From patchwork Fri Jan 24 18:58:35 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949848 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2557224B0A for ; Fri, 24 Jan 2025 19:00:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745206; cv=none; b=Wmmy36dr0p3uNLiPGkk15yKtTmoGxTP0SRwZwvYjFSfYMXqzL6Clv4U8CPq3yq8lwZFnYktPdx2D1XIJGCN81LMlxbExZKaBlfSRxkX5lYzMwjwnMCwmH1PCnvt6LzU8MXjdS9NxgysmcnjynTSXFJJMUcg9GMYtpgQymOJaShE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745206; c=relaxed/simple; bh=elCcltYFEVf5DTnnQ7mBVMt8Ig9IPfuBUbujjFRR0bU=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=QhtU/8/X2aUGxBcjLbhYUQ6GMRMZAk65tDQ5fV0k5oCvJWzTrEepX/mymGS4DRF4msOSWZBmQHjzCsubN5MFSjlslHJrkAEd2gPqDdyO4zr3d3efGKUAD5MtuDSpaiUhRhkBaQaAlFARgbP1hgkLFX/IGNDh7mwvy6QVDlcQ9Yw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=yyQEdm0X; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="yyQEdm0X" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=aaa6mCWObOCeD+66hhxBz6bJbBhxv/c/b+LoCC7tPeo=; b=yyQEdm0X+y3sGmBzjAYt1GNbhw 292zSOB8Uhn+eqAf+KT8I5vNxfQO7I477fTdMeoEugIs+KIzP8a8+vDNQNd6mOwPAyHWjjI5UZ0ng o72YktbA1fxiP1P8XI2BTMy/WVC6IiPYn/S1WFFeNQCuqeuC/TiwuxUkxP3KEnV+2TGFDOqx/cxBb KGnw10x632tOejS9hFkwfTKJ0MP5gIqCor1ciiUyL5ek7hBlpKMUBLCdi7JYZGA7Zw4CZhEpheWWg cltjZvqh5JX/qNGqI5lCEWFPNub/F3sXDz9AIMW3qDxXeknPfuZ+tJEmv3dxcZNlh+RJ5vLH3m/sK 3jFKNaSg==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-1j for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 01/11] agent: Cancel agent request on NoReply D-Bus error Date: Fri, 24 Jan 2025 20:58:35 +0200 Message-Id: <20250124185845.1546384-2-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Handle also the NoReply D-Bus error as this is commonly sent back when the timeout set for the request is exceeded. Canceling the request later becomes impossible as agent->pending will be set to NULL in agent_finalize_pending(). Thus, making later calls to connman_agent_cancel() to not to close down agent dialogs but instead they are piled up on top of each other. --- src/agent.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/agent.c b/src/agent.c index 23517d9b..e2d1ef09 100644 --- a/src/agent.c +++ b/src/agent.c @@ -201,7 +201,9 @@ static void agent_receive_message(DBusPendingCall *call, void *user_data) if (dbus_message_is_error(reply, "org.freedesktop.DBus.Error.Timeout") || dbus_message_is_error(reply, - "org.freedesktop.DBus.Error.TimedOut")) { + "org.freedesktop.DBus.Error.TimedOut") || + dbus_message_is_error(reply, + "org.freedesktop.DBus.Error.NoReply")) { send_cancel_request(agent, agent->pending); } From patchwork Fri Jan 24 18:58:36 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949849 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50A96196D9D for ; Fri, 24 Jan 2025 19:00:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745211; cv=none; b=qM0ZFNp1IT2upZOqr/Nqs0vkXw+ybLuwXdznFkIlMlUvl9N1CCQBR5lewegpFM6OvWEyMUK4yr/8K10+or6l4f/ieJLL9oFGX3XZPyVWfR2xe4WBQSaFUoVC4J4Rsphd8Ncn15lMHLtDp0rZwJwuZgn0BuY4O0ylmOJ9ezukEoY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745211; c=relaxed/simple; bh=lQtNL615u72qVz634XPwOQrKQp8bCjgt6oIjwGswj38=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=hYJzCbbibR6uQf7Pk54EtEyaY4v2nRE2nEOzrAde/uvkoT2dqGogj+3APUw1WFLyuyla3sTHiuXtVnKjizT2U4d3/dqVcDyNYIIb2iOPkpYfUFoRcdeqGEO4NOgUCr59MJso/M4cx2hGFrTGqfnbZhG8O6fv9F7EAbZnaHD+sgE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=teodM1Bj; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="teodM1Bj" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=emYeZ4h7rPezZTt5bkycveQhOTDYl4JJORP6b21YuEc=; b=teodM1BjJBTIiy3PA5GcQNHzEW +msqh4OSFvu8DPvYd/jhJBo7NGGMRVryT81V5DX9KNRLuVcttEYYI5NuPo2JuNgGsw9hy3mA3WPVd dDt8FsJOPllZWJ9YUc+FlQIDDcFTFRjfQvuEheABydFprS3UCzTpBDlSEsifb8JYD+Y645kthAazx 6wQSMrEVA7HVue2E2fjdIhncGUmgaujpTiHO7LEvXDZZj0RMEhg5CGcOo6rTiCoofgfGo3++FOZ4A 1LIdau3i2phQAvDnE688SAmlV5QVIT6sI4S1Kt7gIisCMapRGE7XvhjVhe8dCMjznUkH/D7Z5vJFX iGq2Lt8w==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-1s for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 02/11] vpn-provider: Use association state for VPN agent input wait Date: Fri, 24 Jan 2025 20:58:36 +0200 Message-Id: <20250124185845.1546384-3-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Use the association state with VPNs to define that VPN is waiting for input via agent. The same state is used for every service in connmand so this change synchronizes the states in both. Set the state to be identical to connmand side states by injecting this into the VPN state machine before the connect state ("configuration" state). This is then changed when the state is set to connected either by getting a non-error reply from VPN agent or via VPN driver gets connect state notify. In this is association state the VPN indicates to connmand that the VPN is requesting user input via agent and shouldn't be subject to connect timeout checks. Having this additional state allows to obey the D-Bus VPN agent query timeout value, instead of getting the dialog shut down at connection timeout. --- vpn/vpn-provider.c | 45 +++++++++++++++++++++++++++++++++++++++++---- vpn/vpn-provider.h | 6 ++++++ 2 files changed, 47 insertions(+), 4 deletions(-) diff --git a/vpn/vpn-provider.c b/vpn/vpn-provider.c index 4bcb8373..56040e65 100644 --- a/vpn/vpn-provider.c +++ b/vpn/vpn-provider.c @@ -1487,6 +1487,23 @@ int __vpn_provider_disconnect(struct vpn_provider *provider) return err; } +static bool is_connected_state(enum vpn_provider_state state) +{ + switch (state) { + case