mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-09-06 17:14:02 +00:00
libnm-core: add NMSettingMacsec
The new NMSettingMacsec contains information necessary to establish a MACsec connection. At the moment we support two different MACsec modes, both using wpa_supplicant: PSK and EAP. PSK mode is based on a static CAK key for the MACsec key agreement protocol, while EAP mode derives keys from a 802.1x authentication and thus requires the presence of a NMSetting8021x in the connection.
This commit is contained in:
parent
67adbda83e
commit
d252a99fa2
|
@ -379,6 +379,7 @@ libnm_core_lib_h_pub_real = \
|
||||||
libnm-core/nm-setting-ip-tunnel.h \
|
libnm-core/nm-setting-ip-tunnel.h \
|
||||||
libnm-core/nm-setting-ip4-config.h \
|
libnm-core/nm-setting-ip4-config.h \
|
||||||
libnm-core/nm-setting-ip6-config.h \
|
libnm-core/nm-setting-ip6-config.h \
|
||||||
|
libnm-core/nm-setting-macsec.h \
|
||||||
libnm-core/nm-setting-macvlan.h \
|
libnm-core/nm-setting-macvlan.h \
|
||||||
libnm-core/nm-setting-olpc-mesh.h \
|
libnm-core/nm-setting-olpc-mesh.h \
|
||||||
libnm-core/nm-setting-ppp.h \
|
libnm-core/nm-setting-ppp.h \
|
||||||
|
@ -441,6 +442,7 @@ libnm_core_lib_c_real = \
|
||||||
libnm-core/nm-setting-ip-tunnel.c \
|
libnm-core/nm-setting-ip-tunnel.c \
|
||||||
libnm-core/nm-setting-ip4-config.c \
|
libnm-core/nm-setting-ip4-config.c \
|
||||||
libnm-core/nm-setting-ip6-config.c \
|
libnm-core/nm-setting-ip6-config.c \
|
||||||
|
libnm-core/nm-setting-macsec.c \
|
||||||
libnm-core/nm-setting-macvlan.c \
|
libnm-core/nm-setting-macvlan.c \
|
||||||
libnm-core/nm-setting-olpc-mesh.c \
|
libnm-core/nm-setting-olpc-mesh.c \
|
||||||
libnm-core/nm-setting-ppp.c \
|
libnm-core/nm-setting-ppp.c \
|
||||||
|
|
|
@ -1850,6 +1850,7 @@ nm_connection_is_virtual (NMConnection *connection)
|
||||||
|| !strcmp (type, NM_SETTING_VLAN_SETTING_NAME)
|
|| !strcmp (type, NM_SETTING_VLAN_SETTING_NAME)
|
||||||
|| !strcmp (type, NM_SETTING_TUN_SETTING_NAME)
|
|| !strcmp (type, NM_SETTING_TUN_SETTING_NAME)
|
||||||
|| !strcmp (type, NM_SETTING_IP_TUNNEL_SETTING_NAME)
|
|| !strcmp (type, NM_SETTING_IP_TUNNEL_SETTING_NAME)
|
||||||
|
|| !strcmp (type, NM_SETTING_MACSEC_SETTING_NAME)
|
||||||
|| !strcmp (type, NM_SETTING_MACVLAN_SETTING_NAME)
|
|| !strcmp (type, NM_SETTING_MACVLAN_SETTING_NAME)
|
||||||
|| !strcmp (type, NM_SETTING_VXLAN_SETTING_NAME))
|
|| !strcmp (type, NM_SETTING_VXLAN_SETTING_NAME))
|
||||||
return TRUE;
|
return TRUE;
|
||||||
|
@ -2161,6 +2162,24 @@ nm_connection_get_setting_ip6_config (NMConnection *connection)
|
||||||
return (NMSettingIPConfig *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP6_CONFIG);
|
return (NMSettingIPConfig *) nm_connection_get_setting (connection, NM_TYPE_SETTING_IP6_CONFIG);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_connection_get_setting_macsec:
|
||||||
|
* @connection: the #NMConnection
|
||||||
|
*
|
||||||
|
* A shortcut to return any #NMSettingMacsec the connection might contain.
