18e745fdaSopenharmony_ci/* 28e745fdaSopenharmony_ci * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 38e745fdaSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 48e745fdaSopenharmony_ci * you may not use this file except in compliance with the License. 58e745fdaSopenharmony_ci * You may obtain a copy of the License at 68e745fdaSopenharmony_ci * 78e745fdaSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 88e745fdaSopenharmony_ci * 98e745fdaSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 108e745fdaSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 118e745fdaSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 128e745fdaSopenharmony_ci * See the License for the specific language governing permissions and 138e745fdaSopenharmony_ci * limitations under the License. 148e745fdaSopenharmony_ci */ 158e745fdaSopenharmony_ci 168e745fdaSopenharmony_ci#ifndef NETWORK_VPN_SERVICE_H 178e745fdaSopenharmony_ci#define NETWORK_VPN_SERVICE_H 188e745fdaSopenharmony_ci 198e745fdaSopenharmony_ci#include <memory> 208e745fdaSopenharmony_ci#include <string> 218e745fdaSopenharmony_ci#include "event_handler.h" 228e745fdaSopenharmony_ci#include "i_vpn_conn_state_cb.h" 238e745fdaSopenharmony_ci#include "net_vpn_impl.h" 248e745fdaSopenharmony_ci#include "networkvpn_service_stub.h" 258e745fdaSopenharmony_ci#include "os_account_manager.h" 268e745fdaSopenharmony_ci#include "singleton.h" 278e745fdaSopenharmony_ci#include "system_ability.h" 288e745fdaSopenharmony_ci#include "common_event_manager.h" 298e745fdaSopenharmony_ci#include "common_event_subscriber.h" 308e745fdaSopenharmony_ci#include "common_event_support.h" 318e745fdaSopenharmony_ci#include "application_state_observer_stub.h" 328e745fdaSopenharmony_ci#include "app_mgr_client.h" 338e745fdaSopenharmony_ci#include "cJSON.h" 348e745fdaSopenharmony_ci#include "ffrt.h" 358e745fdaSopenharmony_ci#ifdef SUPPORT_SYSVPN 368e745fdaSopenharmony_ci#include "ipsec_vpn_ctl.h" 378e745fdaSopenharmony_ci#include "vpn_database_helper.h" 388e745fdaSopenharmony_ci#endif // SUPPORT_SYSVPN 398e745fdaSopenharmony_ci 408e745fdaSopenharmony_cinamespace OHOS { 418e745fdaSopenharmony_cinamespace NetManagerStandard { 428e745fdaSopenharmony_cinamespace { 438e745fdaSopenharmony_ciconstexpr const char *ALWAYS_ON_VPN_URI = 448e745fdaSopenharmony_ci "datashare:///com.ohos.settingsdata/entry/settingsdata/SETTINGSDATA?Proxy=true&key=sharing_always_on_vpn"; 458e745fdaSopenharmony_ciconstexpr const char *KEY_ALWAYS_ON_VPN = "settings.netmanager.always_on_vpn"; 468e745fdaSopenharmony_ci 478e745fdaSopenharmony_ci} // namespace 488e745fdaSopenharmony_ciusing namespace OHOS::EventFwk; 498e745fdaSopenharmony_ciclass NetworkVpnService : public SystemAbility, public NetworkVpnServiceStub, protected NoCopyable { 508e745fdaSopenharmony_ci DECLARE_SYSTEM_ABILITY(NetworkVpnService) 518e745fdaSopenharmony_ci 528e745fdaSopenharmony_ci NetworkVpnService(); 538e745fdaSopenharmony_ci virtual ~NetworkVpnService(); 548e745fdaSopenharmony_ci 558e745fdaSopenharmony_ci