CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-PROJECT("capi-vpn-service-pkg")
+SET(PACKAGE_NAME capi-vpnsvc)
+SET(LIB_NAME ${PACKAGE_NAME})
+PROJECT(${LIB_NAME})
+SET(PREFIX ${CMAKE_INSTALL_PREFIX})
+SET(EXEC_PREFIX "\${prefix}")
+SET(LIBDIR ${LIB_INSTALL_DIR})
+SET(INCLUDEDIR "\${prefix}/include")
+SET(VERSION 0.1)
+
+SET(requires "dlog dbus-1 glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common capi-appfw-application capi-appfw-app-manager capi-system-info")
+SET(pc_requires "capi-base-common")
-############################# cmake packages ##################################
+SET(SRCS
+ src/capi_vpn_service.c
+)
+
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
INCLUDE(FindPkgConfig)
+pkg_check_modules(${PACKAGE_NAME} REQUIRED ${requires})
+FOREACH(flag ${${PACKAGE_NAME}_CFLAGS})
+ SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
+ENDFOREACH(flag)
-############################# compiler flags ##################################
+# Compiler flags
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fPIC -Wall -fvisibility=hidden")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
+SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
-SET(CMAKE_INSTALL_PREFIX /usr)
-SET(PREFIX ${CMAKE_INSTALL_PREFIX})
-SET(EXEC_PREFIX ${PREFIX}/bin)
-SET(LIBDIR ${LIB_INSTALL_DIR})
-SET(INCLUDEDIR ${PREFIX}/include)
+ADD_DEFINITIONS("-DPREFIX=\"${PREFIX}\"")
+ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"")
+ADD_DEFINITIONS("-DDATAFS=\"$ENV{DATADIR}\"")
+ADD_DEFINITIONS("-DSLP_DEBUG")
-# If supported for the target machine, emit position-independent code,suitable
-# for dynamic linking and avoiding any limit on the size of the global offset
-# table. This option makes a difference on the m68k, PowerPC and SPARC.
-# (BJ: our ARM too?)
-ADD_DEFINITIONS("-fPIC")
+SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR})
-# Set compiler warning flags
+ADD_LIBRARY(${PACKAGE_NAME} SHARED ${SRCS})
+TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} -lrt -ldl)
-# ADD_DEFINITIONS("-Werror") # Make all warnings into errors.
-ADD_DEFINITIONS("-Wall") # Generate all warnings
+INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION ${LIBDIR})
+INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/vpn_service.h DESTINATION include)
-ADD_SUBDIRECTORY(framework)
-ADD_SUBDIRECTORY(daemon)
-ADD_SUBDIRECTORY(test)
+SET_TARGET_PROPERTIES(${PACKAGE_NAME}
+ PROPERTIES
+ VERSION ${FULLVER}
+ SOVERSION ${MAJORVER}
+ CLEAN_DIRECT_OUTPUT 1
+)
+
+
+SET(PC_NAME ${PACKAGE_NAME})
+SET(PC_REQUIRED ${pc_requires})
+SET(PC_CFLAGS -I\${includedir})
+SET(PC_LDFLAGS -l${PACKAGE_NAME})
+CONFIGURE_FILE(
+ ${PACKAGE_NAME}.pc.in
+ ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc
+ @ONLY
+)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc DESTINATION ${LIBDIR}/pkgconfig)
+
+ADD_SUBDIRECTORY(test)
+++ /dev/null
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-SET(PACKAGE_NAME vpnsvc-daemon)
-SET(LIB_NAME ${PACKAGE_NAME})
-PROJECT(${LIB_NAME})
-SET(PREFIX ${CMAKE_INSTALL_PREFIX})
-SET(EXEC_PREFIX "\${prefix}")
-SET(LIBDIR ${LIB_INSTALL_DIR})
-SET(INCLUDEDIR "\${prefix}/include")
-SET(DAEMON_DIR "${CMAKE_SOURCE_DIR}/daemon")
-SET(VERSION 0.1)
-
-SET(requires "dlog dbus-1 glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common capi-appfw-package-manager cynara-client cynara-creds-gdbus cynara-session")
-SET(pc_requires "capi-base-common")
-
-SET(SRCS
- src/vpnsvc.c
- src/vpndbus.c
- src/vpnerror.c
- src/vpn_service_daemon.c
- src/vpn_service_daemon_main.c
-)
-
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
- ${CMAKE_SOURCE_DIR}/framework/include
- ${CMAKE_SOURCE_DIR}/daemon/include)
-
-INCLUDE(FindPkgConfig)
-pkg_check_modules(${PACKAGE_NAME} REQUIRED ${requires})
-FOREACH(flag ${${PACKAGE_NAME}_CFLAGS})
- SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
-ENDFOREACH(flag)
-
-# Compiler flags
-SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fPIC -Wall -fvisibility=hidden")
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -I${DAEMON_DIR}")
-SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
-
-ADD_DEFINITIONS("-fPIE")
-ADD_DEFINITIONS("-DPREFIX=\"${PREFIX}\"")
-ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"")
-ADD_DEFINITIONS("-DDATAFS=\"$ENV{DATADIR}\"")
-ADD_DEFINITIONS("-DSLP_DEBUG")
-
-SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR}"")
-
-ADD_CUSTOM_COMMAND(
- WORKING_DIRECTORY
- OUTPUT ${DAEMON_DIR}/generated-code.c
- COMMAND gdbus-codegen --interface-prefix org.tizen.
- --generate-c-code generated-code
- --c-generate-object-manager
- --generate-docbook generated-code-docs
- ${DAEMON_DIR}/interfaces/org.tizen.vpnsvc.xml
- COMMENT "Generating GDBus .c/.h")
-
-ADD_EXECUTABLE(${PACKAGE_NAME} ${SRCS} ${DAEMON_DIR}/generated-code.c)
-TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} -lrt -ldl -pie)
-
-INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION bin)
-
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-
-#ifndef __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__
-#define __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__
-
-#include "capi_vpn_service_private.h"
-
-int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsvc_tun_s *handle_s);
-int vpn_daemon_deinit(const char* dev_name);
-int vpn_daemon_protect(int socket, const char* dev_name);
-int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip,
- char* routes[], int prefix[], size_t nr_routes,
- char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt,
- const char* dns_suffix, const unsigned int mtu);
-int vpn_daemon_down(int iface_index);
-int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn,
- char* nets_orig[], int prefix_orig[], size_t nr_nets_orig);
-int vpn_daemon_unblock_networks(void);
-
-#endif /* __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__ */
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef __VPNSERVICE_VPNDBUS_H__
-#define __VPNSERVICE_VPNDBUS_H__
-
-#include <glib.h>
-#include <gio/gio.h>
-#include <glib-object.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define VPNSERVICE_SERVICE "org.tizen.vpnsvc"
-#define VPNSERVICE_INTERFACE "org.tizen.vpnsvc"
-#define VPNSERVICE_PATH "/org/tizen/vpnsvc"
-
-typedef void (*vpnsvc_got_name_cb)(void);
-
-GDBusObjectManagerServer *vpnsvc_get_vpn_manager(void);
-GDBusConnection *vpnsvc_gdbus_get_connection(void);
-GCancellable *vpnsvc_gdbus_get_gdbus_cancellable(void);
-void vpnsvc_gdbus_pending_call_ref(void);
-void vpnsvc_gdbus_pending_call_unref(void);
-int vpnsvc_create_gdbus_call(GDBusConnection *conn);
-
-gboolean vpnsvc_invoke_dbus_method_nonblock(const char *dest, const char *path,
- const char *interface_name, const char *method, GVariant *params,
- GAsyncReadyCallback notify_func);
-GVariant *vpnsvc_invoke_dbus_method(const char *dest, const char *path,
- const char *interface_name, const char *method,
- GVariant *params);
-
-int vpnsvc_setup_gdbus(vpnsvc_got_name_cb cb);
-void vpnsvc_cleanup_gdbus(void);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __VPNSERVICE_VPNDBUS_H__ */
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef __VPNSERVICE_VPNERROR_H__
-#define __VPNSERVICE_VPNERROR_H__
-
-#include <glib.h>
-#include <gio/gio.h>
-#include <glib-object.h>
-
-#include "vpn_service_daemon.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void vpnsvc_error_inprogress(GDBusMethodInvocation *context);
-void vpnsvc_error_invalid_parameter(GDBusMethodInvocation *context);
-void vpnsvc_error_permission_denied(GDBusMethodInvocation *context);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __VPNSERVICE_VPNERROR_H__ */
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef __VPNSERVICE_VPNSVC_H__
-#define __VPNSERVICE_VPNSVC_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <glib.h>
-#include <gio/gio.h>
-#include <glib-object.h>
-
-#include "generated-code.h"
-
-typedef enum _net_vpn_service_privilege_e {
- PRIVILEGE_VPN_SERVICE = 0x00,
- PRIVILEGE_VPN_SERVICE_ADMIN,
- PRIVILEGE_INTERNET,
-} net_vpn_service_privilege_e;
-
-void vpnsvc_create_and_init(void);
-void vpnsvc_destroy_deinit(void);
-Vpnsvc *get_vpnsvc_object(void);
-gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation,
- net_vpn_service_privilege_e _privilege);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __VPNSERVICE_VPNSVC_H__ */
+++ /dev/null
-<node name='/org/tizen/vpnsvc'>
