Tree - source-git/NetworkManager

source-git / NetworkManager

Blame src/core/nm-firewall-manager.c

Blob History Raw

Packit Service	5ffa24	`/* SPDX-License-Identifier: GPL-2.0-or-later */`
Packit Service	5ffa24	`/*`
Packit Service	5ffa24	`* Copyright (C) 2011 - 2015 Red Hat, Inc.`
Packit Service	5ffa24	`*/`
Packit Service	5ffa24
Packit Service	2bceb2	`#include "src/core/nm-default-daemon.h"`
Packit Service	5ffa24
Packit Service	5ffa24	`#include "nm-firewall-manager.h"`
Packit Service	5ffa24
Packit Service	dff8e4	`#include "libnm-glib-aux/nm-dbus-aux.h"`
Packit Service	5ffa24	`#include "c-list/src/c-list.h"`
Packit Service	5ffa24
Packit Service	5ffa24	`#include "NetworkManagerUtils.h"`
Packit Service	5ffa24	`#include "nm-dbus-manager.h"`
Packit Service	5ffa24
Packit Service	5ffa24	`#define FIREWALL_DBUS_SERVICE "org.fedoraproject.FirewallD1"`
Packit Service	5ffa24	`#define FIREWALL_DBUS_PATH "/org/fedoraproject/FirewallD1"`
Packit Service	5ffa24	`#define FIREWALL_DBUS_INTERFACE_ZONE "org.fedoraproject.FirewallD1.zone"`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`enum { STATE_CHANGED, LAST_SIGNAL };`
Packit Service	5ffa24
Packit Service	5ffa24	`static guint signals[LAST_SIGNAL] = {0};`
Packit Service	5ffa24
Packit Service	5ffa24	`typedef struct {`
Packit Service	5ffa24	`GDBusConnection *dbus_connection;`
Packit Service	5ffa24
Packit Service	5ffa24	`GCancellable *get_name_owner_cancellable;`
Packit Service	5ffa24
Packit Service	5ffa24	`CList pending_calls;`
Packit Service	5ffa24
Packit Service	5ffa24	`guint name_owner_changed_id;`
Packit Service	5ffa24
Packit Service	5ffa24	`bool dbus_inited : 1;`
Packit Service	5ffa24	`bool running : 1;`
Packit Service	5ffa24	`} NMFirewallManagerPrivate;`
Packit Service	5ffa24
Packit Service	5ffa24	`struct _NMFirewallManager {`
Packit Service	5ffa24	`GObject parent;`
Packit Service	5ffa24	`NMFirewallManagerPrivate _priv;`
Packit Service	5ffa24	`};`
Packit Service	5ffa24
Packit Service	5ffa24	`struct _NMFirewallManagerClass {`
Packit Service	5ffa24	`GObjectClass parent;`
Packit Service	5ffa24	`};`
Packit Service	5ffa24
Packit Service	5ffa24	`G_DEFINE_TYPE(NMFirewallManager, nm_firewall_manager, G_TYPE_OBJECT)`
Packit Service	5ffa24
Packit Service	5ffa24	`#define NM_FIREWALL_MANAGER_GET_PRIVATE(self) \`
Packit Service	5ffa24	`_NM_GET_PRIVATE(self, NMFirewallManager, NM_IS_FIREWALL_MANAGER)`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`NM_DEFINE_SINGLETON_GETTER(NMFirewallManager, nm_firewall_manager_get, NM_TYPE_FIREWALL_MANAGER);`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`typedef enum {`
Packit Service	5ffa24	`OPS_TYPE_ADD = 1,`
Packit Service	5ffa24	`OPS_TYPE_CHANGE,`
Packit Service	5ffa24	`OPS_TYPE_REMOVE,`
Packit Service	5ffa24	`} OpsType;`
Packit Service	5ffa24
Packit Service	5ffa24	`struct _NMFirewallManagerCallId {`
Packit Service	5ffa24	`CList lst;`
Packit Service	5ffa24
Packit Service	5ffa24	`NMFirewallManager *self;`
Packit Service	5ffa24
Packit Service	5ffa24	`char *iface;`
Packit Service	5ffa24
Packit Service	5ffa24	`NMFirewallManagerAddRemoveCallback callback;`
Packit Service	5ffa24	`gpointer user_data;`
Packit Service	5ffa24
Packit Service	5ffa24	`union {`
Packit Service	5ffa24	`struct {`
Packit Service	5ffa24	`GCancellable *cancellable;`
Packit Service	5ffa24	`GVariant * arg;`
Packit Service	5ffa24	`} dbus;`
Packit Service	5ffa24	`struct {`
Packit Service	5ffa24	`guint id;`
Packit Service	5ffa24	`} idle;`
Packit Service	5ffa24	`};`
Packit Service	5ffa24
Packit Service	5ffa24	`OpsType ops_type;`
Packit Service	5ffa24
