aboutsummaryrefslogtreecommitdiffstats
path: root/src/frontends/android/jni/libandroidbridge/charonservice.c
Commit message (Collapse)AuthorAgeFilesLines
* android: Migrate to the Gradle build systemTobias Brunner2015-11-121-706/+0
| | | | | This uses a manual way to trigger the NDK build (the default with on-the-fly Android.mk files does not work for us).
* android: Add a custom kernel-net implementation to replace kernel-netlinkTobias Brunner2015-07-281-20/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | When roaming from a mobile network to WiFi on Android 5.x the event received via ConnectivityManager is triggered before the mobile connection is fully torn down (i.e. before the interface is disabled and the routes disappear). So for strongSwan the current path still seems valid and since no roam event is triggered later the daemon never switches to WiFi and the connection is broken afterwards. A possible solution to this is enabling roam events in the kernel-netlink plugin. That would trigger an event when the device is finally disconnected from the mobile network. However, this could actually take a some time, during which traffic continues to be sent via mobile network instead of WiFi. That's because Android now uses multiple routing tables, routing rules and fwmarks to direct traffic to the appropriate interface/table, but in our plugin we don't have the information available that would allow us to make the switch to a different network/routing table earlier (and we actually prefer the current path if it is still valid). Additionally, the plugin produces quite a bit more events than ConnectivityManager (which was one of the reasons to use the latter in the first place). This custom kernel-net implementation is now specifically tailored for Android. Roam events are still triggered via ConnectivityManager but the source address is determined via connect()/getsockname() on a VPN excluded UDP socket, which does use the correct routing table as intended by Android. That way the daemon immediately sees a different source IP when connectivity changes even if the device is connected to multiple networks concurrently.
* android: Apply configured MTUTobias Brunner2015-07-281-3/+8
| | | | | | While it is stored as property of individual profiles it is really a global setting because we currently don't support more than one connection.
* android: Set preferred language for remediation instructionsTobias Brunner2015-07-281-0/+4
|
* android: Encode connection settings as single Java string argumentTobias Brunner2015-07-281-15/+10
| | | | This makes adding new configuration settings easier.
* android: Enable charon.initiator_only optionTobias Brunner2015-07-281-0/+2
|
* attributes: Move the configuration attributes framework to libcharonMartin Willi2015-02-201-4/+4
|
* android: Increase fragment sizeTobias Brunner2014-11-061-0/+3
| | | | We use the same value we use as MTU on TUN devices.
* plugin-loader: Support a reload() callback for static featuresMartin Willi2014-09-221-2/+2
|
* android: Remove unused hash argument from getTrustedCertificates()Tobias Brunner2014-07-221-2/+2
|
* android: Don't limit number to packets during EAP-TTLSTobias Brunner2014-02-181-0/+2
|
* libcharon: Remove unused charon->nameTobias Brunner2014-02-121-1/+1
|
* libhydra: Remove unused hydra->daemonTobias Brunner2014-02-121-1/+1
|
* lib: Add global config namespaceTobias Brunner2014-02-121-1/+1
|
* android: Properly handle failures while initializing charonTobias Brunner2013-09-231-6/+7
|
* android: Use a different set of plugins if BYOD features are enabledTobias Brunner2013-07-081-5/+18
|
* android: Handle and store IETF remediation instructionsTobias Brunner2013-07-081-0/+32
|
* android: Add state of IMC to VpnStateService and update it via JNITobias Brunner2013-07-081-0/+25
|
* android: Added a Java part to the Android IMCTobias Brunner2013-07-081-9/+10
|
* android: Don't attempt loading IMCs from /etc/tnc_configTobias Brunner2013-07-081-0/+2
|
* android: Added a sample IMC that sends some dummy OS dataTobias Brunner2013-07-081-3/+27
|
* android: Disable listening on IPv6Tobias Brunner2013-07-051-0/+4
| | | | | As we have to use UDP encapsulation and the Linux kernel currently does not support that this avoids issues with dual-stack gateways.
* plugin-loader: Add method to print loaded plugins on a given log levelTobias Brunner2013-06-211-0/+1
|
* android: Ignore interface 'lo'Tobias Brunner2013-05-031-2/+4
| | | | | Android adds a default route via 'lo' if no connectivity is available causing charon to send packets via lo and triggering DPD.
* android: Repurpose android-net to simply handle connectivity eventsTobias Brunner2013-05-031-1/+12
| | | | | | Using the events by NetworkManager/ConnectivityManager to trigger roam events instead of the events generated by the kernel-netlink plugin the noise level is much lower.
* android: Replace android-net plugin with kernel-netlinkTobias Brunner2013-05-031-2/+7
| | | | | Virtual IPs are not handled by the kernel-netlink plugin and tun devices are ignored.
* android: Set strongswan.conf options before initializing other librariesTobias Brunner2013-05-031-36/+44
|
* android: Properly handle exceptions when loading keys/certificatesTobias Brunner2012-11-211-3/+3
|
* Reload logger configuration on SIGHUPTobias Brunner2012-10-181-22/+14
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Make syslog and file loggers configurable at runtimeTobias Brunner2012-10-181-13/+3
|
* android: Use a shorter timeout for retransmitsTobias Brunner2012-10-181-1/+1
|
* android: Bypass/protect previously bypassed sockets if connectivity changesTobias Brunner2012-10-161-3/+25
|
* android: Register NetworkManager as BroadcastReceiver and relay events via JNITobias Brunner2012-10-161-1/+1
|
* android: Determine source address dynamicallyTobias Brunner2012-10-161-9/+19
|
* android: Added a method to get the user's private key via JNITobias Brunner2012-09-241-1/+36
|
* android: Native parts handle ikev2-cert VPN typeTobias Brunner2012-08-311-6/+2
|
* android: Added JNI method to retrieve user certificate and private keyTobias Brunner2012-08-311-13/+58
| | | | | To simplify things the private key, the user certificate and the CA certificates are all put into the same list.
* android: Pass the type of VPN to the native partsTobias Brunner2012-08-311-4/+7
|
* Charon logs to a file in the App's data directoryTobias Brunner2012-08-131-1/+36
|
* Moved Java to C string conversion function to android_jni header fileTobias Brunner2012-08-131-19/+4
|
* Log charon version and uname() output, split libcharon and charon initializationTobias Brunner2012-08-131-2/+20
|
* Don't set the source address on AndroidTobias Brunner2012-08-131-0/+9
|
* Close IKE_SA on Android immediately if setting up CHILD_SA failsTobias Brunner2012-08-131-0/+2
|
* Reduce number of retransmits on AndroidTobias Brunner2012-08-131-0/+9
|
* An Android specific attribute handler installs DNS servers via BuilderTobias Brunner2012-08-131-0/+12
|
* Native counterpart of VpnService.Builder added, exposed by charonserviceTobias Brunner2012-08-131-3/+18
|
* Initiate an SA via native JNI methodTobias Brunner2012-08-131-0/+63
|
* Added an Android specific credential set that provides CA certificates via JNITobias Brunner2012-08-131-0/+29
|
* CharonVpnService provides a function to get trusted certificates via JNITobias Brunner2012-08-131-0/+48
|
* Function added that allows to update VPN state via JNITobias Brunner2012-08-131-0/+25
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-30 16:31:19 +0000