1 Manager hierarchy 2 ================= 3 4 Service org.chromium.flimflam 5 Interface org.chromium.flimflam.Manager 6 Object path / 7 8 Methods 9 dict GetProperties() 10 11 Return the global system properties specified 12 in the Properties section. 13 14 void SetProperty(string name, variant value) 15 16 Changes the value of the specified property. Only 17 properties that are listed as read-write are 18 changeable. On success a PropertyChanged signal 19 will be emitted. 20 21 Possible Errors: [service].Error.InvalidArguments 22 [service].Error.InvalidProperty 23 24 string GetState() 25 26 Return the connection state of a system. The 27 same value is return via the State property. 28 29 object CreateProfile(string name) 30 31 Create and add new profile with the specified 32 identifier name. The name should either be in the 33 form ``name'' or ``~user/name'' where where ``user'' 34 is the login name of a user suitable for finding 35 their home directory. Both strings must contain 36 only alpha-numeric ASCII characters. 37 38 Profiles created without a user name are stored in 39 a system directory readable only by the connection 40 mananger. Profiles created with a user name are 41 stored in the user's home directory but readable 42 only by the connection manager. 43 44 If any existing profile is specified its contents 45 are reset to a default (minimal) contents. If the 46 profile is already registered with a CreateProfile 47 or PushProfile request then an error is returned. 48 49 Possible Errors: [service].Error.InvalidArguments 50 [service].Error.AlreadyExists 51 52 object PushProfile(string name) 53 54 Push the profile with the specified identifier 55 onto the profile stack. The profile must have 56 previously been created with CreateProfile. 57 The profile becomes the ``active profile'' that 58 is searched first when loading data and to which 59 updates are stored. 60 61 A profile may be pushed only once. 62 63 Possible Errors: [service].Error.InvalidArguments 64 [service].Error.AlreadyExists 65 66 object InsertUserProfile(string name, string user_hash) 67 68 Add the profile with the specified identifier 69 to the profile stack. The profile must have 70 previously been created with CreateProfile. 71 The |user_hash| provided is assigned to the 72 profile and is made visible as a property of 73 the profile. 74 75 A profile may be inserted or pushed only once. 76 77 Possible Errors: [service].Error.InvalidArguments 78 [service].Error.AlreadyExists 79 80 object PopProfile(string name) 81 82 Pop the top-most profile on the profile stack. 83 Any profile beneath this profile becomes the 84 ``active profile''. Any services using configuration 85 from the popped profile are disconnected and the 86 credentials invalidated (the next time 87 credentials are needed they are loaded from the 88 (new) active profile). 89 90 The name must match the identifer of the active 91 profile. This is a safeguard against accidentally 92 removing the wrong profile. 93 94 Note it is valid to pop all profiles from the 95 stack; in this state the connection manager does 96 not write any state to persistent storage. 97 98 Possible Errors: [service].Error.InvalidArguments 99 [service].Error.NotFound 100 101 object PopAnyProfile() 102 103 Like PopProfile but do not check the profile on 104 the top of the stack; pop anything. 105 106 Possible Errors: [service].Error.InvalidArguments 107 108 object PopAllUserProfiles() 109 110 Remove all user profiles from the stack of managed 111 profiles leaving only default profiles if any exist. 112 113 void RemoveProfile(string name) 114 115 Remove the profile with specified identifier. 116 117 The profile may not be resident on the stack. 118 The default profile may not be removed. 119 120 Possible Errors: [service].Error.InvalidArguments 121 [service].Error.AlreadyExists 122 123 void RequestScan(string type) 124 125 Request a scan for the specified technology. If 126 type is the string "" then a scan request is 127 made for each technology. 