On Wed, 2013-06-12 at 15:26 +0100, David Woodhouse wrote:
> We already request WPAD information from the DHCP server (bug 368423)
> but we don't do anything useful with it at all.
Well, except provide it to dispatcher clients. This was sort of waiting
on more coherent proxy support including connection-specific user
overrides; see TODO.
> The same information can also come from a VPN server, but we don't even
> *collect* that.
>
> This patch fixes the latter, and exposes the information in a coherent
> fashion. There's no need at this point to overcomplicate matters by
> pretending to support complicated manual proxy setups (as discussed in
> TODO); this is just for what we can glean automatically, which is *only*
> PAC files.
>
> Tested with a local DHCP server that tells me where the proxy is, and
> with a slightly modified nm-openconnect-service-openconnect-helper[sic].
>
> This is based largely on the existing handling of NIS domainname.
Which isn't a great example, unfortunately.
> I see that it's considered acceptable to (ab)use nm-dns-manager to
> configure the NIS domain. I'll look at making it prod the PacRunner
Only grudgingly.
> dæmon with proxy information too, but this part stands alone.
I think instead of stuffing into the IPv4 config we should probably have
per-interface proxy config instead, like we have ip4_config and
ip6_config. Anyone else have comments on that?
There are any number of proxy options, and I don't think they really are
IPv4 or IPv6 specific, are they? I mean, whether you get a PAC file
from DHCPv4 or DHCPv6 or VPNv4 or VPNv6 doesn't really make a
difference, it's just a URL. And I have no idea how a client would make
a decision on which PAC URL to use if they had more than one?
Dan
> diff --git a/include/NetworkManagerVPN.h b/include/NetworkManagerVPN.h
> index 6e654b3..9b6e5f7 100644
> --- a/include/NetworkManagerVPN.h
> +++ b/include/NetworkManagerVPN.h
> @@ -176,6 +176,9 @@ typedef enum {
> /* boolean: prevent this VPN connection from ever getting the default route
> */
> #define NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT "never-default"
>
> +/* string: Location of PAC file for HTTP proxy */
> +#define NM_VPN_PLUGIN_IP4_CONFIG_PROXY_PAC "proxy-pac"
> +
> /* Deprecated */
> #define NM_VPN_PLUGIN_IP4_CONFIG_GATEWAY
> NM_VPN_PLUGIN_IP4_CONFIG_EXT_GATEWAY
>
> diff --git a/src/dhcp-manager/nm-dhcp-client.c
> b/src/dhcp-manager/nm-dhcp-client.c
> index f4e94a6..ebe9a69 100644
> --- a/src/dhcp-manager/nm-dhcp-client.c
> +++ b/src/dhcp-manager/nm-dhcp-client.c
> @@ -1292,6 +1292,12 @@ ip4_options_to_config (NMDHCPClient *self)
> nm_ip4_config_set_nis_domain (ip4_config, str);
> }
>
> + str = g_hash_table_lookup (priv->options, "new_wpad");
> + if (str) {
> + nm_log_info (LOGD_DHCP4, " Proxy PAC '%s'", str);
> + nm_ip4_config_set_proxy_pac (ip4_config, str);
> + }
> +
> str = g_hash_table_lookup (priv->options, "new_nis_servers");
> if (str) {
> char **searches = g_strsplit (str, " ", 0);
> diff --git a/src/nm-ip4-config.c b/src/nm-ip4-config.c
> index 0722981..8f86996 100644
> --- a/src/nm-ip4-config.c
> +++ b/src/nm-ip4-config.c
> @@ -59,6 +59,8 @@ typedef struct {
> GArray *nis;
> char * nis_domain;
>
> + char * proxy_pac;
> +
> GSList *routes;
>
> gboolean never_default;
> @@ -569,6 +571,26 @@ nm_ip4_config_get_nis_domain (NMIP4Config *config)
> return NM_IP4_CONFIG_GET_PRIVATE (config)->nis_domain;
> }
>
> +void
> +nm_ip4_config_set_proxy_pac (NMIP4Config *config, const char *uri)
> +{
> + NMIP4ConfigPrivate *priv;
> +
> + g_return_if_fail (NM_IS_IP4_CONFIG (config));
> +
> + priv = NM_IP4_CONFIG_GET_PRIVATE (config);
> + g_free (priv->proxy_pac);
> + priv->proxy_pac = g_strdup (uri);
> +}
> +
> +const char *
> +nm_ip4_config_get_proxy_pac (NMIP4Config *config)
> +{
> + g_return_val_if_fail (NM_IS_IP4_CONFIG (config), 0);
> +
> + return NM_IP4_CONFIG_GET_PRIVATE (config)->proxy_pac;
> +}
> +
> /* libnl convenience/conversion functions */
