2012-02-17 16:16:07 +00:00
|
|
|
/*
|
2012-07-14 14:00:01 +00:00
|
|
|
* Copyright (C) 2012 Giuliano Grassi
|
|
|
|
* Copyright (C) 2012 Ralf Sager
|
2012-02-17 16:16:07 +00:00
|
|
|
* Copyright (C) 2012 Tobias Brunner
|
|
|
|
* Hochschule fuer Technik Rapperswil
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the
|
|
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
* for more details.
|
|
|
|
*/
|
|
|
|
|
2012-08-07 13:30:49 +00:00
|
|
|
#include <signal.h>
|
2012-02-17 16:16:07 +00:00
|
|
|
#include <string.h>
|
|
|
|
#include <android/log.h>
|
|
|
|
|
2012-07-14 14:14:34 +00:00
|
|
|
#include "charonservice.h"
|
2012-07-14 14:00:01 +00:00
|
|
|
#include "android_jni.h"
|
2012-08-08 09:12:55 +00:00
|
|
|
#include "kernel/android_ipsec.h"
|
2012-08-08 09:05:07 +00:00
|
|
|
#include "kernel/android_net.h"
|
2012-07-14 14:00:01 +00:00
|
|
|
|
|
|
|
#include <daemon.h>
|
2012-02-17 16:16:07 +00:00
|
|
|
#include <hydra.h>
|
2012-02-22 14:36:33 +00:00
|
|
|
#include <ipsec.h>
|
2012-02-17 16:16:07 +00:00
|
|
|
#include <library.h>
|
2012-08-07 13:30:49 +00:00
|
|
|
#include <threading/thread.h>
|
2012-02-17 16:16:07 +00:00
|
|
|
|
2012-08-07 13:25:06 +00:00
|
|
|
#define ANDROID_DEBUG_LEVEL 1
|
|
|
|
|
2012-07-14 14:14:34 +00:00
|
|
|
typedef struct private_charonservice_t private_charonservice_t;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* private data of charonservice
|
|
|
|
*/
|
|
|
|
struct private_charonservice_t {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* public interface
|
|
|
|
*/
|
|
|
|
charonservice_t public;
|
2012-08-07 13:51:00 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* CharonVpnService reference
|
|
|
|
*/
|
|
|
|
jobject vpn_service;
|
2012-07-14 14:14:34 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Single instance of charonservice_t.
|
|
|
|
*/
|
|
|
|
charonservice_t *charonservice;
|
2012-02-17 16:16:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* hook in library for debugging messages
|
|
|
|
*/
|
2012-07-14 14:00:01 +00:00
|
|
|
extern void (*dbg)(debug_t group, level_t level, char *fmt, ...);
|
2012-02-17 16:16:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Logging hook for library logs, using android specific logging
|
|
|
|
*/
|
|
|
|
static void dbg_android(debug_t group, level_t level, char *fmt, ...)
|
|
|
|
{
|
|
|
|
va_list args;
|
|
|
|
|
2012-08-07 13:25:06 +00:00
|
|
|
if (level <= ANDROID_DEBUG_LEVEL)
|
2012-02-17 16:16:07 +00:00
|
|
|
{
|
|
|
|
char sgroup[16], buffer[8192];
|
|
|
|
char *current = buffer, *next;
|
2012-08-07 13:25:06 +00:00
|
|
|
|
2012-02-17 16:16:07 +00:00
|
|
|
snprintf(sgroup, sizeof(sgroup), "%N", debug_names, group);
|
|
|
|
va_start(args, fmt);
|
|
|
|
vsnprintf(buffer, sizeof(buffer), fmt, args);
|
|
|
|
va_end(args);
|
|
|
|
while (current)
|
|
|
|
{ /* log each line separately */
|
|
|
|
next = strchr(current, '\n');
|
|
|
|
if (next)
|
|
|
|
{
|
|
|
|
*(next++) = '\0';
|
|
|
|
}
|
|
|
|
__android_log_print(ANDROID_LOG_INFO, "charon", "00[%s] %s\n",
|
|
|
|
sgroup, current);
|
|
|
|
current = next;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-08-08 10:31:58 +00:00
|
|
|
METHOD(charonservice_t, update_status, bool,
|
|
|
|
private_charonservice_t *this, android_vpn_state_t code)
|
|
|
|
{
|
|
|
|
JNIEnv *env;
|
|
|
|
jmethodID method_id;
|
|
|
|
bool success = FALSE;
|
|
|
|
|
|
|
|
androidjni_attach_thread(&env);
|
|
|
|
|
|
|
|
method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
|
|
|
|
"updateStatus", "(I)V");
|
|
|
|
if (!method_id)
|
|
|
|
{
|
|
|
|
goto failed;
|
|
|
|
}
|
|
|
|
