Search in sources :

Example 51 with RouteInfo

use of android.net.RouteInfo in project android_frameworks_base by DirtyUnicorns.

the class VpnConfig method addLegacyRoutes.

public void addLegacyRoutes(String routesStr) {
    if (routesStr.trim().equals("")) {
        return;
    }
    String[] routes = routesStr.trim().split(" ");
    for (String route : routes) {
        //each route is ip/prefix
        RouteInfo info = new RouteInfo(new IpPrefix(route), null);
        this.routes.add(info);
        updateAllowedFamilies(info.getDestination().getAddress());
    }
}
Also used : IpPrefix(android.net.IpPrefix) RouteInfo(android.net.RouteInfo)

Example 52 with RouteInfo

use of android.net.RouteInfo in project android_frameworks_base by DirtyUnicorns.

the class Vpn method startLegacyVpnPrivileged.

/**
     * Like {@link #startLegacyVpn(VpnProfile, KeyStore, LinkProperties)}, but does not check
     * permissions under the assumption that the caller is the system.
     *
     * Callers are responsible for checking permissions if needed.
     */
public void startLegacyVpnPrivileged(VpnProfile profile, KeyStore keyStore, LinkProperties egress) {
    UserManager mgr = UserManager.get(mContext);
    UserInfo user = mgr.getUserInfo(mUserHandle);
    if (user.isRestricted() || mgr.hasUserRestriction(UserManager.DISALLOW_CONFIG_VPN, new UserHandle(mUserHandle))) {
        throw new SecurityException("Restricted users cannot establish VPNs");
    }
    final RouteInfo ipv4DefaultRoute = findIPv4DefaultRoute(egress);
    final String gateway = ipv4DefaultRoute.getGateway().getHostAddress();
    final String iface = ipv4DefaultRoute.getInterface();
    // Load certificates.
    String privateKey = "";
    String userCert = "";
    String caCert = "";
    String serverCert = "";
    if (!profile.ipsecUserCert.isEmpty()) {
        privateKey = Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert;
        byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecUserCert);
        userCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
    }
    if (!profile.ipsecCaCert.isEmpty()) {
        byte[] value = keyStore.get(Credentials.CA_CERTIFICATE + profile.ipsecCaCert);
        caCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
    }
    if (!profile.ipsecServerCert.isEmpty()) {
        byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecServerCert);
        serverCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
    }
    if (privateKey == null || userCert == null || caCert == null || serverCert == null) {
        throw new IllegalStateException("Cannot load credentials");
    }
    // Prepare arguments for racoon.
    String[] racoon = null;
    switch(profile.type) {
        case VpnProfile.TYPE_L2TP_IPSEC_PSK:
            racoon = new String[] { iface, profile.server, "udppsk", profile.ipsecIdentifier, profile.ipsecSecret, "1701" };
            break;
        case VpnProfile.TYPE_L2TP_IPSEC_RSA:
            racoon = new String[] { iface, profile.server, "udprsa", privateKey, userCert, caCert, serverCert, "1701" };
            break;
        case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
            racoon = new String[] { iface, profile.server, "xauthpsk", profile.ipsecIdentifier, profile.ipsecSecret, profile.username, profile.password, "", gateway };
            break;
        case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
            racoon = new String[] { iface, profile.server, "xauthrsa", privateKey, userCert, caCert, serverCert, profile.username, profile.password, "", gateway };
            break;
        case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
            racoon = new String[] { iface, profile.server, "hybridrsa", caCert, serverCert, profile.username, profile.password, "", gateway };
            break;
    }
    // Prepare arguments for mtpd.
    String[] mtpd = null;
    switch(profile.type) {
        case VpnProfile.TYPE_PPTP:
            mtpd = new String[] { iface, "pptp", profile.server, "1723", "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400", (profile.mppe ? "+mppe" : "nomppe") };
            break;
        case VpnProfile.TYPE_L2TP_IPSEC_PSK:
        case VpnProfile.TYPE_L2TP_IPSEC_RSA:
            mtpd = new String[] { iface, "l2tp", profile.server, "1701", profile.l2tpSecret, "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400" };
            break;
    }
    VpnConfig config = new VpnConfig();
    config.legacy = true;
    config.user = profile.key;
    config.interfaze = iface;
    config.session = profile.name;
    config.addLegacyRoutes(profile.routes);
    if (!profile.dnsServers.isEmpty()) {
        config.dnsServers = Arrays.asList(profile.dnsServers.split(" +"));
    }
    if (!profile.searchDomains.isEmpty()) {
        config.searchDomains = Arrays.asList(profile.searchDomains.split(" +"));
    }
    startLegacyVpn(config, racoon, mtpd);
}
Also used : VpnConfig(com.android.internal.net.VpnConfig) UserManager(android.os.UserManager) UserHandle(android.os.UserHandle) UserInfo(android.content.pm.UserInfo) RouteInfo(android.net.RouteInfo)

