代码拉取完成,页面将自动刷新
diff --git a/bundle.json b/bundle.json
index d6fe2b9..3662015 100644
--- a/bundle.json
+++ b/bundle.json
@@ -31,6 +31,8 @@
"netmanager_ext_feature_ethernet",
"netmanager_ext_feature_share",
"netmanager_ext_feature_mdns",
+ "netmanager_ext_feature_sysvpn",
+ "netmanager_ext_feature_vpn_for_user0",
"netmanager_ext_feature_vpn",
"netmanager_ext_feature_vpnext",
"netmanager_ext_feature_net_firewall"
@@ -69,7 +71,11 @@
"relational_store",
"preferences",
"ffrt",
+ "hicollie",
"init"
+ ],
+ "third_party": [
+ "cJSON"
]
},
"build": {
@@ -88,6 +94,7 @@
"//foundation/communication/netmanager_ext/services/etc/init:mdnsmanager.rc",
"//foundation/communication/netmanager_ext/sa_profile:mdns_manager_profile",
"//foundation/communication/netmanager_ext/sa_profile:netfirewall_manager_profile",
+ "//foundation/communication/netmanager_ext/services/etc/init:vpnmanager.cfg",
"//foundation/communication/netmanager_ext:netfirewall_packages"
]
},
@@ -153,6 +160,16 @@
],
"header_base": "//foundation/communication/netmanager_ext/interfaces/innerkits"
}
+ },
+ {
+ "type": "so",
+ "name": "//foundation/communication/netmanager_ext/interfaces/innerkits/netvpnclient:net_vpn_manager_if",
+ "header": {
+ "header_files": [
+ "netvpnclient/include/networkvpn_client.h"
+ ],
+ "header_base": "//foundation/communication/netmanager_ext/interfaces/innerkits"
+ }
}
],
"test": [
diff --git a/frameworks/js/napi/vpn/BUILD.gn b/frameworks/js/napi/vpn/BUILD.gn
index 32a3d74..8bb2150 100644
--- a/frameworks/js/napi/vpn/BUILD.gn
+++ b/frameworks/js/napi/vpn/BUILD.gn
@@ -59,6 +59,19 @@ ohos_shared_library("vpn") {
"-O2",
]
+ if (netmanager_ext_feature_sysvpn) {
+ cflags += sysvpn_flags
+ cflags_cc += sysvpn_flags
+ sources += [
+ "src/context/add_context.cpp",
+ "src/context/delete_context.cpp",
+ "src/context/get_connected_context.cpp",
+ "src/context/get_context.cpp",
+ "src/context/get_list_context.cpp",
+ "src/vpn_config_utils.cpp",
+ ]
+ }
+
deps = [
"$NETMANAGER_EXT_ROOT/interfaces/innerkits/netvpnclient:net_vpn_manager_if",
"$NETMANAGER_EXT_ROOT/utils:net_manager_ext_common",
diff --git a/frameworks/js/napi/vpn/include/context/setup_context.h b/frameworks/js/napi/vpn/include/context/setup_context.h
index c162026..9572233 100644
--- a/frameworks/js/napi/vpn/include/context/setup_context.h
+++ b/frameworks/js/napi/vpn/include/context/setup_context.h
@@ -22,6 +22,9 @@
#include "base_context.h"
#include "event_manager.h"
#include "refbase.h"
+#ifdef SUPPORT_SYSVPN
+#include "sysvpn_config.h"
+#endif // SUPPORT_SYSVPN
#include "vpn_config.h"
namespace OHOS {
@@ -36,6 +39,9 @@ public:
public:
sptr<VpnConfig> vpnConfig_ = nullptr;
int fd_ = -1;
+#ifdef SUPPORT_SYSVPN
+ sptr<SysVpnConfig> sysVpnConfig_ = nullptr;
+#endif // SUPPORT_SYSVPN
private:
bool ParseVpnConfig(napi_value *params);
diff --git a/frameworks/js/napi/vpn/include/vpn_config_utils.h b/frameworks/js/napi/vpn/include/vpn_config_utils.h
index be828e9..223f724 100755
--- a/frameworks/js/napi/vpn/include/vpn_config_utils.h
+++ b/frameworks/js/napi/vpn/include/vpn_config_utils.h
@@ -21,11 +21,12 @@
#include <string>
#include <vector>
-#include "route.h"
#include "inet_addr.h"
-#include "vpn_config.h"
#include "ipsecvpn_config.h"
#include "l2tpvpn_config.h"
+#include "openvpn_config.h"
+#include "route.h"
+#include "vpn_config.h"
namespace OHOS {
namespace NetManagerStandard {
@@ -63,14 +64,14 @@ constexpr const char *CONFIG_SAVE_LOGIN = "saveLogin";
constexpr const char *CONFIG_FORWARDED_ROUTES = "forwardingRoutes";
constexpr const char *CONFIG_OVPN_PORT = "ovpnPort";
-constexpr const char *CONFIG_OPEN_VPN_PROTOCOL = "ovpnProtocol";
-constexpr const char *CONFIG_OPEN_VPN_CFG = "ovpnConfig";
-constexpr const char *CONFIG_OPEN_VPN_AUTH_TYPE = "ovpnAuthType";
+constexpr const char *CONFIG_OPENVPN_PROTOCOL = "ovpnProtocol";
+constexpr const char *CONFIG_OPENVPN_CFG = "ovpnConfig";
+constexpr const char *CONFIG_OPENVPN_AUTH_TYPE = "ovpnAuthType";
constexpr const char *CONFIG_ASKPASS = "askpass";
-constexpr const char *CONFIG_OPEN_VPN_CFG_FILE_PATH = "ovpnConfigFilePath";
-constexpr const char *CONFIG_OPEN_VPN_CA_CERT_FILE_PATH = "ovpnCaCertFilePath";
-constexpr const char *CONFIG_OPEN_VPN_USER_CERT_FILE_PATH = "ovpnUserCertFilePath";
-constexpr const char *CONFIG_OPEN_VPN_PRIVATE_KEY_FILE_PATH = "ovpnPrivateKeyFilePath";
+constexpr const char *CONFIG_OPENVPN_CFG_FILE_PATH = "ovpnConfigFilePath";
+constexpr const char *CONFIG_OPENVPN_CA_CERT_FILE_PATH = "ovpnCaCertFilePath";
+constexpr const char *CONFIG_OPENVPN_USER_CERT_FILE_PATH = "ovpnUserCertFilePath";
+constexpr const char *CONFIG_OPENVPN_PRIVATE_KEY_FILE_PATH = "ovpnPrivateKeyFilePath";
constexpr const char *CONFIG_IPSEC_PRE_SHARE_KEY = "ipsecPreSharedKey";
constexpr const char *CONFIG_IPSEC_IDENTIFIER = "ipsecIdentifier";
@@ -97,8 +98,9 @@ bool ParseSysVpnConfig(napi_env env, napi_value *params, sptr<SysVpnConfig> &vpn
bool ParseAddrRouteParams(napi_env env, napi_value config, sptr<SysVpnConfig> &vpnConfig);
bool ParseChoiceableParams(napi_env env, napi_value config, sptr<SysVpnConfig> &vpnConfig);
-bool ParseIpsecVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &vpnConfig);
-bool ParseL2tpVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &vpnConfig);
+sptr<OpenvpnConfig> CreateAndParseOpenvpnConf(napi_env env, napi_value config);
+sptr<IpsecVpnConfig> CreateAndParseIpsecVpnConf(napi_env env, napi_value config);
+sptr<L2tpVpnConfig> CreateAndParseL2tpVpnConf(napi_env env, napi_value config);
bool ParseAddress(napi_env env, napi_value address, struct INetAddr &iNetAddr);
bool ParseDestination(napi_env env, napi_value jsRoute, struct INetAddr &iNetAddr);
@@ -114,6 +116,7 @@ void GetInt32FromJsOptionItem(napi_env env, napi_value object, const std::string
napi_value CreateNapiVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig);
napi_value CreateNapiSysVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig);
+napi_value CreateNapiOpenvpnConfig(napi_env env, sptr<SysVpnConfig> sysVpnConfig);
napi_value CreateNapiIpsecVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig);
napi_value CreateNapiL2tpVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig);
}
diff --git a/frameworks/js/napi/vpn/src/context/add_context.cpp b/frameworks/js/napi/vpn/src/context/add_context.cpp
index dbbca20..34b9901 100755
--- a/frameworks/js/napi/vpn/src/context/add_context.cpp
+++ b/frameworks/js/napi/vpn/src/context/add_context.cpp
@@ -36,7 +36,7 @@ bool AddContext::CheckParamsType(napi_env env, napi_value *params, size_t params
return (NapiUtils::GetValueType(env, params[0]) == napi_object);
case PARAM_OPTIONS_AND_CALLBACK:
return ((NapiUtils::GetValueType(env, params[0]) == napi_object) &&
- (NapiUtils::GetValueType(env, params[1]) == napi_function));
+ (NapiUtils::GetValueType(env, params[1]) == napi_function));
default:
return false;
}
diff --git a/frameworks/js/napi/vpn/src/context/setup_context.cpp b/frameworks/js/napi/vpn/src/context/setup_context.cpp
index 7e56abf..90891ac 100644
--- a/frameworks/js/napi/vpn/src/context/setup_context.cpp
+++ b/frameworks/js/napi/vpn/src/context/setup_context.cpp
@@ -25,6 +25,9 @@
#include "netmanager_base_common_utils.h"
#include "netmgr_ext_log_wrapper.h"
#include "route.h"
+#ifdef SUPPORT_SYSVPN
+#include "sysvpn_config.h"
+#endif // SUPPORT_SYSVPN
namespace OHOS {
namespace NetManagerStandard {
@@ -141,6 +144,25 @@ void SetUpContext::ParseParams(napi_value *params, size_t paramsCount)
bool SetUpContext::ParseVpnConfig(napi_value *params)
{
+#ifdef SUPPORT_SYSVPN
+ if (params == nullptr) {
+ NETMGR_EXT_LOG_E("params is nullptr");
+ return false;
+ }
+ if (NapiUtils::HasNamedProperty(GetEnv(), params[0], "vpnId")) {
+ sysVpnConfig_ = new (std::nothrow) SysVpnConfig();
+ if (sysVpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("setup parse sysvpn config failed, config is null");
+ return false;
+ }
+ sysVpnConfig_->vpnId_ = NapiUtils::GetStringPropertyUtf8(GetEnv(), params[0], "vpnId");
+ sysVpnConfig_->vpnType_ = NapiUtils::GetInt32Property(GetEnv(), params[0], "vpnType");
+ NETMGR_EXT_LOG_I("setup parse sysvpn config, id=%{public}s, type=%{public}d",
+ sysVpnConfig_->vpnId_.c_str(), sysVpnConfig_->vpnType_);
+ return true;
+ }
+#endif // SUPPORT_SYSVPN
+
vpnConfig_ = new (std::nothrow) VpnConfig();
if (vpnConfig_ == nullptr) {
NETMGR_EXT_LOG_E("vpnConfig is nullptr");
diff --git a/frameworks/js/napi/vpn/src/vpn_config_utils.cpp b/frameworks/js/napi/vpn/src/vpn_config_utils.cpp
index 96a8a84..1c83339 100755
--- a/frameworks/js/napi/vpn/src/vpn_config_utils.cpp
+++ b/frameworks/js/napi/vpn/src/vpn_config_utils.cpp
@@ -26,29 +26,43 @@ namespace NetManagerStandard {
namespace VpnConfigUtils {
bool ParseSysVpnConfig(napi_env env, napi_value *params, sptr<SysVpnConfig> &vpnConfig)
{
+ if (params == nullptr) {
+ NETMGR_EXT_LOG_E("ParseSysVpnConfig failed, params is null");
+ return false;
+ }
int vpnType = -1;
GetInt32FromJsOptionItem(env, params[0], CONFIG_VPN_TYPE, vpnType);
switch (vpnType) {
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_MSCHAPv2):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_PSK):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_HYBRID_RSA):
- vpnConfig = new (std::nothrow) IpsecVpnConfig();
- if (!ParseIpsecVpnParams(env, params[0], vpnConfig)) {
- NETMGR_EXT_LOG_E("ParseIpsecVpnParams failed");
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA: {
+ vpnConfig = CreateAndParseIpsecVpnConf(env, params[0]);
+ if (vpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateAndParseIpsecVpnConf failed, vpnConfig is null");
return false;
}
break;
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_RSA):
- vpnConfig = new (std::nothrow) L2tpVpnConfig();
- if (!ParseL2tpVpnParams(env, params[0], vpnConfig)) {
- NETMGR_EXT_LOG_E("ParseL2tpVpnParams failed");
+ }
+ case VpnType::OPENVPN: {
+ vpnConfig = CreateAndParseOpenvpnConf(env, params[0]);
+ if (vpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateAndParseOpenvpnConf failed, vpnConfig is null");
return false;
}
break;
+ }
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA: {
+ vpnConfig = CreateAndParseL2tpVpnConf(env, params[0]);
+ if (vpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateAndParseL2tpVpnConf failed, vpnConfig is null");
+ return false;
+ }
+ break;
+ }
default:
NETMGR_EXT_LOG_E("sysvpn ParseSysVpnConfig failed! invalid type=%{public}d", vpnType);
return false;
@@ -126,7 +140,7 @@ bool ParseChoiceableParams(napi_env env, napi_value config, sptr<SysVpnConfig> &
return true;
}
-bool ParseSystemVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &sysVpnConfig)
+bool ParseSystemVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> sysVpnConfig)
{
if (sysVpnConfig == nullptr) {
NETMGR_EXT_LOG_E("sysVpnConfig is null");
@@ -142,92 +156,106 @@ bool ParseSystemVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &s
return true;
}
-bool ParseIpsecVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &sysVpnConfig)
+sptr<IpsecVpnConfig> CreateAndParseIpsecVpnConf(napi_env env, napi_value config)
{
- if (sysVpnConfig == nullptr) {
- NETMGR_EXT_LOG_E("sysVpnConfig is null");
- return false;
+ sptr<IpsecVpnConfig> ipsecVpnConfig = new (std::nothrow) IpsecVpnConfig();
+ if (ipsecVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("create ipsecVpnConfig failed, is null");
+ return nullptr;
}
- if (!ParseSystemVpnParams(env, config, sysVpnConfig)) {
+ if (!ParseSystemVpnParams(env, config, ipsecVpnConfig)) {
NETMGR_EXT_LOG_E("ParseSystemVpnParams failed");
- return false;
- }
-
- sptr<IpsecVpnConfig> ipsecVpnConfig = sptr<IpsecVpnConfig>(
- static_cast<IpsecVpnConfig*>(sysVpnConfig.GetRefPtr()));
- if (ipsecVpnConfig) {
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, ipsecVpnConfig->ipsecPreSharedKey_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_IDENTIFIER, ipsecVpnConfig->ipsecIdentifier_);
- GetStringFromJsOptionItem(env, config, CONFIG_SWANCTL_CONF, ipsecVpnConfig->swanctlConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_STRONGSWAN_CONF, ipsecVpnConfig->strongswanConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_CONF, ipsecVpnConfig->ipsecCaCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_CONF,
- ipsecVpnConfig->ipsecPrivateUserCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_CONF,
- ipsecVpnConfig->ipsecPublicUserCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_CONF,
- ipsecVpnConfig->ipsecPrivateServerCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_CONF,
- ipsecVpnConfig->ipsecPublicServerCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_FILE_PATH, ipsecVpnConfig->ipsecCaCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_FILE_PATH,
- ipsecVpnConfig->ipsecPrivateUserCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_FILE_PATH,
- ipsecVpnConfig->ipsecPublicUserCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_FILE_PATH,
- ipsecVpnConfig->ipsecPrivateServerCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_FILE_PATH,
- ipsecVpnConfig->ipsecPublicServerCertFilePath_);
- return true;
- } else {
- return false;
- }
+ return nullptr;
+ }
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, ipsecVpnConfig->ipsecPreSharedKey_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_IDENTIFIER, ipsecVpnConfig->ipsecIdentifier_);
+ GetStringFromJsOptionItem(env, config, CONFIG_SWANCTL_CONF, ipsecVpnConfig->swanctlConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_STRONGSWAN_CONF, ipsecVpnConfig->strongswanConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_CONF, ipsecVpnConfig->ipsecCaCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_CONF,
+ ipsecVpnConfig->ipsecPrivateUserCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_CONF,
+ ipsecVpnConfig->ipsecPublicUserCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_CONF,
+ ipsecVpnConfig->ipsecPrivateServerCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_CONF,
+ ipsecVpnConfig->ipsecPublicServerCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_FILE_PATH, ipsecVpnConfig->ipsecCaCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_FILE_PATH,
+ ipsecVpnConfig->ipsecPrivateUserCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_FILE_PATH,
+ ipsecVpnConfig->ipsecPublicUserCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_FILE_PATH,
+ ipsecVpnConfig->ipsecPrivateServerCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_FILE_PATH,
+ ipsecVpnConfig->ipsecPublicServerCertFilePath_);
+ return ipsecVpnConfig;
}
-bool ParseL2tpVpnParams(napi_env env, napi_value config, sptr<SysVpnConfig> &sysVpnConfig)
+sptr<L2tpVpnConfig> CreateAndParseL2tpVpnConf(napi_env env, napi_value config)
{
- if (sysVpnConfig == nullptr) {
- NETMGR_EXT_LOG_E("sysVpnConfig is null");
- return false;
+ sptr<L2tpVpnConfig> l2tpVpnConfig = new (std::nothrow) L2tpVpnConfig();
+ if (l2tpVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("l2tpVpnConfig is null");
+ return nullptr;
}
- if (!ParseSystemVpnParams(env, config, sysVpnConfig)) {
+ if (!ParseSystemVpnParams(env, config, l2tpVpnConfig)) {
NETMGR_EXT_LOG_E("ParseSystemVpnParams failed");
- return false;
+ return nullptr;
}
- sptr<L2tpVpnConfig> l2tpVpnConfig = sptr<L2tpVpnConfig>(static_cast<L2tpVpnConfig*>(sysVpnConfig.GetRefPtr()));
- if (l2tpVpnConfig) {
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, l2tpVpnConfig->ipsecPreSharedKey_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_IDENTIFIER, l2tpVpnConfig->ipsecIdentifier_);
- GetStringFromJsOptionItem(env, config, CONFIG_STRONGSWAN_CONF, l2tpVpnConfig->strongswanConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_CONF, l2tpVpnConfig->ipsecCaCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_CONF,
- l2tpVpnConfig->ipsecPrivateUserCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_CONF,
- l2tpVpnConfig->ipsecPublicUserCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_CONF,
- l2tpVpnConfig->ipsecPrivateServerCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_CONF,
- l2tpVpnConfig->ipsecPublicServerCertConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_FILE_PATH,
- l2tpVpnConfig->ipsecCaCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_FILE_PATH,
- l2tpVpnConfig->ipsecPrivateUserCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_FILE_PATH,
- l2tpVpnConfig->ipsecPublicUserCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_FILE_PATH,
- l2tpVpnConfig->ipsecPrivateServerCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_FILE_PATH,
- l2tpVpnConfig->ipsecPublicServerCertFilePath_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CONF, l2tpVpnConfig->ipsecConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_SECRETS, l2tpVpnConfig->ipsecSecrets_);
- GetStringFromJsOptionItem(env, config, CONFIG_OPTIONS_L2TPD_CLIENT, l2tpVpnConfig->optionsL2tpdClient_);
- GetStringFromJsOptionItem(env, config, CONFIG_XL2TPD_CONF, l2tpVpnConfig->xl2tpdConf_);
- GetStringFromJsOptionItem(env, config, CONFIG_L2TP_SHARED_KEY, l2tpVpnConfig->l2tpSharedKey_);
- return true;
- } else {
- return false;
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, l2tpVpnConfig->ipsecPreSharedKey_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_IDENTIFIER, l2tpVpnConfig->ipsecIdentifier_);
+ GetStringFromJsOptionItem(env, config, CONFIG_STRONGSWAN_CONF, l2tpVpnConfig->strongswanConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_CONF, l2tpVpnConfig->ipsecCaCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_CONF,
+ l2tpVpnConfig->ipsecPrivateUserCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_CONF,
+ l2tpVpnConfig->ipsecPublicUserCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_CONF,
+ l2tpVpnConfig->ipsecPrivateServerCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_CONF,
+ l2tpVpnConfig->ipsecPublicServerCertConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CA_CERT_FILE_PATH,
+ l2tpVpnConfig->ipsecCaCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_USER_CERT_FILE_PATH,
+ l2tpVpnConfig->ipsecPrivateUserCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_USER_CERT_FILE_PATH,
+ l2tpVpnConfig->ipsecPublicUserCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PRIVATE_SERVER_CERT_FILE_PATH,
+ l2tpVpnConfig->ipsecPrivateServerCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_FILE_PATH,
+ l2tpVpnConfig->ipsecPublicServerCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_CONF, l2tpVpnConfig->ipsecConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_IPSEC_SECRETS, l2tpVpnConfig->ipsecSecrets_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPTIONS_L2TPD_CLIENT, l2tpVpnConfig->optionsL2tpdClient_);
+ GetStringFromJsOptionItem(env, config, CONFIG_XL2TPD_CONF, l2tpVpnConfig->xl2tpdConf_);
+ GetStringFromJsOptionItem(env, config, CONFIG_L2TP_SHARED_KEY, l2tpVpnConfig->l2tpSharedKey_);
+ return l2tpVpnConfig;
+}
+
+sptr<OpenvpnConfig> CreateAndParseOpenvpnConf(napi_env env, napi_value config)
+{
+ sptr<OpenvpnConfig> openvpnConfig = new (std::nothrow) OpenvpnConfig();
+ if (openvpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("openvpnConfig is null");
+ return nullptr;
}
+ if (!ParseSystemVpnParams(env, config, openvpnConfig)) {
+ NETMGR_EXT_LOG_E("ParseSystemVpnParams failed");
+ return nullptr;
+ }
+ GetStringFromJsOptionItem(env, config, CONFIG_OVPN_PORT, openvpnConfig->ovpnPort_);
+ GetInt32FromJsOptionItem(env, config, CONFIG_OPENVPN_PROTOCOL, openvpnConfig->ovpnProtocol_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPENVPN_CFG, openvpnConfig->ovpnConfig_);
+ GetInt32FromJsOptionItem(env, config, CONFIG_OPENVPN_AUTH_TYPE, openvpnConfig->ovpnAuthType_);
+ GetStringFromJsOptionItem(env, config, CONFIG_ASKPASS, openvpnConfig->askpass_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPENVPN_CFG_FILE_PATH, openvpnConfig->ovpnConfigFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPENVPN_CA_CERT_FILE_PATH, openvpnConfig->ovpnCaCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPENVPN_USER_CERT_FILE_PATH, openvpnConfig->ovpnUserCertFilePath_);
+ GetStringFromJsOptionItem(env, config, CONFIG_OPENVPN_PRIVATE_KEY_FILE_PATH,
+ openvpnConfig->ovpnPrivateKeyFilePath_);
+ return openvpnConfig;
}
bool ParseAddress(napi_env env, napi_value address, struct INetAddr &iNetAddr)
@@ -423,26 +451,34 @@ void GetInt32FromJsOptionItem(napi_env env, napi_value object, const std::string
napi_value CreateNapiVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig)
{
if (sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiVpnConfig failed, param is null");
return NapiUtils::GetUndefined(env);
}
switch (sysVpnConfig->vpnType_) {
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_MSCHAPv2):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_PSK):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_HYBRID_RSA):
