From 30ae48de69329995e724d906fd334536f1cd0030 Mon Sep 17 00:00:00 2001 From: Subho Date: Tue, 24 Oct 2023 13:49:53 +0530 Subject: [PATCH] networking: Add wireguard keepalive and preshared-key option in the gui Update the tests accordingly. fixes #19491 --- pkg/networkmanager/interfaces.js | 25 ++++++++++- pkg/networkmanager/wireguard.jsx | 50 +++++++++++++++++++--- test/verify/check-networkmanager-wireguard | 33 +++++++++++--- 3 files changed, 95 insertions(+), 13 deletions(-) diff --git a/pkg/networkmanager/interfaces.js b/pkg/networkmanager/interfaces.js index 181362ab8df5..0c836ac7d70f 100644 --- a/pkg/networkmanager/interfaces.js +++ b/pkg/networkmanager/interfaces.js @@ -591,7 +591,8 @@ export function NetworkManagerModel() { peers: get("wireguard", "peers", []).map(peer => ({ publicKey: peer['public-key'].v, endpoint: peer.endpoint?.v, // enpoint of a peer is optional - allowedIps: peer['allowed-ips']?.v + allowedIps: peer['allowed-ips']?.v, + persistentKeepalive: peer['persistent-keepalive']?.v, })), }; } @@ -730,7 +731,27 @@ export function NetworkManagerModel() { "allowed-ips": { t: "as", v: peer.allowedIps - } + }, + ...peer.persistentKeepalive + ? { + "persistent-keepalive": { + t: "u", + v: peer.persistentKeepalive + } + } + : {}, + ...peer.presharedKey + ? { + "preshared-key": { + t: "s", + v: peer.presharedKey + }, + 'preshared-key-flags': { + t: "u", + v: 0 + } + } + : {} }; })); } else { diff --git a/pkg/networkmanager/wireguard.jsx b/pkg/networkmanager/wireguard.jsx index d9b56b405149..caa878f9438e 100644 --- a/pkg/networkmanager/wireguard.jsx +++ b/pkg/networkmanager/wireguard.jsx @@ -26,7 +26,7 @@ import { FormGroup, FormFieldGroup, FormFieldGroupHeader, FormHelperText } from import { Flex, FlexItem } from "@patternfly/react-core/dist/esm/layouts/Flex/index.js"; import { Grid } from '@patternfly/react-core/dist/esm/layouts/Grid/index.js'; import { HelperText, HelperTextItem } from '@patternfly/react-core/dist/esm/components/HelperText/index'; -import { InputGroup } from '@patternfly/react-core/dist/esm/components/InputGroup/index.js'; +import { InputGroup, InputGroupItem, InputGroupText } from '@patternfly/react-core/dist/esm/components/InputGroup/index.js'; import { Popover } from '@patternfly/react-core/dist/esm/components/Popover/index.js'; import { Radio } from '@patternfly/react-core/dist/esm/components/Radio/index.js'; import { Text } from "@patternfly/react-core/dist/esm/components/Text/index.js"; @@ -73,7 +73,12 @@ export function WireGuardDialog({ settings, connection, dev }) { const [listenPort, setListenPort] = useState(settings.wireguard.listen_port); const [addresses, setAddresses] = useState(addressesToString(settings.ipv4.addresses)); const [dialogError, setDialogError] = useState(""); - const [peers, setPeers] = useState(settings.wireguard.peers.map(peer => ({ ...peer, allowedIps: peer.allowedIps?.join(",") ?? '' }))); + const [peers, setPeers] = useState(settings.wireguard.peers.map(peer => ({ + ...peer, + allowedIps: peer.allowedIps?.join(",") ?? '', + persistentKeepalive: peer.persistentKeepalive?.toString() ?? '', + presharedKey: peer.presharedKey ?? '' + }))); // Additional check for `wg` after install_dialog for non-packagekit and el8 environments useEffect(() => { @@ -98,6 +103,7 @@ export function WireGuardDialog({ settings, connection, dev }) { const objpath = connection[" priv"].path; const [result] = await model.client.call(objpath, "org.freedesktop.NetworkManager.Settings.Connection", "GetSecrets", ["wireguard"]); setGeneratedPrivateKey(result.wireguard["private-key"].v); + setPeers(oldPeers => oldPeers.map((oldPeer, index) => ({ ...oldPeer, presharedKey: result.wireguard.peers?.v[index]["preshared-key"]?.v ?? '' }))); } if (connection?.[" priv"].path) { @@ -160,7 +166,11 @@ export function WireGuardDialog({ settings, connection, dev }) { throw cockpit.format(_("Peer #$0 has invalid endpoint port. Port must be a number."), index + 1); } } - return ({ ...peer, allowedIps: peer.allowedIps.trim().split(',') }); + if (peer.persistentKeepalive.trim()) { + if (isNaN(Number(peer.persistentKeepalive))) + throw cockpit.format(_("Peer #$0 has invalid persistent keepalive. It must be a number."), index + 1); + } + return ({ ...peer, allowedIps: peer.allowedIps.trim().split(','), persistentKeepalive: Number(peer.persistentKeepalive) }); }); } catch (e) { setDialogError(typeof e === 'string' ? e : e.message); @@ -285,7 +295,7 @@ export function WireGuardDialog({ settings, connection, dev }) { actions={ @@ -315,7 +325,21 @@ export function WireGuardDialog({ settings, connection, dev }) { id={idPrefix + '-endpoint-peer-' + i} /> - + + + + { + setPeers(peers => peers.map((peer, index) => i === index ? { ...peer, persistentKeepalive: val } : peer)); + }} + id={idPrefix + '-keepalive-peer-' + i} + /> + + {_("seconds")} + + + { @@ -324,6 +348,22 @@ export function WireGuardDialog({ settings, connection, dev }) { id={idPrefix + '-allowedips-peer-' + i} /> + + + + }> + { + setPeers(peers => peers.map((peer, index) => i === index ? { ...peer, presharedKey: val } : peer)); + }} + placeholder={_("optional")} + id={idPrefix + '-presharedkey-peer-' + i} + /> +