projects / platform / upstream / connman.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Updated connman to version 1.35
[platform/upstream/connman.git] / vpn / plugins / vpn.c
1 /*
2  *
3  *  ConnMan VPN daemon
4  *
5  *  Copyright (C) 2007-2013  Intel Corporation. All rights reserved.
6  *
7  *  This program is free software; you can redistribute it and/or modify
8  *  it under the terms of the GNU General Public License version 2 as
9  *  published by the Free Software Foundation.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, write to the Free Software
18  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
19  *
20  */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #define _GNU_SOURCE
27 #include <string.h>
28 #include <fcntl.h>
29 #include <unistd.h>
30 #include <sys/stat.h>
31 #include <stdio.h>
32 #include <errno.h>
33 #include <sys/ioctl.h>
34 #include <sys/types.h>
35 #include <linux/if_tun.h>
36 #include <net/if.h>
37
38 #include <dbus/dbus.h>
39
40 #include <glib/gprintf.h>
41
42 #include <connman/log.h>
43 #include <connman/rtnl.h>
44 #include <connman/task.h>
45 #include <connman/inet.h>
46
47 #include "../vpn-rtnl.h"
48 #include "../vpn-provider.h"
49
50 #include "vpn.h"
51
52 struct vpn_data {
53         struct vpn_provider *provider;
54         char *if_name;
55         unsigned flags;
56         unsigned int watch;
57         enum vpn_state state;
58         struct connman_task *task;
59         int tun_flags;
60 };
61
62 struct vpn_driver_data {
63         const char *name;
64         const char *program;
65         struct vpn_driver *vpn_driver;
66         struct vpn_provider_driver provider_driver;
67 };
68
69 GHashTable *driver_hash = NULL;
70
71 static int stop_vpn(struct vpn_provider *provider)
72 {
73         struct vpn_data *data = vpn_provider_get_data(provider);
74         struct vpn_driver_data *vpn_driver_data;
75         const char *name;
76         struct ifreq ifr;
77         int fd, err;
78
79         if (!data)
80                 return -EINVAL;
81
82         name = vpn_provider_get_driver_name(provider);
83         if (!name)
84                 return -EINVAL;
85
86         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
87
88         if (vpn_driver_data && vpn_driver_data->vpn_driver &&
89                         vpn_driver_data->vpn_driver->flags == VPN_FLAG_NO_TUN)
90                 return 0;
91
92         memset(&ifr, 0, sizeof(ifr));
93         ifr.ifr_flags = data->tun_flags | IFF_NO_PI;
94         sprintf(ifr.ifr_name, "%s", data->if_name);
95
96         fd = open("/dev/net/tun", O_RDWR | O_CLOEXEC);
97         if (fd < 0) {
98                 err = -errno;
99                 connman_error("Failed to open /dev/net/tun to device %s: %s",
100                               data->if_name, strerror(errno));
101                 return err;
102         }
103
104         if (ioctl(fd, TUNSETIFF, (void *)&ifr)) {
105                 err = -errno;
106                 connman_error("Failed to TUNSETIFF for device %s to it: %s",
107                               data->if_name, strerror(errno));
108                 close(fd);
109                 return err;
110         }
111
112         if (ioctl(fd, TUNSETPERSIST, 0)) {
113                 err = -errno;
114                 connman_error("Failed to set tun device %s nonpersistent: %s",
115                               data->if_name, strerror(errno));
116                 close(fd);
117                 return err;
118         }
119         close(fd);
120         DBG("Killed tun device %s", data->if_name);
121         return 0;
122 }
123
124 void vpn_died(struct connman_task *task, int exit_code, void *user_data)
125 {
126         struct vpn_provider *provider = user_data;
127         struct vpn_data *data = vpn_provider_get_data(provider);
128         int state = VPN_STATE_FAILURE;
129         enum vpn_provider_error ret;
130
131         DBG("provider %p data %p", provider, data);
132
133         if (!data)
134                 goto vpn_exit;
135
136         state = data->state;
137
138         stop_vpn(provider);
139         vpn_provider_set_data(provider, NULL);
140
141         if (data->watch != 0) {
142                 vpn_rtnl_remove_watch(data->watch);
143                 data->watch = 0;
144                 vpn_provider_unref(provider);
145         }
146
147 vpn_exit:
148         if (state != VPN_STATE_READY && state != VPN_STATE_DISCONNECT) {
149                 const char *name;
150                 struct vpn_driver_data *vpn_data = NULL;
151
152                 name = vpn_provider_get_driver_name(provider);
153                 if (name)
154                         vpn_data = g_hash_table_lookup(driver_hash, name);
155
156                 if (vpn_data &&
