new_settings);
g_free(info->audit_args);
g_free(info->plugin_name);
nm_g_slice_free(info);
}
static void
update_auth_cb(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer data)
{
NMSettingsConnectionPrivate *priv;
UpdateInfo *info = data;
gs_free_error GError *local = NULL;
NMSettingsConnectionPersistMode persist_mode;
gs_unref_object NMConnection *for_agent = NULL;
if (error)
goto out;
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
if (info->new_settings) {
if (!_nm_connection_aggregate(info->new_settings,
NM_CONNECTION_AGGREGATE_ANY_SECRETS,
NULL)) {
gs_unref_variant GVariant *secrets = NULL;
/* If the new connection has no secrets, we do not want to remove all
* secrets, rather we keep all the existing ones. Do that by merging
* them in to the new connection.
*/
secrets = nm_g_variant_ref_sink(
nm_connection_to_dbus(nm_settings_connection_get_connection(self),
NM_CONNECTION_SERIALIZE_WITH_SECRETS));
if (secrets)
nm_connection_update_secrets(info->new_settings, NULL, secrets, NULL);
if (priv->agent_secrets)
nm_connection_update_secrets(info->new_settings, NULL, priv->agent_secrets, NULL);
} else {
/* Cache the new secrets from the agent, as stuff like inotify-triggered
* changes to connection's backing config files will blow them away if
* they're in the main connection.
*/
update_agent_secrets_cache(self, info->new_settings);
/* New secrets, allow autoconnection again */
if (nm_settings_connection_autoconnect_blocked_reason_set(
self,
NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_NO_SECRETS,
FALSE)
&& !nm_settings_connection_autoconnect_blocked_reason_get(self))
nm_manager_devcon_autoconnect_retries_reset(
nm_settings_connection_get_manager(self),
NULL,
self);
}
}
if (info->new_settings) {
if (nm_audit_manager_audit_enabled(nm_audit_manager_get())) {
gs_unref_hashtable GHashTable *diff = NULL;
gboolean same;
same = nm_connection_diff(nm_settings_connection_get_connection(self),
info->new_settings,
NM_SETTING_COMPARE_FLAG_EXACT
| NM_SETTING_COMPARE_FLAG_DIFF_RESULT_NO_DEFAULT,
&diff);
if (!same && diff)
info->audit_args = nm_utils_format_con_diff_for_audit(diff);
}
}
nm_assert(
!NM_FLAGS_ANY(info->flags, _NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES)
|| nm_utils_is_power_of_two(info->flags & _NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES));
if (NM_FLAGS_HAS(info->flags, NM_SETTINGS_UPDATE2_FLAG_TO_DISK))
persist_mode = NM_SETTINGS_CONNECTION_PERSIST_MODE_TO_DISK;
else if (NM_FLAGS_ANY(info->flags, NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY))
persist_mode = NM_SETTINGS_CONNECTION_PERSIST_MODE_IN_MEMORY;
else if (NM_FLAGS_ANY(info->flags, NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_DETACHED))
persist_mode = NM_SETTINGS_CONNECTION_PERSIST_MODE_IN_MEMORY_DETACHED;
else if (NM_FLAGS_HAS(info->flags, NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_ONLY)) {
persist_mode = NM_SETTINGS_CONNECTION_PERSIST_MODE_IN_MEMORY_ONLY;
} else
persist_mode = NM_SETTINGS_CONNECTION_PERSIST_MODE_KEEP;
nm_settings_connection_update(
self,
info->plugin_name,
info->new_settings,
persist_mode,
(NM_FLAGS_HAS(info->flags, NM_SETTINGS_UPDATE2_FLAG_VOLATILE)
? NM_SETTINGS_CONNECTION_INT_FLAGS_VOLATILE
: NM_SETTINGS_CONNECTION_INT_FLAGS_NONE),
NM_SETTINGS_CONNECTION_INT_FLAGS_NM_GENERATED | NM_SETTINGS_CONNECTION_INT_FLAGS_VOLATILE
| NM_SETTINGS_CONNECTION_INT_FLAGS_EXTERNAL,
NM_SETTINGS_CONNECTION_UPDATE_REASON_FORCE_RENAME
| (NM_FLAGS_HAS(info->flags, NM_SETTINGS_UPDATE2_FLAG_NO_REAPPLY)
? NM_SETTINGS_CONNECTION_UPDATE_REASON_NONE
: NM_SETTINGS_CONNECTION_UPDATE_REASON_REAPPLY_PARTIAL)
| NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_SYSTEM_SECRETS
| NM_SETTINGS_CONNECTION_UPDATE_REASON_RESET_AGENT_SECRETS
| NM_SETTINGS_CONNECTION_UPDATE_REASON_UPDATE_NON_SECRET
| (NM_FLAGS_HAS(info->flags, NM_SETTINGS_UPDATE2_FLAG_BLOCK_AUTOCONNECT)
? NM_SETTINGS_CONNECTION_UPDATE_REASON_BLOCK_AUTOCONNECT
: NM_SETTINGS_CONNECTION_UPDATE_REASON_NONE),
"update-from-dbus",
&local);
if (local) {
error = local;
goto out;
}
/* Dupe the connection so we can clear out non-agent-owned secrets,
* as agent-owned secrets are the only ones we send back to be saved.
* Only send secrets to agents of the same UID that called update too.
