1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include <arpa/inet.h>
16 #include <sstream>
17
18 #include "netfirewall_parcel.h"
19 #include "net_mgr_log_wrapper.h"
20 #include "refbase.h"
21
22
23 namespace OHOS {
24 namespace NetManagerStandard {
25 // Firewall IP parameters
Marshalling(Parcel & parcel) const26 bool NetFirewallIpParam::Marshalling(Parcel &parcel) const
27 {
28 parcel.WriteUint8(family);
29 if (!parcel.WriteUint8(type)) {
30 return false;
31 }
32 parcel.WriteUint8(mask);
33 if (family == FAMILY_IPV4) {
34 parcel.WriteUint32(ipv4.startIp.s_addr);
35 if (type == MULTIPLE_IP) {
36 parcel.WriteUint32(ipv4.endIp.s_addr);
37 }
38 return true;
39 }
40 for (int32_t index = 0; index < IPV6_ARRAY_SIZE; index++) {
41 parcel.WriteUint8(ipv6.startIp.s6_addr[index]);
42 if (type == MULTIPLE_IP) {
43 parcel.WriteUint8(ipv6.endIp.s6_addr[index]);
44 }
45 }
46 return true;
47 }
48
Unmarshalling(Parcel & parcel)49 sptr<NetFirewallIpParam> NetFirewallIpParam::Unmarshalling(Parcel &parcel)
50 {
51 sptr<NetFirewallIpParam> ptr = new (std::nothrow) NetFirewallIpParam();
52 if (ptr == nullptr) {
53 NETMGR_LOG_E("NetFirewallIpParam ptr is null");
54 return nullptr;
55 }
56 parcel.ReadUint8(ptr->family);
57 if (!parcel.ReadUint8(ptr->type)) {
58 return nullptr;
59 }
60 parcel.ReadUint8(ptr->mask);
61
62 if (ptr->family == FAMILY_IPV4) {
63 parcel.ReadUint32(ptr->ipv4.startIp.s_addr);
64 if (ptr->type == MULTIPLE_IP) {
65 parcel.ReadUint32(ptr->ipv4.endIp.s_addr);
66 }
67 return ptr;
68 }
69 for (int32_t index = 0; index < IPV6_ARRAY_SIZE; index++) {
70 parcel.ReadUint8(ptr->ipv6.startIp.s6_addr[index]);
71 if (ptr->type == MULTIPLE_IP) {
72 parcel.ReadUint8(ptr->ipv6.endIp.s6_addr[index]);
73 }
74 }
75 return ptr;
76 }
77
split(const std::string & text,char delim)78 std::vector<std::string> NetFirewallUtils::split(const std::string &text, char delim)
79 {
80 std::vector<std::string> tokens;
81 std::stringstream ss(text);
82 std::string item;
83 while (std::getline(ss, item, delim)) {
84 if (!item.empty()) {
85 tokens.emplace_back(item);
86 }
87 }
88 return tokens;
89 }
90
erase(const std::string & src,const std::string & sub)91 std::string NetFirewallUtils::erase(const std::string &src, const std::string &sub)
92 {
93 size_t index = src.find(sub);
94 if (index == std::string::npos) {
95 return "";
96 }
97 return src.substr(index + sub.length(), src.length() - sub.length());
98 }
99
GetStartIp() const100 std::string NetFirewallIpParam::GetStartIp() const
101 {
102 char ip[INET6_ADDRSTRLEN] = {};
103 if (this->family == FAMILY_IPV4) {
104 inet_ntop(AF_INET, &(this->ipv4.startIp), ip, INET_ADDRSTRLEN);
105 } else {
106 inet_ntop(AF_INET6, &(this->ipv6.startIp), ip, INET6_ADDRSTRLEN);
107 }
108 return ip;
109 }
110
GetEndIp() const111 std::string NetFirewallIpParam::GetEndIp() const
112 {
113 if (this->type == SINGLE_IP) {
114 return "";
115 }
116 char ip[INET6_ADDRSTRLEN] = {};
117 if (this->family == FAMILY_IPV4) {
118 inet_ntop(AF_INET, &(this->ipv4.endIp), ip, INET_ADDRSTRLEN);
119 } else {
120 inet_ntop(AF_INET6, &(this->ipv6.endIp), ip, INET6_ADDRSTRLEN);
121 }
122 return ip;
123 }
124
125 // Firewall port parameters
Marshalling(Parcel & parcel) const126 bool NetFirewallPortParam::Marshalling(Parcel &parcel) const
