ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,934 Commits 7 Branches 233 Tags 88 MiB
Commit Graph

2 Commits

Author SHA1 Message Date
Lubomir Rintel 1579779119 nm: Don't do <deny send_interface="..." /> in dbus service file 
It does more than intended; apart from denying messages to that
particular interface it also denies all messages non-qualified with an
interface globally. This blocks messages completely unrelated to
strongSwan's VPN plugin, such as NetworkManager communication with the
VPN plugins.

From the dbus-daemon manual:

  Be careful with send_interface/receive_interface, because the
  interface field in messages is optional. In particular, do NOT
  specify <deny send_interface="org.foo.Bar"/>! This will cause
  no-interface messages to be blocked for all services, which is
  almost certainly not what you intended. Always use rules of the form:

  <deny send_interface="org.foo.Bar" send_destination="org.foo.Service"/>

We can just safely remove those rules, since we're sufficiently
protected by the send_destination matches and method calls are
disallowed by default anyway.

Closes strongswan/strongswan#42.
 2016-09-05 15:28:54 +02:00
Lubomir Rintel 916cd5d7ca nm: Move the D-Bus policy to charon-nm 
It's needed for useful use of charon-nm, unlike the GUI.
 2016-09-05 15:28:53 +02:00