An Android specific attribute handler installs DNS servers via Builder
[strongswan.git] / src / frontends / android / jni / libandroidbridge / charonservice.c
1 /*
2 * Copyright (C) 2012 Giuliano Grassi
3 * Copyright (C) 2012 Ralf Sager
4 * Copyright (C) 2012 Tobias Brunner
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <signal.h>
19 #include <string.h>
20 #include <android/log.h>
21
22 #include "charonservice.h"
23 #include "android_jni.h"
24 #include "backend/android_attr.h"
25 #include "backend/android_creds.h"
26 #include "backend/android_service.h"
27 #include "kernel/android_ipsec.h"
28 #include "kernel/android_net.h"
29
30 #include <daemon.h>
31 #include <hydra.h>
32 #include <ipsec.h>
33 #include <library.h>
34 #include <threading/thread.h>
35
36 #define ANDROID_DEBUG_LEVEL 1
37
38 typedef struct private_charonservice_t private_charonservice_t;
39
40 /**
41 * private data of charonservice
42 */
43 struct private_charonservice_t {
44
45 /**
46 * public interface
47 */
48 charonservice_t public;
49
50 /**
51 * android_attr instance
52 */
53 android_attr_t *attr;
54
55 /**
56 * android_creds instance
57 */
58 android_creds_t *creds;
59
60 /**
61 * android_service instance
62 */
63 android_service_t *service;
64
65 /**
66 * VpnService builder (accessed via JNI)
67 */
68 vpnservice_builder_t *builder;
69
70 /**
71 * CharonVpnService reference
72 */
73 jobject vpn_service;
74 };
75
76 /**
77 * Single instance of charonservice_t.
78 */
79 charonservice_t *charonservice;
80
81 /**
82 * hook in library for debugging messages
83 */
84 extern void (*dbg)(debug_t group, level_t level, char *fmt, ...);
85
86 /**
87 * Logging hook for library logs, using android specific logging
88 */
89 static void dbg_android(debug_t group, level_t level, char *fmt, ...)
90 {
91 va_list args;
92
93 if (level <= ANDROID_DEBUG_LEVEL)
94 {
95 char sgroup[16], buffer[8192];
96 char *current = buffer, *next;
97
98 snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group);
99 va_start(args, fmt);
100 vsnprintf(buffer, sizeof(buffer), fmt, args);
101 va_end(args);
102 while (current)
103 { /* log each line separately */
104 next = strchr(current, '\n');
105 if (next)
106 {
107 *(next++) = '\0';
108 }
109 __android_log_print(ANDROID_LOG_INFO, "charon", "00[%s] %s\n",
110 sgroup, current);
111 current = next;
112 }
113 }
114 }
115
116 METHOD(charonservice_t, update_status, bool,
117 private_charonservice_t *this, android_vpn_state_t code)
118 {
119 JNIEnv *env;
120 jmethodID method_id;
121 bool success = FALSE;
122
123 androidjni_attach_thread(&env);
124
125 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
126 "updateStatus", "(I)V");
127 if (!method_id)
128 {
129 goto failed;
130 }
131 (*env)->CallVoidMethod(env, this->vpn_service, method_id, (jint)code);
132 success = !androidjni_exception_occurred(env);
133
134 failed:
135 androidjni_exception_occurred(env);
136 androidjni_detach_thread();
137 return success;
138 }
139
140 METHOD(charonservice_t, bypass_socket, bool,
141 private_charonservice_t *this, int fd, int family)
142 {
143 JNIEnv *env;
144 jmethodID method_id;
145
146 androidjni_attach_thread(&env);
147
148 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
149 "protect", "(I)Z");
150 if (!method_id)
151 {
152 goto failed;
153 }
154 if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd))
155 {
156 DBG1(DBG_CFG, "VpnService.protect() failed");
157 goto failed;
158 }
159 androidjni_detach_thread();
160 return TRUE;
161
162 failed:
163 androidjni_exception_occurred(env);
164 androidjni_detach_thread();
165 return FALSE;
166 }
167
