blob: 7ec2595ef73b63d33a07a51813f223879674e407 [file] [log] [blame]
Service hierarchy
=================
Service org.chromium.flimflam
Interface org.chromium.flimflam.Service
Object path [variable prefix]/{service0,service1,...}
Methods dict GetProperties()
Return the properties for the service object. See
the Properties section for available properties.
void SetProperty(string name, variant value)
Change the value of the specified property. Only
properties that are listed as read-write are
changeable. On success a PropertyChanged signal
will be emitted.
Possible Errors: [service].Error.InvalidArguments
[service].Error.InvalidProperty
[service].Error.InvalidService
[service].Error.InvalidPassphrase
void SetProperties(dict properties)
Set multiple properties in a Service at once.
Each property from the dict is applied, excluding
the "Profile" property and all properties intrinsic
to the service including "Type" for all services,
as well as "Mode", "SSID" and "Security" for WiFi
services. In the event of multiple errors while
applying properties to the service, the first error
code is returned by this call.
Possible Errors: [service].Error.InvalidArguments
[service].Error.InvalidProperty
[service].Error.InvalidService
[service].Error.InvalidPassphrase
void ClearProperty(string name)
Clear the value of the specified property. Only
properties that are listed as read-write are
changeable. On success a PropertyChanged signal
will be emitted.
Possible Errors: [service].Error.InvalidArguments
[service].Error.InvalidProperty
array{bool} ClearProperties(array{string} names)
Clear the value of the specified properties. Calls
ClearProperty above on each of the property names
and returns an array of boolean values indicating
whether each ClearProperty attempt succeeded.
void Connect()
Initiate a connection for the specified service.
For Ethernet devices this method can only be used
if it has previously been disconnected. Otherwise
the plugging of a cable automatically triggers
a connection. If no cable is plugged in this
method will fail.
If the requested service is already connected
then this request is ignored and AlreadyConnected
is returned.
If the requested service is in the process of
connecting then this request is ignored and
InProgress is returned.
If another service of the same type is connected or
connecting then it is terminated before this request
is handled.
If the requested service cannot, for reasons not
described above, be connected, OperationFailed is
returned.
Possible Errors: [service].Error.AlreadyConnected
[service].Error.InProgress
[service].Error.OperationAborted
[service].Error.InvalidService
[service].Error.OperationFailed
void Disconnect()
Disconnect a service. If the service is not
connected or in the process of connecting an
error message will be generated.
For Ethernet devices this will remove all
Layer 3 state and mark the associated network
interface down. If no cable is plugged in this
request will fail.
This method can also be used to abort a previous
connection attempt via the Connect method.
Possible Errors: [service].Error.InvalidArguments
[service].Error.OperationFailed
void Remove()
Disconnect and remove the configuration of a
service. This disassociates the service from
its current profile. If another profile supports
this service, it will be re-configured there.
This method is not permitted for Ethernet devices;
it will generate a NotSupported error response.
Possible Errors: [service].Error.InvalidArguments
[service].Error.NotSupported
void ActivateCellularModem(string carrier)
Activate a cellular modem on the provided carrier.
This method returns immediately. The caller
can either poll the Cellular.ActivationState
property, or monitor the PropertyChanged
signal to know when and if the
ActivateCellularModem call succeeded.
The correct carrier specific modem firmware
must already be loaded before this method is
called.
If this method is called for a non-cellular
service or on a service associated with a
non-CDMA device, it will return a NotSupported
error.
If the device is already activated nothing is returned.
but if the device needs to be activated an InProgress
error is returned.
Expected Result: [service].Error.InProgress
Possible Errors: [service].Error.NotSupported
void CompleteCellularActivation()
Complete the activation of a cellular service that is
being activated over a non-cellular network. This
method is called upon the completion of the online
payment portal and performs the necessary checks
to ensure the activation process has fully completed.
This method returns immediately. The caller
can either poll the Cellular.ActivationState
property, or monitor the PropertyChanged
signal to know when and if the activation process
has completed.
If this method is called on a non-cellular service
or on a cellular service that is not being activated
over a non-cellular network, it will return a
NotSupported error.
If the cellular service is already activated or being
activated, nothing is returned.
Possible Errors: [service].Error.NotSupported
dict GetLoadableProfileEntries()
Return a dictionary of object_path -> string pairs
which refer to the profile entries from the loaded
profiles in the Manager that could possibly provide
configuration for this service. Each entry contains
the DBus path of the profile and the string entry
name (within that profile) that contains configuration
for this service. Callers can use each of these
argument pairs to do a "GetEntry" call on each profile
object.
Signals PropertyChanged(string name, variant value)
This signal indicates a changed value of the given
property.
Properties boolean AutoConnect [readwrite]
If set to true, this service will auto-connect
when no other connection is available. If multiple
services are marked for auto-connect then the highest
priority available service will be selected.