*/
for_agent = nm_simple_connection_new_clone(nm_settings_connection_get_connection(self));
_nm_connection_clear_secrets_by_secret_flags(for_agent, NM_SETTING_SECRET_FLAG_AGENT_OWNED);
nm_agent_manager_save_secrets(info->agent_mgr,
nm_dbus_object_get_path(NM_DBUS_OBJECT(self)),
for_agent,
info->subject);
/* Reset auto retries back to default since connection was updated */
nm_manager_devcon_autoconnect_retries_reset(nm_settings_connection_get_manager(self),
NULL,
self);
out:
update_complete(self, info, error);
}
static const char *
get_update_modify_permission(NMConnection *old, NMConnection *new)
{
NMSettingConnection *s_con;
guint32 orig_num = 0, new_num = 0;
s_con = nm_connection_get_setting_connection(old);
orig_num = nm_setting_connection_get_num_permissions(s_con);
s_con = nm_connection_get_setting_connection(new);
new_num = nm_setting_connection_get_num_permissions(s_con);
/* If the caller is the only user in either connection's permissions, then
* we use the 'modify.own' permission instead of 'modify.system'.
*/
if (orig_num == 1 && new_num == 1)
return NM_AUTH_PERMISSION_SETTINGS_MODIFY_OWN;
/* If the update request affects more than just the caller (ie if the old
* settings were system-wide, or the new ones are), require 'modify.system'.
*/
return NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM;
}
static void
settings_connection_update(NMSettingsConnection *self,
gboolean is_update2,
GDBusMethodInvocation *context,
GVariant *new_settings,
const char *plugin_name,
NMSettingsUpdate2Flags flags)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
NMAuthSubject *subject = NULL;
NMConnection *tmp = NULL;
GError *error = NULL;
UpdateInfo *info;
const char *permission;
/* Check if the settings are valid first */
if (new_settings) {
if (!g_variant_is_of_type(new_settings, NM_VARIANT_TYPE_CONNECTION)) {
g_set_error_literal(&error,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_ARGUMENTS,
"settings is of invalid type");
goto error;
}
if (g_variant_n_children(new_settings) > 0) {
tmp = _nm_simple_connection_new_from_dbus(new_settings,
NM_SETTING_PARSE_FLAGS_STRICT
| NM_SETTING_PARSE_FLAGS_NORMALIZE,
&error);
if (!tmp)
goto error;
if (!nm_connection_verify_secrets(tmp, &error))
goto error;
}
}
subject = _new_auth_subject(context, &error);
if (!subject)
goto error;
/* And that the new connection settings will be visible to the user
* that's sending the update request. You can't make a connection
* invisible to yourself.
*/
if (!nm_auth_is_subject_in_acl_set_error(tmp ?: nm_settings_connection_get_connection(self),
subject,
NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_PERMISSION_DENIED,
&error))
goto error;
info = g_slice_new(UpdateInfo);
*info = (UpdateInfo){
.is_update2 = is_update2,
.context = context,
.agent_mgr = g_object_ref(priv->agent_mgr),
.subject = subject,
.flags = flags,
.new_settings = tmp,
.plugin_name = g_strdup(plugin_name),
};
permission = get_update_modify_permission(nm_settings_connection_get_connection(self),
tmp ?: nm_settings_connection_get_connection(self));
auth_start(self, context, subject, permission, update_auth_cb, info);
return;
error:
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_UPDATE, self, FALSE, NULL, subject, error->message);
g_clear_object(&tmp);
g_clear_object(&subject);
g_dbus_method_invocation_take_error(context, error);
}
static void
impl_settings_connection_update(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_variant GVariant *settings = NULL;
g_variant_get(parameters, "(@a{sa{sv}})", &settings);
settings_connection_update(self,
FALSE,
invocation,
settings,
NULL,
NM_SETTINGS_UPDATE2_FLAG_TO_DISK);
}
static void
impl_settings_connection_update_unsaved(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_variant GVariant *settings = NULL;
g_variant_get(parameters, "(@a{sa{sv}})", &settings);
settings_connection_update(self,
FALSE,
invocation,
settings,
NULL,
NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY);
}
static void
impl_settings_connection_save(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
settings_connection_update(self,
FALSE,
invocation,
NULL,
NULL,
NM_SETTINGS_UPDATE2_FLAG_TO_DISK);
}
static void
impl_settings_connection_update2(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_variant GVariant *settings = NULL;
gs_unref_variant GVariant *args = NULL;
gs_free char *plugin_name = NULL;
guint32 flags_u;
GError *error = NULL;
GVariantIter iter;
const char *args_name;
GVariant *args_value;
NMSettingsUpdate2Flags flags;
g_variant_get(parameters, "(@a{sa{sv}}u@a{sv})", &settings, &flags_u, &args);
if (NM_FLAGS_ANY(flags_u,
~((guint32) (_NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES
| NM_SETTINGS_UPDATE2_FLAG_VOLATILE
| NM_SETTINGS_UPDATE2_FLAG_BLOCK_AUTOCONNECT
| NM_SETTINGS_UPDATE2_FLAG_NO_REAPPLY)))) {
error = g_error_new_literal(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_ARGUMENTS,
"Unknown flags");
g_dbus_method_invocation_take_error(invocation, error);
return;
}
flags = (NMSettingsUpdate2Flags) flags_u;
if ((NM_FLAGS_ANY(flags, _NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES)
&& !nm_utils_is_power_of_two(flags & _NM_SETTINGS_UPDATE2_FLAG_ALL_PERSIST_MODES))
|| (NM_FLAGS_HAS(flags, NM_SETTINGS_UPDATE2_FLAG_VOLATILE)
&& !NM_FLAGS_ANY(flags,
NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY
| NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_DETACHED
| NM_SETTINGS_UPDATE2_FLAG_IN_MEMORY_ONLY))) {
error = g_error_new_literal(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_ARGUMENTS,
"Conflicting flags");
g_dbus_method_invocation_take_error(invocation, error);
return;
}
nm_assert(g_variant_is_of_type(args, G_VARIANT_TYPE("a{sv}")));
g_variant_iter_init(&iter, args);
while (g_variant_iter_next(&iter, "{&sv}", &args_name, &args_value)) {
if (plugin_name == NULL && nm_streq(args_name, "plugin")
&& g_variant_is_of_type(args_value, G_VARIANT_TYPE_STRING)) {
plugin_name = g_variant_dup_string(args_value, NULL);
continue;
}
error = g_error_new(NM_SETTINGS_ERROR,
NM_SETTINGS_ERROR_INVALID_ARGUMENTS,
"Unsupported argument '%s'",
args_name);
g_dbus_method_invocation_take_error(invocation, error);
return;
}
settings_connection_update(self, TRUE, invocation, settings, plugin_name, flags);
}
static void
delete_auth_cb(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer data)
{
gs_unref_object NMSettingsConnection *self_keep_alive = NULL;
self_keep_alive = g_object_ref(self);
if (error) {
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_DELETE,
self,
FALSE,
NULL,
subject,
error->message);
g_dbus_method_invocation_return_gerror(context, error);
return;
}
nm_settings_connection_delete(self, TRUE);
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_DELETE, self, TRUE, NULL, subject, NULL);
g_dbus_method_invocation_return_value(context, NULL);
}
static const char *
get_modify_permission_basic(NMSettingsConnection *self)
{
NMSettingConnection *s_con;
/* If the caller is the only user in the connection's permissions, then
* we use the 'modify.own' permission instead of 'modify.system'. If the
* request affects more than just the caller, require 'modify.system'.
