1b1b8bc3fSopenharmony_ci/*
2b1b8bc3fSopenharmony_ci * Copyright (c) 2022 Huawei Device Co., Ltd.
3b1b8bc3fSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
4b1b8bc3fSopenharmony_ci * you may not use this file except in compliance with the License.
5b1b8bc3fSopenharmony_ci * You may obtain a copy of the License at
6b1b8bc3fSopenharmony_ci *
7b1b8bc3fSopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
8b1b8bc3fSopenharmony_ci *
9b1b8bc3fSopenharmony_ci * Unless required by applicable law or agreed to in writing, software
10b1b8bc3fSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
11b1b8bc3fSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12b1b8bc3fSopenharmony_ci * See the License for the specific language governing permissions and
13b1b8bc3fSopenharmony_ci * limitations under the License.
14b1b8bc3fSopenharmony_ci */
15b1b8bc3fSopenharmony_ci
16b1b8bc3fSopenharmony_ci#include "fwmark_client.h"
17b1b8bc3fSopenharmony_ci
18b1b8bc3fSopenharmony_ci#include <cerrno>
19b1b8bc3fSopenharmony_ci#include <sys/socket.h>
20b1b8bc3fSopenharmony_ci#include <sys/un.h>
21b1b8bc3fSopenharmony_ci#include <unistd.h>
22b1b8bc3fSopenharmony_ci
23b1b8bc3fSopenharmony_ci#include "fwmark.h"
24b1b8bc3fSopenharmony_ci#include "fwmark_command.h"
25b1b8bc3fSopenharmony_ci#include "net_manager_constants.h"
26b1b8bc3fSopenharmony_ci#include "netnative_log_wrapper.h"
27b1b8bc3fSopenharmony_ci#include "securec.h"
28b1b8bc3fSopenharmony_ci
29b1b8bc3fSopenharmony_cinamespace OHOS {
30b1b8bc3fSopenharmony_cinamespace nmd {
31b1b8bc3fSopenharmony_ciusing namespace NetManagerStandard;
32b1b8bc3fSopenharmony_cistatic constexpr const int32_t ERROR_CODE_SOCKETFD_INVALID = -1;
33b1b8bc3fSopenharmony_cistatic constexpr const int32_t ERROR_CODE_CONNECT_FAILED = -2;
34b1b8bc3fSopenharmony_cistatic constexpr const int32_t ERROR_CODE_SENDMSG_FAILED = -3;
35b1b8bc3fSopenharmony_cistatic constexpr const int32_t ERROR_CODE_READ_FAILED = -4;
36b1b8bc3fSopenharmony_ci
37b1b8bc3fSopenharmony_ciFwmarkClient::FwmarkClient() {}
38b1b8bc3fSopenharmony_ci
39b1b8bc3fSopenharmony_ciFwmarkClient::~FwmarkClient() {}
40b1b8bc3fSopenharmony_ci
41b1b8bc3fSopenharmony_ciint32_t FwmarkClient::BindSocket(int32_t fd, uint32_t netId)
42b1b8bc3fSopenharmony_ci{
43b1b8bc3fSopenharmony_ci    FwmarkCommand command = {FwmarkCommand::SELECT_NETWORK, netId};
44b1b8bc3fSopenharmony_ci    return Send(&command, fd);
45b1b8bc3fSopenharmony_ci}
46b1b8bc3fSopenharmony_ci
47b1b8bc3fSopenharmony_ciint32_t FwmarkClient::ProtectFromVpn(int32_t socketFd)
48b1b8bc3fSopenharmony_ci{
49b1b8bc3fSopenharmony_ci    if (socketFd < 0) {
50b1b8bc3fSopenharmony_ci        return HandleError(-1, ERROR_CODE_SOCKETFD_INVALID, socketFd);
51b1b8bc3fSopenharmony_ci    }
52b1b8bc3fSopenharmony_ci    FwmarkCommand command = {FwmarkCommand::PROTECT_FROM_VPN, 0};
53b1b8bc3fSopenharmony_ci    return Send(&command, socketFd);
54b1b8bc3fSopenharmony_ci}
55b1b8bc3fSopenharmony_ci
56b1b8bc3fSopenharmony_ciint32_t FwmarkClient::Send(FwmarkCommand *data, int32_t fd)
57b1b8bc3fSopenharmony_ci{
58b1b8bc3fSopenharmony_ci    auto socketFd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
59b1b8bc3fSopenharmony_ci    if (socketFd == -1) {
60b1b8bc3fSopenharmony_ci        return HandleError(-1, ERROR_CODE_SOCKETFD_INVALID, socketFd);
61b1b8bc3fSopenharmony_ci    }
62b1b8bc3fSopenharmony_ci    if (connect(socketFd, reinterpret_cast<const sockaddr *>(&FWMARK_SERVER_PATH), sizeof(FWMARK_SERVER_PATH)) == -1) {
63b1b8bc3fSopenharmony_ci        return HandleError(-1, ERROR_CODE_CONNECT_FAILED, socketFd);
64b1b8bc3fSopenharmony_ci    }
65b1b8bc3fSopenharmony_ci
66b1b8bc3fSopenharmony_ci    iovec iov;
67b1b8bc3fSopenharmony_ci    iov.iov_base = data;
