From 0287e14285168a91dabb3464ffca7163c897bd63 Mon Sep 17 00:00:00 2001 From: Max Moser Date: Mon, 12 Feb 2018 15:35:47 +0100 Subject: [PATCH] Start transition to nm-wireguard naming --- .gitignore | 6 +- Makefile.am | 32 +-- ...network-manager-wireguard.metainfo.xml.in} | 12 +- autogen.sh | 2 +- ...vpn.doap => network-manager-wireguard.doap | 4 +- nm-openvpn-service.conf | 14 - nm-openvpn-service.name.in | 14 - nm-wireguard-service.conf | 6 +- nm-wireguard-service.name.in | 14 + properties/gresource.xml | 4 +- properties/nm-openvpn-editor.c | 2 +- ...envpn-dialog.ui => nm-wireguard-dialog.ui} | 0 ...envpn-service.c => nm-wireguard-service.c} | 242 ++++++++++++++++-- 13 files changed, 263 insertions(+), 89 deletions(-) rename appdata/{network-manager-openvpn.metainfo.xml.in => network-manager-wireguard.metainfo.xml.in} (80%) rename network-manager-openvpn.doap => network-manager-wireguard.doap (88%) delete mode 100644 nm-openvpn-service.conf delete mode 100644 nm-openvpn-service.name.in create mode 100644 nm-wireguard-service.name.in rename properties/{nm-openvpn-dialog.ui => nm-wireguard-dialog.ui} (100%) rename src/{nm-openvpn-service.c => nm-wireguard-service.c} (94%) diff --git a/.gitignore b/.gitignore index 124ccd9..b137586 100644 --- a/.gitignore +++ b/.gitignore @@ -29,7 +29,7 @@ m4/gtk-doc.m4 m4/intltool.m4 m4/libtool.m4 m4/lt*.m4 -appdata/network-manager-openvpn.metainfo.xml +appdata/network-manager-wireguard.metainfo.xml .vscode/ /cscope.files @@ -43,9 +43,9 @@ appdata/network-manager-openvpn.metainfo.xml test-*.log auth-dialog/nm-openvpn-auth-dialog -nm-openvpn-service.name +nm-wireguard-service.name nm-openvpn.desktop -src/nm-openvpn-service +src/nm-wireguard-service src/nm-openvpn-service-openvpn-helper properties/tests/test-import-export properties/tests/test-import-export-glib diff --git a/Makefile.am b/Makefile.am index 343a8b4..0c3c8c1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,12 +23,12 @@ plugindir = $(libdir)/NetworkManager plugin_LTLIBRARIES = dbusservicedir = $(sysconfdir)/dbus-1/system.d -dbusservice_DATA = nm-openvpn-service.conf +dbusservice_DATA = nm-wireguard-service.conf nmvpnservicedir = $(NM_VPN_SERVICE_DIR) -nmvpnservice_DATA = nm-openvpn-service.name +nmvpnservice_DATA = nm-wireguard-service.name -uidir = $(datadir)/gnome-vpn-properties/openvpn +uidir = $(datadir)/gnome-vpn-properties/wireguard ui_DATA = ############################################################################### @@ -49,7 +49,7 @@ src_cppflags = \ -DLOCALSTATEDIR=\""$(localstatedir)"\" \ -DDATADIR=\"$(datadir)\" \ -DNM_OPENVPN_LOCALEDIR=\"$(datadir)/locale\" \ - -DG_LOG_DOMAIN=\"nm-openvpn\" \ + -DG_LOG_DOMAIN=\"nm-wireguard\" \ -I$(srcdir)/shared \ $(GLIB_CFLAGS) \ $(LIBNM_CFLAGS) @@ -62,16 +62,16 @@ src_libnm_utils_la_LIBADD = \ $(GLIB_LIBS) \ $(LIBNM_LIBS) -libexec_PROGRAMS += src/nm-openvpn-service +libexec_PROGRAMS += src/nm-wireguard-service -src_nm_openvpn_service_CPPFLAGS = $(src_cppflags) -src_nm_openvpn_service_LDFLAGS = \ +src_nm_wireguard_service_CPPFLAGS = $(src_cppflags) +src_nm_wireguard_service_LDFLAGS = \ -Wl,--version-script="$(srcdir)/linker-script-binary.ver" -src_nm_openvpn_service_LDADD = \ +src_nm_wireguard_service_LDADD = \ src/libnm-utils.la \ $(GLIB_LIBS) \ $(LIBNM_LIBS) -EXTRA_src_nm_openvpn_service_DEPENDENCIES = \ +EXTRA_src_nm_wireguard_service_DEPENDENCIES = \ linker-script-binary.ver libexec_PROGRAMS += src/nm-openvpn-service-openvpn-helper @@ -232,7 +232,7 @@ EXTRA_DIST += \ properties/libnm-vpn-plugin-openvpn.ver \ properties/libnm-vpn-plugin-openvpn-editor.ver \ properties/libnm-openvpn-properties.ver \ - properties/nm-openvpn-dialog.ui + properties/nm-wireguard-dialog.ui ############################################################################### @@ -353,11 +353,11 @@ install-data-hook: sed -e "1s|^|# This file is obsoleted by a file in $(NM_VPN_SERVICE_DIR)\n\n|" \ -e 's|[@]LIBEXECDIR[@]|$(libexecdir)|g' \ -e 's|[@]PLUGINDIR[@]|@NM_PLUGIN_DIR@|g' \ - <$(srcdir)/nm-openvpn-service.name.in \ - >$(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-openvpn-service.name + <$(srcdir)/nm-wireguard-service.name.in \ + >$(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-wireguard-service.name uninstall-hook: - rm -f $(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-openvpn-service.name + rm -f $(DESTDIR)$(sysconfdir)/NetworkManager/VPN/nm-wireguard-service.name endif appdatadir = $(datadir)/appdata @@ -365,10 +365,10 @@ appdata_files = $(appdata_in_files:.xml.in=.xml) if WITH_GNOME appdata_DATA = $(appdata_files) endif -appdata_in_files = appdata/network-manager-openvpn.metainfo.xml.in +appdata_in_files = appdata/network-manager-wireguard.metainfo.xml.in @INTLTOOL_XML_RULE@ -nm-openvpn-service.name: $(srcdir)/nm-openvpn-service.name.in +nm-wireguard-service.name: $(srcdir)/nm-wireguard-service.name.in $(AM_V_GEN) sed -e 's|[@]LIBEXECDIR[@]|$(libexecdir)|g' \ -e 's|[@]PLUGINDIR[@]/|@NM_PLUGIN_DIR_NAME_FILE@|g' \ $^ >$@ @@ -380,7 +380,7 @@ TESTS = $(check_programs) EXTRA_DIST += \ linker-script-binary.ver \ - nm-openvpn-service.name.in \ + nm-wireguard-service.name.in \ $(dbusservice_DATA) \ $(appdata_in_files) \ $(appdata_files) \ diff --git a/appdata/network-manager-openvpn.metainfo.xml.in b/appdata/network-manager-wireguard.metainfo.xml.in similarity index 80% rename from appdata/network-manager-openvpn.metainfo.xml.in rename to appdata/network-manager-wireguard.metainfo.xml.in index b511712..0e49519 100644 --- a/appdata/network-manager-openvpn.metainfo.xml.in +++ b/appdata/network-manager-wireguard.metainfo.xml.in @@ -1,13 +1,13 @@ - network-manager-openvpn + network-manager-wireguard GPL-2.0+ CC0-1.0 nm-connection-editor.desktop gnome-control-center.desktop - <_name>OpenVPN client - <_summary>Client for OpenVPN virtual private networks + <_name>Wireguard client + <_summary>Client for Wireguard virtual private networks network @@ -15,12 +15,12 @@ NetworkManager connection VPN - OpenVPN + Wireguard - <_p>Support for configuring OpenVPN virtual private network connections. - <_p>OpenVPN is a popular and flexible free-software VPN solution. + <_p>Support for configuring Wireguard virtual private network connections. + <_p>Wireguard is a modern VPN client built for simplicity. diff --git a/autogen.sh b/autogen.sh index 09aacca..4a4f6a5 100755 --- a/autogen.sh +++ b/autogen.sh @@ -4,7 +4,7 @@ srcdir=`dirname $0` test -z "$srcdir" && srcdir=. REQUIRED_AUTOMAKE_VERSION=1.9 -PKG_NAME=NetworkManager-openvpn +PKG_NAME=NetworkManager-wireguard (test -f $srcdir/configure.ac \ && test -f $srcdir/auth-dialog/main.c) || { diff --git a/network-manager-openvpn.doap b/network-manager-wireguard.doap similarity index 88% rename from network-manager-openvpn.doap rename to network-manager-wireguard.doap index 1d13a79..e04a555 100644 --- a/network-manager-openvpn.doap +++ b/network-manager-wireguard.doap @@ -5,8 +5,8 @@ xmlns:gnome="http://api.gnome.org/doap-extensions#" xmlns="http://usefulinc.com/ns/doap#"> - network-manager-openvpn - OpenVPN support for NetworkManager + network-manager-wireguard + Wireguard support for NetworkManager diff --git a/nm-openvpn-service.conf b/nm-openvpn-service.conf deleted file mode 100644 index 243ab48..0000000 --- a/nm-openvpn-service.conf +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - diff --git a/nm-openvpn-service.name.in b/nm-openvpn-service.name.in deleted file mode 100644 index 973fa0a..0000000 --- a/nm-openvpn-service.name.in +++ /dev/null @@ -1,14 +0,0 @@ -[VPN Connection] -name=openvpn -service=org.freedesktop.NetworkManager.openvpn -program=@LIBEXECDIR@/nm-openvpn-service -supports-multiple-connections=true - -[libnm] -plugin=@PLUGINDIR@/libnm-vpn-plugin-openvpn.so - -[GNOME] -auth-dialog=@LIBEXECDIR@/nm-openvpn-auth-dialog -properties=@PLUGINDIR@/libnm-openvpn-properties -supports-external-ui-mode=true -supports-hints=true diff --git a/nm-wireguard-service.conf b/nm-wireguard-service.conf index db65e78..af24c59 100644 --- a/nm-wireguard-service.conf +++ b/nm-wireguard-service.conf @@ -5,19 +5,15 @@ - - - + - - diff --git a/nm-wireguard-service.name.in b/nm-wireguard-service.name.in new file mode 100644 index 0000000..36274d1 --- /dev/null +++ b/nm-wireguard-service.name.in @@ -0,0 +1,14 @@ +[VPN Connection] +name=wireguard +service=org.freedesktop.NetworkManager.wireguard +program=@LIBEXECDIR@/nm-wireguard-service +supports-multiple-connections=false + +[libnm] +plugin=@PLUGINDIR@/libnm-vpn-plugin-openvpn.so + +[GNOME] +auth-dialog=@LIBEXECDIR@/nm-openvpn-auth-dialog +properties=@PLUGINDIR@/libnm-openvpn-properties +supports-external-ui-mode=false +supports-hints=false diff --git a/properties/gresource.xml b/properties/gresource.xml index f71de10..6b7bc89 100644 --- a/properties/gresource.xml +++ b/properties/gresource.xml @@ -1,6 +1,6 @@ - - nm-openvpn-dialog.ui + + nm-wireguard-dialog.ui diff --git a/properties/nm-openvpn-editor.c b/properties/nm-openvpn-editor.c index 763c718..de93bf8 100644 --- a/properties/nm-openvpn-editor.c +++ b/properties/nm-openvpn-editor.c @@ -902,7 +902,7 @@ openvpn_editor_new (NMConnection *connection, GError **error) gtk_builder_set_translation_domain (priv->builder, GETTEXT_PACKAGE); - if (!gtk_builder_add_from_resource (priv->builder, "/org/freedesktop/network-manager-openvpn/nm-openvpn-dialog.ui", error)) { + if (!gtk_builder_add_from_resource (priv->builder, "/org/freedesktop/network-manager-wireguard/nm-wireguard-dialog.ui", error)) { g_object_unref (object); g_return_val_if_reached (NULL); } diff --git a/properties/nm-openvpn-dialog.ui b/properties/nm-wireguard-dialog.ui similarity index 100% rename from properties/nm-openvpn-dialog.ui rename to properties/nm-wireguard-dialog.ui diff --git a/src/nm-openvpn-service.c b/src/nm-wireguard-service.c similarity