Cross Reference: /system/connectivity/shill/connection.cc

History log of /system/connectivity/shill/connection.cc
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
eac0ffcefc46764b7416c67e2a9f363b2531dccb	24-Jan-2016	Kevin Cernekee <cernekee@google.com>	shill: Tunnel crosh traffic through third-party VPNs Currently ping and tracepath bypass third-party VPNs, which makes it harder to diagnose connection problems. Add firewall rules for the "debugd" user so that his traffic is treated the same as "chronos". BUG: chromium:534872 TEST=connect to a Cisco VPN and ping an internal IP via crosh Change-Id: Idd28f40964d50a5d7e7f47ba60cd71e8bf85b6bd /system/connectivity/shill/connection.cc
9429723aad30865ab4604a6074dece9c6d45c0cc	07-Oct-2015	Peter Qiu <zqiu@google.com>	Mock out DNSServerProxy in unittest Use a factory for DNSServerProxy creation, so that it can be easily mocked out in the unittest. Bug: 24711640 TEST=weave setup still works on dragonboard TEST=ConnectionTest.* passed on dragonboard TEST=Run unittest for Chrome OS Change-Id: Ib03029a00b21ff3f6c4fd47dcbd1df8010bc0f05 /system/connectivity/shill/connection.cc
d5d3482e261beaee1a13622143d4abf728165fb9	01-Oct-2015	Peter Qiu <zqiu@google.com>	Support DNS server proxy on Android There is no support for /etc/resolv.conf on Android, so a DNS server proxy is needed to handle/redirect client DNS requests. dnsmasq will be used to setup as a DNS server proxy, and it will run under the "system" user. Also add a special handling for the case when DHCP doesn't provide DNS server addresses. We will default to use Google's DNS server addresses in this case. Not sure why we never had a problem with this scenario on Chrome OS, so make this handling Android specific for now. TODO: update connection_unittest.cc for Android. Bug: 24543278 TEST=Manual test on dragonboard (ping to well known hosts) Change-Id: I4573546a9987b1148a9c0e6157155a232be4f168 /system/connectivity/shill/connection.cc
a330ecd23b1ce4112fd7a28f4b2a062b8df10735	02-Sep-2015	Peter Qiu <zqiu@google.com>	shill: rename PermissionBrokerProxyInterface to FirewallProxyInterface Use FirewallProxyInterface to abstract firewall functionalities. This allows us to use different implementations (permission_broker or firewalld) based on the target platform. BUG=b:23756495 TEST=unittest Change-Id: Ieeb0a56ce22efeebf3db9c775678bab1aeeea05d Reviewed-on: https://chromium-review.googlesource.com/296833 Commit-Ready: Zeping Qiu <zqiu@chromium.org> Tested-by: Zeping Qiu <zqiu@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5	03-Sep-2015	Peter Qiu <zqiu@google.com>	License shill to Apache2 This patch automatically replaced the license on all text files from Chromium OS (BSD style) to AOSP (Apache2), keeping the original year as a reference. The license header was added to .gyp and .gypi, the NOTICE was added with a copy of the Apache2 license and MODULE_LICENSE_* file was added. BUG=23587594 TEST=grep 'Chromium OS Authors' doesn't find anything. Change-Id: If41ede586c2465f5831fb7fee270ff41dbfdb596 /system/connectivity/shill/connection.cc
9a0f121f98ebc46704773555334b43af14842abe	10-Aug-2015	Paul Stewart <pstew@chromium.org>	shill: Connection: Don't create bind loops It's been observed on some platforms that there are transient states where the only active service becomes the VPN if the underlying service becomes disconnected. The connection bind code should avoid creating a bind loop with itself under these circumstances. BUG=chromium:513006 TEST=Unit tests Change-Id: Ida71646bb3b842d2e02f225249e433d992f4cd8b Reviewed-on: https://chromium-review.googlesource.com/292430 Reviewed-by: mukesh agrawal <quiche@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
608ec29525f553d51f0a92e84176e3d4b45930a9	31-Jul-2015	Peter Qiu <zqiu@chromium.org>	shill: use ControlInterface to create proxy objects So that appropriate proxy objects can be created based on the type of the control interface. While there, remove ProxyFactory related files. BUG=chromium:513791 TEST=USE="asan clang cellular wimax dhcpv6" FEATURES=test emerge-$BOARD shill Change-Id: I465b0807ab4ccacac3891638db41384f43ef83c5 Reviewed-on: https://chromium-review.googlesource.com/289855 Reviewed-by: Zeping Qiu <zqiu@chromium.org> Commit-Queue: Zeping Qiu <zqiu@chromium.org> Tested-by: Zeping Qiu <zqiu@chromium.org> /system/connectivity/shill/connection.cc
