Send connman mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.01.org/mailman/listinfo/connman
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of connman digest..."
Today's Topics:
1. [PATCH] vpn: Add an optional configuration option to the VPN
plugin for choosing the device type. (Hendrik Donner)
2. Re: [PATCHv2] log: don't require backtrace() (Yann E. MORIN)
----------------------------------------------------------------------
Message: 1
Date: Sun, 10 Jan 2016 15:50:04 +0100
From: Hendrik Donner <[email protected]>
To: [email protected]
Subject: [PATCH] vpn: Add an optional configuration option to the VPN
plugin for choosing the device type.
Message-ID: <[email protected]>
This allows to use virtual tap devices and removes the hardcoded default to
virtual tun devices.
Signed-off-by: Hendrik Donner <[email protected]>
---
Only tested with OpenVPN. I have no idea if one of the other VPN plugins
would benefit from tap device support.
doc/connman-vpn-provider.config.5.in | 6 +++++-
doc/vpn-config-format.txt | 2 ++
vpn/plugins/openvpn.c | 2 +-
vpn/plugins/vpn.c | 18 ++++++++++++------
4 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/doc/connman-vpn-provider.config.5.in
b/doc/connman-vpn-provider.config.5.in
index 5393260..c50fc46 100644
--- a/doc/connman-vpn-provider.config.5.in
+++ b/doc/connman-vpn-provider.config.5.in
@@ -48,12 +48,16 @@ VPN server IP address.
.BI Domain= domain
Domain name for the VPN service.
.TP
-The following field is optional:
+The following fields are optional:
.TP
.BI Networks= network / netmask / gateway [,...]
Networks behind the VPN. If all traffic should go through the VPN, this
field can be left out. The gateway can be left out. For IPv6 addresses,
only the prefix length is accepted as the netmask.
+.TP
+.BI DeviceType= tun \fR|\fB tap
+Whether the VPN should use a tun (OSI layer 3) or tap (OSI layer 2) device.
+Defaults to tun if omitted.
.SS OpenConnect
The following keys can be used for \fBopenconnect\fP(8) networks:
.TP
diff --git a/doc/vpn-config-format.txt b/doc/vpn-config-format.txt
index 1f5bac8..e33acfc 100644
--- a/doc/vpn-config-format.txt
+++ b/doc/vpn-config-format.txt
@@ -44,6 +44,8 @@ VPN related parameters (M = mandatory, O = optional):
is network/netmask/gateway. The gateway can be left out. (O)
Example: 192.168.100.0/24/10.1.0.1,192.168.200.0/255.255.255.0/10.1.0.2
For IPv6 addresses only prefix length is accepted like this 2001:db8::1/64
+- DeviceType: Whether the VPN should use a tun (OSI layer 3) or tap
+ (OSI layer 2) device. Value is "tun" (default) or "tap" (O)
OpenConnect VPN supports following options (see openconnect(8) for details):
Option name OpenConnect option Description
diff --git a/vpn/plugins/openvpn.c b/vpn/plugins/openvpn.c
index 9ee5795..c920dc3 100644
--- a/vpn/plugins/openvpn.c
+++ b/vpn/plugins/openvpn.c
@@ -71,6 +71,7 @@ struct {
{ "OpenVPN.CompLZO", "--comp-lzo", 0 },
{ "OpenVPN.RemoteCertTls", "--remote-cert-tls", 1 },
{ "OpenVPN.ConfigFile", "--config", 1 },
+ { "DeviceType", "--dev-type", 1 },
};
struct nameserver_entry {
@@ -362,7 +363,6 @@ static int ov_connect(struct vpn_provider *provider,
connman_task_get_path(task));
connman_task_add_argument(task, "--dev", if_name);
- connman_task_add_argument(task, "--dev-type", "tun");
connman_task_add_argument(task, "--persist-tun", NULL);
diff --git a/vpn/plugins/vpn.c b/vpn/plugins/vpn.c
index 1b5af6e..a031c42 100644
--- a/vpn/plugins/vpn.c
+++ b/vpn/plugins/vpn.c
@@ -56,6 +56,7 @@ struct vpn_data {
unsigned int watch;
enum vpn_state state;
struct connman_task *task;
+ int tun_flags;
};
struct vpn_driver_data {
@@ -89,7 +90,7 @@ static int stop_vpn(struct vpn_provider *provider)
return 0;
memset(&ifr, 0, sizeof(ifr));
- ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
+ ifr.ifr_flags = data->tun_flags | IFF_NO_PI;
sprintf(ifr.ifr_name, "%s", data->if_name);
fd = open("/dev/net/tun", O_RDWR | O_CLOEXEC);
@@ -335,7 +336,7 @@ static DBusMessage *vpn_notify(struct connman_task *task,
return NULL;
}
-static int vpn_create_tun(struct vpn_provider *provider)
+static int vpn_create_tun(struct vpn_provider *provider, int flags)
{
struct vpn_data *data = vpn_provider_get_data(provider);
struct ifreq ifr;
@@ -355,7 +356,7 @@ static int vpn_create_tun(struct vpn_provider *provider)
}
memset(&ifr, 0, sizeof(ifr));
- ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
+ ifr.ifr_flags = flags | IFF_NO_PI;
for (i = 0; i < 256; i++) {
sprintf(ifr.ifr_name, "vpn%d", i);
@@ -371,6 +372,7 @@ static int vpn_create_tun(struct vpn_provider *provider)
goto exist_err;
}
+ data->tun_flags = flags;
data->if_name = (char *)g_strdup(ifr.ifr_name);
if (!data->if_name) {
connman_error("Failed to allocate memory");
@@ -411,8 +413,8 @@ static int vpn_connect(struct vpn_provider *provider,
{
struct vpn_data *data = vpn_provider_get_data(provider);
struct vpn_driver_data *vpn_driver_data;
- const char *name;
- int ret = 0;
+ const char *name, *tun;
+ int ret = 0, tun_flags = IFF_TUN;
enum vpn_state state = VPN_STATE_UNKNOWN;
if (data)
@@ -460,7 +462,11 @@ static int vpn_connect(struct vpn_provider *provider,
}
if (vpn_driver_data->vpn_driver->flags != VPN_FLAG_NO_TUN) {
- ret = vpn_create_tun(provider);
+ tun = vpn_provider_get_string(provider, "DeviceType");
+ if (g_str_equal(tun, "tap")) {
+ tun_flags = IFF_TAP;
+ }
+ ret = vpn_create_tun(provider, tun_flags);
if (ret < 0)
goto exist_err;
}
--
2.7.0
------------------------------
Message: 2
Date: Sun, 10 Jan 2016 16:11:53 +0100
From: "Yann E. MORIN" <[email protected]>
To: [email protected]
Subject: Re: [PATCHv2] log: don't require backtrace()
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Patrik, All,
Ping? ;-)
Regards,
Yann E. MORIN.
On 2016-01-01 15:20 +0100, Yann E. MORIN spake thusly:
> Not all toolchains have execinfo.h and backtrace(). For example,
> support for it is optional in uClibc, while it is entirely missing
> from musl.
>
> In glibc, execinfo.h only declares backtrace() and no other function,
> so we can rely on its presence/abscence to determine if we can use
> backtrace().
>
> We fix that by:
> - adding a ./configure check for execinfo.h;
> - moving backtrace to its own file;
> - compiling backtrace.c only when execinfo.h was found.
>
> Signed-off-by: "Yann E. MORIN" <[email protected]>
> Cc: Patrik Flykt <[email protected]>
>
> ---
> Changes v1 -> v2:
> - move backtrace to its own file and only compile it if execinfo.h was
> found (Patrik)
>
> Notes: this makes connman build under uClibc without execinfo.h and
> backtrace(), but more work is needed to make it build with musl. I may
> be able to work on this in the coming days/week, but I can't make any
> hard promise... :-/
>
> ---
> Makefile.am | 21 +++++---
> configure.ac | 3 ++
> include/backtrace.h | 32 ++++++++++++
> src/backtrace.c | 138
> ++++++++++++++++++++++++++++++++++++++++++++++++++++
> src/connman.h | 2 +
> src/log.c | 105 +--------------------------------------
> 6 files changed, 189 insertions(+), 112 deletions(-)
> create mode 100644 include/backtrace.h
> create mode 100644 src/backtrace.c
>
> diff --git a/Makefile.am b/Makefile.am
> index fb7c74e..d70725c 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -19,7 +19,8 @@ noinst_HEADERS = include/rtnl.h include/task.h \
> include/dbus.h include/option.h \
> include/provider.h include/vpn-dbus.h \
> include/utsname.h include/timeserver.h include/proxy.h \
> - include/technology.h include/setting.h
> + include/technology.h include/setting.h \
