[PATCH v0 0/2] OpenVPN logging
by Daniel Wagner
From: Daniel Wagner <daniel.wagner(a)bmw-carit.de>
Hi,
I am debugging some network setups here and found out that we don't
log anything from OpenVPN which is pretty sad. Let's fix this.
cheers,
daniel
Daniel Wagner (2):
openvpn: Fix stdout/stderr forwarding from deamon
openvpn: Add verbose flag
vpn/plugins/openvpn.c | 49 ++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 44 insertions(+), 5 deletions(-)
--
2.5.5
4 years, 9 months
[PATCH] dhcpv6: use correct dhcp renew time when valid life-time is infinity.
by Feng Wang
Based on RFC 3315, 22.6, the valid life-time is infinite when its
value is 0xffffffff. In the g_dhcpv6_client_get_timeouts, the expire
data type is time_t. If time_t is uint32, the last_request time plus
0xffffffff will wrapover so that expire time is smaller than current
time. Thus the dhcpv6 will restart immediately(dhcpv6_restart called).
---
gdhcp/client.c | 9 +++++++--
src/dhcpv6.c | 6 +++++-
2 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/gdhcp/client.c b/gdhcp/client.c
index 9012b38..2be3982 100644
--- a/gdhcp/client.c
+++ b/gdhcp/client.c
@@ -835,8 +835,13 @@ int g_dhcpv6_client_get_timeouts(GDHCPClient *dhcp_client,
if (started)
*started = dhcp_client->last_request;
- if (expire)
- *expire = dhcp_client->last_request + dhcp_client->expire;
+ if (expire) {
+ if (dhcp_client->expire == 0xffffffff)
+ /* RFC3315 22.6 infinite valid-lifetime */
+ *expire = 0xffffffff;
+ else
+ *expire = dhcp_client->last_request + dhcp_client->expire;
+ }
return 0;
}
diff --git a/src/dhcpv6.c b/src/dhcpv6.c
index 9e21040..cd5733a 100644
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -1195,7 +1195,7 @@ static int check_restart(struct connman_dhcpv6 *dhcp)
NULL, &expired);
current = time(NULL);
- if (current >= expired) {
+ if (current >= expired && expired != 0xffffffff) {
DBG("expired by %d secs", (int)(current - expired));
g_timeout_add(0, dhcpv6_restart, dhcp);
@@ -1442,6 +1442,10 @@ int __connman_dhcpv6_start_renew(struct connman_network *network,
/* RFC 3315, 22.4
* Client can choose the timeout.
*/
+ if (expired == 0xffffffff) {
+ /* RFC 3315, 22.6 infinite valid-lifetime */
+ return 0;
+ }
T1 = (expired - started) / 2;
T2 = (expired - started) / 10 * 8;
}
--
2.8.0.rc3.226.g39d4020
5 years
Query about Connman Session
by Benjamin Ioller
Hello,
I'm using Connman (v-1.32) on my Raspberry Pi and I wanted to try the session mode.
I found quite few interesting mailings and I looked over the code (session.c, test-session) and the doc, but it looks like session is not really a nowadays topic.
Does someone use the Connman's session? and for which application? Can you give me an example?
So here is what I understood so far about the session mode:
Connman session allows the application to use specific network setting as selected technologies, roaming policy...
Connman uses Iptable to do so. Connman creates rules in the mangle table to mark the packet based on the UID/GID.
Then rules are added to the filter table depending on the allowed bearers, and other properties.
This routing is only functional when the connman state option is ON.
Connman proposes two ways to create a session :
First, the application creates it's own session using the method form /net.connman.manager. I try to use this method with a python script, the application creates a session, connects to it and sends UDP packet to a local host via ethernet. But I didn't manage to setup the AllowedBearers, neither with
manager.CreateSession({"AllowedBearers":Glib.Variant('s','ethernet')},notifier_path)
nor
Session.Change("AllowedBeares",Glib.Variant('s','ethernet')).
I have Variant encoding issue. Do you have any advice or exemple?
I was also wondering how does the mangle table identify the application's packet? (or maybe it's just the UID again?)
