Send connman mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.01.org/mailman/listinfo/connman
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of connman digest..."
Today's Topics:
1. [PATCH 1/3] docs: update manager-api.txt to include
BrowserOnly Key (Atul Anand)
2. [PATCH 2/3] src/proxy.c: modify the proxy_lookup ()
supporting non-browser schemes (Atul Anand)
3. [PATCH 3/3] unit: Add tests for BrowserOnly Key (Atul Anand)
4. proxy configuration (Thomas Green)
----------------------------------------------------------------------
Message: 1
Date: Tue, 16 Aug 2016 20:19:23 +0530
From: Atul Anand <[email protected]>
To: [email protected]
Subject: [PATCH 1/3] docs: update manager-api.txt to include
BrowserOnly Key
Message-ID: <[email protected]>
It has been documented that we are adding a new dict key BrowserOnly
on PACrunner DBus interface.
---
doc/manager-api.txt | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/doc/manager-api.txt b/doc/manager-api.txt
index 9e6209d..0e0b7aa 100644
--- a/doc/manager-api.txt
+++ b/doc/manager-api.txt
@@ -60,6 +60,12 @@ Methods object CreateProxyConfiguration(dict
settings)
Interface name like "wlan0" etc. to provide
consistent results for myIpAddress function.
+ boolean BrowserOnly [optional]
+
+ If this value is set, proxy configuration will
+ be used for only browser schemes. If no Key is
+ received PACrunner assumes FALSE by default.
+
array{string} Domains [optional]
Domain names and IP range for which this proxy
--
2.5.5
------------------------------
Message: 2
Date: Tue, 16 Aug 2016 20:19:24 +0530
From: Atul Anand <[email protected]>
To: [email protected]
Subject: [PATCH 2/3] src/proxy.c: modify the proxy_lookup ()
supporting non-browser schemes
Message-ID: <[email protected]>
Content-Type: text/plain; charset=UTF-8
As discussed, the proxy lookup for browser and non browser schemes should
be handled in an order as follows:
A request for a "browser" protocol would match the following configs
order of preference (if they exist):
? Matching "Domains", BrowserOnly==TRUE
? Matching "Domains", BrowserOnly==FALSE
? Domains==NULL, BrowserOnly==TRUE
? Domains==NULL, BrowserOnly==FALSE
A request for a non-browser protocol would match the following:
? Matching "Domains", BrowserOnly==FALSE
? Domains==NULL, BrowserOnly==FALSE (except if a config exists with
Matching "Domains", BrowserOnly==TRUE, in which case we need to
return NULL).
---
src/manager.c | 11 ++++--
src/pacrunner.h | 2 +-
src/proxy.c | 107 ++++++++++++++++++++++++++++++++++++++++++++------------
3 files changed, 94 insertions(+), 26 deletions(-)
diff --git a/src/manager.c b/src/manager.c
index 5a8b4fd..fa8a7b4 100644
--- a/src/manager.c
+++ b/src/manager.c
@@ -142,6 +142,7 @@ static DBusMessage *create_proxy_config(DBusConnection
*conn,
const char *url = NULL, *script = NULL;
char **servers = NULL, **excludes = NULL;
char **domains = NULL, **nameservers = NULL;
+ gboolean browser_only = FALSE;
sender = dbus_message_get_sender(msg);
@@ -199,13 +200,18 @@ static DBusMessage *create_proxy_config(DBusConnection
*conn,
nameservers = extract_string_array(&list);
}
break;
+ case DBUS_TYPE_BOOLEAN:
