+/*
+ * Copyright (c) 2019, 2020 Apple Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Modification History
+ *
+ * October 4, 2018 Allan Nathanson <ajn@apple.com>
+ * - initial revision
+ */
+
+
+#define USE_SC_LOG_OR_PRINT 1 // use '_sc_log' to control os_log, printf
+
+#include "SCNetworkConfigurationInternal.h"
+#include "SCPreferencesInternal.h"
+#include <IOKit/IOBSD.h>
+
+
+static Boolean
+savePreferences(SCPreferencesRef prefs,
+ CFStringRef save_prefsID,
+ CFStringRef prefix,
+ Boolean remove,
+ CFStringRef extra_key,
+ CFPropertyListRef extra_value)
+{
+ const CFStringRef keys[] = {
+ kSCPrefCurrentSet,
+ MODEL,
+ kSCPrefNetworkServices,
+ kSCPrefSets,
+ kSCPrefSystem,
+ kSCPrefVersion,
+ kSCPrefVirtualNetworkInterfaces
+ };
+ Boolean ok;
+ SCPreferencesRef save_prefs;
+
+ // open [companion] backup
+ save_prefs = SCPreferencesCreateCompanion(prefs, save_prefsID);
+
+ for (CFIndex i = 0; i < (CFIndex)(sizeof(keys)/sizeof(keys[0])); i++) {
+ CFStringRef key = keys[i];
+ CFStringRef src_key;
+ CFTypeRef val;
+
+ src_key = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@%@"), prefix, key);
+ val = SCPreferencesGetValue(prefs, src_key);
+ if (val != NULL) {
+ SCPreferencesSetValue(save_prefs, key, val);
+ if (remove) {
+ SCPreferencesRemoveValue(prefs, src_key);
+ }
+ }
+ CFRelease(src_key);
+ }
+
+ if (extra_key != NULL) {
+ SCPreferencesSetValue(save_prefs, extra_key, extra_value);
+ }
+
+ ok = SCPreferencesCommitChanges(save_prefs);
+ CFRelease(save_prefs);
+ if (!ok) {
+ SC_log(LOG_ERR, "could not save preferences (%@): %s",
+ save_prefsID,
+ SCErrorString(SCError()));
+ }
+ return ok;
+}
+
+
+__private_extern__
+Boolean
+__SCNetworkConfigurationBackup(SCPreferencesRef prefs)
+{
+ Boolean ok;
+ CFStringRef save_prefsID;
+ struct tm tm_now;
+ struct timeval tv_now;
+
+ SC_log(LOG_NOTICE, "creating [configuration] backup");
+
+ (void)gettimeofday(&tv_now, NULL);
+ (void)localtime_r(&tv_now.tv_sec, &tm_now);
+ save_prefsID = CFStringCreateWithFormat(NULL,
+ NULL,
+ CFSTR("preferences-%4d-%02d-%02d-%02d%02d%02d.plist"),
+ tm_now.tm_year + 1900,
+ tm_now.tm_mon + 1,
+ tm_now.tm_mday,
+ tm_now.tm_hour,
+ tm_now.tm_min,
+ tm_now.tm_sec);
+ ok = savePreferences(prefs, save_prefsID, CFSTR(""), FALSE, NULL, NULL);
+ CFRelease(save_prefsID);
+ return ok;
+}
+
+
+Boolean
+__SCNetworkConfigurationSaveModel(SCPreferencesRef prefs, CFStringRef model)
+{
+ Boolean ok;
+ CFStringRef save_prefsID;
+
+ SC_log(LOG_NOTICE, "creating [per-device] backup: %@", model);
+
+ save_prefsID = CFStringCreateWithFormat(NULL, NULL, CFSTR("preferences-%@.plist"), model);
+ ok = savePreferences(prefs, save_prefsID, CFSTR(""), TRUE, MODEL, model);
+ CFRelease(save_prefsID);
+ return ok;
+}
+
+
+static Boolean
+needsUpdate(SCPreferencesRef prefs, int new_version)
+{
+ CFNumberRef num;
+ int old_version = 0;
+
+ if (prefs == NULL) {
+ // if no prefs, no updated needed
+ return FALSE;
+ }
+
+ num = SCPreferencesGetValue(prefs, kSCPrefVersion);
+ if (!isA_CFNumber(num) ||
+ !CFNumberGetValue(num, kCFNumberIntType, &old_version)) {
+ old_version = 0;
+ }
+ if (old_version == new_version) {
+ // if no update is needed
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+
+static Boolean
+lockWithSync(SCPreferencesRef prefs)
+{
+ Boolean ok;
+
+ assert(prefs != NULL);
+ ok = SCPreferencesLock(prefs, TRUE);
+ if (!ok && (SCError() == kSCStatusStale)) {
+ SCPreferencesSynchronize(prefs);
+ ok = SCPreferencesLock(prefs, TRUE);
+ }
+
+ return ok;
+}
+
+
+Boolean
+__SCNetworkConfigurationUpgrade(SCPreferencesRef *prefs_p,
+ SCPreferencesRef *ni_prefs_p,
+ Boolean commit)
+{
+ SCPreferencesRef ni_prefs = NULL;
+ Boolean ni_prefs_added = FALSE;
+ const int new_version = NETWORK_CONFIGURATION_VERSION;
+ CFNumberRef num;
+ Boolean ok = FALSE;
+ SCPreferencesRef prefs = NULL;
+ Boolean prefs_added = FALSE;
+
+ //
+ // The following table describes how the SPI is called (input parameters), what actions
+ // are performed, and whether any changes should be committed as part of the call.
