18e745fdaSopenharmony_ci/* 28e745fdaSopenharmony_ci * Copyright (c) 2023-2024 Huawei Device Co., Ltd. 38e745fdaSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 48e745fdaSopenharmony_ci * you may not use this file except in compliance with the License. 58e745fdaSopenharmony_ci * You may obtain a copy of the License at 68e745fdaSopenharmony_ci * 78e745fdaSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 88e745fdaSopenharmony_ci * 98e745fdaSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 108e745fdaSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 118e745fdaSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 128e745fdaSopenharmony_ci * See the License for the specific language governing permissions and 138e745fdaSopenharmony_ci * limitations under the License. 148e745fdaSopenharmony_ci */ 158e745fdaSopenharmony_ci 168e745fdaSopenharmony_ci#include "networkvpn_service.h" 178e745fdaSopenharmony_ci 188e745fdaSopenharmony_ci#include <cerrno> 198e745fdaSopenharmony_ci#include <ctime> 208e745fdaSopenharmony_ci#include <fcntl.h> 218e745fdaSopenharmony_ci#include <sys/socket.h> 228e745fdaSopenharmony_ci#include <sys/stat.h> 238e745fdaSopenharmony_ci#include <sys/types.h> 248e745fdaSopenharmony_ci#include <sys/un.h> 258e745fdaSopenharmony_ci#include <unistd.h> 268e745fdaSopenharmony_ci#include <string> 278e745fdaSopenharmony_ci#include <fstream> 288e745fdaSopenharmony_ci#include <thread> 298e745fdaSopenharmony_ci 308e745fdaSopenharmony_ci#include "ipc_skeleton.h" 318e745fdaSopenharmony_ci#include "securec.h" 328e745fdaSopenharmony_ci#include "system_ability_definition.h" 338e745fdaSopenharmony_ci#include "iservice_registry.h" 348e745fdaSopenharmony_ci 358e745fdaSopenharmony_ci#include "ability_manager_client.h" 368e745fdaSopenharmony_ci#include "extended_vpn_ctl.h" 378e745fdaSopenharmony_ci#include "net_event_report.h" 388e745fdaSopenharmony_ci#include "net_manager_center.h" 398e745fdaSopenharmony_ci#include "net_manager_constants.h" 408e745fdaSopenharmony_ci#include "net_manager_ext_constants.h" 418e745fdaSopenharmony_ci#include "netmanager_base_permission.h" 428e745fdaSopenharmony_ci#include "netmgr_ext_log_wrapper.h" 438e745fdaSopenharmony_ci#include "netsys_controller.h" 448e745fdaSopenharmony_ci#include "networkvpn_hisysevent.h" 458e745fdaSopenharmony_ci#include "net_datashare_utils_iface.h" 468e745fdaSopenharmony_ci#ifdef SUPPORT_SYSVPN 478e745fdaSopenharmony_ci#include "ipsec_vpn_ctl.h" 488e745fdaSopenharmony_ci#include "l2tp_vpn_ctl.h" 498e745fdaSopenharmony_ci#include "open_vpn_ctl.h" 508e745fdaSopenharmony_ci#include "vpn_data_bean.h" 518e745fdaSopenharmony_ci#endif // SUPPORT_SYSVPN 528e745fdaSopenharmony_ci 538e745fdaSopenharmony_cinamespace OHOS { 548e745fdaSopenharmony_cinamespace NetManagerStandard { 558e745fdaSopenharmony_ciconstexpr int32_t USER_ID_DIVIDOR = 200000; 568e745fdaSopenharmony_ciconstexpr int32_t MAX_CALLBACK_COUNT = 128; 578e745fdaSopenharmony_ciconstexpr const char *NET_ACTIVATE_WORK_THREAD = "VPN_CALLBACK_WORK_THREAD"; 588e745fdaSopenharmony_ciconstexpr const char* VPN_CONFIG_FILE = "/data/service/el1/public/netmanager/vpn_config.json"; 598e745fdaSopenharmony_ciconstexpr const char* VPN_EXTENSION_LABEL = ":vpn"; 608e745fdaSopenharmony_ciconstexpr uint32_t MAX_GET_SERVICE_COUNT = 30; 618e745fdaSopenharmony_ciconstexpr uint32_t WAIT_FOR_SERVICE_TIME_S = 1; 628e745fdaSopenharmony_ciconstexpr uint32_t AGAIN_REGISTER_CALLBACK_INTERVAL = 500; 638e745fdaSopenharmony_ciconstexpr uint32_t MAX_RETRY_TIMES = 10; 648e745fdaSopenharmony_ciconstexpr uint32_t UID_NET_SYS_NATIVE = 1098; 658e745fdaSopenharmony_ciconstexpr const char *VPNEXT_MODE_URI = 668e745fdaSopenharmony_ci "datashare:///com.ohos.settingsdata/entry/settingsdata/SETTINGSDATA?Proxy=true&key=vpnext_mode"; 678e745fdaSopenharmony_ci 688e745fdaSopenharmony_ciconst bool REGISTER_LOCAL_RESULT_NETVPN = 698e745fdaSopenharmony_ci SystemAbility::MakeAndRegisterAbility(&NetworkVpnService::GetInstance()); 708e745fdaSopenharmony_ci 718e745fdaSopenharmony_ciconstexpr const int INVALID_CODE = -1; 728e745fdaSopenharmony_ciconst std::vector<std::string> ACCESS_PERMISSION {"ohos.permission.GET_NETWORK_INFO"}; 738e745fdaSopenharmony_ciconstexpr const char *const PARAM_KEY_STATE = "state"; 748e745fdaSopenharmony_ciconstexpr const char *const COMMON_EVENT_VPN_CONNECT_STATUS_VALUE = 758e745fdaSopenharmony_ci "usual.event.VPN_CONNECTION_STATUS_CHANGED"; 768e745fdaSopenharmony_ci 778e745fdaSopenharmony_ciNetworkVpnService::NetworkVpnService() : SystemAbility(COMM_VPN_MANAGER_SYS_ABILITY_ID, true) {} 788e745fdaSopenharmony_ciNetworkVpnService::~NetworkVpnService() 798e745fdaSopenharmony_ci{ 808e745fdaSopenharmony_ci RemoveALLClientDeathRecipient(); 818e745fdaSopenharmony_ci} 828e745fdaSopenharmony_ci 838e745fdaSopenharmony_civoid NetworkVpnService::OnStart() 848e745fdaSopenharmony_ci{ 858e745fdaSopenharmony_ci if (state_ == STATE_RUNNING) { 868e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("OnStart Vpn Service state is already running"); 878e745fdaSopenharmony_ci return; 888e745fdaSopenharmony_ci } 898e745fdaSopenharmony_ci if (!Init()) { 908e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("OnStart Vpn init failed"); 918e745fdaSopenharmony_ci VpnHisysEvent::SendFaultEvent(VpnEventType::TYPE_UNKNOWN, VpnEventOperator::OPERATION_START_SA, 928e745fdaSopenharmony_ci VpnEventErrorType::ERROR_INTERNAL_ERROR, "Start Vpn Service failed"); 938e745fdaSopenharmony_ci return; 948e745fdaSopenharmony_ci } 958e745fdaSopenharmony_ci state_ = STATE_RUNNING; 968e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("OnStart vpn successful"); 978e745fdaSopenharmony_ci} 988e745fdaSopenharmony_ci 998e745fdaSopenharmony_civoid NetworkVpnService::OnStop() 1008e745fdaSopenharmony_ci{ 1018e745fdaSopenharmony_ci state_ = STATE_STOPPED; 1028e745fdaSopenharmony_ci isServicePublished_ = false; 1038e745fdaSopenharmony_ci 1048e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("OnStop vpn successful"); 1058e745fdaSopenharmony_ci} 1068e745fdaSopenharmony_ci 1078e745fdaSopenharmony_ciint32_t NetworkVpnService::Dump(int32_t fd, const std::vector<std::u16string> &args) 1088e745fdaSopenharmony_ci{ 1098e745fdaSopenharmony_ci std::string result; 1108e745fdaSopenharmony_ci GetDumpMessage(result); 1118e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Vpn dump fd: %{public}d, content: %{public}s", fd, result.c_str()); 1128e745fdaSopenharmony_ci int32_t ret = dprintf(fd, "%s\n", result.c_str()); 1138e745fdaSopenharmony_ci if (ret < 0) { 1148e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("dprintf failed, errno[%{public}d]", errno); 1158e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 1168e745fdaSopenharmony_ci } 1178e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 1188e745fdaSopenharmony_ci} 1198e745fdaSopenharmony_ci 1208e745fdaSopenharmony_cibool NetworkVpnService::Init() 1218e745fdaSopenharmony_ci{ 1228e745fdaSopenharmony_ci if (!REGISTER_LOCAL_RESULT_NETVPN) { 1238e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Register to local sa manager failed"); 1248e745fdaSopenharmony_ci return false; 1258e745fdaSopenharmony_ci } 1268e745fdaSopenharmony_ci networkVpnServiceFfrtQueue_ = std::make_shared<ffrt::queue>("NetworkVpnService"); 1278e745fdaSopenharmony_ci if (!networkVpnServiceFfrtQueue_) { 1288e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("FFRT Create Fail"); 1298e745fdaSopenharmony_ci return false; 1308e745fdaSopenharmony_ci } 1318e745fdaSopenharmony_ci if (!isServicePublished_) { 1328e745fdaSopenharmony_ci if (!Publish(&NetworkVpnService::GetInstance())) { 1338e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Register to sa manager failed"); 1348e745fdaSopenharmony_ci return false; 1358e745fdaSopenharmony_ci } 1368e745fdaSopenharmony_ci isServicePublished_ = true; 1378e745fdaSopenharmony_ci } 1388e745fdaSopenharmony_ci 1398e745fdaSopenharmony_ci AddSystemAbilityListener(COMM_NETSYS_NATIVE_SYS_ABILITY_ID); 1408e745fdaSopenharmony_ci 1418e745fdaSopenharmony_ci SubscribeCommonEvent(); 1428e745fdaSopenharmony_ci if (!vpnConnCallback_) { 1438e745fdaSopenharmony_ci vpnConnCallback_ = std::make_shared<VpnConnStateCb>(*this); 1448e745fdaSopenharmony_ci } 1458e745fdaSopenharmony_ci 1468e745fdaSopenharmony_ci vpnHapObserver_ = new VpnHapObserver(*this); 1478e745fdaSopenharmony_ci RegisterFactoryResetCallback(); 1488e745fdaSopenharmony_ci return true; 1498e745fdaSopenharmony_ci} 1508e745fdaSopenharmony_ci 1518e745fdaSopenharmony_civoid NetworkVpnService::GetDumpMessage(std::string &message) 1528e745fdaSopenharmony_ci{ 1538e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 1548e745fdaSopenharmony_ci message.append("Net Vpn Info:\n"); 1558e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 1568e745fdaSopenharmony_ci const auto &config = vpnObj_->GetVpnConfig(); 1578e745fdaSopenharmony_ci std::string isLegacy = (config->isLegacy_) ? "true" : "false"; 1588e745fdaSopenharmony_ci message.append("\tisLegacy: " + isLegacy + "\n"); 1598e745fdaSopenharmony_ci message.append("\tPackageName: " + vpnObj_->GetVpnPkg() + "\n"); 1608e745fdaSopenharmony_ci message.append("\tinterface: " + vpnObj_->GetInterfaceName() + "\n"); 1618e745fdaSopenharmony_ci message.append("\tstate: connected\n"); 1628e745fdaSopenharmony_ci } else { 1638e745fdaSopenharmony_ci message.append("\tstate: disconnected\n"); 1648e745fdaSopenharmony_ci } 1658e745fdaSopenharmony_ci message.append("\tend.\n"); 1668e745fdaSopenharmony_ci} 1678e745fdaSopenharmony_ci 1688e745fdaSopenharmony_cibool NetworkVpnService::PublishEvent(const OHOS::AAFwk::Want &want, int eventCode, 1698e745fdaSopenharmony_ci bool isOrdered, bool isSticky, const std::vector<std::string> &permissions) const 1708e745fdaSopenharmony_ci{ 1718e745fdaSopenharmony_ci OHOS::EventFwk::CommonEventData data; 1728e745fdaSopenharmony_ci data.SetWant(want); 1738e745fdaSopenharmony_ci if (eventCode != INVALID_CODE) { 1748e745fdaSopenharmony_ci data.SetCode(eventCode); 1758e745fdaSopenharmony_ci } 1768e745fdaSopenharmony_ci OHOS::EventFwk::CommonEventPublishInfo publishInfo; 1778e745fdaSopenharmony_ci publishInfo.SetOrdered(isOrdered); 1788e745fdaSopenharmony_ci // sticky tag: EventFwk would keep last event for later subscriber. 1798e745fdaSopenharmony_ci publishInfo.SetSticky(isSticky); 1808e745fdaSopenharmony_ci if (permissions.size() > 0) { 1818e745fdaSopenharmony_ci publishInfo.SetSubscriberPermissions(permissions); 1828e745fdaSopenharmony_ci } 1838e745fdaSopenharmony_ci bool publishResult = OHOS::EventFwk::CommonEventManager::PublishCommonEvent(data, publishInfo); 1848e745fdaSopenharmony_ci return publishResult; 1858e745fdaSopenharmony_ci} 1868e745fdaSopenharmony_ci 1878e745fdaSopenharmony_civoid NetworkVpnService::PublishVpnConnectionStateEvent(const VpnConnectState &state) const 1888e745fdaSopenharmony_ci{ 1898e745fdaSopenharmony_ci OHOS::AAFwk::Want want; 1908e745fdaSopenharmony_ci want.SetAction(COMMON_EVENT_VPN_CONNECT_STATUS_VALUE); 1918e745fdaSopenharmony_ci want.SetParam(PARAM_KEY_STATE, (state == VpnConnectState::VPN_CONNECTED) ? 