128 129 Possible Errors: [service].Error.InvalidArguments 130 131 void EnableTechnology(string type) 132 133 Enable all technologies of the specified type. 134 135 Possible Errors: [service].Error.InvalidArguments 136 [service].Error.InProgress 137 [service].Error.AlreadyEnabled 138 [service].Error.PermissionDenied 139 140 void DisableTechnology(string type) 141 142 Disable all technologies of the specified type. 143 144 Possible Errors: [service].Error.InvalidArguments 145 [service].Error.InProgress 146 [service].Error.AlreadyDisabled 147 148 object ConfigureService(dict properties) 149 150 Update the configuration of a service in memory 151 and in the profile. If no matching service exists 152 in memory it is temporarily created to carry out 153 this work and may be removed later. The object 154 path of the created service is returned. 155 156 If a GUID property is specified in properties 157 it is used to find the service; otherwise Type, 158 Security, and type-specific properties such as 159 WiFi.SSID are used to find any existing service. 160 If no service is located in memory a new one is 161 created with the supplied properties. 162 163 All provided parameters are applied to the in 164 memory service regardless of errors. But if an 165 error occurs while setting a property and the 166 service object was created as a result of this 167 call it is removed. In the event of multiple 168 errors the first error code is returned by 169 this call. 170 171 See the Service Properties section for a list of 172 properties and constraints on property values. 173 See also GetService. 174 175 Possible Errors: [service].Error.InvalidArguments 176 [service].Error.NotSupported 177 178 object ConfigureServiceForProfile(object profile, 179 dict properties) 180 181 Create or update the configuration of a WiFi 182 service within a specific profile. This is 183 similar to "ConfigureService" above, except 184 that this might not change the state of the 185 current service. A matching service is found 186 by first looking for a service with matching 187 "GUID" property if specified, then by using 188 the "Mode", "SSID", and "Security" properties 189 from |properties|. 190 191 If a matching service is found but its current 192 profile supersedes the specified profile, a new 193 profile entry is written with the specified 194 properties. This method can be used for 195 configuring a service in the default profile 196 while a separate configuration exists in the 197 user profile. In this scenario, no configured 198 properties in the user profile entry will be 199 copied to the default profile, and the user 200 profile remains unchanged. Moreover, the 201 matching service will still refer to the user 202 profile. 203 204 A second example usage for this method is creating 205 a copy of the current service from the default 206 profile into the user profile. If a matching 207 service exists but its current profile antecedes 208 the specified profile, the configuration of the 209 current service is first copied to the new profile 210 without removing the entry in the default profile. 211 The service is then assigned to the new profile 212 and the specified properties are then applied to 213 the service and saved to the new profile, leaving 214 the original profile intact. This differs from the 215 behavior of setting the "Profile" property on the 216 service via the SetProperty or ConfigureService 217 methods, which remove the configuration from the 218 old profile. 219 220 In situations where a matching service is not found, 221 the service isn't associated with a profile, or the 222 specified profile is already associated with the 223 matched service, the behavior of this method mimics 224 that of ConfigureService. 225 226 Currently this method is only supported for WiFi 227 services. The specified profile must already 228 be loaded and on the Manager's profile stack. 229 If the "Profile" parameter is set in the properties 230 dictionary, it must match the profile parameter. 231 232 This method returns the object path of the created 233 or modified service, in cases where a matching 234 service will refer to the specified profile. 235 Otherwise it returns the special path "/" to signify 236 that although the operation succeeded, there is 237 no matching service that refers to this profile. 238 239 Possible Errors: [service].Error.InternalError 240 [service].Error.InvalidArguments 241 [service].Error.NotFound 242 [service].Error.NotSupported 243 244 void FindMatchingService(dict properties) 245 246 Find a service that matches all the properties 247 and returns the object identifier associated 248 with it. If no service exists in memory that 249 matches these arguments, an error is returned. 