1c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// 2c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// Copyright (C) 2012 The Android Open Source Project 3c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// 4c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// Licensed under the Apache License, Version 2.0 (the "License"); 5c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// you may not use this file except in compliance with the License. 6c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// You may obtain a copy of the License at 7c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// 8c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// http://www.apache.org/licenses/LICENSE-2.0 9c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// 10c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// Unless required by applicable law or agreed to in writing, software 11c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// distributed under the License is distributed on an "AS IS" BASIS, 12c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// See the License for the specific language governing permissions and 14c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// limitations under the License. 15c0beca55d290fe0b1c96d78cbbcf94b05c23f5a5Peter Qiu// 167476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 172240e8c03451c6b6f21eb8944d8a1c0747ac10b3Ben Chan#ifndef SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 182240e8c03451c6b6f21eb8944d8a1c0747ac10b3Ben Chan#define SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 197476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 20ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawal#include <sys/types.h> 21ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawal 228a5322984f2d81bcbfd8d44c59747a11bd9b904bAlex Vakulenko#include <map> 23d5dce94ec196e160c0d4bfeeb5ab8d4eb021ef15Ben Chan#include <memory> 248a5322984f2d81bcbfd8d44c59747a11bd9b904bAlex Vakulenko#include <string> 25f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov#include <vector> 26f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 27a0ddf46e466bd4ba3d20952f0a6988c680c1af14Ben Chan#include <base/files/file_path.h> 28f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov#include <gtest/gtest_prod.h> // for FRIEND_TEST 29f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 300e9735db6db73a48c4b0cc3151a5272e3a8b9d2fDarin Petkov#include "shill/ipconfig.h" 31209e629754acc6807fd5deff888bf4521867f68dDarin Petkov#include "shill/rpc_task.h" 32209e629754acc6807fd5deff888bf4521867f68dDarin Petkov#include "shill/service.h" 332240e8c03451c6b6f21eb8944d8a1c0747ac10b3Ben Chan#include "shill/vpn/vpn_driver.h" 347476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 357476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkovnamespace shill { 367476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 375baebb73bd597f5896b43d38e8ed3447680f47f4Paul Stewartclass CertificateFile; 38209e629754acc6807fd5deff888bf4521867f68dDarin Petkovclass ControlInterface; 39f8046b8f975417255baf5cc7cdd025c63aa2f918Darin Petkovclass DeviceInfo; 40ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawalclass ExternalTask; 41f8046b8f975417255baf5cc7cdd025c63aa2f918Darin Petkovclass Metrics; 422e38263961190298d7198058ed91649dee106257mukesh agrawalclass PPPDeviceFactory; 43a24480aaca4d392d6d08cebdc508ee49615839d3Peter Qiuclass ProcessManager; 44f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 45209e629754acc6807fd5deff888bf4521867f68dDarin Petkovclass L2TPIPSecDriver : public VPNDriver, 46209e629754acc6807fd5deff888bf4521867f68dDarin Petkov public RPCTaskDelegate { 477476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov public: 48e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart L2TPIPSecDriver(ControlInterface* control, 49e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart EventDispatcher* dispatcher, 50e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart Metrics* metrics, 51e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart Manager* manager, 52e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart DeviceInfo* device_info, 53a24480aaca4d392d6d08cebdc508ee49615839d3Peter Qiu ProcessManager* process_manager); 545ea763b83299b5fad76a87183fb39a74c2d3c61dBen Chan ~L2TPIPSecDriver() override; 557476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 56c9c31d8497c3f053c2160408cc386010fc125fadRebecca Silberstein // Method to return service RPC identifier. 57c9c31d8497c3f053c2160408cc386010fc125fadRebecca Silberstein std::string GetServiceRpcIdentifier(); 58c9c31d8497c3f053c2160408cc386010fc125fadRebecca Silberstein 59a42afe3a1621b8262d5404ecfaf200d3d76bd454Darin Petkov protected: 607476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov // Inherited from VPNDriver. 