libnm-util: new 'zone' property for NMSettingConnection

Used to indicate what firewall zone the interface should be in when the connection is active.
2026-02-05 06:30:33 +01:00 · 2011-10-07 15:58:05 +02:00 · 2011-10-07 15:58:05 +02:00 · 04c8ec7360
commit 04c8ec7360
parent 88faa0e0ca
3 changed files with 66 additions and 0 deletions
--- a/libnm-util/libnm-util.ver
+++ b/libnm-util/libnm-util.ver
@ -186,6 +186,7 @@ global:
 	nm_setting_connection_get_id;
 	nm_setting_connection_get_num_permissions;
 	nm_setting_connection_get_permission;
+	nm_setting_connection_get_zone;
 	nm_setting_connection_get_read_only;
 	nm_setting_connection_get_timestamp;
 	nm_setting_connection_get_type;
--- a/libnm-util/nm-setting-connection.c
+++ b/libnm-util/nm-setting-connection.c
@ -101,6 +101,7 @@ typedef struct {
 	gboolean autoconnect;
 	guint64 timestamp;
 	gboolean read_only;
+	char *zone;
 } NMSettingConnectionPrivate;

 enum {
@ -112,6 +113,7 @@ enum {
 	PROP_AUTOCONNECT,
 	PROP_TIMESTAMP,
 	PROP_READ_ONLY,
+	PROP_ZONE,

 	LAST_PROP
 };
@ -478,6 +480,22 @@ nm_setting_connection_get_read_only (NMSettingConnection *setting)
 	return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->read_only;
 }

+/**
+ * nm_setting_connection_get_zone:
+ * @setting: the #NMSettingConnection
+ *
+ * Returns the #NMSettingConnection:zone property of the connection.
+ *
+ * Returns: the trust level of a connection
+ **/
+const char *
+nm_setting_connection_get_zone (NMSettingConnection *setting)
+{
+	g_return_val_if_fail (NM_IS_SETTING_CONNECTION (setting), NULL);
+
+	return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->zone;
+}
+
 static gint
 find_setting_by_name (gconstpointer a, gconstpointer b)
 {
@ -550,6 +568,14 @@ verify (NMSetting *setting, GSList *all_settings, GError **error)
 		return FALSE;
 	}

+	if (priv->zone && !priv->zone[0]) {
+		g_set_error (error,
+		             NM_SETTING_CONNECTION_ERROR,
+		             NM_SETTING_CONNECTION_ERROR_INVALID_PROPERTY,
+		             NM_SETTING_CONNECTION_TYPE);
+		return FALSE;
+	}
+
 	/* Make sure the corresponding 'type' item is present */
 	if (all_settings && !g_slist_find_custom (all_settings, priv->type, find_setting_by_name)) {
 		g_set_error (error,
@ -591,6 +617,7 @@ finalize (GObject *object)
 	g_free (priv->id);
 	g_free (priv->uuid);
 	g_free (priv->type);
+	g_free (priv->zone);
 	nm_utils_slist_free (priv->permissions, (GDestroyNotify) permission_free);

 	G_OBJECT_CLASS (nm_setting_connection_parent_class)->finalize (object);
@ -644,6 +671,10 @@ set_property (GObject *object, guint prop_id,
 	case PROP_READ_ONLY:
 		priv->read_only = g_value_get_boolean (value);
 		break;
+	case PROP_ZONE:
+		g_free (priv->zone);
+		priv->zone = g_value_dup_string (value);
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
 		break;
@ -689,6 +720,9 @@ get_property (GObject *object, guint prop_id,
 	case PROP_READ_ONLY:
 		g_value_set_boolean (value, nm_setting_connection_get_read_only (setting));
 		break;
+	case PROP_ZONE:
+		g_value_set_string (value, nm_setting_connection_get_zone (setting));
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
 		break;
@ -876,4 +910,26 @@ nm_setting_connection_class_init (NMSettingConnectionClass *setting_class)
 	                      "cannot yet write updated connections back out.",
 	                      FALSE,
 	                      G_PARAM_READWRITE | G_PARAM_CONSTRUCT | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_FUZZY_IGNORE));
+
+	/**
+	 * NMSettingConnection:zone:
+	 *
+	 * The trust level of a the connection.
+	 * Free form case-insensitive string (for example "Home", "Work", "Public").
+	 * NULL or unspecified zone means the connection will be placed in the
+	 * default zone as defined by the firewall.
+	 **/
+	g_object_class_install_property
+		(object_class, PROP_ZONE,
+		 g_param_spec_string (NM_SETTING_CONNECTION_ZONE,
+						  "Zone",
+						  "The trust level of a the connection."
+						  "Free form case-insensitive string (for example "
+						  "\"Home\", \"Work\", \"Public\").  NULL or "
+						  "unspecified zone means the connection will be "
+						  "placed in the default zone as defined by the "
+						  "firewall.",
+						  NULL,
+						  G_PARAM_READWRITE | G_PARAM_CONSTRUCT | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_FUZZY_IGNORE));
+
 }
--- a/libnm-util/nm-setting-connection.h
+++ b/libnm-util/nm-setting-connection.h
@ -75,6 +75,14 @@ GQuark nm_setting_connection_error_quark (void);
 #define NM_SETTING_CONNECTION_TIMESTAMP   "timestamp"
 #define NM_SETTING_CONNECTION_READ_ONLY   "read-only"
 #define NM_SETTING_CONNECTION_PERMISSIONS "permissions"
+#define NM_SETTING_CONNECTION_ZONE        "zone"
+
+/* Well-known zone names */
+#define NM_SETTING_CONNECTION_ZONE_TRUSTED   "trusted"
+#define NM_SETTING_CONNECTION_ZONE_HOME      "home"
+#define NM_SETTING_CONNECTION_ZONE_WORK      "work"
+#define NM_SETTING_CONNECTION_ZONE_PUBLIC    "public"
+#define NM_SETTING_CONNECTION_ZONE_BLOCK     "block"

 /**
 * NMSettingConnection:
@ -112,6 +120,7 @@ gboolean    nm_setting_connection_get_permission       (NMSettingConnection *set
                                                        const char **out_ptype,
                                                        const char **out_pitem,
                                                        const char **out_detail);
+const char *nm_setting_connection_get_zone             (NMSettingConnection *setting);
 gboolean    nm_setting_connection_permissions_user_allowed (NMSettingConnection *setting, const char *uname);
 gboolean    nm_setting_connection_add_permission       (NMSettingConnection *setting,
                                                        const char *ptype,