wireguard: add "peer-routes" setting for WireGuard profiles
This setting is not yet implemented. This adds new API for 1.16.0 and is an ABI break since 1.16-rc1.
This commit is contained in:
Thomas Haller
@@ -7536,6 +7536,9 @@ static const NMMetaPropertyInfo *const property_infos_WIREGUARD[] = {
|
|||||||
.base = 16,
|
.base = 16,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIREGUARD_PEER_ROUTES,
|
||||||
|
.property_type = &_pt_gobject_bool,
|
||||||
|
),
|
||||||
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIREGUARD_MTU,
|
PROPERTY_INFO_WITH_DESC (NM_SETTING_WIREGUARD_MTU,
|
||||||
.property_type = &_pt_gobject_mtu,
|
.property_type = &_pt_gobject_mtu,
|
||||||
),
|
),
|
||||||
|
|||||||
@@ -365,6 +365,7 @@
|
|||||||
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_FWMARK N_("The use of fwmark is optional and is by default off. Setting it to 0 disables it. Otherwise it is a 32-bit fwmark for outgoing packets.")
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_FWMARK N_("The use of fwmark is optional and is by default off. Setting it to 0 disables it. Otherwise it is a 32-bit fwmark for outgoing packets.")
|
||||||
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_LISTEN_PORT N_("The listen-port. If listen-port is not specified, the port will be chosen randomly when the interface comes up.")
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_LISTEN_PORT N_("The listen-port. If listen-port is not specified, the port will be chosen randomly when the interface comes up.")
|
||||||
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_MTU N_("If non-zero, only transmit packets of the specified size or smaller, breaking larger packets up into multiple fragments. If zero a default MTU is used. Note that contrary to wg-quick's MTU setting, this does not take into account the current routes at the time of activation.")
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_MTU N_("If non-zero, only transmit packets of the specified size or smaller, breaking larger packets up into multiple fragments. If zero a default MTU is used. Note that contrary to wg-quick's MTU setting, this does not take into account the current routes at the time of activation.")
|
||||||
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_PEER_ROUTES N_("Whether to automatically add routes for the AllowedIPs ranges of the peers. If TRUE (the default), NetworkManager will automatically add routes in the routing tables according to ipv4.route-table and ipv6.route-table. If FALSE, no such routes are added automatically. In this case, the user may want to configure static routes in ipv4.routes and ipv6.routes, respectively.")
|
||||||
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_PRIVATE_KEY N_("The 256 bit private-key in base64 encoding.")
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_PRIVATE_KEY N_("The 256 bit private-key in base64 encoding.")
|
||||||
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_PRIVATE_KEY_FLAGS N_("Flags indicating how to handle the \"private-key\" property.")
|
#define DESCRIBE_DOC_NM_SETTING_WIREGUARD_PRIVATE_KEY_FLAGS N_("Flags indicating how to handle the \"private-key\" property.")
|
||||||
#define DESCRIBE_DOC_NM_SETTING_WPAN_CHANNEL N_("IEEE 802.15.4 channel. A positive integer or -1, meaning \"do not set, use whatever the device is already set to\".")
|
#define DESCRIBE_DOC_NM_SETTING_WPAN_CHANNEL N_("IEEE 802.15.4 channel. A positive integer or -1, meaning \"do not set, use whatever the device is already set to\".")