127 {
128 if (!parcel.WriteUint16(startPort)) {
129 return false;
130 }
131 if (!parcel.WriteUint16(endPort)) {
132 return false;
133 }
134 return true;
135 }
136
Unmarshalling(Parcel & parcel)137 sptr<NetFirewallPortParam> NetFirewallPortParam::Unmarshalling(Parcel &parcel)
138 {
139 sptr<NetFirewallPortParam> ptr = new (std::nothrow) NetFirewallPortParam();
140 if (ptr == nullptr) {
141 NETMGR_LOG_E("NetFirewallPortParam ptr is null");
142 return nullptr;
143 }
144 if (!parcel.ReadUint16(ptr->startPort)) {
145 return nullptr;
146 }
147 if (!parcel.ReadUint16(ptr->endPort)) {
148 return nullptr;
149 }
150 return ptr;
151 }
152
153 // Firewall domain name parameters
Marshalling(Parcel & parcel) const154 bool NetFirewallDomainParam::Marshalling(Parcel &parcel) const
155 {
156 if (!parcel.WriteBool(isWildcard)) {
157 return false;
158 }
159 if (!parcel.WriteString(domain)) {
160 return false;
161 }
162 return true;
163 }
164
Unmarshalling(Parcel & parcel)165 sptr<NetFirewallDomainParam> NetFirewallDomainParam::Unmarshalling(Parcel &parcel)
166 {
167 sptr<NetFirewallDomainParam> ptr = new (std::nothrow) NetFirewallDomainParam();
168 if (ptr == nullptr) {
169 NETMGR_LOG_E("NetFirewallDomainParam ptr is null");
170 return nullptr;
171 }
172 if (!parcel.ReadBool(ptr->isWildcard)) {
173 return nullptr;
174 }
175 if (!parcel.ReadString(ptr->domain)) {
176 return nullptr;
177 }
178 return ptr;
179 }
180
181 // Firewall DNS parameters
Marshalling(Parcel & parcel) const182 bool NetFirewallDnsParam::Marshalling(Parcel &parcel) const
183 {
184 if (!parcel.WriteString(primaryDns)) {
185 return false;
186 }
187 parcel.WriteString(standbyDns);
188 return true;
189 }
190
Unmarshalling(Parcel & parcel)191 sptr<NetFirewallDnsParam> NetFirewallDnsParam::Unmarshalling(Parcel &parcel)
192 {
193 sptr<NetFirewallDnsParam> ptr = new (std::nothrow) NetFirewallDnsParam();
194 if (ptr == nullptr) {
195 NETMGR_LOG_E("NetFirewallDnsParam ptr is null");
196 return nullptr;
197 }
198 if (!parcel.ReadString(ptr->primaryDns)) {
199 return nullptr;
200 }
201 parcel.ReadString(ptr->standbyDns);
202 return ptr;
203 }
204
MarshallingList(const std::vector<T> & list,Parcel & parcel)205 template <typename T> bool NetFirewallUtils::MarshallingList(const std::vector<T> &list, Parcel &parcel)
206 {
207 uint32_t size = static_cast<uint32_t>(list.size());
208 if (!parcel.WriteUint32(size)) {
209 NETMGR_LOG_E("write netAddrList size to parcel failed");
210 return false;
211 }
212
213 for (uint32_t index = 0; index < size; ++index) {
214 auto value = list[index];
215 if (!value.Marshalling(parcel)) {
216 NETMGR_LOG_E("write MarshallingList to parcel failed");
217 return false;
218 }
219 }
220 return true;
221 }
222
UnmarshallingList(Parcel & parcel,std::vector<T> & list)223 template <typename T> bool NetFirewallUtils::UnmarshallingList(Parcel &parcel, std::vector<T> &list)
224 {
225 std::vector<T>().swap(list);
226
227 uint32_t size = 0;
228 if (!parcel.ReadUint32(size)) {
229 NETMGR_LOG_E("Read UnmarshallingList list size failed");
230 return false;
231 }
232 for (uint32_t i = 0; i < size; i++) {
233 auto value = T::Unmarshalling(parcel);
234 if (value == nullptr) {
235 return false;
236 }
237 list.emplace_back(*value);
238 }