1 : 0); 1928e745fdaSopenharmony_ci if (!PublishEvent(want, INVALID_CODE, false, true, ACCESS_PERMISSION)) { 1938e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Publish vpn connection state fail."); 1948e745fdaSopenharmony_ci } 1958e745fdaSopenharmony_ci} 1968e745fdaSopenharmony_ci 1978e745fdaSopenharmony_civoid NetworkVpnService::VpnConnStateCb::OnVpnConnStateChanged(const VpnConnectState &state) 1988e745fdaSopenharmony_ci{ 1998e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("receive new vpn connect state[%{public}d].", static_cast<uint32_t>(state)); 2008e745fdaSopenharmony_ci vpnService_.PublishVpnConnectionStateEvent(state); 2018e745fdaSopenharmony_ci if (!vpnService_.networkVpnServiceFfrtQueue_) { 2028e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("FFRT Create Fail"); 2038e745fdaSopenharmony_ci return; 2048e745fdaSopenharmony_ci } 2058e745fdaSopenharmony_ci std::function<void()> OnVpnConnStateChangedFunction = [this, &state]() { 2068e745fdaSopenharmony_ci std::for_each(vpnService_.vpnEventCallbacks_.begin(), vpnService_.vpnEventCallbacks_.end(), 2078e745fdaSopenharmony_ci [&state](const auto &callback) { 2088e745fdaSopenharmony_ci callback->OnVpnStateChanged((VpnConnectState::VPN_CONNECTED == state) ? true : false); 2098e745fdaSopenharmony_ci }); 2108e745fdaSopenharmony_ci }; 2118e745fdaSopenharmony_ci ffrt::task_handle OnVpnConnStateTask = 2128e745fdaSopenharmony_ci vpnService_.networkVpnServiceFfrtQueue_->submit_h(OnVpnConnStateChangedFunction, 2138e745fdaSopenharmony_ci ffrt::task_attr().name("OnVpnConnStateChanged")); 2148e745fdaSopenharmony_ci vpnService_.networkVpnServiceFfrtQueue_->wait(OnVpnConnStateTask); 2158e745fdaSopenharmony_ci} 2168e745fdaSopenharmony_ci 2178e745fdaSopenharmony_civoid NetworkVpnService::OnVpnMultiUserSetUp() 2188e745fdaSopenharmony_ci{ 2198e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("user multiple execute set up."); 2208e745fdaSopenharmony_ci if (!networkVpnServiceFfrtQueue_) { 2218e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("FFRT Create Fail"); 2228e745fdaSopenharmony_ci return; 2238e745fdaSopenharmony_ci } 2248e745fdaSopenharmony_ci std::function<void()> OnVpnMultiUserSetUpFunction = [this]() { 2258e745fdaSopenharmony_ci std::for_each(vpnEventCallbacks_.begin(), vpnEventCallbacks_.end(), 2268e745fdaSopenharmony_ci [](const auto &callback) { callback->OnVpnMultiUserSetUp(); }); 2278e745fdaSopenharmony_ci }; 2288e745fdaSopenharmony_ci ffrt::task_handle OnVpnMultiUserSetUpTask = 2298e745fdaSopenharmony_ci networkVpnServiceFfrtQueue_->submit_h(OnVpnMultiUserSetUpFunction, 2308e745fdaSopenharmony_ci ffrt::task_attr().name("OnVpnMultiUserSetUp")); 2318e745fdaSopenharmony_ci networkVpnServiceFfrtQueue_->wait(OnVpnMultiUserSetUpTask); 2328e745fdaSopenharmony_ci} 2338e745fdaSopenharmony_ci 2348e745fdaSopenharmony_ciint32_t NetworkVpnService::Prepare(bool &isExistVpn, bool &isRun, std::string &pkg) 2358e745fdaSopenharmony_ci{ 2368e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 2378e745fdaSopenharmony_ci isRun = false; 2388e745fdaSopenharmony_ci isExistVpn = false; 2398e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 2408e745fdaSopenharmony_ci isExistVpn = true; 2418e745fdaSopenharmony_ci isRun = vpnObj_->IsVpnConnecting(); 2428e745fdaSopenharmony_ci pkg = vpnObj_->GetVpnPkg(); 2438e745fdaSopenharmony_ci } 2448e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("NetworkVpnService Prepare successfully"); 2458e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 2468e745fdaSopenharmony_ci} 2478e745fdaSopenharmony_ci 2488e745fdaSopenharmony_civoid NetworkVpnService::ConvertStringToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc) 2498e745fdaSopenharmony_ci{ 2508e745fdaSopenharmony_ci cJSON *dnsAddr = cJSON_GetObjectItem(doc, "dnsAddresses"); 2518e745fdaSopenharmony_ci if (dnsAddr != nullptr && cJSON_IsArray(dnsAddr)) { 2528e745fdaSopenharmony_ci for (int32_t i = 0; i < cJSON_GetArraySize(dnsAddr); i++) { 2538e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(dnsAddr, i); 2548e745fdaSopenharmony_ci if (cJSON_IsString(item)) { 2558e745fdaSopenharmony_ci std::string mem = cJSON_GetStringValue(item); 2568e745fdaSopenharmony_ci vpnCfg->dnsAddresses_.push_back(mem); 2578e745fdaSopenharmony_ci } 2588e745fdaSopenharmony_ci } 2598e745fdaSopenharmony_ci } 2608e745fdaSopenharmony_ci cJSON *sDomain = cJSON_GetObjectItem(doc, "searchDomains"); 2618e745fdaSopenharmony_ci if (sDomain != nullptr && cJSON_IsArray(sDomain)) { 2628e745fdaSopenharmony_ci for (int32_t i = 0; i < cJSON_GetArraySize(sDomain); i++) { 2638e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(sDomain, i); 2648e745fdaSopenharmony_ci if (cJSON_IsString(item)) { 2658e745fdaSopenharmony_ci std::string mem = cJSON_GetStringValue(item); 2668e745fdaSopenharmony_ci vpnCfg->searchDomains_.push_back(mem); 2678e745fdaSopenharmony_ci } 2688e745fdaSopenharmony_ci } 2698e745fdaSopenharmony_ci } 2708e745fdaSopenharmony_ci cJSON *acceptApp = cJSON_GetObjectItem(doc, "acceptedApplications"); 2718e745fdaSopenharmony_ci if (acceptApp != nullptr && cJSON_IsArray(acceptApp)) { 2728e745fdaSopenharmony_ci for (int32_t i = 0; i < cJSON_GetArraySize(acceptApp); i++) { 2738e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(acceptApp, i); 2748e745fdaSopenharmony_ci if (cJSON_IsString(item)) { 2758e745fdaSopenharmony_ci std::string mem = cJSON_GetStringValue(item); 2768e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("acceptApp = %{public}s", mem.c_str()); 2778e745fdaSopenharmony_ci vpnCfg->acceptedApplications_.push_back(mem); 2788e745fdaSopenharmony_ci } 2798e745fdaSopenharmony_ci } 2808e745fdaSopenharmony_ci } 2818e745fdaSopenharmony_ci cJSON *refusedApp = cJSON_GetObjectItem(doc, "refusedApplications"); 2828e745fdaSopenharmony_ci if (refusedApp != nullptr && cJSON_IsArray(refusedApp)) { 2838e745fdaSopenharmony_ci for (int32_t i = 0; i < cJSON_GetArraySize(refusedApp); i++) { 2848e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(refusedApp, i); 2858e745fdaSopenharmony_ci if (cJSON_IsString(item)) { 2868e745fdaSopenharmony_ci std::string mem = cJSON_GetStringValue(item); 2878e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("refusedApp = %{public}s", mem.c_str()); 2888e745fdaSopenharmony_ci vpnCfg->refusedApplications_.push_back(mem); 2898e745fdaSopenharmony_ci } 2908e745fdaSopenharmony_ci } 2918e745fdaSopenharmony_ci } 2928e745fdaSopenharmony_ci} 2938e745fdaSopenharmony_ci 2948e745fdaSopenharmony_civoid NetworkVpnService::ConvertNetAddrToConfig(INetAddr& tmp, const cJSON* const mem) 2958e745fdaSopenharmony_ci{ 2968e745fdaSopenharmony_ci cJSON *type = cJSON_GetObjectItem(mem, "type"); 2978e745fdaSopenharmony_ci if (type != nullptr && cJSON_IsNumber(type)) { 2988e745fdaSopenharmony_ci tmp.type_ = static_cast<int32_t>(cJSON_GetNumberValue(type)); 2998e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("type = %{public}d", tmp.type_); 3008e745fdaSopenharmony_ci } 3018e745fdaSopenharmony_ci cJSON *family = cJSON_GetObjectItem(mem, "family"); 3028e745fdaSopenharmony_ci if (family != nullptr && cJSON_IsNumber(family)) { 3038e745fdaSopenharmony_ci tmp.family_ = static_cast<int32_t>(cJSON_GetNumberValue(family)); 3048e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("family = %{public}d", tmp.family_); 3058e745fdaSopenharmony_ci } 3068e745fdaSopenharmony_ci cJSON *prefixlen = cJSON_GetObjectItem(mem, "prefixlen"); 3078e745fdaSopenharmony_ci if (prefixlen != nullptr && cJSON_IsNumber(prefixlen)) { 3088e745fdaSopenharmony_ci tmp.prefixlen_ = static_cast<int32_t>(cJSON_GetNumberValue(prefixlen)); 3098e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("prefixlen = %{public}d", tmp.prefixlen_); 3108e745fdaSopenharmony_ci } 3118e745fdaSopenharmony_ci cJSON *address = cJSON_GetObjectItem(mem, "address"); 3128e745fdaSopenharmony_ci if (address != nullptr && cJSON_IsString(address)) { 3138e745fdaSopenharmony_ci tmp.address_ = cJSON_GetStringValue(address); 3148e745fdaSopenharmony_ci } 3158e745fdaSopenharmony_ci cJSON *netMask = cJSON_GetObjectItem(mem, "netMask"); 3168e745fdaSopenharmony_ci if (netMask != nullptr && cJSON_IsString(netMask)) { 3178e745fdaSopenharmony_ci tmp.netMask_ = cJSON_GetStringValue(netMask); 3188e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("netMask = %{public}s", tmp.netMask_.c_str()); 3198e745fdaSopenharmony_ci } 3208e745fdaSopenharmony_ci cJSON *hostName = cJSON_GetObjectItem(mem, "hostName"); 3218e745fdaSopenharmony_ci if (hostName != nullptr && cJSON_IsString(hostName)) { 3228e745fdaSopenharmony_ci tmp.hostName_ = cJSON_GetStringValue(hostName); 3238e745fdaSopenharmony_ci } 3248e745fdaSopenharmony_ci cJSON *port = cJSON_GetObjectItem(mem, "port"); 3258e745fdaSopenharmony_ci if (port != nullptr && cJSON_IsNumber(port)) { 3268e745fdaSopenharmony_ci tmp.port_ = static_cast<int32_t>(cJSON_GetNumberValue(port)); 3278e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("port = %{public}d", tmp.port_); 3288e745fdaSopenharmony_ci } 3298e745fdaSopenharmony_ci} 3308e745fdaSopenharmony_ci 3318e745fdaSopenharmony_civoid NetworkVpnService::ConvertVecAddrToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc) 3328e745fdaSopenharmony_ci{ 3338e745fdaSopenharmony_ci cJSON *addresses = cJSON_GetObjectItem(doc, "addresses"); 3348e745fdaSopenharmony_ci if (addresses != nullptr && cJSON_IsArray(addresses)) { 3358e745fdaSopenharmony_ci uint32_t itemSize = cJSON_GetArraySize(addresses); 3368e745fdaSopenharmony_ci for (uint32_t i = 0; i < itemSize; i++) { 3378e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(addresses, i); 3388e745fdaSopenharmony_ci if (cJSON_IsObject(item)) { 3398e745fdaSopenharmony_ci INetAddr tmp; 3408e745fdaSopenharmony_ci ConvertNetAddrToConfig(tmp, item); 3418e745fdaSopenharmony_ci vpnCfg->addresses_.push_back(tmp); 3428e745fdaSopenharmony_ci } 3438e745fdaSopenharmony_ci } 3448e745fdaSopenharmony_ci } 3458e745fdaSopenharmony_ci} 3468e745fdaSopenharmony_ci 3478e745fdaSopenharmony_civoid NetworkVpnService::ConvertRouteToConfig(Route& tmp, const cJSON* const mem) 3488e745fdaSopenharmony_ci{ 3498e745fdaSopenharmony_ci cJSON *iface = cJSON_GetObjectItem(mem, "iface"); 3508e745fdaSopenharmony_ci if (iface != nullptr && cJSON_IsString(iface)) { 3518e745fdaSopenharmony_ci tmp.iface_ = cJSON_GetStringValue(iface); 3528e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("iface = %{public}s", tmp.iface_.c_str()); 3538e745fdaSopenharmony_ci } 3548e745fdaSopenharmony_ci cJSON *rtnType = cJSON_GetObjectItem(mem, "rtnType"); 3558e745fdaSopenharmony_ci if (rtnType != nullptr && cJSON_IsNumber(rtnType)) { 3568e745fdaSopenharmony_ci tmp.rtnType_ = cJSON_GetNumberValue(rtnType); 3578e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("rtnType = %{public}d", tmp.rtnType_); 3588e745fdaSopenharmony_ci } 3598e745fdaSopenharmony_ci cJSON *mtu = cJSON_GetObjectItem(mem, "mtu"); 3608e745fdaSopenharmony_ci if (mtu != nullptr && cJSON_IsNumber(mtu)) { 3618e745fdaSopenharmony_ci tmp.mtu_ = cJSON_GetNumberValue(mtu); 3628e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("mtu = %{public}d", tmp.mtu_); 3638e745fdaSopenharmony_ci } 3648e745fdaSopenharmony_ci cJSON *isHost = cJSON_GetObjectItem(mem, "isHost"); 3658e745fdaSopenharmony_ci if (isHost != nullptr && cJSON_IsBool(isHost)) { 3668e745fdaSopenharmony_ci tmp.isHost_ = cJSON_IsTrue(isHost) ? true : false; 3678e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isHost = %{public}d", tmp.isHost_); 3688e745fdaSopenharmony_ci } 3698e745fdaSopenharmony_ci cJSON *hasGateway = cJSON_GetObjectItem(mem, "hasGateway"); 3708e745fdaSopenharmony_ci if (hasGateway != nullptr && cJSON_IsBool(hasGateway)) { 3718e745fdaSopenharmony_ci tmp.hasGateway_ = cJSON_IsTrue(hasGateway) ? true : false; 3728e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("hasGateway_ = %{public}d", tmp.hasGateway_); 3738e745fdaSopenharmony_ci } 3748e745fdaSopenharmony_ci cJSON *isDefaultRoute = cJSON_GetObjectItem(mem, "isDefaultRoute"); 3758e745fdaSopenharmony_ci if (isDefaultRoute != nullptr && cJSON_IsBool(isDefaultRoute)) { 3768e745fdaSopenharmony_ci tmp.isDefaultRoute_ = cJSON_IsTrue(isDefaultRoute) ? true : false; 3778e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isDefaultRoute_ = %{public}d", tmp.isDefaultRoute_); 3788e745fdaSopenharmony_ci } 3798e745fdaSopenharmony_ci cJSON *destination = cJSON_GetObjectItem(mem, "destination"); 3808e745fdaSopenharmony_ci if (destination != nullptr && cJSON_IsObject(destination)) { 3818e745fdaSopenharmony_ci INetAddr tmpINet; 3828e745fdaSopenharmony_ci ConvertNetAddrToConfig(tmpINet, destination); 3838e745fdaSopenharmony_ci tmp.destination_ = tmpINet; 3848e745fdaSopenharmony_ci } 3858e745fdaSopenharmony_ci cJSON *gateway = cJSON_GetObjectItem(mem, "gateway"); 3868e745fdaSopenharmony_ci if (gateway != nullptr && cJSON_IsObject(gateway)) { 3878e745fdaSopenharmony_ci INetAddr tmpINet; 3888e745fdaSopenharmony_ci ConvertNetAddrToConfig(tmpINet, gateway); 3898e745fdaSopenharmony_ci tmp.gateway_ = tmpINet; 3908e745fdaSopenharmony_ci } 3918e745fdaSopenharmony_ci} 3928e745fdaSopenharmony_ci 3938e745fdaSopenharmony_civoid NetworkVpnService::ConvertVecRouteToConfig(sptr<VpnConfig> &vpnCfg, const cJSON* const doc) 3948e745fdaSopenharmony_ci{ 3958e745fdaSopenharmony_ci cJSON *routes = cJSON_GetObjectItem(doc, "routes"); 3968e745fdaSopenharmony_ci if (routes != nullptr && cJSON_IsArray(routes)) { 3978e745fdaSopenharmony_ci uint32_t itemSize = cJSON_GetArraySize(routes); 3988e745fdaSopenharmony_ci for (uint32_t i = 0; i < itemSize; i++) { 3998e745fdaSopenharmony_ci cJSON *item = cJSON_GetArrayItem(routes, i); 4008e745fdaSopenharmony_ci if (cJSON_IsObject(item)) { 4018e745fdaSopenharmony_ci Route tmp; 4028e745fdaSopenharmony_ci ConvertRouteToConfig(tmp, item); 4038e745fdaSopenharmony_ci vpnCfg->routes_.push_back(tmp); 4048e745fdaSopenharmony_ci } 4058e745fdaSopenharmony_ci } 4068e745fdaSopenharmony_ci } 4078e745fdaSopenharmony_ci} 4088e745fdaSopenharmony_ci 4098e745fdaSopenharmony_civoid NetworkVpnService::ParseJsonToConfig(sptr<VpnConfig> &vpnCfg, const std::string& jsonString) 4108e745fdaSopenharmony_ci{ 4118e745fdaSopenharmony_ci cJSON *doc = cJSON_Parse(jsonString.c_str()); 4128e745fdaSopenharmony_ci if (doc == nullptr) { 4138e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("jsonString parse failed!"); 4148e745fdaSopenharmony_ci return; 4158e745fdaSopenharmony_ci } 4168e745fdaSopenharmony_ci cJSON *mtu = cJSON_GetObjectItem(doc, "mtu"); 4178e745fdaSopenharmony_ci if (mtu != nullptr && cJSON_IsNumber(mtu)) { 4188e745fdaSopenharmony_ci vpnCfg->mtu_ = cJSON_GetNumberValue(mtu); 4198e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("mtu = %{public}d", vpnCfg->mtu_); 4208e745fdaSopenharmony_ci } 4218e745fdaSopenharmony_ci cJSON *isAcceptIPv4 = cJSON_GetObjectItem(doc, "isAcceptIPv4"); 4228e745fdaSopenharmony_ci if (isAcceptIPv4 != nullptr && cJSON_IsBool(isAcceptIPv4)) { 4238e745fdaSopenharmony_ci vpnCfg->isAcceptIPv4_ = cJSON_IsTrue(isAcceptIPv4); 4248e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isAcceptIPv4 = %{public}d", vpnCfg->isAcceptIPv4_); 4258e745fdaSopenharmony_ci } 4268e745fdaSopenharmony_ci cJSON *isAcceptIPv6 = cJSON_GetObjectItem(doc, "isAcceptIPv6"); 4278e745fdaSopenharmony_ci if (isAcceptIPv6 != nullptr && cJSON_IsBool(isAcceptIPv6)) { 4288e745fdaSopenharmony_ci vpnCfg->isAcceptIPv6_ = cJSON_IsTrue(isAcceptIPv6); 4298e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isAcceptIPv6 = %{public}d", vpnCfg->isAcceptIPv6_); 4308e745fdaSopenharmony_ci } 4318e745fdaSopenharmony_ci cJSON *isLegacy = cJSON_GetObjectItem(doc, "isLegacy"); 4328e745fdaSopenharmony_ci if (isLegacy != nullptr && cJSON_IsBool(isLegacy)) { 4338e745fdaSopenharmony_ci vpnCfg->isLegacy_ = cJSON_IsTrue(isLegacy); 4348e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isLegacy = %{public}d", vpnCfg->isLegacy_); 4358e745fdaSopenharmony_ci } 4368e745fdaSopenharmony_ci cJSON *isMetered = cJSON_GetObjectItem(doc, "isMetered"); 4378e745fdaSopenharmony_ci if (isMetered != nullptr && cJSON_IsBool(isMetered)) { 4388e745fdaSopenharmony_ci vpnCfg->isMetered_ = cJSON_IsTrue(isMetered); 4398e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isMetered = %{public}d", vpnCfg->isMetered_); 4408e745fdaSopenharmony_ci } 4418e745fdaSopenharmony_ci cJSON *isBlocking = cJSON_GetObjectItem(doc, "isBlocking"); 4428e745fdaSopenharmony_ci if (isBlocking != nullptr && cJSON_IsBool(isBlocking)) { 4438e745fdaSopenharmony_ci vpnCfg->isBlocking_ = cJSON_IsTrue(isBlocking); 4448e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("isBlocking = %{public}d", vpnCfg->isBlocking_); 4458e745fdaSopenharmony_ci } 4468e745fdaSopenharmony_ci 4478e745fdaSopenharmony_ci ConvertStringToConfig(vpnCfg, doc); 4488e745fdaSopenharmony_ci 4498e745fdaSopenharmony_ci ConvertVecAddrToConfig(vpnCfg, doc); 4508e745fdaSopenharmony_ci 4518e745fdaSopenharmony_ci ConvertVecRouteToConfig(vpnCfg, doc); 4528e745fdaSopenharmony_ci 4538e745fdaSopenharmony_ci cJSON_Delete(doc); 4548e745fdaSopenharmony_ci} 4558e745fdaSopenharmony_ci 4568e745fdaSopenharmony_civoid NetworkVpnService::RecoverVpnConfig() 4578e745fdaSopenharmony_ci{ 4588e745fdaSopenharmony_ci sptr<VpnConfig> vpnCfg = new VpnConfig(); 4598e745fdaSopenharmony_ci std::ifstream ifs(VPN_CONFIG_FILE); 4608e745fdaSopenharmony_ci if (!ifs) { 4618e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("file don't exist, don't need recover"); 4628e745fdaSopenharmony_ci return; 4638e745fdaSopenharmony_ci } 4648e745fdaSopenharmony_ci std::string jsonString; 4658e745fdaSopenharmony_ci std::getline(ifs, jsonString); 4668e745fdaSopenharmony_ci ParseJsonToConfig(vpnCfg, jsonString); 4678e745fdaSopenharmony_ci SetUpVpn(vpnCfg); 4688e745fdaSopenharmony_ci} 4698e745fdaSopenharmony_ci 4708e745fdaSopenharmony_civoid NetworkVpnService::ConvertNetAddrToJson(const INetAddr& netAddr, cJSON* jInetAddr) 4718e745fdaSopenharmony_ci{ 4728e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "type", cJSON_CreateNumber(netAddr.type_)); 4738e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "family", cJSON_CreateNumber(netAddr.family_)); 4748e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "prefixlen", cJSON_CreateNumber(netAddr.prefixlen_)); 4758e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "address", cJSON_CreateString(netAddr.address_.c_str())); 4768e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "netMask", cJSON_CreateString(netAddr.netMask_.c_str())); 4778e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "hostName", cJSON_CreateString(netAddr.hostName_.c_str())); 4788e745fdaSopenharmony_ci cJSON_AddItemToObject(jInetAddr, "port", cJSON_CreateNumber(netAddr.port_)); 4798e745fdaSopenharmony_ci} 4808e745fdaSopenharmony_ci 4818e745fdaSopenharmony_civoid NetworkVpnService::ConvertVecRouteToJson(const std::vector<Route>& routes, cJSON* jVecRoutes) 4828e745fdaSopenharmony_ci{ 4838e745fdaSopenharmony_ci for (const auto& mem : routes) { 4848e745fdaSopenharmony_ci cJSON *jRoute = cJSON_CreateObject(); 4858e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "iface", cJSON_CreateString(mem.iface_.c_str())); 4868e745fdaSopenharmony_ci cJSON *jDestination = cJSON_CreateObject(); 4878e745fdaSopenharmony_ci ConvertNetAddrToJson(mem.destination_, jDestination); 4888e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "destination", jDestination); 4898e745fdaSopenharmony_ci cJSON *jGateway = cJSON_CreateObject(); 4908e745fdaSopenharmony_ci ConvertNetAddrToJson(mem.gateway_, jGateway); 4918e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "gateway", jGateway); 4928e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "rtnType", cJSON_CreateNumber(mem.rtnType_)); 4938e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "mtu", cJSON_CreateNumber(mem.mtu_)); 4948e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "isHost", cJSON_CreateBool(mem.isHost_)); 4958e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "hasGateway", cJSON_CreateBool(mem.hasGateway_)); 4968e745fdaSopenharmony_ci cJSON_AddItemToObject(jRoute, "isDefaultRoute", cJSON_CreateBool(mem.isDefaultRoute_)); 4978e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecRoutes, jRoute); 4988e745fdaSopenharmony_ci } 4998e745fdaSopenharmony_ci} 5008e745fdaSopenharmony_ci 5018e745fdaSopenharmony_civoid NetworkVpnService::ParseConfigToJson(const sptr<VpnConfig> &vpnCfg, std::string& jsonString) 5028e745fdaSopenharmony_ci{ 5038e745fdaSopenharmony_ci cJSON *root = cJSON_CreateObject(); 5048e745fdaSopenharmony_ci cJSON *jVecAddrs = cJSON_CreateArray(); 5058e745fdaSopenharmony_ci for (const auto& mem : vpnCfg->addresses_) { 5068e745fdaSopenharmony_ci cJSON *jInetAddr = cJSON_CreateObject(); 5078e745fdaSopenharmony_ci ConvertNetAddrToJson(mem, jInetAddr); 5088e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecAddrs, jInetAddr); 5098e745fdaSopenharmony_ci } 5108e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "addresses", jVecAddrs); 5118e745fdaSopenharmony_ci 5128e745fdaSopenharmony_ci cJSON *jVecRoutes = cJSON_CreateArray(); 5138e745fdaSopenharmony_ci ConvertVecRouteToJson(vpnCfg->routes_, jVecRoutes); 5148e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "routes", jVecRoutes); 5158e745fdaSopenharmony_ci 5168e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "mtu", cJSON_CreateNumber(vpnCfg->mtu_)); 5178e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "isAcceptIPv4", cJSON_CreateBool(vpnCfg->isAcceptIPv4_)); 5188e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "isAcceptIPv6", cJSON_CreateBool(vpnCfg->isAcceptIPv6_)); 5198e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "isLegacy", cJSON_CreateBool(vpnCfg->isLegacy_)); 5208e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "isMetered", cJSON_CreateBool(vpnCfg->isMetered_)); 5218e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "isBlocking", cJSON_CreateBool(vpnCfg->isBlocking_)); 5228e745fdaSopenharmony_ci 5238e745fdaSopenharmony_ci cJSON *jVecDnsAddrs = cJSON_CreateArray(); 5248e745fdaSopenharmony_ci for (const auto& mem : vpnCfg->dnsAddresses_) { 5258e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecDnsAddrs, cJSON_CreateString(mem.c_str())); 5268e745fdaSopenharmony_ci } 5278e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "dnsAddresses", jVecDnsAddrs); 5288e745fdaSopenharmony_ci 5298e745fdaSopenharmony_ci cJSON *jVecDomains = cJSON_CreateArray(); 5308e745fdaSopenharmony_ci for (const