+ if (g_str_equal(key, "BrowserOnly"))
+ dbus_message_iter_get_basic(&value,
+ &browser_only);
+ break;
}
dbus_message_iter_next(&array);
}
DBG("sender %s method %s interface %s", sender, method, interface);
- DBG("url %s script %p", url, script);
+ DBG("browser-only %u url %s script %p", browser_only, url, script);
if (!method) {
reply = g_dbus_create_error(msg,
@@ -226,7 +232,8 @@ static DBusMessage *create_proxy_config(DBusConnection
*conn,
nameservers = NULL;
- if (pacrunner_proxy_set_domains(config->proxy, domains) < 0)
+ if (pacrunner_proxy_set_domains(config->proxy, domains,
+ browser_only) < 0)
pacrunner_error("Failed to set proxy domains");
if (g_str_equal(method, "direct")) {
diff --git a/src/pacrunner.h b/src/pacrunner.h
index 87c51da..e31d7ef 100644
--- a/src/pacrunner.h
+++ b/src/pacrunner.h
@@ -64,7 +64,7 @@ const char *pacrunner_proxy_get_interface(struct
pacrunner_proxy *proxy);
const char *pacrunner_proxy_get_script(struct pacrunner_proxy *proxy);
int pacrunner_proxy_set_domains(struct pacrunner_proxy *proxy,
- char **domains);
+ char **domains, gboolean browser_only);
int pacrunner_proxy_set_direct(struct pacrunner_proxy *proxy);
int pacrunner_proxy_set_manual(struct pacrunner_proxy *proxy,
char **servers, char **excludes);
diff --git a/src/proxy.c b/src/proxy.c
index db49c58..a8693c9 100644
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -40,6 +40,7 @@ struct pacrunner_proxy {
char *script;
GList **servers;
GList **excludes;
+ gboolean browser_only;
GList *domains;
void *jsctx;
};
@@ -159,13 +160,37 @@ const char *pacrunner_proxy_get_script(struct
pacrunner_proxy *proxy)
return proxy->script;
}
-int pacrunner_proxy_set_domains(struct pacrunner_proxy *proxy, char **domains)
+static gboolean check_browser_protocol(const char *url)
+{
+ static const char *browser_schemes[] = {
+ "http://";,
+ "https://";,
+ "ftp://";,
+ "nntp://";,
+ "nntps://",
+ };
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS(browser_schemes); i++) {
+ if (strncmp(browser_schemes[i], url,
+ strlen(browser_schemes[i])) == 0)
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+int pacrunner_proxy_set_domains(struct pacrunner_proxy *proxy, char **domains,
+ gboolean browser_only)
{
int len;
char *slash, **domain;
char ip[INET6_ADDRSTRLEN + 1];
- DBG("proxy %p domains %p", proxy, domains);
+ DBG("proxy %p domains %p browser-only %u", proxy,
+ domains, browser_only);
+
+ proxy->browser_only = browser_only;
if (!proxy)
return -EINVAL;
@@ -479,10 +504,17 @@ static int compare_host_in_domain(const char *host,
struct proxy_domain *match)
char *pacrunner_proxy_lookup(const char *url, const char *host)
{
GList *l, *list;
+ int protocol = 0;
struct in_addr ip4_addr;
struct in6_addr ip6_addr;
- struct pacrunner_proxy *selected_proxy = NULL, *default_proxy = NULL;
- int protocol = 0;
+ gboolean request_is_browser;
+ struct pacrunner_proxy *proxy = NULL;
+
+ /* Four classes of 'match' */
+ struct pacrunner_proxy *alldomains_browseronly = NULL;
+ struct pacrunner_proxy *alldomains_allprotos = NULL;
+ struct pacrunner_proxy *domainmatch_browseronly = NULL;
+ struct pacrunner_proxy *domainmatch_allprotos = NULL;
