android: Add a custom kernel-net implementation to replace kernel-netlink
[strongswan.git] / src / frontends / android / jni / libandroidbridge / charonservice.h
1 /*
2 * Copyright (C) 2012-2013 Tobias Brunner
3 * Copyright (C) 2012 Giuliano Grassi
4 * Copyright (C) 2012 Ralf Sager
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup libandroidbridge libandroidbridge
20 *
21 * @defgroup android_backend backend
22 * @ingroup libandroidbridge
23 *
24 * @defgroup android_byod byod
25 * @ingroup libandroidbridge
26 *
27 * @defgroup android_kernel kernel
28 * @ingroup libandroidbridge
29 *
30 * @defgroup charonservice charonservice
31 * @{ @ingroup libandroidbridge
32 */
33
34 #ifndef CHARONSERVICE_H_
35 #define CHARONSERVICE_H_
36
37 #include "vpnservice_builder.h"
38 #include "kernel/network_manager.h"
39
40 #include <library.h>
41 #include <collections/linked_list.h>
42
43 typedef enum android_vpn_state_t android_vpn_state_t;
44 typedef enum android_imc_state_t android_imc_state_t;
45 typedef struct charonservice_t charonservice_t;
46
47 /**
48 * Default value for the MTU of TUN device and the size of IKE fragments
49 */
50 #define ANDROID_DEFAULT_MTU 1400
51
52 /**
53 * VPN status codes. As defined in CharonVpnService.java
54 */
55 enum android_vpn_state_t {
56 CHARONSERVICE_CHILD_STATE_UP = 1,
57 CHARONSERVICE_CHILD_STATE_DOWN,
58 CHARONSERVICE_AUTH_ERROR,
59 CHARONSERVICE_PEER_AUTH_ERROR,
60 CHARONSERVICE_LOOKUP_ERROR,
61 CHARONSERVICE_UNREACHABLE_ERROR,
62 CHARONSERVICE_GENERIC_ERROR,
63 };
64
65 /**
66 * Final IMC state as defined in ImcState.java
67 */
68 enum android_imc_state_t {
69 ANDROID_IMC_STATE_UNKNOWN = 0,
70 ANDROID_IMC_STATE_ALLOW = 1,
71 ANDROID_IMC_STATE_BLOCK = 2,
72 ANDROID_IMC_STATE_ISOLATE = 3,
73 };
74
75 /**
76 * Public interface of charonservice.
77 *
78 * Used to communicate with CharonVpnService via JNI
79 */
80 struct charonservice_t {
81
82 /**
83 * Update the status in the Java domain (UI)
84 *
85 * @param code status code
86 * @return TRUE on success
87 */
88 bool (*update_status)(charonservice_t *this, android_vpn_state_t code);
89
90 /**
91 * Update final IMC state in the Java domain (UI)
92 *
93 * @param state IMC state
94 * @return TRUE on success
95 */
96 bool (*update_imc_state)(charonservice_t *this, android_imc_state_t state);
97
98 /**
99 * Add a remediation instruction via JNI
100 *
101 * @param instr remediation instruction
102 * @return TRUE on success
103 */
104 bool (*add_remediation_instr)(charonservice_t *this, char *instr);
105
106 /**
107 * Install a bypass policy for the given socket using the protect() Method
108 * of the Android VpnService interface.
109 *
110 * Use -1 as fd to re-bypass previously bypassed sockets.
111 *
112 * @param fd socket file descriptor
113 * @param family socket protocol family
114 * @return TRUE if operation successful
115 */
116 bool (*bypass_socket)(charonservice_t *this, int fd, int family);
117
118 /**
119 * Get a list of trusted certificates via JNI
120 *
121 * @return list of DER encoded certificates (as chunk_t*),
122 * NULL on failure
123 */
124 linked_list_t *(*get_trusted_certificates)(charonservice_t *this);
125
126 /**
127 * Get the configured user certificate chain via JNI
128 *
129 * The first item in the returned list is the user certificate followed
130 * by any remaining elements of the certificate chain.
131 *
132 * @return list of DER encoded certificates (as chunk_t*),
133 * NULL on failure
134 */
135 linked_list_t *(*get_user_certificate)(charonservice_t *this);
136
137 /**
138 * Get the configured private key via JNI
139 *
140 * @param pubkey the public key as extracted from the certificate
141 * @return PrivateKey object, NULL on failure
142 */
143 private_key_t *(*get_user_key)(charonservice_t *this, public_key_t *pubkey);
144
145 /**
146 * Get the current vpnservice_builder_t object
147 *
148 * @return VpnService.Builder instance
149 */
150 vpnservice_builder_t *(*get_vpnservice_builder)(charonservice_t *this);
151
152 /**
153 * Get the current network_manager_t object
154 *
155 * @return NetworkManager instance
156 */
157 network_manager_t *(*get_network_manager)(charonservice_t *this);
158 };
159
160 /**
161 * The single instance of charonservice_t.
162 *
163 * Set between JNI calls to initializeCharon() and deinitializeCharon().
164 */
165 extern charonservice_t *charonservice;
166
167 #endif /** CHARONSERVICE_H_ @}*/