239 return true;
240 }
241
242 // Firewall rules, external interfaces
Marshalling(Parcel & parcel) const243 bool NetFirewallRule::Marshalling(Parcel &parcel) const
244 {
245 parcel.WriteInt32(ruleId);
246 if (!parcel.WriteString(ruleName)) {
247 return false;
248 }
249 parcel.WriteString(ruleDescription);
250 if (!parcel.WriteInt32(static_cast<int32_t>(ruleDirection))) {
251 return false;
252 }
253 if (!parcel.WriteInt32(static_cast<int32_t>(ruleAction))) {
254 return false;
255 }
256 if (!parcel.WriteInt32(static_cast<int32_t>(ruleType))) {
257 return false;
258 }
259 parcel.WriteBool(isEnabled);
260 parcel.WriteInt32(appUid);
261 NetFirewallUtils::MarshallingList(localIps, parcel);
262 NetFirewallUtils::MarshallingList(remoteIps, parcel);
263 parcel.WriteInt32(static_cast<int32_t>(protocol));
264 NetFirewallUtils::MarshallingList(localPorts, parcel);
265 NetFirewallUtils::MarshallingList(remotePorts, parcel);
266 NetFirewallUtils::MarshallingList(domains, parcel);
267 dns.Marshalling(parcel);
268 if (!parcel.WriteInt32(userId)) {
269 return false;
270 }
271 return true;
272 }
273
Unmarshalling(Parcel & parcel)274 sptr<NetFirewallRule> NetFirewallRule::Unmarshalling(Parcel &parcel)
275 {
276 sptr<NetFirewallRule> ptr = new (std::nothrow) NetFirewallRule();
277 if (ptr == nullptr) {
278 NETMGR_LOG_E("NetFirewallRule ptr is null");
279 return nullptr;
280 }
281 parcel.ReadInt32(ptr->ruleId);
282
283 if (!parcel.ReadString(ptr->ruleName)) {
284 return nullptr;
285 }
286 parcel.ReadString(ptr->ruleDescription);
287 int32_t ruleDirection = 0;
288 if (!parcel.ReadInt32(ruleDirection)) {
289 return nullptr;
290 }
291 ptr->ruleDirection = static_cast<NetFirewallRuleDirection>(ruleDirection);
292 int32_t ruleAction = 0;
293 if (!parcel.ReadInt32(ruleAction)) {
294 return nullptr;
295 }
296 ptr->ruleAction = static_cast<FirewallRuleAction>(ruleAction);
297 int32_t ruleType = 0;
298 if (!parcel.ReadInt32(ruleType)) {
299 return nullptr;
300 }
301 ptr->ruleType = static_cast<NetFirewallRuleType>(ruleType);
302 parcel.ReadBool(ptr->isEnabled);
303 parcel.ReadInt32(ptr->appUid);
304 NetFirewallUtils::UnmarshallingList(parcel, ptr->localIps);
305 NetFirewallUtils::UnmarshallingList(parcel, ptr->remoteIps);
306 int32_t protocol = 0;
307 if (parcel.ReadInt32(protocol)) {
308 ptr->protocol = static_cast<NetworkProtocol>(protocol);
309 }
310 NetFirewallUtils::UnmarshallingList(parcel, ptr->localPorts);
311 NetFirewallUtils::UnmarshallingList(parcel, ptr->remotePorts);
312 NetFirewallUtils::UnmarshallingList(parcel, ptr->domains);
313 sptr<NetFirewallDnsParam> dns = NetFirewallDnsParam::Unmarshalling(parcel);
314 if (dns != nullptr) {
315 ptr->dns = *dns;
316 }
317 if (!parcel.ReadInt32(ptr->userId)) {
318 return nullptr;
319 }
320 return ptr;
321 }
322
ToString() const323 std::string NetFirewallRule::ToString() const
324 {
325 const std::string size = " size=";
326 std::stringstream ss;
327 ss << "NetFirewallRule:{" << NET_FIREWALL_RULE_ID << EQUAL << this->ruleId << COMMA << NET_FIREWALL_RULE_NAME <<
328 EQUAL << this->ruleName << COMMA << NET_FIREWALL_RULE_DESC << EQUAL << this->ruleDescription << COMMA <<
329 NET_FIREWALL_RULE_DIR << EQUAL << int(this->ruleDirection) << COMMA << NET_FIREWALL_RULE_ACTION << EQUAL <<