VPN_PROVIDER_STATE_UNKNOWN: + case VPN_PROVIDER_STATE_IDLE: + case VPN_PROVIDER_STATE_DISCONNECT: + case VPN_PROVIDER_STATE_FAILURE: + break; + case VPN_PROVIDER_STATE_CONNECT: + case VPN_PROVIDER_STATE_READY: + case VPN_PROVIDER_STATE_ASSOCIATION: + return true; + } + + return false; +} + static void connect_cb(struct vpn_provider *provider, void *user_data, int error) { @@ -1509,6 +1526,8 @@ static void connect_cb(struct vpn_provider *provider, void *user_data, * No reply, disconnect called by connmand because of * connection timeout. */ + vpn_provider_indicate_error(provider, + VPN_PROVIDER_ERROR_CONNECT_FAILED); break; case ENOMSG: /* fall through */ @@ -1533,9 +1552,7 @@ static void connect_cb(struct vpn_provider *provider, void *user_data, * process gets killed and vpn_died() is called to make * the provider back to idle state. */ - if (provider->state == VPN_PROVIDER_STATE_CONNECT || - provider->state == - VPN_PROVIDER_STATE_READY) { + if (is_connected_state(provider->state)) { if (provider->driver->set_state) provider->driver->set_state(provider, VPN_PROVIDER_STATE_DISCONNECT); @@ -1597,6 +1614,17 @@ int __vpn_provider_connect(struct vpn_provider *provider, DBusMessage *msg) if (reply) g_dbus_send_message(connection, reply); + return -EINPROGRESS; + case VPN_PROVIDER_STATE_ASSOCIATION: + /* + * Do not interrupt user when inputting credentials via agent. + * The driver is in CONNECT state that would return EINPROGRESS + * and change provider state to CONNECT. + */ + reply = __connman_error_in_progress(msg); + if (reply) + g_dbus_send_message(connection, reply); + return -EINPROGRESS; case VPN_PROVIDER_STATE_UNKNOWN: case VPN_PROVIDER_STATE_IDLE: @@ -1626,7 +1654,7 @@ int __vpn_provider_connect(struct vpn_provider *provider, DBusMessage *msg) return -EOPNOTSUPP; if (err == -EINPROGRESS) - vpn_provider_set_state(provider, VPN_PROVIDER_STATE_CONNECT); + vpn_provider_set_state(provider, VPN_PROVIDER_STATE_ASSOCIATION); return err; } @@ -1767,6 +1795,8 @@ static const char *state2string(enum vpn_provider_state state) break; case VPN_PROVIDER_STATE_IDLE: return "idle"; + case VPN_PROVIDER_STATE_ASSOCIATION: + return "association"; case VPN_PROVIDER_STATE_CONNECT: return "configuration"; case VPN_PROVIDER_STATE_READY: @@ -1875,6 +1905,9 @@ static void append_state(DBusMessageIter *iter, case VPN_PROVIDER_STATE_IDLE: str = "idle"; break; + case VPN_PROVIDER_STATE_ASSOCIATION: + str = "association"; + break; case VPN_PROVIDER_STATE_CONNECT: str = "configuration"; break; @@ -2026,6 +2059,10 @@ int vpn_provider_set_state(struct vpn_provider *provider, case VPN_PROVIDER_STATE_IDLE: return set_connected(provider, false); case VPN_PROVIDER_STATE_CONNECT: + if (provider->driver && provider->driver->set_state) + provider->driver->set_state(provider, state); + return provider_indicate_state(provider, state); + case VPN_PROVIDER_STATE_ASSOCIATION: return provider_indicate_state(provider, state); case VPN_PROVIDER_STATE_READY: return set_connected(provider, true); diff --git a/vpn/vpn-provider.h b/vpn/vpn-provider.h index 5d1455da..c81476c6 100644 --- a/vpn/vpn-provider.h +++ b/vpn/vpn-provider.h @@ -44,6 +44,12 @@ enum vpn_provider_state { VPN_PROVIDER_STATE_READY = 3, VPN_PROVIDER_STATE_DISCONNECT = 4, VPN_PROVIDER_STATE_FAILURE = 5, + /* + * Special state to indicate that user interaction is being waited for + * and disconnect timeout in connmand should not terminate this VPN but + * to let the agent timeout handle the case. + */ + VPN_PROVIDER_STATE_ASSOCIATION = 6, }; enum vpn_provider_error { From patchwork Fri Jan 24 18:58:37 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949854 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 797C94C62E for ; Fri, 24 Jan 2025 19:00:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745236; cv=none; b=sMkxTfuW+RhEwmhKm3k/ngSIKBfnUJlgWuhoGPQD6N3wLJDHqrbH95Nbq3fiGly5FCsV9+1g4gAX96czEdeo2qIks+5qLN+ZQ1Dm24MMXc9F7Qm4isLwz8rXWCQCeG7IH78P1IvaNj2fBO3C7MkOvEC7UNKqaQLfn15YMFArDBY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745236; c=relaxed/simple; bh=FLiTsg2BGIa2GFqEiFQ+jMcCw969Ykx4ux/mfgstigw=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ubsmsYylAFDu0crNT2fUeBDhUgWaWOMl91A4fQV8bS3rA0yuG8c9CoI8W1jmWPSxUsL7q01K/g7a2T2zilSGP2im5kbmtpVjMS6vTEUKTnKmOOm2xL6CHkX4sc5z2i4O8eKpleRL0a7iLgRKr+bdZpuWvHuCVui4jwwTQZlV+Qg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=AE9OoLNk; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="AE9OoLNk" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=B3RHmsx9PIXnBKTGvdxttCMLuuwxrj+HxvazndlmFjA=; b=AE9OoLNkD6iK/e0qCq2nhLjvy2 kaMhmvyxOLJHhKcRINfGbJ852uVmbmETaOz/vOI3lX4QuwyQEClyAoVh4++YI2uF1ZzI29FsNeGJi Fd01cLnCJsUVqL+PTxOnwNbb7VWnfw/5y8+QcJTuA/N22c6upyGMnycKclLgb4XvDrtm7kGwRfJWI oYMICdIQfrgriukt167Pti/y0CngPMIyLAiaRxHE9/GU2tCFcW73rj/gQ7f0lZ0lImzIlXfvKXYU5 fUzqWHJgPbuFa+QBIShIY89FCT+lXqiBpSbYVhVcgPTxt9bdrv+ajfr6g4x+12qCtXt+uN6bVbVzR 40+mP0YQ==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-21 for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 03/11] vpn: Add association state before connect state Date: Fri, 24 Jan 2025 20:58:37 +0200 Message-Id: <20250124185845.1546384-4-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false This changes the state machine by adding the VPN_STATE_ASSOCIATION to be entered right after connect() callback is called. This is needed in order to properly react with the user input dialog waiting on VPNs. connect state is now set when the dialog is closed to indicate that user input is given and now the VPN