static gboolean
options_hash_match (NMSettingBond *s_bond, GHashTable *options1, GHashTable *options2)
{
GHashTableIter iter;
const char *key, *value, *value2;
g_hash_table_iter_init (&iter, options1);
while (g_hash_table_iter_next (&iter, (gpointer *) &key, (gpointer *) &value)) {
value2 = g_hash_table_lookup (options2, key);
if (!value2) {
if (nm_streq (key, "num_grat_arp"))
value2 = g_hash_table_lookup (options2, "num_unsol_na");
else if (nm_streq (key, "num_unsol_na"))
value2 = g_hash_table_lookup (options2, "num_grat_arp");
}
if (value2) {
if (nm_streq (value, value2))
continue;
} else {
if (nm_streq (value, nm_setting_bond_get_option_default (s_bond, key)))
continue;
}
return FALSE;
}
return TRUE;
}
/**
* nm_setting_bond_get_option_default:
* @setting: the #NMSettingBond
* @name: the name of the option
*
* Returns: the value of the bond option if not overridden by an entry in
* the #NMSettingBond:options property.
**/
const char *
nm_setting_bond_get_option_default (NMSettingBond *setting, const char *name)
{
const char *mode;
guint i;
g_return_val_if_fail (NM_IS_SETTING_BOND (setting), NULL);
g_return_val_if_fail (nm_setting_bond_validate_option (name, NULL), NULL);
if (nm_streq (name, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM)) {
/* The default value depends on the current mode */
mode = nm_setting_bond_get_option_by_name (setting, NM_SETTING_BOND_OPTION_MODE);
if ( nm_streq0 (mode, "4")
|| nm_streq0 (mode, "802.3ad"))
return "00:00:00:00:00:00";
else
return "";
}
for (i = 0; i < G_N_ELEMENTS (defaults); i++) {
if (g_strcmp0 (defaults[i].opt, name) == 0)
return defaults[i].val;
}
/* Any option that passes nm_setting_bond_validate_option() should also be found in defaults */
g_assert_not_reached ();
}
gboolean
_nm_setting_bond_option_supported (const char *option, NMBondMode mode)
{
guint i;
for (i = 0; i < G_N_ELEMENTS (bond_unsupp_modes); i++) {
if (nm_streq (option, bond_unsupp_modes[i].option))
return !NM_FLAGS_HAS (bond_unsupp_modes[i].unsupp_modes, BIT (mode));
}
return TRUE;
}
gboolean
nm_checkpoint_manager_destroy (NMCheckpointManager *self,
const char *checkpoint_path,
GError **error)
{
gboolean ret;
g_return_val_if_fail (self, FALSE);
g_return_val_if_fail (checkpoint_path && checkpoint_path[0] == '/', FALSE);
g_return_val_if_fail (!error || !*error, FALSE);
if (!nm_streq (checkpoint_path, "/")) {
ret = g_hash_table_remove (self->checkpoints, checkpoint_path);
if (!ret) {
g_set_error (error,
NM_MANAGER_ERROR,
NM_MANAGER_ERROR_INVALID_ARGUMENTS,
"checkpoint %s does not exist", checkpoint_path);
}
return ret;
} else
return nm_checkpoint_manager_destroy_all (self, error);
}
NMBondMode
_nm_setting_bond_mode_from_string (const char *str)
{
g_return_val_if_fail (str, NM_BOND_MODE_UNKNOWN);
if (nm_streq (str, "balance-rr"))
return NM_BOND_MODE_ROUNDROBIN;
if (nm_streq (str, "active-backup"))
return NM_BOND_MODE_ACTIVEBACKUP;
if (nm_streq (str, "balance-xor"))
return NM_BOND_MODE_XOR;
if (nm_streq (str, "broadcast"))
return NM_BOND_MODE_BROADCAST;
if (nm_streq (str, "802.3ad"))
return NM_BOND_MODE_8023AD;
if (nm_streq (str, "balance-tlb"))
return NM_BOND_MODE_TLB;
if (nm_streq (str, "balance-alb"))
return NM_BOND_MODE_ALB;
return NM_BOND_MODE_UNKNOWN;
}
static NMCResultCode
parse_command_line (NmCli *nmc, int argc, char **argv)
{
char *base;
base = strrchr (argv[0], '/');
if (base == NULL)
base = argv[0];
else
base++;
if (argc > 1 && nm_streq (argv[1], "--complete-args")) {
/* We (currently?) support --complete-args for "connection" command only:
* ignore any other command when this option is enabled as means we are in
* autocompletion mode (so we should just quit and don't print anything).
