diff options
| author | Jan Vaclav <jvaclav@redhat.com> | 2024-02-19 14:51:36 +0100 |
|---|---|---|
| committer | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2024-03-11 11:42:19 +0100 |
| commit | fa215c6a698d349bb1874404bcec7babdaff210e (patch) | |
| tree | cda51c758dac822a11fd0d5eadd89fc0ca94263b | |
| parent | ec91aa3c70c09ccb203e69fc90ab84c85a364581 (diff) | |
wireless: deprecate NMSettingWireless mac-address-blacklist property
To embrace inclusive language, deprecate the NMSettingWireless
mac-address-blacklist property and introduce mac-address-denylist property.
| -rw-r--r-- | src/libnm-client-impl/libnm.ver | 7 | ||||
| -rw-r--r-- | src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in | 5 | ||||
| -rw-r--r-- | src/libnm-core-impl/nm-setting-private.h | 7 | ||||
| -rw-r--r-- | src/libnm-core-impl/nm-setting-wireless.c | 348 | ||||
| -rw-r--r-- | src/libnm-core-impl/nm-setting.c | 3 | ||||
| -rw-r--r-- | src/libnm-core-impl/tests/test-setting.c | 5 | ||||
| -rw-r--r-- | src/libnm-core-public/nm-setting-wireless.h | 29 | ||||
| -rw-r--r-- | src/libnmc-setting/nm-meta-setting-desc.c | 23 | ||||
| -rw-r--r-- | src/libnmc-setting/settings-docs.h.in | 1 | ||||
| -rw-r--r-- | src/nmcli/gen-metadata-nm-settings-nmcli.xml.in | 3 | ||||
| -rw-r--r-- | src/tests/client/test-client.check-on-disk/test_004.expected | 4 |
11 files changed, 361 insertions, 74 deletions
diff --git a/src/libnm-client-impl/libnm.ver b/src/libnm-client-impl/libnm.ver index 8059aa0dc0..e50676ecbd 100644 --- a/src/libnm-client-impl/libnm.ver +++ b/src/libnm-client-impl/libnm.ver @@ -1984,4 +1984,11 @@ global: nm_setting_connection_down_on_poweroff_get_type; nm_setting_connection_get_down_on_poweroff; nm_setting_ip_config_get_dhcp_send_release; + nm_setting_wireless_add_mac_denylist_item; + nm_setting_wireless_clear_mac_denylist_items; + nm_setting_wireless_get_mac_address_denylist; + nm_setting_wireless_get_mac_denylist_item; + nm_setting_wireless_get_num_mac_denylist_items; + nm_setting_wireless_remove_mac_denylist_item; + nm_setting_wireless_remove_mac_denylist_item_by_value; } libnm_1_46_0; diff --git a/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in b/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in index 97e15bb45b..fb9eb06994 100644 --- a/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in +++ b/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in @@ -103,6 +103,11 @@ gprop-type="gchararray" /> <property name="mac-address-blacklist" + is-deprecated="1" + dbus-type="as" + gprop-type="GStrv" + /> + <property name="mac-address-denylist" dbus-type="as" gprop-type="GStrv" /> diff --git a/src/libnm-core-impl/nm-setting-private.h b/src/libnm-core-impl/nm-setting-private.h index b8ba0d771a..f16bf8dea3 100644 --- a/src/libnm-core-impl/nm-setting-private.h +++ b/src/libnm-core-impl/nm-setting-private.h @@ -422,6 +422,13 @@ _nm_setting_connection_autoconnect_ports_to_dbus(_NM_SETT_INFO_PROP_TO_DBUS_FCN_ gboolean _nm_setting_connection_autoconnect_slaves_from_dbus(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil); +gboolean _nm_setting_wireless_mac_denylist_from_dbus(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil); + +GVariant *_nm_setting_wireless_mac_denylist_to_dbus(_NM_SETT_INFO_PROP_TO_DBUS_FCN_ARGS _nm_nil); + +gboolean +_nm_setting_wireless_mac_blacklist_from_dbus(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil); + GVariant *_nm_setting_to_dbus(NMSetting *setting, NMConnection *connection, NMConnectionSerializationFlags flags, diff --git a/src/libnm-core-impl/nm-setting-wireless.c b/src/libnm-core-impl/nm-setting-wireless.c index d9342862d4..1b48261539 100644 --- a/src/libnm-core-impl/nm-setting-wireless.c +++ b/src/libnm-core-impl/nm-setting-wireless.c @@ -37,6 +37,7 @@ NM_GOBJECT_PROPERTIES_DEFINE(NMSettingWireless, PROP_CLONED_MAC_ADDRESS, PROP_GENERATE_MAC_ADDRESS_MASK, PROP_MAC_ADDRESS_BLACKLIST, + PROP_MAC_ADDRESS_DENYLIST, PROP_MTU, PROP_SEEN_BSSIDS, PROP_HIDDEN, @@ -54,7 +55,7 @@ typedef struct { char *device_mac_address; char *cloned_mac_address; char *generate_mac_address_mask; - NMValueStrv mac_address_blacklist; + NMValueStrv