157                                 vpn_data->vpn_driver->error_code)
158                         ret = vpn_data->vpn_driver->error_code(provider,
159                                         exit_code);
160                 else
161                         ret = VPN_PROVIDER_ERROR_UNKNOWN;
162
163                 vpn_provider_indicate_error(provider, ret);
164         } else
165                 vpn_provider_set_state(provider, VPN_PROVIDER_STATE_IDLE);
166
167         vpn_provider_set_index(provider, -1);
168
169         if (data) {
170                 vpn_provider_unref(data->provider);
171                 g_free(data->if_name);
172                 g_free(data);
173         }
174
175         connman_task_destroy(task);
176 }
177
178 int vpn_set_ifname(struct vpn_provider *provider, const char *ifname)
179 {
180         struct vpn_data *data = vpn_provider_get_data(provider);
181         int index;
182
183         if (!ifname || !data)
184                 return  -EIO;
185
186         index = connman_inet_ifindex(ifname);
187         if (index < 0)
188                 return  -EIO;
189
190         if (data->if_name)
191                 g_free(data->if_name);
192
193         data->if_name = (char *)g_strdup(ifname);
194         vpn_provider_set_index(provider, index);
195
196         return 0;
197 }
198
199 static int vpn_set_state(struct vpn_provider *provider,
200                                                 enum vpn_provider_state state)
201 {
202         struct vpn_data *data = vpn_provider_get_data(provider);
203         if (!data)
204                 return -EINVAL;
205
206         switch (state) {
207         case VPN_PROVIDER_STATE_UNKNOWN:
208                 return -EINVAL;
209         case VPN_PROVIDER_STATE_IDLE:
210                 data->state = VPN_STATE_IDLE;
211                 break;
212         case VPN_PROVIDER_STATE_CONNECT:
213         case VPN_PROVIDER_STATE_READY:
214                 data->state = VPN_STATE_CONNECT;
215                 break;
216         case VPN_PROVIDER_STATE_DISCONNECT:
217                 data->state = VPN_STATE_DISCONNECT;
218                 break;
219         case VPN_PROVIDER_STATE_FAILURE:
220                 data->state = VPN_STATE_FAILURE;
221                 break;
222         }
223
224         return 0;
225 }
226
227 static void vpn_newlink(unsigned flags, unsigned change, void *user_data)
228 {
229         struct vpn_provider *provider = user_data;
230         struct vpn_data *data = vpn_provider_get_data(provider);
231
232         if ((data->flags & IFF_UP) != (flags & IFF_UP)) {
233                 if (flags & IFF_UP) {
234                         data->state = VPN_STATE_READY;
235                         vpn_provider_set_state(provider,
236                                         VPN_PROVIDER_STATE_READY);
237                 }
238         }
239         data->flags = flags;
240 }
241
242 static DBusMessage *vpn_notify(struct connman_task *task,
243                         DBusMessage *msg, void *user_data)
244 {
245         struct vpn_provider *provider = user_data;
246         struct vpn_data *data;
247         struct vpn_driver_data *vpn_driver_data;
248         const char *name;
249         int state, index, err;
250
251         data = vpn_provider_get_data(provider);
252
253         name = vpn_provider_get_driver_name(provider);
254
255         if (!name) {
256                 DBG("Cannot find VPN driver for provider %p", provider);
257                 vpn_provider_set_state(provider, VPN_PROVIDER_STATE_FAILURE);
258                 return NULL;
259         }
260
261         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
262         if (!vpn_driver_data) {
263                 DBG("Cannot find VPN driver data for name %s", name);
264                 vpn_provider_set_state(provider, VPN_PROVIDER_STATE_FAILURE);
265                 return NULL;
266         }
267
268         state = vpn_driver_data->vpn_driver->notify(msg, provider);
269
270         DBG("provider %p driver %s state %d", provider, name, state);
271
272         switch (state) {
273         case VPN_STATE_CONNECT:
274         case VPN_STATE_READY:
275                 if (data->state == VPN_STATE_READY) {
276                         /*
277                          * This is the restart case, in which case we must
278                          * just set the IP address.
279                          *
280                          * We need to remove first the old address, just
281                          * replacing the old address will not work as expected
282                          * because the old address will linger in the interface
283                          * and not disapper so the clearing is needed here.
