chromiumos/platform/flimflam.git
2 years agoflimflam: Set "hidden_ssid" wifi property on hidden services release-R17-1412.B
Paul Stewart [Wed, 29 Feb 2012 00:51:54 +0000 (16:51 -0800)]
flimflam: Set "hidden_ssid" wifi property on hidden services

Correct the default setting of the WiFi.HiddenSSID property on
services created via the DBus without an explicit setting for
the property.  This was being defaulted to FALSE causing hidden
WiFi networks to be incorrectly handled.  This was a regression
introduced when the ConfigureService api changes were done.

BUG=chromium-os:26977
TEST=Manual: Associate to hidden SSID, observe contents of
profile have WiFi.HiddenSSID=true.  Also tested with new
WiFiManager autotest: https://gerrit.chromium.org/gerrit/17036.

(cherry picked from commit 803e8d76f2b052dac264e55b3bb08b45f6dce786)

Change-Id: I4fe3debbbbb16b13eaa2aebb07fbe6dae91691da
Reviewed-on: https://gerrit.chromium.org/gerrit/17564
Reviewed-by: Stanley Wong <stanleyw@chromium.org>
Tested-by: Stanley Wong <stanleyw@chromium.org>
2 years agoflimflam: openvpn: enable openvpn logging when vpn debugging is enabled
Sam Leffler [Wed, 11 Jan 2012 23:51:05 +0000 (15:51 -0800)]
flimflam: openvpn: enable openvpn logging when vpn debugging is enabled

When there is no explicit openvpn verbose setting and vpn debug
is enabled in flimflam add a default verbose setting.  This enables
debugging openvpn run-time issues when the associated service lacks
an OpenVPN.Verb property (e.g. when the config comes from ONC).

BUG=chromium-os:25200
TEST=create openvpn service w/o verbosity and use ff_debug vpn to enable openvpn debug msgs

(cherry picked from commit a4c8ea1178fe7498de19a2013469c3c4bc7c4b95)

Change-Id: I35f0681d4a5d7d47c8c85d7e9441a0cda8ae1268
Reviewed-on: https://gerrit.chromium.org/gerrit/14413
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
2 years agoflimflam: promote connman_debug_enabled to public status
Sam Leffler [Wed, 11 Jan 2012 23:47:56 +0000 (15:47 -0800)]
flimflam: promote connman_debug_enabled to public status

Promote the routine connman_debug_enabled to be public so modules can use
it.  l2tpipsec already used this routine (violating the implicit module
construction rules); adjust it to match.

BUG=chromium-os:25200
TEST=build and run

(cherry picked from commit 7dc912dabf7b68396a04fa3c9e624e64f9c976fa)

Change-Id: If3b46db76d32806cc5557afa11c410692deb80da
Reviewed-on: https://gerrit.chromium.org/gerrit/14412
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
2 years agoflimflam: crosmetrics: fix 5GHz frequency mapping
Sam Leffler [Fri, 16 Dec 2011 21:04:36 +0000 (13:04 -0800)]
flimflam: crosmetrics: fix 5GHz frequency mapping

Correct the mapping of 5GHz frequencies to the enum value sent for
Network.Wifi.Channel.  Also add mappings for 5170, 5190, 5210, and 5230.

BUG=chromium-os:24342
TEST=new unit test

Reviewed-on: https://gerrit.chromium.org/gerrit/13103
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit e698cb8e20b5946a6ad23d96fdc37df2013124d6)

Change-Id: I224d4963a5bc275d6ea0f2deef4722237a74ecf3
Reviewed-on: https://gerrit.chromium.org/gerrit/13812
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
2 years agoflimflam: crosmetrics: fix 5GHz frequency mapping
Sam Leffler [Fri, 16 Dec 2011 21:04:36 +0000 (13:04 -0800)]
flimflam: crosmetrics: fix 5GHz frequency mapping

Correct the mapping of 5GHz frequencies to the enum value sent for
Network.Wifi.Channel.  Also add mappings for 5170, 5190, 5210, and 5230.

BUG=chromium-os:24342
TEST=new unit test

Change-Id: I33a62ee73cb33123083d394988c4ae6ae567192e
Reviewed-on: https://gerrit.chromium.org/gerrit/13103
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit e698cb8e20b5946a6ad23d96fdc37df2013124d6)
Reviewed-on: https://gerrit.chromium.org/gerrit/13647

2 years agoflimflam: service: mark service ONLINE if a proxy is configured
Jason Glasgow [Fri, 16 Dec 2011 16:31:52 +0000 (11:31 -0500)]
flimflam: service: mark service ONLINE if a proxy is configured

BUG=chromium-os:24348
TEST=configure network via squid, install new image, login as guest config proxy, check service state

Reviewed-on: https://gerrit.chromium.org/gerrit/13101
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
(cherry picked from commit a0b80dc1a4c724b29c0da367826b1b2ee87bd7d1)

Change-Id: Iabf63f236a835fe23ee38918438554204919c034
Reviewed-on: https://gerrit.chromium.org/gerrit/13241
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Ryan Cairns <rtc@chromium.org>
3 years agoflimflam: openvpn: handle tunnel restarts factory-1412.B
Sam Leffler [Mon, 12 Dec 2011 01:55:23 +0000 (17:55 -0800)]
flimflam: openvpn: handle tunnel restarts

When entering RECONNECT state notify the vpn support code to drop the
default route so openvpn can re-resolve the remote address/hostname.
After re-connecting we are notified as usual through the d-bus callback
but the parameters passed back lack the ifconfig state so preserve our
local state so we can re-plumb the complete ipaddress.

BUG=chromium-os:24116
TEST=setup a tunnel, suspend long enough for the tunnel timeout to occur; then verify the subsequent restart results in a working tunnel

Change-Id: Ib664be2f2508cbadf42c33cbfdcdb6488968f986
Reviewed-on: https://gerrit.chromium.org/gerrit/12784
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 7cbb9e6ab44b4bf6b549d8c99b786bbf5be023af)
Reviewed-on: https://gerrit.chromium.org/gerrit/13052

3 years agoflimflam: vpn: add reconnect state
Sam Leffler [Mon, 12 Dec 2011 22:22:37 +0000 (14:22 -0800)]
flimflam: vpn: add reconnect state

Add VPN_STATE_RECONNECT to the common vpn code to handle reconnect
work.  The plugin should call vpn_reconnect to enter this state;
the associated ipconfig state is dropped (so dns can be resolved, etc)
and the associated provider is clocked to CONNMAN_PROVIDER_STATE_CONNECT.
Return to VPN_STATE_READY happens with a notify callback or a link up
event on the device (through the registered RTNL event).

BUG=chromium-os:24116
TEST=(openvpn reconnect testing)

Change-Id: I937713f5f8d4afe9e5534ba7b015c2594fff3a85
Reviewed-on: https://gerrit.chromium.org/gerrit/12783
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 805129ae2ddad497678078fb6594291931badf15)
Reviewed-on: https://gerrit.chromium.org/gerrit/13051
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: minor vpn code cleanup
Sam Leffler [Mon, 12 Dec 2011 22:17:28 +0000 (14:17 -0800)]
flimflam: minor vpn code cleanup

Miscellaneous code cleanups:
o use enum instead of int for state
o clarify state handling in vpn_died
o add debug msg in vpn_newlink
o clarify notify callback return handling: VPN_STATE_CONNECT means success,
  everything else means failure (fix ov_notify return to match)
o guard against notify callback success work being done multiple times
  (connman_rtnl_register blindly adds a new entry for each call)

BUG=chromium-os:24116
TEST=setup+teardown vpn tunnel, run VPN regression suite

Change-Id: Iea3d8b5780b608d4455b58531c182b971a2ea53b
Reviewed-on: https://gerrit.chromium.org/gerrit/12782
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit a8793bcfd81ce2f094f9d1bed89428820c03aeb1)
Reviewed-on: https://gerrit.chromium.org/gerrit/13050
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: make connman_provider_ipconfig_bind public
Sam Leffler [Mon, 12 Dec 2011 21:12:24 +0000 (13:12 -0800)]
flimflam: make connman_provider_ipconfig_bind public

Promote __connman_provider_ipconfig_bind to a public api for plugin use.

BUG=chromium-os:24116
TEST=(part of openvpn restart work)

Change-Id: I5192ccc995c46ef4a49c18b4c8098a6bb6dcec12
Reviewed-on: https://gerrit.chromium.org/gerrit/12781
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit ecb86afe4915be60e4eb778a026c93a72ef5cc32)
Reviewed-on: https://gerrit.chromium.org/gerrit/13049

3 years agoflimflam: promote connman_provider_ipconfig_clear to be public
Sam Leffler [Mon, 12 Dec 2011 01:54:05 +0000 (17:54 -0800)]
flimflam: promote connman_provider_ipconfig_clear to be public

Promote connman_provider_ipeconfig_clear to a public method so it can
be used in plugins.

BUG=chromium-os:24116
TEST=setup+teardown a vpn tunnel for regression

Change-Id: Ic59a658924adc43ba5856b20527a07e23206565f
Reviewed-on: https://gerrit.chromium.org/gerrit/12780
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 632964b5799c5ccf2fcd3331283673cc7d609eb9)
Reviewed-on: https://gerrit.chromium.org/gerrit/13048

3 years agoflimflam: task: add debug messages
Sam Leffler [Mon, 12 Dec 2011 01:27:27 +0000 (17:27 -0800)]
flimflam: task: add debug messages

Add debug messages to the dbus filter path; otherwise there is no way
to diagnose Task.notify callback problems.