On a successful connection, this property may be
set to true automatically, depending on the service
type and if this property was not explicitly set on
the service before.
boolean Cellular.ActivateOverNonCellularNetwork [readonly]
(Cellular only) If set to true, this service must be
activated over a non-cellular network instead of the
same cellular network.
string Cellular.ActivationState [readonly]
(Cellular only) The activate state of the device
on the cellular network. Possible values for
activate_state are:
"not-activated"
"activating"
"partially-activated"
"activated"
A CDMA device can be activated by calling the
Activate method.
This property is relevant only for services
associated with a CDMA cellular device.
dict Cellular.ServingOperator [readonly] [GSM only]
(Cellular only) Description of the operator on whose
network the modem is currently registered, if any.
The dictionary may contain the following string-valued
properties:
"name" The operator name
"country" The two-letter country code.
"network_id" The MCC (Mobile Country Code)
and MNC (Mobile Network Code) of the
operator on whose network the device is
registered. The value of the property is
the simple concatenation of the MCC and
the MNC, with no separator. The first
three digits are always the MCC, and
the following two or three digits are the
MNC.
string Cellular.NetworkTechnology [readonly]
(Cellular only) If the modem is registered on a
network, then this property gives the data bearer
technology currently in use. The following
table lists the values this property may have,
along with a rough indication of the "generation"
to which the technology is considered to belong.
Value Generation
-----------------------------
"1xRTT" (CDMA) 2.5G
"EVDO" (CDMA) 3G to 3.5G
"GPRS" 2.5G
"EDGE" 2.75G
"UMTS" 3G
"HSPA" 3.5G
"HSPA+" 3.75G
"LTE" 3.9G
"LTE Advanced" 4G
string Cellular.RoamingState [readonly]
(Cellular only) The roaming status of the modem on
the current network. Possible values are "home",
"roaming", and "unknown".
string Cellular.Olp [readonly]
(Cellular only) A dictionary describing the
online payment portal (OLP) at which a user
can sign up for, or modify, a mobile data
plan. The value of this property is a
string -> string dictionary, which includes
the following keys:
"url" The URL for the portal
"method" The HTTP method to use, "GET" or "POST"
"postdata" If the method is POST then this key is
present and contains the postdata
to send.
dict Cellular.APN [readwrite] [GSM only]
(Cellular only) The APN to be used with a GSM
carrier for making data connections. The value of
this property is a string -> string dictionary,
which must include at least the following key:
"apn" The APN to use for making connections
There are three optional properties. The first is
"network_id" The network ID (MCC/MNC pair) of the
network for which the APN should be used.
If not specified, then the network ID of
the currently registered network is used.
The other two optional properties are "username"
and "password", which, if specified, will be supplied
to the connect operation on the modem along with the
APN.
When the APN is set using this method, it overrides
any APN that may be associated with the specified
network ID in the APN database. The APN setting is
persistent across reboots.
A user-specified APN may be cleared by clearing this
property.
The algorithm for connecting to GSM networks is as
follows, stopping when a connection is succesfully
established:
1. Try the last APN that resulted in a successful
connection.
2. Try the APN that was set from the Cellular.APN
property (if any).
3. Try the list of APNs for the current provider one
at a time. The list comes from the mobile broadband
provider information database.
4. As a last resort, try connecting without specifying
an APN.
If all these steps fail, then the connect attempt fails.
Whenever this property is set to establish a new APN to
use, the remembered last-good-APN is cleared. The
remembered last-good-APN is persistent across reboots.
dict Cellular.LastGoodAPN [readonly] [GSM only]
(Cellular only) The APN information used in the
last successful connection attempt. If the last
attempt was unsuccesful, this property is unset.
The format of this property is the same as for
the Cellular.APN property.
boolean Cellular.OutOfCredits [readonly]
(Cellular only) Indicates whether a cellular service
has any remaining bandwidth credits with the carrier.
string Cellular.PPP.Username [readwrite]
(Cellular only) For cellular devices with a PPP
link-layer, the username for PPP authentication.
string Cellular.PPP.Password [writeonly]
(Cellular only) For cellular devices with a PPP
link-layer, the password for PPP authentication.
string CheckPortal [readwrite]
Control captive portal checking. Possible values
are "true", "false", and "auto" (default).
When set to "auto" captive portal checking is
controlled by Manager.CheckPortalList (which
is a per-technology mask/list of which services
should do captive portal checking).
boolean Connectable [readonly]
Indicates whether a service is prepared for use
as an argument to the Connect method. A service
will not be marked Connectable if, for example,
it is missing necessary security credentials.
Clients may use this property to not disable
services or to mark them in some way to indicate
they are present but not usable.
string Country [readonly]
(WiFi only) Indicates the 2-letter country code
reported by the representative endpoint for this
service.
object Device [readonly]
The object path of the associated device.
This value may be used to retrieve and manipulate
Layer 3 configuration state.
A value of "/" indicates that the service is
not bound to any device.
array{string} Diagnostics.Disconnects [readonly]
History (wall-clock timestamps) of connection drops.
array{string} Diagnostics.Misconnects [readonly]
History (wall-clock timestamps) of failed connection
attempts.
string EAP.Identity [readwrite]
The client identity string used in setting up
services of type "802_1x".
