libnm: add new property "ipvX.routed-dns"

src/libnm-client-impl/libnm.ver

@@ -2018,6 +2018,8 @@ global:
 	nm_device_ipvlan_get_vepa;
 	nm_setting_ip4_config_get_dhcp_ipv6_only_preferred;
 	nm_setting_ip4_dhcp_ipv6_only_preferred_get_type;
+	nm_setting_ip_config_get_routed_dns;
+	nm_setting_ip_config_routed_dns_get_type;
 	nm_setting_ipvlan_get_mode;
 	nm_setting_ipvlan_get_parent;
 	nm_setting_ipvlan_get_private;

src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in

@@ -1739,6 +1739,10 @@
                   dbus-type="u"
                   gprop-type="guint"
                   />
+        <property name="routed-dns"
+                  dbus-type="i"
+                  gprop-type="gint"
+                  />
         <property name="routes"
                   dbus-type="aau"
                   dbus-deprecated="1"
@@ -1886,6 +1890,10 @@
                   dbus-type="u"
                   gprop-type="guint"
                   />
+        <property name="routed-dns"
+                  dbus-type="i"
+                  gprop-type="gint"
+                  />
         <property name="routes"
                   dbus-type="a(ayuayu)"
                   dbus-deprecated="1"

src/libnm-core-impl/nm-setting-ip-config.c

@@ -4005,7 +4005,8 @@ NM_GOBJECT_PROPERTIES_DEFINE(NMSettingIPConfig,
                              PROP_DHCP_REJECT_SERVERS,
                              PROP_AUTO_ROUTE_EXT_GW,
                              PROP_REPLACE_LOCAL_RULE,
-                             PROP_DHCP_SEND_RELEASE, );
+                             PROP_DHCP_SEND_RELEASE,
+                             PROP_ROUTED_DNS, );
 
 G_DEFINE_ABSTRACT_TYPE(NMSettingIPConfig, nm_setting_ip_config, NM_TYPE_SETTING)
 
@@ -5480,6 +5481,22 @@ nm_setting_ip_config_get_dhcp_send_release(NMSettingIPConfig *setting)
     return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->dhcp_send_release;
 }
 
+/**
+ * nm_setting_ip_config_get_routed_dns:
+ * @setting: the #NMSettingIPConfig
+ *
+ * Returns: the #NMSettingIPConfig:routed-dns property of the setting
+ *
+ * Since: 1.52
+ **/
+NMSettingIPConfigRoutedDns
+nm_setting_ip_config_get_routed_dns(NMSettingIPConfig *setting)
+{
+    g_return_val_if_fail(NM_IS_SETTING_IP_CONFIG(setting), NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT);
+
+    return NM_SETTING_IP_CONFIG_GET_PRIVATE(setting)->routed_dns;
+}
+
 static gboolean
 verify_label(const char *label)
 {
@@ -6198,6 +6215,13 @@ _nm_sett_info_property_override_create_array_ip_config(int addr_family)
                                                                   NMSettingIPConfigPrivate,
                                                                   dhcp_reject_servers));
 
+    _nm_properties_override_gobj(
+        properties_override,
+        obj_properties[PROP_ROUTED_DNS],
+        &nm_sett_info_propert_type_direct_enum,
+        .direct_offset = NM_STRUCT_OFFSET_ENSURE_TYPE(int, NMSettingIPConfigPrivate, routed_dns),
+        .direct_data.enum_gtype = NM_TYPE_SETTING_IP_CONFIG_ROUTED_DNS);
+
     return properties_override;
 }
 
@@ -6946,5 +6970,26 @@ nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass)
                           NM_TERNARY_DEFAULT,
                           G_PARAM_READWRITE | G_PARAM_EXPLICIT_NOTIFY | G_PARAM_STATIC_STRINGS);
 
+    /**
+     * NMSettingIPConfig:routed-dns:
+     *
+     * Whether to add routes for DNS servers. When enabled, NetworkManager adds a route
+     * for each DNS server that is associated with this connection either statically
+     * (defined in the connection profile) or dynamically (for example, retrieved via
+     * DHCP). The route guarantees that the DNS server is reached via this interface. When
+     * set to %NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT, the value from global
+     * configuration is used; if no global default is defined, this feature is disabled.
+     *
+     * Since: 1.52
+     */
+    obj_properties[PROP_ROUTED_DNS] =
+        g_param_spec_int(NM_SETTING_IP_CONFIG_ROUTED_DNS,
+                         "",
+                         "",
+                         NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT,
+                         NM_SETTING_IP_CONFIG_ROUTED_DNS_YES,
+                         NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT,
+                         G_PARAM_READWRITE | G_PARAM_EXPLICIT_NOTIFY | G_PARAM_STATIC_STRINGS);
+
     g_object_class_install_properties(object_class, _PROPERTY_ENUMS_LAST, obj_properties);
 }

