/* SPDX-License-Identifier: LGPL-2.1-or-later */ /* * Copyright (C) 2007 - 2017 Red Hat, Inc. * Copyright (C) 2007 - 2008 Novell, Inc. */ #include "libnm-core-impl/nm-default-libnm-core.h" #include "nm-setting-ip-config.h" #include #include #include "libnm-base/nm-net-aux.h" #include "libnm-glib-aux/nm-str-buf.h" #include "nm-setting-ip4-config.h" #include "nm-setting-ip6-config.h" #include "nm-utils.h" #include "nm-setting-private.h" #include "nm-utils-private.h" /** * SECTION:nm-setting-ip-config * @short_description: Abstract base class for IPv4 and IPv6 * addressing, routing, and name service properties * @include: nm-setting-ip-config.h * @see_also: #NMSettingIP4Config, #NMSettingIP6Config * * #NMSettingIPConfig is the abstract base class of * #NMSettingIP4Config and #NMSettingIP6Config, providing properties * related to IP addressing, routing, and Domain Name Service. **/ /*****************************************************************************/ const NMUtilsDNSOptionDesc _nm_utils_dns_option_descs[] = { {NM_SETTING_DNS_OPTION_DEBUG, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_NDOTS, TRUE, FALSE}, {NM_SETTING_DNS_OPTION_TIMEOUT, TRUE, FALSE}, {NM_SETTING_DNS_OPTION_ATTEMPTS, TRUE, FALSE}, {NM_SETTING_DNS_OPTION_ROTATE, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_NO_CHECK_NAMES, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_INET6, FALSE, TRUE}, {NM_SETTING_DNS_OPTION_IP6_BYTESTRING, FALSE, TRUE}, {NM_SETTING_DNS_OPTION_IP6_DOTINT, FALSE, TRUE}, {NM_SETTING_DNS_OPTION_NO_IP6_DOTINT, FALSE, TRUE}, {NM_SETTING_DNS_OPTION_EDNS0, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_SINGLE_REQUEST, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_SINGLE_REQUEST_REOPEN, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_NO_TLD_QUERY, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_USE_VC, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_NO_RELOAD, FALSE, FALSE}, {NM_SETTING_DNS_OPTION_TRUST_AD, FALSE, FALSE}, {NULL, FALSE, FALSE}}; static char * canonicalize_ip(int family, const char *ip, gboolean null_any) { guint8 addr_bytes[sizeof(struct in6_addr)]; char addr_str[NM_UTILS_INET_ADDRSTRLEN]; int ret; if (!ip) { if (null_any) return NULL; if (family == AF_INET) return g_strdup("0.0.0.0"); if (family == AF_INET6) return g_strdup("::"); g_return_val_if_reached(NULL); } ret = inet_pton(family, ip, addr_bytes); g_return_val_if_fail(ret == 1, NULL); if (null_any) { if (!memcmp(addr_bytes, &in6addr_any, nm_utils_addr_family_to_size(family))) return NULL; } return g_strdup(inet_ntop(family, addr_bytes, addr_str, sizeof(addr_str))); } static char * canonicalize_ip_binary(int family, gconstpointer ip, gboolean null_any) { char string[NM_UTILS_INET_ADDRSTRLEN]; if (!ip) { if (null_any) return NULL; if (family == AF_INET) return g_strdup("0.0.0.0"); if (family == AF_INET6) return g_strdup("::"); g_return_val_if_reached(NULL); } if (null_any) { if (!memcmp(ip, &in6addr_any, nm_utils_addr_family_to_size(family))) return NULL; } return g_strdup(inet_ntop(family, ip, string, sizeof(string))); } static gboolean valid_ip(int family, const char *ip, GError **error) { if (!ip) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("Missing IPv4 address") : _("Missing IPv6 address")); return FALSE; } if (!nm_utils_ipaddr_is_valid(family, ip)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("Invalid IPv4 address '%s'") : _("Invalid IPv6 address '%s'"), ip); return FALSE; } else return TRUE; } static gboolean valid_prefix(int family, guint prefix, GError **error) { if ((family == AF_INET && prefix <= 32) || (family == AF_INET6 && prefix <= 128)) return TRUE; g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("Invalid IPv4 address prefix '%u'") : _("Invalid IPv6 address prefix '%u'"), prefix); return FALSE; } static gboolean valid_metric(gint64 metric, GError **error) { if (metric < -1 || metric > G_MAXUINT32) { if (error) { char buf[64]; /* We can't concatenate G_GINT64_FORMAT into a translatable string */ g_snprintf(buf, sizeof(buf), "%" G_GINT64_FORMAT, metric); g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("Invalid routing metric '%s'"), buf); } return FALSE; } return TRUE; } /***************************************************************************** * NMIPAddress *****************************************************************************/ G_DEFINE_BOXED_TYPE(NMIPAddress, nm_ip_address, nm_ip_address_dup, nm_ip_address_unref) struct NMIPAddress { guint refcount; char *address; int prefix, family; GHashTable *attributes; }; /** * nm_ip_address_new: * @family: the IP address family (AF_INET or * AF_INET6) * @addr: the IP address * @prefix: the address prefix length * @error: location to store error, or %NULL * * Creates a new #NMIPAddress object. * * Returns: (transfer full): the new #NMIPAddress object, or %NULL on error **/ NMIPAddress * nm_ip_address_new(int family, const char *addr, guint prefix, GError **error) { NMIPAddress *address; g_return_val_if_fail(family == AF_INET || family == AF_INET6, NULL); g_return_val_if_fail(addr != NULL, NULL); if (!valid_ip(family, addr, error)) return NULL; if (!valid_prefix(family, prefix, error)) return NULL; address = g_slice_new0(NMIPAddress); address->refcount = 1; address->family = family; address->address = canonicalize_ip(family, addr, FALSE); address->prefix = prefix; return address; } /** * nm_ip_address_new_binary: * @family: the IP address family (AF_INET or * AF_INET6) * @addr: the IP address * @prefix: the address prefix length * @error: location to store error, or %NULL * * Creates a new #NMIPAddress object. @addr must point to a buffer of the * correct size for @family. * * Returns: (transfer full): the new #NMIPAddress object, or %NULL on error **/ NMIPAddress * nm_ip_address_new_binary(int family, gconstpointer addr, guint prefix, GError **error) { NMIPAddress *address; char string[NM_UTILS_INET_ADDRSTRLEN]; g_return_val_if_fail(family == AF_INET || family == AF_INET6, NULL); g_return_val_if_fail(addr != NULL, NULL); if (!valid_prefix(family, prefix, error)) return NULL; address = g_slice_new0(NMIPAddress); address->refcount = 1; address->family = family; address->address = g_strdup(inet_ntop(family, addr, string, sizeof(string))); address->prefix = prefix; return address; } /** * nm_ip_address_ref: * @address: the #NMIPAddress * * Increases the reference count of the object. **/ void nm_ip_address_ref(NMIPAddress *address) { g_return_if_fail(address != NULL); g_return_if_fail(address->refcount > 0); address->refcount++; } /** * nm_ip_address_unref: * @address: the #NMIPAddress * * Decreases the reference count of the object. If the reference count * reaches zero, the object will be destroyed. **/ void nm_ip_address_unref(NMIPAddress *address) { g_return_if_fail(address != NULL); g_return_if_fail(address->refcount > 0); address->refcount--; if (address->refcount == 0) { g_free(address->address); if (address->attributes) g_hash_table_unref(address->attributes); g_slice_free(NMIPAddress, address); } } /** * nm_ip_address_cmp_full: * @a: the #NMIPAddress * @b: the #NMIPAddress to compare @address to. * @cmp_flags: the #NMIPAddressCmpFlags that indicate what to compare. * * Note that with @cmp_flags #NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS, there * is no total order for comparing GVariant. That means, if the two addresses * only differ by their attributes, the sort order is undefined and the return * value only indicates equality. * * Returns: 0 if the two objects have the same values (according to their flags) * or a integer indicating the compare order. **/ int nm_ip_address_cmp_full(const NMIPAddress *a, const NMIPAddress *b, NMIPAddressCmpFlags cmp_flags) { g_return_val_if_fail(!a || a->refcount > 0, 0); g_return_val_if_fail(!b || b->refcount > 0, 0); g_return_val_if_fail(!NM_FLAGS_ANY(cmp_flags, ~NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS), 0); NM_CMP_SELF(a, b); NM_CMP_FIELD(a, b, family); NM_CMP_FIELD(a, b, prefix); NM_CMP_FIELD_STR(a, b, address); if (NM_FLAGS_HAS(cmp_flags, NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS)) { GHashTableIter iter; const char * key; GVariant * value, *value2; guint n; n = a->attributes ? g_hash_table_size(a->attributes) : 0u; NM_CMP_DIRECT(n, (b->attributes ? g_hash_table_size(b->attributes) : 0u)); if (n > 0) { g_hash_table_iter_init(&iter, a->attributes); while (g_hash_table_iter_next(&iter, (gpointer *) &key, (gpointer *) &value)) { value2 = g_hash_table_lookup(b->attributes, key); /* We cannot really compare GVariants, because g_variant_compare() does * not work in general. So, don't bother. NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS is * documented to not provide a total order for the attribute contents. * * Theoretically, we can implement also a total order. However we should * not do that by default because it would require us to sort the keys * first. Most callers don't care about total order, so they shouldn't * pay the overhead. */ if (!value2) return -2; if (!g_variant_equal(value, value2)) return -2; } } } return 0; } /** * nm_ip_address_equal: * @address: the #NMIPAddress * @other: the #NMIPAddress to compare @address to. * * Determines if two #NMIPAddress objects contain the same address and prefix * (attributes are not compared). * * Returns: %TRUE if the objects contain the same values, %FALSE if they do not. **/ gboolean nm_ip_address_equal(NMIPAddress *address, NMIPAddress *other) { return nm_ip_address_cmp_full(address, other, NM_IP_ADDRESS_CMP_FLAGS_NONE) == 0; } /** * nm_ip_address_dup: * @address: the #NMIPAddress * * Creates a copy of @address * * Returns: (transfer full): a copy of @address **/ NMIPAddress * nm_ip_address_dup(NMIPAddress *address) { NMIPAddress *copy; g_return_val_if_fail(address != NULL, NULL); g_return_val_if_fail(address->refcount > 0, NULL); copy = nm_ip_address_new(address->family, address->address, address->prefix, NULL); if (address->attributes) { GHashTableIter iter; const char * key; GVariant * value; g_hash_table_iter_init(&iter, address->attributes); while (g_hash_table_iter_next(&iter, (gpointer *) &key, (gpointer *) &value)) nm_ip_address_set_attribute(copy, key, value); } return copy; } /** * nm_ip_address_get_family: * @address: the #NMIPAddress * * Gets the IP address family (eg, AF_INET) property of this address * object. * * Returns: the IP address family **/ int nm_ip_address_get_family(NMIPAddress *address) { g_return_val_if_fail(address != NULL, 0); g_return_val_if_fail(address->refcount > 0, 0); return address->family; } /** * nm_ip_address_get_address: * @address: the #NMIPAddress * * Gets the IP address property of this address object. * * Returns: the IP address **/ const char * nm_ip_address_get_address(NMIPAddress *address) { g_return_val_if_fail(address != NULL, NULL); g_return_val_if_fail(address->refcount > 0, NULL); return address->address; } /** * nm_ip_address_set_address: * @address: the #NMIPAddress * @addr: the IP address, as a string * * Sets the IP address property of this address object. * * @addr must be a valid address of @address's family. If you aren't sure you * have a valid address, use nm_utils_ipaddr_valid() to check it. **/ void nm_ip_address_set_address(NMIPAddress *address, const char *addr) { g_return_if_fail(address != NULL); g_return_if_fail(addr != NULL); g_return_if_fail(nm_utils_ipaddr_is_valid(address->family, addr)); g_free(address->address); address->address = canonicalize_ip(address->family, addr, FALSE); } /** * nm_ip_address_get_address_binary: (skip) * @address: the #NMIPAddress * @addr: a buffer in which to store the address in binary format. * * Gets the IP address property of this address object. * * @addr must point to a buffer that is the correct size for @address's family. **/ void nm_ip_address_get_address_binary(NMIPAddress *address, gpointer addr) { g_return_if_fail(address != NULL); g_return_if_fail(addr != NULL); inet_pton(address->family, address->address, addr); } /** * nm_ip_address_set_address_binary: (skip) * @address: the #NMIPAddress * @addr: the address, in binary format * * Sets the IP address property of this address object. * * @addr must point to a buffer that is the correct size for @address's family. **/ void nm_ip_address_set_address_binary(NMIPAddress *address, gconstpointer addr) { char string[NM_UTILS_INET_ADDRSTRLEN]; g_return_if_fail(address != NULL); g_return_if_fail(addr != NULL); g_free(address->address); address->address = g_strdup(inet_ntop(address->family, addr, string, sizeof(string))); } /** * nm_ip_address_get_prefix: * @address: the #NMIPAddress * * Gets the IP address prefix (ie "24" or "30" etc) property of this address * object. * * Returns: the IP address prefix **/ guint nm_ip_address_get_prefix(NMIPAddress *address) { g_return_val_if_fail(address != NULL, 0); g_return_val_if_fail(address->refcount > 0, 0); return address->prefix; } /** * nm_ip_address_set_prefix: * @address: the #NMIPAddress * @prefix: the IP address prefix * * Sets the IP address prefix property of this address object. **/ void nm_ip_address_set_prefix(NMIPAddress *address, guint prefix) { g_return_if_fail(address != NULL); g_return_if_fail(valid_prefix(address->family, prefix, NULL)); address->prefix = prefix; } const char ** _nm_ip_address_get_attribute_names(const NMIPAddress *address, gboolean sorted, guint *out_length) { nm_assert(address); return nm_utils_strdict_get_keys(address->attributes, sorted, out_length); } /** * nm_ip_address_get_attribute_names: * @address: the #NMIPAddress * * Gets an array of attribute names defined on @address. * * Returns: (transfer full): a %NULL-terminated array of attribute names, **/ char ** nm_ip_address_get_attribute_names(NMIPAddress *address) { const char **names; g_return_val_if_fail(address, NULL); names = _nm_ip_address_get_attribute_names(address, TRUE, NULL); return nm_utils_strv_make_deep_copied_nonnull(names); } /** * nm_ip_address_get_attribute: * @address: the #NMIPAddress * @name: the name of an address attribute * * Gets the value of the attribute with name @name on @address * * Returns: (transfer none): the value of the attribute with name @name on * @address, or %NULL if @address has no such attribute. **/ GVariant * nm_ip_address_get_attribute(NMIPAddress *address, const char *name) { g_return_val_if_fail(address != NULL, NULL); g_return_val_if_fail(name != NULL && *name != '\0', NULL); if (address->attributes) return g_hash_table_lookup(address->attributes, name); else return NULL; } /** * nm_ip_address_set_attribute: * @address: the #NMIPAddress * @name: the name of an address attribute * @value: (transfer none) (allow-none): the value * * Sets or clears the named attribute on @address to the given value. **/ void nm_ip_address_set_attribute(NMIPAddress *address, const char *name, GVariant *value) { g_return_if_fail(address != NULL); g_return_if_fail(name != NULL && *name != '\0'); g_return_if_fail(strcmp(name, "address") != 0 && strcmp(name, "prefix") != 0); if (!address->attributes) { address->attributes = g_hash_table_new_full(nm_str_hash, g_str_equal, g_free, (GDestroyNotify) g_variant_unref); } if (value) g_hash_table_insert(address->attributes, g_strdup(name), g_variant_ref_sink(value)); else g_hash_table_remove(address->attributes, name); } /***************************************************************************** * NMIPRoute *****************************************************************************/ G_DEFINE_BOXED_TYPE(NMIPRoute, nm_ip_route, nm_ip_route_dup, nm_ip_route_unref) struct NMIPRoute { guint refcount; int family; char * dest; guint prefix; char * next_hop; gint64 metric; GHashTable *attributes; }; /** * nm_ip_route_new: * @family: the IP address family (AF_INET or * AF_INET6) * @dest: the IP address of the route's destination * @prefix: the address prefix length * @next_hop: (allow-none): the IP address of the next hop (or %NULL) * @metric: the route metric (or -1 for "default") * @error: location to store error, or %NULL * * Creates a new #NMIPRoute object. * * Returns: (transfer full): the new #NMIPRoute object, or %NULL on error **/ NMIPRoute * nm_ip_route_new(int family, const char *dest, guint prefix, const char *next_hop, gint64 metric, GError ** error) { NMIPRoute *route; g_return_val_if_fail(family == AF_INET || family == AF_INET6, NULL); g_return_val_if_fail(dest, NULL); if (!valid_ip(family, dest, error)) return NULL; if (!valid_prefix(family, prefix, error)) return NULL; if (next_hop && !valid_ip(family, next_hop, error)) return NULL; if (!valid_metric(metric, error)) return NULL; route = g_slice_new0(NMIPRoute); route->refcount = 1; route->family = family; route->dest = canonicalize_ip(family, dest, FALSE); route->prefix = prefix; route->next_hop = canonicalize_ip(family, next_hop, TRUE); route->metric = metric; return route; } /** * nm_ip_route_new_binary: * @family: the IP address family (AF_INET or * AF_INET6) * @dest: the IP address of the route's destination * @prefix: the address prefix length * @next_hop: (allow-none): the IP address of the next hop (or %NULL) * @metric: the route metric (or -1 for "default") * @error: location to store error, or %NULL * * Creates a new #NMIPRoute object. @dest and @next_hop (if non-%NULL) must * point to buffers of the correct size for @family. * * Returns: (transfer full): the new #NMIPRoute object, or %NULL on error **/ NMIPRoute * nm_ip_route_new_binary(int family, gconstpointer dest, guint prefix, gconstpointer next_hop, gint64 metric, GError ** error) { NMIPRoute *route; g_return_val_if_fail(family == AF_INET || family == AF_INET6, NULL); g_return_val_if_fail(dest, NULL); if (!valid_prefix(family, prefix, error)) return NULL; if (!valid_metric(metric, error)) return NULL; route = g_slice_new0(NMIPRoute); route->refcount = 1; route->family = family; route->dest = canonicalize_ip_binary(family, dest, FALSE); route->prefix = prefix; route->next_hop = canonicalize_ip_binary(family, next_hop, TRUE); route->metric = metric; return route; } /** * nm_ip_route_ref: * @route: the #NMIPRoute * * Increases the reference count of the object. **/ void nm_ip_route_ref(NMIPRoute *route) { g_return_if_fail(route != NULL); g_return_if_fail(route->refcount > 0); route->refcount++; } /** * nm_ip_route_unref: * @route: the #NMIPRoute * * Decreases the reference count of the object. If the reference count * reaches zero, the object will be destroyed. **/ void nm_ip_route_unref(NMIPRoute *route) { g_return_if_fail(route != NULL); g_return_if_fail(route->refcount > 0); route->refcount--; if (route->refcount == 0) { g_free(route->dest); g_free(route->next_hop); if (route->attributes) g_hash_table_unref(route->attributes); g_slice_free(NMIPRoute, route); } } /** * nm_ip_route_equal_full: * @route: the #NMIPRoute * @other: the #NMIPRoute to compare @route to. * @cmp_flags: tune how to compare attributes. Currently, only * NM_IP_ROUTE_EQUAL_CMP_FLAGS_NONE (0) and NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS (1) * is supported. * * Determines if two #NMIPRoute objects contain the same destination, prefix, * next hop, and metric. * * Returns: %TRUE if the objects contain the same values, %FALSE if they do not. * * Since: 1.10 **/ gboolean nm_ip_route_equal_full(NMIPRoute *route, NMIPRoute *other, guint cmp_flags) { g_return_val_if_fail(route != NULL, FALSE); g_return_val_if_fail(route->refcount > 0, FALSE); g_return_val_if_fail(other != NULL, FALSE); g_return_val_if_fail(other->refcount > 0, FALSE); g_return_val_if_fail(NM_IN_SET(cmp_flags, NM_IP_ROUTE_EQUAL_CMP_FLAGS_NONE, NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS), FALSE); if (route->prefix != other->prefix || route->metric != other->metric || strcmp(route->dest, other->dest) != 0 || g_strcmp0(route->next_hop, other->next_hop) != 0) return FALSE; if (cmp_flags == NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS) { GHashTableIter iter; const char * key; GVariant * value, *value2; guint n; n = route->attributes ? g_hash_table_size(route->attributes) : 0u; if (n != (other->attributes ? g_hash_table_size(other->attributes) : 0u)) return FALSE; if (n) { g_hash_table_iter_init(&iter, route->attributes); while (g_hash_table_iter_next(&iter, (gpointer *) &key, (gpointer *) &value)) { value2 = g_hash_table_lookup(other->attributes, key); if (!value2) return FALSE; if (!g_variant_equal(value, value2)) return FALSE; } } } return TRUE; } /** * nm_ip_route_equal: * @route: the #NMIPRoute * @other: the #NMIPRoute to compare @route to. * * Determines if two #NMIPRoute objects contain the same destination, prefix, * next hop, and metric. (Attributes are not compared.) * * Returns: %TRUE if the objects contain the same values, %FALSE if they do not. **/ gboolean nm_ip_route_equal(NMIPRoute *route, NMIPRoute *other) { return nm_ip_route_equal_full(route, other, NM_IP_ROUTE_EQUAL_CMP_FLAGS_NONE); } /** * nm_ip_route_dup: * @route: the #NMIPRoute * * Creates a copy of @route * * Returns: (transfer full): a copy of @route **/ NMIPRoute * nm_ip_route_dup(NMIPRoute *route) { NMIPRoute *copy; g_return_val_if_fail(route != NULL, NULL); g_return_val_if_fail(route->refcount > 0, NULL); copy = nm_ip_route_new(route->family, route->dest, route->prefix, route->next_hop, route->metric, NULL); if (route->attributes) { GHashTableIter iter; const char * key; GVariant * value; g_hash_table_iter_init(&iter, route->attributes); while (g_hash_table_iter_next(&iter, (gpointer *) &key, (gpointer *) &value)) nm_ip_route_set_attribute(copy, key, value); } return copy; } /** * nm_ip_route_get_family: * @route: the #NMIPRoute * * Gets the IP address family (eg, AF_INET) property of this route * object. * * Returns: the IP address family **/ int nm_ip_route_get_family(NMIPRoute *route) { g_return_val_if_fail(route != NULL, 0); g_return_val_if_fail(route->refcount > 0, 0); return route->family; } /** * nm_ip_route_get_dest: * @route: the #NMIPRoute * * Gets the IP destination address property of this route object. * * Returns: the IP address of the route's destination **/ const char * nm_ip_route_get_dest(NMIPRoute *route) { g_return_val_if_fail(route != NULL, NULL); g_return_val_if_fail(route->refcount > 0, NULL); return route->dest; } /** * nm_ip_route_set_dest: * @route: the #NMIPRoute * @dest: the route's destination, as a string * * Sets the destination property of this route object. * * @dest must be a valid address of @route's family. If you aren't sure you * have a valid address, use nm_utils_ipaddr_is_valid() to check it. **/ void nm_ip_route_set_dest(NMIPRoute *route, const char *dest) { g_return_if_fail(route != NULL); g_return_if_fail(nm_utils_ipaddr_is_valid(route->family, dest)); g_free(route->dest); route->dest = canonicalize_ip(route->family, dest, FALSE); } /** * nm_ip_route_get_dest_binary: (skip) * @route: the #NMIPRoute * @dest: a buffer in which to store the destination in binary format. * * Gets the destination property of this route object. * * @dest must point to a buffer that is the correct size for @route's family. **/ void nm_ip_route_get_dest_binary(NMIPRoute *route, gpointer dest) { g_return_if_fail(route != NULL); g_return_if_fail(dest != NULL); inet_pton(route->family, route->dest, dest); } /** * nm_ip_route_set_dest_binary: (skip) * @route: the #NMIPRoute * @dest: the route's destination, in binary format * * Sets the destination property of this route object. * * @dest must point to a buffer that is the correct size for @route's family. **/ void nm_ip_route_set_dest_binary(NMIPRoute *route, gconstpointer dest) { char string[NM_UTILS_INET_ADDRSTRLEN]; g_return_if_fail(route != NULL); g_return_if_fail(dest != NULL); g_free(route->dest); route->dest = g_strdup(inet_ntop(route->family, dest, string, sizeof(string))); } /** * nm_ip_route_get_prefix: * @route: the #NMIPRoute * * Gets the IP prefix (ie "24" or "30" etc) of this route. * * Returns: the IP prefix **/ guint nm_ip_route_get_prefix(NMIPRoute *route) { g_return_val_if_fail(route != NULL, 0); g_return_val_if_fail(route->refcount > 0, 0); return route->prefix; } /** * nm_ip_route_set_prefix: * @route: the #NMIPRoute * @prefix: the route prefix * * Sets the prefix property of this route object. **/ void nm_ip_route_set_prefix(NMIPRoute *route, guint prefix) { g_return_if_fail(route != NULL); g_return_if_fail(valid_prefix(route->family, prefix, NULL)); route->prefix = prefix; } /** * nm_ip_route_get_next_hop: * @route: the #NMIPRoute * * Gets the IP address of the next hop of this route; this will be %NULL if the * route has no next hop. * * Returns: the IP address of the next hop, or %NULL if this is a device route. **/ const char * nm_ip_route_get_next_hop(NMIPRoute *route) { g_return_val_if_fail(route != NULL, NULL); g_return_val_if_fail(route->refcount > 0, NULL); return route->next_hop; } /** * nm_ip_route_set_next_hop: * @route: the #NMIPRoute * @next_hop: (allow-none): the route's next hop, as a string * * Sets the next-hop property of this route object. * * @next_hop (if non-%NULL) must be a valid address of @route's family. If you * aren't sure you have a valid address, use nm_utils_ipaddr_valid() to check * it. **/ void nm_ip_route_set_next_hop(NMIPRoute *route, const char *next_hop) { g_return_if_fail(route != NULL); g_return_if_fail(!next_hop || nm_utils_ipaddr_is_valid(route->family, next_hop)); g_free(route->next_hop); route->next_hop = canonicalize_ip(route->family, next_hop, TRUE); } /** * nm_ip_route_get_next_hop_binary: (skip) * @route: the #NMIPRoute * @next_hop: a buffer in which to store the next hop in binary format. * * Gets the next hop property of this route object. * * @next_hop must point to a buffer that is the correct size for @route's family. * * Returns: %TRUE if @route has a next hop, %FALSE if not (in which case * @next_hop will be zeroed out) **/ gboolean nm_ip_route_get_next_hop_binary(NMIPRoute *route, gpointer next_hop) { g_return_val_if_fail(route != NULL, FALSE); g_return_val_if_fail(next_hop != NULL, FALSE); if (route->next_hop) { inet_pton(route->family, route->next_hop, next_hop); return TRUE; } else { memset(next_hop, 0, nm_utils_addr_family_to_size(route->family)); return FALSE; } } /** * nm_ip_route_set_next_hop_binary: (skip) * @route: the #NMIPRoute * @next_hop: the route's next hop, in binary format * * Sets the destination property of this route object. * * @next_hop (if non-%NULL) must point to a buffer that is the correct size for * @route's family. **/ void nm_ip_route_set_next_hop_binary(NMIPRoute *route, gconstpointer next_hop) { g_return_if_fail(route != NULL); g_free(route->next_hop); route->next_hop = canonicalize_ip_binary(route->family, next_hop, TRUE); } /** * nm_ip_route_get_metric: * @route: the #NMIPRoute * * Gets the route metric property of this route object; lower values * indicate "better" or more preferred routes; -1 indicates "default" * (meaning NetworkManager will set it appropriately). * * Returns: the route metric **/ gint64 nm_ip_route_get_metric(NMIPRoute *route) { g_return_val_if_fail(route != NULL, 0); g_return_val_if_fail(route->refcount > 0, 0); return route->metric; } /** * nm_ip_route_set_metric: * @route: the #NMIPRoute * @metric: the route metric (or -1 for "default") * * Sets the metric property of this route object. **/ void nm_ip_route_set_metric(NMIPRoute *route, gint64 metric) { g_return_if_fail(route != NULL); g_return_if_fail(valid_metric(metric, NULL)); route->metric = metric; } GHashTable * _nm_ip_route_get_attributes(NMIPRoute *route) { nm_assert(route); return route->attributes; } /** * _nm_ip_route_get_attribute_names: * @route: the #NMIPRoute * @sorted: whether to sort the names. Otherwise, their order is * undefined and unstable. * @out_length: (allow-none) (out): the number of elements * * Gets an array of attribute names defined on @route. * * Returns: (array length=out_length) (transfer container): a %NULL-terminated array * of attribute names or %NULL if there are no attributes. The order of the returned * names depends on @sorted. **/ const char ** _nm_ip_route_get_attribute_names(const NMIPRoute *route, gboolean sorted, guint *out_length) { nm_assert(route); return nm_utils_strdict_get_keys(route->attributes, sorted, out_length); } /** * nm_ip_route_get_attribute_names: * @route: the #NMIPRoute * * Gets an array of attribute names defined on @route. * * Returns: (transfer full): a %NULL-terminated array of attribute names **/ char ** nm_ip_route_get_attribute_names(NMIPRoute *route) { const char **names; g_return_val_if_fail(route != NULL, NULL); names = _nm_ip_route_get_attribute_names(route, TRUE, NULL); return nm_utils_strv_make_deep_copied_nonnull(names); } /** * nm_ip_route_get_attribute: * @route: the #NMIPRoute * @name: the name of an route attribute * * Gets the value of the attribute with name @name on @route * * Returns: (transfer none): the value of the attribute with name @name on * @route, or %NULL if @route has no such attribute. **/ GVariant * nm_ip_route_get_attribute(NMIPRoute *route, const char *name) { g_return_val_if_fail(route != NULL, NULL); g_return_val_if_fail(name != NULL && *name != '\0', NULL); if (route->attributes) return g_hash_table_lookup(route->attributes, name); else return NULL; } /** * nm_ip_route_set_attribute: * @route: the #NMIPRoute * @name: the name of a route attribute * @value: (transfer none) (allow-none): the value * * Sets the named attribute on @route to the given value. **/ void nm_ip_route_set_attribute(NMIPRoute *route, const char *name, GVariant *value) { g_return_if_fail(route != NULL); g_return_if_fail(name != NULL && *name != '\0'); g_return_if_fail(strcmp(name, "dest") != 0 && strcmp(name, "prefix") != 0 && strcmp(name, "next-hop") != 0 && strcmp(name, "metric") != 0); if (!route->attributes) { route->attributes = g_hash_table_new_full(nm_str_hash, g_str_equal, g_free, (GDestroyNotify) g_variant_unref); } if (value) g_hash_table_insert(route->attributes, g_strdup(name), g_variant_ref_sink(value)); else g_hash_table_remove(route->attributes, name); } static const NMVariantAttributeSpec *const ip_route_attribute_spec[] = { NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_CWND, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_FROM, G_VARIANT_TYPE_STRING, .v6 = TRUE, .str_type = 'p', ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_INITCWND, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_INITRWND, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_LOCK_CWND, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_LOCK_INITCWND, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_LOCK_INITRWND, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_LOCK_MTU, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_LOCK_WINDOW, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_MTU, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_ONLINK, G_VARIANT_TYPE_BOOLEAN, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_SCOPE, G_VARIANT_TYPE_BYTE, .v4 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_SRC, G_VARIANT_TYPE_STRING, .v4 = TRUE, .v6 = TRUE, .str_type = 'a', ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_TABLE, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_TOS, G_VARIANT_TYPE_BYTE, .v4 = TRUE, ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_TYPE, G_VARIANT_TYPE_STRING, .v4 = TRUE, .v6 = TRUE, .str_type = 'T', ), NM_VARIANT_ATTRIBUTE_SPEC_DEFINE(NM_IP_ROUTE_ATTRIBUTE_WINDOW, G_VARIANT_TYPE_UINT32, .v4 = TRUE, .v6 = TRUE, ), NULL, }; /** * nm_ip_route_get_variant_attribute_spec: * * Returns: the specifiers for route attributes * * Since: 1.8 */ const NMVariantAttributeSpec *const * nm_ip_route_get_variant_attribute_spec(void) { return ip_route_attribute_spec; } /** * nm_ip_route_attribute_validate: * @name: the attribute name * @value: the attribute value * @family: IP address family of the route * @known: (out): on return, whether the attribute name is a known one * @error: (allow-none): return location for a #GError, or %NULL * * Validates a route attribute, i.e. checks that the attribute is a known one * and the value is of the correct type and well-formed. * * Returns: %TRUE if the attribute is valid, %FALSE otherwise * * Since: 1.8 */ gboolean nm_ip_route_attribute_validate(const char *name, GVariant * value, int family, gboolean * known, GError ** error) { const NMVariantAttributeSpec *spec; g_return_val_if_fail(name, FALSE); g_return_val_if_fail(value, FALSE); g_return_val_if_fail(family == AF_INET || family == AF_INET6, FALSE); g_return_val_if_fail(!error || !*error, FALSE); spec = _nm_variant_attribute_spec_find_binary_search(ip_route_attribute_spec, G_N_ELEMENTS(ip_route_attribute_spec) - 1, name); if (!spec) { NM_SET_OUT(known, FALSE); g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("unknown attribute")); return FALSE; } NM_SET_OUT(known, TRUE); if (!g_variant_is_of_type(value, spec->type)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid attribute type '%s'"), g_variant_get_type_string(value)); return FALSE; } if ((family == AF_INET && !spec->v4) || (family == AF_INET6 && !spec->v6)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("attribute is not valid for a IPv4 route") : _("attribute is not valid for a IPv6 route")); return FALSE; } if (g_variant_type_equal(spec->type, G_VARIANT_TYPE_STRING)) { const char *string = g_variant_get_string(value, NULL); switch (spec->str_type) { case 'a': /* IP address */ if (!nm_utils_ipaddr_is_valid(family, string)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("'%s' is not a valid IPv4 address") : _("'%s' is not a valid IPv6 address"), string); return FALSE; } break; case 'p': /* IP address + optional prefix */ { gs_free char *addr_free = NULL; const char * addr = string; const char * str; str = strchr(addr, '/'); if (str) { addr = nm_strndup_a(200, addr, str - addr, &addr_free); str++; if (_nm_utils_ascii_str_to_int64(str, 10, 0, family == AF_INET ? 32 : 128, -1) < 0) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid prefix %s"), str); return FALSE; } } if (!nm_utils_ipaddr_is_valid(family, addr)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, family == AF_INET ? _("'%s' is not a valid IPv4 address") : _("'%s' is not a valid IPv6 address"), string); return FALSE; } break; } case 'T': /* route type. */ if (!NM_IN_SET(nm_net_aux_rtnl_rtntype_a2n(string), RTN_UNICAST, RTN_LOCAL)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%s is not a valid route type"), string); return FALSE; } break; default: break; } } return TRUE; } gboolean _nm_ip_route_attribute_validate_all(const NMIPRoute *route, GError **error) { NMUtilsNamedValue attrs_static[G_N_ELEMENTS(ip_route_attribute_spec)]; gs_free NMUtilsNamedValue *attrs_free = NULL; const NMUtilsNamedValue * attrs; guint attrs_len; GVariant * val; guint i; guint8 u8; g_return_val_if_fail(route, FALSE); g_return_val_if_fail(!error || !*error, FALSE); if (!route->attributes) return TRUE; attrs = nm_utils_named_values_from_strdict(route->attributes, &attrs_len, attrs_static, &attrs_free); for (i = 0; i < attrs_len; i++) { const char *key = attrs[i].name; GVariant * val2 = attrs[i].value_ptr; if (!nm_ip_route_attribute_validate(key, val2, route->family, NULL, NULL)) return FALSE; } if ((val = g_hash_table_lookup(route->attributes, NM_IP_ROUTE_ATTRIBUTE_TYPE))) { int v_i; nm_assert(g_variant_is_of_type(val, G_VARIANT_TYPE_STRING)); v_i = nm_net_aux_rtnl_rtntype_a2n(g_variant_get_string(val, NULL)); nm_assert(v_i >= 0); if (v_i == RTN_LOCAL && route->family == AF_INET && (val = g_hash_table_lookup(route->attributes, NM_IP_ROUTE_ATTRIBUTE_SCOPE))) { nm_assert(g_variant_is_of_type(val, G_VARIANT_TYPE_BYTE)); u8 = g_variant_get_byte(val); if (!NM_IN_SET(u8, RT_SCOPE_HOST, RT_SCOPE_NOWHERE)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("route scope is invalid")); return FALSE; } } } return TRUE; } /*****************************************************************************/ struct NMIPRoutingRule { NMIPAddr from_bin; NMIPAddr to_bin; char * from_str; char * to_str; char * iifname; char * oifname; guint ref_count; guint32 priority; guint32 table; gint32 suppress_prefixlength; guint32 fwmark; guint32 fwmask; guint32 uid_range_start; guint32 uid_range_end; guint16 sport_start; guint16 sport_end; guint16 dport_start; guint16 dport_end; guint8 action; guint8 from_len; guint8 to_len; guint8 tos; guint8 ipproto; bool is_v4 : 1; bool sealed : 1; bool priority_has : 1; bool uid_range_has : 1; bool from_has : 1; bool from_valid : 1; bool to_has : 1; bool to_valid : 1; bool invert : 1; }; static NMIPRoutingRule *_ip_routing_rule_dup(const NMIPRoutingRule *rule); G_DEFINE_BOXED_TYPE(NMIPRoutingRule, nm_ip_routing_rule, _ip_routing_rule_dup, nm_ip_routing_rule_unref) static gboolean NM_IS_IP_ROUTING_RULE(const NMIPRoutingRule *self, gboolean also_sealed) { return self && self->ref_count > 0 && (also_sealed || !self->sealed); } static int _ip_routing_rule_get_addr_family(const NMIPRoutingRule *self) { nm_assert(NM_IS_IP_ROUTING_RULE(self, TRUE)); return self->is_v4 ? AF_INET : AF_INET6; } static int _ip_routing_rule_get_addr_size(const NMIPRoutingRule *self) { nm_assert(NM_IS_IP_ROUTING_RULE(self, TRUE)); return self->is_v4 ? sizeof(struct in_addr) : sizeof(struct in6_addr); } static NMIPRoutingRule * _ip_routing_rule_dup(const NMIPRoutingRule *rule) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(rule, TRUE), NULL); if (rule->sealed) return nm_ip_routing_rule_ref((NMIPRoutingRule *) rule); return nm_ip_routing_rule_new_clone(rule); } /** * nm_ip_routing_rule_new: * @addr_family: the address family of the routing rule. Must be either * %AF_INET (2) or %AF_INET6 (10). * * Returns: (transfer full): a newly created rule instance with the * provided address family. The instance is unsealed. * * Since: 1.18 */ NMIPRoutingRule * nm_ip_routing_rule_new(int addr_family) { NMIPRoutingRule *self; g_return_val_if_fail(NM_IN_SET(addr_family, AF_INET, AF_INET6), NULL); self = g_slice_new(NMIPRoutingRule); *self = (NMIPRoutingRule){ .ref_count = 1, .is_v4 = (addr_family == AF_INET), .action = FR_ACT_TO_TBL, .table = RT_TABLE_MAIN, .suppress_prefixlength = -1, }; return self; } /** * nm_ip_routing_rule_new_clone: * @rule: the #NMIPRoutingRule to clone. * * Returns: (transfer full): a newly created rule instance with * the same settings as @rule. Note that the instance will * always be unsealred. * * Since: 1.18 */ NMIPRoutingRule * nm_ip_routing_rule_new_clone(const NMIPRoutingRule *rule) { NMIPRoutingRule *self; g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(rule, TRUE), NULL); self = g_slice_new(NMIPRoutingRule); *self = (NMIPRoutingRule){ .ref_count = 1, .sealed = FALSE, .is_v4 = rule->is_v4, .priority = rule->priority, .priority_has = rule->priority_has, .invert = rule->invert, .tos = rule->tos, .fwmark = rule->fwmark, .fwmask = rule->fwmask, .sport_start = rule->sport_start, .sport_end = rule->sport_end, .dport_start = rule->dport_start, .dport_end = rule->dport_end, .uid_range_start = rule->uid_range_start, .uid_range_end = rule->uid_range_end, .uid_range_has = rule->uid_range_has, .ipproto = rule->ipproto, .from_len = rule->from_len, .from_bin = rule->from_bin, .from_str = (rule->from_has && !rule->from_valid) ? g_strdup(rule->from_str) : NULL, .from_has = rule->from_has, .from_valid = rule->from_valid, .to_len = rule->to_len, .to_bin = rule->to_bin, .to_str = (rule->to_has && !rule->to_valid) ? g_strdup(rule->to_str) : NULL, .to_has = rule->to_has, .to_valid = rule->to_valid, .iifname = g_strdup(rule->iifname), .oifname = g_strdup(rule->oifname), .action = rule->action, .table = rule->table, .suppress_prefixlength = rule->suppress_prefixlength, }; return self; } /** * nm_ip_routing_rule_ref: * @self: (allow-none): the #NMIPRoutingRule instance * * Increases the reference count of the instance. * This is not thread-safe. * * Returns: (transfer full): the @self argument with incremented * reference count. * * Since: 1.18 */ NMIPRoutingRule * nm_ip_routing_rule_ref(NMIPRoutingRule *self) { if (!self) return NULL; g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); nm_assert(self->ref_count < G_MAXUINT); self->ref_count++; return self; } /** * nm_ip_routing_rule_unref: * @self: (allow-none): the #NMIPRoutingRule instance * * Decreases the reference count of the instance and destroys * the instance if the reference count reaches