Initiate an SA via native JNI method
[strongswan.git] / src / frontends / android / jni / libandroidbridge / charonservice.c
1 /*
2 * Copyright (C) 2012 Giuliano Grassi
3 * Copyright (C) 2012 Ralf Sager
4 * Copyright (C) 2012 Tobias Brunner
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <signal.h>
19 #include <string.h>
20 #include <android/log.h>
21
22 #include "charonservice.h"
23 #include "android_jni.h"
24 #include "backend/android_creds.h"
25 #include "backend/android_service.h"
26 #include "kernel/android_ipsec.h"
27 #include "kernel/android_net.h"
28
29 #include <daemon.h>
30 #include <hydra.h>
31 #include <ipsec.h>
32 #include <library.h>
33 #include <threading/thread.h>
34
35 #define ANDROID_DEBUG_LEVEL 1
36
37 typedef struct private_charonservice_t private_charonservice_t;
38
39 /**
40 * private data of charonservice
41 */
42 struct private_charonservice_t {
43
44 /**
45 * public interface
46 */
47 charonservice_t public;
48
49 /**
50 * android_creds instance
51 */
52 android_creds_t *creds;
53
54 /**
55 * android_service instance
56 */
57 android_service_t *service;
58
59 /**
60 * CharonVpnService reference
61 */
62 jobject vpn_service;
63 };
64
65 /**
66 * Single instance of charonservice_t.
67 */
68 charonservice_t *charonservice;
69
70 /**
71 * hook in library for debugging messages
72 */
73 extern void (*dbg)(debug_t group, level_t level, char *fmt, ...);
74
75 /**
76 * Logging hook for library logs, using android specific logging
77 */
78 static void dbg_android(debug_t group, level_t level, char *fmt, ...)
79 {
80 va_list args;
81
82 if (level <= ANDROID_DEBUG_LEVEL)
83 {
84 char sgroup[16], buffer[8192];
85 char *current = buffer, *next;
86
87 snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group);
88 va_start(args, fmt);
89 vsnprintf(buffer, sizeof(buffer), fmt, args);
90 va_end(args);
91 while (current)
92 { /* log each line separately */
93 next = strchr(current, '\n');
94 if (next)
95 {
96 *(next++) = '\0';
97 }
98 __android_log_print(ANDROID_LOG_INFO, "charon", "00[%s] %s\n",
99 sgroup, current);
100 current = next;
101 }
102 }
103 }
104
105 METHOD(charonservice_t, update_status, bool,
106 private_charonservice_t *this, android_vpn_state_t code)
107 {
108 JNIEnv *env;
109 jmethodID method_id;
110 bool success = FALSE;
111
112 androidjni_attach_thread(&env);
113
114 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
115 "updateStatus", "(I)V");
116 if (!method_id)
117 {
118 goto failed;
119 }
120 (*env)->CallVoidMethod(env, this->vpn_service, method_id, (jint)code);
121 success = !androidjni_exception_occurred(env);
122
123 failed:
124 androidjni_exception_occurred(env);
125 androidjni_detach_thread();
126 return success;
127 }
128
129 METHOD(charonservice_t, bypass_socket, bool,
130 private_charonservice_t *this, int fd, int family)
131 {
132 JNIEnv *env;
133 jmethodID method_id;
134
135 androidjni_attach_thread(&env);
136
137 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
138 "protect", "(I)Z");
139 if (!method_id)
140 {
141 goto failed;
142 }
143 if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd))
144 {
145 DBG1(DBG_CFG, "VpnService.protect() failed");
146 goto failed;
147 }
148 androidjni_detach_thread();
149 return TRUE;
150
151 failed:
152 androidjni_exception_occurred(env);
153 androidjni_detach_thread();
154 return FALSE;
155 }
156
157 METHOD(charonservice_t, get_trusted_certificates, linked_list_t*,
158 private_charonservice_t *this)
159 {
160 JNIEnv *env;
161 jmethodID method_id;
162 jobjectArray jcerts;
163 linked_list_t *list;
164 jsize i;
165
166 androidjni_attach_thread(&env);
167
168 method_id = (*env)->GetMethodID(env,
169 android_charonvpnservice_class,
170 "getTrustedCertificates", "(Ljava/lang/String;)[[B");
171 if (!method_id)
172 {
173 goto failed;
174 }
175 jcerts = (*env)->CallObjectMethod(env, this->vpn_service, method_id, NULL);
176 if (!jcerts)
177 {
178 goto failed;
179 }
180 list = linked_list_create();
181 for (i = 0; i < (*env)->GetArrayLength(env, jcerts); ++i)
182 {
183 chunk_t *ca_cert;
184 jbyteArray jcert;
185
186 ca_cert = malloc_thing(chunk_t);
187 list->insert_last(list, ca_cert);
188
189 jcert = (*env)->GetObjectArrayElement(env, jcerts, i);
190 *ca_cert = chunk_alloc((*env)->GetArrayLength(env, jcert));
191 (*env)->GetByteArrayRegion(env, jcert, 0, ca_cert->len, ca_cert->ptr);
192 (*env)->DeleteLocalRef(env, jcert);
193 }
194 (*env)->DeleteLocalRef(env, jcerts);
195 androidjni_detach_thread();
196 return list;
197
198 failed:
199 androidjni_exception_occurred(env);
200 androidjni_detach_thread();
201 return NULL;
202 }
203
204 /**
205 * Initiate a new connection
206 *
207 * @param local local ip address (gets owned)
208 * @param gateway gateway address (gets owned)
209 * @param username username (gets owned)
210 * @param password password (gets owned)
211 */
212 static void initiate(char *local, char *gateway, char *username, char *password)
213 {
214 private_charonservice_t *this = (private_charonservice_t*)charonservice;
