From f5b8dae753448ed698486af8b49b977a58d4fcdc Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 5 Jul 2019 17:18:30 +0200 Subject: better support for android 8.X always-on killswitch (#8945 & #8928) --- .../de/blinkt/openvpn/core/OpenVPNService.java | 74 +++++++++++----------- 1 file changed, 37 insertions(+), 37 deletions(-) (limited to 'app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java') diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java index af31e977..ea782e00 100644 --- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java +++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java @@ -44,10 +44,12 @@ import de.blinkt.openvpn.core.VpnStatus.ByteCountListener; import de.blinkt.openvpn.core.VpnStatus.StateListener; import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.VpnNotificationManager; +import se.leap.bitmaskclient.utils.PreferenceHelper; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_CONNECTED; import static de.blinkt.openvpn.core.ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT; import static de.blinkt.openvpn.core.NetworkSpace.IpAddress; +import static se.leap.bitmaskclient.Constants.PROVIDER_PROFILE; public class OpenVPNService extends VpnService implements StateListener, Callback, ByteCountListener, IOpenVPNServiceInternal, VpnNotificationManager.VpnServiceCallback { @@ -61,6 +63,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac public final static String ORBOT_PACKAGE_NAME = "org.torproject.android"; private static final String PAUSE_VPN = "de.blinkt.openvpn.PAUSE_VPN"; private static final String RESUME_VPN = "se.leap.bitmaskclient.RESUME_VPN"; + private static final String TAG = OpenVPNService.class.getSimpleName(); private static boolean mNotificationAlwaysVisible = false; private final Vector mDnslist = new Vector<>(); private final NetworkSpace mRoutes = new NetworkSpace(); @@ -177,7 +180,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } VpnStatus.removeByteCountListener(this); unregisterDeviceStateReceiver(); - ProfileManager.setConntectedVpnProfileDisconnected(this); mOpenVPNThread = null; if (!mStarting) { stopForeground(!mNotificationAlwaysVisible); @@ -312,47 +314,35 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac 0, NOTIFICATION_CHANNEL_NEWSTATUS_ID); - if (intent != null && intent.hasExtra(getPackageName() + ".profileUUID")) { - String profileUUID = intent.getStringExtra(getPackageName() + ".profileUUID"); - int profileVersion = intent.getIntExtra(getPackageName() + ".profileVersion", 0); - // Try for 10s to get current version of the profile - mProfile = ProfileManager.get(this, profileUUID, profileVersion, 100); + if (intent != null && intent.hasExtra(PROVIDER_PROFILE)) { + mProfile = (VpnProfile) intent.getSerializableExtra(PROVIDER_PROFILE); if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N_MR1) { updateShortCutUsage(mProfile); } - + PreferenceHelper.setAlwaysOn(this, false); } else { /* The intent is null when we are set as always-on or the service has been restarted. */ mProfile = ProfileManager.getLastConnectedProfile(this); VpnStatus.logInfo(R.string.service_restarted); - /* Got no profile, just stop */ - if (mProfile == null) { - Log.d("OpenVPN", "Got no last connected profile on null intent. Assuming always on."); - mProfile = ProfileManager.getAlwaysOnVPN(this); - - if (mProfile == null) { - stopSelf(startId); - return START_NOT_STICKY; - } + if (mProfile != null) { + PreferenceHelper.setAlwaysOn(this, true); } - /* Do the asynchronous keychain certificate stuff */ - mProfile.checkForRestart(this); } if (mProfile == null) { - stopSelf(startId); + stopService(startId); + Log.d(TAG, "Stopping service, no profile found"); return START_NOT_STICKY; + } else { + Log.d(TAG, "Found profile: " + mProfile.mName); + /* Do the asynchronous keychain certificate stuff */ + mProfile.checkForRestart(this); } /* start the OpenVPN process itself in a background thread */ - new Thread(new Runnable() { - @Override - public void run() { - startOpenVPN(); - } - }).start(); + new Thread(this::startOpenVPN).start(); ProfileManager.setConnectedVpnProfile(this, mProfile); @@ -369,6 +359,11 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac shortcutManager.reportShortcutUsed(profile.getUUIDString()); } + private void stopService(int startId) { + VpnStatus.updateStateString("NOPROCESS", "VPN STOPPED", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED); + stopSelf(startId); + } + private void startOpenVPN() { /** * see change above (l. 292 ff) @@ -428,21 +423,17 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac } synchronized (mProcessLock) - { mProcessThread = new Thread(processThread, "OpenVPNProcessThread"); mProcessThread.start(); } - new Handler(getMainLooper()).post(new Runnable() { - @Override - public void run() { - if (mDeviceStateReceiver != null) - unregisterDeviceStateReceiver(); - - registerDeviceStateReceiver(mManagement); - } - } + new Handler(getMainLooper()).post(() -> { + if (mDeviceStateReceiver != null) { + unregisterDeviceStateReceiver(); + } + registerDeviceStateReceiver(mManagement); + } ); } @@ -550,8 +541,17 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac VpnStatus.logInfo(R.string.last_openvpn_tun_config); - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mProfile.mAllowLocalLAN) { - allowAllAFFamilies(builder); + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { + if (mProfile.mAllowLocalLAN) { + allowAllAFFamilies(builder); + } + if (PreferenceHelper.isAlwaysOn(this)) { + try { + builder.addDisallowedApplication(this.getPackageName()); + } catch (PackageManager.NameNotFoundException e) { + e.printStackTrace(); + } + } } if (mLocalIP == null && mLocalIPv6 == null) { -- cgit v1.2.3