1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NETWORKVPN_CLIENT_H
17 #define NETWORKVPN_CLIENT_H
18 
19 #include <cstdint>
20 #include <memory>
21 #include <mutex>
22 #include <string>
23 
24 #include <parcel.h>
25 #include <refbase.h>
26 #include <unistd.h>
27 
28 #include "i_networkvpn_service.h"
29 #include "i_vpn_event_callback.h"
30 #include "vpn_event_callback_stub.h"
31 #include "vpn_interface.h"
32 
33 namespace OHOS {
34 namespace NetManagerStandard {
35 
36 class VpnSetUpEventCallback : public VpnEventCallbackStub {
37 public:
38     void OnVpnStateChanged(const bool &isConnected) override{};
39     void OnVpnMultiUserSetUp() override;
40 };
41 
42 class NetworkVpnClient {
43 private:
44     NetworkVpnClient() = default;
45     ~NetworkVpnClient() = default;
46     NetworkVpnClient(const NetworkVpnClient &) = delete;
47     NetworkVpnClient &operator=(const NetworkVpnClient &) = delete;
48 
49 public:
50     static NetworkVpnClient &GetInstance();
51 
52 public:
53     /**
54      * start internal vpn
55      *
56      * @param isExistVpn check whether exist vpn connection
57      * @param isRun if isExistVpn=true, check the vpn is running or not
58      * @param pkg Indicates which application the current vpn belongs to
59      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
60      * @permission ohos.permission.MANAGE_VPN
61      * @systemapi Hide this for inner system use.
62      */
63     int32_t Prepare(bool &isExistVpn, bool &isRun, std::string &pkg);
64 
65     /**
66      * extended vpn need always communication with remote vpn server, the data is send/receive by default network but
67      * not vpn network.
68      *
69      * @param socketFd extended vpn opened soecket fd
70      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
71      * @permission ohos.permission.MANAGE_VPN
72      * @systemapi Hide this for inner system use.
73      */
74     int32_t Protect(int32_t socketFd, bool isVpnExtCall = false);
75 
76     /**
77      * after extended vpn's negotiation over, need system create a VPN interface using the config parameters.
78      *
79      * @param config VPN interface parameters
80      * @param tunFd the virtual interface fd(out param)
81      * @return the interface node's file descriptor(>0) if process normal, others is error
82      * @permission ohos.permission.MANAGE_VPN
83      * @systemapi Hide this for inner system use.
84      */
85     int32_t SetUpVpn(sptr<VpnConfig> config, int32_t &tunFd, bool isVpnExtCall = false);
86 
87     /**
88      * stop the vpn connection, system will destroy the vpn network.
89      *
90      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
91      * @permission ohos.permission.MANAGE_VPN
92      * @systemapi Hide this for inner system use.
93      */
94     int32_t DestroyVpn(bool isVpnExtCall = false);
95 
96 #ifdef SUPPORT_SYSVPN
97     /**
98      * setup system vpn.
99      *
100      * @param config system VPN interface parameters
101      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
102      * @permission ohos.permission.MANAGE_VPN
103      * @systemapi Hide this for inner system use.
104      */
105     int32_t SetUpVpn(const sptr<SysVpnConfig> &config);
106 
107     /**
108      * save vpn
109      *
110      * @param config vpn config
111      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
112      * @permission ohos.permission.MANAGE_VPN
113      * @systemapi Hide this for inner system use.
114      */
115     int32_t AddSysVpnConfig(sptr<SysVpnConfig> &config);
116 
117     /**
118      * delete vpn
119      *
120      * @param vpnId vpn vpnId
121      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
122      * @permission ohos.permission.MANAGE_VPN
123      * @systemapi Hide this for inner system use.
124      */
125     int32_t DeleteSysVpnConfig(const std::string &vpnId);
126 
127     /**
128      * get vpn list
129      *
130      * @param vpnList vpn list (out param)
131      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
132      * @permission ohos.permission.MANAGE_VPN
133      * @systemapi Hide this for inner system use.
