diff options
Diffstat (limited to 'openvpn/src/openvpn/socket.c')
-rw-r--r-- | openvpn/src/openvpn/socket.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/openvpn/src/openvpn/socket.c b/openvpn/src/openvpn/socket.c index 47329ddf..e3e93525 100644 --- a/openvpn/src/openvpn/socket.c +++ b/openvpn/src/openvpn/socket.c @@ -686,22 +686,32 @@ create_socket (struct link_socket *sock) { ASSERT (0); } + /* set socket buffers based on --sndbuf and --rcvbuf options */ socket_set_buffers (sock->sd, &sock->socket_buffer_sizes); /* set socket to --mark packets with given value */ socket_set_mark (sock->sd, sock->mark); +} + #ifdef TARGET_ANDROID +static void protect_fd_nonlocal (int fd, struct sockaddr* addr) +{ + if (addr_local (addr)) { + msg(M_DEBUG, "Address is local, not protecting socket fd %d", fd); + return; + } + struct user_pass up; strcpy(up.username ,__func__); - management->connection.fdtosend = sock->sd; - msg(M_DEBUG, "Protecting socket fd %d", sock->sd); + management->connection.fdtosend = fd; + msg(M_DEBUG, "Protecting socket fd %d", fd); management_query_user_pass(management, &up , "PROTECTFD", GET_USER_PASS_NEED_OK,(void*) 0); +} #endif -} /* * Functions used for establishing a TCP stream connection. @@ -926,7 +936,10 @@ openvpn_connect (socket_descriptor_t sd, #ifdef CONNECT_NONBLOCK set_nonblock (sd); + + protect_fd_nonlocal(sd, remote); status = connect (sd, remote, af_addr_size(remote->sa_family)); + if (status) status = openvpn_errno (); if ( |