* This would help us to ensure shell autocompletion after NM package downgrade
* if we ever will enable --complete-args for other commands */
if ((argc == 2) || !(nm_streq0 (argv[2], "connection") || nm_streq0 (argv[2], "device")))
return nmc->return_value;
nmc->complete = TRUE;
argv[1] = argv[0];
argc--; argv++;
}
/* parse options */
while (argc > 1) {
char *opt = argv[1];
/* '--' ends options */
if (strcmp (opt, "--") == 0) {
argc--; argv++;
break;
}
if (opt[0] != '-')
break;
if (opt[1] == '-')
opt++;
if (matches (opt, "-terse") == 0) {
if (nmc->print_output == NMC_PRINT_TERSE) {
g_string_printf (nmc->return_text, _("Error: Option '--terse' is specified the second time."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else if (nmc->print_output == NMC_PRINT_PRETTY) {
g_string_printf (nmc->return_text, _("Error: Option '--terse' is mutually exclusive with '--pretty'."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else
nmc->print_output = NMC_PRINT_TERSE;
} else if (matches (opt, "-pretty") == 0) {
if (nmc->print_output == NMC_PRINT_PRETTY) {
g_string_printf (nmc->return_text, _("Error: Option '--pretty' is specified the second time."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else if (nmc->print_output == NMC_PRINT_TERSE) {
g_string_printf (nmc->return_text, _("Error: Option '--pretty' is mutually exclusive with '--terse'."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else
nmc->print_output = NMC_PRINT_PRETTY;
} else if (matches (opt, "-mode") == 0) {
nmc->mode_specified = TRUE;
next_arg (&argc, &argv);
if (argc <= 1) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (matches (argv[1], "tabular") == 0)
nmc->multiline_output = FALSE;
else if (matches (argv[1], "multiline") == 0)
nmc->multiline_output = TRUE;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[1], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-colors") == 0) {
next_arg (&argc, &argv);
if (argc <= 1) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (matches (argv[1], "auto") == 0)
nmc->use_colors = NMC_USE_COLOR_AUTO;
else if (matches (argv[1], "yes") == 0)
nmc->use_colors = NMC_USE_COLOR_YES;
else if (matches (argv[1], "no") == 0)
nmc->use_colors = NMC_USE_COLOR_NO;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[1], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-escape") == 0) {
next_arg (&argc, &argv);
if (argc <= 1) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (matches (argv[1], "yes") == 0)
nmc->escape_values = TRUE;
else if (matches (argv[1], "no") == 0)
nmc->escape_values = FALSE;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[1], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-fields") == 0) {
next_arg (&argc, &argv);
if (argc <= 1) {
g_string_printf (nmc->return_text, _("Error: fields for '%s' options are missing."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
nmc->required_fields = g_strdup (argv[1]);
} else if (matches (opt, "-nocheck") == 0) {
/* ignore for backward compatibility */
} else if (matches (opt, "-ask") == 0) {
nmc->ask = TRUE;
} else if (matches (opt, "-show-secrets") == 0) {
nmc->show_secrets = TRUE;
} else if (matches (opt, "-wait") == 0) {
unsigned long timeout;
next_arg (&argc, &argv);
if (argc <= 1) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (!nmc_string_to_uint (argv[1], TRUE, 0, G_MAXINT, &timeout)) {
g_string_printf (nmc->return_text, _("Error: '%s' is not a valid timeout for '%s' option."),
argv[1], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
nmc->timeout = (int) timeout;
} else if (matches (opt, "-version") == 0) {
