From 7badccf7fb90d59a55e0e7eb95bdba14f8aa1877 Mon Sep 17 00:00:00 2001 From: Deepak Kumar Sahu Date: Mon, 21 Mar 2016 19:47:23 +0530 Subject: [PATCH 01/16] Warnings Resolved for vpn-service module. Change-Id: I126226716f15f77b2b1b60710a83f3beb3b279d1 Signed-off-by: Deepak Kumar Sahu --- CMakeLists.txt | 2 +- daemon/include/vpn_service_daemon.h | 6 +++--- daemon/src/vpn_service_daemon.c | 8 ++++---- daemon/src/vpnsvc.c | 5 +++-- framework/src/capi_vpn_service.c | 6 +++--- include/vpn_service.h | 4 ++-- include/vpn_service_internal.h | 2 +- 7 files changed, 17 insertions(+), 16 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 42a6afb..f6911e1 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -21,7 +21,7 @@ ADD_DEFINITIONS("-fPIC") # Set compiler warning flags -#ADD_DEFINITIONS("-Werror") # Make all warnings into errors. +# ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings diff --git a/daemon/include/vpn_service_daemon.h b/daemon/include/vpn_service_daemon.h index 211e72c..f0b10b0 100755 --- a/daemon/include/vpn_service_daemon.h +++ b/daemon/include/vpn_service_daemon.h @@ -27,12 +27,12 @@ int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsv int vpn_daemon_deinit(const char* dev_name); int vpn_daemon_protect(int socket, const char* dev_name); int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, - const char* routes[], int prefix[], size_t nr_routes, + char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu); int vpn_daemon_down(int iface_index); -int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, - const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); +int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); int vpn_daemon_unblock_networks(void); #endif /* __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__ */ diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 0a95595..58d43e7 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -84,7 +84,7 @@ static in_addr_t host2net(ipv4 host) return net; } -static int add_routes(char* iface_name, const char* routes[], int prefix[], size_t nr_routes) +static int add_routes(char* iface_name, char* routes[], int prefix[], size_t nr_routes) { struct rtentry rt; struct sockaddr_in addr; @@ -732,7 +732,7 @@ int vpn_daemon_protect(int socket_fd, const char* dev_name) } int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, - const char* routes[], int prefix[], size_t nr_routes, + char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu) { @@ -913,8 +913,8 @@ int vpn_daemon_down(int iface_index) return VPNSVC_ERROR_NONE; } -int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, - const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) { +int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) { unsigned int i; /* iptable chain regist */ diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index be80c9f..2ca1416 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -18,6 +18,7 @@ */ #include +#include #include #include #include @@ -167,7 +168,7 @@ gboolean handle_vpn_up(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; - char* routes[arg_nr_routes]; + char *routes[arg_nr_routes]; int prefix[arg_nr_routes]; char **dns_servers = NULL; @@ -503,7 +504,7 @@ gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, ne client_session = cynara_session_from_pid(pid); ret = cynara_check(p_cynara, client, client_session, user, privilege); - if (ret == CYNARA_API_ACCESS_ALLOWED); + if (ret == CYNARA_API_ACCESS_ALLOWED) LOGD("cynara PASS"); return (ret == CYNARA_API_ACCESS_ALLOWED) ? TRUE : FALSE; diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 08e6aa6..05843ef 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -444,7 +444,7 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ } EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char* routes_dest_add[], int routes_prefix[], size_t num_routes, + char* routes_dest_add[], int routes_prefix[], size_t num_routes, const char** dns_servers, size_t num_dns_servers, const char* dns_suffix) { @@ -649,10 +649,10 @@ EXPORT_API int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size) EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, - const char* routes_dest_vpn_addr[], + char* routes_dest_vpn_addr[], int routes_vpn_prefix[], size_t num_allow_routes_vpn, - const char* routes_dest_orig_addr[], + char* routes_dest_orig_addr[], int routes_orig_prefix[], size_t num_allow_routes_orig) diff --git a/include/vpn_service.h b/include/vpn_service.h index adefef3..183eed1 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -198,10 +198,10 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); * @see vpnsvc_unblock_networks() */ int vpnsvc_block_networks(vpnsvc_h handle, - const char *routes_dest_vpn_addr[], + char *routes_dest_vpn_addr[], int routes_vpn_prefix[], size_t num_allow_routes_vpn, - const char *routes_dest_orig_addr[], + char *routes_dest_orig_addr[], int routes_orig_prefix[], size_t num_allow_routes_orig); diff --git a/include/vpn_service_internal.h b/include/vpn_service_internal.h index 7cbf633..1fda902 100755 --- a/include/vpn_service_internal.h +++ b/include/vpn_service_internal.h @@ -59,7 +59,7 @@ extern "C" { * @see vpnsvc_down() */ int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char *routes_dest_addr[], int routes_prefix[], size_t num_routes, + char *routes_dest_addr[], int routes_prefix[], size_t num_routes, const char** dns_servers, size_t num_dns_servers, const char* dns_suffix); -- 2.7.4 From ecbf37231495b4d7f75dc5cd70fe8c0037f1b961 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Wed, 23 Mar 2016 09:08:40 +0900 Subject: [PATCH 02/16] Modified privilege Change-Id: Ifac630c0b62ccdf992d918850e22869bb17d10a3 Signed-off-by: Taesub Kim --- daemon/src/vpnsvc.