|
||||||
|
|||||||
@@ -853,6 +853,7 @@ NM_GOBJECT_PROPERTIES_DEFINE_BASE (
|
|||||||
PROP_FWMARK,
|
PROP_FWMARK,
|
||||||
PROP_LISTEN_PORT,
|
PROP_LISTEN_PORT,
|
||||||
PROP_MTU,
|
PROP_MTU,
|
||||||
|
PROP_PEER_ROUTES,
|
||||||
PROP_PRIVATE_KEY,
|
PROP_PRIVATE_KEY,
|
||||||
PROP_PRIVATE_KEY_FLAGS,
|
PROP_PRIVATE_KEY_FLAGS,
|
||||||
);
|
);
|
||||||
@@ -866,6 +867,7 @@ typedef struct {
|
|||||||
guint32 mtu;
|
guint32 mtu;
|
||||||
guint16 listen_port;
|
guint16 listen_port;
|
||||||
bool private_key_valid:1;
|
bool private_key_valid:1;
|
||||||
|
bool peer_routes:1;
|
||||||
} NMSettingWireGuardPrivate;
|
} NMSettingWireGuardPrivate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -980,6 +982,22 @@ nm_setting_wireguard_get_listen_port (NMSettingWireGuard *self)
|
|||||||
return NM_SETTING_WIREGUARD_GET_PRIVATE (self)->listen_port;
|
return NM_SETTING_WIREGUARD_GET_PRIVATE (self)->listen_port;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_wireguard_get_peer_routes:
|
||||||
|
* @self: the #NMSettingWireGuard instance
|
||||||
|
*
|
||||||
|
* Returns: whether automatically add peer routes.
|
||||||
|
*
|
||||||
|
* Since: 1.16
|
||||||
|
*/
|
||||||
|
gboolean
|
||||||
|
nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_WIREGUARD (self), TRUE);
|
||||||
|
|
||||||
|
return NM_SETTING_WIREGUARD_GET_PRIVATE (self)->peer_routes;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* nm_setting_wireguard_get_mtu:
|
* nm_setting_wireguard_get_mtu:
|
||||||
* @self: the #NMSettingWireGuard instance
|
* @self: the #NMSettingWireGuard instance
|
||||||
@@ -2187,6 +2205,9 @@ get_property (GObject *object, guint prop_id,
|
|||||||
case PROP_MTU:
|
case PROP_MTU:
|
||||||
g_value_set_uint (value, priv->mtu);
|
g_value_set_uint (value, priv->mtu);
|
||||||
break;
|
break;
|
||||||
|
case PROP_PEER_ROUTES:
|
||||||
|
g_value_set_boolean (value, priv->peer_routes);
|
||||||
|
break;
|
||||||
case PROP_PRIVATE_KEY:
|
case PROP_PRIVATE_KEY:
|
||||||
g_value_set_string (value, priv->private_key);
|
g_value_set_string (value, priv->private_key);
|
||||||
break;
|
break;
|
||||||
@@ -2216,6 +2237,9 @@ set_property (GObject *object, guint prop_id,
|
|||||||
case PROP_MTU:
|
case PROP_MTU:
|
||||||
priv->mtu = g_value_get_uint (value);
|
priv->mtu = g_value_get_uint (value);
|
||||||
break;
|
break;
|
||||||
|
case PROP_PEER_ROUTES:
|
||||||
|
priv->peer_routes = g_value_get_boolean (value);
|
||||||
|
break;
|
||||||
case PROP_PRIVATE_KEY:
|
case PROP_PRIVATE_KEY:
|
||||||
nm_clear_pointer (&priv->private_key, nm_free_secret);
|
nm_clear_pointer (&priv->private_key, nm_free_secret);
|
||||||
str = g_value_get_string (value);
|
str = g_value_get_string (value);
|
||||||
@@ -2248,6 +2272,7 @@ nm_setting_wireguard_init (NMSettingWireGuard *setting)
|
|||||||
|
|
||||||
priv->peers_arr = g_ptr_array_new ();
|
priv->peers_arr = g_ptr_array_new ();
|
||||||
priv->peers_hash = g_hash_table_new (nm_pstr_hash, nm_pstr_equal);
|
priv->peers_hash = g_hash_table_new (nm_pstr_hash, nm_pstr_equal);
|
||||||
|
priv->peer_routes = TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -2362,6 +2387,26 @@ nm_setting_wireguard_class_init (NMSettingWireGuardClass *klass)
|
|||||||
| NM_SETTING_PARAM_INFERRABLE
|
| NM_SETTING_PARAM_INFERRABLE
|
||||||
| G_PARAM_STATIC_STRINGS);
|
| G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingWireGuard:peer-routes:
|
||||||
|
*
|
||||||
|
* Whether to automatically add routes for the AllowedIPs ranges
|
||||||
|
* of the peers. If %TRUE (the default), NetworkManager will automatically
|
||||||
|
* add routes in the routing tables according to ipv4.route-table and
|
||||||
|
* ipv6.route-table.
