1 /* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the
16 * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
17 * Boston, MA 02110-1301 USA.
19 * Copyright 2007 - 2014 Red Hat, Inc.
22 #include "nm-default.h"
24 #include "nm-setting-ip6-config.h"
28 #include "nm-setting-private.h"
29 #include "nm-core-enum-types.h"
32 * SECTION:nm-setting-ip6-config
33 * @short_description: Describes IPv6 addressing, routing, and name service properties
35 * The #NMSettingIP6Config object is a #NMSetting subclass that describes
36 * properties related to IPv6 addressing, routing, and Domain Name Service
38 * #NMSettingIP6Config has few properties or methods of its own; it inherits
39 * almost everything from #NMSettingIPConfig.
41 * NetworkManager supports 6 values for the #NMSettingIPConfig:method property
42 * for IPv6. If "auto" is specified then the appropriate automatic method (PPP,
43 * router advertisement, etc) is used for the device and most other properties
44 * can be left unset. To force the use of DHCP only, specify "dhcp"; this
45 * method is only valid for Ethernet- based hardware. If "link-local" is
46 * specified, then an IPv6 link-local address will be assigned to the interface.
47 * If "manual" is specified, static IP addressing is used and at least one IP
48 * address must be given in the "addresses" property. If "ignore" is specified,
49 * IPv6 configuration is not done. Note: the "shared" method is not yet
53 G_DEFINE_TYPE_WITH_CODE (NMSettingIP6Config, nm_setting_ip6_config, NM_TYPE_SETTING_IP_CONFIG,
54 _nm_register_setting (IP6_CONFIG, 4))
55 NM_SETTING_REGISTER_TYPE (NM_TYPE_SETTING_IP6_CONFIG)
57 #define NM_SETTING_IP6_CONFIG_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), NM_TYPE_SETTING_IP6_CONFIG, NMSettingIP6ConfigPrivate))
60 NMSettingIP6ConfigPrivacy ip6_privacy;
61 NMSettingIP6ConfigAddrGenMode addr_gen_mode;
62 } NMSettingIP6ConfigPrivate;
74 * nm_setting_ip6_config_new:
76 * Creates a new #NMSettingIP6Config object with default values.
78 * Returns: (transfer full): the new empty #NMSettingIP6Config object
81 nm_setting_ip6_config_new (void)
83 return (NMSetting *) g_object_new (NM_TYPE_SETTING_IP6_CONFIG, NULL);
87 * nm_setting_ip6_config_get_ip6_privacy:
88 * @setting: the #NMSettingIP6Config
90 * Returns the value contained in the #NMSettingIP6Config:ip6-privacy
93 * Returns: IPv6 Privacy Extensions configuration value (#NMSettingIP6ConfigPrivacy).
95 NMSettingIP6ConfigPrivacy
96 nm_setting_ip6_config_get_ip6_privacy (NMSettingIP6Config *setting)
98 g_return_val_if_fail (NM_IS_SETTING_IP6_CONFIG (setting), NM_SETTING_IP6_CONFIG_PRIVACY_UNKNOWN);
100 return NM_SETTING_IP6_CONFIG_GET_PRIVATE (setting)->ip6_privacy;
104 * nm_setting_ip6_config_get_addr_gen_mode:
105 * @setting: the #NMSettingIP6Config
107 * Returns the value contained in the #NMSettingIP6Config:addr-gen-mode
110 * Returns: IPv6 Address Generation Mode.
