// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright (C) 2012 - 2018 Red Hat, Inc.
*/
#include "nm-default.h"
#include "common.h"
#include <stdio.h>
#include <stdlib.h>
#include <sys/ioctl.h>
#include <readline/readline.h>
#include <readline/history.h>
#include "nm-libnm-aux/nm-libnm-aux.h"
#include "nm-vpn-helpers.h"
#include "nm-client-utils.h"
#include "nm-glib-aux/nm-secret-utils.h"
#include "utils.h"
/*****************************************************************************/
static char **
_ip_config_get_routes (NMIPConfig *cfg)
{
gs_unref_hashtable GHashTable *hash = NULL;
GPtrArray *ptr_array;
char **arr;
guint i;
ptr_array = nm_ip_config_get_routes (cfg);
if (!ptr_array)
return NULL;
if (ptr_array->len == 0)
return NULL;
arr = g_new (char *, ptr_array->len + 1);
for (i = 0; i < ptr_array->len; i++) {
NMIPRoute *route = g_ptr_array_index (ptr_array, i);
gs_strfreev char **names = NULL;
gsize j;
GString *str;
guint64 metric;
gs_free char *attributes = NULL;
str = g_string_new (NULL);
g_string_append_printf (str,
"dst = %s/%u, nh = %s",
nm_ip_route_get_dest (route),
nm_ip_route_get_prefix (route),
nm_ip_route_get_next_hop (route)
?: (nm_ip_route_get_family (route) == AF_INET ? "0.0.0.0" : "::"));
metric = nm_ip_route_get_metric (route);
if (metric != -1) {
g_string_append_printf (str,
", mt = %u",
(guint) metric);
}
names = nm_ip_route_get_attribute_names (route);
if (names[0]) {
if (!hash)
hash = g_hash_table_new (nm_str_hash, g_str_equal);
else
g_hash_table_remove_all (hash);
for (j = 0; names[j]; j++)
g_hash_table_insert (hash, names[j], nm_ip_route_get_attribute (route, names[j]));
attributes = nm_utils_format_variant_attributes (hash, ',', '=');
if (attributes) {
g_string_append (str, ", ");
g_string_append (str, attributes);
}
}
arr[i] = g_string_free (str, FALSE);
}
nm_assert (i == ptr_array->len);
arr[i] = NULL;
return arr;
}
/*****************************************************************************/
static gconstpointer
_metagen_ip4_config_get_fcn (NMC_META_GENERIC_INFO_GET_FCN_ARGS)
{
NMIPConfig *cfg4 = target;
GPtrArray *ptr_array;
char **arr;
const char *const*arrc;
guint i = 0;
const char *str;
nm_assert (info->info_type < _NMC_GENERIC_INFO_TYPE_IP4_CONFIG_NUM);
NMC_HANDLE_COLOR (NM_META_COLOR_NONE);
NM_SET_OUT (out_is_default, TRUE);
switch (info->info_type) {
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_ADDRESS:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
ptr_array = nm_ip_config_get_addresses (cfg4);
if (ptr_array) {
arr = g_new (char *, ptr_array->len + 1);
for (i = 0; i < ptr_array->len; i++) {
NMIPAddress *addr = g_ptr_array_index (ptr_array, i);
arr[i] = g_strdup_printf ("%s/%u",
nm_ip_address_get_address (addr),
nm_ip_address_get_prefix (addr));
}
arr[i] = NULL;
} else
arr = NULL;
goto arr_out;
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_GATEWAY:
str = nm_ip_config_get_gateway (cfg4);
NM_SET_OUT (out_is_default, !str);
return str;
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_ROUTE:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arr = _ip_config_get_routes (cfg4);
goto arr_out;
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_DNS:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arrc = nm_ip_config_get_nameservers (cfg4);
goto arrc_out;
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_DOMAIN:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arrc = nm_ip_config_get_domains (cfg4);
goto arrc_out;
case NMC_GENERIC_INFO_TYPE_IP4_CONFIG_WINS:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arrc = nm_ip_config_get_wins_servers (cfg4);
goto arrc_out;
default:
break;
}
g_return_val_if_reached (NULL);
arrc_out:
NM_SET_OUT (out_is_default, !arrc || !arrc[0]);
*out_flags |= NM_META_ACCESSOR_GET_OUT_FLAGS_STRV;
return arrc;
arr_out:
NM_SET_OUT (out_is_default, !arr || !arr[0]);
*out_flags |= NM_META_ACCESSOR_GET_OUT_FLAGS_STRV;
*out_to_free = arr;
return arr;
}
const NmcMetaGenericInfo *const metagen_ip4_config[_NMC_GENERIC_INFO_TYPE_IP4_CONFIG_NUM + 1] = {
#define _METAGEN_IP4_CONFIG(type, name) \
[type] = NMC_META_GENERIC(name, .info_type = type, .get_fcn = _metagen_ip4_config_get_fcn)
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_ADDRESS, "ADDRESS"),
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_GATEWAY, "GATEWAY"),
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_ROUTE, "ROUTE"),
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_DNS, "DNS"),
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_DOMAIN, "DOMAIN"),
_METAGEN_IP4_CONFIG (NMC_GENERIC_INFO_TYPE_IP4_CONFIG_WINS, "WINS"),
};
