use of android.net.RouteInfo in project platform_frameworks_base by android.
the class Vpn method startLegacyVpnPrivileged.
/**
* Like {@link #startLegacyVpn(VpnProfile, KeyStore, LinkProperties)}, but does not check
* permissions under the assumption that the caller is the system.
*
* Callers are responsible for checking permissions if needed.
*/
public void startLegacyVpnPrivileged(VpnProfile profile, KeyStore keyStore, LinkProperties egress) {
UserManager mgr = UserManager.get(mContext);
UserInfo user = mgr.getUserInfo(mUserHandle);
if (user.isRestricted() || mgr.hasUserRestriction(UserManager.DISALLOW_CONFIG_VPN, new UserHandle(mUserHandle))) {
throw new SecurityException("Restricted users cannot establish VPNs");
}
final RouteInfo ipv4DefaultRoute = findIPv4DefaultRoute(egress);
final String gateway = ipv4DefaultRoute.getGateway().getHostAddress();
final String iface = ipv4DefaultRoute.getInterface();
// Load certificates.
String privateKey = "";
String userCert = "";
String caCert = "";
String serverCert = "";
if (!profile.ipsecUserCert.isEmpty()) {
privateKey = Credentials.USER_PRIVATE_KEY + profile.ipsecUserCert;
byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecUserCert);
userCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (!profile.ipsecCaCert.isEmpty()) {
byte[] value = keyStore.get(Credentials.CA_CERTIFICATE + profile.ipsecCaCert);
caCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (!profile.ipsecServerCert.isEmpty()) {
byte[] value = keyStore.get(Credentials.USER_CERTIFICATE + profile.ipsecServerCert);
serverCert = (value == null) ? null : new String(value, StandardCharsets.UTF_8);
}
if (privateKey == null || userCert == null || caCert == null || serverCert == null) {
throw new IllegalStateException("Cannot load credentials");
}
// Prepare arguments for racoon.
String[] racoon = null;
switch(profile.type) {
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
racoon = new String[] { iface, profile.server, "udppsk", profile.ipsecIdentifier, profile.ipsecSecret, "1701" };
break;
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
racoon = new String[] { iface, profile.server, "udprsa", privateKey, userCert, caCert, serverCert, "1701" };
break;
case VpnProfile.TYPE_IPSEC_XAUTH_PSK:
racoon = new String[] { iface, profile.server, "xauthpsk", profile.ipsecIdentifier, profile.ipsecSecret, profile.username, profile.password, "", gateway };
break;
case VpnProfile.TYPE_IPSEC_XAUTH_RSA:
racoon = new String[] { iface, profile.server, "xauthrsa", privateKey, userCert, caCert, serverCert, profile.username, profile.password, "", gateway };
break;
case VpnProfile.TYPE_IPSEC_HYBRID_RSA:
racoon = new String[] { iface, profile.server, "hybridrsa", caCert, serverCert, profile.username, profile.password, "", gateway };
break;
}
// Prepare arguments for mtpd.
String[] mtpd = null;
switch(profile.type) {
case VpnProfile.TYPE_PPTP:
mtpd = new String[] { iface, "pptp", profile.server, "1723", "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400", (profile.mppe ? "+mppe" : "nomppe") };
break;
case VpnProfile.TYPE_L2TP_IPSEC_PSK:
case VpnProfile.TYPE_L2TP_IPSEC_RSA:
mtpd = new String[] { iface, "l2tp", profile.server, "1701", profile.l2tpSecret, "name", profile.username, "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute", "usepeerdns", "idle", "1800", "mtu", "1400", "mru", "1400" };
break;
}
VpnConfig config = new VpnConfig();
config.legacy = true;
config.user = profile.key;
config.interfaze = iface;
config.session = profile.name;
config.addLegacyRoutes(profile.routes);
if (!profile.dnsServers.isEmpty()) {
config.dnsServers = Arrays.asList(profile.dnsServers.split(" +"));
}
if (!profile.searchDomains.isEmpty()) {
config.searchDomains = Arrays.asList(profile.searchDomains.split(" +"));
}
startLegacyVpn(config, racoon, mtpd);
}
use of android.net.RouteInfo in project platform_frameworks_base by android.
the class NetworkManagementService method tetherInterface.