114 NMSettingIP6ConfigAddrGenMode
115 nm_setting_ip6_config_get_addr_gen_mode (NMSettingIP6Config *setting)
117 g_return_val_if_fail (NM_IS_SETTING_IP6_CONFIG (setting),
118 NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE_STABLE_PRIVACY);
120 return NM_SETTING_IP6_CONFIG_GET_PRIVATE (setting)->addr_gen_mode;
124 verify (NMSetting *setting, NMConnection *connection, GError **error)
126 NMSettingIP6ConfigPrivate *priv = NM_SETTING_IP6_CONFIG_GET_PRIVATE (setting);
127 NMSettingIPConfig *s_ip = NM_SETTING_IP_CONFIG (setting);
128 NMSettingVerifyResult ret;
131 ret = NM_SETTING_CLASS (nm_setting_ip6_config_parent_class)->verify (setting, connection, error);
132 if (ret != NM_SETTING_VERIFY_SUCCESS)
135 method = nm_setting_ip_config_get_method (s_ip);
136 /* Base class already checked that it exists */
139 if (!strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_MANUAL)) {
140 if (nm_setting_ip_config_get_num_addresses (s_ip) == 0) {
143 NM_CONNECTION_ERROR_MISSING_PROPERTY,
144 _("this property cannot be empty for '%s=%s'"),
145 NM_SETTING_IP_CONFIG_METHOD, method);
146 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_ADDRESSES);
149 } else if ( !strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_IGNORE)
150 || !strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_LINK_LOCAL)
151 || !strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_SHARED)) {
152 if (nm_setting_ip_config_get_num_dns (s_ip) > 0) {
155 NM_CONNECTION_ERROR_INVALID_PROPERTY,
156 _("this property is not allowed for '%s=%s'"),
157 NM_SETTING_IP_CONFIG_METHOD, method);
158 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_DNS);
162 if (nm_setting_ip_config_get_num_dns_searches (s_ip) > 0) {
165 NM_CONNECTION_ERROR_INVALID_PROPERTY,
166 _("this property is not allowed for '%s=%s'"),
167 NM_SETTING_IP_CONFIG_METHOD, method);
168 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_DNS_SEARCH);
172 if (nm_setting_ip_config_get_num_addresses (s_ip) > 0) {
175 NM_CONNECTION_ERROR_INVALID_PROPERTY,
176 _("this property is not allowed for '%s=%s'"),
177 NM_SETTING_IP_CONFIG_METHOD, method);
178 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_ADDRESSES);
181 } else if ( !strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_AUTO)
182 || !strcmp (method, NM_SETTING_IP6_CONFIG_METHOD_DHCP)) {
185 g_set_error_literal (error,
187 NM_CONNECTION_ERROR_INVALID_PROPERTY,
188 _("property is invalid"));
189 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_METHOD);
193 if (!NM_IN_SET (priv->addr_gen_mode,
194 NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE_EUI64,
195 NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE_STABLE_PRIVACY)) {
196 g_set_error_literal (error,
198 NM_CONNECTION_ERROR_INVALID_PROPERTY,
199 _("property is invalid"));
200 g_prefix_error (error, "%s.%s: ", NM_SETTING_IP6_CONFIG_SETTING_NAME, NM_SETTING_IP_CONFIG_METHOD);
209 nm_setting_ip6_config_init (NMSettingIP6Config *setting)
214 ip6_dns_to_dbus (const GValue *prop_value)
216 return nm_utils_ip6_dns_to_variant (g_value_get_boxed (prop_value));
220 ip6_dns_from_dbus (GVariant *dbus_value,
223 g_value_take_boxed (prop_value, nm_utils_ip6_dns_from_variant (dbus_value));
227 ip6_addresses_get (NMSetting *setting,
228 const char *property)
234 g_object_get (setting, property, &addrs, NULL);
235 gateway = nm_setting_ip_config_get_gateway (NM_SETTING_IP_CONFIG (setting));
236 ret = nm_utils_ip6_addresses_to_variant (addrs, gateway);
237 g_ptr_array_unref (addrs);
243 ip6_addresses_set (NMSetting *setting,
244 GVariant *connection_dict,
245 const char *property,
249 char *gateway = NULL;
251 if (!_nm_setting_use_legacy_property (setting, connection_dict, "addresses", "address-data"))
254 addrs = nm_utils_ip6_addresses_from_variant (value, &gateway);
256 g_object_set (setting,
257 NM_SETTING_IP_CONFIG_ADDRESSES, addrs,
258 NM_SETTING_IP_CONFIG_GATEWAY, gateway,
260 g_ptr_array_unref (addrs);
265 ip6_address_data_get (NMSetting *setting,
266 NMConnection *connection,
267 const char *property)