auto& mem : vpnCfg->searchDomains_) { 5318e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecDomains, cJSON_CreateString(mem.c_str())); 5328e745fdaSopenharmony_ci } 5338e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "searchDomains", jVecDomains); 5348e745fdaSopenharmony_ci 5358e745fdaSopenharmony_ci cJSON *jVecAcceptApp = cJSON_CreateArray(); 5368e745fdaSopenharmony_ci for (const auto& mem : vpnCfg->acceptedApplications_) { 5378e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecAcceptApp, cJSON_CreateString(mem.c_str())); 5388e745fdaSopenharmony_ci } 5398e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "acceptedApplications", jVecAcceptApp); 5408e745fdaSopenharmony_ci 5418e745fdaSopenharmony_ci cJSON *jVecRefuseApp = cJSON_CreateArray(); 5428e745fdaSopenharmony_ci for (const auto& mem : vpnCfg->refusedApplications_) { 5438e745fdaSopenharmony_ci cJSON_AddItemToArray(jVecRefuseApp, cJSON_CreateString(mem.c_str())); 5448e745fdaSopenharmony_ci } 5458e745fdaSopenharmony_ci cJSON_AddItemToObject(root, "refusedApplications", jVecRefuseApp); 5468e745fdaSopenharmony_ci char *str = cJSON_Print(root); 5478e745fdaSopenharmony_ci if (str == nullptr) { 5488e745fdaSopenharmony_ci cJSON_Delete(root); 5498e745fdaSopenharmony_ci return; 5508e745fdaSopenharmony_ci } 5518e745fdaSopenharmony_ci jsonString = str; 5528e745fdaSopenharmony_ci cJSON_Delete(root); 5538e745fdaSopenharmony_ci free(str); 5548e745fdaSopenharmony_ci} 5558e745fdaSopenharmony_ci 5568e745fdaSopenharmony_civoid NetworkVpnService::SaveVpnConfig(const sptr<VpnConfig> &vpnCfg) 5578e745fdaSopenharmony_ci{ 5588e745fdaSopenharmony_ci std::string jsonString; 5598e745fdaSopenharmony_ci ParseConfigToJson(vpnCfg, jsonString); 5608e745fdaSopenharmony_ci std::ofstream ofs(VPN_CONFIG_FILE); 5618e745fdaSopenharmony_ci ofs << jsonString; 5628e745fdaSopenharmony_ci} 5638e745fdaSopenharmony_ci 5648e745fdaSopenharmony_ciint32_t NetworkVpnService::SetUpVpn(const sptr<VpnConfig> &config, bool isVpnExtCall) 5658e745fdaSopenharmony_ci{ 5668e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("SetUpVpn in"); 5678e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 5688e745fdaSopenharmony_ci std::string vpnBundleName = GetBundleName(); 5698e745fdaSopenharmony_ci if (!NetManagerPermission::CheckPermission(Permission::MANAGE_VPN)) { 5708e745fdaSopenharmony_ci std::string vpnExtMode; 5718e745fdaSopenharmony_ci int32_t ret = NetDataShareHelperUtilsIface::Query(VPNEXT_MODE_URI, vpnBundleName, vpnExtMode); 5728e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str()); 5738e745fdaSopenharmony_ci if (ret != 0 || vpnExtMode != "1") { 5748e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("query datebase fail."); 5758e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PERMISSION_DENIED; 5768e745fdaSopenharmony_ci } 5778e745fdaSopenharmony_ci } 5788e745fdaSopenharmony_ci 5798e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 5808e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 5818e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 5828e745fdaSopenharmony_ci if (NETMANAGER_EXT_SUCCESS != ret) { 5838e745fdaSopenharmony_ci return ret; 5848e745fdaSopenharmony_ci } 5858e745fdaSopenharmony_ci 5868e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 5878e745fdaSopenharmony_ci if (vpnObj_->GetUserId() == userId) { 5888e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("vpn exist already, please execute destory first"); 5898e745fdaSopenharmony_ci return NETWORKVPN_ERROR_VPN_EXIST; 5908e745fdaSopenharmony_ci } else { 5918e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("vpn using by other user"); 5928e745fdaSopenharmony_ci return NETWORKVPN_ERROR_VPN_EXIST; 5938e745fdaSopenharmony_ci } 5948e745fdaSopenharmony_ci } 5958e745fdaSopenharmony_ci 5968e745fdaSopenharmony_ci vpnObj_ = std::make_shared<ExtendedVpnCtl>(config, "", userId, activeUserIds); 5978e745fdaSopenharmony_ci if (vpnObj_->RegisterConnectStateChangedCb(vpnConnCallback_) != NETMANAGER_EXT_SUCCESS) { 5988e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("SetUpVpn register internal callback fail."); 5998e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 6008e745fdaSopenharmony_ci } 6018e745fdaSopenharmony_ci 6028e745fdaSopenharmony_ci ret = vpnObj_->SetUp(); 6038e745fdaSopenharmony_ci if (ret == NETMANAGER_EXT_SUCCESS) { 6048e745fdaSopenharmony_ci hasOpenedVpnUid_ = IPCSkeleton::GetCallingUid(); 6058e745fdaSopenharmony_ci } 6068e745fdaSopenharmony_ci if (ret == NETMANAGER_EXT_SUCCESS && !vpnBundleName.empty()) { 6078e745fdaSopenharmony_ci std::vector<std::string> list = {vpnBundleName, vpnBundleName + VPN_EXTENSION_LABEL}; 6088e745fdaSopenharmony_ci auto regRet = 6098e745fdaSopenharmony_ci Singleton<AppExecFwk::AppMgrClient>::GetInstance().RegisterApplicationStateObserver(vpnHapObserver_, list); 6108e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("vpnHapOberver RegisterApplicationStateObserver ret = %{public}d", regRet); 6118e745fdaSopenharmony_ci } 6128e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("NetworkVpnService SetUp"); 6138e745fdaSopenharmony_ci if (ret == NETMANAGER_EXT_SUCCESS) { 6148e745fdaSopenharmony_ci currentVpnBundleName_ = vpnBundleName; 6158e745fdaSopenharmony_ci } 6168e745fdaSopenharmony_ci return ret; 6178e745fdaSopenharmony_ci} 6188e745fdaSopenharmony_ci 6198e745fdaSopenharmony_ciint32_t NetworkVpnService::Protect(bool isVpnExtCall) 6208e745fdaSopenharmony_ci{ 6218e745fdaSopenharmony_ci /* 6228e745fdaSopenharmony_ci * Only permission verification is performed and 6238e745fdaSopenharmony_ci * the protected socket implements fwmark_service in the netsys process. 6248e745fdaSopenharmony_ci */ 6258e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Protect vpn tunnel successfully."); 6268e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 6278e745fdaSopenharmony_ci} 6288e745fdaSopenharmony_ci 6298e745fdaSopenharmony_ciint32_t NetworkVpnService::DestroyVpn(bool isVpnExtCall) 6308e745fdaSopenharmony_ci{ 6318e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("DestroyVpn in"); 6328e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 6338e745fdaSopenharmony_ci std::string vpnBundleName = GetBundleName(); 6348e745fdaSopenharmony_ci if (!NetManagerPermission::CheckPermission(Permission::MANAGE_VPN)) { 6358e745fdaSopenharmony_ci std::string vpnExtMode; 6368e745fdaSopenharmony_ci int32_t ret = NetDataShareHelperUtilsIface::Query(VPNEXT_MODE_URI, vpnBundleName, vpnExtMode); 6378e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str()); 6388e745fdaSopenharmony_ci if (ret != 0 || vpnExtMode != "1") { 6398e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("query datebase fail."); 6408e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PERMISSION_DENIED; 6418e745fdaSopenharmony_ci } 6428e745fdaSopenharmony_ci } 6438e745fdaSopenharmony_ci 6448e745fdaSopenharmony_ci if (hasOpenedVpnUid_ != IPCSkeleton::GetCallingUid()) { 6458e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("not same vpn, can't destroy"); 6468e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_OPERATION_FAILED; 6478e745fdaSopenharmony_ci } 6488e745fdaSopenharmony_ci 6498e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 6508e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 6518e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 6528e745fdaSopenharmony_ci if (NETMANAGER_EXT_SUCCESS != ret) { 6538e745fdaSopenharmony_ci return ret; 6548e745fdaSopenharmony_ci } 6558e745fdaSopenharmony_ci 6568e745fdaSopenharmony_ci if ((vpnObj_ != nullptr) && (vpnObj_->Destroy() != NETMANAGER_EXT_SUCCESS)) { 6578e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("destroy vpn is failed"); 6588e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 6598e745fdaSopenharmony_ci } 6608e745fdaSopenharmony_ci vpnObj_ = nullptr; 6618e745fdaSopenharmony_ci // remove vpn config 6628e745fdaSopenharmony_ci remove(VPN_CONFIG_FILE); 6638e745fdaSopenharmony_ci 6648e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Destroy vpn successfully."); 6658e745fdaSopenharmony_ci currentVpnBundleName_.clear(); 6668e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 6678e745fdaSopenharmony_ci} 6688e745fdaSopenharmony_ci 6698e745fdaSopenharmony_ci#ifdef SUPPORT_SYSVPN 6708e745fdaSopenharmony_ciint32_t NetworkVpnService::SetUpVpn(const sptr<SysVpnConfig> &config) 6718e745fdaSopenharmony_ci{ 6728e745fdaSopenharmony_ci if (config == nullptr) { 6738e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("config is null."); 6748e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 6758e745fdaSopenharmony_ci } 6768e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 6778e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 6788e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 6798e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 6808e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed"); 6818e745fdaSopenharmony_ci return ret; 6828e745fdaSopenharmony_ci } 6838e745fdaSopenharmony_ci 6848e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 6858e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 6868e745fdaSopenharmony_ci if (vpnObj_->GetUserId() == userId) { 6878e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("vpn exist already, please execute destory first"); 6888e745fdaSopenharmony_ci } else { 6898e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("vpn using by other user"); 6908e745fdaSopenharmony_ci } 6918e745fdaSopenharmony_ci return NETWORKVPN_ERROR_VPN_EXIST; 6928e745fdaSopenharmony_ci } 6938e745fdaSopenharmony_ci vpnObj_ = CreateSysVpnCtl(config, userId, activeUserIds); 6948e745fdaSopenharmony_ci if (!vpnConnCallback_) { 6958e745fdaSopenharmony_ci vpnConnCallback_ = std::make_shared<VpnConnStateCb>(*this); 6968e745fdaSopenharmony_ci } 6978e745fdaSopenharmony_ci if (vpnObj_ == nullptr || vpnObj_->RegisterConnectStateChangedCb(vpnConnCallback_) != NETMANAGER_EXT_SUCCESS) { 6988e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("SetUpVpn register internal callback failed"); 6998e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 7008e745fdaSopenharmony_ci } 7018e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("SystemVpn SetUp"); 7028e745fdaSopenharmony_ci ret = vpnObj_->SetUp(); 7038e745fdaSopenharmony_ci if (ret == NETMANAGER_EXT_SUCCESS) { 7048e745fdaSopenharmony_ci hasOpenedVpnUid_ = IPCSkeleton::GetCallingUid(); 7058e745fdaSopenharmony_ci } 7068e745fdaSopenharmony_ci return ret; 7078e745fdaSopenharmony_ci} 7088e745fdaSopenharmony_ci 7098e745fdaSopenharmony_cistd::shared_ptr<NetVpnImpl> NetworkVpnService::CreateSysVpnCtl( 7108e745fdaSopenharmony_ci const sptr<SysVpnConfig> &config, int32_t userId, std::vector<int32_t> &activeUserIds) 7118e745fdaSopenharmony_ci{ 7128e745fdaSopenharmony_ci sptr<VpnDataBean> vpnBean = new (std::nothrow) VpnDataBean(); 7138e745fdaSopenharmony_ci if (vpnBean == nullptr) { 7148e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnBean is nullptr"); 7158e745fdaSopenharmony_ci return nullptr; 7168e745fdaSopenharmony_ci } 7178e745fdaSopenharmony_ci int32_t result = QueryVpnData(config, vpnBean); 7188e745fdaSopenharmony_ci if (result != NETMANAGER_EXT_SUCCESS) { 