zero. * This is not thread-safe. * * Since: 1.18 */ void nm_ip_routing_rule_unref(NMIPRoutingRule *self) { if (!self) return; g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE)); if (--self->ref_count > 0) return; g_free(self->from_str); g_free(self->to_str); g_free(self->iifname); g_free(self->oifname); g_slice_free(NMIPRoutingRule, self); } /** * nm_ip_routing_rule_is_sealed: * @self: the #NMIPRoutingRule instance * * Returns: whether @self is sealed. Once sealed, an instance * cannot be modified nor unsealed. * * Since: 1.18 */ gboolean nm_ip_routing_rule_is_sealed(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), FALSE); return self->sealed; } /** * nm_ip_routing_rule_seal: * @self: the #NMIPRoutingRule instance * * Seals the routing rule. Afterwards, the instance can no longer be * modified, and it is a bug to call any of the accessors that would * modify the rule. If @self was already sealed, this has no effect. * * Since: 1.18 */ void nm_ip_routing_rule_seal(NMIPRoutingRule *self) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE)); self->sealed = TRUE; } /** * nm_ip_routing_rule_get_addr_family: * @self: the #NMIPRoutingRule instance * * Returns: the address family of the rule. Either %AF_INET or %AF_INET6. * * Since: 1.18 */ int nm_ip_routing_rule_get_addr_family(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), AF_UNSPEC); return _ip_routing_rule_get_addr_family(self); } /** * nm_ip_routing_rule_get_priority: * @self: the #NMIPRoutingRule instance * * Returns: the priority. A valid priority is in the range from * 0 to %G_MAXUINT32. If unset, -1 is returned. * * Since: 1.18 */ gint64 nm_ip_routing_rule_get_priority(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), -1); return self->priority_has ? (gint64) self->priority : (gint64) -1; } /** * nm_ip_routing_rule_set_priority: * @self: the #NMIPRoutingRule instance * @priority: the priority to set * * A valid priority ranges from 0 to %G_MAXUINT32. "-1" is also allowed * to reset the priority. It is a bug calling this function with any * other value. * * Since: 1.18 */ void nm_ip_routing_rule_set_priority(NMIPRoutingRule *self, gint64 priority) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); if (priority >= 0 && priority <= (gint64) G_MAXUINT32) { self->priority = (guint32) priority; self->priority_has = TRUE; } else { g_return_if_fail(priority == -1); self->priority = 0; self->priority_has = FALSE; } } /** * nm_ip_routing_rule_get_invert: * @self: the #NMIPRoutingRule instance * * Returns: the "invert" setting of the rule. * * Since: 1.18 */ gboolean nm_ip_routing_rule_get_invert(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), FALSE); return self->invert; } /** * nm_ip_routing_rule_set_invert: * @self: the #NMIPRoutingRule instance * @invert: the new value to set * * Since: 1.18 */ void nm_ip_routing_rule_set_invert(NMIPRoutingRule *self, gboolean invert) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->invert = invert; } /** * nm_ip_routing_rule_get_from_len: * @self: the #NMIPRoutingRule instance * * Returns: the set prefix length for the from/src parameter. * * Since: 1.18 */ guint8 nm_ip_routing_rule_get_from_len(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->from_len; } /** * nm_ip_routing_rule_get_from: * @self: the #NMIPRoutingRule instance * * Returns: (transfer none): the set from/src parameter or * %NULL, if no value is set. * * Since: 1.18 */ const char * nm_ip_routing_rule_get_from(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); if (!self->from_has) return NULL; if (!self->from_str) { nm_assert(self->from_valid); ((NMIPRoutingRule *) self)->from_str = nm_utils_inet_ntop_dup(_ip_routing_rule_get_addr_family(self), &self->from_bin); } return self->from_str; } const NMIPAddr * nm_ip_routing_rule_get_from_bin(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); return (self->from_has && self->from_valid) ? &self->from_bin : NULL; } void nm_ip_routing_rule_set_from_bin(NMIPRoutingRule *self, gconstpointer from, guint8 len) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); nm_clear_g_free(&self->from_str); if (!from) { self->from_has = FALSE; self->from_len = len; return; } self->from_has = TRUE; self->from_len = len; self->from_valid = TRUE; nm_ip_addr_set(_ip_routing_rule_get_addr_family(self), &self->from_bin, from); } /** * nm_ip_routing_rule_set_from: * @self: the #NMIPRoutingRule instance * @from: (allow-none): the from/src address to set. * The address family must match. * @len: the corresponding prefix length of the address. * * Setting invalid values is accepted, but will later fail * during nm_ip_routing_rule_validate(). * * Since: 1.18 */ void nm_ip_routing_rule_set_from(NMIPRoutingRule *self, const char *from, guint8 len) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); if (!from) { nm_clear_g_free(&self->from_str); self->from_has = FALSE; self->from_len = len; return; } nm_clear_g_free(&self->from_str); self->from_has = TRUE; self->from_len = len; self->from_valid = nm_utils_parse_inaddr_bin(_ip_routing_rule_get_addr_family(self), from, NULL, &self->from_bin); if (!self->from_valid) self->from_str = g_strdup(from); } /** * nm_ip_routing_rule_get_to_len: * @self: the #NMIPRoutingRule instance * * Returns: the set prefix length for the to/dst parameter. * * Since: 1.18 */ guint8 nm_ip_routing_rule_get_to_len(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->to_len; } /** * nm_ip_routing_rule_get_to: * @self: the #NMIPRoutingRule instance * * Returns: (transfer none): the set to/dst parameter or * %NULL, if no value is set. * * Since: 1.18 */ const char * nm_ip_routing_rule_get_to(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); if (!self->to_has) return NULL; if (!self->to_str) { nm_assert(self->to_valid); ((NMIPRoutingRule *) self)->to_str = nm_utils_inet_ntop_dup(_ip_routing_rule_get_addr_family(self), &self->to_bin); } return self->to_str; } const NMIPAddr * nm_ip_routing_rule_get_to_bin(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); return (self->to_has && self->to_valid) ? &self->to_bin : NULL; } void nm_ip_routing_rule_set_to_bin(NMIPRoutingRule *self, gconstpointer to, guint8 len) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); nm_clear_g_free(&self->to_str); if (!to) { self->to_has = FALSE; self->to_len = len; return; } self->to_has = TRUE; self->to_len = len; self->to_valid = TRUE; nm_ip_addr_set(_ip_routing_rule_get_addr_family(self), &self->to_bin, to); } /** * nm_ip_routing_rule_set_to: * @self: the #NMIPRoutingRule instance * @to: (allow-none): the to/dst address to set. * The address family must match. * @len: the corresponding prefix length of the address. * If @to is %NULL, this valid is ignored. * * Setting invalid values is accepted, but will later fail * during nm_ip_routing_rule_validate(). * * Since: 1.18 */ void nm_ip_routing_rule_set_to(NMIPRoutingRule *self, const char *to, guint8 len) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); if (!to) { nm_clear_g_free(&self->to_str); self->to_has = FALSE; self->to_len = len; return; } nm_clear_g_free(&self->to_str); self->to_has = TRUE; self->to_len = len; self->to_valid = nm_utils_parse_inaddr_bin(_ip_routing_rule_get_addr_family(self), to, NULL, &self->to_bin); if (!self->to_valid) self->to_str = g_strdup(to); } /** * nm_ip_routing_rule_get_tos: * @self: the #NMIPRoutingRule instance * * Returns: the tos of the rule. * * Since: 1.18 */ guint8 nm_ip_routing_rule_get_tos(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->tos; } /** * nm_ip_routing_rule_set_tos: * @self: the #NMIPRoutingRule instance * @tos: the tos to set * * Since: 1.18 */ void nm_ip_routing_rule_set_tos(NMIPRoutingRule *self, guint8 tos) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->tos = tos; } /** * nm_ip_routing_rule_get_ipproto: * @self: the #NMIPRoutingRule instance * * Returns: the ipproto of the rule. * * Since: 1.18 */ guint8 nm_ip_routing_rule_get_ipproto(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->ipproto; } /** * nm_ip_routing_rule_set_ipproto: * @self: the #NMIPRoutingRule instance * @ipproto: the ipproto to set * * Since: 1.18 */ void nm_ip_routing_rule_set_ipproto(NMIPRoutingRule *self, guint8 ipproto) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->ipproto = ipproto; } /** * nm_ip_routing_rule_get_source_port_start: * @self: the #NMIPRoutingRule instance * * Returns: the source port start setting. * * Since: 1.18 */ guint16 nm_ip_routing_rule_get_source_port_start(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->sport_start; } /** * nm_ip_routing_rule_get_source_port_end: * @self: the #NMIPRoutingRule instance * * Returns: the source port end setting. * * Since: 1.18 */ guint16 nm_ip_routing_rule_get_source_port_end(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->sport_end; } /** * nm_ip_routing_rule_set_source_port: * @self: the #NMIPRoutingRule instance * @start: the start port to set. * @end: the end port to set. * * Since: 1.18 */ void nm_ip_routing_rule_set_source_port(NMIPRoutingRule *self, guint16 start, guint16 end) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->sport_start = start; self->sport_end = end; } /** * nm_ip_routing_rule_get_destination_port_start: * @self: the #NMIPRoutingRule instance * * Returns: the destination port start setting. * * Since: 1.18 */ guint16 nm_ip_routing_rule_get_destination_port_start(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->dport_start; } /** * nm_ip_routing_rule_get_destination_port_end: * @self: the #NMIPRoutingRule instance * * Returns: the destination port end setting. * * Since: 1.18 */ guint16 nm_ip_routing_rule_get_destination_port_end(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->dport_end; } /** * nm_ip_routing_rule_set_destination_port: * @self: the #NMIPRoutingRule instance * @start: the start port to set. * @end: the end port to set. * * Since: 1.18 */ void nm_ip_routing_rule_set_destination_port(NMIPRoutingRule *self, guint16 start, guint16 end) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->dport_start = start; self->dport_end = end; } /** * nm_ip_routing_rule_get_fwmark: * @self: the #NMIPRoutingRule instance * * Returns: the fwmark setting. * * Since: 1.18 */ guint32 nm_ip_routing_rule_get_fwmark(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->fwmark; } /** * nm_ip_routing_rule_get_fwmask: * @self: the #NMIPRoutingRule instance * * Returns: the fwmask setting. * * Since: 1.18 */ guint32 nm_ip_routing_rule_get_fwmask(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->fwmask; } /** * nm_ip_routing_rule_set_fwmark: * @self: the #NMIPRoutingRule instance * @fwmark: the fwmark * @fwmask: the fwmask * * Since: 1.18 */ void nm_ip_routing_rule_set_fwmark(NMIPRoutingRule *self, guint32 fwmark, guint32 fwmask) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->fwmark = fwmark; self->fwmask = fwmask; } /** * nm_ip_routing_rule_get_iifname: * @self: the #NMIPRoutingRule instance. * * Returns: (transfer none): the set iifname or %NULL if unset. * * Since: 1.18 */ const char * nm_ip_routing_rule_get_iifname(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); return self->iifname; } gboolean nm_ip_routing_rule_get_xifname_bin(const NMIPRoutingRule *self, gboolean iif /* or else oif */, char out_xifname[static 16 /* IFNAMSIZ */]) { gs_free gpointer bin_to_free = NULL; const char * xifname; gconstpointer bin; gsize len; nm_assert(NM_IS_IP_ROUTING_RULE(self, TRUE)); nm_assert(out_xifname); xifname = iif ? self->iifname : self->oifname; if (!xifname) return FALSE; bin = nm_utils_buf_utf8safe_unescape(xifname, NM_UTILS_STR_UTF8_SAFE_FLAG_NONE, &len, &bin_to_free); strncpy(out_xifname, bin, 16 /* IFNAMSIZ */); out_xifname[15] = '\0'; return TRUE; } /** * nm_ip_routing_rule_set_iifname: * @self: the #NMIPRoutingRule instance. * @iifname: (allow-none): the iifname to set or %NULL to unset. * * The name supports C backslash escaping for non-UTF-8 characters. * Note that nm_ip_routing_rule_from_string() too uses backslash * escaping when tokenizing the words by whitespace. So, in string * representation you'd get double backslashes. * * Since: 1.18 */ void nm_ip_routing_rule_set_iifname(NMIPRoutingRule *self, const char *iifname) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); g_free(self->iifname); self->iifname = g_strdup(iifname); } /** * nm_ip_routing_rule_get_oifname: * @self: the #NMIPRoutingRule instance. * * Returns: (transfer none): the set oifname or %NULL if unset. * * Since: 1.18 */ const char * nm_ip_routing_rule_get_oifname(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); return self->oifname; } /** * nm_ip_routing_rule_set_oifname: * @self: the #NMIPRoutingRule instance. * @oifname: (allow-none): the oifname to set or %NULL to unset. * * The name supports C backslash escaping for non-UTF-8 characters. * Note that nm_ip_routing_rule_from_string() too uses backslash * escaping when tokenizing the words by whitespace. So, in string * representation you'd get double backslashes. * * Since: 1.18 */ void nm_ip_routing_rule_set_oifname(NMIPRoutingRule *self, const char *oifname) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); g_free(self->oifname); self->oifname = g_strdup(oifname); } /** * nm_ip_routing_rule_get_action: * @self: the #NMIPRoutingRule instance * * Returns: the set action. * * Since: 1.18 */ guint8 nm_ip_routing_rule_get_action(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->action; } /** * nm_ip_routing_rule_set_action: * @self: the #NMIPRoutingRule instance * @action: the action to set * * Note that currently only certain actions are allowed. nm_ip_routing_rule_validate() * will reject unsupported actions as invalid. * * Since: 1.18 */ void nm_ip_routing_rule_set_action(NMIPRoutingRule *self, guint8 action) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->action = action; } /** * nm_ip_routing_rule_get_table: * @self: the #NMIPRoutingRule instance * * Returns: the set table. * * Since: 1.18 */ guint32 nm_ip_routing_rule_get_table(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), 0); return self->table; } /** * nm_ip_routing_rule_set_table: * @self: the #NMIPRoutingRule instance * @table: the table to set * * Since: 1.18 */ void nm_ip_routing_rule_set_table(NMIPRoutingRule *self, guint32 table) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->table = table; } /** * nm_ip_routing_rule_get_suppress_prefixlength: * @self: the #NMIPRoutingRule instance * * Returns: the suppress_prefixlength of the rule. -1 means that the value is unset. * * Since: 1.20 */ gint32 nm_ip_routing_rule_get_suppress_prefixlength(const NMIPRoutingRule *self) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), -1); return self->suppress_prefixlength; } /** * nm_ip_routing_rule_set_suppress_prefixlength: * @self: the #NMIPRoutingRule instance * @suppress_prefixlength: the suppress_prefixlength to set. The value -1 means * unset. * * Since: 1.20 */ void nm_ip_routing_rule_set_suppress_prefixlength(NMIPRoutingRule *self, gint32 suppress_prefixlength) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); self->suppress_prefixlength = suppress_prefixlength; } /** * nm_ip_routing_rule_get_uid_range: * @self: the #NMIPRoutingRule instance * @out_range_start: (out) (allow-none): returns the start of the range * or 0 if the range is not set. * @out_range_end: (out) (allow-none): returns the end of the range * or 0 if the range is not set. * * Returns: %TRUE if a uid range is set. * * Since: 1.32 */ gboolean nm_ip_routing_rule_get_uid_range(const NMIPRoutingRule *self, guint32 * out_range_start, guint32 * out_range_end) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), -1); nm_assert(self->uid_range_has || (self->uid_range_start == 0 && self->uid_range_end == 0)); NM_SET_OUT(out_range_start, self->uid_range_start); NM_SET_OUT(out_range_end, self->uid_range_end); return self->uid_range_has; } /** * nm_ip_routing_rule_set_uid_range: * @self: the #NMIPRoutingRule instance * @uid_range_start: the uid_range start to set. * @uid_range_end: the uid_range start to set. * * For a valid range, start must be less or equal to end. * If set to an invalid range, the range gets unset. * * Since: 1.32 */ void nm_ip_routing_rule_set_uid_range(NMIPRoutingRule *self, guint32 uid_range_start, guint32 uid_range_end) { g_return_if_fail(NM_IS_IP_ROUTING_RULE(self, FALSE)); if (uid_range_start > uid_range_end) { self->uid_range_start = 0; self->uid_range_end = 0; self->uid_range_has = FALSE; return; } self->uid_range_start = uid_range_start; self->uid_range_end = uid_range_end; self->uid_range_has = TRUE; } /** * nm_ip_routing_rule_cmp: * @rule: (allow-none): the #NMIPRoutingRule instance to compare * @other: (allow-none): the other #NMIPRoutingRule instance to compare * * Returns: zero, a positive, or a negative integer to indicate * equality or how the arguments compare. * * Since: 1.18 */ int nm_ip_routing_rule_cmp(const NMIPRoutingRule *rule, const NMIPRoutingRule *other) { NM_CMP_SELF(rule, other); g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(rule, TRUE), 0); g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(other, TRUE), 0); NM_CMP_FIELD_UNSAFE(rule, other, priority_has); if (rule->priority_has) NM_CMP_FIELD(rule, other, priority); NM_CMP_FIELD_UNSAFE(rule, other, is_v4); NM_CMP_FIELD_UNSAFE(rule, other, invert); NM_CMP_FIELD(rule, other, tos); NM_CMP_FIELD(rule, other, fwmark); NM_CMP_FIELD(rule, other, fwmask); NM_CMP_FIELD(rule, other, action); NM_CMP_FIELD(rule, other, table); NM_CMP_FIELD(rule, other, suppress_prefixlength); NM_CMP_FIELD(rule, other, sport_start); NM_CMP_FIELD(rule, other, sport_end); NM_CMP_FIELD(rule, other, dport_start); NM_CMP_FIELD(rule, other, dport_end); NM_CMP_FIELD(rule, other, ipproto); NM_CMP_FIELD_UNSAFE(rule, other, uid_range_has); if (rule->uid_range_has) { NM_CMP_FIELD(rule, other, uid_range_end); NM_CMP_FIELD(rule, other, uid_range_start); } /* We compare the plain strings, not the binary values after utf8safe unescaping. * * The reason is, that the rules differ already when the direct strings differ, not * only when the unescaped names differ. */ NM_CMP_FIELD_STR0(rule, other, iifname); NM_CMP_FIELD_STR0(rule, other, oifname); NM_CMP_FIELD(rule, other, from_len); NM_CMP_FIELD_UNSAFE(rule, other, from_has); if (rule->from_has) { NM_CMP_FIELD_UNSAFE(rule, other, from_valid); if (rule->from_valid) { NM_CMP_RETURN( memcmp(&rule->from_bin, &other->from_bin, _ip_routing_rule_get_addr_size(rule))); } else NM_CMP_FIELD_STR(rule, other, from_str); } NM_CMP_FIELD(rule, other, to_len); NM_CMP_FIELD_UNSAFE(rule, other, to_has); if (rule->to_has) { NM_CMP_FIELD_UNSAFE(rule, other, to_valid); if (rule->to_valid) { NM_CMP_RETURN( memcmp(&rule->to_bin, &other->to_bin, _ip_routing_rule_get_addr_size(rule))); } else NM_CMP_FIELD_STR(rule, other, to_str); } return 0; } static gboolean _rr_xport_range_valid(guint16 xport_start, guint16 xport_end) { if (xport_start == 0) return (xport_end == 0); return xport_start <= xport_end && xport_end < 0xFFFFu; } static gboolean _rr_xport_range_parse(char *str, gint64 *out_start, guint16 *out_end) { guint16 start, end; gint64 i64; char * s; s = strchr(str, '-'); if (s) *(s++) = '\0'; i64 = _nm_utils_ascii_str_to_int64(str, 10, 0, 0xFFFF, -1); if (i64 == -1) return FALSE; start = i64; if (s) { i64 = _nm_utils_ascii_str_to_int64(s, 10, 0, 0xFFFF, -1); if (i64 == -1) return FALSE; end = i64; } else end = start; *out_start = start; *out_end = end; return TRUE; } /** * nm_ip_routing_rule_validate: * @self: the #NMIPRoutingRule instance to validate * @error: (allow-none) (out): the error result if validation fails. * * Returns: %TRUE if the rule validates. * * Since: 1.18 */ gboolean nm_ip_routing_rule_validate(const NMIPRoutingRule *self, GError **error) { g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), FALSE); g_return_val_if_fail(!error || !