/*****************************************************************************/
static gconstpointer
_metagen_ip6_config_get_fcn (NMC_META_GENERIC_INFO_GET_FCN_ARGS)
{
NMIPConfig *cfg6 = target;
GPtrArray *ptr_array;
char **arr;
const char *const*arrc;
guint i = 0;
const char *str;
nm_assert (info->info_type < _NMC_GENERIC_INFO_TYPE_IP6_CONFIG_NUM);
NMC_HANDLE_COLOR (NM_META_COLOR_NONE);
NM_SET_OUT (out_is_default, TRUE);
switch (info->info_type) {
case NMC_GENERIC_INFO_TYPE_IP6_CONFIG_ADDRESS:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
ptr_array = nm_ip_config_get_addresses (cfg6);
if (ptr_array) {
arr = g_new (char *, ptr_array->len + 1);
for (i = 0; i < ptr_array->len; i++) {
NMIPAddress *addr = g_ptr_array_index (ptr_array, i);
arr[i] = g_strdup_printf ("%s/%u",
nm_ip_address_get_address (addr),
nm_ip_address_get_prefix (addr));
}
arr[i] = NULL;
} else
arr = NULL;
goto arr_out;
case NMC_GENERIC_INFO_TYPE_IP6_CONFIG_GATEWAY:
str = nm_ip_config_get_gateway (cfg6);
NM_SET_OUT (out_is_default, !str);
return str;
case NMC_GENERIC_INFO_TYPE_IP6_CONFIG_ROUTE:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arr = _ip_config_get_routes (cfg6);
goto arr_out;
case NMC_GENERIC_INFO_TYPE_IP6_CONFIG_DNS:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arrc = nm_ip_config_get_nameservers (cfg6);
goto arrc_out;
case NMC_GENERIC_INFO_TYPE_IP6_CONFIG_DOMAIN:
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
arrc = nm_ip_config_get_domains (cfg6);
goto arrc_out;
default:
break;
}
g_return_val_if_reached (NULL);
arrc_out:
NM_SET_OUT (out_is_default, !arrc || !arrc[0]);
*out_flags |= NM_META_ACCESSOR_GET_OUT_FLAGS_STRV;
return arrc;
arr_out:
NM_SET_OUT (out_is_default, !arr || !arr[0]);
*out_flags |= NM_META_ACCESSOR_GET_OUT_FLAGS_STRV;
*out_to_free = arr;
return arr;
}
const NmcMetaGenericInfo *const metagen_ip6_config[_NMC_GENERIC_INFO_TYPE_IP6_CONFIG_NUM + 1] = {
#define _METAGEN_IP6_CONFIG(type, name) \
[type] = NMC_META_GENERIC(name, .info_type = type, .get_fcn = _metagen_ip6_config_get_fcn)
_METAGEN_IP6_CONFIG (NMC_GENERIC_INFO_TYPE_IP6_CONFIG_ADDRESS, "ADDRESS"),
_METAGEN_IP6_CONFIG (NMC_GENERIC_INFO_TYPE_IP6_CONFIG_GATEWAY, "GATEWAY"),
_METAGEN_IP6_CONFIG (NMC_GENERIC_INFO_TYPE_IP6_CONFIG_ROUTE, "ROUTE"),
_METAGEN_IP6_CONFIG (NMC_GENERIC_INFO_TYPE_IP6_CONFIG_DNS, "DNS"),
_METAGEN_IP6_CONFIG (NMC_GENERIC_INFO_TYPE_IP6_CONFIG_DOMAIN, "DOMAIN"),
};
/*****************************************************************************/
static gconstpointer
_metagen_dhcp_config_get_fcn (NMC_META_GENERIC_INFO_GET_FCN_ARGS)
{
NMDhcpConfig *dhcp = target;
guint i;
char **arr = NULL;
NMC_HANDLE_COLOR (NM_META_COLOR_NONE);
switch (info->info_type) {
case NMC_GENERIC_INFO_TYPE_DHCP_CONFIG_OPTION:
{
GHashTable *table;
gs_free char **arr2 = NULL;
guint n;
if (!NM_FLAGS_HAS (get_flags, NM_META_ACCESSOR_GET_FLAGS_ACCEPT_STRV))
return NULL;
table = nm_dhcp_config_get_options (dhcp);
if (!table)
goto arr_out;
arr2 = (char **) nm_utils_strdict_get_keys (table, TRUE, &n);
if (!n)
goto arr_out;
nm_assert (arr2 && !arr2[n] && n == NM_PTRARRAY_LEN (arr2));
for (i = 0; i < n; i++) {
const char *k = arr2[i];
const char *v;
nm_assert (k);
v = g_hash_table_lookup (table, k);
arr2[i] = g_strdup_printf ("%s = %s", k, v);
}
arr = g_steal_pointer (&arr2);
goto arr_out;
}
default:
break;
}
g_return_val_if_reached (NULL);
arr_out:
NM_SET_OUT (out_is_default, !arr || !arr[0]);
*out_flags |= NM_META_ACCESSOR_GET_OUT_FLAGS_STRV;
*out_to_free = arr;
return arr;
}
const NmcMetaGenericInfo *const metagen_dhcp_config[_NMC_GENERIC_INFO_TYPE_DHCP_CONFIG_NUM + 1] = {
#define _METAGEN_DHCP_CONFIG(type, name) \
[type] = NMC_META_GENERIC(name, .info_type = type, .get_fcn = _metagen_dhcp_config_get_fcn)
_METAGEN_DHCP_CONFIG (NMC_GENERIC_INFO_TYPE_DHCP_CONFIG_OPTION, "OPTION"),
};
/*****************************************************************************/
gboolean
print_ip_config (NMIPConfig *cfg,
int addr_family,
const NmcConfig *nmc_config,
const char *one_field)
{
gs_free_error GError *error = NULL;
gs_free char *field_str = NULL;
if (!cfg)
return FALSE;
if (one_field) {
field_str = g_strdup_printf ("IP%c.%s",
nm_utils_addr_family_to_char (addr_family),
one_field);
}
if (!nmc_print (nmc_config,
(gpointer[]) { cfg, NULL },
NULL,
NULL,
addr_family == AF_INET
? NMC_META_GENERIC_GROUP ("IP4", metagen_ip4_config, N_("GROUP"))
: NMC_META_GENERIC_GROUP ("IP6", metagen_ip6_config, N_("GROUP")),
field_str,
&error)) {
return FALSE;
}
return TRUE;
}
gboolean
print_dhcp_config (NMDhcpConfig *dhcp,
int addr_family,
const NmcConfig *nmc_config,
const char *one_field)
{