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index 2ca1416..852d0aa 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -51,7 +51,7 @@ gboolean handle_vpn_init(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -96,7 +96,7 @@ gboolean handle_vpn_deinit(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -122,7 +122,7 @@ gboolean handle_vpn_protect(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -309,7 +309,7 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, gint route_prefix; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -376,7 +376,7 @@ gboolean handle_vpn_unblock_networks(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; -- 2.7.4 From 6b2d6170d150ff881f0483bf2e94599f0e627b8e Mon Sep 17 00:00:00 2001 From: taesubkim Date: Thu, 24 Mar 2016 16:54:12 +0900 Subject: [PATCH 03/16] SVACE #57179 Change-Id: Ic4e91af1e5e495df89ce2f431e58ec415d813206 Signed-off-by: Taesub Kim Signed-off-by: Deepak Kumar Sahu --- framework/src/capi_vpn_service.c | 3 ++- packaging/capi-vpn-service.spec | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 05843ef..dba74cb 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -292,6 +292,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) { LOGE("tun device open fail\n"); //LCOV_EXCL_LINE + close(iface_fd); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } @@ -335,7 +336,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) op = NULL; } } - + close(iface_fd); return result; } diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index f2bcd0b..656f661 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.7 +Version: 1.0.8 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From b49ad0fdcfd75ae02f7324b7a22b310de1f574ed Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 28 Mar 2016 11:39:34 +0900 Subject: [PATCH 04/16] Fixed wrong close fd for interface Change-Id: I3702e8805abdb385b093a6f468a411d7287f85a4 Signed-off-by: hyunuktak --- framework/src/capi_vpn_service.c | 1 - packaging/capi-vpn-service.spec | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index dba74cb..cc2c328 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -336,7 +336,6 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) op = NULL; } } - close(iface_fd); return result; } diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 656f661..cc5b58c 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.8 +Version: 1.0.9 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From 938c53a789c7b248bdfbac7cee34f903d7ac8155 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Wed, 6 Apr 2016 20:43:28 +0900 Subject: [PATCH 05/16] Apply coding rule Change-Id: I258e4c933560c94780517eaf443cd427e7b8d5c8 Signed-off-by: Taesub Kim --- daemon/include/vpnsvc.h | 3 +-- daemon/src/vpnsvc.c | 9 ++++----- framework/include/capi_vpn_service_private.h | 2 +- framework/src/capi_vpn_service.c | 17 ++++++----------- include/vpn_service.h | 23 +++++++++++------------ include/vpn_service_internal.h | 2 +- 6 files changed, 24 insertions(+), 32 deletions(-) diff --git a/daemon/include/vpnsvc.h b/daemon/include/vpnsvc.h index 99c037f..7e92207 100755 --- a/daemon/include/vpnsvc.h +++ b/daemon/include/vpnsvc.h @@ -30,8 +30,7 @@ extern "C" { #include "generated-code.h" -typedef enum _net_vpn_service_privilege_e -{ +typedef enum _net_vpn_service_privilege_e { PRIVILEGE_VPN_SERVICE = 0x00, PRIVILEGE_VPN_SERVICE_ADMIN, PRIVILEGE_INTERNET, diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index 852d0aa..e6a4967 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -482,20 +482,19 @@ gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, ne return FALSE; } - switch (_privilege) - { + switch (_privilege) { case PRIVILEGE_VPN_SERVICE: privilege = "http://tizen.org/privilege/vpnservice"; break; - case PRIVILEGE_VPN_SERVICE_ADMIN : + case PRIVILEGE_VPN_SERVICE_ADMIN: privilege = "http://tizen.org/privilege/vpnservice.admin"; break; - case PRIVILEGE_INTERNET : + case PRIVILEGE_INTERNET: privilege = "http://tizen.org/privilege/internet"; break; - default : + default: LOGD("Undifined privilege"); return FALSE; break; diff --git a/framework/include/capi_vpn_service_private.h b/framework/include/capi_vpn_service_private.h index c949fca..613fb7f 100755 --- a/framework/include/capi_vpn_service_private.h +++ b/framework/include/capi_vpn_service_private.h @@ -61,7 +61,7 @@ extern "C" { int feature_rv = _vpnsvc_check_feature_supported(feature_name); \ if (feature_rv != VPNSVC_ERROR_NONE) \ return feature_rv; \ - } while(0) + } while (0) /** * @brief This data structure has a fido data and its length. diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index cc2c328..b0c6acc 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -145,7 +145,7 @@ GVariant *_vpnsvc_invoke_dbus_method(GDBusConnection *connection, if (reply == NULL) { if (error != NULL) { - if (error->code == G_DBUS_ERROR_ACCESS_DENIED){ + if (error->code == G_DBUS_ERROR_ACCESS_DENIED) { LOGE("g_dbus_connection_call_sync() failed" "error [%d: %s]", error->code, error->message);//LCOV_EXCL_LINE *dbus_error = VPNSVC_ERROR_PERMISSION_DENIED;//LCOV_EXCL_LINE @@ -264,9 +264,8 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) g_variant_new("(su)", VPNSVC_DBUS_SERVICE_NAME, 0), &dbus_result); - if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED) return VPNSVC_ERROR_PERMISSION_DENIED; - } if (op == NULL) { _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE @@ -366,9 +365,8 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) g_variant_new("(s)", tun_s->name), &dbus_result); - if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED) return VPNSVC_ERROR_PERMISSION_DENIED; - } if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE @@ -425,9 +423,8 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ socket_fd, &dbus_result); - if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED) return VPNSVC_ERROR_PERMISSION_DENIED; - } if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE @@ -707,9 +704,8 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, nets_param_orig, num_allow_routes_orig), &dbus_result); - if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED) return VPNSVC_ERROR_PERMISSION_DENIED; - } if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE @@ -757,9 +753,8 @@ EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) g_variant_new("()"), &dbus_result); - if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED) return VPNSVC_ERROR_PERMISSION_DENIED; - } if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE diff --git a/include/vpn_service.h b/include/vpn_service.h index 183eed1..feaf473 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -54,17 +54,16 @@ extern "C" { * @brief Enumeration for VPN service error types. * @details Indicate formats of error type field */ -typedef enum -{ - VPNSVC_ERROR_NONE = TIZEN_ERROR_NONE, /**< Successful */ - VPNSVC_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */ - VPNSVC_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */ - VPNSVC_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */ - VPNSVC_ERROR_NO_SUCH_FILE = TIZEN_ERROR_NO_SUCH_FILE, /**< No such file or directory */ - VPNSVC_ERROR_IO_ERROR = TIZEN_ERROR_IO_ERROR, /**< IO error */ - VPNSVC_ERROR_TIMEOUT = TIZEN_ERROR_TIMED_OUT, /**< Time out error or no answer */ - VPNSVC_ERROR_IPC_FAILED = TIZEN_ERROR_VPNSVC | 0x02, /**< Failed to communicate with server */ - VPNSVC_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED /**< Not Supported */ +typedef enum { + VPNSVC_ERROR_NONE = TIZEN_ERROR_NONE, /**< Successful */ + VPNSVC_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */ + VPNSVC_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */ + VPNSVC_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Permission denied */ + VPNSVC_ERROR_NO_SUCH_FILE = TIZEN_ERROR_NO_SUCH_FILE, /**< No such file or directory */ + VPNSVC_ERROR_IO_ERROR = TIZEN_ERROR_IO_ERROR, /**< IO error */ + VPNSVC_ERROR_TIMEOUT = TIZEN_ERROR_TIMED_OUT, /**< Time out error or no answer */ + VPNSVC_ERROR_IPC_FAILED = TIZEN_ERROR_VPNSVC | 0x02, /**< Failed to communicate with server */ + VPNSVC_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED /**< Not Supported */ } vpnsvc_error_e; @@ -326,6 +325,6 @@ int vpnsvc_get_session(vpnsvc_h handle, char** session); #ifdef __cplusplus } -#endif // __cplusplus +#endif // __cplusplus #endif /* __TIZEN_CAPI_VPN_SERVICE_H__ */ diff --git a/include/vpn_service_internal.h b/include/vpn_service_internal.h index 1fda902..bf69850 100755 --- a/include/vpn_service_internal.h +++ b/include/vpn_service_internal.h @@ -46,7 +46,7 @@ extern "C" { * @param[in] num_routes The number of routes, Unlimitation * @param[in] dns_servers The list of DNS server names - Optional * @param[in] num_dns_servers The number of DNS server names - Optionl, Unlimitation - * @param[in] dns_suffix The DNS suffix - Optional (e.g. tizen.org) + * @param[in] dns_suffix The DNS suffix - Optional (e.g. tizen.org) * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter -- 2.7.4 From e143d9fbe1f379a05f38c5617e32004188f4f3c8 Mon Sep 17 00:00:00 2001 From: Saurav Babu Date: Sat, 9 Apr 2016 12:32:30 +0530 Subject: [PATCH 06/16] [vpn-service] Remove -Wextra flags from package Change-Id: I2ba45696468a08263570f54170bb6bed54ed829b Signed-off-by: Saurav Babu --- CMakeLists.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f6911e1..b60293d 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -23,7 +23,6 @@ ADD_DEFINITIONS("-fPIC") # ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings -ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}") ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"") -- 2.7.4 From 04d73e40a56c8ef4fe21d234980b6ed167d8d56e Mon Sep 17 00:00:00 2001 From: taesubkim Date: Mon, 11 Apr 2016 16:27:53 +0900 Subject: [PATCH 07/16] Redirect the DNS queries to VPN interface Change-Id: Ibc3674df828c186d29160dab831667cf17fbda55 Signed-off-by: Taesub Kim --- daemon/src/vpn_service_daemon.c | 46 +++++++++++++++++++++++++++++++++++++++++ packaging/capi-vpn-service.spec | 2 +- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 58d43e7..00ea4e2 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -55,6 +55,11 @@ static char iptables_unregister_fmt[] = "%s -D %s -j %s%s -w;" "%s -F %s%s -w;" static char iptables_rule_fmt[] = "%s -%c %s%s -%c %s/%d -j ACCEPT -w;"; static char iptables_rule_with_interface_fmt[] = "%s -%c %s%s -%c %s -%c %s/%d -j ACCEPT -w;"; /*static char iptables_usage_fmt[] = "%s -L %s%s -n -v -w;";*/ +/* iptables -t nat -A CAPI_VPN_SERVICE_OUTPUT -p udp -d --dport 53 -j DNAT --to */ +static char iptables_nat_chain_name[] = "CAPI_VPN_SERVICE_NAT_OUTPUT"; +static char iptables_nat_register_init_fmt[] = "%s -t nat -N %s -w;" "%s -t nat -F %s -w;" "%s -t nat -I %s -j %s -w;"; +static char iptables_nat_register_rule_fmt[] = "%s -t nat -A %s -p udp -d %s --dport 53 -j DNAT --to %s:53 -w;"; +static char iptables_nat_unregister_fmt[] = "%s -t nat -D %s -j %s -w;" "%s -t nat -F %s -w;" "%s -t nat -X %s -w;"; typedef unsigned long int ipv4; /* Declare variable type for ipv4 net address. */ @@ -517,6 +522,40 @@ static void iptables_exec(char *cmdline) pclose(fp); } +static void dns_nat_register(char **vpn_dns_address, size_t nr_dns, char *vpn_device_address) +{ + int size = 0, i; + char buf[8192]; + + snprintf(buf + size, sizeof(buf) - size, iptables_nat_register_init_fmt, + iptables_cmd, iptables_nat_chain_name, + iptables_cmd, iptables_nat_chain_name, + iptables_cmd, iptables_filter_out, iptables_nat_chain_name); + size = strlen(buf); + + for (i = 0 ; i < nr_dns ; i++) { + snprintf(buf + size, sizeof(buf) - size, iptables_nat_register_rule_fmt, + iptables_cmd, iptables_nat_chain_name, vpn_dns_address[i], vpn_device_address); + size = strlen(buf); + } + LOGD("iptable dns nat reg cmd : %s", buf); + iptables_exec(buf); +} + +static void dns_nat_unregister(void) +{ + int size = 0; + char buf[8192]; + + snprintf(buf + size, sizeof(buf) - size, iptables_nat_unregister_fmt, + iptables_cmd, iptables_filter_out, iptables_nat_chain_name, + iptables_cmd, iptables_nat_chain_name, + iptables_cmd, iptables_nat_chain_name); + size = strlen(buf); + LOGD("iptable dns nat