1*6777b538SAndroid Build Coastguard Worker // Copyright 2012 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef NET_ANDROID_NETWORK_LIBRARY_H_ 6*6777b538SAndroid Build Coastguard Worker #define NET_ANDROID_NETWORK_LIBRARY_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #include <android/multinetwork.h> 9*6777b538SAndroid Build Coastguard Worker #include <jni.h> 10*6777b538SAndroid Build Coastguard Worker #include <stddef.h> 11*6777b538SAndroid Build Coastguard Worker #include <stdint.h> 12*6777b538SAndroid Build Coastguard Worker #include <sys/types.h> 13*6777b538SAndroid Build Coastguard Worker 14*6777b538SAndroid Build Coastguard Worker #include <optional> 15*6777b538SAndroid Build Coastguard Worker #include <string> 16*6777b538SAndroid Build Coastguard Worker #include <string_view> 17*6777b538SAndroid Build Coastguard Worker #include <vector> 18*6777b538SAndroid Build Coastguard Worker 19*6777b538SAndroid Build Coastguard Worker #include "base/functional/callback.h" 20*6777b538SAndroid Build Coastguard Worker #include "net/android/cert_verify_result_android.h" 21*6777b538SAndroid Build Coastguard Worker #include "net/base/ip_endpoint.h" 22*6777b538SAndroid Build Coastguard Worker #include "net/base/mime_util.h" 23*6777b538SAndroid Build Coastguard Worker #include "net/base/net_export.h" 24*6777b538SAndroid Build Coastguard Worker #include "net/base/network_handle.h" 25*6777b538SAndroid Build Coastguard Worker #include "net/socket/socket_descriptor.h" 26*6777b538SAndroid Build Coastguard Worker 27*6777b538SAndroid Build Coastguard Worker namespace net::android { 28*6777b538SAndroid Build Coastguard Worker 29*6777b538SAndroid Build Coastguard Worker // Get the list of user-added roots from Android. 30*6777b538SAndroid Build Coastguard Worker // |roots| is a list of DER-encoded user-added roots from Android. 31*6777b538SAndroid Build Coastguard Worker std::vector<std::string> GetUserAddedRoots(); 32*6777b538SAndroid Build Coastguard Worker 33*6777b538SAndroid Build Coastguard Worker // |cert_chain| is DER encoded chain of certificates, with the server's own 34*6777b538SAndroid Build Coastguard Worker // certificate listed first. 35*6777b538SAndroid Build Coastguard Worker // |auth_type| is as per the Java X509Certificate.checkServerTrusted method. 36*6777b538SAndroid Build Coastguard Worker void VerifyX509CertChain(const std::vector<std::string>& cert_chain, 37*6777b538SAndroid Build Coastguard Worker std::string_view auth_type, 38*6777b538SAndroid Build Coastguard Worker std::string_view host, 39*6777b538SAndroid Build Coastguard Worker CertVerifyStatusAndroid* status, 40*6777b538SAndroid Build Coastguard Worker bool* is_issued_by_known_root, 41*6777b538SAndroid Build Coastguard Worker std::vector<std::string>* verified_chain); 42*6777b538SAndroid Build Coastguard Worker 43*6777b538SAndroid Build Coastguard Worker // Adds a certificate as a root trust certificate to the trust manager. 44*6777b538SAndroid Build Coastguard Worker // |cert| is DER encoded certificate, |len| is its length in bytes. 45*6777b538SAndroid Build Coastguard Worker void AddTestRootCertificate(const uint8_t* cert, size_t len); 46*6777b538SAndroid Build Coastguard Worker 47*6777b538SAndroid Build Coastguard Worker // Removes all root certificates added by |AddTestRootCertificate| calls. 48*6777b538SAndroid Build Coastguard Worker void ClearTestRootCertificates(); 49*6777b538SAndroid Build Coastguard Worker 50*6777b538SAndroid Build Coastguard Worker // Returns true if cleartext traffic to |host| is allowed by the app. Always 51*6777b538SAndroid Build Coastguard Worker // true on L and older. 52*6777b538SAndroid Build Coastguard Worker bool IsCleartextPermitted(std::string_view host); 53*6777b538SAndroid Build Coastguard Worker 54*6777b538SAndroid Build Coastguard Worker // Returns true if it can determine that only loopback addresses are configured. 55*6777b538SAndroid Build Coastguard Worker // i.e. if only 127.0.0.1 and ::1 are routable. 56*6777b538SAndroid Build Coastguard Worker // Also returns false if it cannot determine this. 57*6777b538SAndroid Build Coastguard Worker bool HaveOnlyLoopbackAddresses(); 58*6777b538SAndroid Build Coastguard Worker 59*6777b538SAndroid Build Coastguard Worker // Get the mime type (if any) that is associated with the file extension. 