Example 53 with RouteInfo

use of android.net.RouteInfo in project android_frameworks_base by DirtyUnicorns.

the class Nat464Xlat method makeLinkProperties.

private LinkProperties makeLinkProperties(LinkAddress clatAddress) {
    LinkProperties stacked = new LinkProperties();
    stacked.setInterfaceName(mIface);
    // Although the clat interface is a point-to-point tunnel, we don't
    // point the route directly at the interface because some apps don't
    // understand routes without gateways (see, e.g., http://b/9597256
    // http://b/9597516). Instead, set the next hop of the route to the
    // clat IPv4 address itself (for those apps, it doesn't matter what
    // the IP of the gateway is, only that there is one).
    RouteInfo ipv4Default = new RouteInfo(new LinkAddress(Inet4Address.ANY, 0), clatAddress.getAddress(), mIface);
    stacked.addRoute(ipv4Default);
    stacked.addLinkAddress(clatAddress);
    return stacked;
}
Also used : LinkAddress(android.net.LinkAddress) RouteInfo(android.net.RouteInfo) LinkProperties(android.net.LinkProperties)

Example 54 with RouteInfo

use of android.net.RouteInfo in project android_frameworks_base by DirtyUnicorns.

the class IpConfigStore method readIpAndProxyConfigurations.

