use of android.net.LinkAddress in project android_frameworks_base by AOSPA.
the class LockdownVpnTracker method handleStateChangedLocked.
/**
* Watch for state changes to both active egress network, kicking off a VPN
* connection when ready, or setting firewall rules once VPN is connected.
*/
private void handleStateChangedLocked() {
final NetworkInfo egressInfo = mConnService.getActiveNetworkInfoUnfiltered();
final LinkProperties egressProp = mConnService.getActiveLinkProperties();
final NetworkInfo vpnInfo = mVpn.getNetworkInfo();
final VpnConfig vpnConfig = mVpn.getLegacyVpnConfig();
// Restart VPN when egress network disconnected or changed
final boolean egressDisconnected = egressInfo == null || State.DISCONNECTED.equals(egressInfo.getState());
final boolean egressChanged = egressProp == null || !TextUtils.equals(mAcceptedEgressIface, egressProp.getInterfaceName());
final String egressTypeName = (egressInfo == null) ? null : ConnectivityManager.getNetworkTypeName(egressInfo.getType());
final String egressIface = (egressProp == null) ? null : egressProp.getInterfaceName();
Slog.d(TAG, "handleStateChanged: egress=" + egressTypeName + " " + mAcceptedEgressIface + "->" + egressIface);
if (egressDisconnected || egressChanged) {
clearSourceRulesLocked();
mAcceptedEgressIface = null;
mVpn.stopLegacyVpnPrivileged();
}
if (egressDisconnected) {
hideNotification();
return;
}
final int egressType = egressInfo.getType();
if (vpnInfo.getDetailedState() == DetailedState.FAILED) {
EventLogTags.writeLockdownVpnError(egressType);
}
if (mErrorCount > MAX_ERROR_COUNT) {
showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
} else if (egressInfo.isConnected() && !vpnInfo.isConnectedOrConnecting()) {
if (mProfile.isValidLockdownProfile()) {
Slog.d(TAG, "Active network connected; starting VPN");
EventLogTags.writeLockdownVpnConnecting(egressType);
showNotification(R.string.vpn_lockdown_connecting, R.drawable.vpn_disconnected);
mAcceptedEgressIface = egressProp.getInterfaceName();
try {
// Use the privileged method because Lockdown VPN is initiated by the system, so
// no additional permission checks are necessary.
mVpn.startLegacyVpnPrivileged(mProfile, KeyStore.getInstance(), egressProp);
} catch (IllegalStateException e) {
mAcceptedEgressIface = null;
Slog.e(TAG, "Failed to start VPN", e);
showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
}
} else {
Slog.e(TAG, "Invalid VPN profile; requires IP-based server and DNS");
showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
}
} else if (vpnInfo.isConnected() && vpnConfig != null) {
final String iface = vpnConfig.interfaze;
final List<LinkAddress> sourceAddrs = vpnConfig.addresses;
if (TextUtils.equals(iface, mAcceptedIface) && sourceAddrs.equals(mAcceptedSourceAddr)) {
return;
}
Slog.d(TAG, "VPN connected using iface=" + iface + ", sourceAddr=" + sourceAddrs.toString());
EventLogTags.writeLockdownVpnConnected(egressType);
showNotification(R.string.vpn_lockdown_connected, R.drawable.vpn_connected);
try {
clearSourceRulesLocked();
mNetService.setFirewallInterfaceRule(iface, true);
for (LinkAddress addr : sourceAddrs) {
setFirewallEgressSourceRule(addr, true);
}
mNetService.setFirewallUidRule(FIREWALL_CHAIN_NONE, ROOT_UID, FIREWALL_RULE_ALLOW);
mNetService.setFirewallUidRule(FIREWALL_CHAIN_NONE, Os.getuid(), FIREWALL_RULE_ALLOW);
mErrorCount = 0;
mAcceptedIface = iface;
mAcceptedSourceAddr = sourceAddrs;
} catch (RemoteException e) {
throw new RuntimeException("Problem setting firewall rules", e);
}
final NetworkInfo clone = new NetworkInfo(egressInfo);
augmentNetworkInfo(clone);
mConnService.sendConnectedBroadcast(clone);
}
}
use of android.net.LinkAddress in project android_frameworks_base by AOSPA.