c8fab0c129ea3e55fd89719f6e16c78ca505e05c	29-Jul-2015	Paul Stewart <pstew@chromium.org>	shill: Connection: Fix gateway reachability using link routes Previously, in order to fix reachability to a default gateway (in order to apply a gateway default route), shill used one of two methods: - Open up the prefix assigned to the local address until both the host and gateway were in the same broadcast domain. - Add the gateway as a peer address for the interface. Although this works well in most situations, there are cases where it doesn't work as well. Specifically, modifying the prefix may prevent the local host from reaching other peers that are really not on the same broadcast domain. Instead of modifying the prefix, this new change adds a link-scoped route to the gateway. The host acts identically (ARPs for the gateway IP address locally), but since the prefix is preserved, it sends traffic to all other addresses outside the provided prefix through the gateway. BUG=chromium:515156 TEST=Unit tests + manual -- trigger this code by forcing /32 prefix Change-Id: I71e33b6ed0dfe74e069376ab8bd5710f7d30b4bd Reviewed-on: https://chromium-review.googlesource.com/289599 Reviewed-by: mukesh agrawal <quiche@chromium.org> Tested-by: Andrey Ulanov <andreyu@google.com> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
a794cd60a7339d576ea2eed263a4f0a20fb255af	16-Jun-2015	Paul Stewart <pstew@chromium.org>	shill: Top-level files a-e: Switch pointer/ref spacing Switch to Chrome style spacing. BUG=chromium:501026 TEST=Unit tests Change-Id: Idb7252202e142098999fe0672712aded7d369259 Reviewed-on: https://chromium-review.googlesource.com/278038 Reviewed-by: Rebecca Silberstein <silberst@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
55d9550e72197a203efbe06087edc2424676d886	02-May-2015	Paul Stewart <pstew@chromium.org>	shill: connection: Fix IP address comparison in FixGatewayReachability CL:247030 inadvertently broke IP address comparison for Connection::FixGatewayReachability, since now the \|trusted_ip\| contains a prefix while the \|peer\| and \|gateway\| still do not. To solve this, add a new comparison method for IPAddress objects that does not consider the prefix, and use this for address comparisons in Connection::FixGatewayReachability. BUG=chromium:478267 TEST=Unit test + create an ipvanish account and connect Change-Id: Id30e0cd15bb0171c7f438cf1e7f0087c75d55611 Reviewed-on: https://chromium-review.googlesource.com/268970 Reviewed-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
1f58903c02e9a8e29816f7a7659afa331b005d9c	23-Feb-2015	Prabhu Kaliamoorthi <kaliamoorthi@chromium.org>	shill: Cleanup and fix problem with default address in vpn When default address is set as the first value in excluded list passed to SetParameters DBus API of ThirdPartyVpn driver, the routing entries are not correctly setup since the route for default address is found to be local. This CL ensures that this problem does not happen by swapping the address when the first entry is default. The CL further cleans up IPConfig. BUG=chromium:459609 TEST=Unit tests and manual testing of the feature. Change-Id: I0fa167aa6cb09e467a33f876dd98ef5a9000fbb4 Reviewed-on: https://chromium-review.googlesource.com/251990 Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Commit-Queue: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> /system/connectivity/shill/connection.cc
e0e205bf5e625398d02be89bda076ea9fd761896	20-Feb-2015	Prabhu Kaliamoorthi <kaliamoorthi@chromium.org>	shill: Cleanup third party vpn driver in shill This CL performs the following changes. 1) Depricated parameters such as bypass_ip_from_tunnel are removed. 2) Inclusion lists and exclusion lists are used instead and are made mandatory settings. 3) Hard coded strings in parameters are replaced with constants. 4) Default route setting is removed for third party vpn. The extension is now explicitly required to set the tunnel interface as default. 5) Iptables setting made using permisison broker are explicitly torn down instead of relying on the lifeline. BUG=chromium:459609 TEST=Manual testing of the feature. Change-Id: Ibfca4a7485bfbe8e20d68f7159b18f8a38b0c608 Reviewed-on: https://chromium-review.googlesource.com/251550 Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Commit-Queue: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> /system/connectivity/shill/connection.cc
