- 03 May, 2018 2 commits
-
-
Christian Kellner authored
Make sure we don't crash on empty device database entries.
-
Christian Kellner authored
Return a proper error if the device database entry has no name or vendor instead of using g_return_val_if_fail.
-
- 25 Apr, 2018 8 commits
-
-
Christian Kellner authored
Make sure that Device.AuthorizeTime is correct when authorizing and enrolling devices.
-
Christian Kellner authored
Make sure the Device.StoreTime property is corresponding to what is basically the time of the enrollment.
-
Christian Kellner authored
Check that we can enroll already authorized devices.
-
Christian Kellner authored
Add add_domain_host() to setup basic domain and host sysfs entries.
-
Christian Kellner authored
A call to Manger.Enroll for a device that is already authorized will not try to re-authorize the device but instead store the device in the database. For this the key, if present, is read from sysfs.
-
Christian Kellner authored
Now that bolt_store_put_device will take care of correctly setting the storetime to the current time if it is not set, we don't need to do that in the manager. As a positive side-effect it will also be emitted together with the rest of the store related property changes.
-
Christian Kellner authored
If the storetime of the device is already set, we preserve that, but if it is not, we set it to the current time. Callers of bolt_store_put_device therefore don't have to the store time before calling that function anymore.
-
Christian Kellner authored
Small helper that returns if the current status of the device is authorized or not.
-
- 24 Apr, 2018 12 commits
-
-
Christian Kellner authored
Add "authorize" topic to more auth-related logging. Also before, and after authorization, log a INFO level message.
-
Christian Kellner authored
-
Christian Kellner authored
Instead of always reporting BOLT_ERROR/BOLT_ERROR_FAILED we now propagate the more specific error codes we get from the underlying functions. This includes, NOKEY, BADKEY errors. Additionally, in the case the kernel reports EINVAL, we try to resolve that to a more specific error: either BADSTATE, if the device is already authorized, or AUTHCHAIN, if the parent device is not yet authorized. We also don't prefix the error with a "failed to authorize device" error anymore, that should be handled by the caller.
-
Christian Kellner authored
Like bolt_read_value_at but parses the string as an integer.
-
Christian Kellner authored
Match invalid argument errors (EINVAL) not INVALID_VALUE from G_KEY_FILE_ERROR.
-
Christian Kellner authored
Indicating that the authorization chain is interrupted, e.g. when trying to authorize a child device but the parent device is not yet authorized.
-
Christian Kellner authored
If the device is in the wrong state to be authorized, report the new and more specific ERROR_BADSTATE error.
-
Christian Kellner authored
Can be used if an operation cannot be performed with the current state, e.g. when trying to authorize a device and the device is already authorized.
-
Christian Kellner authored
BOLT_ERROR_{NOKEY, BADKEY, CFG} were not yet registered because the table was incomplete.
-
Christian Kellner authored
Some error codes were undocumented.
-
Christian Kellner authored
The internal sysfs_parse_str_as_int is now publicly available, unchanged, as bolt_str_parse_as_int. It sets errno no error.
-
Christian Kellner authored
Instead of having multiple version of how we update the status, it is now always done via device_set_status_internal, even when invoked via g_object_set.
-
- 20 Apr, 2018 4 commits
-
-
Christian Kellner authored
Make sure we correctly send the error, if set in a method handler.
-
Christian Kellner authored
Change the BoltExportedMethodHandler so handlers can directly return values and errors. The general dispatch logic, shared with dispatching property changes, was already prepare for this.
-
Christian Kellner authored
Instead of using notify to collect individual property changes and then emitting them in an idle handler, BoltExported now overwrites dispatch_properties_changed and directly emits the changed props. This has a couple of advantages: - multiple independent changes of the same properties will all get properly emitted in the order they happen. The previous code might combine multiple updates into one change set. - the PropertiesChanged signal will be emitted before dbus calls that change properties are completed - code is much simpler now, and we don't need a _flush method to make sure property changes happen neither
-
Christian Kellner authored
Also properly un-subscribe from the PropertiesChanged signal.
-
- 16 Apr, 2018 13 commits
-
-
Christian Kellner authored
Create stored devices, start the daemon and check that the devices that can be authorized are and that the devices that can't are not, e.g. they have no key and we are in SECURE mode or the parent of the device can't be authorized. Also check that we react to external authorization changes and react properly.
-
Christian Kellner authored
Just write the authorization to the mock'ed device file and reload the auth.
-
Christian Kellner authored
Create the device and possibly the key file.
-
Christian Kellner authored
When we create the database directory, also create the 'devices' and 'keys' dirs.
-
Christian Kellner authored
-
Christian Kellner authored
Make the Recorder.wait_for_event function check previously recorded events. This makes it race-free, i.e. if the event is recorded before we wait for it, we still detect it.
-
Christian Kellner authored
If the status of a device is changed, and the new status is AUTHORIZED then we also check if we now can authorize any children of that device. Currently this is done in the udev change event handler, i.e. handle_udev_device_changed; Now we do that in the signal handler of the device status change signal handle_device_status_changed. The latter will be called anyway as a consequence of the udev event, if that leads to a status change. The change puts reaction to device status changes all in one place, so the code is more organized.
-
Christian Kellner authored
Instead of scheduling a bolt_device_authorize in the manager, use the new bolt_device_authorize_idle function.
-
Christian Kellner authored
Like bolt_device_authorize but schedules it via a idle callback.
-
Christian Kellner authored
No semantic change, just moving code around.
-
Christian Kellner authored
Split out the creation of the GTask into its own method so it can be reused.
-
Christian Kellner authored
When bolt_device_authorize fails due to the device being in the wrong state, use the symbolic string instead of the number. Also use the bolt_status_is_pending helper.
-
Christian Kellner authored
Say a flag is composed of other flag values, see that we handle that in an expected manner.
-
- 12 Apr, 2018 1 commit
-
-
Christian Kellner authored
-