diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2014-07-22 11:10:59 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-07-22 11:14:00 +0200 |
| commit | 1ddc1ec0b37355be22d55728557b88cde83292e6 (patch) | |
| tree | 0c2eb284b44c121ca1b49d3d30dc71f9f42bf412 /src/frontends/android/jni/libandroidbridge/vpnservice_builder.c | |
| parent | 32109a535f3f0ae3e234ebfefc7c69dfc2327c67 (diff) | |
| parent | ffff7219ef6af21c9497af8db49bfb3c1c9a3036 (diff) | |
| download | strongswan-1ddc1ec0b37355be22d55728557b88cde83292e6.tar.bz2 strongswan-1ddc1ec0b37355be22d55728557b88cde83292e6.tar.xz | |
Merge branch 'android-dns-proxy'
Adds a DNS proxy feature that uses VPN-protected sockets to resolve the
VPN gateway's hostname while reestablishing the IKE_SA, which is
required because we keep the TUN device up to avoid leaking plaintext
traffic.
The TUN device is recreated without DNS servers before reestablishing in
case the VPN server pushed DNS servers to the client that are only
reachable via VPN.
Fixes #622.
Diffstat (limited to 'src/frontends/android/jni/libandroidbridge/vpnservice_builder.c')
| -rw-r--r-- | src/frontends/android/jni/libandroidbridge/vpnservice_builder.c | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/src/frontends/android/jni/libandroidbridge/vpnservice_builder.c b/src/frontends/android/jni/libandroidbridge/vpnservice_builder.c index 6b10228d0..c7a6eb6da 100644 --- a/src/frontends/android/jni/libandroidbridge/vpnservice_builder.c +++ b/src/frontends/android/jni/libandroidbridge/vpnservice_builder.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012-2013 Tobias Brunner + * Copyright (C) 2012-2014 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager * Hochschule fuer Technik Rapperswil @@ -197,8 +197,10 @@ failed: return FALSE; } -METHOD(vpnservice_builder_t, establish, int, - private_vpnservice_builder_t *this) +/** + * Establish or reestablish the TUN device + */ +static int establish_internal(private_vpnservice_builder_t *this, char *method) { JNIEnv *env; jmethodID method_id; @@ -209,7 +211,7 @@ METHOD(vpnservice_builder_t, establish, int, DBG2(DBG_LIB, "builder: building TUN device"); method_id = (*env)->GetMethodID(env, android_charonvpnservice_builder_class, - "establish", "()I"); + method, "()I"); if (!method_id) { goto failed; @@ -229,6 +231,18 @@ failed: return -1; } +METHOD(vpnservice_builder_t, establish, int, + private_vpnservice_builder_t *this) +{ + return establish_internal(this, "establish"); +} + +METHOD(vpnservice_builder_t, establish_no_dns, int, + private_vpnservice_builder_t *this) +{ + return establish_internal(this, "establishNoDns"); +} + METHOD(vpnservice_builder_t, destroy, void, private_vpnservice_builder_t *this) { @@ -252,6 +266,7 @@ vpnservice_builder_t *vpnservice_builder_create(jobject builder) .add_dns = _add_dns, .set_mtu = _set_mtu, .establish = _establish, + .establish_no_dns = _establish_no_dns, .destroy = _destroy, }, ); |