DBG("url %s host %s", url, host);
@@ -512,12 +544,16 @@ char *pacrunner_proxy_lookup(const char *url, const char
*host)
}
}
+ request_is_browser = check_browser_protocol(url);
+
for (list = g_list_first(proxy_list); list; list = g_list_next(list)) {
- struct pacrunner_proxy *proxy = list->data;
+ proxy = list->data;
if (!proxy->domains) {
- if (!default_proxy)
- default_proxy = proxy;
+ if (proxy->browser_only && !alldomains_browseronly)
+ alldomains_browseronly = proxy;
+ else if (!proxy->browser_only && !alldomains_allprotos)
+ alldomains_allprotos = proxy;
continue;
}
@@ -531,54 +567,79 @@ char *pacrunner_proxy_lookup(const char *url, const char
*host)
case 4:
if (compare_legacy_ip_in_net(&ip4_addr,
data) == 0) {
- selected_proxy = proxy;
DBG("match proxy %p Legacy IP range %s",
proxy, data->domain);
- goto found;
+ goto matches;
}
break;
case 6:
if (compare_ipv6_in_net(&ip6_addr,
data) == 0) {
- selected_proxy = proxy;
DBG("match proxy %p IPv6 range %s",
proxy, data->domain);
- goto found;
+ goto matches;
}
break;
default:
if (compare_host_in_domain(host, data) == 0) {
- selected_proxy = proxy;
DBG("match proxy %p DNS domain %s",
proxy, data->domain);
- goto found;
+ goto matches;
}
break;
}
}
+ /* No match */
+ continue;
+
+ matches:
+ if (proxy->browser_only == request_is_browser) {
+ goto found;
+ } else if (proxy->browser_only) {
+ /* A non-browser request will return DIRECT instead of
+ * falling back to alldomains_* if this exists.
+ */
+ if (!domainmatch_browseronly)
+ domainmatch_browseronly = proxy;
+ } else {
+ /* We might fall back to this, for a browser request */
+ if (!domainmatch_allprotos)
+ domainmatch_allprotos = proxy;
+ }
}
- if (!selected_proxy) {
- DBG("default proxy %p", default_proxy);
- selected_proxy = default_proxy;
+ if (request_is_browser) {
+ /* We'll have bailed out immediately if we found a domain match
+ * with proxy->browser_only==TRUE. Fallbacks in order of prefe-
+ * rence.
+ */
+ proxy = domainmatch_allprotos;
+ if (!proxy)
+ proxy = alldomains_browseronly;
+ if (!proxy)
+ proxy = alldomains_allprotos;
+ } else {
+ if (!domainmatch_browseronly)
+ proxy = alldomains_allprotos;
+ else
+ proxy = NULL;
}
-found:
+ found:
pthread_mutex_unlock(&proxy_mutex);
- if (!selected_proxy)
+ if (!proxy)
return NULL;
- switch (selected_proxy->method) {
+ switch (proxy->method) {
case PACRUNNER_PROXY_METHOD_UNKNOWN:
case PACRUNNER_PROXY_METHOD_DIRECT:
break;
case PACRUNNER_PROXY_METHOD_MANUAL:
- return __pacrunner_manual_execute(url, host,
- selected_proxy->servers,
- selected_proxy->excludes);
+ return __pacrunner_manual_execute(url, host, proxy->servers,
+ proxy->excludes);
case PACRUNNER_PROXY_METHOD_AUTO:
- return __pacrunner_js_execute(selected_proxy, url, host);
+ return __pacrunner_js_execute(proxy, url, host);
}
return NULL;
--
2.5.5
------------------------------
Message: 3
Date: Tue, 16 Aug 2016 20:19:25 +0530
From: Atul Anand <[email protected]>
To: [email protected]
Subject: [PATCH 3/3] unit: Add tests for BrowserOnly Key
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
test-pacrunner and suites have been fixed to test BrowserOnly key
and it's function.