*error, FALSE); /* Kernel may be more flexible about validating. We do a strict validation * here and reject certain settings eagerly. We can always relax it later. */ if (!self->priority_has) { /* iproute2 accepts not specifying the priority, in which case kernel will select * an unused priority. We don't allow for that, and will always require the user to * select a priority. * * Note that if the user selects priority 0 or a non-unique priority, this is problematic * due to kernel bugs rh#1685816 and rh#1685816. It may result in NetworkManager wrongly being * unable to add a rule or deleting the wrong rule. * This problem is not at all specific to the priority, it affects all rules that * have default values which confuse kernel. But setting a unique priority avoids * this problem nicely. */ g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid priority")); return FALSE; } if (NM_IN_SET(self->action, FR_ACT_TO_TBL)) { if (self->table == 0) { /* with IPv4, kernel allows a table (in RTM_NEWRULE) of zero to automatically select * an unused table. We don't. The user needs to specify the table. * * For IPv6, kernel doesn't allow a table of zero, so we are consistent here. */ g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("missing table")); return FALSE; } } else if (NM_IN_SET(self->action, FR_ACT_BLACKHOLE, FR_ACT_PROHIBIT, FR_ACT_UNREACHABLE)) { /* pass */ } else { /* we currently only support the listed actions. */ g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid action type")); return FALSE; } if (self->from_len == 0) { if (self->from_has) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("has from/src but the prefix-length is zero")); return FALSE; } } else if (self->from_len > 0 && self->from_len <= 8 * _ip_routing_rule_get_addr_size(self)) { if (!self->from_has) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("missing from/src for a non zero prefix-length")); return FALSE; } if (!self->from_valid) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid from/src")); return FALSE; } } else { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid prefix length for from/src")); return FALSE; } if (self->to_len == 0) { if (self->to_has) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("has to/dst but the prefix-length is zero")); return FALSE; } } else if (self->to_len > 0 && self->to_len <= 8 * _ip_routing_rule_get_addr_size(self)) { if (!self->to_has) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("missing to/dst for a non zero prefix-length")); return FALSE; } if (!self->to_valid) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid to/dst")); return FALSE; } } else { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid prefix length for to/dst")); return FALSE; } if (self->iifname && (!g_utf8_validate(self->iifname, -1, NULL) || !nm_utils_is_valid_iface_name_utf8safe(self->iifname))) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid iifname")); return FALSE; } if (self->oifname && (!g_utf8_validate(self->oifname, -1, NULL) || !nm_utils_is_valid_iface_name_utf8safe(self->oifname))) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid oifname")); return FALSE; } if (!_rr_xport_range_valid(self->sport_start, self->sport_end)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid source port range")); return FALSE; } if (!_rr_xport_range_valid(self->dport_start, self->dport_end)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid destination port range")); return FALSE; } if (self->suppress_prefixlength != -1) { if (self->suppress_prefixlength < -1 || self->suppress_prefixlength > (self->is_v4 ? 32 : 128)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("suppress_prefixlength out of range")); return FALSE; } if (self->action != FR_ACT_TO_TBL) { g_set_error_literal( error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("suppress_prefixlength is only allowed with the to-table action")); return FALSE; } } return TRUE; } /*****************************************************************************/ typedef enum { RR_DBUS_ATTR_ACTION, RR_DBUS_ATTR_DPORT_END, RR_DBUS_ATTR_DPORT_START, RR_DBUS_ATTR_FAMILY, RR_DBUS_ATTR_FROM, RR_DBUS_ATTR_FROM_LEN, RR_DBUS_ATTR_FWMARK, RR_DBUS_ATTR_FWMASK, RR_DBUS_ATTR_IIFNAME, RR_DBUS_ATTR_INVERT, RR_DBUS_ATTR_IPPROTO, RR_DBUS_ATTR_OIFNAME, RR_DBUS_ATTR_PRIORITY, RR_DBUS_ATTR_SPORT_END, RR_DBUS_ATTR_SPORT_START, RR_DBUS_ATTR_SUPPRESS_PREFIXLENGTH, RR_DBUS_ATTR_TABLE, RR_DBUS_ATTR_TO, RR_DBUS_ATTR_TO_LEN, RR_DBUS_ATTR_TOS, RR_DBUS_ATTR_UID_RANGE_END, RR_DBUS_ATTR_UID_RANGE_START, _RR_DBUS_ATTR_NUM, } RRDbusAttr; typedef struct { const char * name; const GVariantType *dbus_type; } RRDbusData; static const RRDbusData rr_dbus_data[_RR_DBUS_ATTR_NUM] = { #define _D(attr, _name, type) \ [attr] = { \ .name = _name, \ .dbus_type = type, \ } _D(RR_DBUS_ATTR_ACTION, NM_IP_ROUTING_RULE_ATTR_ACTION, G_VARIANT_TYPE_BYTE), _D(RR_DBUS_ATTR_DPORT_END, NM_IP_ROUTING_RULE_ATTR_DPORT_END, G_VARIANT_TYPE_UINT16), _D(RR_DBUS_ATTR_DPORT_START, NM_IP_ROUTING_RULE_ATTR_DPORT_START, G_VARIANT_TYPE_UINT16), _D(RR_DBUS_ATTR_FAMILY, NM_IP_ROUTING_RULE_ATTR_FAMILY, G_VARIANT_TYPE_INT32), _D(RR_DBUS_ATTR_FROM, NM_IP_ROUTING_RULE_ATTR_FROM, G_VARIANT_TYPE_STRING), _D(RR_DBUS_ATTR_FROM_LEN, NM_IP_ROUTING_RULE_ATTR_FROM_LEN, G_VARIANT_TYPE_BYTE), _D(RR_DBUS_ATTR_FWMARK, NM_IP_ROUTING_RULE_ATTR_FWMARK, G_VARIANT_TYPE_UINT32), _D(RR_DBUS_ATTR_FWMASK, NM_IP_ROUTING_RULE_ATTR_FWMASK, G_VARIANT_TYPE_UINT32), _D(RR_DBUS_ATTR_IIFNAME, NM_IP_ROUTING_RULE_ATTR_IIFNAME, G_VARIANT_TYPE_STRING), _D(RR_DBUS_ATTR_INVERT, NM_IP_ROUTING_RULE_ATTR_INVERT, G_VARIANT_TYPE_BOOLEAN), _D(RR_DBUS_ATTR_IPPROTO, NM_IP_ROUTING_RULE_ATTR_IPPROTO, G_VARIANT_TYPE_BYTE), _D(RR_DBUS_ATTR_OIFNAME, NM_IP_ROUTING_RULE_ATTR_OIFNAME, G_VARIANT_TYPE_STRING), _D(RR_DBUS_ATTR_PRIORITY, NM_IP_ROUTING_RULE_ATTR_PRIORITY, G_VARIANT_TYPE_UINT32), _D(RR_DBUS_ATTR_SPORT_END, NM_IP_ROUTING_RULE_ATTR_SPORT_END, G_VARIANT_TYPE_UINT16), _D(RR_DBUS_ATTR_SPORT_START, NM_IP_ROUTING_RULE_ATTR_SPORT_START, G_VARIANT_TYPE_UINT16), _D(RR_DBUS_ATTR_SUPPRESS_PREFIXLENGTH, NM_IP_ROUTING_RULE_ATTR_SUPPRESS_PREFIXLENGTH, G_VARIANT_TYPE_INT32), _D(RR_DBUS_ATTR_TABLE, NM_IP_ROUTING_RULE_ATTR_TABLE, G_VARIANT_TYPE_UINT32), _D(RR_DBUS_ATTR_TO, NM_IP_ROUTING_RULE_ATTR_TO, G_VARIANT_TYPE_STRING), _D(RR_DBUS_ATTR_TOS, NM_IP_ROUTING_RULE_ATTR_TOS, G_VARIANT_TYPE_BYTE), _D(RR_DBUS_ATTR_TO_LEN, NM_IP_ROUTING_RULE_ATTR_TO_LEN, G_VARIANT_TYPE_BYTE), _D(RR_DBUS_ATTR_UID_RANGE_END, NM_IP_ROUTING_RULE_ATTR_UID_RANGE_END, G_VARIANT_TYPE_UINT32), _D(RR_DBUS_ATTR_UID_RANGE_START, NM_IP_ROUTING_RULE_ATTR_UID_RANGE_START, G_VARIANT_TYPE_UINT32), #undef _D }; static RRDbusAttr _rr_dbus_attr_from_name(const char *name) { gssize idx; nm_assert(name); if (NM_MORE_ASSERT_ONCE(10)) { int i; for (i = 0; i < _RR_DBUS_ATTR_NUM; i++) { nm_assert(rr_dbus_data[i].name); nm_assert(g_variant_type_string_is_valid((const char *) rr_dbus_data[i].dbus_type)); if (i > 0) nm_assert(strcmp(rr_dbus_data[i - 1].name, rr_dbus_data[i].name) < 0); } } idx = nm_utils_array_find_binary_search(rr_dbus_data, sizeof(rr_dbus_data[0]), _RR_DBUS_ATTR_NUM, &name, nm_strcmp_p_with_data, NULL); if (idx < 0) return _RR_DBUS_ATTR_NUM; return idx; } static void _rr_variants_free(GVariant *(*p_variants)[]) { int i; for (i = 0; i < _RR_DBUS_ATTR_NUM; i++) { if ((*p_variants)[i]) g_variant_unref((*p_variants)[i]); } } NMIPRoutingRule * nm_ip_routing_rule_from_dbus(GVariant *variant, gboolean strict, GError **error) { nm_auto(_rr_variants_free) GVariant *variants[_RR_DBUS_ATTR_NUM] = {}; nm_auto_unref_ip_routing_rule NMIPRoutingRule *self = NULL; RRDbusAttr attr; GVariantIter iter; const char * iter_key; GVariant * iter_val; int addr_family; int i; GVariant * v_start; GVariant * v_end; g_variant_iter_init(&iter, variant); while (g_variant_iter_next(&iter, "{&sv}", &iter_key, &iter_val)) { gs_unref_variant GVariant *iter_val2 = iter_val; attr = _rr_dbus_attr_from_name(iter_key); if (attr >= _RR_DBUS_ATTR_NUM) { if (strict) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid key \"%s\""), iter_key); return NULL; } continue; } if (variants[attr]) { if (strict) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("duplicate key %s"), iter_key); return NULL; } g_variant_unref(variants[attr]); } variants[attr] = g_steal_pointer(&iter_val2); } for (attr = 0; attr < _RR_DBUS_ATTR_NUM; attr++) { if (!variants[attr]) continue; if (!g_variant_is_of_type(variants[attr], rr_dbus_data[attr].dbus_type)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid variant type '%s' for \"%s\""), (const char *) rr_dbus_data[attr].dbus_type, rr_dbus_data[attr].name); return NULL; } } if (!variants[RR_DBUS_ATTR_FAMILY]) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("missing \"family\"")); return NULL; } addr_family = g_variant_get_int32(variants[RR_DBUS_ATTR_FAMILY]); if (!NM_IN_SET(addr_family, AF_INET, AF_INET6)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid \"family\"")); return NULL; } self = nm_ip_routing_rule_new(addr_family); if (variants[RR_DBUS_ATTR_PRIORITY]) nm_ip_routing_rule_set_priority(self, g_variant_get_uint32(variants[RR_DBUS_ATTR_PRIORITY])); if (variants[RR_DBUS_ATTR_INVERT]) nm_ip_routing_rule_set_invert(self, g_variant_get_boolean(variants[RR_DBUS_ATTR_INVERT])); if (variants[RR_DBUS_ATTR_TOS]) nm_ip_routing_rule_set_tos(self, g_variant_get_byte(variants[RR_DBUS_ATTR_TOS])); if (variants[RR_DBUS_ATTR_IPPROTO]) nm_ip_routing_rule_set_ipproto(self, g_variant_get_byte(variants[RR_DBUS_ATTR_IPPROTO])); for (i = 0; i < 2; i++) { guint16 start, end; v_start = variants[i ? RR_DBUS_ATTR_SPORT_START : RR_DBUS_ATTR_DPORT_START]; v_end = variants[i ? RR_DBUS_ATTR_SPORT_END : RR_DBUS_ATTR_DPORT_END]; if (!v_start && !v_end) continue; /* if start or end is missing, it defaults to the other parameter, respectively. */ start = g_variant_get_uint16(v_start ?: v_end); if (v_end && v_start) end = g_variant_get_uint16(v_end); else end = start; if (i) nm_ip_routing_rule_set_source_port(self, start, end); else nm_ip_routing_rule_set_destination_port(self, start, end); } v_start = variants[RR_DBUS_ATTR_UID_RANGE_START]; v_end = variants[RR_DBUS_ATTR_UID_RANGE_END]; if (v_start || v_end) { guint32 start, end; /* if start or end is missing, it defaults to the other parameter, respectively. */ start = g_variant_get_uint32(v_start ?: v_end); if (v_end && v_start) end = g_variant_get_uint32(v_end); else end = start; if (end < start) { if (strict) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("\"uid-range-start\" is greater than \"uid-range-end\"")); return FALSE; } } else nm_ip_routing_rule_set_uid_range(self, start, end); } if (variants[RR_DBUS_ATTR_FWMARK] || variants[RR_DBUS_ATTR_FWMASK]) { nm_ip_routing_rule_set_fwmark( self, variants[RR_DBUS_ATTR_FWMARK] ? g_variant_get_uint32(variants[RR_DBUS_ATTR_FWMARK]) : 0u, variants[RR_DBUS_ATTR_FWMASK] ? g_variant_get_uint32(variants[RR_DBUS_ATTR_FWMASK]) : 0u); } if (variants[RR_DBUS_ATTR_FROM] || variants[RR_DBUS_ATTR_FROM_LEN]) { nm_ip_routing_rule_set_from( self, variants[RR_DBUS_ATTR_FROM] ? g_variant_get_string(variants[RR_DBUS_ATTR_FROM], NULL) : NULL, variants[RR_DBUS_ATTR_FROM_LEN] ? g_variant_get_byte(variants[RR_DBUS_ATTR_FROM_LEN]) : 0u); } if (variants[RR_DBUS_ATTR_TO] || variants[RR_DBUS_ATTR_TO_LEN]) { nm_ip_routing_rule_set_to( self, variants[RR_DBUS_ATTR_TO] ? g_variant_get_string(variants[RR_DBUS_ATTR_TO], NULL) : NULL, variants[RR_DBUS_ATTR_TO_LEN] ? g_variant_get_byte(variants[RR_DBUS_ATTR_TO_LEN]) : 0u); } if (variants[RR_DBUS_ATTR_IIFNAME]) nm_ip_routing_rule_set_iifname(self, g_variant_get_string(variants[RR_DBUS_ATTR_IIFNAME], NULL)); if (variants[RR_DBUS_ATTR_OIFNAME]) nm_ip_routing_rule_set_oifname(self, g_variant_get_string(variants[RR_DBUS_ATTR_OIFNAME], NULL)); /* For the ip-rule string format, the table default depends on the action. For * our D-Bus format it's always the same: either a table is specified or it defaults * to zero. And either the action is specified or it defaults to FR_ACT_TO_TBL. */ nm_ip_routing_rule_set_action(self, !variants[RR_DBUS_ATTR_ACTION] ? (guint8) FR_ACT_TO_TBL : g_variant_get_byte(variants[RR_DBUS_ATTR_ACTION])); nm_ip_routing_rule_set_table(self, !variants[RR_DBUS_ATTR_TABLE] ? (guint32) 0 : g_variant_get_uint32(variants[RR_DBUS_ATTR_TABLE])); if (variants[RR_DBUS_ATTR_SUPPRESS_PREFIXLENGTH]) nm_ip_routing_rule_set_suppress_prefixlength( self, g_variant_get_int32(variants[RR_DBUS_ATTR_SUPPRESS_PREFIXLENGTH])); if (strict && !nm_ip_routing_rule_validate(self, error)) return NULL; return g_steal_pointer(&self); } static void _rr_to_dbus_add(GVariantBuilder *builder, RRDbusAttr attr, GVariant *value) { nm_assert(builder); nm_assert(value); nm_assert(g_variant_is_floating(value)); nm_assert(g_variant_is_of_type(value, rr_dbus_data[attr].dbus_type)); g_variant_builder_add(builder, "{sv}", rr_dbus_data[attr].name, value); } GVariant * nm_ip_routing_rule_to_dbus(const NMIPRoutingRule *self) { GVariantBuilder builder; char addr_str[NM_UTILS_INET_ADDRSTRLEN]; g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); g_variant_builder_init(&builder, G_VARIANT_TYPE_VARDICT); _rr_to_dbus_add(&builder, RR_DBUS_ATTR_FAMILY, g_variant_new_int32(_ip_routing_rule_get_addr_family(self))); if (self->invert) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_INVERT, g_variant_new_boolean(TRUE)); if (self->priority_has) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_PRIORITY, g_variant_new_uint32(self->priority)); if (self->tos != 0) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_TOS, g_variant_new_byte(self->tos)); if (self->ipproto != 0) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_IPPROTO, g_variant_new_byte(self->ipproto)); if (self->fwmark != 0) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_FWMARK, g_variant_new_uint32(self->fwmark)); if (self->fwmask != 0) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_FWMASK, g_variant_new_uint32(self->fwmask)); if (self->sport_start != 0 || self->sport_end != 0) { _rr_to_dbus_add(&builder, RR_DBUS_ATTR_SPORT_START, g_variant_new_uint16(self->sport_start)); if (self->sport_start != self->sport_end) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_SPORT_END, g_variant_new_uint16(self->sport_end)); } if (self->dport_start != 0 || self->dport_end != 0) { _rr_to_dbus_add(&builder, RR_DBUS_ATTR_DPORT_START, g_variant_new_uint16(self->dport_start)); if (self->dport_start != self->dport_end) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_DPORT_END, g_variant_new_uint16(self->dport_end)); } if (self->from_has || self->from_len != 0) { _rr_to_dbus_add( &builder, RR_DBUS_ATTR_FROM, g_variant_new_string(self->from_str ?: nm_utils_inet_ntop(_ip_routing_rule_get_addr_family(self), &self->from_bin, addr_str))); _rr_to_dbus_add(&builder, RR_DBUS_ATTR_FROM_LEN, g_variant_new_byte(self->from_len)); } if (self->to_has || self->to_len != 0) { _rr_to_dbus_add( &builder, RR_DBUS_ATTR_TO, g_variant_new_string(self->to_str ?: nm_utils_inet_ntop(_ip_routing_rule_get_addr_family(self), &self->to_bin, addr_str))); _rr_to_dbus_add(&builder, RR_DBUS_ATTR_TO_LEN, g_variant_new_byte(self->to_len)); } if (self->iifname) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_IIFNAME, g_variant_new_string(self->iifname)); if (self->oifname) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_OIFNAME, g_variant_new_string(self->oifname)); if (self->action != FR_ACT_TO_TBL) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_ACTION, g_variant_new_byte(self->action)); if (self->table != 0) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_TABLE, g_variant_new_uint32(self->table)); if (self->suppress_prefixlength != -1) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_SUPPRESS_PREFIXLENGTH, g_variant_new_int32(self->suppress_prefixlength)); if (self->uid_range_has) { _rr_to_dbus_add(&builder, RR_DBUS_ATTR_UID_RANGE_START, g_variant_new_uint32(self->uid_range_start)); if (self->uid_range_start != self->uid_range_end) _rr_to_dbus_add(&builder, RR_DBUS_ATTR_UID_RANGE_END, g_variant_new_uint32(self->uid_range_end)); } return g_variant_builder_end(&builder); } /*****************************************************************************/ static gboolean _rr_string_validate(gboolean for_from /* or else to-string */, NMIPRoutingRuleAsStringFlags to_string_flags, GHashTable * extra_args, GError ** error) { if (NM_FLAGS_ANY(to_string_flags, ~(NM_IP_ROUTING_RULE_AS_STRING_FLAGS_AF_INET | NM_IP_ROUTING_RULE_AS_STRING_FLAGS_AF_INET6 | NM_IP_ROUTING_RULE_AS_STRING_FLAGS_VALIDATE))) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("Unsupported to-string-flags argument")); return FALSE; } if (extra_args && g_hash_table_size(extra_args) > 0) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("Unsupported extra-argument")); return FALSE; } return TRUE; } static int _rr_string_addr_family_from_flags(NMIPRoutingRuleAsStringFlags to_string_flags) { if (NM_FLAGS_HAS(to_string_flags, NM_IP_ROUTING_RULE_AS_STRING_FLAGS_AF_INET)) { if (!NM_FLAGS_HAS(to_string_flags, NM_IP_ROUTING_RULE_AS_STRING_FLAGS_AF_INET6)) return AF_INET; } else if (NM_FLAGS_HAS(to_string_flags, NM_IP_ROUTING_RULE_AS_STRING_FLAGS_AF_INET6)) return AF_INET6; return AF_UNSPEC; } /** * nm_ip_routing_rule_from_string: * @str: the string representation to convert to an #NMIPRoutingRule * @to_string_flags: #NMIPRoutingRuleAsStringFlags for controlling the * string conversion. * @extra_args: (allow-none): extra arguments for controlling the string * conversion. Currently, not extra arguments are supported. * @error: (allow-none) (out): the error reason. * * Returns: (transfer full): the new #NMIPRoutingRule or %NULL on error. * * Since: 1.18 */ NMIPRoutingRule * nm_ip_routing_rule_from_string(const char * str, NMIPRoutingRuleAsStringFlags to_string_flags, GHashTable * extra_args, GError ** error) { nm_auto_unref_ip_routing_rule NMIPRoutingRule *self = NULL; gs_free const char ** tokens = NULL; gsize i_token; gboolean any_words = FALSE; char * word0 = NULL; char * word1 = NULL; char * word_from = NULL; char * word_to = NULL; char * word_iifname = NULL; char * word_oifname = NULL; gint64 i64_priority = -1; gint64 i64_table = -1; gint64 i64_tos = -1; gint64 i64_fwmark = -1; gint64 i64_fwmask = -1; gint64 i64_sport_start = -1; gint64 i64_ipproto = -1; gint64 i64_suppress_prefixlength = -1; guint16 sport_end = 0; gint64 i64_dport_start = -1; int i_action = -1; guint16 dport_end = 0; guint32 uid_range_start = 0; guint32 uid_range_end = 0; gboolean uid_range_has = FALSE; gboolean val_invert = FALSE; int addr_family = AF_UNSPEC; NMIPAddr val_from = {}; NMIPAddr val_to = {}; int val_from_len = -1; int val_to_len = -1; char * s; g_return_val_if_fail(str, NULL); if (!