1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net;
18 
19 import static android.net.ConnectivityManager.NETID_UNSET;
20 
21 import android.compat.annotation.UnsupportedAppUsage;
22 import android.os.Build;
23 import android.system.ErrnoException;
24 import android.util.Log;
25 import android.util.Pair;
26 
27 import com.android.net.module.util.Inet4AddressUtils;
28 
29 import java.io.FileDescriptor;
30 import java.math.BigInteger;
31 import java.net.Inet4Address;
32 import java.net.Inet6Address;
33 import java.net.InetAddress;
34 import java.net.SocketException;
35 import java.net.UnknownHostException;
36 import java.util.Locale;
37 import java.util.TreeSet;
38 
39 /**
40  * Native methods for managing network interfaces.
41  *
42  * {@hide}
43  */
44 public class NetworkUtils {
45     static {
46         System.loadLibrary("framework-connectivity-jni");
47     }
48 
49     private static final String TAG = "NetworkUtils";
50 
51     /**
52      * Attaches a socket filter that drops all of incoming packets.
53      * @param fd the socket's {@link FileDescriptor}.
54      */
55     public static native void attachDropAllBPFFilter(FileDescriptor fd) throws SocketException;
56 
57     /**
58      * Detaches a socket filter.
59      * @param fd the socket's {@link FileDescriptor}.
60      */
61     public static native void detachBPFFilter(FileDescriptor fd) throws SocketException;
62 
63     private static native boolean bindProcessToNetworkHandle(long netHandle);
64 
65     /**
66      * Binds the current process to the network designated by {@code netId}.  All sockets created
67      * in the future (and not explicitly bound via a bound {@link SocketFactory} (see
68      * {@link Network#getSocketFactory}) will be bound to this network.  Note that if this
69      * {@code Network} ever disconnects all sockets created in this way will cease to work.  This
70      * is by design so an application doesn't accidentally use sockets it thinks are still bound to
71      * a particular {@code Network}.  Passing NETID_UNSET clears the binding.
72      */
73     public static boolean bindProcessToNetwork(int netId) {
74         return bindProcessToNetworkHandle(new Network(netId).getNetworkHandle());
75     }
76 
77     private static native long getBoundNetworkHandleForProcess();
78 
79     /**
80      * Return the netId last passed to {@link #bindProcessToNetwork}, or NETID_UNSET if
81      * {@link #unbindProcessToNetwork} has been called since {@link #bindProcessToNetwork}.
82      */
83     public static int getBoundNetworkForProcess() {
84         final long netHandle = getBoundNetworkHandleForProcess();
85         return netHandle == 0L ? NETID_UNSET : Network.fromNetworkHandle(netHandle).getNetId();
86     }
87 
88     /**
89      * Binds host resolutions performed by this process to the network designated by {@code netId}.
90      * {@link #bindProcessToNetwork} takes precedence over this setting.  Passing NETID_UNSET clears
91      * the binding.
92      *
93      * @deprecated This is strictly for legacy usage to support startUsingNetworkFeature().
94      */
95     @Deprecated
96     public native static boolean bindProcessToNetworkForHostResolution(int netId);
97 
98     private static native int bindSocketToNetworkHandle(FileDescriptor fd, long netHandle);
99 
100     /**
101      * Explicitly binds {@code fd} to the network designated by {@code netId}.  This
102      * overrides any binding via {@link #bindProcessToNetwork}.
103      * @return 0 on success or negative errno on failure.
104      */
105     public static int bindSocketToNetwork(FileDescriptor fd, int netId) {
106         return bindSocketToNetworkHandle(fd, new Network(netId).getNetworkHandle());
107     }
108 
109     /**
110      * Determine if {@code uid} can access network designated by {@code netId}.
111      * @return {@code true} if {@code uid} can access network, {@code false} otherwise.
112      */
113     public static boolean queryUserAccess(int uid, int netId) {
114         // TODO (b/183485986): remove this method
115         return false;
116     }
117 
118     private static native FileDescriptor resNetworkSend(
119             long netHandle, byte[] msg, int msglen, int flags) throws ErrnoException;
120 
121     /**
122      * DNS resolver series jni method.
123      * Issue the query {@code msg} on the network designated by {@code netId}.
124      * {@code flags} is an additional config to control actual querying behavior.