|
||||||
|
*
|
||||||
|
* Returns: (transfer none): an #NMSettingMacsec if the connection contains one, otherwise %NULL
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
NMSettingMacsec *
|
||||||
|
nm_connection_get_setting_macsec (NMConnection *connection)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
|
||||||
|
|
||||||
|
return (NMSettingMacsec *) nm_connection_get_setting (connection, NM_TYPE_SETTING_MACSEC);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* nm_connection_get_setting_macvlan:
|
* nm_connection_get_setting_macvlan:
|
||||||
* @connection: the #NMConnection
|
* @connection: the #NMConnection
|
||||||
|
|
|
@ -206,6 +206,8 @@ NM_AVAILABLE_IN_1_2
|
||||||
NMSettingIPTunnel * nm_connection_get_setting_ip_tunnel (NMConnection *connection);
|
NMSettingIPTunnel * nm_connection_get_setting_ip_tunnel (NMConnection *connection);
|
||||||
NMSettingIPConfig * nm_connection_get_setting_ip4_config (NMConnection *connection);
|
NMSettingIPConfig * nm_connection_get_setting_ip4_config (NMConnection *connection);
|
||||||
NMSettingIPConfig * nm_connection_get_setting_ip6_config (NMConnection *connection);
|
NMSettingIPConfig * nm_connection_get_setting_ip6_config (NMConnection *connection);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
NMSettingMacsec * nm_connection_get_setting_macsec (NMConnection *connection);
|
||||||
NM_AVAILABLE_IN_1_2
|
NM_AVAILABLE_IN_1_2
|
||||||
NMSettingMacvlan * nm_connection_get_setting_macvlan (NMConnection *connection);
|
NMSettingMacvlan * nm_connection_get_setting_macvlan (NMConnection *connection);
|
||||||
NMSettingOlpcMesh * nm_connection_get_setting_olpc_mesh (NMConnection *connection);
|
NMSettingOlpcMesh * nm_connection_get_setting_olpc_mesh (NMConnection *connection);
|
||||||
|
|
|
@ -52,6 +52,7 @@
|
||||||
#include "nm-setting-proxy.h"
|
#include "nm-setting-proxy.h"
|
||||||
#include "nm-setting-ip4-config.h"
|
#include "nm-setting-ip4-config.h"
|
||||||
#include "nm-setting-ip6-config.h"
|
#include "nm-setting-ip6-config.h"
|
||||||
|
#include "nm-setting-macsec.h"
|
||||||
#include "nm-setting-macvlan.h"
|
#include "nm-setting-macvlan.h"
|
||||||
#include "nm-setting-olpc-mesh.h"
|
#include "nm-setting-olpc-mesh.h"
|
||||||
#include "nm-setting-ppp.h"
|
#include "nm-setting-ppp.h"
|
||||||
|
|
|
@ -46,6 +46,7 @@ typedef struct _NMSettingIPTunnel NMSettingIPTunnel;
|
||||||
typedef struct _NMSettingProxy NMSettingProxy;
|
typedef struct _NMSettingProxy NMSettingProxy;
|
||||||
typedef struct _NMSettingIP4Config NMSettingIP4Config;
|
typedef struct _NMSettingIP4Config NMSettingIP4Config;
|
||||||
typedef struct _NMSettingIP6Config NMSettingIP6Config;
|
typedef struct _NMSettingIP6Config NMSettingIP6Config;
|
||||||
|
typedef struct _NMSettingMacsec NMSettingMacsec;
|
||||||
typedef struct _NMSettingMacvlan NMSettingMacvlan;
|
typedef struct _NMSettingMacvlan NMSettingMacvlan;
|
||||||
typedef struct _NMSettingOlpcMesh NMSettingOlpcMesh;
|
typedef struct _NMSettingOlpcMesh NMSettingOlpcMesh;
|
||||||
typedef struct _NMSettingPpp NMSettingPpp;
|
typedef struct _NMSettingPpp NMSettingPpp;
|
||||||
|
|
592
libnm-core/nm-setting-macsec.c
Normal file
592
libnm-core/nm-setting-macsec.c
Normal file
|
@ -0,0 +1,592 @@
|
||||||
|
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
|
||||||
|
/*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the
|
||||||
|
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
* Boston, MA 02110-1301 USA.
|
||||||
|
*
|
||||||
|
* Copyright 2017 Red Hat, Inc.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "nm-default.h"
|
||||||
|
|
||||||
|
#include "nm-setting-macsec.h"
|
||||||
|
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include "nm-utils.h"
|
||||||
|
#include "nm-core-types-internal.h"
|
||||||
|
#include "nm-setting-connection.h"
|
||||||
|
#include "nm-setting-private.h"
|
||||||
|
#include "nm-setting-wired.h"
|
||||||
|
#include "nm-connection-private.h"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* SECTION:nm-setting-macsec
|
||||||
|
* @short_description: Describes connection properties for MACSEC interfaces
|
||||||
|
*
|
||||||
|
* The #NMSettingMacsec object is a #NMSetting subclass that describes properties
|
||||||
|
* necessary for connection to MACsec (IEEE 802.1AE) interfaces.
