system/NetworkManager
system/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager synced 2024-07-09 04:05:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

nmtui: add MACsec support

Browse Source
This commit is contained in:
Beniamino Galvani 2022-09-26 13:45:35 +02:00
parent e45f4b6b9e
commit 9b396f7cc8
7 changed files with 239 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.am
View File

@ -5104,6 +5104,8 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nmt-page-ip4.h \
src/nmtui/nmt-page-ip6.c \
src/nmtui/nmt-page-ip6.h \
src/nmtui/nmt-page-macsec.c \
src/nmtui/nmt-page-macsec.h \
src/nmtui/nmt-page-ppp.c \
src/nmtui/nmt-page-ppp.h \
src/nmtui/nmt-page-team-port.c \

1
src/nmtui/meson.build
View File

@ -28,6 +28,7 @@ executable(
'nmt-page-ip4.c',
'nmt-page-ip6.c',
'nmt-page-ip-tunnel.c',
'nmt-page-macsec.c',
'nmt-page-ppp.c',
'nmt-page-team.c',
'nmt-page-team-port.c',

8
src/nmtui/nm-editor-utils.c
View File

@ -235,6 +235,14 @@ nm_editor_utils_get_connection_type_list(void)
item->id_format = _("IP tunnel connection %d");
g_ptr_array_add(array, item);
item = g_new0(NMEditorConnectionTypeDataReal, 1);
item->data.name = _("MACsec");
item->data.setting_type = NM_TYPE_SETTING_MACSEC;
item->data.device_type = NM_TYPE_DEVICE_MACSEC;
item->data.virtual = TRUE;
item->id_format = _("MACsec connection %d");
g_ptr_array_add(array, item);
#if 0
/* Add "VPN" only if there are plugins */
vpn_plugins_hash = nm_vpn_get_plugin_infos ();

1
src/nmtui/nmt-connect-connection-list.c
View File

@ -100,6 +100,7 @@ static const char *device_sort_order[] = {"NMDeviceEthernet",
NM_SETTING_TEAM_SETTING_NAME,
NM_SETTING_BRIDGE_SETTING_NAME,
NM_SETTING_IP_TUNNEL_SETTING_NAME,
NM_SETTING_MACSEC_SETTING_NAME,
NM_SETTING_WIREGUARD_SETTING_NAME,
NM_SETTING_TUN_SETTING_NAME,
"NMDeviceModem",

3
src/nmtui/nmt-editor.c
View File

@ -35,6 +35,7 @@
#include "nmt-page-ip-tunnel.h"
#include "nmt-page-ip4.h"
#include "nmt-page-ip6.h"
#include "nmt-page-macsec.h"
#include "nmt-page-ppp.h"
#include "nmt-page-team.h"
#include "nmt-page-team-port.h"
@ -362,6 +363,8 @@ nmt_editor_constructed(GObject *object)
page = nmt_page_bridge_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_INFINIBAND_SETTING_NAME))
page = nmt_page_infiniband_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_MACSEC_SETTING_NAME))
page = nmt_page_macsec_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_PPPOE_SETTING_NAME))
page = nmt_page_dsl_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_TEAM_SETTING_NAME))

