From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 12 Jun 2018 15:46:08 +0000 (+0200)
Subject: android: Initiate configured default profile when triggered as Always-on VPN
X-Git-Tag: 5.7.0dr5~20^2~44
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=56f599560c48565a43990cdfa903274fcb9da7c7;p=thirdparty%2Fstrongswan.git

android: Initiate configured default profile when triggered as Always-on VPN

With Android 8.1 this isn't triggered after a reboot until the device
has been unlocked once (solving the issue with the key store) and traffic
may optionally be blocked by the user until the VPN is established.

There are still some issues (e.g. password prompts and fatal errors), and we
might need some workaround for older Android releases.
---

diff --git a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java
index cb148521b8..53d84cf0cb 100644
--- a/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java
+++ b/src/frontends/android/app/src/main/java/org/strongswan/android/logic/CharonVpnService.java
@@ -75,6 +75,7 @@ import java.util.SortedSet;
 public class CharonVpnService extends VpnService implements Runnable, VpnStateService.VpnStateListener
 {
 	private static final String TAG = CharonVpnService.class.getSimpleName();
+	private static final String VPN_SERVICE_ACTION = "android.net.VpnService";
 	public static final String DISCONNECT_ACTION = "org.strongswan.android.CharonVpnService.DISCONNECT";
 	private static final String NOTIFICATION_CHANNEL = "org.strongswan.android.CharonVpnService.VPN_STATE_NOTIFICATION";
 	public static final String LOG_FILE = "charon.log";
@@ -134,14 +135,21 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 	{
 		if (intent != null)
 		{
-			if (DISCONNECT_ACTION.equals(intent.getAction()))
-			{
-				setNextProfile(null);
+			VpnProfile profile = null;
+
+			if (VPN_SERVICE_ACTION.equals(intent.getAction()))
+			{	/* triggered when Always-on VPN is activated */
+				SharedPreferences pref = PreferenceManager.getDefaultSharedPreferences(this);
+				String uuid = pref.getString(Constants.PREF_DEFAULT_VPN_PROFILE, null);
+				if (uuid == null || uuid.equals(Constants.PREF_DEFAULT_VPN_PROFILE_MRU))
+				{
+					uuid = pref.getString(Constants.PREF_MRU_VPN_PROFILE, null);
+				}
+				profile = mDataSource.getVpnProfile(uuid);
 			}
-			else
+			else if (!DISCONNECT_ACTION.equals(intent.getAction()))
 			{
 				Bundle bundle = intent.getExtras();
-				VpnProfile profile = null;
 				if (bundle != null)
 				{
 					profile = mDataSource.getVpnProfile(bundle.getLong(VpnProfileDataSource.KEY_ID));
@@ -155,8 +163,8 @@ public class CharonVpnService extends VpnService implements Runnable, VpnStateSe
 							.apply();
 					}
 				}
-				setNextProfile(profile);
 			}
+			setNextProfile(profile);
 		}
 		return START_NOT_STICKY;
 	}