1 /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
2 /* NetworkManager -- Network link manager
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License along
15 * with this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 * Copyright (C) 2004 - 2013 Red Hat, Inc.
19 * Copyright (C) 2007 - 2008 Novell, Inc.
22 #include "nm-default.h"
29 #include "nm-policy.h"
30 #include "NetworkManagerUtils.h"
31 #include "nm-activation-request.h"
32 #include "nm-device.h"
33 #include "nm-default-route-manager.h"
34 #include "nm-setting-ip4-config.h"
35 #include "nm-setting-connection.h"
36 #include "nm-platform.h"
37 #include "nm-dns-manager.h"
38 #include "nm-vpn-manager.h"
39 #include "nm-auth-utils.h"
40 #include "nm-firewall-manager.h"
41 #include "nm-dispatcher.h"
43 #include "nm-core-internal.h"
44 #include "nm-manager.h"
45 #include "nm-settings.h"
46 #include "nm-settings-connection.h"
47 #include "nm-dhcp4-config.h"
48 #include "nm-dhcp6-config.h"
50 #define _NMLOG_PREFIX_NAME "policy"
51 #define _NMLOG(level, domain, ...) \
53 nm_log ((level), (domain), \
54 "%s" _NM_UTILS_MACRO_FIRST (__VA_ARGS__), \
55 _NMLOG_PREFIX_NAME": " \
56 _NM_UTILS_MACRO_REST (__VA_ARGS__)); \
61 NMFirewallManager *firewall_manager;
62 guint update_state_id;
63 GSList *pending_activation_checks;
68 GSList *pending_secondaries;
74 NMDevice *default_device4, *activating_device4;
75 NMDevice *default_device6, *activating_device6;
78 GInetAddress *lookup_addr;
79 GCancellable *lookup_cancellable;
80 NMDnsManager *dns_manager;
81 gulong config_changed_id;
83 guint reset_retries_id; /* idle handler for resetting the retries count */
85 char *orig_hostname; /* hostname at NM start time */
86 char *cur_hostname; /* hostname we want to assign */
87 gboolean hostname_changed; /* TRUE if NM ever set the hostname */
90 #define NM_POLICY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_POLICY, NMPolicyPrivate))
92 G_DEFINE_TYPE (NMPolicy, nm_policy, G_TYPE_OBJECT)
97 PROP_DEFAULT_IP4_DEVICE,
98 PROP_DEFAULT_IP6_DEVICE,
99 PROP_ACTIVATING_IP4_DEVICE,
100 PROP_ACTIVATING_IP6_DEVICE
103 static void schedule_activate_all (NMPolicy *policy);
107 get_best_ip4_device (NMPolicy *self, gboolean fully_activated)
109 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (self);
111 return nm_default_route_manager_ip4_get_best_device (nm_default_route_manager_get (),
112 nm_manager_get_devices (priv->manager),
114 priv->default_device4);
118 get_best_ip6_device (NMPolicy *self, gboolean fully_activated)
120 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (self);
122 return nm_default_route_manager_ip6_get_best_device (nm_default_route_manager_get (),
123 nm_manager_get_devices (priv->manager),
125 priv->default_device6);
128 #define FALLBACK_HOSTNAME4 "localhost.localdomain"
130 static void settings_set_hostname_cb (const char *hostname,
137 ret = sethostname (hostname, strlen (hostname));
141 _LOGW (LOGD_DNS, "couldn't set the system hostname to '%s': (%d) %s",
142 hostname, errsv, strerror (errsv));
144 _LOGW (LOGD_DNS, "you should use hostnamed when systemd hardening is in effect!");
149 nm_dispatcher_call (DISPATCHER_ACTION_HOSTNAME, NULL, NULL, NULL, NULL, NULL, NULL);
153 _set_hostname (NMPolicy *policy,
154 const char *new_hostname,
157 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
158 char old_hostname[HOST_NAME_MAX + 1];
162 /* The incoming hostname *can* be NULL, which will get translated to
163 * 'localhost.localdomain' or such in the hostname policy code, but we
164 * keep cur_hostname = NULL in the case because we need to know that
165 * there was no valid hostname to start with.
168 /* Clear lookup addresses if we have a hostname, so that we don't
169 * restart the reverse lookup thread later.
172 g_clear_object (&priv->lookup_addr);
174 /* Don't change the hostname or update DNS this is the first time we're
175 * trying to change the hostname, and it's not actually changing.
177 if ( priv->orig_hostname
178 && (priv->hostname_changed == FALSE)
179 && g_strcmp0 (priv->orig_hostname, new_hostname) == 0)
182 /* Don't change the hostname or update DNS if the hostname isn't actually
185 if (g_strcmp0 (priv->cur_hostname, new_hostname) == 0)
188 g_free (priv->cur_hostname);
189 priv->cur_hostname = g_strdup (new_hostname);
190 priv->hostname_changed = TRUE;
192 /* Notify the DNS manager of the hostname change so that the domain part, if
193 * present, can be added to the search list.
195 nm_dns_manager_set_hostname (priv->dns_manager, priv->cur_hostname);
197 /* Finally, set kernel hostname */
199 if (!priv->cur_hostname)
200 name = FALLBACK_HOSTNAME4;
201 else if (!priv->cur_hostname[0]) {
202 g_warn_if_reached ();
203 name = FALLBACK_HOSTNAME4;
205 name = priv->cur_hostname;
207 old_hostname[HOST_NAME_MAX] = '\0';
209 ret = gethostname (old_hostname, HOST_NAME_MAX);
211 _LOGW (LOGD_DNS, "couldn't get the system hostname: (%d) %s",
212 errno, strerror (errno));
214 /* Don't set the hostname if it isn't actually changing */
215 if (nm_streq (name, old_hostname))
219 _LOGI (LOGD_DNS, "setting system hostname to '%s' (%s)", name, msg);
221 /* Ask NMSettings to update the transient hostname using its
222 * systemd-hostnamed proxy */
223 nm_settings_set_transient_hostname (priv->settings,
225 settings_set_hostname_cb,
230 lookup_callback (GObject *source,
231 GAsyncResult *result,
234 NMPolicy *policy = (NMPolicy *) user_data;
235 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
236 const char *hostname;
237 GError *error = NULL;
239 hostname = g_resolver_lookup_by_address_finish (G_RESOLVER (source), result, &error);
240 if (g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) {
241 /* Don't touch policy; it may have been freed already */
242 g_error_free (error);
247 _set_hostname (policy, hostname, "from address lookup");
249 _set_hostname (policy, NULL, error->message);
250 g_error_free (error);
253 g_clear_object (&priv->lookup_cancellable);
257 update_system_hostname (NMPolicy *policy, NMDevice *best4, NMDevice *best6)
259 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
260 char *configured_hostname = NULL;
261 const char *dhcp_hostname, *p;
262 NMIP4Config *ip4_config;
263 NMIP6Config *ip6_config;
265 g_return_if_fail (policy != NULL);
267 if (priv->lookup_cancellable) {
268 g_cancellable_cancel (priv->lookup_cancellable);
269 g_clear_object (&priv->lookup_cancellable);
272 /* Hostname precedence order:
274 * 1) a configured hostname (from settings)
275 * 2) automatic hostname from the default device's config (DHCP, VPN, etc)
276 * 3) the original hostname when NM started
277 * 4) reverse-DNS of the best device's IPv4 address
281 /* Try a persistent hostname first */
282 g_object_get (G_OBJECT (priv->manager), NM_MANAGER_HOSTNAME, &configured_hostname, NULL);
283 if (configured_hostname && nm_utils_is_specific_hostname (configured_hostname)) {
284 _set_hostname (policy, configured_hostname, "from system configuration");
285 g_free (configured_hostname);
288 g_free (configured_hostname);
290 /* Try automatically determined hostname from the best device's IP config */
292 best4 = get_best_ip4_device (policy, TRUE);
294 best6 = get_best_ip6_device (policy, TRUE);
296 if (!best4 && !best6) {
297 /* No best device; fall back to original hostname or if there wasn't
298 * one, 'localhost.localdomain'
300 _set_hostname (policy, priv->orig_hostname, "no default device");
305 NMDhcp4Config *dhcp4_config;
307 /* Grab a hostname out of the device's DHCP4 config */
308 dhcp4_config = nm_device_get_dhcp4_config (best4);
310 p = dhcp_hostname = nm_dhcp4_config_get_option (dhcp4_config, "host_name");
311 if (dhcp_hostname && strlen (dhcp_hostname)) {
312 /* Sanity check; strip leading spaces */
314 if (!g_ascii_isspace (*p++)) {
315 _set_hostname (policy, p-1, "from DHCPv4");
319 _LOGW (LOGD_DNS, "DHCPv4-provided hostname '%s' looks invalid; ignoring it",
324 NMDhcp6Config *dhcp6_config;
326 /* Grab a hostname out of the device's DHCP6 config */
327 dhcp6_config = nm_device_get_dhcp6_config (best6);
329 p = dhcp_hostname = nm_dhcp6_config_get_option (dhcp6_config, "host_name");
330 if (dhcp_hostname && strlen (dhcp_hostname)) {
331 /* Sanity check; strip leading spaces */
333 if (!g_ascii_isspace (*p++)) {
334 _set_hostname (policy, p-1, "from DHCPv6");
338 _LOGW (LOGD_DNS, "DHCPv6-provided hostname '%s' looks invalid; ignoring it",
344 /* If no automatically-configured hostname, try using the hostname from
345 * when NM started up.
