From: Tobias Brunner Date: Thu, 5 Jun 2025 14:34:52 +0000 (+0200) Subject: android: Apply proxy server setting when creating TUN device X-Git-Tag: android-2.5.6^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dbcba117ae02acb567ed3e5b0312835f478a6e1d;p=thirdparty%2Fstrongswan.git android: Apply proxy server setting when creating TUN device This is only available with Android 10+ (SDK 29+). --- diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java index 314678eded..69b217a2ea 100644 --- a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java +++ b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012-2018 Tobias Brunner + * Copyright (C) 2012-2025 Tobias Brunner * Copyright (C) 2012 Giuliano Grassi * Copyright (C) 2012 Ralf Sager * @@ -30,6 +30,7 @@ import android.content.Intent; import android.content.ServiceConnection; import android.content.SharedPreferences; import android.content.pm.PackageManager; +import android.net.ProxyInfo; import android.net.VpnService; import android.os.Build; import android.os.Bundle; @@ -72,6 +73,8 @@ import java.security.PrivateKey; import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; import java.util.List; import java.util.Locale; import java.util.SortedSet; @@ -1116,6 +1119,7 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe private final List mDnsServers = new ArrayList<>(); private int mMtu; private boolean mIPv4Seen, mIPv6Seen, mDnsServersConfigured; + private ProxyInfo mProxyServer; public BuilderCache(VpnProfile profile) { @@ -1169,6 +1173,17 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe } } + if (profile.getProxyHost() != null) + { + int port = profile.getProxyPort() != null ? profile.getProxyPort() : Constants.PROXY_PORT_DEFAULT; + List exclusions = new ArrayList<>(); + if (profile.getProxyExclusions() != null) + { + Collections.addAll(exclusions, profile.getProxyExclusions().split("\\s+")); + } + mProxyServer = ProxyInfo.buildDirectProxy(profile.getProxyHost(), port, exclusions); + } + /* set a default MTU, will be set by the daemon for regular interfaces */ Integer mtu = profile.getMTU(); mMtu = mtu == null ? Constants.MTU_MAX : mtu; @@ -1249,7 +1264,7 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe } } - public void applyData(VpnService.Builder builder) + public void applyData(Builder builder) { for (IPRange address : mAddresses) { @@ -1375,6 +1390,10 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe break; } } + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q && mProxyServer != null) + { + builder.setHttpProxy(mProxyServer); + } builder.setMtu(mMtu); } diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/utils/Constants.java b/src/frontends/android/app/src/main/java/org/strongswan/android/utils/Constants.java index 7f5220fbf5..59c6e6ad83 100644 --- a/src/frontends/android/app/src/main/java/org/strongswan/android/utils/Constants.java +++ b/src/frontends/android/app/src/main/java/org/strongswan/android/utils/Constants.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2016-2020 Tobias Brunner + * Copyright (C) 2016-2025 Tobias Brunner * * Copyright (C) secunet Security Networks AG * @@ -45,6 +45,11 @@ public final class Constants public static final int NAT_KEEPALIVE_MAX = 120; public static final int NAT_KEEPALIVE_MIN = 10; + /** + * Default port for proxy servers + */ + public static final int PROXY_PORT_DEFAULT = 8080; + /** * Preference key for default VPN profile */