netifd: Add rpfilter config support

[project/netifd.git] / proto-shell.c

diff --git a/proto-shell.c b/proto-shell.c
index 37859f4..0131e19 100644 (file)
--- a/proto-shell.c
+++ b/proto-shell.c
@@ -71,6 +71,7 @@ struct proto_shell_state {
 
        enum proto_shell_sm sm;
        bool proto_task_killed;
+       bool renew_pending;
 
        int last_error;
 
@@ -159,10 +160,22 @@ proto_shell_handler(struct interface_proto_state *proto,
                state->last_error = -1;
                proto_shell_clear_host_dep(state);
                state->sm = S_SETUP;
+       } else if (cmd == PROTO_CMD_RENEW) {
+               if (!(handler->proto.flags & PROTO_FLAG_RENEW_AVAILABLE))
+                       return 0;
+
+               if (state->script_task.uloop.pending) {
+                       state->renew_pending = true;
+                       return 0;
+               }
+
+               state->renew_pending = false;
+               action = "renew";
        } else {
                if (state->sm == S_TEARDOWN)
                        return 0;
 
+               state->renew_pending = false;
                if (state->script_task.uloop.pending) {
                        if (state->sm != S_SETUP_ABORT) {
                                uloop_timeout_set(&state->teardown_timeout, 1000);
@@ -183,6 +196,7 @@ proto_shell_handler(struct interface_proto_state *proto,
                uloop_timeout_set(&state->teardown_timeout, 5000);
        }
 
+       D(INTERFACE, "run %s for interface '%s'\n", action, proto->iface->name);
        config = blobmsg_format_json(state->config, true);
        if (!config)
                return -1;
@@ -251,6 +265,9 @@ proto_shell_task_finish(struct proto_shell_state *state,
                if (task == &state->proto_task)
                        proto_shell_handler(&state->proto, PROTO_CMD_TEARDOWN,
                                            false);
+               if (task == &state->script_task && state->renew_pending)
+                       proto_shell_handler(&state->proto, PROTO_CMD_RENEW,
+                                           false);
                break;
 
        case S_SETUP_ABORT:
@@ -423,6 +440,9 @@ proto_shell_update_link(struct proto_shell_state *state, struct blob_attr *data,
        bool keep = false;
        bool up;
 
+       if (state->sm == S_TEARDOWN || state->sm == S_SETUP_ABORT)
+               return UBUS_STATUS_PERMISSION_DENIED;
+
        if (!tb[NOTIFY_LINK_UP])
                return UBUS_STATUS_INVALID_ARGUMENT;
 
@@ -441,30 +461,31 @@ proto_shell_update_link(struct proto_shell_state *state, struct blob_attr *data,
                        dev_create = 2;
        }
 
-       if (!tb[NOTIFY_IFNAME]) {
-               if (!iface->main_dev.dev)
-                       return UBUS_STATUS_INVALID_ARGUMENT;
-       } else if (!keep || iface->state != IFS_UP) {
+       if (iface->state != IFS_UP || !iface->l3_dev.dev)
                keep = false;
-               devname = blobmsg_data(tb[NOTIFY_IFNAME]);
-               if (tb[NOTIFY_TUNNEL]) {
-                       dev = proto_shell_create_tunnel(devname,
-                               tb[NOTIFY_TUNNEL]);
-                       if (!dev)
-                               return UBUS_STATUS_INVALID_ARGUMENT;
-               } else {
-                       dev = device_get(devname, dev_create);
-                       if (!dev)
-                               return UBUS_STATUS_NOT_FOUND;
+
+       if (!keep) {
+               dev = iface->main_dev.dev;
+               if (tb[NOTIFY_IFNAME]) {
+                       keep = false;
+                       devname = blobmsg_data(tb[NOTIFY_IFNAME]);
+                       if (tb[NOTIFY_TUNNEL])
+                               dev = proto_shell_create_tunnel(devname, tb[NOTIFY_TUNNEL]);
+                       else
+                               dev = device_get(devname, dev_create);
                }
 
