nm-vpn-service.c 11.8 KB
Newer Older
Dan Williams's avatar
Dan Williams committed
1
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
2 3 4 5 6 7 8 9 10 11 12 13
/* NetworkManager -- Network link manager
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
14 15 16
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
17
 *
Dan Williams's avatar
Dan Williams committed
18
 * Copyright (C) 2005 - 2014 Red Hat, Inc.
Dan Williams's avatar
Dan Williams committed
19
 * Copyright (C) 2005 - 2008 Novell, Inc.
20 21
 */

22 23
#include "config.h"

24
#include <glib.h>
25
#include <string.h>
26
#include <sys/types.h>
27
#include <sys/wait.h>
28
#include <signal.h>
29
#include <unistd.h>
30

31
#include "nm-vpn-service.h"
32
#include "nm-dbus-manager.h"
33
#include "nm-logging.h"
34
#include "nm-posix-signals.h"
35
#include "nm-vpn-manager.h"
36
#include "nm-glib-compat.h"
37

38
G_DEFINE_TYPE (NMVpnService, nm_vpn_service, G_TYPE_OBJECT)
39

40 41 42 43
typedef struct {
	char *name;
	char *dbus_service;
	char *program;
44
	char *namefile;
45

46
	NMVpnConnection *active;
47 48
	GSList *pending;

49
	guint start_timeout;
50
	gboolean service_running;
51
} NMVpnServicePrivate;
52

53
#define NM_VPN_SERVICE_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_VPN_SERVICE, NMVpnServicePrivate))
54

55 56
#define VPN_CONNECTION_GROUP "VPN Connection"

57
static gboolean start_pending_vpn (NMVpnService *self, GError **error);
58

59
NMVpnService *
60
nm_vpn_service_new (const char *namefile, GError **error)
61
{
62 63
	NMVpnService *self;
	NMVpnServicePrivate *priv;
64
	GKeyFile *kf;
65

66 67
	g_return_val_if_fail (namefile != NULL, NULL);
	g_return_val_if_fail (g_path_is_absolute (namefile), NULL);
68

69 70 71
	kf = g_key_file_new ();
	if (!g_key_file_load_from_file (kf, namefile, G_KEY_FILE_NONE, error)) {
		g_key_file_free (kf);
72
		return NULL;
73
	}
74

75
	self = (NMVpnService *) g_object_new (NM_TYPE_VPN_SERVICE, NULL);
76 77
	priv = NM_VPN_SERVICE_GET_PRIVATE (self);
	priv->namefile = g_strdup (namefile);
78

79 80 81
	priv->dbus_service = g_key_file_get_string (kf, VPN_CONNECTION_GROUP, "service", error);
	if (!priv->dbus_service)
		goto error;
82

83 84 85
	priv->program = g_key_file_get_string (kf, VPN_CONNECTION_GROUP, "program", error);
	if (!priv->program)
		goto error;
86

87 88 89
	priv->name = g_key_file_get_string (kf, VPN_CONNECTION_GROUP, "name", error);
	if (!priv->name)
		goto error;
90

91 92
	priv->service_running = nm_dbus_manager_name_has_owner (nm_dbus_manager_get (), priv->dbus_service);

93 94
	g_key_file_free (kf);
	return self;
95 96 97 98 99

error:
	g_object_unref (self);
	g_key_file_free (kf);
	return NULL;
100
}
101

102
const char *
103
nm_vpn_service_get_dbus_service (NMVpnService *service)
104 105
{
	g_return_val_if_fail (NM_IS_VPN_SERVICE (service), NULL);
106

107
	return NM_VPN_SERVICE_GET_PRIVATE (service)->dbus_service;
108
}
109

110
const char *
111
nm_vpn_service_get_name_file (NMVpnService *service)
112
{
113
	g_return_val_if_fail (NM_IS_VPN_SERVICE (service), NULL);
114

115
	return NM_VPN_SERVICE_GET_PRIVATE (service)->namefile;
116 117
}

118
static void
119 120 121 122
connection_vpn_state_changed (NMVpnConnection *connection,
                              NMVpnConnectionState new_state,
                              NMVpnConnectionState old_state,
                              NMVpnConnectionStateReason reason,
123 124
                              gpointer user_data)
{
125 126
	NMVpnService *self = NM_VPN_SERVICE (user_data);
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (self);
127 128 129

	if (new_state == NM_VPN_CONNECTION_STATE_FAILED ||
	    new_state == NM_VPN_CONNECTION_STATE_DISCONNECTED) {
130 131 132
		g_signal_handlers_disconnect_by_func (connection, G_CALLBACK (connection_vpn_state_changed), self);
		if (connection == priv->active) {
			priv->active = NULL;
133
			start_pending_vpn (self, NULL);
134 135
		} else
			priv->pending = g_slist_remove (priv->pending, connection);
136 137 138 139
		g_object_unref (connection);
	}
}

140
void
141
nm_vpn_service_stop_connections (NMVpnService *service,
142
                                 gboolean quitting,
143
                                 NMVpnConnectionStateReason reason)
144
{
145
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (service);
146
	GSList *iter;
147