gs_free_error GError *error = NULL;
gs_free char *field_str = NULL;
if (!dhcp)
return FALSE;
if (one_field) {
field_str = g_strdup_printf ("DHCP%c.%s",
nm_utils_addr_family_to_char (addr_family),
one_field);
}
if (!nmc_print (nmc_config,
(gpointer[]) { dhcp, NULL },
NULL,
NULL,
addr_family == AF_INET
? NMC_META_GENERIC_GROUP ("DHCP4", metagen_dhcp_config, N_("GROUP"))
: NMC_META_GENERIC_GROUP ("DHCP6", metagen_dhcp_config, N_("GROUP")),
field_str,
&error)) {
return FALSE;
}
return TRUE;
}
/*
* nmc_find_connection:
* @connections: array of NMConnections to search in
* @filter_type: "id", "uuid", "path", "filename", or %NULL
* @filter_val: connection to find (connection name, UUID or path)
* @out_result: if not NULL, attach all matching connection to this
* list. If necessary, a new array will be allocated. If the array
* already contains a connection, it will not be added a second time.
* All object are referenced by the array. If the function allocates
* a new array, it will set the free function to g_object_unref.
* @complete: print possible completions
*
* Find a connection in @list according to @filter_val. @filter_type determines
* what property is used for comparison. When @filter_type is NULL, compare
* @filter_val against all types. Otherwise, only compare against the specified
* type. If 'path' filter type is specified, comparison against numeric index
* (in addition to the whole path) is allowed.
*
* Returns: found connection, or %NULL
*/
NMConnection *
nmc_find_connection (const GPtrArray *connections,
const char *filter_type,
const char *filter_val,
GPtrArray **out_result,
gboolean complete)
{
NMConnection *best_candidate_uuid = NULL;
NMConnection *best_candidate = NULL;
gs_unref_ptrarray GPtrArray *result_allocated = NULL;
GPtrArray *result = out_result ? *out_result : NULL;
const guint result_inital_len = result ? result->len : 0u;
guint i, j;
nm_assert (connections);
nm_assert (filter_val);
for (i = 0; i < connections->len; i++) {
gboolean match_by_uuid = FALSE;
NMConnection *connection;
const char *v;
const char *v_num;
connection = NM_CONNECTION (connections->pdata[i]);
if (NM_IN_STRSET (filter_type, NULL, "uuid")) {
v = nm_connection_get_uuid (connection);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v)) {
match_by_uuid = TRUE;
goto found;
}
}
if (NM_IN_STRSET (filter_type, NULL, "id")) {
v = nm_connection_get_id (connection);
if (complete)
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "path")) {
v = nm_connection_get_path (connection);
v_num = nm_utils_dbus_path_get_last_component (v);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v, (*filter_val ? v_num : NULL));
if ( nm_streq0 (filter_val, v)
|| (filter_type && nm_streq0 (filter_val, v_num)))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "filename")) {
v = nm_remote_connection_get_filename (NM_REMOTE_CONNECTION (connections->pdata[i]));
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v))
goto found;
}
continue;
found:
if (match_by_uuid) {
if ( !complete
&& !out_result)
return connection;
best_candidate_uuid = connection;
} else {
if (!best_candidate)
best_candidate = connection;
}
if (out_result) {
gboolean already_tracked = FALSE;
if (!result) {
result_allocated = g_ptr_array_new_with_free_func (g_object_unref);
result = result_allocated;
} else {
for (j = 0; j < result->len; j++) {
if (connection == result->pdata[j]) {
already_tracked = TRUE;
break;
}
}
}
if (!already_tracked) {
if (match_by_uuid) {
/* the profile is matched exactly (by UUID). We prepend it
* to the list of all found profiles. */
g_ptr_array_insert (result, result_inital_len, g_object_ref (connection));
} else
g_ptr_array_add (result, g_object_ref (connection));
}
}
}
if (result_allocated)
*out_result = g_steal_pointer (&result_allocated);
return best_candidate_uuid ?: best_candidate;
}
NMActiveConnection *
nmc_find_active_connection (const GPtrArray *active_cons,
const char *filter_type,
const char *filter_val,
GPtrArray **out_result,
gboolean complete)
{
guint i, j;
NMActiveConnection *best_candidate = NULL;
GPtrArray *result = out_result ? *out_result : NULL;
nm_assert (filter_val);
for (i = 0; i < active_cons->len; i++) {
NMRemoteConnection *con;
NMActiveConnection *candidate = g_ptr_array_index (active_cons, i);
const char *v, *v_num;
con = nm_active_connection_get_connection (candidate);
/* When filter_type is NULL, compare connection ID (filter_val)
* against all types. Otherwise, only compare against the specific
* type. If 'path' or 'apath' filter types are specified, comparison
* against numeric index (in addition to the whole path) is allowed.