Packit Service	5ffa24	`bool is_idle : 1;`
Packit Service	5ffa24	`};`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`static const char *`
Packit Service	5ffa24	`_ops_type_to_string(OpsType ops_type)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`switch (ops_type) {`
Packit Service	5ffa24	`case OPS_TYPE_ADD:`
Packit Service	5ffa24	`return "add";`
Packit Service	5ffa24	`case OPS_TYPE_REMOVE:`
Packit Service	5ffa24	`return "remove";`
Packit Service	5ffa24	`case OPS_TYPE_CHANGE:`
Packit Service	5ffa24	`return "change";`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`nm_assert_not_reached();`
Packit Service	5ffa24	`return NULL;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`#define _NMLOG_DOMAIN LOGD_FIREWALL`
Packit Service	5ffa24	`#define _NMLOG_PREFIX_NAME "firewall"`
Packit Service	5ffa24	`#define _NMLOG(level, call_id, ...) \`
Packit Service	5ffa24	`G_STMT_START \`
Packit Service	5ffa24	`{ \`
Packit Service	5ffa24	`if (nm_logging_enabled((level), (_NMLOG_DOMAIN))) { \`
Packit Service	5ffa24	`NMFirewallManagerCallId *_call_id = (call_id); \`
Packit Service	5ffa24	`char _prefix_name[30]; \`
Packit Service	5ffa24	`char _prefix_info[100]; \`
Packit Service	5ffa24	`\`
Packit Service	5ffa24	`_nm_log((level), \`
Packit Service	5ffa24	`(_NMLOG_DOMAIN), \`
Packit Service	5ffa24	`0, \`
Packit Service	5ffa24	`NULL, \`
Packit Service	5ffa24	`NULL, \`
Packit Service	5ffa24	`"%s: %s" _NM_UTILS_MACRO_FIRST(__VA_ARGS__), \`
Packit Service	5ffa24	`(self) != singleton_instance ? ({ \`
Packit Service	5ffa24	`g_snprintf(_prefix_name, \`
Packit Service	5ffa24	`sizeof(_prefix_name), \`
Packit Service	5ffa24	`"%s[" NM_HASH_OBFUSCATE_PTR_FMT "]", \`
Packit Service	5ffa24	`""_NMLOG_PREFIX_NAME, \`
Packit Service	5ffa24	`NM_HASH_OBFUSCATE_PTR(self)); \`
Packit Service	5ffa24	`_prefix_name; \`
Packit Service	5ffa24	`}) \`
Packit Service	5ffa24	`: _NMLOG_PREFIX_NAME, \`
Packit Service	5ffa24	`_call_id ? ({ \`
Packit Service	5ffa24	`g_snprintf(_prefix_info, \`
Packit Service	5ffa24	`sizeof(_prefix_info), \`
Packit Service	5ffa24	`"[" NM_HASH_OBFUSCATE_PTR_FMT ",%s%s:%s%s%s]: ", \`
Packit Service	5ffa24	`NM_HASH_OBFUSCATE_PTR(_call_id), \`
Packit Service	5ffa24	`_ops_type_to_string(_call_id->ops_type), \`
Packit Service	5ffa24	`_call_id->is_idle ? "*" : "", \`
Packit Service	5ffa24	`NM_PRINT_FMT_QUOTE_STRING(_call_id->iface)); \`
Packit Service	5ffa24	`_prefix_info; \`
Packit Service	5ffa24	`}) \`
Packit Service	5ffa24	`: "" _NM_UTILS_MACRO_REST(__VA_ARGS__)); \`
Packit Service	5ffa24	`} \`
Packit Service	5ffa24	`} \`
Packit Service	5ffa24	`G_STMT_END`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`static gboolean`
Packit Service	5ffa24	`_get_running(NMFirewallManagerPrivate *priv)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`/* when starting, we need to asynchronously check whether there is`
Packit Service	5ffa24	`* a name owner. During that time we optimistically assume that the`
Packit Service	5ffa24	`* service is indeed running. That is the time when we queue the`
Packit Service	5ffa24	`* requests, and they will be started once the get-name-owner call`
Packit Service	5ffa24	`* returns. */`
Packit Service	5ffa24	`return priv->running \|\| (priv->dbus_connection && !priv->dbus_inited);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`gboolean`
Packit Service	5ffa24	`nm_firewall_manager_get_running(NMFirewallManager *self)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`g_return_val_if_fail(NM_IS_FIREWALL_MANAGER(self), FALSE);`
Packit Service	5ffa24