public SparseArray<IpConfiguration> readIpAndProxyConfigurations(String filePath) {
    SparseArray<IpConfiguration> networks = new SparseArray<IpConfiguration>();
    DataInputStream in = null;
    try {
        in = new DataInputStream(new BufferedInputStream(new FileInputStream(filePath)));
        int version = in.readInt();
        if (version != 2 && version != 1) {
            loge("Bad version on IP configuration file, ignore read");
            return null;
        }
        while (true) {
            int id = -1;
            // Default is DHCP with no proxy
            IpAssignment ipAssignment = IpAssignment.DHCP;
            ProxySettings proxySettings = ProxySettings.NONE;
            StaticIpConfiguration staticIpConfiguration = new StaticIpConfiguration();
            String proxyHost = null;
            String pacFileUrl = null;
            int proxyPort = -1;
            String exclusionList = null;
            String key;
            do {
                key = in.readUTF();
                try {
                    if (key.equals(ID_KEY)) {
                        id = in.readInt();
                    } else if (key.equals(IP_ASSIGNMENT_KEY)) {
                        ipAssignment = IpAssignment.valueOf(in.readUTF());
                    } else if (key.equals(LINK_ADDRESS_KEY)) {
                        LinkAddress linkAddr = new LinkAddress(NetworkUtils.numericToInetAddress(in.readUTF()), in.readInt());
                        if (linkAddr.getAddress() instanceof Inet4Address && staticIpConfiguration.ipAddress == null) {
                            staticIpConfiguration.ipAddress = linkAddr;
                        } else {
                            loge("Non-IPv4 or duplicate address: " + linkAddr);
                        }
                    } else if (key.equals(GATEWAY_KEY)) {
                        LinkAddress dest = null;
                        InetAddress gateway = null;
                        if (version == 1) {
                            // only supported default gateways - leave the dest/prefix empty
                            gateway = NetworkUtils.numericToInetAddress(in.readUTF());
                            if (staticIpConfiguration.gateway == null) {
                                staticIpConfiguration.gateway = gateway;
                            } else {
                                loge("Duplicate gateway: " + gateway.getHostAddress());
                            }
                        } else {
                            if (in.readInt() == 1) {
                                dest = new LinkAddress(NetworkUtils.numericToInetAddress(in.readUTF()), in.readInt());
                            }
                            if (in.readInt() == 1) {
                                gateway = NetworkUtils.numericToInetAddress(in.readUTF());
                            }
                            RouteInfo route = new RouteInfo(dest, gateway);
                            if (route.isIPv4Default() && staticIpConfiguration.gateway == null) {
                                staticIpConfiguration.gateway = gateway;
                            } else {
                                loge("Non-IPv4 default or duplicate route: " + route);
                            }
                        }
                    } else if (key.equals(DNS_KEY)) {
                        staticIpConfiguration.dnsServers.add(NetworkUtils.numericToInetAddress(in.readUTF()));
                    } else if (key.equals(PROXY_SETTINGS_KEY)) {
                        proxySettings = ProxySettings.valueOf(in.readUTF());
                    } else if (key.equals(PROXY_HOST_KEY)) {
                        proxyHost = in.readUTF();
                    } else if (key.equals(PROXY_PORT_KEY)) {
                        proxyPort = in.readInt();
                    } else if (key.equals(PROXY_PAC_FILE)) {
                        pacFileUrl = in.readUTF();
                    } else if (key.equals(EXCLUSION_LIST_KEY)) {
                        exclusionList = in.readUTF();
                    } else if (key.equals(EOS)) {
                        break;
                    } else {
                        loge("Ignore unknown key " + key + "while reading");
                    }
                } catch (IllegalArgumentException e) {
                    loge("Ignore invalid address while reading" + e);
                }
            } while (true);
            if (id != -1) {
                IpConfiguration config = new IpConfiguration();
                networks.put(id, config);
                switch(ipAssignment) {
                    case STATIC:
                        config.staticIpConfiguration = staticIpConfiguration;
                        config.ipAssignment = ipAssignment;
                        break;
                    case DHCP:
                        config.ipAssignment = ipAssignment;
                        break;
                    case UNASSIGNED:
                        loge("BUG: Found UNASSIGNED IP on file, use DHCP");
                        config.ipAssignment = IpAssignment.DHCP;
                        break;
                    default:
                        loge("Ignore invalid ip assignment while reading.");
                        config.ipAssignment = IpAssignment.UNASSIGNED;
                        break;
                }
                switch(proxySettings) {
                    case STATIC:
                        ProxyInfo proxyInfo = new ProxyInfo(proxyHost, proxyPort, exclusionList);
                        config.proxySettings = proxySettings;
                        config.httpProxy = proxyInfo;
                        break;
                    case PAC:
                        ProxyInfo proxyPacProperties = new ProxyInfo(pacFileUrl);
                        config.proxySettings = proxySettings;
                        config.httpProxy = proxyPacProperties;
                        break;
                    case NONE:
                        config.proxySettings = proxySettings;
                        break;
                    case UNASSIGNED:
                        loge("BUG: Found UNASSIGNED proxy on file, use NONE");
                        config.proxySettings = ProxySettings.NONE;
                        break;
                    default:
                        loge("Ignore invalid proxy settings while reading");
                        config.proxySettings = ProxySettings.UNASSIGNED;
                        break;
                }
            } else {
                if (DBG)
                    log("Missing id while parsing configuration");
            }
        }
    } catch (EOFException ignore) {
    } catch (IOException e) {
        loge("Error parsing configuration: " + e);
    } finally {
        if (in != null) {
            try {
                in.close();
            } catch (Exception e) {
            }
        }
    }
    return networks;
}
Also used : LinkAddress(android.net.LinkAddress) Inet4Address(java.net.Inet4Address) IpConfiguration(android.net.IpConfiguration) StaticIpConfiguration(android.net.StaticIpConfiguration) IpAssignment(android.net.IpConfiguration.IpAssignment) ProxySettings(android.net.IpConfiguration.ProxySettings) IOException(java.io.IOException) DataInputStream(java.io.DataInputStream) FileInputStream(java.io.FileInputStream) IOException(java.io.IOException) EOFException(java.io.EOFException) ProxyInfo(android.net.ProxyInfo) SparseArray(android.util.SparseArray) BufferedInputStream(java.io.BufferedInputStream) StaticIpConfiguration(android.net.StaticIpConfiguration) EOFException(java.io.EOFException) RouteInfo(android.net.RouteInfo) InetAddress(java.net.InetAddress)

