1 // 2 // Copyright (C) 2014 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef SHILL_VPN_THIRD_PARTY_VPN_DRIVER_H_ 18 #define SHILL_VPN_THIRD_PARTY_VPN_DRIVER_H_ 19 20 #include <map> 21 #include <set> 22 #include <string> 23 #include <vector> 24 25 #include <base/callback.h> 26 #include <base/memory/scoped_ptr.h> 27 #include <gtest/gtest_prod.h> 28 29 #include "shill/ipconfig.h" 30 #include "shill/net/io_handler.h" 31 #include "shill/refptr_types.h" 32 #include "shill/service.h" 33 #include "shill/vpn/vpn_driver.h" 34 35 namespace shill { 36 37 class ControlInterface; 38 class DeviceInfo; 39 class Error; 40 class FileIO; 41 class Metrics; 42 class ThirdPartyVpnAdaptorInterface; 43 44 class ThirdPartyVpnDriver : public VPNDriver { 45 public: 46 enum PlatformMessage { 47 kConnected = 1, 48 kDisconnected, 49 kError 50 }; 51 52 ThirdPartyVpnDriver(ControlInterface* control, EventDispatcher* dispatcher, 53 Metrics* metrics, Manager* manager, 54 DeviceInfo* device_info); 55 ~ThirdPartyVpnDriver() override; 56 57 // UpdateConnectionState is called by DBus adaptor when 58 // "UpdateConnectionState" method is called on the DBus interface. 59 void UpdateConnectionState(Service::ConnectState connection_state, 60 std::string* error_message); 61 62 // SendPacket is called by the DBus adaptor when "SendPacket" method is called 63 // on the DBus interface. 64 void SendPacket(const std::vector<uint8_t>& data, std::string* error_message); 65 66 // SetParameters is called by the DBus adaptor when "SetParameter" method is 67 // called on the DBus interface. 68 void SetParameters(const std::map<std::string, std::string>& parameters, 69 std::string* error_message, std::string* warning_message); 70 71 void ClearExtensionId(Error* error); 72 bool SetExtensionId(const std::string& value, Error* error); 73 74 // Implementation of VPNDriver 75 void InitPropertyStore(PropertyStore* store) override; 76 bool ClaimInterface(const std::string& link_name, 77 int interface_index) override; 78 void Connect(const VPNServiceRefPtr& service, Error* error) override; 79 std::string GetProviderType() const override; 80 void Disconnect() override; 81 void OnConnectionDisconnected() override; 82 bool Load(StoreInterface* storage, const std::string& storage_id) override; 83 bool Save(StoreInterface* storage, const std::string& storage_id, 84 bool save_credentials) override; 85 object_path_suffix()86 const std::string& object_path_suffix() const { return object_path_suffix_; } 87 88 protected: 89 void OnConnectTimeout() override; 90 91 private: 92 friend class ThirdPartyVpnDriverTest; 93 FRIEND_TEST(ThirdPartyVpnDriverTest, ConnectAndDisconnect); 94 FRIEND_TEST(ThirdPartyVpnDriverTest, SetParameters); 95 FRIEND_TEST(ThirdPartyVpnDriverTest, UpdateConnectionState); 96 FRIEND_TEST(ThirdPartyVpnDriverTest, SendPacket); 97 98 // Implements the public IdleService and FailService methods. Resets the VPN 99 // state and deallocates all resources. If there's a service associated 100 // through Connect, sets its state |state|; if |state| is 101 // Service::kStateFailure, sets the failure reason to |failure| and its 102 // ErrorDetails property to |error_details|; disassociates from the service. 103 // Closes the handle to tun device, IO handler if open and deactivates itself 104 // with the |thirdpartyvpn_adaptor_| if active. 105 void Cleanup(Service::ConnectState state, Service::ConnectFailure failure, 106 const std::string& error_details); 107 108 // This function first checks if a value is present for a particular |key| in 109 // the dictionary |parameters|. 110 // If present it ensures the value is a valid IP address and then sets it to 111 // the |target|. 112 // The flag |mandatory| when set to true, makes the function treat a missing 113 // key as an error. The function adds to |error_messages|, when there is a 114 // failure. 115 // This function supports only IPV4 addresses now. 116 void ProcessIp(const std::map<std::string, std::string>& parameters, 117 const char* key, std::string* target, bool mandatory, 118 std::string* error_message); 119 120 // This function first checks if a value is present for a particular |key| in 121 // the dictionary |parameters|. 122 // If present it treats the value as a list of string separated by 123 // |delimiter|. Each string value is verified to be a valid IP address, 124 // deleting ones that are not. The list of string is set to |target|. 125 // The flag |mandatory| when set to true, makes the function treat a missing 126 // key as an error. The function adds to |error_message|, when there is a 127 // failure and |warn_message| when there is a warning. 