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA:
return CreateNapiIpsecVpnConfig(env, sysVpnConfig);
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_RSA):
+ case VpnType::OPENVPN:
+ return CreateNapiOpenvpnConfig(env, sysVpnConfig);
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA:
return CreateNapiL2tpVpnConfig(env, sysVpnConfig);
default:
+ NETMGR_EXT_LOG_E("CreateNapiVpnConfig failed, invalid type %{public}d", sysVpnConfig->vpnType_);
return NapiUtils::GetUndefined(env);
}
}
napi_value CreateNapiSysVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig)
{
+ if (sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiSysVpnConfig failed, param is null");
+ return NapiUtils::GetUndefined(env);
+ }
napi_value config = NapiUtils::CreateObject(env);
std::vector<INetAddr> addresses = sysVpnConfig->addresses_;
if (!addresses.empty()) {
@@ -479,9 +515,15 @@ napi_value CreateNapiSysVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig
napi_value CreateNapiIpsecVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig)
{
+ if (sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiIpsecVpnConfig failed, param is null");
+ return NapiUtils::GetUndefined(env);
+ }
napi_value config = CreateNapiSysVpnConfig(env, sysVpnConfig);
- sptr<IpsecVpnConfig> ipsecVpnConfig = sptr<IpsecVpnConfig>(static_cast<IpsecVpnConfig*>(sysVpnConfig.GetRefPtr()));
- if (!ipsecVpnConfig) {
+
+ IpsecVpnConfig *ipsecVpnConfig = static_cast<IpsecVpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (ipsecVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiIpsecVpnConfig failed, ipsecVpnConfig is null");
return NapiUtils::GetUndefined(env);
}
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, ipsecVpnConfig->ipsecPreSharedKey_);
@@ -507,14 +549,21 @@ napi_value CreateNapiIpsecVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConf
ipsecVpnConfig->ipsecPrivateServerCertFilePath_);
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_IPSEC_PUBLIC_SERVER_CERT_FILE_PATH,
ipsecVpnConfig->ipsecPublicServerCertFilePath_);
+ ipsecVpnConfig = nullptr;
return config;
}
napi_value CreateNapiL2tpVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfig)
{
+ if (sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiL2tpVpnConfig failed, param is null");
+ return NapiUtils::GetUndefined(env);
+ }
napi_value config = CreateNapiSysVpnConfig(env, sysVpnConfig);
- sptr<L2tpVpnConfig> l2tpVpnConfig = sptr<L2tpVpnConfig>(static_cast<L2tpVpnConfig*>(sysVpnConfig.GetRefPtr()));
- if (!l2tpVpnConfig) {
+
+ L2tpVpnConfig *l2tpVpnConfig = static_cast<L2tpVpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (l2tpVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiL2tpVpnConfig failed, l2tpVpnConfig is null");
return NapiUtils::GetUndefined(env);
}
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_IPSEC_PRE_SHARE_KEY, l2tpVpnConfig->ipsecPreSharedKey_);
@@ -544,6 +593,36 @@ napi_value CreateNapiL2tpVpnConfig(napi_env env, sptr<SysVpnConfig> &sysVpnConfi
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPTIONS_L2TPD_CLIENT, l2tpVpnConfig->optionsL2tpdClient_);
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_XL2TPD_CONF, l2tpVpnConfig->xl2tpdConf_);
NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_L2TP_SHARED_KEY, l2tpVpnConfig->l2tpSharedKey_);
+ l2tpVpnConfig = nullptr;
+ return config;
+}
+
+napi_value CreateNapiOpenvpnConfig(napi_env env, sptr<SysVpnConfig> sysVpnConfig)
+{
+ if (sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiOpenvpnConfig failed, param is null");
+ return NapiUtils::GetUndefined(env);
+ }
+ napi_value config = CreateNapiSysVpnConfig(env, sysVpnConfig);
+
+ OpenvpnConfig *openvpnConfig = static_cast<OpenvpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (openvpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("CreateNapiOpenvpnConfig failed, openvpnConfig is null");
+ return NapiUtils::GetUndefined(env);
+ }
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OVPN_PORT, openvpnConfig->ovpnPort_);
+ NapiUtils::SetInt32Property(env, config, CONFIG_OPENVPN_PROTOCOL, openvpnConfig->ovpnProtocol_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPENVPN_CFG, openvpnConfig->ovpnConfig_);
+ NapiUtils::SetInt32Property(env, config, CONFIG_OPENVPN_AUTH_TYPE, openvpnConfig->ovpnAuthType_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_ASKPASS, openvpnConfig->askpass_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPENVPN_CFG_FILE_PATH, openvpnConfig->ovpnConfigFilePath_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPENVPN_CA_CERT_FILE_PATH,
+ openvpnConfig->ovpnCaCertFilePath_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPENVPN_USER_CERT_FILE_PATH,
+ openvpnConfig->ovpnUserCertFilePath_);
+ NapiUtils::SetStringPropertyUtf8(env, config, CONFIG_OPENVPN_PRIVATE_KEY_FILE_PATH,
+ openvpnConfig->ovpnPrivateKeyFilePath_);
+ openvpnConfig = nullptr;
return config;
}
}
diff --git a/frameworks/js/napi/vpn/src/vpn_exec.cpp b/frameworks/js/napi/vpn/src/vpn_exec.cpp
index 045080f..73162a4 100644
--- a/frameworks/js/napi/vpn/src/vpn_exec.cpp
+++ b/frameworks/js/napi/vpn/src/vpn_exec.cpp
@@ -57,7 +57,21 @@ bool ExecSetUp(SetUpContext *context)
NETMANAGER_EXT_LOGE("vpnClient is nullptr");
return false;
}
- int32_t result = vpnClient->SetUpVpn(context->vpnConfig_, context->fd_);
+ int32_t result = NETMANAGER_EXT_SUCCESS;
+#ifdef SUPPORT_SYSVPN
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
+ if (context->sysVpnConfig_ != nullptr) {
+ // is system vpn
+ result = vpnClient->SetUpVpn(context->sysVpnConfig_);
+ } else {
+ result = vpnClient->SetUpVpn(context->vpnConfig_, context->fd_);
+ }
+#else
+ result = vpnClient->SetUpVpn(context->vpnConfig_, context->fd_);
+#endif // SUPPORT_SYSVPN
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
return false;
@@ -98,6 +112,10 @@ bool ExecDestroy(DestroyContext *context)
#ifdef SUPPORT_SYSVPN
bool ExecAddSysVpnConfig(AddContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
int32_t result = NetworkVpnClient::GetInstance().AddSysVpnConfig(context->vpnConfig_);
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
@@ -108,6 +126,10 @@ bool ExecAddSysVpnConfig(AddContext *context)
bool ExecDeleteSysVpnConfig(DeleteContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
int32_t result = NetworkVpnClient::GetInstance().DeleteSysVpnConfig(context->vpnId_);
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
@@ -118,6 +140,10 @@ bool ExecDeleteSysVpnConfig(DeleteContext *context)
bool ExecGetSysVpnConfigList(GetListContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
int32_t result = NetworkVpnClient::GetInstance().GetSysVpnConfigList(context->vpnList_);
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
@@ -128,6 +154,10 @@ bool ExecGetSysVpnConfigList(GetListContext *context)
bool ExecGetSysVpnConfig(GetContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
int32_t result = NetworkVpnClient::GetInstance().GetSysVpnConfig(context->vpnConfig_, context->vpnId_);
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
@@ -138,6 +168,10 @@ bool ExecGetSysVpnConfig(GetContext *context)
bool ExecGetConnectedSysVpnConfig(GetConnectedContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return false;
+ }
int32_t result = NetworkVpnClient::GetInstance().GetConnectedSysVpnConfig(context->vpnConfig_);
if (result != NETMANAGER_EXT_SUCCESS) {
context->SetErrorCode(result);
@@ -174,21 +208,37 @@ napi_value DestroyCallback(DestroyContext *context)
#ifdef SUPPORT_SYSVPN
napi_value AddSysVpnConfigCallback(AddContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return nullptr;
+ }
return NapiUtils::GetUndefined(context->GetEnv());
}
napi_value DeleteSysVpnConfigCallback(DeleteContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return nullptr;
+ }
return NapiUtils::GetUndefined(context->GetEnv());
}
napi_value GetSysVpnConfigCallback(GetContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return nullptr;
+ }
return VpnConfigUtils::CreateNapiVpnConfig(context->GetEnv(), context->vpnConfig_);
}
napi_value GetSysVpnConfigListCallback(GetListContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return nullptr;
+ }
int32_t index = 0;
auto len = context->vpnList_.size();
napi_value array = NapiUtils::CreateArray(context->GetEnv(), len);
@@ -204,6 +254,10 @@ napi_value GetSysVpnConfigListCallback(GetListContext *context)
napi_value GetConnectedSysVpnConfigCallback(GetConnectedContext *context)
{
+ if (context == nullptr) {
+ NETMANAGER_EXT_LOGE("context is nullptr");
+ return nullptr;
+ }
return VpnConfigUtils::CreateNapiVpnConfig(context->GetEnv(), context->vpnConfig_);
}
#endif // SUPPORT_SYSVPN
diff --git a/frameworks/js/napi/vpn/src/vpn_module.cpp b/frameworks/js/napi/vpn/src/vpn_module.cpp
index cfd3cc4..036e315 100644
--- a/frameworks/js/napi/vpn/src/vpn_module.cpp
+++ b/frameworks/js/napi/vpn/src/vpn_module.cpp
@@ -24,12 +24,12 @@
#include "vpn_connection.h"
#include "vpn_monitor.h"
#ifdef SUPPORT_SYSVPN
-#include "vpn_async_work.h"
#include "add_context.h"
#include "delete_context.h"
#include "get_list_context.h"
#include "get_context.h"
#include "get_connected_context.h"
+#include "vpn_async_work.h"
#endif // SUPPORT_SYSVPN
namespace OHOS {
@@ -135,6 +135,8 @@ napi_value RegisterVpnModule(napi_env env, napi_value exports)
DECLARE_NAPI_FUNCTION(DESTROY, VpnConnection::Destroy),
},
VPN_CONNECTION);
+ NapiUtils::SetEnvValid(env);
+ napi_add_env_cleanup_hook(env, NapiUtils::HookForEnvCleanup, env);
return exports;
}
diff --git a/frameworks/native/netvpnclient/src/ipc/networkvpn_service_proxy.cpp b/frameworks/native/netvpnclient/src/ipc/networkvpn_service_proxy.cpp
index 7fbc45b..e2de93b 100644
--- a/frameworks/native/netvpnclient/src/ipc/networkvpn_service_proxy.cpp
+++ b/frameworks/native/netvpnclient/src/ipc/networkvpn_service_proxy.cpp
@@ -172,9 +172,46 @@ int32_t NetworkVpnServiceProxy::DestroyVpn(bool isVpnExtCall)
}
#ifdef SUPPORT_SYSVPN
+int32_t NetworkVpnServiceProxy::SetUpVpn(const sptr<SysVpnConfig> &config)
+{
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("SetUpVpn failed, config is null");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ NETMGR_EXT_LOG_I("SetUpVpn id=%{public}s", config->vpnId_.c_str());
+ MessageParcel data;
+ if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
+ NETMGR_EXT_LOG_E("write interface token failed");
+ return NETMANAGER_EXT_ERR_WRITE_DESCRIPTOR_TOKEN_FAIL;
+ }
+
+ // LCOV_EXCL_START
+ if (!(data.WriteString(config->vpnId_) && data.WriteInt32(config->vpnType_))) {
+ NETMGR_EXT_LOG_E("SetUpVpn proxy write data failed");
+ return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
+ }
+ // LCOV_EXCL_STOP
+ MessageParcel reply;
+ int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_SETUP_SYS_VPN, data, reply);
+ if (ret != ERR_NONE) {
+ NETMGR_EXT_LOG_E("SetUpVpn proxy SendRequest failed, error code: [%{public}d]", ret);
+ return ret;
+ }
+ int32_t result = NETMANAGER_EXT_ERR_INTERNAL;
+ if (!reply.ReadInt32(result)) {
+ NETMGR_EXT_LOG_E("reply read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ return result;
+}
+
int32_t NetworkVpnServiceProxy::AddSysVpnConfig(sptr<SysVpnConfig> &config)
{
- NETMGR_EXT_LOG_D("AddSysVpnConfig start");
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("AddSysVpnConfig failed, config is null");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ NETMGR_EXT_LOG_I("NetworkVpnServiceProxy AddSysVpnConfig id=%{public}s", config->vpnId_.c_str());
MessageParcel data;
if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
NETMGR_EXT_LOG_E("AddSysVpnConfig write interface token failed");
@@ -186,35 +223,43 @@ int32_t NetworkVpnServiceProxy::AddSysVpnConfig(sptr<SysVpnConfig> &config)
}
MessageParcel reply;
int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_ADD_SYS_VPN_CONFIG, data, reply);
- if (ERR_NONE != ret) {
+ if (ret != ERR_NONE) {
NETMGR_EXT_LOG_E("AddSysVpnConfig proxy SendRequest failed, error code: [%{public}d]", ret);
return ret;
}
if (!reply.ReadInt32(ret)) {
+ NETMGR_EXT_LOG_E("reply ReadInt32 failed");
return NETMANAGER_EXT_ERR_READ_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
}
-int32_t NetworkVpnServiceProxy::DeleteSysVpnConfig(std::string &vpnId)
+int32_t NetworkVpnServiceProxy::DeleteSysVpnConfig(const std::string &vpnId)
{
- NETMGR_EXT_LOG_D("DeleteSysVpnConfig start");
+ if (vpnId.empty()) {
+ NETMGR_EXT_LOG_E("DeleteSysVpnConfig failed, vpnId is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ NETMGR_EXT_LOG_I("NetworkVpnServiceProxy DeleteSysVpnConfig id=%{public}s", vpnId.c_str());
MessageParcel data;
if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
NETMGR_EXT_LOG_E("DeleteSysVpnConfig write interface token failed");
return NETMANAGER_EXT_ERR_WRITE_DESCRIPTOR_TOKEN_FAIL;
}
+ // LCOV_EXCL_START
if (!data.WriteString(vpnId)) {
NETMGR_EXT_LOG_E("DeleteSysVpnConfig proxy write data failed");
return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
}
+ // LCOV_EXCL_STOP
MessageParcel reply;
int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_DELETE_SYS_VPN_CONFIG, data, reply);
- if (ERR_NONE != ret) {
+ if (ret != ERR_NONE) {
NETMGR_EXT_LOG_E("DeleteSysVpnConfig proxy SendRequest failed, error code: [%{public}d]", ret);
return ret;
}
if (!reply.ReadInt32(ret)) {
+ NETMGR_EXT_LOG_E("reply ReadInt32 failed");
return NETMANAGER_EXT_ERR_READ_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
@@ -222,11 +267,11 @@ int32_t NetworkVpnServiceProxy::DeleteSysVpnConfig(std::string &vpnId)
int32_t NetworkVpnServiceProxy::GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList)
{
- NETMGR_EXT_LOG_D("GetSysVpnConfigList start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceProxy GetSysVpnConfigList");
MessageParcel data;
MessageParcel reply;
int32_t ret = WriteTokenAndSendRequest(INetworkVpnService::MessageCode::CMD_GET_SYS_VPN_CONFIG_LIST, data, reply);
- if (ERR_NONE != ret) {
+ if (ret != ERR_NONE) {
NETMGR_EXT_LOG_E("GetSysVpnConfigList proxy WriteTokenAndSendRequest failed, error code: [%{public}d]", ret);
return ret;
}
@@ -238,8 +283,8 @@ int32_t NetworkVpnServiceProxy::GetSysVpnConfigList(std::vector<SysVpnConfig> &v
for (int32_t idx = 0; idx < vpnListSize; idx++) {
sptr<SysVpnConfig> vpnConfig = new (std::nothrow) SysVpnConfig();
if (vpnConfig == nullptr) {
- NETMGR_EXT_LOG_E("GetSysVpnConfigList vpnConfig is null");
- return NETMANAGER_EXT_ERR_READ_REPLY_FAIL;
+ NETMGR_EXT_LOG_E("GetSysVpnConfigList failed, vpnConfig is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
}
reply.ReadString(vpnConfig->vpnId_);
reply.ReadString(vpnConfig->vpnName_);
@@ -249,47 +294,106 @@ int32_t NetworkVpnServiceProxy::GetSysVpnConfigList(std::vector<SysVpnConfig> &v
return NETMANAGER_EXT_SUCCESS;
}
-int32_t NetworkVpnServiceProxy::GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId)
+int32_t NetworkVpnServiceProxy::GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId)
{
- NETMGR_EXT_LOG_D("GetSysVpnConfig start");
+ if (vpnId.empty()) {
+ NETMGR_EXT_LOG_E("GetSysVpnConfig failed, vpnId is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ NETMGR_EXT_LOG_I("NetworkVpnServiceProxy GetSysVpnConfig id=%{public}s", vpnId.c_str());
MessageParcel data;
if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
NETMGR_EXT_LOG_E("GetSysVpnConfig write interface token failed");
return NETMANAGER_EXT_ERR_WRITE_DESCRIPTOR_TOKEN_FAIL;
}
+ // LCOV_EXCL_START
if (!data.WriteString(vpnId)) {
NETMGR_EXT_LOG_E("GetSysVpnConfig proxy write data failed");
return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
}
-
+ // LCOV_EXCL_STOP
MessageParcel reply;
int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_GET_SYS_VPN_CONFIG, data, reply);
- if (ERR_NONE != ret) {
+ if (ret != ERR_NONE) {
NETMGR_EXT_LOG_E("GetSysVpnConfig proxy SendRequest failed, error code: [%{public}d]", ret);
return ret;
}
config = SysVpnConfig::Unmarshalling(reply);
if (config == nullptr) {
- NETMGR_EXT_LOG_I("GetSysVpnConfig config == nullptr");
+ NETMGR_EXT_LOG_I("GetSysVpnConfig: vpn does not exist, id=%{public}s", vpnId.c_str());
}
return NETMANAGER_EXT_SUCCESS;
}
int32_t NetworkVpnServiceProxy::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config)
{
- NETMGR_EXT_LOG_D("GetConnectedSysVpnConfig start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceProxy GetConnectedSysVpnConfig");
MessageParcel data;
MessageParcel reply;
int32_t ret = 0;
ret = WriteTokenAndSendRequest(INetworkVpnService::MessageCode::CMD_GET_CONNECTED_SYS_VPN_CONFIG, data, reply);
- if (ERR_NONE != ret) {
+ if (ret != ERR_NONE) {
NETMGR_EXT_LOG_E("GetConnectedSysVpnConfig proxy SendRequest failed, error code: [%{public}d]", ret);
return ret;
}
config = SysVpnConfig::Unmarshalling(reply);
if (config == nullptr) {
- NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig config == nullptr");
+ NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig: no connected vpn");
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t NetworkVpnServiceProxy::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ NETMGR_EXT_LOG_I("NotifyConnectStage stage=%{public}s result=%{public}d", stage.c_str(), result);
+ MessageParcel data;
+ if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage write interface token failed");
+ return NETMANAGER_EXT_ERR_WRITE_DESCRIPTOR_TOKEN_FAIL;
+ }
+ // LCOV_EXCL_START
+ if (!(data.WriteString(stage) && data.WriteInt32(result))) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage proxy write data failed");
+ return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
+ }
+ // LCOV_EXCL_STOP
+ MessageParcel reply;
+ int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_NOTIFY_CONNECT_STAGE, data, reply);
+ if (ret != ERR_NONE) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage proxy SendRequest failed, error code: [%{public}d]", ret);
+ return ret;
+ }
+ int32_t resultCode = NETMANAGER_EXT_ERR_INTERNAL;
+ if (!reply.ReadInt32(resultCode)) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage reply read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ return resultCode;
+}
+
+int32_t NetworkVpnServiceProxy::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ MessageParcel data;
+ if (!data.WriteInterfaceToken(NetworkVpnServiceProxy::GetDescriptor())) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri write interface token failed");
+ return NETMANAGER_EXT_ERR_WRITE_DESCRIPTOR_TOKEN_FAIL;
+ }
+ // LCOV_EXCL_START
+ if (!data.WriteInt32(certType)) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri proxy write data failed");
+ return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
+ }
+ // LCOV_EXCL_STOP
+ MessageParcel reply;
+ int32_t ret = SendRequest(INetworkVpnService::MessageCode::CMD_GET_SYS_VPN_CERT_URI, data, reply);
+ if (ret != ERR_NONE) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri proxy SendRequest failed, error code: [%{public}d]", ret);
+ return ret;
+ }
+ if (!reply.ReadString(certUri)) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri proxy read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
}
diff --git a/frameworks/native/netvpnclient/src/networkvpn_client.cpp b/frameworks/native/netvpnclient/src/networkvpn_client.cpp
index bd8476e..808ab2c 100644
--- a/frameworks/native/netvpnclient/src/networkvpn_client.cpp
+++ b/frameworks/native/netvpnclient/src/networkvpn_client.cpp
@@ -133,6 +133,21 @@ int32_t NetworkVpnClient::DestroyVpn(bool isVpnExtCall)
}
#ifdef SUPPORT_SYSVPN
+int32_t NetworkVpnClient::SetUpVpn(const sptr<SysVpnConfig> &config)
+{
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("SetUpVpn param config is nullptr");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ sptr<INetworkVpnService> proxy = GetProxy();
+ if (proxy == nullptr) {
+ NETMGR_EXT_LOG_E("SetUpVpn proxy is nullptr");
+ return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
+ }
+ NETMGR_EXT_LOG_I("SetUpVpn id=%{public}s", config->vpnId_.c_str());
+ return proxy->SetUpVpn(config);
+}
+
int32_t NetworkVpnClient::AddSysVpnConfig(sptr<SysVpnConfig> &config)
{
if (config == nullptr) {
@@ -147,10 +162,10 @@ int32_t NetworkVpnClient::AddSysVpnConfig(sptr<SysVpnConfig> &config)
return proxy->AddSysVpnConfig(config);
}
-int32_t NetworkVpnClient::DeleteSysVpnConfig(std::string &vpnId)
+int32_t NetworkVpnClient::DeleteSysVpnConfig(const std::string &vpnId)
{
if (vpnId.empty()) {
- NETMGR_EXT_LOG_E("DeleteSysVpnConfig vpnId is null");
+ NETMGR_EXT_LOG_E("DeleteSysVpnConfig vpnId is empty");
return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
}
sptr<INetworkVpnService> proxy = GetProxy();
@@ -171,10 +186,10 @@ int32_t NetworkVpnClient::GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList
return proxy->GetSysVpnConfigList(vpnList);
}
-int32_t NetworkVpnClient::GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId)
