Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
vpn-provider: Add PreventIpv6DataLeak to provider bool settings
[vpn-provider] Add PreventIPv6DataLeak to provider bool settings. JB#53542

Support PreventIPv6DataLeak value changing on provider. Emit
PropertyChanged signal to connmand when value is set. This value depends
on the actual VPN setting and does not need to be saved along provider
settings.

Add a helper function for VPN plugins to use for changing the value as
each plugin uses it to simplify code. The function supports enabling of
either or both of the IP family networks but current functionality does
changes only to the PreventIPv6DataLeak value. This is meant to be a
part of future plans.
  • Loading branch information
LaakkonenJussi committed Apr 27, 2021
1 parent 61a59dc commit 4ab5f78
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 0 deletions.
17 changes: 17 additions & 0 deletions connman/vpn/vpn-provider.c
Expand Up @@ -2905,6 +2905,8 @@ int vpn_provider_set_boolean(struct vpn_provider *provider, const char *key,
provider->do_split_routing = value;
send_value_boolean(provider->path, key,
provider->do_split_routing);
} else if (g_str_equal(key, "PreventIPv6DataLeak")) {
send_value_boolean(provider->path, key, value);
}

return 0;
Expand Down Expand Up @@ -2956,6 +2958,21 @@ bool vpn_provider_get_string_immutable(struct vpn_provider *provider,
return setting->immutable;
}

int vpn_provider_set_supported_ip_networks(struct vpn_provider *provider,
bool ipv4_enabled, bool ipv6_enabled)
{
if (!provider)
return -EINVAL;

/* Both cannot be off */
if (!ipv4_enabled && !ipv6_enabled)
return -EINVAL;

/* If IPv6 is not enabled enable the feature to prevent data leak */
return vpn_provider_set_boolean(provider, "PreventIPv6DataLeak",
!ipv6_enabled, true);
}

bool __vpn_provider_check_routes(struct vpn_provider *provider)
{
if (!provider)
Expand Down
3 changes: 3 additions & 0 deletions connman/vpn/vpn-provider.h
Expand Up @@ -94,6 +94,9 @@ int vpn_provider_set_boolean(struct vpn_provider *provider, const char *key,
bool vpn_provider_get_boolean(struct vpn_provider *provider, const char *key,
bool default_value);

int vpn_provider_set_supported_ip_networks(struct vpn_provider *provider,
bool ipv4_enabled, bool ipv6_enabled);

int vpn_provider_set_state(struct vpn_provider *provider,
enum vpn_provider_state state);

Expand Down

0 comments on commit 4ab5f78

Please sign in to comment.