Packit Service	5ffa24	`return _get_running(NM_FIREWALL_MANAGER_GET_PRIVATE(self));`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`static NMFirewallManagerCallId *`
Packit Service	5ffa24	`_cb_info_create(NMFirewallManager * self,`
Packit Service	5ffa24	`OpsType ops_type,`
Packit Service	5ffa24	`const char * iface,`
Packit Service	5ffa24	`const char * zone,`
Packit Service	5ffa24	`NMFirewallManagerAddRemoveCallback callback,`
Packit Service	5ffa24	`gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24	`NMFirewallManagerCallId * call_id;`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id = g_slice_new0(NMFirewallManagerCallId);`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id->self = g_object_ref(self);`
Packit Service	5ffa24	`call_id->ops_type = ops_type;`
Packit Service	5ffa24	`call_id->iface = g_strdup(iface);`
Packit Service	5ffa24	`call_id->callback = callback;`
Packit Service	5ffa24	`call_id->user_data = user_data;`
Packit Service	5ffa24
Packit Service	5ffa24	`if (_get_running(priv)) {`
Packit Service	5ffa24	`call_id->is_idle = FALSE;`
Packit Service	5ffa24	`call_id->dbus.arg = g_variant_new("(ss)", zone ?: "", iface);`
Packit Service	5ffa24	`} else`
Packit Service	5ffa24	`call_id->is_idle = TRUE;`
Packit Service	5ffa24
Packit Service	5ffa24	`c_list_link_tail(&priv->pending_calls, &call_id->lst);`
Packit Service	5ffa24
Packit Service	5ffa24	`return call_id;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`_cb_info_complete(NMFirewallManagerCallId call_id, GError error)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`c_list_unlink(&call_id->lst);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (call_id->callback)`
Packit Service	5ffa24	`call_id->callback(call_id->self, call_id, error, call_id->user_data);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (call_id->is_idle)`
Packit Service	5ffa24	`nm_clear_g_source(&call_id->idle.id);`
Packit Service	5ffa24	`else {`
Packit Service	5ffa24	`nm_g_variant_unref(call_id->dbus.arg);`
Packit Service	5ffa24	`nm_clear_g_cancellable(&call_id->dbus.cancellable);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`g_free(call_id->iface);`
Packit Service	5ffa24	`g_object_unref(call_id->self);`
Packit Service	5ffa24	`nm_g_slice_free(call_id);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static gboolean`
Packit Service	5ffa24	`_handle_idle_cb(gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager * self;`
Packit Service	5ffa24	`NMFirewallManagerCallId *call_id = user_data;`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(call_id);`
Packit Service	5ffa24	`nm_assert(NM_IS_FIREWALL_MANAGER(call_id->self));`
Packit Service	5ffa24	`nm_assert(call_id->is_idle);`
Packit Service	5ffa24	`nm_assert(c_list_contains(&NM_FIREWALL_MANAGER_GET_PRIVATE(call_id->self)->pending_calls,`
Packit Service	5ffa24	`&call_id->lst));`
Packit Service	5ffa24
Packit Service	5ffa24	`self = call_id->self;`
Packit Service	5ffa24
Packit Service	5ffa24	`_LOGD(call_id, "complete: fake success");`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id->idle.id = 0;`
Packit Service	5ffa24
Packit Service	5ffa24	`_cb_info_complete(call_id, NULL);`
Packit Service	5ffa24	`return G_SOURCE_REMOVE;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static gboolean`
Packit Service	5ffa24	`_handle_idle_start(NMFirewallManager self, NMFirewallManagerCallId call_id)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`if (!call_id->callback) {`
Packit Service	5ffa24	`/* if the user did not provide a callback and firewalld is not running,`
Packit Service	5ffa24	`* there is no point in scheduling an idle-request to fake success. Just`
