wireguard: add "peer-routes" setting for WireGuard profiles

This setting is not yet implemented. This adds new API for 1.16.0 and is an ABI break since 1.16-rc1. (cherry picked from commit d719ad31f096583c501af3bea01a01ffd72337d5)
author: Thomas Haller <thaller@redhat.com> 2019-03-04 09:26:23 +0100
committer: Thomas Haller <thaller@redhat.com> 2019-03-05 12:23:59 +0100
commit: 2d34d06e5fb3b1de63f70416aa32c362ad5cdd67 (patch)
tree: dc8f195e3fd8307125a4b3c7a836a1dfcc38d31c /libnm-core
parent: 89d40d65792560d612e0a756ec682cc9bd246bfe (diff)
download: NetworkManager-2d34d06e5fb3b1de63f70416aa32c362ad5cdd67.tar.gz
2 files changed, 49 insertions, 0 deletions
diff --git a/libnm-core/nm-setting-wireguard.c b/libnm-core/nm-setting-wireguard.c
index 317f30f845..1b158a3215 100644
--- a/libnm-core/nm-setting-wireguard.c
+++ b/libnm-core/nm-setting-wireguard.c
@@ -853,6 +853,7 @@ NM_GOBJECT_PROPERTIES_DEFINE_BASE (
 	PROP_FWMARK,
 	PROP_LISTEN_PORT,
 	PROP_MTU,
+	PROP_PEER_ROUTES,
 	PROP_PRIVATE_KEY,
 	PROP_PRIVATE_KEY_FLAGS,
 );
@@ -866,6 +867,7 @@ typedef struct {
 	guint32 mtu;
 	guint16 listen_port;
 	bool private_key_valid:1;
+	bool peer_routes:1;
 } NMSettingWireGuardPrivate;
 
 /**
@@ -981,6 +983,22 @@ nm_setting_wireguard_get_listen_port (NMSettingWireGuard *self)
 }
 
 /**
+ * nm_setting_wireguard_get_peer_routes:
+ * @self: the #NMSettingWireGuard instance
+ *
+ * Returns: whether automatically add peer routes.
+ *
+ * Since: 1.16
+ */
+gboolean
+nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self)
+{
+	g_return_val_if_fail (NM_IS_SETTING_WIREGUARD (self), TRUE);
+
+	return NM_SETTING_WIREGUARD_GET_PRIVATE (self)->peer_routes;
+}
+
+/**
  * nm_setting_wireguard_get_mtu:
  * @self: the #NMSettingWireGuard instance
  *
@@ -2187,6 +2205,9 @@ get_property (GObject *object, guint prop_id,
 	case PROP_MTU:
 		g_value_set_uint (value, priv->mtu);
 		break;
+	case PROP_PEER_ROUTES:
+		g_value_set_boolean (value, priv->peer_routes);
+		break;
 	case PROP_PRIVATE_KEY:
 		g_value_set_string (value, priv->private_key);
 		break;
@@ -2216,6 +2237,9 @@ set_property (GObject *object, guint prop_id,
 	case PROP_MTU:
 		priv->mtu = g_value_get_uint (value);
 		break;
+	case PROP_PEER_ROUTES:
+		priv->peer_routes = g_value_get_boolean (value);
+		break;
 	case PROP_PRIVATE_KEY:
 		nm_clear_pointer (&priv->private_key, nm_free_secret);
 		str = g_value_get_string (value);
@@ -2248,6 +2272,7 @@ nm_setting_wireguard_init (NMSettingWireGuard *setting)
 
 	priv->peers_arr = g_ptr_array_new ();
 	priv->peers_hash = g_hash_table_new (nm_pstr_hash, nm_pstr_equal);
+	priv->peer_routes = TRUE;
 }
 
 /**
@@ -2363,6 +2388,26 @@ nm_setting_wireguard_class_init (NMSettingWireGuardClass *klass)
 	                       | G_PARAM_STATIC_STRINGS);
 
 	/**
+	 * NMSettingWireGuard:peer-routes:
+	 *
+	 * Whether to automatically add routes for the AllowedIPs ranges
+	 * of the peers. If %TRUE (the default), NetworkManager will automatically
+	 * add routes in the routing tables according to ipv4.route-table and
+	 * ipv6.route-table.
+	 * If %FALSE, no such routes are added automatically. In this case, the
+	 * user may want to configure static routes in ipv4.routes and ipv6.routes,
+	 * respectively.
+	 *
+	 * Since: 1.16
+	 **/
+	obj_properties[PROP_PEER_ROUTES] =
+	    g_param_spec_boolean (NM_SETTING_WIREGUARD_PEER_ROUTES, "", "",
+	                          TRUE,
+	                            G_PARAM_READWRITE
+	                          | NM_SETTING_PARAM_INFERRABLE
+	                          | G_PARAM_STATIC_STRINGS);
+
+	/**
 	 * NMSettingWireGuard:mtu:
 	 *
 	 * If non-zero, only transmit packets of the specified size or smaller,
diff --git a/libnm-core/nm-setting-wireguard.h b/libnm-core/nm-setting-wireguard.h
index 257439267c..17fb4664c3 100644
--- a/libnm-core/nm-setting-wireguard.h
+++ b/libnm-core/nm-setting-wireguard.h
@@ -134,6 +134,7 @@ int nm_wireguard_peer_cmp (const NMWireGuardPeer *a,
 #define NM_SETTING_WIREGUARD_PEERS             "peers"
 
 #define NM_SETTING_WIREGUARD_MTU               "mtu"
+#define NM_SETTING_WIREGUARD_PEER_ROUTES       "peer-routes"
 
 #define NM_WIREGUARD_PEER_ATTR_ALLOWED_IPS          "allowed-ips"
 #define NM_WIREGUARD_PEER_ATTR_ENDPOINT             "endpoint"
@@ -197,6 +198,9 @@ NM_AVAILABLE_IN_1_16
 guint nm_setting_wireguard_clear_peers (NMSettingWireGuard *self);
 
 NM_AVAILABLE_IN_1_16
+gboolean nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self);
+
+NM_AVAILABLE_IN_1_16
 guint32 nm_setting_wireguard_get_mtu (NMSettingWireGuard *self);
 
 /*****************************************************************************/
author	Thomas Haller <thaller@redhat.com>	2019-03-04 09:26:23 +0100
committer	Thomas Haller <thaller@redhat.com>	2019-03-05 12:23:59 +0100
commit	2d34d06e5fb3b1de63f70416aa32c362ad5cdd67 (patch)
tree	dc8f195e3fd8307125a4b3c7a836a1dfcc38d31c /libnm-core
parent	89d40d65792560d612e0a756ec682cc9bd246bfe (diff)
download	NetworkManager-2d34d06e5fb3b1de63f70416aa32c362ad5cdd67.tar.gz