+int32_t NetworkVpnClient::GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId)
{
if (vpnId.empty()) {
- NETMGR_EXT_LOG_E("DeleteSysVpnConfig vpnId is null");
+ NETMGR_EXT_LOG_E("DeleteSysVpnConfig vpnId is empty");
return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
}
sptr<INetworkVpnService> proxy = GetProxy();
@@ -194,6 +209,26 @@ int32_t NetworkVpnClient::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config)
}
return proxy->GetConnectedSysVpnConfig(config);
}
+
+int32_t NetworkVpnClient::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ sptr<INetworkVpnService> proxy = GetProxy();
+ if (proxy == nullptr) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage proxy is nullptr");
+ return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
+ }
+ return proxy->NotifyConnectStage(stage, result);
+}
+
+int32_t NetworkVpnClient::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ sptr<INetworkVpnService> proxy = GetProxy();
+ if (proxy == nullptr) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri proxy is nullptr");
+ return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
+ }
+ return proxy->GetSysVpnCertUri(certType, certUri);
+}
#endif // SUPPORT_SYSVPN
int32_t NetworkVpnClient::RegisterVpnEvent(sptr<IVpnEventCallback> callback)
diff --git a/frameworks/native/netvpnclient/src/openvpn_config.cpp b/frameworks/native/netvpnclient/src/openvpn_config.cpp
new file mode 100755
index 0000000..33d3124
--- /dev/null
+++ b/frameworks/native/netvpnclient/src/openvpn_config.cpp
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "openvpn_config.h"
+#include "netmgr_ext_log_wrapper.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+bool OpenvpnConfig::Marshalling(Parcel &parcel) const
+{
+ if (!SysVpnConfig::Marshalling(parcel)) {
+ NETMGR_EXT_LOG_E("OpenvpnConfig Marshalling failed");
+ return false;
+ }
+ if (!parcel.WriteString(ovpnPort_)) {
+ return false;
+ }
+
+ if (!parcel.WriteInt32(ovpnProtocol_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(ovpnConfig_)) {
+ return false;
+ }
+
+ if (!parcel.WriteInt32(ovpnAuthType_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(askpass_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(ovpnConfigFilePath_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(ovpnCaCertFilePath_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(ovpnUserCertFilePath_)) {
+ return false;
+ }
+
+ if (!parcel.WriteString(ovpnPrivateKeyFilePath_)) {
+ return false;
+ }
+
+ return true;
+}
+
+sptr<OpenvpnConfig> OpenvpnConfig::Unmarshalling(Parcel &parcel)
+{
+ sptr<OpenvpnConfig> ptr = new (std::nothrow) OpenvpnConfig();
+ if (ptr == nullptr) {
+ NETMGR_EXT_LOG_E("OpenvpnConfig ptr is null");
+ return nullptr;
+ }
+ if (!SysVpnConfig::Unmarshalling(parcel, ptr)) {
+ NETMGR_EXT_LOG_E("OpenvpnConfig Unmarshalling failed");
+ return nullptr;
+ }
+ if (!parcel.ReadString(ptr->ovpnPort_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadInt32(ptr->ovpnProtocol_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->ovpnConfig_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadInt32(ptr->ovpnAuthType_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->askpass_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->ovpnConfigFilePath_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->ovpnCaCertFilePath_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->ovpnUserCertFilePath_)) {
+ return nullptr;
+ }
+
+ if (!parcel.ReadString(ptr->ovpnPrivateKeyFilePath_)) {
+ return nullptr;
+ }
+ return ptr;
+}
+} // namespace NetManagerStandard
+} // namespace OHOS
\ No newline at end of file
diff --git a/frameworks/native/netvpnclient/src/sysvpn_config.cpp b/frameworks/native/netvpnclient/src/sysvpn_config.cpp
index 6287a3a..184e4e2 100755
--- a/frameworks/native/netvpnclient/src/sysvpn_config.cpp
+++ b/frameworks/native/netvpnclient/src/sysvpn_config.cpp
@@ -17,6 +17,7 @@
#include "ipsecvpn_config.h"
#include "l2tpvpn_config.h"
#include "netmgr_ext_log_wrapper.h"
+#include "openvpn_config.h"
namespace OHOS {
namespace NetManagerStandard {
@@ -48,15 +49,17 @@ sptr<SysVpnConfig> SysVpnConfig::Unmarshalling(Parcel &parcel)
parcel.ReadInt32(type);
switch (type) {
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_MSCHAPv2):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_PSK):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_HYBRID_RSA):
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA:
return IpsecVpnConfig::Unmarshalling(parcel);
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_RSA):
+ case VpnType::OPENVPN:
+ return OpenvpnConfig::Unmarshalling(parcel);
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA:
return L2tpVpnConfig::Unmarshalling(parcel);
default:
NETMGR_EXT_LOG_E("sysvpn SysVpnConfig Unmarshalling failed, type=%{public}d", type);
diff --git a/frameworks/native/netvpnclient/src/vpn_config.cpp b/frameworks/native/netvpnclient/src/vpn_config.cpp
index 1fb5f0e..ca185e7 100644
--- a/frameworks/native/netvpnclient/src/vpn_config.cpp
+++ b/frameworks/native/netvpnclient/src/vpn_config.cpp
@@ -20,6 +20,7 @@ namespace OHOS {
namespace NetManagerStandard {
namespace {
constexpr uint32_t MAX_SIZE = 64;
+constexpr uint32_t ROUTE_MAX_SIZE = 1024;
}
bool VpnConfig::Marshalling(Parcel &parcel) const
{
@@ -122,7 +123,7 @@ bool VpnConfig::UnmarshallingAddrRoute(Parcel &parcel, sptr<VpnConfig> &config)
if (!parcel.ReadInt32(routeSize)) {
return false;
}
- if (static_cast<uint32_t>(routeSize) > MAX_SIZE) {
+ if (static_cast<uint32_t>(routeSize) > ROUTE_MAX_SIZE) {
NETMGR_EXT_LOG_E("routeSize=[%{public}d] is too large", routeSize);
return false;
}
diff --git a/frameworks/native/netvpnclient/src/vpn_data_bean.cpp b/frameworks/native/netvpnclient/src/vpn_data_bean.cpp
index a048da2..855271d 100755
--- a/frameworks/native/netvpnclient/src/vpn_data_bean.cpp
+++ b/frameworks/native/netvpnclient/src/vpn_data_bean.cpp
@@ -26,15 +26,17 @@ sptr<SysVpnConfig> VpnDataBean::ConvertVpnBeanToSysVpnConfig(sptr<VpnDataBean> &
return nullptr;
}
switch (vpnBean->vpnType_) {
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_MSCHAPv2):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_PSK):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_HYBRID_RSA):
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA:
return ConvertVpnBeanToIpsecVpnConfig(vpnBean);
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_RSA):
+ case VpnType::OPENVPN:
+ return ConvertVpnBeanToOpenvpnConfig(vpnBean);
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA:
return ConvertVpnBeanToL2tpVpnConfig(vpnBean);
default:
NETMGR_EXT_LOG_E("ConvertVpnBeanToSysVpnConfig failed, invalid type=%{public}d", vpnBean->vpnType_);
@@ -42,6 +44,39 @@ sptr<SysVpnConfig> VpnDataBean::ConvertVpnBeanToSysVpnConfig(sptr<VpnDataBean> &
}
}
+sptr<OpenvpnConfig> VpnDataBean::ConvertVpnBeanToOpenvpnConfig(sptr<VpnDataBean> vpnBean)
+{
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToOpenvpnConfig vpnBean is null");
+ return nullptr;
+ }
+ sptr<OpenvpnConfig> openvpnConfig = new (std::nothrow) OpenvpnConfig();
+ if (openvpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToOpenvpnConfig openvpnConfig is null");
+ return nullptr;
+ }
+ openvpnConfig->vpnId_ = vpnBean->vpnId_;
+ openvpnConfig->vpnName_ = vpnBean->vpnName_;
+ openvpnConfig->vpnType_ = vpnBean->vpnType_;
+ openvpnConfig->userName_ = vpnBean->userName_;
+ openvpnConfig->password_ = vpnBean->password_;
+ openvpnConfig->userId_ = vpnBean->userId_;
+ openvpnConfig->isLegacy_ = (vpnBean->isLegacy_) == 1;
+ openvpnConfig->saveLogin_ = (vpnBean->saveLogin_) == 1;
+
+ openvpnConfig->ovpnPort_ = vpnBean->ovpnPort_;
+ openvpnConfig->ovpnProtocol_ = vpnBean->ovpnProtocol_;
+ openvpnConfig->ovpnConfig_ = vpnBean->ovpnConfig_;
+ openvpnConfig->ovpnAuthType_ = vpnBean->ovpnAuthType_;
+ openvpnConfig->askpass_ = vpnBean->askpass_;
+ openvpnConfig->ovpnConfigFilePath_ = vpnBean->ovpnConfigFilePath_;
+ openvpnConfig->ovpnCaCertFilePath_ = vpnBean->ovpnCaCertFilePath_;
+ openvpnConfig->ovpnUserCertFilePath_ = vpnBean->ovpnUserCertFilePath_;
+ openvpnConfig->ovpnPrivateKeyFilePath_ = vpnBean->ovpnPrivateKeyFilePath_;
+
+ return openvpnConfig;
+}
+
sptr<IpsecVpnConfig> VpnDataBean::ConvertVpnBeanToIpsecVpnConfig(sptr<VpnDataBean> &vpnBean)
{
if (vpnBean == nullptr) {
@@ -49,14 +84,14 @@ sptr<IpsecVpnConfig> VpnDataBean::ConvertVpnBeanToIpsecVpnConfig(sptr<VpnDataBea
return nullptr;
}
sptr<IpsecVpnConfig> ipsecVpnConfig = new (std::nothrow) IpsecVpnConfig();
- if (ipsecVpnConfig == nullptr) {
- NETMGR_EXT_LOG_E("ConvertVpnBeanToIpsecVpnConfig ipsecVpnConfig is null");
+ sptr<INetAddr> netAddr = new (std::nothrow) INetAddr();
+ if (ipsecVpnConfig == nullptr || netAddr == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToIpsecVpnConfig ipsecVpnConfig or netAddr is null");
return nullptr;
}
ipsecVpnConfig->vpnId_ = vpnBean->vpnId_;
ipsecVpnConfig->vpnName_ = vpnBean->vpnName_;
ipsecVpnConfig->vpnType_ = vpnBean->vpnType_;
- sptr<INetAddr> netAddr = new (std::nothrow) INetAddr();
netAddr->address_ = vpnBean->vpnAddress_;
ipsecVpnConfig->addresses_.push_back(*netAddr);
ipsecVpnConfig->userName_ = vpnBean->userName_;
@@ -82,7 +117,6 @@ sptr<IpsecVpnConfig> VpnDataBean::ConvertVpnBeanToIpsecVpnConfig(sptr<VpnDataBea
ipsecVpnConfig->ipsecPublicUserCertFilePath_ = vpnBean->ipsecPublicUserCertFilePath_;
ipsecVpnConfig->ipsecPrivateServerCertFilePath_ = vpnBean->ipsecPrivateServerCertFilePath_;
ipsecVpnConfig->ipsecPublicServerCertFilePath_ = vpnBean->ipsecPublicServerCertFilePath_;
-
return ipsecVpnConfig;
}
@@ -93,14 +127,14 @@ sptr<L2tpVpnConfig> VpnDataBean::ConvertVpnBeanToL2tpVpnConfig(sptr<VpnDataBean>
return nullptr;
}
sptr<L2tpVpnConfig> l2tpVpnConfig = new (std::nothrow) L2tpVpnConfig();
- if (l2tpVpnConfig == nullptr) {
- NETMGR_EXT_LOG_E("ConvertVpnBeanToL2tpVpnConfig l2tpVpnConfig is null");
+ sptr<INetAddr> netAddr = new (std::nothrow) INetAddr();
+ if (l2tpVpnConfig == nullptr || netAddr == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToL2tpVpnConfig l2tpVpnConfig or netAddr is null");
return nullptr;
}
l2tpVpnConfig->vpnId_ = vpnBean->vpnId_;
l2tpVpnConfig->vpnName_ = vpnBean->vpnName_;
l2tpVpnConfig->vpnType_ = vpnBean->vpnType_;
- sptr<INetAddr> netAddr = new (std::nothrow) INetAddr();
netAddr->address_ = vpnBean->vpnAddress_;
l2tpVpnConfig->addresses_.push_back(*netAddr);
l2tpVpnConfig->userName_ = vpnBean->userName_;
@@ -131,7 +165,6 @@ sptr<L2tpVpnConfig> VpnDataBean::ConvertVpnBeanToL2tpVpnConfig(sptr<VpnDataBean>
l2tpVpnConfig->optionsL2tpdClient_ = vpnBean->optionsL2tpdClient_;
l2tpVpnConfig->xl2tpdConf_ = vpnBean->xl2tpdConf_;
l2tpVpnConfig->l2tpSharedKey_ = vpnBean->l2tpSharedKey_;
-
return l2tpVpnConfig;
}
@@ -147,22 +180,21 @@ sptr<VpnDataBean> VpnDataBean::ConvertSysVpnConfigToVpnBean(sptr<SysVpnConfig> &
return nullptr;
}
ConvertCommonVpnConfigToVpnBean(sysVpnConfig, vpnBean);
- sptr<IpsecVpnConfig> ipsecVpnConfig;
- sptr<L2tpVpnConfig> l2tpVpnConfig;
switch (sysVpnConfig->vpnType_) {
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_MSCHAPv2):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::IKEV2_IPSEC_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_PSK):
- case static_cast<int32_t>(VpnType::IPSEC_XAUTH_RSA):
- case static_cast<int32_t>(VpnType::IPSEC_HYBRID_RSA):
- ipsecVpnConfig = sptr<IpsecVpnConfig>(static_cast<IpsecVpnConfig *>(sysVpnConfig.GetRefPtr()));
- ConvertIpsecVpnConfigToVpnBean(ipsecVpnConfig, vpnBean);
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA:
+ ConvertIpsecVpnConfigToVpnBean(sysVpnConfig, vpnBean);
break;
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_PSK):
- case static_cast<int32_t>(VpnType::L2TP_IPSEC_RSA):
- l2tpVpnConfig = sptr<L2tpVpnConfig>(static_cast<L2tpVpnConfig *>(sysVpnConfig.GetRefPtr()));
- ConvertL2tpVpnConfigToVpnBean(l2tpVpnConfig, vpnBean);
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA:
+ ConvertL2tpVpnConfigToVpnBean(sysVpnConfig, vpnBean);
+ break;
+ case VpnType::OPENVPN:
+ ConvertOpenvpnConfigToVpnBean(sysVpnConfig, vpnBean);
break;
default:
NETMGR_EXT_LOG_E("ConvertSysVpnConfigToVpnBean proxy vpn type is error");
@@ -199,12 +231,41 @@ void VpnDataBean::ConvertCommonVpnConfigToVpnBean(sptr<SysVpnConfig> &sysVpnConf
vpnBean->searchDomains_ = searchDomains[0];
}
}
-void VpnDataBean::ConvertIpsecVpnConfigToVpnBean(sptr<IpsecVpnConfig> &ipsecVpnConfig, sptr<VpnDataBean> &vpnBean)
+
+void VpnDataBean::ConvertOpenvpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean)
+{
+ if (vpnBean == nullptr || sysVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertOpenvpnConfigToVpnBean params is null");
+ return;
+ }
+ OpenvpnConfig *openvpnConfig = static_cast<OpenvpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (openvpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertOpenvpnConfigToVpnBean openvpnConfig is null");
+ return;
+ }
+ vpnBean->ovpnPort_ = openvpnConfig->ovpnPort_;
+ vpnBean->ovpnProtocol_ = openvpnConfig->ovpnProtocol_;
+ vpnBean->ovpnConfig_ = openvpnConfig->ovpnConfig_;
+ vpnBean->ovpnAuthType_ = openvpnConfig->ovpnAuthType_;
+ vpnBean->askpass_ = openvpnConfig->askpass_;
+ vpnBean->ovpnConfigFilePath_ = openvpnConfig->ovpnConfigFilePath_;
+ vpnBean->ovpnCaCertFilePath_ = openvpnConfig->ovpnCaCertFilePath_;
+ vpnBean->ovpnUserCertFilePath_ = openvpnConfig->ovpnUserCertFilePath_;
+ vpnBean->ovpnPrivateKeyFilePath_ = openvpnConfig->ovpnPrivateKeyFilePath_;
+ openvpnConfig = nullptr;
+}
+
+void VpnDataBean::ConvertIpsecVpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean)
{
- if (vpnBean == nullptr || ipsecVpnConfig == nullptr) {
+ if (vpnBean == nullptr || sysVpnConfig == nullptr) {
NETMGR_EXT_LOG_E("ConvertIpsecVpnConfigToVpnBean params is null");
return;
}
+ IpsecVpnConfig *ipsecVpnConfig = static_cast<IpsecVpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (ipsecVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertIpsecVpnConfigToVpnBean ipsecVpnConfig is null");
+ return;
+ }
vpnBean->ipsecPreSharedKey_ = ipsecVpnConfig->ipsecPreSharedKey_;
vpnBean->ipsecIdentifier_ = ipsecVpnConfig->ipsecIdentifier_;
vpnBean->swanctlConf_ = ipsecVpnConfig->swanctlConf_;
@@ -219,14 +280,20 @@ void VpnDataBean::ConvertIpsecVpnConfigToVpnBean(sptr<IpsecVpnConfig> &ipsecVpnC
vpnBean->ipsecPublicUserCertFilePath_ = ipsecVpnConfig->ipsecPublicUserCertFilePath_;
vpnBean->ipsecPrivateServerCertFilePath_ = ipsecVpnConfig->ipsecPrivateServerCertFilePath_;
vpnBean->ipsecPublicServerCertFilePath_ = ipsecVpnConfig->ipsecPublicServerCertFilePath_;
+ ipsecVpnConfig = nullptr;
}
-void VpnDataBean::ConvertL2tpVpnConfigToVpnBean(sptr<L2tpVpnConfig> &l2tpVpnConfig, sptr<VpnDataBean> &vpnBean)
+void VpnDataBean::ConvertL2tpVpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean)
{
- if (vpnBean == nullptr || l2tpVpnConfig == nullptr) {
+ if (vpnBean == nullptr || sysVpnConfig == nullptr) {
NETMGR_EXT_LOG_E("ConvertL2tpVpnConfigToVpnBean params is null");
return;
}
+ L2tpVpnConfig *l2tpVpnConfig = static_cast<L2tpVpnConfig *>(sysVpnConfig.GetRefPtr());
+ if (l2tpVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertL2tpVpnConfigToVpnBean l2tpVpnConfig is null");
+ return;
+ }
vpnBean->ipsecPreSharedKey_ = l2tpVpnConfig->ipsecPreSharedKey_;
vpnBean->ipsecIdentifier_ = l2tpVpnConfig->ipsecIdentifier_;
vpnBean->strongswanConf_ = l2tpVpnConfig->strongswanConf_;
@@ -246,6 +313,7 @@ void VpnDataBean::ConvertL2tpVpnConfigToVpnBean(sptr<L2tpVpnConfig> &l2tpVpnConf
vpnBean->optionsL2tpdClient_ = l2tpVpnConfig->optionsL2tpdClient_;
vpnBean->xl2tpdConf_ = l2tpVpnConfig->xl2tpdConf_;
vpnBean->l2tpSharedKey_ = l2tpVpnConfig->l2tpSharedKey_;
+ l2tpVpnConfig = nullptr;
}
} // namespace NetManagerStandard
} // namespace OHOS
diff --git a/interfaces/innerkits/netvpnclient/BUILD.gn b/interfaces/innerkits/netvpnclient/BUILD.gn
index 3c1644b..d54f160 100644
--- a/interfaces/innerkits/netvpnclient/BUILD.gn
+++ b/interfaces/innerkits/netvpnclient/BUILD.gn
@@ -51,6 +51,11 @@ config("net_conn_manager_if_config") {
"-D_FORTIFY_SOURCE=2",
"-O2",
]
+
+ if (netmanager_ext_feature_sysvpn) {
+ cflags += sysvpn_flags
+ cflags_cc += sysvpn_flags
+ }
}
ohos_source_set("networkvpn_parcel") {
@@ -64,6 +69,16 @@ ohos_source_set("networkvpn_parcel") {
sources = [ "$VPN_INNERKITS_SOURCE_DIR/src/vpn_config.cpp" ]
+ if (netmanager_ext_feature_sysvpn) {
+ sources += [
+ "$VPN_INNERKITS_SOURCE_DIR/src/ipsecvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/l2tpvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/openvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/sysvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/vpn_data_bean.cpp",
+ ]
+ }
+
include_dirs = [
"$BASE_INNERKITS_ROOT/include",
"$BASE_INNERKITS_ROOT/netconnclient/include",
diff --git a/interfaces/innerkits/netvpnclient/include/ipc/i_networkvpn_service.h b/interfaces/innerkits/netvpnclient/include/ipc/i_networkvpn_service.h
index 22f4c5b..42943b5 100644
--- a/interfaces/innerkits/netvpnclient/include/ipc/i_networkvpn_service.h
+++ b/interfaces/innerkits/netvpnclient/include/ipc/i_networkvpn_service.h
@@ -24,10 +24,10 @@
#include "i_vpn_event_callback.h"
#include "net_manager_ext_constants.h"
-#include "vpn_config.h"
#ifdef SUPPORT_SYSVPN
#include "sysvpn_config.h"
#endif // SUPPORT_SYSVPN
+#include "vpn_config.h"
namespace OHOS {
namespace NetManagerStandard {
@@ -49,6 +49,9 @@ public:
CMD_GET_SYS_VPN_CONFIG_LIST,
CMD_GET_SYS_VPN_CONFIG,
CMD_GET_CONNECTED_SYS_VPN_CONFIG,
+ CMD_NOTIFY_CONNECT_STAGE,
+ CMD_SETUP_SYS_VPN,
+ CMD_GET_SYS_VPN_CERT_URI,
#endif // SUPPORT_SYSVPN
CMD_START_VPN_EXT, // for start extension extended vpn
CMD_PROTECT_EXT,
@@ -68,14 +71,17 @@ public:
virtual int32_t CreateVpnConnection(bool isVpnExtCall = false) = 0;
virtual int32_t FactoryResetVpn() = 0;
virtual int32_t RegisterBundleName(const std::string &bundleName) = 0;
+ virtual int32_t GetSelfAppName(std::string &selfAppName) = 0;
#ifdef SUPPORT_SYSVPN
+ virtual int32_t SetUpVpn(const sptr<SysVpnConfig> &config) = 0;
virtual int32_t AddSysVpnConfig(sptr<SysVpnConfig> &config) = 0;
- virtual int32_t DeleteSysVpnConfig(std::string &vpnId) = 0;
+ virtual int32_t DeleteSysVpnConfig(const std::string &vpnId) = 0;
virtual int32_t GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList) = 0;
- virtual int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId) = 0;
+ virtual int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId) = 0;
virtual int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config) = 0;
+ virtual int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) = 0;
+ virtual int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) = 0;
#endif // SUPPORT_SYSVPN
- virtual int32_t GetSelfAppName(std::string &selfAppName) = 0;
DECLARE_INTERFACE_DESCRIPTOR(u"OHOS.NetManagerStandard.INetworkVpnService");
};
diff --git a/interfaces/innerkits/netvpnclient/include/ipc/networkvpn_service_proxy.h b/interfaces/innerkits/netvpnclient/include/ipc/networkvpn_service_proxy.h
index 6f820d6..a822546 100644
--- a/interfaces/innerkits/netvpnclient/include/ipc/networkvpn_service_proxy.h
+++ b/interfaces/innerkits/netvpnclient/include/ipc/networkvpn_service_proxy.h
@@ -37,14 +37,17 @@ public:
int32_t CreateVpnConnection(bool isVpnExtCall = false) override;
int32_t FactoryResetVpn() override;
int32_t RegisterBundleName(const std::string &bundleName) override;
+ int32_t GetSelfAppName(std::string &selfAppName) override;
#ifdef SUPPORT_SYSVPN
+ int32_t SetUpVpn(const sptr<SysVpnConfig> &config) override;
int32_t AddSysVpnConfig(sptr<SysVpnConfig> &config) override;
- int32_t DeleteSysVpnConfig(std::string &vpnId) override;
+ int32_t DeleteSysVpnConfig(const std::string &vpnId) override;
int32_t GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList) override;
- int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId) override;
+ int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId) override;
int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config) override;
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override;
+ int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) override;
#endif // SUPPORT_SYSVPN
- int32_t GetSelfAppName(std::string &selfAppName) override;
private:
int32_t WriteTokenAndSendRequest(INetworkVpnService::MessageCode code, MessageParcel &data, MessageParcel &reply);
diff --git a/interfaces/innerkits/netvpnclient/include/networkvpn_client.h b/interfaces/innerkits/netvpnclient/include/networkvpn_client.h
index 4a47914..3bdbeb6 100644
--- a/interfaces/innerkits/netvpnclient/include/networkvpn_client.h
+++ b/interfaces/innerkits/netvpnclient/include/networkvpn_client.h
@@ -94,6 +94,16 @@ public:
int32_t DestroyVpn(bool isVpnExtCall = false);
#ifdef SUPPORT_SYSVPN
+ /**
+ * setup system vpn.
