From 1695270f78fe22b99fb256eb0a822897dce1657a Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Mon, 11 Jan 2016 09:32:58 +0900 Subject: [PATCH 01/16] [ACR-472] Modified comments of ACR #2 Change-Id: I346d6c7325741f9ac44ba452e56a8a9ad55af869 Signed-off-by: Taesub Kim Signed-off-by: Deepak Kumar Sahu --- daemon/include/vpn_service_daemon.h | 10 ++-- daemon/src/vpn_service_daemon.c | 23 ++++---- daemon/src/vpnsvc.c | 75 ++++++++++------------- framework/src/capi_vpn_service.c | 82 ++++++++++++++----------- include/vpn_service.h | 115 ++++++++++++++++++------------------ test/vpn_service_test.c | 80 ++++++++++++++++--------- 6 files changed, 206 insertions(+), 179 deletions(-) diff --git a/daemon/include/vpn_service_daemon.h b/daemon/include/vpn_service_daemon.h index 9237184..755ce3e 100755 --- a/daemon/include/vpn_service_daemon.h +++ b/daemon/include/vpn_service_daemon.h @@ -27,12 +27,12 @@ int vpn_daemon_init(const char* tun_name, size_t tun_name_len, int fd, vpnsvc_tu int vpn_daemon_deinit(const char* dev_name); int vpn_daemon_protect(int socket, const char* dev_name); int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, - const struct vpnsvc_route* routes, size_t nr_routes, - char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, - const char* dns_suffix, const unsigned int mtu); + const char* routes[], int prefix[], size_t nr_routes, + char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, + const char* dns_suffix, const unsigned int mtu); int vpn_daemon_down(int tun_index); -int vpn_daemon_block_networks(const struct vpnsvc_route* nets_vpn, size_t nr_nets_vpn, - const struct vpnsvc_route* nets_orig, size_t nr_nets_orig); +int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); int vpn_daemon_unblock_networks(void); #endif /* __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__ */ diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 977426e..e664124 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -27,6 +27,7 @@ #include #include #include +#include #include "vpn_service_daemon.h" @@ -81,7 +82,7 @@ static in_addr_t host2net(ipv4 host) return net; } -static int add_routes(char* if_name, const struct vpnsvc_route* routes, size_t nr_routes) +static int add_routes(char* if_name, const char* routes[], int prefix[], size_t nr_routes) { struct rtentry rt; struct sockaddr_in addr; @@ -102,7 +103,7 @@ static int add_routes(char* if_name, const struct vpnsvc_route* routes, size_t n memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; - addr.sin_addr.s_addr = inet_addr(routes[i].dest); + addr.sin_addr.s_addr = inet_addr(routes[i]); memcpy(&rt.rt_dst, &addr, sizeof(rt.rt_dst)); memset(&addr, 0, sizeof(addr)); @@ -114,7 +115,7 @@ static int add_routes(char* if_name, const struct vpnsvc_route* routes, size_t n memset(&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; addr.sin_addr.s_addr = INADDR_ANY; - addr.sin_addr.s_addr = host2net(make_mask(routes[i].prefix)); + addr.sin_addr.s_addr = host2net(make_mask(prefix[i])); memcpy(&rt.rt_genmask, &addr, sizeof(rt.rt_genmask)); rt.rt_dev = if_name; @@ -724,7 +725,7 @@ int vpn_daemon_protect(int socket_fd, const char* dev_name) } int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, - const struct vpnsvc_route* routes, size_t nr_routes, + const char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu) { @@ -816,7 +817,7 @@ int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, /* add routes */ if (nr_routes > 0) { - ret = add_routes(ifr_tun.ifr_name, routes, nr_routes); + ret = add_routes(ifr_tun.ifr_name, routes, prefix, nr_routes); if (ret != VPNSVC_ERROR_NONE) { LOGE("add_routes failed"); return ret; @@ -903,21 +904,21 @@ int vpn_daemon_down(int tun_index) return VPNSVC_ERROR_NONE; } -int vpn_daemon_block_networks(const struct vpnsvc_route* nets_vpn, size_t nr_nets_vpn, - const struct vpnsvc_route* nets_orig, size_t nr_nets_orig) { +int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) { unsigned int i; /* iptable chain regist */ iptables_register(); for (i = 0; i < nr_nets_vpn; i++) { - LOGD("block[%d] ip/mask : %s/%d", i, nets_vpn[i].dest, nets_vpn[i].prefix); - iptables_add(nets_vpn[i].dest, nets_vpn[i].prefix); + LOGD("block[%d] ip/mask : %s/%d", i, nets_vpn[i], prefix_vpn[i]); + iptables_add(nets_vpn[i], prefix_vpn[i]); } for (i = 0; i < nr_nets_orig; i++) { - LOGD("allow[%d] ip/mask : %s/%d", i, nets_orig[i].dest, nets_orig[i].prefix); - iptables_add_orig(nets_orig[i].dest, nets_orig[i].prefix); + LOGD("allow[%d] ip/mask : %s/%d", i, nets_orig[i], prefix_orig[i]); + iptables_add_orig(nets_orig[i], prefix_orig[i]); } return VPNSVC_ERROR_NONE; diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index d2a55fa..ce858da 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -132,7 +132,8 @@ gboolean handle_vpn_up(Vpnsvc *object, LOGD("handle_vpn_up"); - struct vpnsvc_route* routes = NULL; + char* routes[arg_nr_routes]; + int prefix[arg_nr_routes]; char **dns_servers = NULL; unsigned int i = 0; @@ -157,20 +158,17 @@ gboolean handle_vpn_up(Vpnsvc *object, if (arg_nr_routes > 0) { if (arg_routes != NULL) { GVariant *dict = g_variant_get_variant(arg_routes); - routes = (struct vpnsvc_route*)malloc(sizeof(struct vpnsvc_route)*arg_nr_routes); - if (routes == NULL) { - LOGE("malloc failed."); - result = VPNSVC_ERROR_OUT_OF_MEMORY; - goto done; - } g_variant_iter_init(&iter, dict); i = 0; while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) { int temp_dest_str_len = strlen(route_dest); - strncpy(routes[i].dest, route_dest, temp_dest_str_len); - routes[i].dest[temp_dest_str_len] = '\0'; - routes[i].prefix = route_prefix; - LOGD("routes[%d] : %s/%d", i, (routes[i].dest == NULL) ? "" : routes[i].dest, routes[i].prefix); + routes[i] = malloc((sizeof(char) * temp_dest_str_len)+1); + memset(routes[i], 0, sizeof(char) * temp_dest_str_len); + strncpy(routes[i], route_dest, temp_dest_str_len); + routes[i][temp_dest_str_len] = '\0'; + prefix[i] = route_prefix; + LOGD("routes[%d] = %s \t", i, (routes[i] == NULL) ? "" : routes[i]); + LOGD("prefix[%d] = %d ", i, prefix[i]); i++; } } @@ -202,13 +200,10 @@ gboolean handle_vpn_up(Vpnsvc *object, } result = vpn_daemon_up(arg_tun_index, arg_local_ip, arg_remote_ip, - routes, arg_nr_routes, dns_servers, arg_nr_dns, + routes, prefix, arg_nr_routes, dns_servers, arg_nr_dns, total_dns_string_cnt, arg_dns_suffix, arg_mtu); done: /* free pointers */ - if (routes) - free(routes); - if (dns_servers) { for (i = 0; i < arg_nr_dns; i++) { if (dns_servers[i]) @@ -248,8 +243,11 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, LOGD("handle_vpn_block_networks"); int result = VPNSVC_ERROR_NONE; - struct vpnsvc_route* nets_vpn = NULL; - struct vpnsvc_route* nets_orig = NULL; + char *nets_vpn[arg_nr_nets_vpn]; + int prefix_vpn[arg_nr_nets_vpn]; + + char *nets_orig[arg_nr_nets_vpn]; + int prefix_orig[arg_nr_nets_vpn]; int i = 0; GVariantIter iter; @@ -262,20 +260,17 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, if (arg_nr_nets_vpn > 0) { if (arg_nets_vpn != NULL) { GVariant *dict_nets_vpn = g_variant_get_variant(arg_nets_vpn); - nets_vpn = (struct vpnsvc_route*)malloc(sizeof(struct vpnsvc_route)*arg_nr_nets_vpn); - if (nets_vpn == NULL) { - LOGE("malloc failed."); - result = VPNSVC_ERROR_OUT_OF_MEMORY; - goto done; - } g_variant_iter_init(&iter, dict_nets_vpn); i = 0; while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) { int tmp_route_len = strlen(route_dest); - strncpy(nets_vpn[i].dest, route_dest, tmp_route_len); - nets_vpn[i].dest[tmp_route_len] = '\0'; - nets_vpn[i].prefix = route_prefix; - LOGD("nets_vpn[%d] : %s/%d", i, (nets_vpn[i].dest == NULL) ? "" : nets_vpn[i].dest, nets_vpn[i].prefix); + nets_vpn[i] = malloc(sizeof(char) * tmp_route_len + 1); + memset(nets_vpn[i], 0, sizeof(char) * tmp_route_len); + strncpy(nets_vpn[i], route_dest, tmp_route_len); + nets_vpn[i][tmp_route_len] = '\0'; + prefix_vpn[i] = route_prefix; + LOGD("nets_vpn[%d] = %s \t", i, (nets_vpn[i] == NULL) ? "" : nets_vpn[i]); + LOGD("prefix_vpn[%d] = %d ", i, prefix_vpn[i]); i++; } } @@ -285,34 +280,24 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, if (arg_nr_nets_orig > 0) { if (arg_nets_orig != NULL) { GVariant *dict_nets_orig = g_variant_get_variant(arg_nets_orig); - nets_orig = (struct vpnsvc_route*)malloc(sizeof(struct vpnsvc_route)*arg_nr_nets_orig); - if (nets_orig == NULL) { - LOGE("malloc failed."); - result = VPNSVC_ERROR_OUT_OF_MEMORY; - goto done; - } g_variant_iter_init(&iter, dict_nets_orig); i = 0; while (g_variant_iter_loop(&iter, "{si}", &route_dest, &route_prefix)) { int tmp_route_len = strlen(route_dest); - strncpy(nets_orig[i].dest, route_dest, tmp_route_len); - nets_orig[i].dest[tmp_route_len] = '\0'; - nets_orig[i].prefix = route_prefix; - LOGD("nets_orig[%d] : %s/%d", i, (nets_orig[i].dest == NULL) ? "" : nets_orig[i].dest, nets_orig[i].prefix); + nets_orig[i] = malloc(sizeof(char) * tmp_route_len + 1); + memset(nets_orig[i], 0, sizeof(char) * tmp_route_len); + strncpy(nets_orig[i], route_dest, tmp_route_len); + nets_orig[i][tmp_route_len] = '\0'; + prefix_orig[i] = route_prefix; + LOGD("nets_orig[%d] = %s \t", i, (nets_orig[i] == NULL) ? "" : nets_orig[i]); + LOGD("prefix_orig[%d] = %d ", i, prefix_orig[i]); i++; } } } /* call function */ - result = vpn_daemon_block_networks(nets_vpn, arg_nr_nets_vpn, nets_orig, arg_nr_nets_orig); - -done: - if (nets_vpn) - free(nets_vpn); - - if (nets_orig) - free(nets_orig); + result = vpn_daemon_block_networks(nets_vpn, prefix_vpn, arg_nr_nets_vpn, nets_orig, prefix_orig, arg_nr_nets_orig); vpnsvc_complete_vpn_block_networks(object, invocation, result); diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 9f59ade..bca72e6 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -418,9 +418,9 @@ int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name) } int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, - const struct vpnsvc_route* routes, size_t nr_routes, - const char** dns_servers, size_t nr_dns_servers, - const char* dns_suffix) + const char* dest[], int prefix[], size_t nr_routes, + const char** dns_servers, size_t nr_dns_servers, + const char* dns_suffix) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -460,13 +460,13 @@ int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, /* make a route parameter */ g_variant_builder_init(&route_builder, G_VARIANT_TYPE("a{si}")); for (i = 0 ; i < nr_routes ; i++) { - if (strlen(routes[i].dest) <= 0) { - LOGE("invalid routes[%d].dest", i); + if (strlen(dest[i]) <= 0) { + LOGE("invalid dest[%d]", i); return VPNSVC_ERROR_INVALID_PARAMETER; } - g_variant_builder_add(&route_builder, "{si}", routes[i].dest, routes[i].prefix); - LOGD("routes[%d].dest : %s", i, routes[i].dest); - LOGD("routes[%d].prefix : %d", i, routes[i].prefix); + g_variant_builder_add(&route_builder, "{si}", dest[i], prefix[i]); + LOGD("dest[%d] : %s", i, dest[i]); + LOGD("prefix[i] : %d", i, prefix[i]); } route_param = g_variant_builder_end(&route_builder); @@ -621,11 +621,15 @@ int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size) return write(tun_s->fd, data, size); } -API int vpnsvc_block_networks(vpnsvc_tun_h handle, - const struct vpnsvc_route* allow_routes_vpn, - size_t nr_allow_routes_vpn, - const struct vpnsvc_route* allow_routes_orig, - size_t nr_allow_routes_orig) + +int vpnsvc_block_networks(vpnsvc_tun_h handle, + const char* dest_vpn[], + int prefix_vpn[], + size_t nr_allow_routes_vpn, + const char* dest_orig[], + int prefix_orig[], + size_t nr_allow_routes_orig) + { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -653,18 +657,18 @@ API int vpnsvc_block_networks(vpnsvc_tun_h handle, /* make a route parameter for allowed VPN interface routes */ g_variant_builder_init(&nets_builder, G_VARIANT_TYPE("a{si}")); for (i = 0 ; i < nr_allow_routes_vpn ; i++) { - g_variant_builder_add(&nets_builder, "{si}", allow_routes_vpn[i].dest, allow_routes_vpn[i].prefix); - LOGD("routes[%d].dest : %s", i, allow_routes_vpn[i].dest); - LOGD("routes[%d].prefix : %d", i, allow_routes_vpn[i].prefix); + g_variant_builder_add(&nets_builder, "{si}", dest_vpn[i], prefix_vpn[i]); + LOGD("dest_vpn[%d] : %s", i, dest_vpn[i]); + LOGD("prefix_vpn[%d] : %d", i, prefix_vpn[i]); } nets_param_vpn = g_variant_builder_end(&nets_builder); /* make a route parameter for allowed Original interface Routes */ g_variant_builder_init(&nets_builder, G_VARIANT_TYPE("a{si}")); for (i = 0 ; i < nr_allow_routes_orig ; i++) { - g_variant_builder_add(&nets_builder, "{si}", allow_routes_orig[i].dest, allow_routes_orig[i].prefix); - LOGD("routes[%d].dest : %s", i, allow_routes_orig[i].dest); - LOGD("routes[%d].prefix : %d", i, allow_routes_orig[i].prefix); + g_variant_builder_add(&nets_builder, "{si}", dest_orig[i], prefix_orig[i]); + LOGD("dest_orig[%d] : %s", i, dest_orig[i]); + LOGD("prefix_orig[%d] : %d", i, prefix_orig[i]); } nets_param_orig = g_variant_builder_end(&nets_builder); @@ -736,15 +740,15 @@ int vpnsvc_unblock_networks(vpnsvc_tun_h handle) return result; } -int vpnsvc_get_tun_fd(vpnsvc_tun_h handle) +int vpnsvc_get_tun_fd(vpnsvc_tun_h handle, int* tun_fd) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL) { - LOGE("handle is a NULL"); + if (handle == NULL || tun_fd == NULL) { + LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } tun_s = (vpnsvc_tun_s*)handle; @@ -754,20 +758,23 @@ int vpnsvc_get_tun_fd(vpnsvc_tun_h handle) return VPNSVC_ERROR_INVALID_PARAMETER; } - return tun_s->fd; + *tun_fd = (int)(tun_s->fd); + + return VPNSVC_ERROR_NONE; } -int vpnsvc_get_tun_index(vpnsvc_tun_h handle) +int vpnsvc_get_tun_index(vpnsvc_tun_h handle, int* tun_index) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL) { - LOGE("handle is a NULL"); + if (handle == NULL || tun_index == NULL) { + LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } + tun_s = (vpnsvc_tun_s*)handle; if (tun_s->index <= 0) { @@ -775,14 +782,17 @@ int vpnsvc_get_tun_index(vpnsvc_tun_h handle) return VPNSVC_ERROR_INVALID_PARAMETER; } - return tun_s->index; + *tun_index = (int)(tun_s->index); + + return VPNSVC_ERROR_NONE; } -int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char* tun_name) +int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char** tun_name) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; + char la_tun_name[VPNSVC_TUN_IF_NAME_LEN + 1] = { 0, }; /* parameter check */ if (handle == NULL) { @@ -796,8 +806,13 @@ int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char* tun_name) return VPNSVC_ERROR_INVALID_PARAMETER; } - strncpy(tun_name, tun_s->name, VPNSVC_TUN_IF_NAME_LEN); - tun_name[VPNSVC_TUN_IF_NAME_LEN-1] = '\0'; + if (tun_name == NULL) { + LOGE("tun name string is NULL"); + return VPNSVC_ERROR_INVALID_PARAMETER; + } + + g_strlcpy(la_tun_name, tun_s->name, VPNSVC_TUN_IF_NAME_LEN + 1); + *tun_name = g_strdup(la_tun_name); return VPNSVC_ERROR_NONE; } @@ -886,11 +901,12 @@ int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session) return VPNSVC_ERROR_NONE; } -int vpnsvc_get_session(vpnsvc_tun_h handle, char* session) +int vpnsvc_get_session(vpnsvc_tun_h handle, char** session) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; + char la_session[VPNSVC_SESSION_STRING_LEN + 1] = { 0, }; /* parameter check */ if (handle == NULL) { @@ -904,8 +920,8 @@ int vpnsvc_get_session(vpnsvc_tun_h handle, char* session) return VPNSVC_ERROR_INVALID_PARAMETER; } - strncpy(session, tun_s->session, VPNSVC_SESSION_STRING_LEN); - session[VPNSVC_SESSION_STRING_LEN-1] = '\0'; + g_strlcpy(la_session, tun_s->session, VPNSVC_SESSION_STRING_LEN + 1); + *session = g_strdup(la_session); return VPNSVC_ERROR_NONE; } diff --git a/include/vpn_service.h b/include/vpn_service.h index 0487dcc..5374e51 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -1,5 +1,5 @@ /* -* Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved +* Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -38,40 +38,46 @@ */ #include -#include #include #ifdef __cplusplus extern "C" { #endif // __cplusplus +#ifdef LOG_TAG +#undef LOG_TAG +#endif +#define LOG_TAG "CAPI_VPNSVC" + #ifndef API #define API __attribute__ ((visibility("default"))) #endif /** - * @brief IPv4 address string length (includes end null character) + * @brief IPv4 address string length (includes end null character). * @since_tizen 3.0 */ #define VPNSVC_IP4_STRING_LEN 16 /** - * @brief TUN interface name length + * @brief TUN interface name length. * @since_tizen 3.0 */ #define VPNSVC_TUN_IF_NAME_LEN 16 /** - * @brief Session name string length (includes end null character) + * @brief Session name string length (includes end null character). * @since_tizen 3.0 */ #define VPNSVC_SESSION_STRING_LEN 32 +#ifndef TIZEN_ERROR_VPNSVC +#define TIZEN_ERROR_VPNSVC -0x03200000 +#endif /** - * @brief Enumeration for VPN service error types + * @brief Enumeration for VPN service error types. * @details Indicate formats of error type field - * @ingroup VPNSVC_FRAMEWORK */ typedef enum { @@ -88,34 +94,21 @@ typedef enum /** - * @brief The structure containing the route information - * @details This structure can be used for both vpnsvc_up() and vpnsvc_block_networks() functions. - * @since_tizen 3.0 - * @see vpnsvc_up() - * @see vpnsvc_block_networks() - */ -struct vpnsvc_route { - char dest[VPNSVC_IP4_STRING_LEN]; /**< Destination address of the route */ - int prefix; /**< The prefix of route */ -}; - -/** - * @brief The VPN tun interface handle - * @details This handle can be obtained by calling vpnsvc_init() and destroyed() by calling vpnsvc_deinit(). + * @brief The VPN tun interface handle. + * @details This handle can be obtained by calling vpnsvc_init() and destroyed by calling vpnsvc_deinit(). * @since_tizen 3.0 * @see vpnsvc_init() * @see vpnsvc_deinit() */ typedef void* vpnsvc_tun_h; - /** - * @brief Initializes TUN interface + * @brief Initializes TUN interface. * @detail You should call vpnsvc_get_tun_name() for checking the actual initialized TUN interface name. (In case of duplicated interface name) * @since_tizen 3.0 * @privlevel public * @privilege %http://tizen.org/privilege/vpnservice - * @remarks The @a handle should be released using vpnsvc_deinit(). + * @remarks The @a handle should be released using vpnsvc_deinit(). * @param[in] tun_name The interface name * @param[out] handle The VPN tun interface handle * @return 0 on success. otherwise, a negative error value. @@ -127,8 +120,8 @@ typedef void* vpnsvc_tun_h; * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @post Please call vpnsvc_deinit() if you want to de-initialize VPN tun interface. * @post Please call vpnsvc_get_tun_fd() if you want to know the fd of tun interface. - * @post Please call vpnsvc_get_tun_index() if you want to know the fd of tun interface index(ifr.ifr_ifindex). - * @post Please call vpnsvc_get_tun_name() if you want to know the name of tun interface(ifr.ifr_name). + * @post Please call vpnsvc_get_tun_index() if you want to know the fd of tun interface index. + * @post Please call vpnsvc_get_tun_name() if you want to know the name of tun interface. * @see vpnsvc_deinit() * @see vpnsvc_get_tun_fd() * @see vpnsvc_get_tun_index() @@ -137,7 +130,7 @@ typedef void* vpnsvc_tun_h; API int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle); /** - * @brief De-Initializes TUN interface + * @brief De-Initializes TUN interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @return 0 on success. otherwise, a negative error value. @@ -151,8 +144,8 @@ API int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle); API int vpnsvc_deinit(vpnsvc_tun_h handle); /** - * @brief Prevents the underlying VPN traffic to be routed to the VPN itself - * @details The specific socket will be bound to the network interface using by this function. + * @brief Protect a socket from VPN connections. + * @details After protecting, data sent through this socket will go directly to the underlying network. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] socket_fd The opened socket file descriptor @@ -167,15 +160,16 @@ API int vpnsvc_deinit(vpnsvc_tun_h handle); API int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name); /** - * @brief Sets-up TUN interface and brings it up. Installs specified routes/DNS servers/DNS suffix + * @brief Sets-up TUN interface and brings it up. Installs specified routes/DNS servers/DNS suffix. