Draft: [RFC] libnm,nmcli: introduce a ipv4.dhcp-use-routes property

Summary

The DHCP server can provide routes to clients using different options:

• 121 (Classless Static Route)
• 249 (Microsoft Classless Static Route)
• 33 (Static Route)

TunnelVision [1] is a recently published technique that allows a malicious actor to reroute the victim's traffic that should normally directed to a VPN, by injecting higher priority routes into the victim's routing table via the options mention above.

[1] https://github.com/leviathansecurity/TunnelVision/

A defense to this attack is to ignore the routes from those options; introduce a ipv4.dhcp-use-routes property for this purpose.

The property is currently implemented on the NMSettingIpConfig setting, and so it can be potentially implemented also for IPv6 in the future. At the moment it's not because DHCPv6 doesn't provide routes.

Fixes #1535

Open questions

• Is this the right approach? Option 121 et al. can be used also to provide a default route in alternative to the "routers" option (3). So, instead of ignoring altogether the options above, we could parse them and then ignore non-default routes.
• Should the property name use the negated form, similarly to ipv4.ignore-auto-{dns,routes}? I find that the negated form (set TRUE to not do something) is confusing, so I prefer the current name.

Checklist

Please read https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/CONTRIBUTING.md before opening the merge request. In particular, check that:

• the subject for all commits is concise and explicative
• the message for all commits explains the reason for the change
• the source is properly formatted
• any relevant documentation is up to date
• you have added unit tests if applicable
• the NEWS file is updated when the change deserves to be mentioned, for example for new features, behavior changes, API deprecations, etc.