libnm: change nm_wireguard_peer_set_endpoint() API to allow validation
This is an API break since 1.16-rc1.
Similar to previous commit.
(cherry picked from commit 8ae9aa2428)
This commit is contained in:
Thomas Haller
@@ -369,7 +369,7 @@ def do_set(nm_client, conn, argv):
|
|||||||
idx += 2
|
idx += 2
|
||||||
continue
|
continue
|
||||||
if peer and argv[idx] == 'endpoint':
|
if peer and argv[idx] == 'endpoint':
|
||||||
peer.set_endpoint(argv_get_one(argv, idx + 1, None, idx))
|
peer.set_endpoint(argv_get_one(argv, idx + 1, None, idx), True)
|
||||||
idx += 2
|
idx += 2
|
||||||
continue
|
continue
|
||||||
if peer and argv[idx] == 'persistent-keepalive':
|
if peer and argv[idx] == 'persistent-keepalive':
|
||||||
|
|||||||
@@ -2972,16 +2972,12 @@ _read_setting_wireguard_peer (KeyfileReaderInfo *info)
|
|||||||
key = NM_WIREGUARD_PEER_ATTR_ENDPOINT;
|
key = NM_WIREGUARD_PEER_ATTR_ENDPOINT;
|
||||||
str = nm_keyfile_plugin_kf_get_string (info->keyfile, info->group, key, NULL);
|
str = nm_keyfile_plugin_kf_get_string (info->keyfile, info->group, key, NULL);
|
||||||
if (str && str[0]) {
|
if (str && str[0]) {
|
||||||
nm_auto_unref_sockaddrendpoint NMSockAddrEndpoint *ep = NULL;
|
if (!nm_wireguard_peer_set_endpoint (peer, str, FALSE)) {
|
||||||
|
|
||||||
ep = nm_sock_addr_endpoint_new (str);
|
|
||||||
if (!nm_sock_addr_endpoint_get_host (ep)) {
|
|
||||||
if (!handle_warn (info, key, NM_KEYFILE_WARN_SEVERITY_WARN,
|
if (!handle_warn (info, key, NM_KEYFILE_WARN_SEVERITY_WARN,
|
||||||
_("key '%s.%s' is not not a valid endpoint"),
|
_("key '%s.%s' is not not a valid endpoint"),
|
||||||
info->group, key))
|
info->group, key))
|
||||||
return;
|
return;
|
||||||
} else
|
}
|
||||||
_nm_wireguard_peer_set_endpoint (peer, ep);
|
|
||||||
}
|
}
|
||||||
nm_clear_g_free (&str);
|
nm_clear_g_free (&str);
|
||||||
|
|
||||||
|
|||||||
@@ -524,26 +524,50 @@ _nm_wireguard_peer_set_endpoint (NMWireGuardPeer *self,
|
|||||||
* nm_wireguard_peer_set_endpoint:
|
* nm_wireguard_peer_set_endpoint:
|
||||||
* @self: the unsealed #NMWireGuardPeer instance
|
* @self: the unsealed #NMWireGuardPeer instance
|
||||||
* @endpoint: the socket address endpoint to set or %NULL.
|
* @endpoint: the socket address endpoint to set or %NULL.
|
||||||
|
* @allow_invalid: if %TRUE, also invalid values are set.
|
||||||
|
* If %FALSE, the function does nothing for invalid @endpoint
|
||||||
|
* arguments.
|
||||||
*
|
*
|
||||||
* Sets or clears the endpoint of @self.
|
* Sets or clears the endpoint of @self.
|
||||||
*
|
*
|
||||||
* It is a bug trying to modify a sealed #NMWireGuardPeer instance.
|
* It is a bug trying to modify a sealed #NMWireGuardPeer instance.
|
||||||
*
|
*
|
||||||
|
* Returns: %TRUE if the endpoint is %NULL or valid. For an
|
||||||
|
* invalid @endpoint argument, %FALSE is returned. Depending
|
||||||
|
* on @allow_invalid, the instance will be modified.