|
||||||
|
* If %FALSE, no such routes are added automatically. In this case, the
|
||||||
|
* user may want to configure static routes in ipv4.routes and ipv6.routes,
|
||||||
|
* respectively.
|
||||||
|
*
|
||||||
|
* Since: 1.16
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_PEER_ROUTES] =
|
||||||
|
g_param_spec_boolean (NM_SETTING_WIREGUARD_PEER_ROUTES, "", "",
|
||||||
|
TRUE,
|
||||||
|
G_PARAM_READWRITE
|
||||||
|
| NM_SETTING_PARAM_INFERRABLE
|
||||||
|
| G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* NMSettingWireGuard:mtu:
|
* NMSettingWireGuard:mtu:
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -134,6 +134,7 @@ int nm_wireguard_peer_cmp (const NMWireGuardPeer *a,
|
|||||||
#define NM_SETTING_WIREGUARD_PEERS "peers"
|
#define NM_SETTING_WIREGUARD_PEERS "peers"
|
||||||
|
|
||||||
#define NM_SETTING_WIREGUARD_MTU "mtu"
|
#define NM_SETTING_WIREGUARD_MTU "mtu"
|
||||||
|
#define NM_SETTING_WIREGUARD_PEER_ROUTES "peer-routes"
|
||||||
|
|
||||||
#define NM_WIREGUARD_PEER_ATTR_ALLOWED_IPS "allowed-ips"
|
#define NM_WIREGUARD_PEER_ATTR_ALLOWED_IPS "allowed-ips"
|
||||||
#define NM_WIREGUARD_PEER_ATTR_ENDPOINT "endpoint"
|
#define NM_WIREGUARD_PEER_ATTR_ENDPOINT "endpoint"
|
||||||
@@ -196,6 +197,9 @@ gboolean nm_setting_wireguard_remove_peer (NMSettingWireGuard *self,
|
|||||||
NM_AVAILABLE_IN_1_16
|
NM_AVAILABLE_IN_1_16
|
||||||
guint nm_setting_wireguard_clear_peers (NMSettingWireGuard *self);
|
guint nm_setting_wireguard_clear_peers (NMSettingWireGuard *self);
|
||||||
|
|
||||||
|
NM_AVAILABLE_IN_1_16
|
||||||
|
gboolean nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self);
|
||||||
|
|
||||||
NM_AVAILABLE_IN_1_16
|
NM_AVAILABLE_IN_1_16
|
||||||
guint32 nm_setting_wireguard_get_mtu (NMSettingWireGuard *self);
|
guint32 nm_setting_wireguard_get_mtu (NMSettingWireGuard *self);
|
||||||
|
|
||||||
|
|||||||
@@ -1469,6 +1469,7 @@ global:
|
|||||||
nm_setting_wireguard_get_mtu;
|
nm_setting_wireguard_get_mtu;
|
||||||
nm_setting_wireguard_get_peer;
|
nm_setting_wireguard_get_peer;
|
||||||
nm_setting_wireguard_get_peer_by_public_key;
|
nm_setting_wireguard_get_peer_by_public_key;
|
||||||
|
nm_setting_wireguard_get_peer_routes;
|
||||||
nm_setting_wireguard_get_peers_len;
|
nm_setting_wireguard_get_peers_len;
|
||||||
nm_setting_wireguard_get_private_key;
|
nm_setting_wireguard_get_private_key;
|
||||||
nm_setting_wireguard_get_private_key_flags;
|
nm_setting_wireguard_get_private_key_flags;
|
||||||
|
|||||||
Reference in New Issue
Block a user