---
unit/suite/manual_basic.test | 13 +++++++++++
unit/suite/manual_exclude.test | 11 +++++++++
unit/suite/pac_basic.test | 5 +++++
unit/suite/pac_direct.test | 5 +++++
unit/suite/proxy_domain.test | 13 +++++++++--
unit/suite/stub.test | 3 +++
unit/test-pacrunner.c | 51 +++++++++++++++++++++++++++---------------
7 files changed, 81 insertions(+), 20 deletions(-)
diff --git a/unit/suite/manual_basic.test b/unit/suite/manual_basic.test
index 4406d9c..ed0d7f8 100644
--- a/unit/suite/manual_basic.test
+++ b/unit/suite/manual_basic.test
@@ -10,6 +10,9 @@ socks4://sockproxy.internal.com
[excludes]
+[browseronly]
+FALSE
+
[domains]
[config]
@@ -24,3 +27,13 @@ https://bar.net/?property=true bar.net
PROXY secproxy.internal.com; PROXY proxy.internal.com; SOCKS4
sockproxy.internal.com
socks4://sockaccess.external.net:8888/sock_script sockaccess.external.net
SOCKS4 sockproxy.internal.com; PROXY proxy.internal.com; PROXY
secproxy.internal.com
+smtp://mail.client.com/drafts mail.client.com
+PROXY proxy.internal.com; PROXY secproxy.internal.com; SOCKS4
sockproxy.internal.com
+http://foo.intel.com foo.intel.com
+PROXY proxy2.com; PROXY secproxy2.com
+smtp://mail.intel.com mail.intel.com
+DIRECT
+ftp://bar.redhat.com bar.redhat.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
+imap://mail.redhat.com mail.redhat.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
diff --git a/unit/suite/manual_exclude.test b/unit/suite/manual_exclude.test
index 211ae16..4281614 100644
--- a/unit/suite/manual_exclude.test
+++ b/unit/suite/manual_exclude.test
@@ -15,6 +15,9 @@ ftp://
*net
tri*
+[browseronly]
+TRUE
+
[domains]
[config]
@@ -33,3 +36,11 @@ trivial.co.uk:2984 trivial.co.uk
DIRECT
http://failed.com:99999/ failed.com
DIRECT
+http://foo.intel.com foo.intel.com
+PROXY proxy2.com; PROXY secproxy2.com
+smtp://foo.intel.com foo.intel.com
+DIRECT
+imap://foo.redhat.com foo.redhat.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
+smtp://no.match.com no.match.com
+DIRECT
diff --git a/unit/suite/pac_basic.test b/unit/suite/pac_basic.test
index c63757e..7975371 100644
--- a/unit/suite/pac_basic.test
+++ b/unit/suite/pac_basic.test
@@ -17,6 +17,9 @@ function FindProxyForURL(url, host)
[excludes]
+[browseronly]
+TRUE
+
[domains]
[config]
@@ -25,3 +28,5 @@ VALID
[tests]
http://www.example.com/site/test.html www.example.com
PROXY proxy.example.com
+smtp://foo.com foo.com
+DIRECT
diff --git a/unit/suite/pac_direct.test b/unit/suite/pac_direct.test
index b820abc..a19519d 100644
--- a/unit/suite/pac_direct.test
+++ b/unit/suite/pac_direct.test
@@ -11,6 +11,9 @@ function FindProxyForURL(url, host)
[excludes]
+[browseronly]
+FALSE
+
[domains]
[config]
@@ -21,3 +24,5 @@ http://truc.com truc.com
DIRECT
ftp://test.boujou.org test.boujou.org
DIRECT
+smtp://foo.com foo.com
+DIRECT
diff --git a/unit/suite/proxy_domain.test b/unit/suite/proxy_domain.test
index 8c2c5e4..607f0af 100644
--- a/unit/suite/proxy_domain.test
+++ b/unit/suite/proxy_domain.test
@@ -8,6 +8,9 @@ http://proxy.suite.com
[excludes]
+[browseronly]
+TRUE
+
[domains]
suite.com
test.suite.com
@@ -32,6 +35,12 @@ PROXY secproxy2.com; PROXY proxy2.com
http://192.168.4.4/index.html 192.168.4.4
PROXY proxy2.com; PROXY secproxy2.com
socks4://baz.domain3.com/xyz baz.domain3.com
-SOCKS4 sockproxy3.com; PROXY proxy3.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
http://[fe80:96db:12ce::43ef]/ip6.mp4 [fe80:96db:12ce::43ef]
-PROXY proxy3.com; SOCKS4 sockproxy3.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
+imap://mail.google.com/id=inbox mail.google.com
+DIRECT
+imap://foo.redhat.com foo.redhat.com
+SOCKS4 server.one.com; SOCKS5 server.two.com
+smtp://bar.intel.com bar.intel.com
+DIRECT
diff --git a/unit/suite/stub.test b/unit/suite/stub.test
index cde0aeb..2b1238f 100644
--- a/unit/suite/stub.test
+++ b/unit/suite/stub.test
@@ -11,6 +11,9 @@ Stub suite file
[excludes]
#?If so, optional exlusion rules can be written here
+[browseronly]
+# Specifies if this configuration is for browser only schemes.