g_print (_("nmcli tool, version %s\n"), NMCLI_VERSION);
return NMC_RESULT_SUCCESS;
} else if (matches (opt, "-help") == 0) {
usage (base);
return NMC_RESULT_SUCCESS;
} else {
g_string_printf (nmc->return_text, _("Error: Option '%s' is unknown, try 'nmcli -help'."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
argc--;
argv++;
}
/* Now run the requested command */
return nmc_do_cmd (nmc, nmcli_cmds, argv[1], argc-1, argv+1);
}
static NMCResultCode
parse_command_line (NmCli *nmc, int argc, char **argv)
{
char *base;
base = strrchr (argv[0], '/');
if (base == NULL)
base = argv[0];
else
base++;
if (argc > 1 && nm_streq (argv[1], "--complete-args")) {
nmc->complete = TRUE;
argv[1] = argv[0];
argc--; argv++;
}
argc--; argv++;
/* parse options */
while (argc) {
char *opt = argv[0];
if (opt[0] != '-')
break;
if (argc == 1 && nmc->complete) {
nmc_complete_strings (opt, "--terse", "--pretty", "--mode", "--colors", "--escape",
"--fields", "--nocheck", "--ask", "--show-secrets",
"--wait", "--version", "--help", NULL);
}
if (opt[1] == '-') {
opt++;
/* '--' ends options */
if (opt[1] == '\0') {
argc--; argv++;
break;
}
}
if (matches (opt, "-terse") == 0) {
if (nmc->print_output == NMC_PRINT_TERSE) {
g_string_printf (nmc->return_text, _("Error: Option '--terse' is specified the second time."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else if (nmc->print_output == NMC_PRINT_PRETTY) {
g_string_printf (nmc->return_text, _("Error: Option '--terse' is mutually exclusive with '--pretty'."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else
nmc->print_output = NMC_PRINT_TERSE;
} else if (matches (opt, "-pretty") == 0) {
if (nmc->print_output == NMC_PRINT_PRETTY) {
g_string_printf (nmc->return_text, _("Error: Option '--pretty' is specified the second time."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else if (nmc->print_output == NMC_PRINT_TERSE) {
g_string_printf (nmc->return_text, _("Error: Option '--pretty' is mutually exclusive with '--terse'."));
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
else
nmc->print_output = NMC_PRINT_PRETTY;
} else if (matches (opt, "-mode") == 0) {
nmc->mode_specified = TRUE;
if (next_arg (&argc, &argv) != 0) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (argc == 1 && nmc->complete)
nmc_complete_strings (argv[0], "tabular", "multiline", NULL);
if (matches (argv[0], "tabular") == 0)
nmc->multiline_output = FALSE;
else if (matches (argv[0], "multiline") == 0)
nmc->multiline_output = TRUE;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[0], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-colors") == 0) {
if (next_arg (&argc, &argv) != 0) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (argc == 1 && nmc->complete)
nmc_complete_strings (argv[0], "yes", "no", "auto", NULL);
if (matches (argv[0], "auto") == 0)
nmc->use_colors = NMC_USE_COLOR_AUTO;
else if (matches (argv[0], "yes") == 0)
nmc->use_colors = NMC_USE_COLOR_YES;
else if (matches (argv[0], "no") == 0)
nmc->use_colors = NMC_USE_COLOR_NO;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[0], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-escape") == 0) {
if (next_arg (&argc, &argv) != 0) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (argc == 1 && nmc->complete)
nmc_complete_strings (argv[0], "yes", "no", NULL);
if (matches (argv[0], "yes") == 0)
nmc->escape_values = TRUE;
else if (matches (argv[0], "no") == 0)
nmc->escape_values = FALSE;
else {
g_string_printf (nmc->return_text, _("Error: '%s' is not valid argument for '%s' option."), argv[0], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
} else if (matches (opt, "-fields") == 0) {