+               if (!dev)
+                       return UBUS_STATUS_INVALID_ARGUMENT;
+
                interface_set_l3_dev(iface, dev);
-               device_claim(&iface->l3_dev);
+               if (device_claim(&iface->l3_dev) < 0)
+                       return UBUS_STATUS_UNKNOWN_ERROR;
+
                device_set_present(dev, true);
-       }
 
-       if (!keep)
                interface_update_start(iface);
+       }
 
        proto_apply_ip_settings(iface, data, addr_ext);
 
@@ -485,9 +506,11 @@ proto_shell_update_link(struct proto_shell_state *state, struct blob_attr *data,
 
        interface_update_complete(state->proto.iface);
 
-       if (!keep)
-               state->proto.proto_event(&state->proto, IFPEV_UP);
-       state->sm = S_IDLE;
+       if ((state->sm != S_SETUP_ABORT) && (state->sm != S_TEARDOWN)) {
+               if (!keep)
+                       state->proto.proto_event(&state->proto, IFPEV_UP);
+               state->sm = S_IDLE;
+       }
 
        return 0;
 }
@@ -525,6 +548,9 @@ proto_shell_run_command(struct proto_shell_state *state, struct blob_attr **tb)
        static char *argv[64];
        static char *env[32];
 
+       if (state->sm == S_TEARDOWN || state->sm == S_SETUP_ABORT)
+               return UBUS_STATUS_PERMISSION_DENIED;
+
        if (!tb[NOTIFY_COMMAND])
                goto error;
 
@@ -554,7 +580,8 @@ proto_shell_kill_command(struct proto_shell_state *state, struct blob_attr **tb)
                signal = SIGTERM;
 
        if (state->proto_task.uloop.pending) {
-               state->proto_task_killed = true;
+               if (signal == SIGTERM || signal == SIGKILL)
+                       state->proto_task_killed = true;
                kill(state->proto_task.uloop.pid, signal);
        }
 
@@ -623,6 +650,9 @@ proto_shell_add_host_dependency(struct proto_shell_state *state, struct blob_att
        const char *ifname_str = ifname_a ? blobmsg_data(ifname_a) : "";
        char *ifname;
 
+       if (state->sm == S_TEARDOWN || state->sm == S_SETUP_ABORT)
+               return UBUS_STATUS_PERMISSION_DENIED;
+
        if (!host)
                return UBUS_STATUS_INVALID_ARGUMENT;
 
@@ -652,6 +682,8 @@ proto_shell_add_host_dependency(struct proto_shell_state *state, struct blob_att
 static int
 proto_shell_setup_failed(struct proto_shell_state *state)
 {
+       int ret = 0;
+
        switch (state->sm) {
        case S_IDLE:
                state->proto.proto_event(&state->proto, IFPEV_LINK_LOST);
@@ -659,10 +691,13 @@ proto_shell_setup_failed(struct proto_shell_state *state)
        case S_SETUP:
                proto_shell_handler(&state->proto, PROTO_CMD_TEARDOWN, false);
                break;
+       case S_SETUP_ABORT:
+       case S_TEARDOWN:
        default:
+               ret = UBUS_STATUS_PERMISSION_DENIED;
                break;
        }
-       return 0;
+       return ret;
 }
 
 static int
@@ -761,6 +796,10 @@ proto_shell_add_handler(const char *script, const char *name, json_object *obj)
        if (tmp && json_object_get_boolean(tmp))
                handler->proto.flags |= PROTO_FLAG_INIT_AVAILABLE;
 
+       tmp = json_get_field(obj, "renew-handler", json_type_boolean);
+       if (tmp && json_object_get_boolean(tmp))
+               handler->proto.flags |= PROTO_FLAG_RENEW_AVAILABLE;
+
        config = json_get_field(obj, "config", json_type_array);
        if (config)
                handler->config_buf = netifd_handler_parse_config(&handler->config, config);
@@ -769,7 +808,7 @@ proto_shell_add_handler(const char *script, const char *name, json_object *obj)
        add_proto_handler(proto);
 }
 
-static void __init proto_shell_init(void)
+void proto_shell_init(void)
 {
        proto_fd = netifd_open_subdir("proto");
        if (proto_fd < 0)