284                          *
285                          * Also the state must change, otherwise the routes
286                          * will not be set properly.
287                          */
288                         vpn_provider_set_state(provider,
289                                                 VPN_PROVIDER_STATE_CONNECT);
290
291                         vpn_provider_clear_address(provider, AF_INET);
292                         vpn_provider_clear_address(provider, AF_INET6);
293
294                         vpn_provider_change_address(provider);
295                         vpn_provider_set_state(provider,
296                                                 VPN_PROVIDER_STATE_READY);
297                         break;
298                 }
299
300                 index = vpn_provider_get_index(provider);
301                 vpn_provider_ref(provider);
302                 data->watch = vpn_rtnl_add_newlink_watch(index,
303                                                      vpn_newlink, provider);
304                 err = connman_inet_ifup(index);
305                 if (err < 0) {
306                         if (err == -EALREADY)
307                                 /*
308                                  * So the interface is up already, that is just
309                                  * great. Unfortunately in this case the
310                                  * newlink watch might not have been called at
311                                  * all. We must manually call it here so that
312                                  * the provider can go to ready state and the
313                                  * routes are setup properly.
314                                  */
315                                 vpn_newlink(IFF_UP, 0, provider);
316                         else
317                                 DBG("Cannot take interface %d up err %d/%s",
318                                         index, -err, strerror(-err));
319                 }
320                 break;
321
322         case VPN_STATE_UNKNOWN:
323         case VPN_STATE_IDLE:
324         case VPN_STATE_DISCONNECT:
325         case VPN_STATE_FAILURE:
326                 vpn_provider_set_state(provider,
327                                         VPN_PROVIDER_STATE_DISCONNECT);
328                 break;
329
330         case VPN_STATE_AUTH_FAILURE:
331                 vpn_provider_indicate_error(provider,
332                                         VPN_PROVIDER_ERROR_AUTH_FAILED);
333                 break;
334         }
335
336         return NULL;
337 }
338
339 #if defined TIZEN_EXT
340 static void vpn_event(struct vpn_provider *provider, int state)
341 {
342         struct vpn_driver_data *vpn_driver_data;
343         const char *name;
344
345         name = vpn_provider_get_driver_name(provider);
346         if (!name) {
347                 DBG("Cannot find VPN driver for provider %p", provider);
348                 vpn_provider_set_state(provider, VPN_PROVIDER_STATE_FAILURE);
349                 return;
350         }
351
352         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
353         if (!vpn_driver_data) {
354                 DBG("Cannot find VPN driver data for name %s", name);
355                 vpn_provider_set_state(provider, VPN_PROVIDER_STATE_FAILURE);
356                 return;
357         }
358
359         DBG("provider %p driver %s state %d", provider, name, state);
360
361         switch (state) {
362         case VPN_STATE_CONNECT:
363                 vpn_provider_set_state(provider,
364                                 VPN_PROVIDER_STATE_CONNECT);
365                 break;
366         case VPN_STATE_READY:
367                 vpn_provider_set_state(provider,
368                                 VPN_PROVIDER_STATE_READY);
369                 break;
370
371         case VPN_STATE_UNKNOWN:
372         case VPN_STATE_IDLE:
373         case VPN_STATE_DISCONNECT:
374         case VPN_STATE_FAILURE:
375                 vpn_provider_set_state(provider,
376                                         VPN_PROVIDER_STATE_DISCONNECT);
377                 break;
378
379         case VPN_STATE_AUTH_FAILURE:
380                 vpn_provider_indicate_error(provider,
381                                         VPN_PROVIDER_ERROR_AUTH_FAILED);
382                 break;
383         }
384
385         return;
386 }
387 #endif
388
389 static int vpn_create_tun(struct vpn_provider *provider, int flags)
390 {
391         struct vpn_data *data = vpn_provider_get_data(provider);
392         struct ifreq ifr;
393         int i, fd, index;
394         int ret = 0;
395
396         if (!data)
397                 return -EISCONN;
398
399         fd = open("/dev/net/tun", O_RDWR | O_CLOEXEC);
400         if (fd < 0) {
401                 i = -errno;
402                 connman_error("Failed to open /dev/net/tun: %s",
