firewalld: merge branch 'th/firewalld-reloaded'

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/949
author: Thomas Haller <thaller@redhat.com> 2021-08-06 14:37:43 +0200
committer: Thomas Haller <thaller@redhat.com> 2021-08-06 14:37:43 +0200
commit: a9279d1e89690443d405c4420b395e7f64121f27 (patch)
tree: e445d7d400d2e81d3edbe07e149fed54618ba7fb
parent: ec126740ceddcfac63d56bcc918efb738c80234d (diff)
parent: 0f100abd851bf36769adaded9b079a925b97a7c6 (diff)
download: NetworkManager-a9279d1e89690443d405c4420b395e7f64121f27.tar.gz
3 files changed, 74 insertions, 21 deletions
diff --git a/src/core/nm-firewalld-manager.c b/src/core/nm-firewalld-manager.c
index c562d97856..43ab278ad8 100644
--- a/src/core/nm-firewalld-manager.c
+++ b/src/core/nm-firewalld-manager.c
@@ -15,6 +15,7 @@
 
 #define FIREWALL_DBUS_SERVICE        "org.fedoraproject.FirewallD1"
 #define FIREWALL_DBUS_PATH           "/org/fedoraproject/FirewallD1"
+#define FIREWALL_DBUS_INTERFACE      "org.fedoraproject.FirewallD1"
 #define FIREWALL_DBUS_INTERFACE_ZONE "org.fedoraproject.FirewallD1.zone"
 
 /*****************************************************************************/
@@ -30,10 +31,12 @@ typedef struct {
 
     CList pending_calls;
 
+    char *name_owner;
+
+    guint reloaded_id;
     guint name_owner_changed_id;
 
     bool dbus_inited : 1;
-    bool running : 1;
 } NMFirewalldManagerPrivate;
 
 struct _NMFirewalldManager {
@@ -105,7 +108,7 @@ _ops_type_to_string(OpsType ops_type)
 }
 
 #define _NMLOG_DOMAIN      LOGD_FIREWALL
-#define _NMLOG_PREFIX_NAME "firewall"
+#define _NMLOG_PREFIX_NAME "firewalld"
 #define _NMLOG(level, call_id, ...)                                                 \
     G_STMT_START                                                                    \
     {                                                                               \
@@ -146,6 +149,14 @@ _ops_type_to_string(OpsType ops_type)
 
 /*****************************************************************************/
 
+static void
+_signal_emit_state_changed(NMFirewalldManager *self, NMFirewalldManagerStateChangedType signal_type)
+{
+    g_signal_emit(self, signals[STATE_CHANGED], 0, (int) signal_type);
+}
+
+/*****************************************************************************/
+
 static gboolean
 _get_running(NMFirewalldManagerPrivate *priv)
 {
@@ -154,7 +165,7 @@ _get_running(NMFirewalldManagerPrivate *priv)
      * service is indeed running. That is the time when we queue the
      * requests, and they will be started once the get-name-owner call
      * returns. */
-    return priv->running || (priv->dbus_connection && !priv->dbus_inited);
+    return priv->name_owner || (priv->dbus_connection && !priv->dbus_inited);
 }
 
 gboolean
@@ -315,7 +326,7 @@ _handle_dbus_start(NMFirewalldManager *self, NMFirewalldManagerCallId *call_id)
     GVariant *                 arg;
 
     nm_assert(call_id);
-    nm_assert(priv->running);
+    nm_assert(priv->name_owner);
     nm_assert(!call_id->is_idle);
     nm_assert(c_list_contains(&priv->pending_calls, &call_id->lst));
 