*/
if (NM_IN_STRSET (filter_type, NULL, "id")) {
v = nm_active_connection_get_id (candidate);
if (complete)
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "uuid")) {
v = nm_active_connection_get_uuid (candidate);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "path")) {
v = con ? nm_connection_get_path (NM_CONNECTION (con)) : NULL;
v_num = nm_utils_dbus_path_get_last_component (v);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v, filter_type ? v_num : NULL);
if ( nm_streq0 (filter_val, v)
|| (filter_type && nm_streq0 (filter_val, v_num)))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "filename")) {
v = nm_remote_connection_get_filename (con);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v);
if (nm_streq0 (filter_val, v))
goto found;
}
if (NM_IN_STRSET (filter_type, NULL, "apath")) {
v = nm_object_get_path (NM_OBJECT (candidate));
v_num = nm_utils_dbus_path_get_last_component (v);
if (complete && (filter_type || *filter_val))
nmc_complete_strings (filter_val, v, filter_type ? v_num : NULL);
if ( nm_streq0 (filter_val, v)
|| (filter_type && nm_streq0 (filter_val, v_num)))
goto found;
}
continue;
found:
if (!out_result)
return candidate;
if (!best_candidate)
best_candidate = candidate;
if (!result)
result = g_ptr_array_new_with_free_func (g_object_unref);
for (j = 0; j < result->len; j++) {
if (candidate == result->pdata[j])
break;
}
if (j == result->len)
g_ptr_array_add (result, g_object_ref (candidate));
}
NM_SET_OUT (out_result, result);
return best_candidate;
}
static gboolean
vpn_openconnect_get_secrets (NMConnection *connection, GPtrArray *secrets)
{
GError *error = NULL;
NMSettingVpn *s_vpn;
const char *gw, *port;
gs_free char *cookie = NULL;
gs_free char *gateway = NULL;
gs_free char *gwcert = NULL;
int status = 0;
int i;
gboolean ret;
if (!connection)
return FALSE;
if (!nm_connection_is_type (connection, NM_SETTING_VPN_SETTING_NAME))
return FALSE;
s_vpn = nm_connection_get_setting_vpn (connection);
if (!nm_streq0 (nm_setting_vpn_get_service_type (s_vpn), NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
return FALSE;
/* Get gateway and port */
gw = nm_setting_vpn_get_data_item (s_vpn, "gateway");
port = gw ? strrchr (gw, ':') : NULL;
/* Interactively authenticate to OpenConnect server and get secrets */
ret = nm_vpn_openconnect_authenticate_helper (gw, &cookie, &gateway, &gwcert, &status, &error);
if (!ret) {
g_printerr (_("Error: openconnect failed: %s\n"), error->message);
g_clear_error (&error);
return FALSE;
}
if (WIFEXITED (status)) {
if (WEXITSTATUS (status) != 0)
g_printerr (_("Error: openconnect failed with status %d\n"), WEXITSTATUS (status));
} else if (WIFSIGNALED (status))
g_printerr (_("Error: openconnect failed with signal %d\n"), WTERMSIG (status));
/* Append port to the host value */
if (gateway && port) {
gs_free char *tmp = gateway;
gateway = g_strdup_printf ("%s%s", tmp, port);
}
/* Fill secrets to the array */
for (i = 0; i < secrets->len; i++) {
NMSecretAgentSimpleSecret *secret = secrets->pdata[i];
if (secret->secret_type != NM_SECRET_AGENT_SECRET_TYPE_VPN_SECRET)
continue;
if (!nm_streq0 (secret->vpn_type, NM_SECRET_AGENT_VPN_TYPE_OPENCONNECT))
continue;
if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "cookie")) {
g_free (secret->value);
secret->value = g_steal_pointer (&cookie);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gateway")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gateway);
} else if (nm_streq0 (secret->entry_id, NM_SECRET_AGENT_ENTRY_ID_PREFX_VPN_SECRETS "gwcert")) {
g_free (secret->value);
secret->value = g_steal_pointer (&gwcert);
}
}
return TRUE;
}
static gboolean
get_secrets_from_user (const NmcConfig *nmc_config,
const char *request_id,
const char *title,
const char *msg,
NMConnection *connection,
gboolean ask,
GHashTable *pwds_hash,
GPtrArray *secrets)
{
int i;
/* Check if there is a VPN OpenConnect secret to ask for */
if (ask)
vpn_openconnect_get_secrets (connection, secrets);
for (i = 0; i < secrets->len; i++) {
NMSecretAgentSimpleSecret *secret = secrets->pdata[i];
char *pwd = NULL;
/* First try to find the password in provided passwords file,
* then ask user. */
if (pwds_hash && (pwd = g_hash_table_lookup (pwds_hash, secret->entry_id))) {
pwd = g_strdup (pwd);
} else {
if (ask) {
gboolean echo_on;
if (secret->value) {
if (!g_strcmp0 (secret->vpn_type, NM_DBUS_INTERFACE ".openconnect")) {
/* Do not present and ask user for openconnect secrets, we already have them */
continue;
} else {
/* Prefill the password if we have it. */
rl_startup_hook = nmc_rl_set_deftext;
nmc_rl_pre_input_deftext = g_strdup (secret->value);
}
}
if (msg)
g_print ("%s\n", msg);
echo_on = secret->is_secret
? nmc_config->show_secrets
: TRUE;
if (secret->no_prompt_entry_id)
pwd = nmc_readline_echo (nmc_config, echo_on, "%s: ", secret->pretty_name);
else
pwd = nmc_readline_echo (nmc_config, echo_on, "%s (%s): ", secret->pretty_name, secret->entry_id);
if (!pwd)
pwd = g_strdup ("");
} else {
if (msg)
g_print ("%s\n", msg);
g_printerr (_("Warning: password for '%s' not given in 'passwd-file' "
"and nmcli cannot ask without '--ask' option.\n"),
secret->entry_id);
}
}
/* No password provided, cancel the secrets. */
if (!pwd)
return FALSE;
nm_free_secret (secret->value);
secret->value = pwd;
}
return TRUE;
}
/**
* nmc_secrets_requested:
* @agent: the #NMSecretAgentSimple
* @request_id: request ID, to eventually pass to
* nm_secret_agent_simple_response()
* @title: a title for the password request
* @msg: a prompt message for the password request
* @secrets: (element-type #NMSecretAgentSimpleSecret): array of secrets
* being requested.