250 251 See also GetService and ConfgiureService. 252 253 Possible Errors: [service].Error.NotFound 254 255 object GetService(dict properties) 256 257 Return the object path of a service after 258 applying any requested configuration changes. 259 If no service exists it is created. 260 261 If a GUID property is specified in properties 262 it is used to find the service; otherwise Type, 263 Security, and type-specific properties such as 264 WiFi.SSID are used to find any existing service. 265 If no service is located in memory a new one is 266 created with the supplied properties. 267 268 All provided parameters are applied to the service 269 regardless of errors. But if an error occurs 270 while setting a property and the service was 271 created as a result of this call it is removed. 272 In the event of multiple errors the first error 273 code is returned by this call. 274 275 See the Service Properties section for a list of 276 properties and constraints on property values. 277 See also ConfigureService. 278 279 Possible Errors: [service].Error.InvalidArguments 280 [service].Error.NotSupported 281 [service].Error.PermissionDenied 282 [service].Error.InternalError 283 [service].Error.InvalidNetworkName 284 [service].Error.InvalidPassphrase 285 286 object GetVPNService(dict properties) --DEPRECATED-- 287 288 Like GetService, but only for "vpn" services and 289 without using the GUID property to lookup a service. 290 291 Possible Errors: [service].Error.InvalidArguments 292 [service].Error.NotSupported 293 [service].Error.PermissionDenied 294 [service].Error.InternalError 295 296 object GetWifiService(dict properties) --DEPRECATED-- 297 298 Like GetService, but only for "wifi" services and 299 without using the GUID property to lookup a service. 300 301 Possible Errors: [service].Error.InvalidArguments 302 [service].Error.NotSupported 303 [service].Error.PermissionDenied 304 [service].Error.InternalError 305 [service].Error.InvalidNetworkName 306 [service].Error.InvalidPassphrase 307 308 void SetDebugTags(string taglist) 309 310 Set the debug tags that are enabled for logging to 311 syslog. "taglist" is a list of valid tag names 312 separated by "+". Shill silently ignores 313 invalid flags. 314 315 string GetDebugTags() 316 Get the list of enabled debug tags. The list is 317 represented as a string of tag names separated 318 by "+". 319 320 string ListDebugTags() 321 Get the list of all debug tags that can be enabled. 322 The list is represented as a string of tag names 323 separated by "+". 324 325 string GetServiceOrder() 326 327 Return a ','-separated string listing known technologies 328 in priority ordering. 329 330 For example, the default ordering would be returned as: 331 "ethernet,bluetooth,wifi,wimax,cellular" 332 333 void SetServiceOrder(string mask) 334 335 Set the technology priority based on a provided 336 ','-separated list of technologies, sorted from highest 337 priority to lowest. 338 339 The list may contain the following services: 340 { ethernet, wifi, wimax, bluetooth, cellular } 341 Technologies not included are assigned the lowest 342 priority. 343 344 Technology priority changes occur immediately. 345 346 Possible Errors: [service].Error.InvalidArguments 347 348 void RecheckPortal() 349 350 Retest the portal state of the active service 351 if a check is not currently in progress. This 352 will only have an effect if the active service 353 is currently in the portal state. 354 355 dict GetNetworksForGeolocation() 356 357 Returns an array of dictionaries containing information 358 about visible cellular and WiFi networks which may be 359 then used for Geolocation. 360 Each key is a string, and the value itself is an array 361 of dictionaries mapping string key-value pairs. Each of 362 these (sub) dictionaries contains information about 363 one single network for Geolocation. 364 For more details, see: 365 https://developers.google.com/maps/documentation/business/geolocation/ 366 367 boolean VerifyDestination(string certificate, 368 string public_key 369 string nonce, 370 string signed_data, 371 string destination_udn, 372 string hotspot_ssid, 373 string hotspot_bssid) 374 375 Verify that the given |certificate| refers to a valid 376 destination with attributes as described in 377 |signed_data|. |certificate| is a x509 certificate in 378 PEM format. |public_key| is the base64 encoded public 379 half of a 1024 bit RSA key in DER format. |nonce| is 380 random string of characters. |destination_udn| is the 381 unique device number for the given destination. 