- <interface name='org.tizen.vpnsvc'>
- <method name='vpn_init'>
- <arg type='s' name='iface_name' direction='in'/>
- <arg type='u' name='iface_name_len' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- <arg type='i' name='h_index' direction='out'/>
- <arg type='s' name='h_name' direction='out'/>
- </method>
- <method name='vpn_deinit'>
- <arg type='s' name='dev_name' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- </method>
- <method name='vpn_protect'>
- <arg type='s' name='dev_name' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- </method>
- <method name='vpn_up'>
- <arg type='i' name='iface_index' direction='in'/>
- <arg type='s' name='local_ip' direction='in'/>
- <arg type='s' name='remote_ip' direction='in'/>
- <arg type='v' name='routes' direction='in'/>
- <arg type='u' name='nr_routes' direction='in'/>
- <arg type='v' name='dns_servers' direction='in'/>
- <arg type='u' name='nr_dns' direction='in'/>
- <arg type='s' name='dns_suffix' direction='in'/>
- <arg type='u' name='mtu' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- </method>
- <method name='vpn_down'>
- <arg type='i' name='iface_index' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- </method>
- <method name='vpn_block_networks'>
- <arg type='v' name='nets_vpn' direction='in'/>
- <arg type='u' name='nr_nets_vpn' direction='in'/>
- <arg type='v' name='nets_orig' direction='in'/>
- <arg type='u' name='nr_nets_orig' direction='in'/>
- <arg type='i' name='result' direction='out'/>
- </method>
- <method name='vpn_unblock_networks'>
- <arg type='i' name='result' direction='out'/>
- </method>
- </interface>
-</node>
-
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-
-#include <errno.h>
-#include <net/route.h>
-#include <glib.h>
-#include <gio/gio.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/ioctl.h>
-#include <sys/un.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "vpn_service_daemon.h"
-
-#ifdef LOG_TAG
-#undef LOG_TAG
-#endif
-#define LOG_TAG "VPNSVC_DAEMON"
-#define BUF_SIZE_FOR_ERR 100
-
-#define CONNMAN_SERVICE "net.connman"
-#define CONNMAN_INTERFACE_MANAGER "net.connman.Manager"
-#define CONNMAN_INTERFACE_SERVICE "net.connman.Service"
-
-
-/* for iptables */
-static char iptables_cmd[] = "/usr/sbin/iptables";
-static char iptables_filter_prefix[] = "CAPI_VPN_SERVICE_";
-static char iptables_filter_out[] = "OUTPUT";
-static char iptables_filter_in[] = "INPUT";
-static char iptables_filter_interface_wlan[] = "wlan0";
-/* static char iptables_register_fmt[] = "%s -N %s%s -w;" "%s -F %s%s -w;" "%s -A %s%s -j RETURN -w;" "%s -I %s -j %s%s -w;"; */
-static char iptables_register_fmt[] = "%s -N %s%s -w;" "%s -F %s%s -w;" "%s -A %s%s -j DROP -w;" "%s -A %s%s -j RETURN -w;" "%s -I %s -j %s%s -w;";
-static char iptables_unregister_fmt[] = "%s -D %s -j %s%s -w;" "%s -F %s%s -w;" "%s -X %s%s -w;";
-static char iptables_rule_fmt[] = "%s -%c %s%s -%c %s/%d -j ACCEPT -w;";
-static char iptables_rule_with_interface_fmt[] = "%s -%c %s%s -%c %s -%c %s/%d -j ACCEPT -w;";
-/*static char iptables_usage_fmt[] = "%s -L %s%s -n -v -w;";*/
-/* iptables -t nat -A CAPI_VPN_SERVICE_OUTPUT -p udp -d <vpn dns address> --dport 53 -j DNAT --to <vpn defice address:53> */
-static char iptables_nat_chain_name[] = "CAPI_VPN_SERVICE_NAT_OUTPUT";
-#if 0
-static char iptables_nat_register_init_fmt[] = "%s -t nat -N %s -w;" "%s -t nat -F %s -w;" "%s -t nat -I %s -j %s -w;";
-static char iptables_nat_register_rule_fmt[] = "%s -t nat -A %s -p udp -d %s --dport 53 -j DNAT --to %s:53 -w;";
-#endif
-static char iptables_nat_unregister_fmt[] = "%s -t nat -D %s -j %s -w;" "%s -t nat -F %s -w;" "%s -t nat -X %s -w;";
-
-typedef unsigned long int ipv4; /* Declare variable type for ipv4 net address. */
-
-static GDBusConnection *global_connection = NULL;
-
-static ipv4 make_mask(int prefix)
-{
- ipv4 mask = 0;
- int i = 0;
-
- for (i = prefix; i > 0; i--)
- mask += (ipv4) (1 << (32 - i));
- return mask;
-}
-
-static in_addr_t host2net(ipv4 host)
-{
- in_addr_t net;
-
- net = 0;
-
- net |= (host & 0x000000FF) << 24;
- net |= (host & 0x0000FF00) << 8;
- net |= (host & 0x00FF0000) >> 8;
- net |= (host & 0xFF000000) >> 24;
-
- return net;
-}
-
-static int add_routes(char* iface_name, char* routes[], int prefix[], size_t nr_routes)
-{
- struct rtentry rt;
- struct sockaddr_in addr;
- int sk;
- unsigned int i = 0;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- LOGD("Enter add_routes");
-
- sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
- if (sk < 0) {
- LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- for (i = 0; i < nr_routes; i++) {
- memset(&rt, 0, sizeof(rt));
- rt.rt_flags = RTF_UP;
-
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = inet_addr(routes[i]);
- memcpy(&rt.rt_dst, &addr, sizeof(rt.rt_dst));
-
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- memcpy(&rt.rt_gateway, &addr, sizeof(rt.rt_gateway));
-
- /* set mask using by prefix length */
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- addr.sin_addr.s_addr = host2net(make_mask(prefix[i]));
- memcpy(&rt.rt_genmask, &addr, sizeof(rt.rt_genmask));
-
- rt.rt_dev = iface_name;
-
- if (ioctl(sk, SIOCADDRT, &rt) < 0) {
- LOGE("ioctl SIOCADDRT failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
- }
-
- close(sk);
-
- return VPNSVC_ERROR_NONE;
-}
-
-static int add_dns_routes(char* if_name, char** dns_servers, size_t nr_dns)
-{
- struct rtentry rt;
- struct sockaddr_in addr;
- int sk;
- unsigned int i = 0;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- LOGD("Enter add_routes");
-
- sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
- if (sk < 0) {
- LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- for (i = 0; i < nr_dns; i++) {
- memset(&rt, 0, sizeof(rt));
- rt.rt_flags = RTF_UP;
-
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = inet_addr(dns_servers[i]);
- memcpy(&rt.rt_dst, &addr, sizeof(rt.rt_dst));
-
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- memcpy(&rt.rt_gateway, &addr, sizeof(rt.rt_gateway));
-
- /* set mask using by prefix length */
- memset(&addr, 0, sizeof(addr));
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = INADDR_ANY;
- addr.sin_addr.s_addr = host2net(make_mask(32));
- memcpy(&rt.rt_genmask, &addr, sizeof(rt.rt_genmask));
-
- rt.rt_dev = if_name;
-
- if (ioctl(sk, SIOCADDRT, &rt) < 0) {
- LOGE("ioctl SIOCADDRT failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
- }
-
- close(sk);
-
- return VPNSVC_ERROR_NONE;
-}
-
-static void connman_connection_open(void)
-{
- if (global_connection == NULL) {
- GError *error = NULL;
-#if !GLIB_CHECK_VERSION(2, 36, 0)
- g_type_init();
-#endif
-
- global_connection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &error);
- if (global_connection == NULL) {
- if (error != NULL) {
- LOGE("Error connman connection open: %s", error->message);
- g_error_free(error);
- }
- }
- }
-}
-
-static void connman_connection_close(GDBusConnection *connection)
-{
- if (connection)
- g_object_unref(connection);
-}
-
-static GVariant *connman_method_call(
- GDBusConnection *connection, char *service, char *path,
- char *interface, char *method, GVariant *params)
-{
- GError *error = NULL;
- GVariant *message = NULL;
-
- message = g_dbus_connection_call_sync(
- connection, service, path, interface, method, params,
- NULL, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &error);
-
- if (message == NULL) {
- if (error != NULL) {
- LOGE("error: g_dbus_connection_call_sync [%d: %s]", error->code, error->message);
- g_error_free(error);
- } else {
- LOGE("error: g_dbus_connection_call_sync\n");
- }
- }
-
- return message;
-}
-
-static char *connman_default_profile(GDBusConnection *connection)
-{
- gchar *key = NULL;
- GVariantIter *value = NULL;
- GVariant *message = NULL;
- GVariantIter *iter = NULL;
- char *profile = NULL;
-
- message = connman_method_call(connection, CONNMAN_SERVICE, "/",
- CONNMAN_INTERFACE_MANAGER, "GetServices", NULL);
-
- if (message) {
- g_variant_get(message, "(a(oa{sv}))", &iter);
- while (g_variant_iter_loop(iter, "(oa{sv})", &key, &value)) {
- profile = strdup(key);
- break;
- }
-
- if (value)
- g_variant_iter_free(value);
- if (key)
- g_free(key);
-
- g_variant_iter_free(iter);
- g_variant_unref(message);
- }
-
- return profile;
-}
-
-#if 0
-static char *connman_get_items(GDBusConnection *connection, char *profile, const char *keystr)