|
||||||
|
**/
|
||||||
|
|
||||||
|
G_DEFINE_TYPE_WITH_CODE (NMSettingMacsec, nm_setting_macsec, NM_TYPE_SETTING,
|
||||||
|
_nm_register_setting (MACSEC, 1))
|
||||||
|
NM_SETTING_REGISTER_TYPE (NM_TYPE_SETTING_MACSEC)
|
||||||
|
|
||||||
|
#define NM_SETTING_MACSEC_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_SETTING_MACSEC, NMSettingMacsecPrivate))
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
char *parent;
|
||||||
|
NMSettingMacsecMode mode;
|
||||||
|
gboolean encrypt;
|
||||||
|
char *mka_cak;
|
||||||
|
NMSettingSecretFlags mka_cak_flags;
|
||||||
|
char *mka_ckn;
|
||||||
|
int port;
|
||||||
|
NMSettingMacsecValidation validation;
|
||||||
|
} NMSettingMacsecPrivate;
|
||||||
|
|
||||||
|
NM_GOBJECT_PROPERTIES_DEFINE_BASE (
|
||||||
|
PROP_PARENT,
|
||||||
|
PROP_MODE,
|
||||||
|
PROP_ENCRYPT,
|
||||||
|
PROP_MKA_CAK,
|
||||||
|
PROP_MKA_CAK_FLAGS,
|
||||||
|
PROP_MKA_CKN,
|
||||||
|
PROP_PORT,
|
||||||
|
PROP_VALIDATION,
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_new:
|
||||||
|
*
|
||||||
|
* Creates a new #NMSettingMacsec object with default values.
|
||||||
|
*
|
||||||
|
* Returns: (transfer full): the new empty #NMSettingMacsec object
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
NMSetting *
|
||||||
|
nm_setting_macsec_new (void)
|
||||||
|
{
|
||||||
|
return (NMSetting *) g_object_new (NM_TYPE_SETTING_MACSEC, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_parent:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:parent property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
const char *
|
||||||
|
nm_setting_macsec_get_parent (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NULL);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->parent;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_mode:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:mode property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
NMSettingMacsecMode
|
||||||
|
nm_setting_macsec_get_mode (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NM_SETTING_MACSEC_MODE_PSK);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->mode;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_encrypt:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:encrypt property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
gboolean
|
||||||
|
nm_setting_macsec_get_encrypt (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), TRUE);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->encrypt;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_mka_cak
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:mka-cak property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
const char *
|
||||||
|
nm_setting_macsec_get_mka_cak (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NULL);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->mka_cak;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_mka_cak_flags:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingSecretFlags pertaining to the #NMSettingMacsec:mka-cak
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
NMSettingSecretFlags
|
||||||
|
nm_setting_macsec_get_mka_cak_flags (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NM_SETTING_SECRET_FLAG_NONE);
|
||||||
|
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->mka_cak_flags;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_mka_ckn:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:mka-ckn property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
const char *
|
||||||
|
nm_setting_macsec_get_mka_ckn (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NULL);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->mka_ckn;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_port:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:port property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
int
|
||||||
|
nm_setting_macsec_get_port (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), 1);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->port;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nm_setting_macsec_get_validation:
|
||||||
|
* @setting: the #NMSettingMacsec
|
||||||
|
*
|
||||||
|
* Returns: the #NMSettingMacsec:validation property of the setting
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
NMSettingMacsecValidation
|
||||||
|
nm_setting_macsec_get_validation (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
g_return_val_if_fail (NM_IS_SETTING_MACSEC (setting), NM_SETTING_MACSEC_VALIDATION_DISABLE);
|
||||||
|
return NM_SETTING_MACSEC_GET_PRIVATE (setting)->validation;
|
||||||
|
}
|
||||||
|
|
||||||
|
static GPtrArray *
|
||||||
|
need_secrets (NMSetting *setting)
|
||||||
|
{
|
||||||
|
NMSettingMacsecPrivate *priv = NM_SETTING_MACSEC_GET_PRIVATE (setting);
|
||||||
|
GPtrArray *secrets = NULL;
|
||||||
|
|
||||||
|
if (priv->mode == NM_SETTING_MACSEC_MODE_PSK) {
|
||||||
|
if ( !priv->mka_cak
|
||||||
|
&& !NM_FLAGS_HAS (priv->mka_cak_flags, NM_SETTING_SECRET_FLAG_NOT_REQUIRED)) {
|
||||||
|
secrets = g_ptr_array_sized_new (1);
|
||||||
|
g_ptr_array_add (secrets, NM_SETTING_MACSEC_MKA_CAK);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return secrets;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*********************************************************************/
|
||||||
|
|
||||||
|
static gboolean
|
||||||
|
verify_macsec_key (const char *key, gboolean cak, GError **error)
|
||||||
|
{
|
||||||
|
int req_len;
|
||||||
|
|
||||||
|
if (!key || !key[0]) {
|
||||||
|
g_set_error_literal (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
|
_("the key is empty"));
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
req_len = cak ?