*/
s_con = nm_connection_get_setting_connection(nm_settings_connection_get_connection(self));
if (nm_setting_connection_get_num_permissions(s_con) == 1)
return NM_AUTH_PERMISSION_SETTINGS_MODIFY_OWN;
return NM_AUTH_PERMISSION_SETTINGS_MODIFY_SYSTEM;
}
static void
impl_settings_connection_delete(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_object NMAuthSubject *subject = NULL;
GError *error = NULL;
nm_assert(nm_settings_connection_still_valid(self));
subject = _new_auth_subject(invocation, &error);
if (!subject)
goto err;
auth_start(self, invocation, subject, get_modify_permission_basic(self), delete_auth_cb, NULL);
return;
err:
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_DELETE, self, FALSE, NULL, subject, error->message);
g_dbus_method_invocation_take_error(invocation, error);
}
/*****************************************************************************/
static void
dbus_get_agent_secrets_cb(NMSettingsConnection *self,
NMSettingsConnectionCallId *call_id,
const char *agent_username,
const char *setting_name,
GError *error,
gpointer user_data)
{
GDBusMethodInvocation *context = user_data;
GVariant *dict;
if (error)
g_dbus_method_invocation_return_gerror(context, error);
else {
/* Return secrets from agent and backing storage to the D-Bus caller;
* nm_settings_connection_get_secrets() will have updated itself with
* secrets from backing storage and those returned from the agent
* by the time we get here.
*/
dict = nm_connection_to_dbus(nm_settings_connection_get_connection(self),
NM_CONNECTION_SERIALIZE_WITH_SECRETS);
if (!dict)
dict = nm_g_variant_singleton_aLsaLsvII();
g_dbus_method_invocation_return_value(context, g_variant_new("(@a{sa{sv}})", dict));
}
}
static void
dbus_get_secrets_auth_cb(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer user_data)
{
char *setting_name = user_data;
if (!error) {
nm_settings_connection_get_secrets(self,
NULL,
subject,
setting_name,
NM_SECRET_AGENT_GET_SECRETS_FLAG_USER_REQUESTED
| NM_SECRET_AGENT_GET_SECRETS_FLAG_NO_ERRORS,
NULL,
dbus_get_agent_secrets_cb,
context);
}
if (error)
g_dbus_method_invocation_return_gerror(context, error);
g_free(setting_name);
}
static void
impl_settings_connection_get_secrets(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_object NMAuthSubject *subject = NULL;
GError *error = NULL;
const char *setting_name;
subject = _new_auth_subject(invocation, &error);
if (!subject) {
g_dbus_method_invocation_take_error(invocation, error);
return;
}
g_variant_get(parameters, "(&s)", &setting_name);
auth_start(self,
invocation,
subject,
get_modify_permission_basic(self),
dbus_get_secrets_auth_cb,
g_strdup(setting_name));
}
static void
dbus_clear_secrets_auth_cb(NMSettingsConnection *self,
GDBusMethodInvocation *context,
NMAuthSubject *subject,
GError *error,
gpointer user_data)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
gs_free_error GError *local = NULL;
gs_unref_object NMConnection *connection_cloned = NULL;
if (error) {
g_dbus_method_invocation_return_gerror(context, error);
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_CLEAR_SECRETS,
self,
FALSE,
NULL,
subject,
error->message);
return;
}
/* FIXME: add API to NMConnection so that we can clone a profile without secrets. */
connection_cloned = nm_simple_connection_new_clone(nm_settings_connection_get_connection(self));
nm_connection_clear_secrets(connection_cloned);
if (!nm_settings_connection_update(
self,
NULL,
connection_cloned,
NM_SETTINGS_CONNECTION_PERSIST_MODE_KEEP,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_INT_FLAGS_NONE,
NM_SETTINGS_CONNECTION_UPDATE_REASON_IGNORE_PERSIST_FAILURE
| NM_SETTINGS_CONNECTION_UPDATE_REASON_CLEAR_SYSTEM_SECRETS
| NM_SETTINGS_CONNECTION_UPDATE_REASON_CLEAR_AGENT_SECRETS,
"clear-secrets",
NULL))
nm_assert_not_reached();
/* Tell agents to remove secrets for this connection */
nm_agent_manager_delete_secrets(priv->agent_mgr,
nm_dbus_object_get_path(NM_DBUS_OBJECT(self)),
nm_settings_connection_get_connection(self));
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_CLEAR_SECRETS,
self,
!local,
NULL,
subject,
local ? local->message : NULL);
if (local)
g_dbus_method_invocation_return_gerror(context, local);
else
g_dbus_method_invocation_return_value(context, NULL);
}
static void
impl_settings_connection_clear_secrets(NMDBusObject *obj,
const NMDBusInterfaceInfoExtended *interface_info,
const NMDBusMethodInfoExtended *method_info,
GDBusConnection *connection,
