openvpn3_rs/proxy/sessions_node.rs
1//! # DBus interface proxy for: `net.openvpn.v3.sessions`
2//!
3//! This code was generated by `zbus-xmlgen` `3.1.0` from DBus introspection data.
4//! Source: `net.openvpn.v3.sessions.node.xml`.
5
6use self::constants::*;
7use crate::log::constants::{LogGroup, LogLevel};
8use zbus::{dbus_proxy, fdo};
9
10/// Session Object
11///
12/// [OpenVPN Documentation](https://github.com/OpenVPN/openvpn3-linux/blob/master/docs/dbus/dbus-service-net.openvpn.v3.sessions.md)
13#[dbus_proxy(
14 interface = "net.openvpn.v3.sessions",
15 default_service = "net.openvpn.v3.sessions",
16 default_path = "/net/openvpn/v3/sessions"
17)]
18pub trait SessionsNode {
19 /// AccessGrant method
20 ///
21 /// By default, only the user ID (UID) who created the session have access to it. This method used to grant other users access to this session.
22 ///
23 /// # Arguments
24 ///
25 /// * `uid` - The UID to the user account which is granted access;
26 fn access_grant(&self, uid: u32) -> zbus::Result<()>;
27
28 /// AccessRevoke method
29 ///
30 /// This revokes access to a session object for a specific user. Please note that the owner (the user which initiated this session) cannot have its access revoked.
31 ///
32 /// # Arguments
33 ///
34 /// * `uid` - The UID to the user account which gets the access revoked.
35 fn access_revoke(&self, uid: u32) -> zbus::Result<()>;
36
37 /// Connect method
38 ///
39 /// This method starts the connection process. This requires that all credentials needed before contacting the server have been provided. It is always a good idea to first call the `net.openvpn.v3.sessions.Ready` method first to ensure the backend is ready to connect.
40 fn connect(&self) -> zbus::Result<()>;
41
42 /// Disconnect method
43 ///
44 /// Disconnects a VPN connection. This will shutdown and stop the VPN backend process and the session object will be removed.
45 fn disconnect(&self) -> zbus::Result<()>;
46
47 /// LogForward method
48 ///
49 /// This enables log forwarding from the session to the currently connected D-Bus client. The forwarding itself is sent by the `net.openvpn.v3.log` service.
50 ///
51 /// # Arguments
52 ///
53 /// * `enable` - Enables or disables the log forwarding.
54 fn log_forward(&self, enable: bool) -> zbus::Result<()>;
55
56 /// Pause method
57 ///
58 /// This method pauses an on-going VPN connection.
59 ///
60 /// # Arguments
61 ///
62 /// * `reason` - A string used for log purposes primarily, describing why the tunnel was paused.
63 fn pause(&self, reason: &str) -> zbus::Result<()>;
64
65 /// Ready method
66 ///
67 /// This method is to check if the backend VPN client is ready to connect. If it is ready, it will return immediately. If it is not, it will return with a D-Bus error exception providing the reason it is not ready. Most commonly it needs some input from the user, such as user credentials or some challenge token not already provided in the configuration.
68 fn ready(&self) -> zbus::Result<()>;
69
70 /// Restart method
71 ///
72 /// Completely disconnects and reconnects an active VPN connection.
73 fn restart(&self) -> zbus::Result<()>;
74
75 /// Resume method
76 ///
77 /// Resumes a paused VPN connection.
78 fn resume(&self) -> zbus::Result<()>;
79
80 /// UserInputProvide method
81 ///
82 /// This method is used to return information from the front-end application to the backend service.
83 ///
84 /// # Arguments
85 ///
86 /// * `type_` - [ClientAttentionType] reference to query for.
87 /// * `group` - [ClientAttentionGroup] reference to query for.
88 /// * `id` - Request ID to query for, provided by `UserInputQueueCheck()`.
89 /// * `value` - The frontend's response to the backend.
90 fn user_input_provide(
91 &self,
92 type_: ClientAttentionType,
93 group: ClientAttentionGroup,
94 id: u32,
95 value: &str,
96 ) -> zbus::Result<()>;
97
98 /// UserInputQueueCheck method
99 ///
100 /// This is used to get the proper index values of information requests the backend has asked for and which is not yet satisfied. The index list is tied to a specific ([ClientAttentionType], [ClientAttentionGroup]) tuple.
