1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "l2tp_vpn_ctl.h"
17 
18 #include <string>
19 
20 #include "base64_utils.h"
21 #include "netmgr_ext_log_wrapper.h"
22 #include "netmanager_base_common_utils.h"
23 #include "net_manager_ext_constants.h"
24 
25 namespace OHOS {
26 namespace NetManagerStandard {
L2tpVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId, std::vector<int32_t> &activeUserIds)27 L2tpVpnCtl::L2tpVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId,
28     std::vector<int32_t> &activeUserIds)
29     : IpsecVpnCtl(config, pkg, userId, activeUserIds)
30 {}
31 
StopSysVpn()32 int32_t L2tpVpnCtl::StopSysVpn()
33 {
34     NETMGR_EXT_LOG_I("stop l2tp vpn");
35     state_ = IpsecVpnStateCode::STATE_DISCONNECTED;
36     NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_DOWN_HOME);
37     NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_STOP);
38     NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
39     return NETMANAGER_EXT_SUCCESS;
40 }
41 
StartSysVpn()42 int32_t L2tpVpnCtl::StartSysVpn()
43 {
44     NETMGR_EXT_LOG_I("start l2tp vpn");
45     state_ = IpsecVpnStateCode::STATE_INIT;
46     InitConfigFile();
47     NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_RESTART);
48     return NETMANAGER_EXT_SUCCESS;
49 }
50 
InitConfigFile()51 int32_t L2tpVpnCtl::InitConfigFile()
52 {
53     CleanTempFiles();
54     if (l2tpVpnConfig_ == nullptr) {
55         NETMGR_EXT_LOG_E("InitConfigFile failed, l2tpVpnConfig_ is null");
56         return NETMANAGER_EXT_ERR_INTERNAL;
57     }
58     if (!l2tpVpnConfig_->strongswanConf_.empty()) {
59         std::string strongswanCfg = Base64::Decode(l2tpVpnConfig_->strongswanConf_);
60         if (!strongswanCfg.empty()) {
61             CommonUtils::WriteFile(SWAN_CONFIG_FILE, strongswanCfg);
62         }
63     }
64     if (!l2tpVpnConfig_->xl2tpdConf_.empty()) {
65         std::string xl2tpdConf = Base64::Decode(l2tpVpnConfig_->xl2tpdConf_);
66         if (!xl2tpdConf.empty()) {
67             CommonUtils::WriteFile(L2TP_CFG, xl2tpdConf);
68         }
69     }
70     if (!l2tpVpnConfig_->ipsecConf_.empty()) {
71         std::string ipsecConf = Base64::Decode(l2tpVpnConfig_->ipsecConf_);
72         if (!ipsecConf.empty()) {
73             CommonUtils::WriteFile(L2TP_IPSEC_CFG, ipsecConf);
74         }
75     }
76     if (!l2tpVpnConfig_->ipsecSecrets_.empty()) {
77         std::string ipsecSecrets = Base64::Decode(l2tpVpnConfig_->ipsecSecrets_);
78         if (!ipsecSecrets.empty()) {
79             CommonUtils::WriteFile(L2TP_IPSEC_SECRETS_CFG, ipsecSecrets);
80         }
81     }
82     if (!l2tpVpnConfig_->optionsL2tpdClient_.empty()) {
83         std::string optionsL2tpdClient = Base64::Decode(l2tpVpnConfig_->optionsL2tpdClient_);
84         if (!optionsL2tpdClient.empty()) {
85             CommonUtils::WriteFile(OPTIONS_L2TP_CLIENT, optionsL2tpdClient);
86         }
87     }
88     return NETMANAGER_EXT_SUCCESS;
89 }
90 
NotifyConnectStage(const std::string &stage, const int32_t &result)91 int32_t L2tpVpnCtl::NotifyConnectStage(const std::string &stage, const int32_t &result)
92 {
93     if (stage.empty()) {
94         NETMGR_EXT_LOG_E("stage is empty");
95         return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
96     }
97     if (result != NETMANAGER_EXT_SUCCESS) {
98         NETMGR_EXT_LOG_E("l2tpVpn stage: %{public}s failed, result: %{public}d", stage.c_str(), result);