196
src/nmtui/nmt-page-macsec.c Normal file
View File

@ -0,0 +1,196 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
/**
* SECTION:nmt-page-macsec
* @short_description: The editor page for MACsec connections
*/
#include "libnm-client-aux-extern/nm-default-client.h"
#include "nmt-page-macsec.h"
#include "libnm-core-aux-intern/nm-libnm-core-utils.h"
#include "nmt-device-entry.h"
#include "nmt-password-fields.h"
#include "nmt-8021x-fields.h"
typedef struct {
NMSetting8021x *s_8021x;
} NmtPageMacsecPrivate;
struct _NmtPageMacsec {
NmtEditorPageDevice parent;
NmtPageMacsecPrivate _priv;
};
struct _NmtPageMacsecClass {
NmtEditorPageDeviceClass parent;
};
G_DEFINE_TYPE(NmtPageMacsec, nmt_page_macsec, NMT_TYPE_EDITOR_PAGE_DEVICE)
#define NMT_PAGE_MACSEC_GET_PRIVATE(self) _NM_GET_PRIVATE(self, NmtPageMacsec, NMT_IS_PAGE_MACSEC)
static void
nmt_page_macsec_init(NmtPageMacsec *macsec)
{}
NmtEditorPage *
nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry)
{
return g_object_new(NMT_TYPE_PAGE_MACSEC, "connection", conn, "device-entry", deventry, NULL);
}
static void
macsec_mode_changed(NmtNewtWidget *widget, GParamSpec *pspec, gpointer user_data)
{
NmtPageMacsec *macsec = user_data;
NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec);
NMConnection *conn;
gboolean mode_eap;
gboolean has_setting;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec));
has_setting = !!nm_connection_get_setting(conn, NM_TYPE_SETTING_802_1X);
mode_eap = nmt_newt_popup_get_active(NMT_NEWT_POPUP(widget)) == NM_SETTING_MACSEC_MODE_EAP;
if (mode_eap != has_setting) {
if (mode_eap)
nm_connection_add_setting(conn, NM_SETTING(priv->s_8021x));
else
nm_connection_remove_setting(conn, NM_TYPE_SETTING_802_1X);
}
}
static NmtNewtPopupEntry macsec_mode[] = {{N_("PSK"), "psk"}, {N_("EAP"), "eap"}, {NULL, NULL}};
static NmtNewtPopupEntry macsec_validation[] = {{N_("Disabled"), "disabled"},
{N_("Check"), "check"},
{N_("Strict"), "strict"},
{NULL, NULL}};
static void
nmt_page_macsec_constructed(GObject *object)
{
NmtPageMacsec *macsec = NMT_PAGE_MACSEC(object);
NmtPageMacsecPrivate *priv = NMT_PAGE_MACSEC_GET_PRIVATE(macsec);
NMConnection *conn;
NMSettingMacsec *s_macsec;
NMSetting8021x *s_8021x;
NmtNewtStack *stack;
NmtEditorSection *section;
NmtEditorGrid *grid;
NmtNewtWidget *subgrid;
NmtNewtWidget *widget;
NmtNewtWidget *mode;
conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(macsec));
s_macsec = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_MACSEC);
s_8021x = nm_connection_get_setting_802_1x(conn);
if (!s_8021x) {
s_8021x = NM_SETTING_802_1X(nm_setting_802_1x_new());
nm_setting_802_1x_add_eap_method(s_8021x, "MD5");
}
priv->s_8021x = g_object_ref(s_8021x);
section = nmt_editor_section_new(_("MACsec"), NULL, TRUE);
grid = nmt_editor_section_get_body(section);
widget = nmt_device_entry_new(_("Parent device"), 40, G_TYPE_NONE);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_PARENT,
widget,
"interface-name",
G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
nmt_editor_grid_append(grid, NULL, widget, NULL);
nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL);
widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_mode);
nmt_editor_grid_append(grid, _("Mode"), widget, NULL);
mode = widget;
widget = nmt_newt_stack_new();
stack = NMT_NEWT_STACK(widget);
/* PSK stack grid */
subgrid = nmt_editor_grid_new();
widget =
nmt_password_fields_new(40,
NMT_PASSWORD_FIELDS_SHOW_PASSWORD | NMT_PASSWORD_FIELDS_NOT_EMPTY);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MKA_CAK,
widget,
"password",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CAK"), widget, NULL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), _("CKN"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MKA_CKN,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_newt_stack_add(stack, "psk", subgrid);
/* EAP stack grid */
subgrid = nmt_editor_grid_new();
widget = NMT_NEWT_WIDGET(nmt_8021x_fields_new(s_8021x, TRUE));
nmt_editor_grid_append(NMT_EDITOR_GRID(subgrid), NULL, widget, NULL);
nmt_newt_stack_add(stack, "eap", subgrid);
g_object_bind_property(mode, "active-id", stack, "active-id", G_BINDING_SYNC_CREATE);
nmt_editor_grid_append(grid, NULL, NMT_NEWT_WIDGET(stack), NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_MODE,
mode,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
g_signal_connect(mode, "notify::active", G_CALLBACK(macsec_mode_changed), macsec);
macsec_mode_changed(mode, NULL, macsec);
nmt_editor_grid_append(grid, NULL, nmt_newt_separator_new(), NULL);
/* Other MACsec options */
widget = nmt_newt_popup_new((NmtNewtPopupEntry *) &macsec_validation);
nmt_editor_grid_append(grid, _("Validation"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_VALIDATION,
widget,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_entry_new(40, 0);
nmt_editor_grid_append(grid, _("SCI port"), widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_PORT,
widget,
"text",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
widget = nmt_newt_checkbox_new(_("Encrypt traffic"));
nmt_editor_grid_append(grid, NULL, widget, NULL);
g_object_bind_property(s_macsec,
NM_SETTING_MACSEC_ENCRYPT,
widget,
"active",
G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
nmt_editor_page_add_section(NMT_EDITOR_PAGE(macsec), section);
G_OBJECT_CLASS(nmt_page_macsec_parent_class)->constructed(object);
}
static void
nmt_page_macsec_class_init(NmtPageMacsecClass *macsec_class)
{
GObjectClass *object_class = G_OBJECT_CLASS(macsec_class);
object_class->constructed = nmt_page_macsec_constructed;
}

28
src/nmtui/nmt-page-macsec.h Normal file
View File

@ -0,0 +1,28 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2022 Red Hat, Inc.
*/
#ifndef NMT_PAGE_MACSEC_H
#define NMT_PAGE_MACSEC_H
#include "nmt-editor-page-device.h"
#define NMT_TYPE_PAGE_MACSEC (nmt_page_macsec_get_type())
#define NMT_PAGE_MACSEC(obj) \
(G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsec))
#define NMT_PAGE_MACSEC_CLASS(klass) \
(G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass))
#define NMT_IS_PAGE_MACSEC(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_PAGE_MACSEC))
#define NMT_IS_PAGE_MACSEC_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_PAGE_MACSEC))
#define NMT_PAGE_MACSEC_GET_CLASS(obj) \
(G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_MACSEC, NmtPageMacsecClass))
typedef struct _NmtPageMacsec NmtPageMacsec;
typedef struct _NmtPageMacsecClass NmtPageMacsecClass;
GType nmt_page_macsec_get_type(void);
NmtEditorPage *nmt_page_macsec_new(NMConnection *conn, NmtDeviceEntry *deventry);
#endif /* NMT_PAGE_MACSEC_H */