March 2020 - connman - Ml01.01.Org

by Yasser

We were having a problem with our wifi scanning, where the list of wifi available would become empty and would not be repopulated until after a long delay. Researching the problem it seemed that it was related to BSS expiration age. There were already some people who had faced the same issue, so inspired by this we developed the following patch which allows us to set the BSS expiration age to match ConnMan long scanning interval to avoid the loss of networks during a long interval between two scans. diff --git a/gsupplicant/gsupplicant.h b/gsupplicant/gsupplicant.h index bfb52db..08d6b9e 100644 --- a/gsupplicant/gsupplicant.h +++ b/gsupplicant/gsupplicant.h @@ -267,7 +267,8 @@ int g_supplicant_interface_connect(GSupplicantInterface *interface, int g_supplicant_interface_disconnect(GSupplicantInterface *interface, GSupplicantInterfaceCallback callback, void *user_data); - +int g_supplicant_interface_set_bss_expiration_age(GSupplicantInterface *interface, + unsigned int bss_expiration_age); int g_supplicant_interface_set_apscan(GSupplicantInterface *interface, unsigned int ap_scan); diff --git a/gsupplicant/supplicant.c b/gsupplicant/supplicant.c index 6052f7b..fe6ad48 100644 --- a/gsupplicant/supplicant.c +++ b/gsupplicant/supplicant.c @@ -981,6 +981,46 @@ static void interface_capability(const char *key, DBusMessageIter *iter, key, dbus_message_iter_get_arg_type(iter)); } +struct g_supplicant_bss_expiration_age +{ + GSupplicantInterface *interface; + unsigned int bss_expiration_age; +}; + +static void set_bss_expiration_age(DBusMessageIter *iter, void *user_data) +{ + struct g_supplicant_bss_expiration_age *data = user_data; + unsigned int bss_expiration_age = data->bss_expiration_age; + + dbus_free(data); + dbus_message_iter_append_basic(iter, DBUS_TYPE_UINT32, &bss_expiration_age); +} + +int g_supplicant_interface_set_bss_expiration_age(GSupplicantInterface *interface, + unsigned int bss_expiration_age) +{ + struct g_supplicant_bss_expiration_age *data; + int ret; + + data = dbus_malloc0(sizeof(*data)); + + if (!data) + return -ENOMEM; + + data->bss_expiration_age = bss_expiration_age; + data->interface = interface; + + ret = supplicant_dbus_property_set(interface->path, + SUPPLICANT_INTERFACE ".Interface", + "BSSExpireAge", DBUS_TYPE_UINT32_AS_STRING, + set_bss_expiration_age, NULL, data, NULL); + if (ret < 0) + dbus_free(data); + + return ret; +} + + struct set_apscan_data { unsigned int ap_scan; diff --git a/plugins/wifi.c b/plugins/wifi.c index 910b739..57b63e2 100644 --- a/plugins/wifi.c +++ b/plugins/wifi.c @@ -1522,6 +1522,7 @@ static void interface_create_callback(int result, void *user_data) { struct wifi_data *wifi = user_data; + char * bgscan_range_max; DBG("result %d ifname %s, wifi %p", result, g_supplicant_interface_get_ifname(interface), @@ -1537,6 +1538,13 @@ static void interface_create_callback(int result, wifi->interface_ready = true; finalize_interface_creation(wifi); } + /* Force the BSS expiration age to match ConnMan long scanning interval to avoid the loss of networks during a long interval between two scannings. */ + if ((bgscan_range_max = strrchr(BGSCAN_DEFAULT,':')) != NULL && + g_supplicant_interface_set_bss_expiration_age(interface, strtol(bgscan_range_max + 1, (char**)NULL, 10) + 10) >= 0) { + DBG("bss expiration age successfully updated"); + } else { + DBG("bss expiration age update has failed"); + } } static int wifi_enable(struct connman_device *device)

2 months, 1 week

4
4
0 / 0

IP Accounting for WiFi Clients

by guna.aravind＠gmail.com

Currently i don't see the IP accounting feature is conman for WiFi Clients. I like to contribute the implementation for IP Accounting for WiFi Clients. Can somebody provide the procedure to contribute.