77e768323e57058b4660bb72ba2544a1cbe6d435	13-Feb-2015	Prabhu Kaliamoorthi <kaliamoorthi@chromium.org>	shill: Setup Iptable entries for ThirdPartyVpn using PermissionBroker This CL makes shill setup iptables entries to mark traffic from user dynamically using a proxy to permission broker. BUG=chromium:458075 TEST=Manual testing CQ-DEPEND=CL:249140 Change-Id: Ic376c67b588ae0f82abeb6b7fab31051cd6d08a4 Reviewed-on: https://chromium-review.googlesource.com/250290 Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Commit-Queue: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> /system/connectivity/shill/connection.cc
762bfb8ab200a387fe732ec92423a5f0afe11bcf	06-Feb-2015	Prabhu Kaliamoorthi <kaliamoorthi@chromium.org>	shill: Add support in shill to route selected traffic to ThirdPartyVpn This CL adds capability to shill deamon to route selected network traffic to ThirdPartyVpn by using multiple routing tables. It further enables a list of IP blocks in CIDR notation to be excluded from the VPN traffic rather than a single trusted_ip. The existing trusted_ip mechanism to do this is removed to avoid redundant approaches to solve the same problem. Third party VPN driver is modified to make use of the new interfaces to exclude and include a list of IP blocks in CIDR format from the VPN traffic. BUG=chromium:407541 TEST=Unittests and manual testing Change-Id: Id185d3e9bf91d018b55899adaa562d3192d261cf Reviewed-on: https://chromium-review.googlesource.com/247030 Commit-Queue: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> /system/connectivity/shill/connection.cc
024a6c80bc8474d828af6d961ea7fe0d67d69587	23-Jan-2015	Paul Stewart <pstew@chromium.org>	shill: Connection: Apply connection MTU Honor the "mtu" field in IPConfig::Properties by applying this MTU to the interface. Apply a default MTU to interfaces that do not specify one, and a minimum MTU if the supplied MTU will not work for the connected IP configuration. BUG=chromium:450759 TEST=Unit tests, Upcoming test network_DhcpMTU (CL:243315) Change-Id: Ie7abf937b8475d43e5a77bf9f27ec58a5433fc2a Reviewed-on: https://chromium-review.googlesource.com/243370 Reviewed-by: Prabhu Kaliamoorthi <kaliamoorthi@chromium.org> Reviewed-by: Zeping Qiu <zqiu@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
182888eab7478f28001b1235f8d2b75063445db8	13-Nov-2014	Paul Stewart <pstew@chromium.org>	shill: Connnection: Ignore invalid IP addresses for GetSubnet If the local address for a connection is invalid, we should return an empty string (instead of possibly crashing). The manager should in turn not bucket two such subnets into the same subnet bucket. BUG=chromium:430041 TEST=Unit tests Change-Id: If2c82d28ddadac7af9841a5a672bc61c91da4796 Reviewed-on: https://chromium-review.googlesource.com/231672 Reviewed-by: Peter Qiu <zqiu@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
2cb3fa7317cfa3248cff72d0b9d64c4f2f630472	13-Nov-2014	Paul Stewart <pstew@chromium.org>	shill: Device: Support same-net multi-homing When two interfaces are connected to the same subnet, two components of ChromeOS system behavior conspire to produce surprising results. First, the default Linux network behavior induces the "ARP Flux" effect where the system replies to ARPs interchangably for both interfaces. Secondly, reverse- path filtering (setup by default in shill) causes only one network interface to be able to receive packets for a given subnet at a time. This CL adds code to recognize situations where more than one interface is connected to the same subnet. In such situtations reverse-path filtering is disabled and ARP filtering is enabled. This requires the driver to keep track of the requested reverse-path filtering state. BUG=chromium:430041 TEST=Unit tests + manual: (1) Attach both WiFi and Ethernet, but to _different_ IP networks (subnet addresses should be different). Run "sysctl -a \| egrep '(rp_filter\|arp_announce\|arp_ignore)'". Output should be something like: net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.eth0.arp_announce = 0 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.arp_ignore = 0 net.ipv4.conf.eth0.rp_filter = 1 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.rp_filter = 1 net.ipv4.conf.wlan0.arp_announce = 0 net.ipv4.conf.wlan0.arp_filter = 0 net.ipv4.conf.wlan0.arp_ignore = 0 net.ipv4.conf.wlan0.rp_filter = 1 In other words, rp_filter is enabled on all interfaces, and arp_filter / arp_ignore are left as default. (2) Attach both WiFi and Ethernet to the same router. Run "sysctl -a \| egrep '(rp_filter\|arp_announce\|arp_ignore)'". Output should be something like: net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.eth0.arp_announce = 2 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.eth0.rp_filter = 2 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.rp_filter = 1 net.ipv4.conf.wlan0.arp_announce = 2 net.ipv4.conf.wlan0.arp_filter = 0 net.ipv4.conf.wlan0.arp_ignore = 1 net.ipv4.conf.wlan0.rp_filter = 2 In other words, rp_filter is set to "loose mode" on WiFi and Ethernet. arp_filter and arp_ignore are also enabled on those interfaces. Change-Id: Id19e5b7101ba70f94aaa51b3ad6cc163a4bc0005 Reviewed-on: https://chromium-review.googlesource.com/229696 Reviewed-by: Will Drewry <wad@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
c9c31d8497c3f053c2160408cc386010fc125fad	22-Oct-2014	Rebecca Silberstein <silberst@chromium.org>	shill: add object id to scoped log messages Add object identifier (DBus::Path) string to scoped logging messages. If the logging message is called from a static method, SLOG will be called with nullptr and the log will use (anon) for the object id. Objects without identifying information will use the (class_name) as their logged identifier. BUG=chromium:403996 TEST=ran unit tests and manually inspected net.log Change-Id: Idf23911a303f5edc4b82917bf1e2cea3f8e44e60 Reviewed-on: https://chromium-review.googlesource.com/224812 Tested-by: Rebecca Silberstein <silberst@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Rebecca Silberstein <silberst@chromium.org> /system/connectivity/shill/connection.cc
8d6b59704591ba9fad57751858835dc332dbdd37	28-Oct-2014	Peter Qiu <zqiu@chromium.org>	shill: export a shared library for RTNL interface. Export a shared library "libshill-net-<(libbase-ver)" from shill, which currently includes the RTNL interface and other codes that it depends on (mainly ByteString, IPAddress, IOHandler, TimeStamp, and Sockets). All the library codes are moved to under "shill/net/". Upcoming changes: - Remove dependency for "shill/error.h" which depends on dbus-c++. - Add Netlink interface to the shared library. BUG=chromium:427982 TEST=unittests CQ-DEPEND=CL:226103 Change-Id: I7f5c183b8a347c02e80ffed5e3497f691dde517c Reviewed-on: https://chromium-review.googlesource.com/226110 Reviewed-by: Peter Qiu <zqiu@chromium.org> Tested-by: Peter Qiu <zqiu@chromium.org> Commit-Queue: Peter Qiu <zqiu@chromium.org> /system/connectivity/shill/connection.cc
cc225ef3b77b5e098cc12c661a947e1737480777	30-Sep-2014	Ben Chan <benchan@chromium.org>	shill: Replace NULL with nullptr. BUG=None TEST=`USE=wimax FEATURES=test emerge-$BOARD shill` Change-Id: I30ab47ff32dcadad09ae7a2baf4d4123a6ef0d8e Reviewed-on: https://chromium-review.googlesource.com/220657 Reviewed-by: Ben Chan <benchan@chromium.org> Tested-by: Ben Chan <benchan@chromium.org> Commit-Queue: Ben Chan <benchan@chromium.org> /system/connectivity/shill/connection.cc
f3a8f9064976d12c4f8ed3c6a5cc9ea4655c686d	20-Aug-2014	Peter Qiu <zqiu@chromium.org>	shill: Add IPv6 connection support. Added support to shill for it to be able to complete portal detection using IPv6 connection. The IPv6 support is added to AsyncConnection, DNSClient, and HTTPRequest. BUG=chromium:394010 TEST=unit tests, manual test with future CL that initiate IPv6 portal detection. Change-Id: I20b768211f3ecfcd53406805038c0490a488ee78 Reviewed-on: https://chromium-review.googlesource.com/213273 Reviewed-by: Peter Qiu <zqiu@chromium.org> Tested-by: Peter Qiu <zqiu@chromium.org> Commit-Queue: Peter Qiu <zqiu@chromium.org> /system/connectivity/shill/connection.cc