+ *
+ * @param config system VPN interface parameters
+ * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
+ * @permission ohos.permission.MANAGE_VPN
+ * @systemapi Hide this for inner system use.
+ */
+ int32_t SetUpVpn(const sptr<SysVpnConfig> &config);
+
/**
* save vpn
*
@@ -112,7 +122,7 @@ public:
* @permission ohos.permission.MANAGE_VPN
* @systemapi Hide this for inner system use.
*/
- int32_t DeleteSysVpnConfig(std::string &vpnId);
+ int32_t DeleteSysVpnConfig(const std::string &vpnId);
/**
* get vpn list
@@ -133,7 +143,7 @@ public:
* @permission ohos.permission.MANAGE_VPN
* @systemapi Hide this for inner system use.
*/
- int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId);
+ int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId);
/**
* get connected vpn
@@ -144,6 +154,26 @@ public:
* @systemapi Hide this for inner system use.
*/
int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config);
+
+ /**
+ * nofytify the connect stage to fwk
+ *
+ * @param stage the connect stage
+ * @param result the connect result
+ * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
+ * @systemapi Hide this for inner system use.
+ */
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result);
+
+ /**
+ * get system vpn certificate uri
+ *
+ * @param certType the certificate type (ca certificate, user certificate or server certificate)
+ * @param certUri the certificate uri (out param)
+ * @return NETMANAGER_EXT_SUCCESS(0) if process normal, others is error
+ * @systemapi Hide this for inner system use.
+ */
+ int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri);
#endif // SUPPORT_SYSVPN
/**
diff --git a/interfaces/innerkits/netvpnclient/include/openvpn_config.h b/interfaces/innerkits/netvpnclient/include/openvpn_config.h
new file mode 100755
index 0000000..4869088
--- /dev/null
+++ b/interfaces/innerkits/netvpnclient/include/openvpn_config.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OPENVPN_CONFIG_H
+#define OPENVPN_CONFIG_H
+
+#include <string>
+#include "sysvpn_config.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+struct OpenvpnConfig : SysVpnConfig {
+ std::string ovpnPort_;
+ int32_t ovpnProtocol_;
+ std::string ovpnConfig_;
+ int32_t ovpnAuthType_;
+ std::string askpass_;
+ std::string ovpnConfigFilePath_;
+ std::string ovpnCaCertFilePath_;
+ std::string ovpnUserCertFilePath_;
+ std::string ovpnPrivateKeyFilePath_;
+
+ bool Marshalling(Parcel &parcel) const override;
+ static sptr<OpenvpnConfig> Unmarshalling(Parcel &parcel);
+};
+} // namespace NetManagerStandard
+} // namespace OHOS
+#endif // OPENVPN_CONFIG_H
diff --git a/interfaces/innerkits/netvpnclient/include/sysvpn_config.h b/interfaces/innerkits/netvpnclient/include/sysvpn_config.h
index 485cf54..115aabe 100755
--- a/interfaces/innerkits/netvpnclient/include/sysvpn_config.h
+++ b/interfaces/innerkits/netvpnclient/include/sysvpn_config.h
@@ -21,7 +21,7 @@
namespace OHOS {
namespace NetManagerStandard {
-enum class VpnType {
+enum VpnType : int32_t {
IKEV2_IPSEC_MSCHAPv2 = 1,
IKEV2_IPSEC_PSK,
IKEV2_IPSEC_RSA,
@@ -29,7 +29,8 @@ enum class VpnType {
L2TP_IPSEC_RSA,
IPSEC_XAUTH_PSK,
IPSEC_XAUTH_RSA,
- IPSEC_HYBRID_RSA
+ IPSEC_HYBRID_RSA,
+ OPENVPN
};
struct SysVpnConfig : public VpnConfig {
diff --git a/interfaces/innerkits/netvpnclient/include/vpn_data_bean.h b/interfaces/innerkits/netvpnclient/include/vpn_data_bean.h
index b7e5a7c..9f88a77 100755
--- a/interfaces/innerkits/netvpnclient/include/vpn_data_bean.h
+++ b/interfaces/innerkits/netvpnclient/include/vpn_data_bean.h
@@ -19,11 +19,12 @@
#include <string>
#include <vector>
-#include "refbase.h"
#include "inet_addr.h"
-#include "vpn_config.h"
#include "ipsecvpn_config.h"
#include "l2tpvpn_config.h"
+#include "openvpn_config.h"
+#include "refbase.h"
+#include "vpn_config.h"
namespace OHOS {
namespace NetManagerStandard {
@@ -77,12 +78,14 @@ struct VpnDataBean : public virtual RefBase {
std::string l2tpSharedKey_;
static sptr<SysVpnConfig> ConvertVpnBeanToSysVpnConfig(sptr<VpnDataBean> &vpnBean);
+ static sptr<OpenvpnConfig> ConvertVpnBeanToOpenvpnConfig(sptr<VpnDataBean> vpnBean);
static sptr<IpsecVpnConfig> ConvertVpnBeanToIpsecVpnConfig(sptr<VpnDataBean> &vpnBean);
static sptr<L2tpVpnConfig> ConvertVpnBeanToL2tpVpnConfig(sptr<VpnDataBean> &vpnBean);
static sptr<VpnDataBean> ConvertSysVpnConfigToVpnBean(sptr<SysVpnConfig> &sysVpnConfig);
static void ConvertCommonVpnConfigToVpnBean(sptr<SysVpnConfig> &sysVpnConfig, sptr<VpnDataBean> &vpnBean);
- static void ConvertIpsecVpnConfigToVpnBean(sptr<IpsecVpnConfig> &ipsecVpnConfig, sptr<VpnDataBean> &vpnBean);
- static void ConvertL2tpVpnConfigToVpnBean(sptr<L2tpVpnConfig> &l2tpVpnConfig, sptr<VpnDataBean> &vpnBean);
+ static void ConvertOpenvpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean);
+ static void ConvertIpsecVpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean);
+ static void ConvertL2tpVpnConfigToVpnBean(sptr<SysVpnConfig> sysVpnConfig, sptr<VpnDataBean> &vpnBean);
};
} // namespace NetManagerStandard
} // namespace OHOS
diff --git a/netmanager_ext_config.gni b/netmanager_ext_config.gni
index f673b67..786c05c 100644
--- a/netmanager_ext_config.gni
+++ b/netmanager_ext_config.gni
@@ -96,10 +96,13 @@ declare_args() {
netmanager_ext_feature_share = true
netmanager_ext_feature_mdns = true
netmanager_ext_feature_net_firewall = false
+ netmanager_ext_feature_sysvpn = false
netmanager_ext_feature_vpn = true
+ netmanager_ext_feature_vpn_for_user0 = false
netmanager_ext_feature_vpnext = true
usb_manager_enable = false
}
+sysvpn_flags = [ "-DSUPPORT_SYSVPN" ]
memory_optimization_cflags = [
"-fvisibility=hidden",
diff --git a/services/etc/init/BUILD.gn b/services/etc/init/BUILD.gn
index 8a32198..804b618 100644
--- a/services/etc/init/BUILD.gn
+++ b/services/etc/init/BUILD.gn
@@ -26,3 +26,10 @@ ohos_prebuilt_etc("mdnsmanager.rc") {
part_name = "netmanager_ext"
subsystem_name = "communication"
}
+
+ohos_prebuilt_etc("vpnmanager.cfg") {
+ source = "vpnmanager.cfg"
+ relative_install_dir = "init"
+ part_name = "netmanager_ext"
+ subsystem_name = "communication"
+}
\ No newline at end of file
diff --git a/services/etc/init/vpnmanager.cfg b/services/etc/init/vpnmanager.cfg
new file mode 100644
index 0000000..5f21e99
--- /dev/null
+++ b/services/etc/init/vpnmanager.cfg
@@ -0,0 +1,10 @@
+{
+ "jobs" :[
+ {
+ "name" : "early-boot",
+ "cmds" : [
+ "mkdir /data/service/el1/public/vpn 0770 netsysnative net_manager"
+ ]
+ }
+ ]
+}
diff --git a/services/vpnmanager/BUILD.gn b/services/vpnmanager/BUILD.gn
index 8bca510..dc73968 100644
--- a/services/vpnmanager/BUILD.gn
+++ b/services/vpnmanager/BUILD.gn
@@ -57,7 +57,21 @@ net_vpn_manager_sources = [
"$VPN_INNERKITS_SOURCE_DIR/src/vpn_config.cpp",
]
-net_vpn_manager_deps = [ "$NETMANAGER_EXT_ROOT/utils:net_event_report" ]
+if (netmanager_ext_feature_sysvpn) {
+ net_vpn_manager_sources += [
+ "$VPNMANAGER_SOURCE_DIR/src/vpn_database_helper.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/ipsecvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/l2tpvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/openvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/sysvpn_config.cpp",
+ "$VPN_INNERKITS_SOURCE_DIR/src/vpn_data_bean.cpp",
+ ]
+}
+
+net_vpn_manager_deps = [
+ "$NETMANAGER_EXT_ROOT/utils:net_event_report",
+ "//third_party/cJSON:cjson"
+]
net_vpn_manager_external_deps = [
"ability_base:want",
@@ -66,7 +80,7 @@ net_vpn_manager_external_deps = [
"ability_runtime:app_manager",
"bundle_framework:appexecfwk_base",
"bundle_framework:appexecfwk_core",
- "cJSON:cjson",
+ #"cJSON:cjson",
"c_utils:utils",
"common_event_service:cesfwk_innerkits",
"eventhandler:libeventhandler",
@@ -79,6 +93,7 @@ net_vpn_manager_external_deps = [
"netmanager_base:net_manager_common",
"netmanager_base:netsys_controller",
"os_account:os_account_innerkits",
+ "relational_store:native_rdb",
"safwk:system_ability_fwk",
"samgr:samgr_proxy",
]
@@ -95,6 +110,11 @@ ohos_shared_library("net_vpn_manager") {
configs = [ ":net_vpn_manager_config" ]
+ defines = []
+ if (netmanager_ext_feature_vpn_for_user0) {
+ defines += [ "ENABLE_VPN_FOR_USER0" ]
+ }
+
sources = net_vpn_manager_sources
deps = net_vpn_manager_deps
external_deps = net_vpn_manager_external_deps
@@ -105,7 +125,10 @@ ohos_shared_library("net_vpn_manager") {
"-D_FORTIFY_SOURCE=2",
"-O2",
]
-
+ defines = []
+ if (netmanager_ext_feature_vpn_for_user0) {
+ defines += [ "ENABLE_VPN_FOR_USER0" ]
+ }
cflags_cc = memory_optimization_cflags_cc
cflags_cc += [
"-fstack-protector-strong",
@@ -113,6 +136,16 @@ ohos_shared_library("net_vpn_manager") {
"-O2",
]
+ if (netmanager_ext_feature_sysvpn) {
+ cflags += sysvpn_flags
+ cflags_cc += sysvpn_flags
+ sources += [
+ "$VPNMANAGER_SOURCE_DIR/src/ipsec_vpn_ctl.cpp",
+ "$VPNMANAGER_SOURCE_DIR/src/l2tp_vpn_ctl.cpp",
+ "$VPNMANAGER_SOURCE_DIR/src/open_vpn_ctl.cpp",
+ ]
+ }
+
ldflags = memory_optimization_ldflags
part_name = "netmanager_ext"
@@ -132,6 +165,17 @@ ohos_static_library("net_vpn_manager_static") {
configs = [ ":net_vpn_manager_config" ]
sources = net_vpn_manager_sources
+
+ if (netmanager_ext_feature_sysvpn) {
+ cflags = sysvpn_flags
+ cflags_cc = sysvpn_flags
+ sources += [
+ "$VPNMANAGER_SOURCE_DIR/src/ipsec_vpn_ctl.cpp",
+ "$VPNMANAGER_SOURCE_DIR/src/l2tp_vpn_ctl.cpp",
+ "$VPNMANAGER_SOURCE_DIR/src/open_vpn_ctl.cpp",
+ ]
+ }
+
deps = net_vpn_manager_deps
external_deps = net_vpn_manager_external_deps
diff --git a/services/vpnmanager/include/ipc/networkvpn_service_stub.h b/services/vpnmanager/include/ipc/networkvpn_service_stub.h
index 069775e..9462409 100644
--- a/services/vpnmanager/include/ipc/networkvpn_service_stub.h
+++ b/services/vpnmanager/include/ipc/networkvpn_service_stub.h
@@ -42,11 +42,14 @@ private:
int32_t ReplyProtect(MessageParcel &data, MessageParcel &reply);
int32_t ReplyDestroyVpn(MessageParcel &data, MessageParcel &reply);
#ifdef SUPPORT_SYSVPN
+ int32_t ReplySetUpSysVpn(MessageParcel &data, MessageParcel &reply);
int32_t ReplyAddSysVpnConfig(MessageParcel &data, MessageParcel &reply);
int32_t ReplyDeleteSysVpnConfig(MessageParcel &data, MessageParcel &reply);
int32_t ReplyGetSysVpnConfigList(MessageParcel &data, MessageParcel &reply);
int32_t ReplyGetSysVpnConfig(MessageParcel &data, MessageParcel &reply);
int32_t ReplyGetConnectedSysVpnConfig(MessageParcel &data, MessageParcel &reply);
+ int32_t ReplyNotifyConnectStage(MessageParcel &data, MessageParcel &reply);
+ int32_t ReplyGetSysVpnCertUri(MessageParcel &data, MessageParcel &reply);
#endif // SUPPORT_SYSVPN
int32_t ReplyRegisterVpnEvent(MessageParcel &data, MessageParcel &reply);
int32_t ReplyUnregisterVpnEvent(MessageParcel &data, MessageParcel &reply);
diff --git a/services/vpnmanager/include/ipsec_vpn_ctl.h b/services/vpnmanager/include/ipsec_vpn_ctl.h
new file mode 100755
index 0000000..84aac67
--- /dev/null
+++ b/services/vpnmanager/include/ipsec_vpn_ctl.h
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef IPSEC_VPN_CTL_H
+#define IPSEC_VPN_CTL_H
+
+#include <cstdint>
+
+#include "ipsecvpn_config.h"
+#include "l2tpvpn_config.h"
+#include "net_vpn_impl.h"
+#include "netsys_controller.h"
+
+#define IPSEC_PIDDIR "/data/service/el1/public/vpn"
+//#define IPSEC_PIDDIR "/data/service/el1/public/netmanager"
+
+namespace OHOS {
+namespace NetManagerStandard {
+namespace {
+const std::string SWAN_CTL_FILE = IPSEC_PIDDIR "/swanctl.conf";
+const std::string SWAN_CONFIG_FILE = IPSEC_PIDDIR "/strongswan.conf";
+const std::string L2TP_IPSEC_CFG = IPSEC_PIDDIR "/ipsec.conf";
+const std::string L2TP_CFG = IPSEC_PIDDIR "/xl2tpd.conf";
+const std::string L2TP_IPSEC_SECRETS_CFG = IPSEC_PIDDIR "/ipsec.secrets.conf";
+const std::string OPTIONS_L2TP_CLIENT = IPSEC_PIDDIR "/options.l2tpd.client.conf";
+const std::string IPSEC_START_TAG = "start";
+const std::string SWANCTL_START_TAG = "config";
+const std::string IPSEC_CONNECT_TAG = "connect";
+} // namespace
+using namespace NetsysNative;
+enum IpsecVpnStateCode {
+ STATE_INIT = 0,
+ STATE_STARTED, // ipsec restart compelete
+ STATE_CONFIGED, // swanctl load files compelete or xl2tpd start
+ STATE_CONTROLLED, // control pppd startup
+ STATE_CONNECTED, // ipsec up home or pppd started
+ STATE_DISCONNECTED, // stop
+};
+
+enum IpsecVpnCertType : int32_t {
+ CA_CERT = 0,
+ USER_CERT,
+ SERVER_CERT,
+};
+
+class IpsecVpnCtl : public NetVpnImpl {
+public:
+ IpsecVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId, std::vector<int32_t> &activeUserIds);
+ virtual ~IpsecVpnCtl();
+
+ sptr<IpsecVpnConfig> ipsecVpnConfig_ = nullptr;
+ sptr<L2tpVpnConfig> l2tpVpnConfig_ = nullptr;
+
+ bool IsInternalVpn() override;
+ int32_t SetUp() override;
+ int32_t Destroy() override;
+ int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig) override;
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override;
+ int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) override;
+
+protected:
+ int32_t state_ = STATE_INIT;
+ virtual int32_t StartSysVpn();
+ virtual int32_t StopSysVpn();
+ virtual int32_t InitConfigFile();
+ void CleanTempFiles();
+ void DeleteTempFile(const std::string &fileName);
+};
+} // namespace NetManagerStandard
+} // namespace OHOS
+#endif // IPSEC_VPN_CTL_H
diff --git a/services/vpnmanager/include/l2tp_vpn_ctl.h b/services/vpnmanager/include/l2tp_vpn_ctl.h
new file mode 100755
index 0000000..4b21fec
--- /dev/null
+++ b/services/vpnmanager/include/l2tp_vpn_ctl.h
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef L2TP_VPN_INTERFACE_H
+#define L2TP_VPN_INTERFACE_H
+
+#include <cstdint>
+
+#include "ipsecvpn_config.h"
+#include "ipsec_vpn_ctl.h"
+#include "l2tpvpn_config.h"
+#include "net_vpn_impl.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+namespace {
+const std::string L2TP_IPSEC_CONFIGURED_TAG = "xl2tpdstart";
+const std::string L2TP_IPSEC_CONNECTED_TAG = "pppdstart";
+} // namespace
+class L2tpVpnCtl : public IpsecVpnCtl {
+public:
+ L2tpVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId, std::vector<int32_t> &activeUserIds);
+ ~L2tpVpnCtl() = default;
+
+ int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig) override;
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override;
+ int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) override;
+
+private:
+ int32_t StartSysVpn() override;
+ int32_t StopSysVpn() override;
+ int32_t InitConfigFile() override;
+};
+} // namespace NetManagerStandard
+} // namespace OHOS
+#endif // L2TP_VPN_INTERFACE_H
diff --git a/services/vpnmanager/include/net_vpn_impl.h b/services/vpnmanager/include/net_vpn_impl.h
index 4beb3cd..face4f2 100644
--- a/services/vpnmanager/include/net_vpn_impl.h
+++ b/services/vpnmanager/include/net_vpn_impl.h
@@ -29,6 +29,9 @@
#include "net_specifier.h"
#include "net_supplier_info.h"
#include "networkvpn_hisysevent.h"
+#ifdef SUPPORT_SYSVPN
+#include "sysvpn_config.h"
+#endif // SUPPORT_SYSVPN
#include "vpn_config.h"
namespace OHOS {
@@ -43,7 +46,12 @@ public:
virtual bool IsInternalVpn() = 0;
virtual int32_t SetUp() = 0;
virtual int32_t Destroy() = 0;
-
+#ifdef SUPPORT_SYSVPN
+ virtual int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig);
+ virtual int32_t NotifyConnectStage(const std::string &stage, const int32_t &result);
+ virtual int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri);
+ virtual bool IsSystemVpn();
+#endif // SUPPORT_SYSVPN
int32_t RegisterConnectStateChangedCb(std::shared_ptr<IVpnConnStateCb> callback);
void NotifyConnectState(const VpnConnectState &state);
@@ -71,11 +79,14 @@ public:
int32_t ResumeUids();
+protected:
+ bool UpdateNetLinkInfo();
+
private:
bool RegisterNetSupplier(NetConnClient &netConnClientIns);
void UnregisterNetSupplier(NetConnClient &netConnClientIns);
bool UpdateNetSupplierInfo(NetConnClient &netConnClientIns, bool isAvailable);
- bool UpdateNetLinkInfo(NetConnClient &netConnClientIns);
+
void DelNetLinkInfo(NetConnClient &netConnClientIns);
void AdjustRouteInfo(Route &route);
void SetIpv4DefaultRoute(Route &ipv4DefaultRoute);
@@ -103,6 +114,8 @@ private:
std::vector<int32_t> endUids_;
std::shared_ptr<IVpnConnStateCb> connChangedCb_;
sptr<NetSupplierInfo> netSupplierInfo_ = nullptr;
+
+ void SetAllUidRanges();
};
} // namespace NetManagerStandard
} // namespace OHOS
diff --git a/services/vpnmanager/include/networkvpn_service.h b/services/vpnmanager/include/networkvpn_service.h
index c6afb4d..1f897a5 100644
--- a/services/vpnmanager/include/networkvpn_service.h
+++ b/services/vpnmanager/include/networkvpn_service.h
@@ -33,6 +33,7 @@
#include "cJSON.h"
#include "ffrt.h"
#ifdef SUPPORT_SYSVPN
+#include "ipsec_vpn_ctl.h"
#include "vpn_database_helper.h"
#endif // SUPPORT_SYSVPN
@@ -122,6 +123,11 @@ public:
int32_t DestroyVpn(bool isVpnExtCall = false) override;
#ifdef SUPPORT_SYSVPN
+ /**
+ * This function is called when the system vpn application negotiation ends
+ */
+ int32_t SetUpVpn(const sptr<SysVpnConfig> &config) override;
+
/**
* save the vpn config
*/
@@ -130,7 +136,7 @@ public:
/**
* get the vpn config list
*/
- int32_t DeleteSysVpnConfig(std::string &vpnId) override;
+ int32_t DeleteSysVpnConfig(const std::string &vpnId) override;
/**
* get the vpn config listGetConnectedSysVpnConfig
@@ -140,12 +146,19 @@ public:
/**
* get the vpn config
*/
- int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId) override;
+ int32_t GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId) override;
/**
* get the vpn connection state
*/