const char *sender,
GDBusMethodInvocation *invocation,
GVariant *parameters)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(obj);
gs_unref_object NMAuthSubject *subject = NULL;
GError *error = NULL;
subject = _new_auth_subject(invocation, &error);
if (!subject) {
nm_audit_log_connection_op(NM_AUDIT_OP_CONN_CLEAR_SECRETS,
self,
FALSE,
NULL,
NULL,
error->message);
g_dbus_method_invocation_take_error(invocation, error);
return;
}
auth_start(self,
invocation,
subject,
get_modify_permission_basic(self),
dbus_clear_secrets_auth_cb,
NULL);
}
/*****************************************************************************/
void
_nm_settings_connection_emit_dbus_signal_updated(NMSettingsConnection *self)
{
nm_dbus_object_emit_signal(NM_DBUS_OBJECT(self),
&interface_info_settings_connection,
&signal_info_updated,
"()");
}
void
_nm_settings_connection_emit_dbus_signal_removed(NMSettingsConnection *self)
{
nm_dbus_object_emit_signal(NM_DBUS_OBJECT(self),
&interface_info_settings_connection,
&signal_info_removed,
"()");
}
void
_nm_settings_connection_emit_signal_updated_internal(NMSettingsConnection *self,
NMSettingsConnectionUpdateReason update_reason)
{
g_signal_emit(self, signals[UPDATED_INTERNAL], 0, (guint) update_reason);
}
/*****************************************************************************/
static NM_UTILS_FLAGS2STR_DEFINE(
_settings_connection_flags_to_string,
NMSettingsConnectionIntFlags,
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_NONE, "none"),
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_UNSAVED, "unsaved"),
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_NM_GENERATED, "nm-generated"),
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_VOLATILE, "volatile"),
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_VISIBLE, "visible"),
NM_UTILS_FLAGS2STR(NM_SETTINGS_CONNECTION_INT_FLAGS_EXTERNAL, "external"), );
NMSettingsConnectionIntFlags
nm_settings_connection_get_flags(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NM_SETTINGS_CONNECTION_INT_FLAGS_NONE);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->flags;
}
NMSettingsConnectionIntFlags
nm_settings_connection_set_flags_full(NMSettingsConnection *self,
NMSettingsConnectionIntFlags mask,
NMSettingsConnectionIntFlags value)
{
NMSettingsConnectionPrivate *priv;
NMSettingsConnectionIntFlags old_flags;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NM_SETTINGS_CONNECTION_INT_FLAGS_NONE);
nm_assert(!NM_FLAGS_ANY(mask, ~_NM_SETTINGS_CONNECTION_INT_FLAGS_ALL));
nm_assert(!NM_FLAGS_ANY(value, ~mask));
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
value = (priv->flags & ~mask) | value;
old_flags = priv->flags;
if (old_flags != value) {
gboolean notify_unsaved = FALSE;
char buf1[255], buf2[255];
_LOGT("update settings-connection flags to %s (was %s)",
_settings_connection_flags_to_string(value, buf1, sizeof(buf1)),
_settings_connection_flags_to_string(priv->flags, buf2, sizeof(buf2)));
priv->flags = value;
nm_assert(priv->flags == value);
if (NM_FLAGS_HAS(old_flags, NM_SETTINGS_CONNECTION_INT_FLAGS_UNSAVED)
!= NM_FLAGS_HAS(value, NM_SETTINGS_CONNECTION_INT_FLAGS_UNSAVED)) {
g_object_freeze_notify(G_OBJECT(self));
_notify(self, PROP_UNSAVED);
notify_unsaved = TRUE;
}
_notify(self, PROP_FLAGS);
if (notify_unsaved)
g_object_thaw_notify(G_OBJECT(self));
g_signal_emit(self, signals[FLAGS_CHANGED], 0);
}
return old_flags;
}
/*****************************************************************************/
static int
_cmp_timestamp(NMSettingsConnection *a, NMSettingsConnection *b)
{
gboolean a_has_ts, b_has_ts;
guint64 ats = 0, bts = 0;
nm_assert(NM_IS_SETTINGS_CONNECTION(a));
nm_assert(NM_IS_SETTINGS_CONNECTION(b));
a_has_ts = !!nm_settings_connection_get_timestamp(a, &ats);
b_has_ts = !!nm_settings_connection_get_timestamp(b, &bts);
if (a_has_ts != b_has_ts)
return a_has_ts ? -1 : 1;
if (a_has_ts && ats != bts)
return (ats > bts) ? -1 : 1;
return 0;
}
static int
_cmp_last_resort(NMSettingsConnection *a, NMSettingsConnection *b)
{
NM_CMP_DIRECT_STRCMP0(nm_settings_connection_get_uuid(a), nm_settings_connection_get_uuid(b));
/* hm, same UUID. Use their pointer value to give them a stable
* order. */
NM_CMP_DIRECT_PTR(a, b);
return nm_assert_unreachable_val(0);
}
/* sorting for "best" connections.
* The function sorts connections in descending timestamp order.
* That means an older connection (lower timestamp) goes after
* a newer one.