61e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool ClaimInterface(const std::string& link_name, 626acd966cabe0d75e0d9ae3f84c727c9b44a899b3Yunlian Jiang int interface_index) override; 63e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart void Connect(const VPNServiceRefPtr& service, Error* error) override; 646acd966cabe0d75e0d9ae3f84c727c9b44a899b3Yunlian Jiang void Disconnect() override; 656acd966cabe0d75e0d9ae3f84c727c9b44a899b3Yunlian Jiang std::string GetProviderType() const override; 666acd966cabe0d75e0d9ae3f84c727c9b44a899b3Yunlian Jiang void OnConnectionDisconnected() override; 676acd966cabe0d75e0d9ae3f84c727c9b44a899b3Yunlian Jiang void OnConnectTimeout() override; 687476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 697476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov private: 707476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov friend class L2TPIPSecDriverTest; 71f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, AppendFlag); 72f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, AppendValueOption); 73f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, Cleanup); 74602303fdc8e4a50c8f89bc7e1048a4b5438555bfDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, Connect); 753f71326c17aa63e13343d06cbdc8ee0a2cbac3d7Paul Stewart FRIEND_TEST(L2TPIPSecDriverTest, DeleteTemporaryFiles); 76a0e645ef4df5ed16fef367ec97c3d9cded7980eeDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, Disconnect); 77209e629754acc6807fd5deff888bf4521867f68dDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, GetLogin); 78209e629754acc6807fd5deff888bf4521867f68dDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, InitEnvironment); 79f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, InitOptions); 80f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, InitOptionsNoHost); 813f71326c17aa63e13343d06cbdc8ee0a2cbac3d7Paul Stewart FRIEND_TEST(L2TPIPSecDriverTest, InitPEMOptions); 82f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, InitPSKOptions); 833f71326c17aa63e13343d06cbdc8ee0a2cbac3d7Paul Stewart FRIEND_TEST(L2TPIPSecDriverTest, InitXauthOptions); 842e38263961190298d7198058ed91649dee106257mukesh agrawal FRIEND_TEST(L2TPIPSecDriverTest, Notify); 852e38263961190298d7198058ed91649dee106257mukesh agrawal FRIEND_TEST(L2TPIPSecDriverTest, NotifyWithExistingDevice); 866999022029507e90bc8a032b85e87ef83d2c4d1dDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, NotifyDisconnected); 875eb0542cb67358d9030367498a4ad741fc42af4fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, OnConnectionDisconnected); 88209e629754acc6807fd5deff888bf4521867f68dDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, OnL2TPIPSecVPNDied); 890e9735db6db73a48c4b0cc3151a5272e3a8b9d2fDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, ParseIPConfiguration); 90209e629754acc6807fd5deff888bf4521867f68dDarin Petkov FRIEND_TEST(L2TPIPSecDriverTest, SpawnL2TPIPSecVPN); 91d432539fc85363734b2c60290822054087b6c82bDarin Petkov 92209e629754acc6807fd5deff888bf4521867f68dDarin Petkov static const char kL2TPIPSecVPNPath[]; 93d432539fc85363734b2c60290822054087b6c82bDarin Petkov static const Property kProperties[]; 94209e629754acc6807fd5deff888bf4521867f68dDarin Petkov 95e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool SpawnL2TPIPSecVPN(Error* error); 96f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 97e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool InitOptions(std::vector<std::string>* options, Error* error); 98e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool InitPSKOptions(std::vector<std::string>* options, Error* error); 99e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool InitPEMOptions(std::vector<std::string>* options); 100e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool InitXauthOptions(std::vector<std::string>* options, Error* error); 101f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 10285d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // Resets the VPN state and deallocates all resources. If there's a service 10385d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // associated through Connect, sets its state to Service::kStateIdle and 10485d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // disassociates from the service. 10585d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov void IdleService(); 10685d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov 10785d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // Resets the VPN state and deallocates all resources. If there's a service 10885d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // associated through Connect, sets its state to Service::kStateFailure with 10985d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // failure reason |failure| and disassociates from the service. 11085d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov void FailService(Service::ConnectFailure failure); 11185d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov 11285d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // Implements the IdleService and FailService methods. Resets the VPN state 11385d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // and deallocates all resources. If there's a service associated through 11485d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // Connect, sets its state |state|; if |state| is Service::kStateFailure, sets 11585d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov // the failure reason to |failure|; disassociates from the service. 