>
> static int ip4_addr_to_rtnl_local (guint32 ip4_address, struct rtnl_addr
> *addr)
> @@ -790,6 +812,10 @@ nm_ip4_config_diff (NMIP4Config *a, NMIP4Config *b)
> && (g_strcmp0 (a_priv->nis_domain, b_priv->nis_domain) != 0))
> flags |= NM_IP4_COMPARE_FLAG_NIS_DOMAIN;
>
> + if ( (a_priv->proxy_pac || b_priv->proxy_pac)
> + && (g_strcmp0 (a_priv->proxy_pac, b_priv->proxy_pac) != 0))
> + flags |= NM_IP4_COMPARE_FLAG_PROXY_PAC;
> +
> if ( !route_slist_compare (a_priv->routes, b_priv->routes)
> || !route_slist_compare (b_priv->routes, a_priv->routes))
> flags |= NM_IP4_COMPARE_FLAG_ROUTES;
> @@ -856,6 +882,10 @@ nm_ip4_config_hash (NMIP4Config *config, GChecksum *sum,
> gboolean dns_only)
> s = nm_ip4_config_get_nis_domain (config);
> if (s)
> g_checksum_update (sum, (const guint8 *) s, strlen (s));
> +
> + s = nm_ip4_config_get_proxy_pac (config);
> + if (s)
> + g_checksum_update (sum, (const guint8 *) s, strlen (s));
> }
>
> for (i = 0; i < nm_ip4_config_get_num_nameservers (config); i++)
> @@ -900,6 +930,7 @@ finalize (GObject *object)
> g_ptr_array_free (priv->searches, TRUE);
> g_array_free (priv->nis, TRUE);
> g_free (priv->nis_domain);
> + g_free (priv->proxy_pac);
>
> G_OBJECT_CLASS (nm_ip4_config_parent_class)->finalize (object);
> }
> diff --git a/src/nm-ip4-config.h b/src/nm-ip4-config.h
> index 5433768..c66aece 100644
> --- a/src/nm-ip4-config.h
> +++ b/src/nm-ip4-config.h
> @@ -107,6 +107,9 @@ void nm_ip4_config_reset_nis_servers
> (NMIP4Config *config);
> void nm_ip4_config_set_nis_domain (NMIP4Config *config, const
> char *domain);
> const char * nm_ip4_config_get_nis_domain (NMIP4Config *config);
>
> +void nm_ip4_config_set_proxy_pac (NMIP4Config *config, const
> char *uri);
> +const char * nm_ip4_config_get_proxy_pac (NMIP4Config *config);
> +
>
> /* Flags for nm_ip4_config_to_rtnl_addr() */
> #define NM_RTNL_ADDR_NONE 0x0000
> @@ -133,6 +136,7 @@ typedef enum {
> NM_IP4_COMPARE_FLAG_WINS_SERVERS= 0x00000100,
> NM_IP4_COMPARE_FLAG_NIS_SERVERS = 0x00000200,
> NM_IP4_COMPARE_FLAG_NIS_DOMAIN = 0x00000400,
> + NM_IP4_COMPARE_FLAG_PROXY_PAC = 0x00000800,
> NM_IP4_COMPARE_FLAG_ALL = 0xFFFFFFFF /* match everything */
> } NMIP4ConfigCompareFlags;
>
> diff --git a/src/vpn-manager/nm-vpn-connection.c
> b/src/vpn-manager/nm-vpn-connection.c
> index f2e31a8..bb9c710 100644
> --- a/src/vpn-manager/nm-vpn-connection.c
> +++ b/src/vpn-manager/nm-vpn-connection.c
> @@ -493,6 +493,7 @@ print_vpn_config (NMVPNConnection *connection)
> NMIP4Address *addr;
> NMIP6Address *addr6;
> char *dns_domain = NULL;
> + const char *proxy_pac = NULL;
> guint32 num, i;
>
> if (priv->ip4_external_gw) {
> @@ -542,6 +543,10 @@ print_vpn_config (NMVPNConnection *connection)
> dns_domain = (char *) nm_ip4_config_get_domain
> (priv->ip4_config, 0);
>
> nm_log_info (LOGD_VPN, " DNS Domain: '%s'", dns_domain ?
> dns_domain : "(none)");
> +
> + proxy_pac = nm_ip4_config_get_proxy_pac (priv->ip4_config);
> + if (proxy_pac)
> + nm_log_info (LOGD_VPN, " Proxy PAC: '%s'", proxy_pac);
> } else
> nm_log_info (LOGD_VPN, "No IPv4 configuration");
>
> @@ -898,6 +903,10 @@ nm_vpn_connection_ip4_config_get (DBusGProxy *proxy,
> if (val && G_VALUE_HOLDS_BOOLEAN (val))
> nm_ip4_config_set_never_default (config, g_value_get_boolean
> (val));
>
> + val = (GValue *) g_hash_table_lookup (config_hash,
> NM_VPN_PLUGIN_IP4_CONFIG_PROXY_PAC);
> + if (val)
> + nm_ip4_config_set_proxy_pac (config, g_value_get_string (val));
> +
> /* Merge in user overrides from the NMConnection's IPv4 setting */
> s_ip4 = nm_connection_get_setting_ip4_config (priv->connection);
> nm_utils_merge_ip4_config (config, s_ip4);
>
>
>
> _______________________________________________
> networkmanager-list mailing list
> [email protected]
> https://mail.gnome.org/mailman/listinfo/networkmanager-list
_______________________________________________
networkmanager-list mailing list
[email protected]
https://mail.gnome.org/mailman/listinfo/networkmanager-list
