diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-08-08 12:20:13 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-08-13 11:00:27 +0200 |
| commit | d4f76751992579d9fcbb636fff0ed4429bbfc75e (patch) | |
| tree | b9b6bade31f4247f2b5717da0be2e4a46a89af58 /src | |
| parent | 03de55ad987ea40dbb2446091cea3a1b87b84ff7 (diff) | |
| download | strongswan-d4f76751992579d9fcbb636fff0ed4429bbfc75e.tar.bz2 strongswan-d4f76751992579d9fcbb636fff0ed4429bbfc75e.tar.xz | |
Implement kernel_ipsec_t.bypass_socket() via JNI and VpnService.protect()
Diffstat (limited to 'src')
3 files changed, 43 insertions, 1 deletions
diff --git a/src/frontends/android/jni/libandroidbridge/charonservice.c b/src/frontends/android/jni/libandroidbridge/charonservice.c index a9a3fe4a6..974875e6e 100644 --- a/src/frontends/android/jni/libandroidbridge/charonservice.c +++ b/src/frontends/android/jni/libandroidbridge/charonservice.c @@ -90,6 +90,34 @@ static void dbg_android(debug_t group, level_t level, char *fmt, ...) } } +METHOD(charonservice_t, bypass_socket, bool, + private_charonservice_t *this, int fd, int family) +{ + JNIEnv *env; + jmethodID method_id; + + androidjni_attach_thread(&env); + + method_id = (*env)->GetMethodID(env, android_charonvpnservice_class, + "protect", "(I)Z"); + if (!method_id) + { + goto failed; + } + if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd)) + { + DBG1(DBG_CFG, "VpnService.protect() failed"); + goto failed; + } + androidjni_detach_thread(); + return TRUE; + +failed: + androidjni_exception_occurred(env); + androidjni_detach_thread(); + return FALSE; +} + /** * Initialize the charonservice object */ @@ -105,6 +133,7 @@ static void charonservice_init(JNIEnv *env, jobject service) INIT(this, .public = { + .bypass_socket = _bypass_socket, }, .vpn_service = (*env)->NewGlobalRef(env, service), ); diff --git a/src/frontends/android/jni/libandroidbridge/charonservice.h b/src/frontends/android/jni/libandroidbridge/charonservice.h index a3562490b..8bacd0a1d 100644 --- a/src/frontends/android/jni/libandroidbridge/charonservice.h +++ b/src/frontends/android/jni/libandroidbridge/charonservice.h @@ -28,6 +28,8 @@ #ifndef CHARONSERVICE_H_ #define CHARONSERVICE_H_ +#include <library.h> + typedef struct charonservice_t charonservice_t; /** @@ -37,6 +39,16 @@ typedef struct charonservice_t charonservice_t; */ struct charonservice_t { + /** + * Install a bypass policy for the given socket using the protect() Method + * of the Android VpnService interface + * + * @param fd socket file descriptor + * @param family socket protocol family + * @return TRUE if operation successful + */ + bool (*bypass_socket)(charonservice_t *this, int fd, int family); + }; /** diff --git a/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c b/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c index 8254c0191..08cc61610 100644 --- a/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c +++ b/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c @@ -15,6 +15,7 @@ */ #include "android_ipsec.h" +#include "../charonservice.h" #include <debug.h> #include <library.h> @@ -139,7 +140,7 @@ METHOD(kernel_ipsec_t, flush_policies, status_t, METHOD(kernel_ipsec_t, bypass_socket, bool, private_kernel_android_ipsec_t *this, int fd, int family) { - return NOT_SUPPORTED; + return charonservice->bypass_socket(charonservice, fd, family); } METHOD(kernel_ipsec_t, enable_udp_decap, bool, |