347 if (priv->orig_hostname) {
348 _set_hostname (policy, priv->orig_hostname, "from system startup");
352 /* No configured hostname, no automatically determined hostname, and no
353 * bootup hostname. Start reverse DNS of the current IPv4 or IPv6 address.
355 ip4_config = best4 ? nm_device_get_ip4_config (best4) : NULL;
356 ip6_config = best6 ? nm_device_get_ip6_config (best6) : NULL;
358 if (ip4_config && nm_ip4_config_get_num_addresses (ip4_config) > 0) {
359 const NMPlatformIP4Address *addr4;
361 addr4 = nm_ip4_config_get_address (ip4_config, 0);
362 g_clear_object (&priv->lookup_addr);
363 priv->lookup_addr = g_inet_address_new_from_bytes ((guint8 *) &addr4->address,
364 G_SOCKET_FAMILY_IPV4);
365 } else if (ip6_config && nm_ip6_config_get_num_addresses (ip6_config) > 0) {
366 const NMPlatformIP6Address *addr6;
368 addr6 = nm_ip6_config_get_address (ip6_config, 0);
369 g_clear_object (&priv->lookup_addr);
370 priv->lookup_addr = g_inet_address_new_from_bytes ((guint8 *) &addr6->address,
371 G_SOCKET_FAMILY_IPV6);
373 /* No valid IP config; fall back to localhost.localdomain */
374 _set_hostname (policy, NULL, "no IP config");
378 priv->lookup_cancellable = g_cancellable_new ();
379 g_resolver_lookup_by_address_async (priv->resolver,
381 priv->lookup_cancellable,
382 lookup_callback, policy);
386 update_default_ac (NMPolicy *policy,
387 NMActiveConnection *best,
388 void (*set_active_func)(NMActiveConnection*, gboolean))
390 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
391 const GSList *connections, *iter;
393 /* Clear the 'default[6]' flag on all active connections that aren't the new
394 * default active connection. We'll set the new default after; this ensures
395 * we don't ever have two marked 'default[6]' simultaneously.
397 connections = nm_manager_get_active_connections (priv->manager);
398 for (iter = connections; iter; iter = g_slist_next (iter)) {
399 if (NM_ACTIVE_CONNECTION (iter->data) != best)
400 set_active_func (NM_ACTIVE_CONNECTION (iter->data), FALSE);
403 /* Mark new default active connection */
405 set_active_func (best, TRUE);
409 get_best_ip4_config (NMPolicy *self,
410 gboolean ignore_never_default,
411 const char **out_ip_iface,
412 NMActiveConnection **out_ac,
413 NMDevice **out_device,
414 NMVpnConnection **out_vpn)
416 return nm_default_route_manager_ip4_get_best_config (nm_default_route_manager_get (),
417 ignore_never_default,
425 update_ip4_dns (NMPolicy *policy, NMDnsManager *dns_mgr)
427 NMIP4Config *ip4_config;
428 const char *ip_iface = NULL;
429 NMVpnConnection *vpn = NULL;
430 NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
432 ip4_config = get_best_ip4_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn);
435 dns_type = NM_DNS_IP_CONFIG_TYPE_VPN;
437 /* Tell the DNS manager this config is preferred by re-adding it with
438 * a different IP config type.
440 nm_dns_manager_add_ip4_config (dns_mgr, ip_iface, ip4_config, dns_type);
445 update_ip4_routing (NMPolicy *policy, gboolean force_update)
447 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
448 NMDevice *best = NULL, *default_device;
449 NMConnection *connection = NULL;
450 NMVpnConnection *vpn = NULL;
451 NMActiveConnection *best_ac = NULL;
452 const char *ip_iface = NULL;
454 /* Note that we might have an IPv4 VPN tunneled over an IPv6-only device,
455 * so we can get (vpn != NULL && best == NULL).
457 if (!get_best_ip4_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) {
460 changed = (priv->default_device4 != NULL);
461 priv->default_device4 = NULL;
463 g_object_notify (G_OBJECT (policy), NM_POLICY_DEFAULT_IP4_DEVICE);
467 g_assert ((best || vpn) && best_ac);
469 if (!force_update && best && (best == priv->default_device4))
473 const GSList *connections, *iter;
475 connections = nm_manager_get_active_connections (priv->manager);
476 for (iter = connections; iter; iter = g_slist_next (iter)) {
477 NMActiveConnection *active = iter->data;
479 if ( NM_IS_VPN_CONNECTION (active)
480 && nm_vpn_connection_get_ip4_config (NM_VPN_CONNECTION (active))
481 && !nm_active_connection_get_device (active))
482 nm_active_connection_set_device (active, best);
487 default_device = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn));
489 default_device = best;
491 update_default_ac (policy, best_ac, nm_active_connection_set_default);
493 if (default_device == priv->default_device4)
496 priv->default_device4 = default_device;
497 connection = nm_active_connection_get_applied_connection (best_ac);
498 _LOGI (LOGD_CORE, "set '%s' (%s) as default for IPv4 routing and DNS",
499 nm_connection_get_id (connection), ip_iface);
500 g_object_notify (G_OBJECT (policy), NM_POLICY_DEFAULT_IP4_DEVICE);
504 get_best_ip6_config (NMPolicy *self,
505 gboolean ignore_never_default,
506 const char **out_ip_iface,
507 NMActiveConnection **out_ac,
508 NMDevice **out_device,
509 NMVpnConnection **out_vpn)
511 return nm_default_route_manager_ip6_get_best_config (nm_default_route_manager_get (),
512 ignore_never_default,
520 update_ip6_dns (NMPolicy *policy, NMDnsManager *dns_mgr)
522 NMIP6Config *ip6_config;
523 const char *ip_iface = NULL;
524 NMVpnConnection *vpn = NULL;
525 NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
527 ip6_config = get_best_ip6_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn);
530 dns_type = NM_DNS_IP_CONFIG_TYPE_VPN;
532 /* Tell the DNS manager this config is preferred by re-adding it with
533 * a different IP config type.
535 nm_dns_manager_add_ip6_config (dns_mgr, ip_iface, ip6_config, dns_type);
540 update_ip6_routing (NMPolicy *policy, gboolean force_update)
542 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
543 NMDevice *best = NULL, *default_device6;
544 NMConnection *connection = NULL;
545 NMVpnConnection *vpn = NULL;
546 NMActiveConnection *best_ac = NULL;
547 const char *ip_iface = NULL;
549 /* Note that we might have an IPv6 VPN tunneled over an IPv4-only device,
550 * so we can get (vpn != NULL && best == NULL).
