summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2014-10-07 17:44:46 +0200
committerParménides GV <parmegv@sdf.org>2014-10-07 17:52:06 +0200
commitfa218f752003adcfb040053cfb88b36637060de7 (patch)
tree3a9e82a0564fb4f2e01f44dfa39a2b88bed84b41
parent34643c6b5ab0643383e24025876b0d69859ba4f9 (diff)
Block traffic during first connection.
Set up routes to UDP unlimited server (since openvpn hasn't finished, it simply blocks traffic) and also DNS server to 10.41.0.1. These values correspond to current leap_platform configuration (https://github.com/leapcode/leap_platform/blob/7bc79e68e5ca913d1d2843c48cde8f946feed09c/puppet/modules/site_openvpn/manifests/init.pp)
-rw-r--r--app/src/main/AndroidManifest.xml8
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/EIP.java10
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java17
3 files changed, 32 insertions, 3 deletions
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 423293b6..bdd541ae 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -36,6 +36,14 @@
android:label="@string/app" >
<service
+ android:name="se.leap.bitmaskclient.VoidVpnService"
+ android:permission="android.permission.BIND_VPN_SERVICE">
+ <intent-filter>
+ <action android:name="android.net.VpnService" />
+ </intent-filter>
+ </service>
+
+ <service
android:name="de.blinkt.openvpn.core.OpenVPNService"
android:permission="android.permission.BIND_VPN_SERVICE">
<intent-filter>
diff --git a/app/src/main/java/se/leap/bitmaskclient/EIP.java b/app/src/main/java/se/leap/bitmaskclient/EIP.java
index 43fe0b7c..add5a1d1 100644
--- a/app/src/main/java/se/leap/bitmaskclient/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/EIP.java
@@ -38,8 +38,6 @@ import de.blinkt.openvpn.activities.DisconnectVPN;
import de.blinkt.openvpn.core.ConfigParser.ConfigParseError;
import de.blinkt.openvpn.core.ConfigParser;
import de.blinkt.openvpn.core.OpenVpnManagementThread;
-import de.blinkt.openvpn.core.OpenVPNService.LocalBinder;
-import de.blinkt.openvpn.core.OpenVPNService;
import de.blinkt.openvpn.core.ProfileManager;
import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
import java.io.IOException;
@@ -67,6 +65,7 @@ import org.json.JSONObject;
import se.leap.bitmaskclient.Dashboard;
import se.leap.bitmaskclient.Provider;
import se.leap.bitmaskclient.R;
+import se.leap.bitmaskclient.VoidVpnService;
/**
* EIP is the abstract base class for interacting with and managing the Encrypted
@@ -187,12 +186,17 @@ public final class EIP extends IntentService {
*/
private void startEIP() {
activeGateway = selectGateway();
-
+ earlyRoutes();
if(activeGateway != null && activeGateway.mVpnProfile != null) {
launchActiveGateway();
}
}
+ private void earlyRoutes() {
+ VoidVpnService voidVpn = new VoidVpnService();
+ voidVpn.setUp(context);
+ }
+
private void launchActiveGateway() {
Intent intent = new Intent(this,LaunchVPN.class);
intent.setAction(Intent.ACTION_MAIN);
diff --git a/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java
new file mode 100644
index 00000000..ec88fd48
--- /dev/null
+++ b/app/src/main/java/se/leap/bitmaskclient/VoidVpnService.java
@@ -0,0 +1,17 @@
+package se.leap.bitmaskclient;
+
+import android.content.Context;
+import android.net.VpnService;
+
+public class VoidVpnService extends VpnService {
+ public void setUp(Context context) {
+ VpnService.prepare(context); // stops the VPN connection created by another application.
+ Builder builder = new Builder();
+ builder.addAddress("10.42.0.8",16);
+ builder.addRoute("0.0.0.0", 1);
+ builder.addRoute("128.0.0.0", 1);
+ builder.addRoute("192.168.1.0", 24);
+ builder.addDnsServer("10.42.0.1");
+ builder.establish();
+ }
+}