|
||||||
|
NM_SETTING_MACSEC_MKA_CAK_LENGTH :
|
||||||
|
NM_SETTING_MACSEC_MKA_CKN_LENGTH;
|
||||||
|
if (strlen (key) != req_len) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
|
_("the key must be %d characters"), req_len);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!NM_STRCHAR_ALL (key, ch, g_ascii_isxdigit (ch))) {
|
||||||
|
g_set_error_literal (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
|
_("the key contais non-hexadecimal characters"));
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
static gboolean
|
||||||
|
verify (NMSetting *setting, NMConnection *connection, GError **error)
|
||||||
|
{
|
||||||
|
NMSettingMacsecPrivate *priv = NM_SETTING_MACSEC_GET_PRIVATE (setting);
|
||||||
|
NMSettingConnection *s_con = NULL;
|
||||||
|
NMSettingWired *s_wired = NULL;
|
||||||
|
NMSetting8021x *s_8021x = NULL;
|
||||||
|
|
||||||
|
if (connection) {
|
||||||
|
s_con = nm_connection_get_setting_connection (connection);
|
||||||
|
s_wired = nm_connection_get_setting_wired (connection);
|
||||||
|
s_8021x = nm_connection_get_setting_802_1x (connection);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (priv->parent) {
|
||||||
|
if (nm_utils_is_uuid (priv->parent)) {
|
||||||
|
/* If we have an NMSettingConnection:master with slave-type="macsec",
|
||||||
|
* then it must be the same UUID.
|
||||||
|
*/
|
||||||
|
if (s_con) {
|
||||||
|
const char *master = NULL, *slave_type = NULL;
|
||||||
|
|
||||||
|
slave_type = nm_setting_connection_get_slave_type (s_con);
|
||||||
|
if (!g_strcmp0 (slave_type, NM_SETTING_MACSEC_SETTING_NAME))
|
||||||
|
master = nm_setting_connection_get_master (s_con);
|
||||||
|
|
||||||
|
if (master && g_strcmp0 (priv->parent, master) != 0) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
|
_("'%s' value doesn't match '%s=%s'"),
|
||||||
|
priv->parent, NM_SETTING_CONNECTION_MASTER, master);
|
||||||
|
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_MACSEC_PARENT);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else if (!nm_utils_iface_valid_name (priv->parent)) {
|
||||||
|
/* parent must be either a UUID or an interface name */
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||||
|
_("'%s' is neither an UUID nor an interface name"),
|
||||||
|
priv->parent);
|
||||||
|
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_MACSEC_PARENT);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
/* If parent is NULL, the parent must be specified via
|
||||||
|
* NMSettingWired:mac-address.
|
||||||
|
*/
|
||||||
|
if ( connection
|
||||||
|
&& (!s_wired || !nm_setting_wired_get_mac_address (s_wired))) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_MISSING_PROPERTY,
|
||||||
|
_("property is not specified and neither is '%s:%s'"),
|
||||||
|
NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MAC_ADDRESS);
|
||||||
|
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_MACSEC_PARENT);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (priv->mode == NM_SETTING_MACSEC_MODE_PSK) {
|
||||||
|
if (!verify_macsec_key (priv->mka_ckn, FALSE, error)) {
|
||||||
|
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_MACSEC_MKA_CKN);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
} else if (priv->mode == NM_SETTING_MACSEC_MODE_EAP) {
|
||||||
|
if (!s_8021x) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_MISSING_SETTING,
|
||||||
|
_("EAP key management requires '%s' setting presence"),
|
||||||
|
NM_SETTING_802_1X_SETTING_NAME);
|
||||||
|
g_prefix_error (error, "%s: ", NM_SETTING_MACSEC_SETTING_NAME);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (priv->port <= 0 || priv->port > 65534) {
|
||||||
|
g_set_error (error,
|
||||||
|
NM_CONNECTION_ERROR,
|
||||||
|
NM_CONNECTION_ERROR_MISSING_PROPERTY,
|
||||||
|
_("invalid port %d"),
|
||||||
|
priv->port);
|
||||||
|
g_prefix_error (error, "%s.%s: ", NM_SETTING_MACSEC_SETTING_NAME, NM_SETTING_MACSEC_PORT);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