+ //
+ // +====================+===========================+===========================+========+
+ // | | preferences.plist | NetworkInterfaces.plist | |
+ // | +=============+=============+=============+=============+ COMMIT |
+ // | | ptr | plist | ptr | plist | |
+ // +====================+=============+=============+=============+=============+========+
+ // | InterfaceNamer | NULL | CREATE, REL | &ni_prefs | USE | YES |
+ // +====================+=============+=============+=============+=============+========+
+ // | PreferencesMonitor | &prefs | USE | NULL | NO UPDATE | YES |
+ // +====================+=============+=============+=============+=============+========+
+ // | scutil | &prefs | USE | &ni_prefs | USE/CREATE | NO |
+ // +====================+=============+=============+=============+=============+========+
+ //
+ // For InterfaceNamer, we are passed a reference to the SCPreferences[Ref] for the
+ // NetworkInterfaces.plist. During the upgrade process we create (and then release)
+ // the companion preferences.plist. Any needed changes will be committed to both
+ // plists.
+ //
+ // For PreferencesMonitor, we are passed a reference to the SCPreferences[Ref] for
+ // the preferences.plist. Any needed changes to the plist will be committed. The
+ // companion NetworkInterfaces.plist is not passed nor is it referenced/modified.
+ //
+ // For scutil, we are passed references to the SCPreferences[Ref] for both the
+ // preferences.plist and NetworkInterfaces.plist. The NetworkInterfaces.plist
+ // reference will be used, if already open. Else, the companion will be created
+ // and returned. Regardless, any changes made will not be committed (we expect
+ // one to use scutil's "commit" command).
+ //
+
+ if (prefs_p != NULL) {
+ prefs = *prefs_p;
+ }
+
+ if (ni_prefs_p != NULL) {
+ ni_prefs = *ni_prefs_p;
+ }
+
+ if ((prefs_p == NULL) && (ni_prefs_p != NULL) && (ni_prefs != NULL)) {
+ // Here, we have been called by InterfaceNamer and need to get the [companion]
+ // preferences.plist (we need to update both)
+ prefs = SCPreferencesCreateCompanion(ni_prefs, NULL);
+ if (prefs == NULL) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): could not open [preferences.plist]: %s",
+ SCErrorString(SCError()));
+ return FALSE;
+ }
+ prefs_added = TRUE;
+ }
+
+ if ((prefs_p != NULL) && (prefs != NULL) && (ni_prefs_p != NULL) && (ni_prefs == NULL)) {
+ // Here, we have been called by scutil with the [companion] NetworkInterfaces.plist
+ // not yet open. Open the companion so that we can update both.
+ ni_prefs = SCPreferencesCreateCompanion(prefs, INTERFACES_DEFAULT_CONFIG);
+ if (ni_prefs == NULL) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): could not open [NetworkInterfaces.plist]: %s",
+ SCErrorString(SCError()));
+ return FALSE;
+ }
+ ni_prefs_added = TRUE;
+ }
+
+ if (!needsUpdate(prefs, NETWORK_CONFIGURATION_VERSION) &&
+ !needsUpdate(ni_prefs, NETWORK_CONFIGURATION_VERSION)) {
+ goto done;
+ }
+
+ // lock [preferences.plist] changes while we are updating
+ ok = lockWithSync(prefs);
+ if (!ok) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): could not lock [preferences.plist]: %s",
+ SCErrorString(SCError()));
+ goto done;
+ }
+
+ if (ni_prefs != NULL) {
+ // lock [NetworkInterfaces.plist] changes while we are updating
+ ok = lockWithSync(ni_prefs);
+ if (!ok) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): could not lock [NetworkInterfaces.plist]: %s",
+ SCErrorString(SCError()));
+ SCPreferencesUnlock(prefs);
+ goto done;
+ }
+ }
+
+ // first, cleanup any leftover cruft from the configuration
+ __SCNetworkConfigurationClean(prefs, ni_prefs);
+
+ // update the version(s)
+ num = CFNumberCreate(NULL, kCFNumberIntType, &new_version);
+ SCPreferencesSetValue(prefs, kSCPrefVersion, num);