552 if (!get_best_ip6_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) {
555 changed = (priv->default_device6 != NULL);
556 priv->default_device6 = NULL;
558 g_object_notify (G_OBJECT (policy), NM_POLICY_DEFAULT_IP6_DEVICE);
562 g_assert ((best || vpn) && best_ac);
564 if (!force_update && best && (best == priv->default_device6))
568 const GSList *connections, *iter;
570 connections = nm_manager_get_active_connections (priv->manager);
571 for (iter = connections; iter; iter = g_slist_next (iter)) {
572 NMActiveConnection *active = iter->data;
574 if ( NM_IS_VPN_CONNECTION (active)
575 && nm_vpn_connection_get_ip6_config (NM_VPN_CONNECTION (active))
576 && !nm_active_connection_get_device (active))
577 nm_active_connection_set_device (active, best);
582 default_device6 = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn));
584 default_device6 = best;
586 update_default_ac (policy, best_ac, nm_active_connection_set_default6);
588 if (default_device6 == priv->default_device6)
591 priv->default_device6 = default_device6;
592 connection = nm_active_connection_get_applied_connection (best_ac);
593 _LOGI (LOGD_CORE, "set '%s' (%s) as default for IPv6 routing and DNS",
594 nm_connection_get_id (connection), ip_iface);
595 g_object_notify (G_OBJECT (policy), NM_POLICY_DEFAULT_IP6_DEVICE);
599 update_routing_and_dns (NMPolicy *policy, gboolean force_update)
601 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
603 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
605 update_ip4_dns (policy, priv->dns_manager);
606 update_ip6_dns (policy, priv->dns_manager);
608 update_ip4_routing (policy, force_update);
609 update_ip6_routing (policy, force_update);
611 /* Update the system hostname */
612 update_system_hostname (policy, priv->default_device4, priv->default_device6);
614 nm_dns_manager_end_updates (priv->dns_manager, __func__);
618 check_activating_devices (NMPolicy *policy)
620 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
621 GObject *object = G_OBJECT (policy);
622 NMDevice *best4, *best6 = NULL;
624 best4 = get_best_ip4_device (policy, FALSE);
625 best6 = get_best_ip6_device (policy, FALSE);
627 g_object_freeze_notify (object);
629 if (best4 != priv->activating_device4) {
630 priv->activating_device4 = best4;
631 g_object_notify (object, NM_POLICY_ACTIVATING_IP4_DEVICE);
633 if (best6 != priv->activating_device6) {
634 priv->activating_device6 = best6;
635 g_object_notify (object, NM_POLICY_ACTIVATING_IP6_DEVICE);
638 g_object_thaw_notify (object);
644 guint autoactivate_id;
648 activate_data_free (ActivateData *data)
650 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (data->policy);
652 nm_device_remove_pending_action (data->device, "autoactivate", TRUE);
653 priv->pending_activation_checks = g_slist_remove (priv->pending_activation_checks, data);
655 if (data->autoactivate_id)
656 g_source_remove (data->autoactivate_id);
657 g_object_unref (data->device);
662 auto_activate_device (gpointer user_data)
664 ActivateData *data = (ActivateData *) user_data;
666 NMPolicyPrivate *priv;
667 NMSettingsConnection *best_connection;
668 char *specific_object = NULL;
669 GPtrArray *connections;
670 GSList *connection_list;
674 policy = data->policy;
675 priv = NM_POLICY_GET_PRIVATE (policy);
677 data->autoactivate_id = 0;
679 // FIXME: if a device is already activating (or activated) with a connection
680 // but another connection now overrides the current one for that device,
681 // deactivate the device and activate the new connection instead of just
682 // bailing if the device is already active
683 if (nm_device_get_act_request (data->device))
686 connection_list = nm_manager_get_activatable_connections (priv->manager);
687 if (!connection_list)
690 connections = _nm_utils_copy_slist_to_array (connection_list, NULL, NULL);
691 g_slist_free (connection_list);
693 /* sort is stable (which is important at this point) so that connections
694 * with same priority are still sorted by last-connected-timestamp. */
695 g_ptr_array_sort (connections, (GCompareFunc) nm_utils_cmp_connection_by_autoconnect_priority);
697 /* Find the first connection that should be auto-activated */
698 best_connection = NULL;
699 for (i = 0; i < connections->len; i++) {
700 NMSettingsConnection *candidate = NM_SETTINGS_CONNECTION (connections->pdata[i]);
702 if (!nm_settings_connection_can_autoconnect (candidate))
704 if (nm_device_can_auto_connect (data->device, (NMConnection *) candidate, &specific_object)) {
705 best_connection = candidate;
709 g_ptr_array_free (connections, TRUE);
711 if (best_connection) {
712 GError *error = NULL;
713 NMAuthSubject *subject;
715 _LOGI (LOGD_DEVICE, "auto-activating connection '%s'",
716 nm_settings_connection_get_id (best_connection));
717 subject = nm_auth_subject_new_internal ();
718 if (!nm_manager_activate_connection (priv->manager,
724 _LOGI (LOGD_DEVICE, "connection '%s' auto-activation failed: (%d) %s",
725 nm_settings_connection_get_id (best_connection),
728 g_error_free (error);
730 g_object_unref (subject);
734 activate_data_free (data);
735 return G_SOURCE_REMOVE;
738 static ActivateData *
739 find_pending_activation (GSList *list, NMDevice *device)
743 for (iter = list; iter; iter = g_slist_next (iter)) {
744 if (((ActivateData *) iter->data)->device == device)
750 /*****************************************************************************/
755 } PendingSecondaryData;
757 static PendingSecondaryData *
758 pending_secondary_data_new (NMDevice *device, GSList *secondaries)
760 PendingSecondaryData *data;
762 data = g_malloc0 (sizeof (PendingSecondaryData));
763 data->device = g_object_ref (device);
764 data->secondaries = secondaries;
769 pending_secondary_data_free (PendingSecondaryData *data)
771 g_object_unref (data->device);
772 g_slist_free_full (data->secondaries, g_object_unref);
773 memset (data, 0, sizeof (*data));
778 process_secondaries (NMPolicy *policy,
779 NMActiveConnection *active,
782 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
783 GSList *iter, *iter2, *next, *next2;
785 /* Loop through devices waiting for secondary connections to activate */
786 for (iter = priv->pending_secondaries; iter; iter = next) {
787 PendingSecondaryData *secondary_data = (PendingSecondaryData *) iter->data;
788 NMDevice *item_device = secondary_data->device;
790 next = g_slist_next (iter);
792 /* Look for 'active' in each device's secondary connections list */
793 for (iter2 = secondary_data->secondaries; iter2; iter2 = next2) {
794 NMActiveConnection *secondary_active = NM_ACTIVE_CONNECTION (iter2->data);
796 next2 = g_slist_next (iter2);
798 if (active != secondary_active)
802 _LOGD (LOGD_DEVICE, "secondary connection '%s' succeeded; active path '%s'",
803 nm_active_connection_get_settings_connection_id (active),
804 nm_exported_object_get_path (NM_EXPORTED_OBJECT (active)));
806 /* Secondary connection activated */
807 secondary_data->secondaries = g_slist_remove (secondary_data->secondaries, secondary_active);
808 g_object_unref (secondary_active);
809 if (!secondary_data->secondaries) {
810 /* No secondary UUID remained -> remove the secondary data item */
811 priv->pending_secondaries = g_slist_remove (priv->pending_secondaries, secondary_data);
812 pending_secondary_data_free (secondary_data);
813 if (nm_device_get_state (item_device) == NM_DEVICE_STATE_SECONDARIES)
814 nm_device_state_changed (item_device, NM_DEVICE_STATE_ACTIVATED, NM_DEVICE_STATE_REASON_NONE);
818 _LOGD (LOGD_DEVICE, "secondary connection '%s' failed; active path '%s'",
819 nm_active_connection_get_settings_connection_id (active),
820 nm_exported_object_get_path (NM_EXPORTED_OBJECT (active)));