125      * @return a file descriptor to watch for read events
126      */
127     public static FileDescriptor resNetworkSend(
128             int netId, byte[] msg, int msglen, int flags) throws ErrnoException {
129         return resNetworkSend(new Network(netId).getNetworkHandle(), msg, msglen, flags);
130     }
131 
132     private static native FileDescriptor resNetworkQuery(
133             long netHandle, String dname, int nsClass, int nsType, int flags) throws ErrnoException;
134 
135     /**
136      * DNS resolver series jni method.
137      * Look up the {@code nsClass} {@code nsType} Resource Record (RR) associated
138      * with Domain Name {@code dname} on the network designated by {@code netId}.
139      * {@code flags} is an additional config to control actual querying behavior.
140      * @return a file descriptor to watch for read events
141      */
142     public static FileDescriptor resNetworkQuery(
143             int netId, String dname, int nsClass, int nsType, int flags) throws ErrnoException {
144         return resNetworkQuery(new Network(netId).getNetworkHandle(), dname, nsClass, nsType,
145                 flags);
146     }
147 
148     /**
149      * DNS resolver series jni method.
150      * Read a result for the query associated with the {@code fd}.
151      * @return DnsResponse containing blob answer and rcode
152      */
153     public static native DnsResolver.DnsResponse resNetworkResult(FileDescriptor fd)
154             throws ErrnoException;
155 
156     /**
157      * DNS resolver series jni method.
158      * Attempts to cancel the in-progress query associated with the {@code fd}.
159      */
160     public static native void resNetworkCancel(FileDescriptor fd);
161 
162     /**
163      * DNS resolver series jni method.
164      * Attempts to get network which resolver will use if no network is explicitly selected.
165      */
166     public static native Network getDnsNetwork() throws ErrnoException;
167 
168     /**
169      * Get the tcp repair window associated with the {@code fd}.
170      *
171      * @param fd the tcp socket's {@link FileDescriptor}.
172      * @return a {@link TcpRepairWindow} object indicates tcp window size.
173      */
174     public static native TcpRepairWindow getTcpRepairWindow(FileDescriptor fd)
175             throws ErrnoException;
176 
177     /**
178      * @see Inet4AddressUtils#intToInet4AddressHTL(int)
179      * @deprecated Use either {@link Inet4AddressUtils#intToInet4AddressHTH(int)}
180      *             or {@link Inet4AddressUtils#intToInet4AddressHTL(int)}
181      */
182     @Deprecated
183     @UnsupportedAppUsage
184     public static InetAddress intToInetAddress(int hostAddress) {
185         return Inet4AddressUtils.intToInet4AddressHTL(hostAddress);
186     }
187 
188     /**
189      * @see Inet4AddressUtils#inet4AddressToIntHTL(Inet4Address)
190      * @deprecated Use either {@link Inet4AddressUtils#inet4AddressToIntHTH(Inet4Address)}
191      *             or {@link Inet4AddressUtils#inet4AddressToIntHTL(Inet4Address)}
192      */
193     @Deprecated
194     public static int inetAddressToInt(Inet4Address inetAddr)
195             throws IllegalArgumentException {
196         return Inet4AddressUtils.inet4AddressToIntHTL(inetAddr);
197     }
198 
199     /**
200      * @see Inet4AddressUtils#prefixLengthToV4NetmaskIntHTL(int)
201      * @deprecated Use either {@link Inet4AddressUtils#prefixLengthToV4NetmaskIntHTH(int)}
202      *             or {@link Inet4AddressUtils#prefixLengthToV4NetmaskIntHTL(int)}
203      */
204     @Deprecated
205     @UnsupportedAppUsage
206     public static int prefixLengthToNetmaskInt(int prefixLength)
207             throws IllegalArgumentException {
208         return Inet4AddressUtils.prefixLengthToV4NetmaskIntHTL(prefixLength);
209     }
210 
211     /**
212      * Convert a IPv4 netmask integer to a prefix length
213      * @param netmask as an integer (0xff000000 for a /8 subnet)
214      * @return the network prefix length
215      */
216     public static int netmaskIntToPrefixLength(int netmask) {
217         return Integer.bitCount(netmask);
218     }
219 
220     /**
221      * Convert an IPv4 netmask to a prefix length, checking that the netmask is contiguous.
222      * @param netmask as a {@code Inet4Address}.
223      * @return the network prefix length
224      * @throws IllegalArgumentException the specified netmask was not contiguous.
225      * @hide
226      * @deprecated use {@link Inet4AddressUtils#netmaskToPrefixLength(Inet4Address)}
227      */
228     @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
229     @Deprecated
230     public static int netmaskToPrefixLength(Inet4Address netmask) {
231         // This is only here because some apps seem to be using it (@UnsupportedAppUsage).