index 94% rename from src/nm-openvpn-service.c rename to src/nm-wireguard-service.c index e4652d4..a93f3dc 100644 --- a/src/nm-openvpn-service.c +++ b/src/nm-wireguard-service.c @@ -104,6 +104,13 @@ NMWireguardPlugin *nm_wireguard_plugin_new (const char *bus_name); /*****************************************************************************/ +typedef struct _Configs{ + NMVpnServicePlugin *plugin; + GVariant *config; + GVariant *ip4config; + GVariant *ip6config; +} Configs; + typedef enum { OPENVPN_BINARY_VERSION_INVALID, OPENVPN_BINARY_VERSION_UNKNOWN, @@ -149,6 +156,11 @@ G_DEFINE_TYPE (NMWireguardPlugin, nm_wireguard_plugin, NM_TYPE_VPN_SERVICE_PLUGI /*****************************************************************************/ +typedef struct _PluginConnection { + NMVpnServicePlugin *plugin; + NMConnection *connection; +} PluginConnection; + typedef struct { const char *name; GType type; @@ -1014,7 +1026,6 @@ nm_openvpn_connect_timer_cb (gpointer data) NMWireguardPluginIOData *io_data = priv->io_data; struct sockaddr_un remote = { 0 }; int fd; - printf("Connect Timer Callback!\n"); priv->connect_count++; @@ -1055,7 +1066,6 @@ static void nm_openvpn_schedule_connect_timer (NMWireguardPlugin *plugin) { NMWireguardPluginPrivate *priv = NM_WIREGUARD_PLUGIN_GET_PRIVATE (plugin); - printf("Scheduling timer\n"); if (priv->connect_timer == 0) priv->connect_timer = g_timeout_add (200, nm_openvpn_connect_timer_cb, plugin); @@ -2158,6 +2168,206 @@ real_disconnect (NMVpnServicePlugin *plugin, return TRUE; } +static const gchar * +get_setting(NMSettingVpn *s_vpn, const char *key) +{ + const gchar *setting = nm_setting_vpn_get_data_item(s_vpn, key); + + if(!setting || !setting[0]){ + return NULL; + } + + return setting; +} + +static GVariant * +ip4_to_gvariant (const char *str) +{ + gchar *addr; + gchar **tmp, **tmp2; + struct in_addr temp_addr; + GVariant *res; + + /* Empty */ + if (!str || strlen (str) < 1){ + return NULL; + } + + // strip the port and subnet + tmp = g_strsplit(str, "/", 0); + tmp2 = g_strsplit(tmp[0], ":", 0); + addr = g_strdup(tmp[0]); + + if (inet_pton (AF_INET, addr, &temp_addr) <= 0){ + res = NULL;; + } + else{ + res = g_variant_new_uint32 (temp_addr.s_addr); + } + + g_strfreev(tmp); + g_strfreev(tmp2); + g_free(addr); + + return res; +} + +static GVariant * +ip6_to_gvariant (const char *str) +{ + struct in6_addr temp_addr; + gchar *addr; + gchar **tmp; + GVariantBuilder builder; + int i; + + /* Empty */ + if (!str || strlen (str) < 1){ + return NULL; + } + + // since we accept a subnet at the end, let's do away with that. + tmp = g_strsplit(str, "/", 0); + addr = g_strdup(tmp[0]); + g_strfreev(tmp); + + if (inet_pton (AF_INET6, addr, &temp_addr) <= 0){ + return NULL; + } + + g_variant_builder_init (&builder, G_VARIANT_TYPE ("ay")); + for (i = 0; i < sizeof (temp_addr); i++){ + g_variant_builder_add (&builder, "y", ((guint8 *) &temp_addr)[i]); + } + + return g_variant_builder_end (&builder); +} + +static gboolean +send_config(gpointer data) +{ + Configs *cfgs = data; + + nm_vpn_service_plugin_set_config(cfgs->plugin, cfgs->config); + + if(cfgs->ip4config){ + nm_vpn_service_plugin_set_ip4_config(cfgs->plugin, cfgs->ip4config); + } + + if(cfgs->ip6config){ + nm_vpn_service_plugin_set_ip6_config(cfgs->plugin, cfgs->ip6config); + } + + // if we don't return FALSE, it's gonna get called again and again and again and... + return FALSE; +} + +static gboolean +set_config(NMVpnServicePlugin *plugin, NMConnection *connection) +{ + NMSettingVpn *s_vpn = nm_connection_get_setting_vpn(connection); + GVariantBuilder builder, ip4builder, ip6builder; + GVariant *config, *ip4config, *ip6config; + GVariant *val; + const char *setting; + guint64 subnet = 24; + gboolean has_ip4 = FALSE; + gboolean has_ip6 = FALSE; + Configs *configs = malloc(sizeof(Configs)); + memset(configs, 0, sizeof(Configs)); + + // get ready to build the IP4 stuff and send it + // (required that the connection does not time-out) + g_variant_builder_init(&builder, G_VARIANT_TYPE_VARDICT); + g_variant_builder_init(&ip4builder, G_VARIANT_TYPE_VARDICT); + g_variant_builder_init(&ip6builder, G_VARIANT_TYPE_VARDICT); + + // build the configs + setting = get_setting(s_vpn, NM_WG_KEY_ADDR_IP4); + if(setting){ + val = ip4_to_gvariant(setting); + if(val){ + g_variant_builder_add(&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS, val); + + // try to find the subnet from the IP + if(g_strrstr(setting, "/")){ + gchar **tmp; + tmp = g_strsplit(setting, "/", 2); + if(!g_ascii_string_to_unsigned(tmp[1], 10, 0, 32, &subnet, NULL)){ + subnet = 24; + } + g_strfreev(tmp); + } + val = g_variant_new_uint32((guint32)subnet); + g_variant_builder_add(&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_PREFIX, val); + has_ip4 = TRUE; + } + } + + setting = get_setting(s_vpn, NM_WG_KEY_DNS); + if(setting){ + // TODO + } + + setting = get_setting(s_vpn, NM_WG_KEY_ENDPOINT); + if(setting){ + // TODO + } + + setting = get_setting(s_vpn, NM_WG_KEY_MTU); + if(setting){ + guint32 mtu = 1420; + if(!g_ascii_string_to_unsigned(setting, 10, 0, 1500, &mtu, NULL)){ + mtu = 1420; + } + val = g_variant_new_uint32(mtu); + g_variant_builder_add(&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_MTU, val); + g_variant_builder_add(&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_MTU, val); + } + + val = g_variant_new_string(nm_connection_get_id(connection)); + g_variant_builder_add(&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_TUNDEV, val); + g_variant_builder_add(&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_TUNDEV, val); + + setting = get_setting(s_vpn, NM_WG_KEY_ADDR_IP6); + if(setting){ + val = ip6_to_gvariant(setting); + if(val){ + g_variant_builder_add(&ip6builder, "{sv}", NM_VPN_PLUGIN_IP6_CONFIG_ADDRESS, setting); + has_ip6 = TRUE; + } + } + + // check if we have any of IP4 or IP6 and if so, include them in the config + if(!has_ip4 && !has_ip6){ + return FALSE; + } + + if(has_ip4){ + val = g_variant_new_boolean(TRUE); + g_variant_builder_add(&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_HAS_IP4, val); + } + + if(has_ip6){ + val = g_variant_new_boolean(TRUE); + g_variant_builder_add(&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_HAS_IP6, val); + } + + // finish the builders + config = g_variant_builder_end(&builder); + ip4config = g_variant_builder_end(&ip4builder); + ip6config = g_variant_builder_end(&ip6builder); + + // populate the configs struct and send the configuration asynchronously + configs->ip4config = (has_ip4) ? ip4config : NULL; + configs->ip6config = (has_ip6) ? ip6config : NULL; + configs->plugin = plugin; + configs->config = config; + g_timeout_add(0, send_config, configs); + + return TRUE; +} + static gboolean connect_common(NMVpnServicePlugin *plugin, NMConnection *connection, @@ -2171,8 +2381,6 @@ connect_common(NMVpnServicePlugin *plugin, int retcode = 1; char *filename = NULL; GString *connection_config = NULL; - GVariantBuilder builder, ip4builder, ip6builder; - GVariant *config, *ip4config, *ip6config; _LOGI("Setting up Wireguard Connection ('%s')", connection_name); if(wg_quick_path == NULL){ @@ -2212,33 +2420,18 @@ connect_common(NMVpnServicePlugin *plugin, g_remove(filename); g_free(command); - // get ready to build the IP4 stuff and send it - // (required that the connection does not time-out) - g_variant_builder_init(&builder, G_VARIANT_TYPE_VARDICT); - g_variant_builder_init(&ip4builder, G_VARIANT_TYPE_VARDICT); - g_variant_builder_init(&ip6builder, G_VARIANT_TYPE_VARDICT); - config = g_variant_builder_end(&builder); - ip4config = g_variant_builder_end(&ip4builder); - ip6config = g_variant_builder_end(&ip6builder); - nm_vpn_service_plugin_set_config(plugin, config); - nm_vpn_service_plugin_set_ip4_config(plugin, ip4config); - nm_vpn_service_plugin_set_ip6_config(plugin, ip6config); - - /* - [1] https://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service-openvpn-helper.c?id=40e522aea2146ec20e0232545aa574664184be39#n114 - [2] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/libnm/nm-vpn-service-plugin.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n876 - [3] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/libnm/nm-vpn-service-plugin.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n345 - [4] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/vpn/nm-vpn-connection.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n2072 - */ + set_config(plugin, connection); return TRUE; } + // IMPLEMENT ME RIGHT static gboolean wg_connect (NMVpnServicePlugin *plugin, NMConnection *connection, GError **error) { + _LOGI("Connecting to Wireguard: '%s'", nm_connection_get_id(connection)); return connect_common(plugin, connection, NULL, error); } @@ -2250,6 +2443,7 @@ wg_connect_interactive(NMVpnServicePlugin *plugin, GVariant *details, GError **error) { + _LOGI("Connecting interactively to Wireguard: '%s'", nm_connection_get_id(connection)); if(!connect_common(plugin, connection, details, error)){ return FALSE; } @@ -2495,6 +2689,7 @@ nm_wireguard_plugin_new (const char *bus_name) NULL); if (plugin) { + printf("Listening to bus-name %s\n", bus_name); g_signal_connect (G_OBJECT (plugin), "state-changed", G_CALLBACK (plugin_state_changed), NULL); } else { @@ -2600,11 +2795,8 @@ main (int argc, char *argv[]) // TODO what is this, rem if ( !g_file_test ("/sys/class/misc/tun", G_FILE_TEST_EXISTS) && (system ("/sbin/modprobe tun") == -1)){ - - printf("tun stuff not found :>\n"); exit (EXIT_FAILURE); } - printf("tun stuff seems okay tho\n"); // TODO fails here: // nm-openvpn[27808] Failed to initialize a plugin instance: Connection ":1.598" is not allowed to own the service "org.freedesktop.NetworkManager.openvpn" due to security policies in the configuration file