colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vpn: let plugins forbid VPN connections from getting the default route (bgo #621698)

Browse Source 
Minor fixes and cleanups by dcbw.
This commit is contained in:
Zephaniah E. Loss-Cutler-Hull
2010-08-12 23:52:17 -05:00
committed by Dan Williams
parent ba355b6a7e
commit d5468c8527
3 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/NetworkManagerVPN.h
View File

@@ -166,6 +166,9 @@ typedef enum {
*/ */
#define NM_VPN_PLUGIN_IP4_CONFIG_ROUTES "routes" #define NM_VPN_PLUGIN_IP4_CONFIG_ROUTES "routes"
/* boolean: prevent this VPN connection from ever getting the default route */
#define NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT "never-default"
/* Deprecated */ /* Deprecated */
#define NM_VPN_PLUGIN_IP4_CONFIG_GATEWAY NM_VPN_PLUGIN_IP4_CONFIG_EXT_GATEWAY #define NM_VPN_PLUGIN_IP4_CONFIG_GATEWAY NM_VPN_PLUGIN_IP4_CONFIG_EXT_GATEWAY

11
src/nm-policy.c
View File

@@ -138,7 +138,8 @@ get_best_ip4_device (NMManager *manager, NMActRequest **out_req)
continue; continue;
/* 'never-default' devices can't ever be the default */ /* 'never-default' devices can't ever be the default */
if (s_ip4 && nm_setting_ip4_config_get_never_default (s_ip4)) if ( (s_ip4 && nm_setting_ip4_config_get_never_default (s_ip4))
|| nm_ip4_config_get_never_default (ip4_config))
continue; continue;
prio = nm_device_get_priority (dev); prio = nm_device_get_priority (dev);
@@ -482,6 +483,13 @@ update_ip4_routing_and_dns (NMPolicy *policy, gboolean force_update)
/* If it's marked 'never-default', don't make it default */ /* If it's marked 'never-default', don't make it default */
vpn_connection = nm_vpn_connection_get_connection (candidate); vpn_connection = nm_vpn_connection_get_connection (candidate);
g_assert (vpn_connection); g_assert (vpn_connection);
/* Check the active IP4 config from the VPN service daemon */
ip4_config = nm_vpn_connection_get_ip4_config (candidate);
if (ip4_config && nm_ip4_config_get_never_default (ip4_config))
can_default = FALSE;
/* Check the user's preference from the NMConnection */
s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (vpn_connection, NM_TYPE_SETTING_IP4_CONFIG); s_ip4 = (NMSettingIP4Config *) nm_connection_get_setting (vpn_connection, NM_TYPE_SETTING_IP4_CONFIG);
if (s_ip4 && nm_setting_ip4_config_get_never_default (s_ip4)) if (s_ip4 && nm_setting_ip4_config_get_never_default (s_ip4))
can_default = FALSE; can_default = FALSE;
@@ -493,7 +501,6 @@ update_ip4_routing_and_dns (NMPolicy *policy, gboolean force_update)
ip_iface = nm_vpn_connection_get_ip_iface (candidate); ip_iface = nm_vpn_connection_get_ip_iface (candidate);
connection = nm_vpn_connection_get_connection (candidate); connection = nm_vpn_connection_get_connection (candidate);
ip4_config = nm_vpn_connection_get_ip4_config (candidate);
addr = nm_ip4_config_get_address (ip4_config, 0); addr = nm_ip4_config_get_address (ip4_config, 0);
parent = nm_vpn_connection_get_parent_device (candidate); parent = nm_vpn_connection_get_parent_device (candidate);

7
src/vpn-manager/nm-vpn-connection.c
View File

@@ -382,6 +382,9 @@ print_vpn_config (NMIP4Config *config,
ip_address_to_string (nm_ip4_route_get_next_hop (route))); ip_address_to_string (nm_ip4_route_get_next_hop (route)));
} }
nm_log_info (LOGD_VPN, "Forbid Default Route: %s",
nm_ip4_config_get_never_default (config) ? "yes" : "no");
num = nm_ip4_config_get_num_nameservers (config); num = nm_ip4_config_get_num_nameservers (config);
for (i = 0; i < num; i++) { for (i = 0; i < num; i++) {
nm_log_info (LOGD_VPN, "Internal IP4 DNS: %s", nm_log_info (LOGD_VPN, "Internal IP4 DNS: %s",
@@ -527,6 +530,10 @@ nm_vpn_connection_ip4_config_get (DBusGProxy *proxy,
g_slist_free (routes); g_slist_free (routes);
} }
val = (GValue *) g_hash_table_lookup (config_hash, NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT);
if (val && G_VALUE_HOLDS_BOOLEAN (val))
nm_ip4_config_set_never_default (config, g_value_get_boolean (val));
print_vpn_config (config, priv->ip4_internal_gw, priv->ip_iface, priv->banner); print_vpn_config (config, priv->ip4_internal_gw, priv->ip_iface, priv->banner);
/* Merge in user overrides from the NMConnection's IPv4 setting */ /* Merge in user overrides from the NMConnection's IPv4 setting */