168 METHOD(charonservice_t, get_trusted_certificates, linked_list_t*,
169 private_charonservice_t *this)
170 {
171 JNIEnv *env;
172 jmethodID method_id;
173 jobjectArray jcerts;
174 linked_list_t *list;
175 jsize i;
176
177 androidjni_attach_thread(&env);
178
179 method_id = (*env)->GetMethodID(env,
180 android_charonvpnservice_class,
181 "getTrustedCertificates", "(Ljava/lang/String;)[[B");
182 if (!method_id)
183 {
184 goto failed;
185 }
186 jcerts = (*env)->CallObjectMethod(env, this->vpn_service, method_id, NULL);
187 if (!jcerts)
188 {
189 goto failed;
190 }
191 list = linked_list_create();
192 for (i = 0; i < (*env)->GetArrayLength(env, jcerts); ++i)
193 {
194 chunk_t *ca_cert;
195 jbyteArray jcert;
196
197 ca_cert = malloc_thing(chunk_t);
198 list->insert_last(list, ca_cert);
199
200 jcert = (*env)->GetObjectArrayElement(env, jcerts, i);
201 *ca_cert = chunk_alloc((*env)->GetArrayLength(env, jcert));
202 (*env)->GetByteArrayRegion(env, jcert, 0, ca_cert->len, ca_cert->ptr);
203 (*env)->DeleteLocalRef(env, jcert);
204 }
205 (*env)->DeleteLocalRef(env, jcerts);
206 androidjni_detach_thread();
207 return list;
208
209 failed:
210 androidjni_exception_occurred(env);
211 androidjni_detach_thread();
212 return NULL;
213 }
214
215 METHOD(charonservice_t, get_vpnservice_builder, vpnservice_builder_t*,
216 private_charonservice_t *this)
217 {
218 return this->builder;
219 }
220
221 /**
222 * Initiate a new connection
223 *
224 * @param local local ip address (gets owned)
225 * @param gateway gateway address (gets owned)
226 * @param username username (gets owned)
227 * @param password password (gets owned)
228 */
229 static void initiate(char *local, char *gateway, char *username, char *password)
230 {
231 private_charonservice_t *this = (private_charonservice_t*)charonservice;
232
233 this->creds->clear(this->creds);
234 this->creds->add_username_password(this->creds, username, password);
235 memwipe(password, strlen(password));
236 free(password);
237
238 DESTROY_IF(this->service);
239 this->service = android_service_create(local, gateway, username);
240 }
241
242 /**
243 * Initialize/deinitialize Android backend
244 */
245 static bool charonservice_register(void *plugin, plugin_feature_t *feature,
246 bool reg, void *data)
247 {
248 private_charonservice_t *this = (private_charonservice_t*)charonservice;
249 if (reg)
250 {
251 lib->credmgr->add_set(lib->credmgr, &this->creds->set);
252 hydra->attributes->add_handler(hydra->attributes,
253 &this->attr->handler);
254 }
255 else
256 {
257 lib->credmgr->remove_set(lib->credmgr, &this->creds->set);
258 hydra->attributes->remove_handler(hydra->attributes,
259 &this->attr->handler);
260 if (this->service)
261 {
262 this->service->destroy(this->service);
263 this->service = NULL;
264 }
265 }
266 return TRUE;
267 }
268
269 /**
270 * Initialize the charonservice object
271 */
272 static void charonservice_init(JNIEnv *env, jobject service, jobject builder)
273 {
274 private_charonservice_t *this;
275 static plugin_feature_t features[] = {
276 PLUGIN_CALLBACK(kernel_net_register, kernel_android_net_create),
277 PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
278 PLUGIN_CALLBACK(kernel_ipsec_register, kernel_android_ipsec_create),
279 PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
280 PLUGIN_CALLBACK((plugin_feature_callback_t)charonservice_register, NULL),
281 PLUGIN_PROVIDE(CUSTOM, "Android backend"),
282 PLUGIN_DEPENDS(CUSTOM, "libcharon"),
283 };
284
285 INIT(this,
286 .public = {
287 .update_status = _update_status,
288 .bypass_socket = _bypass_socket,
289 .get_trusted_certificates = _get_trusted_certificates,
