mirror
/
network-manager-wireguard-upstream
mirror of https://github.com/max-moser/network-manager-wireguard.git
1
0
Fork 1
Code Issues Releases Wiki Activity

Merge pull request #17 from vk496/master 

Support for Persistent Keep Alive parameter
pull/22/head^2
Max 2018-10-14 21:14:37 +02:00 committed by GitHub
parent d0c918e05c 0c23f17362
commit a52cc4101b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 116 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
properties/nm-wireguard-dialog.ui
View File

@ -2323,6 +2323,45 @@ config: http-proxy-retry or socks-proxy-retry</property>
<property name="position">4</property> <property name="position">4</property>
</packing> </packing>
</child> </child>
<child>
<object class="GtkBox" id="persistent-keep-alive">
<property name="visible">True</property>
<property name="can_focus">False</property>
<child>
<object class="GtkLabel">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="label" translatable="yes">Persis. Keepalive:</property>
<property name="width_chars">15</property>
<property name="max_width_chars">15</property>
<attributes>
<attribute name="underline" value="True"/>
</attributes>
</object>
<packing>
<property name="expand">False</property>
<property name="fill">False</property>
<property name="position">0</property>
</packing>
</child>
<child>
<object class="GtkEntry" id="peer_persistent_keep_alive_entry">
<property name="visible">True</property>
<property name="can_focus">True</property>
</object>
<packing>
<property name="expand">True</property>
<property name="fill">True</property>
<property name="position">1</property>
</packing>
</child>
</object>
<packing>
<property name="expand">False</property>
<property name="fill">True</property>
<property name="position">4</property>
</packing>
</child>
</object> </object>
<packing> <packing>
<property name="expand">False</property> <property name="expand">False</property>

34
properties/nm-wireguard-editor.c
View File

@ -98,6 +98,19 @@ check_interface_mtu_entry(const char *str)
return TRUE; return TRUE;
} }
static gboolean
check_peer_persistent_keep_alive_entry(const char *str)
{
if(is_empty(str)){
return TRUE;
}
else if(!g_ascii_string_to_unsigned(str, 10, 0, 450, NULL, NULL)){
return FALSE;
}
return TRUE;
}
static gboolean static gboolean
check_peer_preshared_key(const char *str) check_peer_preshared_key(const char *str)
{ {
@ -274,6 +287,9 @@ check_validity (WireguardEditor *self, GError **error)
if(!check(priv, "peer_psk_entry", check_peer_preshared_key, NM_WG_KEY_PRESHARED_KEY, TRUE, error)){ if(!check(priv, "peer_psk_entry", check_peer_preshared_key, NM_WG_KEY_PRESHARED_KEY, TRUE, error)){
success = FALSE; success = FALSE;
} }
if(!check(priv, "peer_persistent_keep_alive_entry", check_peer_persistent_keep_alive_entry, NM_WG_KEY_PERSISTENT_KEEP_ALIVE, TRUE, error)){
success = FALSE;
}
// pre-up, post-up, pre-down, post-down are scripts and don't get validated // pre-up, post-up, pre-down, post-down are scripts and don't get validated
if(ip4_ok && ip6_ok){ if(ip4_ok && ip6_ok){
@ -364,7 +380,7 @@ init_editor_plugin (WireguardEditor *self, NMConnection *connection, GError **er
} }
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
// Interface Private Key // Interface MTU
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "interface_mtu_entry")); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "interface_mtu_entry"));
g_return_val_if_fail (widget != NULL, FALSE); g_return_val_if_fail (widget != NULL, FALSE);
if (s_vpn) { if (s_vpn) {
@ -444,6 +460,15 @@ init_editor_plugin (WireguardEditor *self, NMConnection *connection, GError **er
} }
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self); g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
// Peer Persistent Keep Alive
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "peer_persistent_keep_alive_entry"));
g_return_val_if_fail (widget != NULL, FALSE);
if (s_vpn) {
value = nm_setting_vpn_get_data_item (s_vpn, NM_WG_KEY_PERSISTENT_KEEP_ALIVE);
if (value)
gtk_entry_set_text (GTK_ENTRY (widget), value);
}
g_signal_connect (G_OBJECT (widget), "changed", G_CALLBACK (stuff_changed_cb), self);
// Peer Public Key // Peer Public Key
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "peer_public_key_entry")); widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "peer_public_key_entry"));
@ -608,6 +633,13 @@ update_connection (NMVpnEditor *iface,
nm_setting_vpn_add_data_item (s_vpn, NM_WG_KEY_ENDPOINT, str); nm_setting_vpn_add_data_item (s_vpn, NM_WG_KEY_ENDPOINT, str);
} }
// persistent keep alive
widget = GTK_WIDGET (gtk_builder_get_object (priv->builder, "peer_persistent_keep_alive_entry"));
str = gtk_entry_get_text (GTK_ENTRY (widget));
if (str && str[0]){
nm_setting_vpn_add_data_item (s_vpn, NM_WG_KEY_PERSISTENT_KEEP_ALIVE, str);
}
nm_connection_add_setting (connection, NM_SETTING (s_vpn)); nm_connection_add_setting (connection, NM_SETTING (s_vpn));
valid = TRUE; valid = TRUE;