330 int(this->ruleAction) << COMMA << NET_FIREWALL_RULE_TYPE << EQUAL << int(this->ruleType) << COMMA <<
331 NET_FIREWALL_IS_ENABLED << EQUAL << this->isEnabled << COMMA << NET_FIREWALL_APP_ID << EQUAL << this->appUid <<
332 COMMA << NET_FIREWALL_PROTOCOL << EQUAL << int(this->protocol) << COMMA << NET_FIREWALL_USER_ID << EQUAL <<
333 this->userId << COMMA << NET_FIREWALL_LOCAL_IP << size << this->localIps.size() << COMMA <<
334 NET_FIREWALL_REMOTE_IP << size << this->remoteIps.size() << COMMA << NET_FIREWALL_LOCAL_PORT << size <<
335 this->localPorts.size() << COMMA << NET_FIREWALL_DOMAIN << size << this->remotePorts.size() << COMMA <<
336 NET_FIREWALL_REMOTE_PORT << size << this->domains.size() << "}";
337 return ss.str();
338 }
339
Marshalling(Parcel & parcel) const340 bool NetFirewallBaseRule::Marshalling(Parcel &parcel) const
341 {
342 parcel.WriteInt32(userId);
343 parcel.WriteInt32(appUid);
344 return true;
345 }
346
Unmarshalling(Parcel & parcel)347 sptr<NetFirewallBaseRule> NetFirewallBaseRule::Unmarshalling(Parcel &parcel)
348 {
349 sptr<NetFirewallBaseRule> ptr = new (std::nothrow) NetFirewallBaseRule();
350 if (ptr == nullptr) {
351 NETMGR_LOG_E("NetFirewallBaseRule ptr is null");
352 return nullptr;
353 }
354 parcel.ReadInt32(ptr->userId);
355 parcel.ReadInt32(ptr->appUid);
356 return ptr;
357 }
358
UnmarshallingBase(Parcel & parcel,sptr<NetFirewallBaseRule> ptr)359 bool NetFirewallBaseRule::UnmarshallingBase(Parcel &parcel, sptr<NetFirewallBaseRule> ptr)
360 {
361 parcel.ReadInt32(ptr->userId);
362 parcel.ReadInt32(ptr->appUid);
363 return true;
364 }
365
366 // IP rule data
Marshalling(Parcel & parcel) const367 bool NetFirewallIpRule::Marshalling(Parcel &parcel) const
368 {
369 NetFirewallBaseRule::Marshalling(parcel);
370 if (!parcel.WriteInt32(static_cast<int32_t>(ruleDirection))) {
371 return false;
372 }
373 if (!parcel.WriteInt32(static_cast<int32_t>(ruleAction))) {
374 return false;
375 }
376 parcel.WriteInt32(static_cast<int32_t>(protocol));
377 NetFirewallUtils::MarshallingList(localIps, parcel);
378 NetFirewallUtils::MarshallingList(remoteIps, parcel);
379 NetFirewallUtils::MarshallingList(localPorts, parcel);
380 NetFirewallUtils::MarshallingList(remotePorts, parcel);
381 return true;
382 }
383
Unmarshalling(Parcel & parcel)384 sptr<NetFirewallIpRule> NetFirewallIpRule::Unmarshalling(Parcel &parcel)
385 {
386 sptr<NetFirewallIpRule> ptr = new (std::nothrow) NetFirewallIpRule();
387 if (ptr == nullptr) {
388 NETMGR_LOG_E("NetFirewallIpRule ptr is null");
389 return nullptr;
390 }
391 NetFirewallBaseRule::UnmarshallingBase(parcel, ptr);
392 int32_t ruleDirection = 0;
393 if (!parcel.ReadInt32(ruleDirection)) {
394 return nullptr;
395 }
396 ptr->ruleDirection = static_cast<NetFirewallRuleDirection>(ruleDirection);
397 int32_t ruleAction = 0;
398 if (!parcel.ReadInt32(ruleAction)) {
399 return nullptr;
400 }
401 ptr->ruleAction = static_cast<FirewallRuleAction>(ruleAction);
402 int32_t protocol = 0;
403 if (parcel.ReadInt32(protocol)) {
404 ptr->protocol = static_cast<NetworkProtocol>(protocol);
405 }
406 NetFirewallUtils::UnmarshallingList(parcel, ptr->localIps);
407 NetFirewallUtils::UnmarshallingList(parcel, ptr->remoteIps);
408 NetFirewallUtils::UnmarshallingList(parcel, ptr->localPorts);