822 /* Secondary connection failed -> do not watch other connections */
823 priv->pending_secondaries = g_slist_remove (priv->pending_secondaries, secondary_data);
824 pending_secondary_data_free (secondary_data);
825 if ( nm_device_get_state (item_device) == NM_DEVICE_STATE_SECONDARIES
826 || nm_device_get_state (item_device) == NM_DEVICE_STATE_ACTIVATED)
827 nm_device_state_changed (item_device, NM_DEVICE_STATE_FAILED,
828 NM_DEVICE_STATE_REASON_SECONDARY_CONNECTION_FAILED);
836 global_state_changed (NMManager *manager, NMState state, gpointer user_data)
841 hostname_changed (NMManager *manager, GParamSpec *pspec, gpointer user_data)
843 update_system_hostname ((NMPolicy *) user_data, NULL, NULL);
847 reset_autoconnect_all (NMPolicy *policy, NMDevice *device)
849 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
850 GSList *connections, *iter;
853 _LOGD (LOGD_DEVICE, "re-enabling autoconnect for all connections on %s",
854 nm_device_get_iface (device));
856 _LOGD (LOGD_DEVICE, "re-enabling autoconnect for all connections");
858 connections = nm_settings_get_connections (priv->settings);
859 for (iter = connections; iter; iter = g_slist_next (iter)) {
860 if (!device || nm_device_check_connection_compatible (device, iter->data)) {
861 nm_settings_connection_reset_autoconnect_retries (iter->data);
862 nm_settings_connection_set_autoconnect_blocked_reason (iter->data, NM_DEVICE_STATE_REASON_NONE);
865 g_slist_free (connections);
869 reset_autoconnect_for_failed_secrets (NMPolicy *policy)
871 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
872 GSList *connections, *iter;
874 _LOGD (LOGD_DEVICE, "re-enabling autoconnect for all connections with failed secrets");
876 connections = nm_settings_get_connections (priv->settings);
877 for (iter = connections; iter; iter = g_slist_next (iter)) {
878 NMSettingsConnection *connection = NM_SETTINGS_CONNECTION (iter->data);
880 if (nm_settings_connection_get_autoconnect_blocked_reason (connection) == NM_DEVICE_STATE_REASON_NO_SECRETS) {
881 nm_settings_connection_reset_autoconnect_retries (connection);
882 nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_DEVICE_STATE_REASON_NONE);
885 g_slist_free (connections);
889 block_autoconnect_for_device (NMPolicy *policy, NMDevice *device)
891 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
892 GSList *connections, *iter;
894 _LOGD (LOGD_DEVICE, "blocking autoconnect for all connections on %s",
895 nm_device_get_iface (device));
897 /* NMDevice keeps its own autoconnect-able-ness state; we only need to
898 * explicitly block connections for software devices, where the NMDevice
899 * might be destroyed and recreated later.
901 if (!nm_device_is_software (device))
904 connections = nm_settings_get_connections (priv->settings);
905 for (iter = connections; iter; iter = g_slist_next (iter)) {
906 if (nm_device_check_connection_compatible (device, iter->data)) {
907 nm_settings_connection_set_autoconnect_blocked_reason (NM_SETTINGS_CONNECTION (iter->data),
908 NM_DEVICE_STATE_REASON_USER_REQUESTED);
914 sleeping_changed (NMManager *manager, GParamSpec *pspec, gpointer user_data)
916 NMPolicy *policy = user_data;
917 gboolean sleeping = FALSE, enabled = FALSE;
919 g_object_get (G_OBJECT (manager), NM_MANAGER_SLEEPING, &sleeping, NULL);
920 g_object_get (G_OBJECT (manager), NM_MANAGER_NETWORKING_ENABLED, &enabled, NULL);
922 /* Reset retries on all connections so they'll checked on wakeup */
923 if (sleeping || !enabled)
924 reset_autoconnect_all (policy, NULL);
928 schedule_activate_check (NMPolicy *policy, NMDevice *device)
930 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
932 const GSList *active_connections, *iter;
934 if (nm_manager_get_state (priv->manager) == NM_STATE_ASLEEP)
937 if (!nm_device_get_enabled (device))
940 if (!nm_device_autoconnect_allowed (device))
943 if (find_pending_activation (priv->pending_activation_checks, device))
946 active_connections = nm_manager_get_active_connections (priv->manager);
947 for (iter = active_connections; iter; iter = iter->next) {
948 if (nm_active_connection_get_device (NM_ACTIVE_CONNECTION (iter->data)) == device)
952 nm_device_add_pending_action (device, "autoactivate", TRUE);
954 data = g_malloc0 (sizeof (ActivateData));
955 data->policy = policy;
956 data->device = g_object_ref (device);
957 data->autoactivate_id = g_idle_add (auto_activate_device, data);
958 priv->pending_activation_checks = g_slist_append (priv->pending_activation_checks, data);
962 clear_pending_activate_check (NMPolicy *policy, NMDevice *device)
964 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
967 data = find_pending_activation (priv->pending_activation_checks, device);
968 if (data && data->autoactivate_id)
969 activate_data_free (data);
973 reset_connections_retries (gpointer user_data)
975 NMPolicy *policy = (NMPolicy *) user_data;
976 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
977 GSList *connections, *iter;
978 gint32 con_stamp, min_stamp, now;
979 gboolean changed = FALSE;
981 priv->reset_retries_id = 0;
984 now = nm_utils_get_monotonic_timestamp_s ();
985 connections = nm_settings_get_connections (priv->settings);
986 for (iter = connections; iter; iter = g_slist_next (iter)) {
987 NMSettingsConnection *connection = NM_SETTINGS_CONNECTION (iter->data);
989 con_stamp = nm_settings_connection_get_autoconnect_retry_time (connection);
993 if (con_stamp <= now) {
994 nm_settings_connection_reset_autoconnect_retries (connection);
996 } else if (min_stamp == 0 || min_stamp > con_stamp)
997 min_stamp = con_stamp;
999 g_slist_free (connections);
1001 /* Schedule the handler again if there are some stamps left */
1003 priv->reset_retries_id = g_timeout_add_seconds (min_stamp - now, reset_connections_retries, policy);
1005 /* If anything changed, try to activate the newly re-enabled connections */
1007 schedule_activate_all (policy);
1012 static void schedule_activate_all (NMPolicy *policy);
1015 activate_slave_connections (NMPolicy *policy, NMDevice *device)
1017 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1018 const char *master_device, *master_uuid_settings = NULL, *master_uuid_applied = NULL;
1019 GSList *connections, *iter;
1022 master_device = nm_device_get_iface (device);
1023 g_assert (master_device);
1025 req = nm_device_get_act_request (device);
1029 con = nm_active_connection_get_applied_connection (NM_ACTIVE_CONNECTION (req));
1031 master_uuid_applied = nm_connection_get_uuid (con);
1032 con = NM_CONNECTION (nm_active_connection_get_settings_connection (NM_ACTIVE_CONNECTION (req)));
1034 master_uuid_settings = nm_connection_get_uuid (con);
1035 if (!g_strcmp0 (master_uuid_settings, master_uuid_applied))
1036 master_uuid_settings = NULL;
1040 connections = nm_settings_get_connections (priv->settings);
1041 for (iter = connections; iter; iter = g_slist_next (iter)) {
1042 NMConnection *slave;
1043 NMSettingConnection *s_slave_con;
1044 const char *slave_master;
1046 slave = NM_CONNECTION (iter->data);
1049 s_slave_con = nm_connection_get_setting_connection (slave);
1050 g_assert (s_slave_con);
1051 slave_master = nm_setting_connection_get_master (s_slave_con);
1055 if ( !g_strcmp0 (slave_master, master_device)
1056 || !g_strcmp0 (slave_master, master_uuid_applied)
1057 || !g_strcmp0 (slave_master, master_uuid_settings))
1058 nm_settings_connection_reset_autoconnect_retries (NM_SETTINGS_CONNECTION (slave));
1061 g_slist_free (connections);
1063 schedule_activate_all (policy);
1067 activate_secondary_connections (NMPolicy *policy,
1068 NMConnection *connection,
1071 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1072 NMSettingConnection *s_con;
