blob: 9a5d502673f37adf00ce6af20be25ddd8251aec6 [file] [log] [blame]
The Android Open Source Project9066cfe2009-03-03 19:31:44 -08001/*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package android.net;
18
Lorenzo Colitti0a82e802014-07-31 00:48:01 +090019import android.os.Parcel;
Robert Greenwalt585ac0f2010-08-27 09:24:29 -070020import android.util.Log;
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +090021import android.util.Pair;
22
Chalard Jeanadbf1d02018-02-26 11:52:46 +090023import java.io.FileDescriptor;
24import java.math.BigInteger;
25import java.net.Inet4Address;
26import java.net.Inet6Address;
27import java.net.InetAddress;
28import java.net.SocketException;
29import java.net.UnknownHostException;
30import java.util.Collection;
31import java.util.Locale;
32import java.util.TreeSet;
Robert Greenwalt585ac0f2010-08-27 09:24:29 -070033
The Android Open Source Project9066cfe2009-03-03 19:31:44 -080034/**
35 * Native methods for managing network interfaces.
36 *
37 * {@hide}
38 */
39public class NetworkUtils {
Robert Greenwalt585ac0f2010-08-27 09:24:29 -070040
41 private static final String TAG = "NetworkUtils";
42
The Android Open Source Project9066cfe2009-03-03 19:31:44 -080043 /**
Lorenzo Colitti566e0cb2015-03-06 19:57:39 +090044 * Attaches a socket filter that accepts DHCP packets to the given socket.
45 */
46 public native static void attachDhcpFilter(FileDescriptor fd) throws SocketException;
47
48 /**
Erik Klinea3ca6bd2016-05-24 20:12:08 +090049 * Attaches a socket filter that accepts ICMPv6 router advertisements to the given socket.
Paul Jensen578a76e2016-01-14 14:54:39 -050050 * @param fd the socket's {@link FileDescriptor}.
51 * @param packetType the hardware address type, one of ARPHRD_*.
52 */
53 public native static void attachRaFilter(FileDescriptor fd, int packetType) throws SocketException;
54
55 /**
Erik Kline473355f2016-10-19 17:42:01 +090056 * Attaches a socket filter that accepts L2-L4 signaling traffic required for IP connectivity.
57 *
58 * This includes: all ARP, ICMPv6 RS/RA/NS/NA messages, and DHCPv4 exchanges.
59 *
60 * @param fd the socket's {@link FileDescriptor}.
61 * @param packetType the hardware address type, one of ARPHRD_*.
62 */
63 public native static void attachControlPacketFilter(FileDescriptor fd, int packetType)
64 throws SocketException;
65
66 /**
Erik Klinea3ca6bd2016-05-24 20:12:08 +090067 * Configures a socket for receiving ICMPv6 router solicitations and sending advertisements.
68 * @param fd the socket's {@link FileDescriptor}.
69 * @param ifIndex the interface index.
70 */
71 public native static void setupRaSocket(FileDescriptor fd, int ifIndex) throws SocketException;
72
73 /**
Paul Jensen38764952014-05-20 11:25:35 -040074 * Binds the current process to the network designated by {@code netId}. All sockets created
75 * in the future (and not explicitly bound via a bound {@link SocketFactory} (see
Paul Jensen6d3ff9e2014-05-29 10:12:39 -040076 * {@link Network#getSocketFactory}) will be bound to this network. Note that if this
Paul Jensen38764952014-05-20 11:25:35 -040077 * {@code Network} ever disconnects all sockets created in this way will cease to work. This
78 * is by design so an application doesn't accidentally use sockets it thinks are still bound to
Paul Jensenbcc76d32014-07-11 08:17:29 -040079 * a particular {@code Network}. Passing NETID_UNSET clears the binding.
Paul Jensen38764952014-05-20 11:25:35 -040080 */
Paul Jensen32a58f02014-06-20 13:58:14 -040081 public native static boolean bindProcessToNetwork(int netId);
Paul Jensen38764952014-05-20 11:25:35 -040082
83 /**
Paul Jensen38764952014-05-20 11:25:35 -040084 * Return the netId last passed to {@link #bindProcessToNetwork}, or NETID_UNSET if
85 * {@link #unbindProcessToNetwork} has been called since {@link #bindProcessToNetwork}.
86 */
Paul Jensen72db88e2015-03-10 10:54:12 -040087 public native static int getBoundNetworkForProcess();
Paul Jensen38764952014-05-20 11:25:35 -040088
89 /**
90 * Binds host resolutions performed by this process to the network designated by {@code netId}.
