[PATCH v2 09/16] l2tp: Ask username and password from agent

Patrik Flykt patrik.flykt at linux.intel.com
Thu Nov 29 03:21:55 PST 2012


	Hi,

On Tue, 2012-11-27 at 12:51 +0200, Jukka Rissanen wrote:
> ---
>  vpn/plugins/l2tp.c | 307 ++++++++++++++++++++++++++++++++++++++++++++++++++---
>  vpn/vpn-provider.h |   5 +
>  2 files changed, 300 insertions(+), 12 deletions(-)
> 
> diff --git a/vpn/plugins/l2tp.c b/vpn/plugins/l2tp.c
> index 05341d5..d143317 100644
> --- a/vpn/plugins/l2tp.c
> +++ b/vpn/plugins/l2tp.c
> @@ -44,6 +44,11 @@
>  #include <connman/task.h>
>  #include <connman/dbus.h>
>  #include <connman/inet.h>
> +#include <connman/agent.h>
> +#include <connman/setting.h>
> +#include <connman/vpn-dbus.h>
> +
> +#include "../vpn-provider.h"
>  
>  #include "vpn.h"
>  
> @@ -111,6 +116,13 @@ struct {
>  
>  static DBusConnection *connection;
>  
> +struct l2tp_private_data {
> +	struct connman_task *task;
> +	char *if_name;
> +	vpn_provider_connect_cb_t cb;
> +	void *user_data;
> +};
> +
>  static DBusMessage *l2tp_get_sec(struct connman_task *task,
>  			DBusMessage *msg, void *user_data)
>  {
> @@ -446,28 +458,225 @@ static void l2tp_died(struct connman_task *task, int exit_code, void *user_data)
>  	g_free(conf_file);
>  }
>  
> -static int l2tp_connect(struct vpn_provider *provider,
> +static connman_bool_t check_reply_has_dict(DBusMessage *reply)
> +{
> +	const char *signature = DBUS_TYPE_ARRAY_AS_STRING
> +		DBUS_DICT_ENTRY_BEGIN_CHAR_AS_STRING
> +		DBUS_TYPE_STRING_AS_STRING
> +		DBUS_TYPE_VARIANT_AS_STRING
> +		DBUS_DICT_ENTRY_END_CHAR_AS_STRING;
> +
> +	if (dbus_message_has_signature(reply, signature) == TRUE)
> +		return TRUE;
> +
> +	connman_warn("Reply %s to %s from %s has wrong signature %s",
> +			signature,
> +			dbus_message_get_interface(reply),
> +			dbus_message_get_sender(reply),
> +			dbus_message_get_signature(reply));
> +
> +	return FALSE;
> +}
> +
> +static void request_input_append_name(DBusMessageIter *iter, void *user_data)
> +{
> +	struct vpn_provider *provider = user_data;
> +	const char *str = "string";
> +
> +	connman_dbus_dict_append_basic(iter, "Type",
> +				DBUS_TYPE_STRING, &str);
> +	str = "informational";
> +	connman_dbus_dict_append_basic(iter, "Requirement",
> +				DBUS_TYPE_STRING, &str);
> +
> +	str = vpn_provider_get_name(provider);
> +	connman_dbus_dict_append_basic(iter, "Value",
> +				DBUS_TYPE_STRING, &str);
> +}
> +
> +static void request_input_append_host(DBusMessageIter *iter, void *user_data)
> +{
> +	struct vpn_provider *provider = user_data;
> +	const char *str = "string";
> +
> +	connman_dbus_dict_append_basic(iter, "Type",
> +				DBUS_TYPE_STRING, &str);
> +	str = "informational";
> +	connman_dbus_dict_append_basic(iter, "Requirement",
> +				DBUS_TYPE_STRING, &str);
> +
> +	str = vpn_provider_get_host(provider);
> +	connman_dbus_dict_append_basic(iter, "Value",
> +				DBUS_TYPE_STRING, &str);
> +}
> +
> +static void request_input_append_user_info(DBusMessageIter *iter,
> +							void *user_data)
> +{
> +	char *str = "string";
> +
> +	connman_dbus_dict_append_basic(iter, "Type",
> +				DBUS_TYPE_STRING, &str);
> +	str = "mandatory";
> +	connman_dbus_dict_append_basic(iter, "Requirement",
> +				DBUS_TYPE_STRING, &str);
> +}
> +

This function could be factored out as it exists in l2tp.c and pptp.c.

