[PATCH 1/4] rtnlutil: Add IPv6 route deletion helper
by Tim Kourt
---
src/rtnlutil.c | 31 +++++++++++++++++++++++++++++--
src/rtnlutil.h | 7 +++++++
2 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/src/rtnlutil.c b/src/rtnlutil.c
index 4090d311..f90e9dcf 100644
--- a/src/rtnlutil.c
+++ b/src/rtnlutil.c
@@ -533,7 +533,8 @@ uint32_t rtnl_ifaddr_ipv6_delete(struct l_netlink *rtnl, int ifindex,
ip, cb, user_data, destroy);
}
-uint32_t rtnl_route_ipv6_add_gateway(struct l_netlink *rtnl, int ifindex,
+static uint32_t rtnl_route_ipv6_change(struct l_netlink *rtnl,
+ uint16_t nlmsg_type, int ifindex,
const char *gateway,
uint32_t priority_offset,
uint8_t proto,
@@ -581,7 +582,33 @@ uint32_t rtnl_route_ipv6_add_gateway(struct l_netlink *rtnl, int ifindex,
sizeof(struct in6_addr));
}
- return l_netlink_send(rtnl, RTM_NEWROUTE, flags, rtmmsg,
+ return l_netlink_send(rtnl, nlmsg_type, flags, rtmmsg,
rta_buf - (void *) rtmmsg, cb, user_data,
destroy);
}
+
+uint32_t rtnl_route_ipv6_add_gateway(struct l_netlink *rtnl, int ifindex,
+ const char *gateway,
+ uint32_t priority_offset,
+ uint8_t proto,
+ l_netlink_command_func_t cb,
+ void *user_data,
+ l_netlink_destroy_func_t destroy)
+{
+ return rtnl_route_ipv6_change(rtnl, RTM_NEWROUTE, ifindex, gateway,
+ priority_offset, proto, cb,
+ user_data, destroy);
+}
+
+uint32_t rtnl_route_ipv6_delete_gateway(struct l_netlink *rtnl, int ifindex,
+ const char *gateway,
+ uint32_t priority_offset,
+ uint8_t proto,
+ l_netlink_command_func_t cb,
+ void *user_data,
+ l_netlink_destroy_func_t destroy)
+{
+ return rtnl_route_ipv6_change(rtnl, RTM_DELROUTE, ifindex, gateway,
+ priority_offset, proto, cb,
+ user_data, destroy);
+}
diff --git a/src/rtnlutil.h b/src/rtnlutil.h
index 6689e16e..383d562f 100644
--- a/src/rtnlutil.h
+++ b/src/rtnlutil.h
@@ -90,3 +90,10 @@ uint32_t rtnl_route_ipv6_add_gateway(struct l_netlink *rtnl, int ifindex,
l_netlink_command_func_t cb,
void *user_data,
l_netlink_destroy_func_t destroy);
+uint32_t rtnl_route_ipv6_delete_gateway(struct l_netlink *rtnl, int ifindex,
+ const char *gateway,
+ uint32_t priority_offset,
+ uint8_t proto,
+ l_netlink_command_func_t cb,
+ void *user_data,
+ l_netlink_destroy_func_t destroy);
--
2.13.6
1 year, 7 months
[PATCH v4 1/5] netconfig: Subscribe for IPv6 address changes
by Tim Kourt
The IPv6 addresses changes are maintained in ifaddr_list.