409 NetFirewallUtils::UnmarshallingList(parcel, ptr->remotePorts);
410 return ptr;
411 }
412
413 // domain rule data
Marshalling(Parcel & parcel) const414 bool NetFirewallDomainRule::Marshalling(Parcel &parcel) const
415 {
416 NetFirewallBaseRule::Marshalling(parcel);
417 if (!parcel.WriteInt32(static_cast<int32_t>(ruleAction))) {
418 return false;
419 }
420 NetFirewallUtils::MarshallingList(domains, parcel);
421 return true;
422 }
423
Unmarshalling(Parcel & parcel)424 sptr<NetFirewallDomainRule> NetFirewallDomainRule::Unmarshalling(Parcel &parcel)
425 {
426 sptr<NetFirewallDomainRule> ptr = new (std::nothrow) NetFirewallDomainRule();
427 if (ptr == nullptr) {
428 NETMGR_LOG_E("NetFirewallDomainRule ptr is null");
429 return nullptr;
430 }
431 NetFirewallBaseRule::UnmarshallingBase(parcel, ptr);
432 int32_t ruleAction = 0;
433 if (!parcel.ReadInt32(ruleAction)) {
434 return nullptr;
435 }
436 ptr->ruleAction = static_cast<FirewallRuleAction>(ruleAction);
437 NetFirewallUtils::UnmarshallingList(parcel, ptr->domains);
438 return ptr;
439 }
440
441 // DNS rule data
Marshalling(Parcel & parcel) const442 bool NetFirewallDnsRule::Marshalling(Parcel &parcel) const
443 {
444 NetFirewallBaseRule::Marshalling(parcel);
445 if (!parcel.WriteString(primaryDns)) {
446 return false;
447 }
448 parcel.WriteString(standbyDns);
449 return true;
450 }
451
Unmarshalling(Parcel & parcel)452 sptr<NetFirewallDnsRule> NetFirewallDnsRule::Unmarshalling(Parcel &parcel)
453 {
454 sptr<NetFirewallDnsRule> ptr = new (std::nothrow) NetFirewallDnsRule();
455 if (ptr == nullptr) {
456 NETMGR_LOG_E("NetFirewallDnsRule ptr is null");
457 return nullptr;
458 }
459 NetFirewallBaseRule::UnmarshallingBase(parcel, ptr);
460 if (!parcel.ReadString(ptr->primaryDns)) {
461 return nullptr;
462 }
463 parcel.ReadString(ptr->standbyDns);
464 return ptr;
465 }
466
467 // Interception Record
Marshalling(Parcel & parcel) const468 bool InterceptRecord::Marshalling(Parcel &parcel) const
469 {
470 parcel.WriteUint16(localPort);
471 parcel.WriteUint16(remotePort);
472 parcel.WriteUint16(protocol);
473 if (!parcel.WriteInt32(time)) {
474 return false;
475 }
476 if (!parcel.WriteString(localIp)) {
477 return false;
478 }
479 if (!parcel.WriteString(remoteIp)) {
480 return false;
481 }
482 if (!parcel.WriteInt32(appUid)) {
483 return false;
484 }
485 if (!parcel.WriteString(domain)) {
486 return false;
487 }
488 return true;
489 }
490
Unmarshalling(Parcel & parcel)491 sptr<InterceptRecord> InterceptRecord::Unmarshalling(Parcel &parcel)
492 {
493 sptr<InterceptRecord> ptr = new (std::nothrow) InterceptRecord();
494 if (ptr == nullptr) {
495 NETMGR_LOG_E("InterceptRecord ptr is null");
496 return nullptr;
497 }
498 parcel.ReadUint16(ptr->localPort);
499 parcel.ReadUint16(ptr->remotePort);
500 parcel.ReadUint16(ptr->protocol);
501 if (!parcel.ReadInt32(ptr->time)) {
502 return nullptr;
503 }
504 if (!parcel.ReadString(ptr->localIp)) {
505 return nullptr;
506 }
507 if (!parcel.ReadString(ptr->remoteIp)) {
508 return nullptr;
509 }
510 if (!parcel.ReadInt32(ptr->appUid)) {
511 return nullptr;
512 }
513 if (!parcel.ReadString(ptr->domain)) {
514 return nullptr;
515 }
516 return ptr;
517 }
518 } // namespace NetManagerStandard
519 } // namespace OHOS