382 |hotspot_ssid| and |hotspot_bssid| are self explanatory, 383 but indicate that shill should not require itself to 384 be connected to the destination in question, but instead 385 use the specified values. 386 387 |signed_data| formed as follows: 388 389 Suppose we're connected to a destination with 390 an SSID of ChromeDest1123, a BSSID of 391 00:11::22:33:44:55, a serial number of 392 ABCDEFG-1234-5678, a public key of "MIGJAoGB+", 393 and a nonce like "2ldg8". The device takes 394 that information and joins it together with 395 commas like so: 396 397 "ChromeDest1123,ABCDEFG-1234-5678,00:11:22:33:44:55,MIGJAoGB+,2ldg8" 398 399 The device then takes the SHA-1 hash of that 400 string, and encrypts that hash with its private 401 key. The resulting byte string is base64 402 encoded and passed as |signed_data|. 403 404 This function verifies that the device described by all 405 these pieces of data is a real device by checking that: 406 407 1) The |certificate| is signed by a trusted CA. 408 2) The public key signed by the CA matches to the 409 private key used to encrypt |signed_data|. 410 3) The public key given is tied to the certificate by 411 being included in the |signed_data|. 412 4) A WiFi service is currently connected to the SSID 413 and BSSID in |signed_data|. This check will be 414 skipped if |hotspot_bssid| and |hotspot_ssid| are 415 of non-zero length. 416 417 If all properties hold, this function will return true, 418 otherwise false. 419 420 421 string VerifyAndEncryptCredentials(string certificate, 422 string public_key 423 string nonce, 424 string signed_data, 425 string destination_udn, 426 string hotspot_ssid, 427 string hotspot_bssid, 428 object service) 429 430 Verifies the given credentials as in VerifyDestination, 431 and then uses |public_key| to encrypt the psk for the 432 service identified by |service|. The psk is padded 433 with PKCS#1 v1.5. Returns the base64 encoded, 434 encrypted psk, or an empty string on error. 435 436 string VerifyAndEncryptData(string certificate, 437 string public_key 438 string nonce, 439 string signed_data, 440 string destination_udn, 441 string hotspot_ssid, 442 string hotspot_bssid, 443 string data_to_encrypt) 444 445 Verifies the given credentials as in VerifyDestination, 446 and then uses |public_key| to encrypt 447 |data_to_encrypt|. The data to encrypt is padded as in 448 VerifyAndEncryptCredentials. Returns the base64 encoded, 449 encrypted data, or an empty string on error. 450 451 void ConnectToBestServices() 452 453 For each technology present, connect to the "best" 454 service available, as determined by sorting all 455 services independent of their current connectivity 456 state. As a general rule, shill does not disrupt 457 current connectivity even if "better" connectivity 458 options appear. This method allows this rule to be 459 violated for a single instance for each technology 460 type. 461 462 void CreateConnectivityReport() 463 464 For each connected service, perform a single 465 connectivity trial and report the results to the log. 466 This connectivity test does not affect Service state. 467 468 void ClaimInterface(string claimer_name, string interface_name) 469 470 Assign the ownership of a device |interface_name| to the 471 claimer |claimer_name|. The specified device will be 472 added to the blacklist. Any current connection on that device 473 will be terminated, and shill will stop managing that device. 474 475 void ReleaseInterface(string claimer_name, string interface_name) 476 477 Take the ownership of a device |interface_name| from 478 claimer |claimer_name| back to shill. The specified device 479 will be removed from the blacklist and managed by shill. 480 481 string SetupApModeInterface() 482 483 (Brillo only) Ask WiFi driver to setup an AP mode interface. 484 The driver might teardown the station mode interface as a result 485 of this call. Shill will revert to station mode if the remote 486 service that called this method vanishes. Return an interface name 487 on success, or an empty string on error. 488 489 string SetupStationModeInterface() 490 491 (Brillo only) Ask WiFi driver to setup a station mode interface. 