+
[domains]
# List of domains are here
diff --git a/unit/test-pacrunner.c b/unit/test-pacrunner.c
index 0c4ac69..812789c 100644
--- a/unit/test-pacrunner.c
+++ b/unit/test-pacrunner.c
@@ -38,14 +38,15 @@
#include "pacrunner.h"
enum test_suite_part {
- SUITE_TITLE = 0,
- SUITE_PAC = 1,
- SUITE_SERVERS = 2,
- SUITE_EXCLUDES = 3,
- SUITE_DOMAINS = 4,
- SUITE_CONFIG = 5,
- SUITE_TESTS = 6,
- SUITE_NOTHING = 7,
+ SUITE_TITLE = 0,
+ SUITE_PAC = 1,
+ SUITE_SERVERS = 2,
+ SUITE_EXCLUDES = 3,
+ SUITE_BROWSER_ONLY = 4,
+ SUITE_DOMAINS = 5,
+ SUITE_CONFIG = 6,
+ SUITE_TESTS = 7,
+ SUITE_NOTHING = 8,
};
enum cu_test_mode {
@@ -59,6 +60,7 @@ struct pacrunner_test_suite {
gchar *pac;
gchar **servers;
gchar **excludes;
+ gboolean browser_only;
gchar **domains;
bool config_result;
@@ -145,6 +147,9 @@ static void print_test_suite(struct pacrunner_test_suite
*suite)
} else
printf("(none)\n");
+ printf("\nBrowser Only: %s\n",
+ suite->browser_only ? "TRUE" : "FALSE");
+
printf("\nDomains:\n");
if (suite->domains) {
for (line = suite->domains; *line; line++)
@@ -250,6 +255,13 @@ static struct pacrunner_test_suite *read_test_suite(const
char *path)
suite->excludes = array;
break;
+ case SUITE_BROWSER_ONLY:
+ if (strncmp(*line, "TRUE", 4) == 0)
+ suite->browser_only = TRUE;
+ else
+ suite->browser_only = FALSE;
+
+ break;
case SUITE_DOMAINS:
array = _g_strappendv(suite->domains, *line);
if (!array)
@@ -291,6 +303,8 @@ static struct pacrunner_test_suite *read_test_suite(const
char *path)
part = SUITE_SERVERS;
else if (strncmp(*line, "[excludes]", 10) == 0)
part = SUITE_EXCLUDES;
+ else if (strncmp(*line, "[browseronly]", 13) == 0)
+ part = SUITE_BROWSER_ONLY;
else if (strncmp(*line, "[domains]", 9) == 0)
part = SUITE_DOMAINS;
else if (strncmp(*line, "[config]", 8) == 0)
@@ -363,7 +377,8 @@ static void test_proxy_domain(void)
{
int val = 0;
- if (pacrunner_proxy_set_domains(proxy, test_suite->domains) != 0)
+ if (pacrunner_proxy_set_domains(proxy, test_suite->domains,
+ test_suite->browser_only) != 0)
val = -1;
proxy2 = pacrunner_proxy_create("eth1");
@@ -381,15 +396,16 @@ static void test_proxy_domain(void)
if (pacrunner_proxy_set_manual(proxy2, servers, NULL) != 0)
val = -1;
- if (pacrunner_proxy_set_domains(proxy2, domains) != 0)
+ /* BrowserOnly = TRUE */
+ if (pacrunner_proxy_set_domains(proxy2, domains, TRUE) != 0)
val = -1;
}
proxy3 = pacrunner_proxy_create("wl0");
if (proxy3) {
char *servers[] = {
- "http://proxy3.com";,
- "socks4://sockproxy3.com",
+ "socks4://server.one.com",
+ "socks5://server.two.com",
NULL};
char *domains[] = {
"redhat.com",
@@ -400,7 +416,8 @@ static void test_proxy_domain(void)
if (pacrunner_proxy_set_manual(proxy3, servers, NULL) != 0)
val = -1;
- if (pacrunner_proxy_set_domains(proxy3, domains) != 0)