Packit Service	5ffa24	`* return right away. */`
Packit Service	5ffa24	`_LOGD(call_id, "complete: drop request simulating success");`
Packit Service	5ffa24	`_cb_info_complete(call_id, NULL);`
Packit Service	5ffa24	`return FALSE;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`call_id->idle.id = g_idle_add(_handle_idle_cb, call_id);`
Packit Service	5ffa24	`return TRUE;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`_handle_dbus_cb(GObject source, GAsyncResult result, gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager * self;`
Packit Service	5ffa24	`NMFirewallManagerCallId *call_id;`
Packit Service	5ffa24	`gs_free_error GError *error = NULL;`
Packit Service	5ffa24	`gs_unref_variant GVariant *ret = NULL;`
Packit Service	5ffa24
Packit Service	5ffa24	`ret = g_dbus_connection_call_finish(G_DBUS_CONNECTION(source), result, &error);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!ret && nm_utils_error_is_cancelled(error))`
Packit Service	5ffa24	`return;`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id = user_data;`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(call_id);`
Packit Service	5ffa24	`nm_assert(NM_IS_FIREWALL_MANAGER(call_id->self));`
Packit Service	5ffa24	`nm_assert(!call_id->is_idle);`
Packit Service	5ffa24	`nm_assert(c_list_contains(&NM_FIREWALL_MANAGER_GET_PRIVATE(call_id->self)->pending_calls,`
Packit Service	5ffa24	`&call_id->lst));`
Packit Service	5ffa24
Packit Service	5ffa24	`self = call_id->self;`
Packit Service	5ffa24
Packit Service	5ffa24	`if (error) {`
Packit Service	5ffa24	`const char *non_error = NULL;`
Packit Service	5ffa24
Packit Service	5ffa24	`g_dbus_error_strip_remote_error(error);`
Packit Service	5ffa24
Packit Service	5ffa24	`switch (call_id->ops_type) {`
Packit Service	5ffa24	`case OPS_TYPE_ADD:`
Packit Service	5ffa24	`case OPS_TYPE_CHANGE:`
Packit Service	5ffa24	`non_error = "ZONE_ALREADY_SET";`
Packit Service	5ffa24	`break;`
Packit Service	5ffa24	`case OPS_TYPE_REMOVE:`
Packit Service	5ffa24	`non_error = "UNKNOWN_INTERFACE";`
Packit Service	5ffa24	`break;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`if (error->message && non_error && g_str_has_prefix(error->message, non_error)`
Packit Service	5ffa24	`&& NM_IN_SET(error->message[strlen(non_error)], '\0', ':')) {`
Packit Service	5ffa24	`_LOGD(call_id, "complete: request failed with a non-error (%s)", error->message);`
Packit Service	5ffa24
Packit Service	5ffa24	`/* The operation failed with an error reason that we don't want`
Packit Service	5ffa24	`* to propagate. Instead, signal success. */`
Packit Service	5ffa24	`g_clear_error(&error);`
Packit Service	5ffa24	`} else`
Packit Service	5ffa24	`_LOGW(call_id, "complete: request failed (%s)", error->message);`
Packit Service	5ffa24	`} else`
Packit Service	5ffa24	`_LOGD(call_id, "complete: success");`
Packit Service	5ffa24
Packit Service	5ffa24	`g_clear_object(&call_id->dbus.cancellable);`
Packit Service	5ffa24
Packit Service	5ffa24	`_cb_info_complete(call_id, error);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`_handle_dbus_start(NMFirewallManager self, NMFirewallManagerCallId call_id)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24	`const char * dbus_method = NULL;`
Packit Service	5ffa24	`GVariant * arg;`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(call_id);`
Packit Service	5ffa24	`nm_assert(priv->running);`
Packit Service	5ffa24	`nm_assert(!call_id->is_idle);`
Packit Service	5ffa24	`nm_assert(c_list_contains(&priv->pending_calls, &call_id->lst));`
Packit Service	5ffa24
Packit Service	5ffa24	`switch (call_id->ops_type) {`