unreg cmd : %s", buf); + iptables_exec(buf); +} + static void iptables_register(void) { int size = 0; @@ -850,6 +889,10 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, } } + if (nr_dns > 0) { + dns_nat_register(dns_servers, nr_dns, local_ip); + } + return ret; } @@ -910,6 +953,9 @@ int vpn_daemon_down(int iface_index) /* remove dns suffix */ del_dns_suffix(); + /* remove dns filter */ + dns_nat_unregister(); + return VPNSVC_ERROR_NONE; } diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index cc5b58c..f44eacc 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.9 +Version: 1.0.10 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From ec9120464ed13c394cbc88fc6d0582f3f1972fb4 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Tue, 12 Apr 2016 14:44:51 +0900 Subject: [PATCH 08/16] Added some comments to exclude coverage #2 Change-Id: I69155e2be24418aaa29d57380b896f73d8416b2e Signed-off-by: Taesub Kim --- framework/src/capi_vpn_service.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index b0c6acc..c4ea33d 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -144,15 +144,15 @@ GVariant *_vpnsvc_invoke_dbus_method(GDBusConnection *connection, &error); if (reply == NULL) { - if (error != NULL) { - if (error->code == G_DBUS_ERROR_ACCESS_DENIED) { - LOGE("g_dbus_connection_call_sync() failed" - "error [%d: %s]", error->code, error->message);//LCOV_EXCL_LINE + if (error != NULL) {//LCOV_EXCL_LINE + if (error->code == G_DBUS_ERROR_ACCESS_DENIED) {//LCOV_EXCL_LINE + LOGE("g_dbus_connection_call_sync() failed"//LCOV_EXCL_LINE + "error [%d: %s]", error->code, error->message); *dbus_error = VPNSVC_ERROR_PERMISSION_DENIED;//LCOV_EXCL_LINE g_error_free(error);//LCOV_EXCL_LINE } else { - LOGE("g_dbus_connection_call_sync() failed" - "error [%d: %s]", error->code, error->message);//LCOV_EXCL_LINE + LOGE("g_dbus_connection_call_sync() failed"//LCOV_EXCL_LINE + "error [%d: %s]", error->code, error->message); *dbus_error = VPNSVC_ERROR_IO_ERROR;//LCOV_EXCL_LINE g_error_free(error);//LCOV_EXCL_LINE } @@ -214,7 +214,7 @@ GVariant *_vpnsvc_invoke_dbus_method_with_fd(GDBusConnection *connection, &error); if (reply == NULL) { - if (error != NULL) { + if (error != NULL) {//LCOV_EXCL_LINE LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE "error [%d: %s]", error->code, error->message); *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE @@ -243,14 +243,14 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) /* parameter check */ if (iface_name == NULL || strlen(iface_name) <= 0) { - LOGE("iface_name is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("iface_name is a NULL");//LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE } else if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL");//LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE } else if (*handle != NULL) { - LOGE("handle already created"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle already created");//LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE } vpnsvc_tun_s *tmp_s = NULL; @@ -291,7 +291,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) { LOGE("tun device open fail\n"); //LCOV_EXCL_LINE - close(iface_fd); + close(iface_fd);//LCOV_EXCL_LINE _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } @@ -895,7 +895,7 @@ EXPORT_API int vpnsvc_set_blocking(vpnsvc_h handle, bool blocking) } if (blocking == false) - flags = flags | O_NONBLOCK; + flags = flags | O_NONBLOCK;//LCOV_EXCL_LINE else flags = flags & (~O_NONBLOCK); -- 2.7.4 From cfa115ca423e88499db99645203880c1381f37d4 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Wed, 27 Apr 2016 09:06:40 +0900 Subject: [PATCH 09/16] Fixing P151224-03183, Redirect the DNS queries to VPN interface #2 [Model] TM1 [Issue#] P151224-03183 [Request] PLM [Occurrence Version] NA [Problem] VPN is NOT working properly [Cause & Measure] Redirect the DNS queries to VPN interface [Checking Method] Redirect the DNS queries to VPN interface [Team] Tizen platform lab(SWC) [Developer] Taesub Kim [Solution company] Samsung [Change Type] Specification change Change-Id: I15723669cdca453007ae5f54be8a5bbf8862c042 Signed-off-by: Taesub Kim --- daemon/src/vpn_service_daemon.c | 63 +++++++++++++++++++++++++++++++++++++++++ packaging/capi-vpn-service.spec | 2 +- 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 00ea4e2..f4f82b9 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -140,6 +140,56 @@ static int add_routes(char* iface_name, char* routes[], int prefix[], size_t nr_ return VPNSVC_ERROR_NONE; } +static int add_dns_routes(char* if_name, char** dns_servers, size_t nr_dns) +{ + struct rtentry rt; + struct sockaddr_in addr; + int sk; + unsigned int i = 0; + + LOGD("Enter add_routes"); + + sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); + if (sk < 0) { + LOGE("socket failed : %s", strerror(errno)); + return VPNSVC_ERROR_IO_ERROR; + } + + for (i = 0; i < nr_dns; i++) { + memset(&rt, 0, sizeof(rt)); + rt.rt_flags = RTF_UP; + + memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = inet_addr(dns_servers[i]); + memcpy(&rt.rt_dst, &addr, sizeof(rt.rt_dst)); + + memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = INADDR_ANY; + memcpy(&rt.rt_gateway, &addr, sizeof(rt.rt_gateway)); + + /* set mask using by prefix length */ + memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = INADDR_ANY; + addr.sin_addr.s_addr = host2net(make_mask(32)); + memcpy(&rt.rt_genmask, &addr, sizeof(rt.rt_genmask)); + + rt.rt_dev = if_name; + + if (ioctl(sk, SIOCADDRT, &rt) < 0) { + LOGE("ioctl SIOCADDRT failed : %s", strerror(errno)); + close(sk); + return VPNSVC_ERROR_IO_ERROR; + } + } + + close(sk); + + return VPNSVC_ERROR_NONE; +} + static void connman_connection_open(void) { if (global_connection == NULL) { @@ -871,6 +921,16 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, } } + /* add DNS routes */ + if (nr_dns > 0) { + ret = add_dns_routes(ifr_tun.ifr_name, dns_servers, nr_dns); + if (ret != VPNSVC_ERROR_NONE) { + LOGE("add_dns