215
216 this->creds->clear(this->creds);
217 this->creds->add_username_password(this->creds, username, password);
218 memwipe(password, strlen(password));
219 free(password);
220
221 DESTROY_IF(this->service);
222 this->service = android_service_create(local, gateway, username);
223 }
224
225 /**
226 * Initialize/deinitialize Android backend
227 */
228 static bool charonservice_register(void *plugin, plugin_feature_t *feature,
229 bool reg, void *data)
230 {
231 private_charonservice_t *this = (private_charonservice_t*)charonservice;
232 if (reg)
233 {
234 lib->credmgr->add_set(lib->credmgr, &this->creds->set);
235 }
236 else
237 {
238 lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
239 if (this->service)
240 {
241 this->service->destroy(this->service);
242 this->service = NULL;
243 }
244 }
245 return TRUE;
246 }
247
248 /**
249 * Initialize the charonservice object
250 */
251 static void charonservice_init(JNIEnv *env, jobject service)
252 {
253 private_charonservice_t *this;
254 static plugin_feature_t features[] = {
255 PLUGIN_CALLBACK(kernel_net_register, kernel_android_net_create),
256 PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
257 PLUGIN_CALLBACK(kernel_ipsec_register, kernel_android_ipsec_create),
258 PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
259 PLUGIN_CALLBACK((plugin_feature_callback_t)charonservice_register, NULL),
260 PLUGIN_PROVIDE(CUSTOM, "Android backend"),
261 PLUGIN_DEPENDS(CUSTOM, "libcharon"),
262 };
263
264 INIT(this,
265 .public = {
266 .update_status = _update_status,
267 .bypass_socket = _bypass_socket,
268 .get_trusted_certificates = _get_trusted_certificates,
269 },
270 .creds = android_creds_create(),
271 .vpn_service = (*env)->NewGlobalRef(env, service),
272 );
273 charonservice = &this->public;
274
275 lib->plugins->add_static_features(lib->plugins, "androidbridge", features,
276 countof(features), TRUE);
277
278 lib->settings->set_int(lib->settings,
279 "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL);
280 }
281
282 /**
283 * Deinitialize the charonservice object
284 */
285 static void charonservice_deinit(JNIEnv *env)
286 {
287 private_charonservice_t *this = (private_charonservice_t*)charonservice;
288
289 this->creds->destroy(this->creds);
290 (*env)->DeleteGlobalRef(env, this->vpn_service);
291 free(this);
292 charonservice = NULL;
293 }
294
295 /**
296 * Handle SIGSEGV/SIGILL signals raised by threads
297 */
298 static void segv_handler(int signal)
299 {
300 dbg_android(DBG_DMN, 1, "thread %u received %d", thread_current_id(),
301 signal);
302 exit(1);
303 }
304
305 /**
306 * Initialize charon and the libraries via JNI
307 */
308 JNI_METHOD(CharonVpnService, initializeCharon, void)
309 {
310 struct sigaction action;
311
312 /* logging for library during initialization, as we have no bus yet */
313 dbg = dbg_android;
314
315 /* initialize library */
316 if (!library_init(NULL))
317 {
318 library_deinit();
319 return;
320 }
321
322 if (!libhydra_init("charon"))
323 {
324 libhydra_deinit();
325 library_deinit();
326 return;
327 }
328
329 if (!libipsec_init())
330 {
331 libipsec_deinit();
332 libhydra_deinit();
333 library_deinit();
334 return;
335 }
336
337 charonservice_init(env, this);
338
339 if (!libcharon_init("charon") ||
340 !charon->initialize(charon, PLUGINS))
341 {
342 libcharon_deinit();
343 charonservice_deinit(env);
344 libipsec_deinit();
345 libhydra_deinit();
346 library_deinit();
347 return;
348 }
349
350 /* add handler for SEGV and ILL etc. */
351 action.sa_handler = segv_handler;
352 action.sa_flags = 0;
353 sigemptyset(&action.sa_mask);
354 sigaction(SIGSEGV, &action, NULL);
355 sigaction(SIGILL, &action, NULL);
356 sigaction(SIGBUS, &action, NULL);
357 action.sa_handler = SIG_IGN;
358 sigaction(SIGPIPE, &action, NULL);
359
360 /* start daemon (i.e. the threads in the thread-pool) */
361 charon->start(charon);
362 }
363
364 /**
365 * Deinitialize charon and all libraries
366 */
367 JNI_METHOD(CharonVpnService, deinitializeCharon, void)
368 {
369 libcharon_deinit();
370 charonservice_deinit(env);
371 libipsec_deinit();
372 libhydra_deinit();
373 library_deinit();
374 }
375
376 /**
377 * Convert a Java string to a C string. Memory is allocated.
378 */
379 static inline char *convert_jstring(JNIEnv *env, jstring jstr)
380 {
381 char *str;
382 jsize len;
383
384 len = (*env)->GetStringUTFLength(env, jstr);
385 str = malloc(len + 1);
386 (*env)->GetStringUTFRegion(env, jstr, 0, len, str);
387 str[len] = '\0';
388 return str;
389 }
390
391 /**
392 * Initiate SA
393 */
394 JNI_METHOD(CharonVpnService, initiate, void,
395 jstring jlocal_address, jstring jgateway, jstring jusername,
396 jstring jpassword)
397 {
398 char *local_address, *gateway, *username, *password;
399
400 local_address = convert_jstring(env, jlocal_address);
401 gateway = convert_jstring(env, jgateway);
402 username = convert_jstring(env, jusername);
403 password = convert_jstring(env, jpassword);
404
405 initiate(local_address, gateway, username, password);
406 }