Paul Jensenbcc76d32014-07-11 08:17:29 -040091 * {@link #bindProcessToNetwork} takes precedence over this setting. Passing NETID_UNSET clears
92 * the binding.
Paul Jensen38764952014-05-20 11:25:35 -040093 *
94 * @deprecated This is strictly for legacy usage to support startUsingNetworkFeature().
95 */
Aurimas Liutikas514c5ef2016-05-24 15:22:55 -070096 @Deprecated
Paul Jensen32a58f02014-06-20 13:58:14 -040097 public native static boolean bindProcessToNetworkForHostResolution(int netId);
Paul Jensen38764952014-05-20 11:25:35 -040098
99 /**
Paul Jensen38764952014-05-20 11:25:35 -0400100 * Explicitly binds {@code socketfd} to the network designated by {@code netId}. This
101 * overrides any binding via {@link #bindProcessToNetwork}.
Lorenzo Colitti9f1274b2014-08-21 11:45:54 -0700102 * @return 0 on success or negative errno on failure.
Paul Jensen38764952014-05-20 11:25:35 -0400103 */
Lorenzo Colitti9f1274b2014-08-21 11:45:54 -0700104 public native static int bindSocketToNetwork(int socketfd, int netId);
Paul Jensen38764952014-05-20 11:25:35 -0400105
106 /**
Lorenzo Colitti4ff9f0f2015-03-17 17:56:10 +0900107 * Protect {@code fd} from VPN connections. After protecting, data sent through
108 * this socket will go directly to the underlying network, so its traffic will not be
109 * forwarded through the VPN.
110 */
111 public static boolean protectFromVpn(FileDescriptor fd) {
112 return protectFromVpn(fd.getInt$());
113 }
114
115 /**
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400116 * Protect {@code socketfd} from VPN connections. After protecting, data sent through
117 * this socket will go directly to the underlying network, so its traffic will not be
118 * forwarded through the VPN.
119 */
120 public native static boolean protectFromVpn(int socketfd);
121
122 /**
Paul Jensencee9b512015-05-06 07:32:40 -0400123 * Determine if {@code uid} can access network designated by {@code netId}.
124 * @return {@code true} if {@code uid} can access network, {@code false} otherwise.
125 */
126 public native static boolean queryUserAccess(int uid, int netId);
127
128 /**
Robert Greenwalt585ac0f2010-08-27 09:24:29 -0700129 * Convert a IPv4 address from an integer to an InetAddress.
Jesse Wilson07481cc2011-01-06 17:18:23 -0800130 * @param hostAddress an int corresponding to the IPv4 address in network byte order
Robert Greenwalt585ac0f2010-08-27 09:24:29 -0700131 */
132 public static InetAddress intToInetAddress(int hostAddress) {
Robert Greenwalt585ac0f2010-08-27 09:24:29 -0700133 byte[] addressBytes = { (byte)(0xff & hostAddress),
134 (byte)(0xff & (hostAddress >> 8)),
135 (byte)(0xff & (hostAddress >> 16)),
136 (byte)(0xff & (hostAddress >> 24)) };
137
138 try {
Jesse Wilson07481cc2011-01-06 17:18:23 -0800139 return InetAddress.getByAddress(addressBytes);
140 } catch (UnknownHostException e) {
141 throw new AssertionError();
Robert Greenwalt585ac0f2010-08-27 09:24:29 -0700142 }
Robert Greenwalt47f69fe2010-06-15 15:43:39 -0700143 }
144
Robert Greenwalt585ac0f2010-08-27 09:24:29 -0700145 /**
Irfan Sheriff96ca9172010-10-05 16:12:25 -0700146 * Convert a IPv4 address from an InetAddress to an integer
147 * @param inetAddr is an InetAddress corresponding to the IPv4 address
148 * @return the IP address as an integer in network byte order
149 */
Robert Greenwalt4717c262012-10-31 14:32:53 -0700150 public static int inetAddressToInt(Inet4Address inetAddr)
Irfan Sheriff96ca9172010-10-05 16:12:25 -0700151 throws IllegalArgumentException {
152 byte [] addr = inetAddr.getAddress();
Irfan Sheriff96ca9172010-10-05 16:12:25 -0700153 return ((addr[3] & 0xff) << 24) | ((addr[2] & 0xff) << 16) |
154 ((addr[1] & 0xff) << 8) | (addr[0] & 0xff);
155 }
156
157 /**
158 * Convert a network prefix length to an IPv4 netmask integer
159 * @param prefixLength
160 * @return the IPv4 netmask as an integer in network byte order
161 */
162 public static int prefixLengthToNetmaskInt(int prefixLength)
163 throws IllegalArgumentException {
164 if (prefixLength < 0 || prefixLength > 32) {
165 throw new IllegalArgumentException("Invalid prefix length (0 <= prefix <= 32)");
166 }
167 int value = 0xffffffff << (32 - prefixLength);
168 return Integer.reverseBytes(value);
169 }
170
Irfan Sheriff96ca9172010-10-05 16:12:25 -0700171 /**
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700172 * Convert a IPv4 netmask integer to a prefix length
173 * @param netmask as an integer in network byte order
174 * @return the network prefix length
175 */
176 public static int netmaskIntToPrefixLength(int netmask) {
177 return Integer.bitCount(netmask);
178 }
179
180 /**
Lorenzo Colitti475085b2015-03-10 01:32:40 +0900181 * Convert an IPv4 netmask to a prefix length, checking that the netmask is contiguous.
