NM.WireGuardPeer¶

Fields¶

None

Methods¶

class	`new` ()
	`append_allowed_ip` (allowed_ip, accept_invalid)
	`clear_allowed_ips` ()
	`cmp` (b, compare_flags)
	`get_allowed_ip` (idx, out_is_valid)
	`get_allowed_ips_len` ()
	`get_endpoint` ()
	`get_persistent_keepalive` ()
	`get_preshared_key` ()
	`get_preshared_key_flags` ()
	`get_public_key` ()
	`is_sealed` ()
	`is_valid` (check_non_secrets, check_secrets)
	`new_clone` (with_secrets)
	`ref` ()
	`remove_allowed_ip` (idx)
	`seal` ()
	`set_endpoint` (endpoint, allow_invalid)
	`set_persistent_keepalive` (persistent_keepalive)
	`set_preshared_key` (preshared_key, accept_invalid)
	`set_preshared_key_flags` (preshared_key_flags)
	`set_public_key` (public_key, accept_invalid)
	`unref` ()

Details¶

class NM.WireGuardPeer¶

The settings of one WireGuard peer.

New in version 1.16.

classmethod new()¶

Returns:: a new, default, unsealed NM.WireGuardPeer instance.
Return type:: NM.WireGuardPeer

New in version 1.16.

append_allowed_ip(allowed_ip, accept_invalid)¶

Parameters:

allowed_ip (str) – the allowed-ip entry to set.
accept_invalid (bool) – if True, also invalid allowed_ip value will be appended. Otherwise, the function does nothing in face of invalid values and returns False.

Returns:

True if the value is a valid allowed-ips value, False otherwise. Depending on accept_invalid, also invalid values are added.

Return type:

bool

Appends allowed_ip setting to the list. This does not check for duplicates and always appends allowed_ip to the end of the list. If allowed_ip is valid, it will be normalized and a modified for might be appended. If allowed_ip is invalid, it will still be appended, but later verification will fail.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

clear_allowed_ips()¶

Removes all allowed-ip entries.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

cmp(b, compare_flags)¶

Parameters:

b (NM.WireGuardPeer or None) – the other NM.WireGuardPeer to compare.
compare_flags (NM.SettingCompareFlags) – NM.SettingCompareFlags to affect the comparison.

Returns:

zero of the two instances are equivalent or a non-zero integer otherwise. This defines a total ordering over the peers. Whether a peer is sealed or not, does not affect the comparison.

Return type:

int

New in version 1.16.

get_allowed_ip(idx, out_is_valid)¶

Parameters:

idx (int) – the index from zero to (allowed-ips-len - 1) to retrieve.
out_is_valid (bool or None) – True if the returned value is a valid allowed-ip setting. This parameter is wrongly not marked as (out) argument, it is thus not accessible via introspection. This cannot be fixed without breaking API for introspection users.

Returns:

the allowed-ip setting at index idx. If idx is out of range, None will be returned.

Return type:

str or None

New in version 1.16.

get_allowed_ips_len()¶

Returns:: the number of allowed-ips entries.
Return type:: int

New in version 1.16.

get_endpoint()¶

Returns:: the endpoint or None if none was set.
Return type:: str

New in version 1.16.

get_persistent_keepalive()¶

Returns:: get the persistent-keepalive setting in seconds. Set to zero to disable keep-alive.
Return type:: int

New in version 1.16.

get_preshared_key()¶

Returns:: the preshared key or None if unset.
Return type:: str

New in version 1.16.

get_preshared_key_flags()¶

Returns:: get the secret flags for the preshared-key.
Return type:: NM.SettingSecretFlags

New in version 1.16.

get_public_key()¶

Returns:: the public key or None if unset.
Return type:: str

New in version 1.16.

is_sealed()¶

Returns:: whether self is sealed or not.
Return type:: bool

New in version 1.16.

is_valid(check_non_secrets, check_secrets)¶

Parameters:

check_non_secrets (bool) – if True, secret properties are validated. Otherwise, they are ignored for this purpose.
check_secrets (bool) – if True, non-secret properties are validated. Otherwise, they are ignored for this purpose.

Raises:

GLib.Error

Returns:

True if the peer is valid or fails with an error reason.

Return type:

bool

New in version 1.16.

new_clone(with_secrets)¶

Parameters:: with_secrets (bool) – if True, the preshared-key secrets are copied as well. Otherwise, they will be removed.
Returns:: a clone of self. This instance is always unsealed.
Return type:: NM.WireGuardPeer

New in version 1.16.

ref()¶

Returns:

returns the input argument self after incrementing the reference count.

Since 1.42, ref-counting of NM.WireGuardPeer is thread-safe.

Return type:

NM.WireGuardPeer

New in version 1.16.

remove_allowed_ip(idx)¶

Parameters:: idx (int) – the index from zero to (allowed-ips-len - 1) to retrieve. If the index is out of range, False is returned and nothing is done.
Returns:: True if idx was valid and the allowed-ip was removed. False otherwise, and the peer will not be changed.
Return type:: bool

Removes the allowed-ip at the given idx. This shifts all following entries one index down.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

seal()¶: Seal the NM.WireGuardPeer instance. Afterwards, it is a bug to call all functions that modify the instance (except ref/unref). A sealed instance cannot be unsealed again, but you can create an unsealed copy with NM.WireGuardPeer.new_clone().

New in version 1.16.

set_endpoint(endpoint, allow_invalid)¶

Parameters:

endpoint (str) – the socket address endpoint to set or None.
allow_invalid (bool) – if True, also invalid values are set. If False, the function does nothing for invalid endpoint arguments.

Returns:

True if the endpoint is None or valid. For an invalid endpoint argument, False is returned. Depending on allow_invalid, the instance will be modified.

Return type:

bool

Sets or clears the endpoint of self.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

set_persistent_keepalive(persistent_keepalive)¶

Parameters:: persistent_keepalive (int) – the keep-alive value to set.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

set_preshared_key(preshared_key, accept_invalid)¶

Parameters:

preshared_key (str or None) – the new preshared key or None to clear the preshared key.
accept_invalid (bool) – whether to allow setting the key to an invalid value. If False, self is unchanged if the key is invalid and if False is returned.

Returns:

True if the preshared-key is valid, otherwise False. None is considered a valid value. If the key is invalid, it depends on accept_invalid whether the previous value was reset.

Return type:

bool

Reset the preshared key. Note that if the preshared key is valid, it will be normalized (which may or may not modify the set value).

Note that the preshared-key is a secret and consequently has corresponding preshared-key-flags property. This is so that secrets can be optional and requested on demand from a secret-agent. Also, an invalid preshared-key may optionally cause NM.WireGuardPeer.is_valid() to fail or it may be accepted.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

set_preshared_key_flags(preshared_key_flags)¶

Parameters:: preshared_key_flags (NM.SettingSecretFlags) – the secret flags to set.

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

set_public_key(public_key, accept_invalid)¶

Parameters:

public_key (str or None) – the new public key or None to clear the public key.
accept_invalid (bool) – if True and public_key is not None and invalid, then do not modify the instance.

Returns:

True if the key was valid or None. Returns False for invalid keys. Depending on accept_invalid will an invalid key be set or not.

Return type:

bool

Reset the public key. Note that if the public key is valid, it will be normalized (which may or may not modify the set value).

It is a bug trying to modify a sealed NM.WireGuardPeer instance.

New in version 1.16.

unref()¶

Drop a reference to self. If the last reference is dropped, the instance is freed and all associate data released.

Since 1.42, ref-counting of NM.WireGuardPeer is thread-safe.

New in version 1.16.