really connects. When VPN notify() allback is called the connect state is enforced if the return value indicates so and the internal state is different. This is to accommodate the changes required and to operate as a fallback that the states of provider and driver are kept in sync. Warn about invalid transition to ASSOCIATION state in case vpn_notify() gets it as a reply back from plugin notify. --- vpn/plugins/vpn.c | 22 +++++++++++++++++++++- vpn/plugins/vpn.h | 11 ++++++----- 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/vpn/plugins/vpn.c b/vpn/plugins/vpn.c index cb0d304b..5cc4c757 100644 --- a/vpn/plugins/vpn.c +++ b/vpn/plugins/vpn.c @@ -219,6 +219,9 @@ static int vpn_set_state(struct vpn_provider *provider, case VPN_PROVIDER_STATE_IDLE: data->state = VPN_STATE_IDLE; break; + case VPN_PROVIDER_STATE_ASSOCIATION: + data->state = VPN_STATE_ASSOCIATION; + break; case VPN_PROVIDER_STATE_CONNECT: case VPN_PROVIDER_STATE_READY: data->state = VPN_STATE_CONNECT; @@ -281,6 +284,12 @@ static DBusMessage *vpn_notify(struct connman_task *task, switch (state) { case VPN_STATE_CONNECT: + if (data->state == VPN_STATE_ASSOCIATION) { + data->state = VPN_STATE_CONNECT; + vpn_provider_set_state(provider, + VPN_PROVIDER_STATE_CONNECT); + } + /* fall through */ case VPN_STATE_READY: if (data->state == VPN_STATE_READY) { /* @@ -333,6 +342,16 @@ static DBusMessage *vpn_notify(struct connman_task *task, break; case VPN_STATE_UNKNOWN: + break; + + /* State transition to ASSOCIATION via notify is not allowed */ + case VPN_STATE_ASSOCIATION: + connman_warn("Invalid %s vpn_notify() state transition " + "from %d to %d (ASSOCIATION)." + "VPN provider %p is disconnected", + vpn_driver_data->name, data->state, + state, provider); + /* fall through */ case VPN_STATE_IDLE: case VPN_STATE_DISCONNECT: case VPN_STATE_FAILURE: @@ -565,6 +584,7 @@ static int vpn_connect(struct vpn_provider *provider, data->state = VPN_STATE_IDLE; break; + case VPN_STATE_ASSOCIATION: case VPN_STATE_CONNECT: return -EINPROGRESS; @@ -645,7 +665,7 @@ static int vpn_connect(struct vpn_provider *provider, DBG("%s started with dev %s", vpn_driver_data->provider_driver.name, data->if_name); - data->state = VPN_STATE_CONNECT; + data->state = VPN_STATE_ASSOCIATION; return -EINPROGRESS; diff --git a/vpn/plugins/vpn.h b/vpn/plugins/vpn.h index fd10addf..a8d24fc3 100644 --- a/vpn/plugins/vpn.h +++ b/vpn/plugins/vpn.h @@ -34,11 +34,12 @@ extern "C" { enum vpn_state { VPN_STATE_UNKNOWN = 0, VPN_STATE_IDLE = 1, - VPN_STATE_CONNECT = 2, - VPN_STATE_READY = 3, - VPN_STATE_DISCONNECT = 4, - VPN_STATE_FAILURE = 5, - VPN_STATE_AUTH_FAILURE = 6, + VPN_STATE_ASSOCIATION = 2, + VPN_STATE_CONNECT = 3, + VPN_STATE_READY = 4, + VPN_STATE_DISCONNECT = 5, + VPN_STATE_FAILURE = 6, + VPN_STATE_AUTH_FAILURE = 7, }; struct vpn_driver { From patchwork Fri Jan 24 18:58:38 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949859 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 17D632248BA for ; Fri, 24 Jan 2025 19:01:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745320; cv=none; b=rSI2fsoBMf0r0CHSSr7pJZJ0UqWUp3E4/Rv599SwbXld1VA51FNIfhFtW+XQnMAWWobIraPoc4S+ku36KS58tKZRYrjuExJ8ThczVs+bVGrFbmY7k6NkzXzxEBnjUBFpGxJlq2A8baRmama3GLTlMG/moz/PoMedqqnhTQrhVsM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745320; c=relaxed/simple; bh=WGLV2bnx8PWJ4B+jGZh6ftvShg8bRqUjfeR92AM0ndQ=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=saH4hShb28FVl9WB8cGCxXCESc8vwXthT65iz+unlSPNFaz7HdvHvmRm0G8fripLX3nfoBxg3z58oiUzroV5AAeDxKqmcbmR7fpgN/VJsyDI/zaIxHQe1LQE+E/SdtnxTWoqQunEchDBqyVDuqx1vy65r3jd4ptXzl6qnFClx9I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=RKCgGe0M; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="RKCgGe0M" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=eS61vsjboJ7zzbZQnprh7PovZIEFHBIt4PUCW1plUmk=; b=RKCgGe0MEifGghZwisWIQi/pNX 9/giMYqvu/Ipswxfv29fjBk9ynmQLZL+EICRMTAwXQQeojdaR4usJm5boEZKjHIxQRWlUmVufpjFo ZMjI5wwMs1OR84YhZQ//PQ2OyZpnyqdw0w0DU/y07HsD9b+u0EHT9MWwr4dG5WrSsXKYJ3m9keV82 ndPfl/3yD8rfW6sgkubcFLZ0wsMwN03cPAFAoBfZMYw/N+LLsj3cMDwTD9H/o8wjOxQwEVIDjv2l4 dN1LsUSC2Dwo1nUA/BJvhTPZWmC6dGFvzopzc1y7LwB1Kq9f61wSwLgK56FSaHJijmyTojf8Qa2AO c1323BJQ==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2B for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 04/11] vpn-agent: Do connect state transition after input dialog check Date: Fri, 24 Jan 2025 20:58:38 +0200 Message-Id: <20250124185845.1546384-5-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false When the VPN requests input (credentials) via the VPN agent the vpn_agent_check_and_process_reply_error() does transition the state of the VPN provider to connect state when there is no error. This is done to facilitate the transition from the association state to connect state as each VPN should use this function to verify the D-Bus reply and, thus will be called after each reply. --- vpn/vpn-agent.