(*env)->CallVoidMethod(env, this->vpn_service, method_id, (jint)code);
|
|
|
|
success = !androidjni_exception_occurred(env);
|
|
|
|
|
|
|
|
failed:
|
|
|
|
androidjni_exception_occurred(env);
|
|
|
|
androidjni_detach_thread();
|
|
|
|
return success;
|
|
|
|
}
|
|
|
|
|
2012-08-08 10:20:13 +00:00
|
|
|
METHOD(charonservice_t, bypass_socket, bool,
|
|
|
|
private_charonservice_t *this, int fd, int family)
|
|
|
|
{
|
|
|
|
JNIEnv *env;
|
|
|
|
jmethodID method_id;
|
|
|
|
|
|
|
|
androidjni_attach_thread(&env);
|
|
|
|
|
|
|
|
method_id = (*env)->GetMethodID(env, android_charonvpnservice_class,
|
|
|
|
"protect", "(I)Z");
|
|
|
|
if (!method_id)
|
|
|
|
{
|
|
|
|
goto failed;
|
|
|
|
}
|
|
|
|
if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd))
|
|
|
|
{
|
|
|
|
DBG1(DBG_CFG, "VpnService.protect() failed");
|
|
|
|
goto failed;
|
|
|
|
}
|
|
|
|
androidjni_detach_thread();
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
failed:
|
|
|
|
androidjni_exception_occurred(env);
|
|
|
|
androidjni_detach_thread();
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2012-08-08 10:35:49 +00:00
|
|
|
METHOD(charonservice_t, get_trusted_certificates, linked_list_t*,
|
|
|
|
private_charonservice_t *this)
|
|
|
|
{
|
|
|
|
JNIEnv *env;
|
|
|
|
jmethodID method_id;
|
|
|
|
jobjectArray jcerts;
|
|
|
|
linked_list_t *list;
|
|
|
|
jsize i;
|
|
|
|
|
|
|
|
androidjni_attach_thread(&env);
|
|
|
|
|
|
|
|
method_id = (*env)->GetMethodID(env,
|
|
|
|
android_charonvpnservice_class,
|
|
|
|
"getTrustedCertificates", "(Ljava/lang/String;)[[B");
|
|
|
|
if (!method_id)
|
|
|
|
{
|
|
|
|
goto failed;
|
|
|
|
}
|
|
|
|
jcerts = (*env)->CallObjectMethod(env, this->vpn_service, method_id, NULL);
|
|
|
|
if (!jcerts)
|
|
|
|
{
|
|
|
|
goto failed;
|
|
|
|
}
|
|
|
|
list = linked_list_create();
|
|
|
|
for (i = 0; i < (*env)->GetArrayLength(env, jcerts); ++i)
|
|
|
|
{
|
|
|
|
chunk_t *ca_cert;
|
|
|
|
jbyteArray jcert;
|
|
|
|
|
|
|
|
ca_cert = malloc_thing(chunk_t);
|
|
|
|
list->insert_last(list, ca_cert);
|
|
|
|
|
|
|
|
jcert = (*env)->GetObjectArrayElement(env, jcerts, i);
|
|
|
|
*ca_cert = chunk_alloc((*env)->GetArrayLength(env, jcert));
|
|
|
|
(*env)->GetByteArrayRegion(env, jcert, 0, ca_cert->len, ca_cert->ptr);
|
|
|
|
(*env)->DeleteLocalRef(env, jcert);
|
|
|
|
}
|
|
|
|
(*env)->DeleteLocalRef(env, jcerts);
|
|
|
|
androidjni_detach_thread();
|
|
|
|
return list;
|
|
|
|
|
|
|
|
failed:
|
|
|
|
androidjni_exception_occurred(env);
|
|
|
|
androidjni_detach_thread();
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2012-07-14 14:14:34 +00:00
|
|
|
/**
|
|
|
|
* Initialize the charonservice object
|
|
|
|
*/
|
2012-08-07 13:51:00 +00:00
|
|
|
static void charonservice_init(JNIEnv *env, jobject service)
|
2012-07-14 14:14:34 +00:00
|
|
|
{
|
|
|
|
private_charonservice_t *this;
|
2012-08-08 09:05:07 +00:00
|
|
|
static plugin_feature_t features[] = {
|
|
|
|
PLUGIN_CALLBACK(kernel_net_register, kernel_android_net_create),
|
|
|
|
PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
|
2012-08-08 09:12:55 +00:00
|
|
|
PLUGIN_CALLBACK(kernel_ipsec_register, kernel_android_ipsec_create),
|
|
|
|
PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
|
2012-08-08 09:05:07 +00:00
|
|
|
};
|
2012-07-14 14:14:34 +00:00
|
|
|
|
|
|
|
INIT(this,
|
|
|
|
.public = {
|
2012-08-08 10:31:58 +00:00
|
|
|
.update_status = _update_status,
|
2012-08-08 10:20:13 +00:00
|
|
|
.bypass_socket = _bypass_socket,
|
2012-08-08 10:35:49 +00:00
|
|
|
.get_trusted_certificates = _get_trusted_certificates,
|
2012-07-14 14:14:34 +00:00
|
|
|
},
|
2012-08-07 13:51:00 +00:00
|
|
|
.vpn_service = (*env)->NewGlobalRef(env, service),
