diff options
author | Thomas Haller <thaller@redhat.com> | 2015-07-13 15:30:42 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2015-07-13 15:30:42 +0200 |
commit | 361b3456bac90971d3a6447e2e2c60557f61afd8 (patch) | |
tree | 8b7c0aa3362723e5f9a34b91de36d13a696a845c | |
parent | 09d5fa03928f6915271bd379ab18e5a28b64c9b9 (diff) | |
parent | 7657030329eacb3b80fbdbbf6140806aea44a71d (diff) | |
download | NetworkManager-361b3456bac90971d3a6447e2e2c60557f61afd8.tar.gz |
vpn: merge branch 'th/vpn-route-bgo752225'
https://bugzilla.gnome.org/show_bug.cgi?id=752225
-rw-r--r-- | src/nm-default-route-manager.c | 19 | ||||
-rw-r--r-- | src/vpn-manager/nm-vpn-connection.c | 35 |
2 files changed, 39 insertions, 15 deletions
diff --git a/src/nm-default-route-manager.c b/src/nm-default-route-manager.c index 8107ae9274..fbb07ce3fc 100644 --- a/src/nm-default-route-manager.c +++ b/src/nm-default-route-manager.c @@ -767,7 +767,7 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self, never_default = nm_ip4_config_get_never_default (vpn_config); rt.r4.ifindex = ip_ifindex; rt.r4.source = NM_IP_CONFIG_SOURCE_VPN; - rt.r4.gateway = nm_vpn_connection_get_ip4_internal_gateway (vpn); + rt.r4.gateway = nm_ip4_config_get_gateway (vpn_config); rt.r4.metric = nm_vpn_connection_get_ip4_route_metric (vpn); rt.r4.mss = nm_ip4_config_get_mss (vpn_config); default_route = &rt.rx; @@ -777,7 +777,7 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self, vpn_config = nm_vpn_connection_get_ip6_config (vpn); if (vpn_config) { - const struct in6_addr *int_gw = nm_vpn_connection_get_ip6_internal_gateway (vpn); + const struct in6_addr *int_gw = nm_ip6_config_get_gateway (vpn_config); never_default = nm_ip6_config_get_never_default (vpn_config); rt.r6.ifindex = ip_ifindex; @@ -789,11 +789,24 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self, } } } - synced = TRUE; + if (nm_vpn_connection_get_ip_ifindex (vpn) > 0) + synced = TRUE; + else { + /* a VPN connection without tunnel device cannot have a non-synced, missing default route. + * Either it has a default route (which is synced), or it has no entry. */ + synced = default_route && !never_default; + } } } + g_assert (!default_route || default_route->plen == 0); + if (!synced && never_default) { + /* having a non-synced, never-default entry is non-sensical. Unset + * @default_route so that we don't add such an entry below. */ + default_route = NULL; + } + if (!entry && !default_route) /* nothing to do */; else if (!entry) { diff --git a/src/vpn-manager/nm-vpn-connection.c b/src/vpn-manager/nm-vpn-connection.c index 33fde937b6..ed02ba69a6 100644 --- a/src/vpn-manager/nm-vpn-connection.c +++ b/src/vpn-manager/nm-vpn-connection.c @@ -880,21 +880,33 @@ apply_parent_device_config (NMVpnConnection *connection) NMIP4Config *vpn4_parent_config = NULL; NMIP6Config *vpn6_parent_config = NULL; - if (priv->ip4_config) - vpn4_parent_config = nm_ip4_config_new (priv->ip_ifindex); - if (priv->ip6_config) - vpn6_parent_config = nm_ip6_config_new (priv->ip_ifindex); + if (priv->ip_ifindex > 0) { + if (priv->ip4_config) + vpn4_parent_config = nm_ip4_config_new (priv->ip_ifindex); + if (priv->ip6_config) + vpn6_parent_config = nm_ip6_config_new (priv->ip_ifindex); + } else { + int ifindex; - if (priv->ip_ifindex <= 0) { /* If the VPN didn't return a network interface, it is a route-based * VPN (like kernel IPSec) and all IP addressing and routing should * be done on the parent interface instead. */ - if (vpn4_parent_config) + /* Also clear the gateway. We don't configure the gateway as part of the + * vpn-config. Instead we tell NMDefaultRouteManager directly about the + * default route. */ + ifindex = nm_device_get_ip_ifindex (parent_dev); + if (priv->ip4_config) { + vpn4_parent_config = nm_ip4_config_new (ifindex); nm_ip4_config_merge (vpn4_parent_config, priv->ip4_config); - if (vpn6_parent_config) + nm_ip4_config_set_gateway (vpn4_parent_config, 0); + } + if (priv->ip6_config) { + vpn6_parent_config = nm_ip6_config_new (ifindex); nm_ip6_config_merge (vpn6_parent_config, priv->ip6_config); + nm_ip6_config_set_gateway (vpn6_parent_config, NULL); + } } if (vpn4_parent_config) { @@ -1182,12 +1194,12 @@ nm_vpn_connection_ip4_config_get (NMVpnConnection *self, GVariant *dict) memset (&address, 0, sizeof (address)); address.plen = 24; - if (priv->ip4_external_gw) - nm_ip4_config_set_gateway (config, priv->ip4_external_gw); /* Internal address of the VPN subnet's gateway */ - if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, "u", &u32)) + if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_INT_GATEWAY, "u", &u32)) { priv->ip4_internal_gw = u32; + nm_ip4_config_set_gateway (config, priv->ip4_internal_gw); + } if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, "u", &u32)) address.address = u32; @@ -1308,13 +1320,12 @@ nm_vpn_connection_ip6_config_get (NMVpnConnection *self, GVariant *dict) memset (&address, 0, sizeof (address)); address.plen = 128; - if (priv->ip6_external_gw) - nm_ip6_config_set_gateway (config, priv->ip6_external_gw); /* Internal address of the VPN subnet's gateway */ g_clear_pointer (&priv->ip6_internal_gw, g_free); if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP6_CONFIG_INT_GATEWAY, "@ay", &v)) { priv->ip6_internal_gw = ip6_addr_dup_from_variant (v); + nm_ip6_config_set_gateway (config, priv->ip6_internal_gw); g_variant_unref (v); } |