290 .get_vpnservice_builder = _get_vpnservice_builder,
291 },
292 .attr = android_attr_create(),
293 .creds = android_creds_create(),
294 .builder = vpnservice_builder_create(builder),
295 .vpn_service = (*env)->NewGlobalRef(env, service),
296 );
297 charonservice = &this->public;
298
299 lib->plugins->add_static_features(lib->plugins, "androidbridge", features,
300 countof(features), TRUE);
301
302 lib->settings->set_int(lib->settings,
303 "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL);
304 }
305
306 /**
307 * Deinitialize the charonservice object
308 */
309 static void charonservice_deinit(JNIEnv *env)
310 {
311 private_charonservice_t *this = (private_charonservice_t*)charonservice;
312
313 this->builder->destroy(this->builder);
314 this->creds->destroy(this->creds);
315 this->attr->destroy(this->attr);
316 (*env)->DeleteGlobalRef(env, this->vpn_service);
317 free(this);
318 charonservice = NULL;
319 }
320
321 /**
322 * Handle SIGSEGV/SIGILL signals raised by threads
323 */
324 static void segv_handler(int signal)
325 {
326 dbg_android(DBG_DMN, 1, "thread %u received %d", thread_current_id(),
327 signal);
328 exit(1);
329 }
330
331 /**
332 * Initialize charon and the libraries via JNI
333 */
334 JNI_METHOD(CharonVpnService, initializeCharon, void,
335 jobject builder)
336 {
337 struct sigaction action;
338
339 /* logging for library during initialization, as we have no bus yet */
340 dbg = dbg_android;
341
342 /* initialize library */
343 if (!library_init(NULL))
344 {
345 library_deinit();
346 return;
347 }
348
349 if (!libhydra_init("charon"))
350 {
351 libhydra_deinit();
352 library_deinit();
353 return;
354 }
355
356 if (!libipsec_init())
357 {
358 libipsec_deinit();
359 libhydra_deinit();
360 library_deinit();
361 return;
362 }
363
364 charonservice_init(env, this, builder);
365
366 if (!libcharon_init("charon") ||
367 !charon->initialize(charon, PLUGINS))
368 {
369 libcharon_deinit();
370 charonservice_deinit(env);
371 libipsec_deinit();
372 libhydra_deinit();
373 library_deinit();
374 return;
375 }
376
377 /* add handler for SEGV and ILL etc. */
378 action.sa_handler = segv_handler;
379 action.sa_flags = 0;
380 sigemptyset(&action.sa_mask);
381 sigaction(SIGSEGV, &action, NULL);
382 sigaction(SIGILL, &action, NULL);
383 sigaction(SIGBUS, &action, NULL);
384 action.sa_handler = SIG_IGN;
385 sigaction(SIGPIPE, &action, NULL);
386
387 /* start daemon (i.e. the threads in the thread-pool) */
388 charon->start(charon);
389 }
390
391 /**
392 * Deinitialize charon and all libraries
393 */
394 JNI_METHOD(CharonVpnService, deinitializeCharon, void)
395 {
396 libcharon_deinit();
397 charonservice_deinit(env);
398 libipsec_deinit();
399 libhydra_deinit();
400 library_deinit();
401 }
402
403 /**
404 * Convert a Java string to a C string. Memory is allocated.
405 */
406 static inline char *convert_jstring(JNIEnv *env, jstring jstr)
407 {
408 char *str;
409 jsize len;
410
411 len = (*env)->GetStringUTFLength(env, jstr);
412 str = malloc(len + 1);
413 (*env)->GetStringUTFRegion(env, jstr, 0, len, str);
414 str[len] = '\0';
415 return str;
416 }
417
418 /**
419 * Initiate SA
420 */
421 JNI_METHOD(CharonVpnService, initiate, void,
422 jstring jlocal_address, jstring jgateway, jstring jusername,
423 jstring jpassword)
424 {
425 char *local_address, *gateway, *username, *password;
426
427 local_address = convert_jstring(env, jlocal_address);
428 gateway = convert_jstring(env, jgateway);
429 username = convert_jstring(env, jusername);
430 password = convert_jstring(env, jpassword);
431
432 initiate(local_address, gateway, username, password);
433 }