mac_address_denylist; int ap_isolation; guint32 mac_address_randomization; guint32 channel; @@ -462,67 +463,73 @@ nm_setting_wireless_get_generate_mac_address_mask(NMSettingWireless *setting) } /** - * nm_setting_wireless_get_mac_address_blacklist: + * nm_setting_wireless_get_mac_address_denylist: * @setting: the #NMSettingWireless * - * Returns: the #NMSettingWireless:mac-address-blacklist property of the setting + * Returns: the #NMSettingWireless:mac-address-denylist property of the setting + * + * Since: 1.48 **/ const char *const * -nm_setting_wireless_get_mac_address_blacklist(NMSettingWireless *setting) +nm_setting_wireless_get_mac_address_denylist(NMSettingWireless *setting) { g_return_val_if_fail(NM_IS_SETTING_WIRELESS(setting), NULL); return nm_strvarray_get_strv_notnull( - NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_blacklist.arr, + NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_denylist.arr, NULL); } /** - * nm_setting_wireless_get_num_mac_blacklist_items: + * nm_setting_wireless_get_num_mac_denylist_items: * @setting: the #NMSettingWireless * - * Returns: the number of blacklisted MAC addresses + * Returns: the number of denylisted MAC addresses + * + * Since: 1.48 **/ -guint32 -nm_setting_wireless_get_num_mac_blacklist_items(NMSettingWireless *setting) +guint +nm_setting_wireless_get_num_mac_denylist_items(NMSettingWireless *setting) { g_return_val_if_fail(NM_IS_SETTING_WIRELESS(setting), 0); - return nm_g_array_len(NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_blacklist.arr); + return nm_g_array_len(NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_denylist.arr); } /** - * nm_setting_wireless_get_mac_blacklist_item: + * nm_setting_wireless_get_mac_denylist_item: * @setting: the #NMSettingWireless * @idx: the zero-based index of the MAC address entry * - * Since 1.46, access at index "len" is allowed and returns NULL. - * - * Returns: the blacklisted MAC address string (hex-digits-and-colons notation) + * Returns: the denylisted MAC address string (hex-digits-and-colons notation) * at index @idx + * + * Since: 1.48 **/ const char * -nm_setting_wireless_get_mac_blacklist_item(NMSettingWireless *setting, guint32 idx) +nm_setting_wireless_get_mac_denylist_item(NMSettingWireless *setting, guint32 idx) { g_return_val_if_fail(NM_IS_SETTING_WIRELESS(setting), NULL); return nm_strvarray_get_idxnull_or_greturn( - NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_blacklist.arr, + NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_denylist.arr, idx); } /** - * nm_setting_wireless_add_mac_blacklist_item: + * nm_setting_wireless_add_mac_denylist_item: * @setting: the #NMSettingWireless - * @mac: the MAC address string (hex-digits-and-colons notation) to blacklist + * @mac: the MAC address string (hex-digits-and-colons notation) to denylist * - * Adds a new MAC address to the #NMSettingWireless:mac-address-blacklist property. + * Adds a new MAC address to the #NMSettingWireless:mac-address-denylist property. * * Returns: %TRUE if the MAC address was added; %FALSE if the MAC address * is invalid or was already present + * + * Since: 1.48 **/ gboolean -nm_setting_wireless_add_mac_blacklist_item(NMSettingWireless *setting, const char *mac) +nm_setting_wireless_add_mac_denylist_item(NMSettingWireless *setting, const char *mac) { NMSettingWirelessPrivate *priv; guint8 mac_bin[ETH_ALEN]; @@ -537,57 +544,61 @@ nm_setting_wireless_add_mac_blacklist_item(NMSettingWireless *setting, const cha return FALSE; priv = NM_SETTING_WIRELESS_GET_PRIVATE(setting); - len = nm_g_array_len(priv->mac_address_blacklist.arr); + len = nm_g_array_len(priv->mac_address_denylist.arr); for (i = 0; i < len; i++) { - candidate = nm_g_array_index(priv->mac_address_blacklist.arr, char *, i); + candidate = nm_g_array_index(priv->mac_address_denylist.arr, char *, i); if (nm_utils_hwaddr_matches(mac_bin, ETH_ALEN, candidate, -1)) return FALSE; } mac = nm_utils_hwaddr_canonical(mac, ETH_ALEN); - nm_g_array_append_simple(nm_strvarray_ensure(&priv->mac_address_blacklist.arr), + nm_g_array_append_simple(nm_strvarray_ensure(&priv->mac_address_denylist.arr), nm_utils_hwaddr_ntoa(mac_bin, ETH_ALEN)); - _notify(setting, PROP_MAC_ADDRESS_BLACKLIST); + _notify(setting, PROP_MAC_ADDRESS_DENYLIST); return