enum ServiceRunningState { 568e745fdaSopenharmony_ci STATE_STOPPED = 0, 578e745fdaSopenharmony_ci STATE_RUNNING, 588e745fdaSopenharmony_ci }; 598e745fdaSopenharmony_ci 608e745fdaSopenharmony_ci enum { 618e745fdaSopenharmony_ci POWER_MODE_MIN = 600, 628e745fdaSopenharmony_ci NORMAL_MODE = POWER_MODE_MIN, 638e745fdaSopenharmony_ci SAVE_MODE, 648e745fdaSopenharmony_ci EXTREME_MODE, 658e745fdaSopenharmony_ci LOWPOWER_MODE, 668e745fdaSopenharmony_ci POWER_MODE_MAX = LOWPOWER_MODE 678e745fdaSopenharmony_ci }; 688e745fdaSopenharmony_ci class VpnConnStateCb : public IVpnConnStateCb { 698e745fdaSopenharmony_ci public: 708e745fdaSopenharmony_ci explicit VpnConnStateCb(const NetworkVpnService &vpnService) : vpnService_(vpnService){}; 718e745fdaSopenharmony_ci virtual ~VpnConnStateCb() = default; 728e745fdaSopenharmony_ci void OnVpnConnStateChanged(const VpnConnectState &state) override; 738e745fdaSopenharmony_ci 748e745fdaSopenharmony_ci private: 758e745fdaSopenharmony_ci const NetworkVpnService &vpnService_; 768e745fdaSopenharmony_ci }; 778e745fdaSopenharmony_ci 788e745fdaSopenharmony_ci class ReceiveMessage : public OHOS::EventFwk::CommonEventSubscriber { 798e745fdaSopenharmony_ci public: 808e745fdaSopenharmony_ci explicit ReceiveMessage(const EventFwk::CommonEventSubscribeInfo &subscriberInfo, NetworkVpnService &vpnService) 818e745fdaSopenharmony_ci : EventFwk::CommonEventSubscriber(subscriberInfo), vpnService_(vpnService){}; 828e745fdaSopenharmony_ci 838e745fdaSopenharmony_ci virtual void OnReceiveEvent(const EventFwk::CommonEventData &eventData) override; 848e745fdaSopenharmony_ci 858e745fdaSopenharmony_ci private: 868e745fdaSopenharmony_ci NetworkVpnService &vpnService_; 878e745fdaSopenharmony_ci }; 888e745fdaSopenharmony_ci 898e745fdaSopenharmony_cipublic: 908e745fdaSopenharmony_ci static NetworkVpnService &GetInstance() 918e745fdaSopenharmony_ci { 928e745fdaSopenharmony_ci static NetworkVpnService instance; 938e745fdaSopenharmony_ci return instance; 948e745fdaSopenharmony_ci } 958e745fdaSopenharmony_ci /** 968e745fdaSopenharmony_ci * service start 978e745fdaSopenharmony_ci */ 988e745fdaSopenharmony_ci void OnStart() override; 998e745fdaSopenharmony_ci 1008e745fdaSopenharmony_ci /** 1018e745fdaSopenharmony_ci * service stop 1028e745fdaSopenharmony_ci */ 1038e745fdaSopenharmony_ci void OnStop() override; 1048e745fdaSopenharmony_ci 1058e745fdaSopenharmony_ci /** 1068e745fdaSopenharmony_ci * check current whether has vpn is running 1078e745fdaSopenharmony_ci */ 1088e745fdaSopenharmony_ci int32_t Prepare(bool &isExistVpn, bool &isRun, std::string &pkg) override; 1098e745fdaSopenharmony_ci 1108e745fdaSopenharmony_ci /** 1118e745fdaSopenharmony_ci * This function is called when the three-party vpn application negotiation ends 1128e745fdaSopenharmony_ci */ 1138e745fdaSopenharmony_ci int32_t SetUpVpn(const sptr<VpnConfig> &config, bool isVpnExtCall = false) override; 1148e745fdaSopenharmony_ci 1158e745fdaSopenharmony_ci /** 1168e745fdaSopenharmony_ci * protect vpn