BUG=none
TEST=setup an openvpn tunnel for regression

Change-Id: I5c4b2c7490c2ded27bcd71b73ed1e4fa3d09a57e
Reviewed-on: https://gerrit.chromium.org/gerrit/12779
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 673cac43780c0ed6df63177018d1b9e58e2dac4a)
Reviewed-on: https://gerrit.chromium.org/gerrit/13047

3 years agoflimflam: openvpn: run as user openvpn
Sam Leffler [Mon, 12 Dec 2011 01:23:27 +0000 (17:23 -0800)]
flimflam: openvpn: run as user openvpn

Force openvpn to drop privileges from root to user / group "openvpn"
instead of "nobody".  This allows us to control d-bus callbacks from
the script to just the Task interface.  This wasn't noticed before
because only one Task.notify callback was done prior to dropping
root privs; but once restart logic is in-place subsequent callbacks
are rejected by dbusd.

BUG=chromium-os:24116
TEST=implement restart log and monitor syslog messages for rejected dbus calls

Change-Id: I1a3d18463b01c2291d893ef0b74094f297996d72
Reviewed-on: https://gerrit.chromium.org/gerrit/12778
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit e58c701419c4e02b18cec48f147df865cca8e83d)
Reviewed-on: https://gerrit.chromium.org/gerrit/13046

3 years agoflimflam: openvpn: fix whitespace
Sam Leffler [Mon, 12 Dec 2011 01:20:28 +0000 (17:20 -0800)]
flimflam: openvpn: fix whitespace

Style is tabs, not spaces.

BUG=none
TEST=git diff -b & build code

Change-Id: Ifa891500ef88add264633550d929ed954879e3fd
Reviewed-on: https://gerrit.chromium.org/gerrit/12777
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 53bf259eef620e6a7a09d3ca66915cd7a9749000)
Reviewed-on: https://gerrit.chromium.org/gerrit/13045

3 years agoflimflam: openvpn: enable management channel state change msgs
Sam Leffler [Mon, 14 Nov 2011 21:38:02 +0000 (13:38 -0800)]
flimflam: openvpn: enable management channel state change msgs

Enable state change updates through the mangagement channel to allow
flimflam to more closely monitor the state of the client.

BUG=chromium-os:24116
TEST=enable each control and verify msgs come over the mgmt channel

Change-Id: If319013a18cb1783c0db3554df1ff660d8b331e1
Reviewed-on: https://gerrit.chromium.org/gerrit/12776
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 2b5e5bcc1af2693f058dc94e50db6ae2b23b3181)
Reviewed-on: https://gerrit.chromium.org/gerrit/13044

3 years agoflimflam: fix debug msg
Sam Leffler [Wed, 26 Oct 2011 21:49:00 +0000 (14:49 -0700)]
flimflam: fix debug msg

Remove the function name from a debug msg; it's already included.

BUG=none
TEST=monitor vpn debug msgs

Change-Id: I5e52be89cb6b1dcbada219dc203190fdfa607fe5
Reviewed-on: https://gerrit.chromium.org/gerrit/12775
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 3ac76137ab0dc3719a57009a8d5bc7a64654b3f3)
Reviewed-on: https://gerrit.chromium.org/gerrit/13043

3 years agoflimflam: openvpn: add parameters for client-side keep-alive pings
Sam Leffler [Wed, 19 Oct 2011 21:13:07 +0000 (14:13 -0700)]
flimflam: openvpn: add parameters for client-side keep-alive pings

Add OpenVPN.Ping, OpenVPN.PingRestart, and OpenVPN.PingExit to configure
client-side keep-alive ping support.  Remove locked-down disable of
ping-restart (since it can now be configured as needed).

BUG=chromium-os:24116
TEST=configure openvpn with ping properties and disconnect the server to force ping timeouts

Change-Id: Ic837a07191167afa4cbde5f561a2f7b0104e8044
Reviewed-on: https://gerrit.chromium.org/gerrit/12774
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 617b5e1ec7d982ccacee78dc93e93fe889d51abc)
Reviewed-on: https://gerrit.chromium.org/gerrit/13042

3 years agoflimflam: reorder failure state change on connect timeout
Sam Leffler [Wed, 7 Dec 2011 20:18:48 +0000 (12:18 -0800)]
flimflam: reorder failure state change on connect timeout

Clock the service state machine to the FAILURE state before doing a
disconnect on a connection timeout.  Otherwise we do an IDLE -> FAILURE
state change which is invalid (and dropped by the state machine).

BUG=chromium-os:23518
TEST=manual:force a connection request to timeout and monitor ff_debug service

Change-Id: Ia80ba5f5878b2665309084cc0c1cc4d021ca9a42
Reviewed-on: https://gerrit.chromium.org/gerrit/12572
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
(cherry picked from commit 14ffeed914d75b2bdfe2e73d72907513cd54912a)
Reviewed-on: https://gerrit.chromium.org/gerrit/13041

3 years agoflimflam: configure resolv.conf to always serialize dual
mukesh agrawal [Tue, 13 Dec 2011 01:38:56 +0000 (17:38 -0800)]
flimflam: configure resolv.conf to always serialize dual
IPv4/IPv6 DNS lookups

This works around a DNS performance issue caused by firewalls that mishandle
multiple simultaneous queries from the same source(ip, port). Such firewalls
drop either the second query, or one of the replies. (I haven't determined
which, but it doesn't matter for this discussion.)

In the case where we're connected to both IPv4 and IPv6 networks, this
causes DNS queries to suffer a 5 second penalty, because the resolver
receives either the IPv4 or IPv6 answer, but not both.

After the 5 seconds elapse, glibc's resolver will time out the lookup, and
retry. Noting the failure, glibc will issue this second query (and any
subsequent queries from the same thread) serially, rather than concurrently.
Hence, subsequent DNS lookups from that thread should not suffer timeouts.

Unfortunately, because Chrome's browser process is multi-threaded, web
browsing will suffer multiple 5 second timeouts. To avoid this problem,
we instruct glibc's resolver to always serialize dual IPv4/IPv6 queries.
This comes at the cost, however, of an extra RTT to the DNS server for
every DNS query.

Summary:
- affected users: anyone simultaneously connected to IPv4 and IPv6 (whether
  on a single network interface, or across multiple interfaces)
- benefit: avoids 5 second DNS lookup timeouts (on firewall misbehavior)
- cost: extra RTT to DNS (regardless of firewall behavior)

BUG=chromium-os:24001, chromium-os:23877
TEST=manual

Manual test: Connected to GoogleGuest, ran queries for www.google.com using
same getaddrinfo options as Chrome (ai_family = AF_UNSPEC, ai_flags =
AI_ADDRCONFIG, ai_socktype = SOCK_STREAM). Observed 18/20 lookups taking
5 seconds or more with ToT, and 0/100 lookups taking >65ms with patch.

Change-Id: I005e291b9c3e5f0a3c5148cf8d6cc6a20925e2d8
Reviewed-on: https://gerrit.chromium.org/gerrit/12799
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: mukesh agrawal <quiche@chromium.org>
Commit-Ready: mukesh agrawal <quiche@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/12916
Reviewed-by: mukesh agrawal <quiche@chromium.org>
3 years agoflimflam: portal: disable portal checks on services with a proxy config
Jason Glasgow [Wed, 14 Dec 2011 13:09:58 +0000 (08:09 -0500)]
flimflam: portal: disable portal checks on services with a proxy config

Disable portal checks on services with a proxy config because the
portal code does not know how to handle proxies.  The portal code
cannot interpret the JS code that might be associated with a PAC file.

BUG=chromium-os:23810
TEST=setup squid to act as a proxy, block http traffic

Change-Id: I3363491d2b5b17221ccf78e096f84546521995f6
Reviewed-on: https://gerrit.chromium.org/gerrit/12902
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
(cherry picked from commit a0bda58614e4ce05928d47d2fc3959b12f465c98)
Reviewed-on: https://gerrit.chromium.org/gerrit/12895
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: Default to chaps if provider not provided
Ken Mixter [Wed, 7 Dec 2011 23:15:42 +0000 (23:15 +0000)]
flimflam: Default to chaps if provider not provided

If OpenVPN.PKCS11.Provider is not specified but the client clearly
wants to use PKCS11 by specifying PKCS11.Id, help it out by
defaulting to the system default PKCS11 (passed through configure).
Long term we should have the client always provide this, but it
also currently doesn't for IPsec and EAP connections with client certs.

BUG=chromium-os:23476
TEST=OpenVPN autotest passes, manual testing from cmdline that chaps is
used without specifying it over dbus.

Change-Id: Ia270c40f34ea8b499183c9bb46fdd9336cf0e95e
Reviewed-on: https://gerrit.chromium.org/gerrit/12772
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: Allow OpenVPN certs to come from NSS
Ken Mixter [Wed, 7 Dec 2011 01:34:36 +0000 (01:34 +0000)]
flimflam: Allow OpenVPN certs to come from NSS

Adds OpenVPN.CACertNSS which specifies the NSS Nickname of the
certificate.  Since certificates can have a nickname that looks
like a path, we use a separate property from OpenVPN.CACert.
This also follows the pattern of:
1) WiFi.EAP.CACert / WiFi.EAP.CACertNSS
2) L2TPIPsec.CACert / L2TPIPsec.CACertNSS

BUG=chromium-os:23476
TEST=below
a) ran wifi tests
b) ran L2TP/IPsec certificate autotest
c) ran OpenVPN autotest
d) manual testing

Change-Id: I82b5849f2bcfc0c9420926d9b98bde27ec9017d9
Reviewed-on: https://gerrit.chromium.org/gerrit/12771
Commit-Ready: Ken Mixter <kmixter@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: Support extracting PEM format from NSS
Ken Mixter [Wed, 7 Dec 2011 01:03:21 +0000 (17:03 -0800)]
flimflam: Support extracting PEM format from NSS

Currently the NSS plugin only extracts certs in DER format, but some
plugins need PEM (aka OpenVPN).  Adds a parameter to nss_get_certfile
to indicate certificate output format.