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/vpn/vpn-agent.c b/vpn/vpn-agent.c index ab6fea55..f1cc7e36 100644 --- a/vpn/vpn-agent.c +++ b/vpn/vpn-agent.c @@ -257,8 +257,12 @@ int vpn_agent_check_and_process_reply_error(DBusMessage *reply, dbus_error_init(&error); - if (!dbus_set_error_from_message(&error, reply)) + if (!dbus_set_error_from_message(&error, reply)) { + DBG("Dialog without error, set provider %p to CONNECT", + provider); + vpn_provider_set_state(provider, VPN_PROVIDER_STATE_CONNECT); return 0; + } if (!g_strcmp0(error.name, VPN_AGENT_INTERFACE ".Error.Canceled")) err = ECANCELED; From patchwork Fri Jan 24 18:58:39 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949858 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 049E64C62E for ; Fri, 24 Jan 2025 19:01:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745289; cv=none; b=oTydshPy1TMdpSqWtR0pfRCdyt4r7t8hFkKzjGtKQgmDBxJRinFC2k9YQxJ9j+POTGHaWjL8IGlE00AiHFOkWbmzEO6jReclKULECGm1seFdtgkOtrK8BlnaeRLko9a1JQnz1BbaNRAH6EClhTFMVLL0QObTGI1TSEzi0IKBRhA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745289; c=relaxed/simple; bh=D+lqGdt3S93xtrCq2iHdQUDGhQTyLCMVXVOEbng7638=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=iJIqj0VPIlvnM5N+I8aChXhVHT0hMoxBJMscTHgYtt9B4NROLEPW14IdCM7Ms4wzq4y4cznSo0EdXW3fsbPddzLwGdFXYHu1WfAwhqCvv3OBGuh5bsPcK6VNTceWy07bwVWuJffjNYoZnIW3q5nzlweknVBAGNbOGKKOrPfVhYo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=f79Imf/j; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="f79Imf/j" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ne17UrEGbBbWv9ZzmDs+EDrs60gG87jS+6dRa5pyG5g=; b=f79Imf/jcqFZjZ3rKepgPt5wr3 ChFX6Sc8zjrLD+dYroQwSSAgIBKA7L5jH8gpWtp++/DYTuluhuWDc0dj2X0n71qyfjs+6roJ4W1OS h5yEgfkzYMCOePRdpwOP/Wc1bNY96gpAAcDYw+nTfHPyy7CS+ROmmNa/GVghXHzoTyMkUFHj6nqLk kAiHSZ3H4YtzLKK5LWZ4ka3F7QwLuPD/kU9kNISTX8fqj9FdcSqVN0D+q4aeqQxftzZWq+SlTJ8Uf B58ZEKYLVXprNnqOj3ta94r9WIUlXSKFN9dSzA+aLUaJZ0NqAZ4NSbnLdS3P4/Bktf8xRF7tnxVZK 4MkHcIvw==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2K for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 05/11] service: Explicit VPN connect timeout, ignore in VPN agent wait Date: Fri, 24 Jan 2025 20:58:39 +0200 Message-Id: <20250124185845.1546384-6-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Ignore the connect timeout autostarting when connecting a VPN service because initially the VPN is in association state in which the VPN is waiting for the VPN agent. Separate the starting of connect timeout into its own function __connman_service_start_connect_timeout() so provider.c can call it when it enters configuration state. When a VPN is waiting for user input it should not be affected by connect timeout as the connection is not yet attempted. This may happen if VPN resumes to association state when requiring the VPN agent for other, e.g., encrypted private key input after credential input. --- src/connman.h | 2 ++ src/service.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 49 insertions(+), 5 deletions(-) diff --git a/src/connman.h b/src/connman.h index 32ba5591..a92e19d7 100644 --- a/src/connman.h +++ b/src/connman.h @@ -787,6 +787,8 @@ int __connman_service_connect(struct connman_service *service, int __connman_service_disconnect(struct connman_service *service); void __connman_service_set_active_session(bool enable, GSList *list); void __connman_service_auto_connect(enum connman_service_connect_reason reason); +void __connman_service_start_connect_timeout(struct connman_service *service, + bool restart); bool __connman_service_remove(struct connman_service *service); void __connman_service_set_hidden_data(struct connman_service *service, gpointer user_data); diff --git a/src/service.c b/src/service.c index 805cfca7..9dfb4ead 100644 --- a/src/service.c +++ b/src/service.c @@ -7098,8 +7098,27 @@ static gboolean connect_timeout(gpointer user_data) if (service->network) __connman_network_disconnect(service->network); - else if (service->provider) + else if (service->provider) { + /* + * Remove timeout when the VPN is waiting for user input in + * association state. By default the VPN agent timeout is + * 300s whereas default connection timeout is 120s. Provider + * will start connect timeout for the service when it enters + * configuration state. + */ + const char *statestr = connman_provider_get_string( + service->provider, "State"); + if (!g_strcmp0(statestr, "association")) { + DBG("VPN provider %p is waiting for VPN agent, " + "stop connect timeout", + service->provider); + return G_SOURCE_REMOVE; + } + connman_provider_disconnect(service->provider); + } + + __connman_stats_service_unregister(service); @@ -7127,7 +7146,27 @@ static gboolean connect_timeout(gpointer user_data) CONNMAN_SERVICE_CONNECT_REASON_USER) do_auto_connect(service, CONNMAN_SERVICE_CONNECT_REASON_AUTO); - return FALSE; + return G_SOURCE_REMOVE; +} + +void __connman_service_start_connect_timeout(struct connman_service *service, + bool restart) +{ + DBG(""); + + if (!service) + return; + + if (!restart && service->timeout) + return; + + if (restart && service->timeout) { + DBG("cancel running connect timeout"); + g_source_remove(service->timeout); + } + + service->timeout = g_timeout_add_seconds(CONNECT_TIMEOUT, + connect_timeout, service); } static DBusMessage *connect_service(DBusConnection *conn, @@ -9751,9 +9790,12 @@ int __connman_service_connect(struct connman_service *service, return 0; if (err == -EINPROGRESS) { - if (service->timeout == 0) - service->timeout = g_timeout_add_seconds( - CONNECT_TIMEOUT, connect_timeout, service); + /* + * VPN will start connect timeout when it enters CONFIGURATION + * state. + */ + if (service->type != CONNMAN_SERVICE_TYPE_VPN) + __connman_service_start_connect_timeout(service, false); return -EINPROGRESS; } From patchwork Fri Jan 24 18:58:40 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949851 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6A32A1CCEEC for ; Fri, 24 Jan 2025 