if (next_arg (&argc, &argv) != 0) {
g_string_printf (nmc->return_text, _("Error: fields for '%s' options are missing."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (argc == 1 && nmc->complete)
complete_fields (argv[0]);
nmc->required_fields = g_strdup (argv[0]);
} else if (matches (opt, "-nocheck") == 0) {
/* ignore for backward compatibility */
} else if (matches (opt, "-ask") == 0) {
nmc->ask = TRUE;
} else if (matches (opt, "-show-secrets") == 0) {
nmc->show_secrets = TRUE;
} else if (matches (opt, "-wait") == 0) {
unsigned long timeout;
if (next_arg (&argc, &argv) != 0) {
g_string_printf (nmc->return_text, _("Error: missing argument for '%s' option."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
if (!nmc_string_to_uint (argv[0], TRUE, 0, G_MAXINT, &timeout)) {
g_string_printf (nmc->return_text, _("Error: '%s' is not a valid timeout for '%s' option."),
argv[0], opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
nmc->timeout = (int) timeout;
} else if (matches (opt, "-version") == 0) {
if (!nmc->complete)
g_print (_("nmcli tool, version %s\n"), NMCLI_VERSION);
return NMC_RESULT_SUCCESS;
} else if (matches (opt, "-help") == 0) {
if (!nmc->complete)
usage ();
return NMC_RESULT_SUCCESS;
} else {
g_string_printf (nmc->return_text, _("Error: Option '%s' is unknown, try 'nmcli -help'."), opt);
nmc->return_value = NMC_RESULT_ERROR_USER_INPUT;
return nmc->return_value;
}
argc--;
argv++;
}
/* Now run the requested command */
return nmc_do_cmd (nmc, nmcli_cmds, *argv, argc, argv);
}
int
main (int argc, char *argv[])
{
GDBusProxy *proxy;
GVariantBuilder builder, ip4builder, ip6builder;
GVariant *ip4config, *ip6config;
char *tmp;
GVariant *val;
int i;
GError *err = NULL;
GPtrArray *dns4_list, *dns6_list;
GPtrArray *nbns_list;
GPtrArray *dns_domains;
struct in_addr temp_addr;
int tapdev = -1;
char **iter;
int shift = 0;
gboolean is_restart;
gboolean has_ip4_prefix = FALSE;
gboolean has_ip4_address = FALSE;
gboolean has_ip6_address = FALSE;
gchar *bus_name = NM_DBUS_SERVICE_OPENVPN;
#if !GLIB_CHECK_VERSION (2, 35, 0)
g_type_init ();
#endif
for (i = 1; i < argc; i++) {
if (!strcmp (argv[i], "--")) {
i++;
break;
}
if (nm_streq (argv[i], "--debug")) {
if (i + 2 >= argc) {
g_printerr ("Missing debug arguments (requires <LEVEL> <PREFIX_TOKEN>)\n");
exit (1);
}
gl.log_level = _nm_utils_ascii_str_to_int64 (argv[++i], 10, 0, LOG_DEBUG, 0);
gl.log_prefix_token = argv[++i];
} else if (!strcmp (argv[i], "--tun"))
tapdev = 0;
else if (!strcmp (argv[i], "--tap"))
tapdev = 1;
else if (!strcmp (argv[i], "--bus-name")) {
if (++i == argc) {
g_printerr ("Missing bus name argument\n");
exit (1);
}
if (!g_dbus_is_name (argv[i])) {
g_printerr ("Invalid bus name\n");
exit (1);
}
bus_name = argv[i];
} else
break;
}
shift = i - 1;
if (_LOGD_enabled ()) {
GString *args;
args = g_string_new (NULL);
for (i = 0; i < argc; i++) {
if (i > 0)
g_string_append_c (args, ' ');
if (shift && 1 + shift == i)
g_string_append (args, " ");
tmp = g_strescape (argv[i], NULL);
g_string_append_printf (args, "\"%s\"", tmp);
g_free (tmp);
}
_LOGD ("command line: %s", args->str);
g_string_free (args, TRUE);
for (iter = environ; iter && *iter; iter++)
_LOGD ("environment: %s", *iter);
}
/* shift the arguments to the right leaving only those provided by openvpn */
argv[shift] = argv[0];
argv += shift;
argc -= shift;
is_restart = argc >= 7 && !g_strcmp0 (argv[6], "restart");
proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM,
G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES,
NULL,
bus_name,
NM_VPN_DBUS_PLUGIN_PATH,
NM_VPN_DBUS_PLUGIN_INTERFACE,