BUG=chromium-os:23476
TEST=below
a) ran wifi tests
b) ran L2TP/IPsec certificate test

Change-Id: I3bf6e587014c2c978ea5e9cbd9c8ebe8ddeeb93c
Reviewed-on: https://gerrit.chromium.org/gerrit/12754
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: portal: Use new CURLOPT_DNS_SERVERS option
Jason Glasgow [Thu, 1 Dec 2011 13:26:09 +0000 (08:26 -0500)]
flimflam: portal: Use new CURLOPT_DNS_SERVERS option

Use the new CURLOPT_DNS_SERVERS option which is available in the post
curl-7.23.1 sources and as part of curl-7.23.1-r1 in chromium-os.

BUG=chromium-os:24470
TEST=network_Portal

Change-Id: I80ac3798c2f4773bff7788c851d5a2479a3375ec
Reviewed-on: https://gerrit.chromium.org/gerrit/12317
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>

3 years agoRevert "flimflam: fix WiFi handling on a 64-bit system"
Paul Stewart [Mon, 5 Dec 2011 19:32:00 +0000 (11:32 -0800)]
Revert "flimflam: fix WiFi handling on a 64-bit system"

This reverts commit 1006c1381bad84b082430e4a2f132b677a422500

This change creates wpa_supplicant config files that look like:

pkcs11_engine_path=${exec_prefix}/lib/engines/engine_pkcs11.so
pkcs11_module_path=${exec_prefix}/lib/libchaps.so

and cause supplicant to not start up.  Need to find a different way, but revert for now.

BUG=None
TEST=Look at /usr/lib/flimflam/scripts/wpa_supplicant.conf from a build

Change-Id: I7d28c83fab5b50e8fe88e276243a454ac2f4ede8
Reviewed-on: https://gerrit.chromium.org/gerrit/12450
Commit-Ready: Paul Stewart <pstew@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Paul Stewart <pstew@chromium.org>
3 years agoflimflam: Return the GUID property for profile entries.
Mattias Nissler [Mon, 5 Dec 2011 10:53:47 +0000 (11:53 +0100)]
flimflam: Return the GUID property for profile entries.

BUG=chromium-os:23475
TEST=builds and compiles.

Change-Id: I14586f367302cbcbd171dd9e4cb4f64418559d81
Reviewed-on: https://gerrit.chromium.org/gerrit/12437
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: portal: Remove references to local curl patches
Jason Glasgow [Thu, 1 Dec 2011 13:18:43 +0000 (08:18 -0500)]
flimflam: portal: Remove references to local curl patches

Comment out references to CURLOPT_ARES_SERVERS_CSV which are part of a
local patch to curl.  The upstream version calls this
CURLOPT_DNS_SERVERS, and that change will be made in a subsequent
commit to avoid needing to atomically upgrade curl and flimflam.

Remove references to CURLOPT_BIND_INTERFACE_ONLY which was not
accepted upstream.

BUG=chromium-os:24470
TEST=network_Portal (may fail)

Change-Id: I7a2ce6d1d8a33801d9418b134f1d6416d0d49d85
Reviewed-on: https://gerrit.chromium.org/gerrit/12316
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>

3 years agoflimflam: fix mis-ordered Service profile updating
Sam Leffler [Fri, 2 Dec 2011 21:52:29 +0000 (13:52 -0800)]
flimflam: fix mis-ordered Service profile updating

The change to defer Service object write-back to the profile broke
Profile.DeleteEntry by causing a profile update to happen after the
entry is removed.  Fix this by changing __connman_service_reset to
never push the updated service to the profile; only modify the in-memory

This also fixes invalidation of in-memory services on profile pop;
before this change the deferred profile save would be mis-directed to
the global profile.

BUG=chromium-os:23654, chromium-os:22967
TEST=follow directions in 23654

Change-Id: I59938a67513d7c2a2bd2ce337a1b7e8e21e8b511
Reviewed-on: https://gerrit.chromium.org/gerrit/12395
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: fix WiFi handling on a 64-bit system
Sam Leffler [Fri, 2 Dec 2011 19:06:27 +0000 (11:06 -0800)]
flimflam: fix WiFi handling on a 64-bit system

Construct wpa_supplicant.conf on the fly with the correct path for the
engine DSO's.  This was hardcoded to /usr/lib but needs to honor @libdir@
to get /usr/lib64 on a 64-bit build.  Some day we need to eliminate the
.conf file entirely and push this stuff over d-bus but that requires
changes to wpa_supplicant so use this for now.

BUG=chromium-os:22886
TEST=boot amd64-generic build from sd on alex and verify wifi functions

Change-Id: I5f723fe9a094f996fc7bae605e493f52e2f896e4
Reviewed-on: https://gerrit.chromium.org/gerrit/12383
Reviewed-by: Paul Stewart <pstew@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoAdd UMA stat Network.Wifi.TimeResumeToReady.
Gary Morain [Wed, 16 Nov 2011 22:04:54 +0000 (14:04 -0800)]
Add UMA stat Network.Wifi.TimeResumeToReady.

This stat measures the time from the "resume" event to when the Wifi network is
ready.

BUG=chromium-os:22993
TEST=Manual testing.  Suspend ChromeOS.  Resume.  Look at chrome://histograms
and search for Network.Wifi.TimeResumeToReady.  Compare the value reported there
with the time difference in the logs (ff_debug +network+wifi+service+metrics).
The times should be comparable.

Change-Id: I15229b1678bace695d582a3d1eba597d11daa0f2
Reviewed-on: https://gerrit.chromium.org/gerrit/12331
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Gary Morain <gmorain@chromium.org>
Commit-Ready: Gary Morain <gmorain@chromium.org>

3 years agoflimflam: Return UIData for profile entries.
Mattias Nissler [Thu, 1 Dec 2011 16:01:27 +0000 (17:01 +0100)]
flimflam: Return UIData for profile entries.

This is required by chrome to be able to determine whether a network is
policy-managed and lock down the UI to prevent the user from modifying
or deleting the network.

BUG=chromium-os:23124
TEST=Manual, check that flimflam returns the UIData field on GetEntry() in the Profile interface.

Change-Id: I8594bcfd161026c8787492cdd3202fbf4f064722
Reviewed-on: https://gerrit.chromium.org/gerrit/12319
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Mattias Nissler <mnissler@chromium.org>

3 years agoflimflam-test: Use dnsmasq instead of dhcpd in veth.
Ben Chan [Thu, 1 Dec 2011 00:46:58 +0000 (16:46 -0800)]
flimflam-test: Use dnsmasq instead of dhcpd in veth.

The network_ConnmanCromoCrash test (specifically, the test/veth script)
requires dhcpd, which is no longer built. This CL modifies the veth
script to use dnsmasq instead of dhcpd.

BUG=chromium-os:21363
TEST=Verified the following:
1. emerge flimflam-test for x86-generic, arm-generic and amd64-generic
2. run network_ConnmanCromoCrash test

Change-Id: I7981bb5d8fcea9640c67bfd7cf3597c05b577863
Reviewed-on: https://gerrit.chromium.org/gerrit/12299
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agohandle_scan_reply(): (Nearly) always call connman_device_set_found_networks().
Nathan Williams [Tue, 29 Nov 2011 19:31:35 +0000 (14:31 -0500)]
handle_scan_reply(): (Nearly) always call connman_device_set_found_networks().

handle_scan_reply(): Call connman_device_set_found_networks() with an
empty list in (nearly) all error cases, instead of just
returning. This may help with problems where the UI spins waiting for
a result. Make sure that said error cases also log something, so that
in the future we can find out what errors are being seen.

BUG=chrome-os-partner:5693
TEST=None yet

Change-Id: Idc8e3a4ebeaf090dfdc8f9dd73e4d94ba9a2ea95
Reviewed-on: https://gerrit.chromium.org/gerrit/12223
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Nathan J. Williams <njw@chromium.org>
Commit-Ready: Nathan J. Williams <njw@chromium.org>

3 years agoflimflam: add test helpers for GetService and ConfigureService
Sam Leffler [Wed, 16 Nov 2011 22:58:16 +0000 (14:58 -0800)]
flimflam: add test helpers for GetService and ConfigureService

Scripts that exercise Manager.GetService and Manager.ConfigureService.

BUG=chromium-os:22004
TEST=run scripts

Change-Id: I6f043d2a7c11344d5e76f313b601eef036e4f5fe
Reviewed-on: https://gerrit.chromium.org/gerrit/11808
Reviewed-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: suppress uncertain bad passphrase failure notifications
Sam Leffler [Fri, 18 Nov 2011 17:55:55 +0000 (09:55 -0800)]
flimflam: suppress uncertain bad passphrase failure notifications

Suppress bad passphrase service failures if the service has previously
connected using the passphrase.  These failures were being intuited
based on events such as WPA-PSK 4-way handshake failures but they turn
out to happen far too often to be a dependable indicator.  If the
passphrase is wrong the service will still terminate by the connection
timeout.

BUG=chromium-os:23137
TEST=manual:connect to a WPA-PSK ap w/ the wrong passphrase and monitor operation

Change-Id: I1a55cc753c7b45e884fdd102ba279eb6f18b1deb
Reviewed-on: https://gerrit.chromium.org/gerrit/11913
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: correctly identify service as created when instantiated by GUID
Sam Leffler [Thu, 17 Nov 2011 00:40:13 +0000 (16:40 -0800)]
flimflam: correctly identify service as created when instantiated by GUID

When an in-memory service object is created through a GetService or
ConfigureService call the created flag was not correctly set.  This
resulted, for example, in orphaned service objects for ConfigureService
requests.

BUG=chromium-os:22004
TEST=manual (using gdb to observe orphan service not visible via dbus)

Change-Id: I45ed1839770092148a73181b705dd4734734f238
Reviewed-on: https://gerrit.chromium.org/gerrit/11819
Reviewed-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: Prevent L2TP/IPsec VPN error from being overridden.
Ben Chan [Thu, 17 Nov 2011 21:20:59 +0000 (13:20 -0800)]
flimflam: Prevent L2TP/IPsec VPN error from being overridden.