* @user_data: user data passed to the function
*
* This function is used as a callback for "request-secrets" signal of
* NMSecretAgentSimpleSecret.
*/
void
nmc_secrets_requested (NMSecretAgentSimple *agent,
const char *request_id,
const char *title,
const char *msg,
GPtrArray *secrets,
gpointer user_data)
{
NmCli *nmc = (NmCli *) user_data;
NMConnection *connection = NULL;
char *path, *p;
gboolean success = FALSE;
const GPtrArray *connections;
if (nmc->nmc_config.print_output == NMC_PRINT_PRETTY)
nmc_terminal_erase_line ();
/* Find the connection for the request */
path = g_strdup (request_id);
if (path) {
p = strrchr (path, '/');
if (p)
*p = '\0';
connections = nm_client_get_connections (nmc->client);
connection = nmc_find_connection (connections, "path", path, NULL, FALSE);
g_free (path);
}
success = get_secrets_from_user (&nmc->nmc_config,
request_id,
title,
msg,
connection,
nmc->nmc_config.in_editor || nmc->ask,
nmc->pwds_hash,
secrets);
if (success)
nm_secret_agent_simple_response (agent, request_id, secrets);
else {
/* Unregister our secret agent on failure, so that another agent
* may be tried */
if (nmc->secret_agent) {
nm_secret_agent_old_unregister (NM_SECRET_AGENT_OLD (nmc->secret_agent), NULL, NULL);
g_clear_object (&nmc->secret_agent);
}
}
}
char *
nmc_unique_connection_name (const GPtrArray *connections, const char *try_name)
{
NMConnection *connection;
const char *name;
char *new_name;
unsigned num = 1;
int i = 0;
new_name = g_strdup (try_name);
while (i < connections->len) {
connection = NM_CONNECTION (connections->pdata[i]);
name = nm_connection_get_id (connection);
if (g_strcmp0 (new_name, name) == 0) {
g_free (new_name);
new_name = g_strdup_printf ("%s-%d", try_name, num++);
i = 0;
} else
i++;
}
return new_name;
}
/* readline state variables */
static gboolean nmcli_in_readline = FALSE;
static gboolean rl_got_line;
static char *rl_string;
/**
* nmc_cleanup_readline:
*
* Cleanup readline when nmcli is terminated with a signal.
* It makes sure the terminal is not garbled.
*/
void
nmc_cleanup_readline (void)
{
rl_free_line_state ();
rl_cleanup_after_signal ();
}
gboolean
nmc_get_in_readline (void)
{
return nmcli_in_readline;
}
void
nmc_set_in_readline (gboolean in_readline)
{
nmcli_in_readline = in_readline;
}
static void
readline_cb (char *line)
{
rl_got_line = TRUE;
rl_string = line;
rl_callback_handler_remove ();
}
static gboolean
stdin_ready_cb (int fd,
GIOCondition condition,
gpointer data)
{
rl_callback_read_char ();
return TRUE;
}
static char *
nmc_readline_helper (const NmcConfig *nmc_config,
const char *prompt)
{
GSource *io_source;
nmc_set_in_readline (TRUE);
io_source = nm_g_unix_fd_source_new (STDIN_FILENO,
G_IO_IN,
G_PRIORITY_DEFAULT,
stdin_ready_cb,
NULL,
NULL);
g_source_attach (io_source, NULL);
read_again:
rl_string = NULL;
rl_got_line = FALSE;
rl_callback_handler_install (prompt, readline_cb);
while ( !rl_got_line
&& g_main_loop_is_running (loop)
&& !nmc_seen_sigint ())
g_main_context_iteration (NULL, TRUE);
/* If Ctrl-C was detected, complete the line */
if (nmc_seen_sigint ()) {
rl_echo_signal_char (SIGINT);
if (!rl_got_line) {
rl_stuff_char ('\n');
rl_callback_read_char ();
}
}
/* Add string to the history */
if (rl_string && *rl_string)
add_history (rl_string);
if (nmc_seen_sigint ()) {
/* Ctrl-C */
nmc_clear_sigint ();
if ( nmc_config->in_editor
|| (rl_string && *rl_string)) {
/* In editor, or the line is not empty */
/* Call readline again to get new prompt (repeat) */
g_free (rl_string);
goto read_again;
} else {
/* Not in editor and line is empty, exit */
nmc_exit ();
}
} else if (!rl_string) {
/* Ctrl-D, exit */
nmc_exit ();
}
/* Return NULL, not empty string */
if (rl_string && *rl_string == '\0') {
g_free (rl_string);
rl_string = NULL;
}
nm_clear_g_source_inst (&io_source);
nmc_set_in_readline (FALSE);
return rl_string;
}
/**
* nmc_readline:
* @prompt_fmt: prompt to print (telling user what to enter). It is standard
* printf() format string
* @...: a list of arguments according to the @prompt_fmt format string
*
* Wrapper around libreadline's readline() function.
