Bug 2055577

Summary: inconsistency between separators used in wg-peer's allowed-ips field
Product: Red Hat Enterprise Linux 9 Reporter: Matej Berezny <mberezny>
Component: NetworkManagerAssignee: NetworkManager Development Team <nm-team>
Status: CLOSED CANTFIX QA Contact: Desktop QE <desktop-qa-list>
Severity: low Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: bgalvani, lrintel, rkhan, sukulkar, thaller, till
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-02-23 15:12:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matej Berezny 2022-02-17 09:48:30 UTC 
Description of problem: 

When configuring wireguard peers for wireguard connections, there seems to be difference in separators used for adding multiple IP-addresses to allowed-ips field between config-file and nmtui. 

As shown here in section 13.5/6i - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9-beta/html/configuring_and_managing_networking/assembly_setting-up-a-wireguard-vpn_configuring-and-managing-networking#proc_configuring-a-wireguard-using-nmcli_assembly_setting-up-a-wireguard-vpn - when wireguard peers are added through editing "/etc/NetworkManager/system-connections/server-wg0.nmconnection", semicolon is used to separate different ip addresses in "allowed-ips" field. 

In contrary to config-file, nmtui only uses commas to separate ip addresses in wg-peer's allowed-ips field, using semicolon results in failure.


Version-Release number of selected component (if applicable):


How reproducible: always


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:



Additional info: Not sure if this inconsistency is intended (as commas might seem more user friendly), if yes, please feel free to close the bug.
Comment 2 Till Maas 2022-02-22 14:31:41 UTC 
Thomas, is this intentional? If yes, please close the bug.
Comment 3 Thomas Haller 2022-02-23 13:02:16 UTC 
NetworkManager's keyfiles use GKeyfile API for reading/writing the text file. That API supports to write/read string arrays, which it then happens to separate by ';'. The ';' separator comes from there.

There is no reason why nmtui needs to be consistent with that. If at all, it should be more flexible and allow any kinds of separators, like ' ', ',', ';'.

Also, if you enter invalid strings there, the UX is not good (you only see the failure much later when you try to save the profile).

nmtui should improve here. But not to be consistent with keyfile.
Comment 4 Till Maas 2022-02-23 15:12:06 UTC 
(In reply to Matej Berezny from comment #0)

> Additional info: Not sure if this inconsistency is intended (as commas might
> seem more user friendly), if yes, please feel free to close the bug.

So based on comment 3, we cannot accept commas in key files, therefore I close this BZ.