1 // Copyright (c) 2018 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "components/arc/net/always_on_vpn_manager.h"
6 
7 #include <string>
8 
9 #include "base/bind.h"
10 #include "base/bind_helpers.h"
11 #include "base/logging.h"
12 #include "base/values.h"
13 #include "chromeos/network/managed_network_configuration_handler.h"
14 #include "chromeos/network/network_handler.h"
15 #include "components/arc/arc_prefs.h"
16 #include "third_party/cros_system_api/dbus/service_constants.h"
17 
18 namespace {
19 
SetPackageErrorCallback(const std::string & error_name,std::unique_ptr<base::DictionaryValue> error_data)20 void SetPackageErrorCallback(
21     const std::string& error_name,
22     std::unique_ptr<base::DictionaryValue> error_data) {
23   DVLOG(1) << "Error while setting Always-On VPN package in shill: "
24            << error_name << ", " << *error_data;
25 }
26 
27 }  // namespace
28 
29 namespace arc {
30 
AlwaysOnVpnManager(PrefService * pref_service)31 AlwaysOnVpnManager::AlwaysOnVpnManager(PrefService* pref_service) {
32   registrar_.Init(pref_service);
33   registrar_.Add(prefs::kAlwaysOnVpnPackage,
34                  base::BindRepeating(&AlwaysOnVpnManager::OnPrefChanged,
35                                      base::Unretained(this)));
36   registrar_.Add(prefs::kAlwaysOnVpnLockdown,
37                  base::BindRepeating(&AlwaysOnVpnManager::OnPrefChanged,
38                                      base::Unretained(this)));
39   // update once with values before we started listening
40   OnPrefChanged();
41 }
42 
~AlwaysOnVpnManager()43 AlwaysOnVpnManager::~AlwaysOnVpnManager() {
44   std::string package =
45       registrar_.prefs()->GetString(prefs::kAlwaysOnVpnPackage);
46   bool lockdown = registrar_.prefs()->GetBoolean(prefs::kAlwaysOnVpnLockdown);
47   if (lockdown && !package.empty()) {
48     chromeos::NetworkHandler::Get()
49         ->managed_network_configuration_handler()
50         ->SetManagerProperty(shill::kAlwaysOnVpnPackageProperty,
51                              base::Value(std::string()), base::DoNothing(),
52                              base::Bind(&SetPackageErrorCallback));
53   }
54   registrar_.RemoveAll();
55 }
56 
OnPrefChanged()57 void AlwaysOnVpnManager::OnPrefChanged() {
58   std::string always_on_vpn_package;
59   bool lockdown = registrar_.prefs()->GetBoolean(prefs::kAlwaysOnVpnLockdown);
60   // Only enforce blackholing if lockdown mode is enabled
61   if (lockdown) {
62     always_on_vpn_package =
63         registrar_.prefs()->GetString(prefs::kAlwaysOnVpnPackage);
64   }
65   chromeos::NetworkHandler::Get()
66       ->managed_network_configuration_handler()
67       ->SetManagerProperty(shill::kAlwaysOnVpnPackageProperty,
68                            base::Value(always_on_vpn_package),
69                            base::DoNothing(),
70                            base::Bind(&SetPackageErrorCallback));
71 }
72 
73 }  // namespace arc
74