1073 NMSettingsConnection *settings_con;
1074 NMActiveConnection *ac;
1075 PendingSecondaryData *secondary_data;
1076 GSList *secondary_ac_list = NULL;
1077 GError *error = NULL;
1079 gboolean success = TRUE;
1081 s_con = nm_connection_get_setting_connection (connection);
1084 for (i = 0; i < nm_setting_connection_get_num_secondaries (s_con); i++) {
1085 const char *sec_uuid = nm_setting_connection_get_secondary (s_con, i);
1088 settings_con = nm_settings_get_connection_by_uuid (priv->settings, sec_uuid);
1089 if (!settings_con) {
1090 _LOGW (LOGD_DEVICE, "secondary connection '%s' auto-activation failed: The connection doesn't exist.",
1095 if (!nm_connection_is_type (NM_CONNECTION (settings_con), NM_SETTING_VPN_SETTING_NAME)) {
1096 _LOGW (LOGD_DEVICE, "secondary connection '%s (%s)' auto-activation failed: The connection is not a VPN.",
1097 nm_settings_connection_get_id (settings_con), sec_uuid);
1102 req = nm_device_get_act_request (device);
1105 _LOGD (LOGD_DEVICE, "activating secondary connection '%s (%s)' for base connection '%s (%s)'",
1106 nm_settings_connection_get_id (settings_con), sec_uuid,
1107 nm_connection_get_id (connection), nm_connection_get_uuid (connection));
1108 ac = nm_manager_activate_connection (priv->manager,
1110 nm_exported_object_get_path (NM_EXPORTED_OBJECT (req)),
1112 nm_active_connection_get_subject (NM_ACTIVE_CONNECTION (req)),
1115 secondary_ac_list = g_slist_append (secondary_ac_list, g_object_ref (ac));
1117 _LOGW (LOGD_DEVICE, "secondary connection '%s (%s)' auto-activation failed: (%d) %s",
1118 nm_settings_connection_get_id (settings_con), sec_uuid,
1121 g_clear_error (&error);
1127 if (success && secondary_ac_list != NULL) {
1128 secondary_data = pending_secondary_data_new (device, secondary_ac_list);
1129 priv->pending_secondaries = g_slist_append (priv->pending_secondaries, secondary_data);
1131 g_slist_free_full (secondary_ac_list, g_object_unref);
1137 device_state_changed (NMDevice *device,
1138 NMDeviceState new_state,
1139 NMDeviceState old_state,
1140 NMDeviceStateReason reason,
1143 NMPolicy *policy = (NMPolicy *) user_data;
1144 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1146 NMSettingsConnection *connection = nm_device_get_settings_connection (device);
1148 const char *ip_iface = nm_device_get_ip_iface (device);
1149 NMIP4Config *ip4_config;
1150 NMIP6Config *ip6_config;
1151 NMSettingConnection *s_con = NULL;
1153 switch (new_state) {
1154 case NM_DEVICE_STATE_FAILED:
1155 /* Mark the connection invalid if it failed during activation so that
1156 * it doesn't get automatically chosen over and over and over again.
1159 && old_state >= NM_DEVICE_STATE_PREPARE
1160 && old_state <= NM_DEVICE_STATE_ACTIVATED) {
1161 guint32 tries = nm_settings_connection_get_autoconnect_retries (connection);
1163 if (reason == NM_DEVICE_STATE_REASON_NO_SECRETS) {
1164 _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to no secrets",
1165 nm_settings_connection_get_id (connection));
1167 nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_DEVICE_STATE_REASON_NO_SECRETS);
1168 } else if (tries > 0) {
1169 _LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; %d tries left",
1170 nm_settings_connection_get_id (connection), tries);
1171 nm_settings_connection_set_autoconnect_retries (connection, tries - 1);
1174 if (nm_settings_connection_get_autoconnect_retries (connection) == 0) {
1175 _LOGI (LOGD_DEVICE, "disabling autoconnect for connection '%s'.",
1176 nm_settings_connection_get_id (connection));
1177 /* Schedule a handler to reset retries count */
1178 if (!priv->reset_retries_id) {
1179 gint32 retry_time = nm_settings_connection_get_autoconnect_retry_time (connection);
1181 g_warn_if_fail (retry_time != 0);
1182 priv->reset_retries_id = g_timeout_add_seconds (MAX (0, retry_time - nm_utils_get_monotonic_timestamp_s ()), reset_connections_retries, policy);
1185 nm_connection_clear_secrets (NM_CONNECTION (connection));
1188 case NM_DEVICE_STATE_ACTIVATED:
1190 /* Reset auto retries back to default since connection was successful */
1191 nm_settings_connection_reset_autoconnect_retries (connection);
1193 /* And clear secrets so they will always be requested from the
1194 * settings service when the next connection is made.
1197 nm_connection_clear_secrets (NM_CONNECTION (connection));
1200 /* Add device's new IPv4 and IPv6 configs to DNS */
1202 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
1204 ip4_config = nm_device_get_ip4_config (device);
1206 nm_dns_manager_add_ip4_config (priv->dns_manager, ip_iface, ip4_config, NM_DNS_IP_CONFIG_TYPE_DEFAULT);
1207 ip6_config = nm_device_get_ip6_config (device);
1209 nm_dns_manager_add_ip6_config (priv->dns_manager, ip_iface, ip6_config, NM_DNS_IP_CONFIG_TYPE_DEFAULT);
1211 update_routing_and_dns (policy, FALSE);
1213 nm_dns_manager_end_updates (priv->dns_manager, __func__);
1215 case NM_DEVICE_STATE_UNMANAGED:
1216 case NM_DEVICE_STATE_UNAVAILABLE:
1217 if (old_state > NM_DEVICE_STATE_DISCONNECTED)
1218 update_routing_and_dns (policy, FALSE);
1220 case NM_DEVICE_STATE_DEACTIVATING:
1221 if (reason == NM_DEVICE_STATE_REASON_USER_REQUESTED) {
1222 if (!nm_device_get_autoconnect (device)) {
1223 /* The device was disconnected; block all connections on it */
1224 block_autoconnect_for_device (policy, device);
1227 /* The connection was deactivated, so block just this connection */
1228 _LOGD (LOGD_DEVICE, "blocking autoconnect of connection '%s' by user request",
1229 nm_settings_connection_get_id (connection));
1230 nm_settings_connection_set_autoconnect_blocked_reason (connection,
1231 NM_DEVICE_STATE_REASON_USER_REQUESTED);
1236 case NM_DEVICE_STATE_DISCONNECTED:
1237 /* Reset retry counts for a device's connections when carrier on; if cable
1238 * was unplugged and plugged in again, we should try to reconnect.
1240 if (reason == NM_DEVICE_STATE_REASON_CARRIER && old_state == NM_DEVICE_STATE_UNAVAILABLE)
1241 reset_autoconnect_all (policy, device);
1243 if (old_state > NM_DEVICE_STATE_DISCONNECTED)
1244 update_routing_and_dns (policy, FALSE);
1246 /* Device is now available for auto-activation */
1247 schedule_activate_check (policy, device);
1250 case NM_DEVICE_STATE_PREPARE:
1251 /* Reset auto-connect retries of all slaves and schedule them for
1253 activate_slave_connections (policy, device);
1255 case NM_DEVICE_STATE_IP_CONFIG:
1256 /* We must have secrets if we got here. */
1258 nm_settings_connection_set_autoconnect_blocked_reason (connection, NM_DEVICE_STATE_REASON_NONE);
1260 case NM_DEVICE_STATE_SECONDARIES:
1262 s_con = nm_connection_get_setting_connection (NM_CONNECTION (connection));
1263 if (s_con && nm_setting_connection_get_num_secondaries (s_con) > 0) {
1264 /* Make routes and DNS up-to-date before activating dependent connections */
1265 update_routing_and_dns (policy, FALSE);
1267 /* Activate secondary (VPN) connections */
1268 if (!activate_secondary_connections (policy, NM_CONNECTION (connection), device))
1269 nm_device_queue_state (device, NM_DEVICE_STATE_FAILED,
1270 NM_DEVICE_STATE_REASON_SECONDARY_CONNECTION_FAILED);
1272 nm_device_queue_state (device, NM_DEVICE_STATE_ACTIVATED,
1273 NM_DEVICE_STATE_REASON_NONE);
1280 check_activating_devices (policy);
1284 device_ip4_config_changed (NMDevice *device,
1285 NMIP4Config *new_config,
1286 NMIP4Config *old_config,
1289 NMPolicy *policy = user_data;
1290 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1291 const char *ip_iface = nm_device_get_ip_iface (device);
1293 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
1295 /* Ignore IP config changes while the device is activating, because we'll
1296 * catch all the changes when the device moves to ACTIVATED state.