101 ///
102 /// # Arguments
103 ///
104 /// * `type_` - [ClientAttentionType] reference to query for.
105 /// * `group` - [ClientAttentionGroup] reference to query for.
106 ///
107 /// # Returns
108 ///
109 /// An array of indexes which needs to be provided.
110 fn user_input_queue_check(
111 &self,
112 type_: ClientAttentionType,
113 group: ClientAttentionGroup,
114 ) -> zbus::Result<Vec<u32>>;
115
116 /// UserInputQueueFetch method
117 ///
118 /// This method returns details about a specific information request from the backend process.
119 ///
120 /// # Arguments
121 ///
122 /// * `type_` - [ClientAttentionType] reference to query for.
123 /// * `group` - [ClientAttentionGroup] reference to query for.
124 /// * `id` - Request ID to query for, provided by `UserInputQueueCheck()`.
125 ///
126 /// # Returns
127 ///
128 /// A tuple consisting of:
129 ///
130 /// 0. `type` - [ClientAttentionType] reference.
131 /// 1. `group` - [ClientAttentionGroup] reference.
132 /// 2. `id` - Request ID.
133 /// 3. `name` - An internal variable name.
134 /// 4. `description` - A description to present to the front-end user.
135 /// 5. `hidden_input` - If true, the user's input should be masked/hidden.
136 fn user_input_queue_fetch(
137 &self,
138 type_: ClientAttentionType,
139 group: ClientAttentionGroup,
140 id: u32,
141 ) -> zbus::Result<(
142 ClientAttentionType,
143 ClientAttentionGroup,
144 u32,
145 String,
146 String,
147 bool,
148 )>;
149
150 /// UserInputQueueGetTypeGroup method
151 ///
152 /// This will return information about various [ClientAttentionType] and [ClientAttentionGroup] tuples which contains requests for the front-end application. This information is used when checking the request queue via `UserInputQueueCheck()`.
153 ///
154 /// # Returns
155 ///
156 /// An array of tuples of ([ClientAttentionType], [ClientAttentionGroup]).
157 fn user_input_queue_get_type_group(&self)
158 -> zbus::Result<Vec<result::UserInputQueueTypeGroup>>;
159
160 /// AttentionRequired signal
161 ///
162 /// This signal is issued whenever the backend needs information, most commonly from the front-end user interface. This can be used to get user credentials or do PKCS#11/SmartCard operations, etc.
163 ///
164 /// See [AttentionRequiredArgs].
165 #[dbus_proxy(signal)]
166 fn attention_required(
167 &self,
168 type_: ClientAttentionType,
169 group: ClientAttentionGroup,
170 message: &str,
171 ) -> zbus::Result<()>;
172
173 /// Log signal
174 ///
175 /// See [LogArgs].
176 #[dbus_proxy(signal, name = "Log")]
177 fn log(&self, group: LogGroup, level: LogLevel, message: &str) -> zbus::Result<()>;
178
179 /// StatusChange signal
180 ///
181 /// This signal is issued each time specific events occurs. They can both be from the session object itself or [StatusChange] messages proxied from the VPN client backend process.
182 ///
183 /// See [StatusChangeArgs].
184 #[dbus_proxy(signal)]
185 fn status_change(
186 &self,
187 code_major: StatusMajor,
188 code_minor: StatusMinor,
189 message: &str,
190 ) -> zbus::Result<()>;
191
192 /// acl property
193 ///
194 /// An array of UID values granted access.
195 #[dbus_proxy(property, name = "acl")]
196 fn acl(&self) -> zbus::Result<Vec<u32>>;
197
198 /// backend_pid property
199 ///
200 /// Process ID of the VPN backend client process.
201 #[dbus_proxy(property, name = "backend_pid")]
202 fn backend_pid(&self) -> zbus::Result<u32>;
203
204 /// config_name property
205 ///
206 /// Name of the configuration profile when the session was started.
207 #[dbus_proxy(property, name = "config_name")]
208 fn config_name(&self) -> zbus::Result<String>;
209
210 /// config_path property
211 ///
212 /// D-Bus object path to the configuration profile used.
