From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 22 Jul 2014 09:10:59 +0000 (+0200)
Subject: Merge branch 'android-dns-proxy'
X-Git-Tag: 5.2.1dr1~115
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ddc1ec0b37355be22d55728557b88cde83292e6;p=thirdparty%2Fstrongswan.git

Merge branch 'android-dns-proxy'

Adds a DNS proxy feature that uses VPN-protected sockets to resolve the
VPN gateway's hostname while reestablishing the IKE_SA, which is
required because we keep the TUN device up to avoid leaking plaintext
traffic.

The TUN device is recreated without DNS servers before reestablishing in
case the VPN server pushed DNS servers to the client that are only
reachable via VPN.

Fixes #622.
---

1ddc1ec0b37355be22d55728557b88cde83292e6