43
shared/import-export.c
View File

@ -567,6 +567,30 @@ parse_mtu(const char **line, guint64 *mtu, char **out_error)
return success; return success;
} }
// parse Persistent Keep Alive value (max 0-5min? (450))
static gboolean
parse_persistent_keep_alive(const char **line, guint64 *pka, char **out_error)
{
int idx = 0;
char *tmp = NULL;
gboolean success = TRUE;
if(!_parse_common(line, &idx, out_error)){
return FALSE;
}
tmp = g_strdup(line[idx]);
if(!g_ascii_string_to_unsigned(tmp, 10, 0, 450, pka, NULL)){
*out_error = g_strdup_printf("'%s' is not a valid Persistent Keep Alive assignment! (max '%d')", tmp, 450);
*pka = -1;
success = FALSE;
}
g_free(tmp);
return success;
}
// parse the line and check if there were any IP4 and IP6 included // parse the line and check if there were any IP4 and IP6 included
// (if there are more than just one IP4, the later take precedence; same for IP6) // (if there are more than just one IP4, the later take precedence; same for IP6)
// //
@ -876,7 +900,7 @@ do_import (const char *path, const char *contents, gsize contents_len, GError **
} }
setting_vpn_add_data_item_int64(s_vpn, NM_WG_KEY_MTU, mtu); setting_vpn_add_data_item_int64(s_vpn, NM_WG_KEY_MTU, mtu);
printf("%s = %ld\n", NM_WG_KEY_DNS, mtu); printf("%s = %ld\n", NMV_WG_TAG_MTU, mtu);
continue; continue;
} }
@ -1006,6 +1030,17 @@ do_import (const char *path, const char *contents, gsize contents_len, GError **
continue; continue;
} }
if (NM_IN_STRSET (params[0], NMV_WG_TAG_PERSISTENT_KEEP_ALIVE)){
guint64 pka = 0;
if(!parse_persistent_keep_alive(params, &pka, &line_error)){
goto handle_line_error;
}
setting_vpn_add_data_item_int64(s_vpn, NM_WG_KEY_PERSISTENT_KEEP_ALIVE, pka);
printf("%s = %lu\n", NMV_WG_TAG_PERSISTENT_KEEP_ALIVE, pka);
continue;
}
/* currently we ignore any unknown options and skip over them. */ /* currently we ignore any unknown options and skip over them. */
continue; continue;
@ -1111,6 +1146,7 @@ create_config_string (NMConnection *connection, GError **error)
const char *allowed_ips; const char *allowed_ips;
const char *endpoint; const char *endpoint;
const char *psk; const char *psk;
const char *pka;
const char *dns; const char *dns;
char *value = NULL; char *value = NULL;
char **ip_list, **ip_iter; char **ip_list, **ip_iter;
@ -1137,6 +1173,7 @@ create_config_string (NMConnection *connection, GError **error)
allowed_ips = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_ALLOWED_IPS)); allowed_ips = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_ALLOWED_IPS));
endpoint = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_ENDPOINT)); endpoint = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_ENDPOINT));
psk = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_PRESHARED_KEY)); psk = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_PRESHARED_KEY));
pka = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_PERSISTENT_KEEP_ALIVE));
dns = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_DNS)); dns = _arg_is_set(nm_setting_vpn_get_data_item(s_vpn, NM_WG_KEY_DNS));
if(!ip4 && !ip6){ if(!ip4 && !ip6){
@ -1228,6 +1265,10 @@ create_config_string (NMConnection *connection, GError **error)
args_write_line(f, NMV_WG_TAG_PRESHARED_KEY, "=", psk); args_write_line(f, NMV_WG_TAG_PRESHARED_KEY, "=", psk);
} }
if(pka && *pka > 0){
args_write_line(f, NMV_WG_TAG_PERSISTENT_KEEP_ALIVE, "=", pka);
}
return g_steal_pointer (&f); return g_steal_pointer (&f);
} }

1
shared/nm-service-defines.h
View File

@ -42,6 +42,7 @@
#define NM_WG_KEY_ALLOWED_IPS "peer-allowed-ips" #define NM_WG_KEY_ALLOWED_IPS "peer-allowed-ips"
#define NM_WG_KEY_ENDPOINT "peer-endpoint" #define NM_WG_KEY_ENDPOINT "peer-endpoint"
#define NM_WG_KEY_PRESHARED_KEY "peer-preshared-key" #define NM_WG_KEY_PRESHARED_KEY "peer-preshared-key"
#define NM_WG_KEY_PERSISTENT_KEEP_ALIVE "peer-persistent-keep-alive"
#define NM_OPENVPN_KEY_AUTH "auth" #define NM_OPENVPN_KEY_AUTH "auth"
#define NM_OPENVPN_KEY_CA "ca" #define NM_OPENVPN_KEY_CA "ca"

1
shared/utils.h
View File

@ -37,6 +37,7 @@
#define NMV_WG_TAG_PUBLIC_KEY "PublicKey" #define NMV_WG_TAG_PUBLIC_KEY "PublicKey"
#define NMV_WG_TAG_ALLOWED_IPS "AllowedIPs" #define NMV_WG_TAG_ALLOWED_IPS "AllowedIPs"
#define NMV_WG_TAG_ENDPOINT "Endpoint" #define NMV_WG_TAG_ENDPOINT "Endpoint"
#define NMV_WG_TAG_PERSISTENT_KEEP_ALIVE "PersistentKeepalive"
#define NMV_OVPN_TAG_AUTH "auth" #define NMV_OVPN_TAG_AUTH "auth"
#define NMV_OVPN_TAG_AUTH_NOCACHE "auth-nocache" #define NMV_OVPN_TAG_AUTH_NOCACHE "auth-nocache"