*/
int
nm_settings_connection_cmp_timestamp(NMSettingsConnection *a, NMSettingsConnection *b)
{
NM_CMP_SELF(a, b);
NM_CMP_RETURN(_cmp_timestamp(a, b));
NM_CMP_RETURN(
nm_utils_cmp_connection_by_autoconnect_priority(nm_settings_connection_get_connection(a),
nm_settings_connection_get_connection(b)));
return _cmp_last_resort(a, b);
}
int
nm_settings_connection_cmp_timestamp_p_with_data(gconstpointer pa,
gconstpointer pb,
gpointer user_data)
{
return nm_settings_connection_cmp_timestamp(*((NMSettingsConnection **) pa),
*((NMSettingsConnection **) pb));
}
int
nm_settings_connection_cmp_autoconnect_priority(NMSettingsConnection *a, NMSettingsConnection *b)
{
if (a == b)
return 0;
NM_CMP_RETURN(
nm_utils_cmp_connection_by_autoconnect_priority(nm_settings_connection_get_connection(a),
nm_settings_connection_get_connection(b)));
NM_CMP_RETURN(_cmp_timestamp(a, b));
return _cmp_last_resort(a, b);
}
int
nm_settings_connection_cmp_autoconnect_priority_with_data(gconstpointer pa,
gconstpointer pb,
gpointer user_data)
{
return nm_settings_connection_cmp_autoconnect_priority((NMSettingsConnection *) pa,
(NMSettingsConnection *) pb);
}
int
nm_settings_connection_cmp_autoconnect_priority_p_with_data(gconstpointer pa,
gconstpointer pb,
gpointer user_data)
{
return nm_settings_connection_cmp_autoconnect_priority(*((NMSettingsConnection **) pa),
*((NMSettingsConnection **) pb));
}
/*****************************************************************************/
/**
* nm_settings_connection_get_timestamp:
* @self: the #NMSettingsConnection
* @out_timestamp: the connection's timestamp
*
* Returns the time (in seconds since the Unix epoch) when the connection
* was last successfully activated.
*
* Returns: %TRUE if the timestamp has ever been set, otherwise %FALSE.
**/
gboolean
nm_settings_connection_get_timestamp(NMSettingsConnection *self, guint64 *out_timestamp)
{
NMSettingsConnectionPrivate *priv;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
NM_SET_OUT(out_timestamp, priv->timestamp);
return priv->timestamp_set;
}
/**
* nm_settings_connection_update_timestamp:
* @self: the #NMSettingsConnection
* @timestamp: timestamp to set into the connection and to store into
* the timestamps database
*
* Updates the connection and timestamps database with the provided timestamp.
**/
void
nm_settings_connection_update_timestamp(NMSettingsConnection *self, guint64 timestamp)
{
NMSettingsConnectionPrivate *priv;
const char *connection_uuid;
char sbuf[60];
g_return_if_fail(NM_IS_SETTINGS_CONNECTION(self));
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
if (priv->timestamp == timestamp && priv->timestamp_set)
return;
priv->timestamp = timestamp;
priv->timestamp_set = TRUE;
_LOGT("timestamp: set timestamp %" G_GUINT64_FORMAT, timestamp);
_nm_settings_notify_sorted_by_autoconnect_priority_maybe_changed(priv->settings);
if (!priv->kf_db_timestamps)
return;
connection_uuid = nm_settings_connection_get_uuid(self);
if (connection_uuid) {
nm_key_file_db_set_value(priv->kf_db_timestamps,
connection_uuid,
nm_sprintf_buf(sbuf, "%" G_GUINT64_FORMAT, timestamp));
}
}
void
_nm_settings_connection_register_kf_dbs(NMSettingsConnection *self,
NMKeyFileDB *kf_db_timestamps,
NMKeyFileDB *kf_db_seen_bssids)
{
NMSettingsConnectionPrivate *priv;
const char *connection_uuid;
g_return_if_fail(NM_IS_SETTINGS_CONNECTION(self));
g_return_if_fail(kf_db_timestamps);
g_return_if_fail(kf_db_seen_bssids);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
connection_uuid = nm_settings_connection_get_uuid(self);
if (priv->kf_db_timestamps != kf_db_timestamps) {
gs_free char *tmp_str = NULL;
guint64 timestamp;
nm_key_file_db_unref(priv->kf_db_timestamps);
priv->kf_db_timestamps = nm_key_file_db_ref(kf_db_timestamps);
tmp_str = nm_key_file_db_get_value(priv->kf_db_timestamps, connection_uuid);
timestamp = _nm_utils_ascii_str_to_uint64(tmp_str, 10, 0, G_MAXUINT64, G_MAXUINT64);
if (timestamp != G_MAXUINT64) {
priv->timestamp = timestamp;
priv->timestamp_set = TRUE;
_LOGT("timestamp: read timestamp %" G_GUINT64_FORMAT " from keyfile database \"%s\"",
timestamp,
nm_key_file_db_get_filename(priv->kf_db_timestamps));
} else
_LOGT("timestamp: no timestamp from keyfile database \"%s\"",
nm_key_file_db_get_filename(priv->kf_db_timestamps));
}
if (priv->kf_db_seen_bssids != kf_db_seen_bssids) {
gs_strfreev char **tmp_strv = NULL;
gsize len;
gsize i;
guint result_len;
nm_key_file_db_unref(priv->kf_db_seen_bssids);
priv->kf_db_seen_bssids = nm_key_file_db_ref(kf_db_seen_bssids);
tmp_strv = nm_key_file_db_get_string_list(priv->kf_db_seen_bssids, connection_uuid, &len);
if (priv->seen_bssids_hash)
g_hash_table_remove_all(priv->seen_bssids_hash);
for (result_len = 0, i = 0; i < len; i++) {
NMEtherAddr addr_bin;
SeenBssidEntry *entry;
nm_assert(result_len == nm_g_hash_table_size(priv->seen_bssids_hash));
if (result_len >= SEEN_BSSIDS_MAX)
break;
if (!_nm_utils_hwaddr_aton_exact(tmp_strv[i], &addr_bin, sizeof(addr_bin)))
continue;
if (!priv->seen_bssids_hash)
priv->seen_bssids_hash = _seen_bssids_hash_new();
entry = _seen_bssid_entry_new_stale_bin(&addr_bin);
c_list_link_tail(&priv->seen_bssids_lst_head, &entry->seen_bssids_lst);
if (!g_hash_table_insert(priv->seen_bssids_hash, entry, entry)) {
/* duplicate detected! The @entry key was freed by g_hash_table_insert(). */
continue;
}
result_len++;
}
if (result_len > 0) {
_LOGT("read %u seen-bssids from keyfile database \"%s\"",
result_len,
nm_key_file_db_get_filename(priv->kf_db_seen_bssids));
} else
nm_clear_pointer(&priv->seen_bssids_hash, g_hash_table_destroy);
nm_assert(nm_g_hash_table_size(priv->seen_bssids_hash) == result_len);
nm_assert(result_len <= SEEN_BSSIDS_MAX);
}
}
static guint
_get_seen_bssids(NMSettingsConnection *self, const char *strv_buf[static(SEEN_BSSIDS_MAX + 1)])