@@ -341,7 +352,7 @@ _handle_dbus_start(NMFirewalldManager *self, NMFirewalldManagerCallId *call_id)
     call_id->dbus.cancellable = g_cancellable_new();
 
     g_dbus_connection_call(priv->dbus_connection,
-                           FIREWALL_DBUS_SERVICE,
+                           priv->name_owner,
                            FIREWALL_DBUS_PATH,
                            FIREWALL_DBUS_INTERFACE_ZONE,
                            dbus_method,
@@ -378,10 +389,10 @@ _start_request(NMFirewalldManager *                self,
           iface,
           NM_PRINT_FMT_QUOTED(zone, "\"", zone, "\"", "default"),
           call_id->is_idle ? " (not running, simulate success)"
-                           : (!priv->running ? " (waiting to initialize)" : ""));
+                           : (!priv->name_owner ? " (waiting to initialize)" : ""));
 
     if (!call_id->is_idle) {
-        if (priv->running)
+        if (priv->name_owner)
             _handle_dbus_start(self, call_id);
         if (!call_id->callback) {
             /* if the user did not provide a callback, the call_id is useless.
@@ -463,6 +474,7 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
     gboolean                                       was_running;
     gboolean                                       now_running;
     gboolean                                       just_initied;
+    gboolean                                       name_owner_changed;
 
     owner = nm_str_not_empty(owner);
 
@@ -474,8 +486,8 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
     was_running  = _get_running(priv);
     just_initied = !priv->dbus_inited;
 
-    priv->dbus_inited = TRUE;
-    priv->running     = !!owner;
+    priv->dbus_inited  = TRUE;
+    name_owner_changed = nm_strdup_reset(&priv->name_owner, owner);
 
     now_running = _get_running(priv);
 
@@ -495,7 +507,7 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
             nm_assert(!call_id->is_idle);
             nm_assert(call_id->dbus.arg);
 
-            if (priv->running) {
+            if (priv->name_owner) {
                 _LOGD(call_id, "initalizing: make D-Bus call");
                 _handle_dbus_start(self, call_id);
             } else {
@@ -511,8 +523,30 @@ name_owner_changed(NMFirewalldManager *self, const char *owner)
         }
     }
 
-    if (was_running != now_running)
-        g_signal_emit(self, signals[STATE_CHANGED], 0, FALSE);
+    if (just_initied)
+        _signal_emit_state_changed(self, NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED);
+    else if (was_running != now_running || name_owner_changed)
+        _signal_emit_state_changed(self,
+                                   NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_NAME_OWNER_CHANGED);
+}
+
+static void
+reloaded_cb(GDBusConnection *connection,
+            const char *     sender_name,
+            const char *     object_path,
+            const char *     interface_name,
+            const char *     signal_name,
+            GVariant *       parameters,
+            gpointer         user_data)
+{
+    NMFirewalldManager *       self = user_data;
+    NMFirewalldManagerPrivate *priv = NM_FIREWALLD_MANAGER_GET_PRIVATE(self);
+
+    if (!nm_streq0(sender_name, priv->name_owner))
+        return;
+
+    _LOGT(NULL, "reloaded signal received");
+    _signal_emit_state_changed(self, NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_RELOADED);
 }
 
 static void
@@ -541,7 +575,7 @@ get_name_owner_cb(const char *name_owner, GError *error, gpointer user_data)
     NMFirewalldManager *       self;
     NMFirewalldManagerPrivate *priv;
 
-    if (!name_owner && g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
+    if (nm_utils_error_is_cancelled(error))
         return;
 
     self = user_data;
@@ -568,6 +602,17 @@ nm_firewalld_manager_init(NMFirewalldManager *self)
         return;
     }
 
+    priv->reloaded_id = g_dbus_connection_signal_subscribe(priv->dbus_connection,
+                                                           FIREWALL_DBUS_SERVICE,
+                                                           FIREWALL_DBUS_INTERFACE,
+                                                           "Reloaded",
+                                                           FIREWALL_DBUS_PATH,
+                                                           NULL,
+                                                           G_DBUS_SIGNAL_FLAGS_NONE,
+                                                           reloaded_cb,
+                                                           self,
+                                                           NULL);
+
     priv->name_owner_changed_id =
         nm_dbus_connection_signal_subscribe_name_owner_changed(priv->dbus_connection,
                                                                FIREWALL_DBUS_SERVICE,
@@ -594,6 +639,7 @@ dispose(GObject *object)
      * we don't expect pending operations at this point. */
     nm_assert(c_list_is_empty(&priv->pending_calls));
 