> +struct request_input_reply {
> +	struct vpn_provider *provider;
> +	vpn_provider_password_cb_t callback;
> +	void *user_data;
> +};
> +
> +static void request_input_reply(DBusMessage *reply, void *user_data)
> +{
> +	struct request_input_reply *l2tp_reply = user_data;
> +	const char *error = NULL;
> +	char *username = NULL, *password = NULL;
> +	char *key;
> +	DBusMessageIter iter, dict;
> +
> +	DBG("provider %p", l2tp_reply->provider);
> +
> +	if (dbus_message_get_type(reply) == DBUS_MESSAGE_TYPE_ERROR) {
> +		error = dbus_message_get_error_name(reply);
> +		goto done;
> +	}
> +
> +	if (check_reply_has_dict(reply) == FALSE)
> +		goto done;
> +
> +	dbus_message_iter_init(reply, &iter);
> +	dbus_message_iter_recurse(&iter, &dict);
> +	while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
> +		DBusMessageIter entry, value;
> +
> +		dbus_message_iter_recurse(&dict, &entry);
> +		if (dbus_message_iter_get_arg_type(&entry) != DBUS_TYPE_STRING)
> +			break;
> +
> +		dbus_message_iter_get_basic(&entry, &key);
> +
> +		if (g_str_equal(key, "Username")) {
> +			dbus_message_iter_next(&entry);
> +			if (dbus_message_iter_get_arg_type(&entry)
> +							!= DBUS_TYPE_VARIANT)
> +				break;
> +			dbus_message_iter_recurse(&entry, &value);
> +			dbus_message_iter_get_basic(&value, &username);
> +		}
> +
> +		if (g_str_equal(key, "Password")) {
> +			dbus_message_iter_next(&entry);
> +			if (dbus_message_iter_get_arg_type(&entry)
> +							!= DBUS_TYPE_VARIANT)
> +				break;
> +			dbus_message_iter_recurse(&entry, &value);
> +			dbus_message_iter_get_basic(&value, &password);

Basic type of the variants should be checked here and in 10/16.