nm_setting_macsec_init (NMSettingMacsec *setting)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
set_property (GObject *object, guint prop_id,
|
||||||
|
const GValue *value, GParamSpec *pspec)
|
||||||
|
{
|
||||||
|
NMSettingMacsec *setting = NM_SETTING_MACSEC (object);
|
||||||
|
NMSettingMacsecPrivate *priv = NM_SETTING_MACSEC_GET_PRIVATE (setting);
|
||||||
|
|
||||||
|
switch (prop_id) {
|
||||||
|
case PROP_PARENT:
|
||||||
|
g_free (priv->parent);
|
||||||
|
priv->parent = g_value_dup_string (value);
|
||||||
|
break;
|
||||||
|
case PROP_MODE:
|
||||||
|
priv->mode = g_value_get_int (value);
|
||||||
|
break;
|
||||||
|
case PROP_ENCRYPT:
|
||||||
|
priv->encrypt = g_value_get_boolean (value);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CAK:
|
||||||
|
g_free (priv->mka_cak);
|
||||||
|
priv->mka_cak = g_value_dup_string (value);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CAK_FLAGS:
|
||||||
|
priv->mka_cak_flags = g_value_get_flags (value);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CKN:
|
||||||
|
g_free (priv->mka_ckn);
|
||||||
|
priv->mka_ckn = g_value_dup_string (value);
|
||||||
|
break;
|
||||||
|
case PROP_PORT:
|
||||||
|
priv->port = g_value_get_int (value);
|
||||||
|
break;
|
||||||
|
case PROP_VALIDATION:
|
||||||
|
priv->validation = g_value_get_int (value);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
get_property (GObject *object, guint prop_id,
|
||||||
|
GValue *value, GParamSpec *pspec)
|
||||||
|
{
|
||||||
|
NMSettingMacsec *setting = NM_SETTING_MACSEC (object);
|
||||||
|
NMSettingMacsecPrivate *priv = NM_SETTING_MACSEC_GET_PRIVATE (setting);
|
||||||
|
|
||||||
|
switch (prop_id) {
|
||||||
|
case PROP_PARENT:
|
||||||
|
g_value_set_string (value, priv->parent);
|
||||||
|
break;
|
||||||
|
case PROP_MODE:
|
||||||
|
g_value_set_int (value, priv->mode);
|
||||||
|
break;
|
||||||
|
case PROP_ENCRYPT:
|
||||||
|
g_value_set_boolean (value, priv->encrypt);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CAK:
|
||||||
|
g_value_set_string (value, priv->mka_cak);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CAK_FLAGS:
|
||||||
|
g_value_set_flags (value, priv->mka_cak_flags);
|
||||||
|
break;
|
||||||
|
case PROP_MKA_CKN:
|
||||||
|
g_value_set_string (value, priv->mka_ckn);
|
||||||
|
break;
|
||||||
|
case PROP_PORT:
|
||||||
|
g_value_set_int (value, priv->port);
|
||||||
|
break;
|
||||||
|
case PROP_VALIDATION:
|
||||||
|
g_value_set_int (value, priv->validation);
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
finalize (GObject *object)
|
||||||
|
{
|
||||||
|
NMSettingMacsec *setting = NM_SETTING_MACSEC (object);
|
||||||
|
NMSettingMacsecPrivate *priv = NM_SETTING_MACSEC_GET_PRIVATE (setting);
|
||||||
|
|
||||||
|
g_free (priv->parent);
|
||||||
|
if (priv->mka_cak) {
|
||||||
|
memset (priv->mka_cak, 0, strlen (priv->mka_cak));
|
||||||
|
g_free (priv->mka_cak);
|
||||||
|
}
|
||||||
|
g_free (priv->mka_ckn);
|
||||||
|
|
||||||
|
G_OBJECT_CLASS (nm_setting_macsec_parent_class)->finalize (object);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
nm_setting_macsec_class_init (NMSettingMacsecClass *setting_class)
|
||||||
|
{
|
||||||
|
GObjectClass *object_class = G_OBJECT_CLASS (setting_class);
|
||||||
|
NMSettingClass *parent_class = NM_SETTING_CLASS (setting_class);
|
||||||
|
|
||||||
|
g_type_class_add_private (setting_class, sizeof (NMSettingMacsecPrivate));
|
||||||
|
|
||||||
|
object_class->set_property = set_property;
|
||||||
|
object_class->get_property = get_property;
|
||||||
|
object_class->finalize = finalize;
|
||||||
|
parent_class->verify = verify;
|
||||||
|
parent_class->need_secrets = need_secrets;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:parent:
|
||||||
|
*
|
||||||
|
* If given, specifies the parent interface name or parent connection UUID
|
||||||
|
* from which this MACSEC interface should be created. If this property is