+ CFRelease(num);
+ if (ni_prefs != NULL) {
+ num = CFNumberCreate(NULL, kCFNumberIntType, &new_version);
+ SCPreferencesSetValue(ni_prefs, kSCPrefVersion, num);
+ CFRelease(num);
+ }
+
+ if (commit) {
+ // commit the [preferences.plist] changes
+ ok = SCPreferencesCommitChanges(prefs);
+ if (!ok) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): update not saved [preferences.plist]: %s",
+ SCErrorString(SCError()));
+ }
+ if (ok) {
+ ok = SCPreferencesApplyChanges(prefs);
+ if (!ok) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): update not applied [preferences.plist]: %s",
+ SCErrorString(SCError()));
+ }
+ }
+ }
+ SCPreferencesUnlock(prefs);
+
+ if (ni_prefs != NULL) {
+ if (commit) {
+ // commit the [NetworkInterfaces.plist] changes
+ if (ok) {
+ ok = SCPreferencesCommitChanges(ni_prefs);
+ if (!ok) {
+ SC_log(LOG_ERR,
+ "__SCNetworkConfigurationUpgrade(): update not saved [NetworkInterfaces.plist]: %s",
+ SCErrorString(SCError()));
+ }
+ }
+ }
+ SCPreferencesUnlock(ni_prefs);
+ }
+
+ done :
+
+ if (prefs_added) {
+// if (ok && (prefs_p != NULL)) {
+// *prefs_p = CFRetain(prefs);
+// }
+ CFRelease(prefs);
+ }
+
+ if (ni_prefs_added) {
+ if (ok && (ni_prefs_p != NULL)) {
+ *ni_prefs_p = CFRetain(ni_prefs);
+ }
+ CFRelease(ni_prefs);
+ }
+
+ return ok;
+}
+
+
+#pragma mark -
+#pragma mark Remove "Hidden" Interface Configurations
+
+
+static Boolean
+isThin(CFArrayRef interfaces, CFStringRef bsdName)
+{
+ Boolean thin;
+
+ thin = CFArrayContainsValue(interfaces,
+ CFRangeMake(0, CFArrayGetCount(interfaces)),
+ bsdName);
+ return thin;
+}
+
+
+static Boolean
+thinAdd(CFMutableArrayRef interfaces, CFStringRef bsdName)
+{
+ if (!CFArrayContainsValue(interfaces,
+ CFRangeMake(0, CFArrayGetCount(interfaces)),
+ bsdName)) {
+ CFArrayAppendValue(interfaces, bsdName);
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+
+static Boolean
+thinRemove(CFMutableArrayRef interfaces, CFStringRef bsdName)
+{
+ CFIndex n;
+
+ n = CFArrayGetFirstIndexOfValue(interfaces,
+ CFRangeMake(0, CFArrayGetCount(interfaces)),
+ bsdName);
+ if (n != kCFNotFound) {
+ CFArrayRemoveValueAtIndex(interfaces, n);
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+
+static CF_RETURNS_RETAINED CFStringRef
+serviceMatchesTemplate(SCPreferencesRef prefs, SCNetworkServiceRef existingService)
+{
+ CFStringRef conflict = NULL;
+ SCNetworkInterfaceRef existingInterface;
+ CFIndex n;
+ CFArrayRef protocols;
+ CFMutableArrayRef protocolTypes;
+ SCNetworkServiceRef templateService;
+
+ // create a temporary network service (so that we can get the template configuration)
+ existingInterface = SCNetworkServiceGetInterface(existingService);
+ if (existingInterface == NULL) {
+ conflict = CFStringCreateCopy(NULL, CFSTR("could not get interface for service"));
+ return conflict;
+ }
+
+ templateService = SCNetworkServiceCreate(prefs, existingInterface);
+ if (templateService == NULL) {
+ conflict = CFStringCreateCopy(NULL, CFSTR("could not create service for interface"));
+ return conflict;
+ }
+
+ (void) SCNetworkServiceEstablishDefaultConfiguration(templateService);
+
+ protocolTypes = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+
+ // get protocol types from the existing service
+ protocols = SCNetworkServiceCopyProtocols(existingService);
+ if (protocols != NULL) {
+ n = CFArrayGetCount(protocols);
+
+ for (CFIndex i = 0; i < n; i++) {
+ SCNetworkProtocolRef protocol;
+ CFStringRef protocolType;
+
+ protocol = CFArrayGetValueAtIndex(protocols, i);
+ protocolType = SCNetworkProtocolGetProtocolType(protocol);
+ if (!CFArrayContainsValue(protocolTypes,
+ CFRangeMake(0, CFArrayGetCount(protocolTypes)),
+ protocolType)) {
+ CFArrayAppendValue(protocolTypes, protocolType);
+ }
+ }
+
+ CFRelease(protocols);
+ }
+
+ // get protocol types from the template service