134      */
135     int32_t GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList);
136 
137     /**
138      * get vpn detail
139      *
140      * @param config vpn config (out param)
141      * @param vpnId vpn vpnId
142      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
143      * @permission ohos.permission.MANAGE_VPN
144      * @systemapi Hide this for inner system use.
145      */
146     int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId);
147 
148     /**
149      * get connected vpn
150      *
151      * @param config VpnConfig
152      * @return VpnConnectState
153      * @permission ohos.permission.MANAGE_VPN
154      * @systemapi Hide this for inner system use.
155      */
156     int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config);
157 
158     /**
159      * nofytify the connect stage to fwk
160      *
161      * @param stage the connect stage
162      * @param result the connect result
163      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
164      * @systemapi Hide this for inner system use.
165      */
166     int32_t NotifyConnectStage(const std::string &stage, const int32_t &result);
167 
168     /**
169      * get system vpn certificate uri
170      *
171      * @param certType the certificate type (ca certificate, user certificate or server certificate)
172      * @param certUri the certificate uri (out param)
173      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
174      * @systemapi Hide this for inner system use.
175      */
176     int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri);
177 #endif // SUPPORT_SYSVPN
178 
179     /**
180      * register the vpn state callback
181      *
182      * @param callback if this fuction return NETMANAGER_EXT_SUCCESS(0), this callback will be called by service
183      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
184      * @permission ohos.permission.MANAGE_VPN
185      * @systemapi Hide this for inner system use.
186      */
187     int32_t RegisterVpnEvent(sptr<IVpnEventCallback> callback);
188 
189     /**
190      * unregister the vpn state callback
191      *
192      * @param callback if this fuction return NETMANAGER_EXT_SUCCESS(0), this callback will not be called by service
193      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
194      * @permission ohos.permission.MANAGE_VPN
195      * @systemapi Hide this for inner system use.
196      */
197     int32_t UnregisterVpnEvent(sptr<IVpnEventCallback> callback);
198 
199     /**
200      * create vpn connection.
201      *
202      * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
203      * @permission ohos.permission.MANAGE_VPN
204      * @systemapi Hide this for inner system use.
205      */
206     int32_t CreateVpnConnection(bool isVpnExtCall = false);
207 
208     /**
209      * close the tunfd of vpn interface and unregister VpnEvent.
210      */
211     void multiUserSetUpEvent();
212     int32_t RegisterBundleName(const std::string &bundleName);
213 
214     int32_t GetSelfAppName(std::string &selfAppName);
215 
216 private:
217     class MonitorVpnServiceDead : public IRemoteObject::DeathRecipient {
218     public:
MonitorVpnServiceDead(NetworkVpnClient &client)219         explicit MonitorVpnServiceDead(NetworkVpnClient &client) : client_(client) {}
220         ~MonitorVpnServiceDead() override = default;
221         void OnRemoteDied(const wptr<IRemoteObject> &remote) override
222         {
223             client_.OnRemoteDied(remote);
224         }
225 
226     private:
227         NetworkVpnClient &client_;
228     };
229 
230     sptr<INetworkVpnService> GetProxy();
231     void RecoverCallback();
232     void OnRemoteDied(const wptr<IRemoteObject> &remote);
233 
234 private:
235     std::mutex mutex_;
236     VpnInterface vpnInterface_;
237     sptr<IVpnEventCallback> vpnEventCallback_ = nullptr;
238     sptr<INetworkVpnService> networkVpnService_ = nullptr;
239     sptr<IRemoteObject::DeathRecipient> deathRecipient_ = nullptr;
240     std::pair<sptr<VpnConfig>, bool> clientVpnConfig_;
241 };
242 } // namespace NetManagerStandard
243 } // namespace OHOS
244 #endif // NETWORKVPN_CLIENT_H
245