1297 * Prevents unecessary changes to DNS information.
1299 if (!nm_device_is_activating (device)) {
1300 if (old_config != new_config) {
1302 nm_dns_manager_remove_ip4_config (priv->dns_manager, old_config);
1304 nm_dns_manager_add_ip4_config (priv->dns_manager, ip_iface, new_config, NM_DNS_IP_CONFIG_TYPE_DEFAULT);
1306 update_ip4_dns (policy, priv->dns_manager);
1307 update_ip4_routing (policy, TRUE);
1309 /* Old configs get removed immediately */
1311 nm_dns_manager_remove_ip4_config (priv->dns_manager, old_config);
1314 nm_dns_manager_end_updates (priv->dns_manager, __func__);
1318 device_ip6_config_changed (NMDevice *device,
1319 NMIP6Config *new_config,
1320 NMIP6Config *old_config,
1323 NMPolicy *policy = user_data;
1324 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1325 const char *ip_iface = nm_device_get_ip_iface (device);
1327 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
1329 /* Ignore IP config changes while the device is activating, because we'll
1330 * catch all the changes when the device moves to ACTIVATED state.
1331 * Prevents unecessary changes to DNS information.
1333 if (!nm_device_is_activating (device)) {
1334 if (old_config != new_config) {
1336 nm_dns_manager_remove_ip6_config (priv->dns_manager, old_config);
1338 nm_dns_manager_add_ip6_config (priv->dns_manager, ip_iface, new_config, NM_DNS_IP_CONFIG_TYPE_DEFAULT);
1340 update_ip6_dns (policy, priv->dns_manager);
1341 update_ip6_routing (policy, TRUE);
1343 /* Old configs get removed immediately */
1345 nm_dns_manager_remove_ip6_config (priv->dns_manager, old_config);
1348 nm_dns_manager_end_updates (priv->dns_manager, __func__);
1352 device_autoconnect_changed (NMDevice *device,
1356 if (nm_device_autoconnect_allowed (device))
1357 schedule_activate_check ((NMPolicy *) user_data, device);
1361 device_recheck_auto_activate (NMDevice *device, gpointer user_data)
1363 schedule_activate_check (NM_POLICY (user_data), device);
1372 _connect_device_signal (NMPolicy *policy,
1378 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1379 DeviceSignalId *data;
1381 data = g_slice_new0 (DeviceSignalId);
1384 data->id = g_signal_connect_after (device, name, callback, policy);
1386 data->id = g_signal_connect (device, name, callback, policy);
1387 data->device = device;
1388 priv->dev_ids = g_slist_prepend (priv->dev_ids, data);
1392 device_added (NMManager *manager, NMDevice *device, gpointer user_data)
1394 NMPolicy *policy = (NMPolicy *) user_data;
1396 /* Connect state-changed with _after, so that the handler is invoked after other handlers. */
1397 _connect_device_signal (policy, device, NM_DEVICE_STATE_CHANGED, device_state_changed, TRUE);
1398 _connect_device_signal (policy, device, NM_DEVICE_IP4_CONFIG_CHANGED, device_ip4_config_changed, FALSE);
1399 _connect_device_signal (policy, device, NM_DEVICE_IP6_CONFIG_CHANGED, device_ip6_config_changed, FALSE);
1400 _connect_device_signal (policy, device, "notify::" NM_DEVICE_AUTOCONNECT, device_autoconnect_changed, FALSE);
1401 _connect_device_signal (policy, device, NM_DEVICE_RECHECK_AUTO_ACTIVATE, device_recheck_auto_activate, FALSE);
1405 device_removed (NMManager *manager, NMDevice *device, gpointer user_data)
1407 NMPolicy *policy = (NMPolicy *) user_data;
1408 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1411 /* Clear any idle callbacks for this device */
1412 clear_pending_activate_check (policy, device);
1414 /* Clear any signal handlers for this device */
1415 iter = priv->dev_ids;
1417 DeviceSignalId *data = iter->data;
1418 GSList *next = g_slist_next (iter);
1420 if (data->device == device) {
1421 g_signal_handler_disconnect (data->device, data->id);
1422 g_slice_free (DeviceSignalId, data);
1423 priv->dev_ids = g_slist_delete_link (priv->dev_ids, iter);
1428 /* Don't update routing and DNS here as we've already handled that
1429 * for devices that need it when the device's state changed to UNMANAGED.
1433 /**************************************************************************/
1436 vpn_connection_activated (NMPolicy *policy, NMVpnConnection *vpn)
1438 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1439 NMIP4Config *ip4_config;
1440 NMIP6Config *ip6_config;
1441 const char *ip_iface;
1443 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
1445 ip_iface = nm_vpn_connection_get_ip_iface (vpn);
1447 /* Add the VPN connection's IP configs from DNS */
1449 ip4_config = nm_vpn_connection_get_ip4_config (vpn);
1451 nm_dns_manager_add_ip4_config (priv->dns_manager, ip_iface, ip4_config, NM_DNS_IP_CONFIG_TYPE_VPN);
1453 ip6_config = nm_vpn_connection_get_ip6_config (vpn);
1455 nm_dns_manager_add_ip6_config (priv->dns_manager, ip_iface, ip6_config, NM_DNS_IP_CONFIG_TYPE_VPN);
1457 update_routing_and_dns (policy, TRUE);
1459 nm_dns_manager_end_updates (priv->dns_manager, __func__);
1463 vpn_connection_deactivated (NMPolicy *policy, NMVpnConnection *vpn)
1465 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1466 NMIP4Config *ip4_config;
1467 NMIP6Config *ip6_config;
1469 nm_dns_manager_begin_updates (priv->dns_manager, __func__);
1471 ip4_config = nm_vpn_connection_get_ip4_config (vpn);
1473 /* Remove the VPN connection's IP4 config from DNS */
1474 nm_dns_manager_remove_ip4_config (priv->dns_manager, ip4_config);
1477 ip6_config = nm_vpn_connection_get_ip6_config (vpn);
1479 /* Remove the VPN connection's IP6 config from DNS */
1480 nm_dns_manager_remove_ip6_config (priv->dns_manager, ip6_config);
1483 update_routing_and_dns (policy, TRUE);
1485 nm_dns_manager_end_updates (priv->dns_manager, __func__);
1489 vpn_connection_state_changed (NMVpnConnection *vpn,
1490 NMVpnConnectionState new_state,
1491 NMVpnConnectionState old_state,
1492 NMVpnConnectionStateReason reason,
1495 if (new_state == NM_VPN_CONNECTION_STATE_ACTIVATED)
1496 vpn_connection_activated (policy, vpn);
1497 else if (new_state >= NM_VPN_CONNECTION_STATE_FAILED) {
1498 /* Only clean up IP/DNS if the connection ever got past IP_CONFIG */
1499 if (old_state >= NM_VPN_CONNECTION_STATE_IP_CONFIG_GET &&
1500 old_state <= NM_VPN_CONNECTION_STATE_ACTIVATED)
1501 vpn_connection_deactivated (policy, vpn);
1506 vpn_connection_retry_after_failure (NMVpnConnection *vpn, NMPolicy *policy)
1508 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1509 NMActiveConnection *ac = NM_ACTIVE_CONNECTION (vpn);