60*6777b538SAndroid Build Coastguard Worker // Returns true if a corresponding mime type exists. 61*6777b538SAndroid Build Coastguard Worker bool GetMimeTypeFromExtension(std::string_view extension, std::string* result); 62*6777b538SAndroid Build Coastguard Worker 63*6777b538SAndroid Build Coastguard Worker // Returns MCC+MNC (mobile country code + mobile network code) as 64*6777b538SAndroid Build Coastguard Worker // the numeric name of the current registered operator. This function 65*6777b538SAndroid Build Coastguard Worker // potentially blocks the thread, so use with care. 66*6777b538SAndroid Build Coastguard Worker NET_EXPORT std::string GetTelephonyNetworkOperator(); 67*6777b538SAndroid Build Coastguard Worker 68*6777b538SAndroid Build Coastguard Worker // Returns true if the device is roaming on the currently active network. When 69*6777b538SAndroid Build Coastguard Worker // true, it suggests that use of data may incur extra costs. 70*6777b538SAndroid Build Coastguard Worker NET_EXPORT bool GetIsRoaming(); 71*6777b538SAndroid Build Coastguard Worker 72*6777b538SAndroid Build Coastguard Worker // Returns true if the system's captive portal probe was blocked for the current 73*6777b538SAndroid Build Coastguard Worker // default data network. The method will return false if the captive portal 74*6777b538SAndroid Build Coastguard Worker // probe was not blocked, the login process to the captive portal has been 75*6777b538SAndroid Build Coastguard Worker // successfully completed, or if the captive portal status can't be determined. 76*6777b538SAndroid Build Coastguard Worker // Requires ACCESS_NETWORK_STATE permission. Only available on Android 77*6777b538SAndroid Build Coastguard Worker // Marshmallow and later versions. Returns false on earlier versions. 78*6777b538SAndroid Build Coastguard Worker NET_EXPORT bool GetIsCaptivePortal(); 79*6777b538SAndroid Build Coastguard Worker 80*6777b538SAndroid Build Coastguard Worker // Gets the SSID of the currently associated WiFi access point if there is one, 81*6777b538SAndroid Build Coastguard Worker // and it is available. SSID may not be available if the app does not have 82*6777b538SAndroid Build Coastguard Worker // permissions to access it. On Android M+, the app accessing SSID needs to have 83*6777b538SAndroid Build Coastguard Worker // ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION. If there is no WiFi access 84*6777b538SAndroid Build Coastguard Worker // point or its SSID is unavailable, an empty string is returned. 85*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE std::string GetWifiSSID(); 86*6777b538SAndroid Build Coastguard Worker 87*6777b538SAndroid Build Coastguard Worker // Call WifiManager.setWifiEnabled. 88*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE void SetWifiEnabledForTesting(bool enabled); 89*6777b538SAndroid Build Coastguard Worker 90*6777b538SAndroid Build Coastguard Worker // Returns the signal strength level (between 0 and 4, both inclusive) of the 91*6777b538SAndroid Build Coastguard Worker // currently registered Wifi connection. If the value is unavailable, an 92*6777b538SAndroid Build Coastguard Worker // empty value is returned. 93*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE std::optional<int32_t> GetWifiSignalLevel(); 94*6777b538SAndroid Build Coastguard Worker 95*6777b538SAndroid Build Coastguard Worker // Gets the DNS servers for the current default network and puts them in 96*6777b538SAndroid Build Coastguard Worker // `dns_servers`. Sets `dns_over_tls_active` and `dns_over_tls_hostname` based 97*6777b538SAndroid Build Coastguard Worker // on the private DNS settings. `dns_over_tls_hostname` will only be non-empty 98*6777b538SAndroid Build Coastguard Worker // if `dns_over_tls_active` is true. 99*6777b538SAndroid Build Coastguard Worker // Only callable on Marshmallow and newer releases. 