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.EAP [readwrite]
The EAP methods that will be accepted when setting
up services of type "802_1x".
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.InnerEAP [readwrite]
The authentication methods that will be on the
inside of a PEAP or EAP-TTLS tunnel.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.AnonymousIdentity [readwrite]
The client identity string that will be used
for the outer EAP authentication for tunneled
methods such as PEAP and EAP-TTLS.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.CertID [readwrite]
The PKCS#11 identifier of the client certificate
to use when setting up services of type "802_1x".
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.PrivateKey [readwrite]
The pathname of a file containing the private
key for setting up services of type "802_1x".
The private key file must be in PEM format.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.PrivateKeyPassword [readwrite]
The password to decrypt a private key given
in EAP.PrivateKey.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.KeyID [readwrite]
The PKCS#11 identifier of the private key to
use when setting up services of type "802_1x".
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.CACert [readwrite]
The pathname of a file containing the Certificate
Authority's certificate for validating server
certificates during the 802.1x authentication
process.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.CACertID [readwrite]
The PKCS#11 ID of the EAP.CACert file for
validating server certificate recieved during
the 802.1x authentication process.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.CACertPEM [readwrite]
An x509 CA certificate in PEM format; specifically
the base64 counterpart of the DER contents
surrounded by a "-----BEGIN CERTIFICATE-----" and
"-----END CERTIFICATE-----" line. This certificate
will be used to authenticate the remote RADIUS
server in the 802.1x authentication process.
boolean EAP.UseSystemCAs [readwrite]
Control whether EAP operations are
configured to use the system's installed set
of certificate authorities when validating
server certificates. Note that if UseSystemCAs
is false and no CA is specified with EAP.CACert
or EAP.CaCertID - that is, no CAs are configured
at all - server certificates will not have their
signatures checked. Defaults to true.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.PIN [readwrite]
The PIN used to authenticate to the PKCS#11 device
to retrieve a client certificate, private key,
or certificate authority certificate.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.Password [readwrite]
The password to use in 802.1x authentication.
This property is included in get requests only
when the requester has sufficient privileges.
string EAP.KeyMgmt [readwrite]
(WiFi only) The key management algorithm to be
used in 802.1x authentication. If this property
is not set then "WPA-EAP" is used for the key
management algorithm.
This property is included in get requests only
when the requester has sufficient privileges.
array{string} EAP.RemoteCertification [readonly]
(WiFi only) The list of certificate subject names
reported by the remote RADIUS server. This
property is set during 802.1x negotiation and
persists after disconnection for later inspection,
but is not persisted between connection manager
restarts. It is also cleared at the beginning of
the next connection.
string EAP.SubjectMatch [readwrite]
(WiFi only) A substring which the remote
RADIUS server certificate subject name must
contain. If the subject does not contain this
substring, abort 802.1x negotiation.
string Error [readonly]
The service error status details.
When error occur during connection or disconnection
the detailed information are represented in this
property to help the user interface to present the
user with alternate options.
This property is only valid when the service is in a
failure state. Otherwise it might be empty or not
present at all.
Look for "Flimflam error options" in
system_api/dbus/service_constants.h for the set of
defined error codes.
string ErrorDetails [readonly]
Free-style service error status details in addition to
the defined error codes presented through the
Service.Error property. For example, this property may
contain a server-supplied error description for a
rejected VPN connection attempt.
This property is only valid when the service is in a
failure state. Otherwise it might be empty or not
present at all.
string GUID [readwrite]
The Globally Unique IDentifier for the service.
This value may be set by a client and is
intended for cross-referencing Service objects
to externally-maintained data.
object IPConfig [readonly]
The object path of the associated IP configuration.
This value only exists when the service is connected,
and is used used to retrieve Layer 3 configuration
state. A PropertyChanged signal for this object path
is emitted every time the IP address is configured
(for example during DHCP renewals), although the
actual value may not have changed.
boolean IsActive [readonly]
Will be true if this service has a default route;
i.e. network traffic is being sent through it.
string Mode [readonly]
If the service type is "wifi", then this property is
present and contains the mode of the network. The
possible values are "managed" or "adhoc".
This property is present only for WiFi services.
string Name [readonly]
The service name (for example "Wireless" etc.)
This name can be used for directly displaying it in
the application. It has pure informational purpose.
For Ethernet devices and hidden WiFi networks it is
not guaranteed that this property is present. For
visible WiFi networks, this may contain the SSID.
See also the WiFi.HexSSID property.
string OpenVPN.Auth [writeonly]
(VPN services of type OpenVPN only) Specify the
authentication algorithm to OpenVPN.
See the "--auth" option in the OpenVPN documentation.
The current value of this property is readable
in the "Provider" property of this service.
string OpenVPN.AuthNoCache [writeonly]
(VPN services of type OpenVPN only) If this value
is set to anything, do not cache usernames or passwords
in the OpenVPN client. See the "--auth" flag in the
OpenVPN documentation. The current value of this
property is readable in the "Provider" property of this
service.
string OpenVPN.AuthRetry [writeonly]
(VPN services of type OpenVPN only) Specify how to
handle authentication failures.