The second way is to use session_policy. With this method you can mark packet only based on the UID or GID. I need to create UID.policy in var/lib/connman/session_policy_local which contained the different parameters. But when I turn the Connman's state session On, nothing happened... My pi user is still able to use wifi even if the pi.policy have only Ethernet as AllowedBearers. I suspect the issue comes from user rights or something... Does somebody had similar issue?
By the way, is the session priority only for notification hierarchy or does the session priority have some effect on the network traffic (during congestion?)?
Hope these questions aren't too basic for you, and can help other.
If you have any literature which could help, I'll take it!
Thank you,
Benjamin
5 years
cellular reconnect
by Alexander Smirnov
Dear all,
could you also please help me with another issue, I've observed.
What I did:
- Connect cellular service in connmanctl (ppp0 appears in ifconfig)
- Disconnect physical GSM antenna (ppp0 disappears)
- Connect physical GSM antenna
After these steps I don't see cellular service (connmanctl services is
empty) till I reset the modem.
How should I handle network strength events to automatically reconnect
the cellular? Why I don't see cellular in connman services anymore?
Thank you in advance!
--
With best regards,
Alexander Smirnov
ilbers GmbH
Baierbrunner Str. 28c
D-81379 München
+49 (89) 122 67 24-0
http://ilbers.de/
Commercial register Munich, HRB 214197
General manager: Baurzhan Ismagulov
5 years
ConnMan and Cellular
by Alexander Smirnov
Dear all,
I'm trying to setup ConnMan to have cellular always enabled despite on
other services state.
What I did:
- Create oFono context with APN settings
- Set AutoConnect=true for cellular
- Tested manual cellular network bring up (connmanctl connect cellular...)
What I've observed:
- If ehternet cable is plugged - cellular is in idle state
- If I down ethernet - cellular becomes available
I've enabled debugging, and found that "auto_connect_service()" always
return true on the ethernet service:
src/service.c:
3772: if (service->pending ||
3773 is_connecting(service) ||
3774: is_connected(service)) {
3775: if (!active_count)
3776: return true;
Is there any way to get cellular always connected?
Thank you!
--
With best regards,
Alexander Smirnov
ilbers GmbH
Baierbrunner Str. 28c
D-81379 München
+49 (89) 122 67 24-0
http://ilbers.de/
Commercial register Munich, HRB 214197
General manager: Baurzhan Ismagulov
5 years
[PATCH] stats: add --enable-stats/--disable-stats compile flag.
by Feng Wang
This flag turns on/off the persistent statistic numbers support.
---
Makefile.am | 4 ++++
configure.ac | 5 +++++
src/stats.c | 36 ++++++++++++++++++++++++++++++++++++
3 files changed, 45 insertions(+)
diff --git a/Makefile.am b/Makefile.am
index d70725c..fd38bb9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -223,6 +223,10 @@ else
AM_CPPFLAGS = -I$(builddir)/include -I$(builddir)/src -I$(srcdir)/gdbus
endif
+if STATS
+AM_CPPFLAGS += -DCONNMAN_WITH_STATS
+endif
+
src_connmand_CFLAGS = @DBUS_CFLAGS@ @GLIB_CFLAGS@ @XTABLES_CFLAGS@ \
@GNUTLS_CFLAGS@ $(builtin_cflags) \
-DCONNMAN_PLUGIN_BUILTIN \
diff --git a/configure.ac b/configure.ac
index c330314..a8a03a3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -352,6 +352,11 @@ AC_ARG_ENABLE(tools, AC_HELP_STRING([--disable-tools],
[enable_tools=${enableval}])
AM_CONDITIONAL(TOOLS, test "${enable_tools}" != "no")
+AC_ARG_ENABLE(stats, AC_HELP_STRING([--disable-stats],
+ [disable stats file support]),
+ [enable_stats=${enableval}])
+AM_CONDITIONAL(STATS, test "${enable_stats}" != "no")
+
if (test "${enable_tools}" != "no"); then
AC_PATH_PROGS(IPTABLES_SAVE, [iptables-save], [],
$PATH:/sbin:/usr/sbin)
diff --git a/src/stats.c b/src/stats.c
index 26343b1..8fb2139 100644
--- a/src/stats.c
+++ b/src/stats.c
@@ -37,6 +37,7 @@
#include "connman.h"
+#ifdef CONNMAN_WITH_STATS
#define MODE (S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | \
S_IXGRP | S_IROTH | S_IXOTH)
@@ -823,3 +824,38 @@ void __connman_stats_cleanup(void)
g_hash_table_destroy(stats_hash);
stats_hash = NULL;
}
+
+#else
+
+int __connman_stats_service_register(struct connman_service *service)
+{
+ return -ENOTSUP;
+}
+
+void __connman_stats_service_unregister(struct connman_service *service)
+{
+}
+
+int __connman_stats_update(struct connman_service *service,
+ bool roaming,
+ struct connman_stats_data *data)
+{
+ return 0;
+}
+
+int __connman_stats_get(struct connman_service *service,
+ bool roaming,
+ struct connman_stats_data *data)
+{
+ return 0;
+}
+
+int __connman_stats_init(void)
+{
+ return 0;
+}
+
+void __connman_stats_cleanup(void)
+{
+}
+#endif /* CONNMAN_WITH_STATS */
--
2.8.0.rc3.226.g39d4020
5 years
connman stops auto-connecting every day or so
by Kevin Wells
Hello,
I am running connmand 1.27 on Yocto on an edison. Every day or so, the edison stops connecting to my primary network. I can reestablish normal behavior by using “connmanctl connect wifi_…” Rebooting alone does not fix the problem.
