From 67332b4e228f41956b5ef34479ed32d672f75e68 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 16 Apr 2013 14:23:07 +0200 Subject: [PATCH] android: Set strongswan.conf options before initializing other libraries --- .../jni/libandroidbridge/charonservice.c | 80 ++++++++++--------- 1 file changed, 44 insertions(+), 36 deletions(-) diff --git a/src/frontends/android/jni/libandroidbridge/charonservice.c b/src/frontends/android/jni/libandroidbridge/charonservice.c index 1a9243037..b6a9b7c33 100644 --- a/src/frontends/android/jni/libandroidbridge/charonservice.c +++ b/src/frontends/android/jni/libandroidbridge/charonservice.c @@ -376,11 +376,46 @@ static bool charonservice_register(void *plugin, plugin_feature_t *feature, return TRUE; } +/** + * Set strongswan.conf options + */ +static void set_options(char *logfile) +{ + lib->settings->set_int(lib->settings, + "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL); + /* setup file logger */ + lib->settings->set_str(lib->settings, + "charon.filelog.%s.time_format", "%b %e %T", logfile); + lib->settings->set_bool(lib->settings, + "charon.filelog.%s.append", FALSE, logfile); + lib->settings->set_bool(lib->settings, + "charon.filelog.%s.flush_line", TRUE, logfile); + lib->settings->set_int(lib->settings, + "charon.filelog.%s.default", ANDROID_DEBUG_LEVEL, logfile); + + lib->settings->set_int(lib->settings, + "charon.retransmit_tries", ANDROID_RETRASNMIT_TRIES); + lib->settings->set_double(lib->settings, + "charon.retransmit_timeout", ANDROID_RETRANSMIT_TIMEOUT); + lib->settings->set_double(lib->settings, + "charon.retransmit_base", ANDROID_RETRANSMIT_BASE); + lib->settings->set_bool(lib->settings, + "charon.close_ike_on_child_failure", TRUE); + /* setting the source address breaks the VpnService.protect() function which + * uses SO_BINDTODEVICE internally. the addresses provided to the kernel as + * auxiliary data have precedence over this option causing a routing loop if + * the gateway is contained in the VPN routes. alternatively, providing an + * explicit device (in addition or instead of the source address) in the + * auxiliary data would also work, but we currently don't have that + * information */ + lib->settings->set_bool(lib->settings, + "charon.plugins.socket-default.set_source", FALSE); +} + /** * Initialize the charonservice object */ -static void charonservice_init(JNIEnv *env, jobject service, jobject builder, - char *logfile) +static void charonservice_init(JNIEnv *env, jobject service, jobject builder) { private_charonservice_t *this; static plugin_feature_t features[] = { @@ -414,36 +449,6 @@ static void charonservice_init(JNIEnv *env, jobject service, jobject builder, lib->plugins->add_static_features(lib->plugins, "androidbridge", features, countof(features), TRUE); - - lib->settings->set_int(lib->settings, - "charon.plugins.android_log.loglevel", ANDROID_DEBUG_LEVEL); - /* setup file logger */ - lib->settings->set_str(lib->settings, - "charon.filelog.%s.time_format", "%b %e %T", logfile); - lib->settings->set_bool(lib->settings, - "charon.filelog.%s.append", FALSE, logfile); - lib->settings->set_bool(lib->settings, - "charon.filelog.%s.flush_line", TRUE, logfile); - lib->settings->set_int(lib->settings, - "charon.filelog.%s.default", ANDROID_DEBUG_LEVEL, logfile); - - lib->settings->set_int(lib->settings, - "charon.retransmit_tries", ANDROID_RETRASNMIT_TRIES); - lib->settings->set_double(lib->settings, - "charon.retransmit_timeout", ANDROID_RETRANSMIT_TIMEOUT); - lib->settings->set_double(lib->settings, - "charon.retransmit_base", ANDROID_RETRANSMIT_BASE); - lib->settings->set_bool(lib->settings, - "charon.close_ike_on_child_failure", TRUE); - /* setting the source address breaks the VpnService.protect() function which - * uses SO_BINDTODEVICE internally. the addresses provided to the kernel as - * auxiliary data have precedence over this option causing a routing loop if - * the gateway is contained in the VPN routes. alternatively, providing an - * explicit device (in addition or instead of the source address) in the - * auxiliary data would also work, but we currently don't have that - * information */ - lib->settings->set_bool(lib->settings, - "charon.plugins.socket-default.set_source", FALSE); } /** @@ -493,6 +498,11 @@ JNI_METHOD(CharonVpnService, initializeCharon, void, return; } + /* set options before initializing other libraries that might read them */ + logfile = androidjni_convert_jstring(env, jlogfile); + set_options(logfile); + free(logfile); + if (!libhydra_init("charon")) { libhydra_deinit(); @@ -517,12 +527,10 @@ JNI_METHOD(CharonVpnService, initializeCharon, void, return; } - logfile = androidjni_convert_jstring(env, jlogfile); - charonservice_init(env, this, builder, logfile); - free(logfile); - charon->load_loggers(charon, NULL, FALSE); + charonservice_init(env, this, builder); + if (uname(&utsname) != 0) { memset(&utsname, 0, sizeof(utsname)); -- 2.39.5