Packit Service	5ffa24	`case OPS_TYPE_ADD:`
Packit Service	5ffa24	`dbus_method = "addInterface";`
Packit Service	5ffa24	`break;`
Packit Service	5ffa24	`case OPS_TYPE_CHANGE:`
Packit Service	5ffa24	`dbus_method = "changeZone";`
Packit Service	5ffa24	`break;`
Packit Service	5ffa24	`case OPS_TYPE_REMOVE:`
Packit Service	5ffa24	`dbus_method = "removeInterface";`
Packit Service	5ffa24	`break;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`nm_assert(dbus_method);`
Packit Service	5ffa24
Packit Service	5ffa24	`arg = g_steal_pointer(&call_id->dbus.arg);`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(arg && g_variant_is_floating(arg));`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(!call_id->dbus.cancellable);`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id->dbus.cancellable = g_cancellable_new();`
Packit Service	5ffa24
Packit Service	5ffa24	`g_dbus_connection_call(priv->dbus_connection,`
Packit Service	5ffa24	`FIREWALL_DBUS_SERVICE,`
Packit Service	5ffa24	`FIREWALL_DBUS_PATH,`
Packit Service	5ffa24	`FIREWALL_DBUS_INTERFACE_ZONE,`
Packit Service	5ffa24	`dbus_method,`
Packit Service	5ffa24	`arg,`
Packit Service	5ffa24	`NULL,`
Packit Service	5ffa24	`G_DBUS_CALL_FLAGS_NONE,`
Packit Service	5ffa24	`10000,`
Packit Service	5ffa24	`call_id->dbus.cancellable,`
Packit Service	5ffa24	`_handle_dbus_cb,`
Packit Service	5ffa24	`call_id);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static NMFirewallManagerCallId *`
Packit Service	5ffa24	`_start_request(NMFirewallManager * self,`
Packit Service	5ffa24	`OpsType ops_type,`
Packit Service	5ffa24	`const char * iface,`
Packit Service	5ffa24	`const char * zone,`
Packit Service	5ffa24	`NMFirewallManagerAddRemoveCallback callback,`
Packit Service	5ffa24	`gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv;`
Packit Service	5ffa24	`NMFirewallManagerCallId * call_id;`
Packit Service	5ffa24
Packit Service	5ffa24	`g_return_val_if_fail(NM_IS_FIREWALL_MANAGER(self), NULL);`
Packit Service	5ffa24	`g_return_val_if_fail(iface && *iface, NULL);`
Packit Service	5ffa24
Packit Service	5ffa24	`priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24
Packit Service	5ffa24	`call_id = _cb_info_create(self, ops_type, iface, zone, callback, user_data);`
Packit Service	5ffa24
Packit Service	5ffa24	`_LOGD(call_id,`
Packit Service	5ffa24	`"firewall zone %s %s:%s%s%s%s",`
Packit Service	5ffa24	`_ops_type_to_string(call_id->ops_type),`
Packit Service	5ffa24	`iface,`
Packit Service	5ffa24	`NM_PRINT_FMT_QUOTED(zone, "\"", zone, "\"", "default"),`
Packit Service	5ffa24	`call_id->is_idle ? " (not running, simulate success)"`
Packit Service	5ffa24	`: (!priv->running ? " (waiting to initialize)" : ""));`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!call_id->is_idle) {`
Packit Service	5ffa24	`if (priv->running)`
Packit Service	5ffa24	`_handle_dbus_start(self, call_id);`
Packit Service	5ffa24	`if (!call_id->callback) {`
Packit Service	5ffa24	`/* if the user did not provide a callback, the call_id is useless.`
Packit Service	5ffa24	`* Especially, the user cannot use the call-id to cancel the request,`
Packit Service	5ffa24	`* because he cannot know whether the request is still pending.`
Packit Service	5ffa24	`*`
Packit Service	5ffa24	`* Hence, returning %NULL doesn't mean that the request could not be started`
Packit Service	5ffa24	`* (this function never fails and always starts a request). */`
Packit Service	5ffa24	`return NULL;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`} else {`
Packit Service	5ffa24	`if (!_handle_idle_start(self, call_id)) {`