@Override
public void tetherInterface(String iface) {
mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
try {
mConnector.execute("tether", "interface", "add", iface);
} catch (NativeDaemonConnectorException e) {
throw e.rethrowAsParcelableException();
}
List<RouteInfo> routes = new ArrayList<>();
// The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
// suitable to use as a route destination.
routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
addInterfaceToLocalNetwork(iface, routes);
}
use of android.net.RouteInfo in project platform_frameworks_base by android.
the class IpReachabilityMonitor method updateLinkProperties.
public void updateLinkProperties(LinkProperties lp) {
if (!mInterfaceName.equals(lp.getInterfaceName())) {
// TODO: figure out whether / how to cope with interface changes.
Log.wtf(TAG, "requested LinkProperties interface '" + lp.getInterfaceName() + "' does not match: " + mInterfaceName);
return;
}
synchronized (mLock) {
mLinkProperties = new LinkProperties(lp);
Map<InetAddress, Short> newIpWatchList = new HashMap<>();
final List<RouteInfo> routes = mLinkProperties.getRoutes();
for (RouteInfo route : routes) {
if (route.hasGateway()) {
InetAddress gw = route.getGateway();
if (isOnLink(routes, gw)) {
newIpWatchList.put(gw, getNeighborStateLocked(gw));
}
}
}
for (InetAddress nameserver : lp.getDnsServers()) {
if (isOnLink(routes, nameserver)) {
newIpWatchList.put(nameserver, getNeighborStateLocked(nameserver));
}
}
mIpWatchList = newIpWatchList;
mIpWatchListVersion++;
}
if (DBG) {
Log.d(TAG, "watch: " + describeWatchList());
}
}
use of android.net.RouteInfo in project android_frameworks_base by ParanoidAndroid.
the class ArpPeer method doArp.
public static boolean doArp(String myMacAddress, LinkProperties linkProperties, int timeoutMillis, int numArpPings, int minArpResponses) {
String interfaceName = linkProperties.getInterfaceName();
InetAddress inetAddress = null;
InetAddress gateway = null;
boolean success;
for (LinkAddress la : linkProperties.getLinkAddresses()) {
inetAddress = la.getAddress();
break;
}
for (RouteInfo route : linkProperties.getRoutes()) {
gateway = route.getGateway();
break;
}
try {
ArpPeer peer = new ArpPeer(interfaceName, inetAddress, myMacAddress, gateway);
int responses = 0;
for (int i = 0; i < numArpPings; i++) {
if (peer.doArp(timeoutMillis) != null)
responses++;
}
if (DBG)
Log.d(TAG, "ARP test result: " + responses + "/" + numArpPings);
success = (responses >= minArpResponses);
peer.close();
} catch (SocketException se) {
//Consider an Arp socket creation issue as a successful Arp
//test to avoid any wifi connectivity issues
Log.e(TAG, "ARP test initiation failure: " + se);
success = true;
}
return success;
}
use of android.net.RouteInfo in project android_frameworks_base by ParanoidAndroid.
the class LinkPropertiesTest method testEqualsDifferentOrder.
@SmallTest
public void testEqualsDifferentOrder() {
try {
LinkProperties source = new LinkProperties();
source.setInterfaceName(NAME);
// set 2 link addresses
source.addLinkAddress(new LinkAddress(NetworkUtils.numericToInetAddress(ADDRV4), 32));
source.addLinkAddress(new LinkAddress(NetworkUtils.numericToInetAddress(ADDRV6), 128));
// set 2 dnses
source.addDns(NetworkUtils.numericToInetAddress(DNS1));
source.addDns(NetworkUtils.numericToInetAddress(DNS2));
// set 2 gateways
source.addRoute(new RouteInfo(NetworkUtils.numericToInetAddress(GATEWAY1)));
source.addRoute(new RouteInfo(NetworkUtils.numericToInetAddress(GATEWAY2)));
LinkProperties target = new LinkProperties();
// Exchange order
target.setInterfaceName(NAME);
target.addLinkAddress(new LinkAddress(NetworkUtils.numericToInetAddress(ADDRV6), 128));
target.addLinkAddress(new LinkAddress(NetworkUtils.numericToInetAddress(ADDRV4), 32));
target.addDns(NetworkUtils.numericToInetAddress(DNS2));
target.addDns(NetworkUtils.numericToInetAddress(DNS1));
target.addRoute(new RouteInfo(NetworkUtils.numericToInetAddress(GATEWAY2)));
target.addRoute(new RouteInfo(NetworkUtils.numericToInetAddress(GATEWAY1)));
assertLinkPropertiesEqual(source, target);
} catch (Exception e) {
fail();
}
}
Aggregations