int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config) override;
+
+ /**
+ * notify the vpn connection stage and result
+ */
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override;
+
+ int32_t GetSysVpnCertUri(const int32_t certType, std::string &certUri) override;
#endif // SUPPORT_SYSVPN
/**
@@ -217,6 +230,20 @@ private:
void StartAlwaysOnVpn();
void SubscribeCommonEvent();
+ bool PublishEvent(const OHOS::AAFwk::Want &want, int eventCode,
+ bool isOrdered, bool isSticky, const std::vector<std::string> &permissions) const;
+ void PublishVpnConnectionStateEvent(const VpnConnectState &state) const;
+#ifdef SUPPORT_SYSVPN
+ std::shared_ptr<NetVpnImpl> CreateSysVpnCtl(const sptr<SysVpnConfig> &config, int32_t userId,
+ std::vector<int32_t> &activeUserIds);
+ std::shared_ptr<NetVpnImpl> CreateOpenvpnCtl(sptr<VpnDataBean> vpnBean, int32_t userId,
+ std::vector<int32_t> &activeUserIds);
+ std::shared_ptr<IpsecVpnCtl> CreateIpsecVpnCtl(sptr<VpnDataBean> vpnBean, int32_t userId,
+ std::vector<int32_t> &activeUserIds);
+ int32_t QueryVpnData(const sptr<SysVpnConfig> config, sptr<VpnDataBean> &vpnBean);
+ std::shared_ptr<IpsecVpnCtl> CreateL2tpCtl(sptr<VpnDataBean> vpnBean, int32_t userId,
+ std::vector<int32_t> &activeUserIds);
+#endif // SUPPORT_SYSVPN
std::string GetBundleName();
std::string GetCurrentVpnBundleName();
std::vector<std::string> GetCurrentVpnAbilityName();
@@ -226,10 +253,6 @@ private:
bool isServicePublished_ = false;
std::shared_ptr<IVpnConnStateCb> vpnConnCallback_;
std::shared_ptr<NetVpnImpl> vpnObj_;
-#ifdef SUPPORT_SYSVPN
- std::shared_ptr<VpnDatabaseHelper> vpnDbHelper_;
-#endif // SUPPORT_SYSVPN
-
std::vector<sptr<IVpnEventCallback>> vpnEventCallbacks_;
std::shared_ptr<ffrt::queue> networkVpnServiceFfrtQueue_ = nullptr;
std::mutex netVpnMutex_;
@@ -287,6 +310,7 @@ private:
std::mutex remoteMutex_;
sptr<IRemoteObject::DeathRecipient> deathRecipient_ = nullptr;
sptr<VpnHapObserver> vpnHapObserver_ = nullptr;
+ int32_t hasOpenedVpnUid_ = 0;
std::string currentVpnBundleName_;
std::vector<std::string> currentVpnAbilityName_;
};
diff --git a/services/vpnmanager/include/open_vpn_ctl.h b/services/vpnmanager/include/open_vpn_ctl.h
new file mode 100755
index 0000000..8b2ea9d
--- /dev/null
+++ b/services/vpnmanager/include/open_vpn_ctl.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef OPENVPN_CTL_H
+#define OPENVPN_CTL_H
+
+#include "cJSON.h"
+#include "netsys_controller.h"
+#include "net_vpn_impl.h"
+#include "openvpn_config.h"
+
+#define VPN_PIDDIR "/data/service/el1/public/vpn"
+
+namespace OHOS {
+namespace NetManagerStandard {
+using namespace NetsysNative;
+
+constexpr const char *OPENVPN_NODE_ROOT = "openvpn";
+constexpr const char *OPENVPN_NODE_MTU = "mtu";
+constexpr const char *OPENVPN_NODE_ADDRESS = "address";
+constexpr const char *OPENVPN_NODE_NETMASK = "netmask";
+constexpr const char *OPENVPN_NODE_CONFIG = "config";
+constexpr const char *OPENVPN_NODE_STATE = "state";
+constexpr const char *OPENVPN_NODE_UPDATE_STATE = "updateState";
+constexpr const char *OPENVPN_NODE_SETUP_VPN_TUN = "setupVpnTun";
+constexpr const char *OPENVPN_MASK_TAG = "***";
+
+enum OpenvpnStateCode : int32_t {
+ OPENVPN_STATE_UNKNOWN = 1,
+ OPENVPN_STATE_SETUP,
+ OPENVPN_STATE_STARTED,
+ OPENVPN_STATE_CONNECTED,
+ OPENVPN_STATE_DISCONNECTED,
+ OPENVPN_STATE_ERROR_PRIVATE_KEY = 200,
+ OPENVPN_STATE_ERROR_CLIENT_CRT,
+ OPENVPN_STATE_ERROR_CA_CAT,
+ OPENVPN_STATE_ERROR_TIME_OUT,
+};
+
+class OpenvpnCtl : public NetVpnImpl {
+public:
+ OpenvpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId, std::vector<int32_t> &activeUserIds);
+ ~OpenvpnCtl() = default;
+
+ bool IsInternalVpn() override;
+ int32_t SetUp() override;
+ int32_t Destroy() override;
+ int32_t GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig) override;
+ int32_t NotifyConnectStage(const std::string &stage, const int32_t &result) override;
+ bool IsSystemVpn() override;
+ sptr<OpenvpnConfig> openvpnConfig_;
+
+private:
+ const std::string OPENVPN_CONFIG_FILE = VPN_PIDDIR "/config.ovpn";
+ const std::string OPENVPN_ASKPASS_FILE = VPN_PIDDIR "/askpass";
+ const std::string OPENVPN_ASKPASS_PARAM = "askpass " + std::string(OPENVPN_ASKPASS_FILE);
+ int32_t openvpnState_ = OPENVPN_STATE_UNKNOWN;
+ void UpdateOpenvpnState(const int32_t state);
+ int32_t StartOpenvpn();
+ std::string MaskOpenvpnMessage(const std::string &msg);
+ int32_t HandleClientMessage(const std::string &msg);
+ int32_t SetUpVpnTun();
+ void UpdateConfig(cJSON* jConfig);
+ void UpdateState(cJSON* state);
+ void StopOpenvpn();
+};
+} // namespace NetManagerStandard
+} // namespace OHOS
+#endif // OPENVPN_CTL_H
\ No newline at end of file
diff --git a/services/vpnmanager/include/vpn_database_defines.h b/services/vpnmanager/include/vpn_database_defines.h
index 74ba0db..bf8d13a 100755
--- a/services/vpnmanager/include/vpn_database_defines.h
+++ b/services/vpnmanager/include/vpn_database_defines.h
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -22,7 +22,8 @@
namespace OHOS {
namespace NetManagerStandard {
namespace VpnDatabaseDefines {
-constexpr const char *VPN_DATABASE_PATH = "/data/service/el1/public/netmanager/vpn_data.db";
+static std::string VPN_DATABASE_PATH = "/data/service/el1/public/vpn/";
+constexpr const char *VPN_DB_NAME = "vpn_data.db";
constexpr const char *VPN_CONFIG_TABLE_CREATE_PARAM = "vpnId TEXT PRIMARY KEY NOT NULL,"
"vpnName TEXT NOT NULL,"
"vpnType INTEGER NOT NULL,"
@@ -83,15 +84,15 @@ const std::string VPN_FORWARDED_ROUTES = "forwardingRoutes";
const std::string VPN_DNS_ADDRESSES = "dnsAddresses";
const std::string VPN_SEARCH_DOMAINS = "searchDomains";
-const std::string OPEN_VPN_PORT = "ovpnPort";
-const std::string OPEN_VPN_PROTOCOL = "ovpnProtocol";
-const std::string OPEN_VPN_CFG = "ovpnConfig";
-const std::string OPEN_VPN_AUTH_TYPE = "ovpnAuthType";
-const std::string OPEN_VPN_ASKPASS = "askpass";
-const std::string OPEN_VPN_CFG_FILE_PATH = "ovpnConfigFilePath";
-const std::string OPEN_VPN_CA_CERT_FILE_PATH = "ovpnCaCertFilePath";
-const std::string OPEN_VPN_USER_CERT_FILE_PATH = "ovpnUserCertFilePath";
-const std::string OPEN_VPN_PRIVATE_KEY_FILE_PATH = "ovpnPrivateKeyFilePath";
+const std::string OPENVPN_PORT = "ovpnPort";
+const std::string OPENVPN_PROTOCOL = "ovpnProtocol";
+const std::string OPENVPN_CFG = "ovpnConfig";
+const std::string OPENVPN_AUTH_TYPE = "ovpnAuthType";
+const std::string OPENVPN_ASKPASS = "askpass";
+const std::string OPENVPN_CFG_FILE_PATH = "ovpnConfigFilePath";
+const std::string OPENVPN_CA_CERT_FILE_PATH = "ovpnCaCertFilePath";
+const std::string OPENVPN_USER_CERT_FILE_PATH = "ovpnUserCertFilePath";
+const std::string OPENVPN_PRIVATE_KEY_FILE_PATH = "ovpnPrivateKeyFilePath";
const std::string IPSEC_PRE_SHARE_KEY = "ipsecPreSharedKey";
const std::string IPSEC_IDENTIFIER = "ipsecIdentifier";
@@ -126,15 +127,15 @@ constexpr int32_t INDEX_VPN_SAVE_LOGIN = 8;
constexpr int32_t INDEX_VPN_FORWARDED_ROUTES = 9;
constexpr int32_t INDEX_VPN_DNS_ADDRESSES = 10;
constexpr int32_t INDEX_VPN_SEARCH_DOMAINS = 11;
-constexpr int32_t INDEX_OPEN_VPN_PORT = 12;
-constexpr int32_t INDEX_OPEN_VPN_PROTOCOL = 13;
-constexpr int32_t INDEX_OPEN_VPN_CFG = 14;
-constexpr int32_t INDEX_OPEN_VPN_AUTH_TYPE = 15;
-constexpr int32_t INDEX_OPEN_VPN_ASKPASS = 16;
-constexpr int32_t INDEX_OPEN_VPN_CFG_FILE_PATH = 17;
-constexpr int32_t INDEX_OPEN_VPN_CA_CERT_FILE_PATH = 18;
-constexpr int32_t INDEX_OPEN_VPN_USER_CERT_FILE_PATH = 19;
-constexpr int32_t INDEX_OPEN_VPN_PRIVATE_KEY_FILE_PATH = 20;
+constexpr int32_t INDEX_OPENVPN_PORT = 12;
+constexpr int32_t INDEX_OPENVPN_PROTOCOL = 13;
+constexpr int32_t INDEX_OPENVPN_CFG = 14;
+constexpr int32_t INDEX_OPENVPN_AUTH_TYPE = 15;
+constexpr int32_t INDEX_OPENVPN_ASKPASS = 16;
+constexpr int32_t INDEX_OPENVPN_CFG_FILE_PATH = 17;
+constexpr int32_t INDEX_OPENVPN_CA_CERT_FILE_PATH = 18;
+constexpr int32_t INDEX_OPENVPN_USER_CERT_FILE_PATH = 19;
+constexpr int32_t INDEX_OPENVPN_PRIVATE_KEY_FILE_PATH = 20;
constexpr int32_t INDEX_IPSEC_PRE_SHARE_KEY = 21;
constexpr int32_t INDEX_IPSEC_IDENTIFIER = 22;
constexpr int32_t INDEX_SWANCTL_CONF = 23;
diff --git a/services/vpnmanager/include/vpn_database_helper.h b/services/vpnmanager/include/vpn_database_helper.h
index 0f6a636..db40bb8 100755
--- a/services/vpnmanager/include/vpn_database_helper.h
+++ b/services/vpnmanager/include/vpn_database_helper.h
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -20,7 +20,6 @@
#include <functional>
#include <string>
-#include "vpn_data_bean.h"
#include "ipsecvpn_config.h"
#include "l2tpvpn_config.h"
#include "rdb_common.h"
@@ -30,35 +29,34 @@
#include "rdb_predicates.h"
#include "rdb_store.h"
#include "result_set.h"
+#include "vpn_data_bean.h"
namespace OHOS {
namespace NetManagerStandard {
class VpnDatabaseHelper {
public:
- VpnDatabaseHelper();
- ~VpnDatabaseHelper() = default;
-
- int32_t InsertData(const sptr<VpnDataBean> &vpnBean);
+ static VpnDatabaseHelper &GetInstance();
int32_t InsertOrUpdateData(const sptr<VpnDataBean> &vpnBean);
- bool IsVpnInfoExists(std::string &vpnId);
int32_t QueryVpnData(sptr<VpnDataBean> &vpnBean, const std::string &vpnUuid);
int32_t QueryAllData(std::vector<SysVpnConfig> &infos, const int32_t userId);
int32_t DeleteVpnData(const std::string &vpnUuid);
- int32_t UpdateData(const sptr<VpnDataBean> &vpnBean);
private:
+ VpnDatabaseHelper();
+ ~VpnDatabaseHelper() = default;
+ int32_t InsertData(const sptr<VpnDataBean> &vpnBean);
+ int32_t UpdateData(const sptr<VpnDataBean> &vpnBean);
+ bool IsVpnInfoExists(const std::string &vpnId);
void GetVpnDataFromResultSet(const std::shared_ptr<OHOS::NativeRdb::ResultSet> &queryResultSet,
sptr<VpnDataBean> &vpnBean);
void BindVpnData(NativeRdb::ValuesBucket &values, const sptr<VpnDataBean> &info);
- std::shared_ptr<OHOS::NativeRdb::RdbStore> store_;
+ std::shared_ptr<OHOS::NativeRdb::RdbStore> store_ = nullptr;
};
class VpnDataBaseCallBack : public OHOS::NativeRdb::RdbOpenCallback {
public:
int32_t OnCreate(OHOS::NativeRdb::RdbStore &rdbStore) override;
-
int32_t OnUpgrade(OHOS::NativeRdb::RdbStore &rdbStore, int32_t oldVersion, int32_t newVersion) override;
-
int32_t OnDowngrade(OHOS::NativeRdb::RdbStore &rdbStore, int32_t currentVersion, int32_t targetVersion) override;
};
} // namespace NetManagerStandard
diff --git a/services/vpnmanager/src/ipc/networkvpn_service_stub.cpp b/services/vpnmanager/src/ipc/networkvpn_service_stub.cpp
index 0dae065..2b64f41 100644
--- a/services/vpnmanager/src/ipc/networkvpn_service_stub.cpp
+++ b/services/vpnmanager/src/ipc/networkvpn_service_stub.cpp
@@ -34,6 +34,8 @@ NetworkVpnServiceStub::NetworkVpnServiceStub()
permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_STOP_VPN] = {
Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplyDestroyVpn};
#ifdef SUPPORT_SYSVPN
+ permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_SETUP_SYS_VPN] = {
+ Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplySetUpSysVpn};
permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_ADD_SYS_VPN_CONFIG] = {
Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplyAddSysVpnConfig};
permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_DELETE_SYS_VPN_CONFIG] = {
@@ -44,6 +46,10 @@ NetworkVpnServiceStub::NetworkVpnServiceStub()
Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplyGetSysVpnConfig};
permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_GET_CONNECTED_SYS_VPN_CONFIG] = {
Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplyGetConnectedSysVpnConfig};
+ permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_NOTIFY_CONNECT_STAGE] = {
+ "", &NetworkVpnServiceStub::ReplyNotifyConnectStage};
+ permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_GET_SYS_VPN_CERT_URI] = {
+ "", &NetworkVpnServiceStub::ReplyGetSysVpnCertUri};
#endif // SUPPORT_SYSVPN
permissionAndFuncMap_[INetworkVpnService::MessageCode::CMD_REGISTER_EVENT_CALLBACK] = {
Permission::MANAGE_VPN, &NetworkVpnServiceStub::ReplyRegisterVpnEvent};
@@ -156,15 +162,37 @@ int32_t NetworkVpnServiceStub::ReplyDestroyVpn(MessageParcel &data, MessageParce
}
#ifdef SUPPORT_SYSVPN
+int32_t NetworkVpnServiceStub::ReplySetUpSysVpn(MessageParcel &data, MessageParcel &reply)
+{
+ sptr<SysVpnConfig> config = new (std::nothrow) SysVpnConfig();
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("ReplySetUpSysVpn failed, config is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ if (!(data.ReadString(config->vpnId_) && data.ReadInt32(config->vpnType_))) {
+ NETMGR_EXT_LOG_E("ReplySetUpSysVpn read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ NETMGR_EXT_LOG_I("ReplySetUpSysVpn id=%{public}s", config->vpnId_.c_str());
+ int32_t result = SetUpVpn(config);
+ if (!reply.WriteInt32(result)) {
+ NETMGR_EXT_LOG_E("ReplySetUpSysVpn write reply failed");
+ return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
int32_t NetworkVpnServiceStub::ReplyAddSysVpnConfig(MessageParcel &data, MessageParcel &reply)
{
- NETMGR_EXT_LOG_D("ReplyAddSysVpnConfig start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyAddSysVpnConfig");
sptr<SysVpnConfig> config = SysVpnConfig::Unmarshalling(data);
if (config == nullptr) {
+ NETMGR_EXT_LOG_E("ReplyAddSysVpnConfig read data failed");
return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
}
int32_t result = AddSysVpnConfig(config);
if (!reply.WriteInt32(result)) {
+ NETMGR_EXT_LOG_E("ReplyAddSysVpnConfig write reply failed");
return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
@@ -172,13 +200,15 @@ int32_t NetworkVpnServiceStub::ReplyAddSysVpnConfig(MessageParcel &data, Message
int32_t NetworkVpnServiceStub::ReplyDeleteSysVpnConfig(MessageParcel &data, MessageParcel &reply)
{
- NETMGR_EXT_LOG_D("ReplyDeleteSysVpnConfig start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyDeleteSysVpnConfig");
std::string vpnId;
if (!data.ReadString(vpnId)) {
+ NETMGR_EXT_LOG_E("ReplyDeleteSysVpnConfig read data failed");
return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
}
int32_t result = DeleteSysVpnConfig(vpnId);
if (!reply.WriteInt32(result)) {
+ NETMGR_EXT_LOG_E("ReplyDeleteSysVpnConfig write reply failed");
return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
@@ -186,21 +216,23 @@ int32_t NetworkVpnServiceStub::ReplyDeleteSysVpnConfig(MessageParcel &data, Mess
int32_t NetworkVpnServiceStub::ReplyGetSysVpnConfigList(MessageParcel &data, MessageParcel &reply)
{
- NETMGR_EXT_LOG_D("ReplyGetSysVpnConfigList start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyGetSysVpnConfigList");
std::vector<SysVpnConfig> vpnList;
int32_t result = GetSysVpnConfigList(vpnList);
if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfigList failed, result=%{public}d", result);
return result;
}
int32_t vpnListSize = static_cast<int32_t>(vpnList.size());
if (!reply.WriteInt32(vpnListSize)) {
- return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfigList write reply failed");
+ return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
for (auto &config : vpnList) {
- if (!(reply.WriteString(config.vpnId_) &&
- reply.WriteString(config.vpnName_) &&
- reply.WriteInt32(config.vpnType_))) {
- return NETMANAGER_EXT_ERR_WRITE_DATA_FAIL;
+ if (!(reply.WriteString(config.vpnId_) && reply.WriteString(config.vpnName_) &&
+ reply.WriteInt32(config.vpnType_))) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfigList write reply failed");
+ return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
}
return NETMANAGER_EXT_SUCCESS;
@@ -208,17 +240,20 @@ int32_t NetworkVpnServiceStub::ReplyGetSysVpnConfigList(MessageParcel &data, Mes
int32_t NetworkVpnServiceStub::ReplyGetSysVpnConfig(MessageParcel &data, MessageParcel &reply)
{
- NETMGR_EXT_LOG_D("ReplyGetSysVpnConfig start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyGetSysVpnConfig");
std::string vpnId;
if (!data.ReadString(vpnId)) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfig read data failed");
return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
}
sptr<SysVpnConfig> config = nullptr;
int32_t result = GetSysVpnConfig(config, vpnId);
if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfig failed, result=%{public}d", result);
return result;
}
if (config != nullptr && !config->Marshalling(reply)) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnConfig write reply failed");
return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
@@ -226,13 +261,56 @@ int32_t NetworkVpnServiceStub::ReplyGetSysVpnConfig(MessageParcel &data, Message
int32_t NetworkVpnServiceStub::ReplyGetConnectedSysVpnConfig(MessageParcel &data, MessageParcel &reply)
{
- NETMGR_EXT_LOG_D("ReplyGetConnectedSysVpnConfig start");
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyGetConnectedSysVpnConfig");
sptr<SysVpnConfig> config = nullptr;
int32_t result = GetConnectedSysVpnConfig(config);
if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("ReplyGetConnectedSysVpnConfig failed, result=%{public}d", result);
return result;
}
if (config != nullptr && !config->Marshalling(reply)) {
+ NETMGR_EXT_LOG_E("ReplyGetConnectedSysVpnConfig write reply failed");
+ return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t NetworkVpnServiceStub::ReplyNotifyConnectStage(MessageParcel &data, MessageParcel &reply)
+{
+ NETMGR_EXT_LOG_I("NetworkVpnServiceStub ReplyNotifyConnectStage");
+ std::string stage;
+ if (!data.ReadString(stage)) {
+ NETMGR_EXT_LOG_E("ReplyNotifyConnectStage read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ int32_t result;