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
SeenBssidEntry *entry;
guint i;
i = 0;
c_list_for_each_entry (entry, &priv->seen_bssids_lst_head, seen_bssids_lst) {
nm_assert(i <= SEEN_BSSIDS_MAX);
strv_buf[i++] = entry->bssid;
}
strv_buf[i] = NULL;
return i;
}
/**
* nm_settings_connection_has_seen_bssid:
* @self: the #NMSettingsConnection
* @bssid: the BSSID to check the seen BSSID list for
*
* Returns: %TRUE if the given @bssid is in the seen BSSIDs list
**/
gboolean
nm_settings_connection_has_seen_bssid(NMSettingsConnection *self, const char *bssid)
{
NMSettingsConnectionPrivate *priv;
NMEtherAddr addr_bin;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), FALSE);
g_return_val_if_fail(bssid, FALSE);
nm_assert(_nm_utils_hwaddr_aton_exact(bssid, &addr_bin, sizeof(addr_bin)));
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
return priv->seen_bssids_hash
&& g_hash_table_contains(NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->seen_bssids_hash,
bssid);
}
/**
* nm_settings_connection_add_seen_bssid:
* @self: the #NMSettingsConnection
* @seen_bssid: BSSID to set into the connection and to store into
* the seen-bssids database
*
* Updates the connection and seen-bssids database with the provided BSSID.
**/
void
nm_settings_connection_add_seen_bssid(NMSettingsConnection *self, const char *seen_bssid)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
const char *seen_bssids_strv[SEEN_BSSIDS_MAX + 1];
NMEtherAddr addr_bin;
const char *connection_uuid;
SeenBssidEntry entry_stack;
SeenBssidEntry *entry;
guint i;
g_return_if_fail(seen_bssid);
if (!_nm_utils_hwaddr_aton_exact(seen_bssid, &addr_bin, sizeof(addr_bin)))
g_return_if_reached();
_seen_bssid_entry_init_stale(&entry_stack, &addr_bin);
if (!priv->seen_bssids_hash) {
priv->seen_bssids_hash = _seen_bssids_hash_new();
entry = NULL;
} else
entry = g_hash_table_lookup(priv->seen_bssids_hash, &entry_stack);
if (entry) {
if (!nm_c_list_move_front(&priv->seen_bssids_lst_head, &entry->seen_bssids_lst)) {
/* no change. */
return;
}
} else {
entry = _seen_bssid_entry_new_stale_copy(&entry_stack);
c_list_link_front(&priv->seen_bssids_lst_head, &entry->seen_bssids_lst);
if (!g_hash_table_add(priv->seen_bssids_hash, entry))
nm_assert_not_reached();
if (g_hash_table_size(priv->seen_bssids_hash) > SEEN_BSSIDS_MAX) {
g_hash_table_remove(
priv->seen_bssids_hash,
c_list_last_entry(&priv->seen_bssids_lst_head, SeenBssidEntry, seen_bssids_lst));
}
}
nm_assert(g_hash_table_size(priv->seen_bssids_hash) <= SEEN_BSSIDS_MAX);
nm_assert(g_hash_table_size(priv->seen_bssids_hash)
== c_list_length(&priv->seen_bssids_lst_head));
if (!priv->kf_db_seen_bssids)
return;
connection_uuid = nm_settings_connection_get_uuid(self);
if (!connection_uuid)
return;
i = _get_seen_bssids(self, seen_bssids_strv);
nm_key_file_db_set_string_list(priv->kf_db_seen_bssids, connection_uuid, seen_bssids_strv, i);
}
guint
nm_settings_connection_get_num_seen_bssids(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), 0);
return nm_g_hash_table_size(NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->seen_bssids_hash);
}
/*****************************************************************************/
NMSettingsAutoconnectBlockedReason
nm_settings_connection_autoconnect_blocked_reason_get(NMSettingsConnection *self)
{
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->autoconnect_blocked_reason;
}
gboolean
nm_settings_connection_autoconnect_blocked_reason_set(NMSettingsConnection *self,
NMSettingsAutoconnectBlockedReason reason,
gboolean set)
{
NMSettingsAutoconnectBlockedReason v;
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
char buf1[200];
char buf2[200];
nm_assert(reason != NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_NONE);
nm_assert(!NM_FLAGS_ANY(reason,
~(NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_USER_REQUEST
| NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_NO_SECRETS)));
v = priv->autoconnect_blocked_reason;
v = NM_FLAGS_ASSIGN(v, reason, set);
if (priv->autoconnect_blocked_reason == v)
return FALSE;
if (set) {
_LOGT("block-autoconnect: profile: blocked with reason %s (%s %s)",
nm_settings_autoconnect_blocked_reason_to_string(v, buf1, sizeof(buf1)),
"just blocked",
nm_settings_autoconnect_blocked_reason_to_string(reason, buf2, sizeof(buf2)));
} else if (v != NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_NONE) {
_LOGT("block-autoconnect: profile: blocked with reason %s (%s %s)",
nm_settings_autoconnect_blocked_reason_to_string(v, buf1, sizeof(buf1)),
"just unblocked",
nm_settings_autoconnect_blocked_reason_to_string(reason, buf2, sizeof(buf2)));
} else {
_LOGT("block-autoconnect: profile: not blocked (unblocked %s)",
nm_settings_autoconnect_blocked_reason_to_string(reason, buf1, sizeof(buf1)));
}
priv->autoconnect_blocked_reason = v;
return TRUE;
}
gboolean
nm_settings_connection_autoconnect_is_blocked(NMSettingsConnection *self)
{
NMSettingsConnectionPrivate *priv;
NMSettingsConnectionIntFlags flags;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), TRUE);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
if (priv->autoconnect_blocked_reason != NM_SETTINGS_AUTOCONNECT_BLOCKED_REASON_NONE)
return TRUE;
flags = priv->flags;
if (NM_FLAGS_ANY(flags,
NM_SETTINGS_CONNECTION_INT_FLAGS_VOLATILE
| NM_SETTINGS_CONNECTION_INT_FLAGS_EXTERNAL))
return TRUE;
if (!NM_FLAGS_HAS(flags, NM_SETTINGS_CONNECTION_INT_FLAGS_VISIBLE))
return TRUE;
return FALSE;
}
/*****************************************************************************/
/**
* nm_settings_connection_get_filename:
* @self: an #NMSettingsConnection
*
* Gets the filename that @self was read from/written to. This may be
* %NULL if @self is unsaved, or if it is associated with a backend that
* does not store each connection in a separate file.
