git.ipfire.org Git - thirdparty/strongswan.git/commit

author	Tobias Brunner <tobias@strongswan.org>
	Tue, 24 Nov 2020 15:50:55 +0000 (16:50 +0100)
committer	Tobias Brunner <tobias@strongswan.org>
	Thu, 4 Feb 2021 15:52:15 +0000 (16:52 +0100)
commit	cd10ae2ff050ab569bc6921239f630a365854a21
tree	4d8bcf16323c313c30657242a9d572cced775c69	tree
parent	4dc9edfa55eb6dca86d66517d865ee09c7a6e34c	commit \| diff

android: Explicitly apply DNS servers to the TUN device

If the peer deletes the CHILD_SA, we recreate it due to the close
action.  However, if we create a new TUN device, we do so with a new
VpnService.Builder object and on that the DNS servers were never applied.
The latter happened only on the fly in the attribute handler when an
IKE_SA was established.  Now we do this explicitly when creating the TUN
device, like the virtual IPs and routes.  While we could avoid the
recreation of the TUN device if the CHILD_SA is recreated, there is the
theoretical possibility that the remote traffic selectors change.  This
way we also avoid adding stuff to the builder in different places.

Fixes #3637.

src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_attr.c		diff \| blob \| blame \| history
src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_service.c		diff \| blob \| blame \| history