Add switch to disable IPv6

Due to DualMode, smack deny occurs as ipv4 mapped address is used
for communication between daemon and apps using localhost if internet privilege doesnot exist.

In order to handle the ipv4 mapped loopback in smack, it is necessary to modify the kernel side,
but we cannot know when the patch will be applied.
Also, it is not possible to disable all IPv6 for just solving this issue.

So, set switch to disable ipv6 only when there is no internet privilege.
If there is internet privilege, all works normally in dual mode,
And if there is no internet privilege, ipv6 will be diabled so that local communication can be same as before.

diff --git a/NativeLauncher/CMakeLists.txt b/NativeLauncher/CMakeLists.txt
index cba9252..89c3c1a 100644 (file)
--- a/NativeLauncher/CMakeLists.txt
+++ b/NativeLauncher/CMakeLists.txt
@@ -4,7 +4,7 @@ PROJECT("dotnet-tools")
 MESSAGE("CMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}")
 
 INCLUDE(FindPkgConfig)
-PKG_CHECK_MODULES(${PROJECT_NAME} REQUIRED aul pkgmgr-info pkgmgr-installer ecore bundle dlog liblaunchpad glib-2.0 libsmack capi-appfw-app-common storage jsoncpp openssl1.1 sqlite3 libtzplatform-config)
+PKG_CHECK_MODULES(${PROJECT_NAME} REQUIRED aul pkgmgr-info pkgmgr-installer ecore bundle dlog liblaunchpad glib-2.0 libsmack capi-appfw-app-common storage jsoncpp openssl1.1 sqlite3 libtzplatform-config security-manager)
 
 FOREACH(flag ${${PROJECT_NAME}_CFLAGS})
     SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")

diff --git a/NativeLauncher/inc/launcher_env.h b/NativeLauncher/inc/launcher_env.h
index c752d5c..80f3253 100644 (file)
--- a/NativeLauncher/inc/launcher_env.h
+++ b/NativeLauncher/inc/launcher_env.h
@@ -34,6 +34,7 @@
 #define TIZEN_DOTNET_SDK_NUGET       "Tizen.NET.Sdk"
 #define NET_STANDARD_LIBRARY_NUGET   "NETStandard.Library"
 #define PLATFORM_TPA_CACHE           "/usr/share/dotnet.tizen/lib/platform_tpa_cache"
+#define DISABLE_IPV6_FILE            "._TIZEN_DOTNET_SYSTEM_NET_DISABLEIPV6"
 
 #if defined (__aarch64__)
 #define ARCHITECTURE_IDENTIFIER      "arm64"

diff --git a/NativeLauncher/installer-plugin/dotnet_apptype_plugin.cc b/NativeLauncher/installer-plugin/dotnet_apptype_plugin.cc
index 8db651c..ecef48b 100644 (file)
--- a/NativeLauncher/installer-plugin/dotnet_apptype_plugin.cc
+++ b/NativeLauncher/installer-plugin/dotnet_apptype_plugin.cc
@@ -18,8 +18,10 @@
 #include "utils.h"
 #include "multi_target_resolver.h"
 #include "ni_common.h"
+#include "launcher_env.h"
 
 #include <vector>
+#include <app-runtime.h>
 
 #ifdef  LOG_TAG
 #undef  LOG_TAG
@@ -30,6 +32,24 @@ typedef struct _xmlDoc xmlDoc;
 typedef xmlDoc* xmlDocPtr;
 
 bool pluginInstalled = false;
+static const char* INTERNET_PRIVILEGE = "http://tizen.org/privilege/internet";
+static int UID_OWNER = 5001;
+
+static void checkPrivilegeAndDisableIPv6(const char* pkgId, const std::string& rootPath)
+{
+       int res = 0;
+       if (security_manager_app_has_privilege(pkgId, INTERNET_PRIVILEGE, UID_OWNER, &res) == SECURITY_MANAGER_SUCCESS) {
+               if (res != 1) {
+                       std::string filePath = rootPath + "/bin/" + DISABLE_IPV6_FILE;
+                       std::ofstream output(filePath);
+                       if (exist(filePath)) {
+                               _INFO("File to disable IPv6 is created successfully");
+                       } else {
+                               _ERR("Failed to create file to disable IPv6 [%s]", pkgId);
+                       }
+               }
+       }
+}
 
 extern "C" int PKGMGR_PARSER_PLUGIN_INSTALL(xmlDocPtr doc, const char* pkgId)
 {
@@ -64,6 +84,8 @@ extern "C" int PKGMGR_PARSER_PLUGIN_INSTALL(xmlDocPtr doc, const char* pkgId)
                _ERR("Failed to resolve platform specific resources of nuget");
        }
 
+       checkPrivilegeAndDisableIPv6(pkgId, rootPath);
+
        return 0;
 }
 extern "C" int PKGMGR_PARSER_PLUGIN_UPGRADE(xmlDocPtr doc, const char* pkgId)

diff --git a/NativeLauncher/launcher/lib/core_runtime.cc b/NativeLauncher/launcher/lib/core_runtime.cc
index 9592102..f11aa79 100644 (file)
--- a/NativeLauncher/launcher/lib/core_runtime.cc
+++ b/NativeLauncher/launcher/lib/core_runtime.cc
@@ -376,9 +376,6 @@ int CoreRuntime::initialize(const char* appType, LaunchMode launchMode)
        // Disable config cache to set environment after coreclr_initialize()
        putenv(const_cast<char *>("COMPlus_DisableConfigCache=1"));
 
-       // Disable IPv6 to solve Dual Mode issue (temporal patch)
-       putenv(const_cast<char *>("DOTNET_SYSTEM_NET_DISABLEIPV6=1"));
-
        // read string from external file and set them to environment value.
        setEnvFromFile();
 
@@ -595,6 +592,10 @@ int CoreRuntime::launch(const char* appId, const char* root, const char* path, i
                free(localDataPath);
        }
 
+       if (exist(__pm->getAppRootPath() + "/bin/" + DISABLE_IPV6_FILE)) {
+               setSwitch("System.Net.DisableIPv6", true);
+       }
+
        setSwitch("Switch.System.Diagnostics.StackTrace.ShowILOffsets", true);
 
        vconf_ignore_key_changed(VCONFKEY_LANGSET, langChangedCB);

diff --git a/packaging/dotnet-launcher.spec b/packaging/dotnet-launcher.spec
index 1deff42..faa0280 100644 (file)
--- a/packaging/dotnet-launcher.spec
+++ b/packaging/dotnet-launcher.spec
@@ -25,6 +25,7 @@ BuildRequires: pkgconfig(jsoncpp)
 BuildRequires: pkgconfig(openssl1.1)
 BuildRequires: pkgconfig(libsystemd)
 BuildRequires: pkgconfig(libtzplatform-config)
+BuildRequires: pkgconfig(security-manager)
 BuildRequires: sqlite-devel
 BuildRequires: boost-devel
 BuildRequires: aul-devel