+ protocols = SCNetworkServiceCopyProtocols(templateService);
+ if (protocols != NULL) {
+ n = CFArrayGetCount(protocols);
+
+ for (CFIndex i = 0; i < n; i++) {
+ SCNetworkProtocolRef protocol;
+ CFStringRef protocolType;
+
+ protocol = CFArrayGetValueAtIndex(protocols, i);
+ protocolType = SCNetworkProtocolGetProtocolType(protocol);
+ if (!CFArrayContainsValue(protocolTypes,
+ CFRangeMake(0, CFArrayGetCount(protocolTypes)),
+ protocolType)) {
+ CFArrayAppendValue(protocolTypes, protocolType);
+ }
+ }
+
+ CFRelease(protocols);
+ }
+
+ // compare the existing protocols with the template
+ n = CFArrayGetCount(protocolTypes);
+ for (CFIndex i = 0; i < n; i++) {
+ CFDictionaryRef existingConfiguration = NULL;
+ SCNetworkProtocolRef existingProtocol;
+ Boolean match;
+ CFStringRef protocolType;
+ CFDictionaryRef templateConfiguration = NULL;
+ SCNetworkProtocolRef templateProtocol;
+
+ protocolType = CFArrayGetValueAtIndex(protocolTypes, i);
+ existingProtocol = SCNetworkServiceCopyProtocol(existingService, protocolType);
+ templateProtocol = SCNetworkServiceCopyProtocol(templateService, protocolType);
+
+ do {
+ // compare "enabled"
+ match = ((existingProtocol != NULL) &&
+ (templateProtocol != NULL) &&
+ (SCNetworkProtocolGetEnabled(existingProtocol) == SCNetworkProtocolGetEnabled(templateProtocol)));
+ if (!match) {
+ conflict = CFStringCreateWithFormat(NULL, NULL,
+ CFSTR("conflicting %@ enable/disable"),
+ protocolType);
+ break; // if enable/disable conflict
+ }
+
+ if (existingProtocol != NULL) {
+ existingConfiguration = SCNetworkProtocolGetConfiguration(existingProtocol);
+ }
+ if (templateProtocol != NULL) {
+ templateConfiguration = SCNetworkProtocolGetConfiguration(templateProtocol);
+ }
+ match = _SC_CFEqual(existingConfiguration, templateConfiguration);
+ if (!match) {
+ conflict = CFStringCreateWithFormat(NULL, NULL,
+ CFSTR("conflicting %@ configuration"),
+ protocolType);
+ break; // if configuration conflict
+ }
+ } while (FALSE);
+
+ if (existingProtocol != NULL) CFRelease(existingProtocol);
+ if (templateProtocol != NULL) CFRelease(templateProtocol);
+ if (!match) {
+ break;
+ }
+ }
+
+ (void) SCNetworkServiceRemove(templateService);
+ CFRelease(templateService);
+ CFRelease(protocolTypes);
+ return conflict;
+}
+
+
+static Boolean
+effectivelyHiddenConfiguration(SCNetworkInterfaceRef interface)
+{
+ const CFStringRef known[] = {
+ CFSTR("Apple TV"),
+ CFSTR("Watch"),
+ CFSTR("iPad"),
+ CFSTR("iPhone"),
+ CFSTR("iPod"),
+ };
+ CFStringRef name;
+
+ name = SCNetworkInterfaceGetLocalizedDisplayName(interface);
+ for (int i = 0; i < (int)(sizeof(known) / sizeof(known[0])); i++) {
+ if (CFStringHasPrefix(name, known[i])) {
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+
+static Boolean
+__SCNetworkConfigurationCleanHiddenInterfaces(SCPreferencesRef prefs, SCPreferencesRef ni_prefs)
+{
+#pragma unused(prefs)
+#pragma unused(ni_prefs)
+ CFStringRef bsdName;
+ Boolean changed = FALSE;
+ CFArrayRef interfaces;
+ CFMutableArrayRef interfaces_thin;
+ CFIndex n;
+ CFDictionaryRef nat_config;
+ SCPreferencesRef nat_prefs;
+ CFArrayRef services;
+ int updated = 0;
+
+ // build a list of interfaces we "could" remove
+
+ interfaces_thin = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+
+ services = SCNetworkServiceCopyAll(prefs);
+ if (services != NULL) {
+ n = CFArrayGetCount(services);
+ for (CFIndex i = 0; i < n; i++) {
+ CFStringRef conflict;
+ SCNetworkInterfaceRef interface;
+ SCNetworkServiceRef service;
+ const char *thin = NULL;
+
+ service = CFArrayGetValueAtIndex(services, i);
+ interface = SCNetworkServiceGetInterface(service);
+ bsdName = SCNetworkInterfaceGetBSDName(interface);
+
+ if (bsdName == NULL) {
+ // if no interface name
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO,