272 g_object_get (setting, NM_SETTING_IP_CONFIG_ADDRESSES, &addrs, NULL);
273 ret = nm_utils_ip_addresses_to_variant (addrs);
274 g_ptr_array_unref (addrs);
280 ip6_address_data_set (NMSetting *setting,
281 GVariant *connection_dict,
282 const char *property,
287 /* Ignore 'address-data' if we're going to process 'addresses' */
288 if (_nm_setting_use_legacy_property (setting, connection_dict, "addresses", "address-data"))
291 addrs = nm_utils_ip_addresses_from_variant (value, AF_INET6);
292 g_object_set (setting, NM_SETTING_IP_CONFIG_ADDRESSES, addrs, NULL);
293 g_ptr_array_unref (addrs);
297 ip6_routes_get (NMSetting *setting,
298 const char *property)
303 g_object_get (setting, property, &routes, NULL);
304 ret = nm_utils_ip6_routes_to_variant (routes);
305 g_ptr_array_unref (routes);
311 ip6_routes_set (NMSetting *setting,
312 GVariant *connection_dict,
313 const char *property,
318 if (!_nm_setting_use_legacy_property (setting, connection_dict, "routes", "route-data"))
321 routes = nm_utils_ip6_routes_from_variant (value);
322 g_object_set (setting, property, routes, NULL);
323 g_ptr_array_unref (routes);
327 ip6_route_data_get (NMSetting *setting,
328 NMConnection *connection,
329 const char *property)
334 g_object_get (setting, NM_SETTING_IP_CONFIG_ROUTES, &routes, NULL);
335 ret = nm_utils_ip_routes_to_variant (routes);
336 g_ptr_array_unref (routes);
342 ip6_route_data_set (NMSetting *setting,
343 GVariant *connection_dict,
344 const char *property,
349 /* Ignore 'route-data' if we're going to process 'routes' */
350 if (_nm_setting_use_legacy_property (setting, connection_dict, "routes", "route-data"))
353 routes = nm_utils_ip_routes_from_variant (value, AF_INET6);
354 g_object_set (setting, NM_SETTING_IP_CONFIG_ROUTES, routes, NULL);
355 g_ptr_array_unref (routes);
359 set_property (GObject *object, guint prop_id,
360 const GValue *value, GParamSpec *pspec)
362 NMSettingIP6ConfigPrivate *priv = NM_SETTING_IP6_CONFIG_GET_PRIVATE (object);
365 case PROP_IP6_PRIVACY:
366 priv->ip6_privacy = g_value_get_enum (value);
368 case PROP_ADDR_GEN_MODE:
369 priv->addr_gen_mode = g_value_get_int (value);
372 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
378 get_property (GObject *object, guint prop_id,
379 GValue *value, GParamSpec *pspec)
381 NMSettingIP6ConfigPrivate *priv = NM_SETTING_IP6_CONFIG_GET_PRIVATE (object);
384 case PROP_IP6_PRIVACY:
385 g_value_set_enum (value, priv->ip6_privacy);
387 case PROP_ADDR_GEN_MODE:
388 g_value_set_int (value, priv->addr_gen_mode);
391 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
397 nm_setting_ip6_config_class_init (NMSettingIP6ConfigClass *ip6_class)
399 GObjectClass *object_class = G_OBJECT_CLASS (ip6_class);
400 NMSettingClass *setting_class = NM_SETTING_CLASS (ip6_class);
402 g_type_class_add_private (ip6_class, sizeof (NMSettingIP6ConfigPrivate));
404 /* virtual methods */
405 object_class->set_property = set_property;
406 object_class->get_property = get_property;
407 setting_class->verify = verify;
413 * variable: IPV6INIT, IPV6FORWARDING, IPV6_AUTOCONF, DHCPV6C
414 * default: IPV6INIT=yes; IPV6FORWARDING=no; IPV6_AUTOCONF=!IPV6FORWARDING, DHCPV6=no
415 * description: Method used for IPv6 protocol configuration.
416 * ignore ~ IPV6INIT=no; auto ~ IPV6_AUTOCONF=yes; dhcp ~ IPV6_AUTOCONF=no and DHCPV6C=yes
422 * format: list of DNS IP addresses
423 * description: List of DNS servers.
424 * example: dns=2001:4860:4860::8888;2001:4860:4860::8844;
428 * variable: DNS1, DNS2, ...
430 * description: List of DNS servers. NetworkManager uses the variables both
436 * property: dns-search
438 * format: string (space-separated domains)
439 * description: List of DNS search domains.
444 * property: addresses
445 * variable: address1, address2, ...
446 * format: address/plen
447 * description: List of static IP addresses.
448 * example: address1=abbe::cafe/96 address2=2001::1234
451 * property: addresses
452 * variable: IPV6ADDR, IPV6ADDR_SECONDARIES
453 * description: List of static IP addresses.