492 The driver might teardown the AP mode interface as a result 493 of this call. Return an interface name on success, or an empty 494 string on error. 495 496 void SetSchedScan(boolean enable) 497 498 Enable/disable scheduled scan for wifi devices. 499 This will also stop any ongoing scheduled scan 500 in wpa_supplicant. 501 502 Signals PropertyChanged(string name, variant value) 503 504 This signal indicates a changed value of the given 505 property. 506 507 StateChanged(string state) 508 509 This signal is similar to the PropertyChanged signal 510 for the State property. 511 512 It exists for application state only care about the 513 current state and so can avoid to be woken up when 514 other details changes. 515 516 Properties string ActiveProfile [readwrite] 517 518 Object path of the current active profile. 519 520 boolean ArpGateway [readwrite] 521 522 Specifies whether the DHCP client should be 523 configured to perform the extra step of performing 524 an ARP of the gateway IP address. This provides 525 a level of assurance that the issued IP address is 526 valid and not blocked in some manner unknown by the 527 DHCP server. 528 529 array{string} AvailableTechnologies [readonly] 530 531 The list of available technologies. The strings 532 are the same as the ones from the service types. 533 534 string CheckPortalList [readwrite] 535 536 The list of technologies for which captive portal 537 checking is enabled. This is a comma-separated 538 string; e.g. "wifi,wimax,vpn". 539 540 array{string} ClaimedDevices [readonly] 541 542 The list of devices that have been claimed by 543 the current DeviceClaimer (if it exists). 544 545 array{string} ConnectedTechnologies [readonly] 546 547 The list of connected technologies. The strings 548 are the same as the ones from the service type. 549 550 string ConnectionState [readonly] 551 552 The state of the highest ranked connected service. 553 The value of this property is "idle" if there are 554 no connected services. Otherwise this can be any 555 of the connected service states, e.g, "portal" or 556 "online". 557 558 string Country [readwrite] 559 560 The ISO 3166 country code. This may not be defined; 561 it is defined if manually set or if it is discovered 562 through a service such as WiFi, Celluar, or GPS. 563 564 string DefaultService [readonly] 565 566 The current connected service with the default route. 567 568 string DefaultTechnology [readonly] 569 570 The current connected technology which holds the 571 default route. 572 573 array{object} Devices [readonly] 574 575 List of device object paths. 576 577 string DHCPProperty.Hostname [readwrite] 578 579 Optional setting to configure DHCP requests. Some DHCP 580 servers may register a DNS entry on behalf of this 581 hostname; others may just make available a table for 582 administrators to tell what machines are on their 583 network. 584 585 The default for this name is empty, which means that the 586 system will not report a hostname. When this property 587 is set it will be persisted in the default profile. 588 589 string DHCPProperty.VendorClass [readwrite] 590 591 Optional setting to configure DHCP requests. This 592 setting can be used to identify the vendor that 593 manufactured the client hardware, the software in use, 594 or an industry consortium to which the vendor belongs. 595 596 The default for this property is empty, which means the 597 system will not report a Vendor Class. When set, this 598 property will override the default setting and be 599 persisted in the default profile. 600 601 bool DisableVHT [readwrite] 602 603 Disables 802.11ac Very High Throughput (VHT) 604 connections, reverting to 802.11n. 605 606 array{string} EnabledTechnologies [readonly] 607 608 The list of enabled technologies. The strings 609 are the same as the ones from the service types. 610 611 string IgnoredDNSSearchPaths [readwrite] 612 613 A comma-separated list of DNS domain suffixes 614 which should be ignored when creating a DNS 615 search list from DHCP-provided parameters. 616 This list will be consulted every time DHCP 617 information is updated (while connecting to 618 a network, or when a DHCP lease is renewed). 619 620 string LinkMonitorTechnologies [readwrite] 621 622 The list of technologies for which thie Link 623 Monitor will be enabled. The Link monitor 624 periodically checks for connectivity to the 625 default gateway using ARP requests. 