_rr_string_validate(TRUE, to_string_flags, extra_args, error)) return NULL; /* NM_IP_ROUTING_RULE_TO_STRING_TYPE_IPROUTE gives a string representation that is * partly compatibly with iproute2. That is, the part after `ip -[46] rule add $ARGS`. * There are differences though: * * - trying to convert an invalid rule to string may not be possible. The reason is for * example that an invalid rule can have nm_ip_routing_rule_get_from() like "bogus", * but we don't write that as "from bogus". In general, if you try to convert an invalid * rule to string, the operation may fail or the result may itself not be parsable. * Of course, valid rules can be converted to string and read back the same (round-trip). * * - iproute2 in may regards is flexible about the command lines. For example * - for tables it accepts table names from /etc/iproute2/rt_tables. We only * accept the special aliases "main", "local", and "default". * - key names like "preference" can be abbreviated to "pref", we don't do that. * - the "preference"/"priority" may be unspecified, in which kernel automatically * chooses an unused priority (during `ip rule add`). We don't allow for that, the * priority must be explicitly set. * * - iproute2 does not support any escaping. Well, it's the shell that supports quoting * and escaping and splits the command line. We need to split the command line ourself, * but we don't support full shell quotation. * from-string tokenizes words at (ASCII) whitespaces (removing the whitespaces). * It also supports backslash escaping (e.g. to contain whitespace), but it does * not support special escape sequences. Values are taken literally, meaning * "\n\ \111" gives results in "n 111". * The strings really shouldn't contain any special characters that require escaping, * but that's the rule. * This also goes together with the @allow_escaping parameter of nm_utils_strsplit_set(). * If you concatenate multiple rule expressions with a delimiter, the delimiter inside * each word can be backslash escaped, and nm_utils_strsplit_set(allow_escaping=TRUE) will * properly split the words, preserving the backslashes, which then will be removed by * nm_ip_routing_rule_from_string(). */ addr_family = _rr_string_addr_family_from_flags(to_string_flags); tokens = nm_utils_escaped_tokens_split(str, NM_ASCII_SPACES); for (i_token = 0; tokens && tokens[i_token]; i_token++) { char *str_word = (char *) tokens[i_token]; any_words = TRUE; if (!word0) word0 = str_word; else { nm_assert(!word1); word1 = str_word; } /* iproute2 matches keywords with any partial prefix. We don't allow * for that flexibility. */ if (NM_IN_STRSET(word0, "from")) { if (!word1) continue; if (word_from) goto next_fail_word0_duplicate_key; word_from = word1; goto next_words_consumed; } if (NM_IN_STRSET(word0, "to")) { if (!word1) continue; if (word_to) goto next_fail_word0_duplicate_key; word_to = word1; goto next_words_consumed; } if (NM_IN_STRSET(word0, "not")) { /* we accept multiple "not" specifiers. "not not" still means * not. */ val_invert = TRUE; goto next_words_consumed; } if (NM_IN_STRSET(word0, "priority", "order", "pref", "preference")) { if (!word1) continue; if (i64_priority != -1) goto next_fail_word0_duplicate_key; i64_priority = _nm_utils_ascii_str_to_int64(word1, 0, 0, G_MAXUINT32, -1); if (i64_priority == -1) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "table", "lookup")) { if (!word1) continue; if (i64_table != -1) goto next_fail_word0_duplicate_key; i64_table = _nm_utils_ascii_str_to_int64(word1, 0, 0, G_MAXUINT32, -1); if (i64_table == -1) { if (nm_streq(word1, "main")) i64_table = RT_TABLE_MAIN; else if (nm_streq(word1, "local")) i64_table = RT_TABLE_LOCAL; else if (nm_streq(word1, "default")) i64_table = RT_TABLE_DEFAULT; else goto next_fail_word1_invalid_value; } goto next_words_consumed; } if (NM_IN_STRSET(word0, "tos", "dsfield")) { if (!word1) continue; if (i64_tos != -1) goto next_fail_word0_duplicate_key; i64_tos = _nm_utils_ascii_str_to_int64(word1, 16, 0, G_MAXUINT8, -1); if (i64_tos == -1) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "ipproto")) { if (!word1) continue; if (i64_ipproto != -1) goto next_fail_word0_duplicate_key; i64_ipproto = _nm_utils_ascii_str_to_int64(word1, 10, 0, G_MAXUINT8, -1); if (i64_ipproto == -1) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "sport")) { if (!word1) continue; if (i64_sport_start != -1) goto next_fail_word0_duplicate_key; if (!_rr_xport_range_parse(word1, &i64_sport_start, &sport_end)) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "dport")) { if (!word1) continue; if (i64_dport_start != -1) goto next_fail_word0_duplicate_key; if (!_rr_xport_range_parse(word1, &i64_dport_start, &dport_end)) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "fwmark")) { if (!word1) continue; if (i64_fwmark != -1) goto next_fail_word0_duplicate_key; s = strchr(word1, '/'); if (s) *(s++) = '\0'; i64_fwmark = _nm_utils_ascii_str_to_int64(word1, 0, 0, G_MAXUINT32, -1); if (i64_fwmark == -1) goto next_fail_word1_invalid_value; if (s) { i64_fwmask = _nm_utils_ascii_str_to_int64(s, 0, 0, G_MAXUINT32, -1); if (i64_fwmask == -1) goto next_fail_word1_invalid_value; } else i64_fwmask = 0xFFFFFFFFu; goto next_words_consumed; } if (NM_IN_STRSET(word0, "iif", "dev")) { if (!word1) continue; if (word_iifname) goto next_fail_word0_duplicate_key; word_iifname = word1; goto next_words_consumed; } if (NM_IN_STRSET(word0, "oif")) { if (!word1) continue; if (word_oifname) goto next_fail_word0_duplicate_key; word_oifname = word1; goto next_words_consumed; } if (NM_IN_STRSET(word0, "suppress_prefixlength", "sup_pl")) { if (!word1) continue; if (i64_suppress_prefixlength != -1) goto next_fail_word0_duplicate_key; i64_suppress_prefixlength = _nm_utils_ascii_str_to_int64(word1, 0, 0, G_MAXINT32, -1); if (i64_suppress_prefixlength == -1) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (NM_IN_STRSET(word0, "uidrange")) { if (!word1) continue; if (uid_range_has) goto next_fail_word0_duplicate_key; s = strchr(word1, '-'); if (s) (s++)[0] = '\0'; uid_range_start = _nm_utils_ascii_str_to_int64(word1, 0, 0, G_MAXUINT32, 0); if (errno) goto next_fail_word1_invalid_value; if (s) { uid_range_end = _nm_utils_ascii_str_to_int64(s, 0, 0, G_MAXUINT32, 0); if (errno) goto next_fail_word1_invalid_value; if (uid_range_end < uid_range_start) goto next_fail_word1_invalid_value; } else uid_range_end = uid_range_start; uid_range_has = TRUE; goto next_words_consumed; } if (NM_IN_STRSET(word0, "type")) { if (!word1) continue; if (i_action >= 0) goto next_fail_word0_duplicate_key; i_action = nm_net_aux_rtnl_rtntype_a2n(word1); if (i_action < 0) goto next_fail_word1_invalid_value; goto next_words_consumed; } if (i_action < 0) { i_action = nm_net_aux_rtnl_rtntype_a2n(word1); if (i_action >= 0) goto next_words_consumed; } /* also the action is still unsupported. For the moment, we only support * FR_ACT_TO_TBL, which is the default (by not expressing it on the command * line). */ g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("unsupported key \"%s\""), word0); return FALSE; next_fail_word0_duplicate_key: g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("duplicate key \"%s\""), word0); return FALSE; next_fail_word1_invalid_value: g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid value for \"%s\""), word0); return FALSE; next_words_consumed: word0 = NULL; word1 = NULL; } if (!any_words) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("empty text does not describe a rule")); return FALSE; } if (word0) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("missing argument for \"%s\""), word0); return FALSE; } if (!NM_IN_STRSET(word_from, NULL, "all")) { if (!nm_utils_parse_inaddr_prefix_bin(addr_family, word_from, &addr_family, &val_from, &val_from_len)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid \"from\" part")); return FALSE; } if (val_from_len == -1) val_from_len = nm_utils_addr_family_to_size(addr_family) * 8; } if (!NM_IN_STRSET(word_to, NULL, "all")) { if (!nm_utils_parse_inaddr_prefix_bin(addr_family, word_to, &addr_family, &val_to, &val_to_len)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid \"to\" part")); return FALSE; } if (val_to_len == -1) val_to_len = nm_utils_addr_family_to_size(addr_family) * 8; } if (!NM_IN_SET(addr_family, AF_INET, AF_INET6)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("cannot detect address family for rule")); return FALSE; } self = nm_ip_routing_rule_new(addr_family); if (val_invert) self->invert = TRUE; if (i64_priority != -1) nm_ip_routing_rule_set_priority(self, i64_priority); if (i_action >= 0) { nm_ip_routing_rule_set_action(self, i_action); if (i64_table == -1) { if (i_action != FR_ACT_TO_TBL) i64_table = 0; else i64_table = RT_TABLE_MAIN; } } if (i64_tos != -1) nm_ip_routing_rule_set_tos(self, i64_tos); if (i64_ipproto != -1) nm_ip_routing_rule_set_ipproto(self, i64_ipproto); if (i64_fwmark != -1) nm_ip_routing_rule_set_fwmark(self, i64_fwmark, i64_fwmask); if (i64_sport_start != -1) nm_ip_routing_rule_set_source_port(self, i64_sport_start, sport_end); if (i64_dport_start != -1) nm_ip_routing_rule_set_destination_port(self, i64_dport_start, dport_end); if (i64_suppress_prefixlength != -1) nm_ip_routing_rule_set_suppress_prefixlength(self, i64_suppress_prefixlength); if (val_from_len > 0 || (val_from_len == 0 && !nm_ip_addr_is_null(addr_family, &val_from))) { nm_ip_routing_rule_set_from_bin(self, &val_from, val_from_len); } if (val_to_len > 0 || (val_to_len == 0 && !nm_ip_addr_is_null(addr_family, &val_to))) { nm_ip_routing_rule_set_to_bin(self, &val_to, val_to_len); } if (word_iifname) nm_ip_routing_rule_set_iifname(self, word_iifname); if (word_oifname) nm_ip_routing_rule_set_oifname(self, word_oifname); if (i64_table != -1) nm_ip_routing_rule_set_table(self, i64_table); if (uid_range_has) nm_ip_routing_rule_set_uid_range(self, uid_range_start, uid_range_end); if (NM_FLAGS_HAS(to_string_flags, NM_IP_ROUTING_RULE_AS_STRING_FLAGS_VALIDATE)) { gs_free_error GError *local = NULL; if (!nm_ip_routing_rule_validate(self, &local)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("rule is invalid: %s"), local->message); return NULL; } } return g_steal_pointer(&self); } static void _rr_string_append_inet_addr(NMStrBuf * str, gboolean is_from /* or else is-to */, gboolean required, int addr_family, const NMIPAddr *addr_bin, guint8 addr_len) { char addr_str[NM_UTILS_INET_ADDRSTRLEN]; if (addr_len == 0) { if (required) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(str, ' '), "%s %s/0", is_from ? "from" : "to", (addr_family == AF_INET) ? "0.0.0.0" : "::"); } return; } nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(str, ' '), "%s %s", is_from ? "from" : "to", nm_utils_inet_ntop(addr_family, addr_bin, addr_str)); if (addr_len != nm_utils_addr_family_to_size(addr_family) * 8) { nm_str_buf_append_printf(str, "/%u", addr_len); } } /** * nm_ip_routing_rule_to_string: * @self: the #NMIPRoutingRule instance to convert to string. * @to_string_flags: #NMIPRoutingRuleAsStringFlags for controlling the * string conversion. * @extra_args: (allow-none): extra arguments for controlling the string * conversion. Currently, not extra arguments are supported. * @error: (allow-none) (out): the error reason. * * Returns: (transfer full): the string representation or %NULL on error. * * Since: 1.18 */ char * nm_ip_routing_rule_to_string(const NMIPRoutingRule * self, NMIPRoutingRuleAsStringFlags to_string_flags, GHashTable * extra_args, GError ** error) { int addr_family; NMStrBuf str; g_return_val_if_fail(NM_IS_IP_ROUTING_RULE(self, TRUE), NULL); if (!_rr_string_validate(FALSE, to_string_flags, extra_args, error)) return NULL; addr_family = nm_ip_routing_rule_get_addr_family(self); if (!NM_IN_SET(_rr_string_addr_family_from_flags(to_string_flags), AF_UNSPEC, addr_family)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("invalid address family")); return NULL; } /* It is only guaranteed that valid rules can be expressed as string. * * Still, unless requested proceed to convert to string without validating and * hope for the best. * * That is, because self->from_str might contain an invalid IP address (indicated * by self->from_valid). But we don't support serializing such arbitrary strings * as "from %s". */ if (NM_FLAGS_HAS(to_string_flags, NM_IP_ROUTING_RULE_AS_STRING_FLAGS_VALIDATE)) { gs_free_error GError *local = NULL; if (!nm_ip_routing_rule_validate(self, &local)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_FAILED, _("rule is invalid: %s"), local->message); return NULL; } } nm_str_buf_init(&str, NM_UTILS_GET_NEXT_REALLOC_SIZE_32, FALSE); if (self->priority_has) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "priority %u", (guint) self->priority); } if (self->invert) nm_str_buf_append(nm_str_buf_append_required_delimiter(&str, ' '), "not"); _rr_string_append_inet_addr(&str, TRUE, (!self->to_has || !self->to_valid), addr_family, &self->from_bin, (self->from_has && self->from_valid) ? self->from_len : 0); _rr_string_append_inet_addr(&str, FALSE, FALSE, addr_family, &self->to_bin, (self->to_has && self->to_valid) ? self->to_len : 0); if (self->tos != 0) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "tos 0x%02x", (guint) self->tos); } if (self->ipproto != 0) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "ipproto %u", (guint) self->ipproto); } if (self->fwmark != 0 || self->fwmask != 0) { if (self->fwmark != 0) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "fwmark 0x%x", self->fwmark); } else { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "fwmark 0"); } if (self->fwmask != 0xFFFFFFFFu) { if (self->fwmask != 0) nm_str_buf_append_printf(&str, "/0x%x", self->fwmask); else nm_str_buf_append_printf(&str, "/0"); } } if (self->sport_start != 0 || self->sport_end != 0) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "sport %u", self->sport_start); if (self->sport_start != self->sport_end) { nm_str_buf_append_printf(&str, "-%u", self->sport_end); } } if (self->dport_start != 0 || self->dport_end != 0) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "dport %u", self->dport_start); if (self->dport_start != self->dport_end) { nm_str_buf_append_printf(&str, "-%u", self->dport_end); } } if (self->iifname) { nm_str_buf_append(nm_str_buf_append_required_delimiter(&str, ' '), "iif "); nm_utils_escaped_tokens_escape_strbuf(self->iifname, NM_ASCII_SPACES, &str); } if (self->oifname) { nm_str_buf_append(nm_str_buf_append_required_delimiter(&str, ' '), "oif "); nm_utils_escaped_tokens_escape_strbuf(self->oifname, NM_ASCII_SPACES, &str); } if (self->uid_range_has) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "uidrange %u-%u", self->uid_range_start, self->uid_range_end); } if (self->suppress_prefixlength != -1) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "suppress_prefixlength %d", (int) self->suppress_prefixlength); } if (self->table != 0 || self->action == FR_ACT_TO_TBL) { nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "table %u", (guint) self->table); } if (self->action != FR_ACT_TO_TBL) { char sbuf[100]; nm_str_buf_append_printf(nm_str_buf_append_required_delimiter(&str, ' '), "type %s", nm_net_aux_rtnl_rtntype_n2a_maybe_buf(self->action, sbuf)); } return nm_str_buf_finalize(&str, NULL); } /*****************************************************************************/ NM_GOBJECT_PROPERTIES_DEFINE(NMSettingIPConfig, PROP_METHOD, PROP_DNS, PROP_DNS_SEARCH, PROP_DNS_OPTIONS, PROP_DNS_PRIORITY, PROP_ADDRESSES, PROP_GATEWAY, PROP_ROUTES, PROP_ROUTE_METRIC, PROP_ROUTE_TABLE, PROP_IGNORE_AUTO_ROUTES, PROP_IGNORE_AUTO_DNS, PROP_DHCP_HOSTNAME, PROP_DHCP_HOSTNAME_FLAGS, PROP_DHCP_SEND_HOSTNAME, PROP_NEVER_DEFAULT, PROP_MAY_FAIL, PROP_DAD_TIMEOUT, PROP_DHCP_TIMEOUT, PROP_DHCP_IAID, PROP_DHCP_REJECT_SERVERS, ); typedef struct { GPtrArray *dns; /* array of IP address strings */ GPtrArray *dns_search; /* array of domain name strings */ GPtrArray *dns_options; /* array of DNS options */ GPtrArray *addresses; /* array of NMIPAddress */ GPtrArray *routes; /* array of NMIPRoute */ GPtrArray *routing_rules; GArray * dhcp_reject_servers; char * method; char * gateway; char * dhcp_hostname; char * dhcp_iaid; gint64 route_metric; guint dhcp_hostname_flags; int dns_priority; int dad_timeout; int dhcp_timeout; guint32 route_table; bool ignore_auto_routes : 1; bool ignore_auto_dns : 1; bool dhcp_send_hostname : 1; bool never_default : 1; bool may_fail : 1; } NMSettingIPConfigPrivate; G_DEFINE_ABSTRACT_TYPE(NMSettingIPConfig, nm_setting_ip_config, NM_TYPE_SETTING) #define NM_SETTING_IP_CONFIG_GET_PRIVATE(o) \ (G_TYPE_INSTANCE_GET_PRIVATE((o), NM_TYPE_SETTING_IP_CONFIG, NMSettingIPConfigPrivate)) /*****************************************************************************/ #define NM_SETTING_IP_CONFIG_GET_FAMILY(setting) \ (NM_IS_SETTING_IP4_CONFIG(setting) ? AF_INET : AF_INET6) /** * nm_setting_ip_config_get_method: * @setting: the #NMSettingIPConfig * * Returns: the #NMSettingIPConfig:method property of the setting; see * #NMSettingIP4Config and #NMSettingIP6Config for details of the * methods available with each type. **/ const char * nm_setting_ip_config_get_method(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->method; } /** * nm_setting_ip_config_get_num_dns: * @setting: the #NMSettingIPConfig * * Returns: the number of configured DNS servers **/ guint nm_setting_ip_config_get_num_dns(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dns->len; } /** * nm_setting_ip_config_get_dns: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS server to return * * Returns: the IP address of the DNS server at index @idx **/ const char * nm_setting_ip_config_get_dns(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(idx >= 0 && idx < priv->dns->len, NULL); return priv->dns->pdata[idx]; } /** * nm_setting_ip_config_add_dns: * @setting: the #NMSettingIPConfig * @dns: the IP address of the DNS server to add * * Adds a new DNS server to the setting. * * Returns: %TRUE if the DNS server was added; %FALSE if the server was already * known **/ gboolean nm_setting_ip_config_add_dns(NMSettingIPConfig *setting, const char *dns) { NMSettingIPConfigPrivate *priv; char * dns_canonical; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns != NULL, FALSE); g_return_val_if_fail(nm_utils_ipaddr_is_valid(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), dns), FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); dns_canonical = canonicalize_ip(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), dns, FALSE); for (i = 0; i < priv->dns->len; i++) { if (!strcmp(dns_canonical, priv->dns->pdata[i])) { g_free(dns_canonical); return FALSE; } } g_ptr_array_add(priv->dns, dns_canonical); _notify(setting, PROP_DNS); return TRUE; } /** * nm_setting_ip_config_remove_dns: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS server to remove * * Removes the DNS server at index @idx. **/ void nm_setting_ip_config_remove_dns(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(idx >= 0 && idx < priv->dns->len); g_ptr_array_remove_index(priv->dns, idx); _notify(setting, PROP_DNS); } /** * nm_setting_ip_config_remove_dns_by_value: * @setting: the #NMSettingIPConfig * @dns: the DNS server to remove * * Removes the DNS server @dns. * * Returns: %TRUE if the DNS server was found and removed; %FALSE if it was not. **/ gboolean nm_setting_ip_config_remove_dns_by_value(NMSettingIPConfig *setting, const char *dns) { NMSettingIPConfigPrivate *priv; char * dns_canonical; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns != NULL, FALSE); g_return_val_if_fail(nm_utils_ipaddr_is_valid(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), dns), FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); dns_canonical = canonicalize_ip(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), dns, FALSE); for (i = 0; i < priv->dns->len; i++) { if (!strcmp(dns_canonical, priv->dns->pdata[i])) { g_ptr_array_remove_index(priv->dns, i); _notify(setting, PROP_DNS); g_free(dns_canonical); return TRUE; } } g_free(dns_canonical); return FALSE; } /** * nm_setting_ip_config_clear_dns: * @setting: the #NMSettingIPConfig * * Removes all configured DNS servers. **/ void nm_setting_ip_config_clear_dns(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (priv->dns->len != 0) { g_ptr_array_set_size(priv->dns, 0); _notify(setting, PROP_DNS); } } /** * nm_setting_ip_config_get_num_dns_searches: * @setting: the #NMSettingIPConfig * * Returns: the number of configured DNS search domains **/ guint nm_setting_ip_config_get_num_dns_searches(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dns_search->len; } /** * nm_setting_ip_config_get_dns_search: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS search domain to return * * Returns: the DNS search domain at index @idx **/ const char * nm_setting_ip_config_get_dns_search(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(idx >= 0 && idx < priv->dns_search->len, NULL); return priv->dns_search->pdata[idx]; } /** * nm_setting_ip_config_add_dns_search: * @setting: the #NMSettingIPConfig * @dns_search: the search domain to add * * Adds a new DNS search domain to the setting. * * Returns: %TRUE if the DNS search domain was added; %FALSE if the search * domain was already known **/ gboolean nm_setting_ip_config_add_dns_search(NMSettingIPConfig *setting, const char *dns_search) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns_search != NULL, FALSE); g_return_val_if_fail(dns_search[0] != '\0', FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->dns_search->len; i++) { if (!strcmp(dns_search, priv->dns_search->pdata[i])) return FALSE; } g_ptr_array_add(priv->dns_search, g_strdup(dns_search)); _notify(setting, PROP_DNS_SEARCH); return TRUE; } /** * nm_setting_ip_config_remove_dns_search: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS search domain * * Removes the DNS search domain at index @idx. **/ void nm_setting_ip_config_remove_dns_search(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(idx >= 0 && idx < priv->dns_search->len); g_ptr_array_remove_index(priv->dns_search, idx); _notify(setting, PROP_DNS_SEARCH); } /** * nm_setting_ip_config_remove_dns_search_by_value: * @setting: the #NMSettingIPConfig * @dns_search: the search domain to remove * * Removes the DNS search domain @dns_search. * * Returns: %TRUE if the DNS search domain was found and removed; %FALSE if it was not. **/ gboolean nm_setting_ip_config_remove_dns_search_by_value(NMSettingIPConfig *setting, const char *dns_search) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns_search != NULL, FALSE); g_return_val_if_fail(dns_search[0] != '\0', FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->dns_search->len; i++) { if (!strcmp(dns_search, priv->dns_search->pdata[i])) { g_ptr_array_remove_index(priv->dns_search, i); _notify(setting, PROP_DNS_SEARCH); return TRUE; } } return FALSE; } /** * nm_setting_ip_config_clear_dns_searches: * @setting: the #NMSettingIPConfig * * Removes all configured DNS search domains. **/ void nm_setting_ip_config_clear_dns_searches(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (priv->dns_search->len != 0) { g_ptr_array_set_size(priv->dns_search, 0); _notify(setting, PROP_DNS_SEARCH); } } /** * nm_setting_ip_config_get_num_dns_options: * @setting: the #NMSettingIPConfig * * Returns: the number of configured DNS options * * Since: 1.2 **/ guint nm_setting_ip_config_get_num_dns_options(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); return priv->dns_options ? priv->dns_options->len : 0; } /** * nm_setting_ip_config_has_dns_options: * @setting: the #NMSettingIPConfig * * NMSettingIPConfig can have a list of dns-options. If the list * is empty, there are two similar (but differentiated) states. * Either the options are explicitly set to have no values, * or the options are left undefined. The latter means to use * a default configuration, while the former explicitly means "no-options". * * Returns: whether DNS options are initialized or left unset (the default). **/ gboolean nm_setting_ip_config_has_dns_options(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return !!NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dns_options; } /** * nm_setting_ip_config_get_dns_option: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS option * * Returns: the DNS option at index @idx * * Since: 1.2 **/ const char * nm_setting_ip_config_get_dns_option(NMSettingIPConfig *setting, guint idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(priv->dns_options, NULL); g_return_val_if_fail(idx < priv->dns_options->len, NULL); return priv->dns_options->pdata[idx]; } /** * nm_setting_ip_config_next_valid_dns_option: * @setting: the #NMSettingIPConfig * @idx: index to start the search from * * Returns: the index, greater or equal than @idx, of the first valid * DNS option, or -1 if no valid option is found **/ int nm_setting_ip_config_next_valid_dns_option(NMSettingIPConfig *setting, guint idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), -1); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (!priv->dns_options) return -1; for (; idx < priv->dns_options->len; idx++) { if (_nm_utils_dns_option_validate(priv->dns_options->pdata[idx], NULL, NULL, NM_IS_SETTING_IP6_CONFIG(setting), _nm_utils_dns_option_descs)) return idx; } return -1; } /** * nm_setting_ip_config_add_dns_option: * @setting: the #NMSettingIPConfig * @dns_option: the DNS option to add * * Adds a new DNS option to the setting. * * Returns: %TRUE if the DNS option was added; %FALSE otherwise * * Since: 1.2 **/ gboolean nm_setting_ip_config_add_dns_option(NMSettingIPConfig *setting, const char *dns_option) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns_option != NULL, FALSE); g_return_val_if_fail(dns_option[0] != '\0', FALSE); if (!_nm_utils_dns_option_validate(dns_option, NULL, NULL, FALSE, NULL)) return FALSE; priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (!priv->dns_options) priv->dns_options = g_ptr_array_new_with_free_func(g_free); else { if (_nm_utils_dns_option_find_idx(priv->dns_options, dns_option) >= 0) return FALSE; } g_ptr_array_add(priv->dns_options, g_strdup(dns_option)); _notify(setting, PROP_DNS_OPTIONS); return TRUE; } /** * nm_setting_ip_config_remove_dns_option: * @setting: the #NMSettingIPConfig * @idx: index number of the DNS option * * Removes the DNS option at index @idx. * * Since: 1.2 **/ void nm_setting_ip_config_remove_dns_option(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(priv->dns_options); g_return_if_fail(idx >= 0 && idx < priv->dns_options->len); g_ptr_array_remove_index(priv->dns_options, idx); _notify(setting, PROP_DNS_OPTIONS); } /** * nm_setting_ip_config_remove_dns_option_by_value: * @setting: the #NMSettingIPConfig * @dns_option: the DNS option to remove * * Removes the DNS option @dns_option. * * Returns: %TRUE if the DNS option was found and removed; %FALSE if it was not. * * Since: 1.2 **/ gboolean nm_setting_ip_config_remove_dns_option_by_value(NMSettingIPConfig *setting, const char *dns_option) { NMSettingIPConfigPrivate *priv; gssize i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(dns_option != NULL, FALSE); g_return_val_if_fail(dns_option[0] != '\0', FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (!priv->dns_options) return FALSE; i = _nm_utils_dns_option_find_idx(priv->dns_options, dns_option); if (i >= 0) { g_ptr_array_remove_index(priv->dns_options, i); _notify(setting, PROP_DNS_OPTIONS); return TRUE; } return FALSE; } /** * nm_setting_ip_config_clear_dns_options: * @setting: the #NMSettingIPConfig * @is_set: the dns-options can be either empty or unset (default). * Specify how to clear the options. * * Removes all configured DNS options. * * Since: 1.2 **/ void nm_setting_ip_config_clear_dns_options(NMSettingIPConfig *setting, gboolean is_set) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (!priv->dns_options) { if (!is_set) return; priv->dns_options = g_ptr_array_new_with_free_func(g_free); } else { if (!is_set) { g_ptr_array_unref(priv->dns_options); priv->dns_options = NULL; } else { if (priv->dns_options->len == 0) return; g_ptr_array_set_size(priv->dns_options, 0); } } _notify(setting, PROP_DNS_OPTIONS); } /** * nm_setting_ip_config_get_dns_priority: * @setting: the #NMSettingIPConfig * * Returns: the priority of DNS servers * * Since: 1.4 **/ int nm_setting_ip_config_get_dns_priority(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dns_priority; } /** * nm_setting_ip_config_get_num_addresses: * @setting: the #NMSettingIPConfig * * Returns: the number of configured addresses **/ guint nm_setting_ip_config_get_num_addresses(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->addresses->len; } /** * nm_setting_ip_config_get_address: * @setting: the #NMSettingIPConfig * @idx: index number of the address to return * * Returns: (transfer none): the address at index @idx **/ NMIPAddress * nm_setting_ip_config_get_address(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(idx >= 0 && idx < priv->addresses->len, NULL); return priv->addresses->pdata[idx]; } /** * nm_setting_ip_config_add_address: * @setting: the #NMSettingIPConfig * @address: the new address to add * * Adds a new IP address and associated information to the setting. The * given address is duplicated internally and is not changed by this function. * * Returns: %TRUE if the address was added; %FALSE if the address was already * known. **/ gboolean nm_setting_ip_config_add_address(NMSettingIPConfig *setting, NMIPAddress *address) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(address != NULL, FALSE); g_return_val_if_fail(address->family == NM_SETTING_IP_CONFIG_GET_FAMILY(setting), FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->addresses->len; i++) { if (nm_ip_address_equal(priv->addresses->pdata[i], address)) return FALSE; } g_ptr_array_add(priv->addresses, nm_ip_address_dup(address)); _notify(setting, PROP_ADDRESSES); return TRUE; } /** * nm_setting_ip_config_remove_address: * @setting: the #NMSettingIPConfig * @idx: index number of the address to remove * * Removes the address at index @idx. **/ void nm_setting_ip_config_remove_address(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(idx >= 0 && idx < priv->addresses->len); g_ptr_array_remove_index(priv->addresses, idx); _notify(setting, PROP_ADDRESSES); } /** * nm_setting_ip_config_remove_address_by_value: * @setting: the #NMSettingIPConfig * @address: the IP address to remove * * Removes the address @address. * * Returns: %TRUE if the address was found and removed; %FALSE if it was not. **/ gboolean nm_setting_ip_config_remove_address_by_value(NMSettingIPConfig *setting, NMIPAddress *address) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(address != NULL, FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->addresses->len; i++) { if (nm_ip_address_equal(priv->addresses->pdata[i], address)) { g_ptr_array_remove_index(priv->addresses, i); _notify(setting, PROP_ADDRESSES); return TRUE; } } return FALSE; } /** * nm_setting_ip_config_clear_addresses: * @setting: the #NMSettingIPConfig * * Removes all configured addresses. **/ void nm_setting_ip_config_clear_addresses(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); if (priv->addresses->len != 0) { g_ptr_array_set_size(priv->addresses, 0); _notify(setting, PROP_ADDRESSES); } } /** * nm_setting_ip_config_get_gateway: * @setting: the #NMSettingIPConfig * * Returns: the IP address of the gateway associated with this configuration, or * %NULL. **/ const char * nm_setting_ip_config_get_gateway(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->gateway; } /** * nm_setting_ip_config_get_num_routes: * @setting: the #NMSettingIPConfig * * Returns: the number of configured routes **/ guint nm_setting_ip_config_get_num_routes(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->routes->len; } /** * nm_setting_ip_config_get_route: * @setting: the #NMSettingIPConfig * @idx: index number of the route to return * * Returns: (transfer none): the route at index @idx **/ NMIPRoute * nm_setting_ip_config_get_route(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(idx >= 0 && idx < priv->routes->len, NULL); return priv->routes->pdata[idx]; } /** * nm_setting_ip_config_add_route: * @setting: the #NMSettingIPConfig * @route: the route to add * * Appends a new route and associated information to the setting. The * given route is duplicated internally and is not changed by this function. * If an identical route (considering attributes as well) already exists, the * route is not added and the function returns %FALSE. * * Note that before 1.10, this function would not consider route attributes * and not add a route that has an existing route with same dest/prefix,next_hop,metric * parameters. * * Returns: %TRUE if the route was added; %FALSE if the route was already known. **/ gboolean nm_setting_ip_config_add_route(NMSettingIPConfig *setting, NMIPRoute *route) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(route != NULL, FALSE); g_return_val_if_fail(route->family == NM_SETTING_IP_CONFIG_GET_FAMILY(setting), FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->routes->len; i++) { if (nm_ip_route_equal_full(priv->routes->pdata[i], route, NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS)) return FALSE; } g_ptr_array_add(priv->routes, nm_ip_route_dup(route)); _notify(setting, PROP_ROUTES); return TRUE; } /** * nm_setting_ip_config_remove_route: * @setting: the #NMSettingIPConfig * @idx: index number of the route * * Removes the route at index @idx. **/ void nm_setting_ip_config_remove_route(NMSettingIPConfig *setting, int idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(idx >= 0 && idx < priv->routes->len); g_ptr_array_remove_index(priv->routes, idx); _notify(setting, PROP_ROUTES); } /** * nm_setting_ip_config_remove_route_by_value: * @setting: the #NMSettingIPConfig * @route: the route to remove * * Removes the first matching route that matches @route. * Note that before 1.10, this function would only compare dest/prefix,next_hop,metric * and ignore route attributes. Now, @route must match exactly. * * Returns: %TRUE if the route was found and removed; %FALSE if it was not. **/ gboolean nm_setting_ip_config_remove_route_by_value(NMSettingIPConfig *setting, NMIPRoute *route) { NMSettingIPConfigPrivate *priv; guint i; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); g_return_val_if_fail(route != NULL, FALSE); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); for (i = 0; i < priv->routes->len; i++) { if (nm_ip_route_equal_full(priv->routes->pdata[i], route, NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS)) { g_ptr_array_remove_index(priv->routes, i); _notify(setting, PROP_ROUTES); return TRUE; } } return FALSE; } /** * nm_setting_ip_config_clear_routes: * @setting: the #NMSettingIPConfig * * Removes all configured routes. **/ void nm_setting_ip_config_clear_routes(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); if (priv->routes->len != 0) { g_ptr_array_set_size(priv->routes, 0); _notify(setting, PROP_ROUTES); } } /** * nm_setting_ip_config_get_route_metric: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:route-metric * property. * * Returns: the route metric that is used for routes that don't explicitly * specify a metric. See #NMSettingIPConfig:route-metric for more details. **/ gint64 nm_setting_ip_config_get_route_metric(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), -1); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->route_metric; } /** * nm_setting_ip_config_get_route_table: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:route-table * property. * * Returns: the configured route-table. * * Since: 1.10 **/ guint32 nm_setting_ip_config_get_route_table(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->route_table; } /*****************************************************************************/ static void _routing_rules_notify(NMSettingIPConfig *setting) { _nm_setting_emit_property_changed(NM_SETTING(setting)); } /** * nm_setting_ip_config_get_num_routing_rules: * @setting: the #NMSettingIPConfig * * Returns: the number of configured routing rules * * Since: 1.18 **/ guint nm_setting_ip_config_get_num_routing_rules(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); return priv->routing_rules ? priv->routing_rules->len : 0u; } /** * nm_setting_ip_config_get_routing_rule: * @setting: the #NMSettingIPConfig * @idx: index number of the routing_rule to return * * Returns: (transfer none): the routing rule at index @idx * * Since: 1.18 **/ NMIPRoutingRule * nm_setting_ip_config_get_routing_rule(NMSettingIPConfig *setting, guint idx) { NMSettingIPConfigPrivate *priv; g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_val_if_fail(priv->routing_rules && idx < priv->routing_rules->len, NULL); return priv->routing_rules->pdata[idx]; } /** * nm_setting_ip_config_add_routing_rule: * @setting: the #NMSettingIPConfig * @routing_rule: the #NMIPRoutingRule to add. The address family * of the added rule must be compatible with the setting. * * Appends a new routing-rule and associated information to the setting. The * given routing rules gets sealed and the reference count is incremented. * The function does not check whether an identical rule already exists * and always appends the rule to the end of the list. * * Since: 1.18 **/ void nm_setting_ip_config_add_routing_rule(NMSettingIPConfig *setting, NMIPRoutingRule *routing_rule) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); g_return_if_fail(NM_IS_IP_ROUTING_RULE(routing_rule, TRUE)); g_return_if_fail(_ip_routing_rule_get_addr_family(routing_rule) == NM_SETTING_IP_CONFIG_GET_FAMILY(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (!priv->routing_rules) priv->routing_rules = g_ptr_array_new_with_free_func((GDestroyNotify) nm_ip_routing_rule_unref); nm_ip_routing_rule_seal(routing_rule); g_ptr_array_add(priv->routing_rules, nm_ip_routing_rule_ref(routing_rule)); _routing_rules_notify(setting); } /** * nm_setting_ip_config_remove_routing_rule: * @setting: the #NMSettingIPConfig * @idx: index number of the routing_rule * * Removes the routing_rule at index @idx. * * Since: 1.18 **/ void nm_setting_ip_config_remove_routing_rule(NMSettingIPConfig *setting, guint idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(priv->routing_rules && idx < priv->routing_rules->len); g_ptr_array_remove_index(priv->routing_rules, idx); _routing_rules_notify(setting); } /** * nm_setting_ip_config_clear_routing_rules: * @setting: the #NMSettingIPConfig * * Removes all configured routing rules. * * Since: 1.18 **/ void nm_setting_ip_config_clear_routing_rules(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); if (priv->routing_rules && priv->routing_rules->len > 0) { g_ptr_array_set_size(priv->routing_rules, 0); _routing_rules_notify(setting); } } static GVariant * _routing_rules_dbus_only_synth(const NMSettInfoSetting * sett_info, guint property_idx, NMConnection * connection, NMSetting * setting, NMConnectionSerializationFlags flags, const NMConnectionSerializationOptions *options) { NMSettingIPConfig * self = NM_SETTING_IP_CONFIG(setting); NMSettingIPConfigPrivate *priv; GVariantBuilder builder; gboolean any = FALSE; guint i; priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(self); if (!priv->routing_rules || priv->routing_rules->len == 0) return NULL; for (i = 0; i < priv->routing_rules->len; i++) { GVariant *variant; variant = nm_ip_routing_rule_to_dbus(priv->routing_rules->pdata[i]); if (!variant) continue; if (!any) { any = TRUE; g_variant_builder_init(&builder, G_VARIANT_TYPE("aa{sv}")); } g_variant_builder_add(&builder, "@a{sv}", variant); } return any ? g_variant_builder_end(&builder) : NULL; } static gboolean _routing_rules_dbus_only_set(NMSetting * setting, GVariant * connection_dict, const char * property, GVariant * value, NMSettingParseFlags parse_flags, GError ** error) { GVariantIter iter_rules; GVariant * rule_var; guint i_rule; gboolean success = FALSE; gboolean rules_changed = FALSE; nm_assert(g_variant_is_of_type(value, G_VARIANT_TYPE("aa{sv}"))); g_variant_iter_init(&iter_rules, value); i_rule = 0; while (g_variant_iter_next(&iter_rules, "@a{sv}", &rule_var)) { _nm_unused gs_unref_variant GVariant *rule_var_unref = rule_var; nm_auto_unref_ip_routing_rule NMIPRoutingRule *rule = NULL; gs_free_error GError *local = NULL; i_rule++; rule = nm_ip_routing_rule_from_dbus(rule_var, NM_FLAGS_HAS(parse_flags, NM_SETTING_PARSE_FLAGS_STRICT), &local); if (!rule) { if (NM_FLAGS_HAS(parse_flags, NM_SETTING_PARSE_FLAGS_STRICT)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_PROPERTY, _("rule #%u is invalid: %s"), i_rule, local->message); goto out; } continue; } nm_setting_ip_config_add_routing_rule(NM_SETTING_IP_CONFIG(setting), rule); rules_changed = TRUE; } success = TRUE; out: if (rules_changed) _routing_rules_notify(NM_SETTING_IP_CONFIG(setting)); return success; } /*****************************************************************************/ /** * nm_setting_ip_config_get_ignore_auto_routes: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:ignore-auto-routes * property. * * Returns: %TRUE if automatically configured (ie via DHCP) routes should be * ignored. **/ gboolean nm_setting_ip_config_get_ignore_auto_routes(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->ignore_auto_routes; } /** * nm_setting_ip_config_get_ignore_auto_dns: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:ignore-auto-dns * property. * * Returns: %TRUE if automatically configured (ie via DHCP) DNS information * should be ignored. **/ gboolean nm_setting_ip_config_get_ignore_auto_dns(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->ignore_auto_dns; } /** * nm_setting_ip_config_get_dhcp_hostname: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:dhcp-hostname * property. * * Returns: the configured hostname to send to the DHCP server **/ const char * nm_setting_ip_config_get_dhcp_hostname(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_hostname; } /** * nm_setting_ip_config_get_dhcp_send_hostname: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:dhcp-send-hostname * property. * * Returns: %TRUE if NetworkManager should send the machine hostname to the * DHCP server when requesting addresses to allow the server to automatically * update DNS information for this machine. **/ gboolean nm_setting_ip_config_get_dhcp_send_hostname(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_send_hostname; } /** * nm_setting_ip_config_get_never_default: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:never-default * property. * * Returns: %TRUE if this connection should never be the default * connection **/ gboolean nm_setting_ip_config_get_never_default(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->never_default; } /** * nm_setting_ip_config_get_may_fail: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:may-fail * property. * * Returns: %TRUE if this connection doesn't require this type of IP * addressing to complete for the connection to succeed. **/ gboolean nm_setting_ip_config_get_may_fail(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), FALSE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->may_fail; } /** * nm_setting_ip_config_get_dad_timeout: * @setting: the #NMSettingIPConfig * * Returns: the #NMSettingIPConfig:dad-timeout property. * * Since: 1.2 **/ int nm_setting_ip_config_get_dad_timeout(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dad_timeout; } /** * nm_setting_ip_config_get_dhcp_hostname_flags: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:dhcp-hostname-flags * property. * * Returns: flags for the DHCP hostname and FQDN * * Since: 1.22 */ NMDhcpHostnameFlags nm_setting_ip_config_get_dhcp_hostname_flags(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NM_DHCP_HOSTNAME_FLAG_NONE); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_hostname_flags; } /** * nm_setting_ip_config_get_dhcp_timeout: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:dhcp-timeout * property. * * Returns: the configured DHCP timeout in seconds. 