-{
- GVariant *message = NULL;
- GVariantIter *iter = NULL;
- GVariantIter *next = NULL;
- gchar *obj = NULL;
- char *items = NULL;
-
- message = connman_method_call(connection, CONNMAN_SERVICE, "/",
- CONNMAN_INTERFACE_MANAGER, "GetServices", NULL);
-
- if (message) {
- g_variant_get(message, "(a(oa{sv}))", &iter);
- while (g_variant_iter_loop(iter, "(oa{sv})", &obj, &next)) {
- if (strcmp(obj, profile) == 0) {
- GVariant *var;
- gchar *key;
-
- while (g_variant_iter_loop(next, "{sv}", &key, &var)) {
- if (g_strcmp0(key, keystr) == 0) {
- GVariantIter *iter_item;
- const gchar *value = NULL;
-
- g_variant_get(var, "as", &iter_item);
- while (g_variant_iter_loop(iter_item, "s", &value)) {
- if (items) {
- char *tmp_items;
-
- tmp_items = (char *) malloc(strlen(items) + 1 + strlen(value) + 1);
- if (items) {
- snprintf(tmp_items, strlen(tmp_items), "%s,%s", items, value);
- free(items);
- items = tmp_items;
- }
- } else {
- items = strdup(value);
- }
- }
- g_variant_iter_free(iter_item);
- break;
- }
- }
- break;
- }
- }
- g_variant_iter_free(iter);
- g_variant_unref(message);
- }
-
- return items;
-}
-#endif
-
-static void connman_set_items(GDBusConnection *connection, char *profile,
- const char *keystr, char *items)
-{
- GVariant *message = NULL;
- GVariantBuilder *builder = NULL;
- GVariant *params = NULL;
- char *strings = strdup(items);
- char *addr = NULL;
- char *temp = NULL;
-
- builder = g_variant_builder_new(G_VARIANT_TYPE("as"));
- if ((addr = strtok_r(strings, ", ", &temp)) != NULL) {
- do {
- g_variant_builder_add(builder, "s", addr);
- } while ((addr = strtok_r(NULL, ", ", &temp)) != NULL);
- }
- free(strings);
- params = g_variant_new("(sv)", keystr,
- g_variant_builder_end(builder));
- g_variant_builder_unref(builder);
-
- message = connman_method_call(connection, CONNMAN_SERVICE, profile,
- CONNMAN_INTERFACE_SERVICE, "SetProperty", params);
- if (message)
- g_variant_unref(message);
-
-}
-
-#if 0
-static char *connman_get_nameservers(GDBusConnection *connection, char *profile)
-{
- return connman_get_items(connection, profile, "Nameservers");
-}
-
-static char *connman_get_nameservers_conf(GDBusConnection *connection, char *profile)
-{
- return connman_get_items(connection, profile, "Nameservers.Configuration");
-}
-#endif
-
-static void connman_set_nameservers(GDBusConnection *connection, char *profile,
- char *nameservers)
-{
- return connman_set_items(connection, profile,
- "Nameservers.Configuration", nameservers);
-}
-
-#if 0
-static char *connman_get_domains(GDBusConnection *connection, char *profile)
-{
- return connman_get_items(connection, profile, "Domains");
-}
-
-static char *connman_get_domains_conf(GDBusConnection *connection, char *profile)
-{
- return connman_get_items(connection, profile, "Domains.Configuration");
-}
-#endif
-
-static void connman_set_domains(GDBusConnection *connection, char *profile,
- char *domains)
-{
- return connman_set_items(connection, profile,
- "Domains.Configuration", domains);
-}
-
-#if 0
-static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt)
-{
- char *profile = NULL;
- char *items = NULL;
- char *org_items = NULL;
- char *new_items = NULL;
- unsigned int i = 0;
-
- connman_connection_open();
-
- profile = connman_default_profile(global_connection);
- if (profile == NULL) {
- LOGE("connman_default_profile failed");
- connman_connection_close(global_connection);
- return VPNSVC_ERROR_IPC_FAILED;
- }
-
- LOGD("profile : %s\n", profile);
-
- /* add name servers */
- org_items = connman_get_nameservers(global_connection, profile);
-
- if (org_items) {
- LOGD("original DNS : %s\n", org_items);
- /* nr_dns = comma(,) count */
- items = (char *) calloc((total_dns_string_cnt + nr_dns + strlen(org_items) + 1), sizeof(char));
- if (items == NULL) {
- LOGE("OOM while malloc\n");
- return VPNSVC_ERROR_OUT_OF_MEMORY;
- }
- strncpy(items, org_items, strlen(org_items));
- for (i = 0 ; i < nr_dns ; i++) {
- strncat(items, ",", 1);
- strncat(items, dns_servers[i], strlen(dns_servers[i]));
- }
- free(org_items);
- org_items = NULL;
- } else {
- /* nr_dns = comma(,) count + end null char */
- items = (char *) calloc(total_dns_string_cnt + nr_dns, sizeof(char));
- if (items == NULL) {
- LOGE("OOM while malloc\n");
- return VPNSVC_ERROR_OUT_OF_MEMORY;
- }
- for (i = 0 ; i < nr_dns ; i++) {
- strncat(items, dns_servers[i], strlen(dns_servers[i]));
- if (i != nr_dns - 1)
- strncat(items, ",", 1);
- }
- }
-
- if (items) {
- LOGD("adding DNS : %s\n", items);
- connman_set_nameservers(global_connection, profile, items);
- free(items);
- items = NULL;
- }
-
- /* print new DNSs */
- new_items = connman_get_nameservers_conf(global_connection, profile);
- LOGD("new_dns : %s\n", new_items);
-
- if (new_items)
- free(new_items);
- free(profile);
- return VPNSVC_ERROR_NONE;
-}
-#endif
-
-static int del_dns_servers()
-{
- char *profile = NULL;
-
- connman_connection_open();
-
- profile = connman_default_profile(global_connection);
- if (profile == NULL) {
- LOGE("connman_default_profile failed");
- connman_connection_close(global_connection);
- return VPNSVC_ERROR_IPC_FAILED;
- }
-
- LOGD("profile : %s", profile);
-
- /* del name servers */
- connman_set_nameservers(global_connection, profile, "");
-
- if (profile)
- free(profile);
-
- return VPNSVC_ERROR_NONE;
-}
-
-#if 0
-static int add_dns_suffix(const char* dns_suffix, size_t dns_suffix_len)
-{
- char *profile = NULL;
- char *items = NULL;
- char *org_items = NULL;
- char *new_items = NULL;
-
- connman_connection_open();
-
- profile = connman_default_profile(global_connection);
- if (profile == NULL) {
- LOGE("connman_default_profile failed");
- connman_connection_close(global_connection);
- return VPNSVC_ERROR_IPC_FAILED;
- }
-
- LOGD("profile : %s", profile);
-
- /* add name servers */
- org_items = connman_get_domains(global_connection, profile);
-
- if (org_items) {
- LOGD("original DNS suffix : %s", org_items);
- /* comma(,) and end null character included */
- items = (char *) calloc((dns_suffix_len + strlen(org_items) + 2), sizeof(char));
- if (items == NULL) {
- LOGE("OOM while malloc");
- return VPNSVC_ERROR_OUT_OF_MEMORY;
- }
- strncpy(items, org_items, strlen(org_items));
- strncat(items, ",", 1);
- strncat(items, dns_suffix, dns_suffix_len);
- free(org_items);
- org_items = NULL;
- } else {
- /* nr_dns = comma(,) count + end null char */
- items = (char *) calloc((dns_suffix_len + 1), sizeof(char));
- if (items == NULL) {
- LOGE("OOM while malloc");
- return VPNSVC_ERROR_OUT_OF_MEMORY;
- }
- strncat(items, dns_suffix, dns_suffix_len);
- }
-
- if (items) {
- LOGD("adding DNS suffix : %s\n", items);
- connman_set_domains(global_connection, profile, items);
- free(items);
- items = NULL;
- }
-
- /* print new domains */
- new_items = connman_get_domains_conf(global_connection, profile);
- LOGD("new DNS suffix : %s\n", new_items);
-
- if (new_items)
- free(new_items);
-
- if (profile)
- free(profile);
-
- return VPNSVC_ERROR_NONE;
-}
-#endif
-
-static int del_dns_suffix()
-{
- char *profile = NULL;
-
- connman_connection_open();
-
- profile = connman_default_profile(global_connection);
- if (profile == NULL) {
- LOGE("connman_default_profile failed");
- connman_connection_close(global_connection);
- return VPNSVC_ERROR_IPC_FAILED;
- }
-
- LOGD("profile : %s", profile);
-
- /* del DNS suffix */
- connman_set_domains(global_connection, profile, "");
-
- if (profile)
- free(profile);
-
- return VPNSVC_ERROR_NONE;
-}
-
-
-static void iptables_exec(char *cmdline)
-{
- FILE *fp = NULL;
-
- fp = popen(cmdline, "r");
-
- if (fp != NULL)
- pclose(fp);
-}
-
-#if 0
-static void dns_nat_register(char **vpn_dns_address, size_t nr_dns, char *vpn_device_address)
-{
- int size = 0, i;
- char buf[8192];
-
- snprintf(buf + size, sizeof(buf) - size, iptables_nat_register_init_fmt,
- iptables_cmd, iptables_nat_chain_name,
- iptables_cmd, iptables_nat_chain_name,
- iptables_cmd, iptables_filter_out, iptables_nat_chain_name);
- size = strlen(buf);
-
- for (i = 0 ; i < nr_dns ; i++) {
- snprintf(buf + size, sizeof(buf) - size, iptables_nat_register_rule_fmt,
- iptables_cmd, iptables_nat_chain_name, vpn_dns_address[i], vpn_device_address);
- size = strlen(buf);
- }
- LOGD("iptable dns nat reg cmd : %s", buf);
- iptables_exec(buf);
-}
-#endif
-
-static void dns_nat_unregister(void)
-{
- int size = 0;
- char buf[8192];