|
||||||
|
* not specified, the connection must contain an #NMSettingWired setting
|
||||||
|
* with a #NMSettingWired:mac-address property.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_PARENT] =
|
||||||
|
g_param_spec_string (NM_SETTING_MACSEC_PARENT, "", "",
|
||||||
|
NULL,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
NM_SETTING_PARAM_INFERRABLE |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:mode:
|
||||||
|
*
|
||||||
|
* Specifies how the CAK (Connectivity Association Key) for MKA (MACsec Key
|
||||||
|
* Agreement) is obtained.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_MODE] =
|
||||||
|
g_param_spec_int (NM_SETTING_MACSEC_MODE, "", "",
|
||||||
|
G_MININT, G_MAXINT, NM_SETTING_MACSEC_MODE_PSK,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
NM_SETTING_PARAM_INFERRABLE |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:encrypt:
|
||||||
|
*
|
||||||
|
* Whether the transmitted traffic must be encrypted.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_ENCRYPT] =
|
||||||
|
g_param_spec_boolean (NM_SETTING_MACSEC_ENCRYPT, "", "",
|
||||||
|
TRUE,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:mka-cak:
|
||||||
|
*
|
||||||
|
* The pre-shared CAK (Connectivity Association Key) for MACsec
|
||||||
|
* Key Agreement.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_MKA_CAK] =
|
||||||
|
g_param_spec_string (NM_SETTING_MACSEC_MKA_CAK, "", "",
|
||||||
|
NULL,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
NM_SETTING_PARAM_SECRET |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:mka-cak-flags:
|
||||||
|
*
|
||||||
|
* Flags indicating how to handle the #NMSettingMacsec:mka-cak
|
||||||
|
* property.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_MKA_CAK_FLAGS] =
|
||||||
|
g_param_spec_flags (NM_SETTING_MACSEC_MKA_CAK_FLAGS, "", "",
|
||||||
|
NM_TYPE_SETTING_SECRET_FLAGS,
|
||||||
|
NM_SETTING_SECRET_FLAG_NONE,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:mka-ckn:
|
||||||
|
*
|
||||||
|
* The pre-shared CKN (Connectivity-association Key Name) for
|
||||||
|
* MACsec Key Agreement.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_MKA_CKN] =
|
||||||
|
g_param_spec_string (NM_SETTING_MACSEC_MKA_CKN, "", "",
|
||||||
|
NULL,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:port:
|
||||||
|
*
|
||||||
|
* The port component of the SCI (Secure Channel Identifier), between 1 and 65534.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_PORT] =
|
||||||
|
g_param_spec_int (NM_SETTING_MACSEC_PORT, "", "",
|
||||||
|
1, 65534, 1,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
NM_SETTING_PARAM_INFERRABLE |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:validation:
|
||||||
|
*
|
||||||
|
* Specifies the validation mode for incoming frames.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
**/
|
||||||
|
obj_properties[PROP_VALIDATION] =
|
||||||
|
g_param_spec_int (NM_SETTING_MACSEC_VALIDATION, "", "",
|
||||||
|
G_MININT, G_MAXINT, NM_SETTING_MACSEC_VALIDATION_STRICT,
|
||||||
|
G_PARAM_READWRITE |
|
||||||
|
G_PARAM_CONSTRUCT |
|
||||||
|
NM_SETTING_PARAM_INFERRABLE |
|
||||||
|
G_PARAM_STATIC_STRINGS);
|
||||||
|
|
||||||
|
g_object_class_install_properties (object_class, _PROPERTY_ENUMS_LAST, obj_properties);
|
||||||
|
}
|
126
libnm-core/nm-setting-macsec.h
Normal file
126
libnm-core/nm-setting-macsec.h
Normal file
|
@ -0,0 +1,126 @@
|
||||||
|
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the
|
||||||
|
* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
||||||
|
* Boston, MA 02110-1301 USA.
|
||||||
|
*
|
||||||
|
* Copyright 2017 Red Hat, Inc.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __NM_SETTING_MACSEC_H__
|
||||||
|
#define __NM_SETTING_MACSEC_H__
|
||||||
|
|
||||||
|
#if !defined (__NETWORKMANAGER_H_INSIDE__) && !defined (NETWORKMANAGER_COMPILATION)
|
||||||
|
#error "Only <NetworkManager.h> can be included directly."