src/libnm-core-impl/nm-setting-private.h

@@ -190,6 +190,7 @@ typedef struct {
     int         auto_route_ext_gw;
     int         replace_local_rule;
     int         dhcp_send_release;
+    int         routed_dns;
     gint32      required_timeout;
     gint32      dad_timeout;
     gint32      dhcp_timeout;

src/libnm-core-impl/tests/test-general.c

@@ -3962,7 +3962,7 @@ typedef struct {
 
 typedef struct {
     const char *name;
-    DiffKey     keys[33];
+    DiffKey     keys[40];
 } DiffSetting;
 
 #define ARRAY_LEN(a) (sizeof(a) / sizeof(a[0]))
@@ -4092,6 +4092,7 @@ test_connection_diff_a_only(void)
              {NM_SETTING_IP_CONFIG_AUTO_ROUTE_EXT_GW, NM_SETTING_DIFF_RESULT_IN_A},
              {NM_SETTING_IP_CONFIG_REPLACE_LOCAL_RULE, NM_SETTING_DIFF_RESULT_IN_A},
              {NM_SETTING_IP_CONFIG_DHCP_SEND_RELEASE, NM_SETTING_DIFF_RESULT_IN_A},
+             {NM_SETTING_IP_CONFIG_ROUTED_DNS, NM_SETTING_DIFF_RESULT_IN_A},
              {NULL, NM_SETTING_DIFF_RESULT_UNKNOWN},
          }},
     };

src/libnm-core-public/nm-setting-ip-config.h

@@ -36,6 +36,23 @@ typedef enum /*< flags >*/ {
     NM_IP_ADDRESS_CMP_FLAGS_WITH_ATTRS = 0x1,
 } NMIPAddressCmpFlags;
 
+/**
+ * NMSettingIPConfigRoutedDns:
+ * @NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT: use the global default value
+ * @NM_SETTING_IP_CONFIG_ROUTED_DNS_NO: do not add DNS routes
+ * @NM_SETTING_IP_CONFIG_ROUTED_DNS_YES: do add DNS routes
+ *
+ * #NMSettingIPConfigRoutedDns indicates whether routes are added
+ * automatically for each DNS that is associated with this connection.
+ *
+ * Since: 1.52
+ */
+typedef enum {
+    NM_SETTING_IP_CONFIG_ROUTED_DNS_DEFAULT = -1,
+    NM_SETTING_IP_CONFIG_ROUTED_DNS_NO      = 0,
+    NM_SETTING_IP_CONFIG_ROUTED_DNS_YES     = 1,
+} NMSettingIPConfigRoutedDns;
+
 typedef struct NMIPAddress NMIPAddress;
 
 GType nm_ip_address_get_type(void);
@@ -343,6 +360,7 @@ char *nm_ip_routing_rule_to_string(const NMIPRoutingRule       *self,
 #define NM_SETTING_IP_CONFIG_AUTO_ROUTE_EXT_GW   "auto-route-ext-gw"
 #define NM_SETTING_IP_CONFIG_REPLACE_LOCAL_RULE  "replace-local-rule"
 #define NM_SETTING_IP_CONFIG_DHCP_SEND_RELEASE   "dhcp-send-release"
+#define NM_SETTING_IP_CONFIG_ROUTED_DNS          "routed-dns"
 
 /* these are not real GObject properties. */
 #define NM_SETTING_IP_CONFIG_ROUTING_RULES "routing-rules"
@@ -512,6 +530,8 @@ NM_AVAILABLE_IN_1_44
 NMTernary nm_setting_ip_config_get_replace_local_rule(NMSettingIPConfig *setting);
 NM_AVAILABLE_IN_1_48
 NMTernary nm_setting_ip_config_get_dhcp_send_release(NMSettingIPConfig *setting);
+NM_AVAILABLE_IN_1_52
+NMSettingIPConfigRoutedDns nm_setting_ip_config_get_routed_dns(NMSettingIPConfig *setting);
 
