From patchwork Mon Aug 12 03:45:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 802 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id +KR0DMdtUV2UHwAAIUCqbw for ; Mon, 12 Aug 2019 09:46:47 -0400 Received: from proxy14.mail.iad3b.rsapps.net ([172.31.255.6]) by director11.mail.ord1d.rsapps.net with LMTP id qKz2CcdtUV0kdQAAvGGmqA ; Mon, 12 Aug 2019 09:46:47 -0400 Received: from smtp19.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy14.mail.iad3b.rsapps.net with LMTP id kMeoBMdtUV3qIgAA+7ETDg ; Mon, 12 Aug 2019 09:46:47 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp19.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 9f9a1f38-bd07-11e9-ae6a-525400cbaf6c-1-1 Received: from [216.105.38.7] ([216.105.38.7:60492] helo=lists.sourceforge.net) by smtp19.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id C4/C8-21605-5CD615D5; Mon, 12 Aug 2019 09:46:45 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1hxAdi-000182-Re; Mon, 12 Aug 2019 13:45:34 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hxAde-00017q-IZ for openvpn-devel@lists.sourceforge.net; Mon, 12 Aug 2019 13:45:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=CUN3Ev19edrk/ZX6OTi/gQ3st2Jy7ehX9vZCA9NaVfM=; b=RexgJ4jUVEQ82a94WG5+0kV374 oxATIK8TTbrK2inle8Ll0WG9sGtAabQGLX1zvGZDple8Tf1vohQrqkmd/nDzoqPIunS2joe++YnfQ 5x2K1ALdjxQSjrbkrTpNlN88mb4mbSUNCLcOJVftG2SQYQCZZ727vNw63XNkbUyAPYus=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=CUN3Ev19edrk/ZX6OTi/gQ3st2Jy7ehX9vZCA9NaVfM=; b=VsxcE5puIS6hVekaqjmEcP1A/0 NTLDV3BX3CsYShJfAjniJ0MjR/2EgK3Y8T2vRQ34mOLvypiNuHpewIUkHwFQw7M6vTLYIYBkNQcGp FFY8EQPpyVjmIidU6qYeujrdyE61SowTAOUE782psUApp3f24fQBK0Bgtkkp83W6xAnw=; Received: from [192.26.174.232] (helo=mail.blinkt.de) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hxAdY-002jDy-Vz for openvpn-devel@lists.sourceforge.net; Mon, 12 Aug 2019 13:45:30 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.92 (FreeBSD)) (envelope-from ) id 1hxAdN-00058s-AH for openvpn-devel@lists.sourceforge.net; Mon, 12 Aug 2019 15:45:13 +0200 Received: (nullmailer pid 20806 invoked by uid 10006); Mon, 12 Aug 2019 13:45:13 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 12 Aug 2019 15:45:13 +0200 Message-Id: <20190812134513.20758-2-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190812134513.20758-1-arne@rfc2549.org> References: <20190812134513.20758-1-arne@rfc2549.org> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 1.0 RDNS_NONE Delivered to internal network by a host with no rDNS -0.1 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1hxAdY-002jDy-Vz Subject: [Openvpn-devel] [PATCH 2/2] Adjust Android code after sitnl patch merge X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox It turns out that the only part of Android that still shares routing code with Linux is the get_default_ipv6 method. Instead of fixing a method that makes little sense on Android anyway, have a method that returns a fake ipv6 gateway like for ipv4. --- src/openvpn/route.c | 66 ++++++++++++++++++++++++++++++--------------- src/openvpn/tun.c | 9 +++++-- 2 files changed, 51 insertions(+), 24 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index a302746e..9af88f00 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -1065,7 +1065,8 @@ redirect_default_route_to_vpn(struct route_list *rl, const struct tuntap *tt, tt, flags, &rl->rgi, - es); + es, + ctx); #else if (rl->flags & RG_DEF1) @@ -3169,7 +3170,48 @@ show_routes(int msglev) gc_free(&gc); } -#elif defined(TARGET_LINUX) || defined(TARGET_ANDROID) +#elif defined(TARGET_ANDROID) + +void +get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) +{ + /* Android, set some pseudo GW, addr is in host byte order, + * Determining the default GW on Android 5.0+ is non trivial + * and serves almost no purpose since OpenVPN only uses the + * default GW address to add routes for networks that should + * NOT be routed over the VPN. Using a well known address + * (127.'d'.'g'.'w') for the default GW make detecting + * these routes easier from the controlling app. + */ + CLEAR(*rgi); + + rgi->gateway.addr = 127 << 24 | 'd' << 16 | 'g' << 8 | 'w'; + rgi->flags = RGI_ADDR_DEFINED | RGI_IFACE_DEFINED; + strcpy(rgi->iface, "android-gw"); + + /* Skip scanning/fetching interface from loopback interface we do + * normally on Linux. + * It always fails and "ioctl(SIOCGIFCONF) failed" confuses users + */ + +} + +void +get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi6, + const struct in6_addr *dest, openvpn_net_ctx_t *ctx) +{ + /* Same for ipv6 */ + + CLEAR(*rgi6); + + /* Use a fake link-local address */ + ASSERT(inet_pton(AF_INET6, "fe80::ad", &rgi6->addrs->addr_ipv6) == 1); + rgi6->addrs->netbits_ipv6 = 64; + rgi6->flags = RGI_ADDR_DEFINED | RGI_IFACE_DEFINED; + strcpy(rgi6->iface, "android-gw"); +} + +#elif defined(TARGET_LINUX) void get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) @@ -3181,7 +3223,6 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) CLEAR(*rgi); CLEAR(best_name); -#ifndef TARGET_ANDROID /* get default gateway IP addr */ if (net_route_v4_best_gw(ctx, NULL, &rgi->gateway.addr, best_name) == 0) { @@ -3191,25 +3232,6 @@ get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx) rgi->flags |= RGI_ON_LINK; } } -#else /* ifndef TARGET_ANDROID */ - /* Android, set some pseudo GW, addr is in host byte order, - * Determining the default GW on Android 5.0+ is non trivial - * and serves almost no purpose since OpenVPN only uses the - * default GW address to add routes for networks that should - * NOT be routed over the VPN. Using a well known address - * (127.'d'.'g'.'w') for the default GW make detecting - * these routes easier from the controlling app. - */ - rgi->gateway.addr = 127 << 24 | 'd' << 16 | 'g' << 8 | 'w'; - rgi->flags |= RGI_ADDR_DEFINED; - strcpy(best_name, "android-gw"); - - /* - * Skip scanning/fetching interface from loopback interface - * It always fails and "ioctl(SIOCGIFCONF) failed" confuses users - */ - goto done; -#endif /* ifndef TARGET_ANDROID */ /* scan adapter list */ if (rgi->flags & RGI_ADDR_DEFINED) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 8f8f7c6c..1db459f8 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -906,9 +906,13 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, #elif defined(TARGET_ANDROID) char out6[64]; + const char *ifconfig_ipv6_local = print_in6_addr(tt->local_ipv6, 0, NULL); openvpn_snprintf(out6, sizeof(out6), "%s/%d %d", - ifconfig_ipv6_local,tt->netbits_ipv6, tun_mtu); + ifconfig_ipv6_local, tt->netbits_ipv6, tun_mtu); + management_android_control(management, "IFCONFIG6", out6); + + free(ifconfig_ipv6_local); #elif defined(TARGET_SOLARIS) argv_printf(&argv, "%s %s inet6 unplumb", IFCONFIG_PATH, ifname); argv_msg(M_INFO, &argv); @@ -1045,7 +1049,8 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, #if defined(TARGET_OPENBSD) || defined(TARGET_NETBSD) \ || defined(TARGET_DARWIN) || defined(TARGET_FREEBSD) \ || defined(TARGET_DRAGONFLY) || defined(TARGET_AIX) \ - || defined(TARGET_SOLARIS) || defined(_WIN32) + || defined(TARGET_SOLARIS) || defined(_WIN32) \ + || defined(TARGET_ANDROID) const char *ifconfig_local = NULL; const char *ifconfig_remote_netmask = NULL; const char *ifconfig_broadcast = NULL;