+ /* BrowserOnly = FALSE */
+ if (pacrunner_proxy_set_domains(proxy3, domains, FALSE) != 0)
val = -1;
}
@@ -499,9 +516,7 @@ static void run_test_suite(const char *test_file_path, enum
cu_test_mode mode)
CU_add_test(cu_suite, "Manual config test",
test_manual_config);
- if (test_suite->domains)
- CU_add_test(cu_suite, "Proxy domain test",
- test_proxy_domain);
+ CU_add_test(cu_suite, "Proxy Domain test", test_proxy_domain);
if (test_suite->config_result && test_suite->tests)
CU_add_test(cu_suite, "Proxy requests test",
@@ -509,10 +524,10 @@ static void run_test_suite(const char *test_file_path,
enum cu_test_mode mode)
test_config = false;
- if (test_suite->domains) {
+ if (proxy2)
pacrunner_proxy_unref(proxy2);
+ if (proxy3)
pacrunner_proxy_unref(proxy3);
- }
switch (mode) {
case CU_MODE_BASIC:
--
2.5.5
------------------------------
Message: 4
Date: Tue, 16 Aug 2016 14:58:31 +0000
From: Thomas Green <[email protected]>
To: "[email protected]" <[email protected]>
Subject: proxy configuration
Message-ID:
<c2bc44d770753c45aaac42695fb5be02012557d...@slc-exmb01.corp.srelay.com>
Content-Type: text/plain; charset="us-ascii"
I need to understand how conman is finding and using proxies. We have seen in
wireshark captures that the system is sending out a "wpad.*" DNS query. This is
used to find proxies on the network. We don't want connman to find and setup
proxies automatically.
This is what I get when I dump the configuration for my current wired service:
/net/connman/service/ethernet_0008720790f4_cable
Type = ethernet
Security = [ ]
State = online
Favorite = True
Immutable = False
AutoConnect = True
Name = Wired
Ethernet = [ Method=auto, Interface=eth0, Address=00:08:72:07:90:F4, MTU=1500
]
IPv4 = [ Method=dhcp, Address=10.20.136.11, Netmask=255.255.255.0,
Gateway=10.20.136.1 ]
IPv4.Configuration = [ Method=dhcp ]
IPv6 = [ ]
IPv6.Configuration = [ Method=auto, Privacy=disabled ]
Nameservers = [ 10.20.35.16, 192.168.250.16, 192.168.253.16 ]
Nameservers.Configuration = [ ]
Timeservers = [ 10.20.136.1 ]
Timeservers.Configuration = [ ]
Domains = [ xxxxxx.COM ]
Domains.Configuration = [ ]
Proxy = [ Method=direct ]
Proxy.Configuration = [ ]
Provider = [ ]
Notice the highlighted line indicates the proxy method is direct. I am not
sure what this means and the documentation is not very helpful.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.01.org/pipermail/connman/attachments/20160816/34d5d0c6/attachment.html>
------------------------------
Subject: Digest Footer
_______________________________________________
connman mailing list
[email protected]
https://lists.01.org/mailman/listinfo/connman
------------------------------
End of connman Digest, Vol 10, Issue 14
***************************************