> +		}
> +
> +		dbus_message_iter_next(&dict);
> +	}
> +
> +done:
> +	l2tp_reply->callback(l2tp_reply->provider, username, password, error,
> +				l2tp_reply->user_data);
> +	g_free(l2tp_reply);
> +}
> +
> +typedef void (* request_cb_t)(struct vpn_provider *provider,
> +				const char *username, const char *password,
> +				const char *error, void *user_data);
> +
> +static int request_input(struct vpn_provider *provider,
> +				request_cb_t callback, void *user_data)
> +{
> +	DBusMessage *message;
> +	const char *path, *agent_sender, *agent_path;
> +	DBusMessageIter iter;
> +	DBusMessageIter dict;
> +	struct request_input_reply *l2tp_reply;
> +	int err;
> +
> +	connman_agent_get_info(&agent_sender, &agent_path);
> +
> +	if (provider == NULL || agent_path == NULL || callback == NULL)
> +		return -ESRCH;
> +
> +	message = dbus_message_new_method_call(agent_sender, agent_path,
> +					VPN_AGENT_INTERFACE,
> +					"RequestInput");
> +	if (message == NULL)
> +		return -ENOMEM;
> +
> +	dbus_message_iter_init_append(message, &iter);
> +
> +	path = vpn_provider_get_path(provider);
> +	dbus_message_iter_append_basic(&iter,
> +				DBUS_TYPE_OBJECT_PATH, &path);
> +
> +	connman_dbus_dict_open(&iter, &dict);
> +
> +	connman_dbus_dict_append_dict(&dict, "Username",
> +			request_input_append_user_info, provider);
> +
> +	connman_dbus_dict_append_dict(&dict, "Password",
> +			request_input_append_user_info, provider);
> +
> +	connman_dbus_dict_append_dict(&dict, "Host",
> +			request_input_append_host, provider);
> +
> +	connman_dbus_dict_append_dict(&dict, "Name",
> +			request_input_append_name, provider);
> +
> +	connman_dbus_dict_close(&iter, &dict);
> +
> +	l2tp_reply = g_try_new0(struct request_input_reply, 1);
> +	if (l2tp_reply == NULL) {
> +		dbus_message_unref(message);
> +		return -ENOMEM;
> +	}
> +
> +	l2tp_reply->provider = provider;
> +	l2tp_reply->callback = callback;
> +	l2tp_reply->user_data = user_data;
> +
> +	err = connman_agent_queue_message(provider, message,
> +			connman_timeout_input_request(),
> +			request_input_reply, l2tp_reply);
> +	if (err < 0 && err != -EBUSY) {
> +		DBG("error %d sending agent request", err);
> +		dbus_message_unref(message);
> +		g_free(l2tp_reply);
> +		return err;
> +	}
> +
> +	dbus_message_unref(message);
> +
> +	return -EINPROGRESS;
> +}
> +
> +static int run_connect(struct vpn_provider *provider,
>  			struct connman_task *task, const char *if_name,
> -			vpn_provider_connect_cb_t cb, void *user_data)
> +			vpn_provider_connect_cb_t cb, void *user_data,
> +			const char *username, const char *password)
>  {
> -	const char *host;
>  	char *l2tp_name, *pppd_name;
>  	int l2tp_fd, pppd_fd;
>  	int err;
>  
> -	if (connman_task_set_notify(task, "getsec",
> -					l2tp_get_sec, provider) != 0) {
> -		err = -ENOMEM;
> -		goto done;
> -	}
> -
> -	host = vpn_provider_get_string(provider, "Host");
> -	if (host == NULL) {
> -		connman_error("Host not set; cannot enable VPN");
> +	if (username == NULL || password == NULL) {
> +		DBG("Cannot connect username %s password %p",
> +						username, password);
>  		err = -EINVAL;
>  		goto done;
>  	}
>  
> +	vpn_provider_set_string(provider, "L2TP.User", username);
> +	vpn_provider_set_string(provider, "L2TP.Password", password);
> +
> +	DBG("username %s password %p", username, password);
> +
>  	l2tp_name = g_strdup_printf("/var/run/connman/connman-xl2tpd.conf");
>  
>  	l2tp_fd = open(l2tp_name, O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
> @@ -515,6 +724,80 @@ done:
>  	return err;
>  }
>  
> +static void free_private_data(struct l2tp_private_data *data)
> +{
> +	g_free(data->if_name);
> +	g_free(data);
> +}
> +
> +static void request_input_cb(struct vpn_provider *provider,
> +			const char *username,
> +			const char *password,
> +			const char *error, void *user_data)
> +{
> +	struct l2tp_private_data *data = user_data;
> +
> +	if (username == NULL || password == NULL)
> +		DBG("Requesting username %s or password failed, error %s",
> +			username, error);
> +	else if (error != NULL)
> +		DBG("error %s", error);
> +
> +	run_connect(provider, data->task, data->if_name, data->cb,
> +		data->user_data, username, password);
> +
> +	free_private_data(data);
> +}
> +
> +static int l2tp_connect(struct vpn_provider *provider,
> +			struct connman_task *task, const char *if_name,
> +			vpn_provider_connect_cb_t cb, void *user_data)
> +{
> +	const char *username, *password;
> +	int err;
> +
> +	if (connman_task_set_notify(task, "getsec",
> +					l2tp_get_sec, provider) != 0) {
> +		err = -ENOMEM;
> +		goto error;
> +	}
> +
> +	username = vpn_provider_get_string(provider, "L2TP.User");
> +	password = vpn_provider_get_string(provider, "L2TP.Password");
> +
> +	DBG("user %s password %p", username, password);
> +
> +	if (username == NULL || password == NULL) {
> +		struct l2tp_private_data *data;
> +
> +		data = g_try_new0(struct l2tp_private_data, 1);
> +		if (data == NULL)
> +			return -ENOMEM;
> +
> +		data->task = task;
> +		data->if_name = g_strdup(if_name);
> +		data->cb = cb;
> +		data->user_data = user_data;
> +
> +		err = request_input(provider, request_input_cb, data);
> +		if (err != -EINPROGRESS) {
> +			free_private_data(data);
> +			goto done;
> +		}
> +		return err;
> +	}
> +
> +done:
> +	return run_connect(provider, task, if_name, cb, user_data,
> +							username, password);
> +
> +error:
> +	if (cb != NULL)
> +		cb(provider, user_data, err);
> +
> +	return err;
> +}
> +
>  static int l2tp_error_code(int exit_code)
>  {
>  	switch (exit_code) {
> diff --git a/vpn/vpn-provider.h b/vpn/vpn-provider.h
> index b290bd1..2889428 100644
> --- a/vpn/vpn-provider.h
> +++ b/vpn/vpn-provider.h
> @@ -112,6 +112,11 @@ typedef void (* vpn_provider_auth_cb_t) (struct vpn_provider *provider,
>  					const char *authenticator,
>  					const char *error, void *user_data);
>  
> +typedef void (* vpn_provider_password_cb_t) (struct vpn_provider *provider,
> +					const char *username,
> +					const char *password,
> +					const char *error, void *user_data);
> +
>  struct vpn_provider_driver {
>  	const char *name;
>  	enum vpn_provider_type type;


Cheers,

	Patrik





More information about the connman mailing list