+ "skipping service : %@ : %@ (no interface)",
+ SCNetworkServiceGetServiceID(service),
+ SCNetworkServiceGetName(service));
+ }
+ continue;
+ }
+
+ if (_SCNetworkInterfaceIsHiddenConfiguration(interface)) {
+ thin = "hidden";
+ } else if (effectivelyHiddenConfiguration(interface)) {
+ thin = "effectively hidden";
+ } else {
+ // if not HiddenConfiguration
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO,
+ "skipping service : %@ : %@ : %@ (not hidden)",
+ SCNetworkServiceGetServiceID(service),
+ SCNetworkServiceGetName(service),
+ bsdName);
+ }
+ continue;
+ }
+
+ conflict = serviceMatchesTemplate(prefs, service);
+ if (conflict != NULL) {
+ // if any part of the service's configuration was changed
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO,
+ "skipping service : %@ : %@ : %@ (%s, non-default, %@)",
+ SCNetworkServiceGetServiceID(service),
+ SCNetworkServiceGetName(service),
+ bsdName,
+ thin,
+ conflict);
+ }
+ CFRelease(conflict);
+ continue;
+ }
+
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "candidate interface : %@ (%s)", bsdName, thin);
+ }
+
+ thinAdd(interfaces_thin, bsdName);
+ }
+ }
+
+ // remove any virtual interfaces from the list
+
+#if !TARGET_OS_IPHONE
+ interfaces = SCBondInterfaceCopyAll(prefs);
+ if (interfaces != NULL) {
+ CFIndex n;
+
+ n = CFArrayGetCount(interfaces);
+ for (CFIndex i = 0; i < n; i++) {
+ SCBondInterfaceRef bondInterface;
+ CFArrayRef members;
+ CFIndex nn;
+
+ bondInterface = CFArrayGetValueAtIndex(interfaces, i);
+ members = SCBondInterfaceGetMemberInterfaces(bondInterface);
+ nn = (members != NULL) ? CFArrayGetCount(members) : 0;
+ for (CFIndex ii = 0; ii < nn; ii++) {
+ SCNetworkInterfaceRef member;
+
+ member = CFArrayGetValueAtIndex(members, ii);
+ bsdName = SCNetworkInterfaceGetBSDName(member);
+ if ((bsdName != NULL) &&
+ thinRemove(interfaces_thin, bsdName)) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "skipping interface : %@ (bond member)", bsdName);
+ }
+ }
+ }
+ }
+
+ CFRelease(interfaces);
+ }
+#endif // !TARGET_OS_IPHONE
+
+ interfaces = SCBridgeInterfaceCopyAll(prefs);
+ if (interfaces != NULL) {
+ CFIndex n;
+
+ n = CFArrayGetCount(interfaces);
+ for (CFIndex i = 0; i < n; i++) {
+ SCBridgeInterfaceRef bridgeInterface;
+ CFArrayRef members;
+ CFIndex nn;
+
+ bridgeInterface = CFArrayGetValueAtIndex(interfaces, i);
+ members = SCBridgeInterfaceGetMemberInterfaces(bridgeInterface);
+ nn = (members != NULL) ? CFArrayGetCount(members) : 0;
+ for (CFIndex ii = 0; ii < nn; ii++) {
+ SCNetworkInterfaceRef member;
+
+ member = CFArrayGetValueAtIndex(members, ii);
+ bsdName = SCNetworkInterfaceGetBSDName(member);
+ if ((bsdName != NULL) &&
+ thinRemove(interfaces_thin, bsdName)) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "skipping interface : %@ (bridge member)", bsdName);
+ }
+ }
+ }
+ }
+
+ CFRelease(interfaces);
+ }
+
+ interfaces = SCVLANInterfaceCopyAll(prefs);
+ if (interfaces != NULL) {
+ CFIndex n;
+
+ n = CFArrayGetCount(interfaces);
+ for (CFIndex i = 0; i < n; i++) {
+ SCBridgeInterfaceRef vlanInterface;
+ SCNetworkInterfaceRef physicalInterface;
+
+ vlanInterface = CFArrayGetValueAtIndex(interfaces, i);
+ physicalInterface = SCVLANInterfaceGetPhysicalInterface(vlanInterface);
+ bsdName = SCNetworkInterfaceGetBSDName(physicalInterface);
+ if ((bsdName != NULL) &&
+ thinRemove(interfaces_thin, bsdName)) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "skipping interface : %@ (vlan physical)", bsdName);
+ }
+ }
+ }
+
+ CFRelease(interfaces);
+ }
+
+ // remove any "shared" interfaces from the list
+
+ nat_prefs = SCPreferencesCreateCompanion(prefs, CFSTR("com.apple.nat.plist"));
+ nat_config = SCPreferencesGetValue(nat_prefs, CFSTR("NAT"));
+ if (isA_CFDictionary(nat_config)) {
+ CFStringRef sharedFrom = NULL;
+ CFArrayRef sharedTo = NULL;