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include "nm-setting.h"
|
||||||
|
|
||||||
|
G_BEGIN_DECLS
|
||||||
|
|
||||||
|
#define NM_TYPE_SETTING_MACSEC (nm_setting_macsec_get_type ())
|
||||||
|
#define NM_SETTING_MACSEC(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NM_TYPE_SETTING_MACSEC, NMSettingMacsec))
|
||||||
|
#define NM_SETTING_MACSEC_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NM_TYPE_SETTING_MACSECCONFIG, NMSettingMacsecClass))
|
||||||
|
#define NM_IS_SETTING_MACSEC(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NM_TYPE_SETTING_MACSEC))
|
||||||
|
#define NM_IS_SETTING_MACSEC_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NM_TYPE_SETTING_MACSEC))
|
||||||
|
#define NM_SETTING_MACSEC_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NM_TYPE_SETTING_MACSEC, NMSettingMacsecClass))
|
||||||
|
|
||||||
|
#define NM_SETTING_MACSEC_SETTING_NAME "macsec"
|
||||||
|
|
||||||
|
#define NM_SETTING_MACSEC_PARENT "parent"
|
||||||
|
#define NM_SETTING_MACSEC_MODE "mode"
|
||||||
|
#define NM_SETTING_MACSEC_ENCRYPT "encrypt"
|
||||||
|
#define NM_SETTING_MACSEC_MKA_CAK "mka-cak"
|
||||||
|
#define NM_SETTING_MACSEC_MKA_CAK_FLAGS "mka-cak-flags"
|
||||||
|
#define NM_SETTING_MACSEC_MKA_CKN "mka-ckn"
|
||||||
|
#define NM_SETTING_MACSEC_PORT "port"
|
||||||
|
#define NM_SETTING_MACSEC_VALIDATION "validation"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsec:
|
||||||
|
*/
|
||||||
|
struct _NMSettingMacsec {
|
||||||
|
NMSetting parent;
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
NMSettingClass parent;
|
||||||
|
|
||||||
|
/*< private >*/
|
||||||
|
gpointer padding[4];
|
||||||
|
} NMSettingMacsecClass;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsecMode:
|
||||||
|
* @NM_SETTING_MACSEC_MODE_PSK: The CAK is pre-shared
|
||||||
|
* @NM_SETTING_MACSEC_MODE_EAP: The CAK is the result of participation in EAP
|
||||||
|
*
|
||||||
|
* #NMSettingMacsecMode controls how the CAK (Connectivity Association Key) used
|
||||||
|
* in MKA (MACsec Key Agreement) is obtained.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
*/
|
||||||
|
typedef enum {
|
||||||
|
NM_SETTING_MACSEC_MODE_PSK = 0,
|
||||||
|
NM_SETTING_MACSEC_MODE_EAP = 1,
|
||||||
|
} NMSettingMacsecMode;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NMSettingMacsecValidation:
|
||||||
|
* @NM_SETTING_MACSEC_VALIDATION_DISABLE: All incoming frames are accepted if
|
||||||
|
* possible
|
||||||
|
* @NM_SETTING_MACSEC_VALIDATION_CHECK: Non protected, invalid, or impossible to
|
||||||
|
* verify frames are accepted and counted as "invalid"
|
||||||
|
* @NM_SETTING_MACSEC_VALIDATION_STRICT: Non protected, invalid, or impossible to
|
||||||
|
* verify frames are dropped
|
||||||
|
*
|
||||||
|
* #NMSettingMacsecValidation specifies a validation mode for incoming frames.
