colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nmcli: fix import WireGuard profile with DNS domain and address family disabled

Browse Source 
In NetworkManager, a profile cannot have "ipvx.dns" or "ipvx.dns-search"
while the corresponding IP method is disabled. Together with the oddity
that in NetworkManager DNS settings are separate per IPv4 and IPv6, this
causes problems:

  $ cat wg0.conf
  [Interface]
  PrivateKey = CBXpiLxQ98TLISJ2cypEFtQb/djzYzENyy0jzhWa/UA=
  Address = 192.168.1.100
  DNS = 10.11.12.13, foobar.de

  [Peer]
  PublicKey = Wus1sBzZiQkyxr6ZitUFNvfYD7KJkwTsWlcxvJ/4SHI=
  Endpoint = 1.2.3.4:51827
  AllowedIPs = 0.0.0.0/0

  $ nmcli connection import type wireguard file wg0.conf
  Error: failed to import 'wg0.conf': Failed to create WireGuard connection: ipv6.dns-search: this property is not allowed for 'method=disabled'.

Fixes: 3ab082ed96 ('cli: support dns-search for import of WireGuard profiles')
This commit is contained in:
Thomas Haller
2021-10-27 19:45:01 +02:00
committed by Beniamino Galvani
parent d8186b1253
commit db53e5f3cd
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/libnmc-base/nm-vpn-helpers.c
View File

@@ -746,7 +746,7 @@ fail_invalid_secret:
GPtrArray * data_addr = is_v4 ? data_addr_v4 : data_addr_v6;
GPtrArray * data_dns_search2 = data_dns_search;
if (data_dns && !data_addr) {
if (!data_addr) {
/* When specifying "DNS", we also require an "Address" for the same address
* family. That is because a NMSettingIPConfig cannot have @method_disabled
* and DNS settings at the same time.