* If user pressed Ctrl-C, readline() is called again (if not in editor and
* line is empty, nmcli will quit).
* If user pressed Ctrl-D on empty line, nmcli will quit.
*
* Returns: the user provided string. In case the user entered empty string,
* this function returns NULL.
*/
char *
nmc_readline (const NmcConfig *nmc_config,
const char *prompt_fmt,
...)
{
va_list args;
gs_free char *prompt = NULL;
rl_initialize ();
va_start (args, prompt_fmt);
prompt = g_strdup_vprintf (prompt_fmt, args);
va_end (args);
return nmc_readline_helper (nmc_config, prompt);
}
static void
nmc_secret_redisplay (void)
{
int save_point = rl_point;
int save_end = rl_end;
char *save_line_buffer = rl_line_buffer;
const char *subst = nmc_password_subst_char ();
int subst_len = strlen (subst);
int i;
rl_point = g_utf8_strlen (save_line_buffer, save_point) * subst_len;
rl_end = g_utf8_strlen (rl_line_buffer, -1) * subst_len;
rl_line_buffer = g_slice_alloc (rl_end + 1);
for (i = 0; i + subst_len <= rl_end; i += subst_len)
memcpy (&rl_line_buffer[i], subst, subst_len);
rl_line_buffer[i] = '\0';
rl_redisplay ();
g_slice_free1 (rl_end + 1, rl_line_buffer);
rl_line_buffer = save_line_buffer;
rl_end = save_end;
rl_point = save_point;
}
/**
* nmc_readline_echo:
*
* The same as nmc_readline() except it can disable echoing of input characters if @echo_on is %FALSE.
* nmc_readline(TRUE, ...) == nmc_readline(...)
*/
char *
nmc_readline_echo (const NmcConfig *nmc_config,
gboolean echo_on,
const char *prompt_fmt,
...)
{
va_list args;
gs_free char *prompt = NULL;
char *str;
nm_auto_free HISTORY_STATE *saved_history = NULL;
HISTORY_STATE passwd_history = { 0, };
va_start (args, prompt_fmt);
prompt = g_strdup_vprintf (prompt_fmt, args);
va_end (args);
rl_initialize ();
/* Hide the actual password */
if (!echo_on) {
saved_history = history_get_history_state ();
history_set_history_state (&passwd_history);
/* stifling history is important as it tells readline to
* not store anything, otherwise sensitive data could be
* leaked */
stifle_history (0);
rl_redisplay_function = nmc_secret_redisplay;
}
str = nmc_readline_helper (nmc_config, prompt);
/* Restore the non-hiding behavior */
if (!echo_on) {
rl_redisplay_function = rl_redisplay;
history_set_history_state (saved_history);
}
return str;
}
/**
* nmc_rl_gen_func_basic:
* @text: text to complete
* @state: readline state; says whether start from scratch (state == 0)
* @words: strings for completion
*
* Basic function generating list of completion strings for readline.
* See e.g. http://cnswww.cns.cwru.edu/php/chet/readline/readline.html#SEC49
*/
char *
nmc_rl_gen_func_basic (const char *text, int state, const char *const*words)
{
static int list_idx, len;
const char *name;
if (!state) {
list_idx = 0;
len = strlen (text);
}
/* Return the next name which partially matches one from the 'words' list. */
while ((name = words[list_idx])) {
list_idx++;
if (strncmp (name, text, len) == 0)
return g_strdup (name);
}
return NULL;
}
static struct {
bool initialized;
guint idx;
char **values;
} _rl_compentry_func_wrap = { 0 };
static char *
_rl_compentry_func_wrap_fcn (const char *text, int state)
{
g_return_val_if_fail (_rl_compentry_func_wrap.initialized, NULL);
while ( _rl_compentry_func_wrap.values
&& _rl_compentry_func_wrap.values[_rl_compentry_func_wrap.idx]
&& !g_str_has_prefix (_rl_compentry_func_wrap.values[_rl_compentry_func_wrap.idx], text))
_rl_compentry_func_wrap.idx++;
if ( !_rl_compentry_func_wrap.values
|| !_rl_compentry_func_wrap.values[_rl_compentry_func_wrap.idx]) {
g_strfreev (_rl_compentry_func_wrap.values);
_rl_compentry_func_wrap.values = NULL;
_rl_compentry_func_wrap.initialized = FALSE;
return NULL;
}
return g_strdup (_rl_compentry_func_wrap.values[_rl_compentry_func_wrap.idx++]);
}
NmcCompEntryFunc
nmc_rl_compentry_func_wrap (const char *const*values)
{
g_strfreev (_rl_compentry_func_wrap.values);
_rl_compentry_func_wrap.values = g_strdupv ((char **) values);
_rl_compentry_func_wrap.idx = 0;
_rl_compentry_func_wrap.initialized = TRUE;
return _rl_compentry_func_wrap_fcn;
}
char *
nmc_rl_gen_func_ifnames (const char *text, int state)
{
int i;
const GPtrArray *devices;
const char **ifnames;
char *ret;
devices = nm_client_get_devices (nm_cli_global_readline->client);
if (devices->len == 0)
return NULL;
ifnames = g_new (const char *, devices->len + 1);
for (i = 0; i < devices->len; i++) {
NMDevice *dev = g_ptr_array_index (devices, i);
const char *ifname = nm_device_get_iface (dev);
ifnames[i] = ifname;
}
ifnames[i] = NULL;
ret = nmc_rl_gen_func_basic (text, state, ifnames);
g_free (ifnames);
return ret;
}
/* for pre-filling a string to readline prompt */
char *nmc_rl_pre_input_deftext;
int
nmc_rl_set_deftext (void)
{
if (nmc_rl_pre_input_deftext && rl_startup_hook) {
rl_insert_text (nmc_rl_pre_input_deftext);
g_free (nmc_rl_pre_input_deftext);
nmc_rl_pre_input_deftext = NULL;
rl_startup_hook = NULL;
}
return 0;
}
/**
* nmc_parse_lldp_capabilities:
* @value: the capabilities value
*
* Parses LLDP capabilities flags
*
* Returns: a newly allocated string containing capabilities names separated by commas.