BUG=chromium-os:23149
TEST=Verified the expected error message is shown when establishing a
L2TP/IPsec VPN connection:
- "Failed to authenticate with provided pre-shared key" when an
  incorrect pre-shared key is provided.
- "Failed to authenticate with provided username or password" when an
  incorrect username or password is provided.
- "Connect failed" when an unreachable server address is provided.

Change-Id: I42943c1b7889a23211ff0a4f47a926a4310b25ce
Reviewed-on: https://gerrit.chromium.org/gerrit/11873
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoUpdate the Provider.Name property before it is examined.
Ben Chan [Thu, 17 Nov 2011 04:06:06 +0000 (20:06 -0800)]
Update the Provider.Name property before it is examined.

This CL modifies the provider creation code to set the Provider.Name
property, which is later examined to determine whether a VPN service is
hidden or not. Without this change, the Provider.Name property will
always be NULL when exmained and thus the VPN service is considered
hidden.

BUG=chromium-os:22930
TEST=Tested connecting to RRAS and ASA VPN servers.

Change-Id: Iaa597e93d872884dde27f044e256aeb8b21f54db
Reviewed-on: https://gerrit.chromium.org/gerrit/11836
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: save/load implicit service properties to the profile
Sam Leffler [Wed, 16 Nov 2011 22:51:29 +0000 (14:51 -0800)]
flimflam: save/load implicit service properties to the profile

Save/load "Type", "WiFi.Security", and "WiFi.Mode" properties from/to the
profile.  These were implicit in the service object identifier but may
not be known if the service object is read into memory using a GUID.

BUG=chromium-os:22004
TEST=create a service and check the profile contents includes the new data; restart flimflam and read the service back in using the GUID and verify the properties are re-loaded correctly

Change-Id: I02220528e39de55b87eb9e9285fb371fc7190636
Reviewed-on: https://gerrit.chromium.org/gerrit/11805
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: always save hidden ssid property for a wifi service
Sam Leffler [Wed, 16 Nov 2011 22:45:28 +0000 (14:45 -0800)]
flimflam: always save hidden ssid property for a wifi service

Always save the WiFi.HiddenSSID property for a wifi service.  Previously
we did it only if the service had an associated network but now with
ConfigureService we may manipulate properties on a service without
the network being present.

BUG=none
TEST=configure-service ... WiFi.HiddenSSID False for an out-of-range wifi service and note it now gets written to the profile

Change-Id: I8a6de916484e24d6f75f64f851e6a9d75af76346
Reviewed-on: https://gerrit.chromium.org/gerrit/11804
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: fix crash in Manager.GetService
Sam Leffler [Wed, 16 Nov 2011 22:41:32 +0000 (14:41 -0800)]
flimflam: fix crash in Manager.GetService

Do not blindly deref the object path of the service returned by
__get_service; it may not be registered (right now) if instantiated
because the GUID was found in the profile.

BUG=none
TEST=run get-service of an object that is not in memory (e.g. an out of range wifi network)

Change-Id: I01e305363ccd32a384cf60b807c947ead4f0fae8
Reviewed-on: https://gerrit.chromium.org/gerrit/11803
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: Set UIData property in __service_set_property.
Mattias Nissler [Wed, 16 Nov 2011 16:04:22 +0000 (17:04 +0100)]
flimflam: Set UIData property in __service_set_property.

Bring back a snippet that has been accidentally dropped in a bad merge.

BUG=chromium-os:21992
TEST=Checked that a UIData write and read cycle from Chrome succeeds. Also made sure connecting to an ethernet and wifi network still works.

Change-Id: I5f792eee8008aaa2e404daa1a10aec8e09946831
Reviewed-on: https://gerrit.chromium.org/gerrit/11768
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
3 years agoChanged PKCS #11 module from libopencryptoki.so to libchaps.so.
Darren Krahn [Tue, 8 Nov 2011 18:46:00 +0000 (10:46 -0800)]
Changed PKCS #11 module from libopencryptoki.so to libchaps.so.

BUG=chromium-os:21005
TEST=Manual test: l2tpipsec vpn with certs.

Change-Id: Icf26e1978bb331bcd78a8d266040799514f4d8f1
Reviewed-on: https://gerrit.chromium.org/gerrit/11434
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Darren Krahn <dkrahn@chromium.org>
Commit-Ready: Darren Krahn <dkrahn@chromium.org>

3 years agoflimflam: Update code to be in sync with the recent GetService changes.
Ben Chan [Tue, 15 Nov 2011 19:22:54 +0000 (11:22 -0800)]
flimflam: Update code to be in sync with the recent GetService changes.

This CL fixes some mismatches in code that are out of sync with a
previous CL: https://gerrit.chromium.org/gerrit/#change,11423

BUG=chromium-os:22930
TEST=Tested connecting to RRAS and ASA VPN servers using connect-vpn.

Change-Id: Id7a7f38b8f6e658d171a377e5c56836081a6c783
Reviewed-on: https://gerrit.chromium.org/gerrit/11751
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: openvpn: adjust property name
Sam Leffler [Mon, 14 Nov 2011 23:24:53 +0000 (15:24 -0800)]
flimflam: openvpn: adjust property name

Use the correct property name to fetch the hostname from the provider object;
this changed as part of disambiguating Service and Provider properties.

BUG=chromium-os:22004
TEST=manual:provision with ConfigureService and connect to an openvpn server

Change-Id: I8259d60cf3f3312572b943afed10d5ff1be0efd6
Reviewed-on: https://gerrit.chromium.org/gerrit/11665
Reviewed-by: Paul Stewart <pstew@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: guard against missing provider driver
Sam Leffler [Mon, 14 Nov 2011 22:45:13 +0000 (14:45 -0800)]
flimflam: guard against missing provider driver

When setting a property on a provider object no driver may be setup
in which case we deref'd a null pointer; check for this.

BUG=chromium-os:22004
TEST=none found during debugging

Change-Id: Icd3fd291d5797adada262264fee82e26732101d1
Reviewed-on: https://gerrit.chromium.org/gerrit/11643
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: fix provider create handling of compat properties
Sam Leffler [Mon, 14 Nov 2011 22:41:54 +0000 (14:41 -0800)]
flimflam: fix provider create handling of compat properties

When handling compat properties for a provider object we must beware
of ordering when both old and new properties are present (e.g. as in
a ConfigureService call with Type "vpn" and Provider.Type "openvpn").

BUG=chromium-os:22004
TEST=manual call ConfigureService with Type "vpn" and Provider.Type "openvpn"

Change-Id: Iccd935645067f81f1648b63f6633ca0d31f484b3
Reviewed-on: https://gerrit.chromium.org/gerrit/11642
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: handle errors better when setting multiple properties
Sam Leffler [Fri, 11 Nov 2011 21:14:29 +0000 (13:14 -0800)]
flimflam: handle errors better when setting multiple properties

ConfigureService and GetService may set multiple properties on a service
object.  Previously we stopped on first error but didn't always reclaim
state properly.  Now we try to set all properties and reclaim state better.
Note this changes the return semantics for these apis when an error occurs
in this situation.

BUG=chromium-os:22004
TEST=manual setting of multiple properties with some generating errors

Change-Id: Ib45d021a50d1c54726b174f85d3b39a5a0039077
Reviewed-on: https://gerrit.chromium.org/gerrit/11641
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: add unified service configuration support
Sam Leffler [Thu, 27 Oct 2011 18:48:00 +0000 (11:48 -0700)]
flimflam: add unified service configuration support

Add Manager.ConfigureService to generalize the existing
ConfigureWifiService method.  Redefine the deprecated Manager.GetService
method to unify Manager.GetWifiService, Manager.GetVPNService and enable
support for more service types.  Both new api's accept a GUID property
that is used to locate (and instantiate) a Service object in preference
to the old scheme (typically SSID plus Security credentials).

Change provider property names supplied for a vpn service to use a
"Provider." prefix to disambiguate Type and Name (accept old property
names for now so Manager.GetVPNService continues to work).  Also change
connman_provider_create to depend on the caller plumbing unprocessed
properties (works now that we push all property setting through a common
routine).

BUG=chromium-os:22004
TEST=matfunc+vpn suites for regresion; manual testing of new api's with test scripts

Change-Id: I0317927a5e4806dc50a57adf66ce9c7f3504b7ad
Reviewed-on: https://gerrit.chromium.org/gerrit/11423
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: add hostroute plugin
Vince Laviano [Sat, 6 Aug 2011 00:16:14 +0000 (17:16 -0700)]
flimflam: add hostroute plugin

Add a hostroute plugin that creates a sticky host route for cellular
services to the IP address associated with that service's
Cellular.UsageUrl.

BUG=chromium-os:17920
TEST=tested on device by repeatedly connecting and disconnecting a
cellular service and viewing the routing table and flimflam logs before
and after.

Change-Id: If1e5356324db76a418b3373c766030607e7cc0b0
Reviewed-on: https://gerrit.chromium.org/gerrit/7010
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Vince Laviano <vlaviano@chromium.org>
Tested-by: Vince Laviano <vlaviano@chromium.org>
3 years agoflimflam: dns_client: use nameservers configured for specified interface firmware-kiev-2.112.B firmware-uboot_v2-1299.B
Vince Laviano [Thu, 10 Nov 2011 00:00:23 +0000 (00:00 +0000)]
flimflam: dns_client: use nameservers configured for specified interface

Modify dns_client to use the nameservers configured for the interface
passed to connman_dns_client_submit_request rather than the default
nameservers. This is necessary because the default nameservers may not
be reachable via the specified interface.

This CL also fixes a few other issues discovered during testing:
- Print __func__ in calls to connman_error
- Ignore NULL or stopped requests in calls to
  connman_dns_client_cancel_request. This removes the burden from
  clients to know when it's ok to call this function. They can now call it
  at any time.
- Pass full sockaddr_in[6] structs to clients rather than sin[6]_addr structs.

