fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-03 02:20:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src
History
Michael Catanzaro c447a4886d
libnmc-base: don't set DNS priority when importing Wireguard connections 
This is actually trying *too* hard to prevent DNS leaks, breaking normal
expected use of split DNS. Let systemd-resolved handle sending our DNS
queries to the right place instead.

It's true that NetworkManager is trying to emulate the behavior of
wg-quick here, and wg-quick uses 'resolvconf -x' to attempt to set
"exclusive" DNS. But with systemd-resolved this is implemented by
setting a ~. routing domain for the Wireguard interface. That is a
*really* big hammer already, since Domain=~. overrides +DefaultRoute,
ensuring most DNS queries can only go to other interfaces with Domain=~.
NetworkManager follows systemd-resolved's recommended convention by only
applying Domain=~. to other "privacy VPNs" since 1.26.6. Setting DNS
priority only prevents *domain-specific* "leaks", which are almost
always desired. For example, it prevents using both the Wireguard VPN
and a corporate VPN at the same time.

Note that all of the justification behind !688 applies here as well.

See-also: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/688
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/585

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/901
2021-06-23 20:31:14 +02:00
..
c-list build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
c-rbtree build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
c-siphash build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
c-stdaux build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
contrib clang-format: reformat code with clang 12 2021-05-04 13:56:26 +02:00
core wifi/p2p: Use address assigned by GO when available 2021-06-23 20:25:26 +02:00
libnm-base lgtm: suppress lgtm[cpp/duplicate-include-guard] warning in ethtool header 2021-06-01 17:54:07 +02:00
libnm-client-aux-extern build: move "clients/common/" to "src/libnmc-{base,setting}/" 2021-03-02 08:38:25 +01:00
libnm-client-impl libnm: add NM_OBJECT_CLIENT property 2021-06-23 14:55:05 +02:00
libnm-client-public libnm: add NM_OBJECT_CLIENT property 2021-06-23 14:55:05 +02:00
libnm-client-test build/meson: cleanup dependencies for libnm-core-aux-intern 2021-02-28 10:42:05 +01:00
libnm-core-aux-extern build/meson: cleanup dependencies for libnm-core-aux-extern 2021-02-28 10:42:06 +01:00
libnm-core-aux-intern libnm: add nm_auto_unref_tc_action cleanup macro for NMTCAction 2021-05-11 13:56:45 +02:00
libnm-core-impl Docs:improve manual page about qdiscs and tfilters 2021-06-23 08:59:45 -04:00
libnm-core-intern libnm: add flag to control whether to_dbus_fcn() should handle default values 2021-06-23 12:47:33 +02:00
libnm-core-public libnm: belatedly export nm_ip_routing_rule_[gs]et_uid_range() symbols 2021-06-21 10:00:20 +02:00
libnm-glib-aux glib-aux: rework NM_HASH_COMBINE_BOOLS() macro to avoid expression statement 2021-06-23 13:09:24 +02:00
libnm-log-core logging: add _nm_log_full() macro 2021-04-12 16:46:01 +02:00
libnm-log-null build: remove shared/ directory 2021-02-24 12:49:13 +01:00
libnm-platform libnm-platform: add NM_PLATFORM_MATCH_WITH_ADDRSTATE_DEPRECATED 2021-06-21 10:08:27 +02:00
libnm-std-aux std-aux: rework NM_STATIC_ASSERT_EXPR() macro 2021-06-23 13:09:24 +02:00
libnm-systemd-core systemd: merge branch systemd into main 2021-06-23 13:47:39 +02:00
libnm-systemd-shared systemd: merge branch systemd into main 2021-06-23 13:47:39 +02:00
libnm-udev-aux build/meson: cleanup dependencies for libnm-udev-aux 2021-02-28 10:42:04 +01:00
libnmc-base libnmc-base: don't set DNS priority when importing Wireguard connections 2021-06-23 20:31:14 +02:00
libnmc-setting libnm/docs: better explain "connection.autoconnect{,-priority}" 2021-06-22 13:06:38 +02:00
libnmt-newt libnmt-newt: use cleanup macro in nmt_newt_button_build_component() 2021-05-11 13:56:50 +02:00
linux-headers platform: move "linux/nl802154.h" to "src/linux-headers/" 2021-03-05 11:27:15 +01:00
n-acd build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
n-dhcp4 build: move c-util/nettools library from "shared/" to "src/" 2021-02-24 12:48:28 +01:00
nm-cloud-setup clang-format: reformat code with clang 12 2021-05-04 13:56:26 +02:00
nm-daemon-helper nm-daemon-helper: fix indentation 2021-06-16 18:32:44 +02:00
nm-dispatcher core,nm-dispatcher: use nm_utils_get_process_exit_status_desc() 2021-06-11 21:43:11 +02:00
nm-initrd-generator all: only include "libnm-glib-aux/nm-uuid.h" where needed 2021-05-04 15:51:51 +02:00
nm-online build: move "clients/nm-online.c" to "src/nm-online/" 2021-03-02 08:38:26 +01:00
nmcli libnm/docs: better explain "connection.autoconnect{,-priority}" 2021-06-22 13:06:38 +02:00
nmtui tui: use internal _nm_utils_ip4_prefix_to_netmask() helper 2021-05-11 13:56:48 +02:00
tests/client cli: handle empty/unset values for "gsm.apn" property 2021-05-03 10:11:25 +02:00
meson.build core: add infrastructure for spawning a helper process 2021-06-11 21:43:12 +02:00