148 149 150 151 152 153 154 155 156
	/* Just add priv->active to the beginning of priv->pending,
	 * since we're going to clear priv->pending immediately anyway.
	 */
	if (priv->active) {
		priv->pending = g_slist_prepend (priv->pending, priv->active);
		priv->active = NULL;
	}

	for (iter = priv->pending; iter; iter = iter->next) {
157
		NMVpnConnection *vpn = NM_VPN_CONNECTION (iter->data);
158 159

		g_signal_handlers_disconnect_by_func (vpn, G_CALLBACK (connection_vpn_state_changed), service);
160 161 162 163 164
		if (quitting) {
			/* Deactivate to allow pre-down before disconnecting */
			nm_vpn_connection_deactivate (vpn, reason, quitting);
		}
		nm_vpn_connection_disconnect (vpn, reason, quitting);
165
		g_object_unref (vpn);
166
	}
167
	g_clear_pointer (&priv->pending, g_slist_free);
168 169
}

170
static void
171
_daemon_setup (gpointer user_data G_GNUC_UNUSED)
172 173 174 175
{
	/* We are in the child process at this point */
	pid_t pid = getpid ();
	setpgid (pid, pid);
176 177 178 179 180 181

	/*
	 * We blocked signals in main(). We need to restore original signal
	 * mask for VPN service here so that it can receive signals.
	 */
	nm_unblock_posix_signals (NULL);
182 183
}

184
static gboolean
185
_daemon_exec_timeout (gpointer data)
186
{
187 188
	NMVpnService *self = NM_VPN_SERVICE (data);
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (self);
189

190 191
	nm_log_warn (LOGD_VPN, "VPN service '%s' start timed out", priv->name);
	priv->start_timeout = 0;
192
	nm_vpn_service_stop_connections (self, FALSE, NM_VPN_CONNECTION_STATE_REASON_SERVICE_START_TIMEOUT);
193
	return G_SOURCE_REMOVE;
194 195
}

196
static gboolean
197
nm_vpn_service_daemon_exec (NMVpnService *service, GError **error)
198
{
199
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (service);
200
	GPid pid;
201
	char *vpn_argv[2];
202 203 204 205
	gboolean success = FALSE;
	GError *spawn_error = NULL;

	g_return_val_if_fail (NM_IS_VPN_SERVICE (service), FALSE);
206

207 208
	vpn_argv[0] = priv->program;
	vpn_argv[1] = NULL;
209

210
	success = g_spawn_async (NULL, vpn_argv, NULL, 0, _daemon_setup, NULL, &pid, &spawn_error);
211
	if (success) {
212 213
		nm_log_info (LOGD_VPN, "VPN service '%s' started (%s), PID %ld",
		             priv->name, priv->dbus_service, (long int) pid);
214
		priv->start_timeout = g_timeout_add_seconds (5, _daemon_exec_timeout, service);
215
	} else {
216
		nm_log_warn (LOGD_VPN, "VPN service '%s': could not launch the VPN service. error: (%d) %s.",
217 218 219
		             priv->name,
		             spawn_error ? spawn_error->code : -1,
		             spawn_error && spawn_error->message ? spawn_error->message : "(unknown)");
220 221

		g_set_error (error,
222
		             NM_MANAGER_ERROR, NM_MANAGER_ERROR_FAILED,
223
		             "%s", spawn_error ? spawn_error->message : "unknown g_spawn_async() error");
224

225
		nm_vpn_service_stop_connections (service, FALSE, NM_VPN_CONNECTION_STATE_REASON_SERVICE_START_FAILED);
226 227
		if (spawn_error)
			g_error_free (spawn_error);
228
	}
229

230
	return success;
231 232
}

233
static gboolean
234
start_active_vpn (NMVpnService *self, GError **error)
235
{
236
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (self);
237 238 239 240

	if (!priv->active)
		return TRUE;

241
	if (priv->service_running) {
242 243 244 245 246 247 248 249 250 251 252 253 254 255
		/* Just activate the VPN */
		nm_vpn_connection_activate (priv->active);
		return TRUE;
	} else if (priv->start_timeout == 0) {
		/* VPN service not running, start it */
		nm_log_info (LOGD_VPN, "Starting VPN service '%s'...", priv->name);
		return nm_vpn_service_daemon_exec (self, error);
	}

	/* Already started VPN service, waiting for it to appear on D-Bus */
	return TRUE;
}

static gboolean
256
start_pending_vpn (NMVpnService *self, GError **error)
257
{
258
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (self);
259 260 261 262 263 264 265 266 267 268

	g_assert (priv->active == NULL);

	if (!priv->pending)
		return TRUE;

	/* Make next VPN active */
	priv->active = g_slist_nth_data (priv->pending, 0);
	priv->pending = g_slist_remove (priv->pending, priv->active);

269
	return start_active_vpn (self, error);
270 271
}

272
gboolean
273 274
nm_vpn_service_activate (NMVpnService *service,
                         NMVpnConnection *vpn,
275
                         GError **error)
276
{
277
	NMVpnServicePrivate *priv;
278