BUG=chromium-os:17920
TEST=Tested with hostroute plugin CL at https://gerrit.chromium.org/gerrit/7010
Verification steps:
- Ensure that the DUT has both an ethernet connection and a 3G data plan.
- Visit chrome://settings/internet and disable mobile data
- /usr/local/lib/flimflam/test/debug service+resolv+hostroute
- Visit chrome://settings/internet, enable mobile data, and connect to 3G.
- Inspect /var/log/messages for flimflam debug messages tracing dns_client
  operation.
- Note that the nameservers for the 3G interface are being used instead
  of the nameservers for the ethernet interface.

Change-Id: I64fde38527cd7e6e06688aeda93319db60aa45a2
Reviewed-on: https://gerrit.chromium.org/gerrit/11445
Tested-by: Vince Laviano <vlaviano@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Vince Laviano <vlaviano@chromium.org>

3 years agoflimflam: Add TLSAuthContents which contains tls-auth key file
Ken Mixter [Wed, 9 Nov 2011 01:02:39 +0000 (17:02 -0800)]
flimflam: Add TLSAuthContents which contains tls-auth key file

BUG=chromium-os:22611
TEST=connect to VPN requiring TLS-Auth,
using TLSAuthContents variant during provisioning.
Verified file created with 600 on startup and deleted at disconnect.
Verified works with TLSAuth provisioning as well.

Change-Id: I84b7484f3d1e39698d353e439c6d9bf4cefb966c
Reviewed-on: https://gerrit.chromium.org/gerrit/11364
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoAdd GetSms() method to ModemManager object, for use by ModemManager
Nathan Williams [Wed, 9 Nov 2011 20:36:34 +0000 (15:36 -0500)]
Add GetSms() method to ModemManager object, for use by ModemManager
tests.

TEST=None
BUG=None

Change-Id: I6dc877feb3d666bc55b8dcb53a417a48f7262889
Reviewed-on: https://gerrit.chromium.org/gerrit/11410
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Nathan J. Williams <njw@chromium.org>
Commit-Ready: Nathan J. Williams <njw@chromium.org>

3 years agoflimflam: Fix typo in params passed to l2tpipsec_vpn
Ken Mixter [Mon, 7 Nov 2011 21:32:20 +0000 (21:32 +0000)]
flimflam: Fix typo in params passed to l2tpipsec_vpn

BUG=chromium-os:22588
TEST=connect to VPN, verify correct params

Change-Id: I2346f289e981f9e1c5b95eeb03e499cd74d4f888
Reviewed-on: https://gerrit.chromium.org/gerrit/11281
Commit-Ready: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: portal: Ensure curl treats interface option only as an interface name
Jason Glasgow [Fri, 4 Nov 2011 01:25:16 +0000 (21:25 -0400)]
flimflam: portal: Ensure curl treats interface option only as an interface name

Ensure curl treats its interface option only as an interface name and
not as a hostname.  This prevents curl from doing a DNS lookup to
resolve the "interface" name to an ip address when an IP address is no
longer associated with an interface name.  This might happen if the
interface is shutdown just as the curl request is started.

This requires patches to curl.  See:
https://gerrit.chromium.org/gerrit/#change,11186

BUG=chromium-os:22240
TEST=run network_3GModemControl
Change-Id: I47f4868f527898a91e89c4f344a599ce07c31b1c
Reviewed-on: https://gerrit.chromium.org/gerrit/11187
Reviewed-by: Paul Stewart <pstew@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: portal: cancel outstanding portal requests on service transitions
Jason Glasgow [Fri, 28 Oct 2011 00:28:19 +0000 (20:28 -0400)]
flimflam: portal: cancel outstanding portal requests on service transitions

Cancel outstanding portal requests when a service transitions out of
the ready state (typically into a disconnected or idle state).  Be
careful about unrefing the service object because the portal code
might hold the last reference to the service.

BUG=chromium-os:21089
TEST=network_3GModemControl

Change-Id: Ibe851a72d0bd90491ffe4f02f067c1c1fe05ea26
Reviewed-on: https://gerrit.chromium.org/gerrit/10830
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: add asynchronous DNS client
Vince Laviano [Thu, 3 Nov 2011 00:45:55 +0000 (00:45 +0000)]
flimflam: add asynchronous DNS client

Provide a c-ares based asynchronous DNS client that can be accessed by
plugins. This is required by the hostroute plugin that we're adding to
resolve issue 17920, and we think it may be more broadly useful.

BUG=chromium-os:17920
TEST=Tested with hostroute plugin CL at https://gerrit.chromium.org/gerrit/7010

Change-Id: Ieccc6fb1dc79284b81c74c6c8f593c06f3ee8df8
Reviewed-on: https://gerrit.chromium.org/gerrit/11095
Reviewed-by: mukesh agrawal <quiche@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Will Drewry <wad@chromium.org>
Commit-Ready: Vince Laviano <vlaviano@chromium.org>
Tested-by: Vince Laviano <vlaviano@chromium.org>
3 years agoupdate doc with format of ProxyConfig property
Kuan Tan [Mon, 7 Nov 2011 18:21:34 +0000 (10:21 -0800)]
update doc with format of ProxyConfig property

BUG=chromium-os:21951
TEST=nothing, no code changes.

Change-Id: Ia27f9e04d452dc040965b4a6f276e5d11d83167b
Reviewed-on: https://gerrit.chromium.org/gerrit/11272
Reviewed-by: Kuan Tan <kuan@chromium.org>
Tested-by: Kuan Tan <kuan@chromium.org>
3 years agoflimflam: Add opaque UIData property for UI-specific service data factory-1284.B
Ken Mixter [Thu, 3 Nov 2011 23:56:55 +0000 (23:56 +0000)]
flimflam: Add opaque UIData property for UI-specific service data

BUG=chromiumos:21992
TEST=builds, installed on device, connected to wifi networks

Change-Id: I726951f13438e07a89b2d8dcc473c7a643c64fdb
Reviewed-on: https://gerrit.chromium.org/gerrit/11167
Commit-Ready: Ken Mixter <kmixter@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: add Service.StickyHostRoute property
Vince Laviano [Thu, 3 Nov 2011 01:09:35 +0000 (01:09 +0000)]
flimflam: add Service.StickyHostRoute property

Add an internal interface to flimflam services to allow the creation of
a host route to a specified destination that remains across device
reconfiguration. Specifically, we monitor the underlying device and in
case the route gets cleared we blindly add it back (i.e., w/o resolution
of any DNS). This "sticky host route" is reflected in the read-only
Service.StickyHostRoute D-Bus property.

BUG=chromium-os:17920
TEST=Tested with hostroute plugin CL at https://gerrit.chromium.org/gerrit/7010

Change-Id: I209ecfb56859fe41ee1ce81f12773ea3b21d1302
Reviewed-on: https://gerrit.chromium.org/gerrit/11097
Tested-by: Vince Laviano <vlaviano@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Vince Laviano <vlaviano@chromium.org>

3 years agoflimflam: add WiFi BSSID to service properties
Sam Leffler [Mon, 31 Oct 2011 23:27:25 +0000 (16:27 -0700)]
flimflam: add WiFi BSSID to service properties

Expose the current WiFi network's BSSID in the service properties
as WiFi.BSSID (could find it previously with a lot of work that
required knowledge of implementation details).

BUG=none
TEST=list-services of running system, monitor dbus for PropertyChanged signal on roam

Change-Id: Ic211ce496da3c93818189299294ebc7053c040e7
Reviewed-on: https://gerrit.chromium.org/gerrit/10931
Reviewed-by: mukesh agrawal <quiche@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: modemmgr: Redo handling of modem state change disabled signal
Jason Glasgow [Thu, 8 Sep 2011 17:43:46 +0000 (13:43 -0400)]
flimflam: modemmgr: Redo handling of modem state change disabled signal

Redo handling of modem state change disabled signal so that the modem
is marked as disabled by flimflam.  This in conjunction with the
network_3GModemControl test ensures that flimflam and modem manager
stay in sync.

BUG=chromium-os:21089
TEST=network_3GModemControl

Change-Id: I4bbee9a708489d8a9b4cccc63e2ce4496e6cab46
Reviewed-on: https://gerrit.chromium.org/gerrit/10829
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Eric Shienbrood <ers@chromium.org>
3 years agoflimflam: protect against NULL when logging profile name
Jason Glasgow [Thu, 27 Oct 2011 12:07:09 +0000 (08:07 -0400)]
flimflam: protect against NULL when logging profile name

protect against a NULL profile when saving the service.  When shutting
down flimflam it is possible for the service profile and the active
profile to both be NULL.

BUG=chromium-os:22162
TEST=network_3g.  Watch BVT tests for flimflam dump files.

Change-Id: Idf34ca1050a0485efa1a17d63e3ea6532fad93a2
Reviewed-on: https://gerrit.chromium.org/gerrit/10776
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>

3 years agoflimflam: Change the default portal URL from www.google.com to clients3.google.com factory-1235.B
Jason Glasgow [Tue, 25 Oct 2011 20:30:10 +0000 (16:30 -0400)]
flimflam: Change the default portal URL from google.com to clients3.google.com

Set the default portal URL to clients3.google.com now that we've
registered to use that hostname.  It is preferable to use something
other than www.google.com for machine generated requests.

BUG=chromium-os:18416
TEST=Make sure WiFi, Ethernet, and Mobile Data all move to the online state

Change-Id: I35e63fbf2e5d8285f7004efd65dbbdf44c1d75a0
Reviewed-on: http://gerrit.chromium.org/gerrit/10671
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Chris Masone <cmasone@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>

3 years agoflimflam: modemmgr: power off device before deleting it
Jason Glasgow [Mon, 24 Oct 2011 21:45:29 +0000 (17:45 -0400)]
flimflam: modemmgr: power off device before deleting it

Power off the modem device before the connman_device object is
deleted.  This is critical because otherwise the technology counter
that keeps track of whether or not the technology is enabled gets out
of sync.