> + include/backtrace.h
>
> local_headers = $(foreach file,$(include_HEADERS) $(nodist_include_HEADERS) \
> $(noinst_HEADERS), include/connman/$(notdir $(file)))
> @@ -42,6 +43,10 @@ else
> gweb_sources += gweb/giognutls.h gweb/gionotls.c
> endif
>
> +if BACKTRACE
> +backtrace_sources = src/backtrace.c
> +endif
> +
> shared_sources = src/shared/util.h src/shared/util.c \
> src/shared/netlink.h src/shared/netlink.c
>
> @@ -101,7 +106,7 @@ MANUAL_PAGES =
>
> sbin_PROGRAMS = src/connmand src/connmand-wait-online
>
> -src_connmand_SOURCES = $(gdhcp_sources) $(gweb_sources) \
> +src_connmand_SOURCES = $(gdhcp_sources) $(gweb_sources) $(backtrace_sources)
> \
> $(builtin_sources) $(shared_sources) src/connman.ver \
> src/main.c src/connman.h src/log.c \
> src/error.c src/plugin.c src/task.c \
> @@ -144,7 +149,7 @@ builtin_vpn_cflags =
>
> sbin_PROGRAMS += vpn/connman-vpnd
>
> -vpn_connman_vpnd_SOURCES = $(builtin_vpn_sources) \
> +vpn_connman_vpnd_SOURCES = $(builtin_vpn_sources) $(backtrace_sources) \
> $(gweb_sources) vpn/vpn.ver vpn/main.c vpn/vpn.h \
> src/log.c src/error.c src/plugin.c src/task.c \
> vpn/vpn-manager.c vpn/vpn-provider.c \
> @@ -273,8 +278,8 @@ endif
>
> noinst_PROGRAMS += unit/test-ippool
>
> -unit_test_ippool_SOURCES = src/log.c src/dbus.c src/error.c \
> - src/ippool.c unit/test-ippool.c
> +unit_test_ippool_SOURCES = $(backtrace_sources) src/log.c src/dbus.c \
> + src/error.c src/ippool.c
> unit/test-ippool.c
> unit_test_ippool_LDADD = gdbus/libgdbus-internal.la \
> @GLIB_LIBS@ @DBUS_LIBS@ -ldl
>
> @@ -325,12 +330,12 @@ tools_dbus_test_LDADD = gdbus/libgdbus-internal.la
> @GLIB_LIBS@ @DBUS_LIBS@
>
> tools_polkit_test_LDADD = @DBUS_LIBS@
>
> -tools_iptables_test_SOURCES = src/log.c src/iptables.c tools/iptables-test.c
> +tools_iptables_test_SOURCES = $(backtrace_sources) src/log.c src/iptables.c
> tools/iptables-test.c
> tools_iptables_test_LDADD = @GLIB_LIBS@ @XTABLES_LIBS@ -ldl
>
> tools_private_network_test_LDADD = @GLIB_LIBS@ @DBUS_LIBS@
>
> -tools_session_test_SOURCES = src/log.c src/dbus.c src/error.c \
> +tools_session_test_SOURCES = $(backtrace_sources) src/log.c src/dbus.c
> src/error.c \
> tools/session-test.c tools/session-utils.c tools/manager-api.c \
> tools/session-api.c tools/session-test.h
> tools_session_test_LDADD = gdbus/libgdbus-internal.la \
> @@ -338,7 +343,7 @@ tools_session_test_LDADD = gdbus/libgdbus-internal.la \
>
> tools_iptables_unit_CFLAGS = @DBUS_CFLAGS@ @GLIB_CFLAGS@ @XTABLES_CFLAGS@ \
> -DIPTABLES_SAVE=\""${IPTABLES_SAVE}"\"
> -tools_iptables_unit_SOURCES = src/log.c \
> +tools_iptables_unit_SOURCES = $(backtrace_sources) src/log.c \
> src/iptables.c src/firewall.c src/nat.c tools/iptables-unit.c
> tools_iptables_unit_LDADD = gdbus/libgdbus-internal.la \
> @GLIB_LIBS@ @DBUS_LIBS@ @XTABLES_LIBS@ -ldl
> diff --git a/configure.ac b/configure.ac
> index 2cf2e14..9a5a70e 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -182,6 +182,9 @@ AC_CHECK_LIB(resolv, ns_initparse, dummy=yes, [
> AC_MSG_ERROR(resolver library support is required))
> ])
>
> +AC_CHECK_HEADERS([execinfo.h])
> +AM_CONDITIONAL([BACKTRACE], [test "${ac_cv_header_execinfo_h}" = "yes"])
> +
> AC_CHECK_FUNC(signalfd, dummy=yes,
> AC_MSG_ERROR(signalfd support is required))
>
> diff --git a/include/backtrace.h b/include/backtrace.h
> new file mode 100644
> index 0000000..12a202d
> --- /dev/null
> +++ b/include/backtrace.h
> @@ -0,0 +1,32 @@
> +/*
> + *
> + * Connection Manager
> + *
> + * Copyright (C) 2016 Yann E. MORIN <[email protected]>. All rights
> reserved.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2 as
> + * published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
> USA
> + *
> + */
> +
> +#ifndef __CONNMAN_BACKTRACE_H