-
- snprintf(buf + size, sizeof(buf) - size, iptables_nat_unregister_fmt,
- iptables_cmd, iptables_filter_out, iptables_nat_chain_name,
- iptables_cmd, iptables_nat_chain_name,
- iptables_cmd, iptables_nat_chain_name);
- size = strlen(buf);
- LOGD("iptable dns nat unreg cmd : %s", buf);
- iptables_exec(buf);
-}
-
-static void iptables_register(void)
-{
- int size = 0;
- char buf[8192], *filter;
-
- filter = iptables_filter_out;
- snprintf(buf + size, sizeof(buf) - size, iptables_register_fmt,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, filter, iptables_filter_prefix, filter);
- size = strlen(buf);
- filter = iptables_filter_in;
- snprintf(buf + size, sizeof(buf) - size, iptables_register_fmt,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, filter, iptables_filter_prefix, filter);
- LOGD("iptable reg cmd : %s", buf);
- iptables_exec(buf);
-}
-
-static void iptables_unregister(void)
-{
- int size = 0;
- char buf[8192], *filter;
-
- filter = iptables_filter_out;
- snprintf(buf + size, sizeof(buf) - size, iptables_unregister_fmt,
- iptables_cmd, filter, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter);
- size = strlen(buf);
- filter = iptables_filter_in;
- snprintf(buf + size, sizeof(buf) - size, iptables_unregister_fmt,
- iptables_cmd, filter, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter,
- iptables_cmd, iptables_filter_prefix, filter);
- LOGD("iptable unreg cmd : %s", buf);
- iptables_exec(buf);
-}
-
-static void iptables_rule(const char c, const char *addr, const int mask)
-{
- int size = 0;
- char buf[4096];
-
- snprintf(buf + size, sizeof(buf) - size, iptables_rule_fmt, iptables_cmd, c,
- iptables_filter_prefix, iptables_filter_out, 'd', addr, mask);
- size = strlen(buf);
- snprintf(buf + size, sizeof(buf) - size, iptables_rule_fmt, iptables_cmd, c,
- iptables_filter_prefix, iptables_filter_in, 's', addr, mask);
- LOGD("iptable cmd : %s", buf);
- iptables_exec(buf);
-}
-
-static void iptables_rule_interface(const char c, const char *addr, const int mask, const char *interface)
-{
- int size = 0;
- char buf[4096];
-
- snprintf(buf + size, sizeof(buf) - size,
- iptables_rule_with_interface_fmt, iptables_cmd,
- c, iptables_filter_prefix, iptables_filter_out,
- 'o', interface, 'd', addr, mask);
- size = strlen(buf);
- snprintf(buf + size, sizeof(buf) - size,
- iptables_rule_with_interface_fmt, iptables_cmd,
- c, iptables_filter_prefix, iptables_filter_in,
- 'i', interface, 's', addr, mask);
- LOGD("iptable cmd : %s", buf);
- iptables_exec(buf);
-}
-
-void iptables_add_orig(const char *addr, const int mask)
-{
- iptables_rule_interface('I', addr, mask, iptables_filter_interface_wlan);
-}
-
-void iptables_delete_orig(const char *addr, const int mask)
-{
- iptables_rule_interface('D', addr, mask, iptables_filter_interface_wlan);
-}
-
-void iptables_add(const char *addr, const int mask)
-{
- iptables_rule('I', addr, mask);
-}
-
-void iptables_delete(const char *addr, const int mask)
-{
- iptables_rule('D', addr, mask);
-}
-
-static int get_interface_index(const char *iface_name)
-{
- struct ifreq ifr;
- int sk = 0;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- LOGD("enter get_interface_index, iface_name : %s", iface_name);
-
- sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
- if (sk < 0) {
- LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- memset(&ifr, 0, sizeof(ifr));
-
- if (*iface_name)
- strncpy(ifr.ifr_name, iface_name, strlen(iface_name));
-
- /* get an interface name by ifindex */
- if (ioctl(sk, SIOCGIFINDEX, &ifr) < 0) {
- LOGE("ioctl SIOCGIFINDEX failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- close(sk);
-
- return ifr.ifr_ifindex;
-}
-
-
-int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsvc_tun_s *handle_s)
-{
- struct ifreq ifr;
- size_t len = 0;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- LOGD("enter vpn_daemon_init, iface_name : %s, iface_name_len : %d, fd : %d\n", iface_name, iface_name_len, fd);
-
- memset(&ifr, 0, sizeof(ifr));
-
- /* Flags: IFF_TUN - TUN device (no Ethernet headers)
- * IFF_TAP - TAP device
- *
- * IFF_NO_PI - Do not provide packet information
- */
-
- ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
-
- if (*iface_name)
- strncpy(ifr.ifr_name, iface_name, iface_name_len);
-
- LOGD("before init, ifindex : %d", ifr.ifr_ifindex);
-
- if (ioctl(fd, TUNSETIFF, (void *) &ifr) < 0) {
- LOGE("TUNSETIFF Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(fd);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- if (ioctl(fd, TUNSETOWNER, 5000) < 0) {
- LOGE("TUNSETOWNER Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(fd);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- if (ioctl(fd, TUNSETPERSIST, 1) < 0) {
- LOGE("TUNSETPERSIST Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(fd);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- handle_s->fd = 0; /* server fd does not meaning */
- handle_s->index = get_interface_index(iface_name);
- len = strlen(ifr.ifr_name);
- strncpy(handle_s->name, ifr.ifr_name, len);
- handle_s->name[len] = '\0';
-
- return VPNSVC_ERROR_NONE;
-}
-
-int vpn_daemon_deinit(const char* dev_name)
-{
- char buf[100];
- FILE *fp = NULL;
-
- snprintf(buf, sizeof(buf), "/usr/sbin/ip link del %s", dev_name);
- LOGD("link delete cmd : %s", buf);
-
- fp = popen(buf, "r");
- if (fp != NULL) {
- pclose(fp);
- return VPNSVC_ERROR_NONE;
- } else {
- return VPNSVC_ERROR_IO_ERROR;
- }
-}
-
-int vpn_daemon_protect(int socket_fd, const char* dev_name)
-{
- int ret = VPNSVC_ERROR_NONE;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
- LOGD("enter vpn_daemon_protect, socket : %d, dev_name : %s\n", socket_fd, dev_name);
-
- ret = setsockopt(socket_fd, SOL_SOCKET, SO_BINDTODEVICE,
- dev_name, strlen(dev_name));
-
- if (ret < 0) {
- LOGD("setsockopt failed : %d, %s", ret, strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- ret = VPNSVC_ERROR_IO_ERROR;
- } else {
- ret = VPNSVC_ERROR_NONE;
- }
-
- return ret;
-}
-
-int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip,
- char* routes[], int prefix[], size_t nr_routes,
- char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt,
- const char* dns_suffix, const unsigned int mtu) {
-
- struct sockaddr_in local_addr;
- struct sockaddr_in remote_addr;
- struct ifreq ifr_tun;
- int sk;
- int ret = VPNSVC_ERROR_NONE;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- LOGD("enter vpn_daemon_up");
-
- LOGD("iface_index : %d", iface_index);
- LOGD("local ip : %s", local_ip);
- LOGD("remote ip : %s", remote_ip);
- LOGD("route pointer : %p, nr_routes : %d, dns_server pointer : %p, nr_dns : %d, dns_suffix : %s, mtu : %d", routes, nr_routes, dns_servers, nr_dns, dns_suffix, mtu);
-
-
- sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
- if (sk < 0) {
- LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- memset(&ifr_tun, 0, sizeof(ifr_tun));
- ifr_tun.ifr_ifindex = iface_index;
-
- /* get an interface name by ifindex */
- if (ioctl(sk, SIOCGIFNAME, &ifr_tun) < 0) {
- LOGE("ioctl SIOCGIFNAME failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- /* local ip setting */
- memset(&local_addr, 0, sizeof(local_addr));
- local_addr.sin_addr.s_addr = inet_addr(local_ip); /* network byte order */
- local_addr.sin_family = AF_INET;
- memcpy(&ifr_tun.ifr_addr, &local_addr, sizeof(ifr_tun.ifr_addr));
- if (ioctl(sk, SIOCSIFADDR, &ifr_tun) < 0) {
- LOGE("ioctl SIOCSIFADDR failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- /* remote ip setting */
- memset(&remote_addr, 0, sizeof(remote_addr));
- remote_addr.sin_addr.s_addr = inet_addr(remote_ip); /*network byte order*/
- remote_addr.sin_family = AF_INET;
- memcpy(&ifr_tun.ifr_dstaddr, &remote_addr, sizeof(ifr_tun.ifr_dstaddr));
- if (ioctl(sk, SIOCSIFDSTADDR, &ifr_tun) < 0) {
- LOGE("ioctl SIOCSIFDSTADDR failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- /* set the flags for vpn up */
- if (ioctl(sk, SIOCGIFFLAGS, &ifr_tun) < 0) {
- LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- ifr_tun.ifr_flags |= IFF_UP;
- ifr_tun.ifr_flags |= IFF_RUNNING;
-
- if (ioctl(sk, SIOCSIFFLAGS, &ifr_tun) < 0) {
- LOGE("ioctl SIOCSIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- /* mtu setting */
- if (ioctl(sk, SIOCGIFMTU, &ifr_tun) < 0) {
- LOGE("ioctl SIOCGIFMTU failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- if (mtu > 0 && ifr_tun.ifr_mtu != (int)mtu) {