9 months, 1 week

3
2
0 / 0

connman-vpn problems with PPTP

by KeithG

I was unable to get connman to make a vpn connection to my work. This is a simple pptp vpn connection on a Laptop running Arch Linux with Gnome. Struggled for a few hours and nothing. I enabled NetworkManager and in a few seconds, voila! it worked. I like connman/iwd. I use it on my Raspberry Pis and want to use connman/iwd on my laptop. It works great on the laptop for the wifi and ethernet connections, but I need vpn as well. I know it can do it, but the docs are a bit sketchy and I was unsuccessful. When I compare my log of a successful connection with NetworkManager and my failed connection with connman, I cannot see anything strange. How does one actually enable more debugging? The *.config file can have a PPTP.Debug=, but it is unclear what we should put there? 1,2,3? Full? Max? Verbose? The man page is unclear. In Network Manager, my relevant settings are: [vpn] domain=work gateway=vpn.work.com mppe-stateful=yes password-flags=2 refuse-chap=yes refuse-eap=yes refuse-mschap=yes refuse-pap=yes require-mppe=yes user=username for connman-vpn, I tried this: [provider_work] Type=PPTP Name=work Host=vpn.work.com Domain=work PPTP.User=username PPPD.RefuseCHAP=true PPPD.RefuseEAP=true PPPD.RefuseMSCHAP=true PPPD.RefuseMSCHAPv2=false PPPD.RefusePAP=true PPPD.ReqMPPE=true PPPD.ReqMPPEStateful=true The log shows similar responses, but then disconnects. The only error I get is: "Non-zero Async Control Character Maps are not supported!" Then a disconnect. Also, I think it would help to get this package more widely used if it had a current, viable gnome extension. This one no longer works (at least with Arch) and is abandoned since 2016. https://extensions.gnome.org/extension/981/connman-extension/ I have connman-gtk and cmst installed and both have some shortcomings. It would be awesome if I could edit the config in the applet... Thanks for looking, Keith

11 months

2
1
0 / 0

[PATCH 0/2] WireGuard/VPN small tweaks.

by Daniel Wagner

Christian Hewitt had some feedback/wisches from the LibreELEC project. https://forum.libreelec.tv/thread/17965-add-wireguard-support/?pageNo=2 Daniel Wagner (2): wireguard: Regular reresolve endpoint address vpn: Make domain parameter optional doc/vpn-config-format.txt | 2 +- vpn/plugins/wireguard.c | 87 +++++++++++++++++++++++++++++++++++---- vpn/vpn-config.c | 2 +- vpn/vpn-provider.c | 11 ++--- 4 files changed, 88 insertions(+), 14 deletions(-) -- 2.25.1

11 months, 1 week

1
2
0 / 0

[PATCH] iwd: Mark network avaible after scaning

by Daniel Wagner

connman_device_set_scanning() marks all networks as unavailable during the scan period. The iwd plugin needs mark the network available again. Fixes: 6b391cfd294d ("iwd: Synchronize station scanning property with scan state") --- plugins/iwd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/iwd.c b/plugins/iwd.c index 8568fcd402dd..721970695541 100644 --- a/plugins/iwd.c +++ b/plugins/iwd.c @@ -972,6 +972,7 @@ static void _update_signal_strength(const char *path, int16_t signal_strength) connman_network_set_strength(iwdn->network, calculate_strength(signal_strength)); + connman_network_set_available(iwdn->network, true); connman_network_update(iwdn->network); } -- 2.25.1

11 months, 1 week

2
3
0 / 0

mDNS configuration howto

by KeithG

I see mention of mDNS functionality which has been added in the commits to connman, but cannot figure out how to enable it for my adapters? I have mDNS turned on and running in systemd-resolved, but both adapters show it as not running and I cannot browse to or from them in a Linux only environment. Resolvectl can find all the mDNS and avahi. I see mentions of this on the web, but most are about NetworkManager settings. Since I am running connman, how do I enable it? Do I add a line to /etc/connman/main.conf or does it go in the *.config file for each connection? What is the syntax? I have enabled mDNS in the /etc/systemd/resolved.conf and have this as my hosts line in /etc/nsswitch.conf: hosts: files mymachines mdns resolve [!UNAVAIL=return] dns myhostname This is what resolvectl thinks is going on # resolvectl Global LLMNR setting: yes *MulticastDNS setting: yes* DNSOverTLS setting: no DNSSEC setting: allow-downgrade DNSSEC supported: yes Current DNS Server: 9.9.9.10 Fallback DNS Servers: 1.1.1.1 9.9.9.10 8.8.8.8 2606:4700:4700::1111 2620:fe::10 2001:4860:4860::8888 DNSSEC NTA: 10.in-addr.arpa 16.172.in-addr.arpa 168.192.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa corp d.f.ip6.arpa home internal intranet lan local private test Link 3 (wlan0) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 DefaultRoute setting: no LLMNR setting: yes *MulticastDNS setting: no* DNSOverTLS setting: no DNSSEC setting: allow-downgrade DNSSEC supported: yes Link 2 (eth0) Current Scopes: LLMNR/IPv4 LLMNR/IPv6 DefaultRoute setting: no LLMNR setting: yes *MulticastDNS setting: no* DNSOverTLS setting: no DNSSEC setting: allow-downgrade DNSSEC supported: yes When I try to resolve my local machine it works: # resolvectl query machine.local machine.local: 127.0.0.1 ::1 -- Information acquired via protocol DNS in 15.6ms. -- Data is authenticated: yes When I try to find any others on the LAN which are running Avahi-daemon, It cannot find them: # resolvectl query machine2.local machine2.local: resolve call failed: No appropriate name servers or networks for name found