19:00:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745224; cv=none; b=Sq5sgMuf2S0jcc0fYn56E7EEwI0DWHl68QtiUgXwEhsxDwM2k/gID3QQeuvV4UHtbfDIgyAuNbxWyhtg8MLY4wZYcITc79ocxukBL5GEMUracpkjgNk/igbTutOYNzDv7jylEDZXQlmkMQ339+xG2BGFaOYQDgA/1gyLMByQTIQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745224; c=relaxed/simple; bh=Mq0D2v/c/zPi6whT/EEsDBVNPp3aPgOEOZ9eQmP2aNE=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=I298N/Gqo+EOs1EB0Odfgyoies7UrQ9J77xqJxEYgtve4DCD12o9bQ//tgaq2699P99wsvyMcqWdUh2+DlQTZS06mpUoHqNW3zYaAFrIgfRr9CNCSTIDW0bclbl7Rb3+42TKfjAbBV8RjzhsZmG0gnsPTKXvvq6YW3HJnnSozZA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=higmS30X; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="higmS30X" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ZtKKFc4NPP3T+LTZpiARc1EOE5zDgHI+ySveFs0mGNg=; b=higmS30XGELOfPuRe8uJ21K6pz lPQgelz+zEYcXDj+Dpjxlpu/ENAogZzrwChly6CH8OOsEuG296dasVujCrrAfOL4X3Q/7zAtJTiw8 ogWs2ui/9konl0W1Q4JodWd77W0ehTV2Jd0SStO65ux43D3NVFkhsemTn+EVA+jbnZUgvW3qLAFzv jvMpApPOk2I37VLNuLMRmGL2OiNEulqUljbAqhFT9t0wlEC6/JI/3uNJToCdCiOtQGIXUPUO4nkq9 AuUYfy5OSbiM+2xSGKt5vTc7DrsmsiPE1GRiutSKX2A1iLpMcKgxr0wDyYJWtF6aN8LwFs8THGTTX XBqmiXEA==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2T for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 06/11] provider: Handle VPN configuration and association states Date: Fri, 24 Jan 2025 20:58:40 +0200 Message-Id: <20250124185845.1546384-7-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Set the association state when VPN is waiting for user input as an initial state after connecting the provider. Set the configuration state (as it is declaced to be the string to connect state in VPN) accordingly as well. Start VPN connect timeout in configuration state with restart option to ensure that the timeout begins from the last known configuration (connect) state. --- include/provider.h | 9 +++++---- src/provider.c | 22 +++++++++++++++++++++- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/include/provider.h b/include/provider.h index 3f2e36ad..aac47527 100644 --- a/include/provider.h +++ b/include/provider.h @@ -44,10 +44,11 @@ enum connman_provider_type { enum connman_provider_state { CONNMAN_PROVIDER_STATE_UNKNOWN = 0, CONNMAN_PROVIDER_STATE_IDLE = 1, - CONNMAN_PROVIDER_STATE_CONNECT = 2, - CONNMAN_PROVIDER_STATE_READY = 3, - CONNMAN_PROVIDER_STATE_DISCONNECT = 4, - CONNMAN_PROVIDER_STATE_FAILURE = 5, + CONNMAN_PROVIDER_STATE_ASSOCIATION = 2, + CONNMAN_PROVIDER_STATE_CONNECT = 3, + CONNMAN_PROVIDER_STATE_READY = 4, + CONNMAN_PROVIDER_STATE_DISCONNECT = 5, + CONNMAN_PROVIDER_STATE_FAILURE = 6, }; enum connman_provider_error { diff --git a/src/provider.c b/src/provider.c index 1f0ce10d..ab4aeafb 100644 --- a/src/provider.c +++ b/src/provider.c @@ -126,6 +126,22 @@ static int provider_indicate_state(struct connman_provider *provider, { DBG("state %d", state); + switch (state) { + case CONNMAN_SERVICE_STATE_UNKNOWN: + case CONNMAN_SERVICE_STATE_IDLE: + case CONNMAN_SERVICE_STATE_ASSOCIATION: + break; + case CONNMAN_SERVICE_STATE_CONFIGURATION: + __connman_service_start_connect_timeout(provider->vpn_service, + true); + break; + case CONNMAN_SERVICE_STATE_READY: + case CONNMAN_SERVICE_STATE_ONLINE: + case CONNMAN_SERVICE_STATE_DISCONNECT: + case CONNMAN_SERVICE_STATE_FAILURE: + break; + } + __connman_service_ipconfig_indicate_state(provider->vpn_service, state, CONNMAN_IPCONFIG_TYPE_IPV4); @@ -291,9 +307,13 @@ int connman_provider_set_state(struct connman_provider *provider, return -EINVAL; case CONNMAN_PROVIDER_STATE_IDLE: return set_connected(provider, false); - case CONNMAN_PROVIDER_STATE_CONNECT: + case CONNMAN_PROVIDER_STATE_ASSOCIATION: + /* Connect timeout is not effective for VPNs in this state */ return provider_indicate_state(provider, CONNMAN_SERVICE_STATE_ASSOCIATION); + case CONNMAN_PROVIDER_STATE_CONNECT: + return provider_indicate_state(provider, + CONNMAN_SERVICE_STATE_CONFIGURATION); case CONNMAN_PROVIDER_STATE_READY: return set_connected(provider, true); case CONNMAN_PROVIDER_STATE_DISCONNECT: From patchwork Fri Jan 24 18:58:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949852 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D514B1CCEEC for ; Fri, 24 Jan 2025 19:00:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745228; cv=none; b=lPZnNc2fHu3uivcOXAx48WHrXQZlvgcoJ/TKKMCQQZJh/MEIvht6lS6g4KwKGems3OEaL/EwYa9TGg9rCDAEYDXnBZbg4wTA7rVm/R7Q3R4JhwvmNQodgDqAz+gEJ8geJ4M6ifKN+V5LUY9YpdyLhIOnXQ+LmbPfjU4TV8Qjv/o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745228; c=relaxed/simple; bh=MRT8+R9+vykFzva1mm1ab322P8AlD8wocobXgvCTeXs=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=iWtbqbuLNKU5Irpw99Q245yuhv0/kN79DTeu1Jha+rhoa1F5cIJDEou5+yeeMZTF9h1UzMnboLrXhcqwM+5DJuDOnq0jhBhu2yoaxenavHerCOWka5rC3LTlPyibeqx15ewgCKyN+MUUC6AA8cDWdMaWFLK2jMQAL+kWd6zvg7g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=1NI3oy0j; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="1NI3oy0j" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=5jEUb3mqeN59ircENUXxQLCodnRepV5CRcDFhkiRTys=; b=1NI3oy0jxXk9l9igv8L88eQdBe b6MnJ4n2Tr0Nx7+2Tlhs9Wt1CRNzQi24T8Tu8/cdyvZNlp+RiU8Jwyfq0V2JgbYUS6vpxbEtkR9lX V2fiN/OcXLuUxNnd6z7y1O7NIc6Lo3C/qQFXHV+3u6SEtVxdiVHeSl/JzkMDceoepGTyGdFf9YrFx z2p82H9eqSu+SjVfAZHzq1dS3RqL39Ckcljz2uCfE3Hog2QAQ7mZtBLrKv7sGm6Fi5yUVrkH1oYm6 6cNEj1EWia7/Y/DjQoYDOkKvDE4XTSyEtWHBUvx1YGzGYXgA4sUtLJoLr+RUKtr2vDzAgqEKzGIDR ufbfNRYA==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2c for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 07/11] vpn: Add support for association state, add state getter Date: Fri, 24 Jan 2025 20:58:41 +0200 Message-Id: <20250124185845.1546384-8-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Support VPN wait user input state as the association state. Add support for "State" string into the get_property() driver callback. --- plugins/vpn.