772a96f6957b8c358b42d80ca91c5b5d8c59bf32
[strongswan.git] / src / frontends / android / jni / libandroidbridge / charonservice.c
1 /*
2 * Copyright (C) 2012 Giuliano Grassi
3 * Copyright (C) 2012 Ralf Sager
4 * Copyright (C) 2012 Tobias Brunner
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <signal.h>
19 #include <string.h>
20 #include <android/log.h>
21
22 #include "charonservice.h"
23 #include "android_jni.h"
24 #include "backend/android_creds.h"
25 #include "backend/android_service.h"
26 #include "kernel/android_ipsec.h"
27 #include "kernel/android_net.h"
28
29 #include <daemon.h>
30 #include <hydra.h>
31 #include <ipsec.h>
32 #include <library.h>
33 #include <threading/thread.h>
34
35 #define ANDROID_DEBUG_LEVEL 1
36
37 typedef struct private_charonservice_t private_charonservice_t;
38
39 /**
40 * private data of charonservice
41 */
42 struct private_charonservice_t {
43
44 /**
45 * public interface
46 */
47 charonservice_t public;
48
49 /**
50 * android_creds instance
51 */
52 android_creds_t *creds;
53
54 /**
55 * android_service instance
56 */
57 android_service_t *service;
58
59 /**
60 * VpnService builder (accessed via JNI)
61 */
62 vpnservice_builder_t *builder;
63
64 /**
65 * CharonVpnService reference
66 */
67 jobject vpn_service;
68 };
69
70 /**
71 * Single instance of charonservice_t.
72 */
73 charonservice_t *charonservice;
74
75 /**
76 * hook in library for debugging messages
77 */
78 extern void (*dbg)(debug_t group, level_t level, char *fmt, ...);
79
80 /**
81 * Logging hook for library logs, using android specific logging
82 */
83 static void dbg_android(debug_t group, level_t level, char *fmt, ...)
84 {
85 va_list args;
86
87 if (level <= ANDROID_DEBUG_LEVEL)
88 {
89 char sgroup[16], buffer[8192];
90 char *current = buffer, *next;
91
92 snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group);
93 va_start(args, fmt);
94 vsnprintf(buffer, sizeof(buffer), fmt, args);
95 va_end(args);
96 while (current)
97 { /* log each line separately */
98 next = strchr(current, '\n');
99 if (next)
100 {
101 *(next++) = '\0';
102 }
103 __android_log_print(ANDROID_LOG_INFO, "charon", "00[%s] %s\n",
104 sgroup, current);
105 current = next;
106 }
107 }
108 }
109
110 METHOD(charonservice_t, update_status, bool,
111 private_charonservice_t *this, android_vpn_state_t code)
112 {
113 JNIEnv *env;
114 jmethodID method_id;
115 bool success = FALSE;
116
117 androidjni_attach_thread(&env);
118
119 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
120 "updateStatus", "(I)V");
121 if (!method_id)
122 {
123 goto failed;
124 }
125 (*env)->CallVoidMethod(env, this->vpn_service, method_id, (jint)code);
126 success = !androidjni_exception_occurred(env);
127
128 failed:
129 androidjni_exception_occurred(env);
130 androidjni_detach_thread();
131 return success;
132 }
133
134 METHOD(charonservice_t, bypass_socket, bool,
135 private_charonservice_t *this, int fd, int family)
136 {
137 JNIEnv *env;
138 jmethodID method_id;
139
140 androidjni_attach_thread(&env);
141
142 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
143 "protect", "(I)Z");
144 if (!method_id)
145 {
146 goto failed;
147 }
148 if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd))
149 {
150 DBG1(DBG_CFG, "VpnService.protect() failed");
151 goto failed;
152 }
153 androidjni_detach_thread();
154 return TRUE;
155
156 failed:
157 androidjni_exception_occurred(env);
158 androidjni_detach_thread();
159 return FALSE;
160 }
161