See the "--auth-retry" option in the OpenVPN
documentation. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.AuthUserPass [writeonly]
(VPN services of type OpenVPN only) Authenticate
with username and password if this option is non-empty.
For this option to work, the "OpenVPN.User" property
must also be set. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.CACert [writeonly]
(VPN services of type OpenVPN only) Specify the
filename of the certificate to be used to verify the
OpenVPN server. Only one of "OpenVPN.CACert" or
"OpenVPN.CACertPEM" can be specified. The current
value of this property is readable in the "Provider"
property of this service.
string OpenVPN.CACertNSS [writeonly]
(VPN services of type OpenVPN only) [Deprecated]
This value is no longer honored in shill, but any
value stored here is persisted so that callers can
migrate this to the correct value of OpenVPN.CACertPEM.
The current value of this property is readable in the
"Provider" property of this service.
array{string} OpenVPN.CACertPEM [writeonly]
(VPN services of type OpenVPN only) The list of
x509 CA certificates to be used to verify the remote
server. Any of these certificates can directly sign
the server certificate. Each x509 CA certificate
must be in in PEM format; specifically
the base64 counterpart of the DER contents, optionally
surrounded by a "-----BEGIN CERTIFICATE-----" and
"-----END CERTIFICATE-----" line. Only one of
"OpenVPN.CACert" or "OpenVPN.CACertPEM" can be
specified. The current value of this property is
readable in the "Provider" property of this service.
string OpenVPN.Cert [writeonly]
(VPN services of type OpenVPN only) Specify a
filename of to use as the client certificate in
authentication. See the "--cert" option in the
OpenVPN documentation. The current value of this
property is readable in the "Provider" property of
this service.
string OpenVPN.Cipher [writeonly]
(VPN services of type OpenVPN only) Specify the
cipher algorithm for encrypted packets. See the
"--cipher" option in the OpenVPN documentation.
The current value of this property is readable in
the "Provider" property of this service.
string OpenVPN.CompLZO [writeonly]
(VPN services of type OpenVPN only) If non-empty,
enable fast LZO compression. See the
"--comp-lzo" option in the OpenVPN documentation.
The current value of this property is readable in
the "Provider" property of this service.
string OpenVPN.CompNoAdapt [writeonly]
(VPN services of type OpenVPN only) If non-empty,
don't use adaptive compression when fast LZO
is enabled compression. See the "--comp-noadapt"
option in the OpenVPN documentation. The current
value of this property is readable in the "Provider"
property of this service.
array{string} OpenVPN.ExtraCertPEM [writeonly]
(VPN services of type OpenVPN only) A list of
additonal x509 CA certificates to be used to complete
the certificate authentication chain from the CA
certificates. Each x509 CA certificate must be in in
PEM format; specifically the base64 counterpart of
the DER contents, optionally surrounded by a
"-----BEGIN CERTIFICATE-----" and
"-----END CERTIFICATE-----" line. The current
value of this property is readable in the "Provider"
property of this service.
string OpenVPN.IgnoreDefaultRoute [writeonly]
(VPN services of type OpenVPN only) If set, a
default route to the default gateway specified by
the server will not be configured. This allows this
connection to operate as a "split tunnel" in
configurations where the server allows this. Since
this option does not ignore routes explicitly pushed
from the server, this option does not allow split
tunnels when they are expressly forbidden in the
server configuration. The server can directly
override this option by pushing a "redirect-gateway"
or "redirect-private" option to the client. The
current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.Key [writeonly]
(VPN services of type OpenVPN only) Specify the
filename of the private key the client uses to
verify itself to the OpenVPN server. See the
"--key" option in the OpenVPN documentation. The
current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.KeyDirection [writeonly]
(VPN services of type OpenVPN only) [Deprecated]
This property is only provided for backwards
compatibility.
string OpenVPN.Mgmt.Enable [writeonly]
(VPN services of type OpenVPN only) [Deprecated]
This property is only provided for backwards
compatibility.
string OpenVPN.NsCertType [writeonly]
(VPN services of type OpenVPN only) If non-empty,
specifies that the peer certificate must be signed
with an explicit nsCertType designation. The value
assigned to this property specified the role that
should be assigned to the certificate. See the
"--ns-cert-type" option in the OpenVPN documentation.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.OTP [writeonly]
(VPN services of type OpenVPN only) Specifies a
one-time-password (OTP) to be used during the
authentication phase. The connection manager only
stores this value for the duration of a connection
attempt and will never persist this to a stored
profile.
string OpenVPN.Password [writeonly]
(VPN services of type OpenVPN only) Specifies a
password to be used during the authentication phase.
string OpenVPN.Pkcs11.ID [writeonly]
(VPN services of type OpenVPN only) Specify the
PKCS11 certificate id when using a crypto token
to perform certificate authentication.
string OpenVPN.Pkcs11.PIN [writeonly]
(VPN services of type OpenVPN only) Specifies a
PIN used to gain access to the cryptographic token
when using the "OpenVPN.Pkcs11.ID" property.