---
src/netconfig.c | 92 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
diff --git a/src/netconfig.c b/src/netconfig.c
index 70481abf..1c8b88dc 100644
--- a/src/netconfig.c
+++ b/src/netconfig.c
@@ -224,6 +224,23 @@ static char **netconfig_ipv4_get_dns(struct netconfig *netconfig, uint8_t proto)
return NULL;
}
+static bool netconfig_ifaddr_match(const void *a, const void *b)
+{
+ const struct netconfig_ifaddr *entry = a;
+ const struct netconfig_ifaddr *query = b;
+
+ if (entry->family != query->family)
+ return false;
+
+ if (entry->prefix_len != query->prefix_len)
+ return false;
+
+ if (strcmp(entry->ip, query->ip))
+ return false;
+
+ return true;
+}
+
static struct netconfig_ifaddr *netconfig_ifaddr_find(
const struct netconfig *netconfig,
uint8_t family, uint8_t prefix_len,
@@ -335,6 +352,73 @@ static void netconfig_ifaddr_cmd_cb(int error, uint16_t type,
netconfig_ifaddr_notify(type, data, len, user_data);
}
+static void netconfig_ifaddr_ipv6_added(struct netconfig *netconfig,
+ const struct ifaddrmsg *ifa,
+ uint32_t len)
+{
+ struct netconfig_ifaddr *ifaddr;
+
+ ifaddr = l_new(struct netconfig_ifaddr, 1);
+ ifaddr->family = ifa->ifa_family;
+ ifaddr->prefix_len = ifa->ifa_prefixlen;
+
+ rtnl_ifaddr_ipv6_extract(ifa, len, &ifaddr->ip);
+
+ l_debug("ifindex %u: ifaddr %s/%u", netconfig->ifindex, ifaddr->ip,
+ ifaddr->prefix_len);
+
+ l_queue_push_tail(netconfig->ifaddr_list, ifaddr);
+}
+
+static void netconfig_ifaddr_ipv6_deleted(struct netconfig *netconfig,
+ const struct ifaddrmsg *ifa,
+ uint32_t len)
+{
+ struct netconfig_ifaddr *ifaddr;
+ struct netconfig_ifaddr query;
+
+ rtnl_ifaddr_ipv6_extract(ifa, len, &query.ip);
+
+ query.family = ifa->ifa_family;
+ query.prefix_len = ifa->ifa_prefixlen;
+
+ ifaddr = l_queue_remove_if(netconfig->ifaddr_list,
+ netconfig_ifaddr_match, &query);
+
+ l_free(query.ip);
+
+ if (!ifaddr)
+ return;
+
+ l_debug("ifaddr %s/%u", ifaddr->ip, ifaddr->prefix_len);
+
+ netconfig_ifaddr_destroy(ifaddr);
+}
+
+static void netconfig_ifaddr_ipv6_notify(uint16_t type, const void *data,
+ uint32_t len, void *user_data)
+{
+ const struct ifaddrmsg *ifa = data;
+ struct netconfig *netconfig;
+ uint32_t bytes;
+
+ netconfig = netconfig_find(ifa->ifa_index);
+ if (!netconfig)
+ /* Ignore the interfaces which aren't managed by iwd. */
+ return;
+
+ bytes = len - NLMSG_ALIGN(sizeof(struct ifaddrmsg));
+
+ switch (type) {
+ case RTM_NEWADDR:
+ netconfig_ifaddr_ipv6_added(netconfig, ifa, bytes);
+ break;
+ case RTM_DELADDR:
+ netconfig_ifaddr_ipv6_deleted(netconfig, ifa, bytes);
+ break;
+ }
+}
+
static void netconfig_route_cmd_cb(int error, uint16_t type,
const void *data, uint32_t len,
void *user_data)
@@ -740,6 +824,14 @@ static int netconfig_init(void)
goto error;
}
+ r = l_netlink_register(rtnl, RTNLGRP_IPV6_IFADDR,
+ netconfig_ifaddr_ipv6_notify, NULL, NULL);
+ if (!r) {
+ l_error("netconfig: Failed to register for RTNL link IPv6 "
+ "address notifications.");
+ goto error;
+ }
+
if (!l_settings_get_uint(iwd_get_config(), "General",
"route_priority_offset",
&ROUTE_PRIORITY_OFFSET))
--
2.13.6
1 year, 7 months
[PATCH v3 1/2] eap-tls-common: update to new ELL TLS APIs
by James Prestwood
---
src/eap-tls-common.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
-v3:
* Fixed the ca_cert cleanup, l_certchain_free was being used rather
than l_cert_free.
diff --git a/src/eap-tls-common.c b/src/eap-tls-common.c
index b069fcfd..b7a9b674 100644
--- a/src/eap-tls-common.c
+++ b/src/eap-tls-common.c
@@ -523,6 +523,9 @@ static int eap_tls_handle_fragmented_request(struct eap_state *eap,
static bool eap_tls_tunnel_init(struct eap_state *eap)
{
struct eap_tls_state *eap_tls = eap_get_data(eap);
+ struct l_certchain *client_cert;
+ struct l_key *client_key;
+ struct l_queue *ca_cert;
if (eap_tls->tunnel)
return false;
@@ -543,14 +546,19 @@ static bool eap_tls_tunnel_init(struct eap_state *eap)
l_tls_set_debug(eap_tls->tunnel, eap_tls_tunnel_debug, eap,
NULL);
- if (!l_tls_set_auth_data(eap_tls->tunnel, eap_tls->client_cert,
- eap_tls->client_key,
- eap_tls->passphrase) ||
- (eap_tls->ca_cert &&
- !l_tls_set_cacert(eap_tls->tunnel,
- eap_tls->ca_cert))) {
+ client_cert = l_pem_load_certificate_chain(eap_tls->client_cert);
+ client_key = l_pem_load_private_key(eap_tls->client_key,
+ eap_tls->passphrase, NULL);
+ ca_cert = l_pem_load_certificate_list(eap_tls->ca_cert);
+
+ if (!l_tls_set_auth_data(eap_tls->tunnel, client_cert, client_key) ||
+ (ca_cert &&
+ !l_tls_set_cacert(eap_tls->tunnel, ca_cert))) {
l_error("%s: Error loading TLS keys or certificates.",
eap_get_method_name(eap));
+ l_certchain_free(client_cert);
+ l_key_free(client_key);
+ l_queue_destroy(ca_cert, (l_queue_destroy_func_t)l_cert_free);
return false;
}
--
2.17.1
1 year, 7 months
[PATCH 1/2] netconfig: Don't re-install IPv4 address on re-configure
by Tim Kourt
---
src/netconfig.c | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/src/netconfig.c b/src/netconfig.c
index 4e294512..272a058f 100644
--- a/src/netconfig.c
+++ b/src/netconfig.c
@@ -645,17 +645,9 @@ bool netconfig_configure(struct netconfig *netconfig,
bool netconfig_reconfigure(struct netconfig *netconfig)
{
if (netconfig->rtm_protocol == RTPROT_DHCP) {
- /*
- *
- * TODO l_dhcp_client to try to request a
- * previously used address.
