Merge branch 'android-dns-proxy'

Adds a DNS proxy feature that uses VPN-protected sockets to resolve the
VPN gateway's hostname while reestablishing the IKE_SA, which is
required because we keep the TUN device up to avoid leaking plaintext
traffic.

The TUN device is recreated without DNS servers before reestablishing in
case the VPN server pushed DNS servers to the client that are only
reachable via VPN.

Fixes #622.

1 files changed, 8 insertions, 1 deletions

diff --git a/src/frontends/android/jni/libandroidbridge/vpnservice_builder.h b/src/frontends/android/jni/libandroidbridge/vpnservice_builder.h
index 209090896..08c436da6 100644
--- a/src/frontends/android/jni/libandroidbridge/vpnservice_builder.h
+++ b/src/frontends/android/jni/libandroidbridge/vpnservice_builder.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2014 Tobias Brunner
  * Copyright (C) 2012 Giuliano Grassi
  * Copyright (C) 2012 Ralf Sager
  * Hochschule fuer Technik Rapperswil
@@ -78,6 +78,13 @@ struct vpnservice_builder_t {
 	int (*establish)(vpnservice_builder_t *this);
 
 	/**
+	 * Build the TUN device without DNS related data
+	 *
+	 * @return					the TUN file descriptor, -1 if failed
+	 */
+	int (*establish_no_dns)(vpnservice_builder_t *this);
+
+	/**
 	 * Destroy a vpnservice_builder
 	 */
 	void (*destroy)(vpnservice_builder_t *this);