Any help would be much appreciated.
Thank you,
Kevin Wells
5 years
[PATCH] dhcp: remove the possible remaining dhcp_retry_cb timer
by Harish Jenny K N
In the following scenario:
1. no_lease_cb() is called
dhcp->ipv4ll_client = ipv4ll_client;
err = g_dhcp_client_start(dhcp->ipv4ll_client, NULL);
ipv4ll_start(dhcp_client);
2. switch_listening_mode
--> listener_event
3. listener_event
--> ipv4ll_recv_arp_packet
---> no_lease_cb
---- > creates a new timeout (dhcp->timeout) without removing the old timeout
Logs:
src/dhcp.c:no_lease_cb() No lease available ipv4ll 0 client (nil)
src/dhcp.c:no_lease_cb() No lease available ipv4ll 1 client 0x1d1e808
src/dhcp.c:dhcp_release() dhcp 0x1d14980
There is a possibility if dhcp_retry_cb() Timeout is not called before first
no_lease_cb, then the old timer is not removed before creating the new one.
We are not sure if the dhcp object will be alive when the first timeout fires.
This could result in a potential crash.
This patch adds a defensive check to remove the potential existing timer
before creating a new one.
---
src/dhcp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/dhcp.c b/src/dhcp.c
index 54d98db..57e7ac9 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -256,6 +256,9 @@ static void no_lease_cb(GDHCPClient *dhcp_client, gpointer user_data)
DBG("No lease available ipv4ll %d client %p", ipv4ll_running,
dhcp->ipv4ll_client);
+ if (dhcp->timeout > 0)
+ g_source_remove(dhcp->timeout);
+
dhcp->timeout = g_timeout_add_seconds(RATE_LIMIT_INTERVAL,
dhcp_retry_cb,
dhcp);
--
1.7.9.5
5 years, 1 month
[PATCH 5/6] mozjs: fix global variable storage
by David Woodhouse
Support a JS context per proxy configuration, instead of only one at a
time.
