New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[th/wireguard-pt3] #281
Closed
Closed
[th/wireguard-pt3] #281
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
thom311
force-pushed
the
th/wireguard-pt3
branch
from
January 13, 2019 14:27
e1a2da5
to
8b4fdf6
Compare
lkundrak
force-pushed
the
th/wireguard-pt3
branch
from
January 13, 2019 14:40
8b4fdf6
to
e512a23
Compare
lkundrak
force-pushed
the
th/wireguard-pt3
branch
8 times, most recently
from
January 17, 2019 10:36
5a4b70d
to
08d5311
Compare
bengal
reviewed
Jan 17, 2019
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't reviewed all the code, but the API looks reasonable. I think we can merge this and improve it later.
addressed comments so far and repushed. |
thom311
force-pushed
the
th/wireguard-pt3
branch
from
January 18, 2019 11:17
08d5311
to
e2b0f22
Compare
lkundrak
force-pushed
the
th/wireguard-pt3
branch
4 times, most recently
from
January 20, 2019 14:20
61035b7
to
70301fe
Compare
thom311
force-pushed
the
th/wireguard-pt3
branch
from
January 21, 2019 09:21
70301fe
to
180aaf8
Compare
lkundrak
force-pushed
the
th/wireguard-pt3
branch
5 times, most recently
from
January 22, 2019 20:08
c479b99
to
04a27e9
Compare
Will be used next.
…ttingEthtool) We want to emit a change notification when gendata-based settings (like NMSettingEthtool) change. But instead of adding a separate signal, just emit a fake "notify:name" notification.
…se properties While nm_setting_enumerate_values() should not be used anymore, still extend it to make it workable also for properties that are not based on GObject properties.
Instead of special-casing the aggregate implementation for NMSettingVpn, delegate to a virtual function. This will also work with other settings, that have properties/secrets that are not GObject based properties.
For now only add the core settings, no peers' data. To support peers and the allowed-ips of the peers is more complicated and will be done later. It's more complicated because these are nested lists (allowed-ips) inside a list (peers). That is quite unusual and to conveniently support that in D-Bus API, in keyfile format, in libnm, and nmcli, is a effort. Also, it's further complicated by the fact that each peer has a secret (the preshared-key). Thus we probably need secret flags for each peer, which is a novelty as well (until now we require a fixed set of secrets per profile that is well known).
NMSockAddrEndpoint is an immutable structure that contains the endpoint string of a service. It also includes the (naive) parsing of the host and port/service parts. This will be used for the endpoint of WireGuard's peers. But since endpoints are not something specifict to WireGuard, give it a general name (and purpose) independent from WireGuard. Essentially, this structure takes a string in a manner that libnm understands, and uses it for node and service arguments for getaddrinfo(). NMSockAddrEndpoint allows to have endpoints that are not parsable into a host and port part. That is useful because our settings need to be able to hold invalid values. That is for forward compatibility (server sends a new endpoint format) and for better error handling (have invalid settings that can be constructed without loss, but fail later during the verify() step).
…rd profile Use the script to test how GObject introspection with libnm's WireGuard support works. Also, since support for WireGuard peers is not yet implemented in nmcli (or other clients), this script is rather useful.
Configuring peers (and allowed-ips of the peers) is not yet supported.
lkundrak
force-pushed
the
th/wireguard-pt3
branch
from
January 25, 2019 14:52
04a27e9
to
882b83e
Compare
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A major part for WireGuard support.
Still missing:
TODO.txt
fileBut I think it's at a point where it could be merged. We can make it perfect afterwards.