1 // 2 // Copyright (C) 2012 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 18 #define SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 19 20 #include <sys/types.h> 21 22 #include <map> 23 #include <memory> 24 #include <string> 25 #include <vector> 26 27 #include <base/files/file_path.h> 28 #include <gtest/gtest_prod.h> // for FRIEND_TEST 29 30 #include "shill/ipconfig.h" 31 #include "shill/rpc_task.h" 32 #include "shill/service.h" 33 #include "shill/vpn/vpn_driver.h" 34 35 namespace shill { 36 37 class CertificateFile; 38 class ControlInterface; 39 class DeviceInfo; 40 class ExternalTask; 41 class Metrics; 42 class PPPDeviceFactory; 43 class ProcessManager; 44 45 class L2TPIPSecDriver : public VPNDriver, 46 public RPCTaskDelegate { 47 public: 48 L2TPIPSecDriver(ControlInterface* control, 49 EventDispatcher* dispatcher, 50 Metrics* metrics, 51 Manager* manager, 52 DeviceInfo* device_info, 53 ProcessManager* process_manager); 54 ~L2TPIPSecDriver() override; 55 56 // Method to return service RPC identifier. 57 std::string GetServiceRpcIdentifier(); 58 59 protected: 60 // Inherited from VPNDriver. 61 bool ClaimInterface(const std::string& link_name, 62 int interface_index) override; 63 void Connect(const VPNServiceRefPtr& service, Error* error) override; 64 void Disconnect() override; 65 std::string GetProviderType() const override; 66 void OnConnectionDisconnected() override; 67 void OnConnectTimeout() override; 68 69 private: 70 friend class L2TPIPSecDriverTest; 71 FRIEND_TEST(L2TPIPSecDriverTest, AppendFlag); 72 FRIEND_TEST(L2TPIPSecDriverTest, AppendValueOption); 73 FRIEND_TEST(L2TPIPSecDriverTest, Cleanup); 74 FRIEND_TEST(L2TPIPSecDriverTest, Connect); 75 FRIEND_TEST(L2TPIPSecDriverTest, DeleteTemporaryFiles); 76 FRIEND_TEST(L2TPIPSecDriverTest, Disconnect); 77 FRIEND_TEST(L2TPIPSecDriverTest, GetLogin); 78 FRIEND_TEST(L2TPIPSecDriverTest, InitEnvironment); 79 FRIEND_TEST(L2TPIPSecDriverTest, InitOptions); 80 FRIEND_TEST(L2TPIPSecDriverTest, InitOptionsNoHost); 81 FRIEND_TEST(L2TPIPSecDriverTest, InitPEMOptions); 82 FRIEND_TEST(L2TPIPSecDriverTest, InitPSKOptions); 83 FRIEND_TEST(L2TPIPSecDriverTest, InitXauthOptions); 84 FRIEND_TEST(L2TPIPSecDriverTest, Notify); 85 FRIEND_TEST(L2TPIPSecDriverTest, NotifyWithExistingDevice); 86 FRIEND_TEST(L2TPIPSecDriverTest, NotifyDisconnected); 87 FRIEND_TEST(L2TPIPSecDriverTest, OnConnectionDisconnected); 88 FRIEND_TEST(L2TPIPSecDriverTest, OnL2TPIPSecVPNDied); 89 FRIEND_TEST(L2TPIPSecDriverTest, ParseIPConfiguration); 90 FRIEND_TEST(L2TPIPSecDriverTest, SpawnL2TPIPSecVPN); 91 92 static const char kL2TPIPSecVPNPath[]; 93 static const Property kProperties[]; 94 95 bool SpawnL2TPIPSecVPN(Error* error); 96 97 bool InitOptions(std::vector<std::string>* options, Error* error); 98 bool InitPSKOptions(std::vector<std::string>* options, Error* error); 99 bool InitPEMOptions(std::vector<std::string>* options); 100 bool InitXauthOptions(std::vector<std::string>* options, Error* error); 101 102 // Resets the VPN state and deallocates all resources. If there's a service 103 // associated through Connect, sets its state to Service::kStateIdle and 104 // disassociates from the service. 105 void IdleService(); 106 107 // Resets the VPN state and deallocates all resources. If there's a service 108 // associated through Connect, sets its state to Service::kStateFailure with 109 // failure reason |failure| and disassociates from the service. 110 void FailService(Service::ConnectFailure failure); 111 112 // Implements the IdleService and FailService methods. Resets the VPN state 113 // and deallocates all resources. If there's a service associated through 114 // Connect, sets its state |state|; if |state| is Service::kStateFailure, sets 115 // the failure reason to |failure|; disassociates from the service. 116 void Cleanup(Service::ConnectState state, Service::ConnectFailure failure); 117 118 void DeleteTemporaryFile(base::FilePath* temporary_file); 119 void DeleteTemporaryFiles(); 120 121 // Returns true if an opton was appended. 122 bool AppendValueOption(const std::string& property, 123 const std::string& option, 124 std::vector<std::string>* options); 125 126 // Returns true if a flag was appended. 127 bool AppendFlag(const std::string& property, 128 const std::string& true_option, 129 const std::string& false_option, 130 std::vector<std::string>* options); 131 132 static Service::ConnectFailure TranslateExitStatusToFailure(int status); 133 134 // Returns true if neither a PSK nor a client certificate has been provided 135 // for the IPSec phase of the authentication process. 136 bool IsPskRequired() const; 137 138 // Inherit from VPNDriver to add custom properties. 139 KeyValueStore GetProvider(Error* error) override; 140 141 // Implements RPCTaskDelegate. 142 void GetLogin(std::string* user, std::string* password) override; 143 void Notify(const std::string& reason, 144 const std::map<std::string, std::string>& dict) override; 145 // Called when the l2tpipsec_vpn process exits. 146 void OnL2TPIPSecVPNDied(pid_t pid, int status); 147 148 void ReportConnectionMetrics(); 149 150 ControlInterface* control_; 151 Metrics* metrics_; 152 DeviceInfo* device_info_; 153 ProcessManager* process_manager_; 154 PPPDeviceFactory* ppp_device_factory_; 155 156 VPNServiceRefPtr service_; 157 std::unique_ptr<ExternalTask> external_task_; 158 base::FilePath psk_file_; 159 base::FilePath xauth_credentials_file_; 160 std::unique_ptr<CertificateFile> certificate_file_; 161 PPPDeviceRefPtr device_; 162 base::WeakPtrFactory<L2TPIPSecDriver> weak_ptr_factory_; 163 164 DISALLOW_COPY_AND_ASSIGN(L2TPIPSecDriver); 165 }; 166 167 } // namespace shill 168 169 #endif // SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 170