BUG=chromium-os:21089
TEST=network_3GRecoverFromGobiDesync

Change-Id: I197629666c8c31c6df86915a7214a1e15c820225
Reviewed-on: http://gerrit.chromium.org/gerrit/10598
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: ttuttle <ttuttle@chromium.org>
Reviewed-by: David Rochberg <rochberg@chromium.org>
3 years agoflimflam: portal: increase logging level so portal state is always logged
Jason Glasgow [Wed, 19 Oct 2011 11:30:15 +0000 (07:30 -0400)]
flimflam: portal: increase logging level so portal state is always logged

Change log debug statements to connman_info statements so that it is
always possible to see the the portal state determined for an interface.

BUG=chromium-os:19195
TEST=run flimflam look for eth0:, usb0:, or wlan0 in /var/log/messages

Change-Id: I4273a7695ccb31c164e480b07ad9ff96dae7d5a1
Reviewed-on: http://gerrit.chromium.org/gerrit/10294
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoChange to use new location of shflags
Sonny Rao [Fri, 21 Oct 2011 08:12:10 +0000 (08:12 +0000)]
Change to use new location of shflags

BUG=chromium-os:21742
TEST=manual verify this works with new dev-utils/shflags package

Change-Id: I2226782fd84ae29f55fd600756253c6485b27bd1
Reviewed-on: http://gerrit.chromium.org/gerrit/10478
Reviewed-by: Eric Shienbrood <ers@chromium.org>
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
3 years agoflimflam: metrics: portal: collect statistics on additional service states
Jason Glasgow [Fri, 21 Oct 2011 18:01:22 +0000 (14:01 -0400)]
flimflam: metrics: portal: collect statistics on additional service states

Collect statistics on the time that it takes to determine that a
service is either online or in a captive portal state.

BUG=chromium-os:19195
TEST=connect to a captive portal and a non captive portal, verify stats at uma.googleplex.com

Change-Id: I2494a013f504985346662b335a37ac77b1fa319a
Reviewed-on: http://gerrit.chromium.org/gerrit/10503
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
3 years agoflimflam: on resume force wifi scan if disconnected and idle
Sam Leffler [Mon, 17 Oct 2011 16:15:10 +0000 (09:15 -0700)]
flimflam: on resume force wifi scan if disconnected and idle

One resume explicitly scan for WiFi networks if not already connected
or in the process of connecting.  This is necessary because we need
scan results to trigger autoconnect.  This handles the case where we
previously were off-line and not trying to connect prior to suspend.

BUG=chromium-os:21216
TEST=WiFiRoaming (fixes 009ConnectOnResume)

Change-Id: Icacae7a3f06f1f930737f636dcefb13e87945a7a
Reviewed-on: http://gerrit.chromium.org/gerrit/10229
Tested-by: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: Do not retry autoconnect on a service if the device disappeared
Jason Glasgow [Tue, 18 Oct 2011 18:45:00 +0000 (14:45 -0400)]
flimflam: Do not retry autoconnect on a service if the device disappeared

Do not retry autoconnect on a service if the device disappeared.
Devices can disappear at anytime. flimflam sets a 45 second timeout on
connect operations.  The code that sets up the timeout to call
connect_timeout takes a reference to the service, but not the device.
When connect_timeout finally runs, it is possible that the device has
disappeared.

BUG=chromium-os:21658,chromium-os:17840
TEST=run unit tests, expect fewer intermittent failures.

Change-Id: I5533c5bf1634ba30fd193a9081e886e787c33683
Reviewed-on: http://gerrit.chromium.org/gerrit/10234
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: fix connection timeout handling for vpn services
Sam Leffler [Sat, 15 Oct 2011 00:02:03 +0000 (17:02 -0700)]
flimflam: fix connection timeout handling for vpn services

When the service connection timer expires disconnect any associated
provider as we do for associated networks and devices.

To avoid churning the service state machine through the DISCONNECT
state change __connman_provider_disconnect to not explicitly clock
the associated service state; instead we depend on callers to handle
this (which was already happening).  Note this also make the provider
disconnect logic consistent with how network and devices work--they
manage only their own state and that of any asociated driver.

BUG=none
TEST=start an openvpn connect over a network where service is unavailable; observe that when the 45 sec timeout kicks in everything is shutdown cleanly (including the openvpn subprocess which previously was left running)

Change-Id: I16912b5a5605cb5de9a3f6d3c26af2ceba1342ed
Reviewed-on: http://gerrit.chromium.org/gerrit/10155
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: set Error property if vpn task exits unexpectedly
Sam Leffler [Fri, 14 Oct 2011 23:23:55 +0000 (16:23 -0700)]
flimflam: set Error property if vpn task exits unexpectedly

If a vpn task (nee subprocess) exits while connecting mark the provider
(and indirectly the service) with a generic "connect-failed" Error.
Previously we were setting the provider+service to the Failure state
but not setting the Error property; this confused the UI.

BUG=none
TEST=request openvpn connect with an invalid credential or similar and check the service state on failure; also note the UI posts the expected notifier and re-prompts for credentials

Change-Id: I402411d126aa5fcd3116b7da67b7a6f18d054ff8
Reviewed-on: http://gerrit.chromium.org/gerrit/10154
Reviewed-by: Steven Bennetts <stevenjb@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: fix provider properties loading
Sam Leffler [Fri, 14 Oct 2011 22:46:30 +0000 (15:46 -0700)]
flimflam: fix provider properties loading

When a provider instance is created by connman_provider_create we need
to probe and bind the associated driver before loading properties from
the profile; otherwise the resulting provider (and associated service)
will not have plugin-specific proprties.

BUG=none
TEST=provision openvpn; reboot; sign in and check service properties with list-services to verify all properties in the profile are present

Change-Id: Idbe794eaf41101e5cf5c6c4b74f8262f0549dd5a
Reviewed-on: http://gerrit.chromium.org/gerrit/10151
Reviewed-by: Ben Chan <benchan@chromium.org>
Reviewed-by: Steven Bennetts <stevenjb@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: crosmetrics: fix channel histogram
Sam Leffler [Wed, 12 Oct 2011 19:26:08 +0000 (12:26 -0700)]
flimflam: crosmetrics: fix channel histogram

Correct the enum that describes the set of WiFi frequencies sent to
UMA.  This affects only the histogram through the bucket count as we
map frequency to enum value w/o using the enum.

BUG=chromium-os:21635
TEST=check uma dashboard

Change-Id: I7b31927faa2fd371f17f98e244f7fd04d39bec0a
Reviewed-on: http://gerrit.chromium.org/gerrit/10018
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>

3 years agoflimflam: Mask out sensitive information from the debug log.
Ben Chan [Wed, 12 Oct 2011 05:27:18 +0000 (22:27 -0700)]
flimflam: Mask out sensitive information from the debug log.

This CL adds two functions, 'connman_log_mask_value_of_key' and
'connman_log_get_masked_value', for masking out sensitive information
(such as password) from the debug log. A plugin, for example, can
call connman_log_mask_value_of_key to register a key whose value should
be masked out, and then use connman_log_get_masked_value to obtain the
value that should be given to a DBG macro.

BUG=chromium-os:21565
TEST=Tested the following on a Cr48:
1. Run "ff_debug service+vpn" from crosh.
2. Connect to a L2TP/IPsec VPN server.
3. Verify that sensitive information such as L2TPIPsec.Password is
   masked out from /var/log/messages.
4. Connect to a OpenVPN server.
5. Verify that sensitive information such as OpenVPN.Password is
   masked out from /var/log/messages.

Change-Id: I3310ceeaccfa2bfc7bc196b56b6b6778030c6f5a
Reviewed-on: http://gerrit.chromium.org/gerrit/9945
Reviewed-by: Ben Chan <benchan@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: modemmgr: do not request gsm card properties for CDMA modem
Jason Glasgow [Sat, 1 Oct 2011 03:55:05 +0000 (23:55 -0400)]
flimflam: modemmgr: do not request gsm card properties for CDMA modem

Do not request gsm card properties for CDMA modems because CDMA modems
do not implement the gsm card interface

BUG=chromium-os:21002
TEST=see if 3G modem can be enabled after reboot

Change-Id: Ibabfefc0d08ee1946c1c3bec4d96491c4858bda9
Reviewed-on: http://gerrit.chromium.org/gerrit/8606
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Commit-Ready: Eric Shienbrood <ers@chromium.org>
Reviewed-by: Eric Shienbrood <ers@chromium.org>
3 years agoflimflam: Set IPv6 privacy flags on discovered interfaces
Paul Stewart [Tue, 23 Aug 2011 22:05:03 +0000 (15:05 -0700)]
flimflam: Set IPv6 privacy flags on discovered interfaces

Set the IPv6 "use_tempaddr" flag on newly discovered interfaces.
This allows the globally scoped IPv6 address to be un-linked
from the MAC address and reduce the ability for the host to
be tracked.  Although this parameter can be set on the interface
using /etc/sysctl.conf, the evaluation of this file does not
happen early enough to catch the first interfaces brought up
by flimflam.  Therefore we need to do write out these settings
at device-discovery time for flimflam.

BUG=chromium-os:16085
TEST=Manual -- observe IP address list, ensure netstat output on
client connected peer shows anonymized address.  Ensure that as
before all globally scoped addresses are removed on network
disconnect.

Change-Id: I0a74608b6344166c56f747416e85de8f0d848b23
Reviewed-on: http://gerrit.chromium.org/gerrit/7049
Tested-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam.py: Fix UNKNOWN_METHOD check.
ttuttle [Fri, 30 Sep 2011 18:30:51 +0000 (14:30 -0400)]
flimflam.py: Fix UNKNOWN_METHOD check.