232         return Inet4AddressUtils.netmaskToPrefixLength(netmask);
233     }
234 
235 
236     /**
237      * Create an InetAddress from a string where the string must be a standard
238      * representation of a V4 or V6 address.  Avoids doing a DNS lookup on failure
239      * but it will throw an IllegalArgumentException in that case.
240      * @param addrString
241      * @return the InetAddress
242      * @hide
243      * @deprecated Use {@link InetAddresses#parseNumericAddress(String)}, if possible.
244      */
245     @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P)
246     @Deprecated
247     public static InetAddress numericToInetAddress(String addrString)
248             throws IllegalArgumentException {
249         return InetAddresses.parseNumericAddress(addrString);
250     }
251 
252     /**
253      * Returns the implicit netmask of an IPv4 address, as was the custom before 1993.
254      */
255     @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
256     public static int getImplicitNetmask(Inet4Address address) {
257         // Only here because it seems to be used by apps
258         return Inet4AddressUtils.getImplicitNetmask(address);
259     }
260 
261     /**
262      * Utility method to parse strings such as "192.0.2.5/24" or "2001:db8::cafe:d00d/64".
263      * @hide
264      */
265     public static Pair<InetAddress, Integer> parseIpAndMask(String ipAndMaskString) {
266         InetAddress address = null;
267         int prefixLength = -1;
268         try {
269             String[] pieces = ipAndMaskString.split("/", 2);
270             prefixLength = Integer.parseInt(pieces[1]);
271             address = InetAddresses.parseNumericAddress(pieces[0]);
272         } catch (NullPointerException e) {            // Null string.
273         } catch (ArrayIndexOutOfBoundsException e) {  // No prefix length.
274         } catch (NumberFormatException e) {           // Non-numeric prefix.
275         } catch (IllegalArgumentException e) {        // Invalid IP address.
276         }
277 
278         if (address == null || prefixLength == -1) {
279             throw new IllegalArgumentException("Invalid IP address and mask " + ipAndMaskString);
280         }
281 
282         return new Pair<InetAddress, Integer>(address, prefixLength);
283     }
284 
285     /**
286      * Utility method to parse strings such as "192.0.2.5/24" or "2001:db8::cafe:d00d/64".
287      * @hide
288      *
289      * @deprecated This method is used only for IpPrefix and LinkAddress. Since Android S, use
290      *             {@link #parseIpAndMask(String)}, if possible.
291      */
292     @Deprecated
293     public static Pair<InetAddress, Integer> legacyParseIpAndMask(String ipAndMaskString) {
294         InetAddress address = null;
295         int prefixLength = -1;
296         try {
297             String[] pieces = ipAndMaskString.split("/", 2);
298             prefixLength = Integer.parseInt(pieces[1]);
299             if (pieces[0] == null || pieces[0].isEmpty()) {
300                 final byte[] bytes = new byte[16];
301                 bytes[15] = 1;
302                 return new Pair<InetAddress, Integer>(Inet6Address.getByAddress(
303                         "ip6-localhost"/* host */, bytes, 0 /* scope_id */), prefixLength);
304             }
305 
306             if (pieces[0].startsWith("[")
307                     && pieces[0].endsWith("]")
308                     && pieces[0].indexOf(':') != -1) {
309                 pieces[0] = pieces[0].substring(1, pieces[0].length() - 1);
310             }
311             address = InetAddresses.parseNumericAddress(pieces[0]);
312         } catch (NullPointerException e) {            // Null string.
313         } catch (ArrayIndexOutOfBoundsException e) {  // No prefix length.
314         } catch (NumberFormatException e) {           // Non-numeric prefix.
315         } catch (IllegalArgumentException e) {        // Invalid IP address.
316         } catch (UnknownHostException e) {            // IP address length is illegal
317         }
318 
319         if (address == null || prefixLength == -1) {
320             throw new IllegalArgumentException("Invalid IP address and mask " + ipAndMaskString);
321         }
322 
323         return new Pair<InetAddress, Integer>(address, prefixLength);
324     }
325 
326     /**
327      * Convert a 32 char hex string into a Inet6Address.