454 * example: IPV6ADDR=ab12:9876::1
455 * IPV6ADDR_SECONDARIES="ab12:9876::2 ab12:9876::3"
463 * description: Gateway IP addresses as a string.
464 * example: gateway=abbe::1
468 * variable: IPV6_DEFAULTGW
469 * description: Gateway IP address.
470 * example: IPV6_DEFAULTGW=abbe::1
476 * variable: route1, route2, ...
477 * format: route/plen[,gateway,metric]
478 * description: List of IP routes.
479 * example: route1=2001:4860:4860::/64,2620:52:0:2219:222:68ff:fe11:5403
484 * description: List of static routes. They are not stored in ifcfg-* file,
485 * but in route6-* file instead in the form of command line for 'ip route add'.
490 * property: ignore-auto-routes
491 * variable: IPV6_PEERROUTES(+)
493 * description: IPV6_PEERROUTES has the opposite meaning as 'ignore-auto-routes' property.
498 * property: ignore-auto-dns
499 * variable: IPV6_PEERDNS(+)
501 * description: IPV6_PEERDNS has the opposite meaning as 'ignore-auto-dns' property.
506 * property: dhcp-hostname
507 * variable: DHCP_HOSTNAME
508 * description: Hostname to send the DHCP server.
513 * property: never-default
514 * variable: IPV6_DEFROUTE(+), (and IPV6_DEFAULTGW, IPV6_DEFAULTDEV in /etc/sysconfig/network)
515 * default: IPV6_DEFROUTE=yes (when no variable specified)
516 * description: IPV6_DEFROUTE=no tells NetworkManager that this connection
517 * should not be assigned the default IPv6 route. IPV6_DEFROUTE has the opposite
518 * meaning as 'never-default' property.
524 * variable: IPV6_FAILURE_FATAL(+)
526 * description: IPV6_FAILURE_FATAL has the opposite meaning as 'may-fail' property.
531 * property: route-metric
532 * variable: IPV6_ROUTE_METRIC(+)
534 * description: IPV6_ROUTE_METRIC is the default IPv6 metric for routes on this connection.
535 * If set to -1, a default metric based on the device type is used.
540 * NMSettingIP6Config:ip6-privacy:
542 * Configure IPv6 Privacy Extensions for SLAAC, described in RFC4941. If
543 * enabled, it makes the kernel generate a temporary IPv6 address in
544 * addition to the public one generated from MAC address via modified
545 * EUI-64. This enhances privacy, but could cause problems in some
546 * applications, on the other hand. The permitted values are: -1: unknown,
547 * 0: disabled, 1: enabled (prefer public address), 2: enabled (prefer temporary
550 * Having a per-connection setting set to "-1" (unknown) means fallback to
551 * global configuration "ipv6.ip6-privacy".
553 * If also global configuration is unspecified or set to "-1", fallback to read
554 * "/proc/sys/net/ipv6/conf/default/use_tempaddr".
556 * Note that this setting is distinct from the Stable Privacy addresses
557 * that can be enabled with the "addr-gen-mode" property's "stable-privacy"
558 * setting as another way of avoiding host tracking with IPv6 addresses.
561 * property: ip6-privacy
562 * variable: IPV6_PRIVACY, IPV6_PRIVACY_PREFER_PUBLIC_IP(+)
563 * values: IPV6_PRIVACY: no, yes (rfc3041 or rfc4941);
564 * IPV6_PRIVACY_PREFER_PUBLIC_IP: yes, no
566 * description: Configure IPv6 Privacy Extensions for SLAAC (RFC4941).
567 * example: IPV6_PRIVACY=rfc3041 IPV6_PRIVACY_PREFER_PUBLIC_IP=yes
570 g_object_class_install_property
571 (object_class, PROP_IP6_PRIVACY,
572 g_param_spec_enum (NM_SETTING_IP6_CONFIG_IP6_PRIVACY, "", "",
573 NM_TYPE_SETTING_IP6_CONFIG_PRIVACY,
574 NM_SETTING_IP6_CONFIG_PRIVACY_UNKNOWN,
577 G_PARAM_STATIC_STRINGS));
580 * NMSettingIP6Config:addr-gen-mode:
582 * Configure method for creating the address for use with RFC4862 IPv6
583 * Stateless Address Autoconfiguration. The permitted values are: "eui64",
584 * "stable-privacy" or unset.