tunnel 1178e745fdaSopenharmony_ci */ 1188e745fdaSopenharmony_ci int32_t Protect(bool isVpnExtCall = false) override; 1198e745fdaSopenharmony_ci 1208e745fdaSopenharmony_ci /** 1218e745fdaSopenharmony_ci * stop the vpn connection 1228e745fdaSopenharmony_ci */ 1238e745fdaSopenharmony_ci int32_t DestroyVpn(bool isVpnExtCall = false) override; 1248e745fdaSopenharmony_ci 1258e745fdaSopenharmony_ci#ifdef SUPPORT_SYSVPN 1268e745fdaSopenharmony_ci /** 1278e745fdaSopenharmony_ci * This function is called when the system vpn application negotiation ends 1288e745fdaSopenharmony_ci */ 1298e745fdaSopenharmony_ci int32_t SetUpVpn(const sptr<SysVpnConfig> &config) override; 1308e745fdaSopenharmony_ci 1318e745fdaSopenharmony_ci /** 1328e745fdaSopenharmony_ci * save the vpn config 1338e745fdaSopenharmony_ci */ 1348e745fdaSopenharmony_ci int32_t AddSysVpnConfig(sptr<SysVpnConfig> &config) override; 1358e745fdaSopenharmony_ci 1368e745fdaSopenharmony_ci /** 1378e745fdaSopenharmony_ci * get the vpn config list 1388e745fdaSopenharmony_ci */ 1398e745fdaSopenharmony_ci int32_t DeleteSysVpnConfig(const std::string &vpnId) override; 1408e745fdaSopenharmony_ci 1418e745fdaSopenharmony_ci /** 1428e745fdaSopenharmony_ci * get the vpn config listGetConnectedSysVpnConfig 1438e745fdaSopenharmony_ci */ 1448e745fdaSopenharmony_ci int32_t GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList) override; 1458e745fdaSopenharmony_ci 1468e745fdaSopenharmony_ci /** 1478e745fdaSopenharmony_ci * get the vpn config 1488e745fdaSopenharmony_ci */ 1498e745fdaSopenharmony_ci int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId) override; 1508e745fdaSopenharmony_ci 1518e745fdaSopenharmony_ci /** 1528e745fdaSopenharmony_ci * get the vpn connection state 1538e745fdaSopenharmony_ci */ 1548e745fdaSopenharmony_ci int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config) override; 1558e745fdaSopenharmony_ci 1568e745fdaSopenharmony_ci /** 1578e745fdaSopenharmony_ci * notify the vpn connection stage and result 1588e745fdaSopenharmony_ci */ 1598e745fdaSopenharmony_ci int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override; 1608e745fdaSopenharmony_ci 1618e745fdaSopenharmony_ci int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) override; 1628e745fdaSopenharmony_ci#endif // SUPPORT_SYSVPN 1638e745fdaSopenharmony_ci 1648e745fdaSopenharmony_ci /** 1658e745fdaSopenharmony_ci * register callback 1668e745fdaSopenharmony_ci */ 1678e745fdaSopenharmony_ci int32_t RegisterVpnEvent(const sptr<IVpnEventCallback> callback) override; 1688e745fdaSopenharmony_ci 1698e745fdaSopenharmony_ci /** 1708e745fdaSopenharmony_ci * unregister callback 1718e745fdaSopenharmony_ci */ 1728e745fdaSopenharmony_ci int32_t UnregisterVpnEvent(const sptr<IVpnEventCallback> callback) override; 1738e745fdaSopenharmony_ci 1748e745fdaSopenharmony_ci /** 1758e745fdaSopenharmony_ci * create the vpn connection 1768e745fdaSopenharmony_ci */ 1778e745fdaSopenharmony_ci int32_t CreateVpnConnection(bool isVpnExtCall = false) override; 