TRUE; } /** - * nm_setting_wireless_remove_mac_blacklist_item: + * nm_setting_wireless_remove_mac_denylist_item: * @setting: the #NMSettingWireless * @idx: index number of the MAC address * - * Removes the MAC address at index @idx from the blacklist. + * Removes the MAC address at index @idx from the denylist. + * + * Since: 1.48 **/ void -nm_setting_wireless_remove_mac_blacklist_item(NMSettingWireless *setting, guint32 idx) +nm_setting_wireless_remove_mac_denylist_item(NMSettingWireless *setting, guint idx) { NMSettingWirelessPrivate *priv; g_return_if_fail(NM_IS_SETTING_WIRELESS(setting)); priv = NM_SETTING_WIRELESS_GET_PRIVATE(setting); - if (!priv->mac_address_blacklist.arr) { + if (!priv->mac_address_denylist.arr) { return; } - g_return_if_fail(idx < priv->mac_address_blacklist.arr->len); + g_return_if_fail(idx < priv->mac_address_denylist.arr->len); - g_array_remove_index(priv->mac_address_blacklist.arr, idx); - _notify(setting, PROP_MAC_ADDRESS_BLACKLIST); + g_array_remove_index(priv->mac_address_denylist.arr, idx); + _notify(setting, PROP_MAC_ADDRESS_DENYLIST); } /** - * nm_setting_wireless_remove_mac_blacklist_item_by_value: + * nm_setting_wireless_remove_mac_denylist_item_by_value: * @setting: the #NMSettingWireless * @mac: the MAC address string (hex-digits-and-colons notation) to remove from - * the blacklist + * the denylist * - * Removes the MAC address @mac from the blacklist. + * Removes the MAC address @mac from the denylist. * * Returns: %TRUE if the MAC address was found and removed; %FALSE if it was not. + * + * Since: 1.48 **/ gboolean -nm_setting_wireless_remove_mac_blacklist_item_by_value(NMSettingWireless *setting, const char *mac) +nm_setting_wireless_remove_mac_denylist_item_by_value(NMSettingWireless *setting, const char *mac) { NMSettingWirelessPrivate *priv; guint8 mac_bin[ETH_ALEN]; @@ -602,12 +613,12 @@ nm_setting_wireless_remove_mac_blacklist_item_by_value(NMSettingWireless *settin priv = NM_SETTING_WIRELESS_GET_PRIVATE(setting); - if (priv->mac_address_blacklist.arr) { - for (i = 0; i < priv->mac_address_blacklist.arr->len; i++) { - candidate = nm_g_array_index(priv->mac_address_blacklist.arr, char *, i); + if (priv->mac_address_denylist.arr) { + for (i = 0; i < priv->mac_address_denylist.arr->len; i++) { + candidate = nm_g_array_index(priv->mac_address_denylist.arr, char *, i); if (nm_utils_hwaddr_matches(mac_bin, ETH_ALEN, candidate, -1)) { - g_array_remove_index(priv->mac_address_blacklist.arr, i); - _notify(setting, PROP_MAC_ADDRESS_BLACKLIST); + g_array_remove_index(priv->mac_address_denylist.arr, i); + _notify(setting, PROP_MAC_ADDRESS_DENYLIST); return TRUE; } } @@ -617,18 +628,131 @@ nm_setting_wireless_remove_mac_blacklist_item_by_value(NMSettingWireless *settin } /** - * nm_setting_wireless_clear_mac_blacklist_items: + * nm_setting_wireless_clear_mac_denylist_items: * @setting: the #NMSettingWireless * - * Removes all blacklisted MAC addresses. + * Removes all denylisted MAC addresses. + * + * Since: 1.48 **/ void -nm_setting_wireless_clear_mac_blacklist_items(NMSettingWireless *setting) +nm_setting_wireless_clear_mac_denylist_items(NMSettingWireless *setting) { g_return_if_fail(NM_IS_SETTING_WIRELESS(setting)); - if (nm_strvarray_clear(&NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_blacklist.arr)) - _notify(setting, PROP_MAC_ADDRESS_BLACKLIST); + if (nm_strvarray_clear(&NM_SETTING_WIRELESS_GET_PRIVATE(setting)->mac_address_denylist.arr)) + _notify(setting, PROP_MAC_ADDRESS_DENYLIST); +} + +/** + * nm_setting_wireless_get_mac_address_blacklist: + * @setting: the #NMSettingWireless + * + * Returns: the #NMSettingWireless:mac-address-blacklist property of the setting + * + * Deprecated: 1.48. Use nm_setting_wireless_get_mac_address_denylist() instead. + **/ +const char *const * +nm_setting_wireless_get_mac_address_blacklist(NMSettingWireless *setting) +{ + return nm_setting_wireless_get_mac_address_denylist(setting); +} + +/** + * nm_setting_wireless_get_num_mac_blacklist_items: + * @setting: the #NMSettingWireless + * + * Returns: the number of blacklist MAC addresses + * + * Deprecated: 1.48. Use nm_setting_wireless_get_num_mac_denylist_items() instead. + **/ +guint32 +nm_setting_wireless_get_num_mac_blacklist_items(NMSettingWireless *setting) +{ + return nm_setting_wireless_get_num_mac_denylist_items(setting); +} + +/** + * nm_setting_wireless_get_mac_blacklist_item: + * @setting: the #NMSettingWireless + * @idx: the zero-based index of the MAC address entry + * + * Since 1.46, access at index "len" is allowed and returns NULL. + * + * Returns: the denylisted MAC address string (hex-digits-and-colons notation) + * at index @idx + * + * Deprecated: 1.48. Use nm_setting_wireless_get_mac_denylist_item() instead. + **/ +const char * +nm_setting_wireless_get_mac_blacklist_item(NMSettingWireless *setting, guint32 idx) +{ + return nm_setting_wireless_get_mac_denylist_item(setting, idx); +} + +/** + * nm_setting_wireless_add_mac_blacklist_item: + * @setting: the #NMSettingWireless + * @mac: the MAC address string (hex-digits-and-colons notation) to denylist + * + * Adds a new MAC address to the #NMSettingWireless:mac-address-denylist property. + * + * Returns: %TRUE if the MAC address was added; %FALSE if the MAC address + * is invalid or was already present + * + * Deprecated: 1.48. Use nm_setting_wireless_add_mac_denylist_item() instead. + **/ +gboolean +nm_setting_wireless_add_mac_blacklist_item(NMSettingWireless *setting, const char *mac) +{ + return nm_setting_wireless_add_mac_denylist_item(setting, mac); +} + +/** + * nm_setting_wireless_remove_mac_blacklist_item: + * @setting: the #NMSettingWireless + * @idx: index number of the MAC address + * + * Removes the MAC address at index @idx from the denylist. + * + * Deprecated: 1.48. Use nm_setting_wireless_remove_mac_denylist_item() instead. + **/ +void +nm_setting_wireless_remove_mac_blacklist_item(NMSettingWireless *setting, guint32 idx) +{ + return nm_setting_wireless_remove_mac_denylist_item(setting, idx); +} + +/** + * nm_setting_wireless_remove_mac_blacklist_item_by_value: + * @setting: the #NMSettingWireless + * @mac: the MAC address string (hex-digits-and-colons notation) to remove from + * the denylist + * + * Removes the MAC address @mac from the denylist. + * + * Returns: %TRUE if the MAC address was found and removed; %FALSE if it was not. + * + * Deprecated: 1.48. Use nm_setting_wireless_remove_mac_denylist_item_by_value() instead. + **/ +gboolean +nm_setting_wireless_remove_mac_blacklist_item_by_value(NMSettingWireless *setting, const char *mac) +{ + return nm_setting_wireless_remove_mac_denylist_item_by_value(setting, mac); +} + +/** + * nm_setting_wireless_clear_mac_blacklist_items: + * @setting: the #NMSettingWireless + * + * Removes all denylisted MAC addresses. + * + * Deprecated: 1.48. Use nm_setting_wireless_clear_mac_denylist_items() instead. + **/ +void +nm_setting_wireless_clear_mac_blacklist_items(NMSettingWireless *setting) +{ + return nm_setting_wireless_clear_mac_denylist_items(setting); } /** @@ -790,6 +914,61 @@ _to_dbus_fcn_seen_bssids(_NM_SETT_INFO_PROP_TO_DBUS_FCN_ARGS _nm_nil) return NULL; } +gboolean +_nm_setting_wireless_mac_blacklist_from_dbus(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil) +{ + const gchar **mac_blacklist; + + if (!_nm_setting_use_legacy_property(setting, + connection_dict, + NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, + NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST)) { + *out_is_modified = FALSE; + return TRUE; + } + mac_blacklist = g_variant_get_strv(value, NULL); + + g_object_set(setting, NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, mac_blacklist, NULL); + return TRUE; +} + +gboolean +_nm_setting_wireless_mac_denylist_from_dbus(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil) +{ + const gchar **mac_blacklist; + + if (!