- *
- * return;
- */
+ /* TODO l_dhcp_client sending a DHCP inform request */
}
- netconfig_ipv4_select_and_install(netconfig);
-
/* TODO: IPv6 addressing */
return true;
--
2.13.6
1 year, 7 months
[PATCH 1/2] eap-tls-common: update to new ELL TLS APIs
by James Prestwood
---
src/eap-tls-common.c | 21 +++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/src/eap-tls-common.c b/src/eap-tls-common.c
index b069fcfd..d5b72963 100644
--- a/src/eap-tls-common.c
+++ b/src/eap-tls-common.c
@@ -523,6 +523,9 @@ static int eap_tls_handle_fragmented_request(struct eap_state *eap,
static bool eap_tls_tunnel_init(struct eap_state *eap)
{
struct eap_tls_state *eap_tls = eap_get_data(eap);
+ struct l_certchain *client_cert;
+ struct l_key *client_key;
+ struct l_queue *ca_cert;
if (eap_tls->tunnel)
return false;
@@ -543,14 +546,20 @@ static bool eap_tls_tunnel_init(struct eap_state *eap)
l_tls_set_debug(eap_tls->tunnel, eap_tls_tunnel_debug, eap,
NULL);
- if (!l_tls_set_auth_data(eap_tls->tunnel, eap_tls->client_cert,
- eap_tls->client_key,
- eap_tls->passphrase) ||
- (eap_tls->ca_cert &&
- !l_tls_set_cacert(eap_tls->tunnel,
- eap_tls->ca_cert))) {
+ client_cert = l_pem_load_certificate_chain(eap_tls->client_cert);
+ client_key = l_pem_load_private_key(eap_tls->client_key,
+ eap_tls->passphrase, NULL);
+ ca_cert = l_pem_load_certificate_list(eap_tls->ca_cert);
+
+ if (!l_tls_set_auth_data(eap_tls->tunnel, client_cert, client_key) ||
+ (ca_cert &&
+ !l_tls_set_cacert(eap_tls->tunnel, ca_cert))) {
l_error("%s: Error loading TLS keys or certificates.",
eap_get_method_name(eap));
+ l_certchain_free(client_cert);
+ l_key_free(client_key);
+ l_queue_destroy(ca_cert,
+ (l_queue_destroy_func_t)l_certchain_free);
return false;
}
--
2.17.1
1 year, 7 months
[PATCH v3 1/5] netconfig: Subscribe for IPv6 address changes
by Tim Kourt
The IPv6 addresses changes are maintained in ifaddr_list.
