Skip to content

keyfile parser: add support for all tunnel types (LP: #2016473) #360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
May 24, 2023
Merged

keyfile parser: add support for all tunnel types (LP: #2016473) #360

merged 9 commits into from
May 24, 2023

Conversation

Image for: Conversation
Copy link
Contributor

daniloegea commented May 22, 2023
edited by slyon
Loading

Description

Image for: Description

Support for Wireguard keyfiles parsing is required to get the new Network Manager autopkgtests passing [1]. The original plan was to add support only for WG, but I ended up including all tunnel types.

There is a not-so-nice function renaming in src/parse-nm.c that was required to get new ctests compiling.

[1] - https://code.launchpad.net/~danilogondolfo/network-manager/+git/network-manager/+merge/443011

Checklist

Image for: Checklist
  • Runs make check successfully.
  • Retains 100% code coverage (make check-coverage).
  • New/changed keys in YAML format are documented.
  • (Optional) Adds example YAML for new feature.
  • (Optional) Closes an open bug in Launchpad. LP#2016473
parse_nm: add support for Wireguard
8b5d4a8 
Add the minimum support necessary to generate a YAML that will be
accepted by the parser.
The rest of the tunnel settings will be stored in the passthrough
section.
daniloegea requested a review from slyon May 22, 2023 12:13
slyon changed the title keyfile parser: add support for all tunnel types May 23, 2023
slyon approved these changes May 23, 2023
View reviewed changes
Copy link
Collaborator

slyon left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you Danilo, this is another big step in our NM backend support!

It's looking mostly good to me, but I had a few remarks about the handling of NetplanTunnelMode, the termination of validation after a warning and the NM tunnels support in general.

I left a bunch of (mostly simple) inline remarks, which we might want to fix before merging.

PS: I assume you already ran the new NM autopkgtests (from https://code.launchpad.net/~danilogondolfo/network-manager/+git/network-manager/+merge/443011) against this branch and those PASSed?
src/abi.h
NETPLAN_TUNNEL_MODE_VXLAN = 10,
NETPLAN_TUNNEL_MODE_GRETAP = 10,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thought: This change has the potential to break ABI. But AFAICT it is only being used internal to libnetplan.so and thus should not break anything in reality. Our abi-compat checker didn't catch any issue either.

Keeping the enum in sync with NM is a good thing and was the original intent, according to the comment above.
Danilo Egea Gondolfo added 8 commits May 23, 2023 19:41
parse-nm: relax validation for wireguard
2c2ebfe 
Netplan doesn't allow partial Wireguard configuration while Network
Manager does. The original Netplan's behavior will not allow NM to
build a WG connection in separate steps.
nm-parse: add support for all tunnel modes
99c6439 
Sync the enum NetplanTunnelMode with the tunnel modes supported by
Network Manager.
tests: adjust tests after last changes
9735e4e 
And add few more tests.
parse-nm: rename some helper functions
05ee967 
They are conflicting with functions with the same name from parse.c when
these files are include in ctests.
tests: add some ctests for the keyfiles parser
d2f124a
nm-parse: fix an invalid memory access
485b151 
The keyfile is already being automatically released.
parse-nm: plug a memory leak
67d5c7a 
The second parameter of g_datalist_set_data_full() is not stored in the
list and must be free'd.
docs: gretap and ip6gretap also works for NM now
14c54a9
daniloegea force-pushed the tunnel_wg_keyfile_reader branch from 7949d36 to 14c54a9 Compare May 23, 2023 18:47
daniloegea requested a review from slyon May 23, 2023 19:18
slyon approved these changes May 24, 2023
View reviewed changes
Copy link
Collaborator

slyon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

Thanks for resolving my concerns.
daniloegea merged commit e5713db into canonical:main May 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants