diff options
author | Thomas Haller <thaller@redhat.com> | 2019-03-04 09:26:23 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-03-05 12:23:59 +0100 |
commit | 2d34d06e5fb3b1de63f70416aa32c362ad5cdd67 (patch) | |
tree | dc8f195e3fd8307125a4b3c7a836a1dfcc38d31c /libnm-core | |
parent | 89d40d65792560d612e0a756ec682cc9bd246bfe (diff) | |
download | NetworkManager-2d34d06e5fb3b1de63f70416aa32c362ad5cdd67.tar.gz |
wireguard: add "peer-routes" setting for WireGuard profiles
This setting is not yet implemented.
This adds new API for 1.16.0 and is an ABI break since 1.16-rc1.
(cherry picked from commit d719ad31f096583c501af3bea01a01ffd72337d5)
Diffstat (limited to 'libnm-core')
-rw-r--r-- | libnm-core/nm-setting-wireguard.c | 45 | ||||
-rw-r--r-- | libnm-core/nm-setting-wireguard.h | 4 |
2 files changed, 49 insertions, 0 deletions
diff --git a/libnm-core/nm-setting-wireguard.c b/libnm-core/nm-setting-wireguard.c index 317f30f845..1b158a3215 100644 --- a/libnm-core/nm-setting-wireguard.c +++ b/libnm-core/nm-setting-wireguard.c @@ -853,6 +853,7 @@ NM_GOBJECT_PROPERTIES_DEFINE_BASE ( PROP_FWMARK, PROP_LISTEN_PORT, PROP_MTU, + PROP_PEER_ROUTES, PROP_PRIVATE_KEY, PROP_PRIVATE_KEY_FLAGS, ); @@ -866,6 +867,7 @@ typedef struct { guint32 mtu; guint16 listen_port; bool private_key_valid:1; + bool peer_routes:1; } NMSettingWireGuardPrivate; /** @@ -981,6 +983,22 @@ nm_setting_wireguard_get_listen_port (NMSettingWireGuard *self) } /** + * nm_setting_wireguard_get_peer_routes: + * @self: the #NMSettingWireGuard instance + * + * Returns: whether automatically add peer routes. + * + * Since: 1.16 + */ +gboolean +nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self) +{ + g_return_val_if_fail (NM_IS_SETTING_WIREGUARD (self), TRUE); + + return NM_SETTING_WIREGUARD_GET_PRIVATE (self)->peer_routes; +} + +/** * nm_setting_wireguard_get_mtu: * @self: the #NMSettingWireGuard instance * @@ -2187,6 +2205,9 @@ get_property (GObject *object, guint prop_id, case PROP_MTU: g_value_set_uint (value, priv->mtu); break; + case PROP_PEER_ROUTES: + g_value_set_boolean (value, priv->peer_routes); + break; case PROP_PRIVATE_KEY: g_value_set_string (value, priv->private_key); break; @@ -2216,6 +2237,9 @@ set_property (GObject *object, guint prop_id, case PROP_MTU: priv->mtu = g_value_get_uint (value); break; + case PROP_PEER_ROUTES: + priv->peer_routes = g_value_get_boolean (value); + break; case PROP_PRIVATE_KEY: nm_clear_pointer (&priv->private_key, nm_free_secret); str = g_value_get_string (value); @@ -2248,6 +2272,7 @@ nm_setting_wireguard_init (NMSettingWireGuard *setting) priv->peers_arr = g_ptr_array_new (); priv->peers_hash = g_hash_table_new (nm_pstr_hash, nm_pstr_equal); + priv->peer_routes = TRUE; } /** @@ -2363,6 +2388,26 @@ nm_setting_wireguard_class_init (NMSettingWireGuardClass *klass) | G_PARAM_STATIC_STRINGS); /** + * NMSettingWireGuard:peer-routes: + * + * Whether to automatically add routes for the AllowedIPs ranges + * of the peers. If %TRUE (the default), NetworkManager will automatically + * add routes in the routing tables according to ipv4.route-table and + * ipv6.route-table. + * If %FALSE, no such routes are added automatically. In this case, the + * user may want to configure static routes in ipv4.routes and ipv6.routes, + * respectively. + * + * Since: 1.16 + **/ + obj_properties[PROP_PEER_ROUTES] = + g_param_spec_boolean (NM_SETTING_WIREGUARD_PEER_ROUTES, "", "", + TRUE, + G_PARAM_READWRITE + | NM_SETTING_PARAM_INFERRABLE + | G_PARAM_STATIC_STRINGS); + + /** * NMSettingWireGuard:mtu: * * If non-zero, only transmit packets of the specified size or smaller, diff --git a/libnm-core/nm-setting-wireguard.h b/libnm-core/nm-setting-wireguard.h index 257439267c..17fb4664c3 100644 --- a/libnm-core/nm-setting-wireguard.h +++ b/libnm-core/nm-setting-wireguard.h @@ -134,6 +134,7 @@ int nm_wireguard_peer_cmp (const NMWireGuardPeer *a, #define NM_SETTING_WIREGUARD_PEERS "peers" #define NM_SETTING_WIREGUARD_MTU "mtu" +#define NM_SETTING_WIREGUARD_PEER_ROUTES "peer-routes" #define NM_WIREGUARD_PEER_ATTR_ALLOWED_IPS "allowed-ips" #define NM_WIREGUARD_PEER_ATTR_ENDPOINT "endpoint" @@ -197,6 +198,9 @@ NM_AVAILABLE_IN_1_16 guint nm_setting_wireguard_clear_peers (NMSettingWireGuard *self); NM_AVAILABLE_IN_1_16 +gboolean nm_setting_wireguard_get_peer_routes (NMSettingWireGuard *self); + +NM_AVAILABLE_IN_1_16 guint32 nm_setting_wireguard_get_mtu (NMSettingWireGuard *self); /*****************************************************************************/ |