summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2020-05-04 02:30:41 -0600
committerJason A. Donenfeld <Jason@zx2c4.com>2020-05-04 02:30:44 -0600
commit8e2d63db7556590201b75ec3cc0f728b48c8de40 (patch)
tree278353f4b05d598827a67bfdf32dbb54f8854a1a
parent3208bac9876e84b29b5b49a137d2f96e4d71514f (diff)
tunnel: add windows-style killswitch semantics for GoBackend
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java13
1 files changed, 12 insertions, 1 deletions
diff --git a/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java b/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java
index c859323b..9fafc918 100644
--- a/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java
+++ b/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java
@@ -9,6 +9,7 @@ import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.os.ParcelFileDescriptor;
+import android.system.OsConstants;
import android.util.Log;
import com.wireguard.android.backend.BackendException.Reason;
@@ -202,9 +203,19 @@ public final class GoBackend implements Backend {
for (final InetAddress addr : config.getInterface().getDnsServers())
builder.addDnsServer(addr.getHostAddress());
+ boolean sawDefaultRoute = false;
for (final Peer peer : config.getPeers()) {
- for (final InetNetwork addr : peer.getAllowedIps())
+ for (final InetNetwork addr : peer.getAllowedIps()) {
+ if (addr.getMask() == 0)
+ sawDefaultRoute = true;
builder.addRoute(addr.getAddress(), addr.getMask());
+ }
+ }
+
+ // "Kill-switch" semantics
+ if (!(sawDefaultRoute && config.getPeers().size() == 1)) {
+ builder.allowFamily(OsConstants.AF_INET);
+ builder.allowFamily(OsConstants.AF_INET6);
}
builder.setMtu(config.getInterface().getMtu().orElse(1280));