128 void ProcessIPArray( 129 const std::map<std::string, std::string>& parameters, const char* key, 130 char delimiter, std::vector<std::string>* target, bool mandatory, 131 std::string* error_message, std::string* warn_message); 132 133 // This function first checks if a value is present for a particular |key| in 134 // the dictionary |parameters|. 135 // If present it treats the value as a list of string separated by 136 // |delimiter|. Each string value is verified to be a valid IP address in 137 // CIDR format, deleting ones that are not. The list of string is set to 138 // |target|. The flag |mandatory| when set to true, makes the function treat a 139 // missing key as an error. The function adds to |error_message|, when there 140 // is a failure and |warn_message| when there is a warning. 141 void ProcessIPArrayCIDR( 142 const std::map<std::string, std::string>& parameters, const char* key, 143 char delimiter, std::vector<std::string>* target, bool mandatory, 144 std::string* error_message, std::string* warn_message); 145 146 // This function first checks if a value is present for a particular |key| in 147 // the dictionary |parameters|. 148 // If present it treats the value as a list of string separated by 149 // |delimiter|. The list of string is set to |target|. 150 // The flag |mandatory| when set to true, makes the function treat a missing 151 // key as an error. The function adds to |error_messages|, when there is a 152 // failure. 153 void ProcessSearchDomainArray( 154 const std::map<std::string, std::string>& parameters, const char* key, 155 char delimiter, std::vector<std::string>* target, bool mandatory, 156 std::string* error_message); 157 158 // This function first checks if a value is present for a particular |key| in 159 // the dictionary |parameters|. 160 // If present it treats the value as an integer and verifies if the value lies 161 // between |min_value| and |max_value|. It then updates |target| with the 162 // integer value if it is in range. 163 // The flag |mandatory| when set to true, makes the function treat a missing 164 // key as an error. The function adds to |error_messages|, when there is a 165 // failure. 166 void ProcessInt32(const std::map<std::string, std::string>& parameters, 167 const char* key, int32_t* target, int32_t min_value, 168 int32_t max_value, bool mandatory, 169 std::string* error_message); 170 171 // These functions are called whe there is input and error in the tun 172 // interface. 173 void OnInput(InputData* data); 174 void OnInputError(const std::string& error); 175 176 static const Property kProperties[]; 177 178 // This variable keeps track of the active instance. There can be multiple 179 // instance of this class at a time but only one would be active that can 180 // communicate with the VPN client over DBUS. 181 static ThirdPartyVpnDriver* active_client_; 182 183 ControlInterface* control_; 184 EventDispatcher* dispatcher_; 185 Metrics* metrics_; 186 DeviceInfo* device_info_; 187 188 // ThirdPartyVpnAdaptorInterface manages the DBus communication and provides 189 // an unique identifier for the ThirdPartyVpnDriver. 190 std::unique_ptr<ThirdPartyVpnAdaptorInterface> adaptor_interface_; 191 192 // Object path suffix is made of Extension ID and name that collectively 193 // identifies the configuration of the third party VPN client. 194 std::string object_path_suffix_; 195 196 // File descriptor for the tun device. 197 int tun_fd_; 198 199 // A pointer to the VPN service. 200 VPNServiceRefPtr service_; 201 202 // Name of the tunnel interface clone. 203 std::string tunnel_interface_; 204 205 // A pointer to the virtual VPN device created on connect. 206 VirtualDeviceRefPtr device_; 207 208 // Configuration properties of the virtual VPN device set by the VPN client. 209 IPConfig::Properties ip_properties_; 210 211 // IO handler triggered when there is an error or data ready for read in the 212 // tun device. 213 std::unique_ptr<IOHandler> io_handler_; 214 215 // The object is used to write to tun device. 216 FileIO* file_io_; 217 218 // Set used to identify duplicate entries in inclusion and exclusion list. 219 std::set<std::string> known_cidrs_; 220 221 // The boolean indicates if parameters are expected from the VPN client. 222 bool parameters_expected_; 223 224 DISALLOW_COPY_AND_ASSIGN(ThirdPartyVpnDriver); 225 }; 226 227 } // namespace shill 228 229 #endif // SHILL_VPN_THIRD_PARTY_VPN_DRIVER_H_ 230