---
plugins/mozjs.c | 121 +++++++++++++++++++++++++++++++-------------------------
1 file changed, 68 insertions(+), 53 deletions(-)
diff --git a/plugins/mozjs.c b/plugins/mozjs.c
index 77a0c13..130c3c9 100644
--- a/plugins/mozjs.c
+++ b/plugins/mozjs.c
@@ -44,7 +44,11 @@
static pthread_mutex_t mozjs_mutex = PTHREAD_MUTEX_INITIALIZER;
-static struct pacrunner_proxy *current_proxy = NULL;
+struct pacrunner_mozjs {
+ struct pacrunner_proxy *proxy;
+ JSContext *jsctx;
+ JSObject *jsobj;
+};
static int getaddr(const char *node, char *host, size_t hostlen)
{
@@ -91,19 +95,20 @@ static int resolve(const char *node, char *host, size_t hostlen)
return 0;
}
-static JSBool myipaddress(JSContext *ctx, uintN argc, jsval *vp)
+static JSBool myipaddress(JSContext *jsctx, uintN argc, jsval *vp)
{
+ struct pacrunner_mozjs *ctx = JS_GetContextPrivate(jsctx);
const char *interface;
char address[NI_MAXHOST];
DBG("");
- JS_SET_RVAL(ctx, vp, JSVAL_NULL);
+ JS_SET_RVAL(jsctx, vp, JSVAL_NULL);
- if (!current_proxy)
+ if (!ctx)
return JS_TRUE;
- interface = pacrunner_proxy_get_interface(current_proxy);
+ interface = pacrunner_proxy_get_interface(ctx->proxy);
if (!interface)
return JS_TRUE;
@@ -112,7 +117,8 @@ static JSBool myipaddress(JSContext *ctx, uintN argc, jsval *vp)
DBG("address %s", address);
- JS_SET_RVAL(ctx, vp, STRING_TO_JSVAL(JS_NewStringCopyZ(ctx, address)));
+ JS_SET_RVAL(jsctx, vp, STRING_TO_JSVAL(JS_NewStringCopyZ(jsctx,
+ address)));
return JS_TRUE;
}
@@ -160,103 +166,113 @@ static JSClass jscls = {
};
static JSRuntime *jsrun;
-static JSContext *jsctx = NULL;
-static JSObject *jsobj = NULL;
-static void create_object(void)
+static int create_object(struct pacrunner_proxy *proxy)
{
+ struct pacrunner_mozjs *ctx;
const char *script;
jsval rval;
- if (!current_proxy)
- return;
-
- script = pacrunner_proxy_get_script(current_proxy);
+ script = pacrunner_proxy_get_script(proxy);
if (!script)
- return;
+ return 0;
- jsctx = JS_NewContext(jsrun, 8 * 1024);
+ ctx = g_malloc0(sizeof(struct pacrunner_mozjs));
+
+ ctx->proxy = proxy;
+ ctx->jsctx = JS_NewContext(jsrun, 8 * 1024);
+ if (!ctx->jsctx) {
+ g_free(ctx);
+ return -ENOMEM;
+ }
+ JS_SetContextPrivate(ctx->jsctx, ctx);
+ __pacrunner_proxy_set_jsctx(proxy, ctx);
#if JS_VERSION >= 185
- jsobj = JS_NewCompartmentAndGlobalObject(jsctx, &jscls, NULL);
+ ctx->jsobj = JS_NewCompartmentAndGlobalObject(ctx->jsctx, &jscls,
+ NULL);
#else
- jsobj = JS_NewObject(jsctx, &jscls, NULL, NULL);
+ ctx->jsobj = JS_NewObject(ctx->jsctx, &jscls, NULL, NULL);
#endif
- if (!JS_InitStandardClasses(jsctx, jsobj))
+ if (!JS_InitStandardClasses(ctx->jsctx, ctx->jsobj))
pacrunner_error("Failed to init JS standard classes");
- JS_DefineFunction(jsctx, jsobj, "myIpAddress", myipaddress, 0, 0);
- JS_DefineFunction(jsctx, jsobj, "dnsResolve", dnsresolve, 1, 0);
+ JS_DefineFunction(ctx->jsctx, ctx->jsobj, "myIpAddress",
+ myipaddress, 0, 0);
+ JS_DefineFunction(ctx->jsctx, ctx->jsobj,
+ "dnsResolve", dnsresolve, 1, 0);
- JS_EvaluateScript(jsctx, jsobj, JAVASCRIPT_ROUTINES,
- strlen(JAVASCRIPT_ROUTINES), NULL, 0, &rval);
+ JS_EvaluateScript(ctx->jsctx, ctx->jsobj, JAVASCRIPT_ROUTINES,
+ strlen(JAVASCRIPT_ROUTINES), NULL, 0, &rval);
- JS_EvaluateScript(jsctx, jsobj, script, strlen(script),
- "wpad.dat", 0, &rval);