7198e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("query vpn data failed"); 7208e745fdaSopenharmony_ci return nullptr; 7218e745fdaSopenharmony_ci } 7228e745fdaSopenharmony_ci std::shared_ptr<IpsecVpnCtl> sysVpnCtl = nullptr; 7238e745fdaSopenharmony_ci switch (vpnBean->vpnType_) { 7248e745fdaSopenharmony_ci case VpnType::IKEV2_IPSEC_MSCHAPv2: 7258e745fdaSopenharmony_ci case VpnType::IKEV2_IPSEC_PSK: 7268e745fdaSopenharmony_ci case VpnType::IKEV2_IPSEC_RSA: 7278e745fdaSopenharmony_ci case VpnType::IPSEC_XAUTH_PSK: 7288e745fdaSopenharmony_ci case VpnType::IPSEC_XAUTH_RSA: 7298e745fdaSopenharmony_ci case VpnType::IPSEC_HYBRID_RSA: { 7308e745fdaSopenharmony_ci sysVpnCtl = CreateIpsecVpnCtl(vpnBean, userId, activeUserIds); 7318e745fdaSopenharmony_ci break; 7328e745fdaSopenharmony_ci } 7338e745fdaSopenharmony_ci case VpnType::L2TP_IPSEC_PSK: 7348e745fdaSopenharmony_ci case VpnType::L2TP_IPSEC_RSA: { 7358e745fdaSopenharmony_ci sysVpnCtl = CreateL2tpCtl(vpnBean, userId, activeUserIds); 7368e745fdaSopenharmony_ci break; 7378e745fdaSopenharmony_ci } 7388e745fdaSopenharmony_ci case VpnType::OPENVPN: { 7398e745fdaSopenharmony_ci return CreateOpenvpnCtl(vpnBean, userId, activeUserIds); 7408e745fdaSopenharmony_ci } 7418e745fdaSopenharmony_ci default: 7428e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpn type is invalid, %{public}d", vpnBean->vpnType_); 7438e745fdaSopenharmony_ci break; 7448e745fdaSopenharmony_ci } 7458e745fdaSopenharmony_ci return sysVpnCtl; 7468e745fdaSopenharmony_ci} 7478e745fdaSopenharmony_ci 7488e745fdaSopenharmony_cistd::shared_ptr<IpsecVpnCtl> NetworkVpnService::CreateL2tpCtl(sptr<VpnDataBean> vpnBean, int32_t userId, 7498e745fdaSopenharmony_ci std::vector<int32_t> &activeUserIds) 7508e745fdaSopenharmony_ci{ 7518e745fdaSopenharmony_ci sptr<L2tpVpnConfig> l2tpVpnConfig = VpnDataBean::ConvertVpnBeanToL2tpVpnConfig(vpnBean); 7528e745fdaSopenharmony_ci if (l2tpVpnConfig == nullptr) { 7538e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("ConvertVpnBeanToL2tpVpnConfig failed"); 7548e745fdaSopenharmony_ci return nullptr; 7558e745fdaSopenharmony_ci } 7568e745fdaSopenharmony_ci std::shared_ptr<IpsecVpnCtl> sysVpnCtl = std::make_shared<L2tpVpnCtl>(l2tpVpnConfig, "", userId, activeUserIds); 7578e745fdaSopenharmony_ci if (sysVpnCtl != nullptr) { 7588e745fdaSopenharmony_ci sysVpnCtl->l2tpVpnConfig_ = l2tpVpnConfig; 7598e745fdaSopenharmony_ci } 7608e745fdaSopenharmony_ci return sysVpnCtl; 7618e745fdaSopenharmony_ci} 7628e745fdaSopenharmony_ci 7638e745fdaSopenharmony_ciint32_t NetworkVpnService::QueryVpnData(const sptr<SysVpnConfig> config, sptr<VpnDataBean> &vpnBean) 7648e745fdaSopenharmony_ci{ 7658e745fdaSopenharmony_ci if (config == nullptr) { 7668e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("QueryVpnData failed, param is null"); 7678e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 7688e745fdaSopenharmony_ci } 7698e745fdaSopenharmony_ci if (vpnBean == nullptr) { 7708e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnBean is nullptr"); 7718e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 7728e745fdaSopenharmony_ci } 7738e745fdaSopenharmony_ci int32_t result = VpnDatabaseHelper::GetInstance().QueryVpnData(vpnBean, config->vpnId_); 7748e745fdaSopenharmony_ci if (result != NETMANAGER_EXT_SUCCESS) { 7758e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("query vpn data failed"); 7768e745fdaSopenharmony_ci } 7778e745fdaSopenharmony_ci return result; 7788e745fdaSopenharmony_ci} 7798e745fdaSopenharmony_ci 7808e745fdaSopenharmony_cistd::shared_ptr<NetVpnImpl> NetworkVpnService::CreateOpenvpnCtl(sptr<VpnDataBean> vpnBean, 7818e745fdaSopenharmony_ci int32_t userId, std::vector<int32_t> &activeUserIds) 7828e745fdaSopenharmony_ci{ 7838e745fdaSopenharmony_ci sptr<OpenvpnConfig> openVpnConfig = VpnDataBean::ConvertVpnBeanToOpenvpnConfig(vpnBean); 7848e745fdaSopenharmony_ci if (openVpnConfig == nullptr) { 7858e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("ConvertVpnBeanToOpenvpnConfig failed"); 7868e745fdaSopenharmony_ci return nullptr; 7878e745fdaSopenharmony_ci } 7888e745fdaSopenharmony_ci std::shared_ptr<OpenvpnCtl> openVpnCtl = 7898e745fdaSopenharmony_ci std::make_shared<OpenvpnCtl>(openVpnConfig, "", userId, activeUserIds); 7908e745fdaSopenharmony_ci if (openVpnCtl != nullptr) { 7918e745fdaSopenharmony_ci openVpnCtl->openvpnConfig_ = openVpnConfig; 7928e745fdaSopenharmony_ci } 7938e745fdaSopenharmony_ci return openVpnCtl; 7948e745fdaSopenharmony_ci} 7958e745fdaSopenharmony_ci 7968e745fdaSopenharmony_cistd::shared_ptr<IpsecVpnCtl> NetworkVpnService::CreateIpsecVpnCtl(sptr<VpnDataBean> vpnBean, 7978e745fdaSopenharmony_ci int32_t userId, std::vector<int32_t> &activeUserIds) 7988e745fdaSopenharmony_ci{ 7998e745fdaSopenharmony_ci sptr<IpsecVpnConfig> ipsecVpnConfig = VpnDataBean::ConvertVpnBeanToIpsecVpnConfig(vpnBean); 8008e745fdaSopenharmony_ci if (ipsecVpnConfig == nullptr) { 8018e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("ConvertVpnBeanToIpsecVpnConfig failed"); 8028e745fdaSopenharmony_ci return nullptr; 8038e745fdaSopenharmony_ci } 8048e745fdaSopenharmony_ci std::shared_ptr<IpsecVpnCtl> sysVpnCtl = std::make_shared<IpsecVpnCtl>(ipsecVpnConfig, "", userId, activeUserIds); 8058e745fdaSopenharmony_ci if (sysVpnCtl != nullptr) { 8068e745fdaSopenharmony_ci sysVpnCtl->ipsecVpnConfig_ = ipsecVpnConfig; 8078e745fdaSopenharmony_ci } 8088e745fdaSopenharmony_ci return sysVpnCtl; 8098e745fdaSopenharmony_ci} 8108e745fdaSopenharmony_ci 8118e745fdaSopenharmony_ciint32_t NetworkVpnService::AddSysVpnConfig(sptr<SysVpnConfig> &config) 8128e745fdaSopenharmony_ci{ 8138e745fdaSopenharmony_ci if (config == nullptr) { 8148e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("config is null"); 8158e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 8168e745fdaSopenharmony_ci } 8178e745fdaSopenharmony_ci 8188e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 8198e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 8208e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 8218e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 8228e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!"); 8238e745fdaSopenharmony_ci return ret; 8248e745fdaSopenharmony_ci } 8258e745fdaSopenharmony_ci 8268e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("AddSysVpnConfig id=%{public}s name=%{public}s type=%{public}d", 8278e745fdaSopenharmony_ci config->vpnId_.c_str(), config->vpnName_.c_str(), config->vpnType_); 8288e745fdaSopenharmony_ci config->userId_ = userId; 8298e745fdaSopenharmony_ci 8308e745fdaSopenharmony_ci sptr<VpnDataBean> vpnBean = VpnDataBean::ConvertSysVpnConfigToVpnBean(config); 8318e745fdaSopenharmony_ci if (vpnBean == nullptr) { 8328e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnBean is nullptr"); 8338e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 8348e745fdaSopenharmony_ci } 8358e745fdaSopenharmony_ci return VpnDatabaseHelper::GetInstance().InsertOrUpdateData(vpnBean); 8368e745fdaSopenharmony_ci} 8378e745fdaSopenharmony_ci 8388e745fdaSopenharmony_ciint32_t NetworkVpnService::DeleteSysVpnConfig(const std::string &vpnId) 8398e745fdaSopenharmony_ci{ 8408e745fdaSopenharmony_ci if (vpnId.empty()) { 8418e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnId is empty"); 8428e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 8438e745fdaSopenharmony_ci } 8448e745fdaSopenharmony_ci 8458e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 8468e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 8478e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 8488e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 8498e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed"); 8508e745fdaSopenharmony_ci return ret; 8518e745fdaSopenharmony_ci } 8528e745fdaSopenharmony_ci 8538e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("DeleteSysVpnConfig id=%{public}s", vpnId.c_str()); 8548e745fdaSopenharmony_ci return VpnDatabaseHelper::GetInstance().DeleteVpnData(vpnId); 8558e745fdaSopenharmony_ci} 8568e745fdaSopenharmony_ci 8578e745fdaSopenharmony_ciint32_t NetworkVpnService::GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList) 8588e745fdaSopenharmony_ci{ 8598e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 8608e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 8618e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 8628e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 8638e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed"); 8648e745fdaSopenharmony_ci return ret; 8658e745fdaSopenharmony_ci } 8668e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("SystemVpn GetSysVpnConfigList"); 8678e745fdaSopenharmony_ci return VpnDatabaseHelper::GetInstance().QueryAllData(vpnList, userId); 8688e745fdaSopenharmony_ci} 8698e745fdaSopenharmony_ci 8708e745fdaSopenharmony_ciint32_t NetworkVpnService::GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId) 8718e745fdaSopenharmony_ci{ 8728e745fdaSopenharmony_ci if (vpnId.empty()) { 8738e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnId is empty"); 8748e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 8758e745fdaSopenharmony_ci } 8768e745fdaSopenharmony_ci 8778e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 8788e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 8798e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 8808e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 8818e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!"); 8828e745fdaSopenharmony_ci return ret; 8838e745fdaSopenharmony_ci } 8848e745fdaSopenharmony_ci 8858e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("GetSysVpnConfig id=%{public}s", vpnId.c_str()); 8868e745fdaSopenharmony_ci sptr<VpnDataBean> vpnBean = new (std::nothrow) VpnDataBean(); 8878e745fdaSopenharmony_ci if (vpnBean == nullptr) { 8888e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("vpnBean is nullptr"); 8898e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 8908e745fdaSopenharmony_ci } 8918e745fdaSopenharmony_ci int32_t result = VpnDatabaseHelper::GetInstance().QueryVpnData(vpnBean, vpnId); 8928e745fdaSopenharmony_ci if (result != NETMANAGER_EXT_SUCCESS) { 8938e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("QueryVpnData failed, result = %{public}d", result); 8948e745fdaSopenharmony_ci return result; 8958e745fdaSopenharmony_ci } 8968e745fdaSopenharmony_ci config = VpnDataBean::ConvertVpnBeanToSysVpnConfig(vpnBean); 8978e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 8988e745fdaSopenharmony_ci} 8998e745fdaSopenharmony_ci 9008e745fdaSopenharmony_ciint32_t NetworkVpnService::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config) 9018e745fdaSopenharmony_ci{ 9028e745fdaSopenharmony_ci int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID; 9038e745fdaSopenharmony_ci std::vector<int32_t> activeUserIds; 9048e745fdaSopenharmony_ci int32_t ret = CheckCurrentAccountType(userId, activeUserIds); 9058e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 9068e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!"); 9078e745fdaSopenharmony_ci return ret; 9088e745fdaSopenharmony_ci } 9098e745fdaSopenharmony_ci 