string OpenVPN.Pkcs11.Provider [writeonly]
(VPN services of type OpenVPN only) Specifies a
the provider for the the cryptographic token
when using the "OpenVPN.Pkcs11.ID" property.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.Ping [writeonly]
(VPN services of type OpenVPN only) If non-empty,
this specifies the period in seconds between sending
pings to the OpenVPN server. See the "--ping" option
in the OpenVPN documentation. The current value of
this property is readable in the "Provider" property
of this service.
string OpenVPN.PingExit [writeonly]
(VPN services of type OpenVPN only) If non-empty,
exit if this many seconds pass without reception
of a ping reply from the OpenVPN server. See the
"--ping-exit" option in the OpenVPN documentation.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.PingRestart [writeonly]
(VPN services of type OpenVPN only) If non-empty,
restart if this many seconds pass without reception
of a ping reply from the OpenVPN server. See the
"--ping-restart" option in the OpenVPN documentation.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.Port [writeonly]
(VPN services of type OpenVPN only) If non-empty,
use this port for both the local and remote.
See the "--port" option in the OpenVPN documentation.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.Proto [writeonly]
(VPN services of type OpenVPN only) If non-empty,
sets the protocol ("udp", "tcp-client", "tcp-server)
for the OpenVPN connection. See the "--proto" option
in the OpenVPN documentation. The current value of
this property is readable in the "Provider" property
of this service.
string OpenVPN.PushPeerInfo [writeonly]
(VPN services of type OpenVPN only) If non-empty,
specifies that client information should be pushed
to the server. See the "--push-peer-info" option
in the OpenVPN documentation. The current value of
this property is readable in the "Provider" property
of this service.
string OpenVPN.RemoteCertEKU [writeonly]
(VPN services of type OpenVPN only) Require that
the remote peer certificate be signed with the
specified extended key usage OID. See the
"--remote-cert-eku" option in the OpenVPN
documentation. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.RemoteCertKU [writeonly]
(VPN services of type OpenVPN only) Require that
the remote peer certificate be signed with the
specified key usage in hex format. See the
"--remote-cert-ku" option in the OpenVPN
documentation. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.RemoteCertTLS [writeonly]
(VPN services of type OpenVPN only) Require that
the remote peer certificate be signed with the
specified key usage and extend key usage based on
RFC3280 TLS rules. See the "--remote-cert-tls" option
in the OpenVPN documentation. The current value of
this property is readable in the "Provider" property
of this service.
string OpenVPN.RenegSec [writeonly]
(VPN services of type OpenVPN only) Specifies the
period (in seconds) to re-negotiate the data channel
key. See the "--reneg-sec" option in the OpenVPN
documentation. The current value of this property is
readable in the "Provider" property of this service.
string OpenVPN.ServerPollTimeout [writeonly]
(VPN services of type OpenVPN only) Specifies the
period (in seconds) to wait to for a response from
the server. See the "--server-poll-timeout" option
in the OpenVPN documentation. The current value of
this property is readable in the "Provider" property
of this service.
string OpenVPN.Shaper [writeonly]
(VPN services of type OpenVPN only) Restricts the
number of bytes per second to be output to the peer.
See the "--shaper" option in the OpenVPN documentation.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.StaticChallenge [writeonly]
(VPN services of type OpenVPN only) Enable static
challenge/response protocol. See the
"--static-challenge" option in the OpenVPN
documentation. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.TLSAuth [writeonly]
(VPN services of type OpenVPN only) If non-empty,
passes this as the "--tls-auth" argument to OpenVPN.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.TLSAuthContents [writeonly]
(VPN services of type OpenVPN only) Creates a
temporary file with the contents of this property
and passes it to OpenVPN using the "--tls-auth"
option. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.TLSRemote [writeonly]
(VPN services of type OpenVPN only) Specifies
the only X509 name that is allowed for the peer. See
the" --tls-remote" option in the OpenVPN
documentation. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.Token [writeonly]
(VPN services of type OpenVPN only) Specifies a
single-use token to be used during the static challenge
phase of authentication. This will be used instead of
the standard OpenVPN "SCRV1:" response containing the
password and OTP parameters. This is useful in
installations where the default base64 encoding may be
too large to fit in the buffer size available, and
server implementations have been changed to avoid this.
The connection manager only stores this value for the
duration of a connection attempt and will never persist
this to a stored profile.
string OpenVPN.User [writeonly]
(VPN services of type OpenVPN only) Specifies
the username to be specified in authentication to
the OpenVPN server. The current value of this property
is readable in the "Provider" property of this service.
string OpenVPN.Verb [writeonly]
(VPN services of type OpenVPN only) If non-empty,
passes this as the "--verb" argument to OpenVPN,
which sets the debug verbosity. By default this
value is set based on shill's debugging level for VPN.