7fab89734d88724a288e96a9996b15548c5294c7	11-Aug-2014	Ben Chan <benchan@chromium.org>	shill: Use integer types from stdint.h This CL replaces the deprecated int* and uint* types from 'base/basictypes.h' with the int_t and uint_t types from 'stdint.h'. BUG=chromium:401356 TEST=`USE='cellular gdmwimax wimax' FEATURES=test emerge-$BOARD platform2` Change-Id: I3d4c195881203dd2a47dbb5af150b6c90b9c206e Reviewed-on: https://chromium-review.googlesource.com/211770 Reviewed-by: Mike Frysinger <vapier@chromium.org> Commit-Queue: Ben Chan <benchan@chromium.org> Tested-by: Ben Chan <benchan@chromium.org> /system/connectivity/shill/connection.cc
a89154bfedfd8872242083ffe4f084fdc774c078	24-May-2014	Peter Qiu <zqiu@chromium.org>	shill: Support of DNS auto fallback Automatically switch to fallback DNS server when broken DNS setting is detected. This feature is disabled by default (due to property defaulting to "false"). BUG=chromium:377056 TEST=unit tests, manual test 1. Manually update the code to allow DNS auto fallback. 2. Connect a chrome device to GoogleGuest. 3. Update the name servers setting to an invalid DNS server "192.168.1.1" 4. Browse to "chrome://net-internals/#dns", and verify the nameserver changed from "192.168.1.1" to Google's DNS servers "8.8.8.8" and "8.8.4.4" within a minute. CQ-DEPEND=CL:201412 Change-Id: I31dbaf715b5b11dd2f736e0664ee432e55bdeeb9 Reviewed-on: https://chromium-review.googlesource.com/207155 Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Peter Qiu <zqiu@chromium.org> Tested-by: Peter Qiu <zqiu@chromium.org> /system/connectivity/shill/connection.cc
8a5322984f2d81bcbfd8d44c59747a11bd9b904b	17-Jun-2014	Alex Vakulenko <avakulenko@chromium.org>	shill: Fix most of warnings from cpplint Fix most cpplinter's warnings. On a few occasisions, the warnings produced were false-positives, so added explicit // NOLINT comment overrides. There were a few instances of disallowed non-const reference usage (reported as runtime/reference error by cpplint) for "DBus::Error &error" which should potentially be changed to pointers to comply with C++ coding style but I will let Shill owners do that since there is quite a few of those and the change isn't brain-dead simple... BUG=None TEST=platform2 still compiles and all unit tests pass. Change-Id: Ic2e31896aa13d20eeb1a85dee74f3db8cccfde2e Reviewed-on: https://chromium-review.googlesource.com/204164 Tested-by: Alex Vakulenko <avakulenko@chromium.org> Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Queue: Alex Vakulenko <avakulenko@chromium.org> /system/connectivity/shill/connection.cc
6db7b24348e69639e19cd6c408388b10d6ee54fe	03-May-2014	Paul Stewart <pstew@chromium.org>	shill: Remove trivial use of iterators Move trivial iterations through containers from using an iterator to using range-based for loops. In instances where it makes sense also use "auto" for iterators in non-trivial for loops as well. BUG=None TEST=Unit tests Change-Id: I840d90fb62dc96d45f63144462b9a53b28c25ee9 Reviewed-on: https://chromium-review.googlesource.com/198051 Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
e435d34d8bc77ab7b821833e9029eac990f677ad	28-Sep-2013	Paul Stewart <pstew@chromium.org>	shill: Connection: Allow VPNs with no default route Some VPNs may provide access to a single subnet with no default routes. Allow this configuration to proceed by relaxing a test in PinHostRoute so it does not abort the setup of the connection. BUG=chromium:300151 TEST=Unit tests Change-Id: If22eaabdc3357912292a4314b8adda76bdf71d00 Reviewed-on: https://chromium-review.googlesource.com/171010 Reviewed-by: Ben Chan <benchan@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
fddc09ac26ba77cabb59810f01b705fca2efd10b	04-Jul-2013	Alex Deymo <deymo@chromium.org>	Export the Physical Technology of a VPN service. Exposes the Type of the lowest service used for a VPN service through the "PhysicalTechnology" property of a VPN service. TEST=cros_workon_make shill --test and tested manually. BUG=chromium:213086 Manual Test procedure. 1. Connect to a wifi network. 2. Connect to a VPN service on that wifi network. 3. Run /usr/local/lib/flimflam/test/list-services on a terminal and verify the first service on its output contains a service with a Type "vpn" and a PhysicalTechnology "wifi": [ /service/6 ] ... Type = vpn ... PhysicalTechnology = wifi Change-Id: Ic843429de3f4d5a4208e271bb779c3e3160f036b Reviewed-on: https://gerrit.chromium.org/gerrit/61510 Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: Alex Deymo <deymo@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Tested-by: Alex Deymo <deymo@chromium.org> /system/connectivity/shill/connection.cc