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] local_ip The local IP address * @param[in] remote_ip The remote IP address - * @param[in] routes The list of routes for applying to routing table (see vpnsvc_route struct) - Optional - * @param[in] nr_routes The number of routes - Optional + * @param[in] dest Destination address of the route + * @param[in] prefix The prefix of route + * @param[in] nr_routes The number of routes * @param[in] dns_servers The list of DNS server names - Optional - * @param[in] nr_dns_servers The number of DNS server names - Optional + * @param[in] nr_dns_servers The number of DNS server names - Optionl * @param[in] dns_suffix The DNS suffix - Optional * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success @@ -184,17 +178,16 @@ API int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name) * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @pre The VPN tun interface should be initialized already. * @post If you want to set interface down, please call vpnsvc_down(). - * @see #vpnsvc_route * @see vpnsvc_init() * @see vpnsvc_down() */ API int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, - const struct vpnsvc_route* routes, size_t nr_routes, + const char *dest[], int prefix[], size_t nr_routes, const char** dns_servers, size_t nr_dns_servers, const char* dns_suffix); /** - * @brief Brings the TUN interface down and restores original DNS servers/domains + * @brief Brings the TUN interface down and restores original DNS servers/domains. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @return 0 on success. otherwise, a negative error value. @@ -210,7 +203,7 @@ API int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ API int vpnsvc_down(vpnsvc_tun_h handle); /** - * @brief Waits for the read event on TUN descriptor, but no more than the indicated timeout in milliseconds + * @brief Reads the data event on TUN descriptor. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] timeout_ms The value of timeout (milliseconds) @@ -227,7 +220,7 @@ API int vpnsvc_down(vpnsvc_tun_h handle); API int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms); /** - * @brief Writes the data supplied into the TUN interface + * @brief Writes the data supplied into the TUN interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] data Data writing to tun interface @@ -244,52 +237,60 @@ API int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms); API int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size); /** - * @brief Blocks all traffics except specified allowing networks + * @brief Blocks all traffics except specified allowing networks. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle - * @param[in] allow_routes_vpn The list of allowing networks over VPN interface (Please see vpnsvc_route structure). + * @param[in] dest_vpn Allowing networks over VPN interface. + * @param[in] prefix_vpn The prefix of VPN interface * @param[in] nr_allow_routes_vpn The number of allowing networks over VPN interface - * @param[in] allow_routes_orig The list of allowing networks over the original interface (Please see vpnsvc_route structure). + * @param[in] dest_orig Allowing networks over the original interface. + * @param[in] prefix_orig The prefix of Original interface. * @param[in] nr_allow_routes_orig The number of allowing networks over the original interface * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success + * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @post Please call vpnsvc_unblock_networks() if you want to allow all traffics. * @see vpnsvc_unblock_networks() */ API int vpnsvc_block_networks(vpnsvc_tun_h handle, - const struct vpnsvc_route* allow_routes_vpn, + const char *dest_vpn[], + int prefix_vpn[], size_t nr_allow_routes_vpn, - const struct vpnsvc_route* allow_routes_orig, + const char *dest_orig[], + int prefix_orig[], size_t nr_allow_routes_orig); /** - * @brief Removes any restrictions imposed by vpnsvc_block_networks() + * @brief Removes any restrictions imposed by vpnsvc_block_networks(). * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success + * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ API int vpnsvc_unblock_networks(vpnsvc_tun_h handle); /** - * @brief Gets the fd of the VPN tun interface + * @brief Gets the fd of the VPN tun interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle + * @param[out] tun_fd The tun fd * @return The fd value of VPN tun interface. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -API int vpnsvc_get_tun_fd(vpnsvc_tun_h handle); +API int vpnsvc_get_tun_fd(vpnsvc_tun_h handle, int* tun_fd); /** - * @brief Gets the index of VPN tun interface + * @brief Gets the index of VPN tun interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle + * @param[out] tun_index The tun index * @return The index of the VPN tun interface. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -297,10 +298,10 @@ API int vpnsvc_get_tun_fd(vpnsvc_tun_h handle); * @pre Before calling this function, VPN tun interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_tun_index(vpnsvc_tun_h handle); +API int vpnsvc_get_tun_index(vpnsvc_tun_h handle, int* tun_index); /** - * @brief Gets the name of VPN tun interface + * @brief Gets the name of VPN tun interface. * @since_tizen 3.0 * @remarks The @a tun_name should be released using free() * @param[in] handle The VPN tun interface handle @@ -312,10 +313,10 @@ API int vpnsvc_get_tun_index(vpnsvc_tun_h handle); * @pre Before calling this function, VPN tun interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char* tun_name); +API int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char** tun_name); /** - * @brief Sets the MTU of the VPN tun interface + * @brief Sets the MTU of the VPN tun interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] mtu The MTU (Maximum Transmission Unit) value to be set for VPN tun interface. Default MTU size is 1500. @@ -329,7 +330,7 @@ API int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char* tun_name); API int vpnsvc_set_mtu(vpnsvc_tun_h handle, int mtu); /** - * @brief Sets blocking mode of the file descriptor of VPN tun interface + * @brief Sets blocking mode of the file descriptor of VPN tun interface. * @since_tizen 3.0 * @param[in] handle The VPN tun interface handle * @param[in] blocking The blocking mode flag; True = BLOCKING, False = NON_BLOCKING @@ -344,9 +345,8 @@ API int vpnsvc_set_mtu(vpnsvc_tun_h handle, int mtu); API int vpnsvc_set_blocking(vpnsvc_tun_h handle, bool blocking); /** - * @brief Sets the session name for the VPN + * @brief Sets the session name for the VPN. * @since_tizen 3.0 - * @remarks a tun_name should be released using free() * @param[in] handle The VPN tun interface handle * @param[in] session The Session Name * @return 0 on success. Otherwise, a negative error value. @@ -356,11 +356,12 @@ API int vpnsvc_set_blocking(vpnsvc_tun_h handle, bool blocking); * @pre Before calling this function, VPN tun interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session_name); +API int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session); /** - * @brief Gets the session name for the VPN + * @brief Gets the session name for the VPN. * @since_tizen 3.0 + * @remarks The @a session should be released using free() * @param[in] handle The VPN tun interface handle * @param[out] session The Session Name returned * @return 0 on success. Otherwise, a negative error value. @@ -370,7 +371,7 @@ API int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session_name); * @pre Before calling this function, VPN tun interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_session(vpnsvc_tun_h handle, char* session_name); +API int vpnsvc_get_session(vpnsvc_tun_h handle, char** session); #ifdef __cplusplus } diff --git a/test/vpn_service_test.c b/test/vpn_service_test.c index bf768ac..10354cb 100755 --- a/test/vpn_service_test.c +++ b/test/vpn_service_test.c @@ -44,6 +44,7 @@ int test_vpnsvc_init() { char *name = TEST_VPN_IF_NAME; int ret = VPNSVC_ERROR_NONE; + int int_value; printf("test vpnsvc_init\n"); @@ -52,12 +53,20 @@ int test_vpnsvc_init() if (ret != VPNSVC_ERROR_NONE) { printf("vpnsvc_init failed : %d\n", ret); } else { - char result_name[VPNSVC_TUN_IF_NAME_LEN] = {0, }; + char* result_name = NULL; printf("vpnsvc_init Succeed : %d\n", ret); - printf("tun_fd : %d\n", vpnsvc_get_tun_fd(handle)); - printf("tun_index : %d\n", vpnsvc_get_tun_index(handle)); - ret = vpnsvc_get_tun_name(handle, result_name); + if (vpnsvc_get_tun_fd(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("tun_fd : %d\n", int_value); + else + printf("Fail to get tun_fd\n"); + + if (vpnsvc_get_tun_index(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("tun_index : %d\n", int_value); + else + printf("Fail to get tun_index\n"); + + ret = vpnsvc_get_tun_name(handle, &result_name); if (ret == VPNSVC_ERROR_NONE) printf("tun_name : %s\n", result_name); } @@ -110,7 +119,8 @@ int test_vpnsvc_up() int ret; char local[VPNSVC_IP4_STRING_LEN] = {'\0',}; char remote[VPNSVC_IP4_STRING_LEN] = {'\0',}; - struct vpnsvc_route routes[2]; + char *routes[2]; + int prefix[2]; int nr_routes = 2; const char *dns_server[2]; int nr_dns = 2; @@ -124,11 +134,17 @@ int test_vpnsvc_up() strncpy(local, "192.168.0.82", VPNSVC_IP4_STRING_LEN); strncpy(remote, "192.168.0.1", VPNSVC_IP4_STRING_LEN); - memset(routes, 0, sizeof(routes)); - strncpy(routes[0].dest, "192.168.0.10", VPNSVC_IP4_STRING_LEN); - routes[0].prefix = 32; - strncpy(routes[1].dest, "192.168.0.11", VPNSVC_IP4_STRING_LEN); - routes[1].prefix = 32; + routes[0] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + routes[1] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + + memset(routes[0], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + memset(routes[1], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + + strncpy(routes[0], "192.168.0.10", VPNSVC_IP4_STRING_LEN); + prefix[0] = 32; + + strncpy(routes[1], "192.168.0.11", VPNSVC_IP4_STRING_LEN); + prefix[1] = 32; char *dns1 = "1.1.1.1"; char *dns2 = "2.2.2.2"; @@ -136,7 +152,7 @@ int test_vpnsvc_up() dns_server[0] = dns1; dns_server[1] = dns2; - ret = vpnsvc_up(handle, local, remote, routes, nr_routes, dns_server, nr_dns, dns_suffix); + ret = vpnsvc_up(handle, local, remote, routes, prefix, nr_routes, dns_server, nr_dns, dns_suffix); if (ret != VPNSVC_ERROR_NONE) printf("vpnsvc_up failed!\n"); else @@ -177,9 +193,11 @@ int test_vpnsvc_write() int test_vpnsvc_block_networks() { - struct vpnsvc_route block_nets[2]; + char* block_nets[2]; + int block_prefix[2]; int block_nr_nets = 2; - struct vpnsvc_route allow_nets[2]; + char* allow_nets[2]; + int allow_prefix[2]; int allow_nr_nets = 2; int ret; @@ -188,19 +206,25 @@ int test_vpnsvc_block_networks() return -1; } - memset(block_nets, 0, sizeof(block_nets)); - strncpy(block_nets[0].dest, "125.209.222.141", VPNSVC_IP4_STRING_LEN); - block_nets[0].prefix = 32; - strncpy(block_nets[1].dest, "180.70.134.19", VPNSVC_IP4_STRING_LEN); - block_nets[1].prefix = 32; - - memset(allow_nets, 0, sizeof(allow_nets)); - strncpy(allow_nets[0].dest, "216.58.221.142", VPNSVC_IP4_STRING_LEN); /* google.com */ - allow_nets[0].prefix = 32; - strncpy(allow_nets[1].dest, "206.190.36.45", VPNSVC_IP4_STRING_LEN); /* yahoo.com */ - allow_nets[1].prefix = 32; - - ret = vpnsvc_block_networks(handle, block_nets, block_nr_nets, allow_nets, allow_nr_nets); + block_nets[0] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + block_nets[1] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + memset(block_nets[0], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + memset(block_nets[1], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + strncpy(block_nets[0], "125.209.222.141", VPNSVC_IP4_STRING_LEN); + block_prefix[0] = 32; + strncpy(block_nets[1], "180.70.134.19", VPNSVC_IP4_STRING_LEN); + block_prefix[1] = 32; + + allow_nets[0] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + allow_nets[1] = malloc(sizeof(char) * VPNSVC_IP4_STRING_LEN); + memset(allow_nets[0], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + memset(allow_nets[1], 0, sizeof(char) * VPNSVC_IP4_STRING_LEN); + strncpy(allow_nets[0], "216.58.221.142", VPNSVC_IP4_STRING_LEN); + allow_prefix[0] = 32; + strncpy(allow_nets[1], "206.190.36.45", VPNSVC_IP4_STRING_LEN); + allow_prefix[1] = 32; + + ret = vpnsvc_block_networks(handle, block_nets, block_prefix, block_nr_nets, allow_nets, allow_prefix, allow_nr_nets); if (ret != VPNSVC_ERROR_NONE) printf("vpnsvc_block_networks failed!\n"); @@ -266,14 +290,14 @@ int test_vpnsvc_set_session() { int ret; char *set_session = "vpnsvc_test VPN Session"; - char get_session[VPNSVC_SESSION_STRING_LEN]; + char *get_session = NULL; ret = vpnsvc_set_session(handle, set_session); if (ret != VPNSVC_ERROR_NONE) { printf("vpnsvc_set_session failed!\n"); } else { - ret = vpnsvc_get_session(handle, get_session); + ret = vpnsvc_get_session(handle, &get_session); printf("Session Name = %s\n", get_session); printf("vpnsvc_set_session Succeed!\n"); } -- 2.7.4 From 8fa084a53f3b463ea7e7b1be1a8e82d88c13e279 Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Tue, 26 Jan 2016 18:29:19 +0900 Subject: [PATCH 02/16] [ACR-472] Modified comments of ACR #3 http://10.113.136.204/jira/browse/ACR-472 Change-Id: Ia1bf286b701f244f946f6f1215b836f82c70181c Signed-off-by: Taesub Kim --- daemon/include/vpn_service_daemon.h | 6 +- daemon/interfaces/org.tizen.vpnsvc.xml | 8 +- daemon/src/vpn_service_daemon.c | 28 ++-- daemon/src/vpnsvc.c | 20 +-- doc/vpn_doc.h | 20 +-- framework/CMakeLists.txt | 1 - framework/include/capi_vpn_service_private.h | 3 +- framework/src/capi_vpn_service.c | 83 +++++----- include/tizen_vpn_error.h | 51 ------ include/vpn_service.h | 235 ++++++++++----------------- include/vpn_service_internal.h | 100 ++++++++++++ test/vpn_service_test.c | 18 +- 12 files changed, 272 insertions(+), 301 deletions(-) delete mode 100755 include/tizen_vpn_error.h create mode 100755 include/vpn_service_internal.h diff --git a/daemon/include/vpn_service_daemon.h b/daemon/include/vpn_service_daemon.h index 755ce3e..b55e71c 100755 --- a/daemon/include/vpn_service_daemon.h +++ b/daemon/include/vpn_service_daemon.h @@ -23,14 +23,14 @@ #include "capi_vpn_service_private.h" -int vpn_daemon_init(const char* tun_name, size_t tun_name_len, int fd, vpnsvc_tun_s *handle_s); +int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_s *handle_s); int vpn_daemon_deinit(const char* dev_name); int vpn_daemon_protect(int socket, const char* dev_name); -int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, +int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, const char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu); -int vpn_daemon_down(int tun_index); +int vpn_daemon_down(int if_index); int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); int vpn_daemon_unblock_networks(void); diff --git a/daemon/interfaces/org.tizen.vpnsvc.xml b/daemon/interfaces/org.tizen.vpnsvc.xml index 8c4d08d..8349623 100755 --- a/daemon/interfaces/org.tizen.vpnsvc.xml +++ b/daemon/interfaces/org.tizen.vpnsvc.xml @@ -1,8 +1,8 @@ - - + + @@ -16,7 +16,7 @@ - + @@ -28,7 +28,7 @@ - + diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index e664124..94cc958 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -609,12 +609,12 @@ void iptables_delete(const char *addr, const int mask) iptables_rule('D', addr, mask); } -static int get_interface_index(const char *tun_name) +static int get_interface_index(const char *if_name) { struct ifreq ifr; int sk = 0; - LOGD("enter get_interface_index, tun_name : %s", tun_name); + LOGD("enter get_interface_index, if_name : %s", if_name); sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { @@ -624,8 +624,8 @@ static int get_interface_index(const char *tun_name) memset(&ifr, 0, sizeof(ifr)); - if (*tun_name) - strncpy(ifr.ifr_name, tun_name, strlen(tun_name)); + if (*if_name) + strncpy(ifr.ifr_name, if_name, strlen(if_name)); /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFINDEX, &ifr) < 0) { @@ -640,12 +640,12 @@ static int get_interface_index(const char *tun_name) } -int vpn_daemon_init(const char* tun_name, size_t tun_name_len, int fd, vpnsvc_tun_s *handle_s) +int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_s *handle_s) { struct ifreq ifr; size_t len = 0; - LOGD("enter vpn_daemon_init, tun_name : %s, tun_name_len : %d, fd : %d\n", tun_name, tun_name_len, fd); + LOGD("enter vpn_daemon_init, if_name : %s, if_name_len : %d, fd : %d\n", if_name, if_name_len, fd); memset(&ifr, 0, sizeof(ifr)); @@ -657,8 +657,8 @@ int vpn_daemon_init(const char* tun_name, size_t tun_name_len, int fd, vpnsvc_tu ifr.ifr_flags = IFF_TUN | IFF_NO_PI; - if (*tun_name) - strncpy(ifr.ifr_name, tun_name, tun_name_len); + if (*if_name) + strncpy(ifr.ifr_name, if_name, if_name_len); LOGD("before init, ifindex : %d", ifr.ifr_ifindex); @@ -681,7 +681,7 @@ int vpn_daemon_init(const char* tun_name, size_t tun_name_len, int fd, vpnsvc_tu } handle_s->fd = 0; /* server fd does not meaning */ - handle_s->index = get_interface_index(tun_name); + handle_s->index = get_interface_index(if_name); len = strlen(ifr.ifr_name); strncpy(handle_s->name, ifr.ifr_name, len); handle_s->name[len] = '\0'; @@ -724,7 +724,7 @@ int vpn_daemon_protect(int socket_fd, const char* dev_name) return ret; } -int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, +int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, const char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu) { @@ -737,7 +737,7 @@ int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, LOGD("enter vpn_daemon_up"); - LOGD("tun_index : %d", tun_index); + LOGD("if_index : %d", if_index); LOGD("local ip : %s", local_ip); LOGD("remote ip : %s", remote_ip); LOGD("route pointer : %p, nr_routes : %d, dns_server pointer : %p, nr_dns : %d, dns_suffix : %s, mtu : %d", routes, nr_routes, dns_servers, nr_dns, dns_suffix, mtu); @@ -750,7 +750,7 @@ int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, } memset(&ifr_tun, 0, sizeof(ifr_tun)); - ifr_tun.ifr_ifindex = tun_index; + ifr_tun.ifr_ifindex = if_index; /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFNAME, &ifr_tun) < 0) { @@ -845,7 +845,7 @@ int vpn_daemon_up(int tun_index, const char* local_ip, const char* remote_ip, return ret; } -int vpn_daemon_down(int tun_index) +int vpn_daemon_down(int if_index) { struct ifreq ifr, addr_ifr; struct sockaddr_in *addr = NULL; @@ -858,7 +858,7 @@ int vpn_daemon_down(int tun_index) } memset(&ifr, 0, sizeof(ifr)); - ifr.ifr_ifindex = tun_index; + ifr.ifr_ifindex = if_index; if (ioctl(sk, SIOCGIFNAME, &ifr) < 0) { LOGE("ioctl SIOCGIFNAME failed : %s", strerror(errno)); diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index ce858da..e97d65b 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -38,8 +38,8 @@ static Vpnsvc *vpnsvc = NULL; ********************/ gboolean handle_vpn_init(Vpnsvc *object, GDBusMethodInvocation *invocation, - const gchar *arg_tun_name, - guint arg_tun_name_len) + const gchar *arg_if_name, + guint arg_if_name_len) { LOGD("handle_vpn_init"); @@ -50,7 +50,7 @@ gboolean handle_vpn_init(Vpnsvc *object, int fd_list_length; const int *fds; - LOGD("vpn_init, %s, %u\n", arg_tun_name, arg_tun_name_len); + LOGD("vpn_init, %s, %u\n", arg_if_name, arg_if_name_len); msg = g_dbus_method_invocation_get_message(invocation); fd_list = g_dbus_message_get_unix_fd_list(msg); @@ -61,7 +61,7 @@ gboolean handle_vpn_init(Vpnsvc *object, LOGD("fd:%d\n", *fds); - result = vpn_daemon_init(arg_tun_name, arg_tun_name_len, *fds, &handle_s); + result = vpn_daemon_init(arg_if_name, arg_if_name_len, *fds, &handle_s); LOGD("handle_s.fd : %d, handle_s.index : %d, handle_s.name : %s", handle_s.fd, handle_s.index, handle_s.name); @@ -118,7 +118,7 @@ gboolean handle_vpn_protect(Vpnsvc *object, gboolean handle_vpn_up(Vpnsvc *object, GDBusMethodInvocation *invocation, - gint arg_tun_index, + gint arg_if_index, const gchar *arg_local_ip, const gchar *arg_remote_ip, GVariant *arg_routes, @@ -144,7 +144,7 @@ gboolean handle_vpn_up(Vpnsvc *object, gchar* route_dest; gint route_prefix; - LOGD("tun_index : %d", arg_tun_index); + LOGD("if_index : %d", arg_if_index); LOGD("local ip : %s", arg_local_ip); LOGD("remote ip : %s", arg_remote_ip); LOGD("dns_suffix : %s", arg_dns_suffix); @@ -199,7 +199,7 @@ gboolean handle_vpn_up(Vpnsvc *object, } } - result = vpn_daemon_up(arg_tun_index, arg_local_ip, arg_remote_ip, + result = vpn_daemon_up(arg_if_index, arg_local_ip, arg_remote_ip, routes, prefix, arg_nr_routes, dns_servers, arg_nr_dns, total_dns_string_cnt, arg_dns_suffix, arg_mtu); done: @@ -219,14 +219,14 @@ done: gboolean handle_vpn_down(Vpnsvc *object, GDBusMethodInvocation *invocation, - gint arg_tun_index) + gint arg_if_index) { LOGD("handle_vpn_down"); int result = VPNSVC_ERROR_NONE; - LOGD("vpn_down, %d\n", arg_tun_index); + LOGD("vpn_down, %d\n", arg_if_index); - result = vpn_daemon_down(arg_tun_index); + result = vpn_daemon_down(arg_if_index); vpnsvc_complete_vpn_down(object, invocation, result); diff --git a/doc/vpn_doc.h b/doc/vpn_doc.h index 7978be8..4c8073b 100755 --- a/doc/vpn_doc.h +++ b/doc/vpn_doc.h @@ -14,38 +14,24 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * */ - #ifndef __TIZEN_NETWORK_VPN_DOC_H__ #define __TIZEN_NETWORK_VPN_DOC_H__ -/** - * @defgroup CAPI_NETWORK_VPN_MODULE VPN - * @brief The Virtual Private Network (VPN) API provides functions for managing VPN. - * @ingroup CAPI_NETWORK_FRAMEWORK - * - * @section CAPI_NETWORK_VPN_MODULE_HEADER Required Header - * \#include - * - * @section CAPI_NETWORK_VPN_MODULE_OVERVIEW Overview - * VPN allows your application to manage VPN features. - * The VPN Service enables your application to init and deinit a VPN device(TUN(namely netowrk TUNel) interface), - * Routing management, DNS management and Firewall management. - */ /** * @defgroup CAPI_NETWORK_VPN_SERVICE_MODULE VPN Service - * @brief The VPN API provides functions for managing VPN. - * @ingroup CAPI_NETWORK_VPN_MODULE + * @brief The Virtual Private Network (VPN) API provides functions for managing VPN. + * @ingroup CAPI_NETWORK_FRAMEWORK * * @section CAPI_NETWORK_VPN_SERVICE_MODULE_HEADER Required Header * \#include * * @section CAPI_NETWORK_VPN_SERVICE_MODULE_OVERVEW Overview * The VPN Service functions for managing VPN. + * There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created. * Using the VPN Service, you can implement features that allow the users of your application to: * - Initialize / Deinitialize the VPN device * - Routing management diff --git a/framework/CMakeLists.txt b/framework/CMakeLists.txt index 2622891..b78e4d4 100755 --- a/framework/CMakeLists.txt +++ b/framework/CMakeLists.txt @@ -41,7 +41,6 @@ TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} -lrt -ldl) INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION lib) INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/vpn_service.h DESTINATION include) -INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/tizen_vpn_error.h DESTINATION include) SET_TARGET_PROPERTIES(${PACKAGE_NAME} PROPERTIES diff --git a/framework/include/capi_vpn_service_private.h b/framework/include/capi_vpn_service_private.h index 0f56377..9b74d77 100755 --- a/framework/include/capi_vpn_service_private.h +++ b/framework/include/capi_vpn_service_private.h @@ -35,6 +35,7 @@ #include #include "vpn_service.h" +#include "vpn_service_internal.h" #ifdef __cplusplus extern "C" { @@ -69,7 +70,7 @@ typedef struct _vpnsvc_tun_s { GDBusConnection *connection; /**< D-Bus Connection */ int fd; /**< tun socket fd */ int index; /**< tun index (if.if_index) */ - char name[VPNSVC_TUN_IF_NAME_LEN]; /**< tun name (if.if_name) */ + char name[VPNSVC_VPN_IF_NAME_LEN]; /**< tun name (if.if_name) */ char session[VPNSVC_SESSION_STRING_LEN];/**< session name (user setting) */ unsigned int mtu; /**< mtu (user setting) */ } vpnsvc_tun_s; diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index bca72e6..1997a24 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -24,6 +24,11 @@ #include #include +#ifdef LOG_TAG +#undef LOG_TAG +#endif +#define LOG_TAG "CAPI_VPNSVC" + #define DBUS_REPLY_TIMEOUT (120 * 1000) GVariant *op = NULL; @@ -98,7 +103,7 @@ static void _vpnsvc_deinit_vpnsvc_tun_s(vpnsvc_tun_s *s) s->fd = 0; s->index = 0; - memset(s->name, 0, VPNSVC_TUN_IF_NAME_LEN); + memset(s->name, 0, VPNSVC_VPN_IF_NAME_LEN); memset(s->session, 0, VPNSVC_SESSION_STRING_LEN); if (s) @@ -217,20 +222,20 @@ GVariant *_vpnsvc_invoke_dbus_method_with_fd(GDBusConnection *connection, return reply; } -int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle) +EXPORT_API int vpnsvc_init(const char* if_name, vpnsvc_h *handle) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); int result = VPNSVC_ERROR_NONE; int dbus_result; - int tun_fd = 0; + int if_fd = 0; - LOGD("enter vpnsvc_init, tun_name : %s", tun_name); + LOGD("enter vpnsvc_init, if_name : %s", if_name); LOGD("handle : %p\n", handle); /* parameter check */ - if (tun_name == NULL || strlen(tun_name) <= 0) { - LOGE("tun_name is a NULL"); + if (if_name == NULL || strlen(if_name) <= 0) { + LOGE("if_name is a NULL"); return VPNSVC_ERROR_INVALID_PARAMETER; } else if (handle == NULL) { LOGE("handle is a NULL"); @@ -273,25 +278,25 @@ int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle) op = NULL; } - if ((tun_fd = open("/dev/net/tun", O_RDWR)) < 0) { + if ((if_fd = open("/dev/net/tun", O_RDWR)) < 0) { LOGE("tun device open fail\n"); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); return VPNSVC_ERROR_IO_ERROR; } - LOGD("client tun_fd : %d", tun_fd); + LOGD("client if_fd : %d", if_fd); op = _vpnsvc_invoke_dbus_method_with_fd(tmp_s->connection, VPNSVC_DBUS_SERVICE_NAME, VPNSVC_DBUS_INTERFACE_OBJ_NAME, VPNSVC_DBUS_INTERFACE_NAME, "vpn_init", - g_variant_new("(su)", tun_name, strlen(tun_name)), - tun_fd, + g_variant_new("(su)", if_name, strlen(if_name)), + if_fd, &dbus_result); if (op == NULL) { - close(tun_fd); + close(if_fd); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); return VPNSVC_ERROR_IPC_FAILED; } else { @@ -305,10 +310,10 @@ int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle) result = VPNSVC_ERROR_IPC_FAILED; } else { LOGD("vpnsvc_init() succeed"); - tmp_s->fd = tun_fd; /* client fd must be set */ + tmp_s->fd = if_fd; /* client fd must be set */ tmp_s->index = tmp_index; - strncpy(tmp_s->name, tmp_name, VPNSVC_TUN_IF_NAME_LEN); - tmp_s->name[VPNSVC_TUN_IF_NAME_LEN-1] = '\0'; + strncpy(tmp_s->name, tmp_name, VPNSVC_VPN_IF_NAME_LEN); + tmp_s->name[VPNSVC_VPN_IF_NAME_LEN-1] = '\0'; *handle = tmp_s; LOGD("handle : %p, handle->fd : %d, handle->index : %d, handle->name : %s", (*handle), ((vpnsvc_tun_s*)*handle)->fd, ((vpnsvc_tun_s*)*handle)->index, ((vpnsvc_tun_s*)*handle)->name); @@ -322,7 +327,7 @@ int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle) return result; } -int vpnsvc_deinit(vpnsvc_tun_h handle) +EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -337,7 +342,7 @@ int vpnsvc_deinit(vpnsvc_tun_h handle) } tun_s = (vpnsvc_tun_s*)handle; - LOGD("enter vpnsvc_deinit, tun_fd : %d", tun_s->fd); + LOGD("enter vpnsvc_deinit, if_fd : %d", tun_s->fd); if (tun_s->fd > 0) { op = _vpnsvc_invoke_dbus_method(tun_s->connection, @@ -371,7 +376,7 @@ int vpnsvc_deinit(vpnsvc_tun_h handle) return result; } -int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name) +EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_name) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -417,7 +422,7 @@ int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name) return result; } -int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, +EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, const char* dest[], int prefix[], size_t nr_routes, const char** dns_servers, size_t nr_dns_servers, const char* dns_suffix) @@ -454,7 +459,7 @@ int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, return VPNSVC_ERROR_INVALID_PARAMETER; } - LOGD("tun_index %d", tun_s->index); + LOGD("if_index %d", tun_s->index); LOGD("local_ip : %s, remote_ip : %s", local_ip, remote_ip); /* make a route parameter */ @@ -507,7 +512,7 @@ int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, return result; } -int vpnsvc_down(vpnsvc_tun_h handle) +EXPORT_API int vpnsvc_down(vpnsvc_h handle) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -558,7 +563,7 @@ int vpnsvc_down(vpnsvc_tun_h handle) } /* this API must not be use IPC */ -int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms) +EXPORT_API int vpnsvc_read(vpnsvc_h handle, int timeout_ms) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -600,7 +605,7 @@ int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms) } /* this API must not be use IPC */ -int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size) +EXPORT_API int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -622,7 +627,7 @@ int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size) } -int vpnsvc_block_networks(vpnsvc_tun_h handle, +EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, const char* dest_vpn[], int prefix_vpn[], size_t nr_allow_routes_vpn, @@ -694,7 +699,7 @@ int vpnsvc_block_networks(vpnsvc_tun_h handle, return result; } -int vpnsvc_unblock_networks(vpnsvc_tun_h handle) +EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -740,14 +745,14 @@ int vpnsvc_unblock_networks(vpnsvc_tun_h handle) return result; } -int vpnsvc_get_tun_fd(vpnsvc_tun_h handle, int* tun_fd) +EXPORT_API int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL || tun_fd == NULL) { + if (handle == NULL || if_fd == NULL) { LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } @@ -758,19 +763,19 @@ int vpnsvc_get_tun_fd(vpnsvc_tun_h handle, int* tun_fd) return VPNSVC_ERROR_INVALID_PARAMETER; } - *tun_fd = (int)(tun_s->fd); + *if_fd = (int)(tun_s->fd); return VPNSVC_ERROR_NONE; } -int vpnsvc_get_tun_index(vpnsvc_tun_h handle, int* tun_index) +EXPORT_API int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL || tun_index == NULL) { + if (handle == NULL || if_index == NULL) { LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } @@ -782,17 +787,17 @@ int vpnsvc_get_tun_index(vpnsvc_tun_h handle, int* tun_index) return VPNSVC_ERROR_INVALID_PARAMETER; } - *tun_index = (int)(tun_s->index); + *if_index = (int)(tun_s->index); return VPNSVC_ERROR_NONE; } -int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char** tun_name) +EXPORT_API int vpnsvc_get_if_name(vpnsvc_h handle, char** if_name) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; - char la_tun_name[VPNSVC_TUN_IF_NAME_LEN + 1] = { 0, }; + char la_if_name[VPNSVC_VPN_IF_NAME_LEN + 1] = { 0, }; /* parameter check */ if (handle == NULL) { @@ -806,18 +811,18 @@ int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char** tun_name) return VPNSVC_ERROR_INVALID_PARAMETER; } - if (tun_name == NULL) { + if (if_name == NULL) { LOGE("tun name string is NULL"); return VPNSVC_ERROR_INVALID_PARAMETER; } - g_strlcpy(la_tun_name, tun_s->name, VPNSVC_TUN_IF_NAME_LEN + 1); - *tun_name = g_strdup(la_tun_name); + g_strlcpy(la_if_name, tun_s->name, VPNSVC_VPN_IF_NAME_LEN + 1); + *if_name = g_strdup(la_if_name); return VPNSVC_ERROR_NONE; } -int vpnsvc_set_mtu(vpnsvc_tun_h handle, int mtu) +EXPORT_API int vpnsvc_set_mtu(vpnsvc_h handle, int mtu) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -839,7 +844,7 @@ int vpnsvc_set_mtu(vpnsvc_tun_h handle, int mtu) return VPNSVC_ERROR_NONE; } -int vpnsvc_set_blocking(vpnsvc_tun_h handle, bool blocking) +EXPORT_API int vpnsvc_set_blocking(vpnsvc_h handle, bool blocking) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -877,7 +882,7 @@ int vpnsvc_set_blocking(vpnsvc_tun_h handle, bool blocking) return VPNSVC_ERROR_NONE; } -int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session) +EXPORT_API int vpnsvc_set_session(vpnsvc_h handle, const char* session) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -901,7 +906,7 @@ int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session) return VPNSVC_ERROR_NONE; } -int vpnsvc_get_session(vpnsvc_tun_h handle, char** session) +EXPORT_API int vpnsvc_get_session(vpnsvc_h handle, char** session) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); diff --git a/include/tizen_vpn_error.h b/include/tizen_vpn_error.h deleted file mode 100755 index bbd32e4..0000000 --- a/include/tizen_vpn_error.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -#ifndef __TIZEN_COMMON_VPN_ERROR_H__ -#define __TIZEN_COMMON_VPN_ERROR_H__ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * @defgroup CAPI_COMMON_VPN_ERROR Common VPN Error - * @brief This file provides error codes that are common for the whole TIZEN VPN API. - * @section CAPI_COMMON_VPN_ERROR_HEADER Required Header - * \#include - * @ingroup CAPI_COMMON_ERROR - * @{ - */ - -#define TIZEN_ERROR_MIN_VPN_ERROR (-268435456) /* = -268435455(0x0FFFFFFF) -1 */ - -/* Check if slp error or not */ -#define TIZEN_ERROR_IS_VPN_ERROR(x) (TIZEN_ERROR_MIN_VPN_ERROR >= (x) && (x) < 0) - -/* Tizen VPN Service Error */ -#define TIZEN_ERROR_VPNSVC -0x10000000 - -/** - * @} - */ -#ifdef __cplusplus -} -#endif - -#endif /**<__TIZEN_COMMON_VPN_ERROR_H__ */ diff --git a/include/vpn_service.h b/include/vpn_service.h index 5374e51..31a248b 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -17,41 +17,20 @@ #ifndef __TIZEN_VPN_SERVICE_H__ #define __TIZEN_VPN_SERVICE_H__ -/** - * @file vpn_service.h - */ - -/** - *@defgroup VPNSVC_FRAMEWORK VPN_SERVICE - *@brief The VPN service APIs to manage VPN features such as VPN device (TUN interface) initialization, routing management, DNS management and firewall management. - *@section VPNSVC_FRAMEWORK_OVERVIEW Overview - * - * - * - * - *
APIDescription>
@ref VPNSVC_FRAMEWORK Provides functions to vpnsvc_init/vpnsvc_deinit/vpnsvc_protect/vpnsvc_up/vpnsvc_down/vpnsvc_read/vpnsvc_write/vpnsvc_block_networks/vpnsvc_unblock_networks.
- **/ - -/** - * @addtogroup CAPI_NETWORK_VPN_MODULE - * @{ - */ - #include -#include #ifdef __cplusplus extern "C" { #endif // __cplusplus -#ifdef LOG_TAG -#undef LOG_TAG -#endif -#define LOG_TAG "CAPI_VPNSVC" +/** + * @file vpn_service.h + */ -#ifndef API -#define API __attribute__ ((visibility("default"))) -#endif +/** + * @addtogroup CAPI_NETWORK_VPN_SERVICE_MODULE + * @{ + */ /** * @brief IPv4 address string length (includes end null character). @@ -60,10 +39,10 @@ extern "C" { #define VPNSVC_IP4_STRING_LEN 16 /** - * @brief TUN interface name length. + * @brief VPN interface name length. * @since_tizen 3.0 */ -#define VPNSVC_TUN_IF_NAME_LEN 16 +#define VPNSVC_VPN_IF_NAME_LEN 16 /** * @brief Session name string length (includes end null character). @@ -71,10 +50,6 @@ extern "C" { */ #define VPNSVC_SESSION_STRING_LEN 32 -#ifndef TIZEN_ERROR_VPNSVC -#define TIZEN_ERROR_VPNSVC -0x03200000 -#endif - /** * @brief Enumeration for VPN service error types. * @details Indicate formats of error type field @@ -94,23 +69,24 @@ typedef enum /** - * @brief The VPN tun interface handle. + * @brief The VPN interface handle. * @details This handle can be obtained by calling vpnsvc_init() and destroyed by calling vpnsvc_deinit(). * @since_tizen 3.0 * @see vpnsvc_init() * @see vpnsvc_deinit() */ -typedef void* vpnsvc_tun_h; +typedef void* vpnsvc_h; /** - * @brief Initializes TUN interface. - * @detail You should call vpnsvc_get_tun_name() for checking the actual initialized TUN interface name. (In case of duplicated interface name) + * @brief Initializes VPN interface. + * @detail You should call vpnsvc_get_if_name() for checking the actual initialized VPN interface name. (In case of duplicated interface name) * @since_tizen 3.0 * @privlevel public - * @privilege %http://tizen.org/privilege/vpnservice + * @privilege %http://tizen.org/privilege/vpnservice \n + * %http://tizen.org/privilege/internet * @remarks The @a handle should be released using vpnsvc_deinit(). - * @param[in] tun_name The interface name - * @param[out] handle The VPN tun interface handle + * @param[in] if_name The VPN interface name + * @param[out] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -118,38 +94,38 @@ typedef void* vpnsvc_tun_h; * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @post Please call vpnsvc_deinit() if you want to de-initialize VPN tun interface. - * @post Please call vpnsvc_get_tun_fd() if you want to know the fd of tun interface. - * @post Please call vpnsvc_get_tun_index() if you want to know the fd of tun interface index. - * @post Please call vpnsvc_get_tun_name() if you want to know the name of tun interface. + * @post Please call vpnsvc_deinit() if you want to de-initialize VPN interface. + * @post Please call vpnsvc_get_if_fd() if you want to know the fd of VPN interface. + * @post Please call vpnsvc_get_if_index() if you want to know the fd of VPN interface index. + * @post Please call vpnsvc_get_if_name() if you want to know the name of VPN interface. * @see vpnsvc_deinit() - * @see vpnsvc_get_tun_fd() - * @see vpnsvc_get_tun_index() - * @see vpnsvc_get_tun_name() + * @see vpnsvc_get_if_fd() + * @see vpnsvc_get_if_index() + * @see vpnsvc_get_if_name() */ -API int vpnsvc_init(const char* tun_name, vpnsvc_tun_h *handle); +int vpnsvc_init(const char* if_name, vpnsvc_h *handle); /** - * @brief De-Initializes TUN interface. + * @brief De-Initializes VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_deinit(vpnsvc_tun_h handle); +int vpnsvc_deinit(vpnsvc_h handle); /** * @brief Protect a socket from VPN connections. * @details After protecting, data sent through this socket will go directly to the underlying network. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @param[in] socket_fd The opened socket file descriptor - * @param[in] dev_name The network interface name (i.e. eth0 or ppp0, not to confuse with tunXXX) through which the VPN is working + * @param[in] dev_name The network interface name (e.g., interface name such as eth0, ppp0, etc) through which the VPN is working * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -157,55 +133,12 @@ API int vpnsvc_deinit(vpnsvc_tun_h handle); * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -API int vpnsvc_protect(vpnsvc_tun_h handle, int socket_fd, const char* dev_name); +int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_name); /** - * @brief Sets-up TUN interface and brings it up. Installs specified routes/DNS servers/DNS suffix. + * @brief Reads the data event on VPN interface descriptor. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[in] local_ip The local IP address - * @param[in] remote_ip The remote IP address - * @param[in] dest Destination address of the route - * @param[in] prefix The prefix of route - * @param[in] nr_routes The number of routes - * @param[in] dns_servers The list of DNS server names - Optional - * @param[in] nr_dns_servers The number of DNS server names - Optionl - * @param[in] dns_suffix The DNS suffix - Optional - * @return 0 on success. otherwise, a negative error value. - * @retval #VPNSVC_ERROR_NONE Success - * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon - * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre The VPN tun interface should be initialized already. - * @post If you want to set interface down, please call vpnsvc_down(). - * @see vpnsvc_init() - * @see vpnsvc_down() - */ -API int vpnsvc_up(vpnsvc_tun_h handle, const char* local_ip, const char* remote_ip, - const char *dest[], int prefix[], size_t nr_routes, - const char** dns_servers, size_t nr_dns_servers, - const char* dns_suffix); - -/** - * @brief Brings the TUN interface down and restores original DNS servers/domains. - * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @return 0 on success. otherwise, a negative error value. - * @retval #VPNSVC_ERROR_NONE Success - * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon - * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre The VPN tun interface should be initialized already. - * @post Please call vpnsvc_deinit() if you want to de-initialize VPN tun interface. - * @see vpnsvc_up() - * @see vpnsvc_deinit() - */ -API int vpnsvc_down(vpnsvc_tun_h handle); - -/** - * @brief Reads the data event on TUN descriptor. - * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @param[in] timeout_ms The value of timeout (milliseconds) * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success @@ -215,15 +148,14 @@ API int vpnsvc_down(vpnsvc_tun_h handle); * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @pre The VPN interface should be initialized already. * @see vpnsvc_init() - * @see vpnsvc_up() */ -API int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms); +int vpnsvc_read(vpnsvc_h handle, int timeout_ms); /** - * @brief Writes the data supplied into the TUN interface. + * @brief Writes the data supplied into the VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[in] data Data writing to tun interface + * @param[in] handle The VPN interface handle + * @param[in] data Data writing to VPN interface * @param[in] size The size of data * @return On success, the number of bytes written is returned (zero indicates nothing was written). Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success @@ -232,19 +164,18 @@ API int vpnsvc_read(vpnsvc_tun_h handle, int timeout_ms); * @retval In case of negative error, please refer to standard posix write API's error code. * @pre The VPN interface should be initialized already. * @see vpnsvc_init() - * @see vpnsvc_up() */ -API int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size); +int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); /** * @brief Blocks all traffics except specified allowing networks. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @param[in] dest_vpn Allowing networks over VPN interface. - * @param[in] prefix_vpn The prefix of VPN interface + * @param[in] prefix_vpn The prefix of VPN interface, netmask length (also called a prefix). * @param[in] nr_allow_routes_vpn The number of allowing networks over VPN interface * @param[in] dest_orig Allowing networks over the original interface. - * @param[in] prefix_orig The prefix of Original interface. + * @param[in] prefix_orig The prefix of Original interface, netmask length (also called a prefix). * @param[in] nr_allow_routes_orig The number of allowing networks over the original interface * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success @@ -254,7 +185,7 @@ API int vpnsvc_write(vpnsvc_tun_h handle, const char* data, size_t size); * @post Please call vpnsvc_unblock_networks() if you want to allow all traffics. * @see vpnsvc_unblock_networks() */ -API int vpnsvc_block_networks(vpnsvc_tun_h handle, +int vpnsvc_block_networks(vpnsvc_h handle, const char *dest_vpn[], int prefix_vpn[], size_t nr_allow_routes_vpn, @@ -265,120 +196,120 @@ API int vpnsvc_block_networks(vpnsvc_tun_h handle, /** * @brief Removes any restrictions imposed by vpnsvc_block_networks(). * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -API int vpnsvc_unblock_networks(vpnsvc_tun_h handle); +int vpnsvc_unblock_networks(vpnsvc_h handle); /** - * @brief Gets the fd of the VPN tun interface. + * @brief Gets the fd of the VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[out] tun_fd The tun fd - * @return The fd value of VPN tun interface. Otherwise, a negative error value. + * @param[in] handle The VPN interface handle + * @param[out] if_fd The vpn interface fd + * @return The fd value of VPN interface. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -API int vpnsvc_get_tun_fd(vpnsvc_tun_h handle, int* tun_fd); +int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd); /** - * @brief Gets the index of VPN tun interface. + * @brief Gets the index of VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[out] tun_index The tun index - * @return The index of the VPN tun interface. otherwise, a negative error value. + * @param[in] handle The VPN interface handle + * @param[out] if_index The VPN interface index + * @return The index of the VPN interface. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_tun_index(vpnsvc_tun_h handle, int* tun_index); +int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index); /** - * @brief Gets the name of VPN tun interface. + * @brief Gets the name of VPN interface. * @since_tizen 3.0 - * @remarks The @a tun_name should be released using free() - * @param[in] handle The VPN tun interface handle - * @param[out] tun_name The name of VPN tun interface name + * @remarks The @a if_name should be released using free() + * @param[in] handle The VPN interface handle + * @param[out] if_name The name of VPN interface name * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_tun_name(vpnsvc_tun_h handle, char** tun_name); +int vpnsvc_get_if_name(vpnsvc_h handle, char** if_name); /** - * @brief Sets the MTU of the VPN tun interface. + * @brief Sets the MTU of the VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[in] mtu The MTU (Maximum Transmission Unit) value to be set for VPN tun interface. Default MTU size is 1500. + * @param[in] handle The VPN interface handle + * @param[in] mtu The MTU (Maximum Transmission Unit) value to be set for VPN interface. Default MTU size is 1500. * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_set_mtu(vpnsvc_tun_h handle, int mtu); +int vpnsvc_set_mtu(vpnsvc_h handle, int mtu); /** - * @brief Sets blocking mode of the file descriptor of VPN tun interface. + * @brief Sets blocking mode of the file descriptor of VPN interface. * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle - * @param[in] blocking The blocking mode flag; True = BLOCKING, False = NON_BLOCKING + * @param[in] handle The VPN interface handle + * @param[in] blocking The blocking mode flag; True = BLOCKING, False = NON_BLOCKING (Default : BLOCKING) * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IO_ERROR Failed to set the blocking flags * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_set_blocking(vpnsvc_tun_h handle, bool blocking); +int vpnsvc_set_blocking(vpnsvc_h handle, bool blocking); /** - * @brief Sets the session name for the VPN. + * @brief Sets the session name for the VPN. (It will be displayed in system-managed dialogs and notifications.) * @since_tizen 3.0 - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @param[in] session The Session Name * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_set_session(vpnsvc_tun_h handle, const char* session); +int vpnsvc_set_session(vpnsvc_h handle, const char* session); /** * @brief Gets the session name for the VPN. * @since_tizen 3.0 * @remarks The @a session should be released using free() - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @param[out] session The Session Name returned * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre Before calling this function, VPN tun interface should be initialized already. + * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -API int vpnsvc_get_session(vpnsvc_tun_h handle, char** session); - -#ifdef __cplusplus -} -#endif // __cplusplus +int vpnsvc_get_session(vpnsvc_h handle, char** session); /** * @} */ +#ifdef __cplusplus +} +#endif // __cplusplus + #endif /* __TIZEN_CAPI_VPN_SERVICE_H__ */ diff --git a/include/vpn_service_internal.h b/include/vpn_service_internal.h new file mode 100755 index 0000000..9df6386 --- /dev/null +++ b/include/vpn_service_internal.h @@ -0,0 +1,100 @@ +/* +opyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +#ifndef __TIZEN_VPN_SERVICE_INTERNAL_H__ +#define __TIZEN_VPN_SERVICE_INTERNAL_H__ + +/** + * @addtogroup CAPI_NETWORK_VPN_MODULE + * @{ + */ + +#include + +#ifdef __cplusplus +extern "C" { +#endif // __cplusplus + +/** + * @file vpn_service_internal.h + */ + +/** + * @internal + * @brief Sets-up TUN interface and brings it up. Installs specified routes/DNS servers/DNS suffix. + * @since_tizen 3.0 + * @privlevel platform + * @privilege %http://tizen.org/privilege/vpnservice.admin + * @param[in] handle The VPN tun interface handle + * @param[in] local_ip The local IP address + * @param[in] remote_ip The remote IP address + * @param[in] dest Destination address of the route + * @param[in] prefix The prefix of route + * @param[in] nr_routes The number of routes + * @param[in] dns_servers The list of DNS server names - Optional + * @param[in] nr_dns_servers The number of DNS server names - Optionl + * @param[in] dns_suffix The DNS suffix - Optional + * @return 0 on success. otherwise, a negative error value. + * @retval #VPNSVC_ERROR_NONE Success + * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter + * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied + * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported + * @pre The VPN tun interface should be initialized already. + * @post If you want to set interface down, please call vpnsvc_down(). + * @see vpnsvc_init() + * @see vpnsvc_down() + */ +int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, + const char *dest[], int prefix[], size_t nr_routes, + const char** dns_servers, size_t nr_dns_servers, + const char* dns_suffix); + +/** + * @internal + * @brief Brings the TUN interface down and restores original DNS servers/domains. + * @since_tizen 3.0 + * @privlevel platform + * @privilege %http://tizen.org/privilege/vpnservice.admin + * @param[in] handle The VPN tun interface handle + * @return 0 on success. otherwise, a negative error value. + * @retval #VPNSVC_ERROR_NONE Success + * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter + * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied + * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported + * @pre The VPN tun interface should be initialized already. + * @post Please call vpnsvc_deinit() if you want to de-initialize VPN tun interface. + * @see vpnsvc_up() + * @see vpnsvc_deinit() + */ +int vpnsvc_down(vpnsvc_h handle); + + +#ifdef __cplusplus +} +#endif // __cplusplus + +/** +* @} +*/ + +#endif /* __TIZEN_CAPI_VPN_SERVICE_H__ */ + + + + + diff --git a/test/vpn_service_test.c b/test/vpn_service_test.c index 10354cb..ac29509 100755 --- a/test/vpn_service_test.c +++ b/test/vpn_service_test.c @@ -38,7 +38,7 @@ perror("fgets() failed!!!");\ } while (0); -vpnsvc_tun_h handle = NULL; +vpnsvc_h handle = NULL; int test_vpnsvc_init() { @@ -56,19 +56,19 @@ int test_vpnsvc_init() char* result_name = NULL; printf("vpnsvc_init Succeed : %d\n", ret); - if (vpnsvc_get_tun_fd(handle, &int_value) == VPNSVC_ERROR_NONE) - printf("tun_fd : %d\n", int_value); + if (vpnsvc_get_if_fd(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("if_fd : %d\n", int_value); else - printf("Fail to get tun_fd\n"); + printf("Fail to get if_fd\n"); - if (vpnsvc_get_tun_index(handle, &int_value) == VPNSVC_ERROR_NONE) - printf("tun_index : %d\n", int_value); + if (vpnsvc_get_if_index(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("if_index : %d\n", int_value); else - printf("Fail to get tun_index\n"); + printf("Fail to get if_index\n"); - ret = vpnsvc_get_tun_name(handle, &result_name); + ret = vpnsvc_get_if_name(handle, &result_name); if (ret == VPNSVC_ERROR_NONE) - printf("tun_name : %s\n", result_name); + printf("if_name : %s\n", result_name); } return 0; -- 2.7.4 From abd6f1356d3e067045fab24c609c81c3a914c108 Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Thu, 4 Feb 2016 11:28:47 +0900 Subject: [PATCH 03/16] [TE-132] Modified comments of SE review Change-Id: I2aebaadebc66f970e6bf0d1489382ac2473b3ed5 Signed-off-by: Taesub Kim --- daemon/include/vpn_service_daemon.h | 6 +- daemon/interfaces/org.tizen.vpnsvc.xml | 8 +- daemon/src/vpn_service_daemon.c | 32 ++++---- daemon/src/vpnsvc.c | 20 ++--- framework/include/capi_vpn_service_private.h | 4 +- framework/src/capi_vpn_service.c | 110 +++++++++++++-------------- include/vpn_service.h | 68 +++++++++-------- include/vpn_service_internal.h | 34 ++++----- test/vpn_service_test.c | 16 ++-- 9 files changed, 151 insertions(+), 147 deletions(-) diff --git a/daemon/include/vpn_service_daemon.h b/daemon/include/vpn_service_daemon.h index b55e71c..211e72c 100755 --- a/daemon/include/vpn_service_daemon.h +++ b/daemon/include/vpn_service_daemon.h @@ -23,14 +23,14 @@ #include "capi_vpn_service_private.h" -int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_s *handle_s); +int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsvc_tun_s *handle_s); int vpn_daemon_deinit(const char* dev_name); int vpn_daemon_protect(int socket, const char* dev_name); -int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, +int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, const char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu); -int vpn_daemon_down(int if_index); +int vpn_daemon_down(int iface_index); int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); int vpn_daemon_unblock_networks(void); diff --git a/daemon/interfaces/org.tizen.vpnsvc.xml b/daemon/interfaces/org.tizen.vpnsvc.xml index 8349623..4bcc50f 100755 --- a/daemon/interfaces/org.tizen.vpnsvc.xml +++ b/daemon/interfaces/org.tizen.vpnsvc.xml @@ -1,8 +1,8 @@ - - + + @@ -16,7 +16,7 @@ - + @@ -28,7 +28,7 @@ - + diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 94cc958..bf205b9 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -82,7 +82,7 @@ static in_addr_t host2net(ipv4 host) return net; } -static int add_routes(char* if_name, const char* routes[], int prefix[], size_t nr_routes) +static int add_routes(char* iface_name, const char* routes[], int prefix[], size_t nr_routes) { struct rtentry rt; struct sockaddr_in addr; @@ -118,7 +118,7 @@ static int add_routes(char* if_name, const char* routes[], int prefix[], size_t addr.sin_addr.s_addr = host2net(make_mask(prefix[i])); memcpy(&rt.rt_genmask, &addr, sizeof(rt.rt_genmask)); - rt.rt_dev = if_name; + rt.rt_dev = iface_name; if (ioctl(sk, SIOCADDRT, &rt) < 0) { LOGE("ioctl SIOCADDRT failed : %s", strerror(errno)); @@ -609,12 +609,12 @@ void iptables_delete(const char *addr, const int mask) iptables_rule('D', addr, mask); } -static int get_interface_index(const char *if_name) +static int get_interface_index(const char *iface_name) { struct ifreq ifr; int sk = 0; - LOGD("enter get_interface_index, if_name : %s", if_name); + LOGD("enter get_interface_index, iface_name : %s", iface_name); sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { @@ -624,8 +624,8 @@ static int get_interface_index(const char *if_name) memset(&ifr, 0, sizeof(ifr)); - if (*if_name) - strncpy(ifr.ifr_name, if_name, strlen(if_name)); + if (*iface_name) + strncpy(ifr.ifr_name, iface_name, strlen(iface_name)); /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFINDEX, &ifr) < 0) { @@ -640,12 +640,12 @@ static int get_interface_index(const char *if_name) } -int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_s *handle_s) +int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsvc_tun_s *handle_s) { struct ifreq ifr; size_t len = 0; - LOGD("enter vpn_daemon_init, if_name : %s, if_name_len : %d, fd : %d\n", if_name, if_name_len, fd); + LOGD("enter vpn_daemon_init, iface_name : %s, iface_name_len : %d, fd : %d\n", iface_name, iface_name_len, fd); memset(&ifr, 0, sizeof(ifr)); @@ -657,8 +657,8 @@ int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_ ifr.ifr_flags = IFF_TUN | IFF_NO_PI; - if (*if_name) - strncpy(ifr.ifr_name, if_name, if_name_len); + if (*iface_name) + strncpy(ifr.ifr_name, iface_name, iface_name_len); LOGD("before init, ifindex : %d", ifr.ifr_ifindex); @@ -681,7 +681,7 @@ int vpn_daemon_init(const char* if_name, size_t if_name_len, int fd, vpnsvc_tun_ } handle_s->fd = 0; /* server fd does not meaning */ - handle_s->index = get_interface_index(if_name); + handle_s->index = get_interface_index(iface_name); len = strlen(ifr.ifr_name); strncpy(handle_s->name, ifr.ifr_name, len); handle_s->name[len] = '\0'; @@ -724,7 +724,7 @@ int vpn_daemon_protect(int socket_fd, const char* dev_name) return ret; } -int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, +int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, const char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu) { @@ -737,7 +737,7 @@ int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, LOGD("enter vpn_daemon_up"); - LOGD("if_index : %d", if_index); + LOGD("iface_index : %d", iface_index); LOGD("local ip : %s", local_ip); LOGD("remote ip : %s", remote_ip); LOGD("route pointer : %p, nr_routes : %d, dns_server pointer : %p, nr_dns : %d, dns_suffix : %s, mtu : %d", routes, nr_routes, dns_servers, nr_dns, dns_suffix, mtu); @@ -750,7 +750,7 @@ int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, } memset(&ifr_tun, 0, sizeof(ifr_tun)); - ifr_tun.ifr_ifindex = if_index; + ifr_tun.ifr_ifindex = iface_index; /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFNAME, &ifr_tun) < 0) { @@ -845,7 +845,7 @@ int vpn_daemon_up(int if_index, const char* local_ip, const char* remote_ip, return ret; } -int vpn_daemon_down(int if_index) +int vpn_daemon_down(int iface_index) { struct ifreq ifr, addr_ifr; struct sockaddr_in *addr = NULL; @@ -858,7 +858,7 @@ int vpn_daemon_down(int if_index) } memset(&ifr, 0, sizeof(ifr)); - ifr.ifr_ifindex = if_index; + ifr.ifr_ifindex = iface_index; if (ioctl(sk, SIOCGIFNAME, &ifr) < 0) { LOGE("ioctl SIOCGIFNAME failed : %s", strerror(errno)); diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index e97d65b..4df05ae 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -38,8 +38,8 @@ static Vpnsvc *vpnsvc = NULL; ********************/ gboolean handle_vpn_init(Vpnsvc *object, GDBusMethodInvocation *invocation, - const gchar *arg_if_name, - guint arg_if_name_len) + const gchar *arg_iface_name, + guint arg_iface_name_len) { LOGD("handle_vpn_init"); @@ -50,7 +50,7 @@ gboolean handle_vpn_init(Vpnsvc *object, int fd_list_length; const int *fds; - LOGD("vpn_init, %s, %u\n", arg_if_name, arg_if_name_len); + LOGD("vpn_init, %s, %u\n", arg_iface_name, arg_iface_name_len); msg = g_dbus_method_invocation_get_message(invocation); fd_list = g_dbus_message_get_unix_fd_list(msg); @@ -61,7 +61,7 @@ gboolean handle_vpn_init(Vpnsvc *object, LOGD("fd:%d\n", *fds); - result = vpn_daemon_init(arg_if_name, arg_if_name_len, *fds, &handle_s); + result = vpn_daemon_init(arg_iface_name, arg_iface_name_len, *fds, &handle_s); LOGD("handle_s.fd : %d, handle_s.index : %d, handle_s.name : %s", handle_s.fd, handle_s.index, handle_s.name); @@ -118,7 +118,7 @@ gboolean handle_vpn_protect(Vpnsvc *object, gboolean handle_vpn_up(Vpnsvc *object, GDBusMethodInvocation *invocation, - gint arg_if_index, + gint arg_iface_index, const gchar *arg_local_ip, const gchar *arg_remote_ip, GVariant *arg_routes, @@ -144,7 +144,7 @@ gboolean handle_vpn_up(Vpnsvc *object, gchar* route_dest; gint route_prefix; - LOGD("if_index : %d", arg_if_index); + LOGD("iface_index : %d", arg_iface_index); LOGD("local ip : %s", arg_local_ip); LOGD("remote ip : %s", arg_remote_ip); LOGD("dns_suffix : %s", arg_dns_suffix); @@ -199,7 +199,7 @@ gboolean handle_vpn_up(Vpnsvc *object, } } - result = vpn_daemon_up(arg_if_index, arg_local_ip, arg_remote_ip, + result = vpn_daemon_up(arg_iface_index, arg_local_ip, arg_remote_ip, routes, prefix, arg_nr_routes, dns_servers, arg_nr_dns, total_dns_string_cnt, arg_dns_suffix, arg_mtu); done: @@ -219,14 +219,14 @@ done: gboolean handle_vpn_down(Vpnsvc *object, GDBusMethodInvocation *invocation, - gint arg_if_index) + gint arg_iface_index) { LOGD("handle_vpn_down"); int result = VPNSVC_ERROR_NONE; - LOGD("vpn_down, %d\n", arg_if_index); + LOGD("vpn_down, %d\n", arg_iface_index); - result = vpn_daemon_down(arg_if_index); + result = vpn_daemon_down(arg_iface_index); vpnsvc_complete_vpn_down(object, invocation, result); diff --git a/framework/include/capi_vpn_service_private.h b/framework/include/capi_vpn_service_private.h index 9b74d77..c949fca 100755 --- a/framework/include/capi_vpn_service_private.h +++ b/framework/include/capi_vpn_service_private.h @@ -69,8 +69,8 @@ extern "C" { typedef struct _vpnsvc_tun_s { GDBusConnection *connection; /**< D-Bus Connection */ int fd; /**< tun socket fd */ - int index; /**< tun index (if.if_index) */ - char name[VPNSVC_VPN_IF_NAME_LEN]; /**< tun name (if.if_name) */ + int index; /**< tun index (if.iface_index) */ + char name[VPNSVC_VPN_IFACE_NAME_LEN]; /**< tun name (if.iface_name) */ char session[VPNSVC_SESSION_STRING_LEN];/**< session name (user setting) */ unsigned int mtu; /**< mtu (user setting) */ } vpnsvc_tun_s; diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 1997a24..29002b8 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -103,7 +103,7 @@ static void _vpnsvc_deinit_vpnsvc_tun_s(vpnsvc_tun_s *s) s->fd = 0; s->index = 0; - memset(s->name, 0, VPNSVC_VPN_IF_NAME_LEN); + memset(s->name, 0, VPNSVC_VPN_IFACE_NAME_LEN); memset(s->session, 0, VPNSVC_SESSION_STRING_LEN); if (s) @@ -222,20 +222,20 @@ GVariant *_vpnsvc_invoke_dbus_method_with_fd(GDBusConnection *connection, return reply; } -EXPORT_API int vpnsvc_init(const char* if_name, vpnsvc_h *handle) +EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); int result = VPNSVC_ERROR_NONE; int dbus_result; - int if_fd = 0; + int iface_fd = 0; - LOGD("enter vpnsvc_init, if_name : %s", if_name); + LOGD("enter vpnsvc_init, iface_name : %s", iface_name); LOGD("handle : %p\n", handle); /* parameter check */ - if (if_name == NULL || strlen(if_name) <= 0) { - LOGE("if_name is a NULL"); + if (iface_name == NULL || strlen(iface_name) <= 0) { + LOGE("iface_name is a NULL"); return VPNSVC_ERROR_INVALID_PARAMETER; } else if (handle == NULL) { LOGE("handle is a NULL"); @@ -278,25 +278,25 @@ EXPORT_API int vpnsvc_init(const char* if_name, vpnsvc_h *handle) op = NULL; } - if ((if_fd = open("/dev/net/tun", O_RDWR)) < 0) { + if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) { LOGE("tun device open fail\n"); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); return VPNSVC_ERROR_IO_ERROR; } - LOGD("client if_fd : %d", if_fd); + LOGD("client iface_fd : %d", iface_fd); op = _vpnsvc_invoke_dbus_method_with_fd(tmp_s->connection, VPNSVC_DBUS_SERVICE_NAME, VPNSVC_DBUS_INTERFACE_OBJ_NAME, VPNSVC_DBUS_INTERFACE_NAME, "vpn_init", - g_variant_new("(su)", if_name, strlen(if_name)), - if_fd, + g_variant_new("(su)", iface_name, strlen(iface_name)), + iface_fd, &dbus_result); if (op == NULL) { - close(if_fd); + close(iface_fd); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); return VPNSVC_ERROR_IPC_FAILED; } else { @@ -310,10 +310,10 @@ EXPORT_API int vpnsvc_init(const char* if_name, vpnsvc_h *handle) result = VPNSVC_ERROR_IPC_FAILED; } else { LOGD("vpnsvc_init() succeed"); - tmp_s->fd = if_fd; /* client fd must be set */ + tmp_s->fd = iface_fd; /* client fd must be set */ tmp_s->index = tmp_index; - strncpy(tmp_s->name, tmp_name, VPNSVC_VPN_IF_NAME_LEN); - tmp_s->name[VPNSVC_VPN_IF_NAME_LEN-1] = '\0'; + strncpy(tmp_s->name, tmp_name, VPNSVC_VPN_IFACE_NAME_LEN); + tmp_s->name[VPNSVC_VPN_IFACE_NAME_LEN-1] = '\0'; *handle = tmp_s; LOGD("handle : %p, handle->fd : %d, handle->index : %d, handle->name : %s", (*handle), ((vpnsvc_tun_s*)*handle)->fd, ((vpnsvc_tun_s*)*handle)->index, ((vpnsvc_tun_s*)*handle)->name); @@ -342,7 +342,7 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) } tun_s = (vpnsvc_tun_s*)handle; - LOGD("enter vpnsvc_deinit, if_fd : %d", tun_s->fd); + LOGD("enter vpnsvc_deinit, iface_fd : %d", tun_s->fd); if (tun_s->fd > 0) { op = _vpnsvc_invoke_dbus_method(tun_s->connection, @@ -376,7 +376,7 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) return result; } -EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_name) +EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_name) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -391,7 +391,7 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_na } tun_s = (vpnsvc_tun_s*)handle; - LOGD("enter vpnsvc_protect, socket : %d, dev_name : %s", socket_fd, dev_name); + LOGD("enter vpnsvc_protect, socket : %d, dev_name : %s", socket_fd, iface_name); if (tun_s->connection == NULL) { LOGE("Connection Object is NULL"); @@ -404,7 +404,7 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_na VPNSVC_DBUS_INTERFACE_OBJ_NAME, VPNSVC_DBUS_INTERFACE_NAME, "vpn_protect", - g_variant_new("(s)", dev_name), + g_variant_new("(s)", iface_name), socket_fd, &dbus_result); @@ -423,8 +423,8 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_na } EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char* dest[], int prefix[], size_t nr_routes, - const char** dns_servers, size_t nr_dns_servers, + const char* routes_dest_add[], int routes_prefix[], size_t num_routes, + const char** dns_servers, size_t num_dns_servers, const char* dns_suffix) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -459,25 +459,25 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo return VPNSVC_ERROR_INVALID_PARAMETER; } - LOGD("if_index %d", tun_s->index); + LOGD("iface_index %d", tun_s->index); LOGD("local_ip : %s, remote_ip : %s", local_ip, remote_ip); /* make a route parameter */ g_variant_builder_init(&route_builder, G_VARIANT_TYPE("a{si}")); - for (i = 0 ; i < nr_routes ; i++) { - if (strlen(dest[i]) <= 0) { + for (i = 0 ; i < num_routes ; i++) { + if (strlen(routes_dest_add[i]) <= 0) { LOGE("invalid dest[%d]", i); return VPNSVC_ERROR_INVALID_PARAMETER; } - g_variant_builder_add(&route_builder, "{si}", dest[i], prefix[i]); - LOGD("dest[%d] : %s", i, dest[i]); - LOGD("prefix[i] : %d", i, prefix[i]); + g_variant_builder_add(&route_builder, "{si}", routes_dest_add[i], routes_prefix[i]); + LOGD("dest[%d] : %s", i, routes_dest_add[i]); + LOGD("prefix[i] : %d", i, routes_prefix[i]); } route_param = g_variant_builder_end(&route_builder); /* make a dns parameter */ g_variant_builder_init(&dns_builder, G_VARIANT_TYPE("as")); - for (i = 0 ; i < nr_dns_servers ; i++) { + for (i = 0 ; i < num_dns_servers ; i++) { if (strlen(dns_servers[i]) <= 0) { LOGE("invalid dns_servers[%d]", i); return VPNSVC_ERROR_INVALID_PARAMETER; @@ -495,7 +495,7 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo VPNSVC_DBUS_INTERFACE_NAME, "vpn_up", g_variant_new("(issvuvusu)", tun_s->index, local_ip, \ - remote_ip, route_param, nr_routes, dns_param, nr_dns_servers, \ + remote_ip, route_param, num_routes, dns_param, num_dns_servers, \ dns_suffix, tun_s->mtu), &dbus_result); @@ -628,12 +628,12 @@ EXPORT_API int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size) EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, - const char* dest_vpn[], - int prefix_vpn[], - size_t nr_allow_routes_vpn, - const char* dest_orig[], - int prefix_orig[], - size_t nr_allow_routes_orig) + const char* routes_dest_vpn_addr[], + int routes_vpn_prefix[], + size_t num_allow_routes_vpn, + const char* routes_dest_orig_addr[], + int routes_orig_prefix[], + size_t num_allow_routes_orig) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); @@ -661,19 +661,19 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, } /* make a route parameter for allowed VPN interface routes */ g_variant_builder_init(&nets_builder, G_VARIANT_TYPE("a{si}")); - for (i = 0 ; i < nr_allow_routes_vpn ; i++) { - g_variant_builder_add(&nets_builder, "{si}", dest_vpn[i], prefix_vpn[i]); - LOGD("dest_vpn[%d] : %s", i, dest_vpn[i]); - LOGD("prefix_vpn[%d] : %d", i, prefix_vpn[i]); + for (i = 0 ; i < num_allow_routes_vpn ; i++) { + g_variant_builder_add(&nets_builder, "{si}", routes_dest_vpn_addr[i], routes_vpn_prefix[i]); + LOGD("dest_vpn[%d] : %s", i, routes_dest_vpn_addr[i]); + LOGD("prefix_vpn[%d] : %d", i, routes_vpn_prefix[i]); } nets_param_vpn = g_variant_builder_end(&nets_builder); /* make a route parameter for allowed Original interface Routes */ g_variant_builder_init(&nets_builder, G_VARIANT_TYPE("a{si}")); - for (i = 0 ; i < nr_allow_routes_orig ; i++) { - g_variant_builder_add(&nets_builder, "{si}", dest_orig[i], prefix_orig[i]); - LOGD("dest_orig[%d] : %s", i, dest_orig[i]); - LOGD("prefix_orig[%d] : %d", i, prefix_orig[i]); + for (i = 0 ; i < num_allow_routes_orig ; i++) { + g_variant_builder_add(&nets_builder, "{si}", routes_dest_orig_addr[i], routes_orig_prefix[i]); + LOGD("dest_orig[%d] : %s", i, routes_dest_orig_addr[i]); + LOGD("prefix_orig[%d] : %d", i, routes_orig_prefix[i]); } nets_param_orig = g_variant_builder_end(&nets_builder); @@ -682,8 +682,8 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, VPNSVC_DBUS_INTERFACE_OBJ_NAME, VPNSVC_DBUS_INTERFACE_NAME, "vpn_block_networks", - g_variant_new("(vuvu)", nets_param_vpn, nr_allow_routes_vpn, - nets_param_orig, nr_allow_routes_orig), + g_variant_new("(vuvu)", nets_param_vpn, num_allow_routes_vpn, + nets_param_orig, num_allow_routes_orig), &dbus_result); if (op == NULL) { @@ -745,14 +745,14 @@ EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) return result; } -EXPORT_API int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd) +EXPORT_API int vpnsvc_get_iface_fd(vpnsvc_h handle, int* iface_fd) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL || if_fd == NULL) { + if (handle == NULL || iface_fd == NULL) { LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } @@ -763,19 +763,19 @@ EXPORT_API int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd) return VPNSVC_ERROR_INVALID_PARAMETER; } - *if_fd = (int)(tun_s->fd); + *iface_fd = (int)(tun_s->fd); return VPNSVC_ERROR_NONE; } -EXPORT_API int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index) +EXPORT_API int vpnsvc_get_iface_index(vpnsvc_h handle, int* iface_index) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; /* parameter check */ - if (handle == NULL || if_index == NULL) { + if (handle == NULL || iface_index == NULL) { LOGE("Invalid parameter"); return VPNSVC_ERROR_INVALID_PARAMETER; } @@ -787,17 +787,17 @@ EXPORT_API int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index) return VPNSVC_ERROR_INVALID_PARAMETER; } - *if_index = (int)(tun_s->index); + *iface_index = (int)(tun_s->index); return VPNSVC_ERROR_NONE; } -EXPORT_API int vpnsvc_get_if_name(vpnsvc_h handle, char** if_name) +EXPORT_API int vpnsvc_get_iface_name(vpnsvc_h handle, char** iface_name) { CHECK_FEATURE_SUPPORTED(VPN_SERVICE_FEATURE); vpnsvc_tun_s *tun_s = NULL; - char la_if_name[VPNSVC_VPN_IF_NAME_LEN + 1] = { 0, }; + char la_iface_name[VPNSVC_VPN_IFACE_NAME_LEN + 1] = { 0, }; /* parameter check */ if (handle == NULL) { @@ -811,13 +811,13 @@ EXPORT_API int vpnsvc_get_if_name(vpnsvc_h handle, char** if_name) return VPNSVC_ERROR_INVALID_PARAMETER; } - if (if_name == NULL) { + if (iface_name == NULL) { LOGE("tun name string is NULL"); return VPNSVC_ERROR_INVALID_PARAMETER; } - g_strlcpy(la_if_name, tun_s->name, VPNSVC_VPN_IF_NAME_LEN + 1); - *if_name = g_strdup(la_if_name); + g_strlcpy(la_iface_name, tun_s->name, VPNSVC_VPN_IFACE_NAME_LEN + 1); + *iface_name = g_strdup(la_iface_name); return VPNSVC_ERROR_NONE; } diff --git a/include/vpn_service.h b/include/vpn_service.h index 31a248b..6ce3e53 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -42,7 +42,7 @@ extern "C" { * @brief VPN interface name length. * @since_tizen 3.0 */ -#define VPNSVC_VPN_IF_NAME_LEN 16 +#define VPNSVC_VPN_IFACE_NAME_LEN 16 /** * @brief Session name string length (includes end null character). @@ -50,6 +50,10 @@ extern "C" { */ #define VPNSVC_SESSION_STRING_LEN 32 +#ifndef TIZEN_ERROR_VPNSVC +#define TIZEN_ERROR_VPNSVC -0x03200000 +#endif + /** * @brief Enumeration for VPN service error types. * @details Indicate formats of error type field @@ -79,13 +83,13 @@ typedef void* vpnsvc_h; /** * @brief Initializes VPN interface. - * @detail You should call vpnsvc_get_if_name() for checking the actual initialized VPN interface name. (In case of duplicated interface name) + * @detail You should call vpnsvc_get_iface_name() for checking the actual initialized VPN interface name. (In case of duplicated interface name) * @since_tizen 3.0 * @privlevel public * @privilege %http://tizen.org/privilege/vpnservice \n * %http://tizen.org/privilege/internet * @remarks The @a handle should be released using vpnsvc_deinit(). - * @param[in] if_name The VPN interface name + * @param[in] iface_name The VPN interface name * @param[out] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success @@ -95,15 +99,15 @@ typedef void* vpnsvc_h; * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @post Please call vpnsvc_deinit() if you want to de-initialize VPN interface. - * @post Please call vpnsvc_get_if_fd() if you want to know the fd of VPN interface. - * @post Please call vpnsvc_get_if_index() if you want to know the fd of VPN interface index. - * @post Please call vpnsvc_get_if_name() if you want to know the name of VPN interface. + * @post Please call vpnsvc_get_iface_fd() if you want to know the fd(file descriptor) of VPN interface. + * @post Please call vpnsvc_get_iface_index() if you want to know the index of VPN interface. + * @post Please call vpnsvc_get_iface_name() if you want to know the name of VPN interface. * @see vpnsvc_deinit() - * @see vpnsvc_get_if_fd() - * @see vpnsvc_get_if_index() - * @see vpnsvc_get_if_name() + * @see vpnsvc_get_iface_fd() + * @see vpnsvc_get_iface_index() + * @see vpnsvc_get_iface_name() */ -int vpnsvc_init(const char* if_name, vpnsvc_h *handle); +int vpnsvc_init(const char* iface_name, vpnsvc_h *handle); /** * @brief De-Initializes VPN interface. @@ -125,7 +129,7 @@ int vpnsvc_deinit(vpnsvc_h handle); * @since_tizen 3.0 * @param[in] handle The VPN interface handle * @param[in] socket_fd The opened socket file descriptor - * @param[in] dev_name The network interface name (e.g., interface name such as eth0, ppp0, etc) through which the VPN is working + * @param[in] iface_name The network interface name (e.g., interface name such as eth0, ppp0, etc) through which the VPN is working * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -133,10 +137,10 @@ int vpnsvc_deinit(vpnsvc_h handle); * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* dev_name); +int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_name); /** - * @brief Reads the data event on VPN interface descriptor. + * @brief Waits for the read event on VPN interface descriptor, but no more than the indicated timeout in milliseconds. * @since_tizen 3.0 * @param[in] handle The VPN interface handle * @param[in] timeout_ms The value of timeout (milliseconds) @@ -171,12 +175,12 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); * @brief Blocks all traffics except specified allowing networks. * @since_tizen 3.0 * @param[in] handle The VPN interface handle - * @param[in] dest_vpn Allowing networks over VPN interface. - * @param[in] prefix_vpn The prefix of VPN interface, netmask length (also called a prefix). - * @param[in] nr_allow_routes_vpn The number of allowing networks over VPN interface - * @param[in] dest_orig Allowing networks over the original interface. - * @param[in] prefix_orig The prefix of Original interface, netmask length (also called a prefix). - * @param[in] nr_allow_routes_orig The number of allowing networks over the original interface + * @param[in] routes_dest_vpn_addr Destination address of the routes, the list of allowing networks over VPN interface (e.g., VPN interface such as tun0, etc). + * @param[in] routes_vpn_prefix The prefix of VPN interface, netmask length (also called a prefix, e.g. 8, 16, 24, 32). + * @param[in] num_allow_routes_vpn The number of allowing networks over VPN interface + * @param[in] routes_dest_orig_addr Destination address of the routes, the list of allowing networks over the original interface (e.g., original interface such as eth0, wlan0, etc). + * @param[in] routes_orig_prefix The prefix of Original interface, netmask length (also called a prefix, e.g. 8, 16, 24, 32). + * @param[in] num_allow_routes_orig The number of allowing networks over the original interface * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -186,12 +190,12 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); * @see vpnsvc_unblock_networks() */ int vpnsvc_block_networks(vpnsvc_h handle, - const char *dest_vpn[], - int prefix_vpn[], - size_t nr_allow_routes_vpn, - const char *dest_orig[], - int prefix_orig[], - size_t nr_allow_routes_orig); + const char *routes_dest_vpn_addr[], + int routes_vpn_prefix[], + size_t num_allow_routes_vpn, + const char *routes_dest_orig_addr[], + int routes_orig_prefix[], + size_t num_allow_routes_orig); /** * @brief Removes any restrictions imposed by vpnsvc_block_networks(). @@ -209,19 +213,19 @@ int vpnsvc_unblock_networks(vpnsvc_h handle); * @brief Gets the fd of the VPN interface. * @since_tizen 3.0 * @param[in] handle The VPN interface handle - * @param[out] if_fd The vpn interface fd + * @param[out] iface_fd The vpn interface fd * @return The fd value of VPN interface. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ -int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd); +int vpnsvc_get_iface_fd(vpnsvc_h handle, int* iface_fd); /** * @brief Gets the index of VPN interface. * @since_tizen 3.0 * @param[in] handle The VPN interface handle - * @param[out] if_index The VPN interface index + * @param[out] iface_index The VPN interface index * @return The index of the VPN interface. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -229,14 +233,14 @@ int vpnsvc_get_if_fd(vpnsvc_h handle, int* if_fd); * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index); +int vpnsvc_get_iface_index(vpnsvc_h handle, int* iface_index); /** * @brief Gets the name of VPN interface. * @since_tizen 3.0 - * @remarks The @a if_name should be released using free() + * @remarks The @a iface_name should be released using free() * @param[in] handle The VPN interface handle - * @param[out] if_name The name of VPN interface name + * @param[out] iface_name The name of VPN interface name * @return 0 on success. Otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter @@ -244,7 +248,7 @@ int vpnsvc_get_if_index(vpnsvc_h handle, int* if_index); * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() */ -int vpnsvc_get_if_name(vpnsvc_h handle, char** if_name); +int vpnsvc_get_iface_name(vpnsvc_h handle, char** iface_name); /** * @brief Sets the MTU of the VPN interface. diff --git a/include/vpn_service_internal.h b/include/vpn_service_internal.h index 9df6386..7cbf633 100755 --- a/include/vpn_service_internal.h +++ b/include/vpn_service_internal.h @@ -34,50 +34,50 @@ extern "C" { /** * @internal - * @brief Sets-up TUN interface and brings it up. Installs specified routes/DNS servers/DNS suffix. + * @brief Sets-up VPN interface and brings it up. Installs specified routes/DNS servers/DNS suffix. * @since_tizen 3.0 * @privlevel platform * @privilege %http://tizen.org/privilege/vpnservice.admin - * @param[in] handle The VPN tun interface handle - * @param[in] local_ip The local IP address - * @param[in] remote_ip The remote IP address - * @param[in] dest Destination address of the route - * @param[in] prefix The prefix of route - * @param[in] nr_routes The number of routes - * @param[in] dns_servers The list of DNS server names - Optional - * @param[in] nr_dns_servers The number of DNS server names - Optionl - * @param[in] dns_suffix The DNS suffix - Optional + * @param[in] handle The VPN interface handle + * @param[in] local_ip The local(vpn client) IP address + * @param[in] remote_ip The remote(vpn server) IP address + * @param[in] routes_dest_addr Destination address of the routes + * @param[in] routes_prefix The prefix of routes, netmask length (also called a prefix, e.g. 8, 16, 24, 32) + * @param[in] num_routes The number of routes, Unlimitation + * @param[in] dns_servers The list of DNS server names - Optional + * @param[in] num_dns_servers The number of DNS server names - Optionl, Unlimitation + * @param[in] dns_suffix The DNS suffix - Optional (e.g. tizen.org) * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre The VPN tun interface should be initialized already. + * @pre The VPN interface should be initialized already. * @post If you want to set interface down, please call vpnsvc_down(). * @see vpnsvc_init() * @see vpnsvc_down() */ int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char *dest[], int prefix[], size_t nr_routes, - const char** dns_servers, size_t nr_dns_servers, + const char *routes_dest_addr[], int routes_prefix[], size_t num_routes, + const char** dns_servers, size_t num_dns_servers, const char* dns_suffix); /** * @internal - * @brief Brings the TUN interface down and restores original DNS servers/domains. + * @brief Brings the VPN interface down and restores original DNS servers/domains. * @since_tizen 3.0 * @privlevel platform * @privilege %http://tizen.org/privilege/vpnservice.admin - * @param[in] handle The VPN tun interface handle + * @param[in] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported - * @pre The VPN tun interface should be initialized already. - * @post Please call vpnsvc_deinit() if you want to de-initialize VPN tun interface. + * @pre The VPN interface should be initialized and sets-up VPN interface already. + * @post Please call vpnsvc_deinit() if you want to de-initialize VPN interface. * @see vpnsvc_up() * @see vpnsvc_deinit() */ diff --git a/test/vpn_service_test.c b/test/vpn_service_test.c index ac29509..36c3396 100755 --- a/test/vpn_service_test.c +++ b/test/vpn_service_test.c @@ -56,19 +56,19 @@ int test_vpnsvc_init() char* result_name = NULL; printf("vpnsvc_init Succeed : %d\n", ret); - if (vpnsvc_get_if_fd(handle, &int_value) == VPNSVC_ERROR_NONE) - printf("if_fd : %d\n", int_value); + if (vpnsvc_get_iface_fd(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("iface_fd : %d\n", int_value); else - printf("Fail to get if_fd\n"); + printf("Fail to get iface_fd\n"); - if (vpnsvc_get_if_index(handle, &int_value) == VPNSVC_ERROR_NONE) - printf("if_index : %d\n", int_value); + if (vpnsvc_get_iface_index(handle, &int_value) == VPNSVC_ERROR_NONE) + printf("iface_index : %d\n", int_value); else - printf("Fail to get if_index\n"); + printf("Fail to get iface_index\n"); - ret = vpnsvc_get_if_name(handle, &result_name); + ret = vpnsvc_get_iface_name(handle, &result_name); if (ret == VPNSVC_ERROR_NONE) - printf("if_name : %s\n", result_name); + printf("iface_name : %s\n", result_name); } return 0; -- 2.7.4 From 554fb9e69ad703d9746912b1e98c093d5eacdf12 Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Fri, 12 Feb 2016 15:41:53 +0900 Subject: [PATCH 04/16] Fixed build error for 64bit Change-Id: I1925a8001c114740826472abb4bb56341d6ab76b Signed-off-by: Taesub Kim --- CMakeLists.txt | 2 +- daemon/CMakeLists.txt | 4 ++-- framework/CMakeLists.txt | 8 ++++---- framework/capi-vpnsvc.pc.in | 2 +- packaging/capi-vpn-service.spec | 3 ++- test/CMakeLists.txt | 4 ++-- 6 files changed, 12 insertions(+), 11 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a8e110a..42a6afb 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -10,7 +10,7 @@ INCLUDE(FindPkgConfig) SET(CMAKE_INSTALL_PREFIX /usr) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) SET(EXEC_PREFIX ${PREFIX}/bin) -SET(LIBDIR ${PREFIX}/lib) +SET(LIBDIR ${LIB_INSTALL_DIR}) SET(INCLUDEDIR ${PREFIX}/include) # If supported for the target machine, emit position-independent code,suitable diff --git a/daemon/CMakeLists.txt b/daemon/CMakeLists.txt index 09ffa1d..e94f838 100755 --- a/daemon/CMakeLists.txt +++ b/daemon/CMakeLists.txt @@ -4,7 +4,7 @@ SET(LIB_NAME ${PACKAGE_NAME}) PROJECT(${LIB_NAME}) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) SET(EXEC_PREFIX "\${prefix}") -SET(LIBDIR "\${prefix}/lib") +SET(LIBDIR ${LIB_INSTALL_DIR}) SET(INCLUDEDIR "\${prefix}/include") SET(DAEMON_DIR "${CMAKE_SOURCE_DIR}/daemon") SET(VERSION 0.1) @@ -39,7 +39,7 @@ ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"") ADD_DEFINITIONS("-DDATAFS=\"$ENV{DATADIR}\"") ADD_DEFINITIONS("-DSLP_DEBUG") -SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath=/usr/lib -pie") +SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR}" -pie") ADD_CUSTOM_COMMAND( WORKING_DIRECTORY diff --git a/framework/CMakeLists.txt b/framework/CMakeLists.txt index b78e4d4..a01be18 100755 --- a/framework/CMakeLists.txt +++ b/framework/CMakeLists.txt @@ -4,7 +4,7 @@ SET(LIB_NAME ${PACKAGE_NAME}) PROJECT(${LIB_NAME}) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) SET(EXEC_PREFIX "\${prefix}") -SET(LIBDIR "\${prefix}/lib") +SET(LIBDIR ${LIB_INSTALL_DIR}) SET(INCLUDEDIR "\${prefix}/include") SET(VERSION 0.1) @@ -34,12 +34,12 @@ ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"") ADD_DEFINITIONS("-DDATAFS=\"$ENV{DATADIR}\"") ADD_DEFINITIONS("-DSLP_DEBUG") -SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath=/usr/lib") +SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR}) ADD_LIBRARY(${PACKAGE_NAME} SHARED ${SRCS}) TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} -lrt -ldl) -INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION lib) +INSTALL(TARGETS ${PACKAGE_NAME} DESTINATION ${LIBDIR}) INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/vpn_service.h DESTINATION include) SET_TARGET_PROPERTIES(${PACKAGE_NAME} @@ -61,4 +61,4 @@ CONFIGURE_FILE( @ONLY ) -INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc DESTINATION lib/pkgconfig) +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${PACKAGE_NAME}.pc DESTINATION ${LIBDIR}/pkgconfig) diff --git a/framework/capi-vpnsvc.pc.in b/framework/capi-vpnsvc.pc.in index fbe305b..b30cfc2 100755 --- a/framework/capi-vpnsvc.pc.in +++ b/framework/capi-vpnsvc.pc.in @@ -3,7 +3,7 @@ prefix=@PREFIX@ exec_prefix=/usr -libdir=/usr/lib +libdir=@LIBDIR@ includedir=/usr/include Name: @PC_NAME@ diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 1075804..95195dd 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -81,7 +81,8 @@ MAJORVER=`echo %{version} | awk 'BEGIN {FS="."