the class Nat464Xlat method makeLinkProperties.
private LinkProperties makeLinkProperties(LinkAddress clatAddress) {
LinkProperties stacked = new LinkProperties();
stacked.setInterfaceName(mIface);
// Although the clat interface is a point-to-point tunnel, we don't
// point the route directly at the interface because some apps don't
// understand routes without gateways (see, e.g., http://b/9597256
// http://b/9597516). Instead, set the next hop of the route to the
// clat IPv4 address itself (for those apps, it doesn't matter what
// the IP of the gateway is, only that there is one).
RouteInfo ipv4Default = new RouteInfo(new LinkAddress(Inet4Address.ANY, 0), clatAddress.getAddress(), mIface);
stacked.addRoute(ipv4Default);
stacked.addLinkAddress(clatAddress);
return stacked;
}
use of android.net.LinkAddress in project android_frameworks_base by AOSPA.
the class IpConfigStore method writeConfig.
private boolean writeConfig(DataOutputStream out, int configKey, IpConfiguration config) throws IOException {
boolean written = false;
try {
switch(config.ipAssignment) {
case STATIC:
out.writeUTF(IP_ASSIGNMENT_KEY);
out.writeUTF(config.ipAssignment.toString());
StaticIpConfiguration staticIpConfiguration = config.staticIpConfiguration;
if (staticIpConfiguration != null) {
if (staticIpConfiguration.ipAddress != null) {
LinkAddress ipAddress = staticIpConfiguration.ipAddress;
out.writeUTF(LINK_ADDRESS_KEY);
out.writeUTF(ipAddress.getAddress().getHostAddress());
out.writeInt(ipAddress.getPrefixLength());
}
if (staticIpConfiguration.gateway != null) {
out.writeUTF(GATEWAY_KEY);
// Default route.
out.writeInt(0);
// Have a gateway.
out.writeInt(1);
out.writeUTF(staticIpConfiguration.gateway.getHostAddress());
}
for (InetAddress inetAddr : staticIpConfiguration.dnsServers) {
out.writeUTF(DNS_KEY);
out.writeUTF(inetAddr.getHostAddress());
}
}
written = true;
break;
case DHCP:
out.writeUTF(IP_ASSIGNMENT_KEY);
out.writeUTF(config.ipAssignment.toString());
written = true;
break;
case UNASSIGNED:
/* Ignore */
break;
default:
loge("Ignore invalid ip assignment while writing");
break;
}
switch(config.proxySettings) {
case STATIC:
ProxyInfo proxyProperties = config.httpProxy;
String exclusionList = proxyProperties.getExclusionListAsString();
out.writeUTF(PROXY_SETTINGS_KEY);
out.writeUTF(config.proxySettings.toString());
out.writeUTF(PROXY_HOST_KEY);
out.writeUTF(proxyProperties.getHost());
out.writeUTF(PROXY_PORT_KEY);
out.writeInt(proxyProperties.getPort());
if (exclusionList != null) {
out.writeUTF(EXCLUSION_LIST_KEY);
out.writeUTF(exclusionList);
}
written = true;
break;
case PAC:
ProxyInfo proxyPacProperties = config.httpProxy;
out.writeUTF(PROXY_SETTINGS_KEY);
out.writeUTF(config.proxySettings.toString());
out.writeUTF(PROXY_PAC_FILE);
out.writeUTF(proxyPacProperties.getPacFileUrl().toString());
written = true;
break;
case NONE:
out.writeUTF(PROXY_SETTINGS_KEY);
out.writeUTF(config.proxySettings.toString());
written = true;
break;
case UNASSIGNED:
/* Ignore */
break;
default:
loge("Ignore invalid proxy settings while writing");
break;
}
if (written) {
out.writeUTF(ID_KEY);
out.writeInt(configKey);
}
} catch (NullPointerException e) {
loge("Failure in writing " + config + e);
}
out.writeUTF(EOS);
return written;
}
use of android.net.LinkAddress in project android_frameworks_base by AOSPA.