- ifr_tun.ifr_mtu = mtu;
- if (ioctl(sk, SIOCSIFMTU, &ifr_tun) < 0) {
- LOGE("ioctl SIOCSIFMTU failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
- }
-
- close(sk);
-
- /* add routes */
- if (nr_routes > 0) {
- ret = add_routes(ifr_tun.ifr_name, routes, prefix, nr_routes);
- if (ret != VPNSVC_ERROR_NONE) {
- LOGE("add_routes failed");
- return ret;
- }
- }
-
- /* add DNS routes */
- if (nr_dns > 0) {
- ret = add_dns_routes(ifr_tun.ifr_name, dns_servers, nr_dns);
- if (ret != VPNSVC_ERROR_NONE) {
- LOGE("add_dns failed");
- return ret;
- }
- }
-
-#if 0
- /* add DNS servers */
- if (nr_dns > 0) {
- ret = add_dns_servers(dns_servers, nr_dns, total_dns_string_cnt);
- if (ret != VPNSVC_ERROR_NONE) {
- LOGE("add_dns failed");
- return ret;
- }
- }
-
- /* add_dns_suffix */
- if (dns_suffix) {
- ret = add_dns_suffix(dns_suffix, strlen(dns_suffix));
- if (ret != VPNSVC_ERROR_NONE) {
- LOGE("add_dns_suffix failed");
- return ret;
- }
- }
-
- if (nr_dns > 0)
- dns_nat_register(dns_servers, nr_dns, local_ip);
-#endif
-
- return ret;
-}
-
-
-
-int vpn_daemon_down(int iface_index)
-{
- struct ifreq ifr, addr_ifr;
- struct sockaddr_in *addr = NULL;
- int sk;
- char buf[BUF_SIZE_FOR_ERR] = { 0 };
-
- sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
- if (sk < 0) {
- LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- memset(&ifr, 0, sizeof(ifr));
- ifr.ifr_ifindex = iface_index;
-
- if (ioctl(sk, SIOCGIFNAME, &ifr) < 0) {
- LOGE("ioctl SIOCGIFNAME failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- if (ioctl(sk, SIOCGIFFLAGS, &ifr) < 0) {
- LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- memset(&addr_ifr, 0, sizeof(addr_ifr));
- memcpy(&addr_ifr.ifr_name, &ifr.ifr_name, sizeof(ifr.ifr_name) - 1);
- addr = (struct sockaddr_in *)&addr_ifr.ifr_addr;
- addr->sin_family = AF_INET;
- if (ioctl(sk, SIOCSIFADDR, &addr_ifr) < 0)
- LOGD("ioctl SIOCSIFADDR (could not clear IP address) failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
-
- if (!(ifr.ifr_flags & IFF_UP)) {
- LOGD("Interface already down");
- close(sk);
- return VPNSVC_ERROR_NONE;
- }
-
- ifr.ifr_flags = (ifr.ifr_flags & ~IFF_UP) | IFF_DYNAMIC;
- if (ioctl(sk, SIOCSIFFLAGS, &ifr) < 0) {
- LOGE("ioctl SIOCSIFFLAGS (interface down) failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR));
- close(sk);
- return VPNSVC_ERROR_IO_ERROR;
- }
-
- close(sk);
-
- /* routes are will be removed automatically while down interfaces */
- /* remove dns servers */
- del_dns_servers();
-
- /* remove dns suffix */
- del_dns_suffix();
-
- /* remove dns filter */
- dns_nat_unregister();
-
- return VPNSVC_ERROR_NONE;
-}
-
-int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn,
- char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) {
- unsigned int i;
-
- /* iptable chain regist */
- iptables_register();
-
- for (i = 0; i < nr_nets_vpn; i++) {
- LOGD("block[%d] ip/mask : %s/%d", i, nets_vpn[i], prefix_vpn[i]);
- iptables_add(nets_vpn[i], prefix_vpn[i]);
- }
-
- for (i = 0; i < nr_nets_orig; i++) {
- LOGD("allow[%d] ip/mask : %s/%d", i, nets_orig[i], prefix_orig[i]);
- iptables_add_orig(nets_orig[i], prefix_orig[i]);
- }
-
- return VPNSVC_ERROR_NONE;
-}
-
-int vpn_daemon_unblock_networks(void)
-{
- iptables_unregister();
-
- return VPNSVC_ERROR_NONE;
-}
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the License);
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an AS IS BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <unistd.h>
-#include <stdlib.h> /* exit, EXIT_FAILURE */
-#include <dlog/dlog.h>
-
-#include "vpnsvc.h"
-#include "vpndbus.h"
-
-
-#ifdef LOG_TAG
-#undef LOG_TAG
-#endif
-
-#define LOG_TAG "VPNSVC_DAEMON"
-
-static GMainLoop *main_loop = NULL;
-
-static void __vpnsvc_got_name_cb(void)
-{
- vpnsvc_create_and_init();
-}
-
-int main(void)
-{
- int ret;
-
- LOGD("VPN Service");
- if (daemon(0, 0) != 0)
- LOGD("Cannot start daemon");
-
-#if !GLIB_CHECK_VERSION(2, 36, 0)
- g_type_init();
-#endif
-
- main_loop = g_main_loop_new(NULL, FALSE);
- if (main_loop == NULL) {
- LOGE("Couldn't create GMainLoop\n");
- return 0;
- }
-
- ret = vpnsvc_setup_gdbus(__vpnsvc_got_name_cb);
- if (ret > 0) {
- LOGE("_vpnsvc_setup_gdbus is failed\n");
- return 0;
- }
-
- g_main_loop_run(main_loop);
-
- vpnsvc_cleanup_gdbus();
- vpnsvc_destroy_deinit();
-
- return 0;
-}
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <dlog/dlog.h>
-
-#include "vpndbus.h"
-
-#ifdef LOG_TAG
-#undef LOG_TAG
-#endif
-#define LOG_TAG "VPNSVC_DAEMON"
-
-#define DBUS_REPLY_TIMEOUT (120 * 1000)
-
-static GDBusObjectManagerServer *manager_server_vpn = NULL;
-static guint owner_id = 0;
-static vpnsvc_got_name_cb g_callback = NULL;
-
-struct gdbus_conn_data {
- GDBusConnection *connection;
- int conn_ref_count;
- GCancellable *cancellable;
-};
-
-static struct gdbus_conn_data gconn_data = {NULL, 0, NULL};
-
-GDBusObjectManagerServer *vpnsvc_get_vpn_manager(void)
-{
- return manager_server_vpn;
-}
-
-GDBusConnection *vpnsvc_gdbus_get_connection(void)
-{
- return gconn_data.connection;
-}
-
-GCancellable *vpnsvc_gdbus_get_gdbus_cancellable(void)
-{
- return gconn_data.cancellable;
-}
-
-void vpnsvc_gdbus_pending_call_ref(void)
-{
- g_object_ref(gconn_data.connection);
-
- __sync_fetch_and_add(&gconn_data.conn_ref_count, 1);
-}
-
-void vpnsvc_gdbus_pending_call_unref(void)
-{
- if (gconn_data.conn_ref_count < 1)
- return;
-
- g_object_unref(gconn_data.connection);
-
- if (__sync_sub_and_fetch(&gconn_data.conn_ref_count, 1) < 1) {
- /* TODO: Check this
- * gconn_data.connection = NULL;
- */
- }
-}
-
-int vpnsvc_create_gdbus_call(GDBusConnection *conn)
-{
- if (gconn_data.connection != NULL) {
- LOGE("Connection already set");
- return -1;
- }
-
- gconn_data.connection = conn;
- if (gconn_data.connection == NULL) {
- LOGE("Failed to connect to the D-BUS daemon");
- return -1;
- }
-
- gconn_data.cancellable = g_cancellable_new();
-
- return 0;
-}
-
-
-gboolean vpnsvc_invoke_dbus_method_nonblock(const char *dest, const char *path,
- const char *interface_name, const char *method, GVariant *params,
- GAsyncReadyCallback notify_func)
-{
- GDBusConnection *connection = NULL;
-
- LOGD("[GDBUS Async] %s %s %s", interface_name, method, path);
-
- connection = vpnsvc_gdbus_get_connection();
- if (connection == NULL) {
- LOGE("Failed to get gdbus connection");
- return FALSE;
- }
-
- g_dbus_connection_call(connection,
- dest,
- path,
- interface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- DBUS_REPLY_TIMEOUT,
- vpnsvc_gdbus_get_gdbus_cancellable(),
- (GAsyncReadyCallback) notify_func,
- NULL);
-
- if (notify_func != NULL)
- vpnsvc_gdbus_pending_call_ref();
-
- return TRUE;
-}
-
-GVariant *vpnsvc_invoke_dbus_method(const char *dest, const char *path,
- const char *interface_name, const char *method, GVariant *params)
-{
-
- GError *error = NULL;
- GVariant *reply = NULL;
- GDBusConnection *connection;
-
- connection = vpnsvc_gdbus_get_connection();
- if (connection == NULL) {
- LOGE("Failed to get GDBusconnection");
- return reply;
- }
-
- reply = g_dbus_connection_call_sync(
- connection,
- dest,
- path,
- interface_name,
- method,
- params,
- NULL,
- G_DBUS_CALL_FLAGS_NONE,
- DBUS_REPLY_TIMEOUT,
- vpnsvc_gdbus_get_gdbus_cancellable(),
- &error);
-
- if (reply == NULL) {
- if (error != NULL) {
- LOGE("g_dbus_connection_call_sync() failed"
- "error [%d: %s]", error->code, error->message);
- g_error_free(error);
- } else {
- LOGE("g_dbus_connection_call_sync() failed");
- }
-
- return NULL;
- }
-
- return reply;
-}
-
-static void __vpnsvc_got_bus_cb(GDBusConnection *conn, const gchar *name,
- gpointer user_data)
-{
- LOGD("connection: [%p] name: [%s] user_data: [%p]", conn, name, user_data);
-
- vpnsvc_create_gdbus_call(conn);
-}
-
-static void __vpnsvc_got_name_cb(GDBusConnection *conn, const gchar *name,
- gpointer user_data)
-{
- LOGD("connection: [%p] name: [%s] user_data: [%p]", conn, name, user_data);
-
- if (g_callback != NULL)
- g_callback();
-}
-
-static void __vpnsvc_lost_name_cb(GDBusConnection *conn, const gchar *name,
- gpointer user_data)
-{
- LOGD("connection: [%p] name: [%s] user_data: [%p]", conn, name, user_data);
- /* May service name is already in use */
- LOGE("Service name is already in use");
-
- /* The result of DBus name request is only permitted,
- * such as DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER.