Example 55 with RouteInfo

use of android.net.RouteInfo in project android_frameworks_base by AOSPA.

the class StaticIpConfigurationTest method testToLinkProperties.

@SmallTest
public void testToLinkProperties() {
    LinkProperties expected = new LinkProperties();
    expected.setInterfaceName(IFACE);
    StaticIpConfiguration s = new StaticIpConfiguration();
    assertEquals(expected, s.toLinkProperties(IFACE));
    final RouteInfo connectedRoute = new RouteInfo(new IpPrefix(ADDRSTR), null, IFACE);
    s.ipAddress = ADDR;
    expected.addLinkAddress(ADDR);
    expected.addRoute(connectedRoute);
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.gateway = GATEWAY;
    RouteInfo defaultRoute = new RouteInfo(new IpPrefix("0.0.0.0/0"), GATEWAY, IFACE);
    expected.addRoute(defaultRoute);
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.gateway = OFFLINKGATEWAY;
    expected.removeRoute(defaultRoute);
    defaultRoute = new RouteInfo(new IpPrefix("0.0.0.0/0"), OFFLINKGATEWAY, IFACE);
    expected.addRoute(defaultRoute);
    RouteInfo gatewayRoute = new RouteInfo(new IpPrefix("192.0.2.129/32"), null, IFACE);
    expected.addRoute(gatewayRoute);
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.dnsServers.add(DNS1);
    expected.addDnsServer(DNS1);
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.dnsServers.add(DNS2);
    s.dnsServers.add(DNS3);
    expected.addDnsServer(DNS2);
    expected.addDnsServer(DNS3);
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.domains = "google.com";
    expected.setDomains("google.com");
    assertEquals(expected, s.toLinkProperties(IFACE));
    s.gateway = null;
    expected.removeRoute(defaultRoute);
    expected.removeRoute(gatewayRoute);
    assertEquals(expected, s.toLinkProperties(IFACE));
    // Without knowing the IP address, we don't have a directly-connected route, so we can't
    // tell if the gateway is off-link or not and we don't add a host route. This isn't a real
    // configuration, but we should at least not crash.
    s.gateway = OFFLINKGATEWAY;
    s.ipAddress = null;
    expected.removeLinkAddress(ADDR);
    expected.removeRoute(connectedRoute);
    expected.addRoute(defaultRoute);
    assertEquals(expected, s.toLinkProperties(IFACE));
}
Also used : IpPrefix(android.net.IpPrefix) StaticIpConfiguration(android.net.StaticIpConfiguration) RouteInfo(android.net.RouteInfo) SmallTest(android.test.suitebuilder.annotation.SmallTest)

Aggregations

RouteInfo (android.net.RouteInfo)160 LinkProperties (android.net.LinkProperties)72 InetAddress (java.net.InetAddress)56 LinkAddress (android.net.LinkAddress)52 SmallTest (android.test.suitebuilder.annotation.SmallTest)45 IpPrefix (android.net.IpPrefix)35 Inet6Address (java.net.Inet6Address)14 Inet4Address (java.net.Inet4Address)12 IOException (java.io.IOException)11 StaticIpConfiguration (android.net.StaticIpConfiguration)10 EOFException (java.io.EOFException)8 DataInputStream (java.io.DataInputStream)7 HashMap (java.util.HashMap)7 Parcel (android.os.Parcel)6 BufferedInputStream (java.io.BufferedInputStream)6 FileInputStream (java.io.FileInputStream)6 UnknownHostException (java.net.UnknownHostException)6 ArrayList (java.util.ArrayList)6 UserInfo (android.content.pm.UserInfo)5 IpConfiguration (android.net.IpConfiguration)5