• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NETSYS_DNS_PARAM_CACHE_H
17 #define NETSYS_DNS_PARAM_CACHE_H
18 
19 #include <iostream>
20 #include <map>
21 
22 #include "ffrt.h"
23 #include "dns_resolv_config.h"
24 #include "netnative_log_wrapper.h"
25 #include "uid_range.h"
26 #ifdef FEATURE_NET_FIREWALL_ENABLE
27 #include "netfirewall_parcel.h"
28 #include "i_netfirewall_callback.h"
29 #include "suffix_match_trie.h"
30 #include <unordered_map>
31 #endif
32 #if DNS_CONFIG_DEBUG
33 #ifdef DNS_CONFIG_PRINT
34 #undef DNS_CONFIG_PRINT
35 #endif
36 #define DNS_CONFIG_PRINT(fmt, ...) NETNATIVE_LOGI("DNS" fmt, ##__VA_ARGS__)
37 #else
38 #define DNS_CONFIG_PRINT(fmt, ...)
39 #endif
40 
41 namespace OHOS::nmd {
42 #ifdef FEATURE_NET_FIREWALL_ENABLE
43 using namespace OHOS::NetManagerStandard;
44 #endif
45 class DnsParamCache {
46 public:
47     ~DnsParamCache() = default;
48 
49     static DnsParamCache &GetInstance();
50 
51     // for net_conn_service
52     int32_t SetResolverConfig(uint16_t netId, uint16_t baseTimeoutMsec, uint8_t retryCount,
53                               const std::vector<std::string> &servers, const std::vector<std::string> &domains);
54 
55     int32_t CreateCacheForNet(uint16_t netId, bool isVpnNet = false);
56 
57     void SetDefaultNetwork(uint16_t netId);
58 
59     // for client
60     void SetDnsCache(uint16_t netId, const std::string &hostName, const AddrInfo &addrInfo);
61 
62     void SetCacheDelayed(uint16_t netId, const std::string &hostName);
63 
64     std::vector<AddrInfo> GetDnsCache(uint16_t netId, const std::string &hostName);
65 
66     int32_t GetResolverConfig(uint16_t netId, std::vector<std::string> &servers, std::vector<std::string> &domains,
67                               uint16_t &baseTimeoutMsec, uint8_t &retryCount);
68 
69     int32_t GetResolverConfig(uint16_t netId, uint32_t uid, std::vector<std::string> &servers,
70                               std::vector<std::string> &domains, uint16_t &baseTimeoutMsec, uint8_t &retryCount);
71 
72     int32_t GetDefaultNetwork() const;
73 
74     void GetDumpInfo(std::string &info);
75 
76     int32_t DestroyNetworkCache(uint16_t netId, bool isVpnNet = false);
77 
78     bool IsIpv6Enable(uint16_t netId);
79 
80     void EnableIpv6(uint16_t netId);
81 
82     int32_t AddUidRange(uint32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges);
83 
84     int32_t DelUidRange(uint32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges);
85 
86     bool IsVpnOpen() const;
87 
88 #ifdef FEATURE_NET_FIREWALL_ENABLE
89     int32_t SetFirewallDefaultAction(FirewallRuleAction inDefault, FirewallRuleAction outDefault);
90 
91     int32_t SetFirewallCurrentUserId(int32_t userId);
92 
93     void ClearAllDnsCache();
94 
95     int32_t SetFirewallRules(NetFirewallRuleType type, const std::vector<sptr<NetFirewallBaseRule>> &ruleList,
96                              bool isFinish);
97 
98     int32_t ClearFirewallRules(NetFirewallRuleType type);
99 
SetCallingUid(uint32_t callingUid)100     void SetCallingUid(uint32_t callingUid)
101     {
102         callingUid_ = callingUid;
103     }
104 
GetCallingUid()105     uint32_t GetCallingUid()
106     {
107         return callingUid_;
108     }
109 
110     int32_t RegisterNetFirewallCallback(const sptr<NetsysNative::INetFirewallCallback> &callback);
111 
112     int32_t UnRegisterNetFirewallCallback(const sptr<NetsysNative::INetFirewallCallback> &callback);
113 #endif
114     int32_t SetUserDefinedServerFlag(uint16_t netId, bool flag);
115 
116     int32_t GetUserDefinedServerFlag(uint16_t netId, bool &flag);
117 
118     int32_t GetUserDefinedServerFlag(uint16_t netId, bool &flag, uint32_t uid);
119 
120 private:
121     DnsParamCache();
122 
123     std::vector<NetManagerStandard::UidRange> vpnUidRanges_;
124 
125     int32_t vpnNetId_;
126 
127     ffrt::mutex cacheMutex_;
128 
129     ffrt::mutex uidRangeMutex_;
130 
131     std::atomic_uint defaultNetId_;
132 
133     std::map<uint16_t, DnsResolvConfig> serverConfigMap_;
134 
135     static std::vector<std::string> SelectNameservers(const std::vector<std::string> &servers);
136 
137 #ifdef FEATURE_NET_FIREWALL_ENABLE
138     int32_t GetUserId(int32_t appUid);
139 
140     bool GetDnsServersByAppUid(int32_t appUid, std::vector<std::string> &servers);
141 
142     void BuildFirewallDomainLsmTrie(const sptr<NetFirewallDomainRule> &rule, const std::string &domain);
143 
144     void BuildFirewallDomainMap(const sptr<NetFirewallDomainRule> &rule, const std::string &domain);
145 
146     int32_t SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> &ruleList);
147 
148     int32_t SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> &ruleList);
149 
150     FirewallRuleAction GetFirewallRuleAction(int32_t appUid, const std::vector<sptr<NetFirewallDomainRule>> &rules);
151 
152     bool checkEmpty4InterceptDomain(const std::string &hostName);
153 
154     bool IsInterceptDomain(int32_t appUid, const std::string &host, bool &isMatchAllow);
155 
156     void NotifyDomianIntercept(int32_t appUid, const std::string &host);
157 
158     std::vector<sptr<NetFirewallDomainRule>> firewallDomainRules_;
159 
160     std::vector<sptr<NetFirewallDnsRule>> firewallDnsRules_;
161 
162     sptr<NetManagerStandard::InterceptRecord> oldRecord_ = nullptr;
163 
164     std::unordered_map<int32_t, std::vector<sptr<NetFirewallDnsRule>>> netFirewallDnsRuleMap_;
165 
166     std::unordered_map<std::string, std::vector<sptr<NetFirewallDomainRule>>> netFirewallDomainRulesAllowMap_;
167 
168     std::unordered_map<std::string, std::vector<sptr<NetFirewallDomainRule>>> netFirewallDomainRulesDenyMap_;
169 
170     std::shared_ptr<NetManagerStandard::SuffixMatchTrie<std::vector<sptr<NetFirewallDomainRule>>>> domainAllowLsmTrie_ =
171         nullptr;
172 
173     std::shared_ptr<NetManagerStandard::SuffixMatchTrie<std::vector<sptr<NetFirewallDomainRule>>>> domainDenyLsmTrie_ =
174         nullptr;
175 
176     uint32_t callingUid_;
177 
178     int32_t currentUserId_ = 0;
179 
180     std::vector<sptr<NetsysNative::INetFirewallCallback>> callbacks_;
181 
182     FirewallRuleAction firewallDefaultAction_ = FirewallRuleAction::RULE_INVALID;
183 #endif
184 };
185 } // namespace OHOS::nmd
186 #endif // NETSYS_DNS_PARAM_CACHE_H
187