failed"); + return ret; + } + } + +#if 0 /* add DNS servers */ if (nr_dns > 0) { ret = add_dns_servers(dns_servers, nr_dns, total_dns_string_cnt); @@ -892,10 +952,13 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, if (nr_dns > 0) { dns_nat_register(dns_servers, nr_dns, local_ip); } +#endif return ret; } + + int vpn_daemon_down(int iface_index) { struct ifreq ifr, addr_ifr; diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index f44eacc..ce85600 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.10 +Version: 1.0.11 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From c96da93e7626ee67e22051ffdaf85ae4096c6362 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Wed, 27 Apr 2016 09:45:36 +0900 Subject: [PATCH 10/16] Fix VPN read issue [Model] COMMON [Issue#] VPN read not returning for long time [Request] N/A [Occurrence Version] N/A [Problem] timeval structure is not initialized properly [Cause & Measure] Garbage value passed to select() function [Checking Method] Try to use vpnsvc_read() API [Team] Wireless Data [Developer] Ravi Prasad RK [Solution company] Samsung [Change Type] N/A Change-Id: I670c37d79584a5cb1c483a342cb5b71c3e2fa137 Signed-off-by: Taesub Kim --- framework/src/capi_vpn_service.c | 1 + packaging/capi-vpn-service.spec | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index c4ea33d..0d88fb9 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -605,6 +605,7 @@ EXPORT_API int vpnsvc_read(vpnsvc_h handle, int timeout_ms) /* listen for events */ FD_ZERO(&read_set); FD_SET(tun_s->fd, &read_set); + tv.tv_sec = 0; tv.tv_usec = timeout_ms*1000; retVal = select(tun_s->fd +1, &read_set, NULL, NULL, &tv); diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index ce85600..a80298c 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.11 +Version: 1.0.12 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From 6e96f72977997bf93a449f616d60f90aa24f438e Mon Sep 17 00:00:00 2001 From: taesubkim Date: Fri, 29 Apr 2016 18:25:52 +0900 Subject: [PATCH 11/16] [TSAM-2611] Fixed itc issue Change-Id: I847e9b60f02cebe45d28e19a90e11884f162e962 Signed-off-by: Taesub Kim --- framework/src/capi_vpn_service.c | 3 --- packaging/capi-vpn-service.spec | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 0d88fb9..5ad13e6 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -248,9 +248,6 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) } else if (handle == NULL) { LOGE("handle is a NULL");//LCOV_EXCL_LINE return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE - } else if (*handle != NULL) { - LOGE("handle already created");//LCOV_EXCL_LINE - return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE } vpnsvc_tun_s *tmp_s = NULL; diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index a80298c..6c43f74 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.12 +Version: 1.0.13 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From 26b3408a22346a17bb9fa4c6ae6c0059fd128954 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Mon, 2 May 2016 15:37:10 +0900 Subject: [PATCH 12/16] Add handle list for vpn service Modify some code for test Change-Id: Ie137b4b223cf4b847b1200ecd136b5bb7a1c82f2 Signed-off-by: hyunuktak --- framework/src/capi_vpn_service.c | 24 ++++- packaging/capi-vpn-service.spec | 19 ++-- test/CMakeLists.txt | 4 +- test/vpn_service_test.c | 211 +++++++++++++++++++++++---------------- 4 files changed, 155 insertions(+), 103 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 5ad13e6..d83ce10 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -34,6 +34,7 @@ GVariant *op = NULL; +static __thread GSList *vpn_handle_list = NULL; static __thread bool is_feature_checked = false; static __thread bool feature_supported = false; @@ -60,6 +61,17 @@ int _vpnsvc_check_feature_supported(const char *feature_name) return VPNSVC_ERROR_NONE; } +static bool _vpn_check_handle_validity(vpnsvc_h vpnsvc) +{ + if (vpnsvc == NULL) + return false; + + if (g_slist_find(vpn_handle_list, vpnsvc) != NULL) + return true; + else + return false; +} + static void _vpnsvc_init_vpnsvc_tun_s(vpnsvc_tun_s **s) { LOGD(" tun_s: %p", s); @@ -243,11 +255,11 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) /* parameter check */ if (iface_name == NULL || strlen(iface_name) <= 0) { - LOGE("iface_name is a NULL");//LCOV_EXCL_LINE - return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE - } else if (handle == NULL) { - LOGE("handle is a NULL");//LCOV_EXCL_LINE - return VPNSVC_ERROR_INVALID_PARAMETER;//LCOV_EXCL_LINE + LOGE("iface_name is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE + } else if (_vpn_check_handle_validity(*handle)) { + LOGE("Invalid parameter"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } vpnsvc_tun_s *tmp_s = NULL; @@ -324,6 +336,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) strncpy(tmp_s->name, tmp_name, VPNSVC_VPN_IFACE_NAME_LEN); tmp_s->name[VPNSVC_VPN_IFACE_NAME_LEN-1] = '\0'; *handle = tmp_s; + vpn_handle_list = g_slist_prepend(vpn_handle_list, *handle); LOGD("handle : %p, handle->fd : %d, handle->index : %d, handle->name : %s", (*handle), ((vpnsvc_tun_s*)*handle)->fd, ((vpnsvc_tun_s*)*handle)->index, ((vpnsvc_tun_s*)*handle)->name); } @@ -383,6 +396,7 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) /* free allocared handle memory */ _vpnsvc_deinit_vpnsvc_tun_s(tun_s); + vpn_handle_list = g_slist_remove(vpn_handle_list, handle); } return result; diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 6c43f74..50c11a2 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.13 +Version: 1.0.14 Release: 1 Group: System/Network License: Apache-2.0 @@ -43,12 +43,12 @@ Group: Development/Libraries %description -n capi-vpnsvc-devel capi-vpnsvc CAPI devel package -%package -n vpnsvc-test -Summary: Vpnsvc test -Group: Development/Libraries +#%package -n vpnsvc_test +#Summary: Vpnsvc test +#Group: Development/Libraries -%description -n vpnsvc-test -vpnsvc test package +#%description -n vpnsvc_test +#vpnsvc test package %package -n vpnsvc-daemon Summary: Vpnsvc daemon @@ -129,13 +129,14 @@ fi %manifest framework/capi-vpnsvc.manifest %{_libdir}/libcapi-vpnsvc.so.