856b8848e200a30006502c90f567923135454cf4	10-Jul-2013	Paul Stewart <pstew@chromium.org>	shill: Connection: Don't create a route to invalid gateway Automated tests like network_VPNConnect will create VPN links on interfaces that may not have a gateway route. This causes a crash in shill since it does not ever expect the underlying connection to have no gateway. Although this is unlikely in the field, there is no cost to fixing this issue in shill. BUG=chromium:259030 TEST=Unit tests Change-Id: I25372df5066ad4c044fdf542f83934ab1418f517 Reviewed-on: https://gerrit.chromium.org/gerrit/61450 Reviewed-by: Ben Chan <benchan@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
23ac6b72d44c446bca88175883ba26b39c5ed817	01-Feb-2013	mukesh agrawal <quiche@chromium.org>	shill: Revert "shill: resolver: Use (even) smaller DNS timeout" The short DNS timeout was intended to work around an issue with some DNS servers. The belief was that the DNS failure was transient, and that a quick retry would improve DNS lookup times. Field results didn't show any improvement, so back out this change. Note further that, as of M25 stable, Chrome uses its own DNS resolver. That resolver has a fixed one second timeout for the first try, and exponential backoff thereafter. Consequently, if this code remained in the tree, this code would only affect system processes. BUG=chromium:220150 TEST=unit tests This reverts commit bf667617d573e3af4b808ed317b1d6ca04747ee4. Conflicts: connection.cc connection_unittest.cc default_profile_unittest.cc manager.cc manager.h mock_resolver.h resolver.cc resolver.h resolver_unittest.cc Change-Id: Ic96c6c014a973de441ab1771539a0d9f3d5c5967 Reviewed-on: https://gerrit.chromium.org/gerrit/46944 Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Queue: mukesh agrawal <quiche@chromium.org> Tested-by: mukesh agrawal <quiche@chromium.org> /system/connectivity/shill/connection.cc
8596f9f1341d3698543e1010ac1710cbe91e35d5	14-Mar-2013	Paul Stewart <pstew@chromium.org>	shill: Connection: Sort services when connections bind When an upper / lower binding is created, this may cause services priorities to change. We should request that services be resorted at this time. This relieves issues with service priorities preventing VPNs from achieving the default route. While here, log in the Manager whenever the default service changes. BUG=chromium:178351 TEST=Unit test Change-Id: Iaf38d443e3d06b60571f4f67f23afb0a11f4abe9 Reviewed-on: https://gerrit.chromium.org/gerrit/45425 Reviewed-by: Darin Petkov <petkov@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
73fcc3f6560240d0d5dde15927cc0b51dc692dd5	25-Feb-2013	Paul Stewart <pstew@chromium.org>	shill: Connection: Correct routability to trusted IP In order to send outgoing traffic in a point-to-point network bundled within a VPN to a trusted peer IP address, the gateway IP address isn't of significance. As opposed to broadcast networks, in the inner point-to-point network we never ARP for the gateway IP address, but just send the IP packet addressed to the recipient. As such, since using the external trusted IP address as the gateway or peer wreaks havoc on the routing rules, we remove the gateway address altogether and rely on an interface-based route across the point-to-point link. BUG=chromium-os:37765 TEST=Unit tests, run with Cisco-ASA (for regressions -- does not work any worse with current configuraton; confirmed via packet trace that output packets are encapsulated currectly within L2TP/PPP/ESP), and IP address is set as explained above. Also connect to customer VPN network which started the bug above and verified end-to-end connectivity (http transfer). Change-Id: I9dd4de28464777663da11e9f731a5746d2eebb7c Reviewed-on: https://gerrit.chromium.org/gerrit/43927 Tested-by: Paul Stewart <pstew@chromium.org> Reviewed-by: Darin Petkov <petkov@chromium.org> Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Queue: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