403                               strerror(errno));
404                 ret = i;
405                 goto exist_err;
406         }
407
408         memset(&ifr, 0, sizeof(ifr));
409         ifr.ifr_flags = flags | IFF_NO_PI;
410
411         for (i = 0; i < 256; i++) {
412                 sprintf(ifr.ifr_name, "vpn%d", i);
413
414                 if (!ioctl(fd, TUNSETIFF, (void *)&ifr))
415                         break;
416         }
417
418         if (i == 256) {
419                 connman_error("Failed to find available tun device");
420                 close(fd);
421                 ret = -ENODEV;
422                 goto exist_err;
423         }
424
425         data->tun_flags = flags;
426         data->if_name = (char *)g_strdup(ifr.ifr_name);
427         if (!data->if_name) {
428                 connman_error("Failed to allocate memory");
429                 close(fd);
430                 ret = -ENOMEM;
431                 goto exist_err;
432         }
433
434         if (ioctl(fd, TUNSETPERSIST, 1)) {
435                 i = -errno;
436                 connman_error("Failed to set tun persistent: %s",
437                               strerror(errno));
438                 close(fd);
439                 ret = i;
440                 goto exist_err;
441         }
442
443         close(fd);
444
445         index = connman_inet_ifindex(data->if_name);
446         if (index < 0) {
447                 connman_error("Failed to get tun ifindex");
448                 stop_vpn(provider);
449                 ret = -EIO;
450                 goto exist_err;
451         }
452         vpn_provider_set_index(provider, index);
453
454         return 0;
455
456 exist_err:
457         return ret;
458 }
459
460 static int vpn_connect(struct vpn_provider *provider,
461                         vpn_provider_connect_cb_t cb,
462                         const char *dbus_sender, void *user_data)
463 {
464         struct vpn_data *data = vpn_provider_get_data(provider);
465         struct vpn_driver_data *vpn_driver_data;
466         const char *name;
467         int ret = 0, tun_flags = IFF_TUN;
468         enum vpn_state state = VPN_STATE_UNKNOWN;
469
470         if (data)
471                 state = data->state;
472
473         DBG("data %p state %d", data, state);
474
475         switch (state) {
476         case VPN_STATE_UNKNOWN:
477                 data = g_try_new0(struct vpn_data, 1);
478                 if (!data)
479                         return -ENOMEM;
480
481                 data->provider = vpn_provider_ref(provider);
482                 data->watch = 0;
483                 data->flags = 0;
484                 data->task = NULL;
485
486                 vpn_provider_set_data(provider, data);
487                 /* fall through */
488
489         case VPN_STATE_DISCONNECT:
490         case VPN_STATE_IDLE:
491         case VPN_STATE_FAILURE:
492         case VPN_STATE_AUTH_FAILURE:
493                 data->state = VPN_STATE_IDLE;
494                 break;
495
496         case VPN_STATE_CONNECT:
497                 return -EINPROGRESS;
498
499         case VPN_STATE_READY:
500                 return -EISCONN;
501         }
502
503         name = vpn_provider_get_driver_name(provider);
504         if (!name)
505                 return -EINVAL;
506
507         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
508
509         if (!vpn_driver_data || !vpn_driver_data->vpn_driver) {
510                 ret = -EINVAL;
511                 goto exist_err;
512         }
513
514         if (vpn_driver_data->vpn_driver->flags != VPN_FLAG_NO_TUN) {
515                 if (vpn_driver_data->vpn_driver->device_flags) {
516                         tun_flags = vpn_driver_data->vpn_driver->device_flags(provider);
517                 }
518                 ret = vpn_create_tun(provider, tun_flags);
519                 if (ret < 0)
520                         goto exist_err;
521         }
522
523         data->task = connman_task_create(vpn_driver_data->program);
524
525         if (!data->task) {
526                 ret = -ENOMEM;
527                 stop_vpn(provider);
528                 goto exist_err;
529         }
530
531         if (connman_task_set_notify(data->task, "notify",
532                                         vpn_notify, provider)) {
533                 ret = -ENOMEM;
534                 stop_vpn(provider);
535                 connman_task_destroy(data->task);
536                 data->task = NULL;
537                 goto exist_err;
538         }
539
540
541 #if defined TIZEN_EXT
542         if(vpn_driver_data->vpn_driver->set_event_cb)
543                 vpn_driver_data->vpn_driver->set_event_cb(vpn_event, provider);
544 #endif
545
546         ret = vpn_driver_data->vpn_driver->connect(provider, data->task,
547                                                 data->if_name, cb, dbus_sender,