Packit Service	5ffa24	`/* if the user did not provide a callback and firewalld is not running,`
Packit Service	5ffa24	`* there is no point in scheduling an idle-request to fake success. Just`
Packit Service	5ffa24	`* return right away. */`
Packit Service	5ffa24	`return NULL;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`return call_id;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`NMFirewallManagerCallId *`
Packit Service	5ffa24	`nm_firewall_manager_add_or_change_zone(NMFirewallManager *self,`
Packit Service	5ffa24	`const char * iface,`
Packit Service	5ffa24	`const char * zone,`
Packit Service	5ffa24	`gboolean add, /* TRUE == add, FALSE == change */`
Packit Service	5ffa24	`NMFirewallManagerAddRemoveCallback callback,`
Packit Service	5ffa24	`gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`return _start_request(self,`
Packit Service	5ffa24	`add ? OPS_TYPE_ADD : OPS_TYPE_CHANGE,`
Packit Service	5ffa24	`iface,`
Packit Service	5ffa24	`zone,`
Packit Service	5ffa24	`callback,`
Packit Service	5ffa24	`user_data);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`NMFirewallManagerCallId *`
Packit Service	5ffa24	`nm_firewall_manager_remove_from_zone(NMFirewallManager * self,`
Packit Service	5ffa24	`const char * iface,`
Packit Service	5ffa24	`const char * zone,`
Packit Service	5ffa24	`NMFirewallManagerAddRemoveCallback callback,`
Packit Service	5ffa24	`gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`return _start_request(self, OPS_TYPE_REMOVE, iface, zone, callback, user_data);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`void`
Packit Service	5ffa24	`nm_firewall_manager_cancel_call(NMFirewallManagerCallId *call_id)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager * self;`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv;`
Packit Service	5ffa24	`gs_free_error GError *error = NULL;`
Packit Service	5ffa24
Packit Service	5ffa24	`g_return_if_fail(call_id);`
Packit Service	5ffa24	`g_return_if_fail(NM_IS_FIREWALL_MANAGER(call_id->self));`
Packit Service	5ffa24	`g_return_if_fail(!c_list_is_empty(&call_id->lst));`
Packit Service	5ffa24
Packit Service	5ffa24	`self = call_id->self;`
Packit Service	5ffa24	`priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_assert(c_list_contains(&priv->pending_calls, &call_id->lst));`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_utils_error_set_cancelled(&error, FALSE, "NMFirewallManager");`
Packit Service	5ffa24
Packit Service	5ffa24	`_LOGD(call_id, "complete: cancel (%s)", error->message);`
Packit Service	5ffa24
Packit Service	5ffa24	`_cb_info_complete(call_id, error);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`name_owner_changed(NMFirewallManager self, const char owner)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`_nm_unused gs_unref_object NMFirewallManager *self_keep_alive = g_object_ref(self);`
Packit Service	5ffa24	`NMFirewallManagerPrivate * priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24	`gboolean was_running;`
Packit Service	5ffa24	`gboolean now_running;`
Packit Service	5ffa24	`gboolean just_initied;`
Packit Service	5ffa24
Packit Service	5ffa24	`owner = nm_str_not_empty(owner);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!owner)`
Packit Service	5ffa24	`_LOGT(NULL, "D-Bus name for firewalld has no owner (firewall stopped)");`
Packit Service	5ffa24	`else`
Packit Service	5ffa24	`_LOGT(NULL, "D-Bus name for firewalld has owner %s (firewall started)", owner);`
Packit Service	5ffa24
Packit Service	5ffa24	`was_running = _get_running(priv);`
Packit Service	5ffa24	`just_initied = !priv->dbus_inited;`