|
||||||
|
*
|
||||||
* Since: 1.16
|
* Since: 1.16
|
||||||
*/
|
*/
|
||||||
void
|
gboolean
|
||||||
nm_wireguard_peer_set_endpoint (NMWireGuardPeer *self,
|
nm_wireguard_peer_set_endpoint (NMWireGuardPeer *self,
|
||||||
const char *endpoint)
|
const char *endpoint,
|
||||||
|
gboolean allow_invalid)
|
||||||
{
|
{
|
||||||
NMSockAddrEndpoint *old;
|
NMSockAddrEndpoint *old;
|
||||||
|
NMSockAddrEndpoint *new;
|
||||||
|
gboolean is_valid;
|
||||||
|
|
||||||
g_return_if_fail (NM_IS_WIREGUARD_PEER (self, FALSE));
|
g_return_val_if_fail (NM_IS_WIREGUARD_PEER (self, FALSE), FALSE);
|
||||||
|
|
||||||
|
if (!endpoint) {
|
||||||
|
nm_clear_pointer (&self->endpoint, nm_sock_addr_endpoint_unref);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
new = nm_sock_addr_endpoint_new (endpoint);
|
||||||
|
|
||||||
|
is_valid = (nm_sock_addr_endpoint_get_host (new) != NULL);
|
||||||
|
|
||||||
|
if ( !allow_invalid
|
||||||
|
&& !is_valid) {
|
||||||
|
nm_sock_addr_endpoint_unref (new);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
old = self->endpoint;
|
old = self->endpoint;
|
||||||
self->endpoint = endpoint
|
self->endpoint = new;
|
||||||
? nm_sock_addr_endpoint_new (endpoint)
|
|
||||||
: NULL;
|
|
||||||
nm_sock_addr_endpoint_unref (old);
|
nm_sock_addr_endpoint_unref (old);
|
||||||
|
return is_valid;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -87,8 +87,9 @@ void nm_wireguard_peer_set_persistent_keepalive (NMWireGuardPeer *self,
|
|||||||
NM_AVAILABLE_IN_1_16
|
NM_AVAILABLE_IN_1_16
|
||||||
const char *nm_wireguard_peer_get_endpoint (const NMWireGuardPeer *self);
|
const char *nm_wireguard_peer_get_endpoint (const NMWireGuardPeer *self);
|
||||||
NM_AVAILABLE_IN_1_16
|
NM_AVAILABLE_IN_1_16
|
||||||
void nm_wireguard_peer_set_endpoint (NMWireGuardPeer *self,
|
gboolean nm_wireguard_peer_set_endpoint (NMWireGuardPeer *self,
|
||||||
const char *endpoint);
|
const char *endpoint,
|
||||||
|
gboolean allow_invalid);
|
||||||
|
|
||||||
NM_AVAILABLE_IN_1_16
|
NM_AVAILABLE_IN_1_16
|
||||||
guint nm_wireguard_peer_get_allowed_ips_len (const NMWireGuardPeer *self);
|
guint nm_wireguard_peer_get_allowed_ips_len (const NMWireGuardPeer *self);
|
||||||
|
|||||||
@@ -2078,7 +2078,8 @@ _rndt_wg_peers_create (void)
|
|||||||
nm_wireguard_peer_set_persistent_keepalive (peer,
|
nm_wireguard_peer_set_persistent_keepalive (peer,
|
||||||
nmtst_rand_select ((guint32) 0, nmtst_get_rand_int ()));
|
nmtst_rand_select ((guint32) 0, nmtst_get_rand_int ()));
|
||||||
|
|
||||||
nm_wireguard_peer_set_endpoint (peer, nmtst_rand_select (s_endpoint, NULL));
|
if (!nm_wireguard_peer_set_endpoint (peer, nmtst_rand_select (s_endpoint, NULL), TRUE))
|
||||||
|
g_assert_not_reached ();
|
||||||
|
|
||||||
n_aip = nmtst_rand_select (0, nmtst_get_rand_int () % 10);
|
n_aip = nmtst_rand_select (0, nmtst_get_rand_int () % 10);
|
||||||
for (i_aip = 0; i_aip < n_aip; i_aip++) {
|
for (i_aip = 0; i_aip < n_aip; i_aip++) {
|
||||||
|
|||||||
Reference in New Issue
Block a user