_nm_setting_use_legacy_property(setting, + connection_dict, + NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, + NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST)) { + *out_is_modified = FALSE; + return TRUE; + } + mac_blacklist = g_variant_get_strv(value, NULL); + + g_object_set(setting, NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST, mac_blacklist, NULL); + return TRUE; +} + +GVariant * +_nm_setting_wireless_mac_denylist_to_dbus(_NM_SETT_INFO_PROP_TO_DBUS_FCN_ARGS _nm_nil) +{ + const char *const *mac_denylist; + /* FIXME: `mac-address-denylist` is an alias of `mac-address-blacklist` property. + * Serializing the property to the clients would break them as they won't + * be able to drop it if they are not aware of the existance of + * `mac-address-denylist`. In order to give them time to adapt their code, + * NetworkManager is not serializing `mac-address-denylist` on DBus. + */ + if (_nm_utils_is_manager_process) { + return NULL; + } + + mac_denylist = nm_setting_wireless_get_mac_address_denylist(NM_SETTING_WIRELESS(setting)); + + return g_variant_new_strv(mac_denylist, -1); +} + static gboolean _from_dbus_fcn_seen_bssids(_NM_SETT_INFO_PROP_FROM_DBUS_FCN_ARGS _nm_nil) { @@ -1048,9 +1227,9 @@ verify(NMSetting *setting, NMConnection *connection, GError **error) return FALSE; } - if (priv->mac_address_blacklist.arr) { - for (i = 0; i < priv->mac_address_blacklist.arr->len; i++) { - const char *mac = nm_g_array_index(priv->mac_address_blacklist.arr, const char *, i); + if (priv->mac_address_denylist.arr) { + for (i = 0; i < priv->mac_address_denylist.arr->len; i++) { + const char *mac = nm_g_array_index(priv->mac_address_denylist.arr, const char *, i); if (!nm_utils_hwaddr_valid(mac, ETH_ALEN)) { g_set_error(error, @@ -1061,7 +1240,7 @@ verify(NMSetting *setting, NMConnection *connection, GError **error) g_prefix_error(error, "%s.%s: ", NM_SETTING_WIRELESS_SETTING_NAME, - NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST); + NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST); return FALSE; } } @@ -1339,6 +1518,7 @@ nm_setting_wireless_class_init(NMSettingWirelessClass *klass) GObjectClass *object_class = G_OBJECT_CLASS(klass); NMSettingClass *setting_class = NM_SETTING_CLASS(klass); GArray *properties_override = _nm_sett_info_property_override_create_array_sized(25); + guint prop_idx; object_class->set_property = set_property; object_class->get_property = get_property; @@ -1712,16 +1892,66 @@ nm_setting_wireless_class_init(NMSettingWirelessClass *klass) * is listed. * ---end--- */ - _nm_setting_property_define_direct_strv(properties_override, - obj_properties, - NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, - PROP_MAC_ADDRESS_BLACKLIST, - NM_SETTING_PARAM_FUZZY_IGNORE, - NULL, - NMSettingWirelessPrivate, - mac_address_blacklist, - .direct_set_strv_normalize_hwaddr = TRUE, - .direct_strv_not_null = TRUE); + prop_idx = _nm_setting_property_define_direct_strv( + properties_override, + obj_properties, + NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, + PROP_MAC_ADDRESS_BLACKLIST, + NM_SETTING_PARAM_FUZZY_IGNORE, + NM_SETT_INFO_PROPERT_TYPE_DBUS(G_VARIANT_TYPE_STRING_ARRAY, + .direct_type = NM_VALUE_TYPE_STRV, + .compare_fcn = _nm_setting_property_compare_fcn_direct, + .to_dbus_fcn = _nm_setting_property_to_dbus_fcn_direct, + .from_dbus_fcn = + _nm_setting_wireless_mac_blacklist_from_dbus, ), + NMSettingWirelessPrivate, + mac_address_denylist, + .direct_set_strv_normalize_hwaddr = TRUE, + .direct_strv_not_null = TRUE, + .direct_is_aliased_field = TRUE, + .is_deprecated = TRUE); + + /** + * NMSettingWireless:mac-address-denylist: + * + * A list of permanent MAC addresses of Wi-Fi devices to which this + * connection should never apply. Each MAC address should be given in the + * standard hex-digits-and-colons notation (eg "00:11:22:33:44:55"). + **/ + /* ---keyfile--- + * property: mac-address-denylist + * format: list of MACs (separated with semicolons) + * description: MAC address denylist. + * example: mac-address-denylist= 00:22:68:12:79:A6;00:22:68:12:79:78 + * ---end--- + */ + /* ---ifcfg-rh--- + * property: mac-address-denylist + * variable: HWADDR_BLACKLIST(+) + * description: It denies usage of the connection for any device whose address + * is listed. + * ---end--- + */ + _nm_setting_property_define_direct_strv( + properties_override, + obj_properties, + NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST, + PROP_MAC_ADDRESS_DENYLIST, + NM_SETTING_PARAM_FUZZY_IGNORE, + NM_SETT_INFO_PROPERT_TYPE_DBUS(G_VARIANT_TYPE_STRING_ARRAY, + .direct_type = NM_VALUE_TYPE_STRV, + .compare_fcn = _nm_setting_property_compare_fcn_direct, + .to_dbus_fcn = _nm_setting_wireless_mac_denylist_to_dbus, + .from_dbus_fcn = + _nm_setting_wireless_mac_denylist_from_dbus, ), + NMSettingWirelessPrivate, + mac_address_denylist, + .direct_set_strv_normalize_hwaddr = TRUE, + .direct_strv_not_null = TRUE, + .direct_also_notify = obj_properties[PROP_MAC_ADDRESS_BLACKLIST], ); + + nm_g_array_index(properties_override, NMSettInfoProperty, prop_idx).direct_also_notify = + obj_properties[PROP_MAC_ADDRESS_DENYLIST]; /** * NMSettingWireless:seen-bssids: diff --git a/src/libnm-core-impl/nm-setting.c b/src/libnm-core-impl/nm-setting.c index ebd2070ead..70f756b52b 100644 --- a/src/libnm-core-impl/nm-setting.c +++ b/src/libnm-core-impl/nm-setting.c @@ -2732,7 +2732,8 @@ _nm_setting_property_compare_fcn_direct(_NM_SETT_INFO_PROP_COMPARE_FCN_ARGS _nm_ _nm_setting_property_to_dbus_fcn_direct_mac_address, _nm_setting_connection_controller_to_dbus, _nm_setting_connection_port_type_to_dbus, - _nm_setting_connection_autoconnect_ports_to_dbus)); + _nm_setting_connection_autoconnect_ports_to_dbus, + _nm_setting_wireless_mac_denylist_to_dbus)); if (!property_info->param_spec) return nm_assert_unreachable_val(NM_TERNARY_DEFAULT); diff --git a/src/libnm-core-impl/tests/test-setting.c b/src/libnm-core-impl/tests/test-setting.c index 4b5a0b6f59..142ac0e11d 100644 --- a/src/libnm-core-impl/tests/test-setting.c +++ b/src/libnm-core-impl/tests/test-setting.c @@ -4732,8 +4732,9 @@ test_setting_metadata(void) g_assert(sip->param_spec->value_type == G_TYPE_BYTES); } else if (sip->property_type->direct_type == NM_VALUE_TYPE_STRV) { g_assert(g_variant_type_equal(sip->property_type->dbus_type, "as")); - g_assert(sip->property_type->to_dbus_fcn - == _nm_setting_property_to_dbus_fcn_direct); + g_assert(NM_IN_SET(sip->property_type->to_dbus_fcn, + _nm_setting_property_to_dbus_fcn_direct, + _nm_setting_wireless_mac_denylist_to_dbus)); g_assert(sip->param_spec); g_assert(sip->param_spec->value_type == G_TYPE_STRV); } else diff --git a/src/libnm-core-public/nm-setting-wireless.h b/src/libnm-core-public/nm-setting-wireless.h index 5f8d09c56c..51060df114 100644 --- a/src/libnm-core-public/nm-setting-wireless.h +++ b/src/libnm-core-public/nm-setting-wireless.h @@ -84,6 +84,7 @@ typedef enum /*< flags >*/ { #define NM_SETTING_WIRELESS_CLONED_MAC_ADDRESS "cloned-mac-address" #define NM_SETTING_WIRELESS_GENERATE_MAC_ADDRESS_MASK "generate-mac-address-mask" #define NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST "mac-address-blacklist" +#define NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST "mac-address-denylist" #define NM_SETTING_WIRELESS_MTU "mtu" #define NM_SETTING_WIRELESS_SEEN_BSSIDS "seen-bssids" #define NM_SETTING_WIRELESS_HIDDEN "hidden" @@ -168,14 +169,30 @@ const char *nm_setting_wireless_get_cloned_mac_address(NMSettingWireless *settin NM_AVAILABLE_IN_1_4 const char *nm_setting_wireless_get_generate_mac_address_mask(NMSettingWireless *setting); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 const char *const *nm_setting_wireless_get_mac_address_blacklist(NMSettingWireless *setting); -guint32 nm_setting_wireless_get_num_mac_blacklist_items(NMSettingWireless *setting); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 +guint32 nm_setting_wireless_get_num_mac_blacklist_items(NMSettingWireless *setting); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 const char *nm_setting_wireless_get_mac_blacklist_item(NMSettingWireless *setting, guint32 idx); -gboolean nm_setting_wireless_add_mac_blacklist_item(NMSettingWireless *setting, const char *mac); -void nm_setting_wireless_remove_mac_blacklist_item(NMSettingWireless *setting, guint32 idx); -gboolean nm_setting_wireless_remove_mac_blacklist_item_by_value(NMSettingWireless *setting, - const char *mac); -void nm_setting_wireless_clear_mac_blacklist_items(NMSettingWireless *setting); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 +gboolean