Packit Service	5ffa24
Packit Service	5ffa24	`priv->dbus_inited = TRUE;`
Packit Service	5ffa24	`priv->running = !!owner;`
Packit Service	5ffa24
Packit Service	5ffa24	`now_running = _get_running(priv);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (just_initied) {`
Packit Service	5ffa24	`NMFirewallManagerCallId *call_id_safe;`
Packit Service	5ffa24	`NMFirewallManagerCallId *call_id;`
Packit Service	5ffa24
Packit Service	5ffa24	`/* We kick of the requests that we have pending. Note that this is`
Packit Service	5ffa24	`* entirely asynchronous and also we don't invoke any callbacks for`
Packit Service	5ffa24	`* the user.`
Packit Service	5ffa24	`* Even _handle_idle_start() just schedules an idle handler. That is,`
Packit Service	5ffa24	`* because we don't want to callback to the user before emitting the`
Packit Service	5ffa24	`* DISCONNECTED signal below. Also, emitting callbacks means the user`
Packit Service	5ffa24	`* can call back to modify the list of pending-calls and we'd have`
Packit Service	5ffa24	`* to handle reentrancy. */`
Packit Service	5ffa24	`c_list_for_each_entry_safe (call_id, call_id_safe, &priv->pending_calls, lst) {`
Packit Service	5ffa24	`nm_assert(!call_id->is_idle);`
Packit Service	5ffa24	`nm_assert(call_id->dbus.arg);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (priv->running) {`
Packit Service	5ffa24	`_LOGD(call_id, "initalizing: make D-Bus call");`
Packit Service	5ffa24	`_handle_dbus_start(self, call_id);`
Packit Service	5ffa24	`} else {`
Packit Service	5ffa24	`/* we don't want to invoke callbacks to the user right away. That is because`
Packit Service	5ffa24	`* the user might schedule/cancel more calls, which messes up the order.`
Packit Service	5ffa24	`*`
Packit Service	5ffa24	`* Instead, convert the pending calls to idle requests... */`
Packit Service	5ffa24	`nm_clear_pointer(&call_id->dbus.arg, g_variant_unref);`
Packit Service	5ffa24	`call_id->is_idle = TRUE;`
Packit Service	5ffa24	`_LOGD(call_id, "initializing: fake success on idle");`
Packit Service	5ffa24	`_handle_idle_start(self, call_id);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`}`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`if (was_running != now_running)`
Packit Service	5ffa24	`g_signal_emit(self, signals[STATE_CHANGED], 0, FALSE);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`name_owner_changed_cb(GDBusConnection *connection,`
Packit Service	5ffa24	`const char * sender_name,`
Packit Service	5ffa24	`const char * object_path,`
Packit Service	5ffa24	`const char * interface_name,`
Packit Service	5ffa24	`const char * signal_name,`
Packit Service	5ffa24	`GVariant * parameters,`
Packit Service	5ffa24	`gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager *self = user_data;`
Packit Service	5ffa24	`const char * new_owner;`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!g_variant_is_of_type(parameters, G_VARIANT_TYPE("(sss)")))`
Packit Service	5ffa24	`return;`
Packit Service	5ffa24
Packit Service	5ffa24	`g_variant_get(parameters, "(&s&s&s)", NULL, NULL, &new_owner);`
Packit Service	5ffa24
Packit Service	5ffa24	`name_owner_changed(self, new_owner);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`get_name_owner_cb(const char name_owner, GError error, gpointer user_data)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager * self;`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv;`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!name_owner && g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED))`
Packit Service	5ffa24	`return;`
Packit Service	5ffa24