- */
- exit(2);
-}
-
-int vpnsvc_setup_gdbus(vpnsvc_got_name_cb cb)
-{
- LOGD("VPN Service Setup!");
-
- g_callback = cb;
-
- manager_server_vpn = g_dbus_object_manager_server_new(
- VPNSERVICE_PATH);
- if (manager_server_vpn == NULL) {
- LOGE("Manager server for VPNSERVICE_PATH not created.");
- exit(1);
- }
-
- owner_id = g_bus_own_name(G_BUS_TYPE_SYSTEM, VPNSERVICE_SERVICE,
- G_BUS_NAME_OWNER_FLAGS_NONE, __vpnsvc_got_bus_cb,
- __vpnsvc_got_name_cb, __vpnsvc_lost_name_cb,
- NULL, NULL);
- if (!owner_id) {
- LOGE("Could not get system bus!");
- return -EIO;
- }
-
- LOGI("Got system bus!");
- return 0;
-}
-
-void vpnsvc_cleanup_gdbus(void)
-{
- LOGD("VPN Service Cleanup!");
-
- g_bus_unown_name(owner_id);
- g_object_unref(manager_server_vpn);
-
- return;
-}
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#include <glib.h>
-#include <dlog/dlog.h>
-
-#include "vpndbus.h"
-#include "vpnerror.h"
-
-#define VPNSVC_ERROR_INTERFACE VPNSERVICE_INTERFACE ".Error"
-
-void vpnsvc_error_inprogress(GDBusMethodInvocation *context)
-{
- LOGE("dbus method return error");
- g_dbus_method_invocation_return_error(context,
- G_DBUS_ERROR,
- G_DBUS_ERROR_ACCESS_DENIED,
- VPNSVC_ERROR_INTERFACE ".InProgress");
-}
-
-void vpnsvc_error_invalid_parameter(GDBusMethodInvocation *context)
-{
- LOGE("dbus method return error");
- g_dbus_method_invocation_return_error(context,
- G_DBUS_ERROR,
- G_DBUS_ERROR_ACCESS_DENIED,
- VPNSVC_ERROR_INTERFACE ".InvalidParameter");
-}
-
-void vpnsvc_error_permission_denied(GDBusMethodInvocation *context)
-{
- LOGE("dbus method return error");
- g_dbus_method_invocation_return_error(context,
- G_DBUS_ERROR,
- G_DBUS_ERROR_ACCESS_DENIED,
- VPNSVC_ERROR_INTERFACE ".PermissionDenied");
-}
+++ /dev/null
-/*
- * VPN Service Module
- *
- * Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <dlog/dlog.h>
-#include <gio/gunixfdlist.h>
-
-#include "vpnsvc.h"
-#include "vpndbus.h"
-#include "vpnerror.h"
-#include "vpn_service_daemon.h"
-
-#include "cynara-client.h"
-#include "cynara-creds-gdbus.h"
-#include "cynara-session.h"
-
-#ifdef LOG_TAG
-#undef LOG_TAG
-#endif
-#define LOG_TAG "VPNSVC_DAEMON"
-
-static Vpnsvc *vpnsvc = NULL;
-
-/*********************
- * Handler Functions *
- ********************/
-gboolean handle_vpn_init(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- const gchar *arg_iface_name,
- guint arg_iface_name_len)
-{
- LOGD("handle_vpn_init");
-
- int result = VPNSVC_ERROR_NONE;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false
- || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- vpnsvc_tun_s handle_s;
- GDBusMessage *msg;
- GUnixFDList *fd_list;
- int fd_list_length;
- const int *fds;
-
- LOGD("vpn_init, %s, %u\n", arg_iface_name, arg_iface_name_len);
-
- msg = g_dbus_method_invocation_get_message(invocation);
- fd_list = g_dbus_message_get_unix_fd_list(msg);
- fds = g_unix_fd_list_peek_fds(fd_list, &fd_list_length);
-
- if (fd_list_length <= 0)
- LOGD("D-Bus Message doesn't contain any fd!");
-
- LOGD("fd:%d\n", *fds);
-
- result = vpn_daemon_init(arg_iface_name, arg_iface_name_len, *fds, &handle_s);
-
- LOGD("handle_s.fd : %d, handle_s.index : %d, handle_s.name : %s",
- handle_s.fd, handle_s.index, handle_s.name);
-
- vpnsvc_complete_vpn_init(object, invocation, result, handle_s.index, handle_s.name);
-
- return TRUE;
-}
-
-gboolean handle_vpn_deinit(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- const gchar *arg_dev_name)
-{
- LOGD("handle_vpn_deinit");
-
- int result = VPNSVC_ERROR_NONE;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false
- || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- LOGD("vpn_deinit, %s\n", arg_dev_name);
-
- result = vpn_daemon_deinit(arg_dev_name);
-
- vpnsvc_complete_vpn_deinit(object, invocation, result);
-
- return TRUE;
-}
-
-gboolean handle_vpn_protect(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- const gchar *arg_dev_name)
-{
- LOGD("handle_vpn_protect");
-
- int result = VPNSVC_ERROR_NONE;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false
- || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- int socket;
- GDBusMessage *msg;
- GUnixFDList *fd_list;
- int fd_list_length;
- const int *fds;
-
- msg = g_dbus_method_invocation_get_message(invocation);
- fd_list = g_dbus_message_get_unix_fd_list(msg);
- fds = g_unix_fd_list_peek_fds(fd_list, &fd_list_length);
- if (fd_list_length <= 0)
- LOGD("D-Bus Message doesn't contain any fd!");
-
- socket = *fds;
- LOGD("vpn_protect, %d, %s\n", socket, arg_dev_name);
-
- result = vpn_daemon_protect(socket, arg_dev_name);
-
- vpnsvc_complete_vpn_protect(object, invocation, result);
-
- return TRUE;
-}
-
-gboolean handle_vpn_up(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- gint arg_iface_index,
- const gchar *arg_local_ip,
- const gchar *arg_remote_ip,
- GVariant *arg_routes,
- guint arg_nr_routes,
- GVariant *arg_dns_servers,
- guint arg_nr_dns,
- const gchar *arg_dns_suffix,
- guint arg_mtu)
-{
- LOGD("handle_vpn_up");
-
- int result = VPNSVC_ERROR_NONE;
-
- char *routes[arg_nr_routes];
- int prefix[arg_nr_routes];
- char **dns_servers = NULL;
-
- unsigned int i = 0;
- size_t total_dns_string_cnt = 0;
- gchar* temp_dns_server;
- GVariantIter iter;
-
- gchar* route_dest;
- gint route_prefix;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- LOGD("iface_index : %d", arg_iface_index);
- LOGD("local ip : %s", arg_local_ip);
- LOGD("remote ip : %s", arg_remote_ip);
- LOGD("dns_suffix : %s", arg_dns_suffix);
- LOGD("mtu : %u", arg_mtu);
- LOGD("arg_routes: %p", arg_routes);
- LOGD("nr_routes : %u", arg_nr_routes);
- LOGD("arg_dns_servers: %p", arg_dns_servers);
- LOGD("nr_dns : %u", arg_nr_dns);
-
- /* arg_routes check */
- if (arg_nr_routes > 0) {
- if (arg_routes != NULL) {
- GVariant *dict = g_variant_get_variant(arg_routes);
- g_variant_iter_init(&iter, dict);
- i = 0;
- while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) {
- int temp_dest_str_len = strlen(route_dest);
- routes[i] = g_try_malloc0((sizeof(char) * temp_dest_str_len)+1);
- strncpy(routes[i], route_dest, temp_dest_str_len);
- routes[i][temp_dest_str_len] = '\0';
- prefix[i] = route_prefix;
- LOGD("routes[%d] = %s \t", i, (routes[i] == NULL) ? "" : routes[i]);
- LOGD("prefix[%d] = %d ", i, prefix[i]);
- i++;
- }
- }
- }
-
-
- /* arg_nr_dns check */
- if (arg_nr_dns > 0) {
- if (arg_dns_servers != NULL) {
- GVariant *array = g_variant_get_variant(arg_dns_servers);
- dns_servers = (char **)g_try_malloc0(arg_nr_dns*sizeof(char *));
- if (dns_servers == NULL) {
- LOGE("malloc failed.");
- result = VPNSVC_ERROR_OUT_OF_MEMORY;
- goto done;
- }
- g_variant_iter_init(&iter, array);
- i = 0;
- while (g_variant_iter_loop(&iter, "s", &temp_dns_server)) {
- int temp_dns_str_len = strlen(temp_dns_server);
- dns_servers[i] = (char *)g_try_malloc0((temp_dns_str_len + 1) * sizeof(char));
- strncpy(dns_servers[i], temp_dns_server, strlen(temp_dns_server));
- dns_servers[i][temp_dns_str_len] = '\0';
- total_dns_string_cnt += temp_dns_str_len;
- LOGD("dns_servers[%d] : %s", i, (dns_servers[i] == NULL) ? "" : dns_servers[i]);
- i++;
- }
- }
- }
-
- result = vpn_daemon_up(arg_iface_index, arg_local_ip, arg_remote_ip,
- routes, prefix, arg_nr_routes, dns_servers, arg_nr_dns,
- total_dns_string_cnt, arg_dns_suffix, arg_mtu);
-done:
- /* free pointers */
- for (i = 0; i < arg_nr_routes; i++) {
- if (routes[i])
- g_free(routes[i]);
- }
-
- if (dns_servers) {
- for (i = 0; i < arg_nr_dns; i++) {
- if (dns_servers[i])
- g_free(dns_servers[i]);
- }
- g_free(dns_servers);
- }
-
- vpnsvc_complete_vpn_up(object, invocation, result);
-
- return TRUE;
-}
-
-gboolean handle_vpn_down(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- gint arg_iface_index)
-{
- LOGD("handle_vpn_down");
-
- int result = VPNSVC_ERROR_NONE;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- LOGD("vpn_down, %d\n", arg_iface_index);
-
- result = vpn_daemon_down(arg_iface_index);
-
- vpnsvc_complete_vpn_down(object, invocation, result);
-
- return TRUE;
-}
-
-gboolean handle_vpn_block_networks(Vpnsvc *object,
- GDBusMethodInvocation *invocation,