1510 NMSettingsConnection *connection = nm_active_connection_get_settings_connection (ac);
1511 GError *error = NULL;
1513 /* Attempt to reconnect VPN connections that failed after being connected */
1514 if (!nm_manager_activate_connection (priv->manager,
1518 nm_active_connection_get_subject (ac),
1520 _LOGW (LOGD_DEVICE, "VPN '%s' reconnect failed: %s",
1521 nm_settings_connection_get_id (connection),
1522 error->message ? error->message : "unknown");
1523 g_clear_error (&error);
1528 active_connection_state_changed (NMActiveConnection *active,
1532 NMActiveConnectionState state = nm_active_connection_get_state (active);
1534 if (state == NM_ACTIVE_CONNECTION_STATE_ACTIVATED)
1535 process_secondaries (policy, active, TRUE);
1536 else if (state == NM_ACTIVE_CONNECTION_STATE_DEACTIVATED)
1537 process_secondaries (policy, active, FALSE);
1541 active_connection_added (NMManager *manager,
1542 NMActiveConnection *active,
1545 NMPolicy *policy = NM_POLICY (user_data);
1547 if (NM_IS_VPN_CONNECTION (active)) {
1548 g_signal_connect (active, NM_VPN_CONNECTION_INTERNAL_STATE_CHANGED,
1549 G_CALLBACK (vpn_connection_state_changed),
1551 g_signal_connect (active, NM_VPN_CONNECTION_INTERNAL_RETRY_AFTER_FAILURE,
1552 G_CALLBACK (vpn_connection_retry_after_failure),
1556 g_signal_connect (active, "notify::" NM_ACTIVE_CONNECTION_STATE,
1557 G_CALLBACK (active_connection_state_changed),
1562 active_connection_removed (NMManager *manager,
1563 NMActiveConnection *active,
1566 NMPolicy *policy = NM_POLICY (user_data);
1568 g_signal_handlers_disconnect_by_func (active,
1569 vpn_connection_state_changed,
1571 g_signal_handlers_disconnect_by_func (active,
1572 vpn_connection_retry_after_failure,
1574 g_signal_handlers_disconnect_by_func (active,
1575 active_connection_state_changed,
1579 /**************************************************************************/
1582 schedule_activate_all (NMPolicy *policy)
1584 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1587 for (iter = nm_manager_get_devices (priv->manager); iter; iter = g_slist_next (iter))
1588 schedule_activate_check (policy, NM_DEVICE (iter->data));
1592 connection_added (NMSettings *settings,
1593 NMSettingsConnection *connection,
1596 NMPolicy *policy = NM_POLICY (user_data);
1598 schedule_activate_all (policy);
1602 firewall_started (NMFirewallManager *manager,
1605 NMPolicy *policy = (NMPolicy *) user_data;
1606 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1609 /* add interface of each device to correct zone */
1610 for (iter = nm_manager_get_devices (priv->manager); iter; iter = g_slist_next (iter))
1611 nm_device_update_firewall_zone (iter->data);
1615 dns_config_changed (NMDnsManager *dns_manager, gpointer user_data)
1617 NMPolicy *policy = (NMPolicy *) user_data;
1618 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1620 /* Restart a thread for reverse-DNS lookup after we are signalled that
1621 * DNS changed. Because the result from a previous run may not be right
1622 * (race in updating DNS and doing the reverse lookup).
1625 /* Stop a lookup thread if any. */
1626 if (priv->lookup_cancellable) {
1627 g_cancellable_cancel (priv->lookup_cancellable);
1628 g_clear_object (&priv->lookup_cancellable);
1631 /* Re-start the hostname lookup thread if we don't have hostname yet. */
1632 if (priv->lookup_addr) {
1635 _LOGD (LOGD_DNS, "restarting reverse-lookup thread for address %s",
1636 (str = g_inet_address_to_string (priv->lookup_addr)));
1639 priv->lookup_cancellable = g_cancellable_new ();
1640 g_resolver_lookup_by_address_async (priv->resolver,
1642 priv->lookup_cancellable,
1643 lookup_callback, policy);
1648 connection_updated (NMSettings *settings,
1649 NMConnection *connection,
1652 schedule_activate_all ((NMPolicy *) user_data);
1656 connection_updated_by_user (NMSettings *settings,
1657 NMSettingsConnection *connection,
1660 NMPolicy *policy = (NMPolicy *) user_data;
1661 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1663 NMDevice *device = NULL;
1665 /* find device with given connection */
1666 for (iter = nm_manager_get_devices (priv->manager); iter; iter = g_slist_next (iter)) {
1667 NMDevice *dev = NM_DEVICE (iter->data);
1669 if (nm_device_get_settings_connection (dev) == connection) {
1676 nm_device_reapply_settings_immediately (device);
1678 /* Reset auto retries back to default since connection was updated */
1679 nm_settings_connection_reset_autoconnect_retries (connection);
1683 _deactivate_if_active (NMManager *manager, NMSettingsConnection *connection)
1685 const GSList *active, *iter;
1687 active = nm_manager_get_active_connections (manager);
1688 for (iter = active; iter; iter = g_slist_next (iter)) {
1689 NMActiveConnection *ac = iter->data;
1690 NMActiveConnectionState state = nm_active_connection_get_state (ac);
1691 GError *error = NULL;
1693 if (nm_active_connection_get_settings_connection (ac) == connection &&
1694 (state <= NM_ACTIVE_CONNECTION_STATE_ACTIVATED)) {
1695 if (!nm_manager_deactivate_connection (manager,
1696 nm_exported_object_get_path (NM_EXPORTED_OBJECT (ac)),
1697 NM_DEVICE_STATE_REASON_CONNECTION_REMOVED,
1699 _LOGW (LOGD_DEVICE, "connection '%s' disappeared, but error deactivating it: (%d) %s",
1700 nm_settings_connection_get_id (connection),
1701 error ? error->code : -1,
1702 error ? error->message : "(unknown)");
1703 g_clear_error (&error);
1710 connection_removed (NMSettings *settings,
1711 NMSettingsConnection *connection,
1714 NMPolicy *policy = user_data;
1715 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1717 _deactivate_if_active (priv->manager, connection);
1721 connection_visibility_changed (NMSettings *settings,
1722 NMSettingsConnection *connection,
1725 NMPolicy *policy = user_data;
1726 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1728 if (nm_settings_connection_is_visible (connection))
1729 schedule_activate_all (policy);
1731 _deactivate_if_active (priv->manager, connection);
1735 secret_agent_registered (NMSettings *settings,
1736 NMSecretAgent *agent,
1739 NMPolicy *policy = NM_POLICY (user_data);
1741 /* The registered secret agent may provide some missing secrets. Thus we
1742 * reset retries count here and schedule activation, so that the
1743 * connections failed due to missing secrets may re-try auto-connection.