548                                                 user_data);
549         if (ret < 0 && ret != -EINPROGRESS) {
550                 stop_vpn(provider);
551                 connman_task_destroy(data->task);
552                 data->task = NULL;
553                 goto exist_err;
554         }
555
556         DBG("%s started with dev %s",
557                 vpn_driver_data->provider_driver.name, data->if_name);
558
559         data->state = VPN_STATE_CONNECT;
560
561         return -EINPROGRESS;
562
563 exist_err:
564         vpn_provider_set_index(provider, -1);
565         vpn_provider_set_data(provider, NULL);
566         vpn_provider_unref(data->provider);
567         g_free(data->if_name);
568         g_free(data);
569
570         return ret;
571 }
572
573 static int vpn_probe(struct vpn_provider *provider)
574 {
575         return 0;
576 }
577
578 static int vpn_disconnect(struct vpn_provider *provider)
579 {
580         struct vpn_data *data = vpn_provider_get_data(provider);
581         struct vpn_driver_data *vpn_driver_data;
582         const char *name;
583
584         DBG("disconnect provider %p:", provider);
585
586         if (!data)
587                 return 0;
588
589         name = vpn_provider_get_driver_name(provider);
590         if (!name)
591                 return 0;
592
593         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
594         if (vpn_driver_data->vpn_driver->disconnect)
595                 vpn_driver_data->vpn_driver->disconnect(provider);
596
597         if (data->watch != 0) {
598                 vpn_provider_unref(provider);
599                 vpn_rtnl_remove_watch(data->watch);
600                 data->watch = 0;
601         }
602
603         data->state = VPN_STATE_DISCONNECT;
604         connman_task_stop(data->task);
605
606         return 0;
607 }
608
609 static int vpn_remove(struct vpn_provider *provider)
610 {
611         struct vpn_data *data;
612
613         data = vpn_provider_get_data(provider);
614         if (!data)
615                 return 0;
616
617         if (data->watch != 0) {
618                 vpn_provider_unref(provider);
619                 vpn_rtnl_remove_watch(data->watch);
620                 data->watch = 0;
621         }
622
623         connman_task_stop(data->task);
624
625         g_usleep(G_USEC_PER_SEC);
626         stop_vpn(provider);
627         return 0;
628 }
629
630 static int vpn_save(struct vpn_provider *provider, GKeyFile *keyfile)
631 {
632         struct vpn_driver_data *vpn_driver_data;
633         const char *name;
634
635         name = vpn_provider_get_driver_name(provider);
636         vpn_driver_data = g_hash_table_lookup(driver_hash, name);
637         if (vpn_driver_data &&
638                         vpn_driver_data->vpn_driver->save)
639                 return vpn_driver_data->vpn_driver->save(provider, keyfile);
640
641         return 0;
642 }
643
644 int vpn_register(const char *name, struct vpn_driver *vpn_driver,
645                         const char *program)
646 {
647         struct vpn_driver_data *data;
648
649         data = g_try_new0(struct vpn_driver_data, 1);
650         if (!data)
651                 return -ENOMEM;
652
653         data->name = name;
654         data->program = program;
655
656         data->vpn_driver = vpn_driver;
657
658         data->provider_driver.name = name;
659         data->provider_driver.disconnect = vpn_disconnect;
660         data->provider_driver.connect = vpn_connect;
661         data->provider_driver.probe = vpn_probe;
662         data->provider_driver.remove = vpn_remove;
663         data->provider_driver.save = vpn_save;
664         data->provider_driver.set_state = vpn_set_state;
665
666         if (!driver_hash)
667                 driver_hash = g_hash_table_new_full(g_str_hash,
668                                                         g_str_equal,
669                                                         NULL, g_free);
670
671         if (!driver_hash) {
672                 connman_error("driver_hash not initialized for %s", name);
673                 g_free(data);
674                 return -ENOMEM;
675         }
676
677         g_hash_table_replace(driver_hash, (char *)name, data);
678
679         vpn_provider_driver_register(&data->provider_driver);
680
681         return 0;
682 }
683
684 void vpn_unregister(const char *name)
685 {
686         struct vpn_driver_data *data;
687
688         data = g_hash_table_lookup(driver_hash, name);
689         if (!data)
690                 return;
691
692         vpn_provider_driver_unregister(&data->provider_driver);
693
694         g_hash_table_remove(driver_hash, name);
695
696         if (g_hash_table_size(driver_hash) == 0)
697                 g_hash_table_destroy(driver_hash);
698 }
Domain: Network & Connectivity / Data Network;