From 83a741a917e56f1d6079a95394f72a2c7cf709ed Mon Sep 17 00:00:00 2001
From: Arne Schwabe <arne@rfc2549.org>
Date: Sun, 2 Feb 2014 18:01:03 +0100
Subject: Implement bypassing the VPN when accessing local resources

---
 src/de/blinkt/openvpn/VpnProfile.java              | 22 ++++++++++++++++++++++
 src/de/blinkt/openvpn/core/ProfileManager.java     |  3 ++-
 .../blinkt/openvpn/fragments/Settings_Routing.java |  4 ++++
 3 files changed, 28 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/de/blinkt/openvpn/VpnProfile.java b/src/de/blinkt/openvpn/VpnProfile.java
index b016fb64..55a7d3e3 100644
--- a/src/de/blinkt/openvpn/VpnProfile.java
+++ b/src/de/blinkt/openvpn/VpnProfile.java
@@ -52,6 +52,7 @@ public class VpnProfile implements Serializable {
     private static final long serialVersionUID = 7085688938959334563L;
     private static final String OVPNCONFIGFILE = "android.conf";
     public static final int MAXLOGLEVEL = 4;
+    public static final int CURRENT_PROFILE_VERSION = 2;
     public static String DEFAULT_DNS1 = "8.8.8.8";
     public static String DEFAULT_DNS2 = "8.8.4.4";
 
@@ -126,10 +127,13 @@ public class VpnProfile implements Serializable {
     // Public attributes, since I got mad with getter/setter
     // set members to default values
     private UUID mUuid;
+    public boolean mAllowLocalLAN;
+    private int mProfileVersion;
 
     public VpnProfile(String name) {
         mUuid = UUID.randomUUID();
         mName = name;
+        mProfileVersion = CURRENT_PROFILE_VERSION;
     }
 
     public static String openVpnEscape(String unescaped) {
@@ -153,6 +157,7 @@ public class VpnProfile implements Serializable {
         mUseDefaultRoutev6 = false;
         mExpectTLSCert = false;
         mPersistTun = false;
+        mAllowLocalLAN = true;
     }
 
     public UUID getUUID() {
@@ -166,6 +171,18 @@ public class VpnProfile implements Serializable {
         return mName;
     }
 
+    public void upgradeProfile(){
+        if(mProfileVersion< 2) {
+            /* default to the behaviour the OS used */
+            if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT)
+                mAllowLocalLAN = true;
+            else
+                mAllowLocalLAN = false;
+        }
+
+        mProfileVersion= CURRENT_PROFILE_VERSION;
+    }
+
     public String getConfigFile(Context context, boolean configForOvpn3) {
 
         File cacheDir = context.getCacheDir();
@@ -312,6 +329,11 @@ public class VpnProfile implements Serializable {
                 numroutes++;
             }
 
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT && !mAllowLocalLAN)
+            cfg+="redirect-private block-local\n";
+        else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT && mAllowLocalLAN)
+            cfg+="redirect-private unblock-local\n";
+
 
         if (mUseDefaultRoutev6)
             cfg += "route-ipv6 ::/0\n";
diff --git a/src/de/blinkt/openvpn/core/ProfileManager.java b/src/de/blinkt/openvpn/core/ProfileManager.java
index a1dd8da5..4cfbcc8e 100644
--- a/src/de/blinkt/openvpn/core/ProfileManager.java
+++ b/src/de/blinkt/openvpn/core/ProfileManager.java
@@ -171,7 +171,8 @@ public class ProfileManager {
 				// Sanity check 
 				if(vp==null || vp.mName==null || vp.getUUID()==null)
 					continue;
-				
+
+                vp.upgradeProfile();
 				profiles.put(vp.getUUID().toString(), vp);
 
 			} catch (StreamCorruptedException e) {
diff --git a/src/de/blinkt/openvpn/fragments/Settings_Routing.java b/src/de/blinkt/openvpn/fragments/Settings_Routing.java
index 63b54bf3..7216e0ff 100644
--- a/src/de/blinkt/openvpn/fragments/Settings_Routing.java
+++ b/src/de/blinkt/openvpn/fragments/Settings_Routing.java
@@ -13,6 +13,7 @@ public class Settings_Routing extends OpenVpnPreferencesFragment implements OnPr
 	private EditTextPreference mCustomRoutesv6;
 	private CheckBoxPreference mUseDefaultRoutev6;
 	private CheckBoxPreference mRouteNoPull;
+    private CheckBoxPreference mLocalVPNAccess;
 
 	@Override
 	public void onCreate(Bundle savedInstanceState) {
@@ -25,6 +26,7 @@ public class Settings_Routing extends OpenVpnPreferencesFragment implements OnPr
 		mCustomRoutesv6 = (EditTextPreference) findPreference("customRoutesv6");
 		mUseDefaultRoutev6 = (CheckBoxPreference) findPreference("useDefaultRoutev6");
 		mRouteNoPull = (CheckBoxPreference) findPreference("routenopull");
+        mLocalVPNAccess = (CheckBoxPreference) findPreference("unblockLocal");
 
 		mCustomRoutes.setOnPreferenceChangeListener(this);
 		mCustomRoutesv6.setOnPreferenceChangeListener(this);
@@ -42,6 +44,7 @@ public class Settings_Routing extends OpenVpnPreferencesFragment implements OnPr
 		mCustomRoutesv6.setText(mProfile.mCustomRoutesv6);
 
 		mRouteNoPull.setChecked(mProfile.mRoutenopull);
+        mLocalVPNAccess.setChecked(mProfile.mAllowLocalLAN);
 
 		// Sets Summary
 		onPreferenceChange(mCustomRoutes, mCustomRoutes.getText());
@@ -57,6 +60,7 @@ public class Settings_Routing extends OpenVpnPreferencesFragment implements OnPr
 		mProfile.mCustomRoutes = mCustomRoutes.getText();
 		mProfile.mCustomRoutesv6 = mCustomRoutesv6.getText();
 		mProfile.mRoutenopull = mRouteNoPull.isChecked();
+        mProfile.mAllowLocalLAN =mLocalVPNAccess.isChecked();
 	}
 
 	@Override
-- 
cgit v1.2.3