586 * If the property is set to "eui64", the addresses will be generated
587 * using the interface tokens derived from hardware address. This makes
588 * the host part of the address to stay constant, making it possible
589 * to track host's presence when it changes networks. The address changes
590 * when the interface hardware is replaced.
592 * The value of "stable-privacy" enables use of cryptographically
593 * secure hash of a secret host-specific key along with the connection
594 * identification and the network address as specified by RFC7217.
595 * This makes it impossible to use the address track host's presence,
596 * and makes the address stable when the network interface hardware is
599 * Leaving this unset causes a default that could be subject to change
600 * in future versions to be used.
602 * Note that this setting is distinct from the Privacy Extensions as
603 * configured by "ip6-privacy" property and it does not affect the
604 * temporary addresses configured with this option.
609 * property: addr-gen-mode
610 * variable: IPV6_ADDR_GEN_MODE
611 * values: IPV6_ADDR_GEN_MODE: eui64, stable-privacy
613 * description: Configure IPv6 Stable Privacy addressing for SLAAC (RFC7217).
614 * example: IPV6_ADDR_GEN_MODE=stable-privacy
617 g_object_class_install_property
618 (object_class, PROP_ADDR_GEN_MODE,
619 g_param_spec_int (NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE, "", "",
621 NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE_STABLE_PRIVACY,
624 G_PARAM_STATIC_STRINGS));
626 /* IP6-specific property overrides */
630 * format: array of byte array
631 * description: Array of IP addresses of DNS servers (in network byte order)
634 _nm_setting_class_transform_property (setting_class,
635 NM_SETTING_IP_CONFIG_DNS,
636 G_VARIANT_TYPE ("aay"),
641 * property: addresses
642 * format: array of legacy IPv6 address struct (a(ayuay))
643 * description: Deprecated in favor of the 'address-data' and 'gateway'
644 * properties, but this can be used for backward-compatibility with older
645 * daemons. Note that if you send this property the daemon will ignore
646 * 'address-data' and 'gateway'.
648 * Array of IPv6 address structures. Each IPv6 address structure is
649 * composed of an IPv6 address, a prefix length (1 - 128), and an IPv6
650 * gateway address. The gateway may be zeroed out if no gateway exists for
654 _nm_setting_class_override_property (setting_class,
655 NM_SETTING_IP_CONFIG_ADDRESSES,
656 G_VARIANT_TYPE ("a(ayuay)"),
662 * property: address-data
663 * format: array of vardict
664 * description: Array of IPv6 addresses. Each address dictionary contains at
665 * least 'address' and 'prefix' entries, containing the IP address as a
666 * string, and the prefix length as a uint32. Additional attributes may
667 * also exist on some addresses.
670 _nm_setting_class_add_dbus_only_property (setting_class,
672 G_VARIANT_TYPE ("aa{sv}"),
673 ip6_address_data_get,
674 ip6_address_data_set);
678 * format: array of legacy IPv6 route struct (a(ayuayu))
679 * description: Deprecated in favor of the 'route-data' property, but this
680 * can be used for backward-compatibility with older daemons. Note that if
681 * you send this property the daemon will ignore 'route-data'.
683 * Array of IPv6 route structures. Each IPv6 route structure is
684 * composed of an IPv6 address, a prefix length (1 - 128), an IPv6
685 * next hop address (which may be zeroed out if there is no next hop),
686 * and a metric. If the metric is 0, NM will choose an appropriate
687 * default metric for the device.
690 _nm_setting_class_override_property (setting_class,
691 NM_SETTING_IP_CONFIG_ROUTES,
692 G_VARIANT_TYPE ("a(ayuayu)"),
698 * property: route-data
699 * format: array of vardict
700 * description: Array of IPv6 routes. Each route dictionary contains at
701 * least 'dest' and 'prefix' entries, containing the destination IP
702 * address as a string, and the prefix length as a uint32. Most routes
703 * will also have a 'next-hop' entry, containing the next hop IP address as
704 * a string. If the route has a 'metric' entry (containing a uint32), that
705 * will be used as the metric for the route (otherwise NM will pick a
706 * default value appropriate to the device). Additional attributes may
707 * also exist on some routes.
710 _nm_setting_class_add_dbus_only_property (setting_class,
712 G_VARIANT_TYPE ("aa{sv}"),