182 * @param netmask as a {@code Inet4Address}.
183 * @return the network prefix length
184 * @throws IllegalArgumentException the specified netmask was not contiguous.
185 * @hide
186 */
187 public static int netmaskToPrefixLength(Inet4Address netmask) {
188 // inetAddressToInt returns an int in *network* byte order.
189 int i = Integer.reverseBytes(inetAddressToInt(netmask));
190 int prefixLength = Integer.bitCount(i);
191 int trailingZeros = Integer.numberOfTrailingZeros(i);
192 if (trailingZeros != 32 - prefixLength) {
193 throw new IllegalArgumentException("Non-contiguous netmask: " + Integer.toHexString(i));
194 }
195 return prefixLength;
196 }
197
198
199 /**
Robert Greenwalt0216e612011-01-14 16:29:58 -0800200 * Create an InetAddress from a string where the string must be a standard
201 * representation of a V4 or V6 address. Avoids doing a DNS lookup on failure
202 * but it will throw an IllegalArgumentException in that case.
203 * @param addrString
204 * @return the InetAddress
205 * @hide
206 */
207 public static InetAddress numericToInetAddress(String addrString)
208 throws IllegalArgumentException {
Elliott Hughesf5bbb572011-02-15 17:11:29 -0800209 return InetAddress.parseNumericAddress(addrString);
Robert Greenwalt0216e612011-01-14 16:29:58 -0800210 }
211
212 /**
Lorenzo Colitti0a82e802014-07-31 00:48:01 +0900213 * Writes an InetAddress to a parcel. The address may be null. This is likely faster than
214 * calling writeSerializable.
215 */
216 protected static void parcelInetAddress(Parcel parcel, InetAddress address, int flags) {
217 byte[] addressArray = (address != null) ? address.getAddress() : null;
218 parcel.writeByteArray(addressArray);
219 }
220
221 /**
222 * Reads an InetAddress from a parcel. Returns null if the address that was written was null
223 * or if the data is invalid.
224 */
225 protected static InetAddress unparcelInetAddress(Parcel in) {
226 byte[] addressArray = in.createByteArray();
227 if (addressArray == null) {
228 return null;
229 }
230 try {
231 return InetAddress.getByAddress(addressArray);
232 } catch (UnknownHostException e) {
233 return null;
234 }
235 }
236
237
238 /**
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900239 * Masks a raw IP address byte array with the specified prefix length.
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700240 */
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900241 public static void maskRawAddress(byte[] array, int prefixLength) {
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700242 if (prefixLength < 0 || prefixLength > array.length * 8) {
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900243 throw new RuntimeException("IP address with " + array.length +
244 " bytes has invalid prefix length " + prefixLength);
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700245 }
246
247 int offset = prefixLength / 8;
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900248 int remainder = prefixLength % 8;
249 byte mask = (byte)(0xFF << (8 - remainder));
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700250
251 if (offset < array.length) array[offset] = (byte)(array[offset] & mask);
252
253 offset++;
254
255 for (; offset < array.length; offset++) {
256 array[offset] = 0;
257 }
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900258 }
259
260 /**
261 * Get InetAddress masked with prefixLength. Will never return null.
