1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "open_vpn_ctl.h"
17
18 #include <fstream>
19
20 #include "base64_utils.h"
21 #include "netmanager_base_common_utils.h"
22 #include "netmgr_ext_log_wrapper.h"
23
24 namespace OHOS {
25 namespace NetManagerStandard {
26
OpenvpnCtl(sptr<VpnConfig> config,const std::string & pkg,int32_t userId,std::vector<int32_t> & activeUserIds)27 OpenvpnCtl::OpenvpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId,
28 std::vector<int32_t> &activeUserIds) : NetVpnImpl(config, pkg, userId, activeUserIds)
29 {
30 }
31
SetUp()32 int32_t OpenvpnCtl::SetUp()
33 {
34 UpdateOpenvpnState(OPENVPN_STATE_SETUP);
35 return StartOpenvpn();
36 }
37
StartOpenvpn()38 int32_t OpenvpnCtl::StartOpenvpn()
39 {
40 if (openvpnConfig_ == nullptr) {
41 NETMGR_EXT_LOG_E("StartOpenvpn openvpnConfig_ is null");
42 return NETMANAGER_EXT_ERR_INTERNAL;
43 }
44 UpdateOpenvpnState(OPENVPN_STATE_STARTED);
45 if (!std::filesystem::exists(VPN_PIDDIR) || !std::filesystem::is_directory(VPN_PIDDIR)) {
46 NETMGR_EXT_LOG_E("StartOpenvpn config dir check error.");
47 return NETMANAGER_EXT_ERR_INTERNAL;
48 }
49 NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_OPENVPN_RESTART);
50 return NETMANAGER_EXT_SUCCESS;
51 }
52
NotifyConnectStage(const std::string & stage,const int32_t & result)53 int32_t OpenvpnCtl::NotifyConnectStage(const std::string &stage, const int32_t &result)
54 {
55 if (stage.empty()) {
56 NETMGR_EXT_LOG_E("stage is empty");
57 return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
58 }
59 if (result != NETMANAGER_EXT_SUCCESS) {
60 NETMGR_EXT_LOG_E("vpn stage failed, result: %{public}d", result);
61 return NETMANAGER_EXT_ERR_INTERNAL;
62 }
63 return HandleClientMessage(stage);
64 }
65
SetUpVpnTun()66 int32_t OpenvpnCtl::SetUpVpnTun()
67 {
68 int result = NetVpnImpl::SetUp();
69 if (result != NETMANAGER_EXT_SUCCESS) {
70 NETMGR_EXT_LOG_W("openvpn SetUp failed");
71 StopOpenvpn();
72 UpdateOpenvpnState(OPENVPN_STATE_DISCONNECTED);
73 }
74 NETMGR_EXT_LOG_I("openvpn SetUp %{public}d", result);
75 return result;
76 }
77
HandleClientMessage(const std::string & msg)78 int32_t OpenvpnCtl::HandleClientMessage(const std::string &msg)
79 {
80 int result = NETMANAGER_EXT_SUCCESS;
81 if (msg.empty()) {
82 NETMGR_EXT_LOG_E("msg is empty");
83 return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
84 }
85 NETMGR_EXT_LOG_I("Process Request message: %{public}s", MaskOpenvpnMessage(msg).c_str());
86 if (strstr(msg.c_str(), OPENVPN_NODE_ROOT) != 0) {
87 const char *ret = strstr(msg.c_str(), "{");
88 if (ret == nullptr) {
89 NETMGR_EXT_LOG_E("client message format error");
90 return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
91 }
92 cJSON* message = cJSON_Parse(ret);
93 if (message == nullptr) {
94 NETMGR_EXT_LOG_E("not json string");
95 return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
96 }
97 // is config message
98 cJSON* config = cJSON_GetObjectItem(message, OPENVPN_NODE_CONFIG);
99 if (config != nullptr && cJSON_IsObject(config)) {
100 UpdateConfig(config);
101 }
102 // is state message
103 cJSON* state = cJSON_GetObjectItem(message, OPENVPN_NODE_UPDATE_STATE);
104 if (state != nullptr && cJSON_IsObject(state)) {
105 UpdateState(state);
106 }
107 // is setup message
108 cJSON* vpnSetUp = cJSON_GetObjectItem(message, OPENVPN_NODE_SETUP_VPN_TUN);
109 if (vpnSetUp != nullptr && cJSON_IsObject(vpnSetUp)) {
110 result = SetUpVpnTun();
111 }
112 cJSON_Delete(message);
113 }
114 return result;
115 }
116
UpdateState(cJSON * state)117 void OpenvpnCtl::UpdateState(cJSON* state)
118 {
119 cJSON* updateState = cJSON_GetObjectItem(state, OPENVPN_NODE_STATE);
120 if (updateState != nullptr && cJSON_IsNumber(updateState)) {
121 int32_t openVpnState = static_cast<int32_t>(cJSON_GetNumberValue(updateState));
122 UpdateOpenvpnState(openVpnState);
123 if (openVpnState == OPENVPN_STATE_DISCONNECTED || openVpnState >= OPENVPN_STATE_ERROR_PRIVATE_KEY) {
124 NETMGR_EXT_LOG_I("UpdatesState: %{public}d", openVpnState);
125 StopOpenvpn();
126 }
127 }
128 }
129
UpdateConfig(cJSON * jConfig)130 void OpenvpnCtl::UpdateConfig(cJSON *jConfig)
131 {
132 if (vpnConfig_ == nullptr) {
133 NETMGR_EXT_LOG_E("UpdateConfig vpnConfig_ is null");
134 return;
135 }