213 #[dbus_proxy(property, name = "config_path")]
214 fn config_path(&self) -> zbus::Result<zbus::zvariant::OwnedObjectPath>;
215
216 /// dco property
217 ///
218 /// Kernel based Data Channel Offload flag. Must be modified before calling `Connect()` to override the current setting.
219 #[dbus_proxy(property, name = "dco")]
220 fn dco(&self) -> zbus::Result<bool>;
221 fn set_dco(&self, value: bool) -> fdo::Result<()>;
222
223 /// device_name property
224 ///
225 /// Virtual network interface name used by this session.
226 #[dbus_proxy(property, name = "device_name")]
227 fn device_name(&self) -> zbus::Result<String>;
228
229 /// device_path property
230 ///
231 /// D-Bus object path to the `net.openvpn.v3.netcfg` device object related to this session.
232 #[dbus_proxy(property, name = "device_path")]
233 fn device_path(&self) -> zbus::Result<String>;
234
235 /// last_log property
236 ///
237 /// Contains the last Log signal proxied from the backend process.
238 #[dbus_proxy(property, name = "last_log")]
239 fn last_log(&self) -> zbus::Result<result::Log>;
240
241 /// log_forwards property
242 ///
243 /// Log Proxy/forward object paths used by `net.openvpn.v3.log` to configure the forwarding.
244 #[dbus_proxy(property, name = "log_forwards")]
245 fn log_forwards(&self) -> zbus::Result<Vec<zbus::zvariant::OwnedObjectPath>>;
246
247 /// log_verbosity property
248 ///
249 /// Defines the minimum log level Log signals should have to be sent.
250 #[dbus_proxy(property, name = "log_verbosity")]
251 fn log_verbosity(&self) -> zbus::Result<LogLevel>;
252 fn set_log_verbosity(&self, value: LogLevel) -> fdo::Result<()>;
253
254 /// owner property
255 ///
256 /// The UID value of the user which did the import.
257 #[dbus_proxy(property, name = "owner")]
258 fn owner(&self) -> zbus::Result<u32>;
259
260 /// public_access property
261 ///
262 /// If set to true, access control is disabled. Only owner may change this property, modify the ACL or delete the configuration.
263 #[dbus_proxy(property, name = "public_access")]
264 fn public_access(&self) -> zbus::Result<bool>;
265 fn set_public_access(&self, value: bool) -> fdo::Result<()>;
266
267 /// restrict_log_access property
268 ///
269 /// If set to true, only the session owner can modify `receive_log_events` and `log_verbosity`, otherwise all granted users can access the log settings.
270 #[dbus_proxy(property, name = "restrict_log_access")]
271 fn restrict_log_access(&self) -> zbus::Result<bool>;
272 fn set_restrict_log_access(&self, value: bool) -> fdo::Result<()>;
273
274 /// session_created property
275 ///
276 /// Unix Epoc timestamp of when the session was created.
277 #[dbus_proxy(property, name = "session_created")]
278 fn session_created(&self) -> zbus::Result<u64>;
279
280 /// session_name property
281 ///
282 /// Name of the VPN session, named by the the OpenVPN 3 Core library on successful connect.
283 #[dbus_proxy(property, name = "session_name")]
284 fn session_name(&self) -> zbus::Result<String>;
285
286 /// statistics property
287 ///
288 /// Contains tunnel statistics.
289 #[dbus_proxy(property, name = "statistics")]
290 fn statistics(&self) -> zbus::Result<result::Statistics>;
291
292 /// status property
293 ///
294 /// Contains the last processed StatusChange signal.
