vpn: support option to preserve previous routing information on VPN config update

On openvpn restart, the VPN helper script is invoked without full routing information. Thus, the routes will be dropped because the helper script cannot provide them on update. Add an option "preserve-route" which tells NetworkManager to preserve and reuse the previous configuration. https://bugzilla.redhat.com/show_bug.cgi?id=1231338 https://bugzilla.gnome.org/show_bug.cgi?id=750873
author: Thomas Haller <thaller@redhat.com> 2016-07-04 10:21:45 +0200
committer: Thomas Haller <thaller@redhat.com> 2016-07-04 10:31:05 +0200
commit: 375d3e1cb89afb66f26d61f941551a37d94272ae (patch)
tree: 7d3cb308431613429aa7066a03a15da722b9aaab
parent: 5b4581b361af47b5d8da7c47cd21265894ad62b2 (diff)
3 files changed, 38 insertions, 2 deletions
diff --git a/libnm-core/nm-vpn-dbus-interface.h b/libnm-core/nm-vpn-dbus-interface.h
index 9226458d30..3295a1aeaf 100644
--- a/libnm-core/nm-vpn-dbus-interface.h
+++ b/libnm-core/nm-vpn-dbus-interface.h
@@ -242,6 +242,9 @@ typedef enum {
  */
 #define NM_VPN_PLUGIN_IP4_CONFIG_ROUTES      "routes"
 
+/* whether the previous IP4 routing configuration should be preserved. */
+#define NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES "preserve-routes"
+
 /* boolean: prevent this VPN connection from ever getting the default route */
 #define NM_VPN_PLUGIN_IP4_CONFIG_NEVER_DEFAULT "never-default"
 
@@ -293,6 +296,9 @@ typedef enum {
  */
 #define NM_VPN_PLUGIN_IP6_CONFIG_ROUTES      "routes"
 
+/* whether the previous IP6 routing configuration should be preserved. */
+#define NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES "preserve-routes"
+
 /* boolean: prevent this VPN connection from ever getting the default route */
 #define NM_VPN_PLUGIN_IP6_CONFIG_NEVER_DEFAULT "never-default"
 
diff --git a/shared/nm-utils/nm-vpn-plugin-macros.h b/shared/nm-utils/nm-vpn-plugin-macros.h
index d685934cc1..c85ef17a72 100644
--- a/shared/nm-utils/nm-vpn-plugin-macros.h
+++ b/shared/nm-utils/nm-vpn-plugin-macros.h
@@ -39,5 +39,19 @@ nm_utils_syslog_to_str (int syslog_level)
 	return "<error>";
 }
 
+/*****************************************************************************/
+
+/* possibly missing defines from newer libnm API. */
+
+#ifndef NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES
+#define NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES "preserve-routes"
+#endif
+
+#ifndef NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES
+#define NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES "preserve-routes"
+#endif
+
+/*****************************************************************************/
+
 #endif /* __NM_VPN_PLUGIN_MACROS_H__ */
 
diff --git a/src/vpn-manager/nm-vpn-connection.c b/src/vpn-manager/nm-vpn-connection.c
index bdbd4e6f6f..53789093cb 100644
--- a/src/vpn-manager/nm-vpn-connection.c
+++ b/src/vpn-manager/nm-vpn-connection.c
@@ -1340,6 +1340,7 @@ nm_vpn_connection_ip4_config_get (NMVpnConnection *self, GVariant *dict)
 	const char *str;
 	GVariant *v;
 	gboolean b;
+	guint i, n;
 
 	g_return_if_fail (dict && g_variant_is_of_type (dict, G_VARIANT_TYPE_VARDICT));
 
@@ -1426,7 +1427,14 @@ nm_vpn_connection_ip4_config_get (NMVpnConnection *self, GVariant *dict)
 
 	route_metric = nm_vpn_connection_get_ip4_route_metric (self);
 
-	if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_ROUTES, "aau", &iter)) {
+	if (   g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_PRESERVE_ROUTES, "b", &b)
+	    && b) {
+		if (priv->ip4_config) {
+			n = nm_ip4_config_get_num_routes (priv->ip4_config);
+			for (i = 0; i < n; i++)
+				nm_ip4_config_add_route (config, nm_ip4_config_get_route (priv->ip4_config, i));
+		}
+	} else if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP4_CONFIG_ROUTES, "aau", &iter)) {
 		while (g_variant_iter_next (iter, "@au", &v)) {
 			NMPlatformIP4Route route = { 0, };
 
@@ -1492,6 +1500,7 @@ nm_vpn_connection_ip6_config_get (NMVpnConnection *self, GVariant *dict)
 	const char *str;
 	GVariant *v;
 	gboolean b;
+	guint i, n;
 
 	g_return_if_fail (dict && g_variant_is_of_type (dict, G_VARIANT_TYPE_VARDICT));
 
@@ -1568,7 +1577,14 @@ nm_vpn_connection_ip6_config_get (NMVpnConnection *self, GVariant *dict)
 
 	route_metric = nm_vpn_connection_get_ip6_route_metric (self);
 
-	if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP6_CONFIG_ROUTES, "a(ayuayu)", &iter)) {
+	if (   g_variant_lookup (dict, NM_VPN_PLUGIN_IP6_CONFIG_PRESERVE_ROUTES, "b", &b)
+	    && b) {
+		if (priv->ip6_config) {
+			n = nm_ip6_config_get_num_routes (priv->ip6_config);
+			for (i = 0; i < n; i++)
+				nm_ip6_config_add_route (config, nm_ip6_config_get_route (priv->ip6_config, i));
+		}
+	} else if (g_variant_lookup (dict, NM_VPN_PLUGIN_IP6_CONFIG_ROUTES, "a(ayuayu)", &iter)) {
 		GVariant *dest, *next_hop;
 		guint32 prefix, metric;
author	Thomas Haller <thaller@redhat.com>	2016-07-04 10:21:45 +0200
committer	Thomas Haller <thaller@redhat.com>	2016-07-04 10:31:05 +0200
commit	375d3e1cb89afb66f26d61f941551a37d94272ae (patch)
tree	7d3cb308431613429aa7066a03a15da722b9aaab
parent	5b4581b361af47b5d8da7c47cd21265894ad62b2 (diff)