the class IpConfigStore method readIpAndProxyConfigurations.
public SparseArray<IpConfiguration> readIpAndProxyConfigurations(String filePath) {
SparseArray<IpConfiguration> networks = new SparseArray<IpConfiguration>();
DataInputStream in = null;
try {
in = new DataInputStream(new BufferedInputStream(new FileInputStream(filePath)));
int version = in.readInt();
if (version != 2 && version != 1) {
loge("Bad version on IP configuration file, ignore read");
return null;
}
while (true) {
int id = -1;
// Default is DHCP with no proxy
IpAssignment ipAssignment = IpAssignment.DHCP;
ProxySettings proxySettings = ProxySettings.NONE;
StaticIpConfiguration staticIpConfiguration = new StaticIpConfiguration();
String proxyHost = null;
String pacFileUrl = null;
int proxyPort = -1;
String exclusionList = null;
String key;
do {
key = in.readUTF();
try {
if (key.equals(ID_KEY)) {
id = in.readInt();
} else if (key.equals(IP_ASSIGNMENT_KEY)) {
ipAssignment = IpAssignment.valueOf(in.readUTF());
} else if (key.equals(LINK_ADDRESS_KEY)) {
LinkAddress linkAddr = new LinkAddress(NetworkUtils.numericToInetAddress(in.readUTF()), in.readInt());
if (linkAddr.getAddress() instanceof Inet4Address && staticIpConfiguration.ipAddress == null) {
staticIpConfiguration.ipAddress = linkAddr;
} else {
loge("Non-IPv4 or duplicate address: " + linkAddr);
}
} else if (key.equals(GATEWAY_KEY)) {
LinkAddress dest = null;
InetAddress gateway = null;
if (version == 1) {
// only supported default gateways - leave the dest/prefix empty
gateway = NetworkUtils.numericToInetAddress(in.readUTF());
if (staticIpConfiguration.gateway == null) {
staticIpConfiguration.gateway = gateway;
} else {
loge("Duplicate gateway: " + gateway.getHostAddress());
}
} else {
if (in.readInt() == 1) {
dest = new LinkAddress(NetworkUtils.numericToInetAddress(in.readUTF()), in.readInt());
}
if (in.readInt() == 1) {
gateway = NetworkUtils.numericToInetAddress(in.readUTF());
}
RouteInfo route = new RouteInfo(dest, gateway);
if (route.isIPv4Default() && staticIpConfiguration.gateway == null) {
staticIpConfiguration.gateway = gateway;
} else {
loge("Non-IPv4 default or duplicate route: " + route);
}
}
} else if (key.equals(DNS_KEY)) {
staticIpConfiguration.dnsServers.add(NetworkUtils.numericToInetAddress(in.readUTF()));
} else if (key.equals(PROXY_SETTINGS_KEY)) {
proxySettings = ProxySettings.valueOf(in.readUTF());
} else if (key.equals(PROXY_HOST_KEY)) {
proxyHost = in.readUTF();
} else if (key.equals(PROXY_PORT_KEY)) {
proxyPort = in.readInt();
} else if (key.equals(PROXY_PAC_FILE)) {
pacFileUrl = in.readUTF();
} else if (key.equals(EXCLUSION_LIST_KEY)) {
exclusionList = in.readUTF();
} else if (key.equals(EOS)) {
break;
} else {
loge("Ignore unknown key " + key + "while reading");
}
} catch (IllegalArgumentException e) {
loge("Ignore invalid address while reading" + e);
}
} while (true);
if (id != -1) {
IpConfiguration config = new IpConfiguration();
networks.put(id, config);
switch(ipAssignment) {
case STATIC:
config.staticIpConfiguration = staticIpConfiguration;
config.ipAssignment = ipAssignment;
break;
case DHCP:
config.ipAssignment = ipAssignment;
break;
case UNASSIGNED:
loge("BUG: Found UNASSIGNED IP on file, use DHCP");
config.ipAssignment = IpAssignment.DHCP;
break;
default:
loge("Ignore invalid ip assignment while reading.");
config.ipAssignment = IpAssignment.UNASSIGNED;
break;
}
switch(proxySettings) {