1788e745fdaSopenharmony_ci 1798e745fdaSopenharmony_ci /** 1808e745fdaSopenharmony_ci * dump function 1818e745fdaSopenharmony_ci */ 1828e745fdaSopenharmony_ci int32_t Dump(int32_t fd, const std::vector<std::u16string> &args) override; 1838e745fdaSopenharmony_ci 1848e745fdaSopenharmony_ci /** 1858e745fdaSopenharmony_ci * factory reset vpn , such as always on vpn 1868e745fdaSopenharmony_ci * 1878e745fdaSopenharmony_ci * @return Returns 0 success. Otherwise fail 1888e745fdaSopenharmony_ci */ 1898e745fdaSopenharmony_ci int32_t FactoryResetVpn() override; 1908e745fdaSopenharmony_ci 1918e745fdaSopenharmony_ci /** 1928e745fdaSopenharmony_ci * persist the always on vpn's package 1938e745fdaSopenharmony_ci * pass empty will disable always on VPN 1948e745fdaSopenharmony_ci */ 1958e745fdaSopenharmony_ci int32_t SetAlwaysOnVpn(std::string &pkg, bool &enable); 1968e745fdaSopenharmony_ci 1978e745fdaSopenharmony_ci /** 1988e745fdaSopenharmony_ci * read the persisted always on vpn's package 1998e745fdaSopenharmony_ci */ 2008e745fdaSopenharmony_ci int32_t GetAlwaysOnVpn(std::string &pkg); 2018e745fdaSopenharmony_ci 2028e745fdaSopenharmony_ci int32_t GetSelfAppName(std::string &selfAppName) override; 2038e745fdaSopenharmony_ci 2048e745fdaSopenharmony_ciprotected: 2058e745fdaSopenharmony_ci void OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override; 2068e745fdaSopenharmony_ci void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override; 2078e745fdaSopenharmony_ci 2088e745fdaSopenharmony_ciprivate: 2098e745fdaSopenharmony_ci bool Init(); 2108e745fdaSopenharmony_ci void GetDumpMessage(std::string &message); 2118e745fdaSopenharmony_ci int32_t CheckCurrentAccountType(int32_t &userId, std::vector<int32_t> &activeUserIds); 2128e745fdaSopenharmony_ci 2138e745fdaSopenharmony_ci void OnVpnMultiUserSetUp(); 2148e745fdaSopenharmony_ci int32_t SyncRegisterVpnEvent(const sptr<IVpnEventCallback> callback); 2158e745fdaSopenharmony_ci int32_t SyncUnregisterVpnEvent(const sptr<IVpnEventCallback> callback); 2168e745fdaSopenharmony_ci 2178e745fdaSopenharmony_ci void OnNetSysRestart(); 2188e745fdaSopenharmony_ci void ConvertVecRouteToJson(const std::vector<Route>& routes, cJSON* jVecRoutes); 2198e745fdaSopenharmony_ci void ConvertNetAddrToJson(const INetAddr& netAddr, cJSON* jInetAddr); 2208e745fdaSopenharmony_ci void ParseConfigToJson(const sptr<VpnConfig> &vpnCfg, std::string& jsonString); 2218e745fdaSopenharmony_ci void SaveVpnConfig(const sptr<VpnConfig> &vpnCfg); 2228e745fdaSopenharmony_ci 2238e745fdaSopenharmony_ci void ConvertRouteToConfig(Route& tmp, const cJSON* const mem); 2248e745fdaSopenharmony_ci void ConvertVecRouteToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc); 2258e745fdaSopenharmony_ci void ConvertNetAddrToConfig(INetAddr& tmp, const cJSON* const mem); 2268e745fdaSopenharmony_ci void ConvertVecAddrToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc); 2278e745fdaSopenharmony_ci void ConvertStringToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc); 