nm_setting_wireless_add_mac_blacklist_item(NMSettingWireless *setting, const char *mac); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 +void nm_setting_wireless_remove_mac_blacklist_item(NMSettingWireless *setting, guint32 idx); +_NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 +gboolean nm_setting_wireless_remove_mac_blacklist_item_by_value( + NMSettingWireless *setting, + _NM_DEPRECATED_INCLUSIVE_LANGUAGE_1_48 const char *mac); +void nm_setting_wireless_clear_mac_blacklist_items(NMSettingWireless *setting); + +const char *const *nm_setting_wireless_get_mac_address_denylist(NMSettingWireless *setting); +guint32 nm_setting_wireless_get_num_mac_denylist_items(NMSettingWireless *setting); +const char *nm_setting_wireless_get_mac_denylist_item(NMSettingWireless *setting, guint32 idx); +gboolean nm_setting_wireless_add_mac_denylist_item(NMSettingWireless *setting, const char *mac); +void nm_setting_wireless_remove_mac_denylist_item(NMSettingWireless *setting, guint32 idx); +gboolean nm_setting_wireless_remove_mac_denylist_item_by_value(NMSettingWireless *setting, + const char *mac); +void nm_setting_wireless_clear_mac_denylist_items(NMSettingWireless *setting); guint32 nm_setting_wireless_get_mtu(NMSettingWireless *setting); gboolean nm_setting_wireless_get_hidden(NMSettingWireless *setting); diff --git a/src/libnmc-setting/nm-meta-setting-desc.c b/src/libnmc-setting/nm-meta-setting-desc.c index 86070d3146..8335a4f9c6 100644 --- a/src/libnmc-setting/nm-meta-setting-desc.c +++ b/src/libnmc-setting/nm-meta-setting-desc.c @@ -8237,12 +8237,27 @@ static const NMMetaPropertyInfo *const property_infos_WIRELESS[] = { ), PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST, .property_type = &_pt_multilist, + .hide_if_default = TRUE, + .property_typ_data = DEFINE_PROPERTY_TYP_DATA ( + PROPERTY_TYP_DATA_SUBTYPE (multilist, + .get_num_fcn_u32 = MULTILIST_GET_NUM_FCN_U32 (NMSettingWireless, nm_setting_wireless_get_num_mac_denylist_items), + .add_fcn = MULTILIST_ADD_FCN (NMSettingWireless, nm_setting_wireless_add_mac_denylist_item), + .remove_by_idx_fcn_u32 = MULTILIST_REMOVE_BY_IDX_FCN_U32 (NMSettingWireless, nm_setting_wireless_remove_mac_denylist_item), + .remove_by_value_fcn = MULTILIST_REMOVE_BY_VALUE_FCN (NMSettingWireless, nm_setting_wireless_remove_mac_denylist_item_by_value), + .validate2_fcn = _multilist_validate2_fcn_mac_addr, + .strsplit_plain = TRUE, + ), + .list_items_doc_format = NM_META_PROPERTY_TYPE_FORMAT_MAC, + ), + ), + PROPERTY_INFO_WITH_DESC (NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST, + .property_type = &_pt_multilist, .property_typ_data = DEFINE_PROPERTY_TYP_DATA ( PROPERTY_TYP_DATA_SUBTYPE (multilist, - .get_num_fcn_u32 = MULTILIST_GET_NUM_FCN_U32 (NMSettingWireless, nm_setting_wireless_get_num_mac_blacklist_items), - .add_fcn = MULTILIST_ADD_FCN (NMSettingWireless, nm_setting_wireless_add_mac_blacklist_item), - .remove_by_idx_fcn_u32 = MULTILIST_REMOVE_BY_IDX_FCN_U32 (NMSettingWireless, nm_setting_wireless_remove_mac_blacklist_item), - .remove_by_value_fcn = MULTILIST_REMOVE_BY_VALUE_FCN (NMSettingWireless, nm_setting_wireless_remove_mac_blacklist_item_by_value), + .get_num_fcn_u = MULTILIST_GET_NUM_FCN_U (NMSettingWireless, nm_setting_wireless_get_num_mac_denylist_items), + .add_fcn = MULTILIST_ADD_FCN (NMSettingWireless, nm_setting_wireless_add_mac_denylist_item), + .remove_by_idx_fcn_u = MULTILIST_REMOVE_BY_IDX_FCN_U (NMSettingWireless, nm_setting_wireless_remove_mac_denylist_item), + .remove_by_value_fcn = MULTILIST_REMOVE_BY_VALUE_FCN (NMSettingWireless, nm_setting_wireless_remove_mac_denylist_item_by_value), .validate2_fcn = _multilist_validate2_fcn_mac_addr, .strsplit_plain = TRUE, ), diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in index a9aa3cf412..2dd3d55487 100644 --- a/src/libnmc-setting/settings-docs.h.in +++ b/src/libnmc-setting/settings-docs.h.in @@ -418,6 +418,7 @@ #define DESCRIBE_DOC_NM_SETTING_WIRELESS_HIDDEN N_("If TRUE, indicates that the network is a non-broadcasting network that hides its SSID. This works both in infrastructure and AP mode. In infrastructure mode, various workarounds are used for a