- GVariant *arg_nets_vpn,
- guint arg_nr_nets_vpn,
- GVariant *arg_nets_orig,
- guint arg_nr_nets_orig)
-{
- LOGD("handle_vpn_block_networks");
-
- int result = VPNSVC_ERROR_NONE;
-
- char *nets_vpn[arg_nr_nets_vpn];
- int prefix_vpn[arg_nr_nets_vpn];
-
- char *nets_orig[arg_nr_nets_vpn];
- int prefix_orig[arg_nr_nets_vpn];
-
- int i = 0;
- GVariantIter iter;
- gchar* route_dest;
- gint route_prefix;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false
- || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- LOGD("vpn_block_networks");
-
- /* arg_nets_vpn check */
- if (arg_nr_nets_vpn > 0) {
- if (arg_nets_vpn != NULL) {
- GVariant *dict_nets_vpn = g_variant_get_variant(arg_nets_vpn);
- g_variant_iter_init(&iter, dict_nets_vpn);
- i = 0;
- while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) {
- int tmp_route_len = strlen(route_dest);
- nets_vpn[i] = g_try_malloc0(sizeof(char) * tmp_route_len + 1);
- strncpy(nets_vpn[i], route_dest, tmp_route_len);
- nets_vpn[i][tmp_route_len] = '\0';
- prefix_vpn[i] = route_prefix;
- LOGD("nets_vpn[%d] = %s \t", i, (nets_vpn[i] == NULL) ? "" : nets_vpn[i]);
- LOGD("prefix_vpn[%d] = %d ", i, prefix_vpn[i]);
- i++;
- }
- }
- }
-
- /* arg_nets_orig check */
- if (arg_nr_nets_orig > 0) {
- if (arg_nets_orig != NULL) {
- GVariant *dict_nets_orig = g_variant_get_variant(arg_nets_orig);
- g_variant_iter_init(&iter, dict_nets_orig);
- i = 0;
- while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) {
- int tmp_route_len = strlen(route_dest);
- nets_orig[i] = g_try_malloc0(sizeof(char) * tmp_route_len + 1);
- strncpy(nets_orig[i], route_dest, tmp_route_len);
- nets_orig[i][tmp_route_len] = '\0';
- prefix_orig[i] = route_prefix;
- LOGD("nets_orig[%d] = %s \t", i, (nets_orig[i] == NULL) ? "" : nets_orig[i]);
- LOGD("prefix_orig[%d] = %d ", i, prefix_orig[i]);
- i++;
- }
- }
- }
-
- /* call function */
- result = vpn_daemon_block_networks(nets_vpn, prefix_vpn, arg_nr_nets_vpn, nets_orig, prefix_orig, arg_nr_nets_orig);
-
- for (i = 0; i < arg_nr_nets_vpn; ++i) {
- g_free(nets_orig[i]);
- g_free(nets_vpn[i]);
- }
-
- vpnsvc_complete_vpn_block_networks(object, invocation, result);
-
- return TRUE;
-}
-
-gboolean handle_vpn_unblock_networks(Vpnsvc *object,
- GDBusMethodInvocation *invocation)
-{
- LOGD("handle_vpn_unblock_networks");
-
- int result = VPNSVC_ERROR_NONE;
-
- /* check privilege */
- if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false
- || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) {
- vpnsvc_error_permission_denied(invocation);
- return FALSE;
- }
-
- LOGD("vpn_unblock_networks");
-
- result = vpn_daemon_unblock_networks();
-
- vpnsvc_complete_vpn_unblock_networks(object, invocation, result);
-
- return TRUE;
-}
-
-/*****************************
- * Initializations Functions *
- ****************************/
-Vpnsvc *get_vpnsvc_object(void)
-{
- return vpnsvc;
-}
-
-void vpnsvc_create_and_init(void)
-{
- LOGD("Create vpn object.");
- GDBusInterfaceSkeleton *interface = NULL;
- GDBusConnection *connection;
- GDBusObjectManagerServer *server = vpnsvc_get_vpn_manager();
- if (server == NULL)
- return;
-
- connection = vpnsvc_gdbus_get_connection();
- g_dbus_object_manager_server_set_connection(server, connection);
-
- /* Interface */
- vpnsvc = vpnsvc_skeleton_new();
- interface = G_DBUS_INTERFACE_SKELETON(vpnsvc);
-
- /* VPN Service */
- g_signal_connect(vpnsvc, "handle-vpn-init",
- G_CALLBACK(handle_vpn_init), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-deinit",
- G_CALLBACK(handle_vpn_deinit), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-protect",
- G_CALLBACK(handle_vpn_protect), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-up",
- G_CALLBACK(handle_vpn_up), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-down",
- G_CALLBACK(handle_vpn_down), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-block-networks",
- G_CALLBACK(handle_vpn_block_networks), NULL);
- g_signal_connect(vpnsvc, "handle-vpn-unblock-networks",
- G_CALLBACK(handle_vpn_unblock_networks), NULL);
-
- if (!g_dbus_interface_skeleton_export(interface, connection,
- VPNSERVICE_PATH, NULL)) {
- LOGE("Export VPNSERVICE_PATH for vpn failed");
- }
-
- return;
-}
-
-void vpnsvc_destroy_deinit(void)
-{
- LOGD("Deinit vpn object.");
-
- if (vpnsvc)
- g_object_unref(vpnsvc);
-}
-
-gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, net_vpn_service_privilege_e _privilege)
-{
-
- int ret = 0;
- int pid = 0;
- char *user;
- char *client;
- char *client_session;
- char *privilege = NULL;
- cynara *p_cynara = NULL;
- const char *sender_unique_name;
- GDBusConnection *connection;
-
- connection = g_dbus_method_invocation_get_connection(invocation);
- sender_unique_name = g_dbus_method_invocation_get_sender(invocation);
-
- ret = cynara_initialize(&p_cynara, NULL);
- if (ret != CYNARA_API_SUCCESS) {
- LOGD("cynara_initialize() failed");
- return FALSE;
- }
-
- ret = cynara_creds_gdbus_get_pid(connection, sender_unique_name, &pid);
- if (ret != CYNARA_API_SUCCESS) {
- LOGD("cynara_creds_gdbus_get_pid() failed");
- return FALSE;
- }
-
- ret = cynara_creds_gdbus_get_user(connection, sender_unique_name, USER_METHOD_DEFAULT, &user);
- if (ret != CYNARA_API_SUCCESS) {
- LOGD("cynara_creds_gdbus_get_user() failed");
- return FALSE;
- }
-
- ret = cynara_creds_gdbus_get_client(connection, sender_unique_name, CLIENT_METHOD_DEFAULT, &client);
- if (ret != CYNARA_API_SUCCESS) {
- LOGD("cynara_creds_gdbus_get_client() failed");
- return FALSE;
- }
-
- switch (_privilege) {
- case PRIVILEGE_VPN_SERVICE:
- privilege = "http://tizen.org/privilege/vpnservice";
- break;
-
- case PRIVILEGE_VPN_SERVICE_ADMIN:
- privilege = "http://tizen.org/privilege/vpnservice.admin";
- break;
-
- case PRIVILEGE_INTERNET:
- privilege = "http://tizen.org/privilege/internet";
- break;
- default:
- LOGD("Undifined privilege");
- return FALSE;
- break;
- }
-
- client_session = cynara_session_from_pid(pid);
-
- ret = cynara_check(p_cynara, client, client_session, user, privilege);
- if (ret == CYNARA_API_ACCESS_ALLOWED)
- LOGD("cynara PASS");
-
- cynara_finish(p_cynara);
-
- g_free(client);
- g_free(user);
- g_free(client_session);
-
- return (ret == CYNARA_API_ACCESS_ALLOWED) ? TRUE : FALSE;
-}
+++ /dev/null
-<manifest>
- <request>
- <domain name="_"/>
- </request>
-</manifest>
+++ /dev/null
-CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-SET(PACKAGE_NAME capi-vpnsvc)
-SET(LIB_NAME ${PACKAGE_NAME})
-PROJECT(${LIB_NAME})
-SET(PREFIX ${CMAKE_INSTALL_PREFIX})
-SET(EXEC_PREFIX "\${prefix}")
-SET(LIBDIR ${LIB_INSTALL_DIR})
-SET(INCLUDEDIR "\${prefix}/include")
-SET(VERSION 0.1)
-
-SET(requires "dlog dbus-1 glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common capi-appfw-application capi-appfw-app-manager capi-system-info")
-SET(pc_requires "capi-base-common")
-
-SET(SRCS
- src/capi_vpn_service.c
-)
-
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
- ${CMAKE_SOURCE_DIR}/framework/include)
-
-INCLUDE(FindPkgConfig)
-pkg_check_modules(${PACKAGE_NAME} REQUIRED ${requires})
-FOREACH(flag ${${PACKAGE_NAME}_CFLAGS})
- SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
-ENDFOREACH(flag)
-
-# Compiler flags
-SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fPIC -Wall -fvisibility=hidden")
-SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
-SET(CMAKE_C_FLAGS_DEBUG "-O0 -g")
-
-ADD_DEFINITIONS("-DPREFIX=\"${PREFIX}\"")
-ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"")
-ADD_DEFINITIONS("-DDATAFS=\"$ENV{DATADIR}\"")
-ADD_DEFINITIONS("-DSLP_DEBUG")
-
-SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR})
-
-ADD_LIBRARY(${PACKAGE_NAME} SHARED ${SRCS})
-TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} -lrt -ldl)
-
-INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION ${LIBDIR})
-INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/vpn_service.h DESTINATION include)
-
-SET_TARGET_PROPERTIES(${PACKAGE_NAME}
- PROPERTIES
- VERSION ${FULLVER}
- SOVERSION ${MAJORVER}
- CLEAN_DIRECT_OUTPUT 1
-)
-
-
-SET(PC_NAME ${PACKAGE_NAME})
-SET(PC_REQUIRED ${pc_requires})