2288e745fdaSopenharmony_ci void ParseJsonToConfig(sptr<VpnConfig> &vpnCfg, const std::string& jsonString); 2298e745fdaSopenharmony_ci void RecoverVpnConfig(); 2308e745fdaSopenharmony_ci 2318e745fdaSopenharmony_ci void StartAlwaysOnVpn(); 2328e745fdaSopenharmony_ci void SubscribeCommonEvent(); 2338e745fdaSopenharmony_ci bool PublishEvent(const OHOS::AAFwk::Want &want, int eventCode, 2348e745fdaSopenharmony_ci bool isOrdered, bool isSticky, const std::vector<std::string> &permissions) const; 2358e745fdaSopenharmony_ci void PublishVpnConnectionStateEvent(const VpnConnectState &state) const; 2368e745fdaSopenharmony_ci#ifdef SUPPORT_SYSVPN 2378e745fdaSopenharmony_ci std::shared_ptr<NetVpnImpl> CreateSysVpnCtl(const sptr<SysVpnConfig> &config, int32_t userId, 2388e745fdaSopenharmony_ci std::vector<int32_t> &activeUserIds); 2398e745fdaSopenharmony_ci std::shared_ptr<NetVpnImpl> CreateOpenvpnCtl(sptr<VpnDataBean> vpnBean, int32_t userId, 2408e745fdaSopenharmony_ci std::vector<int32_t> &activeUserIds); 2418e745fdaSopenharmony_ci std::shared_ptr<IpsecVpnCtl> CreateIpsecVpnCtl(sptr<VpnDataBean> vpnBean, int32_t userId, 2428e745fdaSopenharmony_ci std::vector<int32_t> &activeUserIds); 2438e745fdaSopenharmony_ci int32_t QueryVpnData(const sptr<SysVpnConfig> config, sptr<VpnDataBean> &vpnBean); 2448e745fdaSopenharmony_ci std::shared_ptr<IpsecVpnCtl> CreateL2tpCtl(sptr<VpnDataBean> vpnBean, int32_t userId, 2458e745fdaSopenharmony_ci std::vector<int32_t> &activeUserIds); 2468e745fdaSopenharmony_ci#endif // SUPPORT_SYSVPN 2478e745fdaSopenharmony_ci std::string GetBundleName(); 2488e745fdaSopenharmony_ci std::string GetCurrentVpnBundleName(); 2498e745fdaSopenharmony_ci std::vector<std::string> GetCurrentVpnAbilityName(); 2508e745fdaSopenharmony_ci 2518e745fdaSopenharmony_ciprivate: 2528e745fdaSopenharmony_ci ServiceRunningState state_ = ServiceRunningState::STATE_STOPPED; 2538e745fdaSopenharmony_ci bool isServicePublished_ = false; 2548e745fdaSopenharmony_ci std::shared_ptr<IVpnConnStateCb> vpnConnCallback_; 2558e745fdaSopenharmony_ci std::shared_ptr<NetVpnImpl> vpnObj_; 2568e745fdaSopenharmony_ci std::vector<sptr<IVpnEventCallback>> vpnEventCallbacks_; 2578e745fdaSopenharmony_ci std::shared_ptr<ffrt::queue> networkVpnServiceFfrtQueue_ = nullptr; 2588e745fdaSopenharmony_ci std::mutex netVpnMutex_; 2598e745fdaSopenharmony_ci bool hasSARemoved_ = false; 2608e745fdaSopenharmony_ci 2618e745fdaSopenharmony_ci std::shared_ptr<ReceiveMessage> subscriber_ = nullptr; 2628e745fdaSopenharmony_ci 2638e745fdaSopenharmony_ciprivate: 2648e745fdaSopenharmony_ci void RegisterFactoryResetCallback(); 2658e745fdaSopenharmony_ci class FactoryResetCallBack : public IRemoteStub<INetFactoryResetCallback> { 2668e745fdaSopenharmony_ci public: 2678e745fdaSopenharmony_ci explicit FactoryResetCallBack(NetworkVpnService& vpnService):vpnService_(vpnService){}; 2688e745fdaSopenharmony_ci 2698e745fdaSopenharmony_ci int32_t OnNetFactoryReset() 2708e745fdaSopenharmony_ci { 2718e745fdaSopenharmony_ci return