162 METHOD(charonservice_t, get_trusted_certificates, linked_list_t*,
163 private_charonservice_t *this)
164 {
165 JNIEnv *env;
166 jmethodID method_id;
167 jobjectArray jcerts;
168 linked_list_t *list;
169 jsize i;
170
171 androidjni_attach_thread(&env);
172
173 method_id = (*env)->GetMethodID(env,
174 android_charonvpnservice_class,
175 "getTrustedCertificates", "(Ljava/lang/String;)[[B");
176 if (!method_id)
177 {
178 goto failed;
179 }
180 jcerts = (*env)->CallObjectMethod(env, this->vpn_service, method_id, NULL);
181 if (!jcerts)
182 {
183 goto failed;
184 }
185 list = linked_list_create();
186 for (i = 0; i < (*env)->GetArrayLength(env, jcerts); ++i)
187 {
188 chunk_t *ca_cert;
189 jbyteArray jcert;
190
191 ca_cert = malloc_thing(chunk_t);
192 list->insert_last(list, ca_cert);
193
194 jcert = (*env)->GetObjectArrayElement(env, jcerts, i);
195 *ca_cert = chunk_alloc((*env)->GetArrayLength(env, jcert));
196 (*env)->GetByteArrayRegion(env, jcert, 0, ca_cert->len, ca_cert->ptr);
197 (*env)->DeleteLocalRef(env, jcert);
198 }
199 (*env)->DeleteLocalRef(env, jcerts);
200 androidjni_detach_thread();
201 return list;
202
203 failed:
204 androidjni_exception_occurred(env);
205 androidjni_detach_thread();
206 return NULL;
207 }
208
209 METHOD(charonservice_t, get_vpnservice_builder, vpnservice_builder_t*,
210 private_charonservice_t *this)
211 {
212 return this->builder;
213 }
214
215 /**
216 * Initiate a new connection
217 *
218 * @param local local ip address (gets owned)
219 * @param gateway gateway address (gets owned)
220 * @param username username (gets owned)
221 * @param password password (gets owned)
222 */
223 static void initiate(char *local, char *gateway, char *username, char *password)
224 {
225 private_charonservice_t *this = (private_charonservice_t*)charonservice;
226
227 this->creds->clear(this->creds);
228 this->creds->add_username_password(this->creds, username, password);
229 memwipe(password, strlen(password));
230 free(password);
231
232 DESTROY_IF(this->service);
233 this->service = android_service_create(local, gateway, username);
234 }
235
236 /**
237 * Initialize/deinitialize Android backend
238 */
239 static bool charonservice_register(void *plugin, plugin_feature_t *feature,
240 bool reg, void *data)
241 {
242 private_charonservice_t *this = (private_charonservice_t*)charonservice;
243 if (reg)
244 {
245 lib->credmgr->add_set(lib->credmgr, &this->creds->set);
246 }
247 else
248 {
249 lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
250 if (this->service)
251 {
252 this->service->destroy(this->service);
253 this->service = NULL;
254 }
255 }
256 return TRUE;
257 }
258
259 /**
260 * Initialize the charonservice object
261 */
262 static void charonservice_init(JNIEnv *env, jobject service, jobject builder)
263 {
264 private_charonservice_t *this;
265 static plugin_feature_t features[] = {
266 PLUGIN_CALLBACK(kernel_net_register, kernel_android_net_create),
267 PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
268 PLUGIN_CALLBACK(kernel_ipsec_register, kernel_android_ipsec_create),
269 PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
270 PLUGIN_CALLBACK((plugin_feature_callback_t)charonservice_register, NULL),
271 PLUGIN_PROVIDE(CUSTOM, "Android backend"),
272 PLUGIN_DEPENDS(CUSTOM, "libcharon"),
273 };
274
275 INIT(this,
276 .public = {
277 .update_status = _update_status,
278 .bypass_socket = _bypass_socket,
279 .get_trusted_certificates = _get_trusted_certificates,
280 .get_vpnservice_builder = _get_vpnservice_builder,