11685d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov void Cleanup(Service::ConnectState state, Service::ConnectFailure failure); 117f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 118e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart void DeleteTemporaryFile(base::FilePath* temporary_file); 1193f71326c17aa63e13343d06cbdc8ee0a2cbac3d7Paul Stewart void DeleteTemporaryFiles(); 1200e9735db6db73a48c4b0cc3151a5272e3a8b9d2fDarin Petkov 121f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov // Returns true if an opton was appended. 122e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool AppendValueOption(const std::string& property, 123e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart const std::string& option, 124e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart std::vector<std::string>* options); 125f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 126f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov // Returns true if a flag was appended. 127e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart bool AppendFlag(const std::string& property, 128e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart const std::string& true_option, 129e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart const std::string& false_option, 130e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart std::vector<std::string>* options); 131f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 13285d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov static Service::ConnectFailure TranslateExitStatusToFailure(int status); 13385d5317bed668c1fb0e4225de614c7b386e3de25Darin Petkov 134ba8f141693168a9613b1f86de0d6bf6ae4057e9cPaul Stewart // Returns true if neither a PSK nor a client certificate has been provided 135ba8f141693168a9613b1f86de0d6bf6ae4057e9cPaul Stewart // for the IPSec phase of the authentication process. 136ba8f141693168a9613b1f86de0d6bf6ae4057e9cPaul Stewart bool IsPskRequired() const; 137ba8f141693168a9613b1f86de0d6bf6ae4057e9cPaul Stewart 138b536a74030880f4a4df0ad3d6c1380b0602446c6Darin Petkov // Inherit from VPNDriver to add custom properties. 139e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart KeyValueStore GetProvider(Error* error) override; 140b536a74030880f4a4df0ad3d6c1380b0602446c6Darin Petkov 141209e629754acc6807fd5deff888bf4521867f68dDarin Petkov // Implements RPCTaskDelegate. 142e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart void GetLogin(std::string* user, std::string* password) override; 143e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart void Notify(const std::string& reason, 144e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart const std::map<std::string, std::string>& dict) override; 145ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawal // Called when the l2tpipsec_vpn process exits. 146ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawal void OnL2TPIPSecVPNDied(pid_t pid, int status); 147209e629754acc6807fd5deff888bf4521867f68dDarin Petkov 14891a43cb5ddb565ed9e4abcaee2d5f9373250012aPaul Stewart void ReportConnectionMetrics(); 14991a43cb5ddb565ed9e4abcaee2d5f9373250012aPaul Stewart 150e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart ControlInterface* control_; 151e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart Metrics* metrics_; 152e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart DeviceInfo* device_info_; 153a24480aaca4d392d6d08cebdc508ee49615839d3Peter Qiu ProcessManager* process_manager_; 154e42d186ab3383b4a6bb267f490770af5932588b8Paul Stewart PPPDeviceFactory* ppp_device_factory_; 155f7ef50a6054414c446f891fa87401e6f0a00097fDarin Petkov 156209e629754acc6807fd5deff888bf4521867f68dDarin Petkov VPNServiceRefPtr service_; 157d5dce94ec196e160c0d4bfeeb5ab8d4eb021ef15Ben Chan std::unique_ptr<ExternalTask> external_task_; 1580e1cdeae24dd678a5fe27c840802582c0ca45ec0Albert Chaulk base::FilePath psk_file_; 1593f71326c17aa63e13343d06cbdc8ee0a2cbac3d7Paul Stewart base::FilePath xauth_credentials_file_; 160d5dce94ec196e160c0d4bfeeb5ab8d4eb021ef15Ben Chan std::unique_ptr<CertificateFile> certificate_file_; 1619da07771df3dbbc99ff99114c26317d01f29f7fcmukesh agrawal PPPDeviceRefPtr device_; 162ae30e9e4f9050a5a2c3b18d20f8bd23f20aa8f38mukesh agrawal base::WeakPtrFactory<L2TPIPSecDriver> weak_ptr_factory_; 163209e629754acc6807fd5deff888bf4521867f68dDarin Petkov 1647476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov DISALLOW_COPY_AND_ASSIGN(L2TPIPSecDriver); 1657476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov}; 1667476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 1677476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov} // namespace shill 1687476a26345c7b36be98c1e14b5d54d00d823ce07Darin Petkov 1692240e8c03451c6b6f21eb8944d8a1c0747ac10b3Ben Chan#endif // SHILL_VPN_L2TP_IPSEC_DRIVER_H_ 170