+
+ if (CFDictionaryGetValueIfPresent(nat_config,
+ CFSTR("PrimaryService"),
+ (const void **)&sharedFrom) &&
+ isA_CFString(sharedFrom)) {
+ SCNetworkInterfaceRef interface;
+ SCNetworkServiceRef service;
+
+ // if "Share your connection from" service configured
+ service = SCNetworkServiceCopy(prefs, sharedFrom);
+ if (service != NULL) {
+ interface = SCNetworkServiceGetInterface(service);
+ bsdName = SCNetworkInterfaceGetBSDName(interface);
+ if ((bsdName != NULL) &&
+ thinRemove(interfaces_thin, bsdName)) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "skipping interface : %@ (Share your connection from)", bsdName);
+ }
+ }
+ CFRelease(service);
+ } else {
+ SC_log(LOG_INFO, "keeping [not found] service : %@ (Share your connection from)", sharedFrom);
+ }
+ }
+
+ if (CFDictionaryGetValueIfPresent(nat_config,
+ CFSTR("SharingDevices"),
+ (const void **)&sharedTo) &&
+ isA_CFArray(sharedTo)) {
+ // if "To computers using" interfaces configured
+ n = CFArrayGetCount(sharedTo);
+ for (CFIndex i = 0; i < n; i++) {
+ bsdName = CFArrayGetValueAtIndex(sharedTo, i);
+ if (thinRemove(interfaces_thin, bsdName)) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO, "skipping interface : %@ (To computers using)", bsdName);
+ }
+ }
+ }
+ }
+ }
+ CFRelease(nat_prefs);
+
+ // thin preferences.plist
+ n = (services != NULL) ? CFArrayGetCount(services) : 0;
+ if (n > 0) {
+ updated = 0;
+
+ for (CFIndex i = 0; i < n; i++) {
+ SCNetworkInterfaceRef interface;
+ SCNetworkServiceRef service;
+
+ service = CFArrayGetValueAtIndex(services, i);
+ interface = SCNetworkServiceGetInterface(service);
+ bsdName = SCNetworkInterfaceGetBSDName(interface);
+ if (bsdName == NULL) {
+ // if no interface name
+ continue;
+ }
+
+ if (!isThin(interfaces_thin, bsdName)) {
+ // if not thinned
+ continue;
+ }
+
+ // remove this service associated with a "thinned" interface
+ if ((_sc_log == 1) || _sc_verbose) {
+ SC_log(LOG_INFO,
+ "thinned network service : %@ : %@ : %@",
+ SCNetworkServiceGetServiceID(service),
+ SCNetworkServiceGetName(service),
+ bsdName);
+ }
+ SCNetworkServiceRemove(service);
+ updated++;
+ }
+
+ if (updated > 0) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_NOTICE,
+ "Updating \"preferences.plist\" (thinned %d service%s)",
+ updated,
+ (updated != 1) ? "s" : "");
+ }
+ changed = TRUE;
+ }
+ }
+
+ // thin NetworkInterfaces.plist
+ interfaces = SCPreferencesGetValue(ni_prefs, INTERFACES);
+ interfaces = isA_CFArray(interfaces);
+ n = (interfaces != NULL) ? CFArrayGetCount(interfaces) : 0;
+ if (n > 0) {
+ CFMutableArrayRef interfaces_new;
+
+ updated = 0;
+
+ interfaces_new = CFArrayCreateMutable(NULL, 0, &kCFTypeArrayCallBacks);
+ n = CFArrayGetCount(interfaces);
+ for (CFIndex i = 0; i < n; i++) {
+ CFDictionaryRef if_dict;
+
+ if_dict = CFArrayGetValueAtIndex(interfaces, i);
+ bsdName = CFDictionaryGetValue(if_dict, CFSTR(kIOBSDNameKey));
+ if (isThin(interfaces_thin, bsdName)) {
+ // remove this "thinned" interface
+ if ((_sc_log == 1) || _sc_verbose) {
+ SC_log(LOG_INFO, "thinned network interface : %@", bsdName);
+ }
+ updated++;
+ continue;
+ }
+
+ CFArrayAppendValue(interfaces_new, if_dict);
+ }
+ SCPreferencesSetValue(ni_prefs, INTERFACES, interfaces_new);
+ CFRelease(interfaces_new);
+
+ if (updated > 0) {
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_INFO,
+ "Updating \"NetworkInterfaces.plist\" (thinned %d interface%s)",
+ updated,
+ (updated != 1) ? "s" : "");
+ }
+ changed = TRUE;
+ }
+ }
+
+ if (services != NULL) CFRelease(services);
+ CFRelease(interfaces_thin);
+ return changed;
+}
+
+
+#pragma mark -
+#pragma mark Remove [SCNetworkMigration] Inline Backups
+
+
+static void
+thinInlineBackup(const void *value, void *context)
+{
+ CFStringRef backup = (CFStringRef)value;
+ char *backup_str;