* %{_datadir}/license/capi-vpnsvc +%{_bindir}/vpnsvc_test %files -n capi-vpnsvc-devel %{_includedir}/*.h %{_libdir}/pkgconfig/capi-vpnsvc.pc %{_libdir}/libcapi-vpnsvc.so -%files -n vpnsvc-test -%manifest test/vpnsvc-test.manifest -/usr/sbin/vpnsvc-test +#%files -n vpnsvc_test +#%manifest test/vpnsvc-test.manifest +#%{_bindir}/vpnsvc_test diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index e23d651..f2146f8 100755 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -1,5 +1,5 @@ CMAKE_MINIMUM_REQUIRED(VERSION 2.6) -SET(PACKAGE_NAME vpnsvc-test) +SET(PACKAGE_NAME vpnsvc_test) SET(LIB_NAME ${PACKAGE_NAME}) PROJECT(${LIB_NAME}) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) @@ -38,4 +38,4 @@ SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR}) ADD_EXECUTABLE(${PACKAGE_NAME} ${TEST_SRCS}) TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} "-ldl" capi-vpnsvc) -INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION sbin) +INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION bin/) diff --git a/test/vpn_service_test.c b/test/vpn_service_test.c index d36bfac..e1b4dbb 100755 --- a/test/vpn_service_test.c +++ b/test/vpn_service_test.c @@ -40,21 +40,45 @@ vpnsvc_h handle = NULL; +static const char *test_print_error(vpnsvc_error_e error) +{ + switch (error) { + case VPNSVC_ERROR_NONE: + return "VPNSVC_ERROR_NONE"; + case VPNSVC_ERROR_INVALID_PARAMETER: + return "VPNSVC_ERROR_INVALID_PARAMETER"; + case VPNSVC_ERROR_OUT_OF_MEMORY: + return "VPNSVC_ERROR_OUT_OF_MEMORY"; + case VPNSVC_ERROR_PERMISSION_DENIED: + return "VPNSVC_ERROR_PERMISSION_DENIED"; + case VPNSVC_ERROR_NO_SUCH_FILE: + return "VPNSVC_ERROR_NO_SUCH_FILE"; + case VPNSVC_ERROR_IO_ERROR: + return "VPNSVC_ERROR_IO_ERROR"; + case VPNSVC_ERROR_TIMEOUT: + return "VPNSVC_ERROR_TIMEOUT"; + case VPNSVC_ERROR_IPC_FAILED: + return "VPNSVC_ERROR_IPC_FAILED"; + case VPNSVC_ERROR_NOT_SUPPORTED: + return "VPNSVC_ERROR_NOT_SUPPORTED"; + default: + return "VPNSVC_ERROR_UNKNOWN"; + } +} + int test_vpnsvc_init() { char *name = TEST_VPN_IF_NAME; - int ret = VPNSVC_ERROR_NONE; + int rv = VPNSVC_ERROR_NONE; int int_value; - printf("test vpnsvc_init\n"); + rv = vpnsvc_init(name, &handle); - ret = vpnsvc_init(name, &handle); - - if (ret != VPNSVC_ERROR_NONE) { - printf("vpnsvc_init failed : %d\n", ret); + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc initialize fail [%s]\n", test_print_error(rv)); + return -1; } else { char* result_name = NULL; - printf("vpnsvc_init Succeed : %d\n", ret); if (vpnsvc_get_iface_fd(handle, &int_value) == VPNSVC_ERROR_NONE) printf("iface_fd : %d\n", int_value); @@ -66,32 +90,40 @@ int test_vpnsvc_init() else printf("Fail to get iface_index\n"); - ret = vpnsvc_get_iface_name(handle, &result_name); - if (ret == VPNSVC_ERROR_NONE) + if (vpnsvc_get_iface_name(handle, &result_name) == VPNSVC_ERROR_NONE) printf("iface_name : %s\n", result_name); + else + printf("Fail to get iface_name\n"); } - return 0; + printf("vpnsvc initialize success\n"); + return 1; } int test_vpnsvc_deinit() { - printf("test vpnsvc_deinit\n"); + int rv = 0; if (handle) - vpnsvc_deinit(handle); - - handle = NULL; + rv = vpnsvc_deinit(handle); + else { + printf("cannot deinitialize : handle is NULL\n"); + rv = VPNSVC_ERROR_INVALID_PARAMETER; + } - return 0; + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc deinitialize fail [%s]\n", test_print_error(rv)); + return -1; + } + handle = NULL; + printf("vpnsvc deinitialize success\n"); + return 1; } int test_vpnsvc_protect() { - int sock, ret; - - printf("test vpnsvc_protect\n"); + int sock, rv; if (!handle) { printf("invalid handle\n"); @@ -103,20 +135,20 @@ int test_vpnsvc_protect() return -2; } - ret = vpnsvc_protect(handle, sock, "wlan0"); - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_protect failed!\n"); + rv = vpnsvc_protect(handle, sock, "wlan0"); + if (rv != VPNSVC_ERROR_NONE) + printf("vpnsvc protect fail [%s]\n", test_print_error(rv)); else - printf("vpnsvc_protect Succeed!\n"); + printf("vpnsvc protect success\n"); close(sock); - return 0; + return 1; } int test_vpnsvc_up() { - int ret; + int rv; char local[VPNSVC_IP4_STRING_LEN] = {'\0',}; char remote[VPNSVC_IP4_STRING_LEN] = {'\0',}; char *routes[2]; @@ -152,11 +184,7 @@ int test_vpnsvc_up() dns_server[0] = dns1; dns_server[1] = dns2; - ret = vpnsvc_up(handle, local, remote, routes, prefix, nr_routes, dns_server, nr_dns, dns_suffix); - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_up failed!\n"); - else - printf("vpnsvc_up Succeed!\n"); + rv = vpnsvc_up(handle, local, remote, routes, prefix, nr_routes, dns_server, nr_dns, dns_suffix); free(routes[0]); free(routes[1]); @@ -164,37 +192,41 @@ int test_vpnsvc_up() routes[0] = NULL; routes[1] = NULL; - return 0; + if (rv != VPNSVC_ERROR_NONE) + printf("vpnsvc up fail [%s]\n", test_print_error(rv)); + else + printf("vpnsvc up success\n"); + + return 1; } int test_vpnsvc_down() { - int ret; + int rv; if (!handle) { printf("invalid handle\n"); return -1; } - ret = vpnsvc_down(handle); - - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_down failed!\n"); - else - printf("vpnsvc_down Succeed!\n"); - - return 0; - + rv = vpnsvc_down(handle); + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc down fail [%s]\n", test_print_error(rv)); + return -1; + } else { + printf("vpnsvc down success\n"); + return 1; + } } int test_vpnsvc_read() { - return 0; + return -1; } int test_vpnsvc_write() { - return 0; + return -1; } int test_vpnsvc_block_networks() @@ -205,7 +237,7 @@ int test_vpnsvc_block_networks() char* allow_nets[2]; int allow_prefix[2]; int allow_nr_nets = 2; - int ret; + int rv; if (!handle) { printf("invalid handle\n"); @@ -230,12 +262,7 @@ int test_vpnsvc_block_networks() strncpy(allow_nets[1], "206.190.36.45", VPNSVC_IP4_STRING_LEN); allow_prefix[1] = 32; - ret = vpnsvc_block_networks(handle, block_nets, block_prefix, block_nr_nets, allow_nets, allow_prefix, allow_nr_nets); - - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_block_networks failed!