The current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.VerifyHash [writeonly]
(VPN services of type OpenVPN only) If non-empty,
passes this as the "--verify-hash" argument to OpenVPN,
which specifies the SHA1 fingerprint for level-1
certificate. The current value of this property is
readable in the "Provider" property of this service.
string OpenVPN.VerifyX509Name [writeonly]
(VPN services of type OpenVPN only) If non-empty,
passes this as the "--verify-x509-name" argument to
OpenVPN, which specifies the X509 subject distinguished
name we mandate the remote VPN server to have. The
current value of this property is readable in the
"Provider" property of this service.
string OpenVPN.VerifyX509Type [writeonly]
(VPN services of type OpenVPN only) If non-empty,
this string is passed as a second parameter to the
"--verify-x509-name" flag sent to OpenVPN, which
qualifies the type of parameter specified in the
"OpenVPN.VerifyX509Name" property of this service.
If the "OpenVPN.VerifyX509Name" property is unset or
empty, setting this property has no effect during
connection. Please see the documentation of the
"--verify-x509-name" flag in the OpenVPN documentation
to better understand how these two parameters interact.
The current value of this property is readable in the
"Provider" property of this service.
string Passphrase [readwrite]
If the service type is "wifi", then this property
holds a passphrase used in setting up services of
type "wep", "wpa", "rsn", "psk", or a private
key password used in setting up services of
type "802_1x".
For "wep" services, this must contain the WEP
key and, optionally, a key index. Only 40-bit
and 104-bit WEP keys are supported. The WEP
key can be formatted either as an ASCII string
(5 or 13 characters), or as ASCII hex digits
(10 or 26). When using ASCII hex digits, the
key may optionally be preceded by "0x" or "0X".
To specify an optional WEP key index, prepend
the key with "0:", "1:", "2:" or "3:". If no
index is specified, 0 is used.
By default this property is not included in get
requests. It may be present if a non-default
security policy is configured and the client has
"read secret" privileges.
Note that no PropertyChanged signals are sent for
this property. The PassphraseRequired property
should be monitored instead.
boolean PassphraseRequired [readonly]
If the service type is "wifi", then this property
indicates if a passphrase or key (for WEP) is required.
If a passphrase has been set already or if no
passphrase is needed, then this property will
be set to false.
UI clients may monitor this property for a
PropertyChanged signals to prompt for a required
passphrase or key.
[We will be supporting this soon for VPN]
string PhysicalTechnology [readonly, optional]
If the service type is "vpn" and the service is
connected, this property is present and exposes the
Type property of the underliying physical service used.
Otherwise the property is not present.
string PreviousError [readonly]
The most recent service error status logged. Even
after the service leaves the failed state, this
property retains the last value that the Error property
contained.
Note that no PropertyChanged signals are sent for
this property. The Error property should be monitored
instead.
int32 PreviousErrorSerialNumber [readonly]
This number increases by one every time a service
failure is logged. It returns to zero if shill
restarts.
Note that no PropertyChanged signals are sent for
this property. The Error property should be monitored
instead.
int32 Priority [readwrite]
An optional value used to calculate the priority order
of this service. Priorities are between 1 to 100.
Services with priorities are sorted ahead of services
without. Services with the same priority are ordered
by other means such as service type and signal
strength.
By default services are not assigned a priority;
clients must set one if they desire. To remove an
existing priority use the ClearProperty method.
object Profile [readwrite]
The object path of the associated Profile object.
This may not be present if the Service object
has not been written to a profile yet.
string ProxyConfig [readwrite]
An externalized json dictionary describing the proxy
configuration that can be stored on the service, and
modified by a user.
Flimflam does not use this information for anything,
but it is left available to the caller, and stored
persistently.
This property may be set by any client and will be
adopted by chrome during run-time. If syntax of the
value is wrong, chrome will ignore this property during
runtime.
The value of this property is a string -> string
dictionary that includes the following keys. The final
string is a comma separated list of key-value pairs
enclosed by "{" and "}"; syntax of a key-value pair is:
<key>":"<value>. Example:
{"mode":"fixed-servers","server":"http=foopy:80"}
"mode"
type of proxy that can be one of:
"direct" --
direct connection to network, other preferences
are ignored
"auto_detect" --
try to retrieve a PAC script from
http://wpad/wpad.dat or fall back to direct
connection
"pac_script" --
try to retrieve PAC script specified for "pac_url"
(see below) or fall back to direct connection
"fixed_servers" --
manual configuration of one or more servers
to be used as proxy
"pac_url"
URL for proxy .pac file (meaningful only if mode=
pac_script); scheme of URL must be specified
"pac_mandatory"
indciate if a valid PAC script is mandatory
(meaningful only if mode=pac_script);
value is either true or false (without quotes), e.g.
"pac_mandatory":true;
if true, network traffic does not fall back to
direct connections in case the PAC script is not
available
"server"
proxy server for manual configuration (meaningful
only if mode=fixed-servers); syntax is
[<proxy-scheme>"://"]<proxy-host>[":"<proxy-port>];
if the proxy to use depends on the scheme of the
URL, specify a semicolon separated list of :
<url-scheme>"="<proxy-uri>
for example:
- "http=foopy:80;ftp=foopy2" --
use HTTP proxy "foopy:80" for http:// URLs, and
HTTP proxy "foopy2:80" for ftp:// URLS
- "foopy:80" -- use HTTP proxy "foopy:80" for all
URLs
- "socks4://foopy" --
use SOCKS v4 proxy "foopy:80" for all URLs
"bypass_list"
proxy bypass rules for manual configuration
(meaningful only if mode=fixed-servers); format
can be any one of the following:
1) [<url_scheme>"://"]<hostname_pattern>[":"<port>]
Match all hostnames that match the pattern
hostname_pattern which can be a substring of the
hostname with asterisks.