NULL, &err);
if (!proxy) {
_LOGW ("Could not create a D-Bus proxy: %s", err->message);
g_error_free (err);
exit (1);
}
g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
g_variant_builder_init (&ip4builder, G_VARIANT_TYPE_VARDICT);
g_variant_builder_init (&ip6builder, G_VARIANT_TYPE_VARDICT);
/* External world-visible VPN gateway */
val = trusted_remote_to_gvariant ();
if (val)
g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_EXT_GATEWAY, val);
else
helper_failed (proxy, "VPN Gateway");
/* Internal VPN subnet gateway */
tmp = getenv ("route_vpn_gateway");
val = addr4_to_gvariant (tmp);
if (val)
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, val);
else {
val = addr6_to_gvariant (tmp);
if (val)
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_INT_GATEWAY, val);
}
/* VPN device */
tmp = getenv ("dev");
val = str_to_gvariant (tmp, FALSE);
if (val)
g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_TUNDEV, val);
else
helper_failed (proxy, "Tunnel Device");
if (tapdev == -1)
tapdev = strncmp (tmp, "tap", 3) == 0;
/* IPv4 address */
tmp = getenv ("ifconfig_local");
if (!tmp && is_restart)
tmp = argv[4];
if (tmp && strlen (tmp)) {
val = addr4_to_gvariant (tmp);
if (val) {
has_ip4_address = TRUE;
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val);
} else
helper_failed (proxy, "IP4 Address");
}
/* PTP address; for vpnc PTP address == internal IP4 address */
tmp = getenv ("ifconfig_remote");
if (!tmp && is_restart)
tmp = argv[5];
val = addr4_to_gvariant (tmp);
if (val) {
/* Sigh. Openvpn added 'topology' stuff in 2.1 that changes the meaning
* of the ifconfig bits without actually telling you what they are
* supposed to mean; basically relying on specific 'ifconfig' behavior.
*/
if (tmp && !strncmp (tmp, "255.", 4)) {
guint32 addr;
/* probably a netmask, not a PTP address; topology == subnet */
addr = g_variant_get_uint32 (val);
g_variant_unref (val);
val = g_variant_new_uint32 (nm_utils_ip4_netmask_to_prefix (addr));
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
has_ip4_prefix = TRUE;
} else
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_PTP, val);
}
/* Netmask
*
* Either TAP or TUN modes can have an arbitrary netmask in newer versions
* of openvpn, while in older versions only TAP mode would. So accept a
* netmask if passed, otherwise default to /32 for TUN devices since they
* are usually point-to-point.
*/
tmp = getenv ("ifconfig_netmask");
if (tmp && inet_pton (AF_INET, tmp, &temp_addr) > 0) {
val = g_variant_new_uint32 (nm_utils_ip4_netmask_to_prefix (temp_addr.s_addr));
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
} else if (!tapdev) {
if (has_ip4_address && !has_ip4_prefix) {
val = g_variant_new_uint32 (32);
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val);
}
} else
_LOGW ("No IP4 netmask/prefix (missing or invalid 'ifconfig_netmask')");
val = get_ip4_routes ();
if (val)
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_ROUTES, val);
else if (is_restart) {
g_variant_builder_add (&ip4builder, "{sv}",
NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES,
g_variant_new_boolean (TRUE));
}
/* IPv6 address */
tmp = getenv ("ifconfig_ipv6_local");
if (tmp && strlen (tmp)) {
val = addr6_to_gvariant (tmp);
if (val) {
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_ADDRESS, val);
has_ip6_address = TRUE;
} else
helper_failed (proxy, "IP6 Address");
}
/* IPv6 remote address */
tmp = getenv ("ifconfig_ipv6_remote");
if (tmp && strlen (tmp)) {
val = addr6_to_gvariant (tmp);
if (val)
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_PTP, val);
else