\n"); - else - printf("vpnsvc_block_networks Succeed!\n"); + rv = vpnsvc_block_networks(handle, block_nets, block_prefix, block_nr_nets, allow_nets, allow_prefix, allow_nr_nets); free(block_nets[0]); free(block_nets[1]); @@ -247,78 +274,84 @@ int test_vpnsvc_block_networks() allow_nets[0] = NULL; allow_nets[1] = NULL; - return 0; - + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc block networks fail [%s]\n", test_print_error(rv)); + return -1; + } else { + printf("vpnsvc block networks success\n"); + return 1; + } } int test_vpnsvc_unblock_networks() { - int ret; + int rv; if (!handle) { printf("invalid handle\n"); return -1; } - ret = vpnsvc_unblock_networks(handle); - - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_unblock_networks failed!\n"); - else - printf("vpnsvc_unblock_networks Succeed!\n"); - - return 0; + rv = vpnsvc_unblock_networks(handle); + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc unblock networks fail [%s]\n", test_print_error(rv)); + return -1; + } else { + printf("vpnsvc unblock networks success"); + return 1; + } } int test_vpnsvc_set_mtu() { - int ret; + int rv; - ret = vpnsvc_set_mtu(handle, 9000); - - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_set_mtu failed!\n"); - else - printf("vpnsvc_set_mtu Succeed!\n"); - - return 0; + rv = vpnsvc_set_mtu(handle, 9000); + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc set mtu fail [%s]\n", test_print_error(rv)); + return -1; + } else { + printf("vpnsvc set mtu success\n"); + return 1; + } } bool g_blocking = false; int test_vpnsvc_set_blocking() { - int ret; + int rv; g_blocking = !g_blocking; printf("Blocking Parameter: %s\n", g_blocking ? "true" : "false"); - ret = vpnsvc_set_blocking(handle, g_blocking); - - if (ret != VPNSVC_ERROR_NONE) - printf("vpnsvc_set_blocking failed!\n"); - else - printf("vpnsvc_set_blocking Succeed!\n"); + rv = vpnsvc_set_blocking(handle, g_blocking); - return 0; + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc set blocking fail [%s]\n", test_print_error(rv)); + return -1; + } else { + printf("vpnsvc set blocking success\n"); + return 1; + } } int test_vpnsvc_set_session() { - int ret; + int rv; char *set_session = "vpnsvc_test VPN Session"; char *get_session = NULL; - ret = vpnsvc_set_session(handle, set_session); + rv = vpnsvc_set_session(handle, set_session); - if (ret != VPNSVC_ERROR_NONE) { - printf("vpnsvc_set_session failed!\n"); + if (rv != VPNSVC_ERROR_NONE) { + printf("vpnsvc set session fail [%s]\n", test_print_error(rv)); + return -1; } else { - ret = vpnsvc_get_session(handle, &get_session); - printf("Session Name = %s\n", get_session); - printf("vpnsvc_set_session Succeed!\n"); + rv = vpnsvc_get_session(handle, &get_session); + printf("session name = %s\n", get_session); + printf("vpnsvc set session Success\n"); + return 1; } - - return 0; } int test_exit() @@ -376,7 +409,11 @@ int main() continue; } - test_function_table[comm-1](); + int rv = test_function_table[comm-1](); + if (rv == 1) + printf("Operation succeeded!\n"); + else + printf("Operation failed!\n"); } return 0; } -- 2.7.4 From d3cf71781d0f583bede1ebf32c32d0651b057edb Mon Sep 17 00:00:00 2001 From: taesubkim Date: Tue, 3 May 2016 13:09:35 +0900 Subject: [PATCH 13/16] [SVACE] 77596 Fixed svace issue Change-Id: Ibd09262afd95a5e2530c8c609f64c1e614fea92a Signed-off-by: Taesub Kim --- daemon/src/vpn_service_daemon.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index f4f82b9..358f4af 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -146,12 +146,13 @@ static int add_dns_routes(char* if_name, char** dns_servers, size_t nr_dns) struct sockaddr_in addr; int sk; unsigned int i = 0; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("Enter add_routes"); sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { - LOGE("socket failed : %s", strerror(errno)); + LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } @@ -179,7 +180,7 @@ static int add_dns_routes(char* if_name, char** dns_servers, size_t nr_dns) rt.rt_dev = if_name; if (ioctl(sk, SIOCADDRT, &rt) < 0) { - LOGE("ioctl SIOCADDRT failed : %s", strerror(errno)); + LOGE("ioctl SIOCADDRT failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } -- 2.7.4 From 0cd40e7fda377fcbe27680a9e9738fd32aac7d78 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Wed, 4 May 2016 10:55:23 +0900 Subject: [PATCH 14/16] Fix passed to proc after free Change-Id: I63f1612ace96f94f4b25344fc8df1032d51d18dc Signed-off-by: hyunuktak --- framework/src/capi_vpn_service.c | 2 +- packaging/capi-vpn-service.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index d83ce10..ff52f53 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -395,8 +395,8 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) LOGD("tun fd close success"); /* free allocared handle memory */ + vpn_handle_list = g_slist_remove(vpn_handle_list, tun_s); _vpnsvc_deinit_vpnsvc_tun_s(tun_s); - vpn_handle_list = g_slist_remove(vpn_handle_list, handle); } return result; diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 50c11a2..9e3b66d 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.14 +Version: 1.0.15 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4 From a492b54ce4b566f5cbae93b7198cb54653dde6d6 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Fri, 13 May 2016 16:33:36 +0900 Subject: [PATCH 15/16] Modified build option naming rule Change-Id: Ia04cf1a5d374d0aac39d4945a232b32542485ec9 Signed-off-by: Taesub Kim --- CMakeLists.txt | 9 --------- packaging/capi-vpn-service.spec | 19 +++---------------- 2 files changed, 3 insertions(+), 25 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b60293d..ee997cb 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -24,15 +24,6 @@ ADD_DEFINITIONS("-fPIC") # ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings -STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}") -ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"") -ADD_DEFINITIONS("-DSMACK_ENABLED") - -IF (CMAKE_BUILD_TYPE MATCHES "DEBUG") - ADD_DEFINITIONS("-DTIZEN_DEBUG_ENABLE") - ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG") -ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG") - ADD_SUBDIRECTORY(framework) ADD_SUBDIRECTORY(daemon) ADD_SUBDIRECTORY(test) diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 9e3b66d..f30b897 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.15 +Version: 1.0.16 Release: 1 Group: System/Network License: Apache-2.0 @@ -65,26 +65,13 @@ vpnsvc daemon package %setup -q %build -%if 0%{?sec_build_binary_debug_enable} -export CFLAGS="$CFLAGS -DTIZEN_DEBUG_ENABLE" -export CXXFLAGS="$CXXFLAGS -DTIZEN_DEBUG_ENABLE" -export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE" -%endif - -%if 0%{?tizen_build_binary_release_type_eng} -export CFLAGS="$CFLAGS -DTIZEN_ENGINEER_MODE" -export CXXFLAGS="$CXXFLAGS -DTIZEN_ENGINEER_MODE" -export FFLAGS="$FFLAGS -DTIZEN_ENGINEER_MODE" -%endif - export LDFLAGS+="-Wl,--rpath=%{_libdir}" MAJORVER=`echo %{version} | awk 'BEGIN {FS="."}{print $1}'` %cmake . -DVERSION=%{version} \ - -DFULLVER=%{version} \ - -DMAJORVER=${MAJORVER} \ + -DFULLVER=%{version} \ + -DMAJORVER=${MAJORVER} \ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ - -DTIZEN_ENGINEER_MODE=%{?tizen_build_binary_release_type_eng:1}%{!?tizen_build_binary_release_type_eng:0} \ -DCMAKE_VERBOSE_MAKEFILE=ON \ -DLIB_INSTALL_DIR=%{_libdir} -- 2.7.4 From 77b35d2863f3ea1b39fab094eed2c33f640b5998 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Thu, 19 May 2016 17:29:36 +0900 Subject: [PATCH 16/16] Fixed build warning Change-Id: I41ebf9068cc4b1f10e23db8a5009c86dd72f952a Signed-off-by: Taesub Kim --- daemon/src/vpn_service_daemon.c | 14 ++++++++++++++ framework/src/capi_vpn_service.c | 1 - packaging/capi-vpn-service.spec | 2 +- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 358f4af..33dbbf7 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -57,8 +57,10 @@ static char iptables_rule_with_interface_fmt[] = "%s -%c %s%s -%c %s -%c %s/%d - /*static char iptables_usage_fmt[] = "%s -L %s%s -n -v -w;";*/ /* iptables -t nat -A CAPI_VPN_SERVICE_OUTPUT -p udp -d --dport 53 -j DNAT --to */ static char iptables_nat_chain_name[] = "CAPI_VPN_SERVICE_NAT_OUTPUT"; +#if 0 static char iptables_nat_register_init_fmt[] = "%s -t nat -N %s -w;" "%s -t nat -F %s -w;" "%s -t nat -I %s -j %s -w;"; static char iptables_nat_register_rule_fmt[] = "%s -t nat -A %s -p udp -d %s --dport 53 -j DNAT --to %s:53 -w;"; +#endif static char iptables_nat_unregister_fmt[] = "%s -t nat -D %s -j %s -w;" "%s -t nat -F %s -w;" "%s -t nat -X %s -w;"; typedef unsigned long int ipv4; /* Declare variable type for ipv4 net address. */ @@ -268,6 +270,7 @@ static char *connman_default_profile(GDBusConnection *connection) return profile; } +#if 0 static char *connman_get_items(GDBusConnection *connection, char *profile, const char *keystr) { GVariant *message = NULL; @@ -319,6 +322,7 @@ static char *connman_get_items(GDBusConnection *connection, char *profile, const return items; } +#endif static void connman_set_items(GDBusConnection *connection, char *profile, const char *keystr, char *items) @@ -348,6 +352,7 @@ static void connman_set_items(GDBusConnection *connection, char *profile, } +#if 0 static char *connman_get_nameservers(GDBusConnection *connection, char *profile) { return connman_get_items(connection, profile, "Nameservers"); @@ -357,6 +362,7 @@ static char *connman_get_nameservers_conf(GDBusConnection *connection, char *pro { return connman_get_items(connection, profile, "Nameservers.Configuration"); } +#endif static void connman_set_nameservers(GDBusConnection *connection, char *profile, char *nameservers) @@ -365,6 +371,7 @@ static void connman_set_nameservers(GDBusConnection *connection, char *profile, "Nameservers.Configuration", nameservers); } +#if 0 static char *connman_get_domains(GDBusConnection *connection, char *profile) { return connman_get_items(connection, profile, "Domains"); @@ -374,6 +381,7 @@ static char *connman_get_domains_conf(GDBusConnection *connection, char *profile { return connman_get_items(connection, profile, "Domains.Configuration"); } +#endif static void connman_set_domains(GDBusConnection *connection, char *profile, char *domains) @@ -382,6 +390,7 @@ static void connman_set_domains(GDBusConnection *connection, char *profile, "Domains.Configuration", domains); } +#if 0 static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt) { char *profile = NULL; @@ -449,6 +458,7 @@ static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_s free(profile); return VPNSVC_ERROR_NONE; } +#endif static int del_dns_servers() { @@ -474,6 +484,7 @@ static int del_dns_servers() return VPNSVC_ERROR_NONE; } +#if 0 static int add_dns_suffix(const char* dns_suffix, size_t dns_suffix_len) { char *profile = NULL; @@ -537,6 +548,7 @@ static int add_dns_suffix(const char* dns_suffix, size_t dns_suffix_len) return VPNSVC_ERROR_NONE; } +#endif static int del_dns_suffix() { @@ -573,6 +585,7 @@ static void iptables_exec(char *cmdline) pclose(fp); } +#if 0 static void dns_nat_register(char **vpn_dns_address, size_t nr_dns, char *vpn_device_address) { int size = 0, i; @@ -592,6 +605,7 @@ static void dns_nat_register(char **vpn_dns_address, size_t nr_dns, char *vpn_de LOGD("iptable dns nat reg cmd : %s", buf); iptables_exec(buf); } +#endif static void dns_nat_unregister(void) { diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index ff52f53..88daf01 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -17,7 +17,6 @@ * */ - #include "capi_vpn_service_private.h" #include #include diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index f30b897..17bbfc7 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.16 +Version: 1.0.17 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4