Examples: "foobar.com", "*foobar.com",
"*.foobar.com", "*foobar.com:99",
"https://x.*.y.com:99"
2) "."<hostname_suffix_pattern>[":"<port>]
Match a particular domain suffix.
Examples: ".google.com", ".com",
"http://.google.com"
3) [<scheme>"://"]<ip_literal>[":"<port>]
Match URLs that are IP address literals.
Conceptually this is the similar to (1), but with
special cases to handle IP literal
canonicalization. For example matching on
"[0:0:0::1]" would be the same as matching on
"[::1]" since the IPv6 canonicalization is done
internally.
Examples: "127.0.1", "[0:0::1]", "[::1]",
"http://[::1]:99"
4) <ip_literal>"/"<prefix_length_in_bits>
Match any URL that is to an IP literal that falls
in the given range. IP range is specified using
CIDR notation.
Examples: "192.168.1.1/16", "fefe:13::abc/33".
5) "<local>"
Match local addresses; this is a literal string.
"<local>" matches one of: "127.0.0.1", "::1",
"localhost".
dict Provider [readonly]
(VPN only) Provider data. The Provider is a container
which reports all of the VPN-specific properties of a
service.
string Host [readonly]
VPN host IP address.
string Type [readonly]
VPN provider type (e.g. openvpn).
string Provider.Host [writeonly]
(VPN only) Host name of the VPN server. The current
value of this property is readable in the "Provider"
property of this service.
string Provider.Name [writeonly]
(VPN only) The name assigned to this VPN service. The
current value of this property is readable in the
"Provider" property of this service.
string Provider.Type [writeonly]
(VPN only) The type of VPN service. This value is
only settable when creating this service (via the
Manager GetService or ConfigureService methods). The
current value of this property is readable in the
"Provider" property of this service.
boolean SaveCredentials [readwrite]
This property indicates if security credentials
should be reused and/or written to stable storage.
Setting this property to FALSE ensures nothing is
recorded and the client must supply credentials
for each Connect request.
The following credentials are not recorded when
this property is set to FALSE:
Passphrase
EAP.Identity
EAP.AnonymousIdentity
EAP.ClientCert
EAP.CertID
EAP.PrivateKey
EAP.PrivateKeyPassword
EAP.KeyID
EAP.PIN
EAP.Password
Note that no PropertyChanged signals are sent for
this property.
string Security [readonly]
If the service type is "wifi", then this property is
present and contains the security method or key
management setting.
Possible values are: "none" (no privacy),
"wep" (fixed key WEP), "wpa" (WPA-PSK), "rsn"
(IEEE 802.11i-PSK), "psk" (either "wpa" or "rsn"),
and "802_1x" (IEEE 802.11i with 802.1x authentication).
This property is only present for WiFi services.
string State [readonly]
The state of the service; one of:
"idle" The service is not enabled or otherwise
operational.
"carrier" The associated device is powered on and
ready for Layer 2 operation; e.g. a
wired Ethernet device that is powered
up and connected to a switch.
"association" Intermediate states associated with
"disconnect" connection-based devices such as WiFi
and Cellular. These are exposed for
UI applications to provide more
fine-grained status.
"configuration" Layer 2 is setup but Layer 3 setup
has yet to completed.
"ready" Layer 3 setup is complete; ready to
transit and receive data.
"portal" Layer 3 setup is complete but
connectivity to the Internet may be
limited or unavailable.
"online" Layer 3 setup is complete and an
Internet connection has been checked
to support HTTP access to the
Manager.PortalURL site.
"failure" An error occurred while trying to
reach the "ready" state. Consult the
Error propery for details.
"activation-failure"
An error occurred while trying to
activate a cellular modem. Consult the
Error property for details.
string StaticIP.Address [readwrite]
string StaticIP.Gateway [readwrite]
int32 StaticIP.Mtu [readwrite]
string StaticIP.NameServers [readwrite]
string StaticIP.PeerAddress [readwrite]
int32 StaticIP.Prefixlen [readwrite]
The properties above can be set on a service to
selectively override individual parameters received
over DHCP or whatever default IP aquisition technique
is used by the service. The "StaticIP.NameServers"
property should be a comma-separated list of IP
addresses.
Additionally, in services that use DHCP, if the
"StaticIP.Address" and "StaticIP.Prefixlen"
parameters are both set on a service, the service
will be configured as soon as a link is established,
in order to allow full static IP configuration. A
DHCP client will be launched in parallel, which, if
successful, will provide values for any parameters
that were not set statically.