> +#define __CONNMAN_BACKTRACE_H
> +
> +#ifdef HAVE_EXECINFO_H
> +void print_backtrace(const char* program_path, const char* program_exec,
> + unsigned int offset);
> +#else
> +#define print_backtrace(P,E,O)
> +#endif
> +
> +#endif /* __CONNMAN_BACKTRACE_H */
> diff --git a/src/backtrace.c b/src/backtrace.c
> new file mode 100644
> index 0000000..6a66c0a
> --- /dev/null
> +++ b/src/backtrace.c
> @@ -0,0 +1,138 @@
> +/*
> + *
> + * Connection Manager
> + *
> + * Copyright (C) 2007-2013 Intel Corporation. All rights reserved.
> + * Copyright (C) 2016 Yann E. MORIN <[email protected]>. All rights
> reserved.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2 as
> + * published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
> USA
> + *
> + */
> +
> +#ifdef HAVE_CONFIG_H
> +#include <config.h>
> +#endif
> +
> +#define _GNU_SOURCE
> +#include <stdio.h>
> +#include <unistd.h>
> +#include <stdlib.h>
> +#include <string.h>
> +#include <execinfo.h>
> +#include <dlfcn.h>
> +
> +#include "connman.h"
> +
> +void print_backtrace(const char* program_path, const char* program_exec,
> + unsigned int offset)
> +{
> + void *frames[99];
> + size_t n_ptrs;
> + unsigned int i;
> + int outfd[2], infd[2];
> + int pathlen;
> + pid_t pid;
> +
> + if (!program_exec)
> + return;
> +
> + pathlen = strlen(program_path);
> +
> + n_ptrs = backtrace(frames, G_N_ELEMENTS(frames));
> + if (n_ptrs < offset)
> + return;
> +
> + if (pipe(outfd) < 0)
> + return;
> +
> + if (pipe(infd) < 0) {
> + close(outfd[0]);
> + close(outfd[1]);
> + return;
> + }
> +
> + pid = fork();
> + if (pid < 0) {
> + close(outfd[0]);
> + close(outfd[1]);
> + close(infd[0]);
> + close(infd[1]);
> + return;
> + }
> +
> + if (pid == 0) {
> + close(outfd[1]);
> + close(infd[0]);
> +
> + dup2(outfd[0], STDIN_FILENO);
> + dup2(infd[1], STDOUT_FILENO);
> +
> + execlp("addr2line", "-C", "-f", "-e", program_exec, NULL);
> +
> + exit(EXIT_FAILURE);
> + }
> +
> + close(outfd[0]);
> + close(infd[1]);
> +
> + connman_error("++++++++ backtrace ++++++++");
> +
> + for (i = offset; i < n_ptrs - 1; i++) {
> + Dl_info info;
> + char addr[20], buf[PATH_MAX * 2];
> + int len, written;
> + char *ptr, *pos;
> +
> + dladdr(frames[i], &info);
> +
> + len = snprintf(addr, sizeof(addr), "%p\n", frames[i]);
> + if (len < 0)
> + break;
> +
> + written = write(outfd[1], addr, len);
> + if (written < 0)
> + break;
> +
> + len = read(infd[0], buf, sizeof(buf) - 1);
> + if (len < 0)
> + break;
> +
> + buf[len] = '\0';
> +
> + pos = strchr(buf, '\n');
> + *pos++ = '\0';
> +
> + if (strcmp(buf, "??") == 0) {
> + connman_error("#%-2u %p in %s", i - offset,
> + frames[i], info.dli_fname);
> + continue;
> + }
> +
> + ptr = strchr(pos, '\n');
> + *ptr++ = '\0';
> +
> + if (strncmp(pos, program_path, pathlen) == 0)
> + pos += pathlen + 1;
> +
> + connman_error("#%-2u %p in %s() at %s", i - offset,
> + frames[i], buf, pos);
> + }
> +
> + connman_error("+++++++++++++++++++++++++++");
> +
> + kill(pid, SIGTERM);
> +
> + close(outfd[1]);
> + close(infd[0]);
> +}
> diff --git a/src/connman.h b/src/connman.h
> index 35eb3f5..3049f08 100644
> --- a/src/connman.h
> +++ b/src/connman.h
> @@ -135,6 +135,8 @@ void __connman_log_cleanup(gboolean backtrace);
> void __connman_log_enable(struct connman_debug_desc *start,
> struct connman_debug_desc *stop);
>
> +#include <connman/backtrace.h>
> +
> #include <connman/option.h>
>
> #include <connman/setting.h>
> diff --git a/src/log.c b/src/log.c
> index a693bd0..9bae4a3 100644
> --- a/src/log.c
> +++ b/src/log.c
> @@ -30,7 +30,6 @@
> #include <stdlib.h>
> #include <string.h>
> #include <syslog.h>
> -#include <execinfo.h>
> #include <dlfcn.h>
>
> #include "connman.h"
> @@ -110,113 +109,11 @@ void connman_debug(const char *format, ...)