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/plugins/vpn.c b/plugins/vpn.c index 42396d2a..d9a56ae1 100644 --- a/plugins/vpn.c +++ b/plugins/vpn.c @@ -156,6 +156,8 @@ static const char *get_string(struct connman_provider *provider, return data->domain; else if (g_str_equal(key, "Transport")) return data->service_ident; + else if (g_str_equal(key, "State")) + return data->state; return g_hash_table_lookup(data->setting_strings, key); } @@ -283,6 +285,8 @@ static void set_provider_state(struct connection_data *data) goto set; } else if (g_str_equal(data->state, "configuration")) { state = CONNMAN_PROVIDER_STATE_CONNECT; + } else if (g_str_equal(data->state, "association")) { + state = CONNMAN_PROVIDER_STATE_ASSOCIATION; } else if (g_str_equal(data->state, "idle")) { state = CONNMAN_PROVIDER_STATE_IDLE; } else if (g_str_equal(data->state, "disconnect")) { From patchwork Fri Jan 24 18:58:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949853 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 91D3427726 for ; Fri, 24 Jan 2025 19:00:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745232; cv=none; b=pY/MhGL8vsztpQMnKizr2Wp6PlfIZ1a768FWK+FIl8Ev9gge1eBD9XOVUtFxegg7nBwmSuUufWYrjs+Ts2R3H4eUiQE8/akG4aC5lL1TjDMvQDUkzPsQ3lC3XM96q1PHo/V9EWMK9Oc+52w0GzOchBh4rXOy8pQajm8foWMt448= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745232; c=relaxed/simple; bh=CECpAx+BN0rqZhfgT7yaCrv1ZRQm85oHgTWNUi/OzIQ=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=hIHjj2QiCRn/LLm27Ld0fgpTQpv1VGsyPo6Cb0kaV+RN7QlAodFalhy5Z2wRTr0eqScNxOOj4DsNjV4U/HRpLQ/z5FRyjImDFqQLwBhzAGkFA9pNmsHd0nDQcQDZL/ENvUb0krEr+jSg6SpvQF6ARQ+gOiH94CE6ySLmbDoJSD0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=QJGE59+F; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="QJGE59+F" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=5N2WHIMELnHpF5n8wUzVi9KHfGOevtc/VCsB3JTaTE8=; b=QJGE59+FUb6ox6I+7TbExIgXMt wKUAkgpFK/Dz0KeFKRSiC83RoTjEI4wT9P93ZFF1DgzQHIAGxbEv9NYFkcAxw5w3j9BJNJwbGlsGA WBBsf/7+wU2n7bC+95F9UmxtchRRv84OvPiY7MLfumjP8ZVdtUwvh6AHbMWvJtZh3ZbRPUrbni14G tK/ISgEGZKDxenvXLgmu8ylA6oXQ36mv3YCMCjF0LdsOV0tqg2ebX9cmN/3Z9BHe53JrLj6+V5T+c aJBSrE+wuPYtIEnhhf4GH5NRP1zSAxtdcySqxz77uZVtpw6vHvJK4oSQudUaFbmBltoFsFaXhKnxN ypEKBzuQ==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2l for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 08/11] vpn: Check if connecting when setting state or disconnecting Date: Fri, 24 Jan 2025 20:58:42 +0200 Message-Id: <20250124185845.1546384-9-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Add checking of connected and connecting state in cases when the state is being set and state transitions to disconnecting. This change avoids clearing the transport ident when VPN is waiting for input from VPN agent (association state). --- plugins/vpn.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/plugins/vpn.c b/plugins/vpn.c index d9a56ae1..bec7f59f 100644 --- a/plugins/vpn.c +++ b/plugins/vpn.c @@ -270,6 +270,13 @@ static bool provider_is_connected(struct connection_data *data) g_str_equal(data->state, "configuration")); } +static bool provider_is_connected_or_connecting(struct connection_data *data) +{ + return data && (g_str_equal(data->state, "ready") || + g_str_equal(data->state, "configuration") || + g_str_equal(data->state, "association")); +} + static void set_provider_state(struct connection_data *data) { enum connman_provider_state state = CONNMAN_PROVIDER_STATE_UNKNOWN; @@ -278,7 +285,11 @@ static void set_provider_state(struct connection_data *data) DBG("provider %p new state %s", data->provider, data->state); - connected = provider_is_connected(data); + /* + * To avoid clearing transport ident when VPN is waiting for agent + * take also connecting state into account. + */ + connected = provider_is_connected_or_connecting(data); if (g_str_equal(data->state, "ready")) { state = CONNMAN_PROVIDER_STATE_READY; @@ -1076,7 +1087,7 @@ static int provider_disconnect(struct connman_provider *provider) if (!data) return -EINVAL; - if (provider_is_connected(data)) + if (provider_is_connected_or_connecting(data)) err = disconnect_provider(data); if (data->call) { @@ -1730,7 +1741,7 @@ static void destroy_provider(struct connection_data *data) { DBG("data %p", data); - if (provider_is_connected(data)) + if (provider_is_connected_or_connecting(data)) connman_provider_disconnect(data->provider); connman_provider_set_data(data->provider, NULL); @@ -2183,7 +2194,7 @@ static bool vpn_is_valid_transport(struct connman_service *transport) static void vpn_disconnect_check_provider(struct connection_data *data) { - if (provider_is_connected(data)) { + if (provider_is_connected_or_connecting(data)) { /* With NULL service ident NULL is returned immediately */ struct connman_service *service = connman_service_lookup_from_identifier From patchwork Fri Jan 24 18:58:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949855 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0240427726 for ; Fri, 24 Jan 2025 