*/
char *
nmc_parse_lldp_capabilities (guint value)
{
/* IEEE Std 802.1AB-2009 - Table 8.4 */
const char *names[] = { "other", "repeater", "mac-bridge", "wlan-access-point",
"router", "telephone", "docsis-cable-device", "station-only",
"c-vlan-component", "s-vlan-component", "tpmr" };
gboolean first = TRUE;
GString *str;
int i;
if (!value)
return g_strdup ("none");
str = g_string_new ("");
for (i = 0; i < G_N_ELEMENTS (names); i++) {
if (value & (1 << i)) {
if (!first)
g_string_append_c (str, ',');
first = FALSE;
value &= ~(1 << i);
g_string_append (str, names[i]);
}
}
if (value) {
if (!first)
g_string_append_c (str, ',');
g_string_append (str, "reserved");
}
return g_string_free (str, FALSE);
}
static void
command_done (GObject *object, GAsyncResult *res, gpointer user_data)
{
GTask *task = G_TASK (res);
NmCli *nmc = user_data;
gs_free_error GError *error = NULL;
if (!g_task_propagate_boolean (task, &error)) {
nmc->return_value = error->code;
g_string_assign (nmc->return_text, error->message);
}
if (!nmc->should_wait)
g_main_loop_quit (loop);
}
typedef struct {
const NMCCommand *cmd;
int argc;
char **argv;
GTask *task;
} CmdCall;
static void
call_cmd (NmCli *nmc, GTask *task, const NMCCommand *cmd, int argc, const char *const*argv);
static void
got_client (GObject *source_object, GAsyncResult *res, gpointer user_data)
{
gs_unref_object GTask *task = NULL;
gs_free_error GError *error = NULL;
CmdCall *call = user_data;
NmCli *nmc;
nm_assert (NM_IS_CLIENT (source_object));
task = g_steal_pointer (&call->task);
nmc = g_task_get_task_data (task);
nmc->should_wait--;
if (!g_async_initable_init_finish (G_ASYNC_INITABLE (source_object),
res,
&error)) {
g_object_unref (source_object);
g_task_return_new_error (task, NMCLI_ERROR, NMC_RESULT_ERROR_UNKNOWN,
_("Error: Could not create NMClient object: %s."),
error->message);
} else {
nmc->client = NM_CLIENT (source_object);
call_cmd (nmc, g_steal_pointer (&task), call->cmd, call->argc, (const char *const*) call->argv);
}
g_strfreev (call->argv);
nm_g_slice_free (call);
}
static void
call_cmd (NmCli *nmc, GTask *task, const NMCCommand *cmd, int argc, const char *const*argv)
{
CmdCall *call;
if (nmc->client || !cmd->needs_client) {
/* Check whether NetworkManager is running */
if (cmd->needs_nm_running && !nm_client_get_nm_running (nmc->client)) {
g_task_return_new_error (task, NMCLI_ERROR, NMC_RESULT_ERROR_NM_NOT_RUNNING,
_("Error: NetworkManager is not running."));
} else {
cmd->func (cmd, nmc, argc, argv);
g_task_return_boolean (task, TRUE);
}
g_object_unref (task);
} else {
nm_assert (nmc->client == NULL);
nmc->should_wait++;
call = g_slice_new (CmdCall);
*call = (CmdCall) {
.cmd = cmd,
.argc = argc,
.argv = nm_utils_strv_dup ((char **) argv, argc, TRUE),
.task = task,
};
nmc_client_new_async (NULL,
got_client,
call,
NM_CLIENT_INSTANCE_FLAGS, (guint) NM_CLIENT_INSTANCE_FLAGS_NO_AUTO_FETCH_PERMISSIONS,
NULL);
}
}
static void
nmc_complete_help (const char *prefix)
{
nmc_complete_strings (prefix, "help");
if (*prefix == '-')
nmc_complete_strings (prefix, "-help", "--help");
}
/**
* nmc_do_cmd:
* @nmc: Client instance
* @cmds: Command table
* @cmd: Command
* @argc: Argument count
* @argv: Arguments vector. Must be a global variable.
*
* Picks the right callback to handle command from the command table.
* If --help argument follows and the usage callback is specified for the command
* it calls the usage callback.
*
* The command table is terminated with a %NULL command. The terminating
* entry's handlers are called if the command is empty.
*
* The argument vector needs to be a pointer to the global arguments vector that is
* never freed, since the command handler will be called asynchronously and there's
* no callback to free the memory in (for simplicity).