281 },
282 .creds = android_creds_create(),
283 .builder = vpnservice_builder_create(builder),
284 .vpn_service = (*env)->NewGlobalRef(env, service),
285 );
286 charonservice = &this->public;
287
288 lib->plugins->add_static_features(lib->plugins, "androidbridge", features,
289 countof(features), TRUE);
290
291 lib->settings->set_int(lib->settings,
292 "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL);
293 }
294
295 /**
296 * Deinitialize the charonservice object
297 */
298 static void charonservice_deinit(JNIEnv *env)
299 {
300 private_charonservice_t *this = (private_charonservice_t*)charonservice;
301
302 this->builder->destroy(this->builder);
303 this->creds->destroy(this->creds);
304 (*env)->DeleteGlobalRef(env, this->vpn_service);
305 free(this);
306 charonservice = NULL;
307 }
308
309 /**
310 * Handle SIGSEGV/SIGILL signals raised by threads
311 */
312 static void segv_handler(int signal)
313 {
314 dbg_android(DBG_DMN, 1, "thread %u received %d", thread_current_id(),
315 signal);
316 exit(1);
317 }
318
319 /**
320 * Initialize charon and the libraries via JNI
321 */
322 JNI_METHOD(CharonVpnService, initializeCharon, void,
323 jobject builder)
324 {
325 struct sigaction action;
326
327 /* logging for library during initialization, as we have no bus yet */
328 dbg = dbg_android;
329
330 /* initialize library */
331 if (!library_init(NULL))
332 {
333 library_deinit();
334 return;
335 }
336
337 if (!libhydra_init("charon"))
338 {
339 libhydra_deinit();
340 library_deinit();
341 return;
342 }
343
344 if (!libipsec_init())
345 {
346 libipsec_deinit();
347 libhydra_deinit();
348 library_deinit();
349 return;
350 }
351
352 charonservice_init(env, this, builder);
353
354 if (!libcharon_init("charon") ||
355 !charon->initialize(charon, PLUGINS))
356 {
357 libcharon_deinit();
358 charonservice_deinit(env);
359 libipsec_deinit();
360 libhydra_deinit();
361 library_deinit();
362 return;
363 }
364
365 /* add handler for SEGV and ILL etc. */
366 action.sa_handler = segv_handler;
367 action.sa_flags = 0;
368 sigemptyset(&action.sa_mask);
369 sigaction(SIGSEGV, &action, NULL);
370 sigaction(SIGILL, &action, NULL);
371 sigaction(SIGBUS, &action, NULL);
372 action.sa_handler = SIG_IGN;
373 sigaction(SIGPIPE, &action, NULL);
374
375 /* start daemon (i.e. the threads in the thread-pool) */
376 charon->start(charon);
377 }
378
379 /**
380 * Deinitialize charon and all libraries
381 */
382 JNI_METHOD(CharonVpnService, deinitializeCharon, void)
383 {
384 libcharon_deinit();
385 charonservice_deinit(env);
386 libipsec_deinit();
387 libhydra_deinit();
388 library_deinit();
389 }
390
391 /**
392 * Convert a Java string to a C string. Memory is allocated.
393 */
394 static inline char *convert_jstring(JNIEnv *env, jstring jstr)
395 {
396 char *str;
397 jsize len;
398
399 len = (*env)->GetStringUTFLength(env, jstr);
400 str = malloc(len + 1);
401 (*env)->GetStringUTFRegion(env, jstr, 0, len, str);
402 str[len] = '\0';
403 return str;
404 }
405
406 /**
407 * Initiate SA
408 */
409 JNI_METHOD(CharonVpnService, initiate, void,
410 jstring jlocal_address, jstring jgateway, jstring jusername,
411 jstring jpassword)
412 {
413 char *local_address, *gateway, *username, *password;
414
415 local_address = convert_jstring(env, jlocal_address);
416 gateway = convert_jstring(env, jgateway);
417 username = convert_jstring(env, jusername);
418 password = convert_jstring(env, jpassword);
419
420 initiate(local_address, gateway, username, password);
421 }