diff options
Diffstat (limited to 'src/frontends/android/jni/libandroidbridge')
3 files changed, 43 insertions, 1 deletions
diff --git a/src/frontends/android/jni/libandroidbridge/charonservice.c b/src/frontends/android/jni/libandroidbridge/charonservice.c index a9a3fe4a6..974875e6e 100644 --- a/src/frontends/android/jni/libandroidbridge/charonservice.c +++ b/src/frontends/android/jni/libandroidbridge/charonservice.c @@ -90,6 +90,34 @@ static void dbg_android(debug_t group, level_t level, char *fmt, ...) } } +METHOD(charonservice_t, bypass_socket, bool, + private_charonservice_t *this, int fd, int family) +{ + JNIEnv *env; + jmethodID method_id; + + androidjni_attach_thread(&env); + + method_id = (*env)->GetMethodID(env, android_charonvpnservice_class, + "protect", "(I)Z"); + if (!method_id) + { + goto failed; + } + if (!(*env)->CallBooleanMethod(env, this->vpn_service, method_id, fd)) + { + DBG1(DBG_CFG, "VpnService.protect() failed"); + goto failed; + } + androidjni_detach_thread(); + return TRUE; + +failed: + androidjni_exception_occurred(env); + androidjni_detach_thread(); + return FALSE; +} + /** * Initialize the charonservice object */ @@ -105,6 +133,7 @@ static void charonservice_init(JNIEnv *env, jobject service) INIT(this, .public = { + .bypass_socket = _bypass_socket, }, .vpn_service = (*env)->NewGlobalRef(env, service), ); diff --git a/src/frontends/android/jni/libandroidbridge/charonservice.h b/src/frontends/android/jni/libandroidbridge/charonservice.h index a3562490b..8bacd0a1d 100644 --- a/src/frontends/android/jni/libandroidbridge/charonservice.h +++ b/src/frontends/android/jni/libandroidbridge/charonservice.h @@ -28,6 +28,8 @@ #ifndef CHARONSERVICE_H_ #define CHARONSERVICE_H_ +#include <library.h> + typedef struct charonservice_t charonservice_t; /** @@ -37,6 +39,16 @@ typedef struct charonservice_t charonservice_t; */ struct charonservice_t { + /** + * Install a bypass policy for the given socket using the protect() Method + * of the Android VpnService interface + * + * @param fd socket file descriptor + * @param family socket protocol family + * @return TRUE if operation successful + */ + bool (*bypass_socket)(charonservice_t *this, int fd, int family); + }; /** diff --git a/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c b/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c index 8254c0191..08cc61610 100644 --- a/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c +++ b/src/frontends/android/jni/libandroidbridge/kernel/android_ipsec.c @@ -15,6 +15,7 @@ */ #include "android_ipsec.h" +#include "../charonservice.h" #include <debug.h> #include <library.h> @@ -139,7 +140,7 @@ METHOD(kernel_ipsec_t, flush_policies, status_t, METHOD(kernel_ipsec_t, bypass_socket, bool, private_kernel_android_ipsec_t *this, int fd, int family) { - return NOT_SUPPORTED; + return charonservice->bypass_socket(charonservice, fd, family); } METHOD(kernel_ipsec_t, enable_udp_decap, bool, |