Bluetooth services does not appear
by Ferry Toth
I'm trying to make my Edison board connect to my cell phone. The cell
phone is set to do tethering over bluetooth.
I can connect my PC (which uses network-manager) to the phone . So the
phone side configuration seems to be working fine.
Also, on the Edison side I can pair/trust/connect bluetooth to the phone
fine, or I can connect to the Edison from the phone side. In neither
case does a bluetooth service appear in connmanctl. In connmanctl I ahve
a bluetooth technology and can power it on/off fine.
Does anybody know what I am doing wrong here? Any suggestions are welcomed.
Note the Edison is not running it's factory firmware, but a rather
recent Yocto Sumo.
root@edison:~# uname -a
Linux edison 4.20.0-rc5-edison-acpi-standard #1 SMP Wed Dec 5 21:29:04
UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
root@edison:~# bluetoothctl -v
bluetoothctl: 5.48
root@edison:~# /usr/sbin/connmand -v
1.35
1 year, 5 months
[PATCHv2] iptables: Set protocol family in xtables setup.
by Jussi Laakkonen
When xtables loads a library for a match (-m) the protocol family is
used to get a correct version loaded. If a change has been made using a
match modifier in iptables rule with, e.g., IPv4 protocol family the
global xtables_matches array holding xtables_match structures is not
reset or changed (at least in iptables 1.6.1) to IPv6 when
xtables_init_all() (or any of the initialization functions) is called.
This commit fixes the issue of not being able to set some IPv6 rules
after IPv4 rules with matches have been set (or the other way around).
The family for the global variable xtables_matches has to be explicitely
updated when changing between IP protocol families.
Otherwise adding the following rules would result a failure, where
iptables calls exit() on ConnMan on the IPv6 rule:
__connman_firewall_add_rule(ctx, "filter", "INPUT", "-m conntrack
--ctstate ESTABLISHED,RELATED -j ACCEPT");
__connman_firewall_add_ipv6_rule(ctx, "filter", "INPUT", "-m conntrack
--ctstate ESTABLISHED,RELATED -j ACCEPT");
Depending on the match type, iptables may result in an error. The exit()
is called if the required library for the match cannot be loaded. This
change allows to avoid such situations.
---
src/iptables.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/iptables.c b/src/iptables.c
index 305a553f..a188f99a 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -3330,6 +3330,7 @@ static int current_type = -1;
static int setup_xtables(int type)
{
int err;
+ struct xtables_match *xt_m;
DBG("%d", type);
@@ -3351,6 +3352,13 @@ static int setup_xtables(int type)
}
if (!err) {
+ /*
+ * Set the match type, otherwise loading of matches in xtables
+ * will fail when IP protocol family has changed.
+ */
+ for (xt_m = xtables_matches; xt_m; xt_m = xt_m->next)
+ xt_m->family = type;
+
current_type = type;
} else {
connman_error("error initializing xtables");
--
2.19.1
1 year, 5 months
Automatic configuration of any ethernet connection
by Doron Behar
Hello dear developers, I have a quick question:
Is it possible to install connman on a machine, enable the systemd
service of it and making sure that on the next boot connman will attempt
to connect to any Ethernet service it finds? From what I know of my own
usage of connman, even to an Ethernet service, you need to get into a
tty console and use connmanctl.
This functionality can be pretty useful for embedded devices like a
Raspberry Pi. Because often you may want to connect it to a network and
be sure you can ssh to it if you know it's address.
Thanks.
1 year, 7 months
[PATCH] iptables: Recover from commit errors.
by Jussi Laakkonen
This commit changes the error handling in __connman_iptables_commit() if
iptables_replace() fails. In order to be able to use iptables after
committing invalid content it is safest to drop the table content and
make iptable.c re-initialize when new changes are made.
On some systems it may result in a situation where a single failure,
e.g., ELOOP when removing a managed rule that still has rule references,
prevents further changes to iptables. By resetting to previous state in
case of error this can be avoided.
---
src/iptables.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/iptables.c b/src/iptables.c
index 305a553f..4876d946 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -3745,8 +3745,15 @@ int __connman_iptables_commit(int type, const char *table_name)
err = iptables_replace(table, &repl);
+ /*
+ * Commit errors are not recoverable, remove table so with next change
+ * the contents for the table is re-initialized. This will make it
+ * possible to ignore the last changes that were invalid and cannot be
+ * committed. Then more commits can be made as the table content is
+ * updated from iptables when next change is done.
+ */
if (err < 0)
- goto out_free;
+ goto out_hash_remove;
counters = g_try_malloc0(sizeof(*counters) +
sizeof(struct xt_counters) * table->num_entries);
@@ -3782,7 +3789,7 @@ int __connman_iptables_commit(int type, const char *table_name)
out_hash_remove:
hash_table_remove(type, table_name);
-out_free:
+
if (type == AF_INET && repl.r)
g_free(repl.r->counters);
--
2.19.2
1 year, 7 months
[PATCH] Fix gsupplicant not to fail an active scan on wpa_supplicant side
by Володимир Остап
he issue has been discovered during work on other issue
https://lists.01.org/pipermail/connman/2018-November/023085.html
If connman does ACTIVE scan without adding a list of SSIDs
interface_scan_params() in gsupplicant/supplicant.c calls
supplicant_dbus_dict_append_array(&dict, "SSIDs",
DBUS_TYPE_STRING,
append_ssids,
data->scan_params);
which creates an empty entry for "SSIDs" without anything inside.