+ if (!data.ReadInt32(result)) {
+ NETMGR_EXT_LOG_E("ReplyNotifyConnectStage read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ int32_t ret = NotifyConnectStage(stage, result);
+ if (!reply.WriteInt32(ret)) {
+ NETMGR_EXT_LOG_E("ReplyNotifyConnectStage write reply failed");
+ return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t NetworkVpnServiceStub::ReplyGetSysVpnCertUri(MessageParcel &data, MessageParcel &reply)
+{
+ int32_t certType;
+ if (!data.ReadInt32(certType)) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnCertUri read data failed");
+ return NETMANAGER_EXT_ERR_READ_DATA_FAIL;
+ }
+ std::string certUri;
+ int32_t ret = GetSysVpnCertUri(certType, certUri);
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnCertUri failed, ret=%{public}d", ret);
+ return ret;
+ }
+ if (!reply.WriteString(certUri)) {
+ NETMGR_EXT_LOG_E("ReplyGetSysVpnCertUri write reply failed");
return NETMANAGER_EXT_ERR_WRITE_REPLY_FAIL;
}
return NETMANAGER_EXT_SUCCESS;
diff --git a/services/vpnmanager/src/ipsec_vpn_ctl.cpp b/services/vpnmanager/src/ipsec_vpn_ctl.cpp
new file mode 100755
index 0000000..ff7972d
--- /dev/null
+++ b/services/vpnmanager/src/ipsec_vpn_ctl.cpp
@@ -0,0 +1,187 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "ipsec_vpn_ctl.h"
+
+#include <string>
+
+#include "base64_utils.h"
+#include "netmgr_ext_log_wrapper.h"
+#include "netmanager_base_common_utils.h"
+#include "net_manager_ext_constants.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+IpsecVpnCtl::IpsecVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId,
+ std::vector<int32_t> &activeUserIds)
+ : NetVpnImpl(config, pkg, userId, activeUserIds)
+{}
+
+IpsecVpnCtl::~IpsecVpnCtl()
+{
+ NETMGR_EXT_LOG_I("~IpsecVpnCtl");
+}
+
+int32_t IpsecVpnCtl::SetUp()
+{
+ return StartSysVpn();
+}
+
+int32_t IpsecVpnCtl::Destroy()
+{
+ return StopSysVpn();
+}
+
+int32_t IpsecVpnCtl::StopSysVpn()
+{
+ NETMGR_EXT_LOG_I("stop ipsec vpn");
+ state_ = IpsecVpnStateCode::STATE_DISCONNECTED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_DOWN_HOME);
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_STOP);
+ NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t IpsecVpnCtl::StartSysVpn()
+{
+ NETMGR_EXT_LOG_I("start ipsec vpn");
+ state_ = IpsecVpnStateCode::STATE_INIT;
+ InitConfigFile();
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_RESTART);
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t IpsecVpnCtl::InitConfigFile()
+{
+ CleanTempFiles();
+ if (ipsecVpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("InitConfigFile ipsecVpnConfig is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+
+ if (!ipsecVpnConfig_->swanctlConf_.empty()) {
+ std::string swanctlCfg = Base64::Decode(ipsecVpnConfig_->swanctlConf_);
+ if (!swanctlCfg.empty()) {
+ CommonUtils::WriteFile(SWAN_CTL_FILE, swanctlCfg);
+ }
+ }
+ if (!ipsecVpnConfig_->strongswanConf_.empty()) {
+ std::string strongswanCfg = Base64::Decode(ipsecVpnConfig_->strongswanConf_);
+ if (!strongswanCfg.empty()) {
+ CommonUtils::WriteFile(SWAN_CONFIG_FILE, strongswanCfg);
+ }
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+void IpsecVpnCtl::CleanTempFiles()
+{
+ DeleteTempFile(SWAN_CTL_FILE);
+ DeleteTempFile(SWAN_CONFIG_FILE);
+ DeleteTempFile(L2TP_CFG);
+ DeleteTempFile(L2TP_IPSEC_CFG);
+ DeleteTempFile(L2TP_IPSEC_SECRETS_CFG);
+ DeleteTempFile(OPTIONS_L2TP_CLIENT);
+}
+
+void IpsecVpnCtl::DeleteTempFile(const std::string &fileName)
+{
+ if (std::filesystem::exists(fileName)) {
+ if (!std::filesystem::remove(fileName)) {
+ NETMGR_EXT_LOG_E("remove old cache file failed");
+ }
+ }
+}
+
+int32_t IpsecVpnCtl::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ if (stage.empty()) {
+ NETMGR_EXT_LOG_E("stage is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("vpn stage: %{public}s failed, result: %{public}d", stage.c_str(), result);
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ switch (state_) {
+ case IpsecVpnStateCode::STATE_INIT:
+ if (stage.compare(IPSEC_START_TAG) == 0) {
+ // 1. start strongswan
+ NETMGR_EXT_LOG_I("ipsec vpn setup step 1: start strongswan");
+ state_ = IpsecVpnStateCode::STATE_STARTED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_SWANCTL_LOAD);
+ }
+ break;
+ case IpsecVpnStateCode::STATE_STARTED:
+ if (stage.compare(SWANCTL_START_TAG) == 0) {
+ // 2. start connect
+ NETMGR_EXT_LOG_I("ipsec vpn setup step 2: start connect");
+ state_ = IpsecVpnStateCode::STATE_CONFIGED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_UP_HOME);
+ }
+ break;
+ case IpsecVpnStateCode::STATE_CONFIGED:
+ if (stage.compare(IPSEC_CONNECT_TAG) == 0) {
+ // 3. is connected
+ NETMGR_EXT_LOG_I("ipsec vpn setup step 3: is connected");
+ state_ = IpsecVpnStateCode::STATE_CONNECTED;
+ NotifyConnectState(VpnConnectState::VPN_CONNECTED);
+ }
+ break;
+ default:
+ NETMGR_EXT_LOG_E("invalid state: %{public}d", state_);
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t IpsecVpnCtl::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ if (ipsecVpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri ipsecVpnConfig is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ switch (certType) {
+ case IpsecVpnCertType::CA_CERT:
+ certUri = ipsecVpnConfig_->ipsecCaCertConf_;
+ break;
+ case IpsecVpnCertType::USER_CERT:
+ certUri = ipsecVpnConfig_->ipsecPublicUserCertConf_;
+ break;
+ case IpsecVpnCertType::SERVER_CERT:
+ certUri = ipsecVpnConfig_->ipsecPublicServerCertConf_;
+ break;
+ default:
+ NETMGR_EXT_LOG_E("invalid certType: %{public}d", certType);
+ break;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t IpsecVpnCtl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)
+{
+ if (state_ == IpsecVpnStateCode::STATE_CONNECTED && ipsecVpnConfig_ != nullptr) {
+ NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig success");
+ sysVpnConfig = ipsecVpnConfig_;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+bool IpsecVpnCtl::IsInternalVpn()
+{
+ return true;
+}
+} // namespace NetManagerStandard
+} // namespace OHOS
\ No newline at end of file
diff --git a/services/vpnmanager/src/l2tp_vpn_ctl.cpp b/services/vpnmanager/src/l2tp_vpn_ctl.cpp
new file mode 100755
index 0000000..82fe90e
--- /dev/null
+++ b/services/vpnmanager/src/l2tp_vpn_ctl.cpp
@@ -0,0 +1,173 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "l2tp_vpn_ctl.h"
+
+#include <string>
+
+#include "base64_utils.h"
+#include "netmgr_ext_log_wrapper.h"
+#include "netmanager_base_common_utils.h"
+#include "net_manager_ext_constants.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+L2tpVpnCtl::L2tpVpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId,
+ std::vector<int32_t> &activeUserIds)
+ : IpsecVpnCtl(config, pkg, userId, activeUserIds)
+{}
+
+int32_t L2tpVpnCtl::StopSysVpn()
+{
+ NETMGR_EXT_LOG_I("stop l2tp vpn");
+ state_ = IpsecVpnStateCode::STATE_DISCONNECTED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_DOWN_HOME);
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_STOP);
+ NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t L2tpVpnCtl::StartSysVpn()
+{
+ NETMGR_EXT_LOG_I("start l2tp vpn");
+ state_ = IpsecVpnStateCode::STATE_INIT;
+ InitConfigFile();
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_RESTART);
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t L2tpVpnCtl::InitConfigFile()
+{
+ CleanTempFiles();
+ if (l2tpVpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("InitConfigFile failed, l2tpVpnConfig_ is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ if (!l2tpVpnConfig_->strongswanConf_.empty()) {
+ std::string strongswanCfg = Base64::Decode(l2tpVpnConfig_->strongswanConf_);
+ if (!strongswanCfg.empty()) {
+ CommonUtils::WriteFile(SWAN_CONFIG_FILE, strongswanCfg);
+ }
+ }
+ if (!l2tpVpnConfig_->xl2tpdConf_.empty()) {
+ std::string xl2tpdConf = Base64::Decode(l2tpVpnConfig_->xl2tpdConf_);
+ if (!xl2tpdConf.empty()) {
+ CommonUtils::WriteFile(L2TP_CFG, xl2tpdConf);
+ }
+ }
+ if (!l2tpVpnConfig_->ipsecConf_.empty()) {
+ std::string ipsecConf = Base64::Decode(l2tpVpnConfig_->ipsecConf_);
+ if (!ipsecConf.empty()) {
+ CommonUtils::WriteFile(L2TP_IPSEC_CFG, ipsecConf);
+ }
+ }
+ if (!l2tpVpnConfig_->ipsecSecrets_.empty()) {
+ std::string ipsecSecrets = Base64::Decode(l2tpVpnConfig_->ipsecSecrets_);
+ if (!ipsecSecrets.empty()) {
+ CommonUtils::WriteFile(L2TP_IPSEC_SECRETS_CFG, ipsecSecrets);
+ }
+ }
+ if (!l2tpVpnConfig_->optionsL2tpdClient_.empty()) {
+ std::string optionsL2tpdClient = Base64::Decode(l2tpVpnConfig_->optionsL2tpdClient_);
+ if (!optionsL2tpdClient.empty()) {
+ CommonUtils::WriteFile(OPTIONS_L2TP_CLIENT, optionsL2tpdClient);
+ }
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t L2tpVpnCtl::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ if (stage.empty()) {
+ NETMGR_EXT_LOG_E("stage is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("l2tpVpn stage: %{public}s failed, result: %{public}d", stage.c_str(), result);
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ switch (state_) {
+ case IpsecVpnStateCode::STATE_INIT:
+ if (stage.compare(IPSEC_START_TAG) == 0) {
+ // 1. start l2tp
+ NETMGR_EXT_LOG_I("l2tp vpn setup step 1: start l2tp");
+ state_ = IpsecVpnStateCode::STATE_STARTED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_L2TP_LOAD);
+ }
+ break;
+ case IpsecVpnStateCode::STATE_STARTED:
+ if (stage.compare(L2TP_IPSEC_CONFIGURED_TAG) == 0) {
+ // 2. start connect
+ NETMGR_EXT_LOG_I("l2tp vpn setup step 2: start connect");
+ state_ = IpsecVpnStateCode::STATE_CONFIGED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_UP_HOME);
+ }
+ break;
+ case IpsecVpnStateCode::STATE_CONFIGED:
+ if (stage.compare(IPSEC_CONNECT_TAG) == 0) {
+ // 3. set stage IPSEC_L2TP_CTL
+ NETMGR_EXT_LOG_I("l2tp vpn setup step 3: set stage IPSEC_L2TP_CTL");
+ state_ = IpsecVpnStateCode::STATE_CONTROLLED;
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_L2TP_CTL);
+ }
+ break;
+ case IpsecVpnStateCode::STATE_CONTROLLED:
+ if (stage.compare(L2TP_IPSEC_CONNECTED_TAG) == 0) {
+ // 4. is connected
+ NETMGR_EXT_LOG_I("l2tp vpn setup step 4: is connected");
+ state_ = IpsecVpnStateCode::STATE_CONNECTED;
+ NotifyConnectState(VpnConnectState::VPN_CONNECTED);
+ }
+ break;
+ default:
+ NETMGR_EXT_LOG_E("invalid state: %{public}d", state_);
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t L2tpVpnCtl::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ if (l2tpVpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri l2tpVpnConfig_ is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ switch (certType) {
+ case IpsecVpnCertType::CA_CERT:
+ certUri = l2tpVpnConfig_->ipsecCaCertConf_;
+ break;
+ case IpsecVpnCertType::USER_CERT:
+ certUri = l2tpVpnConfig_->ipsecPublicUserCertConf_;
+ break;
+ case IpsecVpnCertType::SERVER_CERT:
+ certUri = l2tpVpnConfig_->ipsecPublicServerCertConf_;
+ break;
+ default:
+ NETMGR_EXT_LOG_E("invalid certType: %{public}d", certType);
+ break;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t L2tpVpnCtl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)
+{
+ if (state_ == IpsecVpnStateCode::STATE_CONNECTED && l2tpVpnConfig_ != nullptr) {
+ NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig success");
+ sysVpnConfig = l2tpVpnConfig_;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+} // namespace NetManagerStandard
+} // namespace OHOS
diff --git a/services/vpnmanager/src/net_vpn_impl.cpp b/services/vpnmanager/src/net_vpn_impl.cpp
index 28a26af..31f2162 100644
--- a/services/vpnmanager/src/net_vpn_impl.cpp
+++ b/services/vpnmanager/src/net_vpn_impl.cpp
@@ -29,6 +29,9 @@
#include "netmanager_base_common_utils.h"
#include "netmgr_ext_log_wrapper.h"
#include "netsys_controller.h"
+#ifdef SUPPORT_SYSVPN
+#include "sysvpn_config.h"
+#endif // SUPPORT_SYSVPN
namespace OHOS {
namespace NetManagerStandard {
@@ -89,7 +92,7 @@ int32_t NetVpnImpl::SetUp()
return NETMANAGER_EXT_ERR_INTERNAL;
}
- if (!UpdateNetLinkInfo(netConnClientIns)) {
+ if (!UpdateNetLinkInfo()) {
VpnHisysEvent::SendFaultEventConnSetting(legacy, VpnEventErrorType::ERROR_UPDATE_NETLINK_INFO_ERROR,
"update link info failed");
return NETMANAGER_EXT_ERR_INTERNAL;
@@ -105,24 +108,43 @@ int32_t NetVpnImpl::SetUp()
netId_ = *(netIdList.begin());
NETMGR_EXT_LOG_I("vpn network netid: %{public}d", netId_);
- GenerateUidRanges(userId_, beginUids_, endUids_);
-
- for (auto &elem : activeUserIds_) {
- GenerateUidRanges(elem, beginUids_, endUids_);
- }
-
+ SetAllUidRanges();
if (NetsysController::GetInstance().NetworkAddUids(netId_, beginUids_, endUids_)) {
NETMGR_EXT_LOG_E("vpn set whitelist rule error");
VpnHisysEvent::SendFaultEventConnSetting(legacy, VpnEventErrorType::ERROR_SET_APP_UID_RULE_ERROR,
"set app uid rule failed");
return NETMANAGER_EXT_ERR_INTERNAL;
}
-
+#ifdef SUPPORT_SYSVPN
+ if (!IsSystemVpn()) {
+ NotifyConnectState(VpnConnectState::VPN_CONNECTED);
+ }
+#else
NotifyConnectState(VpnConnectState::VPN_CONNECTED);
+#endif
isVpnConnecting_ = true;
return NETMANAGER_EXT_SUCCESS;
}
+void NetVpnImpl::SetAllUidRanges()
+{
+ GenerateUidRanges(userId_, beginUids_, endUids_);
+#ifdef ENABLE_VPN_FOR_USER0
+ bool hasUser0 = userId_ == 0;
+#endif
+ for (auto &elem : activeUserIds_) {
+ GenerateUidRanges(elem, beginUids_, endUids_);
+#ifdef ENABLE_VPN_FOR_USER0
+ hasUser0 = hasUser0 || elem == 0;
+#endif
+ }
+#ifdef ENABLE_VPN_FOR_USER0
+ if (!hasUser0) {
+ GenerateUidRanges(0, beginUids_, endUids_);
+ }
+#endif
+}
+
int32_t NetVpnImpl::ResumeUids()
{
if (!isVpnConnecting_) {
@@ -154,12 +176,38 @@ int32_t NetVpnImpl::Destroy()
DelNetLinkInfo(netConnClientIns);
UpdateNetSupplierInfo(netConnClientIns, false);
UnregisterNetSupplier(netConnClientIns);
-
+#ifdef SUPPORT_SYSVPN
+ if (!IsSystemVpn()) {
+ NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
+ }
+#else
NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
+#endif
isVpnConnecting_ = false;
return NETMANAGER_EXT_SUCCESS;
}
+#ifdef SUPPORT_SYSVPN
+int32_t NetVpnImpl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &vpnConfig)
+{
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t NetVpnImpl::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t NetVpnImpl::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ return NETMANAGER_EXT_SUCCESS;
+}
+bool NetVpnImpl::IsSystemVpn()
+{
+ return false;
+}
+#endif // SUPPORT_SYSVPN
+
bool NetVpnImpl::RegisterNetSupplier(NetConnClient &netConnClientIns)
{
if (netSupplierId_) {
@@ -205,7 +253,7 @@ bool NetVpnImpl::UpdateNetSupplierInfo(NetConnClient &netConnClientIns, bool isA
return true;
}
-bool NetVpnImpl::UpdateNetLinkInfo(NetConnClient &netConnClientIns)
+bool NetVpnImpl::UpdateNetLinkInfo()
{
if (vpnConfig_ == nullptr) {
NETMGR_EXT_LOG_E("vpnConfig_ is nullptr");
@@ -253,7 +301,7 @@ bool NetVpnImpl::UpdateNetLinkInfo(NetConnClient &netConnClientIns)
linkInfo->domain_.append(domain).append(" ");
}
linkInfo->mtu_ = vpnConfig_->mtu_;
- netConnClientIns.UpdateNetLinkInfo(netSupplierId_, linkInfo);
+ NetConnClient::GetInstance().UpdateNetLinkInfo(netSupplierId_, linkInfo);
return true;
}
diff --git a/services/vpnmanager/src/networkvpn_service.cpp b/services/vpnmanager/src/networkvpn_service.cpp
index e5ef2f3..d3f52a3 100644
--- a/services/vpnmanager/src/networkvpn_service.cpp
+++ b/services/vpnmanager/src/networkvpn_service.cpp
@@ -44,6 +44,9 @@
#include "networkvpn_hisysevent.h"
#include "net_datashare_utils_iface.h"
#ifdef SUPPORT_SYSVPN
+#include "ipsec_vpn_ctl.h"
+#include "l2tp_vpn_ctl.h"
+#include "open_vpn_ctl.h"
#include "vpn_data_bean.h"
#endif // SUPPORT_SYSVPN
@@ -58,12 +61,19 @@ constexpr uint32_t MAX_GET_SERVICE_COUNT = 30;
constexpr uint32_t WAIT_FOR_SERVICE_TIME_S = 1;
constexpr uint32_t AGAIN_REGISTER_CALLBACK_INTERVAL = 500;
constexpr uint32_t MAX_RETRY_TIMES = 10;
+constexpr uint32_t UID_NET_SYS_NATIVE = 1098;
constexpr const char *VPNEXT_MODE_URI =
"datashare:///com.ohos.settingsdata/entry/settingsdata/SETTINGSDATA?Proxy=true&key=vpnext_mode";
const bool REGISTER_LOCAL_RESULT_NETVPN =
SystemAbility::MakeAndRegisterAbility(&NetworkVpnService::GetInstance());
+constexpr const int INVALID_CODE = -1;
+const std::vector<std::string> ACCESS_PERMISSION {"ohos.permission.GET_NETWORK_INFO"};
+constexpr const char *const PARAM_KEY_STATE = "state";
+constexpr const char *const COMMON_EVENT_VPN_CONNECT_STATUS_VALUE =
+ "usual.event.VPN_CONNECTION_STATUS_CHANGED";
+
NetworkVpnService::NetworkVpnService() : SystemAbility(COMM_VPN_MANAGER_SYS_ABILITY_ID, true) {}
NetworkVpnService::~NetworkVpnService()
{
@@ -135,12 +145,6 @@ bool NetworkVpnService::Init()
vpnHapObserver_ = new VpnHapObserver(*this);
RegisterFactoryResetCallback();
-#ifdef SUPPORT_SYSVPN
- vpnDbHelper_ = std::make_shared<VpnDatabaseHelper>();
- if (vpnDbHelper_ == nullptr) {
- NETMGR_EXT_LOG_E("vpnDbHelper_ make_shared failed.");
- }
-#endif // SUPPORT_SYSVPN
return true;
}
@@ -161,9 +165,39 @@ void NetworkVpnService::GetDumpMessage(std::string &message)
message.append("\tend.\n");
}
+bool NetworkVpnService::PublishEvent(const OHOS::AAFwk::Want &want, int eventCode,
+ bool isOrdered, bool isSticky, const std::vector<std::string> &permissions) const
+{
+ OHOS::EventFwk::CommonEventData data;
+ data.SetWant(want);
+ if (eventCode != INVALID_CODE) {
+ data.SetCode(eventCode);
+ }
+ OHOS::EventFwk::CommonEventPublishInfo publishInfo;
+ publishInfo.SetOrdered(isOrdered);
+ // sticky tag: EventFwk would keep last event for later subscriber.