262 * @param address the IP address to mask with
263 * @param prefixLength the prefixLength used to mask the IP
264 */
265 public static InetAddress getNetworkPart(InetAddress address, int prefixLength) {
266 byte[] array = address.getAddress();
267 maskRawAddress(array, prefixLength);
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700268
269 InetAddress netPart = null;
270 try {
271 netPart = InetAddress.getByAddress(array);
272 } catch (UnknownHostException e) {
273 throw new RuntimeException("getNetworkPart error - " + e.toString());
274 }
275 return netPart;
276 }
277
278 /**
Lorenzo Colitti475085b2015-03-10 01:32:40 +0900279 * Returns the implicit netmask of an IPv4 address, as was the custom before 1993.
280 */
281 public static int getImplicitNetmask(Inet4Address address) {
282 int firstByte = address.getAddress()[0] & 0xff; // Convert to an unsigned value.
283 if (firstByte < 128) {
284 return 8;
285 } else if (firstByte < 192) {
286 return 16;
287 } else if (firstByte < 224) {
288 return 24;
289 } else {
290 return 32; // Will likely not end well for other reasons.
291 }
292 }
293
294 /**
Lorenzo Colitti8c6c2c32014-06-12 13:41:17 +0900295 * Utility method to parse strings such as "192.0.2.5/24" or "2001:db8::cafe:d00d/64".
296 * @hide
297 */
298 public static Pair<InetAddress, Integer> parseIpAndMask(String ipAndMaskString) {
299 InetAddress address = null;
300 int prefixLength = -1;
301 try {
302 String[] pieces = ipAndMaskString.split("/", 2);
303 prefixLength = Integer.parseInt(pieces[1]);
304 address = InetAddress.parseNumericAddress(pieces[0]);
305 } catch (NullPointerException e) { // Null string.
306 } catch (ArrayIndexOutOfBoundsException e) { // No prefix length.
307 } catch (NumberFormatException e) { // Non-numeric prefix.
308 } catch (IllegalArgumentException e) { // Invalid IP address.
309 }
310
311 if (address == null || prefixLength == -1) {
312 throw new IllegalArgumentException("Invalid IP address and mask " + ipAndMaskString);
313 }
314
315 return new Pair<InetAddress, Integer>(address, prefixLength);
316 }
317
318 /**
Robert Greenwaltf43396c2011-05-06 17:10:53 -0700319 * Check if IP address type is consistent between two InetAddress.
320 * @return true if both are the same type. False otherwise.
321 */
322 public static boolean addressTypeMatches(InetAddress left, InetAddress right) {
323 return (((left instanceof Inet4Address) && (right instanceof Inet4Address)) ||
324 ((left instanceof Inet6Address) && (right instanceof Inet6Address)));
325 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700326
327 /**
328 * Convert a 32 char hex string into a Inet6Address.
329 * throws a runtime exception if the string isn't 32 chars, isn't hex or can't be
330 * made into an Inet6Address
331 * @param addrHexString a 32 character hex string representing an IPv6 addr
332 * @return addr an InetAddress representation for the string
333 */
334 public static InetAddress hexToInet6Address(String addrHexString)
335 throws IllegalArgumentException {
336 try {
Jeff Sharkeyfea17de2013-06-11 14:13:09 -0700337 return numericToInetAddress(String.format(Locale.US, "%s:%s:%s:%s:%s:%s:%s:%s",
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700338 addrHexString.substring(0,4), addrHexString.substring(4,8),
339 addrHexString.substring(8,12), addrHexString.substring(12,16),
340 addrHexString.substring(16,20), addrHexString.substring(20,24),
341 addrHexString.substring(24,28), addrHexString.substring(28,32)));
342 } catch (Exception e) {
343 Log.e("NetworkUtils", "error in hexToInet6Address(" + addrHexString + "): " + e);
344 throw new IllegalArgumentException(e);
345 }
346 }
Robert Greenwalta10b7fd2011-07-25 16:06:25 -0700347
348 /**
349 * Create a string array of host addresses from a collection of InetAddresses
350 * @param addrs a Collection of InetAddresses
351 * @return an array of Strings containing their host addresses
352 */
353 public static String[] makeStrings(Collection<InetAddress> addrs) {
354 String[] result = new String[addrs.size()];
355 int i = 0;
356 for (InetAddress addr : addrs) {
357 result[i++] = addr.getHostAddress();
358 }
359 return result;
360 }
Robert Greenwaltd4420ab2011-12-07 09:58:48 -0800361
362 /**
363 * Trim leading zeros from IPv4 address strings
364 * Our base libraries will interpret that as octel..