*
* Returns: @self's filename.
*/
const char *
nm_settings_connection_get_filename(NMSettingsConnection *self)
{
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
return NM_SETTINGS_CONNECTION_GET_PRIVATE(self)->filename;
}
const char *
nm_settings_connection_get_id(NMSettingsConnection *self)
{
return nm_connection_get_id(nm_settings_connection_get_connection(self));
}
const char *
nm_settings_connection_get_uuid(NMSettingsConnection *self)
{
NMSettingsConnectionPrivate *priv;
const char *uuid;
g_return_val_if_fail(NM_IS_SETTINGS_CONNECTION(self), NULL);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
uuid = nm_settings_storage_get_uuid(priv->storage);
nm_assert(
uuid
&& nm_streq0(uuid, nm_connection_get_uuid(nm_settings_connection_get_connection(self))));
return uuid;
}
const char *
nm_settings_connection_get_connection_type(NMSettingsConnection *self)
{
return nm_connection_get_connection_type(nm_settings_connection_get_connection(self));
}
/*****************************************************************************/
void
_nm_settings_connection_cleanup_after_remove(NMSettingsConnection *self)
{
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
AuthData *auth_data;
while ((auth_data = c_list_first_entry(&priv->auth_lst_head, AuthData, auth_lst)))
nm_auth_manager_check_authorization_cancel(auth_data->call_id);
}
/*****************************************************************************/
static void
get_property(GObject *object, guint prop_id, GValue *value, GParamSpec *pspec)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(object);
switch (prop_id) {
case PROP_UNSAVED:
g_value_set_boolean(value, nm_settings_connection_get_unsaved(self));
break;
case PROP_FLAGS:
g_value_set_uint(value,
nm_settings_connection_get_flags(self)
& _NM_SETTINGS_CONNECTION_INT_FLAGS_EXPORTED_MASK);
break;
case PROP_FILENAME:
g_value_set_string(value, nm_settings_connection_get_filename(self));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec);
break;
}
}
/*****************************************************************************/
static void
nm_settings_connection_init(NMSettingsConnection *self)
{
NMSettingsConnectionPrivate *priv;
priv =
G_TYPE_INSTANCE_GET_PRIVATE(self, NM_TYPE_SETTINGS_CONNECTION, NMSettingsConnectionPrivate);
self->_priv = priv;
c_list_init(&self->_connections_lst);
c_list_init(&self->devcon_con_lst_head);
c_list_init(&priv->seen_bssids_lst_head);
c_list_init(&priv->call_ids_lst_head);
c_list_init(&priv->auth_lst_head);
priv->agent_mgr = g_object_ref(nm_agent_manager_get());
priv->settings = g_object_ref(nm_settings_get());
}
NMSettingsConnection *
nm_settings_connection_new(void)
{
return g_object_new(NM_TYPE_SETTINGS_CONNECTION, NULL);
}
static void
dispose(GObject *object)
{
NMSettingsConnection *self = NM_SETTINGS_CONNECTION(object);
NMSettingsConnectionPrivate *priv = NM_SETTINGS_CONNECTION_GET_PRIVATE(self);
NMSettingsConnectionCallId *call_id, *call_id_safe;
_LOGD("disposing");
nm_assert(!priv->default_wired_device);
nm_assert(c_list_is_empty(&self->_connections_lst));
nm_assert(c_list_is_empty(&self->devcon_con_lst_head));
nm_assert(c_list_is_empty(&priv->auth_lst_head));
/* Cancel in-progress secrets requests */
if (priv->agent_mgr) {
c_list_for_each_entry_safe (call_id, call_id_safe, &priv->call_ids_lst_head, call_ids_lst)
_get_secrets_cancel(self, call_id, TRUE);
}
nm_clear_pointer(&priv->agent_secrets, g_variant_unref);
nm_clear_pointer(&priv->seen_bssids_hash, g_hash_table_destroy);
g_clear_object(&priv->agent_mgr);
g_clear_object(&priv->connection);
_getsettings_cached_clear(priv);
nm_clear_pointer(&priv->kf_db_timestamps, nm_key_file_db_unref);
nm_clear_pointer(&priv->kf_db_seen_bssids, nm_key_file_db_unref);
G_OBJECT_CLASS(nm_settings_connection_parent_class)->dispose(object);
g_clear_object(&priv->storage);
nm_clear_g_free(&priv->filename);
g_clear_object(&priv->settings);
}
/*****************************************************************************/
static const GDBusSignalInfo signal_info_updated = NM_DEFINE_GDBUS_SIGNAL_INFO_INIT("Updated", );
static const GDBusSignalInfo signal_info_removed = NM_DEFINE_GDBUS_SIGNAL_INFO_INIT("Removed", );