136 cJSON *mtu = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_MTU);
137 if (mtu != nullptr && cJSON_IsNumber(mtu)) {
138 int32_t openVpnMtu = static_cast<int32_t>(cJSON_GetNumberValue(mtu));
139 vpnConfig_->mtu_ = openVpnMtu;
140 NETMGR_EXT_LOG_I("UpdateConfig mtu %{public}d", openVpnMtu);
141 }
142 INetAddr iNetAddr;
143 INetAddr destination;
144 INetAddr gateway;
145 Route iRoute;
146 cJSON *address = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_ADDRESS);
147 if (address != nullptr && cJSON_IsString(address)) {
148 std::string openVpnAddress = cJSON_GetStringValue(address);
149 iNetAddr.address_ = openVpnAddress;
150 gateway.address_ = openVpnAddress;
151 destination.address_ = openVpnAddress;
152 }
153 cJSON *netmask = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_NETMASK);
154 if (netmask != nullptr && cJSON_IsString(netmask)) {
155 std::string openVpnNetmask = cJSON_GetStringValue(netmask);
156 iNetAddr.netMask_ = openVpnNetmask;
157 destination.prefixlen_ = CommonUtils::GetMaskLength(openVpnNetmask);
158 NETMGR_EXT_LOG_I("UpdateConfig prefixlen %{public}d", destination.prefixlen_);
159 }
160 vpnConfig_->addresses_.emplace_back(iNetAddr);
161
162 iRoute.iface_ = TUN_CARD_NAME;
163 iRoute.isDefaultRoute_ = true;
164 iRoute.destination_ = destination;
165 iRoute.gateway_ = gateway;
166 vpnConfig_->routes_.emplace_back(iRoute);
167 }
168
UpdateOpenvpnState(const int32_t state)169 void OpenvpnCtl::UpdateOpenvpnState(const int32_t state)
170 {
171 switch (state) {
172 case OPENVPN_STATE_CONNECTED:
173 NotifyConnectState(VpnConnectState::VPN_CONNECTED);
174 break;
175 case OPENVPN_STATE_DISCONNECTED:
176 case OPENVPN_STATE_ERROR_PRIVATE_KEY:
177 case OPENVPN_STATE_ERROR_CLIENT_CRT:
178 case OPENVPN_STATE_ERROR_CA_CAT:
179 case OPENVPN_STATE_ERROR_TIME_OUT:
180 NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
181 break;
182 default:
183 NETMGR_EXT_LOG_E("unknown openvpn state: %{public}d", state);
184 break;
185 }
186 openvpnState_ = state;
187 }
188
GetSysVpnCertUri(const int32_t certType,std::string & certUri)189 int32_t OpenvpnCtl::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
190 {
191 if (openvpnConfig_ == nullptr) {
192 NETMGR_EXT_LOG_E("StartOpenvpn openvpnConfig_ is null");
193 return NETMANAGER_EXT_ERR_INTERNAL;
194 }
195 switch (certType) {
196 case OpenVpnConfigType::OPENVPN_ASKPASS:
197 certUri = openvpnConfig_->askpass_;
198 break;
199 case OpenVpnConfigType::OPENVPN_CONF:
200 certUri = Base64::Decode(openvpnConfig_->ovpnConfig_);
201 if (!certUri.empty() && !openvpnConfig_->askpass_.empty()) {
202 certUri.append(OPENVPN_ASKPASS_PARAM);
203 }
204 break;
205 default:
206 NETMGR_EXT_LOG_E("unknown openvpn config type: %{public}d", certType);
207 break;
208 }
209 return NETMANAGER_EXT_SUCCESS;
210 }
211
IsSystemVpn()212 bool OpenvpnCtl::IsSystemVpn()
213 {
214 return true;
215 }
216
Destroy()217 int32_t OpenvpnCtl::Destroy()
218 {
219 StopOpenvpn();
220 int result = NetVpnImpl::Destroy();
221 NETMGR_EXT_LOG_I("openvpn Destroy result %{public}d}", result);
222 return result;
223 }
224
StopOpenvpn()225 void OpenvpnCtl::StopOpenvpn()
226 {
227 NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_OPENVPN_STOP);
228 UpdateOpenvpnState(OPENVPN_STATE_DISCONNECTED);
229 }
230
GetConnectedSysVpnConfig(sptr<SysVpnConfig> & sysVpnConfig)231 int32_t OpenvpnCtl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)
232 {
233 if (openvpnState_ == OPENVPN_STATE_CONNECTED && openvpnConfig_ != nullptr) {
234 sysVpnConfig = openvpnConfig_;
235 }
236 return NETMANAGER_EXT_SUCCESS;
237 }
238
IsInternalVpn()239 bool OpenvpnCtl::IsInternalVpn()
240 {
241 return true;
242 }
243
MaskOpenvpnMessage(const std::string & msg)244 std::string OpenvpnCtl::MaskOpenvpnMessage(const std::string &msg)
245 {
246 if (msg.empty()) {
247 NETMGR_EXT_LOG_E("msg is empty");
248 return "";
249 }
250 std::string result = msg;
251 size_t addressPos = result.find(OPENVPN_NODE_CONFIG);
252 if (addressPos != std::string::npos) {
253 size_t pos = addressPos + strlen(OPENVPN_NODE_CONFIG);
254 size_t replaceLen = result.size() - pos;
255 if (replaceLen > 0) {
256 result.replace(pos, replaceLen, OPENVPN_MASK_TAG);
257 }
258 return result;
259 }
260
261 return msg;
262 }
263 } // namespace NetManagerStandard
264 } // namespace OHOS