11 months, 2 weeks

1
0
0 / 0

Next release

by Daniel Wagner

Hi, I think the current version is in good shape. We have a few 'new' features, such as VPN revamp, WireGuard support and iwd 1.0 support. Also the usual bug fixes. Is there anything properly annoying with the current HEAD? The last release was almost a year ago. It's about time for new one :) Thanks, Daniel

11 months, 2 weeks

3
8
0 / 0

[PATCH] iwd: synchronize station scanning property with connman device

by Maxime Roussin-Bélanger

When you start a scan connman waits for a scan_pending reply, but IWD never sends a reply. By synchronizing the scanning property of a iwd station with connman device, it can call the __connman_technology_scan_stopped function so that the scan_pending is removed from the list. Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger(a)gmail.com> --- plugins/iwd.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/plugins/iwd.c b/plugins/iwd.c index bf6a2c26..ad5adace 100644 --- a/plugins/iwd.c +++ b/plugins/iwd.c @@ -1020,6 +1020,7 @@ static void station_property_change(GDBusProxy *proxy, const char *name, DBusMessageIter *iter, void *user_data) { struct iwd_station *iwds; + struct iwd_device *iwdd; const char *path; path = g_dbus_proxy_get_path(proxy); @@ -1056,6 +1057,11 @@ static void station_property_change(GDBusProxy *proxy, const char *name, if (!iwds->scanning) update_signal_strength(iwds); + iwdd = g_hash_table_lookup(devices, path); + if (iwdd) + connman_device_set_scanning(iwdd->device, + CONNMAN_SERVICE_TYPE_WIFI, iwds->scanning); + DBG("%s scanning %d", path, iwds->scanning); } } -- 2.20.1

11 months, 3 weeks

2
1
0 / 0

[tethering.c][lease_added]why to check whether MAC is already present in the hash table

by guna.aravind＠gmail.com

I like to understand why to check whether MAC is already present or not in the hash table. My understanding is once the MAC is authenticated and MAC is added to the Hash table, then the DHCP server start leasing the IP to the client, after successful leasing lease_added method i called. If my understanding is correct, what is the use of the adding MAC address check and not present condition. if the execution reaches lease_added method, that means MAC address is already inserted in the hash table. Can some one help here to understand the logic /**********tethering.c(lease_added)******************************/ DBG("ip address for lease added:%s",ip_addr); struct tether_client * teth_cli = NULL; if(true == g_hash_table_lookup_extended(clients_table, mac_addr, NULL, &teth_cli)) { DBG("modifying ip address for %s mac address from hash table",mac_addr); g_free(teth_cli->ip); teth_cli->ip = g_strdup(ip_addr); } else { DBG("no entry present for %s mac address",mac_addr); teth_cli = tether_client_create(ip_addr); if (teth_cli) { char * mac; mac = g_strdup(mac_addr); g_hash_table_insert(clients_table, mac, teth_cli); } } /*********************************************************************************/

11 months, 3 weeks

2
2
0 / 0

Turn off connman-vpn

by KeithG

Is there a way to turn this off? I am trying to convert form netctl/ifplug/wpa_supplicant to connman/iwd and notice that connman-vpn is always running. This is for an audio appliance, so vpn is not needed. Is there a configuration setting to turn this off short of compiling from scratch? I have tried to mask the service but then I get errors when I try to run connmanctl. Also, I have to run the connman connect wifi_... to connect to my wifi AP at boot. Is this normal. It has an ethernet cable connected and gets an IP from there. I do not have it set to use only one interface but to get it to connect, I have to run a script at startup to get it to connect to both interfaces. Thanks! Gearhead

12 months

2
2
0 / 0

2021

2020

2019

2018

2017

2016

2015

connman March 2020