 G_END_DECLS
 

src/libnmc-setting/nm-meta-setting-desc.c

@@ -6344,6 +6344,9 @@ static const NMMetaPropertyInfo *const property_infos_IP4_CONFIG[] = {
     PROPERTY_INFO (NM_SETTING_IP_CONFIG_DHCP_SEND_RELEASE, DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_SEND_RELEASE,
         .property_type =                &_pt_gobject_ternary,
     ),
+    PROPERTY_INFO (NM_SETTING_IP_CONFIG_ROUTED_DNS, DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTED_DNS,
+                   .property_type =                &_pt_gobject_enum,
+    ),
     PROPERTY_INFO (NM_SETTING_IP_CONFIG_IGNORE_AUTO_ROUTES, DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_IGNORE_AUTO_ROUTES,
         .property_type =                &_pt_gobject_bool,
     ),
@@ -6620,6 +6623,9 @@ static const NMMetaPropertyInfo *const property_infos_IP6_CONFIG[] = {
     PROPERTY_INFO (NM_SETTING_IP_CONFIG_DHCP_SEND_RELEASE, DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_SEND_RELEASE,
         .property_type =                &_pt_gobject_ternary,
     ),
+    PROPERTY_INFO (NM_SETTING_IP_CONFIG_ROUTED_DNS, DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTED_DNS,
+                   .property_type =                &_pt_gobject_enum,
+    ),
     PROPERTY_INFO (NM_SETTING_IP_CONFIG_IGNORE_AUTO_ROUTES, DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_IGNORE_AUTO_ROUTES,
         .property_type =                &_pt_gobject_bool,
     ),

src/libnmc-setting/settings-docs.h.in

@@ -207,6 +207,7 @@
 #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_REQUIRED_TIMEOUT N_("The minimum time interval in milliseconds for which dynamic IP configuration should be tried before the connection succeeds. This property is useful for example if both IPv4 and IPv6 are enabled and are allowed to fail. Normally the connection succeeds as soon as one of the two address families completes; by setting a required timeout for e.g. IPv4, one can ensure that even if IP6 succeeds earlier than IPv4, NetworkManager waits some time for IPv4 before the connection becomes active. Note that if \"may-fail\" is FALSE for the same address family, this property has no effect as NetworkManager needs to wait for the full DHCP timeout. A zero value means that no required timeout is present, -1 means the default value (either configuration ipvx.required-timeout override or zero).")
 #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTE_METRIC N_("The default metric for routes that don't explicitly specify a metric. The default value -1 means that the metric is chosen automatically based on the device type. The metric applies to dynamic routes, manual (static) routes that don't have an explicit metric setting, address prefix routes, and the default route. Note that for IPv6, the kernel accepts zero (0) but coerces it to 1024 (user default). Hence, setting this property to zero effectively mean setting it to 1024. For IPv4, zero is a regular value for the metric.")
 #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTE_TABLE N_("Enable policy routing (source routing) and set the routing table used when adding routes. This affects all routes, including device-routes, IPv4LL, DHCP, SLAAC, default-routes and static routes. But note that static routes can individually overwrite the setting by explicitly specifying a non-zero routing table. If the table setting is left at zero, it is eligible to be overwritten via global configuration. If the property is zero even after applying the global configuration value, policy routing is disabled for the address family of this connection. Policy routing disabled means that NetworkManager will add all routes to the main table (except static routes that explicitly configure a different table). Additionally, NetworkManager will not delete any extraneous routes from tables except the main table. This is to preserve backward compatibility for users who manage routing tables outside of NetworkManager.")
+#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTED_DNS N_("Whether to add routes for DNS servers. When enabled, NetworkManager adds a route for each DNS server that is associated with this connection either statically (defined in the connection profile) or dynamically (for example, retrieved via DHCP). The route guarantees that the DNS server is reached via this interface. When set to \"default\" (-1), the value from global configuration is used; if no global default is defined, this feature is disabled.")
 #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTES N_("A list of IPv4 destination addresses, prefix length, optional IPv4 next hop addresses, optional route metric, optional attribute. The valid syntax is: \"ip[/prefix] [next-hop] [metric] [attribute=val]...[,ip[/prefix]...]\". For example \"192.0.2.0/24 10.1.1.1 77, 198.51.100.0/24\".")
 #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ROUTING_RULES N_("A comma separated list of routing rules for policy routing.")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifier of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix.  This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.")
@@ -240,6 +241,7 @@
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_REQUIRED_TIMEOUT N_("The minimum time interval in milliseconds for which dynamic IP configuration should be tried before the connection succeeds. This property is useful for example if both IPv4 and IPv6 are enabled and are allowed to fail. Normally the connection succeeds as soon as one of the two address families completes; by setting a required timeout for e.g. IPv4, one can ensure that even if IP6 succeeds earlier than IPv4, NetworkManager waits some time for IPv4 before the connection becomes active. Note that if \"may-fail\" is FALSE for the same address family, this property has no effect as NetworkManager needs to wait for the full DHCP timeout. A zero value means that no required timeout is present, -1 means the default value (either configuration ipvx.required-timeout override or zero).")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTE_METRIC N_("The default metric for routes that don't explicitly specify a metric. The default value -1 means that the metric is chosen automatically based on the device type. The metric applies to dynamic routes, manual (static) routes that don't have an explicit metric setting, address prefix routes, and the default route. Note that for IPv6, the kernel accepts zero (0) but coerces it to 1024 (user default). Hence, setting this property to zero effectively mean setting it to 1024. For IPv4, zero is a regular value for the metric.")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTE_TABLE N_("Enable policy routing (source routing) and set the routing table used when adding routes. This affects all routes, including device-routes, IPv4LL, DHCP, SLAAC, default-routes and static routes. But note that static routes can individually overwrite the setting by explicitly specifying a non-zero routing table. If the table setting is left at zero, it is eligible to be overwritten via global configuration. If the property is zero even after applying the global configuration value, policy routing is disabled for the address family of this connection. Policy routing disabled means that NetworkManager will add all routes to the main table (except static routes that explicitly configure a different table). Additionally, NetworkManager will not delete any extraneous routes from tables except the main table. This is to preserve backward compatibility for users who manage routing tables outside of NetworkManager.")
+#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTED_DNS N_("Whether to add routes for DNS servers. When enabled, NetworkManager adds a route for each DNS server that is associated with this connection either statically (defined in the connection profile) or dynamically (for example, retrieved via DHCP). The route guarantees that the DNS server is reached via this interface. When set to \"default\" (-1), the value from global configuration is used; if no global default is defined, this feature is disabled.")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTES N_("Array of IP routes.")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTING_RULES N_("A comma separated list of routing rules for policy routing.")
 #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_TEMP_PREFERRED_LIFETIME N_("The preferred lifetime of autogenerated temporary addresses, in seconds. Having a per-connection setting set to \"0\" (default) means fallback to global configuration \"ipv6.temp-preferred-lifetime\" setting\". If it's also unspecified or set to \"0\", fallback to read \"/proc/sys/net/ipv6/conf/default/temp_prefered_lft\".")

