From 04c8ec7360b32d8b52bbd81664e05584c2bbe301 Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Fri, 7 Oct 2011 15:58:05 +0200 Subject: [PATCH] libnm-util: new 'zone' property for NMSettingConnection Used to indicate what firewall zone the interface should be in when the connection is active. --- libnm-util/libnm-util.ver | 1 + libnm-util/nm-setting-connection.c | 56 ++++++++++++++++++++++++++++++ libnm-util/nm-setting-connection.h | 9 +++++ 3 files changed, 66 insertions(+) diff --git a/libnm-util/libnm-util.ver b/libnm-util/libnm-util.ver index 53c2482e26..4c0d6e8b66 100644 --- a/libnm-util/libnm-util.ver +++ b/libnm-util/libnm-util.ver @@ -186,6 +186,7 @@ global: nm_setting_connection_get_id; nm_setting_connection_get_num_permissions; nm_setting_connection_get_permission; + nm_setting_connection_get_zone; nm_setting_connection_get_read_only; nm_setting_connection_get_timestamp; nm_setting_connection_get_type; diff --git a/libnm-util/nm-setting-connection.c b/libnm-util/nm-setting-connection.c index e9030b1072..c30e955753 100644 --- a/libnm-util/nm-setting-connection.c +++ b/libnm-util/nm-setting-connection.c @@ -101,6 +101,7 @@ typedef struct { gboolean autoconnect; guint64 timestamp; gboolean read_only; + char *zone; } NMSettingConnectionPrivate; enum { @@ -112,6 +113,7 @@ enum { PROP_AUTOCONNECT, PROP_TIMESTAMP, PROP_READ_ONLY, + PROP_ZONE, LAST_PROP }; @@ -478,6 +480,22 @@ nm_setting_connection_get_read_only (NMSettingConnection *setting) return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->read_only; } +/** + * nm_setting_connection_get_zone: + * @setting: the #NMSettingConnection + * + * Returns the #NMSettingConnection:zone property of the connection. + * + * Returns: the trust level of a connection + **/ +const char * +nm_setting_connection_get_zone (NMSettingConnection *setting) +{ + g_return_val_if_fail (NM_IS_SETTING_CONNECTION (setting), NULL); + + return NM_SETTING_CONNECTION_GET_PRIVATE (setting)->zone; +} + static gint find_setting_by_name (gconstpointer a, gconstpointer b) { @@ -550,6 +568,14 @@ verify (NMSetting *setting, GSList *all_settings, GError **error) return FALSE; } + if (priv->zone && !priv->zone[0]) { + g_set_error (error, + NM_SETTING_CONNECTION_ERROR, + NM_SETTING_CONNECTION_ERROR_INVALID_PROPERTY, + NM_SETTING_CONNECTION_TYPE); + return FALSE; + } + /* Make sure the corresponding 'type' item is present */ if (all_settings && !g_slist_find_custom (all_settings, priv->type, find_setting_by_name)) { g_set_error (error, @@ -591,6 +617,7 @@ finalize (GObject *object) g_free (priv->id); g_free (priv->uuid); g_free (priv->type); + g_free (priv->zone); nm_utils_slist_free (priv->permissions, (GDestroyNotify) permission_free); G_OBJECT_CLASS (nm_setting_connection_parent_class)->finalize (object); @@ -644,6 +671,10 @@ set_property (GObject *object, guint prop_id, case PROP_READ_ONLY: priv->read_only = g_value_get_boolean (value); break; + case PROP_ZONE: + g_free (priv->zone); + priv->zone = g_value_dup_string (value); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -689,6 +720,9 @@ get_property (GObject *object, guint prop_id, case PROP_READ_ONLY: g_value_set_boolean (value, nm_setting_connection_get_read_only (setting)); break; + case PROP_ZONE: + g_value_set_string (value, nm_setting_connection_get_zone (setting)); + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -876,4 +910,26 @@ nm_setting_connection_class_init (NMSettingConnectionClass *setting_class) "cannot yet write updated connections back out.", FALSE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_FUZZY_IGNORE)); + + /** + * NMSettingConnection:zone: + * + * The trust level of a the connection. + * Free form case-insensitive string (for example "Home", "Work", "Public"). + * NULL or unspecified zone means the connection will be placed in the + * default zone as defined by the firewall. + **/ + g_object_class_install_property + (object_class, PROP_ZONE, + g_param_spec_string (NM_SETTING_CONNECTION_ZONE, + "Zone", + "The trust level of a the connection." + "Free form case-insensitive string (for example " + "\"Home\", \"Work\", \"Public\"). NULL or " + "unspecified zone means the connection will be " + "placed in the default zone as defined by the " + "firewall.", + NULL, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT | NM_SETTING_PARAM_SERIALIZE | NM_SETTING_PARAM_FUZZY_IGNORE)); + } diff --git a/libnm-util/nm-setting-connection.h b/libnm-util/nm-setting-connection.h index 1ec5bf1204..9e8582b230 100644 --- a/libnm-util/nm-setting-connection.h +++ b/libnm-util/nm-setting-connection.h @@ -75,6 +75,14 @@ GQuark nm_setting_connection_error_quark (void); #define NM_SETTING_CONNECTION_TIMESTAMP "timestamp" #define NM_SETTING_CONNECTION_READ_ONLY "read-only" #define NM_SETTING_CONNECTION_PERMISSIONS "permissions" +#define NM_SETTING_CONNECTION_ZONE "zone" + +/* Well-known zone names */ +#define NM_SETTING_CONNECTION_ZONE_TRUSTED "trusted" +#define NM_SETTING_CONNECTION_ZONE_HOME "home" +#define NM_SETTING_CONNECTION_ZONE_WORK "work" +#define NM_SETTING_CONNECTION_ZONE_PUBLIC "public" +#define NM_SETTING_CONNECTION_ZONE_BLOCK "block" /** * NMSettingConnection: @@ -112,6 +120,7 @@ gboolean nm_setting_connection_get_permission (NMSettingConnection *set const char **out_ptype, const char **out_pitem, const char **out_detail); +const char *nm_setting_connection_get_zone (NMSettingConnection *setting); gboolean nm_setting_connection_permissions_user_allowed (NMSettingConnection *setting, const char *uname); gboolean nm_setting_connection_add_permission (NMSettingConnection *setting, const char *ptype,