• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NETSYS_DNS_PARAM_CACHE_H
17 #define NETSYS_DNS_PARAM_CACHE_H
18 
19 #include <iostream>
20 #include <map>
21 
22 #include "ffrt.h"
23 #include "dns_resolv_config.h"
24 #include "netnative_log_wrapper.h"
25 #include "uid_range.h"
26 #ifdef FEATURE_NET_FIREWALL_ENABLE
27 #include "netfirewall_parcel.h"
28 #include "i_netfirewall_callback.h"
29 #include "suffix_match_trie.h"
30 #include <unordered_map>
31 #endif
32 
33 namespace OHOS::nmd {
34 #ifdef FEATURE_NET_FIREWALL_ENABLE
35 using namespace OHOS::NetManagerStandard;
36 #endif
37 class DnsParamCache {
38 public:
39     ~DnsParamCache() = default;
40 
41     static DnsParamCache &GetInstance();
42 
43     // for net_conn_service
44     int32_t SetResolverConfig(uint16_t netId, uint16_t baseTimeoutMsec, uint8_t retryCount,
45                               const std::vector<std::string> &servers, const std::vector<std::string> &domains);
46 
47     int32_t CreateCacheForNet(uint16_t netId, bool isVpnNet = false);
48 
49     void SetDefaultNetwork(uint16_t netId);
50 
51     // for client
52     void SetDnsCache(uint16_t netId, const std::string &hostName, const AddrInfo &addrInfo);
53 
54     void SetCacheDelayed(uint16_t netId, const std::string &hostName);
55 
56     std::vector<AddrInfo> GetDnsCache(uint16_t netId, const std::string &hostName);
57 
58     int32_t GetResolverConfig(uint16_t netId, std::vector<std::string> &servers, std::vector<std::string> &domains,
59                               uint16_t &baseTimeoutMsec, uint8_t &retryCount);
60 
61     int32_t GetResolverConfig(uint16_t netId, uint32_t uid, std::vector<std::string> &servers,
62                               std::vector<std::string> &domains, uint16_t &baseTimeoutMsec, uint8_t &retryCount);
63 
64     int32_t GetDefaultNetwork() const;
65 
66     void GetDumpInfo(std::string &info);
67 
68     int32_t DestroyNetworkCache(uint16_t netId, bool isVpnNet = false);
69 
70     bool IsIpv6Enable(uint16_t netId);
71 
72     void EnableIpv6(uint16_t netId);
73 
74     int32_t AddUidRange(uint32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges);
75 
76     int32_t DelUidRange(uint32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges);
77 
78     bool IsVpnOpen() const;
79 
80 #ifdef FEATURE_NET_FIREWALL_ENABLE
81     int32_t SetFirewallDefaultAction(FirewallRuleAction inDefault, FirewallRuleAction outDefault);
82 
83     int32_t SetFirewallCurrentUserId(int32_t userId);
84 
85     void ClearAllDnsCache();
86 
87     int32_t SetFirewallRules(NetFirewallRuleType type, const std::vector<sptr<NetFirewallBaseRule>> &ruleList,
88                              bool isFinish);
89 
90     int32_t ClearFirewallRules(NetFirewallRuleType type);
91 
SetCallingUid(uint32_t callingUid)92     void SetCallingUid(uint32_t callingUid)
93     {
94         callingUid_ = callingUid;
95     }
96 
GetCallingUid()97     uint32_t GetCallingUid()
98     {
99         return callingUid_;
100     }
101 
102     int32_t RegisterNetFirewallCallback(const sptr<NetsysNative::INetFirewallCallback> &callback);
103 
104     int32_t UnRegisterNetFirewallCallback(const sptr<NetsysNative::INetFirewallCallback> &callback);
105 #endif
106     int32_t SetUserDefinedServerFlag(uint16_t netId, bool flag);
107 
108     int32_t GetUserDefinedServerFlag(uint16_t netId, bool &flag);
109 
110     int32_t GetUserDefinedServerFlag(uint16_t netId, bool &flag, uint32_t uid);
111 
112     bool IsUseVpnDns(uint32_t uid);
113 
114     int32_t FlushDnsCache(uint16_t netId);
115 
116 private:
117     DnsParamCache();
118 
119     std::vector<NetManagerStandard::UidRange> vpnUidRanges_;
120 
121     int32_t vpnNetId_;
122 
123     ffrt::mutex cacheMutex_;
124 
125     ffrt::mutex uidRangeMutex_;
126 
127     std::atomic_uint defaultNetId_;
128 
129     std::map<uint16_t, DnsResolvConfig> serverConfigMap_;
130 
131     static std::vector<std::string> SelectNameservers(const std::vector<std::string> &servers);
132 
133 #ifdef FEATURE_NET_FIREWALL_ENABLE
134     int32_t GetUserId(int32_t appUid);
135 
136     bool GetDnsServersByAppUid(int32_t appUid, std::vector<std::string> &servers);
137 
138     void BuildFirewallDomainLsmTrie(const sptr<NetFirewallDomainRule> &rule, const std::string &domain);
139 
140     void BuildFirewallDomainMap(const sptr<NetFirewallDomainRule> &rule, const std::string &domain);
141 
142     int32_t SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> &ruleList);
143 
144     int32_t SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> &ruleList);
145 
146     FirewallRuleAction GetFirewallRuleAction(int32_t appUid, const std::vector<sptr<NetFirewallDomainRule>> &rules);
147 
148     bool checkEmpty4InterceptDomain(const std::string &hostName);
149 
150     bool IsInterceptDomain(int32_t appUid, const std::string &host, bool &isMatchAllow);
151 
152     void NotifyDomianIntercept(int32_t appUid, const std::string &host);
153 
154     std::vector<sptr<NetFirewallDomainRule>> firewallDomainRules_;
155 
156     std::vector<sptr<NetFirewallDnsRule>> firewallDnsRules_;
157 
158     sptr<NetManagerStandard::InterceptRecord> oldRecord_ = nullptr;
159 
160     std::unordered_map<int32_t, std::vector<sptr<NetFirewallDnsRule>>> netFirewallDnsRuleMap_;
161 
162     std::unordered_map<std::string, std::vector<sptr<NetFirewallDomainRule>>> netFirewallDomainRulesAllowMap_;
163 
164     std::unordered_map<std::string, std::vector<sptr<NetFirewallDomainRule>>> netFirewallDomainRulesDenyMap_;
165 
166     std::shared_ptr<NetManagerStandard::SuffixMatchTrie<std::vector<sptr<NetFirewallDomainRule>>>> domainAllowLsmTrie_ =
167         nullptr;
168 
169     std::shared_ptr<NetManagerStandard::SuffixMatchTrie<std::vector<sptr<NetFirewallDomainRule>>>> domainDenyLsmTrie_ =
170         nullptr;
171 
172     uint32_t callingUid_;
173 
174     int32_t currentUserId_ = 0;
175 
176     std::vector<sptr<NetsysNative::INetFirewallCallback>> callbacks_;
177 
178     FirewallRuleAction firewallDefaultAction_ = FirewallRuleAction::RULE_INVALID;
179 #endif
180 };
181 } // namespace OHOS::nmd
182 #endif // NETSYS_DNS_PARAM_CACHE_H
183