> va_end(ap);
> }
>
> -static void print_backtrace(unsigned int offset)
> -{
> - void *frames[99];
> - size_t n_ptrs;
> - unsigned int i;
> - int outfd[2], infd[2];
> - int pathlen;
> - pid_t pid;
> -
> - if (!program_exec)
> - return;
> -
> - pathlen = strlen(program_path);
> -
> - n_ptrs = backtrace(frames, G_N_ELEMENTS(frames));
> - if (n_ptrs < offset)
> - return;
> -
> - if (pipe(outfd) < 0)
> - return;
> -
> - if (pipe(infd) < 0) {
> - close(outfd[0]);
> - close(outfd[1]);
> - return;
> - }
> -
> - pid = fork();
> - if (pid < 0) {
> - close(outfd[0]);
> - close(outfd[1]);
> - close(infd[0]);
> - close(infd[1]);
> - return;
> - }
> -
> - if (pid == 0) {
> - close(outfd[1]);
> - close(infd[0]);
> -
> - dup2(outfd[0], STDIN_FILENO);
> - dup2(infd[1], STDOUT_FILENO);
> -
> - execlp("addr2line", "-C", "-f", "-e", program_exec, NULL);
> -
> - exit(EXIT_FAILURE);
> - }
> -
> - close(outfd[0]);
> - close(infd[1]);
> -
> - connman_error("++++++++ backtrace ++++++++");
> -
> - for (i = offset; i < n_ptrs - 1; i++) {
> - Dl_info info;
> - char addr[20], buf[PATH_MAX * 2];
> - int len, written;
> - char *ptr, *pos;
> -
> - dladdr(frames[i], &info);
> -
> - len = snprintf(addr, sizeof(addr), "%p\n", frames[i]);
> - if (len < 0)
> - break;
> -
> - written = write(outfd[1], addr, len);
> - if (written < 0)
> - break;
> -
> - len = read(infd[0], buf, sizeof(buf) - 1);
> - if (len < 0)
> - break;
> -
> - buf[len] = '\0';
> -
> - pos = strchr(buf, '\n');
> - *pos++ = '\0';
> -
> - if (strcmp(buf, "??") == 0) {
> - connman_error("#%-2u %p in %s", i - offset,
> - frames[i], info.dli_fname);
> - continue;
> - }
> -
> - ptr = strchr(pos, '\n');
> - *ptr++ = '\0';
> -
> - if (strncmp(pos, program_path, pathlen) == 0)
> - pos += pathlen + 1;
> -
> - connman_error("#%-2u %p in %s() at %s", i - offset,
> - frames[i], buf, pos);
> - }
> -
> - connman_error("+++++++++++++++++++++++++++");
> -
> - kill(pid, SIGTERM);
> -
> - close(outfd[1]);
> - close(infd[0]);
> -}
> -
> static void signal_handler(int signo)
> {
> connman_error("Aborting (signal %d) [%s]", signo, program_exec);
>
> - print_backtrace(2);
> + print_backtrace(program_path, program_exec, 2);
>
> exit(EXIT_FAILURE);
> }
> --
> 1.9.1
>
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
------------------------------
Subject: Digest Footer
_______________________________________________
connman mailing list
[email protected]
https://lists.01.org/mailman/listinfo/connman
------------------------------
End of connman Digest, Vol 3, Issue 5
*************************************