}{print $1}'` -DMAJORVER=${MAJORVER} \ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ -DTIZEN_ENGINEER_MODE=%{?tizen_build_binary_release_type_eng:1}%{!?tizen_build_binary_release_type_eng:0} \ - -DCMAKE_VERBOSE_MAKEFILE=ON + -DCMAKE_VERBOSE_MAKEFILE=ON \ + -DLIB_INSTALL_DIR=%{_libdir} make %{?jobs:-j%jobs} diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 87a4496..e23d651 100755 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -4,7 +4,7 @@ SET(LIB_NAME ${PACKAGE_NAME}) PROJECT(${LIB_NAME}) SET(PREFIX ${CMAKE_INSTALL_PREFIX}) SET(EXEC_PREFIX "\${prefix}") -SET(LIBDIR "\${prefix}/lib") +SET(LIBDIR ${LIB_INSTALL_DIR}) SET(INCLUDEDIR "\${prefix}/include") SET(VERSION 0.1) @@ -33,7 +33,7 @@ SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") ADD_DEFINITIONS("-DSLP_DEBUG") -SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath=/usr/lib") +SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -Wl,--rpath="${LIBDIR}) ADD_EXECUTABLE(${PACKAGE_NAME} ${TEST_SRCS}) TARGET_LINK_LIBRARIES(${PACKAGE_NAME} ${${PACKAGE_NAME}_LDFLAGS} "-ldl" capi-vpnsvc) -- 2.7.4 From 8f75e3208a717975f1dd7941d653390282ec608b Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Thu, 18 Feb 2016 13:29:49 +0900 Subject: [PATCH 05/16] resetting manifest Change-Id: Idb849d10106e31474cd1b4242832f37f68023da7 Signed-off-by: Taesub Kim --- daemon/vpnsvc-daemon.manifest | 63 +------------------------------------------ test/vpnsvc-test.manifest | 21 +-------------- 2 files changed, 2 insertions(+), 82 deletions(-) diff --git a/daemon/vpnsvc-daemon.manifest b/daemon/vpnsvc-daemon.manifest index 6b97c3a..97e8c31 100755 --- a/daemon/vpnsvc-daemon.manifest +++ b/daemon/vpnsvc-daemon.manifest @@ -1,66 +1,5 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + diff --git a/test/vpnsvc-test.manifest b/test/vpnsvc-test.manifest index 80de6fa..97e8c31 100755 --- a/test/vpnsvc-test.manifest +++ b/test/vpnsvc-test.manifest @@ -1,24 +1,5 @@ - - - - - - - - - - - - - - - - - - - - + -- 2.7.4 From 1a7dc5da24c5011ff95ef021be8082916887be55 Mon Sep 17 00:00:00 2001 From: "taesub.kim" Date: Fri, 19 Feb 2016 11:26:21 +0900 Subject: [PATCH 06/16] Remove smack label in service file Change-Id: I8f4ad687fade84e307e2e4320713d390d5bf39a8 Signed-off-by: Taesub Kim --- packaging/vpnsvc-daemon.service | 1 - 1 file changed, 1 deletion(-) diff --git a/packaging/vpnsvc-daemon.service b/packaging/vpnsvc-daemon.service index eab09e2..a31465a 100755 --- a/packaging/vpnsvc-daemon.service +++ b/packaging/vpnsvc-daemon.service @@ -4,7 +4,6 @@ Description=Start vpn-service-daemon for vpn-service [Service] User=root Group=root -SmackProcessLabel=vpnsvc Type=dbus BusName=org.tizen.vpnsvc RemainAfterExit=yes -- 2.7.4 From fde631d3a4b1e0e14002bb753e0d4ebd7a5dd312 Mon Sep 17 00:00:00 2001 From: Yu Jiung Date: Wed, 24 Feb 2016 16:23:06 +0900 Subject: [PATCH 07/16] Add Dbus configuration file Change-Id: I15c6ca7395d416950f7aed8de4b49fa1cb82cdab --- packaging/capi-vpn-service.spec | 4 ++++ packaging/dbus-vpnsvc-daemon.conf | 17 +++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 packaging/dbus-vpnsvc-daemon.conf diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 95195dd..e901593 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -8,6 +8,7 @@ URL: N/A Source0: %{name}-%{version}.tar.gz Source1: vpnsvc-daemon.service Source2: org.tizen.vpnsvc.service +Source3: dbus-vpnsvc-daemon.conf BuildRequires: cmake BuildRequires: pkgconfig(dlog) BuildRequires: pkgconfig(dbus-glib-1) @@ -94,6 +95,8 @@ cp LICENSE-Apache.v2.0 %{buildroot}/%{_datadir}/license/capi-vpnsvc #cp LICENSE.APLv2 %{buildroot}/usr/share/license/fpasmtztransport %make_install +mkdir -p %{buildroot}%{_sysconfdir}/dbus-1/system.d +install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/dbus-1/system.d/vpnsvc-daemon.conf mkdir -p %{buildroot}%{_libdir}/systemd/system install -m 0644 %{SOURCE1} %{buildroot}%{_libdir}/systemd/system/vpnsvc-daemon.service mkdir -p %{buildroot}%{_datadir}/dbus-1/system-services @@ -115,6 +118,7 @@ fi %manifest daemon/vpnsvc-daemon.manifest %attr(0755,root,root) %{_bindir}/vpnsvc-daemon %defattr(-,root,root,-) +%{_sysconfdir}/dbus-1/system.d/*.conf %{_libdir}/systemd/system/vpnsvc-daemon.service %{_datadir}/dbus-1/system-services/org.tizen.vpnsvc.service diff --git a/packaging/dbus-vpnsvc-daemon.conf b/packaging/dbus-vpnsvc-daemon.conf new file mode 100644 index 0000000..0040381 --- /dev/null +++ b/packaging/dbus-vpnsvc-daemon.conf @@ -0,0 +1,17 @@ + + + + + + + + + + + + + + + -- 2.7.4 From 9bf6e583f65e83a25025b16ff080dac51cb8c8cc Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Fri, 26 Feb 2016 16:44:58 +0900 Subject: [PATCH 08/16] Remove redefined TIZEN_ERROR_VPNSVC Change-Id: Iac6a7580b9b6f0bef42bf71df510d91b45794ce5 Signed-off-by: Seonah Moon --- include/vpn_service.h | 4 ---- packaging/capi-vpn-service.spec | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/include/vpn_service.h b/include/vpn_service.h index 6ce3e53..c1091ef 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -50,10 +50,6 @@ extern "C" { */ #define VPNSVC_SESSION_STRING_LEN 32 -#ifndef TIZEN_ERROR_VPNSVC -#define TIZEN_ERROR_VPNSVC -0x03200000 -#endif - /** * @brief Enumeration for VPN service error types. * @details Indicate formats of error type field diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index e901593..1a8985b 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.5 +Version: 1.0.6 Release: 1 Group: System/Network License: Apache License, Version 2.0 -- 2.7.4 From cb77af87cbbe25fab666ff78b5017c9053232515 Mon Sep 17 00:00:00 2001 From: Seonah Moon Date: Thu, 3 Mar 2016 11:35:41 +0900 Subject: [PATCH 09/16] Modified license using SPDX license identifier Change-Id: I6b9bf5bb21f42f4977e1cc7d9b3e811766879e84 Signed-off-by: Seonah Moon --- LICENSE-Apache.v2.0 => LICENSE | 0 packaging/capi-vpn-service.spec | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) rename LICENSE-Apache.v2.0 => LICENSE (100%) diff --git a/LICENSE-Apache.v2.0 b/LICENSE similarity index 100% rename from LICENSE-Apache.v2.0 rename to LICENSE diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 1a8985b..4dd2727 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -3,7 +3,7 @@ Summary: VPN service library in TIZEN C API Version: 1.0.6 Release: 1 Group: System/Network -License: Apache License, Version 2.0 +License: Apache-2.0 URL: N/A Source0: %{name}-%{version}.tar.gz Source1: vpnsvc-daemon.service @@ -91,7 +91,7 @@ make %{?jobs:-j%jobs} rm -rf %{buildroot} mkdir -p %{buildroot}/%{_datadir}/license -cp LICENSE-Apache.v2.0 %{buildroot}/%{_datadir}/license/capi-vpnsvc +cp LICENSE %{buildroot}/%{_datadir}/license/capi-vpnsvc #cp LICENSE.APLv2 %{buildroot}/usr/share/license/fpasmtztransport %make_install -- 2.7.4 From 3aa08dfcf3c47015d3f555f40e56346bf8606c5a Mon Sep 17 00:00:00 2001 From: Deepak Kumar Sahu Date: Mon, 7 Mar 2016 19:16:31 +0530 Subject: [PATCH 10/16] vpn-service changes for svace. Change-Id: I1a0182f7383d2e466130e3cbe4ca0265bb0741eb Signed-off-by: Deepak Kumar Sahu --- daemon/src/vpn_service_daemon.c | 68 ++++++++++++++++++++++------------------ framework/src/capi_vpn_service.c | 4 ++- test/vpn_service_test.c | 16 ++++++++++ 3 files changed, 57 insertions(+), 31 deletions(-) diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index bf205b9..b94d675 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -28,6 +28,7 @@ #include #include #include +#include #include "vpn_service_daemon.h" @@ -35,6 +36,7 @@ #undef LOG_TAG #endif #define LOG_TAG "VPNSVC_DAEMON" +#define BUF_SIZE_FOR_ERR 100 #define CONNMAN_SERVICE "net.connman" #define CONNMAN_INTERFACE_MANAGER "net.connman.Manager" @@ -88,12 +90,13 @@ static int add_routes(char* iface_name, const char* routes[], int prefix[], size struct sockaddr_in addr; int sk; unsigned int i = 0; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("Enter add_routes"); sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { - LOGE("socket failed : %s", strerror(errno)); + LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } @@ -121,7 +124,7 @@ static int add_routes(char* iface_name, const char* routes[], int prefix[], size rt.rt_dev = iface_name; if (ioctl(sk, SIOCADDRT, &rt) < 0) { - LOGE("ioctl SIOCADDRT failed : %s", strerror(errno)); + LOGE("ioctl SIOCADDRT failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -239,7 +242,7 @@ static char *connman_get_items(GDBusConnection *connection, char *profile, const tmp_items = (char *) malloc(strlen(items) + 1 + strlen(value) + 1); if (items) { - sprintf(tmp_items, "%s,%s", items, value); + snprintf(tmp_items, strlen(tmp_items), "%s,%s", items, value); free(items); items = tmp_items; } @@ -328,7 +331,7 @@ static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_s char *items = NULL; char *org_items = NULL; char *new_items = NULL; - unsigned int i; + unsigned int i = 0; connman_connection_open(); @@ -354,8 +357,8 @@ static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_s } strncpy(items, org_items, strlen(org_items)); for (i = 0 ; i < nr_dns ; i++) { - strcat(items, ","); - strcat(items, dns_servers[i]); + strncat(items, ",", 1); + strncat(items, dns_servers[i], strlen(dns_servers[i])); } free(org_items); org_items = NULL; @@ -367,9 +370,9 @@ static int add_dns_servers(char** dns_servers, size_t nr_dns, size_t total_dns_s return VPNSVC_ERROR_OUT_OF_MEMORY; } for (i = 0 ; i < nr_dns ; i++) { - strcat(items, dns_servers[i]); + strncat(items, dns_servers[i], strlen(dns_servers[i])); if (i != nr_dns - 1) - strcat(items, ","); + strncat(items, ",", 1); } } @@ -444,8 +447,8 @@ static int add_dns_suffix(const char* dns_suffix, size_t dns_suffix_len) return VPNSVC_ERROR_OUT_OF_MEMORY; } strncpy(items, org_items, strlen(org_items)); - strcat(items, ","); - strcat(items, dns_suffix); + strncat(items, ",", 1); + strncat(items, dns_suffix, dns_suffix_len); free(org_items); org_items = NULL; } else { @@ -455,7 +458,7 @@ static int add_dns_suffix(const char* dns_suffix, size_t dns_suffix_len) LOGE("OOM while malloc"); return VPNSVC_ERROR_OUT_OF_MEMORY; } - strcat(items, dns_suffix); + strncat(items, dns_suffix, dns_suffix_len); } if (items) { @@ -613,12 +616,13 @@ static int get_interface_index(const char *iface_name) { struct ifreq ifr; int sk = 0; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("enter get_interface_index, iface_name : %s", iface_name); sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { - LOGE("socket failed : %s", strerror(errno)); + LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } @@ -629,7 +633,7 @@ static int get_interface_index(const char *iface_name) /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFINDEX, &ifr) < 0) { - LOGE("ioctl SIOCGIFINDEX failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFINDEX failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -644,6 +648,7 @@ int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsv { struct ifreq ifr; size_t len = 0; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("enter vpn_daemon_init, iface_name : %s, iface_name_len : %d, fd : %d\n", iface_name, iface_name_len, fd); @@ -663,19 +668,19 @@ int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsv LOGD("before init, ifindex : %d", ifr.ifr_ifindex); if (ioctl(fd, TUNSETIFF, (void *) &ifr) < 0) { - LOGE("TUNSETIFF Failed : %s", strerror(errno)); + LOGE("TUNSETIFF Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(fd); return VPNSVC_ERROR_IO_ERROR; } if (ioctl(fd, TUNSETOWNER, 5000) < 0) { - LOGE("TUNSETOWNER Failed : %s", strerror(errno)); + LOGE("TUNSETOWNER Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(fd); return VPNSVC_ERROR_IO_ERROR; } if (ioctl(fd, TUNSETPERSIST, 1) < 0) { - LOGE("TUNSETPERSIST Failed : %s", strerror(errno)); + LOGE("TUNSETPERSIST Failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(fd); return VPNSVC_ERROR_IO_ERROR; } @@ -709,13 +714,14 @@ int vpn_daemon_deinit(const char* dev_name) int vpn_daemon_protect(int socket_fd, const char* dev_name) { int ret = VPNSVC_ERROR_NONE; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("enter vpn_daemon_protect, socket : %d, dev_name : %s\n", socket_fd, dev_name); ret = setsockopt(socket_fd, SOL_SOCKET, SO_BINDTODEVICE, dev_name, strlen(dev_name)); if (ret < 0) { - LOGD("setsockopt failed : %d, %s", ret, strerror(errno)); + LOGD("setsockopt failed : %d, %s", ret, strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); ret = VPNSVC_ERROR_IO_ERROR; } else { ret = VPNSVC_ERROR_NONE; @@ -734,6 +740,7 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, struct ifreq ifr_tun; int sk; int ret = VPNSVC_ERROR_NONE; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; LOGD("enter vpn_daemon_up"); @@ -745,7 +752,7 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { - LOGE("socket failed : %s", strerror(errno)); + LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } @@ -754,7 +761,7 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, /* get an interface name by ifindex */ if (ioctl(sk, SIOCGIFNAME, &ifr_tun) < 0) { - LOGE("ioctl SIOCGIFNAME failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFNAME failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -765,7 +772,7 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, local_addr.sin_family = AF_INET; memcpy(&ifr_tun.ifr_addr, &local_addr, sizeof(ifr_tun.ifr_addr)); if (ioctl(sk, SIOCSIFADDR, &ifr_tun) < 0) { - LOGE("ioctl SIOCSIFADDR failed : %s", strerror(errno)); + LOGE("ioctl SIOCSIFADDR failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -776,14 +783,14 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, remote_addr.sin_family = AF_INET; memcpy(&ifr_tun.ifr_dstaddr, &remote_addr, sizeof(ifr_tun.ifr_dstaddr)); if (ioctl(sk, SIOCSIFDSTADDR, &ifr_tun) < 0) { - LOGE("ioctl SIOCSIFDSTADDR failed : %s", strerror(errno)); + LOGE("ioctl SIOCSIFDSTADDR failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } /* set the flags for vpn up */ if (ioctl(sk, SIOCGIFFLAGS, &ifr_tun) < 0) { - LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -792,14 +799,14 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, ifr_tun.ifr_flags |= IFF_RUNNING; if (ioctl(sk, SIOCSIFFLAGS, &ifr_tun) < 0) { - LOGE("ioctl SIOCSIFFLAGS failed : %s", strerror(errno)); + LOGE("ioctl SIOCSIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } /* mtu setting */ if (ioctl(sk, SIOCGIFMTU, &ifr_tun) < 0) { - LOGE("ioctl SIOCGIFMTU failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFMTU failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -807,7 +814,7 @@ int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, if (mtu > 0 && ifr_tun.ifr_mtu != (int)mtu) { ifr_tun.ifr_mtu = mtu; if (ioctl(sk, SIOCSIFMTU, &ifr_tun) < 0) { - LOGE("ioctl SIOCSIFMTU failed : %s", strerror(errno)); + LOGE("ioctl SIOCSIFMTU failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -850,10 +857,11 @@ int vpn_daemon_down(int iface_index) struct ifreq ifr, addr_ifr; struct sockaddr_in *addr = NULL; int sk; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; sk = socket(PF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (sk < 0) { - LOGE("socket failed : %s", strerror(errno)); + LOGE("socket failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } @@ -861,13 +869,13 @@ int vpn_daemon_down(int iface_index) ifr.ifr_ifindex = iface_index; if (ioctl(sk, SIOCGIFNAME, &ifr) < 0) { - LOGE("ioctl SIOCGIFNAME failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFNAME failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } if (ioctl(sk, SIOCGIFFLAGS, &ifr) < 0) { - LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror(errno)); + LOGE("ioctl SIOCGIFFLAGS failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } @@ -877,7 +885,7 @@ int vpn_daemon_down(int iface_index) addr = (struct sockaddr_in *)&addr_ifr.ifr_addr; addr->sin_family = AF_INET; if (ioctl(sk, SIOCSIFADDR, &addr_ifr) < 0) - LOGD("ioctl SIOCSIFADDR (could not clear IP address) failed : %s", strerror(errno)); + LOGD("ioctl SIOCSIFADDR (could not clear IP address) failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); if (!(ifr.ifr_flags & IFF_UP)) { LOGD("Interface already down"); @@ -887,7 +895,7 @@ int vpn_daemon_down(int iface_index) ifr.ifr_flags = (ifr.ifr_flags & ~IFF_UP) | IFF_DYNAMIC; if (ioctl(sk, SIOCSIFFLAGS, &ifr) < 0) { - LOGE("ioctl SIOCSIFFLAGS (interface down) failed : %s", strerror(errno)); + LOGE("ioctl SIOCSIFFLAGS (interface down) failed : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); close(sk); return VPNSVC_ERROR_IO_ERROR; } diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 29002b8..a4ae8de 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -30,6 +30,7 @@ #define LOG_TAG "CAPI_VPNSVC" #define DBUS_REPLY_TIMEOUT (120 * 1000) +#define BUF_SIZE_FOR_ERR 100 GVariant *op = NULL; @@ -334,6 +335,7 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) int result = VPNSVC_ERROR_NONE; int dbus_result; vpnsvc_tun_s *tun_s = NULL; + char buf[BUF_SIZE_FOR_ERR] = { 0 }; /* parameter check */ if (handle == NULL) { @@ -364,7 +366,7 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) } if (close(tun_s->fd) != 0) { - LOGE("tun fd close : %s", strerror(errno)); + LOGE("tun fd close : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); return VPNSVC_ERROR_IO_ERROR; } else LOGD("tun fd close success"); diff --git a/test/vpn_service_test.c b/test/vpn_service_test.c index 36c3396..d36bfac 100755 --- a/test/vpn_service_test.c +++ b/test/vpn_service_test.c @@ -158,6 +158,12 @@ int test_vpnsvc_up() else printf("vpnsvc_up Succeed!\n"); + free(routes[0]); + free(routes[1]); + + routes[0] = NULL; + routes[1] = NULL; + return 0; } @@ -231,6 +237,16 @@ int test_vpnsvc_block_networks() else printf("vpnsvc_block_networks Succeed!