Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
library: Add setup_tun() callback
Library users used to do something like:

  openconnect_obtain_cookie()
  openconnect_make_cstp_connection()
  openconnect_setup_dtls()
  openconnect_get_ip_info()
  # ask the OS to create the tun interface
  openconnect_setup_tun_fd()
  openconnect_mainloop()

But now that MTU is calculated a few seconds after the mainloop starts
up, it is necessary to provide a callback so that the calling application
can create a tun interface with the correct MTU.

(Bonus: Android and Chrome OS currently do not allow the MTU, IP address,
or other parameters to be adjusted after the initial settings were sent
to the OS.)

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
cernekee authored and David Woodhouse committed Mar 8, 2016
1 parent 6537e12 commit 8f43252
Show file tree
Hide file tree
Showing 8 changed files with 45 additions and 4 deletions.
12 changes: 8 additions & 4 deletions java/src/com/example/LibTest.java
Expand Up @@ -163,6 +163,14 @@ public void onProgress(int level, String msg) {
break;
}
}

@Override
public void onSetupTun() {
System.out.println("SETUP_TUN");
if (setupTunDevice("/etc/vpnc/vpnc-script", null) != 0 &&
setupTunScript("ocproxy") != 0)
die("Error setting up tunnel");
}
}

private static void printList(String pfx, List<String> ss) {
Expand Down Expand Up @@ -233,10 +241,6 @@ else if (ret > 0)

printIPInfo(lib.getIPInfo());

if (lib.setupTunDevice("/etc/vpnc/vpnc-script", null) != 0 &&
lib.setupTunScript("ocproxy") != 0)
die("Error setting up tunnel");

if (lib.setupDTLS(60) != 0)
die("Error setting up DTLS");

Expand Down
1 change: 1 addition & 0 deletions java/src/org/infradead/libopenconnect/LibOpenConnect.java
Expand Up @@ -62,6 +62,7 @@ public void onProtectSocket(int fd) { }
public void onStatsUpdate(VPNStats stats) { }
public int onTokenLock() { return 0; }
public int onTokenUnlock(String newToken) { return 0; }
public void onSetupTun() { }

/* create/destroy library instances */

Expand Down
16 changes: 16 additions & 0 deletions jni.c
Expand Up @@ -294,6 +294,21 @@ static void stats_cb(void *privdata, const struct oc_stats *stats)
(*ctx->jenv)->PopLocalFrame(ctx->jenv, NULL);
}

static void setup_tun_cb(void *privdata)
{
struct libctx *ctx = privdata;
jmethodID mid;

if ((*ctx->jenv)->PushLocalFrame(ctx->jenv, 256) < 0)
return;

mid = get_obj_mid(ctx, ctx->jobj, "onSetupTun", "()V");
if (mid)
(*ctx->jenv)->CallVoidMethod(ctx->jenv, ctx->jobj, mid);

(*ctx->jenv)->PopLocalFrame(ctx->jenv, NULL);
}

static jobject new_auth_form(struct libctx *ctx, struct oc_auth_form *form)
{
jmethodID mid;
Expand Down Expand Up @@ -609,6 +624,7 @@ JNIEXPORT jlong JNICALL Java_org_infradead_libopenconnect_LibOpenConnect_init(
unlock_token_cb);
openconnect_set_protect_socket_handler(ctx->vpninfo, protect_socket_cb);
openconnect_set_stats_handler(ctx->vpninfo, stats_cb);
openconnect_set_setup_tun_handler(ctx->vpninfo, setup_tun_cb);

ctx->cmd_fd = openconnect_setup_cmd_pipe(ctx->vpninfo);
if (ctx->cmd_fd < 0)
Expand Down
1 change: 1 addition & 0 deletions libopenconnect.map.in
Expand Up @@ -43,6 +43,7 @@ OPENCONNECT_5.0 {
openconnect_set_proxy_auth;
openconnect_set_reported_os;
openconnect_set_reqmtu;
openconnect_set_setup_tun_handler;
openconnect_set_stats_handler;
openconnect_set_stoken_mode;
openconnect_set_system_trust;
Expand Down
6 changes: 6 additions & 0 deletions library.c
Expand Up @@ -780,6 +780,12 @@ void openconnect_override_getaddrinfo(struct openconnect_info *vpninfo, openconn
vpninfo->getaddrinfo_override = gai_fn;
}

void openconnect_set_setup_tun_handler(struct openconnect_info *vpninfo,
openconnect_setup_tun_vfn setup_tun)
{
vpninfo->setup_tun = setup_tun;
}

void openconnect_set_stats_handler(struct openconnect_info *vpninfo,
openconnect_stats_vfn stats_handler)
{
Expand Down
6 changes: 6 additions & 0 deletions mainloop.c
Expand Up @@ -110,6 +110,12 @@ static int setup_tun_device(struct openconnect_info *vpninfo)
{
int ret;

if (vpninfo->setup_tun) {
vpninfo->setup_tun(vpninfo->cbdata);
if (tun_is_up(vpninfo))
return 0;
}

#ifndef _WIN32
if (vpninfo->use_tun_script) {
ret = openconnect_setup_tun_script(vpninfo, vpninfo->vpnc_script);
Expand Down
1 change: 1 addition & 0 deletions openconnect-internal.h
Expand Up @@ -610,6 +610,7 @@ struct openconnect_info {
openconnect_progress_vfn progress;
openconnect_protect_socket_vfn protect_socket;
openconnect_getaddrinfo_vfn getaddrinfo_override;
openconnect_setup_tun_vfn setup_tun;

int (*ssl_read)(struct openconnect_info *vpninfo, char *buf, size_t len);
int (*ssl_gets)(struct openconnect_info *vpninfo, char *buf, size_t len);
Expand Down
6 changes: 6 additions & 0 deletions openconnect.h
Expand Up @@ -43,6 +43,7 @@ extern "C" {
* - Add openconnect_get_dtls_compression().
* - Add openconnect_disable_ipv6().
* - Add ip_info->gateway_addr.
* - Add openconnect_set_setup_tun_handler().
*
* API version 5.2 (v7.05; 2015-03-10):
* - Add openconnect_set_http_auth(), openconnect_set_protocol().
Expand Down Expand Up @@ -609,6 +610,11 @@ typedef int (*openconnect_getaddrinfo_vfn) (void *privdata, const char *node, co
const struct addrinfo *hints, struct addrinfo **res);
void openconnect_override_getaddrinfo(struct openconnect_info *vpninfo, openconnect_getaddrinfo_vfn gai_fn);

/* Callback for configuring the interface after MTU detection finishes. */
typedef void (*openconnect_setup_tun_vfn) (void *privdata);
void openconnect_set_setup_tun_handler(struct openconnect_info *vpninfo,
openconnect_setup_tun_vfn setup_tun);

#ifdef __cplusplus
}
#endif
Expand Down

0 comments on commit 8f43252

Please sign in to comment.