case STATIC:
ProxyInfo proxyInfo = new ProxyInfo(proxyHost, proxyPort, exclusionList);
config.proxySettings = proxySettings;
config.httpProxy = proxyInfo;
break;
case PAC:
ProxyInfo proxyPacProperties = new ProxyInfo(pacFileUrl);
config.proxySettings = proxySettings;
config.httpProxy = proxyPacProperties;
break;
case NONE:
config.proxySettings = proxySettings;
break;
case UNASSIGNED:
loge("BUG: Found UNASSIGNED proxy on file, use NONE");
config.proxySettings = ProxySettings.NONE;
break;
default:
loge("Ignore invalid proxy settings while reading");
config.proxySettings = ProxySettings.UNASSIGNED;
break;
}
} else {
if (DBG)
log("Missing id while parsing configuration");
}
}
} catch (EOFException ignore) {
} catch (IOException e) {
loge("Error parsing configuration: " + e);
} finally {
if (in != null) {
try {
in.close();
} catch (Exception e) {
}
}
}
return networks;
}
use of android.net.LinkAddress in project android_frameworks_base by crdroidandroid.
the class WifiConfigurationHelper method getWifiConfiguration.
/**
* Parse a {@link JSONObject} and return the wifi configuration.
*
* @throws IllegalArgumentException if any mandatory fields are missing.
*/
private static WifiConfiguration getWifiConfiguration(JSONObject jsonConfig) throws JSONException {
String ssid = jsonConfig.getString("ssid");
String password = null;
WifiConfiguration config;
int securityType = getSecurityType(jsonConfig.getString("security"));
switch(securityType) {
case NONE:
config = createOpenConfig(ssid);
break;
case WEP:
password = jsonConfig.getString("password");
config = createWepConfig(ssid, password);
break;
case PSK:
password = jsonConfig.getString("password");
config = createPskConfig(ssid, password);
break;
case EAP:
password = jsonConfig.getString("password");
int eapMethod = getEapMethod(jsonConfig.getString("eap"));
Integer phase2 = null;
if (jsonConfig.has("phase2")) {
phase2 = getPhase2(jsonConfig.getString("phase2"));
}
String identity = null;
if (jsonConfig.has("identity")) {
identity = jsonConfig.getString("identity");
}
String anonymousIdentity = null;
if (jsonConfig.has("anonymous_identity")) {
anonymousIdentity = jsonConfig.getString("anonymous_identity");
}
String caCert = null;
if (jsonConfig.has("ca_cert")) {
caCert = (jsonConfig.getString("ca_cert"));
}
String clientCert = null;
if (jsonConfig.has("client_cert")) {
clientCert = jsonConfig.getString("client_cert");
}
config = createEapConfig(ssid, password, eapMethod, phase2, identity, anonymousIdentity, caCert, clientCert);
break;
default:
// Should never reach here as getSecurityType will already throw an exception
throw new IllegalArgumentException();
}
if (jsonConfig.has("ip")) {
StaticIpConfiguration staticIpConfig = new StaticIpConfiguration();
InetAddress ipAddress = getInetAddress(jsonConfig.getString("ip"));
int prefixLength = getPrefixLength(jsonConfig.getInt("prefix_length"));
staticIpConfig.ipAddress = new LinkAddress(ipAddress, prefixLength);
staticIpConfig.gateway = getInetAddress(jsonConfig.getString("gateway"));
staticIpConfig.dnsServers.add(getInetAddress(jsonConfig.getString("dns1")));
staticIpConfig.dnsServers.add(getInetAddress(jsonConfig.getString("dns2")));
config.setIpAssignment(IpAssignment.STATIC);
config.setStaticIpConfiguration(staticIpConfig);
} else {
config.setIpAssignment(IpAssignment.DHCP);
}
config.setProxySettings(ProxySettings.NONE);
return config;
}
Aggregations