\n"); + free(block_nets[0]); + free(block_nets[1]); + free(allow_nets[0]); + free(allow_nets[1]); + + block_nets[0] = NULL; + block_nets[1] = NULL; + allow_nets[0] = NULL; + allow_nets[1] = NULL; + return 0; } -- 2.7.4 From 923d98fcda7010d0c7ad4d9e3fb0a02e3bd82081 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Thu, 17 Mar 2016 09:59:46 +0900 Subject: [PATCH 11/16] Fixed svace for 40896 Change-Id: I5a831fa553952eeb75a9824c3ad21f77fdac659d Signed-off-by: Taesub Kim --- daemon/src/vpn_service_daemon.c | 5 +++-- packaging/dbus-vpnsvc-daemon.conf | 0 2 files changed, 3 insertions(+), 2 deletions(-) mode change 100644 => 100755 packaging/dbus-vpnsvc-daemon.conf diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index b94d675..0a95595 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -272,12 +272,13 @@ static void connman_set_items(GDBusConnection *connection, char *profile, GVariant *params = NULL; char *strings = strdup(items); char *addr = NULL; + char *temp = NULL; builder = g_variant_builder_new(G_VARIANT_TYPE("as")); - if ((addr = strtok(strings, ", ")) != NULL) { + if ((addr = strtok_r(strings, ", ", &temp)) != NULL) { do { g_variant_builder_add(builder, "s", addr); - } while ((addr = strtok(NULL, ", ")) != NULL); + } while ((addr = strtok_r(NULL, ", ", &temp)) != NULL); } free(strings); params = g_variant_new("(sv)", keystr, diff --git a/packaging/dbus-vpnsvc-daemon.conf b/packaging/dbus-vpnsvc-daemon.conf old mode 100644 new mode 100755 -- 2.7.4 From 5775865e20d4485290a5ab7dcda234367a629800 Mon Sep 17 00:00:00 2001 From: hyunuktak Date: Thu, 17 Mar 2016 11:41:51 +0900 Subject: [PATCH 12/16] Added some comments to exclude coverage Change-Id: I527291696adce551af861236a0dbf829699bc9e9 Signed-off-by: hyunuktak --- framework/CMakeLists.txt | 2 +- framework/src/capi_vpn_service.c | 278 +++++++++++++++++++------------------- packaging/capi-vpn-service.spec | 2 +- packaging/dbus-vpnsvc-daemon.conf | 6 +- 4 files changed, 144 insertions(+), 144 deletions(-) diff --git a/framework/CMakeLists.txt b/framework/CMakeLists.txt index a01be18..6d619d5 100755 --- a/framework/CMakeLists.txt +++ b/framework/CMakeLists.txt @@ -25,7 +25,7 @@ FOREACH(flag ${${PACKAGE_NAME}_CFLAGS}) ENDFOREACH(flag) # Compiler flags -SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fPIC -Wall -fvisibility=hidden") +SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fPIC -Wall -fvisibility=hidden -fprofile-arcs -ftest-coverage") SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}") SET(CMAKE_C_FLAGS_DEBUG "-O0 -g") diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index a4ae8de..2afd277 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -41,19 +41,19 @@ int _vpnsvc_check_feature_supported(const char *feature_name) { if (is_feature_checked) { if (!feature_supported) { - LOGE("%s feature is disabled", feature_name); - return VPNSVC_ERROR_NOT_SUPPORTED; + LOGE("%s feature is disabled", feature_name); //LCOV_EXCL_LINE + return VPNSVC_ERROR_NOT_SUPPORTED; //LCOV_EXCL_LINE } } else { if (!system_info_get_platform_bool(feature_name, &feature_supported)) { is_feature_checked = true; if (!feature_supported) { - LOGE("%s feature is disabled", feature_name); - return VPNSVC_ERROR_NOT_SUPPORTED; + LOGE("%s feature is disabled", feature_name); //LCOV_EXCL_LINE + return VPNSVC_ERROR_NOT_SUPPORTED; //LCOV_EXCL_LINE } } else { - LOGE("Error - Feature getting from System Info"); - return VPNSVC_ERROR_IO_ERROR; + LOGE("Error - Feature getting from System Info"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } } @@ -66,8 +66,8 @@ static void _vpnsvc_init_vpnsvc_tun_s(vpnsvc_tun_s **s) if (s == NULL) return; if (*s != NULL) { - LOGE("Can't Initialize vpnsvc_tun_s: %p", *s); - return; + LOGE("Can't Initialize vpnsvc_tun_s: %p", *s); //LCOV_EXCL_LINE + return; //LCOV_EXCL_LINE } *s = (vpnsvc_tun_s*)g_malloc0(sizeof(vpnsvc_tun_s)); @@ -81,8 +81,8 @@ static void _vpnsvc_init_vpnsvc_tun_s(vpnsvc_tun_s **s) connection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &error); if (error != NULL) { - LOGE("Error creating Connection: %s", error->message); - g_error_free(error); + LOGE("Error creating Connection: %s", error->message); //LCOV_EXCL_LINE + g_error_free(error); //LCOV_EXCL_LINE } else { LOGD("Created Connection: %p", connection); (*s)->connection = connection; @@ -126,9 +126,9 @@ GVariant *_vpnsvc_invoke_dbus_method(GDBusConnection *connection, LOGD("Method Call() dest=%s path=%s iface=%s method=%s", dest, path, interface_name, method); if (connection == NULL) { - LOGD("GDBusconnection is NULL"); - *dbus_error = VPNSVC_ERROR_IO_ERROR; - return reply; + LOGD("GDBusconnection is NULL"); //LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE + return reply; //LCOV_EXCL_LINE } reply = g_dbus_connection_call_sync(connection, @@ -145,13 +145,13 @@ GVariant *_vpnsvc_invoke_dbus_method(GDBusConnection *connection, if (reply == NULL) { if (error != NULL) { - LOGE("g_dbus_connection_call_sync() failed" + LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE "error [%d: %s]", error->code, error->message); - *dbus_error = VPNSVC_ERROR_IO_ERROR; - g_error_free(error); + *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE + g_error_free(error); //LCOV_EXCL_LINE } else { - LOGE("g_dbus_connection_call_sync() failed"); - *dbus_error = VPNSVC_ERROR_IPC_FAILED; + LOGE("g_dbus_connection_call_sync() failed"); //LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } return NULL; @@ -172,24 +172,24 @@ GVariant *_vpnsvc_invoke_dbus_method_with_fd(GDBusConnection *connection, LOGD("Method Call() dest=%s path=%s iface=%s method=%s fd=%d", dest, path, interface_name, method, fd); if (connection == NULL) { - LOGD("GDBusconnection is NULL"); - *dbus_error = VPNSVC_ERROR_IO_ERROR; - return reply; + LOGD("GDBusconnection is NULL"); //LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE + return reply; //LCOV_EXCL_LINE } /* Setting the fd_list */ fd_list = g_unix_fd_list_new(); if (fd_list == NULL) { - LOGE("g_unix_fd_list_new() failed!"); - return NULL; + LOGE("g_unix_fd_list_new() failed!"); //LCOV_EXCL_LINE + return NULL; //LCOV_EXCL_LINE } g_unix_fd_list_append(fd_list, fd, &error); if (error != NULL) { - LOGE("g_unix_fd_list_append() failed" + LOGE("g_unix_fd_list_append() failed" //LCOV_EXCL_LINE "error [%d: %s]", error->code, error->message); - *dbus_error = VPNSVC_ERROR_IO_ERROR; - g_error_free(error); - return NULL; + *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE + g_error_free(error); //LCOV_EXCL_LINE + return NULL; //LCOV_EXCL_LINE } reply = g_dbus_connection_call_with_unix_fd_list_sync(connection, @@ -208,13 +208,13 @@ GVariant *_vpnsvc_invoke_dbus_method_with_fd(GDBusConnection *connection, if (reply == NULL) { if (error != NULL) { - LOGE("g_dbus_connection_call_sync() failed" + LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE "error [%d: %s]", error->code, error->message); - *dbus_error = VPNSVC_ERROR_IO_ERROR; - g_error_free(error); + *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE + g_error_free(error); //LCOV_EXCL_LINE } else { - LOGE("g_dbus_connection_call_sync() failed"); - *dbus_error = VPNSVC_ERROR_IPC_FAILED; + LOGE("g_dbus_connection_call_sync() failed"); //LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } return NULL; @@ -258,9 +258,9 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) &dbus_result); if (op == NULL) { - _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); - LOGD("Service [%s] Start Failed!", VPNSVC_DBUS_SERVICE_NAME); - return VPNSVC_ERROR_IPC_FAILED; + _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE + LOGD("Service [%s] Start Failed!", VPNSVC_DBUS_SERVICE_NAME); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { unsigned int status = 0; g_variant_get(op, "(u)", &status); @@ -269,20 +269,20 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) } else if (2 == status) { /* DBUS_START_REPLY_ALREADY_RUNNING */ LOGD("Service [%s] Already Running!", VPNSVC_DBUS_SERVICE_NAME); } else { - LOGD("Service [%s] Not Started! Status[%d]", VPNSVC_DBUS_SERVICE_NAME, status); - g_variant_unref(op); - op = NULL; - _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); - return VPNSVC_ERROR_IO_ERROR; + LOGD("Service [%s] Not Started! Status[%d]", VPNSVC_DBUS_SERVICE_NAME, status); //LCOV_EXCL_LINE + g_variant_unref(op); //LCOV_EXCL_LINE + op = NULL; //LCOV_EXCL_LINE + _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } g_variant_unref(op); op = NULL; } if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) { - LOGE("tun device open fail\n"); - _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); - return VPNSVC_ERROR_IO_ERROR; + LOGE("tun device open fail\n"); //LCOV_EXCL_LINE + _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } LOGD("client iface_fd : %d", iface_fd); @@ -297,18 +297,18 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) &dbus_result); if (op == NULL) { - close(iface_fd); - _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); - return VPNSVC_ERROR_IPC_FAILED; + close(iface_fd); //LCOV_EXCL_LINE + _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { int tmp_index; char* tmp_name; g_variant_get(op, "(iis)", &result, &tmp_index, &tmp_name); if (result != VPNSVC_ERROR_NONE) { - LOGE("vpnsvc_init() failed"); - _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); - result = VPNSVC_ERROR_IPC_FAILED; + LOGE("vpnsvc_init() failed"); //LCOV_EXCL_LINE + _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE + result = VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { LOGD("vpnsvc_init() succeed"); tmp_s->fd = iface_fd; /* client fd must be set */ @@ -339,8 +339,8 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; @@ -356,18 +356,18 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_deinit() failed"); + LOGE("vpn_deinit() failed"); //LCOV_EXCL_LINE else LOGD("vpn_deinit() succeed"); } if (close(tun_s->fd) != 0) { - LOGE("tun fd close : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); - return VPNSVC_ERROR_IO_ERROR; + LOGE("tun fd close : %s", strerror_r(errno, buf, BUF_SIZE_FOR_ERR)); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } else LOGD("tun fd close success"); @@ -388,16 +388,16 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; LOGD("enter vpnsvc_protect, socket : %d, dev_name : %s", socket_fd, iface_name); if (tun_s->connection == NULL) { - LOGE("Connection Object is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Connection Object is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } /* call vpnsvc_protect */ @@ -411,12 +411,12 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_protect() failed"); + LOGE("vpn_protect() failed"); //LCOV_EXCL_LINE else LOGD("vpn_protect() succeed"); } @@ -441,24 +441,24 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; LOGD("enter vpnsvc_up"); if (tun_s->index <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } else if (tun_s->connection == NULL) { - LOGE("Connection Object is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Connection Object is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } if (local_ip == NULL || remote_ip == NULL) { - LOGE("local and remote ip are invalid"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("local and remote ip are invalid"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } LOGD("iface_index %d", tun_s->index); @@ -468,8 +468,8 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo g_variant_builder_init(&route_builder, G_VARIANT_TYPE("a{si}")); for (i = 0 ; i < num_routes ; i++) { if (strlen(routes_dest_add[i]) <= 0) { - LOGE("invalid dest[%d]", i); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid dest[%d]", i); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } g_variant_builder_add(&route_builder, "{si}", routes_dest_add[i], routes_prefix[i]); LOGD("dest[%d] : %s", i, routes_dest_add[i]); @@ -481,8 +481,8 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo g_variant_builder_init(&dns_builder, G_VARIANT_TYPE("as")); for (i = 0 ; i < num_dns_servers ; i++) { if (strlen(dns_servers[i]) <= 0) { - LOGE("invalid dns_servers[%d]", i); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid dns_servers[%d]", i); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } LOGD("dns_servers[%d] : %s", i, dns_servers[i]); g_variant_builder_add(&dns_builder, "s", dns_servers[i]); @@ -502,11 +502,11 @@ EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remo &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_up() failed"); + LOGE("vpn_up() failed"); //LCOV_EXCL_LINE else LOGD("vpn_up() succeed"); } @@ -524,22 +524,22 @@ EXPORT_API int vpnsvc_down(vpnsvc_h handle) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; LOGD("enter vpnsvc_down"); if (tun_s == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } else if (tun_s->index <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } else if (tun_s->connection == NULL) { - LOGE("Connection Object is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Connection Object is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } op = _vpnsvc_invoke_dbus_method(tun_s->connection, @@ -551,11 +551,11 @@ EXPORT_API int vpnsvc_down(vpnsvc_h handle) &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_down() failed"); + LOGE("vpn_down() failed"); //LCOV_EXCL_LINE else LOGD("vpn_down() succeed"); } @@ -576,14 +576,14 @@ EXPORT_API int vpnsvc_read(vpnsvc_h handle, int timeout_ms) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (tun_s->fd <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } /* listen for events */ @@ -596,11 +596,11 @@ EXPORT_API int vpnsvc_read(vpnsvc_h handle, int timeout_ms) LOGD("Data is available now.\n"); ret = VPNSVC_ERROR_NONE; } else if (retVal == 0) { - LOGD("No data within %d ms\n", timeout_ms); - ret = VPNSVC_ERROR_TIMEOUT; + LOGD("No data within %d ms\n", timeout_ms); //LCOV_EXCL_LINE + ret = VPNSVC_ERROR_TIMEOUT; //LCOV_EXCL_LINE } else { - LOGE("select failed\n"); - ret = VPNSVC_ERROR_IO_ERROR; + LOGE("select failed\n"); //LCOV_EXCL_LINE + ret = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } return ret; @@ -615,14 +615,14 @@ EXPORT_API int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (tun_s->fd <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } return write(tun_s->fd, data, size); @@ -650,16 +650,16 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; LOGD("enter vpnsvc_block_networks"); if (tun_s->connection == NULL) { - LOGE("Connection Object is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Connection Object is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } /* make a route parameter for allowed VPN interface routes */ g_variant_builder_init(&nets_builder, G_VARIANT_TYPE("a{si}")); @@ -689,11 +689,11 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_block_networks() failed"); + LOGE("vpn_block_networks() failed"); //LCOV_EXCL_LINE else LOGD("vpn_block_networks() succeed"); } @@ -711,19 +711,19 @@ EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; LOGD("enter vpnsvc_unblock_networks"); if (tun_s == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } else if (tun_s->connection == NULL) { - LOGE("Connection Object is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Connection Object is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } op = _vpnsvc_invoke_dbus_method(tun_s->connection, @@ -735,11 +735,11 @@ EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) &dbus_result); if (op == NULL) { - return VPNSVC_ERROR_IPC_FAILED; + return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { g_variant_get(op, "(i)", &result); if (result != VPNSVC_ERROR_NONE) - LOGE("vpn_unblock_networks() failed"); + LOGE("vpn_unblock_networks() failed"); //LCOV_EXCL_LINE else LOGD("vpn_unblock_networks() succeed"); } @@ -755,14 +755,14 @@ EXPORT_API int vpnsvc_get_iface_fd(vpnsvc_h handle, int* iface_fd) /* parameter check */ if (handle == NULL || iface_fd == NULL) { - LOGE("Invalid parameter"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Invalid parameter"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (tun_s->fd <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } *iface_fd = (int)(tun_s->fd); @@ -778,15 +778,15 @@ EXPORT_API int vpnsvc_get_iface_index(vpnsvc_h handle, int* iface_index) /* parameter check */ if (handle == NULL || iface_index == NULL) { - LOGE("Invalid parameter"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Invalid parameter"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (tun_s->index <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } *iface_index = (int)(tun_s->index); @@ -803,19 +803,19 @@ EXPORT_API int vpnsvc_get_iface_name(vpnsvc_h handle, char** iface_name) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (strlen(tun_s->name) <= 0) { - LOGE("invalid handle"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("invalid handle"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } if (iface_name == NULL) { - LOGE("tun name string is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("tun name string is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } g_strlcpy(la_iface_name, tun_s->name, VPNSVC_VPN_IFACE_NAME_LEN + 1); @@ -832,14 +832,14 @@ EXPORT_API int vpnsvc_set_mtu(vpnsvc_h handle, int mtu) /* parameter check */ if (handle == NULL) { - LOGE("handle is a NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("handle is a NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s = (vpnsvc_tun_s*)handle; if (mtu <= 0) { - LOGE("Incorrect MTU Size = %d", mtu); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Incorrect MTU Size = %d", mtu); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } tun_s->mtu = mtu; @@ -862,14 +862,14 @@ EXPORT_API int vpnsvc_set_blocking(vpnsvc_h handle, bool blocking) int flags; if (tun_s->fd <= 0) { - LOGE("The Tunnel File Descriptor fd = %d", tun_s->fd); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("The Tunnel File Descriptor fd = %d", tun_s->fd); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } flags = fcntl(tun_s->fd, F_GETFL); if (flags < 0) { - LOGD("File Descriptor Flags GET Failed fd = %d", tun_s->fd); - flags = 0; + LOGD("File Descriptor Flags GET Failed fd = %d", tun_s->fd); //LCOV_EXCL_LINE + flags = 0; //LCOV_EXCL_LINE } if (blocking == false) @@ -878,8 +878,8 @@ EXPORT_API int vpnsvc_set_blocking(vpnsvc_h handle, bool blocking) flags = flags & (~O_NONBLOCK); if (fcntl(tun_s->fd, F_SETFL, flags) < 0) { - LOGE("Failed fd = %d F_SETFL(flags) = %d", tun_s->fd, flags); - return VPNSVC_ERROR_IO_ERROR; + LOGE("Failed fd = %d F_SETFL(flags) = %d", tun_s->fd, flags); //LCOV_EXCL_LINE + return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } return VPNSVC_ERROR_NONE; } @@ -898,8 +898,8 @@ EXPORT_API int vpnsvc_set_session(vpnsvc_h handle, const char* session) tun_s = (vpnsvc_tun_s*)handle; if (session == NULL) { - LOGE("Session Name string is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Session Name string is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } strncpy(tun_s->session, session, VPNSVC_SESSION_STRING_LEN); @@ -923,8 +923,8 @@ EXPORT_API int vpnsvc_get_session(vpnsvc_h handle, char** session) tun_s = (vpnsvc_tun_s*)handle; if (session == NULL) { - LOGE("Session Name string is NULL"); - return VPNSVC_ERROR_INVALID_PARAMETER; + LOGE("Session Name string is NULL"); //LCOV_EXCL_LINE + return VPNSVC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE } g_strlcpy(la_session, tun_s->session, VPNSVC_SESSION_STRING_LEN + 1); diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 4dd2727..9c6c00c 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.6 +Version: 1.0.7 Release: 1 Group: System/Network License: Apache-2.0 diff --git a/packaging/dbus-vpnsvc-daemon.conf b/packaging/dbus-vpnsvc-daemon.conf index 0040381..9a1daea 100644 --- a/packaging/dbus-vpnsvc-daemon.conf +++ b/packaging/dbus-vpnsvc-daemon.conf @@ -10,8 +10,8 @@ - - - + + + -- 2.7.4 From 709a13a274d8b5edaf9c133e7bbb352ac7b920c3 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Thu, 17 Mar 2016 15:22:18 +0900 Subject: [PATCH 13/16] Change/check privilege Change-Id: I730cfb16b375d8d87137a7178014fbe96805168f Signed-off-by: Taesub Kim Signed-off-by: Deepak Kumar Sahu --- daemon/CMakeLists.txt | 2 +- daemon/include/vpnsvc.h | 9 +++ daemon/src/vpnsvc.c | 155 +++++++++++++++++++++++++++++++++++++-- framework/src/capi_vpn_service.c | 39 ++++++++-- include/vpn_service.h | 16 ++++ packaging/capi-vpn-service.spec | 3 + 6 files changed, 210 insertions(+), 14 deletions(-) diff --git a/daemon/CMakeLists.txt b/daemon/CMakeLists.txt index e94f838..14e080d 100755 --- a/daemon/CMakeLists.txt +++ b/daemon/CMakeLists.txt @@ -9,7 +9,7 @@ SET(INCLUDEDIR "\${prefix}/include") SET(DAEMON_DIR "${CMAKE_SOURCE_DIR}/daemon") SET(VERSION 0.1) -SET(requires "dlog dbus-1 glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common capi-appfw-package-manager") +SET(requires "dlog dbus-1 glib-2.0 gio-2.0 gio-unix-2.0 capi-base-common capi-appfw-package-manager cynara-client cynara-creds-gdbus cynara-session") SET(pc_requires "capi-base-common") SET(SRCS diff --git a/daemon/include/vpnsvc.h b/daemon/include/vpnsvc.h index b6467a8..99c037f 100755 --- a/daemon/include/vpnsvc.h +++ b/daemon/include/vpnsvc.h @@ -30,8 +30,17 @@ extern "C" { #include "generated-code.h" +typedef enum _net_vpn_service_privilege_e +{ + PRIVILEGE_VPN_SERVICE = 0x00, + PRIVILEGE_VPN_SERVICE_ADMIN, + PRIVILEGE_INTERNET, +} net_vpn_service_privilege_e; + void vpnsvc_create_and_init(void); Vpnsvc *get_vpnsvc_object(void); +gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, + net_vpn_service_privilege_e _privilege); #ifdef __cplusplus } diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index 4df05ae..be80c9f 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -26,6 +26,10 @@ #include "vpndbus.h" #include "vpn_service_daemon.h" +#include "cynara-client.h" +#include "cynara-creds-gdbus.h" +#include "cynara-session.h" + #ifdef LOG_TAG #undef LOG_TAG #endif @@ -43,8 +47,17 @@ gboolean handle_vpn_init(Vpnsvc *object, { LOGD("handle_vpn_init"); - vpnsvc_tun_s handle_s; int result = VPNSVC_ERROR_NONE; + + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + + vpnsvc_tun_s handle_s; GDBusMessage *msg; GUnixFDList *fd_list; int fd_list_length; @@ -66,6 +79,8 @@ gboolean handle_vpn_init(Vpnsvc *object, LOGD("handle_s.fd : %d, handle_s.index : %d, handle_s.name : %s", handle_s.fd, handle_s.index, handle_s.name); +done: + vpnsvc_complete_vpn_init(object, invocation, result, handle_s.index, handle_s.name); return TRUE; @@ -75,13 +90,23 @@ gboolean handle_vpn_deinit(Vpnsvc *object, GDBusMethodInvocation *invocation, const gchar *arg_dev_name) { + LOGD("handle_vpn_deinit"); + int result = VPNSVC_ERROR_NONE; - LOGD("handle_vpn_deinit"); + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + LOGD("vpn_deinit, %s\n", arg_dev_name); result = vpn_daemon_deinit(arg_dev_name); +done: vpnsvc_complete_vpn_deinit(object, invocation, result); return TRUE; @@ -91,15 +116,24 @@ gboolean handle_vpn_protect(Vpnsvc *object, GDBusMethodInvocation *invocation, const gchar *arg_dev_name) { + LOGD("handle_vpn_protect"); + int result = VPNSVC_ERROR_NONE; + + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + int socket; GDBusMessage *msg; GUnixFDList *fd_list; int fd_list_length; const int *fds; - LOGD("handle_vpn_protect"); - msg = g_dbus_method_invocation_get_message(invocation); fd_list = g_dbus_message_get_unix_fd_list(msg); fds = g_unix_fd_list_peek_fds(fd_list, &fd_list_length); @@ -111,6 +145,7 @@ gboolean handle_vpn_protect(Vpnsvc *object, result = vpn_daemon_protect(socket, arg_dev_name); +done: vpnsvc_complete_vpn_protect(object, invocation, result); return TRUE; @@ -128,10 +163,10 @@ gboolean handle_vpn_up(Vpnsvc *object, const gchar *arg_dns_suffix, guint arg_mtu) { - int result = VPNSVC_ERROR_NONE; - LOGD("handle_vpn_up"); + int result = VPNSVC_ERROR_NONE; + char* routes[arg_nr_routes]; int prefix[arg_nr_routes]; char **dns_servers = NULL; @@ -144,6 +179,13 @@ gboolean handle_vpn_up(Vpnsvc *object, gchar* route_dest; gint route_prefix; + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + LOGD("iface_index : %d", arg_iface_index); LOGD("local ip : %s", arg_local_ip); LOGD("remote ip : %s", arg_remote_ip); @@ -222,12 +264,22 @@ gboolean handle_vpn_down(Vpnsvc *object, gint arg_iface_index) { LOGD("handle_vpn_down"); + int result = VPNSVC_ERROR_NONE; + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + LOGD("vpn_down, %d\n", arg_iface_index); result = vpn_daemon_down(arg_iface_index); +done: + vpnsvc_complete_vpn_down(object, invocation, result); return TRUE; @@ -241,6 +293,7 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, guint arg_nr_nets_orig) { LOGD("handle_vpn_block_networks"); + int result = VPNSVC_ERROR_NONE; char *nets_vpn[arg_nr_nets_vpn]; @@ -254,6 +307,14 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, gchar* route_dest; gint route_prefix; + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + LOGD("vpn_block_networks"); /* arg_nets_vpn check */ @@ -299,6 +360,8 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, /* call function */ result = vpn_daemon_block_networks(nets_vpn, prefix_vpn, arg_nr_nets_vpn, nets_orig, prefix_orig, arg_nr_nets_orig); +done: + vpnsvc_complete_vpn_block_networks(object, invocation, result); return TRUE; @@ -307,13 +370,23 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, gboolean handle_vpn_unblock_networks(Vpnsvc *object, GDBusMethodInvocation *invocation) { + LOGD("handle_vpn_unblock_networks"); + int result = VPNSVC_ERROR_NONE; - LOGD("handle_vpn_unblock_networks"); + /* check privilege */ + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { + LOGE("permission denied, and finished request."); + result = VPNSVC_ERROR_PERMISSION_DENIED; + goto done; + } + LOGD("vpn_unblock_networks"); result = vpn_daemon_unblock_networks(); +done: vpnsvc_complete_vpn_unblock_networks(object, invocation, result); return TRUE; @@ -367,3 +440,71 @@ void vpnsvc_create_and_init(void) return; } + +gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, net_vpn_service_privilege_e _privilege) +{ + + int ret = 0; + int pid = 0; + char *user; + char *client; + char *client_session; + char *privilege = NULL; + cynara *p_cynara = NULL; + const char *sender_unique_name; + GDBusConnection *connection; + + connection = g_dbus_method_invocation_get_connection(invocation); + sender_unique_name = g_dbus_method_invocation_get_sender(invocation); + + ret = cynara_initialize(&p_cynara, NULL); + if (ret != CYNARA_API_SUCCESS) { + LOGD("cynara_initialize() failed"); + return FALSE; + } + + ret = cynara_creds_gdbus_get_pid(connection, sender_unique_name, &pid); + if (ret != CYNARA_API_SUCCESS) { + LOGD("cynara_creds_gdbus_get_pid() failed"); + return FALSE; + } + + ret = cynara_creds_gdbus_get_user(connection, sender_unique_name, USER_METHOD_DEFAULT, &user); + if (ret != CYNARA_API_SUCCESS) { + LOGD("cynara_creds_gdbus_get_user() failed"); + return FALSE; + } + + ret = cynara_creds_gdbus_get_client(connection, sender_unique_name, CLIENT_METHOD_DEFAULT, &client); + if (ret != CYNARA_API_SUCCESS) { + LOGD("cynara_creds_gdbus_get_client() failed"); + return FALSE; + } + + switch (_privilege) + { + case PRIVILEGE_VPN_SERVICE: + privilege = "http://tizen.org/privilege/vpnservice"; + break; + + case PRIVILEGE_VPN_SERVICE_ADMIN : + privilege = "http://tizen.org/privilege/vpnservice.admin"; + break; + + case PRIVILEGE_INTERNET : + privilege = "http://tizen.org/privilege/internet"; + break; + default : + LOGD("Undifined privilege"); + return FALSE; + break; + } + + client_session = cynara_session_from_pid(pid); + + ret = cynara_check(p_cynara, client, client_session, user, privilege); + if (ret == CYNARA_API_ACCESS_ALLOWED); + LOGD("cynara PASS"); + + return (ret == CYNARA_API_ACCESS_ALLOWED) ? TRUE : FALSE; +} diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 2afd277..08e6aa6 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -145,13 +145,20 @@ GVariant *_vpnsvc_invoke_dbus_method(GDBusConnection *connection, if (reply == NULL) { if (error != NULL) { - LOGE("g_dbus_connection_call_sync() failed" //LCOV_EXCL_LINE - "error [%d: %s]", error->code, error->message); - *dbus_error = VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE - g_error_free(error); //LCOV_EXCL_LINE + if (error->code == G_DBUS_ERROR_ACCESS_DENIED){ + LOGE("g_dbus_connection_call_sync() failed" + "error [%d: %s]", error->code, error->message);//LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_PERMISSION_DENIED;//LCOV_EXCL_LINE + g_error_free(error);//LCOV_EXCL_LINE + } else { + LOGE("g_dbus_connection_call_sync() failed" + "error [%d: %s]", error->code, error->message);//LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IO_ERROR;//LCOV_EXCL_LINE + g_error_free(error);//LCOV_EXCL_LINE + } } else { - LOGE("g_dbus_connection_call_sync() failed"); //LCOV_EXCL_LINE - *dbus_error = VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE + LOGE("g_dbus_connection_call_sync() failed");//LCOV_EXCL_LINE + *dbus_error = VPNSVC_ERROR_IPC_FAILED;//LCOV_EXCL_LINE } return NULL; @@ -257,6 +264,10 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) g_variant_new("(su)", VPNSVC_DBUS_SERVICE_NAME, 0), &dbus_result); + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + return VPNSVC_ERROR_PERMISSION_DENIED; + } + if (op == NULL) { _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE LOGD("Service [%s] Start Failed!", VPNSVC_DBUS_SERVICE_NAME); //LCOV_EXCL_LINE @@ -355,6 +366,10 @@ EXPORT_API int vpnsvc_deinit(vpnsvc_h handle) g_variant_new("(s)", tun_s->name), &dbus_result); + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + return VPNSVC_ERROR_PERMISSION_DENIED; + } + if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { @@ -410,6 +425,10 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ socket_fd, &dbus_result); + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + return VPNSVC_ERROR_PERMISSION_DENIED; + } + if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { @@ -688,6 +707,10 @@ EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, nets_param_orig, num_allow_routes_orig), &dbus_result); + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + return VPNSVC_ERROR_PERMISSION_DENIED; + } + if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { @@ -734,6 +757,10 @@ EXPORT_API int vpnsvc_unblock_networks(vpnsvc_h handle) g_variant_new("()"), &dbus_result); + if (dbus_result == VPNSVC_ERROR_PERMISSION_DENIED){ + return VPNSVC_ERROR_PERMISSION_DENIED; + } + if (op == NULL) { return VPNSVC_ERROR_IPC_FAILED; //LCOV_EXCL_LINE } else { diff --git a/include/vpn_service.h b/include/vpn_service.h index c1091ef..adefef3 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -108,11 +108,15 @@ int vpnsvc_init(const char* iface_name, vpnsvc_h *handle); /** * @brief De-Initializes VPN interface. * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/vpnservice \n + * %http://tizen.org/privilege/internet * @param[in] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @pre Before calling this function, VPN interface should be initialized already. * @see vpnsvc_init() @@ -123,6 +127,9 @@ int vpnsvc_deinit(vpnsvc_h handle); * @brief Protect a socket from VPN connections. * @details After protecting, data sent through this socket will go directly to the underlying network. * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/vpnservice \n + * %http://tizen.org/privilege/internet * @param[in] handle The VPN interface handle * @param[in] socket_fd The opened socket file descriptor * @param[in] iface_name The network interface name (e.g., interface name such as eth0, ppp0, etc) through which the VPN is working @@ -131,6 +138,7 @@ int vpnsvc_deinit(vpnsvc_h handle); * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IO_ERROR I/O Error (e.g. socket I/O error) * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_name); @@ -170,6 +178,9 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); /** * @brief Blocks all traffics except specified allowing networks. * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/vpnservice \n + * %http://tizen.org/privilege/internet * @param[in] handle The VPN interface handle * @param[in] routes_dest_vpn_addr Destination address of the routes, the list of allowing networks over VPN interface (e.g., VPN interface such as tun0, etc). * @param[in] routes_vpn_prefix The prefix of VPN interface, netmask length (also called a prefix, e.g. 8, 16, 24, 32). @@ -181,6 +192,7 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported * @post Please call vpnsvc_unblock_networks() if you want to allow all traffics. * @see vpnsvc_unblock_networks() @@ -196,11 +208,15 @@ int vpnsvc_block_networks(vpnsvc_h handle, /** * @brief Removes any restrictions imposed by vpnsvc_block_networks(). * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/vpnservice \n + * %http://tizen.org/privilege/internet * @param[in] handle The VPN interface handle * @return 0 on success. otherwise, a negative error value. * @retval #VPNSVC_ERROR_NONE Success * @retval #VPNSVC_ERROR_INVALID_PARAMETER Invalid parameter * @retval #VPNSVC_ERROR_IPC_FAILED Cannot connect to service daemon + * @retval #VPNSVC_ERROR_PERMISSION_DENIED Permission Denied * @retval #VPNSVC_ERROR_NOT_SUPPORTED Not Supported */ int vpnsvc_unblock_networks(vpnsvc_h handle); diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index 9c6c00c..f2bcd0b 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -19,6 +19,9 @@ BuildRequires: pkgconfig(capi-appfw-application) BuildRequires: pkgconfig(capi-appfw-package-manager) BuildRequires: pkgconfig(capi-appfw-app-manager) BuildRequires: pkgconfig(capi-system-info) +BuildRequires: pkgconfig(cynara-client) +BuildRequires: pkgconfig(cynara-creds-gdbus) +BuildRequires: pkgconfig(cynara-session) Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig -- 2.7.4 From 7badccf7fb90d59a55e0e7eb95bdba14f8aa1877 Mon Sep 17 00:00:00 2001 From: Deepak Kumar Sahu Date: Mon, 21 Mar 2016 19:47:23 +0530 Subject: [PATCH 14/16] Warnings Resolved for vpn-service module. Change-Id: I126226716f15f77b2b1b60710a83f3beb3b279d1 Signed-off-by: Deepak Kumar Sahu --- CMakeLists.txt | 2 +- daemon/include/vpn_service_daemon.h | 6 +++--- daemon/src/vpn_service_daemon.c | 8 ++++---- daemon/src/vpnsvc.c | 5 +++-- framework/src/capi_vpn_service.c | 6 +++--- include/vpn_service.h | 4 ++-- include/vpn_service_internal.h | 2 +- 7 files changed, 17 insertions(+), 16 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 42a6afb..f6911e1 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -21,7 +21,7 @@ ADD_DEFINITIONS("-fPIC") # Set compiler warning flags -#ADD_DEFINITIONS("-Werror") # Make all warnings into errors. +# ADD_DEFINITIONS("-Werror") # Make all warnings into errors. ADD_DEFINITIONS("-Wall") # Generate all warnings ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings diff --git a/daemon/include/vpn_service_daemon.h b/daemon/include/vpn_service_daemon.h index 211e72c..f0b10b0 100755 --- a/daemon/include/vpn_service_daemon.h +++ b/daemon/include/vpn_service_daemon.h @@ -27,12 +27,12 @@ int vpn_daemon_init(const char* iface_name, size_t iface_name_len, int fd, vpnsv int vpn_daemon_deinit(const char* dev_name); int vpn_daemon_protect(int socket, const char* dev_name); int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, - const char* routes[], int prefix[], size_t nr_routes, + char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu); int vpn_daemon_down(int iface_index); -int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, - const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); +int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + char* nets_orig[], int prefix_orig[], size_t nr_nets_orig); int vpn_daemon_unblock_networks(void); #endif /* __TIZEN_CAPI_VPN_SERVICE_DAEMON_H__ */ diff --git a/daemon/src/vpn_service_daemon.c b/daemon/src/vpn_service_daemon.c index 0a95595..58d43e7 100755 --- a/daemon/src/vpn_service_daemon.c +++ b/daemon/src/vpn_service_daemon.c @@ -84,7 +84,7 @@ static in_addr_t host2net(ipv4 host) return net; } -static int add_routes(char* iface_name, const char* routes[], int prefix[], size_t nr_routes) +static int add_routes(char* iface_name, char* routes[], int prefix[], size_t nr_routes) { struct rtentry rt; struct sockaddr_in addr; @@ -732,7 +732,7 @@ int vpn_daemon_protect(int socket_fd, const char* dev_name) } int vpn_daemon_up(int iface_index, const char* local_ip, const char* remote_ip, - const char* routes[], int prefix[], size_t nr_routes, + char* routes[], int prefix[], size_t nr_routes, char** dns_servers, size_t nr_dns, size_t total_dns_string_cnt, const char* dns_suffix, const unsigned int mtu) { @@ -913,8 +913,8 @@ int vpn_daemon_down(int iface_index) return VPNSVC_ERROR_NONE; } -int vpn_daemon_block_networks(const char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, - const char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) { +int vpn_daemon_block_networks(char* nets_vpn[], int prefix_vpn[], size_t nr_nets_vpn, + char* nets_orig[], int prefix_orig[], size_t nr_nets_orig) { unsigned int i; /* iptable chain regist */ diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index be80c9f..2ca1416 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -18,6 +18,7 @@ */ #include +#include #include #include #include @@ -167,7 +168,7 @@ gboolean handle_vpn_up(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; - char* routes[arg_nr_routes]; + char *routes[arg_nr_routes]; int prefix[arg_nr_routes]; char **dns_servers = NULL; @@ -503,7 +504,7 @@ gboolean vpn_service_gdbus_check_privilege(GDBusMethodInvocation *invocation, ne client_session = cynara_session_from_pid(pid); ret = cynara_check(p_cynara, client, client_session, user, privilege); - if (ret == CYNARA_API_ACCESS_ALLOWED); + if (ret == CYNARA_API_ACCESS_ALLOWED) LOGD("cynara PASS"); return (ret == CYNARA_API_ACCESS_ALLOWED) ? TRUE : FALSE; diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 08e6aa6..05843ef 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -444,7 +444,7 @@ EXPORT_API int vpnsvc_protect(vpnsvc_h handle, int socket_fd, const char* iface_ } EXPORT_API int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char* routes_dest_add[], int routes_prefix[], size_t num_routes, + char* routes_dest_add[], int routes_prefix[], size_t num_routes, const char** dns_servers, size_t num_dns_servers, const char* dns_suffix) { @@ -649,10 +649,10 @@ EXPORT_API int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size) EXPORT_API int vpnsvc_block_networks(vpnsvc_h handle, - const char* routes_dest_vpn_addr[], + char* routes_dest_vpn_addr[], int routes_vpn_prefix[], size_t num_allow_routes_vpn, - const char* routes_dest_orig_addr[], + char* routes_dest_orig_addr[], int routes_orig_prefix[], size_t num_allow_routes_orig) diff --git a/include/vpn_service.h b/include/vpn_service.h index adefef3..183eed1 100755 --- a/include/vpn_service.h +++ b/include/vpn_service.h @@ -198,10 +198,10 @@ int vpnsvc_write(vpnsvc_h handle, const char* data, size_t size); * @see vpnsvc_unblock_networks() */ int vpnsvc_block_networks(vpnsvc_h handle, - const char *routes_dest_vpn_addr[], + char *routes_dest_vpn_addr[], int routes_vpn_prefix[], size_t num_allow_routes_vpn, - const char *routes_dest_orig_addr[], + char *routes_dest_orig_addr[], int routes_orig_prefix[], size_t num_allow_routes_orig); diff --git a/include/vpn_service_internal.h b/include/vpn_service_internal.h index 7cbf633..1fda902 100755 --- a/include/vpn_service_internal.h +++ b/include/vpn_service_internal.h @@ -59,7 +59,7 @@ extern "C" { * @see vpnsvc_down() */ int vpnsvc_up(vpnsvc_h handle, const char* local_ip, const char* remote_ip, - const char *routes_dest_addr[], int routes_prefix[], size_t num_routes, + char *routes_dest_addr[], int routes_prefix[], size_t num_routes, const char** dns_servers, size_t num_dns_servers, const char* dns_suffix); -- 2.7.4 From ecbf37231495b4d7f75dc5cd70fe8c0037f1b961 Mon Sep 17 00:00:00 2001 From: taesubkim Date: Wed, 23 Mar 2016 09:08:40 +0900 Subject: [PATCH 15/16] Modified privilege Change-Id: Ifac630c0b62ccdf992d918850e22869bb17d10a3 Signed-off-by: Taesub Kim --- daemon/src/vpnsvc.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/daemon/src/vpnsvc.c b/daemon/src/vpnsvc.c index 2ca1416..852d0aa 100755 --- a/daemon/src/vpnsvc.c +++ b/daemon/src/vpnsvc.c @@ -51,7 +51,7 @@ gboolean handle_vpn_init(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -96,7 +96,7 @@ gboolean handle_vpn_deinit(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -122,7 +122,7 @@ gboolean handle_vpn_protect(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -309,7 +309,7 @@ gboolean handle_vpn_block_networks(Vpnsvc *object, gint route_prefix; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; @@ -376,7 +376,7 @@ gboolean handle_vpn_unblock_networks(Vpnsvc *object, int result = VPNSVC_ERROR_NONE; /* check privilege */ - if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE_ADMIN) == false + if (vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_VPN_SERVICE) == false || vpn_service_gdbus_check_privilege(invocation, PRIVILEGE_INTERNET) == false) { LOGE("permission denied, and finished request."); result = VPNSVC_ERROR_PERMISSION_DENIED; -- 2.7.4 From 6b2d6170d150ff881f0483bf2e94599f0e627b8e Mon Sep 17 00:00:00 2001 From: taesubkim Date: Thu, 24 Mar 2016 16:54:12 +0900 Subject: [PATCH 16/16] SVACE #57179 Change-Id: Ic4e91af1e5e495df89ce2f431e58ec415d813206 Signed-off-by: Taesub Kim Signed-off-by: Deepak Kumar Sahu --- framework/src/capi_vpn_service.c | 3 ++- packaging/capi-vpn-service.spec | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/framework/src/capi_vpn_service.c b/framework/src/capi_vpn_service.c index 05843ef..dba74cb 100755 --- a/framework/src/capi_vpn_service.c +++ b/framework/src/capi_vpn_service.c @@ -292,6 +292,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) if ((iface_fd = open("/dev/net/tun", O_RDWR)) < 0) { LOGE("tun device open fail\n"); //LCOV_EXCL_LINE + close(iface_fd); _vpnsvc_deinit_vpnsvc_tun_s(tmp_s); //LCOV_EXCL_LINE return VPNSVC_ERROR_IO_ERROR; //LCOV_EXCL_LINE } @@ -335,7 +336,7 @@ EXPORT_API int vpnsvc_init(const char* iface_name, vpnsvc_h *handle) op = NULL; } } - + close(iface_fd); return result; } diff --git a/packaging/capi-vpn-service.spec b/packaging/capi-vpn-service.spec index f2bcd0b..656f661 100755 --- a/packaging/capi-vpn-service.spec +++ b/packaging/capi-vpn-service.spec @@ -1,6 +1,6 @@ Name: vpnsvc-pkg Summary: VPN service library in TIZEN C API -Version: 1.0.7 +Version: 1.0.8 Release: 1 Group: System/Network License: Apache-2.0 -- 2.7.4