The IPConfig associated with the service (object
path supplied in the "IPConfig" property above)
will display the result of the merged network
parameters.
string SavedIP.Address [readonly]
string SavedIP.Gateway [readonly]
int32 SavedIP.Mtu [readonly]
string SavedIP.NameServers [readonly]
string SavedIP.PeerAddress [readonly]
int32 SavedIP.Prefixlen [readonly]
The properties above are set on a service to present
the configuration that was recieved from the DHCP
server prior to applying any "StaticIP.*" parameters
during the most recent connection attempt. All
parameters are saved regardless of whether they were
overridden.
Note that if a "StaticIP.*" parameter is set on
a service, but the service has not been re-connected,
the IPConfig object will still contain the true
value that the interface is set to.
uint8 Strength [readonly]
Indicates the signal strength of the service. This
is a normalized value between 0 and 100.
This property will not be present for Ethernet
devices.
string Tethering [readonly]
Returns a string that indicates an estimate of
whether the service is likely to be providing
internet connectivity over a mobile network backhaul.
The possible values of this string are:
NotDetected: Tethering is not detected.
Suspected: Something in the network scan
provides circumstantial evidence
that this service is tethered.
Confirmed: Some definitive evidence has
been discovered that indicates
either this service is tethered
or the server is overtly pretending
to be tethered.
This property is only visible in service types
which can support tethering. Currently only
Ethernet and WiFi services support this property
directly. VPN services make this property visible
if the service they're using for connectivity does
(i.e., if VPN connectivity is gained via Ethernet
or WiFi).
string Type [readonly]
The service type; one of:
"ethernet" (802.3 wired Ethernet),
"wifi" (IEEE 802.11),
"wimax" (IEEE 802.16),
"bluetooth" (Bluetooth PAN),
"cellular" (3G Cellular), or
"vpn" (Virtual Private Network).
This information should only be used to determine
advanced properties or showing the correct icon
to the user.
string UIData [readwrite]
This is additional data available about this service
for use by the user interface. This value is opaque
and not used by shill.
bool Visible [readonly]
WiMax and WiFi services list all services for which
configuration exists in the manager's
ServiceCompleteList. Those service types have this
property set to false if such a configured service
is not actually in range. For all other services
(including all other service types) this property
is always true.
string WiFi.AuthMode [readonly]
(WiFi only) If the service state is
"configuration" or "ready", then this property
will be present and contains the negotiated
authentication method.
There are too many possible values to enumerate here.
The complete set depends on the capabilities of the
associated WiFi supplicant.
string WiFi.BSSID [readonly]
(WiFi only) The BSSID of the associated AP.
One can monitor this property for PropertyChanged
signals to identify when roaming changes the
current AP.
boolean WiFi.HiddenSSID [readwrite]
(WiFi only) If true, the associated WiFi network
does not broadcast it's SSID in beacon frames.
This property instructs shill to actively scan
for this SSID. This value is cleared when this
service is removed from all active profiles.
uint16 WiFi.Frequency [readonly]
(WiFi only) The operating frequency in MHz of
the Service. If the Service is connected, this
is the frequency on which it is connected.
Otherwise, this is the frequency of the best
available BSS (roughly, AP) for this Service.
array{uint16} WiFi.FrequencyList [readonly]
(WiFi only) The operating frequencies in MHz of
the Service. This lists all of the frequencies
where this Service has recently been seen.
This list is not necessarily complete, as:
a) not all scans check every channel,
b) an AP may not have responded in time, and
c) some scan results may have expired from the
cache.
string WiFi.PhyMode [readonly]
(WiFi only) If the service state is
"configuration" or "ready", then this property
will be present and contains the negotiated
operating mode for the channel. Possible values
include "802.11a", "802.11b", "802.11g",
"802.11n". This value is for informational
purposes only.
string WiFi.HexSSID [readonly]
(WiFi only) This property holds a hex-encoded copy
of the SSID. Since the Name property is enforced
by the D-Bus protocol to be a valid UTF-8 string
but SSIDs can be an abitrary sequence of bytes, this
property will always contain the true value of the
SSID, while the Name property may differ from the
true representation.
See also the Name property. (Note that there is
no SSID property for reasons explained above.)
string WiFi.SSID [readonly]
(WiFi only) The service's SSID. Must have a non-zero
length less than or equal to 32.
bool WiFi.ProtectedManagementFrameRequired [readonly]
(WiFi only) This property indicates whether an AP for
this service has been seen that requires 802.11w
(Protected Management Frame) support.
dict WiFi.VendorInformation [readonly]
(WiFi only) Information about the vendor of the
AP, gleaned from WPS and vendor-specific information
elements in the beacon and probe respondss.
string Manufacturer [readonly]
Device manufacturer name as supplied by WPS IE.
string ModelName [readonly]
Device model name as supplied by WPS IE.
string ModelNumber [readonly]
Device model number as supplied by WPS IE.
string DeviceName [readonly]
Device name as supplied by WPS IE.
string OUIList [readonly]
Space separated list of OUI identifiers for
vendor-specific IEs that were neither the
Microsoft nor Epigram identifiers (the former
two are used for platform-neutral information).