+ publishInfo.SetSticky(isSticky);
+ if (permissions.size() > 0) {
+ publishInfo.SetSubscriberPermissions(permissions);
+ }
+ bool publishResult = OHOS::EventFwk::CommonEventManager::PublishCommonEvent(data, publishInfo);
+ return publishResult;
+}
+
+void NetworkVpnService::PublishVpnConnectionStateEvent(const VpnConnectState &state) const
+{
+ OHOS::AAFwk::Want want;
+ want.SetAction(COMMON_EVENT_VPN_CONNECT_STATUS_VALUE);
+ want.SetParam(PARAM_KEY_STATE, (state == VpnConnectState::VPN_CONNECTED) ? 1 : 0);
+ if (!PublishEvent(want, INVALID_CODE, false, true, ACCESS_PERMISSION)) {
+ NETMGR_EXT_LOG_I("Publish vpn connection state fail.");
+ }
+}
+
void NetworkVpnService::VpnConnStateCb::OnVpnConnStateChanged(const VpnConnectState &state)
{
NETMGR_EXT_LOG_I("receive new vpn connect state[%{public}d].", static_cast<uint32_t>(state));
+ vpnService_.PublishVpnConnectionStateEvent(state);
if (!vpnService_.networkVpnServiceFfrtQueue_) {
NETMGR_EXT_LOG_E("FFRT Create Fail");
return;
@@ -529,12 +563,13 @@ void NetworkVpnService::SaveVpnConfig(const sptr<VpnConfig> &vpnCfg)
int32_t NetworkVpnService::SetUpVpn(const sptr<VpnConfig> &config, bool isVpnExtCall)
{
+ NETMGR_EXT_LOG_I("SetUpVpn in");
std::unique_lock<std::mutex> locker(netVpnMutex_);
std::string vpnBundleName = GetBundleName();
if (!NetManagerPermission::CheckPermission(Permission::MANAGE_VPN)) {
std::string vpnExtMode;
int32_t ret = NetDataShareHelperUtilsIface::Query(VPNEXT_MODE_URI, vpnBundleName, vpnExtMode);
- NETMGR_EXT_LOG_D("SetUpVpn ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str());
+ NETMGR_EXT_LOG_D("ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str());
if (ret != 0 || vpnExtMode != "1") {
NETMGR_EXT_LOG_E("query datebase fail.");
return NETMANAGER_EXT_ERR_PERMISSION_DENIED;
@@ -543,7 +578,7 @@ int32_t NetworkVpnService::SetUpVpn(const sptr<VpnConfig> &config, bool isVpnExt
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
- auto ret = CheckCurrentAccountType(userId, activeUserIds);
+ int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
if (NETMANAGER_EXT_SUCCESS != ret) {
return ret;
}
@@ -563,7 +598,11 @@ int32_t NetworkVpnService::SetUpVpn(const sptr<VpnConfig> &config, bool isVpnExt
NETMGR_EXT_LOG_E("SetUpVpn register internal callback fail.");
return NETMANAGER_EXT_ERR_INTERNAL;
}
+
ret = vpnObj_->SetUp();
+ if (ret == NETMANAGER_EXT_SUCCESS) {
+ hasOpenedVpnUid_ = IPCSkeleton::GetCallingUid();
+ }
if (ret == NETMANAGER_EXT_SUCCESS && !vpnBundleName.empty()) {
std::vector<std::string> list = {vpnBundleName, vpnBundleName + VPN_EXTENSION_LABEL};
auto regRet =
@@ -589,21 +628,27 @@ int32_t NetworkVpnService::Protect(bool isVpnExtCall)
int32_t NetworkVpnService::DestroyVpn(bool isVpnExtCall)
{
+ NETMGR_EXT_LOG_I("DestroyVpn in");
std::unique_lock<std::mutex> locker(netVpnMutex_);
std::string vpnBundleName = GetBundleName();
if (!NetManagerPermission::CheckPermission(Permission::MANAGE_VPN)) {
std::string vpnExtMode;
int32_t ret = NetDataShareHelperUtilsIface::Query(VPNEXT_MODE_URI, vpnBundleName, vpnExtMode);
- NETMGR_EXT_LOG_D("DestroyVpn ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str());
+ NETMGR_EXT_LOG_D("ret = [%{public}d], bundleName = [%{public}s]", ret, vpnBundleName.c_str());
if (ret != 0 || vpnExtMode != "1") {
NETMGR_EXT_LOG_E("query datebase fail.");
return NETMANAGER_EXT_ERR_PERMISSION_DENIED;
}
}
+ if (hasOpenedVpnUid_ != IPCSkeleton::GetCallingUid()) {
+ NETMGR_EXT_LOG_E("not same vpn, can't destroy");
+ return NETMANAGER_EXT_ERR_OPERATION_FAILED;
+ }
+
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
- auto ret = CheckCurrentAccountType(userId, activeUserIds);
+ int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
if (NETMANAGER_EXT_SUCCESS != ret) {
return ret;
}
@@ -622,148 +667,286 @@ int32_t NetworkVpnService::DestroyVpn(bool isVpnExtCall)
}
#ifdef SUPPORT_SYSVPN
+int32_t NetworkVpnService::SetUpVpn(const sptr<SysVpnConfig> &config)
+{
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("config is null.");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
+ std::vector<int32_t> activeUserIds;
+ int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed");
+ return ret;
+ }
+
+ std::unique_lock<std::mutex> locker(netVpnMutex_);
+ if (vpnObj_ != nullptr) {
+ if (vpnObj_->GetUserId() == userId) {
+ NETMGR_EXT_LOG_W("vpn exist already, please execute destory first");
+ } else {
+ NETMGR_EXT_LOG_W("vpn using by other user");
+ }
+ return NETWORKVPN_ERROR_VPN_EXIST;
+ }
+ vpnObj_ = CreateSysVpnCtl(config, userId, activeUserIds);
+ if (!vpnConnCallback_) {
+ vpnConnCallback_ = std::make_shared<VpnConnStateCb>(*this);
+ }
+ if (vpnObj_ == nullptr || vpnObj_->RegisterConnectStateChangedCb(vpnConnCallback_) != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("SetUpVpn register internal callback failed");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ NETMGR_EXT_LOG_I("SystemVpn SetUp");
+ ret = vpnObj_->SetUp();
+ if (ret == NETMANAGER_EXT_SUCCESS) {
+ hasOpenedVpnUid_ = IPCSkeleton::GetCallingUid();
+ }
+ return ret;
+}
+
+std::shared_ptr<NetVpnImpl> NetworkVpnService::CreateSysVpnCtl(
+ const sptr<SysVpnConfig> &config, int32_t userId, std::vector<int32_t> &activeUserIds)
+{
+ sptr<VpnDataBean> vpnBean = new (std::nothrow) VpnDataBean();
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("vpnBean is nullptr");
+ return nullptr;
+ }
+ int32_t result = QueryVpnData(config, vpnBean);
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("query vpn data failed");
+ return nullptr;
+ }
+ std::shared_ptr<IpsecVpnCtl> sysVpnCtl = nullptr;
+ switch (vpnBean->vpnType_) {
+ case VpnType::IKEV2_IPSEC_MSCHAPv2:
+ case VpnType::IKEV2_IPSEC_PSK:
+ case VpnType::IKEV2_IPSEC_RSA:
+ case VpnType::IPSEC_XAUTH_PSK:
+ case VpnType::IPSEC_XAUTH_RSA:
+ case VpnType::IPSEC_HYBRID_RSA: {
+ sysVpnCtl = CreateIpsecVpnCtl(vpnBean, userId, activeUserIds);
+ break;
+ }
+ case VpnType::L2TP_IPSEC_PSK:
+ case VpnType::L2TP_IPSEC_RSA: {
+ sysVpnCtl = CreateL2tpCtl(vpnBean, userId, activeUserIds);
+ break;
+ }
+ case VpnType::OPENVPN: {
+ return CreateOpenvpnCtl(vpnBean, userId, activeUserIds);
+ }
+ default:
+ NETMGR_EXT_LOG_E("vpn type is invalid, %{public}d", vpnBean->vpnType_);
+ break;
+ }
+ return sysVpnCtl;
+}
+
+std::shared_ptr<IpsecVpnCtl> NetworkVpnService::CreateL2tpCtl(sptr<VpnDataBean> vpnBean, int32_t userId,
+ std::vector<int32_t> &activeUserIds)
+{
+ sptr<L2tpVpnConfig> l2tpVpnConfig = VpnDataBean::ConvertVpnBeanToL2tpVpnConfig(vpnBean);
+ if (l2tpVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToL2tpVpnConfig failed");
+ return nullptr;
+ }
+ std::shared_ptr<IpsecVpnCtl> sysVpnCtl = std::make_shared<L2tpVpnCtl>(l2tpVpnConfig, "", userId, activeUserIds);
+ if (sysVpnCtl != nullptr) {
+ sysVpnCtl->l2tpVpnConfig_ = l2tpVpnConfig;
+ }
+ return sysVpnCtl;
+}
+
+int32_t NetworkVpnService::QueryVpnData(const sptr<SysVpnConfig> config, sptr<VpnDataBean> &vpnBean)
+{
+ if (config == nullptr) {
+ NETMGR_EXT_LOG_E("QueryVpnData failed, param is null");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("vpnBean is nullptr");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ int32_t result = VpnDatabaseHelper::GetInstance().QueryVpnData(vpnBean, config->vpnId_);
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("query vpn data failed");
+ }
+ return result;
+}
+
+std::shared_ptr<NetVpnImpl> NetworkVpnService::CreateOpenvpnCtl(sptr<VpnDataBean> vpnBean,
+ int32_t userId, std::vector<int32_t> &activeUserIds)
+{
+ sptr<OpenvpnConfig> openVpnConfig = VpnDataBean::ConvertVpnBeanToOpenvpnConfig(vpnBean);
+ if (openVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToOpenvpnConfig failed");
+ return nullptr;
+ }
+ std::shared_ptr<OpenvpnCtl> openVpnCtl =
+ std::make_shared<OpenvpnCtl>(openVpnConfig, "", userId, activeUserIds);
+ if (openVpnCtl != nullptr) {
+ openVpnCtl->openvpnConfig_ = openVpnConfig;
+ }
+ return openVpnCtl;
+}
+
+std::shared_ptr<IpsecVpnCtl> NetworkVpnService::CreateIpsecVpnCtl(sptr<VpnDataBean> vpnBean,
+ int32_t userId, std::vector<int32_t> &activeUserIds)
+{
+ sptr<IpsecVpnConfig> ipsecVpnConfig = VpnDataBean::ConvertVpnBeanToIpsecVpnConfig(vpnBean);
+ if (ipsecVpnConfig == nullptr) {
+ NETMGR_EXT_LOG_E("ConvertVpnBeanToIpsecVpnConfig failed");
+ return nullptr;
+ }
+ std::shared_ptr<IpsecVpnCtl> sysVpnCtl = std::make_shared<IpsecVpnCtl>(ipsecVpnConfig, "", userId, activeUserIds);
+ if (sysVpnCtl != nullptr) {
+ sysVpnCtl->ipsecVpnConfig_ = ipsecVpnConfig;
+ }
+ return sysVpnCtl;
+}
+
int32_t NetworkVpnService::AddSysVpnConfig(sptr<SysVpnConfig> &config)
{
if (config == nullptr) {
NETMGR_EXT_LOG_E("config is null");
return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
}
- std::unique_lock<std::mutex> locker(netVpnMutex_);
+
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
- if (NETMANAGER_EXT_SUCCESS != ret) {
- NETMGR_EXT_LOG_E("sysvpn service AddSysVpnConfig failed!");
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!");
return ret;
}
- if (!NetManagerPermission::IsSystemCaller()) {
- NETMGR_EXT_LOG_E("sysvpn api Caller not have sys permission");
- return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
- }
- NETMGR_EXT_LOG_I("sysvpn service AddSysVpnConfig id=%{public}s name=%{public}s type=%{public}d",
+ NETMGR_EXT_LOG_I("AddSysVpnConfig id=%{public}s name=%{public}s type=%{public}d",
config->vpnId_.c_str(), config->vpnName_.c_str(), config->vpnType_);
-
config->userId_ = userId;
+
sptr<VpnDataBean> vpnBean = VpnDataBean::ConvertSysVpnConfigToVpnBean(config);
- if (vpnDbHelper_ == nullptr || vpnBean == nullptr) {
- NETMGR_EXT_LOG_E("AddSysVpnConfig failed, vpnDbHelper_ or vpnBean is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("vpnBean is nullptr");
+ return NETMANAGER_EXT_ERR_INTERNAL;
}
- return vpnDbHelper_->InsertOrUpdateData(vpnBean);
+ return VpnDatabaseHelper::GetInstance().InsertOrUpdateData(vpnBean);
}
-int32_t NetworkVpnService::DeleteSysVpnConfig(std::string &vpnId)
+int32_t NetworkVpnService::DeleteSysVpnConfig(const std::string &vpnId)
{
if (vpnId.empty()) {
- NETMGR_EXT_LOG_E("DeleteSysVpnConfig vpnId is null");
+ NETMGR_EXT_LOG_E("vpnId is empty");
return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
}
- std::unique_lock<std::mutex> locker(netVpnMutex_);
+
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
- if (NETMANAGER_EXT_SUCCESS != ret) {
- NETMGR_EXT_LOG_E("sysvpn service DeleteSysVpnConfig failed!");
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed");
return ret;
}
- if (!NetManagerPermission::IsSystemCaller()) {
- NETMGR_EXT_LOG_E("sysvpn api Caller not have sys permission");
- return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
- }
- NETMGR_EXT_LOG_I("sysvpn service DeleteSysVpnConfig %{public}s", vpnId.c_str());
- if (vpnDbHelper_ == nullptr) {
- NETMGR_EXT_LOG_E("AddSysVpnConfig vpnDbHelper is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
- }
- int32_t result = vpnDbHelper_->DeleteVpnData(vpnId);
- if (NETMANAGER_EXT_SUCCESS != result) {
- NETMGR_EXT_LOG_I("DeleteSystemVpn failed, code = %{public}d", result);
- }
- return result;
+ NETMGR_EXT_LOG_I("DeleteSysVpnConfig id=%{public}s", vpnId.c_str());
+ return VpnDatabaseHelper::GetInstance().DeleteVpnData(vpnId);
}
int32_t NetworkVpnService::GetSysVpnConfigList(std::vector<SysVpnConfig> &vpnList)
{
- std::unique_lock<std::mutex> locker(netVpnMutex_);
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
- if (NETMANAGER_EXT_SUCCESS != ret) {
- NETMGR_EXT_LOG_E("sysvpn service GetSysVpnConfigList failed!");
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed");
return ret;
}
- if (!NetManagerPermission::IsSystemCaller()) {
- NETMGR_EXT_LOG_E("sysvpn api Caller not have sys permission");
- return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
- }
-
- NETMGR_EXT_LOG_I("sysvpn service GetSysVpnConfigList");
- if (vpnDbHelper_ == nullptr) {
- NETMGR_EXT_LOG_E("GetSysVpnConfigList vpnDbHelper is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
- }
- int32_t result = vpnDbHelper_->QueryAllData(vpnList, userId);
- if (NETMANAGER_EXT_SUCCESS != result) {
- NETMGR_EXT_LOG_I("GetSystemVpnList QueryAllData failed, code = %{public}d", result);
- }
- return result;
+ NETMGR_EXT_LOG_I("SystemVpn GetSysVpnConfigList");
+ return VpnDatabaseHelper::GetInstance().QueryAllData(vpnList, userId);
}
-int32_t NetworkVpnService::GetSysVpnConfig(sptr<SysVpnConfig> &config, std::string &vpnId)
+int32_t NetworkVpnService::GetSysVpnConfig(sptr<SysVpnConfig> &config, const std::string &vpnId)
{
if (vpnId.empty()) {
- NETMGR_EXT_LOG_E("vpnId is null");
+ NETMGR_EXT_LOG_E("vpnId is empty");
return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
}
- std::unique_lock<std::mutex> locker(netVpnMutex_);
+
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
- if (NETMANAGER_EXT_SUCCESS != ret) {
- NETMGR_EXT_LOG_E("sysvpn service GetSysVpnConfig failed!");
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!");
return ret;
}
- if (!NetManagerPermission::IsSystemCaller()) {
- NETMGR_EXT_LOG_E("sysvpn api Caller not have sys permission");
- return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
- }
- NETMGR_EXT_LOG_I("sysvpn service GetSysVpnConfig id=%{public}s", vpnId.c_str());
+ NETMGR_EXT_LOG_I("GetSysVpnConfig id=%{public}s", vpnId.c_str());
sptr<VpnDataBean> vpnBean = new (std::nothrow) VpnDataBean();
- if (vpnDbHelper_ == nullptr || vpnBean == nullptr) {
- NETMGR_EXT_LOG_E("GetSysVpnConfig failed, vpnDbHelper or vpnBean is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("vpnBean is nullptr");
+ return NETMANAGER_EXT_ERR_INTERNAL;
}
- int32_t result = vpnDbHelper_->QueryVpnData(vpnBean, vpnId);
- if (NETMANAGER_EXT_SUCCESS != result) {
- NETMGR_EXT_LOG_I("GetSysVpnConfig failed, code = %{public}d", result);
+ int32_t result = VpnDatabaseHelper::GetInstance().QueryVpnData(vpnBean, vpnId);
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("QueryVpnData failed, result = %{public}d", result);
+ return result;
}
config = VpnDataBean::ConvertVpnBeanToSysVpnConfig(vpnBean);
- return result;
+ return NETMANAGER_EXT_SUCCESS;
}
int32_t NetworkVpnService::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &config)
{
- std::unique_lock<std::mutex> locker(netVpnMutex_);
int32_t userId = AppExecFwk::Constants::UNSPECIFIED_USERID;
std::vector<int32_t> activeUserIds;
int32_t ret = CheckCurrentAccountType(userId, activeUserIds);
- if (NETMANAGER_EXT_SUCCESS != ret) {
- NETMGR_EXT_LOG_E("sysvpn service GetConnectedSysVpnConfig failed!");
+ if (ret != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("CheckCurrentAccountType failed!");
return ret;
}
- if (!NetManagerPermission::IsSystemCaller()) {
- NETMGR_EXT_LOG_E("sysvpn api Caller not have sys permission");
- return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
- }
+ std::unique_lock<std::mutex> locker(netVpnMutex_);
if (vpnObj_ == nullptr) {
NETMGR_EXT_LOG_I("GetConnectedSysVpnConfig is null. maybe not setup yet");
return NETMANAGER_EXT_SUCCESS;
}
- return NETMANAGER_EXT_SUCCESS;
+ NETMGR_EXT_LOG_I("SystemVpn GetConnectedSysVpnConfig");
+ return vpnObj_->GetConnectedSysVpnConfig(config);
+}
+
+int32_t NetworkVpnService::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ uint32_t callingUid = static_cast<uint32_t>(IPCSkeleton::GetCallingUid());
+ if (callingUid != UID_NET_SYS_NATIVE) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage failed, invalid callingUid");
+ return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
+ }
+
+ std::unique_lock<std::mutex> locker(netVpnMutex_);
+ if (vpnObj_ == nullptr) {
+ NETMGR_EXT_LOG_E("NotifyConnectStage failed, vpnObj_ is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ NETMGR_EXT_LOG_I("NotifyConnectStage state: %{public}s result: %{public}d",
+ stage.c_str(), result);
+ return vpnObj_->NotifyConnectStage(stage, result);
+}
+
+int32_t NetworkVpnService::GetSysVpnCertUri(const int32_t certType, std::string &certUri)
+{
+ uint32_t callingUid = static_cast<uint32_t>(IPCSkeleton::GetCallingUid());
+ if (callingUid != UID_NET_SYS_NATIVE) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri failed, invalid callingUid");
+ return NETMANAGER_EXT_ERR_NOT_SYSTEM_CALL;
+ }
+ std::unique_lock<std::mutex> locker(netVpnMutex_);
+ if (vpnObj_ == nullptr) {
+ NETMGR_EXT_LOG_E("GetSysVpnCertUri failed, vpnObj_ is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ return vpnObj_->GetSysVpnCertUri(certType, certUri);
}
#endif // SUPPORT_SYSVPN
@@ -1196,7 +1379,11 @@ void NetworkVpnService::OnRemoteDied(const wptr<IRemoteObject> &remoteObject)
}
sptr<IVpnEventCallback> callback = iface_cast<IVpnEventCallback>(diedRemoted);
UnregisterVpnEvent(callback);
- DestroyVpn();
+ if (vpnObj_ != nullptr && vpnObj_->Destroy() != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("destroy vpn is failed");
+ return;
+ }
+ vpnObj_ = nullptr;
}
void NetworkVpnService::AddClientDeathRecipient(const sptr<IVpnEventCallback> &callback)
diff --git a/services/vpnmanager/src/open_vpn_ctl.cpp b/services/vpnmanager/src/open_vpn_ctl.cpp
new file mode 100755
index 0000000..7a74027
--- /dev/null
+++ b/services/vpnmanager/src/open_vpn_ctl.cpp
@@ -0,0 +1,257 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "open_vpn_ctl.h"
+
+#include <fstream>
+
+#include "base64_utils.h"
+#include "netmanager_base_common_utils.h"
+#include "netmgr_ext_log_wrapper.h"
+
+namespace OHOS {
+namespace NetManagerStandard {
+
+OpenvpnCtl::OpenvpnCtl(sptr<VpnConfig> config, const std::string &pkg, int32_t userId,
+ std::vector<int32_t> &activeUserIds) : NetVpnImpl(config, pkg, userId, activeUserIds)
+{
+}
+
+int32_t OpenvpnCtl::SetUp()
+{
+ UpdateOpenvpnState(OPENVPN_STATE_SETUP);
+ return StartOpenvpn();
+}
+
+int32_t OpenvpnCtl::StartOpenvpn()
+{
+ if (openvpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("StartOpenvpn openvpnConfig_ is null");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ UpdateOpenvpnState(OPENVPN_STATE_STARTED);
+ if (!std::filesystem::exists(VPN_PIDDIR) || !std::filesystem::is_directory(VPN_PIDDIR)) {