68b1b8bc3fSopenharmony_ci    iov.iov_len = sizeof(*data);
69b1b8bc3fSopenharmony_ci    msghdr message;
70b1b8bc3fSopenharmony_ci    (void)memset_s(&message, sizeof(message), 0, sizeof(message));
71b1b8bc3fSopenharmony_ci    message.msg_iov = &iov;
72b1b8bc3fSopenharmony_ci    message.msg_iovlen = 1;
73b1b8bc3fSopenharmony_ci    union {
74b1b8bc3fSopenharmony_ci        cmsghdr cmh;
75b1b8bc3fSopenharmony_ci        char cmsg[CMSG_SPACE(sizeof(fd))];
76b1b8bc3fSopenharmony_ci    } cmsgu;
77b1b8bc3fSopenharmony_ci
78b1b8bc3fSopenharmony_ci    (void)memset_s(cmsgu.cmsg, sizeof(cmsgu.cmsg), 0, sizeof(cmsgu.cmsg));
79b1b8bc3fSopenharmony_ci    message.msg_control = cmsgu.cmsg;
80b1b8bc3fSopenharmony_ci    message.msg_controllen = sizeof(cmsgu.cmsg);
81b1b8bc3fSopenharmony_ci    cmsghdr *const cmsgh = CMSG_FIRSTHDR(&message);
82b1b8bc3fSopenharmony_ci    cmsgh->cmsg_len = CMSG_LEN(sizeof(fd));
83b1b8bc3fSopenharmony_ci    cmsgh->cmsg_level = SOL_SOCKET;
84b1b8bc3fSopenharmony_ci    cmsgh->cmsg_type = SCM_RIGHTS;
85b1b8bc3fSopenharmony_ci    (void)memcpy_s(CMSG_DATA(cmsgh), sizeof(fd), &fd, sizeof(fd));
86b1b8bc3fSopenharmony_ci    int32_t ret = sendmsg(socketFd, &message, 0);
87b1b8bc3fSopenharmony_ci    if (ret < 0) {
88b1b8bc3fSopenharmony_ci        return HandleError(ret, ERROR_CODE_SENDMSG_FAILED, socketFd);
89b1b8bc3fSopenharmony_ci    }
90b1b8bc3fSopenharmony_ci    int32_t error = 0;
91b1b8bc3fSopenharmony_ci    ret = read(socketFd, &error, sizeof(error));
92b1b8bc3fSopenharmony_ci    if (ret < 0) {
93b1b8bc3fSopenharmony_ci        return HandleError(ret, ERROR_CODE_READ_FAILED, socketFd);
94b1b8bc3fSopenharmony_ci    }
95b1b8bc3fSopenharmony_ci
96b1b8bc3fSopenharmony_ci    close(socketFd);
97b1b8bc3fSopenharmony_ci    return NETMANAGER_SUCCESS;
98b1b8bc3fSopenharmony_ci}
99b1b8bc3fSopenharmony_ci
100b1b8bc3fSopenharmony_ciint32_t FwmarkClient::HandleError(int32_t ret, int32_t errorCode, int32_t sock)
101b1b8bc3fSopenharmony_ci{
102b1b8bc3fSopenharmony_ci    switch (errorCode) {
103b1b8bc3fSopenharmony_ci        case ERROR_CODE_SOCKETFD_INVALID:
104b1b8bc3fSopenharmony_ci            NETNATIVE_LOGE("socketFd invalid, ret:%{public}d, errno: %{public}d", ret, errno);
105b1b8bc3fSopenharmony_ci            break;
106b1b8bc3fSopenharmony_ci        case ERROR_CODE_CONNECT_FAILED:
107b1b8bc3fSopenharmony_ci            NETNATIVE_LOGE("connect failed, ret:%{public}d, errno: %{public}d", ret, errno);
108b1b8bc3fSopenharmony_ci            break;
109b1b8bc3fSopenharmony_ci        case ERROR_CODE_SENDMSG_FAILED:
110b1b8bc3fSopenharmony_ci            NETNATIVE_LOGE("sendmsg failed, ret:%{public}d, errno: %{public}d", ret, errno);
111b1b8bc3fSopenharmony_ci            break;
112b1b8bc3fSopenharmony_ci        case ERROR_CODE_READ_FAILED:
113b1b8bc3fSopenharmony_ci            NETNATIVE_LOGE("read failed, ret:%{public}d, errno: %{public}d", ret, errno);
114b1b8bc3fSopenharmony_ci            break;
115b1b8bc3fSopenharmony_ci        default:
116b1b8bc3fSopenharmony_ci            break;
117b1b8bc3fSopenharmony_ci    }
118b1b8bc3fSopenharmony_ci    if (sock > 0) {
119b1b8bc3fSopenharmony_ci        close(sock);
120b1b8bc3fSopenharmony_ci    }
121b1b8bc3fSopenharmony_ci    return NETMANAGER_ERROR;
122b1b8bc3fSopenharmony_ci}
123b1b8bc3fSopenharmony_ci
124b1b8bc3fSopenharmony_ci#ifdef __cplusplus
125b1b8bc3fSopenharmony_ciextern int32_t BindSocket(int32_t fd, uint32_t netId)
126b1b8bc3fSopenharmony_ci{
127b1b8bc3fSopenharmony_ci    FwmarkClient instance;
128b1b8bc3fSopenharmony_ci    return instance.BindSocket(fd, netId);
129b1b8bc3fSopenharmony_ci}
130b1b8bc3fSopenharmony_ci#endif
131b1b8bc3fSopenharmony_ci} // namespace nmd
132b1b8bc3fSopenharmony_ci} // namespace OHOS
133