+ SCPreferencesRef prefs = (SCPreferencesRef)context;
+ CFStringRef save_prefix;
+ CFStringRef save_prefsID = NULL;
+
+ SC_log(LOG_NOTICE, "thinning [inline] backup: %@", backup);
+
+ save_prefix = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@ : "), backup);
+ backup_str = _SC_cfstring_to_cstring(backup, NULL, 0, kCFStringEncodingASCII);
+ if (backup_str != NULL) {
+ struct tm save_tm = { 0 };
+
+ if (strptime(backup_str, "%Y-%m-%d %H:%M:%S", &save_tm) != NULL) {
+ save_prefsID = CFStringCreateWithFormat(NULL,
+ NULL,
+ CFSTR("preferences-%4d-%02d-%02d-%02d%02d%02d.plist"),
+ save_tm.tm_year + 1900,
+ save_tm.tm_mon + 1,
+ save_tm.tm_mday,
+ save_tm.tm_hour,
+ save_tm.tm_min,
+ save_tm.tm_sec);
+ }
+ CFAllocatorDeallocate(NULL, backup_str);
+ }
+ if (save_prefsID == NULL) {
+ save_prefsID = CFStringCreateWithFormat(NULL, NULL, CFSTR("preferences-%@.plist"), backup);
+ }
+ savePreferences(prefs, save_prefsID, save_prefix, TRUE, NULL, NULL);
+ CFRelease(save_prefsID);
+ CFRelease(save_prefix);
+ return;
+}
+
+
+static Boolean
+__SCNetworkConfigurationCleanInlineBackups(SCPreferencesRef prefs)
+{
+ CFMutableSetRef backups = NULL;
+ Boolean cleaned = FALSE;
+ CFArrayRef keys;
+ CFIndex n;
+ CFStringRef suffix;
+
+ keys = SCPreferencesCopyKeyList(prefs);
+ if (keys == NULL) {
+ return FALSE;
+ }
+
+ suffix = CFStringCreateWithFormat(NULL, NULL, CFSTR(" : %@"), kSCPrefSets);
+ n = CFArrayGetCount(keys);
+ for (CFIndex i = 0; i < n; i++) {
+ CFStringRef key = CFArrayGetValueAtIndex(keys, i);
+ CFMutableStringRef str;
+
+ if (CFStringHasSuffix(key, suffix)) {
+ // if "<backup-date> : Sets"
+ if (backups == NULL) {
+ backups = CFSetCreateMutable(NULL, 0, &kCFTypeSetCallBacks);
+ }
+ str = CFStringCreateMutableCopy(NULL, 0, key);
+ CFStringTrim(str, suffix);
+ CFSetAddValue(backups, str);
+ CFRelease(str);
+ continue;
+ }
+ }
+ CFRelease(suffix);
+ CFRelease(keys);
+
+ if (backups != NULL) {
+ CFSetApplyFunction(backups, thinInlineBackup, (void *)prefs);
+ CFRelease(backups);
+ cleaned = TRUE;
+ }
+
+ return cleaned;
+}
+
+
+#pragma mark -
+#pragma mark Remove [new device type] Inline Backups
+
+
+static void
+thinInlineModel(const void *value, void *context)
+{
+ CFStringRef model = (CFStringRef)value;
+ SCPreferencesRef prefs = (SCPreferencesRef)context;
+ CFStringRef save_prefix;
+ CFStringRef save_prefsID;
+
+ SC_log(LOG_NOTICE, "thinning [per-model] backup: %@", model);
+
+ save_prefix = CFStringCreateWithFormat(NULL, NULL, CFSTR("%@:"), model);
+ save_prefsID = CFStringCreateWithFormat(NULL, NULL, CFSTR("preferences-%@.plist"), model);
+ savePreferences(prefs, save_prefsID, save_prefix, TRUE, MODEL, model);
+ CFRelease(save_prefsID);
+ CFRelease(save_prefix);
+ return;
+}
+
+
+static Boolean
+__SCNetworkConfigurationCleanInlineModels(SCPreferencesRef prefs)
+{
+ Boolean cleaned = FALSE;
+ CFArrayRef keys;
+ CFMutableSetRef models = NULL;
+ CFIndex n;
+ CFStringRef suffix;
+
+ keys = SCPreferencesCopyKeyList(prefs);
+ if (keys == NULL) {
+ return FALSE;
+ }
+
+ suffix = CFStringCreateWithFormat(NULL, NULL, CFSTR(":%@"), kSCPrefSets);
+ n = CFArrayGetCount(keys);
+ for (CFIndex i = 0; i < n; i++) {
+ CFStringRef key = CFArrayGetValueAtIndex(keys, i);
+ CFMutableStringRef str;
+
+ if (CFStringHasSuffix(key, suffix)) {
+ // if "<backup-date> : Sets"
+ if (models == NULL) {
+ models = CFSetCreateMutable(NULL, 0, &kCFTypeSetCallBacks);
+ }
+ str = CFStringCreateMutableCopy(NULL, 0, key);
+ CFStringTrim(str, suffix);
+ CFSetAddValue(models, str);
+ CFRelease(str);
+ continue;
+ }
+ }
+ CFRelease(suffix);
+ CFRelease(keys);
+
+ if (models != NULL) {
+ CFSetApplyFunction(models, thinInlineModel, (void *)prefs);
+ CFRelease(models);
+ cleaned = TRUE;
+ }
+
+ return cleaned;
+}
+
+
+#pragma mark -
+#pragma mark Remove Orphaned Services