626 627 string NoAutoConnectTechnologies [readwrite] 628 629 The list of technologies for which auto-connect is 630 disabled. This is a comma-separated string, e.g. 631 "cellular,wimax". 632 633 boolean OfflineMode [readwrite] 634 635 The offline mode indicates the global setting for 636 switching all radios on or off. Changing offline mode 637 to true results in powering down all devices. When 638 leaving offline mode the individual policy of each 639 device decides to switch the radio back on or not. 640 641 During offline mode, it is still possible to switch 642 certain technologies manually back on. For example 643 the limited usage of WiFi or Bluetooth devices might 644 be allowed in some situations. 645 646 string PortalURL [readwrite] 647 648 The URL to use when doing captive portal checking. 649 When a service reaches the "ready" state and 650 captive portal checking is enabled for it; an 651 HTTP GET of this URL is done. If this fails 652 with a 204 error then the service is moved 653 to the "online" state. Otherwise the service 654 is assumed to be not online and marked in a 655 "portal" state. Note that this check may fail 656 for multiple reasons that are indicated in the 657 Error property of the service. 658 659 string ProhibitedTechnologies [readwrite] 660 661 The list of technologies that should be disabled 662 and prohibited from being enabled. This is a 663 comma-separated string, e.g. "cellular,wimax". All 664 devices that are one of these technology types will be 665 immediately disabled persistently, and when a new device 666 of this type appears, it will be disabled by default. 667 Attempts to enable such a device using the 668 EnableTechnology will fail. The strings are the same 669 as the ones from the service types. 670 671 int32 PortalCheckInterval [readwrite] 672 673 The interval in seconds between re-checking a 674 service in the portal state. 675 676 array{string} Profiles [readonly] 677 678 List of profile object paths. 679 680 array{object} Services [readonly] 681 682 List of service object paths that are visible. The 683 list is sorted internally to have the service with 684 the default route always first and then the favorite 685 services followed by scan results. 686 687 This list represents the available services for the 688 current selected profile. If the profile gets changed 689 then this list will be updated. 690 691 The same list is available via the profile object 692 itself. It is just provided here for convenience of 693 applications only dealing with the current active 694 profile. 695 696 array{object} ServiceCompleteList [readonly] 697 698 Complete list of service object paths, including those 699 that are not currently visible. For example, WiFi 700 services that are stored in a loaded profile but 701 cannot currently be connected are presented in this 702 list. 703 704 The services are listed in the same service sorting 705 order as the "Services" property above. Change 706 events for this property are not emitted. 707 708 array{object} ServiceWatchList [readonly] 709 710 List of service object paths that are in a 711 'non-idle' state. This indicates the set of services 712 which are currently listed as associating, configuring, 713 or some other state other than idle, failure or 714 unknown. This allows a caller to use this property 715 indication to track which services should be monitored 716 for state changes. 717 718 The services are listed in the same service sorting 719 order as the "Services" property above, and a change 720 event for this property is emitted every time the 721 Service list is reordered, even if this list has not 722 changed. 723 724 string State [readonly] 725 726 The global connection state of a system. Possible 727 values are "online" if at least one connection exists 728 and "offline" if no device is connected. 729 730 array{string} UninitializedTechnologies [readonly] 731 732 The list of uninitialized technologies. An 733 uninitialized technology is a technology that has at 734 least one device that is not initialized yet (i.e. 735 the Device object is not created yet). The strings 736 are the same as the ones from the service types. 737 738 bool WakeOnLanEnabled [readwrite] 739 740 Specifies whether the Wake on LAN feature should be 741 enabled on new Ethernet links. Currently connected 742 links are un-affected. 743