295 #[dbus_proxy(property, name = "status")]
296 fn status(&self) -> zbus::Result<result::Status>;
297}
298
299pub mod result {
300 use crate::log::constants::{LogCategory, LogGroup};
301
302 use super::constants::*;
303 use serde::{Deserialize, Serialize};
304 use static_assertions::assert_impl_all;
305 use zbus::zvariant::{OwnedValue, Type};
306
307 pub type Statistics = std::collections::HashMap<String, i64>;
308 pub type UserInputQueueTypeGroup = (ClientAttentionType, ClientAttentionGroup);
309
310 /// Essentially a saved [super::Log] signal
311 #[derive(Debug, Type, Serialize, Deserialize, PartialEq)]
312 pub struct Log {
313 pub group: LogGroup,
314 pub category: LogCategory,
315 pub message: String,
316 }
317
318 impl TryFrom<(u8, u8, String)> for Log {
319 type Error = <u8 as TryFrom<OwnedValue>>::Error;
320
321 fn try_from(v: (u8, u8, String)) -> std::result::Result<Self, Self::Error> {
322 Ok(Self {
323 group: unsafe { std::mem::transmute(<u8>::try_from(v.0)?) },
324 category: unsafe { std::mem::transmute(<u8>::try_from(v.1)?) },
325 message: v.2,
326 })
327 }
328 }
329
330 impl TryFrom<OwnedValue> for Log {
331 type Error = zbus::Error;
332
333 fn try_from(v: OwnedValue) -> std::result::Result<Self, Self::Error> {
334 let v: (u8, u8, String) = v.try_into()?;
335 Ok(Log::try_from(v)?)
336 }
337 }
338
339 assert_impl_all!(Log: Send, Sync, Unpin);
340
341 /// Essentially a saved [super::StatusChange] signal
342 #[derive(Debug, Type, Serialize, Deserialize, PartialEq)]
343 pub struct Status {
344 /// Major status group classification.
345 pub code_major: StatusMajor,
346 /// Minor status category classification within the status group.
347 pub code_minor: StatusMinor,
348 /// An optional string containing a more descriptive message of the signal.
349 pub status_message: String,
350 }
351
352 impl TryFrom<(u32, u32, String)> for Status {
353 type Error = <u32 as TryFrom<OwnedValue>>::Error;
354
355 fn try_from(v: (u32, u32, String)) -> std::result::Result<Self, Self::Error> {
356 Ok(Self {
357 code_major: unsafe { std::mem::transmute(<u32>::try_from(v.0)?) },
358 code_minor: unsafe { std::mem::transmute(<u32>::try_from(v.1)?) },
359 status_message: v.2,
360 })
361 }
362 }
363
364 impl TryFrom<OwnedValue> for Status {
365 type Error = zbus::Error;
366
367 fn try_from(v: OwnedValue) -> std::result::Result<Self, Self::Error> {
368 let v: (u32, u32, String) = v.try_into()?;
369 Ok(Status::try_from(v)?)
370 }
371 }
372
373 assert_impl_all!(Status: Send, Sync, Unpin);
374}
375
376pub mod constants {
377 use std::fmt;
378
379 use serde_repr::{Deserialize_repr, Serialize_repr};
380 use static_assertions::assert_impl_all;
381 use zbus::zvariant::{OwnedValue, Type};
382
383 /// Client Attention Type
384 ///
385 /// Source: openvpn3-linux/src/dbus/constants.hpp
386 #[repr(u32)]
387 #[derive(Deserialize_repr, Serialize_repr, Copy, Clone, Type, Debug, PartialEq, Eq)]
388
389 pub enum ClientAttentionType {
390 /// This is an invalid value, used for initialization only
391 Unset,
392 /// User credentials are requested
393 Credentials,
394 /// PKCS#11/Smart card operation
395 PKCS11,
396 /// Access permission
397 AccessPerm,
398 }
399
400 assert_impl_all!(ClientAttentionType: Send, Sync, Unpin);
401
402 impl fmt::Display for ClientAttentionType {
403 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
404 match self {
405 Self::Unset => write!(f, "(unset)",),
406 Self::Credentials => write!(f, "User Credentials",),
407 Self::PKCS11 => write!(f, "PKCS#11 operation",),
408 Self::AccessPerm => write!(f, "Requesting access permission"),
409 }
410 }
411 }
412
413 /// Client Attention Group
414 ///
415 /// Source: openvpn3-linux/src/dbus/constants.hpp
416 #[repr(u32)]
417 #[derive(Deserialize_repr, Serialize_repr, Copy, Clone, Type, Debug, PartialEq, Eq)]