a016312b7470e124774aec197e3b43bc795637c3	26-Sep-2012	Ben Chan <benchan@chromium.org>	shill: vpn: Create a IPv6 blackhole route for IPv4 L2TP/IPsec VPN. BUG=chromium-os:34383 TEST=Tested the following: 1. Build and run unit tests. 2. Manually test IPv4 LT2P/IPsec VPN on an network interface with IPv4 and IPv6 addresses as follows: - Before connecting to the VPN, run `ip -6 route` to verify that no blackhole route exists. Confirm via http://ipv6test.google.com that IPv6 connectivity is available. - After connecting to the VPN, run `ip -6 route` to verify that the blackhole route is installed. Confirm via http://ipv6test.google.com that IPv6 connectivity is not available. - After disconnecting from the VPN, run `ip -6 route` to verify that no blackhole route exists. Confirm via http://ipv6test.google.com that IPv6 connectivity is available. Change-Id: I7ae4fab5319b5f06a6a3f5a28f439551f2825044 Reviewed-on: https://gerrit.chromium.org/gerrit/34053 Commit-Ready: Ben Chan <benchan@chromium.org> Reviewed-by: Ben Chan <benchan@chromium.org> Tested-by: Ben Chan <benchan@chromium.org> /system/connectivity/shill/connection.cc
6f65c0b387f6dde8113f52745b758ca1c4f349be	11-Sep-2012	Paul Stewart <pstew@chromium.org>	shill: Connection: Don't call Resolver::SetDNSFromIPConfig Don't ever call this function (in fact, remove this from the resolver), and refactor the code that correctly generates the DNS search list so that it is usable both from Connection::UpdateFromIPConfig() and from void Connection::SetIsDefault(). BUG=chromium-os:34260 TEST=Rerun unit tests + Manual: Connect to AP that supplies only "DomainName", and ensure that /etc/resolv.conf contains this domain in the search field both initially and after DHCP renewal. Change-Id: I9a0705cb54e6588915533cc343b05efcdee71293 Reviewed-on: https://gerrit.chromium.org/gerrit/32996 Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Ready: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
d62d6035f45ab5caf04a558a70fbc78457775f97	11-Sep-2012	Paul Stewart <pstew@chromium.org>	shill: Connection: Do non-empty tests independently for DNS search Before this change, the DNS domain search was overridden if the DNS server paramater was non-empty. Change this so that it is only overridden if the derived DNS domain search list is non-empty. This is due to reports that on DHCP renewal some servers return a non-empty server list but do not renew the DNS domain value. BUG=chromium-os:34260 TEST=Rerun unit tests. Change-Id: I0f95808011e13095e467c1440dce7a13059075ad Reviewed-on: https://gerrit.chromium.org/gerrit/32952 Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Ready: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
4d1868b5085dd0c5c38e9d8d5c52516c901bd2a0	10-Sep-2012	Paul Stewart <pstew@chromium.org>	shill: Connection: Use DNS domain if search list not provided If the DHCP server replies with a domain name but not with an explicit DHCP search list, use the domain name as the search list. This mirrors flimflam's previous behavior. BUG=chromium-os:34260 TEST=New unit tests Change-Id: Ife7c83d24dbd7955d20b1636f466df2fe587a926 Reviewed-on: https://gerrit.chromium.org/gerrit/32776 Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Ready: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
b691efd71561246065eae3cdd73a96ca1b8a528d	09-Aug-2012	Christopher Wiley <wiley@chromium.org>	shill: Rename SMLOG to SLOG Rewrite SMLOG as SLOG, thus saving many edits. Change the location of the SLOG macro to be memory_log.h, requiring includes to be rewritten and reordered. While we're rewriting includes, moving all assorted logging includes into a generic shill/logging.h, thus saving future logging changes from altering these includes ever again. BUG=chromium-os:31145 TEST=Builds, unit tests still pass Change-Id: Ie5129fcbdda87f3149460209a682c698b876b09a Reviewed-on: https://gerrit.chromium.org/gerrit/29650 Commit-Ready: Christopher Wiley <wiley@chromium.org> Reviewed-by: Christopher Wiley <wiley@chromium.org> Tested-by: Christopher Wiley <wiley@chromium.org> /system/connectivity/shill/connection.cc