328      * throws a runtime exception if the string isn't 32 chars, isn't hex or can't be
329      * made into an Inet6Address
330      * @param addrHexString a 32 character hex string representing an IPv6 addr
331      * @return addr an InetAddress representation for the string
332      */
333     public static InetAddress hexToInet6Address(String addrHexString)
334             throws IllegalArgumentException {
335         try {
336             return numericToInetAddress(String.format(Locale.US, "%s:%s:%s:%s:%s:%s:%s:%s",
337                     addrHexString.substring(0,4),   addrHexString.substring(4,8),
338                     addrHexString.substring(8,12),  addrHexString.substring(12,16),
339                     addrHexString.substring(16,20), addrHexString.substring(20,24),
340                     addrHexString.substring(24,28), addrHexString.substring(28,32)));
341         } catch (Exception e) {
342             Log.e("NetworkUtils", "error in hexToInet6Address(" + addrHexString + "): " + e);
343             throw new IllegalArgumentException(e);
344         }
345     }
346 
347     /**
348      * Trim leading zeros from IPv4 address strings
349      * Our base libraries will interpret that as octel..
350      * Must leave non v4 addresses and host names alone.
351      * For example, 192.168.000.010 -> 192.168.0.10
352      * TODO - fix base libraries and remove this function
353      * @param addr a string representing an ip addr
354      * @return a string propertly trimmed
355      */
356     @UnsupportedAppUsage
357     public static String trimV4AddrZeros(String addr) {
358         return Inet4AddressUtils.trimAddressZeros(addr);
359     }
360 
361     /**
362      * Returns a prefix set without overlaps.
363      *
364      * This expects the src set to be sorted from shorter to longer. Results are undefined
365      * failing this condition. The returned prefix set is sorted in the same order as the
366      * passed set, with the same comparator.
367      */
368     private static TreeSet<IpPrefix> deduplicatePrefixSet(final TreeSet<IpPrefix> src) {
369         final TreeSet<IpPrefix> dst = new TreeSet<>(src.comparator());
370         // Prefixes match addresses that share their upper part up to their length, therefore
371         // the only kind of possible overlap in two prefixes is strict inclusion of the longer
372         // (more restrictive) in the shorter (including equivalence if they have the same
373         // length).
374         // Because prefixes in the src set are sorted from shorter to longer, deduplicating
375         // is done by simply iterating in order, and not adding any longer prefix that is
376         // already covered by a shorter one.
377         newPrefixes:
378         for (IpPrefix newPrefix : src) {
379             for (IpPrefix existingPrefix : dst) {
380                 if (existingPrefix.containsPrefix(newPrefix)) {
381                     continue newPrefixes;
382                 }
383             }
384             dst.add(newPrefix);
385         }
386         return dst;
387     }
388 
389     /**
390      * Returns how many IPv4 addresses match any of the prefixes in the passed ordered set.
391      *
392      * Obviously this returns an integral value between 0 and 2**32.
393      * The behavior is undefined if any of the prefixes is not an IPv4 prefix or if the
394      * set is not ordered smallest prefix to longer prefix.
395      *
396      * @param prefixes the set of prefixes, ordered by length
397      */
398     public static long routedIPv4AddressCount(final TreeSet<IpPrefix> prefixes) {
399         long routedIPCount = 0;
400         for (final IpPrefix prefix : deduplicatePrefixSet(prefixes)) {
401             if (!prefix.isIPv4()) {
402                 Log.wtf(TAG, "Non-IPv4 prefix in routedIPv4AddressCount");
403             }
404             int rank = 32 - prefix.getPrefixLength();
405             routedIPCount += 1L << rank;
406         }
407         return routedIPCount;
408     }
409 
410     /**
411      * Returns how many IPv6 addresses match any of the prefixes in the passed ordered set.
412      *
413      * This returns a BigInteger between 0 and 2**128.
414      * The behavior is undefined if any of the prefixes is not an IPv6 prefix or if the
415      * set is not ordered smallest prefix to longer prefix.
416      */
417     public static BigInteger routedIPv6AddressCount(final TreeSet<IpPrefix> prefixes) {
418         BigInteger routedIPCount = BigInteger.ZERO;
419         for (final IpPrefix prefix : deduplicatePrefixSet(prefixes)) {
420             if (!prefix.isIPv6()) {
421                 Log.wtf(TAG, "Non-IPv6 prefix in routedIPv6AddressCount");
422             }
423             int rank = 128 - prefix.getPrefixLength();
424             routedIPCount = routedIPCount.add(BigInteger.ONE.shiftLeft(rank));
425         }
426         return routedIPCount;
427     }
428 
429 }
430