99         return NETMANAGER_EXT_ERR_INTERNAL;
100     }
101     switch (state_) {
102         case IpsecVpnStateCode::STATE_INIT:
103             if (stage.compare(IPSEC_START_TAG) == 0) {
104                 // 1. start l2tp
105                 NETMGR_EXT_LOG_I("l2tp vpn setup step 1: start l2tp");
106                 state_ = IpsecVpnStateCode::STATE_STARTED;
107                 NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_L2TP_LOAD);
108             }
109             break;
110         case IpsecVpnStateCode::STATE_STARTED:
111             if (stage.compare(L2TP_IPSEC_CONFIGURED_TAG) == 0) {
112                 // 2. start connect
113                 NETMGR_EXT_LOG_I("l2tp vpn setup step 2: start connect");
114                 state_ = IpsecVpnStateCode::STATE_CONFIGED;
115                 NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_UP_HOME);
116             }
117             break;
118         case IpsecVpnStateCode::STATE_CONFIGED:
119             if (stage.compare(IPSEC_CONNECT_TAG) == 0) {
120                 // 3. set stage IPSEC_L2TP_CTL
121                 NETMGR_EXT_LOG_I("l2tp vpn setup step 3: set stage IPSEC_L2TP_CTL");
122                 state_ = IpsecVpnStateCode::STATE_CONTROLLED;
123                 NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_L2TP_CTL);
124             }
125             break;
126         case IpsecVpnStateCode::STATE_CONTROLLED:
127             if (stage.compare(L2TP_IPSEC_CONNECTED_TAG) == 0) {
128                 // 4. is connected
129                 NETMGR_EXT_LOG_I("l2tp vpn setup step 4: is connected");
130                 state_ = IpsecVpnStateCode::STATE_CONNECTED;
131                 NotifyConnectState(VpnConnectState::VPN_CONNECTED);
132             }
133             break;
134         default:
135             NETMGR_EXT_LOG_E("invalid state: %{public}d", state_);
136             return NETMANAGER_EXT_ERR_INTERNAL;
137     }
138     return NETMANAGER_EXT_SUCCESS;
139 }
140 
GetSysVpnCertUri(const int32_t certType, std::string &certUri)141 int32_t L2tpVpnCtl::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
142 {
143     if (l2tpVpnConfig_ == nullptr) {
144         NETMGR_EXT_LOG_E("GetSysVpnCertUri l2tpVpnConfig_ is null");
145         return NETMANAGER_EXT_ERR_INTERNAL;
146     }
147     switch (certType) {
148         case IpsecVpnCertType::CA_CERT:
149             certUri = l2tpVpnConfig_->ipsecCaCertConf_;
150             break;
151         case IpsecVpnCertType::USER_CERT:
152             certUri = l2tpVpnConfig_->ipsecPublicUserCertConf_;
153             break;
154         case IpsecVpnCertType::SERVER_CERT:
155             certUri = l2tpVpnConfig_->ipsecPublicServerCertConf_;
156             break;
157         default:
158             NETMGR_EXT_LOG_E("invalid certType: %{public}d", certType);
159             break;
160     }
161     return NETMANAGER_EXT_SUCCESS;
162 }
163 
GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)164 int32_t L2tpVpnCtl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)
165 {
166     if (state_ == IpsecVpnStateCode::STATE_CONNECTED && l2tpVpnConfig_ != nullptr) {
167         NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig success");
168         sysVpnConfig = l2tpVpnConfig_;
169     }
170     return NETMANAGER_EXT_SUCCESS;
171 }
172 } // namespace NetManagerStandard
173 } // namespace OHOS
174