19:00:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745240; cv=none; b=CQloFNkkZ0T/HzvfE43ovPAFyxA6a///fpchrC3gzxG5W4QbnPWqn3GpV1/UFJ75a6M1sebPTZd+W6L2+c7anJ7oLtNkwf0kSV1wBDfRwQmEhShABmicwIhIlGXzRA6iL4NFoAdWjMFrZMDlxByYFkvGerrBH7wFtQKV9SdxVvM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745240; c=relaxed/simple; bh=DkCIUnUHkW1xpACS/pwvc7gSvXYJrp+DT2AiIK08uMA=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Da5EocsSviQdOStCXuw9evq0u/QxW1cVobZ4RbbatwHyrE0B+/1QrxClTiwhItcgv2U2inzHQ7RP1JzAMC9mnPMt2jcs4sle+fuGlFCygjEMiBJkJo2vf0l+KUlXGWlZmD/ZXRwatyUbFg0m/sgsE3br3/wYq/IQ+H30tNqX+NE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=RAkQk2ln; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="RAkQk2ln" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=x5PJqjtYAU8EoXJ6DpsjyXB2faSiX+JTvIU36Cpnx4I=; b=RAkQk2lnQYBvX2xBLzM6lCw2ue Q/zeiUgOYAM4W2pl6F3XXdg99s+wcG7jaJtpTG+OdQg4UAWYSBa5/gLhrqfW69g0+z6khc81qmtts a2wL4hBUq5EBgIIDBmdpHQ3yhxwMquM+13EjnjOnz/3ssIn4kb1VhcziWnUO3iEQq2iUQMOd/jNG2 MkVsENbLtwpAbhVdJTbvjWIR7SB2vBMN7/NwosRbo2nm9w0LB4r9WpeyNhEIDEmoJlSnaFuZVnJJz bBXkeQ3ncY7+qGNpQthz4ffuuTg7cjTM1grApiF7aRKUo9pmYy5ObS0NrCJVgkZa/Yrr2cI4tMkcr cAp30xqA==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-2u for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 09/11] vpn: Add VPN agent use callback for plugins Date: Fri, 24 Jan 2025 20:58:43 +0200 Message-Id: <20250124185845.1546384-10-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false [vpn] Add VPN agent use callback for plugins. JB#59447 Add callback that can be used by the VPN plugins to tell the vpn_driver whether it uses VPN agent or not. Default to using VPN agent if the function is not defined. This is done to accommodate the state transition in vpn-provider when the VPN does not utilize VPN agent. --- vpn/plugins/vpn.c | 22 ++++++++++++++++++++++ vpn/plugins/vpn.h | 1 + vpn/vpn-provider.h | 1 + 3 files changed, 24 insertions(+) diff --git a/vpn/plugins/vpn.c b/vpn/plugins/vpn.c index 5cc4c757..b55b1222 100644 --- a/vpn/plugins/vpn.c +++ b/vpn/plugins/vpn.c @@ -797,6 +797,27 @@ static int vpn_route_env_parse(struct vpn_provider *provider, const char *key, return 0; } +static bool vpn_uses_vpn_agent(struct vpn_provider *provider) +{ + struct vpn_driver_data *vpn_driver_data = NULL; + const char *name = NULL; + + if (!provider) + return false; + + name = vpn_provider_get_driver_name(provider); + vpn_driver_data = g_hash_table_lookup(driver_hash, name); + + if (vpn_driver_data && vpn_driver_data->vpn_driver->uses_vpn_agent) + return vpn_driver_data->vpn_driver->uses_vpn_agent(provider); + + /* + * Default to using the VPN agent, in cases where the function is not + * implemented. The use of VPN agent must be explicitly dropped. + */ + return true; +} + int vpn_register(const char *name, const struct vpn_driver *vpn_driver, const char *program) { @@ -822,6 +843,7 @@ int vpn_register(const char *name, const struct vpn_driver *vpn_driver, data->provider_driver.save = vpn_save; data->provider_driver.set_state = vpn_set_state; data->provider_driver.route_env_parse = vpn_route_env_parse; + data->provider_driver.uses_vpn_agent = vpn_uses_vpn_agent; if (!driver_hash) driver_hash = g_hash_table_new_full(g_str_hash, diff --git a/vpn/plugins/vpn.h b/vpn/plugins/vpn.h index a8d24fc3..b24cbf9b 100644 --- a/vpn/plugins/vpn.h +++ b/vpn/plugins/vpn.h @@ -57,6 +57,7 @@ struct vpn_driver { int (*route_env_parse) (struct vpn_provider *provider, const char *key, int *family, unsigned long *idx, enum vpn_provider_route_type *type); + bool (*uses_vpn_agent) (struct vpn_provider *provider); }; int vpn_register(const char *name, const struct vpn_driver *driver, diff --git a/vpn/vpn-provider.h b/vpn/vpn-provider.h index c81476c6..8a8b6bfd 100644 --- a/vpn/vpn-provider.h +++ b/vpn/vpn-provider.h @@ -167,6 +167,7 @@ struct vpn_provider_driver { int (*route_env_parse) (struct vpn_provider *provider, const char *key, int *family, unsigned long *idx, enum vpn_provider_route_type *type); + bool (*uses_vpn_agent) (struct vpn_provider *provider); }; int vpn_provider_driver_register(struct vpn_provider_driver *driver); From patchwork Fri Jan 24 18:58:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949856 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4A8A727726 for ; Fri, 24 Jan 2025 19:01:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745266; cv=none; b=n00e1aOIieAR91X7PAigH45nP3nO+fEhNZ29E7if3bqrdqtWUhTFXhZPuH5grbKfPV/HY5le9D8Ik/7LQScUXa4q2vjauNr8oyN8qLk5k4umCE03hQQO9j55/3e6Wi/XzdXjpBX6nrfN9SkBmTz4DiLOTBJ6hXNZ1rsRyJsPHho= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745266; c=relaxed/simple; bh=L/dqWw2isTm+zUYZIvbzKqltKwZr3dVz1ATA2h5rXKA=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=uaFUqfbvQJJl7PvV3xylU1k2oMO1OLW4pzZO1FhKICnP6PHaM/tZCknigIAA0/FE0y3r8dChpENgqBSei2u2w64GXrmVXrGuJkdwisKIOxvr8tVbkKkqXlRffipkaA22Nqiie+GHr6cwIbrnCnLEcSI+S0jGjSdsrSZLSAwFl6s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=jKGzsquQ; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="jKGzsquQ" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=S9mQnJoAq5lZGrDJ8XWB/87GXKbN7MAakqdjhejWuKg=; b=jKGzsquQ2iv4Uw21v01sFxZj/A UvCI7W7cV3E+1HRl//Xj2sZeyBr84X5m0Uy0KWOsl25IU/dMes99+oNpmFJb+dyejY7kO9vds/hYC BidH/OVU8zJygdgFmn0DltWUBd9Wp6F3yuJPeEZkf1wu69ZUXoiYzUbAJAdeXHUQAhEXw4BDuRh/t B07iHvQZcclpHYXUC4rG/ZV3VuYgmpd6BMUpVxo/8M7w8OZxZoC02IXsTmplxV97fdwmIeenRCwon 6ve2nBsNdNEolpRtyEt/rwXHBejj/lS/xv8mFRmcX1xFH4feUixDKzLCWqvJgfefWtkmtaXqv9yLh WUb4fCAQ==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-33 for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:52 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 10/11] vpn-provider: Transition to CONNECT state with agentless VPNs Date: Fri, 24 Jan 2025 20:58:44 +0200 Message-Id: <20250124185845.1546384-11-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false [vpn-provider] Transition to CONNECT state with agentless VPNs Set to transition to CONNECT state immediately after ASSOCIATION state after initializing connection procedure with a VPN if it does not use VPN agent. This is done to accommodate the full state machine transitions as the VPN agent, when success, will do the transition but when VPN agent is not used the transition would be required to be done by the plugin. --- vpn/vpn-provider.