-SET(PC_CFLAGS -I\${includedir})
-SET(PC_LDFLAGS -l${PACKAGE_NAME})
-
-CONFIGURE_FILE(
- ${PACKAGE_NAME}.pc.in
- ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc
- @ONLY
-)
-
-INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc DESTINATION ${LIBDIR}/pkgconfig)
extern "C" {
#endif /* __cplusplus */
-#define DBUS_DAEMON_SERVICE_NAME "org.freedesktop.DBus"
-#define DBUS_DAEMON_OBJECT_NAME "/org/freedesktop/DBus"
-#define DBUS_DAEMON_INTERFACE_NAME "org.freedesktop.DBus"
-#define DBUS_DAEMON_START_SERVICE_METHOD_NAME "StartServiceByName"
-
-#define VPNSVC_DBUS_SERVICE_NAME "org.tizen.vpnsvc"
-#define VPNSVC_DBUS_INTERFACE_NAME "org.tizen.vpnsvc"
-#define VPNSVC_DBUS_INTERFACE_OBJ_NAME "/org/tizen/vpnsvc"
+#define NETCONFIG_SERVICE_NAME "net.netconfig"
+#define NETCONFIG_VPNSVC_PATH "/net/netconfig/vpnsvc"
+#define NETCONFIG_VPNSVC_INTERFACE_NAME "net.netconfig.vpnsvc"
+#define NETCONFIG_NETWORK_PATH "/net/netconfig/network"
+#define NETCONFIG_NETWORK_INTERFACE "net.netconfig.network"
#define _MAX_FILE_PATH_LEN 512
#define _USER_SETTING_DEFAULT_MTU 1500
Name: vpnsvc-pkg
Summary: VPN service library in TIZEN C API
-Version: 1.0.21
+Version: 1.0.22
Release: 1
Group: System/Network
License: Apache-2.0
URL: N/A
Source0: %{name}-%{version}.tar.gz
-Source1: vpnsvc-daemon.service
-Source2: org.tizen.vpnsvc.service
-Source3: dbus-vpnsvc-daemon.conf
BuildRequires: cmake
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(dbus-glib-1)
BuildRequires: pkgconfig(capi-appfw-package-manager)
BuildRequires: pkgconfig(capi-appfw-app-manager)
BuildRequires: pkgconfig(capi-system-info)
-BuildRequires: pkgconfig(cynara-client)
-BuildRequires: pkgconfig(cynara-creds-gdbus)
-BuildRequires: pkgconfig(cynara-session)
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
%description
-capi-vpn-service framework, service
+capi-vpn-service
%package -n capi-vpnsvc
Summary: VPN service library in TIZEN C API
#%description -n vpnsvc_test
#vpnsvc test package
-%package -n vpnsvc-daemon
-Summary: Vpnsvc daemon
-Group: Development/Libraries
-Requires: systemd
-Requires(preun): systemd
-Requires(post): systemd
-Requires(postun): systemd
-
-%description -n vpnsvc-daemon
-vpnsvc daemon package
-
%prep
%setup -q
#cp LICENSE.APLv2 %{buildroot}/usr/share/license/fpasmtztransport
%make_install
-mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d
-install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/dbus-1/system.d/vpnsvc-daemon.conf
-mkdir -p %{buildroot}%{_libdir}/systemd/system
-install -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/vpnsvc-daemon.service
-mkdir -p %{buildroot}%{_datadir}/dbus-1/system-services
-install -m 0644 %{SOURCE2} %{buildroot}%{_datadir}/dbus-1/system-services/org.tizen.vpnsvc.service
%clean
rm -rf %{buildroot}
ln -s %{_libdir}/libcapi-vpnsvc.so.0 %{_libdir}/libcapi-vpnsvc.so
%postun
-if [ $1 == 0 ]; then
- # unistall
- systemctl daemon-reload
-fi
-
-%files -n vpnsvc-daemon
-%manifest daemon/vpnsvc-daemon.manifest
-%attr(0755,root,root) %{_bindir}/vpnsvc-daemon
-%defattr(-,root,root,-)
-%{_sysconfdir}/dbus-1/system.d/*.conf
-%{_libdir}/systemd/system/vpnsvc-daemon.service
-%{_datadir}/dbus-1/system-services/org.tizen.vpnsvc.service
%files -n capi-vpnsvc
-%manifest framework/capi-vpnsvc.manifest
+%manifest capi-vpnsvc.manifest
%{_libdir}/libcapi-vpnsvc.so.*
%{_datadir}/license/capi-vpnsvc
%{_bindir}/vpnsvc_test
+++ /dev/null
-<!DOCTYPE busconfig PUBLIC
- "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-<busconfig>
- <policy user="root">
- <allow own="org.tizen.vpnsvc"/>
-
- <allow send_destination="org.tizen.vpnsvc"/>
- <allow send_interface="org.tizen.vpnsvc"/>
- <allow receive_sender="org.tizen.vpnsvc" receive_type="signal"/>
- </policy>
- <policy context="default">
- <allow own="org.tizen.vpnsvc"/>
- <allow send_destination="org.tizen.vpnsvc"/>
- <allow send_interface="org.tizen.vpnsvc"/>
- </policy>
-</busconfig>
+++ /dev/null
-[D-BUS Service]
-Name=org.tizen.vpnsvc
-Exec=/bin/false
-User=root
-Group=root
-SystemdService=vpnsvc-daemon.service
-
+++ /dev/null
-[Unit]
-Description=Start vpn-service-daemon for vpn-service
-
-[Service]
-User=root
-Group=root
-Type=dbus
-BusName=org.tizen.vpnsvc
-RemainAfterExit=yes
-ExecStart=/usr/bin/vpnsvc-daemon
-Restart=always
-RestartSec=0
-CapabilityBoundingSet=~CAP_MAC_ADMIN
-CapabilityBoundingSet=~CAP_MAC_OVERRIDE
vpnsvc_tun_s *tmp_s = NULL;
_vpnsvc_init_vpnsvc_tun_s(&tmp_s);
- op = _vpnsvc_invoke_dbus_method(tmp_s->connection,
- DBUS_DAEMON_SERVICE_NAME,
- DBUS_DAEMON_OBJECT_NAME,
- DBUS_DAEMON_INTERFACE_NAME,
- DBUS_DAEMON_START_SERVICE_METHOD_NAME,
- g_variant_new("(su)", VPNSVC_DBUS_SERVICE_NAME, 0),
- &dbus_result);
-
- if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
- return VPNSVC_ERROR_PERMISSION_DENIED;
-
- if (op == NULL) {
- _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE
- LOGD("Service [%s] Start Failed!", VPNSVC_DBUS_SERVICE_NAME); //LCOV_EXCL_LINE
- return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE
- } else {
- unsigned int status = 0;
- g_variant_get(op, "(u)", &status);
- if (1 == status) { /* DBUS_START_REPLY_SUCCESS */
- LOGD("Service [%s] Started Successfully!", VPNSVC_DBUS_SERVICE_NAME);
- } else if (2 == status) { /* DBUS_START_REPLY_ALREADY_RUNNING */
- LOGD("Service [%s] Already Running!", VPNSVC_DBUS_SERVICE_NAME);
- } else {
- LOGD("Service [%s] Not Started! Status[%d]", VPNSVC_DBUS_SERVICE_NAME, status); //LCOV_EXCL_LINE
- g_variant_unref(op); //LCOV_EXCL_LINE
- op = NULL; //LCOV_EXCL_LINE
- _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE
- return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE
- }
- g_variant_unref(op);
- op = NULL;
- }
-
if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) {
LOGE("tun device open fail\n"); //LCOV_EXCL_LINE
close(iface_fd);//LCOV_EXCL_LINE
LOGD("client iface_fd : %d", iface_fd);
+ op = _vpnsvc_invoke_dbus_method(tmp_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
op = _vpnsvc_invoke_dbus_method_with_fd(tmp_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_init",
g_variant_new("(su)", iface_name, strlen(iface_name)),
iface_fd,
if (tun_s->fd > 0) {
op = _vpnsvc_invoke_dbus_method(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_deinit",
g_variant_new("(s)", tun_s->name),
&dbus_result);
return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
/* call vpnsvc_protect */
op = _vpnsvc_invoke_dbus_method_with_fd(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_protect",
g_variant_new("(s)", iface_name),
socket_fd,
LOGD("dns_suffix : %s", dns_suffix);
op = _vpnsvc_invoke_dbus_method(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_up",
g_variant_new("(issvuvusu)", tun_s->index, local_ip, \
remote_ip, route_param, num_routes, dns_param, num_dns_servers, \
}
op = _vpnsvc_invoke_dbus_method(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_down",
g_variant_new("(i)", tun_s->index),
&dbus_result);
nets_param_orig = g_variant_builder_end(&nets_builder);
op = _vpnsvc_invoke_dbus_method(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_block_networks",
g_variant_new("(vuvu)", nets_param_vpn, num_allow_routes_vpn,
nets_param_orig, num_allow_routes_orig),
}
op = _vpnsvc_invoke_dbus_method(tun_s->connection,
- VPNSVC_DBUS_SERVICE_NAME,
- VPNSVC_DBUS_INTERFACE_OBJ_NAME,
- VPNSVC_DBUS_INTERFACE_NAME,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_NETWORK_PATH,
+ NETCONFIG_NETWORK_INTERFACE,
+ "CheckInternetPrivilege",
+ NULL,
+ &dbus_result);
+
+ if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED)
+ return VPNSVC_ERROR_PERMISSION_DENIED;
+
+ op = _vpnsvc_invoke_dbus_method(tun_s->connection,
+ NETCONFIG_SERVICE_NAME,
+ NETCONFIG_VPNSVC_PATH,
+ NETCONFIG_VPNSVC_INTERFACE_NAME,
"vpn_unblock_networks",
g_variant_new("()"),
&dbus_result);
vpn_service_test.c)
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
- ${CMAKE_SOURCE_DIR}/framework/include)
+INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
INCLUDE(FindPkgConfig)
pkg_check_modules(${PACKAGE_NAME} REQUIRED ${requires})
projects / platform / core / api / vpn-service.git / commitdiff