+    nm_clear_g_dbus_connection_signal(priv->dbus_connection, &priv->reloaded_id);
     nm_clear_g_dbus_connection_signal(priv->dbus_connection, &priv->name_owner_changed_id);
 
     nm_clear_g_cancellable(&priv->get_name_owner_cancellable);
@@ -616,8 +662,8 @@ nm_firewalld_manager_class_init(NMFirewalldManagerClass *klass)
                                           0,
                                           NULL,
                                           NULL,
-                                          g_cclosure_marshal_VOID__BOOLEAN,
+                                          g_cclosure_marshal_VOID__INT,
                                           G_TYPE_NONE,
                                           1,
-                                          G_TYPE_BOOLEAN /* initialized_now */);
+                                          G_TYPE_INT /* signal-type */);
 }
diff --git a/src/core/nm-firewalld-manager.h b/src/core/nm-firewalld-manager.h
index febb9bac48..1f76bebaa4 100644
--- a/src/core/nm-firewalld-manager.h
+++ b/src/core/nm-firewalld-manager.h
@@ -19,6 +19,12 @@
 
 #define NM_FIREWALLD_MANAGER_STATE_CHANGED "state-changed"
 
+typedef enum {
+    NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED,
+    NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_NAME_OWNER_CHANGED,
+    NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_RELOADED,
+} NMFirewalldManagerStateChangedType;
+
 typedef struct _NMFirewalldManagerCallId NMFirewalldManagerCallId;
 
 typedef struct _NMFirewalldManager      NMFirewalldManager;
diff --git a/src/core/nm-policy.c b/src/core/nm-policy.c
index bf7c4ef01a..d62a9ed07c 100644
--- a/src/core/nm-policy.c
+++ b/src/core/nm-policy.c
@@ -2521,14 +2521,15 @@ connection_added(NMSettings *settings, NMSettingsConnection *connection, gpointe
 }
 
 static void
-firewall_state_changed(NMFirewalldManager *manager, gboolean initialized_now, gpointer user_data)
+firewall_state_changed(NMFirewalldManager *manager, int signal_type_i, gpointer user_data)
 {
-    NMPolicy *       self = (NMPolicy *) user_data;
-    NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
-    const CList *    tmp_lst;
-    NMDevice *       device;
+    const NMFirewalldManagerStateChangedType signal_type = signal_type_i;
+    NMPolicy *                               self        = user_data;
+    NMPolicyPrivate *                        priv        = NM_POLICY_GET_PRIVATE(self);
+    const CList *                            tmp_lst;
+    NMDevice *                               device;
 
-    if (initialized_now) {
+    if (signal_type == NM_FIREWALLD_MANAGER_STATE_CHANGED_TYPE_INITIALIZED) {
         /* the firewall manager was initializing, but all requests
          * so fare were queued and are already sent. No need to
          * re-update the firewall zone of the devices. */
author	Thomas Haller <thaller@redhat.com>	2021-08-06 14:37:43 +0200
committer	Thomas Haller <thaller@redhat.com>	2021-08-06 14:37:43 +0200
commit	a9279d1e89690443d405c4420b395e7f64121f27 (patch)
tree	e445d7d400d2e81d3edbe07e149fed54618ba7fb
parent	ec126740ceddcfac63d56bcc918efb738c80234d (diff)
parent	0f100abd851bf36769adaded9b079a925b97a7c6 (diff)
download	NetworkManager-a9279d1e89690443d405c4420b395e7f64121f27.tar.gz