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/vpn/vpn-provider.c b/vpn/vpn-provider.c index 56040e65..b21e9e61 100644 --- a/vpn/vpn-provider.c +++ b/vpn/vpn-provider.c @@ -1653,8 +1653,19 @@ int __vpn_provider_connect(struct vpn_provider *provider, DBusMessage *msg) } else return -EOPNOTSUPP; - if (err == -EINPROGRESS) - vpn_provider_set_state(provider, VPN_PROVIDER_STATE_ASSOCIATION); + if (err == -EINPROGRESS) { + vpn_provider_set_state(provider, + VPN_PROVIDER_STATE_ASSOCIATION); + + /* + * If the VPN does not use VPN agent do direct transition to + * connect in order to support the complete state machine. + */ + if (provider->driver && provider->driver->uses_vpn_agent && + !provider->driver->uses_vpn_agent(provider)) + vpn_provider_set_state(provider, + VPN_PROVIDER_STATE_CONNECT); + } return err; } From patchwork Fri Jan 24 18:58:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jussi Laakkonen X-Patchwork-Id: 13949857 Received: from mail.kapsi.fi (mail-auth.kapsi.fi [91.232.154.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 700AC21A450 for ; Fri, 24 Jan 2025 19:01:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.232.154.24 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745282; cv=none; b=i8yl7nDuJZnbbqBr5pNcN+0P8JOGGAPu/kmqXlZInIaEdQjdLXn/KP9WGknvg2vFMXKVBYTxYkW7sRlfmxwNuDhWPSd0utXLxVzy0rr1rIIIwTZDwmjcGUKKVHR15VGYMrZXtNyBk+y8LauDIJ4+M+hRrU2QqwZ1uMHuoULaMHM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737745282; c=relaxed/simple; bh=+3iaIsLDPAn4AflHYqSqvoZX2+TadFiXiKPnoDMzZZg=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=IAF+2ry4PER13Ry1ScdIY+Tzk3odNC7O7jcxJJ0BnU87d+5Kpmufr/w0FXgSQK9AY3qhXDxBfTkTpq6/0Q5qi74wy2kgRx8s43I+IYcghZPj2mdJDZX3pSstWGM3o3B2cMfdfIhFJ+PLV/VB10TT9junx0MYaro9LlEI6mxO7wY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com; spf=pass smtp.mailfrom=kapsi.fi; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b=JWuFRnmN; arc=none smtp.client-ip=91.232.154.24 Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=jolla.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kapsi.fi Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kapsi.fi header.i=@kapsi.fi header.b="JWuFRnmN" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=qVa0sSH0K/CJNT4olYz1WfDI7ea9jVIcUuTtxD/bYkw=; b=JWuFRnmNQeU0hSClY5qdmR2F05 +8bQOq4K6zDQsUV3cefXl/dNNBhFQaMeqy/7EE28YOg3KmXNyOYgRPt9BF0ckMnc1Vj581I1sKLF3 IyyIymaW0DqmfBp/xbI2fetsClaJDufLdbJF0PirO7xGniJO38NyrUb9KN4WkNh1OaksEHVUTf3SU iT4x776PVjhhf7dkZPcIOLzQUHlGb0brsJZibuttnkAPhlH1XZGwMgUsAqwM/skNJ4TydJZi6OavC aicg7OR6DbVDTMYmwGpLEBS3lTD46ygPbmUlIYKEYICsAkqGnJwsyW75+fis0aQTWEHb5U4fZ+VjK 6n1xtmMg==; Received: from [2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9] (helo=jl-x230.local) by mail.kapsi.fi with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tbOtI-006LIb-3C for connman@lists.linux.dev; Fri, 24 Jan 2025 20:58:53 +0200 From: Jussi Laakkonen To: connman@lists.linux.dev Subject: [PATCH 11/11] doc: Update VPN documentation for association state Date: Fri, 24 Jan 2025 20:58:45 +0200 Message-Id: <20250124185845.1546384-12-jussi.laakkonen@jolla.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> References: <20250124185845.1546384-1-jussi.laakkonen@jolla.com> Precedence: bulk X-Mailing-List: connman@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2a10:a5c0:2c1:9f00:b95c:6569:8d10:e7e9 X-SA-Exim-Mail-From: jussi.laakkonen@jolla.com X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false Add brief descriptions of the association state. Add it to parameter descriptions as well. --- doc/vpn-connection-api.txt | 4 ++-- doc/vpn-overview.txt | 7 ++++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/doc/vpn-connection-api.txt b/doc/vpn-connection-api.txt index 2d3e0078..df070957 100644 --- a/doc/vpn-connection-api.txt +++ b/doc/vpn-connection-api.txt @@ -104,8 +104,8 @@ Properties string State [readonly] The connection state information. - Valid states are "idle", "failure", "configuration", - "ready", "disconnect". + Valid states are "idle", "failure", "association", + "configuration", "ready", "disconnect". string Type [readonly] diff --git a/doc/vpn-overview.txt b/doc/vpn-overview.txt index d2d14a0c..74f5695e 100644 --- a/doc/vpn-overview.txt +++ b/doc/vpn-overview.txt @@ -66,7 +66,12 @@ VPN agent interface described in vpn-agent-api.txt is used for interaction between the connectivity UI and ConnMan. A VPN agent registered via Management interface gets requests from the VPN plugins to input credentials or other authentication information for the VPN -connection and offers information about the VPN to be connected. +connection and offers information about the VPN to be connected. When +waiting for input via VPN agent the state of the VPN is "association" +and after getting the input the state transitions to "connect". If the +VPN does not wish to use VPN agent this can be explicitly defined by +implementing "uses_vpn_agent()" returning "false" indicating that the +state is transitioned to "connect" when connecting the VPN. In addition to basic credentials, there are additional types of optional and control parameters. The user can dictate whether to store the