vpnService_.FactoryResetVpn(); 2728e745fdaSopenharmony_ci } 2738e745fdaSopenharmony_ci private: 2748e745fdaSopenharmony_ci NetworkVpnService& vpnService_; 2758e745fdaSopenharmony_ci }; 2768e745fdaSopenharmony_ci 2778e745fdaSopenharmony_ci sptr<INetFactoryResetCallback> netFactoryResetCallback_ = nullptr; 2788e745fdaSopenharmony_ci 2798e745fdaSopenharmony_cipublic: 2808e745fdaSopenharmony_ci int32_t RegisterBundleName(const std::string &bundleName) override; 2818e745fdaSopenharmony_ci class VpnHapObserver : public AppExecFwk::ApplicationStateObserverStub { 2828e745fdaSopenharmony_ci public: 2838e745fdaSopenharmony_ci explicit VpnHapObserver(NetworkVpnService &vpnService) : vpnService_(vpnService){}; 2848e745fdaSopenharmony_ci virtual ~VpnHapObserver() = default; 2858e745fdaSopenharmony_ci void OnExtensionStateChanged(const AppExecFwk::AbilityStateData &abilityStateData) override ; 2868e745fdaSopenharmony_ci void OnProcessCreated(const AppExecFwk::ProcessData &processData) override ; 2878e745fdaSopenharmony_ci void OnProcessStateChanged(const AppExecFwk::ProcessData &processData) override ; 2888e745fdaSopenharmony_ci void OnProcessDied(const AppExecFwk::ProcessData &processData) override ; 2898e745fdaSopenharmony_ci private: 2908e745fdaSopenharmony_ci NetworkVpnService& vpnService_; 2918e745fdaSopenharmony_ci }; 2928e745fdaSopenharmony_ciprivate: 2938e745fdaSopenharmony_ci class VpnAppDeathRecipient : public IRemoteObject::DeathRecipient { 2948e745fdaSopenharmony_ci public: 2958e745fdaSopenharmony_ci explicit VpnAppDeathRecipient(NetworkVpnService &client) : client_(client) {} 2968e745fdaSopenharmony_ci ~VpnAppDeathRecipient() override = default; 2978e745fdaSopenharmony_ci void OnRemoteDied(const wptr<IRemoteObject> &remote) override 2988e745fdaSopenharmony_ci { 2998e745fdaSopenharmony_ci client_.OnRemoteDied(remote); 3008e745fdaSopenharmony_ci } 3018e745fdaSopenharmony_ci 3028e745fdaSopenharmony_ci private: 3038e745fdaSopenharmony_ci NetworkVpnService &client_; 3048e745fdaSopenharmony_ci }; 3058e745fdaSopenharmony_ci void OnRemoteDied(const wptr<IRemoteObject> &remoteObject); 3068e745fdaSopenharmony_ci void AddClientDeathRecipient(const sptr<IVpnEventCallback> &callback); 3078e745fdaSopenharmony_ci void RemoveClientDeathRecipient(const sptr<IVpnEventCallback> &callback); 3088e745fdaSopenharmony_ci void RemoveALLClientDeathRecipient(); 3098e745fdaSopenharmony_ci 3108e745fdaSopenharmony_ci std::mutex remoteMutex_; 3118e745fdaSopenharmony_ci sptr<IRemoteObject::DeathRecipient> deathRecipient_ = nullptr; 3128e745fdaSopenharmony_ci sptr<VpnHapObserver> vpnHapObserver_ = nullptr; 3138e745fdaSopenharmony_ci int32_t hasOpenedVpnUid_ = 0; 3148e745fdaSopenharmony_ci std::string currentVpnBundleName_; 3158e745fdaSopenharmony_ci std::vector<std::string> currentVpnAbilityName_; 3168e745fdaSopenharmony_ci}; 3178e745fdaSopenharmony_ci} // namespace NetManagerStandard 3188e745fdaSopenharmony_ci} // namespace OHOS 3198e745fdaSopenharmony_ci#endif // NETWORK_VPN_SERVICE_H 320