fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-25 10:40:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/clients/cloud-setup/nmcs-provider.h
Thomas Haller ff816dec17 cloud-setup: require to explicitly opt-in for providers via environment variable 
"nm-cloud-setup" is supposed to work without configuration.

However, it (obviously) fetches data from the network you are connected to (which
might be untrusted or controlled by somebody malicious). The tool cannot
protect you against that, also because the meta data services uses HTTP and not
HTTPS. It means, you should run the tool only when it's suitable for your
environment, that is: in the right cloud.

Usually, the user/admin/distributor would know for which cloud the enable the tool.
It's also wasteful to repeatedly probe for the unavailable cloud.

So, instead disable all providers by default and require to opt-in by setting an
environment variable.

This can be conveniently done via `systemctl edit nm-cloud-provider.service` to
set Environment=. Of course, a image can also pre-deploy such am override file.
2019-12-03 16:18:33 +01:00

108 lines
3.5 KiB
C
Raw Blame History

// SPDX-License-Identifier: LGPL-2.1+
#ifndef __NMCS_PROVIDER_H__
#define __NMCS_PROVIDER_H__
/*****************************************************************************/
#include "nm-http-client.h"
/*****************************************************************************/
typedef struct {
in_addr_t *ipv4s_arr;
gsize ipv4s_len;
gssize iface_idx;
in_addr_t cidr_addr;
guint8 cidr_prefix;
bool has_ipv4s:1;
bool has_cidr:1;
/* TRUE, if the configuration was requested via hwaddrs argument to
* nmcs_provider_get_config(). */
bool was_requested:1;
} NMCSProviderGetConfigIfaceData;
static inline gboolean
nmcs_provider_get_config_iface_data_is_valid (const NMCSProviderGetConfigIfaceData *config_data)
{
return config_data
&& config_data->iface_idx >= 0
&& config_data->has_cidr
&& config_data->has_ipv4s;
}
NMCSProviderGetConfigIfaceData *nmcs_provider_get_config_iface_data_new (gboolean was_requested);
typedef struct {
GTask *task;
GHashTable *result_dict;
gpointer extra_data;
GDestroyNotify extra_destroy;
bool any:1;
} NMCSProviderGetConfigTaskData;
#define NMCS_TYPE_PROVIDER (nmcs_provider_get_type ())
#define NMCS_PROVIDER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), NMCS_TYPE_PROVIDER, NMCSProvider))
#define NMCS_PROVIDER_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), NMCS_TYPE_PROVIDER, NMCSProviderClass))
#define NMCS_IS_PROVIDER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), NMCS_TYPE_PROVIDER))
#define NMCS_IS_PROVIDER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), NMCS_TYPE_PROVIDER))
#define NMCS_PROVIDER_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), NMCS_TYPE_PROVIDER, NMCSProviderClass))
#define NMCS_PROVIDER_HTTP_CLIENT "http-client"
struct _NMCSProviderPrivate;
typedef struct {
GObject parent;
struct _NMCSProviderPrivate *_priv;
} NMCSProvider;
typedef struct {
GObjectClass parent;
const char *_name;
const char *_env_provider_enabled;
void (*detect) (NMCSProvider *self,
GTask *task);
void (*get_config) (NMCSProvider *self,
NMCSProviderGetConfigTaskData *get_config_data);
} NMCSProviderClass;
GType nmcs_provider_get_type (void);
/*****************************************************************************/
const char *nmcs_provider_get_name (NMCSProvider *provider);
NMHttpClient *nmcs_provider_get_http_client (NMCSProvider *provider);
GMainContext *nmcs_provider_get_main_context (NMCSProvider *provider);
/*****************************************************************************/
void nmcs_provider_detect (NMCSProvider *provider,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
gboolean nmcs_provider_detect_finish (NMCSProvider *provider,
GAsyncResult *result,
GError **error);
/*****************************************************************************/
void nmcs_provider_get_config (NMCSProvider *provider,
gboolean any,
const char *const*hwaddrs,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
GHashTable *nmcs_provider_get_config_finish (NMCSProvider *provider,
GAsyncResult *result,
GError **error);
#endif /* __NMCS_PROVIDER_H__ */
Reference in a new issue View git blame Copy permalink