1745 reset_autoconnect_for_failed_secrets (policy);
1746 schedule_activate_all (policy);
1750 nm_policy_get_default_ip4_device (NMPolicy *policy)
1752 return NM_POLICY_GET_PRIVATE (policy)->default_device4;
1756 nm_policy_get_default_ip6_device (NMPolicy *policy)
1758 return NM_POLICY_GET_PRIVATE (policy)->default_device6;
1762 nm_policy_get_activating_ip4_device (NMPolicy *policy)
1764 return NM_POLICY_GET_PRIVATE (policy)->activating_device4;
1768 nm_policy_get_activating_ip6_device (NMPolicy *policy)
1770 return NM_POLICY_GET_PRIVATE (policy)->activating_device6;
1773 /*****************************************************************************/
1776 get_property (GObject *object, guint prop_id,
1777 GValue *value, GParamSpec *pspec)
1779 NMPolicy *policy = NM_POLICY (object);
1780 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1783 case PROP_DEFAULT_IP4_DEVICE:
1784 g_value_set_object (value, priv->default_device4);
1786 case PROP_DEFAULT_IP6_DEVICE:
1787 g_value_set_object (value, priv->default_device6);
1789 case PROP_ACTIVATING_IP4_DEVICE:
1790 g_value_set_object (value, priv->activating_device4);
1792 case PROP_ACTIVATING_IP6_DEVICE:
1793 g_value_set_object (value, priv->activating_device6);
1796 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
1801 /*****************************************************************************/
1804 _connect_manager_signal (NMPolicy *policy, const char *name, gpointer callback)
1806 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1809 id = g_signal_connect (priv->manager, name, callback, policy);
1810 priv->manager_ids = g_slist_prepend (priv->manager_ids, (gpointer) id);
1814 _connect_settings_signal (NMPolicy *policy, const char *name, gpointer callback)
1816 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1819 id = g_signal_connect (priv->settings, name, callback, policy);
1820 priv->settings_ids = g_slist_prepend (priv->settings_ids, (gpointer) id);
1824 nm_policy_init (NMPolicy *policy)
1829 nm_policy_new (NMManager *manager, NMSettings *settings)
1832 NMPolicyPrivate *priv;
1833 static gboolean initialized = FALSE;
1834 char hostname[HOST_NAME_MAX + 2];
1836 g_return_val_if_fail (NM_IS_MANAGER (manager), NULL);
1837 g_return_val_if_fail (initialized == FALSE, NULL);
1839 policy = g_object_new (NM_TYPE_POLICY, NULL);
1840 priv = NM_POLICY_GET_PRIVATE (policy);
1841 priv->manager = manager;
1842 priv->settings = g_object_ref (settings);
1843 priv->update_state_id = 0;
1845 /* Grab hostname on startup and use that if nothing provides one */
1846 memset (hostname, 0, sizeof (hostname));
1847 if (gethostname (&hostname[0], HOST_NAME_MAX) == 0) {
1848 /* only cache it if it's a valid hostname */
1849 if (*hostname && nm_utils_is_specific_hostname (hostname))
1850 priv->orig_hostname = g_strdup (hostname);
1853 priv->firewall_manager = g_object_ref (nm_firewall_manager_get ());
1855 priv->fw_started_id = g_signal_connect (priv->firewall_manager, "started",
1856 G_CALLBACK (firewall_started), policy);
1858 priv->dns_manager = g_object_ref (nm_dns_manager_get ());
1859 nm_dns_manager_set_initial_hostname (priv->dns_manager, priv->orig_hostname);
1860 priv->config_changed_id = g_signal_connect (priv->dns_manager, "config-changed",
1861 G_CALLBACK (dns_config_changed), policy);
1863 priv->resolver = g_resolver_get_default ();
1865 _connect_manager_signal (policy, NM_MANAGER_STATE_CHANGED, global_state_changed);
1866 _connect_manager_signal (policy, "notify::" NM_MANAGER_HOSTNAME, hostname_changed);
1867 _connect_manager_signal (policy, "notify::" NM_MANAGER_SLEEPING, sleeping_changed);
1868 _connect_manager_signal (policy, "notify::" NM_MANAGER_NETWORKING_ENABLED, sleeping_changed);
1869 _connect_manager_signal (policy, "internal-device-added", device_added);
1870 _connect_manager_signal (policy, "internal-device-removed", device_removed);
1871 _connect_manager_signal (policy, NM_MANAGER_ACTIVE_CONNECTION_ADDED, active_connection_added);
1872 _connect_manager_signal (policy, NM_MANAGER_ACTIVE_CONNECTION_REMOVED, active_connection_removed);
1874 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_CONNECTION_ADDED, connection_added);
1875 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_CONNECTION_UPDATED, connection_updated);
1876 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_CONNECTION_UPDATED_BY_USER, connection_updated_by_user);
1877 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_CONNECTION_REMOVED, connection_removed);
1878 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_CONNECTION_VISIBILITY_CHANGED,
1879 connection_visibility_changed);
1880 _connect_settings_signal (policy, NM_SETTINGS_SIGNAL_AGENT_REGISTERED, secret_agent_registered);
1887 dispose (GObject *object)
1889 NMPolicy *policy = NM_POLICY (object);
1890 NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE (policy);
1891 const GSList *connections, *iter;
1893 /* Tell any existing hostname lookup thread to die. */
1894 if (priv->lookup_cancellable) {
1895 g_cancellable_cancel (priv->lookup_cancellable);
1896 g_clear_object (&priv->lookup_cancellable);
1898 g_clear_object (&priv->lookup_addr);
1899 g_clear_object (&priv->resolver);
1901 while (priv->pending_activation_checks)
1902 activate_data_free (priv->pending_activation_checks->data);
1904 g_slist_free_full (priv->pending_secondaries, (GDestroyNotify) pending_secondary_data_free);
1905 priv->pending_secondaries = NULL;
1907 if (priv->firewall_manager) {
1908 g_assert (priv->fw_started_id);
1909 g_signal_handler_disconnect (priv->firewall_manager, priv->fw_started_id);
1910 priv->fw_started_id = 0;
1911 g_clear_object (&priv->firewall_manager);
1914 if (priv->dns_manager) {
1915 g_signal_handler_disconnect (priv->dns_manager, priv->config_changed_id);
1916 g_clear_object (&priv->dns_manager);
1919 for (iter = priv->manager_ids; iter; iter = g_slist_next (iter))
1920 g_signal_handler_disconnect (priv->manager, (gulong) iter->data);
1921 g_clear_pointer (&priv->manager_ids, g_slist_free);
1923 for (iter = priv->settings_ids; iter; iter = g_slist_next (iter))
1924 g_signal_handler_disconnect (priv->settings, (gulong) iter->data);
1925 g_clear_pointer (&priv->settings_ids, g_slist_free);
1927 for (iter = priv->dev_ids; iter; iter = g_slist_next (iter)) {
1928 DeviceSignalId *data = iter->data;
1930 g_signal_handler_disconnect (data->device, data->id);
1931 g_slice_free (DeviceSignalId, data);
1933 g_clear_pointer (&priv->dev_ids, g_slist_free);
1935 /* The manager should have disposed of ActiveConnections already, which
1936 * will have called active_connection_removed() and thus we don't need
1937 * to clean anything up. Assert that this is TRUE.
1939 connections = nm_manager_get_active_connections (priv->manager);
1940 g_assert (connections == NULL);
1942 nm_clear_g_source (&priv->reset_retries_id);
1944 g_clear_pointer (&priv->orig_hostname, g_free);
1945 g_clear_pointer (&priv->cur_hostname, g_free);
1947 g_clear_object (&priv->settings);
1949 G_OBJECT_CLASS (nm_policy_parent_class)->dispose (object);
1953 nm_policy_class_init (NMPolicyClass *policy_class)
1955 GObjectClass *object_class = G_OBJECT_CLASS (policy_class);
1957 g_type_class_add_private (policy_class, sizeof (NMPolicyPrivate));
1959 object_class->get_property = get_property;
1960 object_class->dispose = dispose;
1962 g_object_class_install_property
1963 (object_class, PROP_DEFAULT_IP4_DEVICE,
1964 g_param_spec_object (NM_POLICY_DEFAULT_IP4_DEVICE, "", "",
1967 G_PARAM_STATIC_STRINGS));
1968 g_object_class_install_property
1969 (object_class, PROP_DEFAULT_IP6_DEVICE,
1970 g_param_spec_object (NM_POLICY_DEFAULT_IP6_DEVICE, "", "",
1973 G_PARAM_STATIC_STRINGS));
1974 g_object_class_install_property
1975 (object_class, PROP_ACTIVATING_IP4_DEVICE,
1976 g_param_spec_object (NM_POLICY_ACTIVATING_IP4_DEVICE, "", "",
1979 G_PARAM_STATIC_STRINGS));
1980 g_object_class_install_property
1981 (object_class, PROP_ACTIVATING_IP6_DEVICE,
1982 g_param_spec_object (NM_POLICY_ACTIVATING_IP6_DEVICE, "", "",
1985 G_PARAM_STATIC_STRINGS));