9108e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 9118e745fdaSopenharmony_ci if (vpnObj_ == nullptr) { 9128e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig is null. maybe not setup yet"); 9138e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 9148e745fdaSopenharmony_ci } 9158e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("SystemVpn GetConnectedSysVpnConfig"); 9168e745fdaSopenharmony_ci return vpnObj_->GetConnectedSysVpnConfig(config); 9178e745fdaSopenharmony_ci} 9188e745fdaSopenharmony_ci 9198e745fdaSopenharmony_ciint32_t NetworkVpnService::NotifyConnectStage(const std::string &stage, const int32_t &result) 9208e745fdaSopenharmony_ci{ 9218e745fdaSopenharmony_ci uint32_t callingUid = static_cast<uint32_t>(IPCSkeleton::GetCallingUid()); 9228e745fdaSopenharmony_ci if (callingUid != UID_NET_SYS_NATIVE) { 9238e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("NotifyConnectStage failed, invalid callingUid"); 9248e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL; 9258e745fdaSopenharmony_ci } 9268e745fdaSopenharmony_ci 9278e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 9288e745fdaSopenharmony_ci if (vpnObj_ == nullptr) { 9298e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("NotifyConnectStage failed, vpnObj_ is null"); 9308e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 9318e745fdaSopenharmony_ci } 9328e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("NotifyConnectStage state: %{public}s result: %{public}d", 9338e745fdaSopenharmony_ci stage.c_str(), result); 9348e745fdaSopenharmony_ci return vpnObj_->NotifyConnectStage(stage, result); 9358e745fdaSopenharmony_ci} 9368e745fdaSopenharmony_ci 9378e745fdaSopenharmony_ciint32_t NetworkVpnService::GetSysVpnCertUri(const int32_t certType, std::string &certUri) 9388e745fdaSopenharmony_ci{ 9398e745fdaSopenharmony_ci uint32_t callingUid = static_cast<uint32_t>(IPCSkeleton::GetCallingUid()); 9408e745fdaSopenharmony_ci if (callingUid != UID_NET_SYS_NATIVE) { 9418e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("GetSysVpnCertUri failed, invalid callingUid"); 9428e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL; 9438e745fdaSopenharmony_ci } 9448e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(netVpnMutex_); 9458e745fdaSopenharmony_ci if (vpnObj_ == nullptr) { 9468e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("GetSysVpnCertUri failed, vpnObj_ is null"); 9478e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 9488e745fdaSopenharmony_ci } 9498e745fdaSopenharmony_ci return vpnObj_->GetSysVpnCertUri(certType, certUri); 9508e745fdaSopenharmony_ci} 9518e745fdaSopenharmony_ci#endif // SUPPORT_SYSVPN 9528e745fdaSopenharmony_ci 9538e745fdaSopenharmony_ciint32_t NetworkVpnService::RegisterVpnEvent(const sptr<IVpnEventCallback> callback) 9548e745fdaSopenharmony_ci{ 9558e745fdaSopenharmony_ci int32_t ret = NETMANAGER_EXT_ERR_OPERATION_FAILED; 9568e745fdaSopenharmony_ci if (!networkVpnServiceFfrtQueue_) { 9578e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("FFRT Create Fail"); 9588e745fdaSopenharmony_ci return ret; 9598e745fdaSopenharmony_ci } 9608e745fdaSopenharmony_ci ffrt::task_handle RegisterVpnEventTask = networkVpnServiceFfrtQueue_->submit_h([this, &callback, &ret]() { 9618e745fdaSopenharmony_ci ret = SyncRegisterVpnEvent(callback); 9628e745fdaSopenharmony_ci }, ffrt::task_attr().name("RegisterVpnEvent")); 9638e745fdaSopenharmony_ci networkVpnServiceFfrtQueue_->wait(RegisterVpnEventTask); 9648e745fdaSopenharmony_ci return ret; 9658e745fdaSopenharmony_ci} 9668e745fdaSopenharmony_ci 9678e745fdaSopenharmony_ciint32_t NetworkVpnService::UnregisterVpnEvent(const sptr<IVpnEventCallback> callback) 9688e745fdaSopenharmony_ci{ 9698e745fdaSopenharmony_ci int32_t ret = NETMANAGER_EXT_ERR_OPERATION_FAILED; 9708e745fdaSopenharmony_ci if (!networkVpnServiceFfrtQueue_) { 9718e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("FFRT Create Fail"); 9728e745fdaSopenharmony_ci return ret; 9738e745fdaSopenharmony_ci } 9748e745fdaSopenharmony_ci ffrt::task_handle UnregisterVpnEventTask = networkVpnServiceFfrtQueue_->submit_h([this, &callback, &ret]() { 9758e745fdaSopenharmony_ci ret = SyncUnregisterVpnEvent(callback); 9768e745fdaSopenharmony_ci }, ffrt::task_attr().name("RegisterVpnEvent")); 9778e745fdaSopenharmony_ci networkVpnServiceFfrtQueue_->wait(UnregisterVpnEventTask); 9788e745fdaSopenharmony_ci return ret; 9798e745fdaSopenharmony_ci} 9808e745fdaSopenharmony_ci 9818e745fdaSopenharmony_ciint32_t NetworkVpnService::CreateVpnConnection(bool isVpnExtCall) 9828e745fdaSopenharmony_ci{ 9838e745fdaSopenharmony_ci /* 9848e745fdaSopenharmony_ci * Only permission verification is performed 9858e745fdaSopenharmony_ci */ 9868e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("CreateVpnConnection successfully."); 9878e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 9888e745fdaSopenharmony_ci} 9898e745fdaSopenharmony_ci 9908e745fdaSopenharmony_ciint32_t NetworkVpnService::CheckCurrentAccountType(int32_t &userId, std::vector<int32_t> &activeUserIds) 9918e745fdaSopenharmony_ci{ 9928e745fdaSopenharmony_ci int32_t uid = IPCSkeleton::GetCallingUid(); 9938e745fdaSopenharmony_ci int32_t userId_Max = 99; 9948e745fdaSopenharmony_ci if (AccountSA::OsAccountManager::GetOsAccountLocalIdFromUid(uid, userId) != ERR_OK) { 9958e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("GetOsAccountLocalIdFromUid error, uid: %{public}d.", uid); 9968e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 9978e745fdaSopenharmony_ci } 9988e745fdaSopenharmony_ci 9998e745fdaSopenharmony_ci if (AccountSA::OsAccountManager::QueryActiveOsAccountIds(activeUserIds) != ERR_OK) { 10008e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("QueryActiveOsAccountIds error."); 10018e745fdaSopenharmony_ci } 10028e745fdaSopenharmony_ci 10038e745fdaSopenharmony_ci if (userId >= 0 && userId <= userId_Max) { 10048e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 10058e745fdaSopenharmony_ci } 10068e745fdaSopenharmony_ci 10078e745fdaSopenharmony_ci auto itr = std::find_if(activeUserIds.begin(), activeUserIds.end(), 10088e745fdaSopenharmony_ci [userId](const int32_t &elem) { return (elem == userId) ? true : false; }); 10098e745fdaSopenharmony_ci if (itr == activeUserIds.end()) { 10108e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("userId: %{public}d is not active user. activeUserIds.size: %{public}zd", userId, 10118e745fdaSopenharmony_ci activeUserIds.size()); 10128e745fdaSopenharmony_ci return NETWORKVPN_ERROR_REFUSE_CREATE_VPN; 10138e745fdaSopenharmony_ci } 10148e745fdaSopenharmony_ci 10158e745fdaSopenharmony_ci activeUserIds.clear(); 10168e745fdaSopenharmony_ci 10178e745fdaSopenharmony_ci AccountSA::OsAccountInfo accountInfo; 10188e745fdaSopenharmony_ci if (AccountSA::OsAccountManager::QueryOsAccountById(userId, accountInfo) != ERR_OK) { 10198e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("QueryOsAccountById error, userId: %{public}d.", userId); 10208e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 10218e745fdaSopenharmony_ci } 10228e745fdaSopenharmony_ci 10238e745fdaSopenharmony_ci if (accountInfo.GetType() == AccountSA::OsAccountType::GUEST) { 10248e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("The guest user cannot execute the VPN interface."); 10258e745fdaSopenharmony_ci return NETWORKVPN_ERROR_REFUSE_CREATE_VPN; 10268e745fdaSopenharmony_ci } 10278e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 10288e745fdaSopenharmony_ci} 10298e745fdaSopenharmony_ci 10308e745fdaSopenharmony_ciint32_t NetworkVpnService::SyncRegisterVpnEvent(const sptr<IVpnEventCallback> callback) 10318e745fdaSopenharmony_ci{ 10328e745fdaSopenharmony_ci for (auto iterCb = vpnEventCallbacks_.begin(); iterCb != vpnEventCallbacks_.end(); iterCb++) { 10338e745fdaSopenharmony_ci if ((*iterCb)->AsObject().GetRefPtr() == callback->AsObject().GetRefPtr()) { 10348e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Register vpn event callback failed, callback already exists"); 10358e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_OPERATION_FAILED; 10368e745fdaSopenharmony_ci } 10378e745fdaSopenharmony_ci } 10388e745fdaSopenharmony_ci 10398e745fdaSopenharmony_ci if (vpnEventCallbacks_.size() >= MAX_CALLBACK_COUNT) { 10408e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("callback above max count, return error."); 10418e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_PARAMETER_ERROR; 10428e745fdaSopenharmony_ci } 10438e745fdaSopenharmony_ci 10448e745fdaSopenharmony_ci vpnEventCallbacks_.push_back(callback); 10458e745fdaSopenharmony_ci AddClientDeathRecipient(callback); 10468e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Register vpn event callback successfully"); 10478e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 10488e745fdaSopenharmony_ci} 10498e745fdaSopenharmony_ci 10508e745fdaSopenharmony_ciint32_t NetworkVpnService::SyncUnregisterVpnEvent(const sptr<IVpnEventCallback> callback) 10518e745fdaSopenharmony_ci{ 10528e745fdaSopenharmony_ci for (auto iter = vpnEventCallbacks_.begin(); iter != vpnEventCallbacks_.end(); ++iter) { 10538e745fdaSopenharmony_ci if (callback->AsObject().GetRefPtr() == (*iter)->AsObject().GetRefPtr()) { 10548e745fdaSopenharmony_ci vpnEventCallbacks_.erase(iter); 10558e745fdaSopenharmony_ci RemoveClientDeathRecipient(callback); 10568e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("Unregister vpn event successfully."); 10578e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 10588e745fdaSopenharmony_ci } 10598e745fdaSopenharmony_ci } 10608e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Unregister vpn event callback is does not exist."); 10618e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_OPERATION_FAILED; 10628e745fdaSopenharmony_ci} 10638e745fdaSopenharmony_ci 10648e745fdaSopenharmony_civoid NetworkVpnService::OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) 10658e745fdaSopenharmony_ci{ 10668e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("NetworkVpnService::OnAddSystemAbility systemAbilityId[%{public}d]", systemAbilityId); 10678e745fdaSopenharmony_ci if (systemAbilityId == COMM_NETSYS_NATIVE_SYS_ABILITY_ID) { 10688e745fdaSopenharmony_ci if (hasSARemoved_) { 10698e745fdaSopenharmony_ci OnNetSysRestart(); 10708e745fdaSopenharmony_ci hasSARemoved_ = false; 10718e745fdaSopenharmony_ci } 10728e745fdaSopenharmony_ci } 10738e745fdaSopenharmony_ci} 10748e745fdaSopenharmony_ci 10758e745fdaSopenharmony_civoid NetworkVpnService::OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) 10768e745fdaSopenharmony_ci{ 10778e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("NetworkVpnService::OnRemoveSystemAbility systemAbilityId[%{public}d]", systemAbilityId); 10788e745fdaSopenharmony_ci if (systemAbilityId == COMM_NETSYS_NATIVE_SYS_ABILITY_ID) { 10798e745fdaSopenharmony_ci hasSARemoved_ = true; 10808e745fdaSopenharmony_ci } 10818e745fdaSopenharmony_ci} 10828e745fdaSopenharmony_ci 10838e745fdaSopenharmony_civoid NetworkVpnService::OnNetSysRestart() 10848e745fdaSopenharmony_ci{ 10858e745fdaSopenharmony_ci std::lock_guard<std::mutex> locker(netVpnMutex_); 