+ JS_EvaluateScript(ctx->jsctx, ctx->jsobj, script, strlen(script),
+ "wpad.dat", 0, &rval);
+
+ return 0;
}
-static void destroy_object(void)
+static int mozjs_clear_proxy(struct pacrunner_proxy *proxy)
{
- if (!jsctx)
- return;
+ struct pacrunner_mozjs *ctx = __pacrunner_proxy_get_jsctx(proxy);
- JS_DestroyContext(jsctx);
- jsctx = NULL;
+ DBG("proxy %p ctx %p", proxy, ctx);
- jsobj = NULL;
+ if (!ctx)
+ return -EINVAL;
+
+ JS_DestroyContext(ctx->jsctx);
+ __pacrunner_proxy_set_jsctx(proxy, NULL);
+
+ return 0;
}
static int mozjs_set_proxy(struct pacrunner_proxy *proxy)
{
DBG("proxy %p", proxy);
- if (current_proxy)
- destroy_object();
-
- current_proxy = proxy;
+ if (!proxy)
+ return 0;
- if (current_proxy)
- create_object();
+ mozjs_clear_proxy(proxy);
- return 0;
+ return create_object(proxy);
}
static char * mozjs_execute(struct pacrunner_proxy *proxy, const char *url,
const char *host)
{
+ struct pacrunner_mozjs *ctx = __pacrunner_proxy_get_jsctx(proxy);
JSBool result;
jsval rval, args[2];
char *answer, *g_answer;
- DBG("proxy %p url %s host %s", proxy, url, host);
-
- if (!jsctx)
- return NULL;
+ DBG("proxy %p ctx %p url %s host %s", proxy, ctx, url, host);
- if (proxy != current_proxy && mozjs_set_proxy(proxy))
+ if (!ctx)
return NULL;
pthread_mutex_lock(&mozjs_mutex);
- JS_BeginRequest(jsctx);
+ JS_BeginRequest(ctx->jsctx);
- args[0] = STRING_TO_JSVAL(JS_NewStringCopyZ(jsctx, url));
- args[1] = STRING_TO_JSVAL(JS_NewStringCopyZ(jsctx, host));
+ args[0] = STRING_TO_JSVAL(JS_NewStringCopyZ(ctx->jsctx, url));
+ args[1] = STRING_TO_JSVAL(JS_NewStringCopyZ(ctx->jsctx, host));
- result = JS_CallFunctionName(jsctx, jsobj, "FindProxyForURL",
- 2, args, &rval);
+ result = JS_CallFunctionName(ctx->jsctx, ctx->jsobj,
+ "FindProxyForURL", 2, args, &rval);
- JS_EndRequest(jsctx);
+ JS_EndRequest(ctx->jsctx);
- JS_MaybeGC(jsctx);
+ JS_MaybeGC(ctx->jsctx);
pthread_mutex_unlock(&mozjs_mutex);
if (result) {
- answer = JS_EncodeString(jsctx, JS_ValueToString(jsctx, rval));
+ answer = JS_EncodeString(ctx->jsctx,
+ JS_ValueToString(ctx->jsctx, rval));
g_answer = g_strdup(answer);
- JS_free(jsctx, answer);
+ JS_free(ctx->jsctx, answer);
return g_answer;
}
@@ -267,6 +283,7 @@ static struct pacrunner_js_driver mozjs_driver = {
.name = "mozjs",
.priority = PACRUNNER_JS_PRIORITY_DEFAULT,
.set_proxy = mozjs_set_proxy,
+ .clear_proxy = mozjs_clear_proxy,
.execute = mozjs_execute,
};
@@ -285,8 +302,6 @@ static void mozjs_exit(void)
pacrunner_js_driver_unregister(&mozjs_driver);
- mozjs_set_proxy(NULL);
-
JS_DestroyRuntime(jsrun);
}
--
2.7.4
--
David Woodhouse Open Source Technology Centre
David.Woodhouse(a)intel.com Intel Corporation
5 years, 1 month
Search domain persistence
by Sven Schwedas
On 1.32 (possibly also older versions, haven't checked) I'm seeing an
annoying problem: Search domains persist across networks and reboots and
DHCP search domains of the currently active network are only appended.
After roaming between a few networks, this creates an absolute mess of
an /etc/resolv.conf. Is this intended behaviour? How can I disable this
if so?
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas, Systemadministrator
Mail/XMPP sven.schwedas(a)tao.at | Skype sven.schwedas
TAO Beratungs- und Management GmbH | Lendplatz 45 | A8020 Graz
https://software.tao.at | Tel +43 680 301 7167
5 years, 1 month