---
src/netconfig.c | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 98 insertions(+), 7 deletions(-)
diff --git a/src/netconfig.c b/src/netconfig.c
index 4e294512..c9b0b66e 100644
--- a/src/netconfig.c
+++ b/src/netconfig.c
@@ -224,6 +224,23 @@ static char **netconfig_ipv4_get_dns(struct netconfig *netconfig, uint8_t proto)
return NULL;
}
+static bool netconfig_ifaddr_match(const void *a, const void *b)
+{
+ const struct netconfig_ifaddr *entry = a;
+ const struct netconfig_ifaddr *query = b;
+
+ if (entry->family != query->family)
+ return false;
+
+ if (entry->prefix_len != query->prefix_len)
+ return false;
+
+ if (strcmp(entry->ip, query->ip))
+ return false;
+
+ return true;
+}
+
static struct netconfig_ifaddr *netconfig_ifaddr_find(
const struct netconfig *netconfig,
uint8_t family, uint8_t prefix_len,
@@ -276,22 +293,22 @@ static void netconfig_ifaddr_deleted(struct netconfig *netconfig,
uint32_t len)
{
struct netconfig_ifaddr *ifaddr;
- char *ip;
+ struct netconfig_ifaddr query;
- rtnl_ifaddr_extract(ifa, len, NULL, &ip, NULL);
+ rtnl_ifaddr_extract(ifa, len, NULL, &query.ip, NULL);
- ifaddr = netconfig_ifaddr_find(netconfig, ifa->ifa_family,
- ifa->ifa_prefixlen, ip);
+ query.family = ifa->ifa_family;
+ query.prefix_len = ifa->ifa_prefixlen;
- l_free(ip);
+ ifaddr = l_queue_remove_if(netconfig->ifaddr_list,
+ netconfig_ifaddr_match, &query);
+ l_free(query.ip);
if (!ifaddr)
return;
l_debug("ifaddr %s/%u", ifaddr->ip, ifaddr->prefix_len);
- l_queue_remove(netconfig->ifaddr_list, ifaddr);
-
netconfig_ifaddr_destroy(ifaddr);
}
@@ -335,6 +352,72 @@ static void netconfig_ifaddr_cmd_cb(int error, uint16_t type,
netconfig_ifaddr_notify(type, data, len, user_data);
}
+static void netconfig_ifaddr_ipv6_added(struct netconfig *netconfig,
+ const struct ifaddrmsg *ifa,
+ uint32_t len)
+{
+ struct netconfig_ifaddr *ifaddr;
+
+ ifaddr = l_new(struct netconfig_ifaddr, 1);
+ ifaddr->family = ifa->ifa_family;
+ ifaddr->prefix_len = ifa->ifa_prefixlen;
+
+ rtnl_ifaddr_ipv6_extract(ifa, len, &ifaddr->ip);
+
+ l_debug("ifindex %u: ifaddr %s/%u", netconfig->ifindex, ifaddr->ip,
+ ifaddr->prefix_len);
+
+ l_queue_push_tail(netconfig->ifaddr_list, ifaddr);
+}
+
+static void netconfig_ifaddr_ipv6_deleted(struct netconfig *netconfig,
+ const struct ifaddrmsg *ifa,
+ uint32_t len)
+{
+ struct netconfig_ifaddr *ifaddr;
+ char *ip;
+
+ rtnl_ifaddr_ipv6_extract(ifa, len, &ip);
+
+ ifaddr = netconfig_ifaddr_find(netconfig, ifa->ifa_family,
+ ifa->ifa_prefixlen, ip);
+
+ l_free(ip);
+
+ if (!ifaddr)
+ return;
+
+ l_debug("ifaddr %s/%u", ifaddr->ip, ifaddr->prefix_len);
+
+ l_queue_remove(netconfig->ifaddr_list, ifaddr);
+
+ netconfig_ifaddr_destroy(ifaddr);
+}
+
+static void netconfig_ifaddr_ipv6_notify(uint16_t type, const void *data,
+ uint32_t len, void *user_data)
+{
+ const struct ifaddrmsg *ifa = data;
+ struct netconfig *netconfig;
+ uint32_t bytes;
+
+ netconfig = netconfig_find(ifa->ifa_index);
+ if (!netconfig)
+ /* Ignore the interfaces which aren't managed by iwd. */
+ return;
+
+ bytes = len - NLMSG_ALIGN(sizeof(struct ifaddrmsg));
+
+ switch (type) {
+ case RTM_NEWADDR:
+ netconfig_ifaddr_ipv6_added(netconfig, ifa, bytes);
+ break;
+ case RTM_DELADDR:
+ netconfig_ifaddr_ipv6_deleted(netconfig, ifa, bytes);
+ break;
+ }
+}
+
static void netconfig_route_cmd_cb(int error, uint16_t type,
const void *data, uint32_t len,
void *user_data)
@@ -757,6 +840,14 @@ static int netconfig_init(void)
goto error;
}
+ r = l_netlink_register(rtnl, RTNLGRP_IPV6_IFADDR,
+ netconfig_ifaddr_ipv6_notify, NULL, NULL);
+ if (!r) {
+ l_error("netconfig: Failed to register for RTNL link IPv6 "
+ "address notifications.");
+ goto error;
+ }
+
if (!l_settings_get_uint(iwd_get_config(), "General",
"route_priority_offset",
&ROUTE_PRIORITY_OFFSET))
--
2.13.6
1 year, 7 months