365 * Must leave non v4 addresses and host names alone.
366 * For example, 192.168.000.010 -> 192.168.0.10
367 * TODO - fix base libraries and remove this function
368 * @param addr a string representing an ip addr
369 * @return a string propertly trimmed
370 */
371 public static String trimV4AddrZeros(String addr) {
Robert Greenwalt0faacf02011-12-07 16:43:59 -0800372 if (addr == null) return null;
Robert Greenwaltd4420ab2011-12-07 09:58:48 -0800373 String[] octets = addr.split("\\.");
374 if (octets.length != 4) return addr;
375 StringBuilder builder = new StringBuilder(16);
376 String result = null;
377 for (int i = 0; i < 4; i++) {
378 try {
Robert Greenwalt3957b5f2011-12-07 13:10:59 -0800379 if (octets[i].length() > 3) return addr;
Robert Greenwaltd4420ab2011-12-07 09:58:48 -0800380 builder.append(Integer.parseInt(octets[i]));
381 } catch (NumberFormatException e) {
382 return addr;
383 }
384 if (i < 3) builder.append('.');
385 }
386 result = builder.toString();
387 return result;
388 }
Chalard Jeanadbf1d02018-02-26 11:52:46 +0900389
390 /**
391 * Returns a prefix set without overlaps.
392 *
393 * This expects the src set to be sorted from shorter to longer. Results are undefined
394 * failing this condition. The returned prefix set is sorted in the same order as the
395 * passed set, with the same comparator.
396 */
397 private static TreeSet<IpPrefix> deduplicatePrefixSet(final TreeSet<IpPrefix> src) {
398 final TreeSet<IpPrefix> dst = new TreeSet<>(src.comparator());
399 // Prefixes match addresses that share their upper part up to their length, therefore
400 // the only kind of possible overlap in two prefixes is strict inclusion of the longer
401 // (more restrictive) in the shorter (including equivalence if they have the same
402 // length).
403 // Because prefixes in the src set are sorted from shorter to longer, deduplicating
404 // is done by simply iterating in order, and not adding any longer prefix that is
405 // already covered by a shorter one.
406 newPrefixes:
407 for (IpPrefix newPrefix : src) {
408 for (IpPrefix existingPrefix : dst) {
409 if (existingPrefix.containsPrefix(newPrefix)) {
410 continue newPrefixes;
411 }
412 }
413 dst.add(newPrefix);
414 }
415 return dst;
416 }
417
418 /**
419 * Returns how many IPv4 addresses match any of the prefixes in the passed ordered set.
420 *
421 * Obviously this returns an integral value between 0 and 2**32.
422 * The behavior is undefined if any of the prefixes is not an IPv4 prefix or if the
423 * set is not ordered smallest prefix to longer prefix.
424 *
425 * @param prefixes the set of prefixes, ordered by length
426 */
427 public static long routedIPv4AddressCount(final TreeSet<IpPrefix> prefixes) {
428 long routedIPCount = 0;
429 for (final IpPrefix prefix : deduplicatePrefixSet(prefixes)) {
430 if (!prefix.isIPv4()) {
431 Log.wtf(TAG, "Non-IPv4 prefix in routedIPv4AddressCount");
432 }
433 int rank = 32 - prefix.getPrefixLength();
434 routedIPCount += 1L << rank;
435 }
436 return routedIPCount;
437 }
438
439 /**
440 * Returns how many IPv6 addresses match any of the prefixes in the passed ordered set.
441 *
442 * This returns a BigInteger between 0 and 2**128.
443 * The behavior is undefined if any of the prefixes is not an IPv6 prefix or if the
444 * set is not ordered smallest prefix to longer prefix.
445 */
446 public static BigInteger routedIPv6AddressCount(final TreeSet<IpPrefix> prefixes) {
447 BigInteger routedIPCount = BigInteger.ZERO;
448 for (final IpPrefix prefix : deduplicatePrefixSet(prefixes)) {
449 if (!prefix.isIPv6()) {
450 Log.wtf(TAG, "Non-IPv6 prefix in routedIPv6AddressCount");
451 }
452 int rank = 128 - prefix.getPrefixLength();
453 routedIPCount = routedIPCount.add(BigInteger.ONE.shiftLeft(rank));
454 }
455 return routedIPCount;
456 }
The Android Open Source Project9066cfe2009-03-03 19:31:44 -0800457}