Packit Service	5ffa24	`self = user_data;`
Packit Service	5ffa24	`priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24
Packit Service	5ffa24	`g_clear_object(&priv->get_name_owner_cancellable);`
Packit Service	5ffa24
Packit Service	5ffa24	`name_owner_changed(self, name_owner);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`/*****************************************************************************/`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`nm_firewall_manager_init(NMFirewallManager *self)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24
Packit Service	5ffa24	`c_list_init(&priv->pending_calls);`
Packit Service	5ffa24
Packit Service	5ffa24	`priv->dbus_connection = nm_g_object_ref(NM_MAIN_DBUS_CONNECTION_GET);`
Packit Service	5ffa24
Packit Service	5ffa24	`if (!priv->dbus_connection) {`
Packit Service	5ffa24	`_LOGD(NULL, "no D-Bus connection");`
Packit Service	5ffa24	`return;`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`priv->name_owner_changed_id =`
Packit Service	5ffa24	`nm_dbus_connection_signal_subscribe_name_owner_changed(priv->dbus_connection,`
Packit Service	5ffa24	`FIREWALL_DBUS_SERVICE,`
Packit Service	5ffa24	`name_owner_changed_cb,`
Packit Service	5ffa24	`self,`
Packit Service	5ffa24	`NULL);`
Packit Service	5ffa24
Packit Service	5ffa24	`priv->get_name_owner_cancellable = g_cancellable_new();`
Packit Service	5ffa24	`nm_dbus_connection_call_get_name_owner(priv->dbus_connection,`
Packit Service	5ffa24	`FIREWALL_DBUS_SERVICE,`
Packit Service	5ffa24	`-1,`
Packit Service	5ffa24	`priv->get_name_owner_cancellable,`
Packit Service	5ffa24	`get_name_owner_cb,`
Packit Service	5ffa24	`self);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`dispose(GObject *object)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`NMFirewallManager * self = NM_FIREWALL_MANAGER(object);`
Packit Service	5ffa24	`NMFirewallManagerPrivate *priv = NM_FIREWALL_MANAGER_GET_PRIVATE(self);`
Packit Service	5ffa24
Packit Service	5ffa24	`/* as every pending operation takes a reference to the manager,`
Packit Service	5ffa24	`* we don't expect pending operations at this point. */`
Packit Service	5ffa24	`nm_assert(c_list_is_empty(&priv->pending_calls));`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_clear_g_dbus_connection_signal(priv->dbus_connection, &priv->name_owner_changed_id);`
Packit Service	5ffa24
Packit Service	5ffa24	`nm_clear_g_cancellable(&priv->get_name_owner_cancellable);`
Packit Service	5ffa24
Packit Service	5ffa24	`G_OBJECT_CLASS(nm_firewall_manager_parent_class)->dispose(object);`
Packit Service	5ffa24
Packit Service	5ffa24	`g_clear_object(&priv->dbus_connection);`
Packit Service	5ffa24	`}`
Packit Service	5ffa24
Packit Service	5ffa24	`static void`
Packit Service	5ffa24	`nm_firewall_manager_class_init(NMFirewallManagerClass *klass)`
Packit Service	5ffa24	`{`
Packit Service	5ffa24	`GObjectClass *object_class = G_OBJECT_CLASS(klass);`
Packit Service	5ffa24
Packit Service	5ffa24	`object_class->dispose = dispose;`
Packit Service	5ffa24
Packit Service	5ffa24	`signals[STATE_CHANGED] = g_signal_new(NM_FIREWALL_MANAGER_STATE_CHANGED,`
Packit Service	5ffa24	`G_OBJECT_CLASS_TYPE(object_class),`
Packit Service	5ffa24	`G_SIGNAL_RUN_FIRST,`
Packit Service	5ffa24	`0,`
Packit Service	5ffa24	`NULL,`
Packit Service	5ffa24	`NULL,`
Packit Service	5ffa24	`g_cclosure_marshal_VOID__BOOLEAN,`
Packit Service	5ffa24	`G_TYPE_NONE,`
Packit Service	5ffa24	`1,`
Packit Service	5ffa24	`G_TYPE_BOOLEAN /* initialized_now */);`
Packit Service	5ffa24	`}`

source-git / NetworkManager

Source Code

Blame src/core/nm-firewall-manager.c