+ NETMGR_EXT_LOG_E("StartOpenvpn config dir check error.");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ std::string cfg = Base64::Decode(openvpnConfig_->ovpnConfig_);
+ std::ofstream ofs(OPENVPN_CONFIG_FILE, std::ios::out | std::ios::trunc);
+ if (!ofs.is_open()) {
+ NETMGR_EXT_LOG_E("StartOpenvpn config file open failed");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ ofs << cfg;
+ if (!openvpnConfig_->askpass_.empty()) {
+ std::ofstream askpassOfs(OPENVPN_ASKPASS_FILE, std::ios::out | std::ios::trunc);
+ if (!askpassOfs.is_open()) {
+ NETMGR_EXT_LOG_E("StartOpenvpn askpass file open failed");
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ askpassOfs << openvpnConfig_->askpass_ << std::endl;
+ ofs << OPENVPN_ASKPASS_PARAM << std::endl;
+ }
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_OPENVPN_RESTART);
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+int32_t OpenvpnCtl::NotifyConnectStage(const std::string &stage, const int32_t &result)
+{
+ if (stage.empty()) {
+ NETMGR_EXT_LOG_E("stage is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_E("vpn stage failed, result: %{public}d", result);
+ return NETMANAGER_EXT_ERR_INTERNAL;
+ }
+ return HandleClientMessage(stage);
+}
+
+int32_t OpenvpnCtl::SetUpVpnTun()
+{
+ int result = NetVpnImpl::SetUp();
+ if (result != NETMANAGER_EXT_SUCCESS) {
+ NETMGR_EXT_LOG_W("openvpn SetUp failed");
+ StopOpenvpn();
+ UpdateOpenvpnState(OPENVPN_STATE_DISCONNECTED);
+ }
+ NETMGR_EXT_LOG_I("openvpn SetUp %{public}d", result);
+ return result;
+}
+
+int32_t OpenvpnCtl::HandleClientMessage(const std::string &msg)
+{
+ int result = NETMANAGER_EXT_SUCCESS;
+ if (msg.empty()) {
+ NETMGR_EXT_LOG_E("msg is empty");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ NETMGR_EXT_LOG_I("Process Request message: %{public}s", MaskOpenvpnMessage(msg).c_str());
+ if (strstr(msg.c_str(), OPENVPN_NODE_ROOT) != 0) {
+ const char *ret = strstr(msg.c_str(), "{");
+ if (ret == nullptr) {
+ NETMGR_EXT_LOG_E("client message format error");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ cJSON* message = cJSON_Parse(ret);
+ if (message == nullptr) {
+ NETMGR_EXT_LOG_E("not json string");
+ return NETMANAGER_EXT_ERR_PARAMETER_ERROR;
+ }
+ // is config message
+ cJSON* config = cJSON_GetObjectItem(message, OPENVPN_NODE_CONFIG);
+ if (config != nullptr && cJSON_IsObject(config)) {
+ UpdateConfig(config);
+ }
+ // is state message
+ cJSON* state = cJSON_GetObjectItem(message, OPENVPN_NODE_UPDATE_STATE);
+ if (state != nullptr && cJSON_IsObject(state)) {
+ UpdateState(state);
+ }
+ // is setup message
+ cJSON* vpnSetUp = cJSON_GetObjectItem(message, OPENVPN_NODE_SETUP_VPN_TUN);
+ if (vpnSetUp != nullptr && cJSON_IsObject(vpnSetUp)) {
+ result = SetUpVpnTun();
+ }
+ cJSON_Delete(message);
+ }
+ return result;
+}
+
+void OpenvpnCtl::UpdateState(cJSON* state)
+{
+ cJSON* updateState = cJSON_GetObjectItem(state, OPENVPN_NODE_STATE);
+ if (updateState != nullptr && cJSON_IsNumber(updateState)) {
+ int32_t openVpnState = static_cast<int32_t>(cJSON_GetNumberValue(updateState));
+ UpdateOpenvpnState(openVpnState);
+ if (openVpnState == OPENVPN_STATE_DISCONNECTED || openVpnState >= OPENVPN_STATE_ERROR_PRIVATE_KEY) {
+ NETMGR_EXT_LOG_I("UpdatesState: %{public}d", openVpnState);
+ StopOpenvpn();
+ }
+ }
+}
+
+void OpenvpnCtl::UpdateConfig(cJSON *jConfig)
+{
+ if (vpnConfig_ == nullptr) {
+ NETMGR_EXT_LOG_E("UpdateConfig vpnConfig_ is null");
+ return;
+ }
+ cJSON *mtu = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_MTU);
+ if (mtu != nullptr && cJSON_IsNumber(mtu)) {
+ int32_t openVpnMtu = static_cast<int32_t>(cJSON_GetNumberValue(mtu));
+ vpnConfig_->mtu_ = openVpnMtu;
+ NETMGR_EXT_LOG_I("UpdateConfig mtu %{public}d", openVpnMtu);
+ }
+ INetAddr iNetAddr;
+ INetAddr destination;
+ INetAddr gateway;
+ Route iRoute;
+ cJSON *address = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_ADDRESS);
+ if (address != nullptr && cJSON_IsString(address)) {
+ std::string openVpnAddress = cJSON_GetStringValue(address);
+ iNetAddr.address_ = openVpnAddress;
+ gateway.address_ = openVpnAddress;
+ destination.address_ = openVpnAddress;
+ }
+ cJSON *netmask = cJSON_GetObjectItem(jConfig, OPENVPN_NODE_NETMASK);
+ if (netmask != nullptr && cJSON_IsString(netmask)) {
+ std::string openVpnNetmask = cJSON_GetStringValue(netmask);
+ iNetAddr.netMask_ = openVpnNetmask;
+ destination.prefixlen_ = CommonUtils::GetMaskLength(openVpnNetmask);
+ NETMGR_EXT_LOG_I("UpdateConfig prefixlen %{public}d", destination.prefixlen_);
+ }
+ vpnConfig_->addresses_.emplace_back(iNetAddr);
+
+ iRoute.iface_ = TUN_CARD_NAME;
+ iRoute.isDefaultRoute_ = true;
+ iRoute.destination_ = destination;
+ iRoute.gateway_ = gateway;
+ vpnConfig_->routes_.emplace_back(iRoute);
+}
+
+void OpenvpnCtl::UpdateOpenvpnState(const int32_t state)
+{
+ switch (state) {
+ case OPENVPN_STATE_CONNECTED:
+ NotifyConnectState(VpnConnectState::VPN_CONNECTED);
+ break;
+ case OPENVPN_STATE_DISCONNECTED:
+ case OPENVPN_STATE_ERROR_PRIVATE_KEY:
+ case OPENVPN_STATE_ERROR_CLIENT_CRT:
+ case OPENVPN_STATE_ERROR_CA_CAT:
+ case OPENVPN_STATE_ERROR_TIME_OUT:
+ NotifyConnectState(VpnConnectState::VPN_DISCONNECTED);
+ break;
+ default:
+ NETMGR_EXT_LOG_E("unknown openvpn state: %{public}d", state);
+ break;
+ }
+ openvpnState_ = state;
+}
+
+bool OpenvpnCtl::IsSystemVpn()
+{
+ return true;
+}
+
+int32_t OpenvpnCtl::Destroy()
+{
+ StopOpenvpn();
+ int result = NetVpnImpl::Destroy();
+ NETMGR_EXT_LOG_I("openvpn Destroy result %{public}d}", result);
+ return result;
+}
+
+void OpenvpnCtl::StopOpenvpn()
+{
+ NetsysController::GetInstance().ProcessVpnStage(SysVpnStageCode::VPN_STAGE_OPENVPN_STOP);
+ UpdateOpenvpnState(OPENVPN_STATE_DISCONNECTED);
+}
+
+int32_t OpenvpnCtl::GetConnectedSysVpnConfig(sptr<SysVpnConfig> &sysVpnConfig)
+{
+ if (openvpnState_ == OPENVPN_STATE_CONNECTED && openvpnConfig_ != nullptr) {
+ sysVpnConfig = openvpnConfig_;
+ }
+ return NETMANAGER_EXT_SUCCESS;
+}
+
+bool OpenvpnCtl::IsInternalVpn()
+{
+ return true;
+}
+
+std::string OpenvpnCtl::MaskOpenvpnMessage(const std::string &msg)
+{
+ if (msg.empty()) {
+ NETMGR_EXT_LOG_E("msg is empty");
+ return "";
+ }
+ std::string result = msg;
+ size_t addressPos = result.find(OPENVPN_NODE_CONFIG);
+ if (addressPos != std::string::npos) {
+ size_t pos = addressPos + strlen(OPENVPN_NODE_CONFIG);
+ size_t replaceLen = result.size() - pos;
+ if (replaceLen > 0) {
+ result.replace(pos, replaceLen, OPENVPN_MASK_TAG);
+ }
+ return result;
+ }
+
+ return msg;
+}
+} // namespace NetManagerStandard
+} // namespace OHOS
\ No newline at end of file
diff --git a/services/vpnmanager/src/vpn_database_helper.cpp b/services/vpnmanager/src/vpn_database_helper.cpp
index bf944f6..87168d6 100755
--- a/services/vpnmanager/src/vpn_database_helper.cpp
+++ b/services/vpnmanager/src/vpn_database_helper.cpp
@@ -26,36 +26,32 @@
namespace OHOS {
namespace NetManagerStandard {
using namespace VpnDatabaseDefines;
-namespace {
-bool CheckFilePath(const std::string &fileName)
+
+VpnDatabaseHelper &VpnDatabaseHelper::GetInstance()
{
- char tmpPath[PATH_MAX] = {0};
- const auto pos = fileName.find_last_of('/');
- const auto dir = fileName.substr(0, pos);
- if (!realpath(dir.c_str(), tmpPath)) {
- NETMGR_EXT_LOG_E("Get realPath failed error");
- return false;
- }
- if (strcmp(tmpPath, dir.c_str()) != 0) {
- NETMGR_EXT_LOG_E("file name is illegal fileName");
- return false;
- }
- return true;
+ static VpnDatabaseHelper instance;
+ return instance;
}
-} // namespace
VpnDatabaseHelper::VpnDatabaseHelper()
{
- if (!CheckFilePath(VPN_DATABASE_PATH)) {
- return;
+ if (!std::filesystem::exists(VPN_DATABASE_PATH)) {
+ std::error_code ec;
+ if (std::filesystem::create_directories(VPN_DATABASE_PATH, ec)) {
+ NETMGR_EXT_LOG_D("create_directories success :%{public}s", VPN_DATABASE_PATH.c_str());
+ } else {
+ NETMGR_EXT_LOG_E("create_directories error :%{public}s : %s", VPN_DATABASE_PATH.c_str(),
+ ec.message().c_str());
+ }
}
+ std::string vpnDatabaseName = VPN_DATABASE_PATH + VPN_DB_NAME;
int32_t errCode = OHOS::NativeRdb::E_OK;
- OHOS::NativeRdb::RdbStoreConfig config(VPN_DATABASE_PATH);
+ OHOS::NativeRdb::RdbStoreConfig config(vpnDatabaseName);
config.SetSecurityLevel(NativeRdb::SecurityLevel::S1);
VpnDataBaseCallBack sqliteOpenHelperCallback;
store_ = OHOS::NativeRdb::RdbHelper::GetRdbStore(config, DATABASE_OPEN_VERSION, sqliteOpenHelperCallback, errCode);
- if (errCode != OHOS::NativeRdb::E_OK) {
- NETMGR_EXT_LOG_E("GetRdbStore errCode :%{public}d", errCode);
+ if (errCode != OHOS::NativeRdb::E_OK && errCode != OHOS::NativeRdb::E_SQLITE_CORRUPT) {
+ NETMGR_EXT_LOG_E("GetRdbStore failed. errCode :%{public}d", errCode);
} else {
NETMGR_EXT_LOG_I("GetRdbStore success");
}
@@ -86,38 +82,43 @@ int32_t VpnDataBaseCallBack::OnDowngrade(OHOS::NativeRdb::RdbStore &store, int32
return NETMANAGER_EXT_SUCCESS;
}
-
int32_t VpnDatabaseHelper::InsertOrUpdateData(const sptr<VpnDataBean> &vpnBean)
{
if (vpnBean == nullptr) {
NETMGR_EXT_LOG_E("InsertOrUpdateData vpnBean is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
}
+
if (IsVpnInfoExists(vpnBean->vpnId_)) {
return UpdateData(vpnBean);
}
return InsertData(vpnBean);
}
-
-bool VpnDatabaseHelper::IsVpnInfoExists(std::string &vpnId)
+bool VpnDatabaseHelper::IsVpnInfoExists(const std::string &vpnId)
{
+ if (vpnId.empty()) {
+ NETMGR_EXT_LOG_E("IsVpnInfoExists vpnId is empty");
+ return false;
+ }
if (store_ == nullptr) {
NETMGR_EXT_LOG_E("IsVpnInfoExists store_ is nullptr");
return false;
}
+
std::vector<std::string> columns;
- OHOS::NativeRdb::RdbPredicates rdbPredicate { VPN_CONFIG_TABLE };
+ OHOS::NativeRdb::RdbPredicates rdbPredicate{ VPN_CONFIG_TABLE };
rdbPredicate.EqualTo(VPN_ID, vpnId);
auto queryResultSet = store_->Query(rdbPredicate, columns);
if (queryResultSet == nullptr) {
NETMGR_EXT_LOG_E("Query error");
return false;
}
+
int32_t rowCount = 0;
- int ret = queryResultSet->GetRowCount(rowCount);
+ int32_t ret = queryResultSet->GetRowCount(rowCount);
if (ret != OHOS::NativeRdb::E_OK) {
- NETMGR_EXT_LOG_E("query setting failed, get row count failed, ret:%{public}d", ret);
+ NETMGR_EXT_LOG_E("get row count failed, ret:%{public}d", ret);
return false;
}
return rowCount == 1;
@@ -126,7 +127,7 @@ bool VpnDatabaseHelper::IsVpnInfoExists(std::string &vpnId)
void VpnDatabaseHelper::BindVpnData(NativeRdb::ValuesBucket &values, const sptr<VpnDataBean> &info)
{
if (info == nullptr) {
- NETMGR_EXT_LOG_E("BindVpnData params is nullptr");
+ NETMGR_EXT_LOG_E("BindVpnData info is nullptr");
return;
}
values.PutString(VPN_ID, info->vpnId_);
@@ -142,15 +143,15 @@ void VpnDatabaseHelper::BindVpnData(NativeRdb::ValuesBucket &values, const sptr<
values.PutString(VPN_DNS_ADDRESSES, info->dnsAddresses_);
values.PutString(VPN_SEARCH_DOMAINS, info->searchDomains_);
- values.PutString(OPEN_VPN_PORT, info->ovpnPort_);
- values.PutInt(OPEN_VPN_PROTOCOL, info->ovpnProtocol_);
- values.PutString(OPEN_VPN_CFG, info->ovpnConfig_);
- values.PutInt(OPEN_VPN_AUTH_TYPE, info->ovpnAuthType_);
- values.PutString(OPEN_VPN_ASKPASS, info->askpass_);
- values.PutString(OPEN_VPN_CFG_FILE_PATH, info->ovpnConfigFilePath_);
- values.PutString(OPEN_VPN_CA_CERT_FILE_PATH, info->ovpnCaCertFilePath_);
- values.PutString(OPEN_VPN_USER_CERT_FILE_PATH, info->ovpnUserCertFilePath_);
- values.PutString(OPEN_VPN_PRIVATE_KEY_FILE_PATH, info->ovpnPrivateKeyFilePath_);
+ values.PutString(OPENVPN_PORT, info->ovpnPort_);
+ values.PutInt(OPENVPN_PROTOCOL, info->ovpnProtocol_);
+ values.PutString(OPENVPN_CFG, info->ovpnConfig_);
+ values.PutInt(OPENVPN_AUTH_TYPE, info->ovpnAuthType_);
+ values.PutString(OPENVPN_ASKPASS, info->askpass_);
+ values.PutString(OPENVPN_CFG_FILE_PATH, info->ovpnConfigFilePath_);
+ values.PutString(OPENVPN_CA_CERT_FILE_PATH, info->ovpnCaCertFilePath_);
+ values.PutString(OPENVPN_USER_CERT_FILE_PATH, info->ovpnUserCertFilePath_);
+ values.PutString(OPENVPN_PRIVATE_KEY_FILE_PATH, info->ovpnPrivateKeyFilePath_);
values.PutString(IPSEC_PRE_SHARE_KEY, info->ipsecPreSharedKey_);
values.PutString(IPSEC_IDENTIFIER, info->ipsecIdentifier_);
@@ -176,14 +177,15 @@ void VpnDatabaseHelper::BindVpnData(NativeRdb::ValuesBucket &values, const sptr<
int32_t VpnDatabaseHelper::InsertData(const sptr<VpnDataBean> &vpnBean)
{
NETMGR_EXT_LOG_I("InsertData");
+ if (vpnBean == nullptr) {
+ NETMGR_EXT_LOG_E("InsertData vpnBean is nullptr");
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
+ }
if (store_ == nullptr) {
NETMGR_EXT_LOG_E("InsertData store_ is nullptr");
return NETMANAGER_EXT_ERR_OPERATION_FAILED;
}
- if (vpnBean == nullptr) {
- NETMGR_EXT_LOG_E("UpdateData vpnBean is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
- }
+
NativeRdb::ValuesBucket values;
BindVpnData(values, vpnBean);
int64_t rowId = 0;
@@ -203,10 +205,10 @@ int32_t VpnDatabaseHelper::UpdateData(const sptr<VpnDataBean> &vpnBean)
}
if (vpnBean == nullptr) {
NETMGR_EXT_LOG_E("UpdateData vpnBean is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
}
NETMGR_EXT_LOG_I("UpdateData");
- OHOS::NativeRdb::RdbPredicates rdbPredicate { VPN_CONFIG_TABLE };
+ OHOS::NativeRdb::RdbPredicates rdbPredicate{ VPN_CONFIG_TABLE };
rdbPredicate.EqualTo(VPN_ID, vpnBean->vpnId_);
NativeRdb::ValuesBucket values;
BindVpnData(values, vpnBean);
@@ -222,10 +224,6 @@ int32_t VpnDatabaseHelper::UpdateData(const sptr<VpnDataBean> &vpnBean)
void VpnDatabaseHelper::GetVpnDataFromResultSet(const std::shared_ptr<OHOS::NativeRdb::ResultSet> &queryResultSet,
sptr<VpnDataBean> &vpnBean)
{
- if (vpnBean == nullptr || queryResultSet == nullptr) {
- NETMGR_EXT_LOG_E("GetVpnDataFromResultSet params is nullptr");
- return;
- }
queryResultSet->GetString(INDEX_VPN_ID, vpnBean->vpnId_);
queryResultSet->GetString(INDEX_VPN_NAME, vpnBean->vpnName_);
queryResultSet->GetInt(INDEX_VPN_TYPE, vpnBean->vpnType_);
@@ -238,15 +236,15 @@ void VpnDatabaseHelper::GetVpnDataFromResultSet(const std::shared_ptr<OHOS::Nati
queryResultSet->GetString(INDEX_VPN_FORWARDED_ROUTES, vpnBean->forwardingRoutes_);
queryResultSet->GetString(INDEX_VPN_DNS_ADDRESSES, vpnBean->dnsAddresses_);
queryResultSet->GetString(INDEX_VPN_SEARCH_DOMAINS, vpnBean->searchDomains_);
- queryResultSet->GetString(INDEX_OPEN_VPN_PORT, vpnBean->ovpnPort_);
- queryResultSet->GetInt(INDEX_OPEN_VPN_PROTOCOL, vpnBean->ovpnProtocol_);
- queryResultSet->GetString(INDEX_OPEN_VPN_CFG, vpnBean->ovpnConfig_);
- queryResultSet->GetInt(INDEX_OPEN_VPN_AUTH_TYPE, vpnBean->ovpnAuthType_);
- queryResultSet->GetString(INDEX_OPEN_VPN_ASKPASS, vpnBean->askpass_);
- queryResultSet->GetString(INDEX_OPEN_VPN_CFG_FILE_PATH, vpnBean->ovpnConfigFilePath_);
- queryResultSet->GetString(INDEX_OPEN_VPN_CA_CERT_FILE_PATH, vpnBean->ovpnCaCertFilePath_);
- queryResultSet->GetString(INDEX_OPEN_VPN_USER_CERT_FILE_PATH, vpnBean->ovpnUserCertFilePath_);
- queryResultSet->GetString(INDEX_OPEN_VPN_PRIVATE_KEY_FILE_PATH, vpnBean->ovpnPrivateKeyFilePath_);
+ queryResultSet->GetString(INDEX_OPENVPN_PORT, vpnBean->ovpnPort_);
+ queryResultSet->GetInt(INDEX_OPENVPN_PROTOCOL, vpnBean->ovpnProtocol_);
+ queryResultSet->GetString(INDEX_OPENVPN_CFG, vpnBean->ovpnConfig_);
+ queryResultSet->GetInt(INDEX_OPENVPN_AUTH_TYPE, vpnBean->ovpnAuthType_);
+ queryResultSet->GetString(INDEX_OPENVPN_ASKPASS, vpnBean->askpass_);
+ queryResultSet->GetString(INDEX_OPENVPN_CFG_FILE_PATH, vpnBean->ovpnConfigFilePath_);
+ queryResultSet->GetString(INDEX_OPENVPN_CA_CERT_FILE_PATH, vpnBean->ovpnCaCertFilePath_);
+ queryResultSet->GetString(INDEX_OPENVPN_USER_CERT_FILE_PATH, vpnBean->ovpnUserCertFilePath_);
+ queryResultSet->GetString(INDEX_OPENVPN_PRIVATE_KEY_FILE_PATH, vpnBean->ovpnPrivateKeyFilePath_);
queryResultSet->GetString(INDEX_IPSEC_PRE_SHARE_KEY, vpnBean->ipsecPreSharedKey_);
queryResultSet->GetString(INDEX_IPSEC_IDENTIFIER, vpnBean->ipsecIdentifier_);
@@ -271,17 +269,23 @@ void VpnDatabaseHelper::GetVpnDataFromResultSet(const std::shared_ptr<OHOS::Nati
int32_t VpnDatabaseHelper::QueryVpnData(sptr<VpnDataBean> &vpnBean, const std::string &vpnUuid)
{
- NETMGR_EXT_LOG_I("QueryVpnData");
- if (store_ == nullptr) {
- NETMGR_EXT_LOG_E("QueryVpnData store_ is nullptr");
- return NETMANAGER_EXT_ERR_OPERATION_FAILED;
- }
if (vpnBean == nullptr) {
NETMGR_EXT_LOG_E("QueryVpnData vpnBean is nullptr");
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
+ }
+ if (vpnUuid.empty()) {
+ NETMGR_EXT_LOG_E("QueryVpnData vpnUuid is empty");
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
+ }
+
+ NETMGR_EXT_LOG_I("QueryVpnData vpnUuid=%{public}s", vpnUuid.c_str());
+ if (store_ == nullptr) {
+ NETMGR_EXT_LOG_E("QueryVpnData store_ is nullptr");
return NETMANAGER_EXT_ERR_OPERATION_FAILED;
}
+
std::vector<std::string> columns;
- OHOS::NativeRdb::RdbPredicates rdbPredicate { VPN_CONFIG_TABLE };
+ OHOS::NativeRdb::RdbPredicates rdbPredicate{ VPN_CONFIG_TABLE };
rdbPredicate.EqualTo(VPN_ID, vpnUuid);
auto queryResultSet = store_->Query(rdbPredicate, columns);
if (queryResultSet == nullptr) {
@@ -316,7 +320,7 @@ int32_t VpnDatabaseHelper::QueryAllData(std::vector<SysVpnConfig> &infos, const
}
infos.clear();
std::vector<std::string> columns;
- OHOS::NativeRdb::RdbPredicates rdbPredicate { VPN_CONFIG_TABLE };
+ OHOS::NativeRdb::RdbPredicates rdbPredicate{ VPN_CONFIG_TABLE };
rdbPredicate.EqualTo(USER_ID, userId);
auto queryResultSet = store_->Query(rdbPredicate, columns);
if (queryResultSet == nullptr) {
@@ -345,12 +349,17 @@ int32_t VpnDatabaseHelper::QueryAllData(std::vector<SysVpnConfig> &infos, const
int32_t VpnDatabaseHelper::DeleteVpnData(const std::string &vpnUuid)
{
NETMGR_EXT_LOG_I("DeleteVpnData");
+ if (vpnUuid.empty()) {
+ NETMGR_EXT_LOG_E("DeleteVpnData vpnUuid is empty");
+ return NETMANAGER_EXT_ERR_INVALID_PARAMETER;
+ }
+
if (store_ == nullptr) {
NETMGR_EXT_LOG_E("DeleteVpnData store_ is nullptr");
return NETMANAGER_EXT_ERR_OPERATION_FAILED;
}
int32_t deletedRows = -1;
- OHOS::NativeRdb::RdbPredicates rdbPredicate { VPN_CONFIG_TABLE };
+ OHOS::NativeRdb::RdbPredicates rdbPredicate{ VPN_CONFIG_TABLE };
rdbPredicate.EqualTo(VPN_ID, vpnUuid);
int32_t result = store_->Delete(deletedRows, rdbPredicate);
if (result != NativeRdb::E_OK) {
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手