bf667617d573e3af4b808ed317b1d6ca04747ee4	29-Jun-2012	Paul Stewart <pstew@chromium.org>	shill: resolver: Use (even) smaller DNS timeout Use the new glibc facility for sub-second timeouts, and choose 300 milliseconds for the timeout. However, only do this by default for Ethernet and WiFi networks, since VPN networks in particular have trouble with this configuration (due to many name servers and search domains, as well as the additional latency inherent to such networks). Also, increase the number of attempts, so we still spend a reasonable amount of time overall waiting for a DNS response. Provide a means to change which technologies are setup in this manner. BUG=chromium-os:29124 TEST=Manual: Install connection manager, verify via strace that gethostbyname now waits 300 ms, and retries 15 times per trial (). Ensure Chromium continues to work correctly under light loads. Also, connect via Verizon and VPN and ensure DNS parameters are back to the long timeout. List manager properties and ensure it says "ethernet,wifi" for ShortDNSTimeoutTechnologies and that this is saved out to the profile. New unit tests. CQ-DEPENDS=Ib9ffc59bbfcd5bf3f57d146965c5a43a936348f8 : Each trial consists of a nameserver / IP address pair, so for example, if we have IPv6 connectivity and have two "server" entries in resolv.conf, we first do 30 tries of IPv6 requests, alternating between the two servers, then another 30 alternating IPv4 requests between them. This was tested by intentionally making the DNS server unreachable and instrumenting the gethostbyname request via strace. Change-Id: Idd331b4a9fcf96d457ab9959537aefcb86328e12 Reviewed-on: https://gerrit.chromium.org/gerrit/26493 Commit-Ready: Paul Stewart <pstew@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
05a42c23f1d37daa8689fc4240034e62ed89f8fc	03-Aug-2012	Paul Stewart <pstew@chromium.org>	shill: Connection: If IP Address changes, flush everything If a new IP configuration arrives which changes the address assigned to the family of this IPConfig, flush addresses and routes before applying the new configuration. Otherwise, we end up adding the new address inclusively as a secondary IP address and userspace programs continue to use the old address. BUG=chromium-os:33066 TEST=New unit tests. Manual: Change DHCP server configuration, unplug and replug to the same network. The old DHCP configuration is loaded (since the lease is still valid and the gateway is reachable) but when the new DHCP information arrives, ensure that the new IP address (and only that address) is configured, and the routes are sane (i.e., both LAN interface route and default route exist). Change-Id: Ic746368d97c503271995ff30b6818d770f4340c5 Reviewed-on: https://gerrit.chromium.org/gerrit/29170 Reviewed-by: mukesh agrawal <quiche@chromium.org> Commit-Ready: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
4a6748d492214afcb7c484668fa8cfd3ad963f10	17-Jul-2012	Paul Stewart <pstew@chromium.org>	shill: Connection: Create a link route if we are bound Due to the behavior of some VPN servers, we may lose our route to the default gateway of a physical interface due to the routes assigned by a virtual interfaces. To avert this, set a host route for the default gateway as we bind a lower connection. BUG=chromium-os:32643 TEST=New unit tests; tried on a known-misbehaving net (actually working from there right now); VPN autotests Change-Id: I68db1da339f61c415f9ba8c2c26d8cdb0276b209 Reviewed-on: https://gerrit.chromium.org/gerrit/27705 Commit-Ready: Paul Stewart <pstew@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org> /system/connectivity/shill/connection.cc
e8587e382d1566c8b72ec4714c6e39d9b747fe20	02-Jul-2012	Darin Petkov <petkov@chromium.org>	shill: openvpn: Reuse IP parameters on restart/reconnect. When openvpn restarts (e.g., due to inactivity) and reconnects, it doesn't provide back to the connection manager some IP configuration options (e.g., routes), leading to VPN service misconfiguration. This patch fixes the issue by reusing any existing IP properties if no corresponding new property is provided. BUG=chromium-os:32298 TEST=unit tests; tested on device by connecting to corp OpenVPN, closing all browser windows, monitoring the log for OpenVPN restarts and reconnects, verifying the connection after reconnect (browse to VPN sites, /etc/resolv.conf, ip route). Change-Id: I68c5b7aa56e1f5a7294bd26a507ca45cdc318332 Reviewed-on: https://gerrit.chromium.org/gerrit/26569 Tested-by: Darin Petkov <petkov@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Commit-Ready: Darin Petkov <petkov@chromium.org> /system/connectivity/shill/connection.cc