diff options
author | Thomas Haller <thaller@redhat.com> | 2019-01-13 14:21:59 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-01-22 16:30:23 +0100 |
commit | 6f8c7b580d9f3cb712cfdc0a274aa7633e949609 (patch) | |
tree | fd972edc8d4727bcaedb5b615ef9777e2fbda541 | |
parent | 78ce4307c0087a8f86c78235300a503bc271930f (diff) | |
download | NetworkManager-6f8c7b580d9f3cb712cfdc0a274aa7633e949609.tar.gz |
platform: add @replace_peers argument to nm_platform_link_wireguard_change()
The caller may not wish to replace existing peers, but only update/add
the peers explicitly passed to nm_platform_link_wireguard_change().
I think that is in particular interesting, because for the most part
NetworkManager will configure the same set of peers over and over again
(whenever we resolve the DNS name of an IP endpoint of the WireGuard
peer).
At that point, it seems disruptive to drop all peers and re-add them
again. Setting @replace_peers to %FALSE allows to only update/add.
-rw-r--r-- | src/platform/nm-linux-platform.c | 9 | ||||
-rw-r--r-- | src/platform/nm-platform.c | 11 | ||||
-rw-r--r-- | src/platform/nm-platform.h | 6 | ||||
-rw-r--r-- | src/platform/tests/test-link.c | 3 |
4 files changed, 20 insertions, 9 deletions
diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c index ce50d920c5..85214ec854 100644 --- a/src/platform/nm-linux-platform.c +++ b/src/platform/nm-linux-platform.c @@ -2374,6 +2374,7 @@ _wireguard_create_change_nlmsgs (NMPlatform *platform, const NMPlatformLnkWireGuard *lnk_wireguard, const NMPWireGuardPeer *peers, guint peers_len, + gboolean replace_peers, GPtrArray **out_msgs) { gs_unref_ptrarray GPtrArray *msgs = NULL; @@ -2422,7 +2423,9 @@ again: NLA_PUT (msg, WGDEVICE_A_PRIVATE_KEY, sizeof (lnk_wireguard->private_key), lnk_wireguard->private_key); NLA_PUT_U16 (msg, WGDEVICE_A_LISTEN_PORT, lnk_wireguard->listen_port); NLA_PUT_U32 (msg, WGDEVICE_A_FWMARK, lnk_wireguard->fwmark); - NLA_PUT_U32 (msg, WGDEVICE_A_FLAGS, WGDEVICE_F_REPLACE_PEERS); + + NLA_PUT_U32 (msg, WGDEVICE_A_FLAGS, + replace_peers ? WGDEVICE_F_REPLACE_PEERS : ((guint32) 0u)); } if (peers_len == 0) @@ -2552,7 +2555,8 @@ link_wireguard_change (NMPlatform *platform, int ifindex, const NMPlatformLnkWireGuard *lnk_wireguard, const NMPWireGuardPeer *peers, - guint peers_len) + guint peers_len, + gboolean replace_peers) { NMLinuxPlatformPrivate *priv = NM_LINUX_PLATFORM_GET_PRIVATE (platform); gs_unref_ptrarray GPtrArray *msgs = NULL; @@ -2570,6 +2574,7 @@ link_wireguard_change (NMPlatform *platform, lnk_wireguard, peers, peers_len, + replace_peers, &msgs); if (r < 0) { _LOGW ("wireguard: set-device, cannot construct netlink message: %s", nm_strerror (r)); diff --git a/src/platform/nm-platform.c b/src/platform/nm-platform.c index 73189f44c2..4bb31b1742 100644 --- a/src/platform/nm-platform.c +++ b/src/platform/nm-platform.c @@ -1998,7 +1998,8 @@ nm_platform_link_wireguard_change (NMPlatform *self, int ifindex, const NMPlatformLnkWireGuard *lnk_wireguard, const NMPWireGuardPeer *peers, - guint peers_len) + guint peers_len, + gboolean replace_peers) { _CHECK_SELF (self, klass, -NME_BUG); @@ -2024,18 +2025,20 @@ nm_platform_link_wireguard_change (NMPlatform *self, nm_utils_strbuf_append_str (&b, &len, "}"); } - _LOG3D ("link: change wireguard ifindex %d, %s, %u peers%s", + _LOG3D ("link: change wireguard ifindex %d, %s, %u peers%s%s", ifindex, nm_platform_lnk_wireguard_to_string (lnk_wireguard, buf_lnk, sizeof (buf_lnk)), peers_len, - buf_peers); + buf_peers, + replace_peers ? " (replace-peers)" : " (update-peers)"); } return klass->link_wireguard_change (self, ifindex, lnk_wireguard, peers, - peers_len); + peers_len, + replace_peers); } /*****************************************************************************/ diff --git a/src/platform/nm-platform.h b/src/platform/nm-platform.h index 1f136da582..412ac597ab 100644 --- a/src/platform/nm-platform.h +++ b/src/platform/nm-platform.h @@ -831,7 +831,8 @@ typedef struct { int ifindex, const NMPlatformLnkWireGuard *lnk_wireguard, const struct _NMPWireGuardPeer *peers, - guint peers_len); + guint peers_len, + gboolean replace_peers); gboolean (*vlan_add) (NMPlatform *, const char *name, int parent, int vlanid, guint32 vlanflags, const NMPlatformLink **out_link); gboolean (*link_vlan_change) (NMPlatform *self, @@ -1393,7 +1394,8 @@ int nm_platform_link_wireguard_change (NMPlatform *self, int ifindex, const NMPlatformLnkWireGuard *lnk_wireguard, const struct _NMPWireGuardPeer *peers, - guint peers_len); + guint peers_len, + gboolean replace_peers); const NMPlatformIP6Address *nm_platform_ip6_address_get (NMPlatform *self, int ifindex, struct in6_addr address); diff --git a/src/platform/tests/test-link.c b/src/platform/tests/test-link.c index 031bb79a25..bfd330580a 100644 --- a/src/platform/tests/test-link.c +++ b/src/platform/tests/test-link.c @@ -912,7 +912,8 @@ _test_wireguard_change (NMPlatform *platform, ifindex, &lnk_wireguard, (const NMPWireGuardPeer *) peers->data, - peers->len); + peers->len, + TRUE); g_assert (NMTST_NM_ERR_SUCCESS (r)); } |