|
2012-07-14 14:14:34 +00:00
|
|
|
);
|
|
|
|
charonservice = &this->public;
|
2012-08-07 13:25:06 +00:00
|
|
|
|
2012-08-08 09:05:07 +00:00
|
|
|
lib->plugins->add_static_features(lib->plugins, "androidbridge", features,
|
|
|
|
countof(features), TRUE);
|
|
|
|
|
2012-08-07 13:25:06 +00:00
|
|
|
lib->settings->set_int(lib->settings,
|
|
|
|
"charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL);
|
2012-07-14 14:14:34 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Deinitialize the charonservice object
|
|
|
|
*/
|
2012-08-07 13:51:00 +00:00
|
|
|
static void charonservice_deinit(JNIEnv *env)
|
2012-07-14 14:14:34 +00:00
|
|
|
{
|
|
|
|
private_charonservice_t *this = (private_charonservice_t*)charonservice;
|
|
|
|
|
2012-08-07 13:51:00 +00:00
|
|
|
(*env)->DeleteGlobalRef(env, this->vpn_service);
|
2012-07-14 14:14:34 +00:00
|
|
|
free(this);
|
|
|
|
charonservice = NULL;
|
|
|
|
}
|
|
|
|
|
2012-08-07 13:30:49 +00:00
|
|
|
/**
|
|
|
|
* Handle SIGSEGV/SIGILL signals raised by threads
|
|
|
|
*/
|
|
|
|
static void segv_handler(int signal)
|
|
|
|
{
|
|
|
|
dbg_android(DBG_DMN, 1, "thread %u received %d", thread_current_id(),
|
|
|
|
signal);
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
2012-02-17 16:16:07 +00:00
|
|
|
/**
|
|
|
|
* Initialize charon and the libraries via JNI
|
|
|
|
*/
|
|
|
|
JNI_METHOD(CharonVpnService, initializeCharon, void)
|
|
|
|
{
|
2012-08-07 13:30:49 +00:00
|
|
|
struct sigaction action;
|
|
|
|
|
2012-02-17 16:16:07 +00:00
|
|
|
/* logging for library during initialization, as we have no bus yet */
|
|
|
|
dbg = dbg_android;
|
|
|
|
|
|
|
|
/* initialize library */
|
|
|
|
if (!library_init(NULL))
|
|
|
|
{
|
|
|
|
library_deinit();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!libhydra_init("charon"))
|
|
|
|
{
|
|
|
|
libhydra_deinit();
|
|
|
|
library_deinit();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2012-02-22 14:36:33 +00:00
|
|
|
if (!libipsec_init())
|
|
|
|
{
|
|
|
|
libipsec_deinit();
|
|
|
|
libhydra_deinit();
|
|
|
|
library_deinit();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2012-08-07 13:51:00 +00:00
|
|
|
charonservice_init(env, this);
|
2012-07-14 14:14:34 +00:00
|
|
|
|
2012-02-17 16:16:07 +00:00
|
|
|
if (!libcharon_init("charon") ||
|
|
|
|
!charon->initialize(charon, PLUGINS))
|
|
|
|
{
|
|
|
|
libcharon_deinit();
|
2012-08-07 13:51:00 +00:00
|
|
|
charonservice_deinit(env);
|
2012-02-22 14:36:33 +00:00
|
|
|
libipsec_deinit();
|
2012-02-17 16:16:07 +00:00
|
|
|
libhydra_deinit();
|
|
|
|
library_deinit();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2012-08-07 13:30:49 +00:00
|
|
|
/* add handler for SEGV and ILL etc. */
|
|
|
|
action.sa_handler = segv_handler;
|
|
|
|
action.sa_flags = 0;
|
|
|
|
sigemptyset(&action.sa_mask);
|
|
|
|
sigaction(SIGSEGV, &action, NULL);
|
|
|
|
sigaction(SIGILL, &action, NULL);
|
|
|
|
sigaction(SIGBUS, &action, NULL);
|
|
|
|
action.sa_handler = SIG_IGN;
|
|
|
|
sigaction(SIGPIPE, &action, NULL);
|
|
|
|
|
2012-02-17 16:16:07 +00:00
|
|
|
/* start daemon (i.e. the threads in the thread-pool) */
|
|
|
|
charon->start(charon);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2012-07-14 14:14:34 +00:00
|
|
|
* Deinitialize charon and all libraries
|
2012-02-17 16:16:07 +00:00
|
|
|
*/
|
|
|
|
JNI_METHOD(CharonVpnService, deinitializeCharon, void)
|
|
|
|
{
|
|
|
|
libcharon_deinit();
|
2012-08-07 13:51:00 +00:00
|
|
|
charonservice_deinit(env);
|
2012-02-22 14:36:33 +00:00
|
|
|
libipsec_deinit();
|
2012-02-17 16:16:07 +00:00
|
|
|
libhydra_deinit();
|
|
|
|
library_deinit();
|
|
|
|
}
|
|
|
|
|