It's self.UNKNOWN_METHOD, not UNKNOWN_METHOD

BUG=None
TEST=None

Change-Id: I7a73a1052d4dc1b0326656f6408de251ec7c5ae3
Reviewed-on: http://gerrit.chromium.org/gerrit/8566
Reviewed-by: David Rochberg <rochberg@chromium.org>
Commit-Ready: ttuttle <ttuttle@chromium.org>
Tested-by: ttuttle <ttuttle@chromium.org>
3 years agoAdded a new LockEnabled entry to the device Cellular.SIMLockStatus property.
Eric Shienbrood [Tue, 27 Sep 2011 14:51:14 +0000 (10:51 -0400)]
Added a new LockEnabled entry to the device Cellular.SIMLockStatus property.

In order to indicate whether SIM locking is enabled, independent
of whether the SIM is currently locked (i.e., waiting for PIN/PUK
entry), a new boolean has been added to the SIMLockStatus dictionary.

BUG=chromium-os:14253
TEST=Enable the modem, do list-devices, and check that the LockEnabled
boolean in the device's Cellular.SIMLockStatus dictionary has the
correct value. Flip the value via the command line:

    sudo /usr/local/lib/flimflam/test/pin disable XXXX
or
    sudo /usr/local/lib/flimflam/test/pin enable XXXX

and check list-devices again. Also, run dbus-monitor and see that
a property change signal is sent from flimflam for the
Cellular.SIMLockStatus property. When locking is enabled, power-cycle
the device, then go to the UI and press Enable Mobile Data. The
SIM unlock dialog should come up.

Change-Id: I92de5a43f62d90b3fff1f48bc3da630c1ec72949
Reviewed-on: http://gerrit.chromium.org/gerrit/8345
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Eric Shienbrood <ers@chromium.org>
3 years agoflimflam: modemmgr: fix documenation for service.txt
Jason Glasgow [Tue, 27 Sep 2011 00:40:54 +0000 (20:40 -0400)]
flimflam: modemmgr: fix documenation for service.txt

fix documenation for service.txt that was missing in
6d2b7563d1ecd57d12555373eb7018f0ea955b16

BUG=chrome-os-partner:5981
TEST=read docs

Change-Id: Ib551113f959aefbcae9b9ec61b3af702dcb74cf3
Reviewed-on: http://gerrit.chromium.org/gerrit/8325
Tested-by: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Elly Jones <ellyjones@chromium.org>
3 years agoflimflam: modemmgr: add support for online portal url method
Jason Glasgow [Fri, 23 Sep 2011 07:11:40 +0000 (03:11 -0400)]
flimflam: modemmgr: add support for online portal url method

add support for passing through both the http method (GET/POST) used
to access the payment portal and the post data if a POST is used
instead of a GET.

BUG=chrome-os-partner:5981
TEST=list-services

Change-Id: I875dbdfc9a534dd86722bf8cd25ce06d2acb11da
Reviewed-on: http://gerrit.chromium.org/gerrit/8188
Reviewed-by: Eric Shienbrood <ers@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: cleanup rtnl support
Sam Leffler [Mon, 22 Aug 2011 18:39:18 +0000 (11:39 -0700)]
flimflam: cleanup rtnl support

Reduce the overhead for RTNL callbacks by introducing a device index
field that the core can check before issuing a callback (i.e. only RTNL
messages from a device with that index are passed on).

Make RTNL callback code more robust by introducing RTNL_INIT and
RTNL_DEFINE macros to use in initializing connman_rtnl structures.
These are meant to guard against not initializing all the fields of
a structure.

BUG=none (1st item suggested by pstew)
TEST=various usage scenarios + matfunc for regression

Change-Id: I3796706565a9e53d479748ac068ab02bc6aacee8
Reviewed-on: http://gerrit.chromium.org/gerrit/7881
Tested-by: Sam Leffler <sleffler@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
3 years agoflimflam: provider: create identifier from name instead of domain
Sam Leffler [Fri, 16 Sep 2011 21:55:16 +0000 (14:55 -0700)]
flimflam: provider: create identifier from name instead of domain

When creating the provider identifier use the name and not the domain.
We currently don't use the domain setting anywhere so clients don't
always it in and this results in two profile entries being created for
a provider.

BUG=none
TEST=manual:record a provider in a profile; restart flimflam and notice a second profile entry created that lacks all the properties of the first

Change-Id: Ie497ba833934ca746b44eb2a255426bbab2deada
Reviewed-on: http://gerrit.chromium.org/gerrit/8211
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Commit-Ready: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: Adjust printfs for 64-bit compatibility
Paul Stewart [Fri, 23 Sep 2011 15:26:29 +0000 (08:26 -0700)]
flimflam: Adjust printfs for 64-bit compatibility

Many printf statements had integer and ptrdiff size issues.

BUG=chromium-os:20674
TEST=Compiled and installed successfully

Change-Id: I1b77a3701233384946231cd3808b8821315dc61b
Reviewed-on: http://gerrit.chromium.org/gerrit/8197
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Paul Stewart <pstew@chromium.org>
3 years agoflimflam: portal: add interface to debugging messages
Jason Glasgow [Fri, 23 Sep 2011 00:29:32 +0000 (20:29 -0400)]
flimflam: portal: add interface to debugging messages

add interface to debugging messages where possible

BUG=chromium-os:20706
TEST=run flimflam with -d portal and look at /var/log/messages

Change-Id: Id98e02d9ea1b3a32789646981be260fb86d7f4a0
Reviewed-on: http://gerrit.chromium.org/gerrit/8182
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: portal: fix timeout computation, use curl_multi_perform
Jason Glasgow [Thu, 22 Sep 2011 08:37:01 +0000 (04:37 -0400)]
flimflam: portal: fix timeout computation, use curl_multi_perform

Fix the timeout computation when tv_nsec overflows.  This might cause
incorrect computation of expiration times.

Use curl_multi_perform instead of curl_multi_socket_action with
CURL_SOCKET_TIMEOUT because the former causes curl to handle timed out
requests properly, whereas curl_multi_socket_action does not complete
the timedout requests.

BUG=chromium-os:20323
TEST=while ssh root@jglinux1.cam -p 9222 -o StrictHostKeyChecking=no /usr/local/lib/flimflam/test/list-services | grep online ; do sudo pkill kvm ; ./bin/cros_start_vm  ; sleep 15; done

Change-Id: Icac84ba874888480e1b32a48cc2b75ce93e4b33e
Reviewed-on: http://gerrit.chromium.org/gerrit/8137
Commit-Ready: Jason Glasgow <jglasgow@chromium.org>
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Jason Glasgow <jglasgow@chromium.org>
3 years agoflimflam: Improve L2TP/IPsec VPN error reporting.
Ben Chan [Mon, 19 Sep 2011 22:15:37 +0000 (15:15 -0700)]
flimflam: Improve L2TP/IPsec VPN error reporting.

This CL adds an exit_status field in the connman_task struct to store
the exit status of a task when the the task terminates. The l2tpipsec
provider plugin is modified to extract and translate the exit status
of the l2tpipsec_vpn task into a flimfam service error, which will be
used by the UI to present an improved error message to the user.

BUG=chromium-os:18573
TEST=Observed the service error code emitted by flimflam under different
error conditions in l2tpipsec_vpn.

Change-Id: I60172283e4fd0797a2afc71240a10f3e3a5dd1d7
Reviewed-on: http://gerrit.chromium.org/gerrit/7963
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: Delete IPv6 routes created by addrconf
Paul Stewart [Wed, 21 Sep 2011 03:54:46 +0000 (20:54 -0700)]
flimflam: Delete IPv6 routes created by addrconf

Remove IPv6 routing table entries when a device goes offline.
Unfortunately when you do that, the kernel addrconf quiesces,
so you have to bump it back to life when a connection comes.
I'm not sure this is The Right Way to do this in flimflam, as
it bypasses all concept of ipconfig drivers.  If that is
necessary, perhaps someone can use parts of this code as raw
materials for doing the right thing.

You could posit that this still leaves broken-ness: Addrconf
installs default routes for global IPv6, and uses the same
metric.  It's basically a race as to which interface gets
the default route, if say WiFi, 3G and Ethernet are enabled
at boot.

BUG=chromium-os:20659
TEST=Toggle between IPv6-enabled WiFi network and non-IPv6
networks -- ensure routes get deleted.  Need to test between
two IPv6 nets to make sure transfer works correctly.
used:
  rmmod ethernet_driver
  ip -6 route
  connect-wifi GuestNetWithIPv6
  sleep 10
  ip -6 route
  connect-wifi GuestNetWithoutIPv6
  sleep 10
  ip -6 route
  modprobe ethernet_driver
  ip -6 route
  connect-wifi GuestNetWithIPv6
  ip -6 route
Ensure that IPv6 default route and globally scoped network
route are removed after connecting to "WithoutIPv6".  Make
sure ethernet IPv6 globally scoped routes aren't scrubbed
after connecting to another netowork on wifi.

Change-Id: I0f80c425fa7e6f449b28b470531e2b0f23c705e3
Reviewed-on: http://gerrit.chromium.org/gerrit/8041
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Paul Stewart <pstew@chromium.org>
3 years agoflimflam: handle ppp route/ip/dns configuration
Ken Mixter [Wed, 14 Sep 2011 18:19:21 +0000 (11:19 -0700)]
flimflam: handle ppp route/ip/dns configuration

Pass --nosystemconfig to l2tpipsec -> pppd so that it does not
attempt to set up the ppp0 device and allows flimflam to do so.
Properly dispose of the host route that the kernel implicitly
adds for peer devices as we want to configure those explicitly.

BUG=chromium-os:17185
TEST=see below
fetch pages over wired and wireless connections
run openvpn and l2tp/ipsec VPN autotests
test with RRAS and ASA.  Note that ASA server is currently
not passing packets for any OS's clients that I've tried. The
auth parts do work though.