|
||||||
|
*
|
||||||
|
* Since: 1.6
|
||||||
|
*/
|
||||||
|
typedef enum {
|
||||||
|
NM_SETTING_MACSEC_VALIDATION_DISABLE = 0,
|
||||||
|
NM_SETTING_MACSEC_VALIDATION_CHECK = 1,
|
||||||
|
NM_SETTING_MACSEC_VALIDATION_STRICT = 2,
|
||||||
|
} NMSettingMacsecValidation;
|
||||||
|
|
||||||
|
#define NM_SETTING_MACSEC_MKA_CAK_LENGTH 32
|
||||||
|
#define NM_SETTING_MACSEC_MKA_CKN_LENGTH 64
|
||||||
|
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
GType nm_setting_macsec_get_type (void);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
NMSetting *nm_setting_macsec_new (void);
|
||||||
|
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
const char *nm_setting_macsec_get_parent (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
NMSettingMacsecMode nm_setting_macsec_get_mode (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
gboolean nm_setting_macsec_get_encrypt (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
const char *nm_setting_macsec_get_mka_cak (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
NMSettingSecretFlags nm_setting_macsec_get_mka_cak_flags (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
const char *nm_setting_macsec_get_mka_ckn (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
int nm_setting_macsec_get_port (NMSettingMacsec *setting);
|
||||||
|
NM_AVAILABLE_IN_1_6
|
||||||
|
NMSettingMacsecValidation nm_setting_macsec_get_validation (NMSettingMacsec *setting);
|
||||||
|
|
||||||
|
G_END_DECLS
|
||||||
|
|
||||||
|
#endif /* __NM_SETTING_MACSEC_H__ */
|
|
@ -68,6 +68,7 @@
|
||||||
#include <nm-setting-ip6-config.h>
|
#include <nm-setting-ip6-config.h>
|
||||||
#include <nm-setting-ip-config.h>
|
#include <nm-setting-ip-config.h>
|
||||||
#include <nm-setting-ip-tunnel.h>
|
#include <nm-setting-ip-tunnel.h>
|
||||||
|
#include <nm-setting-macsec.h>
|
||||||
#include <nm-setting-macvlan.h>
|
#include <nm-setting-macvlan.h>
|
||||||
#include <nm-setting-olpc-mesh.h>
|
#include <nm-setting-olpc-mesh.h>
|
||||||
#include <nm-setting-ppp.h>
|
#include <nm-setting-ppp.h>
|
||||||
|
|
|
@ -1090,6 +1090,7 @@ global:
|
||||||
nm_client_get_dns_configuration;
|
nm_client_get_dns_configuration;
|
||||||
nm_client_get_dns_mode;
|
nm_client_get_dns_mode;
|
||||||
nm_client_get_dns_rc_manager;
|
nm_client_get_dns_rc_manager;
|
||||||
|
nm_connection_get_setting_macsec;
|
||||||
nm_connection_get_setting_proxy;
|
nm_connection_get_setting_proxy;
|
||||||
nm_device_macsec_get_cipher_suite;
|
nm_device_macsec_get_cipher_suite;
|
||||||
nm_device_macsec_get_encoding_sa;
|
nm_device_macsec_get_encoding_sa;
|
||||||
|
@ -1113,6 +1114,18 @@ global:
|
||||||
nm_dns_entry_get_vpn;
|
nm_dns_entry_get_vpn;
|
||||||
nm_dns_entry_unref;
|
nm_dns_entry_unref;
|
||||||
nm_setting_connection_get_autoconnect_retries;
|
nm_setting_connection_get_autoconnect_retries;
|
||||||
|
nm_setting_macsec_get_encrypt;
|
||||||
|
nm_setting_macsec_get_mka_cak;
|
||||||
|
nm_setting_macsec_get_mka_cak_flags;
|
||||||
|
nm_setting_macsec_get_mka_ckn;
|
||||||
|
nm_setting_macsec_get_mode;
|
||||||
|
nm_setting_macsec_get_parent;
|
||||||
|
nm_setting_macsec_get_port;
|
||||||
|
nm_setting_macsec_get_type;
|
||||||
|
nm_setting_macsec_get_validation;
|
||||||
|
nm_setting_macsec_mode_get_type;
|
||||||
|
nm_setting_macsec_new;
|
||||||
|
nm_setting_macsec_validation_get_type;
|
||||||
nm_setting_proxy_get_type;
|
nm_setting_proxy_get_type;
|
||||||
nm_setting_proxy_new;
|
nm_setting_proxy_new;
|
||||||
nm_setting_proxy_get_method;
|
nm_setting_proxy_get_method;
|
||||||
|
|
|
@ -68,6 +68,7 @@ libnm-core/nm-setting-ip-config.c
|
||||||
libnm-core/nm-setting-ip4-config.c
|
libnm-core/nm-setting-ip4-config.c
|
||||||
libnm-core/nm-setting-ip6-config.c
|
libnm-core/nm-setting-ip6-config.c
|
||||||
libnm-core/nm-setting-ip-tunnel.c
|
libnm-core/nm-setting-ip-tunnel.c
|
||||||
|
libnm-core/nm-setting-macsec.c
|
||||||
libnm-core/nm-setting-macvlan.c
|
libnm-core/nm-setting-macvlan.c
|
||||||
libnm-core/nm-setting-olpc-mesh.c
|
libnm-core/nm-setting-olpc-mesh.c
|
||||||
libnm-core/nm-setting-ppp.c
|
libnm-core/nm-setting-ppp.c
|
||||||
|
|
Loading…
Reference in a new issue