You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 lines
3.4 KiB
72 lines
3.4 KiB
From 2045cdf3dec79ae7d7b03ca7a081b8c444e242ef Mon Sep 17 00:00:00 2001
|
|
From: Beniamino Galvani <bgalvani@redhat.com>
|
|
Date: Wed, 10 Apr 2024 13:23:56 +0200
|
|
Subject: [PATCH] service,properties: support "leftsubnet"
|
|
|
|
https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/-/merge_requests/30
|
|
---
|
|
properties/nm-libreswan-dialog.ui | 42 ++++++++++++++++++++-----
|
|
properties/nm-libreswan-editor-plugin.c | 2 ++
|
|
properties/nm-libreswan-editor.c | 12 +++++++
|
|
shared/nm-service-defines.h | 1 +
|
|
shared/utils.c | 5 +++
|
|
src/nm-libreswan-service.c | 1 +
|
|
6 files changed, 56 insertions(+), 7 deletions(-)
|
|
|
|
diff --git a/properties/nm-libreswan-editor-plugin.c b/properties/nm-libreswan-editor-plugin.c
|
|
index fe85c81..bb1685d 100644
|
|
--- a/properties/nm-libreswan-editor-plugin.c
|
|
+++ b/properties/nm-libreswan-editor-plugin.c
|
|
@@ -215,6 +215,8 @@ import_from_file (NMVpnEditorPlugin *self,
|
|
else if (g_str_has_prefix (str, "rightsubnet=")) {
|
|
if (!g_str_has_prefix (str, "rightsubnet=0.0.0.0/0"))
|
|
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_REMOTENETWORK, &str[12]);
|
|
+ } else if (g_str_has_prefix (str, "leftsubnet=")) {
|
|
+ nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_LOCALNETWORK, str + NM_STRLEN("leftsubnet="));
|
|
} else if (g_str_has_prefix (str, "leftrsasigkey=")) {
|
|
if (str[14] != '%')
|
|
nm_setting_vpn_add_data_item (s_vpn, NM_LIBRESWAN_KEY_LEFTRSASIGKEY, &str[14]);
|
|
diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
|
|
index 95e19d4..96e5c71 100644
|
|
--- a/shared/nm-service-defines.h
|
|
+++ b/shared/nm-service-defines.h
|
|
@@ -62,6 +62,7 @@
|
|
#define NM_LIBRESWAN_KEY_SALIFETIME "salifetime"
|
|
#define NM_LIBRESWAN_KEY_VENDOR "vendor"
|
|
#define NM_LIBRESWAN_KEY_REMOTENETWORK "rightsubnet"
|
|
+#define NM_LIBRESWAN_KEY_LOCALNETWORK "leftsubnet"
|
|
#define NM_LIBRESWAN_KEY_IKEV2 "ikev2"
|
|
#define NM_LIBRESWAN_KEY_NARROWING "narrowing"
|
|
#define NM_LIBRESWAN_KEY_REKEY "rekey"
|
|
diff --git a/shared/utils.c b/shared/utils.c
|
|
index 9e616f8..926d12d 100644
|
|
--- a/shared/utils.c
|
|
+++ b/shared/utils.c
|
|
@@ -222,6 +222,11 @@ nm_libreswan_config_write (gint fd,
|
|
WRITE_CHECK (fd, debug_write_fcn, error, " rightsubnet=%s",
|
|
remote_network);
|
|
|
|
+ item = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_KEY_LOCALNETWORK);
|
|
+ if (item) {
|
|
+ WRITE_CHECK (fd, debug_write_fcn, error, " leftsubnet=%s", item);
|
|
+ }
|
|
+
|
|
if (!is_ikev2) {
|
|
/* When IKEv1 is in place, we enforce XAUTH: so, use IKE version
|
|
* also to check if XAUTH conf options should be passed to Libreswan.
|
|
diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
|
|
index 7e96230..88c07d7 100644
|
|
--- a/src/nm-libreswan-service.c
|
|
+++ b/src/nm-libreswan-service.c
|
|
@@ -271,6 +271,7 @@ static ValidProperty valid_properties[] = {
|
|
{ NM_LIBRESWAN_KEY_SALIFETIME, G_TYPE_STRING, 0, 0 },
|
|
{ NM_LIBRESWAN_KEY_VENDOR, G_TYPE_STRING, 0, 0 },
|
|
{ NM_LIBRESWAN_KEY_REMOTENETWORK, G_TYPE_STRING, 0, 0 },
|
|
+ { NM_LIBRESWAN_KEY_LOCALNETWORK, G_TYPE_STRING, 0, 0 },
|
|
{ NM_LIBRESWAN_KEY_IKEV2, G_TYPE_STRING, 0, 0 },
|
|
{ NM_LIBRESWAN_KEY_NARROWING, G_TYPE_STRING, 0, 0 },
|
|
{ NM_LIBRESWAN_KEY_REKEY, G_TYPE_STRING, 0, 0 },
|
|
--
|
|
2.44.0
|
|
|