Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 1591aa004557859742fb89190ce76cbbf3a1ef12 / . / cmds / ip-up-vpn / ip-up-vpn.c
blob: e9ee95d67680e1cb8d0900da034d33c663675f1a [file] [log] [blame]
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]1/*
2 * Copyright (C) 2011 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <stdio.h>
18#include <stdlib.h>
19#include <string.h>
Chia-chi Yeh1591aa02011-07-14 14:47:48 -0700[diff] [blame^]20#include <errno.h>
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]21
Chia-chi Yeh1591aa02011-07-14 14:47:48 -0700[diff] [blame^]22#include <arpa/inet.h>
23#include <netinet/in.h>
24#include <sys/stat.h>
25#include <sys/types.h>
26#include <sys/socket.h>
27#include <sys/ioctl.h>
28#include <linux/if.h>
29#include <linux/route.h>
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]30
Chia-chi Yeh1591aa02011-07-14 14:47:48 -0700[diff] [blame^]31#define LOG_TAG "ip-up-vpn"
32#include <cutils/log.h>
33
34#define DIR "/data/misc/vpn/"
35
36static const char *env(const char *name) {
37 const char *value = getenv(name);
38 return value ? value : "";
39}
40
41static int set_address(struct sockaddr *sa, const char *address) {
42 sa->sa_family = AF_INET;
43 return inet_pton(AF_INET, address, &((struct sockaddr_in *)sa)->sin_addr);
44}
45
46/*
47 * The primary goal is to create a file with VPN parameters. Currently they
48 * are interface, addresses, routes, DNS servers, and search domains. Each
49 * parameter occupies one line in the file, and it can be an empty string or
50 * space-separated values. The order and the format must be consistent with
51 * com.android.server.connectivity.Vpn. Here is an example.
52 *
53 * ppp0
54 * 192.168.1.100/24
55 * 0.0.0.0/0
56 * 192.168.1.1 192.168.1.2
57 * example.org
58 *
59 * The secondary goal is to unify the outcome of VPN. The current baseline
60 * is to have an interface configured with the given address and netmask
61 * and maybe add a host route to protect the tunnel. PPP-based VPN already
62 * does this, but others might not. Routes, DNS servers, and search domains
63 * are handled by the framework since they can be overridden by the users.
64 */
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]65int main(int argc, char **argv)
66{
Chia-chi Yeh1591aa02011-07-14 14:47:48 -0700[diff] [blame^]67 FILE *state = fopen(DIR ".tmp", "wb");
68 if (!state) {
69 LOGE("Cannot create state: %s", strerror(errno));
70 return 1;
71 }
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]72
Chia-chi Yeh1591aa02011-07-14 14:47:48 -0700[diff] [blame^]73 if (argc >= 6) {
74 /* Invoked by pppd. */
75 fprintf(state, "%s\n", argv[1]);
76 fprintf(state, "%s/32\n", argv[4]);
77 fprintf(state, "0.0.0.0/0\n");
78 fprintf(state, "%s %s\n", env("DNS1"), env("DNS2"));
79 fprintf(state, "\n");
80 } else if (argc == 2) {
81 /* Invoked by racoon. */
82 const char *interface = env("INTERFACE");
83 const char *address = env("INTERNAL_ADDR4");
84 const char *routes = env("SPLIT_INCLUDE_CIDR");
85
86 int s = socket(AF_INET, SOCK_DGRAM, 0);
87 struct rtentry rt;
88 struct ifreq ifr;
89
90 memset(&rt, 0, sizeof(rt));
91 memset(&ifr, 0, sizeof(ifr));
92
93 /* Remove the old host route. There could be more than one. */
94 rt.rt_flags |= RTF_UP | RTF_HOST;
95 if (set_address(&rt.rt_dst, env("REMOTE_ADDR"))) {
96 while (!ioctl(s, SIOCDELRT, &rt));
97 }
98 if (errno != ESRCH) {
99 LOGE("Cannot remove host route: %s", strerror(errno));
100 return 1;
101 }
102
103 /* Create a new host route. */
104 rt.rt_flags |= RTF_GATEWAY;
105 if (!set_address(&rt.rt_gateway, argv[1]) ||
106 (ioctl(s, SIOCADDRT, &rt) && errno != EEXIST)) {
107 LOGE("Cannot create host route: %s", strerror(errno));
108 return 1;
109 }
110
111 /* Bring up the interface. */
112 ifr.ifr_flags = IFF_UP;
113 strncpy(ifr.ifr_name, interface, IFNAMSIZ);
114 if (ioctl(s, SIOCSIFFLAGS, &ifr)) {
115 LOGE("Cannot bring up %s: %s", interface, strerror(errno));
116 return 1;
117 }
118
119 /* Set the address. */
120 if (!set_address(&ifr.ifr_addr, address) ||
121 ioctl(s, SIOCSIFADDR, &ifr)) {
122 LOGE("Cannot set address: %s", strerror(errno));
123 return 1;
124 }
125
126 /* Set the netmask. */
127 if (!set_address(&ifr.ifr_netmask, env("INTERNAL_NETMASK4")) ||
128 ioctl(s, SIOCSIFNETMASK, &ifr)) {
129 LOGE("Cannot set netmask: %s", strerror(errno));
130 return 1;
131 }
132
133 /* TODO: Send few packets to trigger phase 2? */
134
135 fprintf(state, "%s\n", interface);
136 fprintf(state, "%s/%s\n", address, env("INTERNAL_CIDR4"));
137 fprintf(state, "%s\n", routes[0] ? routes : "0.0.0.0/0");
138 fprintf(state, "%s\n", env("INTERNAL_DNS4_LIST"));
139 fprintf(state, "%s\n", env("DEFAULT_DOMAIN"));
140 } else {
141 LOGE("Cannot parse parameters");
142 return 1;
143 }
144
145 fclose(state);
146 if (chmod(DIR ".tmp", 0444) || rename(DIR ".tmp", DIR "state")) {
147 LOGE("Cannot write state: %s", strerror(errno));
148 return 1;
Chia-chi Yeh6278d5e2011-07-02 16:41:59 -0700[diff] [blame]149 }
150 return 0;
151}