+
+
+/*
+static Boolean
+__SCNetworkConfigurationCleanOrphanedServices(SCPreferencesRef prefs)
+{
+#pragma unused(prefs)
+ return FALSE;
+}
+*/
+
+
+#pragma mark -
+#pragma mark Cleanup network service order issues
+
+
+static Boolean
+__SCNetworkConfigurationCleanServiceOrderIssues(SCPreferencesRef prefs)
+{
+#pragma unused(prefs)
+ Boolean cleaned = FALSE;
+ CFIndex nSets;
+ CFArrayRef sets;
+
+ sets = SCNetworkSetCopyAll(prefs);
+ nSets = (sets != NULL) ? CFArrayGetCount(sets) : 0;
+ for (CFIndex iSets = 0; iSets < nSets; iSets++) {
+ CFIndex iServices;
+ CFMutableSetRef known = NULL;
+ CFIndex nServices;
+ SCNetworkSetRef set = CFArrayGetValueAtIndex(sets, iSets);
+ CFStringRef setID = SCNetworkSetGetSetID(set);
+ CFArrayRef order = SCNetworkSetGetServiceOrder(set);
+ CFMutableArrayRef newOrder = NULL;
+
+ iServices = 0;
+ nServices = (order != NULL) ? CFArrayGetCount(order) : 0;
+ if (nServices > 0) {
+ known = CFSetCreateMutable(NULL, 0, &kCFTypeSetCallBacks);
+ newOrder = CFArrayCreateMutableCopy(NULL, 0, order);
+ }
+
+ while (iServices < nServices) {
+ SCNetworkServiceRef service;
+ CFStringRef serviceID = CFArrayGetValueAtIndex(newOrder, iServices);
+
+ // check if serviceID already known/processed
+ if (CFSetContainsValue(known, serviceID)) {
+ // if duplicate/removed service, remove from serviceOrder
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_NOTICE,
+ "set: %@, removing serviceID %@ (duplicate/removed)",
+ setID,
+ serviceID);
+ }
+ CFArrayRemoveValueAtIndex(newOrder, iServices);
+ nServices--;
+ cleaned = TRUE;
+ continue;
+ }
+
+ // track this serviceID as known, already removed, or removed below
+ CFSetAddValue(known, serviceID);
+
+ // validate serviceID
+ service = SCNetworkServiceCopy(prefs, serviceID);
+ if (service == NULL) {
+ // if no service, remove from serviceOrder
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_NOTICE,
+ "set: %@, removing serviceID %@ (no service)",
+ setID,
+ serviceID);
+ }
+ CFArrayRemoveValueAtIndex(newOrder, iServices);
+ nServices--;
+ cleaned = TRUE;
+ continue;
+ }
+
+ if (!__SCNetworkServiceExists(service)) {
+ // if service already removed, remove from serviceOrder
+ if ((_sc_log == 1) || _sc_debug) {
+ SC_log(LOG_NOTICE,
+ "set: %@, removing serviceID %@ (service already removed)",
+ setID,
+ serviceID);
+ }
+ CFArrayRemoveValueAtIndex(newOrder, iServices);
+ nServices--;
+ cleaned = TRUE;
+ CFRelease(service);
+ continue;
+ }
+
+ CFRelease(service);
+ iServices++;
+ }
+
+ if (known != NULL) {
+ CFRelease(known);
+ }
+
+ if (newOrder != NULL) {
+ if (cleaned) {
+ SCNetworkSetSetServiceOrder(set, newOrder);
+ }
+ CFRelease(newOrder);
+ }
+ }
+
+ if (sets != NULL) {
+ CFRelease(sets);
+ }
+
+ return cleaned;
+}
+
+
+#pragma mark -
+#pragma mark Cleanup Network Configuration(s)
+
+
+Boolean
+__SCNetworkConfigurationClean(SCPreferencesRef prefs, SCPreferencesRef ni_prefs)
+{
+ Boolean changed;
+ Boolean updated = FALSE;
+
+ changed = __SCNetworkConfigurationCleanInlineBackups(prefs);
+ if (changed) {
+ SC_log(LOG_NOTICE, "network configuration: unwanted inline backups removed");
+ updated = TRUE;
+ }
+
+ changed = __SCNetworkConfigurationCleanInlineModels(prefs);
+ if (changed) {
+ SC_log(LOG_NOTICE, "network configuration: unwanted device backups removed");
+ updated = TRUE;
+ }
+
+ if (ni_prefs != NULL) {
+ changed = __SCNetworkConfigurationCleanHiddenInterfaces(prefs, ni_prefs);
+ if (changed) {
+ SC_log(LOG_NOTICE, "network configuration: hidden interface configurations removed");
+ updated = TRUE;
+ }
+ }
+
+ changed = __SCNetworkConfigurationCleanServiceOrderIssues(prefs);
+ if (changed) {
+ SC_log(LOG_NOTICE, "network configuration: ServiceOrder cleaned");
+ updated = TRUE;
+ }
+
+ return updated;
+}
projects / apple / configd.git / commitdiff