100*6777b538SAndroid Build Coastguard Worker // Returns false when a valid server config could not be read. 101*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE bool GetCurrentDnsServers( 102*6777b538SAndroid Build Coastguard Worker std::vector<IPEndPoint>* dns_servers, 103*6777b538SAndroid Build Coastguard Worker bool* dns_over_tls_active, 104*6777b538SAndroid Build Coastguard Worker std::string* dns_over_tls_hostname, 105*6777b538SAndroid Build Coastguard Worker std::vector<std::string>* search_suffixes); 106*6777b538SAndroid Build Coastguard Worker using DnsServerGetter = 107*6777b538SAndroid Build Coastguard Worker base::RepeatingCallback<bool(std::vector<IPEndPoint>* dns_servers, 108*6777b538SAndroid Build Coastguard Worker bool* dns_over_tls_active, 109*6777b538SAndroid Build Coastguard Worker std::string* dns_over_tls_hostname, 110*6777b538SAndroid Build Coastguard Worker std::vector<std::string>* search_suffixes)>; 111*6777b538SAndroid Build Coastguard Worker 112*6777b538SAndroid Build Coastguard Worker // Works as GetCurrentDnsServers but gets info specific to `network` instead 113*6777b538SAndroid Build Coastguard Worker // of the current default network. 114*6777b538SAndroid Build Coastguard Worker // Only callable on Pie and newer releases. 115*6777b538SAndroid Build Coastguard Worker // Returns false when a valid server config could not be read. 116*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE bool GetDnsServersForNetwork( 117*6777b538SAndroid Build Coastguard Worker std::vector<IPEndPoint>* dns_servers, 118*6777b538SAndroid Build Coastguard Worker bool* dns_over_tls_active, 119*6777b538SAndroid Build Coastguard Worker std::string* dns_over_tls_hostname, 120*6777b538SAndroid Build Coastguard Worker std::vector<std::string>* search_suffixes, 121*6777b538SAndroid Build Coastguard Worker handles::NetworkHandle network); 122*6777b538SAndroid Build Coastguard Worker 123*6777b538SAndroid Build Coastguard Worker // Reports to the framework that the current default network appears to have 124*6777b538SAndroid Build Coastguard Worker // connectivity issues. This may serve as a signal for the OS to consider 125*6777b538SAndroid Build Coastguard Worker // switching to a different default network. Returns |true| if successfully 126*6777b538SAndroid Build Coastguard Worker // reported to the OS, or |false| if not supported. 127*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE bool ReportBadDefaultNetwork(); 128*6777b538SAndroid Build Coastguard Worker 129*6777b538SAndroid Build Coastguard Worker // Apply TrafficStats tag |tag| and UID |uid| to |socket|. Future network 130*6777b538SAndroid Build Coastguard Worker // traffic used by |socket| will be attributed to |uid| and |tag|. 131*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE void TagSocket(SocketDescriptor socket, 132*6777b538SAndroid Build Coastguard Worker uid_t uid, 133*6777b538SAndroid Build Coastguard Worker int32_t tag); 134*6777b538SAndroid Build Coastguard Worker 135*6777b538SAndroid Build Coastguard Worker // Binds this socket to `network`. All data traffic on the socket will be sent 136*6777b538SAndroid Build Coastguard Worker // and received via `network`. This call will fail if `network` has 137*6777b538SAndroid Build Coastguard Worker // disconnected. Communication using this socket will fail if `network` 138*6777b538SAndroid Build Coastguard Worker // disconnects. 139*6777b538SAndroid Build Coastguard Worker // Returns a net error code. 140*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE int BindToNetwork(SocketDescriptor socket, 141*6777b538SAndroid Build Coastguard Worker handles::NetworkHandle network); 142*6777b538SAndroid Build Coastguard Worker 143*6777b538SAndroid Build Coastguard Worker // Perform hostname resolution via the DNS servers associated with `network`. 144*6777b538SAndroid Build Coastguard Worker // All arguments are used identically as those passed to Android NDK API 145*6777b538SAndroid Build Coastguard Worker // android_getaddrinfofornetwork: 146*6777b538SAndroid Build Coastguard Worker // https://developer.android.com/ndk/reference/group/networking#group___networking_1ga0ae9e15612e6411855e295476a98ceee 147*6777b538SAndroid Build Coastguard Worker NET_EXPORT_PRIVATE int GetAddrInfoForNetwork(handles::NetworkHandle network, 148*6777b538SAndroid Build Coastguard Worker const char* node, 149*6777b538SAndroid Build Coastguard Worker const char* service, 150*6777b538SAndroid Build Coastguard Worker const struct addrinfo* hints, 151*6777b538SAndroid Build Coastguard Worker struct addrinfo** res); 152*6777b538SAndroid Build Coastguard Worker 153*6777b538SAndroid Build Coastguard Worker } // namespace net::android 154*6777b538SAndroid Build Coastguard Worker 155*6777b538SAndroid Build Coastguard Worker #endif // NET_ANDROID_NETWORK_LIBRARY_H_ 156