Change-Id: If6a532bfe07e30aa46e5076563de55d7219158ae
Reviewed-on: http://gerrit.chromium.org/gerrit/7748
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: simplify default routes
Ken Mixter [Mon, 12 Sep 2011 21:59:16 +0000 (14:59 -0700)]
flimflam: simplify default routes

We have been creating default routes in flimflam by creating a host
route through the device and then creating the default route through
the device.  The host route is necessary in advance because without it
the default route creation may fail with Network is unreachable.
However, we don't need to keep the host route around.  One benefit is
that deleting it immediately makes the routing table more readable.
Another is that it allows a VPN's default route on a different device
from the VPN's host route.

BUG=chromium-os:17185
TEST=manual tests + openvpn and l2tpipsec rf test

Change-Id: Ib47ff5858d4792807a00d88e6ce6bf4b91f6f933
Reviewed-on: http://gerrit.chromium.org/gerrit/7463
Tested-by: Ken Mixter <kmixter@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: change prefix length for l2tpipsec ppp devices
Ken Mixter [Mon, 12 Sep 2011 21:47:34 +0000 (14:47 -0700)]
flimflam: change prefix length for l2tpipsec ppp devices

0b prefix causes the kernel to delete any host route created for
the ppp device.  This is not the intention, so change it to 32b.

BUG=chromium-os:17185
TEST=see below
fetch pages over wired and wireless connections
run openvpn and l2tp/ipsec VPN autotests

Change-Id: I8e5dedd892218a38ad880f418970c0667426a388
Reviewed-on: http://gerrit.chromium.org/gerrit/7747
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
Reviewed-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: Fix setting of Cellular.APN property.
Eric Shienbrood [Thu, 15 Sep 2011 18:56:35 +0000 (14:56 -0400)]
flimflam: Fix setting of Cellular.APN property.

At some point a change was made in Chrome that affected how the
Cellular.APN property is set from the APN dialog. For fields that
are left blank, empty strings are now being put in the dictionary
that is the value of this property, where previously, those fields
simply didn't appear in the dictionary at all. As a result, flimflam
is seeing empty strings instead of NULL pointers when it reads the
values of the dictionary entries. This broke the functionality whereby
if the network ID (MCC/MNC) was omitted, flimflam would use the network
ID of the serving operator. This change treats empty strings and NULL
pointers identically.

BUG=none
TEST=Before the fix, if you selected an APN from the dropdown list,
and then did list-services, you would see that the Cellular.APN
property would have the correct string for the "apn" entry, and
would have empty strings for network_id, username, and password.
With this fix, the network_id entry should have the same value
as Cellular.ServingOperator.code, and username and password should
be missing, unless they actually have non-empty values.

Change-Id: If348d7b1393b0be1d58f7dc3cf69bf2f4ffa409f
Reviewed-on: http://gerrit.chromium.org/gerrit/7802
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Eric Shienbrood <ers@google.com>
3 years agoflimflam: support 802.1x plus dynamic WEP
Sam Leffler [Mon, 12 Sep 2011 23:01:54 +0000 (16:01 -0700)]
flimflam: support 802.1x plus dynamic WEP

Add support for 802.1x authentication with dynamic WEP keying.  To get
this the service must be configured with security set to "wep" and
EAP.KeyMgmt set to "IEEE8021x" (case important).

BUG=chromium-os:14210
TEST=new SecMat test 003CheckWEP_8021x

Change-Id: Icf98d9fcbd1079ea8a134cf8f121c1e0557728b5
Reviewed-on: http://gerrit.chromium.org/gerrit/7573
Reviewed-by: Paul Stewart <pstew@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: enable creating/deleting zero-hop host routes factory-1020.B
Ken Mixter [Fri, 9 Sep 2011 00:42:04 +0000 (17:42 -0700)]
flimflam: enable creating/deleting zero-hop host routes

Support passing INADDR_ANY to the create/delete host route functions
to indicate that the host route should not have the route gateway bit
to indicate a zero-hop host route.  Such routes may be necessary
when pinning VPN host routes.

TEST=manual wired/wireless connectivity tests
BUG=chromium-os:17185

Change-Id: I515a7798a898fd11daae71f6641d9feda8f7fe92
Reviewed-on: http://gerrit.chromium.org/gerrit/7464
Reviewed-by: Ken Mixter <kmixter@chromium.org>
Tested-by: Ken Mixter <kmixter@chromium.org>
3 years agoflimflam: adopt service properties on profile push
Sam Leffler [Fri, 2 Sep 2011 19:24:45 +0000 (12:24 -0700)]
flimflam: adopt service properties on profile push

When a service object is described in multiple profiles override
existing properties when a new profile is pushed.  This has simple
semantics when services are not active; for an active service this
will change properties that may have been used to establish a connection
without altering connectivity.

To effect the above, change profile loading of service properties to
always write a value to the object (previously this was an additive
process).  Overhaul the profile save work as well to correspond to load
for consistency and to simplify the (manual) work of checking save work
against restore.

Also changed service_load to not return prematurely if the hex ssid blob
is invalid; this helps with the above as otherwise a corrupted profile
entry might cause a mix of data from different profiles.

BUG=chromium-os:19611
TEST=manual:create profile different entries for a service in both global and user profiles; check output of list-services; sign in; check output of list-services; also monitor dbus to verify PropertyChanged signals are dispatched for Service.Profile when the profile is re-parented

Change-Id: I1cd21d39b689d9363d77d0e7f498030347c2da6a
Reviewed-on: http://gerrit.chromium.org/gerrit/7206
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Eric Shienbrood <ers@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: Remove "ddns-update-style ad_hoc" in generated dhcp config file.
Ben Chan [Thu, 8 Sep 2011 18:49:20 +0000 (11:49 -0700)]
flimflam: Remove "ddns-update-style ad_hoc" in generated dhcp config file.

This change resolves the network_ConnmanCromoCrash test failure since
newer versions of dhcpd no longer supports "ddns-update-style ad_hoc"
and the test does not use ddns.

BUG=chromium-os:20151
TEST=Ran network_ConnmanCromoCrash test.

Change-Id: Ie237f995c93718a6d62e36ea2916987defa2a0e8
Reviewed-on: http://gerrit.chromium.org/gerrit/7418
Reviewed-by: ttuttle <ttuttle@chromium.org>
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
3 years agoflimflam: improve documentation of the Name and WiFi.HexSSID properties
mukesh agrawal [Wed, 7 Sep 2011 17:41:21 +0000 (10:41 -0700)]
flimflam: improve documentation of the Name and WiFi.HexSSID properties
in the service API

BUG=None
TEST=None

Change-Id: I5ba5d7218111a8d2bd4c72054906ce79404db5c3
Reviewed-on: http://gerrit.chromium.org/gerrit/7334
Tested-by: mukesh agrawal <quiche@chromium.org>
Reviewed-by: Paul Stewart <pstew@chromium.org>
Reviewed-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: Moved mobile_provider API into its own library.
Eric Shienbrood [Tue, 6 Sep 2011 14:58:53 +0000 (10:58 -0400)]
flimflam: Moved mobile_provider API into its own library.

Moved the mobile_provider API out of flimflam and into the
mobile-broadband-provider-info repo, so that it can be shared by
flimflam and shill. The unit tests and the browsedb tool have been
moved as well. The serviceproviders.bfd file is now created by
the mobile-providers ebuild, and installed alongside serviceproviders.xml
in /usr/share/mobile-broadband-provider-info.

BUG=chromium-os:19783
TEST=Built and ran flimflam.

Change-Id: Ie7f42923905f89907995852eeeb91f5b7545cab9
Reviewed-on: http://gerrit.chromium.org/gerrit/7270
Reviewed-by: Jason Glasgow <jglasgow@chromium.org>
Tested-by: Eric Shienbrood <ers@chromium.org>
3 years agoflimflam: more carefully cleanse service state on profile pop
Sam Leffler [Fri, 2 Sep 2011 21:18:49 +0000 (14:18 -0700)]
flimflam: more carefully cleanse service state on profile pop

When a profile is pop'd associated services need their in-memory state
scrubbed so private data are not leaked to another user.  Ideally we would
release the service objects directly but this is difficult because of
the reference counting model currently used.  Instead carefully scrub the
service object while inhibiting profile updates so nothing is accidentally
written to the profile on the top of the stack.

BUG=chromium-os:20010
TEST=manual:login and join Google-A;sign out and verify nothing is written to the global profile and list-services shows no per-user properties are exported for the service

Change-Id: I256d18d047ead041b6bdcbb25ac636edac344ac1
Reviewed-on: http://gerrit.chromium.org/gerrit/7205
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>
3 years agoflimflam: misc cleanups of service refcount handling
Sam Leffler [Fri, 2 Sep 2011 20:58:36 +0000 (13:58 -0700)]
flimflam: misc cleanups of service refcount handling

Add (more) comments and debug msgs, simplify code, and refine api's--all
with the goal of improving the management of service reference counts.

The model inherited from connman bumps the service refcount for each
associated network object.  When multiple networks are associated with
a single service the service may hold a back-reference to the "active
network".  Networks created when a device is discovered are handled
similarly (refcount bump) but do not have a backpointer to the network.
Add comments explaining more of this.

While here change __connman_profile_add_device and
__connman_profile_add_network to return an errno instead of a service
ptr since no caller uses the pointer and returning an errno lets us
identify which of multiple failures occurred.

BUG=none (part of other work)
TEST=matfunc+secmat for regression

Change-Id: I49fc653357c365701d8ba193223fb93d6a5cab6f
Reviewed-on: http://gerrit.chromium.org/gerrit/7204
Reviewed-by: Sam Leffler <sleffler@chromium.org>
Tested-by: Sam Leffler <sleffler@chromium.org>