static const NMDBusInterfaceInfoExtended interface_info_settings_connection = {
.parent = NM_DEFINE_GDBUS_INTERFACE_INFO_INIT(
NM_DBUS_INTERFACE_SETTINGS_CONNECTION,
.methods = NM_DEFINE_GDBUS_METHOD_INFOS(
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(
NM_DEFINE_GDBUS_METHOD_INFO_INIT(
"Update",
.in_args = NM_DEFINE_GDBUS_ARG_INFOS(
NM_DEFINE_GDBUS_ARG_INFO("properties", "a{sa{sv}}"), ), ),
.handle = impl_settings_connection_update, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(
NM_DEFINE_GDBUS_METHOD_INFO_INIT(
"UpdateUnsaved",
.in_args = NM_DEFINE_GDBUS_ARG_INFOS(
NM_DEFINE_GDBUS_ARG_INFO("properties", "a{sa{sv}}"), ), ),
.handle = impl_settings_connection_update_unsaved, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(NM_DEFINE_GDBUS_METHOD_INFO_INIT("Delete", ),
.handle = impl_settings_connection_delete, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(
NM_DEFINE_GDBUS_METHOD_INFO_INIT(
"GetSettings",
.out_args = NM_DEFINE_GDBUS_ARG_INFOS(
NM_DEFINE_GDBUS_ARG_INFO("settings", "a{sa{sv}}"), ), ),
.handle = impl_settings_connection_get_settings, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(
NM_DEFINE_GDBUS_METHOD_INFO_INIT(
"GetSecrets",
.in_args =
NM_DEFINE_GDBUS_ARG_INFOS(NM_DEFINE_GDBUS_ARG_INFO("setting_name", "s"), ),
.out_args = NM_DEFINE_GDBUS_ARG_INFOS(
NM_DEFINE_GDBUS_ARG_INFO("secrets", "a{sa{sv}}"), ), ),
.handle = impl_settings_connection_get_secrets, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(NM_DEFINE_GDBUS_METHOD_INFO_INIT("ClearSecrets", ),
.handle = impl_settings_connection_clear_secrets, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(NM_DEFINE_GDBUS_METHOD_INFO_INIT("Save", ),
.handle = impl_settings_connection_save, ),
NM_DEFINE_DBUS_METHOD_INFO_EXTENDED(
NM_DEFINE_GDBUS_METHOD_INFO_INIT(
"Update2",
.in_args =
NM_DEFINE_GDBUS_ARG_INFOS(NM_DEFINE_GDBUS_ARG_INFO("settings", "a{sa{sv}}"),
NM_DEFINE_GDBUS_ARG_INFO("flags", "u"),
NM_DEFINE_GDBUS_ARG_INFO("args", "a{sv}"), ),
.out_args =
NM_DEFINE_GDBUS_ARG_INFOS(NM_DEFINE_GDBUS_ARG_INFO("result", "a{sv}"), ), ),
.handle = impl_settings_connection_update2, ), ),
.signals = NM_DEFINE_GDBUS_SIGNAL_INFOS(&signal_info_updated, &signal_info_removed, ),
.properties = NM_DEFINE_GDBUS_PROPERTY_INFOS(
NM_DEFINE_DBUS_PROPERTY_INFO_EXTENDED_READABLE("Unsaved",
"b",
NM_SETTINGS_CONNECTION_UNSAVED),
NM_DEFINE_DBUS_PROPERTY_INFO_EXTENDED_READABLE("Flags",
"u",
NM_SETTINGS_CONNECTION_FLAGS),
NM_DEFINE_DBUS_PROPERTY_INFO_EXTENDED_READABLE("Filename",
"s",
NM_SETTINGS_CONNECTION_FILENAME), ), ),
};
static void
nm_settings_connection_class_init(NMSettingsConnectionClass *klass)
{
GObjectClass *object_class = G_OBJECT_CLASS(klass);
NMDBusObjectClass *dbus_object_class = NM_DBUS_OBJECT_CLASS(klass);
g_type_class_add_private(klass, sizeof(NMSettingsConnectionPrivate));
dbus_object_class->export_path = NM_DBUS_EXPORT_PATH_NUMBERED(NM_DBUS_PATH_SETTINGS);
dbus_object_class->interface_infos =
NM_DBUS_INTERFACE_INFOS(&interface_info_settings_connection);
object_class->dispose = dispose;
object_class->get_property = get_property;
obj_properties[PROP_UNSAVED] = g_param_spec_boolean(NM_SETTINGS_CONNECTION_UNSAVED,
"",
"",
FALSE,
G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
obj_properties[PROP_FLAGS] = g_param_spec_uint(NM_SETTINGS_CONNECTION_FLAGS,
"",
"",
0,
G_MAXUINT32,
0,
G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
obj_properties[PROP_FILENAME] = g_param_spec_string(NM_SETTINGS_CONNECTION_FILENAME,
"",
"",
NULL,
G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
g_object_class_install_properties(object_class, _PROPERTY_ENUMS_LAST, obj_properties);
/* internal signal, with an argument (NMSettingsConnectionUpdateReason update_reason) as
* guint. */
signals[UPDATED_INTERNAL] = g_signal_new(NM_SETTINGS_CONNECTION_UPDATED_INTERNAL,
G_TYPE_FROM_CLASS(klass),
G_SIGNAL_RUN_FIRST,
0,
NULL,
NULL,
g_cclosure_marshal_VOID__UINT,
G_TYPE_NONE,
1,
G_TYPE_UINT);
signals[FLAGS_CHANGED] = g_signal_new(NM_SETTINGS_CONNECTION_FLAGS_CHANGED,
G_TYPE_FROM_CLASS(klass),
G_SIGNAL_RUN_FIRST,
0,
NULL,
NULL,
g_cclosure_marshal_VOID__VOID,
G_TYPE_NONE,
0);
}
Reference in New Issue View Git Blame Copy Permalink