helper_failed (proxy, "IP6 PTP Address");
}
/* IPv6 netbits */
tmp = getenv ("ifconfig_ipv6_netbits");
if (tmp && strlen (tmp)) {
long int netbits;
errno = 0;
netbits = strtol (tmp, NULL, 10);
if (errno || netbits < 0 || netbits > 128) {
_LOGW ("Ignoring invalid prefix '%s'", tmp);
} else {
val = g_variant_new_uint32 ((guint32) netbits);
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_PREFIX, val);
}
}
val = get_ip6_routes ();
if (val)
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_ROUTES, val);
else if (is_restart) {
g_variant_builder_add (&ip6builder, "{sv}",
NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES,
g_variant_new_boolean (TRUE));
}
/* DNS and WINS servers */
dns_domains = g_ptr_array_sized_new (3);
dns4_list = g_ptr_array_new ();
dns6_list = g_ptr_array_new ();
nbns_list = g_ptr_array_new ();
for (i = 1; i < 256; i++) {
char *env_name;
env_name = g_strdup_printf ("foreign_option_%d", i);
tmp = getenv (env_name);
g_free (env_name);
if (!tmp || strlen (tmp) < 1)
break;
if (!g_str_has_prefix (tmp, "dhcp-option "))
continue;
tmp += 12; /* strlen ("dhcp-option ") */
if (g_str_has_prefix (tmp, "DNS "))
parse_addr_list (dns4_list, dns6_list, tmp + 4);
else if (g_str_has_prefix (tmp, "WINS "))
parse_addr_list (nbns_list, NULL, tmp + 5);
else if (g_str_has_prefix (tmp, "DOMAIN ") && is_domain_valid (tmp + 7))
g_ptr_array_add (dns_domains, tmp + 7);
}
if (dns4_list->len) {
val = g_variant_new_array (G_VARIANT_TYPE_UINT32, (GVariant **) dns4_list->pdata, dns4_list->len);
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DNS, val);
}
if (has_ip6_address && dns6_list->len) {
val = g_variant_new_array (G_VARIANT_TYPE ("ay"), (GVariant **) dns6_list->pdata, dns6_list->len);
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_DNS, val);
}
if (nbns_list->len) {
val = g_variant_new_array (G_VARIANT_TYPE_UINT32, (GVariant **) nbns_list->pdata, nbns_list->len);
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_NBNS, val);
}
if (dns_domains->len) {
val = g_variant_new_strv ((const gchar **) dns_domains->pdata, dns_domains->len);
g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
/* Domains apply to both IPv4 and IPv6 configurations */
if (has_ip6_address) {
val = g_variant_new_strv ((const gchar **) dns_domains->pdata, dns_domains->len);
g_variant_builder_add (&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_DOMAINS, val);
}
}
g_ptr_array_unref (dns4_list);
g_ptr_array_unref (dns6_list);
g_ptr_array_unref (nbns_list);
g_ptr_array_unref (dns_domains);
/* Tunnel MTU */
tmp = getenv ("tun_mtu");
if (tmp && strlen (tmp)) {
long int mtu;
errno = 0;
mtu = strtol (tmp, NULL, 10);
if (errno || mtu < 0 || mtu > 20000) {
_LOGW ("Ignoring invalid tunnel MTU '%s'", tmp);
} else {
val = g_variant_new_uint32 ((guint32) mtu);
g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_MTU, val);
}
}
ip4config = g_variant_builder_end (&ip4builder);
if (g_variant_n_children (ip4config)) {
val = g_variant_new_boolean (TRUE);
g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_HAS_IP4, val);
} else {
g_variant_unref (ip4config);
ip4config = NULL;
}
ip6config = g_variant_builder_end (&ip6builder);
if (g_variant_n_children (ip6config)) {
val = g_variant_new_boolean (TRUE);
g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_HAS_IP6, val);
} else {
g_variant_unref (ip6config);
ip6config = NULL;
}
if (!ip4config && !ip6config)
helper_failed (proxy, "IPv4 or IPv6 configuration");
/* Send the config info to nm-openvpn-service */
send_config (proxy, g_variant_builder_end (&builder), ip4config, ip6config);
g_object_unref (proxy);
return 0;
}