src/nmcli/gen-metadata-nm-settings-nmcli.xml.in

@@ -1352,6 +1352,10 @@
                   nmcli-description="Whether the DHCP client will send RELEASE message when bringing the connection down. The default value is "default" (-1). When the default value is specified, then the global value from NetworkManager configuration is looked up, if not set, it is considered as FALSE."
                   format="ternary"
                   values="true/yes/on, false/no/off, default/unknown" />
+        <property name="routed-dns"
+                  nmcli-description="Whether to add routes for DNS servers. When enabled, NetworkManager adds a route for each DNS server that is associated with this connection either statically (defined in the connection profile) or dynamically (for example, retrieved via DHCP). The route guarantees that the DNS server is reached via this interface. When set to &quot;default&quot; (-1), the value from global configuration is used; if no global default is defined, this feature is disabled."
+                  format="choice (NMSettingIPConfigRoutedDns)"
+                  values="default (-1), no (0), yes (1)" />
         <property name="ignore-auto-routes"
                   nmcli-description="When &quot;method&quot; is set to &quot;auto&quot; and this property to TRUE, automatically configured routes are ignored and only routes specified in the &quot;routes&quot; property, if any, are used."
                   format="boolean"
@@ -1474,6 +1478,10 @@
                   nmcli-description="Whether the DHCP client will send RELEASE message when bringing the connection down. The default value is &quot;default&quot; (-1). When the default value is specified, then the global value from NetworkManager configuration is looked up, if not set, it is considered as FALSE."
                   format="ternary"
                   values="true/yes/on, false/no/off, default/unknown" />
+        <property name="routed-dns"
+                  nmcli-description="Whether to add routes for DNS servers. When enabled, NetworkManager adds a route for each DNS server that is associated with this connection either statically (defined in the connection profile) or dynamically (for example, retrieved via DHCP). The route guarantees that the DNS server is reached via this interface. When set to &quot;default&quot; (-1), the value from global configuration is used; if no global default is defined, this feature is disabled."
+                  format="choice (NMSettingIPConfigRoutedDns)"
+                  values="default (-1), no (0), yes (1)" />
         <property name="ignore-auto-routes"
                   nmcli-description="When &quot;method&quot; is set to &quot;auto&quot; and this property to TRUE, automatically configured routes are ignored and only routes specified in the &quot;routes&quot; property, if any, are used."
                   format="boolean"