This dbus msg goes to wpa supplicant to dbus/dbus_new_handles.c to
wpas_dbus_handler_scan() which calls wpas_dbus_get_scan_ssids() because
there is an entry "SSIDs".
Unfortunately wpas_dbus_get_scan_ssids() fails with an error.
Here are my logs:
Nov 17 03:09:10 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
Nov 17 03:09:10 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
Nov 17 03:09:10 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
Nov 17 03:17:06 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
Nov 17 03:17:06 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
Nov 17 03:17:06 LogiCircle daemon.debug wpa_supplicant[344]:
wpas_dbus_get_scan_ssids[dbus]: ssids must be an array of arrays of bytes
The patch below is very simple. If there is no SSID in scan_parameters do
not create "SSIDs". The adjacent function supplicant_add_scan_frequency()
does such verification and does not create any empty "Channels".
==============================
diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c
index 0cb621b9..92941c63 100644
--- a/gsupplicant/supplicant.c
+++ b/gsupplicant/supplicant.c
@@ -4241,11 +4241,13 @@ static void interface_scan_params(DBusMessageIter
*iter, void *user_data)
supplicant_dbus_dict_append_basic(&dict, "Type",
DBUS_TYPE_STRING, &type);
- supplicant_dbus_dict_append_array(&dict, "SSIDs",
- DBUS_TYPE_STRING,
- append_ssids,
- data->scan_params);
+ if (data->scan_params->ssids) {
+ supplicant_dbus_dict_append_array(&dict, "SSIDs",
+ DBUS_TYPE_STRING,
+ append_ssids,
+ data->scan_params);
+ }
supplicant_add_scan_frequency(&dict, add_scan_frequencies,
data->scan_params);
} else
PS. I sent this patch from other unregistered email. I hope there is not
going to be any duplicate.
1 year, 8 months
[PATCH] Force simple wifi scan over dbus Scan
by Володимир Остап
Hi,
I am using connman for wifi connection and it is controlled over dbus. The
system supports many wifi connections. The user can remove and add a
connection.
If there are saved connections and wifi is currently disconnected and
connman is asked over dbus to do a scan it falls into the scan on channels
retrieved from the saved services.
So user sees only APs on these channels.
There is a commit which addressed a similar issue but when there is an
active connection
7f87a34f85f73585f3a5bc0e857144810b928513
There is a ticket https://01.org/jira/browse/CM-602 which describes similar
symptoms but a different root cause.
The patch forces wifi device do a simple scan if the scan is originated
over dbus. In this case wpa_supplicant will do a scan on all channels.
Best wishes, Volodymyr Ostap
1 year, 8 months
[PATCH 0/5] Add iptables IPv6 support
by Jussi Laakkonen
This patch set adds support for IPv6 iptables management into iptables.c.
Managing IPv6 iptables content differs only from the structure definition
parts so most of the IPv6 support is included into existing code.
For each iptables.c exposed function a type variable has been added, which
indicates the IP protocol type. Common AF_* definitions are used (AF_INET &
AF_INET6) as types.
Necessary changes for firewall-iptables.c and iptables-unit.c are applied.
Also a tool for testing ip6tables functionality is implemented as a copy of
the existing iptables-test.
NAT tests for IPv6 are not included into unit tests as IPv6 NAT functionality
is not implemented within this work.
Jussi Laakkonen (5):
iptables: Use xt_error_target when adding new rules and chains.
iptables: Replace ALIGN macro with XT_ALIGN macro.
iptables: Introduce IPv6 iptables management.
firewall: Adapt to iptables.c changes.
test: Add tests and test tool for IPv6 parts of iptables.c.
Makefile.am | 9 +-
configure.ac | 5 +
src/connman.h | 54 +-
src/firewall-iptables.c | 42 +-
src/iptables.c | 2223 ++++++++++++++++++++++++++++++++-------
tools/ip6tables-test.c | 163 +++
tools/iptables-test.c | 19 +-
tools/iptables-unit.c | 486 +++++++--
8 files changed, 2457 insertions(+), 544 deletions(-)
create mode 100644 tools/ip6tables-test.c
--
2.19.1
1 year, 8 months
[PATCH] inet: Fix return value in error path
by Rikard Falkeborn
Returning -1 in a function with bool as return value is the same as
returning true. Change to false to indicate error if inet_aton() fails.
---
I tried sending this a few weeks ago but it didn't seem to reach the
mailing list, perhaps because I wasn't subscribed?
src/inet.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/inet.c b/src/inet.c
index 0d3f0d21..28cdb961 100644
--- a/src/inet.c
+++ b/src/inet.c
@@ -1080,7 +1080,7 @@ bool connman_inet_compare_subnet(int index, const char *host)
return false;
if (inet_aton(host, &_host_addr) == 0)
- return -1;
+ return false;
host_addr = _host_addr.s_addr;
sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
--
2.19.1
1 year, 8 months
