From 83a741a917e56f1d6079a95394f72a2c7cf709ed Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Sun, 2 Feb 2014 18:01:03 +0100
Subject: Implement bypassing the VPN when accessing local resources

---
 src/de/blinkt/openvpn/VpnProfile.java | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'src/de/blinkt/openvpn/VpnProfile.java')

diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java
index b016fb64..55a7d3e3 100644
--- a/src/de/blinkt/openvpn/VpnProfile.java
+++ b/src/de/blinkt/openvpn/VpnProfile.java
@@ -52,6 +52,7 @@ public class VpnProfile implements Serializable {
     private static final long serialVersionUID = 7085688938959334563L;
     private static final String OVPNCONFIGFILE = "android.conf";
     public static final int MAXLOGLEVEL = 4;
+    public static final int CURRENT_PROFILE_VERSION = 2;
     public static String DEFAULT_DNS1 = "8.8.8.8";
     public static String DEFAULT_DNS2 = "8.8.4.4";
 
@@ -126,10 +127,13 @@ public class VpnProfile implements Serializable {
     // Public attributes, since I got mad with getter/setter
     // set members to default values
     private UUID mUuid;
+    public boolean mAllowLocalLAN;
+    private int mProfileVersion;
 
     public VpnProfile(String name) {
         mUuid = UUID.randomUUID();
         mName = name;
+        mProfileVersion = CURRENT_PROFILE_VERSION;
     }
 
     public static String openVpnEscape(String unescaped) {
@@ -153,6 +157,7 @@ public class VpnProfile implements Serializable {
         mUseDefaultRoutev6 = false;
         mExpectTLSCert = false;
         mPersistTun = false;
+        mAllowLocalLAN = true;
     }
 
     public UUID getUUID() {
@@ -166,6 +171,18 @@ public class VpnProfile implements Serializable {
         return mName;
     }
 
+    public void upgradeProfile(){
+        if(mProfileVersion< 2) {
+            /* default to the behaviour the OS used */
+            if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT)
+                mAllowLocalLAN = true;
+            else
+                mAllowLocalLAN = false;
+        }
+
+        mProfileVersion= CURRENT_PROFILE_VERSION;
+    }
+
     public String getConfigFile(Context context, boolean configForOvpn3) {
 
         File cacheDir = context.getCacheDir();
@@ -312,6 +329,11 @@ public class VpnProfile implements Serializable {
                 numroutes++;
             }
 
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT && !mAllowLocalLAN)
+            cfg+="redirect-private block-local\n";
+        else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && mAllowLocalLAN)
+            cfg+="redirect-private unblock-local\n";
+
 
         if (mUseDefaultRoutev6)
             cfg += "route-ipv6 ::/0\n";
-- 
cgit v1.2.3