*/
void
nmc_do_cmd (NmCli *nmc, const NMCCommand cmds[], const char *cmd, int argc, const char *const*argv)
{
const NMCCommand *c;
gs_unref_object GTask *task = NULL;
task = nm_g_task_new (NULL, NULL, nmc_do_cmd, command_done, nmc);
g_task_set_task_data (task, nmc, NULL);
if (argc == 0 && nmc->complete) {
g_task_return_boolean (task, TRUE);
return;
}
if (argc == 1 && nmc->complete) {
for (c = cmds; c->cmd; ++c) {
if (!*cmd || matches (cmd, c->cmd))
g_print ("%s\n", c->cmd);
}
nmc_complete_help (cmd);
g_task_return_boolean (task, TRUE);
return;
}
for (c = cmds; c->cmd; ++c) {
if (cmd && matches (cmd, c->cmd))
break;
}
if (c->cmd) {
/* A valid command was specified. */
if (c->usage && argc == 2 && nmc->complete)
nmc_complete_help (*(argv+1));
if (!nmc->complete && c->usage && nmc_arg_is_help (*(argv+1))) {
c->usage ();
g_task_return_boolean (task, TRUE);
} else {
call_cmd (nmc, g_steal_pointer (&task), c, argc, (const char *const*) argv);
}
} else if (cmd) {
/* Not a known command. */
if (nmc_arg_is_help (cmd) && c->usage) {
c->usage ();
g_task_return_boolean (task, TRUE);
} else {
g_task_return_new_error (task, NMCLI_ERROR, NMC_RESULT_ERROR_USER_INPUT,
_("Error: argument '%s' not understood. Try passing --help instead."), cmd);
}
} else if (c->func) {
/* No command, run the default handler. */
call_cmd (nmc, g_steal_pointer (&task), c, argc, (const char *const*) argv);
} else {
/* No command and no default handler. */
g_task_return_new_error (task, NMCLI_ERROR, NMC_RESULT_ERROR_USER_INPUT,
_("Error: missing argument. Try passing --help."));
}
}
/**
* nmc_complete_strings:
* @prefix: a string to match
* @nargs: the number of elements in @args. Or -1 if @args is a NULL terminated
* strv array.
* @args: the argument list. If @nargs is not -1, then some elements may
* be %NULL to indicate to silently skip the values.
*
* Prints all the matching candidates for completion. Useful when there's
* no better way to suggest completion other than a hardcoded string list.
*/
void
nmc_complete_strv (const char *prefix, gssize nargs, const char *const*args)
{
gsize i, n;
if (prefix && !prefix[0])
prefix = NULL;
if (nargs < 0) {
nm_assert (nargs == -1);
n = NM_PTRARRAY_LEN (args);
} else
n = (gsize) nargs;
for (i = 0; i < n; i++) {
const char *candidate = args[i];
if (!candidate)
continue;
if ( prefix
&& !matches (prefix, candidate))
continue;
g_print ("%s\n", candidate);
}
}
/**
* nmc_complete_bool:
* @prefix: a string to match
* @...: a %NULL-terminated list of candidate strings
*
* Prints all the matching possible boolean values for completion.
*/
void
nmc_complete_bool (const char *prefix)
{
nmc_complete_strings (prefix, "true", "yes", "on",
"false", "no", "off");
}
/**
* nmc_error_get_simple_message:
* @error: a GError
*
* Returns a simplified message for some errors hard to understand.
*/
const char *
nmc_error_get_simple_message (GError *error)
{
/* Return a clear message instead of the obscure D-Bus policy error */
if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_ACCESS_DENIED))
return _("access denied");
if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN))
return _("NetworkManager is not running");
else
return error->message;
}
GVariant *
nmc_dbus_call_sync (NmCli *nmc,
const char *object_path,
const char *interface_name,
const char *method_name,
GVariant *parameters,
const GVariantType *reply_type,
GError **error)
{
gs_unref_object GDBusConnection *connection = NULL;
gs_free_error GError *local = NULL;
GVariant *result;
if (nmc->timeout == -1)
nmc->timeout = 90;
connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &local);
if (!connection) {
g_set_error (error,
NMCLI_ERROR,
NMC_RESULT_ERROR_UNKNOWN,
_("Error: error connecting to system bus: %s"),
local->message);
return NULL;
}
result = g_dbus_connection_call_sync (connection,
"org.freedesktop.NetworkManager",
object_path,
interface_name,
method_name,
parameters,
reply_type,
G_DBUS_CALL_FLAGS_NONE,
nmc->timeout * 1000,
NULL,
error);
if (error && *error)
g_dbus_error_strip_remote_error (*error);
return result;
}
/*****************************************************************************/
NM_UTILS_LOOKUP_STR_DEFINE (nm_connectivity_to_string, NMConnectivityState,
NM_UTILS_LOOKUP_DEFAULT (N_("unknown")),
NM_UTILS_LOOKUP_ITEM (NM_CONNECTIVITY_NONE, N_("none")),
NM_UTILS_LOOKUP_ITEM (NM_CONNECTIVITY_PORTAL, N_("portal")),
NM_UTILS_LOOKUP_ITEM (NM_CONNECTIVITY_LIMITED, N_("limited")),
NM_UTILS_LOOKUP_ITEM (NM_CONNECTIVITY_FULL, N_("full")),
NM_UTILS_LOOKUP_ITEM_IGNORE (NM_CONNECTIVITY_UNKNOWN),
);