418 pub enum ClientAttentionGroup {
419 /// This is an invalid value, used for initialization only
420 Unset,
421 /// Classic username/password authentication
422 UserPassword,
423 /// Credentials for authenticating to the HTTP proxy
424 HttpProxyCreds,
425 /// Passphrase for the user's private key
426 PkPassphrase,
427 /// Static challenge/response authentication, typically acquired before a connection starts
428 ChallengeStatic,
429 /// Dynamic challenge/response authentication, requested by the VPN server
430 ChallengeDynamic,
431 /// PKCS#11 signature operation
432 PKCS11Sign,
433 /// PKCS#11 decrypt operation
434 PKCS11Decrypt,
435 /// URL for web authentication
436 OpenUrl,
437 }
438
439 assert_impl_all!(ClientAttentionGroup: Send, Sync, Unpin);
440
441 impl fmt::Display for ClientAttentionGroup {
442 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
443 match self {
444 Self::Unset => write!(f, "(unset)"),
445 Self::UserPassword => write!(f, "Username/password authentication"),
446 Self::HttpProxyCreds => write!(f, "HTTP proxy credentials"),
447 Self::PkPassphrase => write!(f, "Private key passphrase"),
448 Self::ChallengeStatic => write!(f, "Static challenge"),
449 Self::ChallengeDynamic => write!(f, "Dynamic challenge"),
450 Self::PKCS11Sign => write!(f, "PKCS#11 sign operation"),
451 Self::PKCS11Decrypt => write!(f, "PKCS#11 decrypt operation"),
452 Self::OpenUrl => write!(f, "Web authentication"),
453 }
454 }
455 }
456
457 /// Status Major
458 ///
459 /// Source: openvpn3-linux/src/dbus/constants.hpp
460 #[repr(u32)]
461 #[derive(Deserialize_repr, Serialize_repr, Copy, Clone, Type, Debug, PartialEq, Eq)]
462 pub enum StatusMajor {
463 /// Invalid status major code, used for initialization
464 UNSET = 0,
465 /// Status is related to configuration
466 CONFIG = 1,
467 /// Status is related to an OpenVPN connection
468 CONNECTION = 2,
469 /// Status is related to an on-going session
470 SESSION = 3,
471 /// Status is related to Smart Card/PKCS#11 operations
472 PKCS11 = 4,
473 /// Status is related to process management
474 PROCESS = 5,
475 }
476
477 assert_impl_all!(StatusMajor: Send, Sync, Unpin);
478
479 impl TryFrom<OwnedValue> for StatusMajor {
480 type Error = <u32 as TryFrom<OwnedValue>>::Error;
481
482 fn try_from(v: OwnedValue) -> Result<Self, Self::Error> {
483 // safe because StatusMajor has repr u32
484 Ok(unsafe { std::mem::transmute(<u32>::try_from(v)?) })
485 }
486 }
487
488 impl fmt::Display for StatusMajor {
489 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
490 match self {
491 StatusMajor::UNSET => write!(f, "(unset)"),
492 StatusMajor::CONFIG => write!(f, "Configuration"),
493 StatusMajor::CONNECTION => write!(f, "Connection"),
494 StatusMajor::SESSION => write!(f, "Session"),
495 StatusMajor::PKCS11 => write!(f, "PKCS#11"),
496 StatusMajor::PROCESS => write!(f, "Process"),
497 }
498 }
499 }
500
501 /// Status Minor
502 ///
503 /// Source: openvpn3-linux/src/dbus/constants.hpp
504 #[repr(u32)]
505 #[derive(Deserialize_repr, Serialize_repr, Copy, Clone, Type, Debug, PartialEq, Eq)]
506 pub enum StatusMinor {
507 /// An invalid result code, used for initialization
508 Unset,
509
510 /// Failed parsing configuration
511 CfgError,
512 /// Configuration file parsed successfully
513 CfgOk,
514 /// Some embedded (inline) files are missing
515 CfgInlineMissing,
516 /// Require input from user
517 CfgRequireUser,
518
519 /// Client connection initialized, ready to connect
520 ConnInit,
521 /// Client started connecting
522 ConnConnecting,
523 /// Client have connected successfully
524 ConnConnected,
525 /// Client started disconnect process
526 ConnDisconnecting,
527 /// Client completed disconnecting
528 ConnDisconnected,
529 /// Client connection failed, disconnected
530 ConnFailed,
531 /// Client authentication failed, disconnected
532 ConnAuthFailed,
533 /// Client needed to reconnect
534 ConnReconnecting,
535 /// Client started to pause the connection
536 ConnPausing,
537 /// Client connection is paused
538 ConnPaused,
539 /// Client connection is resuming
540 ConnResuming,
541 /// Client connection process have completed and exited successfully
542 ConnDone,
543
544 /// New session object created
545 SessNew,
546 /// Backend session object have completed its task
547 SessBackendCompleted,
548 /// Session object removed
549 SessRemoved,
550 /// User/password authentication needed
551 SessAuthUserpass,
552 /// Challenge/response authentication needed
553 SessAuthChallenge,
554 /// Authentication needed via external URL
555 SessAuthUrl,
556
557 /// PKCS#11 sign operation required
558 PKCS11Sign,
559 /// PKCS#11 encryption operation required
560 PKCS11Encrypt,
561 /// PKCS#11 decryption operation required
562 PKCS11Decrypt,
563 /// PKCS#11 verification operation required
564 PKCS11Verify,
565
566 /// Successfully started a new process
567 ProcStarted,
568 /// A process of ours stopped as expected
569 ProcStopped,
570 /// A process of ours stopped unexpectedly
571 ProcKilled,
572 }
573
574 assert_impl_all!(StatusMinor: Send, Sync, Unpin);
575
576 impl TryFrom<OwnedValue> for StatusMinor {
577 type Error = <u32 as TryFrom<OwnedValue>>::Error;
578
579 fn try_from(v: OwnedValue) -> Result<Self, Self::Error> {
580 // safe because StatusMinor has repr u32
581 Ok(unsafe { std::mem::transmute(<u32>::try_from(v)?) })
582 }
583 }
584
585 impl fmt::Display for StatusMinor {
586 fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
587 match self {
588 StatusMinor::Unset => write!(f, "(unset)"),
589 StatusMinor::CfgError => write!(f, "Configuration error"),
590 StatusMinor::CfgOk => write!(f, "Configuration OK"),
591 StatusMinor::CfgInlineMissing => write!(f, "Configuration missing inline data"),
592 StatusMinor::CfgRequireUser => write!(f, "Configuration requires user input"),
593 StatusMinor::ConnInit => write!(f, "Client initialized"),
594 StatusMinor::ConnConnecting => write!(f, "Client connecting"),
595 StatusMinor::ConnConnected => write!(f, "Client connected"),
596 StatusMinor::ConnDisconnecting => write!(f, "Client disconnecting"),
597 StatusMinor::ConnDisconnected => write!(f, "Client disconnected"),
598 StatusMinor::ConnFailed => write!(f, "Client connection failed"),
599 StatusMinor::ConnAuthFailed => write!(f, "Client authentication failed"),
600 StatusMinor::ConnReconnecting => write!(f, "Client reconnect"),
601 StatusMinor::ConnPausing => write!(f, "Client pausing connection"),
602 StatusMinor::ConnPaused => write!(f, "Client connection paused"),
603 StatusMinor::ConnResuming => write!(f, "Client connection resuming"),
604 StatusMinor::ConnDone => write!(f, "Client process exited"),
605 StatusMinor::SessNew => write!(f, "New session created"),
606 StatusMinor::SessBackendCompleted => write!(f, "Backend Session Object completed"),
607 StatusMinor::SessRemoved => write!(f, "Session deleted"),
608 StatusMinor::SessAuthUserpass => write!(f, "User/password authentication"),
609 StatusMinor::SessAuthChallenge => write!(f, "Challenge/response authentication"),
610 StatusMinor::SessAuthUrl => write!(f, "URL authentication"),
611 StatusMinor::PKCS11Sign => write!(f, "PKCS#11 Sign"),
612 StatusMinor::PKCS11Encrypt => write!(f, "PKCS#11 Encrypt"),
613 StatusMinor::PKCS11Decrypt => write!(f, "PKCS#11 Decrypt"),
614 StatusMinor::PKCS11Verify => write!(f, "PKCS#11 Verify"),
615 StatusMinor::ProcStarted => write!(f, "Process started"),
616 StatusMinor::ProcStopped => write!(f, "Process stopped"),
617 StatusMinor::ProcKilled => write!(f, "Process killed"),
618 }
619 }
620 }
621}