On Sat, 2017-12-09 at 20:31 +0100, Manuel Schölling wrote: > Hi, > > I am currently implementing a WireGuard [1] VPN plugin for > NetworkManager in Rust.
I personally think that WireGuard should be handled natively, not as
VPN plugin. That of course doesn't preclude to have a VPN plugin, as
there is a stable plugin API. Thanks for working on that!!
> My plugin can already setup a network device, but right now I am
> working on giving feedback to NetworkManager.
>
> If I understand the code correctly, my program has to call
> nm_vpn_service_plugin_set_ip4_config() and pass a "a{sv}" dict to
> tell
> NetworkManager about the configuration. If NetworkManager validates
> the
> data, it will show the connection as "up".
> But what data needs to be passed in the dict? Is
> NM_VPN_PLUGIN_IP4_CONFIG_ADDRESS and NM_VPN_PLUGIN_IP4_CONFIG_PREFIX
> enough? And what data type should these values be?
> Right now NetworkManager does not like the data I am passing and give
> a
> message like "invalid IP4 config received".
>
> There is also the nm_vpn_service_plugin_set_config() function. Has
> this
> function to be called, too? And what arguments does it need?
>
> And btw, is it ok if I call nm_vpn_service_plugin_set{_ipv4}_config(0
> right from my program or I have to call it via the DBus instead?
nm_vpn_service_plugin_*() is part of libnm's public API, which VPN
plugins may use to implement a plugin. If this doesn't simplify your
work, then you don't need to use it. But of course, all VPN plugins
actually make use of libnm, so, it's probably a good idea.
For example, NM-openvpn doesn't call set_ip4_config() directly.
Instead, their helper script calls [1] the SetIp4Config D-Bus method of
/usr/libexec/nm-openvpn-service. The latter ends up being handled by
NMVpnServicePlugin [2], which then forwards the signal to NM [3]. And
NM handles it in [4]
[1]
https://git.gnome.org/browse/network-manager-openvpn/tree/src/nm-openvpn-service-openvpn-helper.c?id=40e522aea2146ec20e0232545aa574664184be39#n114
[2]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/libnm/nm-vpn-service-plugin.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n876
[3]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/libnm/nm-vpn-service-plugin.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n345
[4]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/vpn/nm-vpn-connection.c?id=7044febf97debaf04b7f9ca4fbb2dc24fcf1b0b0#n2072
yes, you need to send there something valid.
best,
Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