10868e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("NetworkVpnService::OnNetSysRestart"); 10878e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 10888e745fdaSopenharmony_ci vpnObj_->ResumeUids(); 10898e745fdaSopenharmony_ci } 10908e745fdaSopenharmony_ci} 10918e745fdaSopenharmony_ci 10928e745fdaSopenharmony_ciint32_t NetworkVpnService::FactoryResetVpn() 10938e745fdaSopenharmony_ci{ 10948e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("factory reset Vpn enter."); 10958e745fdaSopenharmony_ci 10968e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 10978e745fdaSopenharmony_ci} 10988e745fdaSopenharmony_ci 10998e745fdaSopenharmony_civoid NetworkVpnService::RegisterFactoryResetCallback() 11008e745fdaSopenharmony_ci{ 11018e745fdaSopenharmony_ci std::thread t([this]() { 11028e745fdaSopenharmony_ci uint32_t count = 0; 11038e745fdaSopenharmony_ci while (NetConnClient::GetInstance().SystemReady() != NETMANAGER_SUCCESS && count < MAX_GET_SERVICE_COUNT) { 11048e745fdaSopenharmony_ci std::this_thread::sleep_for(std::chrono::seconds(WAIT_FOR_SERVICE_TIME_S)); 11058e745fdaSopenharmony_ci count++; 11068e745fdaSopenharmony_ci } 11078e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("NetConnClient Get SystemReady count: %{public}u", count); 11088e745fdaSopenharmony_ci if (count > MAX_GET_SERVICE_COUNT) { 11098e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Connect netconn service fail."); 11108e745fdaSopenharmony_ci } else { 11118e745fdaSopenharmony_ci netFactoryResetCallback_ = (std::make_unique<FactoryResetCallBack>(*this)).release(); 11128e745fdaSopenharmony_ci if (netFactoryResetCallback_ != nullptr) { 11138e745fdaSopenharmony_ci int ret = NetConnClient::GetInstance().RegisterNetFactoryResetCallback(netFactoryResetCallback_); 11148e745fdaSopenharmony_ci if (ret != NETMANAGER_SUCCESS) { 11158e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("RegisterNetFactoryResetCallback ret: %{public}d.", ret); 11168e745fdaSopenharmony_ci } 11178e745fdaSopenharmony_ci } else { 11188e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("netFactoryResetCallback_ is null."); 11198e745fdaSopenharmony_ci } 11208e745fdaSopenharmony_ci } 11218e745fdaSopenharmony_ci }); 11228e745fdaSopenharmony_ci std::string threadName = "vpnRegisterFactoryResetCallback"; 11238e745fdaSopenharmony_ci pthread_setname_np(t.native_handle(), threadName.c_str()); 11248e745fdaSopenharmony_ci t.detach(); 11258e745fdaSopenharmony_ci} 11268e745fdaSopenharmony_ci 11278e745fdaSopenharmony_ciint32_t NetworkVpnService::SetAlwaysOnVpn(std::string &pkg, bool &enable) 11288e745fdaSopenharmony_ci{ 11298e745fdaSopenharmony_ci int32_t ret = NetDataShareHelperUtilsIface::Update(ALWAYS_ON_VPN_URI, KEY_ALWAYS_ON_VPN, (enable ? pkg:"")); 11308e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 11318e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("SetAlwaysOnVpn fail: %{public}d", ret); 11328e745fdaSopenharmony_ci return NETMANAGER_ERR_INTERNAL; 11338e745fdaSopenharmony_ci } 11348e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("SetAlwaysOnVpn success: %{public}s", pkg.c_str()); 11358e745fdaSopenharmony_ci 11368e745fdaSopenharmony_ci StartAlwaysOnVpn(); 11378e745fdaSopenharmony_ci 11388e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 11398e745fdaSopenharmony_ci} 11408e745fdaSopenharmony_ci 11418e745fdaSopenharmony_ciint32_t NetworkVpnService::GetAlwaysOnVpn(std::string &pkg) 11428e745fdaSopenharmony_ci{ 11438e745fdaSopenharmony_ci std::string value = ""; 11448e745fdaSopenharmony_ci int32_t ret = NetDataShareHelperUtilsIface::Query(ALWAYS_ON_VPN_URI, KEY_ALWAYS_ON_VPN, value); 11458e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 11468e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("GetAlwaysOnVpn fail: %{public}d", ret); 11478e745fdaSopenharmony_ci return NETMANAGER_ERR_INTERNAL; 11488e745fdaSopenharmony_ci } 11498e745fdaSopenharmony_ci pkg = value; 11508e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("GetAlwaysOnVpn success: %{public}s", pkg.c_str()); 11518e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 11528e745fdaSopenharmony_ci} 11538e745fdaSopenharmony_ci 11548e745fdaSopenharmony_civoid NetworkVpnService::StartAlwaysOnVpn() 11558e745fdaSopenharmony_ci{ 11568e745fdaSopenharmony_ci //first, according the uerId, query local vpn config, if exist apply 11578e745fdaSopenharmony_ci //the config as VPN, if the local VPN is null, query the local kept 11588e745fdaSopenharmony_ci //package if exist will call up the target app to provide the VPN 11598e745fdaSopenharmony_ci std::string alwaysOnBundleName = ""; 11608e745fdaSopenharmony_ci int32_t ret = GetAlwaysOnVpn(alwaysOnBundleName); 11618e745fdaSopenharmony_ci if (ret != NETMANAGER_EXT_SUCCESS) { 11628e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("StartAlwaysOnVpn fail: %{public}d", ret); 11638e745fdaSopenharmony_ci return; 11648e745fdaSopenharmony_ci } 11658e745fdaSopenharmony_ci 11668e745fdaSopenharmony_ci if (alwaysOnBundleName != "") { 11678e745fdaSopenharmony_ci if (vpnObj_ != nullptr) { 11688e745fdaSopenharmony_ci std::string pkg = vpnObj_->GetVpnPkg(); 11698e745fdaSopenharmony_ci if (pkg != alwaysOnBundleName) { 11708e745fdaSopenharmony_ci NETMGR_EXT_LOG_W("vpn [ %{public}s] exist, destroy vpn first", pkg.c_str()); 11718e745fdaSopenharmony_ci DestroyVpn(); 11728e745fdaSopenharmony_ci } 11738e745fdaSopenharmony_ci } 11748e745fdaSopenharmony_ci // recover vpn config 11758e745fdaSopenharmony_ci RecoverVpnConfig(); 11768e745fdaSopenharmony_ci } 11778e745fdaSopenharmony_ci} 11788e745fdaSopenharmony_ci 11798e745fdaSopenharmony_civoid NetworkVpnService::SubscribeCommonEvent() 11808e745fdaSopenharmony_ci{ 11818e745fdaSopenharmony_ci EventFwk::MatchingSkills matchingSkills; 11828e745fdaSopenharmony_ci matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_USER_UNLOCKED); 11838e745fdaSopenharmony_ci matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_POWER_SAVE_MODE_CHANGED); 11848e745fdaSopenharmony_ci matchingSkills.AddEvent(EventFwk::CommonEventSupport::COMMON_EVENT_PACKAGE_REMOVED); 11858e745fdaSopenharmony_ci EventFwk::CommonEventSubscribeInfo subscribeInfo(matchingSkills); 11868e745fdaSopenharmony_ci // 1 means CORE_EVENT_PRIORITY 11878e745fdaSopenharmony_ci subscribeInfo.SetPriority(1); 11888e745fdaSopenharmony_ci subscriber_ = std::make_shared<ReceiveMessage>(subscribeInfo, *this); 11898e745fdaSopenharmony_ci uint32_t tryCount = 0; 11908e745fdaSopenharmony_ci bool subscribeResult = false; 11918e745fdaSopenharmony_ci while (!subscribeResult && tryCount <= MAX_RETRY_TIMES) { 11928e745fdaSopenharmony_ci std::this_thread::sleep_for(std::chrono::milliseconds(AGAIN_REGISTER_CALLBACK_INTERVAL)); 11938e745fdaSopenharmony_ci subscribeResult = EventFwk::CommonEventManager::SubscribeCommonEvent(subscriber_); 11948e745fdaSopenharmony_ci tryCount++; 11958e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("SubscribeCommonEvent try %{public}d", tryCount); 11968e745fdaSopenharmony_ci } 11978e745fdaSopenharmony_ci 11988e745fdaSopenharmony_ci if (!subscribeResult) { 11998e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("SubscribeCommonEvent fail: %{public}d", subscribeResult); 12008e745fdaSopenharmony_ci } 12018e745fdaSopenharmony_ci} 12028e745fdaSopenharmony_ci 12038e745fdaSopenharmony_civoid NetworkVpnService::ReceiveMessage::OnReceiveEvent(const EventFwk::CommonEventData &eventData) 12048e745fdaSopenharmony_ci{ 12058e745fdaSopenharmony_ci const auto &action = eventData.GetWant().GetAction(); 12068e745fdaSopenharmony_ci const auto &data = eventData.GetData(); 12078e745fdaSopenharmony_ci const auto &code = eventData.GetCode(); 12088e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("NetVReceiveMessage::OnReceiveEvent(), event:[%{public}s], data:[%{public}s], code:[%{public}d]", 12098e745fdaSopenharmony_ci action.c_str(), data.c_str(), code); 12108e745fdaSopenharmony_ci if (action == EventFwk::CommonEventSupport::COMMON_EVENT_POWER_SAVE_MODE_CHANGED) { 12118e745fdaSopenharmony_ci bool isPowerSave = (code == SAVE_MODE || code == LOWPOWER_MODE); 12128e745fdaSopenharmony_ci if (isPowerSave) { 12138e745fdaSopenharmony_ci vpnService_.StartAlwaysOnVpn(); 12148e745fdaSopenharmony_ci } 12158e745fdaSopenharmony_ci return; 12168e745fdaSopenharmony_ci } 12178e745fdaSopenharmony_ci 12188e745fdaSopenharmony_ci if (action == EventFwk::CommonEventSupport::COMMON_EVENT_USER_UNLOCKED) { 12198e745fdaSopenharmony_ci vpnService_.StartAlwaysOnVpn(); 12208e745fdaSopenharmony_ci } 12218e745fdaSopenharmony_ci 12228e745fdaSopenharmony_ci if (action == EventFwk::CommonEventSupport::COMMON_EVENT_PACKAGE_REMOVED) { 12238e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(vpnService_.netVpnMutex_); 12248e745fdaSopenharmony_ci std::string vpnBundleName = vpnService_.GetBundleName(); 12258e745fdaSopenharmony_ci NETMGR_EXT_LOG_D("COMMON_EVENT_PACKAGE_REMOVED, BundleName %{public}s", vpnBundleName.c_str()); 12268e745fdaSopenharmony_ci NetDataShareHelperUtilsIface::Delete(VPNEXT_MODE_URI, vpnBundleName); 12278e745fdaSopenharmony_ci } 12288e745fdaSopenharmony_ci} 12298e745fdaSopenharmony_ci 12308e745fdaSopenharmony_ciint32_t NetworkVpnService::RegisterBundleName(const std::string &bundleName) 12318e745fdaSopenharmony_ci{ 12328e745fdaSopenharmony_ci return 0; 12338e745fdaSopenharmony_ci} 12348e745fdaSopenharmony_ci 12358e745fdaSopenharmony_ciint32_t NetworkVpnService::GetSelfAppName(std::string &selfAppName) 12368e745fdaSopenharmony_ci{ 12378e745fdaSopenharmony_ci std::string bundleName; 12388e745fdaSopenharmony_ci auto samgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); 12398e745fdaSopenharmony_ci if (samgr == nullptr) { 12408e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Get ability manager failed"); 12418e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12428e745fdaSopenharmony_ci } 12438e745fdaSopenharmony_ci auto object = samgr->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); 12448e745fdaSopenharmony_ci if (object == nullptr) { 12458e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("object is NULL."); 12468e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12478e745fdaSopenharmony_ci } 12488e745fdaSopenharmony_ci auto bms = iface_cast<OHOS::AppExecFwk::IBundleMgr>(object); 12498e745fdaSopenharmony_ci if (bms == nullptr) { 12508e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("bundle manager service is NULL."); 12518e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12528e745fdaSopenharmony_ci } 12538e745fdaSopenharmony_ci int32_t uid = IPCSkeleton::GetCallingUid(); 12548e745fdaSopenharmony_ci auto result = bms->GetNameForUid(uid, bundleName); 12558e745fdaSopenharmony_ci if (result != NETMANAGER_EXT_SUCCESS) { 12568e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Error GetBundleNameForUid fail"); 12578e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12588e745fdaSopenharmony_ci } 12598e745fdaSopenharmony_ci 12608e745fdaSopenharmony_ci auto bundleResourceProxy = bms->GetBundleResourceProxy(); 12618e745fdaSopenharmony_ci if (bundleResourceProxy == nullptr) { 12628e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Error get bundleResourceProxy fail"); 