more reliable discovery of hidden networks, such as probe-scanning the SSID. However, these workarounds expose inherent insecurities with hidden SSID networks, and thus hidden SSID networks should be used with caution. In AP mode, the created network does not broadcast its SSID. Note that marking the network as hidden may be a privacy issue for you (in infrastructure mode) or client stations (in AP mode), as the explicit probe-scans are distinctly recognizable on the air.") #define DESCRIBE_DOC_NM_SETTING_WIRELESS_MAC_ADDRESS N_("If specified, this connection will only apply to the Wi-Fi device whose permanent MAC address matches. This property does not change the MAC address of the device (i.e. MAC spoofing).") #define DESCRIBE_DOC_NM_SETTING_WIRELESS_MAC_ADDRESS_BLACKLIST N_("A list of permanent MAC addresses of Wi-Fi devices to which this connection should never apply. Each MAC address should be given in the standard hex-digits-and-colons notation (eg \"00:11:22:33:44:55\").") +#define DESCRIBE_DOC_NM_SETTING_WIRELESS_MAC_ADDRESS_DENYLIST N_("A list of permanent MAC addresses of Wi-Fi devices to which this connection should never apply. Each MAC address should be given in the standard hex-digits-and-colons notation (eg \"00:11:22:33:44:55\").") #define DESCRIBE_DOC_NM_SETTING_WIRELESS_MAC_ADDRESS_RANDOMIZATION N_("One of \"default\" (0) (never randomize unless the user has set a global default to randomize and the supplicant supports randomization), \"never\" (1) (never randomize the MAC address), or \"always\" (2) (always randomize the MAC address).") #define DESCRIBE_DOC_NM_SETTING_WIRELESS_MODE N_("Wi-Fi network mode; one of \"infrastructure\", \"mesh\", \"adhoc\" or \"ap\". If blank, infrastructure is assumed.") #define DESCRIBE_DOC_NM_SETTING_WIRELESS_MTU N_("If non-zero, only transmit packets of the specified size or smaller, breaking larger packets up into multiple Ethernet frames.") diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in index 3c3d1c44cb..3428b886a3 100644 --- a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in +++ b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in @@ -58,6 +58,9 @@ <property name="mac-address-blacklist" nmcli-description="A list of permanent MAC addresses of Wi-Fi devices to which this connection should never apply. Each MAC address should be given in the standard hex-digits-and-colons notation (eg "00:11:22:33:44:55")." format="list of MAC addresses" /> + <property name="mac-address-denylist" + nmcli-description="A list of permanent MAC addresses of Wi-Fi devices to which this connection should never apply. Each MAC address should be given in the standard hex-digits-and-colons notation (eg "00:11:22:33:44:55")." + format="list of MAC addresses" /> <property name="mac-address-randomization" nmcli-description="One of "default" (0) (never randomize unless the user has set a global default to randomize and the supplicant supports randomization), "never" (1) (never randomize the MAC address), or "always" (2) (always randomize the MAC address)." format="choice (NMSettingMacRandomization)" diff --git a/src/tests/client/test-client.check-on-disk/test_004.expected b/src/tests/client/test-client.check-on-disk/test_004.expected index 9c4d7f93b3..d7666aa740 100644 --- a/src/tests/client/test-client.check-on-disk/test_004.expected +++ b/src/tests/client/test-client.check-on-disk/test_004.expected @@ -103,7 +103,7 @@ connection.wait-activation-delay: -1 802-11-wireless.mac-address: -- 802-11-wireless.cloned-mac-address: -- 802-11-wireless.generate-mac-address-mask:-- -802-11-wireless.mac-address-blacklist: -- +802-11-wireless.mac-address-denylist: -- 802-11-wireless.mac-address-randomization:default 802-11-wireless.mtu: auto 802-11-wireless.seen-bssids: -- @@ -224,7 +224,7 @@ connection.wait-activation-delay: -1 802-11-wireless.mac-address: -- 802-11-wireless.cloned-mac-address: -- 802-11-wireless.generate-mac-address-mask:-- -802-11-wireless.mac-address-blacklist: -- +802-11-wireless.mac-address-denylist: -- 802-11-wireless.mac-address-randomization:default 802-11-wireless.mtu: automatyczne 802-11-wireless.seen-bssids: -- |