279 280 281 282
	g_return_val_if_fail (NM_IS_VPN_SERVICE (service), FALSE);
	g_return_val_if_fail (NM_IS_VPN_CONNECTION (vpn), FALSE);
	g_return_val_if_fail (error != NULL, FALSE);
	g_return_val_if_fail (*error == NULL, FALSE);
283

284
	priv = NM_VPN_SERVICE_GET_PRIVATE (service);
285

286
	g_signal_connect (vpn, NM_VPN_CONNECTION_INTERNAL_STATE_CHANGED,
287 288
	                  G_CALLBACK (connection_vpn_state_changed),
	                  service);
289

290 291
	/* Queue up the new VPN connection */
	priv->pending = g_slist_append (priv->pending, g_object_ref (vpn));
292

293 294 295 296 297
	/* Tell the active VPN to deactivate and wait for it to quit before we
	 * start the next VPN.  The just-queued VPN will then be started from
	 * connection_vpn_state_changed().
	 */
	if (priv->active) {
298
		nm_vpn_connection_deactivate (priv->active, NM_VPN_CONNECTION_STATE_REASON_USER_DISCONNECTED, FALSE);
299
		return TRUE;
300 301
	}

302
	/* Otherwise start the next VPN */
303
	return start_pending_vpn (service, error);
304 305 306
}

static void
307 308 309 310 311
_name_owner_changed (NMDBusManager *mgr,
                     const char *name,
                     const char *old,
                     const char *new,
                     gpointer user_data)
312
{
313 314
	NMVpnService *service = NM_VPN_SERVICE (user_data);
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (service);
315
	gboolean old_owner_good, new_owner_good, success;
316

317
	if (strcmp (name, priv->dbus_service))
318 319
		return;

320
	/* Service changed, no need to wait for the timeout any longer */
321 322 323
	if (priv->start_timeout) {
		g_source_remove (priv->start_timeout);
		priv->start_timeout = 0;
324 325
	}

326 327
	old_owner_good = (old && old[0]);
	new_owner_good = (new && new[0]);
328

329
	if (!old_owner_good && new_owner_good) {
330
		/* service appeared */
331
		priv->service_running = TRUE;
332
		nm_log_info (LOGD_VPN, "VPN service '%s' appeared; activating connections", priv->name);
333 334 335
		/* Expect success because the VPN service has already appeared */
		success = start_active_vpn (service, NULL);
		g_warn_if_fail (success);
336 337
	} else if (old_owner_good && !new_owner_good) {
		/* service went away */
338
		priv->service_running = FALSE;
339
		nm_log_info (LOGD_VPN, "VPN service '%s' disappeared", priv->name);
340
		nm_vpn_service_stop_connections (service, FALSE, NM_VPN_CONNECTION_STATE_REASON_SERVICE_STOPPED);
341 342 343
	}
}

344
/******************************************************************************/
345

346
static void
347
nm_vpn_service_init (NMVpnService *self)
348
{
349 350 351 352
	g_signal_connect (nm_dbus_manager_get (),
	                  NM_DBUS_MANAGER_NAME_OWNER_CHANGED,
	                  G_CALLBACK (_name_owner_changed),
	                  self);
353 354
}

355
static void
356
dispose (GObject *object)
357
{
358 359
	NMVpnService *self = NM_VPN_SERVICE (object);
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (self);
360

Dan Williams's avatar
Dan Williams committed
361
	if (priv->start_timeout) {
362
		g_source_remove (priv->start_timeout);
Dan Williams's avatar
Dan Williams committed
363 364
		priv->start_timeout = 0;
	}
365

366 367 368
	/* VPNService owner is required to stop connections before releasing */
	g_assert (priv->active == NULL);
	g_assert (priv->pending == NULL);
369

370 371 372
	g_signal_handlers_disconnect_by_func (nm_dbus_manager_get (),
	                                      G_CALLBACK (_name_owner_changed),
	                                      self);
373

Dan Williams's avatar
Dan Williams committed
374 375 376 377 378 379
	G_OBJECT_CLASS (nm_vpn_service_parent_class)->dispose (object);
}

static void
finalize (GObject *object)
{
380
	NMVpnServicePrivate *priv = NM_VPN_SERVICE_GET_PRIVATE (object);
381

382 383 384
	g_free (priv->name);
	g_free (priv->dbus_service);
	g_free (priv->program);
385
	g_free (priv->namefile);
386

Dan Williams's avatar
Dan Williams committed
387
	G_OBJECT_CLASS (nm_vpn_service_parent_class)->finalize (object);
388
}
389

390
static void
391
nm_vpn_service_class_init (NMVpnServiceClass *service_class)
392
{
393
	GObjectClass *object_class = G_OBJECT_CLASS (service_class);
394

395
	g_type_class_add_private (service_class, sizeof (NMVpnServicePrivate));
396

397
	/* virtual methods */
398
	object_class->dispose = dispose;
Dan Williams's avatar
Dan Williams committed
399
	object_class->finalize = finalize;
400
}