Implement kernel_ipsec_t.bypass_socket() via JNI and VpnService.protect()
[strongswan.git] / src / frontends / android / jni / libandroidbridge / charonservice.c
1 /*
2 * Copyright (C) 2012 Giuliano Grassi
3 * Copyright (C) 2012 Ralf Sager
4 * Copyright (C) 2012 Tobias Brunner
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <signal.h>
19 #include <string.h>
20 #include <android/log.h>
21
22 #include "charonservice.h"
23 #include "android_jni.h"
24 #include "kernel/android_ipsec.h"
25 #include "kernel/android_net.h"
26
27 #include <daemon.h>
28 #include <hydra.h>
29 #include <ipsec.h>
30 #include <library.h>
31 #include <threading/thread.h>
32
33 #define ANDROID_DEBUG_LEVEL 1
34
35 typedef struct private_charonservice_t private_charonservice_t;
36
37 /**
38 * private data of charonservice
39 */
40 struct private_charonservice_t {
41
42 /**
43 * public interface
44 */
45 charonservice_t public;
46
47 /**
48 * CharonVpnService reference
49 */
50 jobject vpn_service;
51 };
52
53 /**
54 * Single instance of charonservice_t.
55 */
56 charonservice_t *charonservice;
57
58 /**
59 * hook in library for debugging messages
60 */
61 extern void (*dbg)(debug_t group, level_t level, char *fmt, ...);
62
63 /**
64 * Logging hook for library logs, using android specific logging
65 */
66 static void dbg_android(debug_t group, level_t level, char *fmt, ...)
67 {
68 va_list args;
69
70 if (level <= ANDROID_DEBUG_LEVEL)
71 {
72 char sgroup[16], buffer[8192];
73 char *current = buffer, *next;
74
75 snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group);
76 va_start(args, fmt);
77 vsnprintf(buffer, sizeof(buffer), fmt, args);
78 va_end(args);
79 while (current)
80 { /* log each line separately */
81 next = strchr(current, '\n');
82 if (next)
83 {
84 *(next++) = '\0';
85 }
86 __android_log_print(ANDROID_LOG_INFO, "charon", "00[%s] %s\n",
87 sgroup, current);
88 current = next;
89 }
90 }
91 }
92
93 METHOD(charonservice_t, bypass_socket, bool,
94 private_charonservice_t *this, int fd, int family)
95 {
96 JNIEnv *env;
97 jmethodID method_id;
98
99 androidjni_attach_thread(&env);
100
101 method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
102 "protect", "(I)Z");
103 if (!method_id)
104 {
105 goto failed;
106 }
107 if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd))
108 {
109 DBG1(DBG_CFG, "VpnService.protect() failed");
110 goto failed;
111 }
112 androidjni_detach_thread();
113 return TRUE;
114
115 failed:
116 androidjni_exception_occurred(env);
117 androidjni_detach_thread();
118 return FALSE;
119 }
120
121 /**
122 * Initialize the charonservice object
123 */
124 static void charonservice_init(JNIEnv *env, jobject service)
125 {
126 private_charonservice_t *this;
127 static plugin_feature_t features[] = {
128 PLUGIN_CALLBACK(kernel_net_register, kernel_android_net_create),
129 PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
130 PLUGIN_CALLBACK(kernel_ipsec_register, kernel_android_ipsec_create),
131 PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
132 };
133
134 INIT(this,
135 .public = {
136 .bypass_socket = _bypass_socket,
137 },
138 .vpn_service = (*env)->NewGlobalRef(env, service),
139 );
140 charonservice = &this->public;
141
142 lib->plugins->add_static_features(lib->plugins, "androidbridge", features,
143 countof(features), TRUE);
144
145 lib->settings->set_int(lib->settings,
146 "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL);
147 }
148
149 /**
150 * Deinitialize the charonservice object
151 */
152 static void charonservice_deinit(JNIEnv *env)
153 {
154 private_charonservice_t *this = (private_charonservice_t*)charonservice;
155
156 (*env)->DeleteGlobalRef(env, this->vpn_service);
157 free(this);
158 charonservice = NULL;
159 }
160
161 /**
162 * Handle SIGSEGV/SIGILL signals raised by threads
163 */
164 static void segv_handler(int signal)
165 {
166 dbg_android(DBG_DMN, 1, "thread %u received %d", thread_current_id(),
167 signal);
168 exit(1);
169 }
170
171 /**
172 * Initialize charon and the libraries via JNI
173 */
174 JNI_METHOD(CharonVpnService, initializeCharon, void)
175 {
176 struct sigaction action;
177
178 /* logging for library during initialization, as we have no bus yet */
179 dbg = dbg_android;
180
181 /* initialize library */
182 if (!library_init(NULL))
183 {
184 library_deinit();
185 return;
186 }
187
188 if (!libhydra_init("charon"))
189 {
190 libhydra_deinit();
191 library_deinit();
192 return;
193 }
194
195 if (!libipsec_init())
196 {
197 libipsec_deinit();
198 libhydra_deinit();
199 library_deinit();
200 return;
201 }
202
203 charonservice_init(env, this);
204
205 if (!libcharon_init("charon") ||
206 !charon->initialize(charon, PLUGINS))
207 {
208 libcharon_deinit();
209 charonservice_deinit(env);
210 libipsec_deinit();
211 libhydra_deinit();
212 library_deinit();
213 return;
214 }
215
216 /* add handler for SEGV and ILL etc. */
217 action.sa_handler = segv_handler;
218 action.sa_flags = 0;
219 sigemptyset(&action.sa_mask);
220 sigaction(SIGSEGV, &action, NULL);
221 sigaction(SIGILL, &action, NULL);
222 sigaction(SIGBUS, &action, NULL);
223 action.sa_handler = SIG_IGN;
224 sigaction(SIGPIPE, &action, NULL);
225
226 /* start daemon (i.e. the threads in the thread-pool) */
227 charon->start(charon);
228 }
229
230 /**
231 * Deinitialize charon and all libraries
232 */
233 JNI_METHOD(CharonVpnService, deinitializeCharon, void)
234 {
235 libcharon_deinit();
236 charonservice_deinit(env);
237 libipsec_deinit();
238 libhydra_deinit();
239 library_deinit();
240 }
241