0 = default for * the particular kind of device. * * Since: 1.2 **/ int nm_setting_ip_config_get_dhcp_timeout(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), 0); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_timeout; } /** * nm_setting_ip_config_get_dhcp_iaid: * @setting: the #NMSettingIPConfig * * Returns the value contained in the #NMSettingIPConfig:dhcp-iaid * property. * * Returns: the configured DHCP IAID (Identity Association Identifier) * * Since: 1.22 **/ const char * nm_setting_ip_config_get_dhcp_iaid(NMSettingIPConfig *setting) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_iaid; } /** * nm_setting_ip_config_get_dhcp_reject_servers: * @setting: the #NMSettingIPConfig * @out_len: (allow-none) (out): the number of returned elements * * Returns: (array length=out_len zero-terminated=1) (transfer none): * A %NULL terminated array of DHCP reject servers. Even if no reject * servers are configured, this always returns a non %NULL value. * * Since: 1.28 */ const char *const * nm_setting_ip_config_get_dhcp_reject_servers(NMSettingIPConfig *setting, guint *out_len) { g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NULL); return nm_strvarray_get_strv(&NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_reject_servers, out_len); } /** * nm_setting_ip_config_add_dhcp_reject_server: * @setting: the #NMSettingIPConfig * @server: the DHCP reject server to add * * Adds a new DHCP reject server to the setting. * * Since: 1.28 **/ void nm_setting_ip_config_add_dhcp_reject_server(NMSettingIPConfig *setting, const char *server) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); g_return_if_fail(server != NULL); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); nm_strvarray_add(nm_strvarray_ensure(&priv->dhcp_reject_servers), server); _notify(setting, PROP_DHCP_REJECT_SERVERS); } /** * nm_setting_ip_config_remove_dhcp_reject_server: * @setting: the #NMSettingIPConfig * @idx: index number of the DHCP reject server * * Removes the DHCP reject server at index @idx. * * Since: 1.28 **/ void nm_setting_ip_config_remove_dhcp_reject_server(NMSettingIPConfig *setting, guint idx) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); g_return_if_fail(priv->dhcp_reject_servers && idx < priv->dhcp_reject_servers->len); g_array_remove_index(priv->dhcp_reject_servers, idx); _notify(setting, PROP_DHCP_REJECT_SERVERS); } /** * nm_setting_ip_config_clear_dhcp_reject_servers: * @setting: the #NMSettingIPConfig * * Removes all configured DHCP reject servers. * * Since: 1.28 **/ void nm_setting_ip_config_clear_dhcp_reject_servers(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv; g_return_if_fail(NM_IS_SETTING_IP_CONFIG(setting)); priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); if (nm_g_array_len(priv->dhcp_reject_servers) != 0) { nm_clear_pointer(&priv->dhcp_reject_servers, g_array_unref); _notify(setting, PROP_DHCP_REJECT_SERVERS); } } static gboolean verify_label(const char *label) { const char *p; char * iface; p = strchr(label, ':'); if (!p) return FALSE; iface = g_strndup(label, p - label); if (!nm_utils_ifname_valid_kernel(iface, NULL)) { g_free(iface); return FALSE; } g_free(iface); for (p++; *p; p++) { if (!g_ascii_isalnum(*p) && *p != '_') return FALSE; } return TRUE; } static gboolean verify(NMSetting *setting, NMConnection *connection, GError **error) { NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); guint i; if (!priv->method) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_MISSING_PROPERTY, _("property is missing")); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_METHOD); return FALSE; } if (priv->dhcp_hostname && !*priv->dhcp_hostname) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("property is empty")); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_HOSTNAME); return FALSE; } /* Validate DNS */ for (i = 0; i < priv->dns->len; i++) { const char *dns = priv->dns->pdata[i]; if (!nm_utils_ipaddr_is_valid(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), dns)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%d. DNS server address is invalid"), (int) (i + 1)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DNS); return FALSE; } } /* Validate addresses */ for (i = 0; i < priv->addresses->len; i++) { NMIPAddress *addr = (NMIPAddress *) priv->addresses->pdata[i]; GVariant * label; if (nm_ip_address_get_family(addr) != NM_SETTING_IP_CONFIG_GET_FAMILY(setting)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%d. IP address is invalid"), (int) (i + 1)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ADDRESSES); return FALSE; } label = nm_ip_address_get_attribute(addr, NM_IP_ADDRESS_ATTRIBUTE_LABEL); if (label) { if (!g_variant_is_of_type(label, G_VARIANT_TYPE_STRING)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%d. IP address has 'label' property with invalid type"), (int) (i + 1)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ADDRESSES); return FALSE; } if (!verify_label(g_variant_get_string(label, NULL))) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%d. IP address has invalid label '%s'"), (int) (i + 1), g_variant_get_string(label, NULL)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ADDRESSES); return FALSE; } } } /* Validate gateway */ if (priv->gateway) { if (!priv->addresses->len) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("gateway cannot be set if there are no addresses configured")); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_GATEWAY); return FALSE; } if (!nm_utils_ipaddr_is_valid(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), priv->gateway)) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("gateway is invalid")); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_GATEWAY); return FALSE; } } /* Validate routes */ for (i = 0; i < priv->routes->len; i++) { gs_free_error GError *local = NULL; NMIPRoute * route = (NMIPRoute *) priv->routes->pdata[i]; if (nm_ip_route_get_family(route) != NM_SETTING_IP_CONFIG_GET_FAMILY(setting)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%d. route is invalid"), (int) (i + 1)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ROUTES); return FALSE; } if (!_nm_ip_route_attribute_validate_all(route, &local)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("invalid attribute: %s"), local->message); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ROUTES); return FALSE; } } if (priv->routing_rules) { for (i = 0; i < priv->routing_rules->len; i++) { NMIPRoutingRule *rule = priv->routing_rules->pdata[i]; gs_free_error GError *local = NULL; if (_ip_routing_rule_get_addr_family(rule) != NM_SETTING_IP_CONFIG_GET_FAMILY(setting)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%u. rule has wrong address-family"), i + 1); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ROUTING_RULES); return FALSE; } if (!nm_ip_routing_rule_validate(rule, &local)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("%u. rule is invalid: %s"), i + 1, local->message); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_ROUTES); return FALSE; } } } if (priv->dhcp_iaid && !_nm_utils_iaid_verify(priv->dhcp_iaid, NULL)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("'%s' is not a valid IAID"), priv->dhcp_iaid); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_IAID); return FALSE; } /* Validate DHCP hostname flags */ if (priv->dhcp_hostname_flags != NM_DHCP_HOSTNAME_FLAG_NONE && !priv->dhcp_send_hostname) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("the property cannot be set when '%s' is disabled"), NM_SETTING_IP_CONFIG_DHCP_SEND_HOSTNAME); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_HOSTNAME_FLAGS); return FALSE; } if (!_nm_utils_validate_dhcp_hostname_flags(priv->dhcp_hostname_flags, NM_SETTING_IP_CONFIG_GET_FAMILY(setting), error)) { g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_HOSTNAME_FLAGS); return FALSE; } /* Validate reject servers */ if (priv->dhcp_reject_servers && priv->dhcp_reject_servers->len != 0) { if (NM_SETTING_IP_CONFIG_GET_FAMILY(setting) != AF_INET) { g_set_error_literal(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("the property is currently supported only for DHCPv4")); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_REJECT_SERVERS); return FALSE; } for (i = 0; i < priv->dhcp_reject_servers->len; i++) { if (!nm_utils_parse_inaddr_prefix( NM_SETTING_IP_CONFIG_GET_FAMILY(setting), g_array_index(priv->dhcp_reject_servers, const char *, i), NULL, NULL)) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("'%s' is not a valid IP or subnet"), g_array_index(priv->dhcp_reject_servers, const char *, i)); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_DHCP_REJECT_SERVERS); return FALSE; } } } /* Normalizable errors */ if (priv->gateway && priv->never_default) { g_set_error(error, NM_CONNECTION_ERROR, NM_CONNECTION_ERROR_INVALID_PROPERTY, _("a gateway is incompatible with '%s'"), NM_SETTING_IP_CONFIG_NEVER_DEFAULT); g_prefix_error(error, "%s.%s: ", nm_setting_get_name(setting), NM_SETTING_IP_CONFIG_GATEWAY); return NM_SETTING_VERIFY_NORMALIZABLE_ERROR; } return TRUE; } static NMTernary compare_property(const NMSettInfoSetting *sett_info, guint property_idx, NMConnection * con_a, NMSetting * set_a, NMConnection * con_b, NMSetting * set_b, NMSettingCompareFlags flags) { NMSettingIPConfigPrivate *a_priv; NMSettingIPConfigPrivate *b_priv; guint i; if (nm_streq(sett_info->property_infos[property_idx].name, NM_SETTING_IP_CONFIG_ADDRESSES)) { if (set_b) { a_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_a); b_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_b); if (a_priv->addresses->len != b_priv->addresses->len) return FALSE; for (i = 0; i < a_priv->addresses->len; i++) { if (nm_ip_address_cmp_full(a_priv->addresses->pdata[i], b_priv->addresses->pdata[i], NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS) != 0) return FALSE; } } return TRUE; } if (nm_streq(sett_info->property_infos[property_idx].name, NM_SETTING_IP_CONFIG_ROUTES)) { if (set_b) { a_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_a); b_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_b); if (a_priv->routes->len != b_priv->routes->len) return FALSE; for (i = 0; i < a_priv->routes->len; i++) { if (!nm_ip_route_equal_full(a_priv->routes->pdata[i], b_priv->routes->pdata[i], NM_IP_ROUTE_EQUAL_CMP_FLAGS_WITH_ATTRS)) return FALSE; } } return TRUE; } if (nm_streq(sett_info->property_infos[property_idx].name, NM_SETTING_IP_CONFIG_ROUTING_RULES)) { if (set_b) { guint n; a_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_a); b_priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(set_b); n = (a_priv->routing_rules) ? a_priv->routing_rules->len : 0u; if (n != (b_priv->routing_rules ? b_priv->routing_rules->len : 0u)) return FALSE; for (i = 0; i < n; i++) { if (nm_ip_routing_rule_cmp(a_priv->routing_rules->pdata[i], b_priv->routing_rules->pdata[i]) != 0) return FALSE; } } return TRUE; } return NM_SETTING_CLASS(nm_setting_ip_config_parent_class) ->compare_property(sett_info, property_idx, con_a, set_a, con_b, set_b, flags); } static void duplicate_copy_properties(const NMSettInfoSetting *sett_info, NMSetting *src, NMSetting *dst) { NMSettingIPConfigPrivate *priv_src = NM_SETTING_IP_CONFIG_GET_PRIVATE(src); NMSettingIPConfigPrivate *priv_dst = NM_SETTING_IP_CONFIG_GET_PRIVATE(dst); guint i; gboolean changed = FALSE; NM_SETTING_CLASS(nm_setting_ip_config_parent_class) ->duplicate_copy_properties(sett_info, src, dst); if (priv_dst->routing_rules && priv_dst->routing_rules->len > 0) { changed = TRUE; g_ptr_array_set_size(priv_dst->routing_rules, 0); } if (priv_src->routing_rules && priv_src->routing_rules->len > 0) { changed = TRUE; if (!priv_dst->routing_rules) priv_dst->routing_rules = g_ptr_array_new_with_free_func((GDestroyNotify) nm_ip_routing_rule_unref); for (i = 0; i < priv_src->routing_rules->len; i++) { g_ptr_array_add(priv_dst->routing_rules, nm_ip_routing_rule_ref(priv_src->routing_rules->pdata[i])); } } if (changed) _routing_rules_notify(NM_SETTING_IP_CONFIG(dst)); } static void enumerate_values(const NMSettInfoProperty *property_info, NMSetting * setting, NMSettingValueIterFn func, gpointer user_data) { if (nm_streq(property_info->name, NM_SETTING_IP_CONFIG_ROUTING_RULES)) { NMSettingIPConfigPrivate * priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); nm_auto_unset_gvalue GValue value = G_VALUE_INIT; GPtrArray * ptr = NULL; guint i; if (priv->routing_rules && priv->routing_rules->len > 0) { ptr = g_ptr_array_new_with_free_func((GDestroyNotify) nm_ip_routing_rule_unref); for (i = 0; i < priv->routing_rules->len; i++) g_ptr_array_add(ptr, nm_ip_routing_rule_ref(priv->routing_rules->pdata[i])); } g_value_init(&value, G_TYPE_PTR_ARRAY); g_value_take_boxed(&value, ptr); func(setting, property_info->name, &value, 0, user_data); return; } NM_SETTING_CLASS(nm_setting_ip_config_parent_class) ->enumerate_values(property_info, setting, func, user_data); } /*****************************************************************************/ static gboolean ip_gateway_set(NMSetting * setting, GVariant * connection_dict, const char * property, GVariant * value, NMSettingParseFlags parse_flags, GError ** error) { /* FIXME: properly handle errors */ /* Don't set from 'gateway' if we're going to use the gateway in 'addresses' */ if (_nm_setting_use_legacy_property(setting, connection_dict, "addresses", "gateway")) return TRUE; g_object_set(setting, property, g_variant_get_string(value, NULL), NULL); return TRUE; } GArray * _nm_sett_info_property_override_create_array_ip_config(void) { GArray *properties_override = _nm_sett_info_property_override_create_array(); _nm_properties_override_gobj(properties_override, obj_properties[PROP_GATEWAY], NM_SETT_INFO_PROPERT_TYPE(.dbus_type = G_VARIANT_TYPE_STRING, .from_dbus_fcn = ip_gateway_set, )); /* ---dbus--- * property: routing-rules * format: array of 'a{sv}' * description: Array of dictionaries for routing rules. * ---end--- */ _nm_properties_override_dbus( properties_override, NM_SETTING_IP_CONFIG_ROUTING_RULES, NM_SETT_INFO_PROPERT_TYPE(.dbus_type = NM_G_VARIANT_TYPE("aa{sv}"), .to_dbus_fcn = _routing_rules_dbus_only_synth, .from_dbus_fcn = _routing_rules_dbus_only_set, )); return properties_override; } /*****************************************************************************/ static void get_property(GObject *object, guint prop_id, GValue *value, GParamSpec *pspec) { NMSettingIPConfig * setting = NM_SETTING_IP_CONFIG(object); NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); switch (prop_id) { case PROP_METHOD: g_value_set_string(value, nm_setting_ip_config_get_method(setting)); break; case PROP_DNS: g_value_take_boxed(value, _nm_utils_ptrarray_to_strv(priv->dns)); break; case PROP_DNS_SEARCH: g_value_take_boxed(value, _nm_utils_ptrarray_to_strv(priv->dns_search)); break; case PROP_DNS_OPTIONS: g_value_take_boxed(value, priv->dns_options ? _nm_utils_ptrarray_to_strv(priv->dns_options) : NULL); break; case PROP_DNS_PRIORITY: g_value_set_int(value, priv->dns_priority); break; case PROP_ADDRESSES: g_value_take_boxed(value, _nm_utils_copy_array(priv->addresses, (NMUtilsCopyFunc) nm_ip_address_dup, (GDestroyNotify) nm_ip_address_unref)); break; case PROP_GATEWAY: g_value_set_string(value, nm_setting_ip_config_get_gateway(setting)); break; case PROP_ROUTES: g_value_take_boxed(value, _nm_utils_copy_array(priv->routes, (NMUtilsCopyFunc) nm_ip_route_dup, (GDestroyNotify) nm_ip_route_unref)); break; case PROP_ROUTE_METRIC: g_value_set_int64(value, priv->route_metric); break; case PROP_ROUTE_TABLE: g_value_set_uint(value, priv->route_table); break; case PROP_IGNORE_AUTO_ROUTES: g_value_set_boolean(value, nm_setting_ip_config_get_ignore_auto_routes(setting)); break; case PROP_IGNORE_AUTO_DNS: g_value_set_boolean(value, nm_setting_ip_config_get_ignore_auto_dns(setting)); break; case PROP_DHCP_HOSTNAME: g_value_set_string(value, nm_setting_ip_config_get_dhcp_hostname(setting)); break; case PROP_DHCP_SEND_HOSTNAME: g_value_set_boolean(value, nm_setting_ip_config_get_dhcp_send_hostname(setting)); break; case PROP_NEVER_DEFAULT: g_value_set_boolean(value, priv->never_default); break; case PROP_MAY_FAIL: g_value_set_boolean(value, priv->may_fail); break; case PROP_DAD_TIMEOUT: g_value_set_int(value, nm_setting_ip_config_get_dad_timeout(setting)); break; case PROP_DHCP_TIMEOUT: g_value_set_int(value, nm_setting_ip_config_get_dhcp_timeout(setting)); break; case PROP_DHCP_IAID: g_value_set_string(value, nm_setting_ip_config_get_dhcp_iaid(setting)); break; case PROP_DHCP_HOSTNAME_FLAGS: g_value_set_uint(value, nm_setting_ip_config_get_dhcp_hostname_flags(setting)); break; case PROP_DHCP_REJECT_SERVERS: g_value_set_boxed(value, nm_strvarray_get_strv_non_empty(priv->dhcp_reject_servers, NULL)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); break; } } static void set_property(GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec) { NMSettingIPConfig * setting = NM_SETTING_IP_CONFIG(object); NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); const char * gateway; char ** strv; guint i; switch (prop_id) { case PROP_METHOD: g_free(priv->method); priv->method = g_value_dup_string(value); break; case PROP_DNS: g_ptr_array_unref(priv->dns); priv->dns = _nm_utils_strv_to_ptrarray(g_value_get_boxed(value)); break; case PROP_DNS_SEARCH: g_ptr_array_unref(priv->dns_search); priv->dns_search = _nm_utils_strv_to_ptrarray(g_value_get_boxed(value)); break; case PROP_DNS_OPTIONS: strv = g_value_get_boxed(value); if (!strv) { if (priv->dns_options) { g_ptr_array_unref(priv->dns_options); priv->dns_options = NULL; } } else { if (priv->dns_options) g_ptr_array_set_size(priv->dns_options, 0); else priv->dns_options = g_ptr_array_new_with_free_func(g_free); for (i = 0; strv[i]; i++) { if (_nm_utils_dns_option_validate(strv[i], NULL, NULL, FALSE, NULL) && _nm_utils_dns_option_find_idx(priv->dns_options, strv[i]) < 0) g_ptr_array_add(priv->dns_options, g_strdup(strv[i])); } } break; case PROP_DNS_PRIORITY: priv->dns_priority = g_value_get_int(value); break; case PROP_ADDRESSES: g_ptr_array_unref(priv->addresses); priv->addresses = _nm_utils_copy_array(g_value_get_boxed(value), (NMUtilsCopyFunc) nm_ip_address_dup, (GDestroyNotify) nm_ip_address_unref); break; case PROP_GATEWAY: gateway = g_value_get_string(value); g_return_if_fail( !gateway || nm_utils_ipaddr_is_valid(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), gateway)); g_free(priv->gateway); priv->gateway = canonicalize_ip(NM_SETTING_IP_CONFIG_GET_FAMILY(setting), gateway, TRUE); break; case PROP_ROUTES: g_ptr_array_unref(priv->routes); priv->routes = _nm_utils_copy_array(g_value_get_boxed(value), (NMUtilsCopyFunc) nm_ip_route_dup, (GDestroyNotify) nm_ip_route_unref); break; case PROP_ROUTE_METRIC: priv->route_metric = g_value_get_int64(value); break; case PROP_ROUTE_TABLE: priv->route_table = g_value_get_uint(value); break; case PROP_IGNORE_AUTO_ROUTES: priv->ignore_auto_routes = g_value_get_boolean(value); break; case PROP_IGNORE_AUTO_DNS: priv->ignore_auto_dns = g_value_get_boolean(value); break; case PROP_DHCP_HOSTNAME: g_free(priv->dhcp_hostname); priv->dhcp_hostname = g_value_dup_string(value); break; case PROP_DHCP_SEND_HOSTNAME: priv->dhcp_send_hostname = g_value_get_boolean(value); break; case PROP_NEVER_DEFAULT: priv->never_default = g_value_get_boolean(value); break; case PROP_MAY_FAIL: priv->may_fail = g_value_get_boolean(value); break; case PROP_DAD_TIMEOUT: priv->dad_timeout = g_value_get_int(value); break; case PROP_DHCP_TIMEOUT: priv->dhcp_timeout = g_value_get_int(value); break; case PROP_DHCP_IAID: priv->dhcp_iaid = g_value_dup_string(value); break; case PROP_DHCP_HOSTNAME_FLAGS: priv->dhcp_hostname_flags = g_value_get_uint(value); break; case PROP_DHCP_REJECT_SERVERS: nm_strvarray_set_strv(&priv->dhcp_reject_servers, g_value_get_boxed(value)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID(object, prop_id, pspec); break; } } /*****************************************************************************/ static void nm_setting_ip_config_init(NMSettingIPConfig *setting) { NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(setting); priv->dns = g_ptr_array_new_with_free_func(g_free); priv->dns_search = g_ptr_array_new_with_free_func(g_free); priv->addresses = g_ptr_array_new_with_free_func((GDestroyNotify) nm_ip_address_unref); priv->routes = g_ptr_array_new_with_free_func((GDestroyNotify) nm_ip_route_unref); priv->route_metric = -1; priv->dhcp_send_hostname = TRUE; priv->may_fail = TRUE; priv->dad_timeout = -1; } static void finalize(GObject *object) { NMSettingIPConfig * self = NM_SETTING_IP_CONFIG(object); NMSettingIPConfigPrivate *priv = NM_SETTING_IP_CONFIG_GET_PRIVATE(self); g_free(priv->method); g_free(priv->gateway); g_free(priv->dhcp_hostname); g_free(priv->dhcp_iaid); g_ptr_array_unref(priv->dns); g_ptr_array_unref(priv->dns_search); if (priv->dns_options) g_ptr_array_unref(priv->dns_options); g_ptr_array_unref(priv->addresses); g_ptr_array_unref(priv->routes); if (priv->routing_rules) g_ptr_array_unref(priv->routing_rules); nm_clear_pointer(&priv->dhcp_reject_servers, g_array_unref); G_OBJECT_CLASS(nm_setting_ip_config_parent_class)->finalize(object); } static void nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass) { GObjectClass * object_class = G_OBJECT_CLASS(klass); NMSettingClass *setting_class = NM_SETTING_CLASS(klass); g_type_class_add_private(klass, sizeof(NMSettingIPConfigPrivate)); object_class->get_property = get_property; object_class->set_property = set_property; object_class->finalize = finalize; setting_class->verify = verify; setting_class->compare_property = compare_property; setting_class->duplicate_copy_properties = duplicate_copy_properties; setting_class->enumerate_values = enumerate_values; /** * NMSettingIPConfig:method: * * IP configuration method. * * #NMSettingIP4Config and #NMSettingIP6Config both support "disabled", * "auto", "manual", and "link-local". See the subclass-specific * documentation for other values. * * In general, for the "auto" method, properties such as * #NMSettingIPConfig:dns and #NMSettingIPConfig:routes specify information * that is added on to the information returned from automatic * configuration. The #NMSettingIPConfig:ignore-auto-routes and * #NMSettingIPConfig:ignore-auto-dns properties modify this behavior. * * For methods that imply no upstream network, such as "shared" or * "link-local", these properties must be empty. * * For IPv4 method "shared", the IP subnet can be configured by adding one * manual IPv4 address or otherwise 10.42.x.0/24 is chosen. Note that the * shared method must be configured on the interface which shares the internet * to a subnet, not on the uplink which is shared. **/ obj_properties[PROP_METHOD] = g_param_spec_string( NM_SETTING_IP_CONFIG_METHOD, "", "", NULL, G_PARAM_READWRITE | NM_SETTING_PARAM_INFERRABLE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dns: * * Array of IP addresses of DNS servers. **/ obj_properties[PROP_DNS] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_DNS, "", "", G_TYPE_STRV, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dns-search: * * Array of DNS search domains. Domains starting with a tilde ('~') * are considered 'routing' domains and are used only to decide the * interface over which a query must be forwarded; they are not used * to complete unqualified host names. * * When using a DNS plugin that supports Conditional Forwarding or * Split DNS, then the search domains specify which name servers to * query. This makes the behavior different from running with plain * /etc/resolv.conf. For more information see also the dns-priority setting. **/ obj_properties[PROP_DNS_SEARCH] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_DNS_SEARCH, "", "", G_TYPE_STRV, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dns-options: * * Array of DNS options as described in man 5 resolv.conf. * * %NULL means that the options are unset and left at the default. * In this case NetworkManager will use default options. This is * distinct from an empty list of properties. * * The currently supported options are "attempts", "debug", "edns0", * "inet6", "ip6-bytestring", "ip6-dotint", "ndots", "no-check-names", * "no-ip6-dotint", "no-reload", "no-tld-query", "rotate", "single-request", * "single-request-reopen", "timeout", "trust-ad", "use-vc". * * The "trust-ad" setting is only honored if the profile contributes * name servers to resolv.conf, and if all contributing profiles have * "trust-ad" enabled. * * When using a caching DNS plugin (dnsmasq or systemd-resolved in * NetworkManager.conf) then "edns0" and "trust-ad" are automatically * added. * * Since: 1.2 **/ obj_properties[PROP_DNS_OPTIONS] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_DNS_OPTIONS, "", "", G_TYPE_STRV, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dns-priority: * * DNS servers priority. * * The relative priority for DNS servers specified by this setting. A lower * numerical value is better (higher priority). * * Negative values have the special effect of excluding other configurations * with a greater numerical priority value; so in presence of at least one negative * priority, only DNS servers from connections with the lowest priority value will be used. * To avoid all DNS leaks, set the priority of the profile that should be used * to the most negative value of all active connections profiles. * * Zero selects a globally configured default value. If the latter is missing * or zero too, it defaults to 50 for VPNs (including WireGuard) and 100 for * other connections. * * Note that the priority is to order DNS settings for multiple active * connections. It does not disambiguate multiple DNS servers within the * same connection profile. * * When multiple devices have configurations with the same priority, VPNs will be * considered first, then devices with the best (lowest metric) default * route and then all other devices. * * When using dns=default, servers with higher priority will be on top of * resolv.conf. To prioritize a given server over another one within the * same connection, just specify them in the desired order. * Note that commonly the resolver tries name servers in /etc/resolv.conf * in the order listed, proceeding with the next server in the list * on failure. See for example the "rotate" option of the dns-options setting. * If there are any negative DNS priorities, then only name servers from * the devices with that lowest priority will be considered. * * When using a DNS resolver that supports Conditional Forwarding or * Split DNS (with dns=dnsmasq or dns=systemd-resolved settings), each connection * is used to query domains in its search list. The search domains determine which * name servers to ask, and the DNS priority is used to prioritize * name servers based on the domain. Queries for domains not present in any * search list are routed through connections having the '~.' special wildcard * domain, which is added automatically to connections with the default route * (or can be added manually). When multiple connections specify the same domain, the * one with the best priority (lowest numerical value) wins. If a sub domain * is configured on another interface it will be accepted regardless the priority, * unless parent domain on the other interface has a negative priority, which causes * the sub domain to be shadowed. * With Split DNS one can avoid undesired DNS leaks by properly configuring * DNS priorities and the search domains, so that only name servers of the desired * interface are configured. * * Since: 1.4 **/ obj_properties[PROP_DNS_PRIORITY] = g_param_spec_int(NM_SETTING_IP_CONFIG_DNS_PRIORITY, "", "", G_MININT32, G_MAXINT32, 0, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:addresses: (type GPtrArray(NMIPAddress)) * * Array of IP addresses. **/ obj_properties[PROP_ADDRESSES] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_ADDRESSES, "", "", G_TYPE_PTR_ARRAY, /* "addresses" is a legacy D-Bus property, because the * "addresses" GObject property normally gets set from * the "address-data" D-Bus property... */ G_PARAM_READWRITE | NM_SETTING_PARAM_INFERRABLE | NM_SETTING_PARAM_LEGACY | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:gateway: * * The gateway associated with this configuration. This is only meaningful * if #NMSettingIPConfig:addresses is also set. * * The gateway's main purpose is to control the next hop of the standard default route on the device. * Hence, the gateway property conflicts with #NMSettingIPConfig:never-default and will be * automatically dropped if the IP configuration is set to never-default. * * As an alternative to set the gateway, configure a static default route with /0 as prefix * length. **/ obj_properties[PROP_GATEWAY] = g_param_spec_string( NM_SETTING_IP_CONFIG_GATEWAY, "", "", NULL, G_PARAM_READWRITE | NM_SETTING_PARAM_INFERRABLE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:routes: (type GPtrArray(NMIPRoute)) * * Array of IP routes. **/ obj_properties[PROP_ROUTES] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_ROUTES, "", "", G_TYPE_PTR_ARRAY, G_PARAM_READWRITE | NM_SETTING_PARAM_INFERRABLE | /* See :addresses above Re: LEGACY */ NM_SETTING_PARAM_LEGACY | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:route-metric: * * The default metric for routes that don't explicitly specify a metric. * The default value -1 means that the metric is chosen automatically * based on the device type. * The metric applies to dynamic routes, manual (static) routes that * don't have an explicit metric setting, address prefix routes, and * the default route. * Note that for IPv6, the kernel accepts zero (0) but coerces it to * 1024 (user default). Hence, setting this property to zero effectively * mean setting it to 1024. * For IPv4, zero is a regular value for the metric. **/ obj_properties[PROP_ROUTE_METRIC] = g_param_spec_int64(NM_SETTING_IP_CONFIG_ROUTE_METRIC, "", "", -1, G_MAXUINT32, -1, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:route-table: * * Enable policy routing (source routing) and set the routing table used when adding routes. * * This affects all routes, including device-routes, IPv4LL, DHCP, SLAAC, default-routes * and static routes. But note that static routes can individually overwrite the setting * by explicitly specifying a non-zero routing table. * * If the table setting is left at zero, it is eligible to be overwritten via global * configuration. If the property is zero even after applying the global configuration * value, policy routing is disabled for the address family of this connection. * * Policy routing disabled means that NetworkManager will add all routes to the main * table (except static routes that explicitly configure a different table). Additionally, * NetworkManager will not delete any extraneous routes from tables except the main table. * This is to preserve backward compatibility for users who manage routing tables outside * of NetworkManager. * * Since: 1.10 **/ obj_properties[PROP_ROUTE_TABLE] = g_param_spec_uint( NM_SETTING_IP_CONFIG_ROUTE_TABLE, "", "", 0, G_MAXUINT32, 0, G_PARAM_READWRITE | NM_SETTING_PARAM_FUZZY_IGNORE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:ignore-auto-routes: * * When #NMSettingIPConfig:method is set to "auto" and this property to * %TRUE, automatically configured routes are ignored and only routes * specified in the #NMSettingIPConfig:routes property, if any, are used. **/ obj_properties[PROP_IGNORE_AUTO_ROUTES] = g_param_spec_boolean(NM_SETTING_IP_CONFIG_IGNORE_AUTO_ROUTES, "", "", FALSE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:ignore-auto-dns: * * When #NMSettingIPConfig:method is set to "auto" and this property to * %TRUE, automatically configured name servers and search domains are * ignored and only name servers and search domains specified in the * #NMSettingIPConfig:dns and #NMSettingIPConfig:dns-search properties, if * any, are used. **/ obj_properties[PROP_IGNORE_AUTO_DNS] = g_param_spec_boolean(NM_SETTING_IP_CONFIG_IGNORE_AUTO_DNS, "", "", FALSE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-hostname: * * If the #NMSettingIPConfig:dhcp-send-hostname property is %TRUE, then the * specified name will be sent to the DHCP server when acquiring a lease. * This property and #NMSettingIP4Config:dhcp-fqdn are mutually exclusive and * cannot be set at the same time. **/ obj_properties[PROP_DHCP_HOSTNAME] = g_param_spec_string(NM_SETTING_IP_CONFIG_DHCP_HOSTNAME, "", "", NULL, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-send-hostname: * * If %TRUE, a hostname is sent to the DHCP server when acquiring a lease. * Some DHCP servers use this hostname to update DNS databases, essentially * providing a static hostname for the computer. If the * #NMSettingIPConfig:dhcp-hostname property is %NULL and this property is * %TRUE, the current persistent hostname of the computer is sent. **/ obj_properties[PROP_DHCP_SEND_HOSTNAME] = g_param_spec_boolean(NM_SETTING_IP_CONFIG_DHCP_SEND_HOSTNAME, "", "", TRUE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:never-default: * * If %TRUE, this connection will never be the default connection for this * IP type, meaning it will never be assigned the default route by * NetworkManager. **/ obj_properties[PROP_NEVER_DEFAULT] = g_param_spec_boolean(NM_SETTING_IP_CONFIG_NEVER_DEFAULT, "", "", FALSE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:may-fail: * * If %TRUE, allow overall network configuration to proceed even if the * configuration specified by this property times out. Note that at least * one IP configuration must succeed or overall network configuration will * still fail. For example, in IPv6-only networks, setting this property to * %TRUE on the #NMSettingIP4Config allows the overall network configuration * to succeed if IPv4 configuration fails but IPv6 configuration completes * successfully. **/ obj_properties[PROP_MAY_FAIL] = g_param_spec_boolean(NM_SETTING_IP_CONFIG_MAY_FAIL, "", "", TRUE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dad-timeout: * * Timeout in milliseconds used to check for the presence of duplicate IP * addresses on the network. If an address conflict is detected, the * activation will fail. A zero value means that no duplicate address * detection is performed, -1 means the default value (either configuration * ipvx.dad-timeout override or zero). A value greater than zero is a * timeout in milliseconds. * * The property is currently implemented only for IPv4. * * Since: 1.2 **/ obj_properties[PROP_DAD_TIMEOUT] = g_param_spec_int( NM_SETTING_IP_CONFIG_DAD_TIMEOUT, "", "", -1, NM_SETTING_IP_CONFIG_DAD_TIMEOUT_MAX, -1, G_PARAM_READWRITE | NM_SETTING_PARAM_FUZZY_IGNORE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-timeout: * * A timeout for a DHCP transaction in seconds. If zero (the default), a * globally configured default is used. If still unspecified, a device specific * timeout is used (usually 45 seconds). * * Set to 2147483647 (MAXINT32) for infinity. **/ obj_properties[PROP_DHCP_TIMEOUT] = g_param_spec_int( NM_SETTING_IP_CONFIG_DHCP_TIMEOUT, "", "", 0, G_MAXINT32, 0, G_PARAM_READWRITE | NM_SETTING_PARAM_FUZZY_IGNORE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-iaid: * * A string containing the "Identity Association Identifier" (IAID) used * by the DHCP client. The property is a 32-bit decimal value or a * special value among "mac", "perm-mac", "ifname" and "stable". When * set to "mac" (or "perm-mac"), the last 4 bytes of the current (or * permanent) MAC address are used as IAID. When set to "ifname", the * IAID is computed by hashing the interface name. The special value * "stable" can be used to generate an IAID based on the stable-id (see * connection.stable-id), a per-host key and the interface name. When * the property is unset, the value from global configuration is used; * if no global default is set then the IAID is assumed to be * "ifname". Note that at the moment this property is ignored for IPv6 * by dhclient, which always derives the IAID from the MAC address. * * Since: 1.22 **/ obj_properties[PROP_DHCP_IAID] = g_param_spec_string(NM_SETTING_IP_CONFIG_DHCP_IAID, "", "", NULL, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-hostname-flags: * * Flags for the DHCP hostname and FQDN. * * Currently, this property only includes flags to control the FQDN flags * set in the DHCP FQDN option. Supported FQDN flags are * %NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE, * %NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED and * %NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE. When no FQDN flag is set and * %NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS is set, the DHCP FQDN option will * contain no flag. Otherwise, if no FQDN flag is set and * %NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS is not set, the standard FQDN flags * are set in the request: * %NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE, * %NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED for IPv4 and * %NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE for IPv6. * * When this property is set to the default value %NM_DHCP_HOSTNAME_FLAG_NONE, * a global default is looked up in NetworkManager configuration. If that value * is unset or also %NM_DHCP_HOSTNAME_FLAG_NONE, then the standard FQDN flags * described above are sent in the DHCP requests. * * Since: 1.22 */ obj_properties[PROP_DHCP_HOSTNAME_FLAGS] = g_param_spec_uint(NM_SETTING_IP_CONFIG_DHCP_HOSTNAME_FLAGS, "", "", 0, G_MAXUINT32, NM_DHCP_HOSTNAME_FLAG_NONE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); /** * NMSettingIPConfig:dhcp-reject-servers: * * Array of servers from which DHCP offers must be rejected. This property * is useful to avoid getting a lease from misconfigured or rogue servers. * * For DHCPv4, each element must be an IPv4 address, optionally * followed by a slash and a prefix length (e.g. "192.168.122.0/24"). * * This property is currently not implemented for DHCPv6. * * Since: 1.28 **/ obj_properties[PROP_DHCP_REJECT_SERVERS] = g_param_spec_boxed(NM_SETTING_IP_CONFIG_DHCP_REJECT_SERVERS, "", "", G_TYPE_STRV, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS); g_object_class_install_properties(object_class, _PROPERTY_ENUMS_LAST, obj_properties); }