12638e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12648e745fdaSopenharmony_ci } 12658e745fdaSopenharmony_ci AppExecFwk::BundleResourceInfo bundleResourceInfo; 12668e745fdaSopenharmony_ci auto errCode = bundleResourceProxy->GetBundleResourceInfo( 12678e745fdaSopenharmony_ci bundleName, static_cast<uint32_t>(OHOS::AppExecFwk::ResourceFlag::GET_RESOURCE_INFO_ALL), bundleResourceInfo); 12688e745fdaSopenharmony_ci if (errCode != ERR_OK) { 12698e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Error call GetBundleResourceInfo fail %{public}d", static_cast<int>(errCode)); 12708e745fdaSopenharmony_ci return NETMANAGER_EXT_ERR_INTERNAL; 12718e745fdaSopenharmony_ci } 12728e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("StartVpnExtensionAbility bundleResourceInfo.label %{public}s", bundleResourceInfo.label.c_str()); 12738e745fdaSopenharmony_ci selfAppName = bundleResourceInfo.label; 12748e745fdaSopenharmony_ci return NETMANAGER_EXT_SUCCESS; 12758e745fdaSopenharmony_ci} 12768e745fdaSopenharmony_ci 12778e745fdaSopenharmony_cistd::string NetworkVpnService::GetBundleName() 12788e745fdaSopenharmony_ci{ 12798e745fdaSopenharmony_ci std::string bundleName; 12808e745fdaSopenharmony_ci auto samgr = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); 12818e745fdaSopenharmony_ci if (samgr == nullptr) { 12828e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Get ability manager failed"); 12838e745fdaSopenharmony_ci return bundleName; 12848e745fdaSopenharmony_ci } 12858e745fdaSopenharmony_ci 12868e745fdaSopenharmony_ci sptr<IRemoteObject> object = samgr->GetSystemAbility(BUNDLE_MGR_SERVICE_SYS_ABILITY_ID); 12878e745fdaSopenharmony_ci if (object == nullptr) { 12888e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("object is NULL."); 12898e745fdaSopenharmony_ci return bundleName; 12908e745fdaSopenharmony_ci } 12918e745fdaSopenharmony_ci sptr<OHOS::AppExecFwk::IBundleMgr> bms = iface_cast<OHOS::AppExecFwk::IBundleMgr>(object); 12928e745fdaSopenharmony_ci if (bms == nullptr) { 12938e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("bundle manager service is NULL."); 12948e745fdaSopenharmony_ci return bundleName; 12958e745fdaSopenharmony_ci } 12968e745fdaSopenharmony_ci 12978e745fdaSopenharmony_ci int32_t uid = IPCSkeleton::GetCallingUid(); 12988e745fdaSopenharmony_ci auto result = bms->GetNameForUid(uid, bundleName); 12998e745fdaSopenharmony_ci if (result != NETMANAGER_EXT_SUCCESS) { 13008e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Error GetBundleNameForUid fail"); 13018e745fdaSopenharmony_ci return bundleName; 13028e745fdaSopenharmony_ci } 13038e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("bundle name is [%{public}s], uid = [%{public}d]", bundleName.c_str(), uid); 13048e745fdaSopenharmony_ci 13058e745fdaSopenharmony_ci AppExecFwk::BundleInfo bundleInfo; 13068e745fdaSopenharmony_ci auto res = bms->GetBundleInfoV9( 13078e745fdaSopenharmony_ci bundleName, 13088e745fdaSopenharmony_ci static_cast<int32_t>( 13098e745fdaSopenharmony_ci static_cast<uint32_t>(AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_HAP_MODULE) | 13108e745fdaSopenharmony_ci static_cast<uint32_t>(AppExecFwk::GetBundleInfoFlag::GET_BUNDLE_INFO_WITH_EXTENSION_ABILITY)), 13118e745fdaSopenharmony_ci bundleInfo, uid / USER_ID_DIVIDOR); 13128e745fdaSopenharmony_ci if (res != 0) { 13138e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("Error GetBundleInfoV9 %{public}d", res); 13148e745fdaSopenharmony_ci } 13158e745fdaSopenharmony_ci for (const auto &hap : bundleInfo.hapModuleInfos) { 13168e745fdaSopenharmony_ci for (const auto &ext : hap.extensionInfos) { 13178e745fdaSopenharmony_ci if (ext.type == AppExecFwk::ExtensionAbilityType::VPN) { 13188e745fdaSopenharmony_ci currentVpnAbilityName_.emplace_back(ext.name); 13198e745fdaSopenharmony_ci } 13208e745fdaSopenharmony_ci } 13218e745fdaSopenharmony_ci } 13228e745fdaSopenharmony_ci 13238e745fdaSopenharmony_ci return bundleName; 13248e745fdaSopenharmony_ci} 13258e745fdaSopenharmony_ci 13268e745fdaSopenharmony_civoid NetworkVpnService::VpnHapObserver::OnExtensionStateChanged(const AppExecFwk::AbilityStateData &abilityStateData) 13278e745fdaSopenharmony_ci{ 13288e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("VPN HAP is OnExtensionStateChanged"); 13298e745fdaSopenharmony_ci} 13308e745fdaSopenharmony_ci 13318e745fdaSopenharmony_civoid NetworkVpnService::VpnHapObserver::OnProcessCreated(const AppExecFwk::ProcessData &processData) 13328e745fdaSopenharmony_ci{ 13338e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("VPN HAP is OnProcessCreated"); 13348e745fdaSopenharmony_ci} 13358e745fdaSopenharmony_ci 13368e745fdaSopenharmony_civoid NetworkVpnService::VpnHapObserver::OnProcessStateChanged(const AppExecFwk::ProcessData &processData) 13378e745fdaSopenharmony_ci{ 13388e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("VPN HAP is OnProcessStateChanged"); 13398e745fdaSopenharmony_ci} 13408e745fdaSopenharmony_ci 13418e745fdaSopenharmony_cistd::string NetworkVpnService::GetCurrentVpnBundleName() 13428e745fdaSopenharmony_ci{ 13438e745fdaSopenharmony_ci return currentVpnBundleName_; 13448e745fdaSopenharmony_ci} 13458e745fdaSopenharmony_ci 13468e745fdaSopenharmony_cistd::vector<std::string> NetworkVpnService::GetCurrentVpnAbilityName() 13478e745fdaSopenharmony_ci{ 13488e745fdaSopenharmony_ci return currentVpnAbilityName_; 13498e745fdaSopenharmony_ci} 13508e745fdaSopenharmony_ci 13518e745fdaSopenharmony_civoid NetworkVpnService::VpnHapObserver::OnProcessDied(const AppExecFwk::ProcessData &processData) 13528e745fdaSopenharmony_ci{ 13538e745fdaSopenharmony_ci std::unique_lock<std::mutex> locker(vpnService_.netVpnMutex_); 13548e745fdaSopenharmony_ci auto extensionBundleName = vpnService_.GetCurrentVpnBundleName(); 13558e745fdaSopenharmony_ci auto extensionAbilityName = vpnService_.GetCurrentVpnAbilityName(); 13568e745fdaSopenharmony_ci if ((vpnService_.vpnObj_ != nullptr) && (vpnService_.vpnObj_->Destroy() != NETMANAGER_EXT_SUCCESS)) { 13578e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("destroy vpn failed"); 13588e745fdaSopenharmony_ci } 13598e745fdaSopenharmony_ci vpnService_.vpnObj_ = nullptr; 13608e745fdaSopenharmony_ci for (const auto &name : extensionAbilityName) { 13618e745fdaSopenharmony_ci AAFwk::Want want; 13628e745fdaSopenharmony_ci AppExecFwk::ElementName elem; 13638e745fdaSopenharmony_ci elem.SetBundleName(extensionBundleName); 13648e745fdaSopenharmony_ci elem.SetAbilityName(name); 13658e745fdaSopenharmony_ci want.SetElement(elem); 13668e745fdaSopenharmony_ci auto res = AAFwk::AbilityManagerClient::GetInstance()->StopExtensionAbility( 13678e745fdaSopenharmony_ci want, nullptr, AAFwk::DEFAULT_INVAL_VALUE, AppExecFwk::ExtensionAbilityType::VPN); 13688e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("VPN HAP is OnProcessDied StopExtensionAbility res= %{public}d", res); 13698e745fdaSopenharmony_ci } 13708e745fdaSopenharmony_ci} 13718e745fdaSopenharmony_ci 13728e745fdaSopenharmony_civoid NetworkVpnService::OnRemoteDied(const wptr<IRemoteObject> &remoteObject) 13738e745fdaSopenharmony_ci{ 13748e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("vpn OnRemoteDied"); 13758e745fdaSopenharmony_ci sptr<IRemoteObject> diedRemoted = remoteObject.promote(); 13768e745fdaSopenharmony_ci if (diedRemoted == nullptr) { 13778e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("diedRemoted is null"); 13788e745fdaSopenharmony_ci return; 13798e745fdaSopenharmony_ci } 13808e745fdaSopenharmony_ci sptr<IVpnEventCallback> callback = iface_cast<IVpnEventCallback>(diedRemoted); 13818e745fdaSopenharmony_ci UnregisterVpnEvent(callback); 13828e745fdaSopenharmony_ci if (vpnObj_ != nullptr && vpnObj_->Destroy() != NETMANAGER_EXT_SUCCESS) { 13838e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("destroy vpn is failed"); 13848e745fdaSopenharmony_ci return; 13858e745fdaSopenharmony_ci } 13868e745fdaSopenharmony_ci vpnObj_ = nullptr; 13878e745fdaSopenharmony_ci} 13888e745fdaSopenharmony_ci 13898e745fdaSopenharmony_civoid NetworkVpnService::AddClientDeathRecipient(const sptr<IVpnEventCallback> &callback) 13908e745fdaSopenharmony_ci{ 13918e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("vpn AddClientDeathRecipient"); 13928e745fdaSopenharmony_ci std::lock_guard<std::mutex> autoLock(remoteMutex_); 13938e745fdaSopenharmony_ci if (deathRecipient_ == nullptr) { 13948e745fdaSopenharmony_ci deathRecipient_ = new (std::nothrow) VpnAppDeathRecipient(*this); 13958e745fdaSopenharmony_ci } 13968e745fdaSopenharmony_ci if (deathRecipient_ == nullptr) { 13978e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("deathRecipient is null"); 13988e745fdaSopenharmony_ci return; 13998e745fdaSopenharmony_ci } 14008e745fdaSopenharmony_ci if (!callback->AsObject()->AddDeathRecipient(deathRecipient_)) { 14018e745fdaSopenharmony_ci NETMGR_EXT_LOG_E("AddClientDeathRecipient failed"); 14028e745fdaSopenharmony_ci return; 14038e745fdaSopenharmony_ci } 14048e745fdaSopenharmony_ci auto iter = 14058e745fdaSopenharmony_ci std::find_if(vpnEventCallbacks_.cbegin(), vpnEventCallbacks_.cend(), 14068e745fdaSopenharmony_ci [&callback](const sptr<IVpnEventCallback> &item) { 14078e745fdaSopenharmony_ci return item->AsObject().GetRefPtr() == callback->AsObject().GetRefPtr(); 14088e745fdaSopenharmony_ci }); 14098e745fdaSopenharmony_ci if (iter == vpnEventCallbacks_.cend()) { 14108e745fdaSopenharmony_ci vpnEventCallbacks_.emplace_back(callback); 14118e745fdaSopenharmony_ci } 14128e745fdaSopenharmony_ci} 14138e745fdaSopenharmony_ci 14148e745fdaSopenharmony_civoid NetworkVpnService::RemoveClientDeathRecipient(const sptr<IVpnEventCallback> &callback) 14158e745fdaSopenharmony_ci{ 14168e745fdaSopenharmony_ci NETMGR_EXT_LOG_I("vpn RemoveClientDeathRecipient"); 14178e745fdaSopenharmony_ci std::lock_guard<std::mutex> autoLock(remoteMutex_); 14188e745fdaSopenharmony_ci auto iter = 14198e745fdaSopenharmony_ci std::find_if(vpnEventCallbacks_.cbegin(), vpnEventCallbacks_.cend(), 14208e745fdaSopenharmony_ci [&callback](const sptr<IVpnEventCallback> &item) { 14218e745fdaSopenharmony_ci return item->AsObject().GetRefPtr() == callback->AsObject().GetRefPtr(); 14228e745fdaSopenharmony_ci }); 14238e745fdaSopenharmony_ci if (iter == vpnEventCallbacks_.cend()) { 14248e745fdaSopenharmony_ci return; 14258e745fdaSopenharmony_ci } 14268e745fdaSopenharmony_ci callback->AsObject()->RemoveDeathRecipient(deathRecipient_); 14278e745fdaSopenharmony_ci vpnEventCallbacks_.erase(iter); 14288e745fdaSopenharmony_ci} 14298e745fdaSopenharmony_ci 14308e745fdaSopenharmony_civoid NetworkVpnService::RemoveALLClientDeathRecipient() 14318e745fdaSopenharmony_ci{ 14328e745fdaSopenharmony_ci std::lock_guard<std::mutex> autoLock(remoteMutex_); 14338e745fdaSopenharmony_ci for (auto &item : vpnEventCallbacks_) { 14348e745fdaSopenharmony_ci item->AsObject()->RemoveDeathRecipient(deathRecipient_); 14358e745fdaSopenharmony_ci } 14368e745fdaSopenharmony_ci vpnEventCallbacks_.clear(); 14378e745fdaSopenharmony_ci deathRecipient_ = nullptr; 14388e745fdaSopenharmony_ci} 14398e745fdaSopenharmony_ci} // namespace NetManagerStandard 14408e745fdaSopenharmony_ci} // namespace OHOS 1441