diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2020-05-04 02:30:41 -0600 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2020-05-04 02:30:44 -0600 |
commit | 8e2d63db7556590201b75ec3cc0f728b48c8de40 (patch) | |
tree | 278353f4b05d598827a67bfdf32dbb54f8854a1a | |
parent | 3208bac9876e84b29b5b49a137d2f96e4d71514f (diff) |
tunnel: add windows-style killswitch semantics for GoBackend
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r-- | tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java b/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java index c859323b..9fafc918 100644 --- a/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java +++ b/tunnel/src/main/java/com/wireguard/android/backend/GoBackend.java @@ -9,6 +9,7 @@ import android.content.Context; import android.content.Intent; import android.os.Build; import android.os.ParcelFileDescriptor; +import android.system.OsConstants; import android.util.Log; import com.wireguard.android.backend.BackendException.Reason; @@ -202,9 +203,19 @@ public final class GoBackend implements Backend { for (final InetAddress addr : config.getInterface().getDnsServers()) builder.addDnsServer(addr.getHostAddress()); + boolean sawDefaultRoute = false; for (final Peer peer : config.getPeers()) { - for (final InetNetwork addr : peer.getAllowedIps()) + for (final InetNetwork addr : peer.getAllowedIps()) { + if (addr.getMask() == 0) + sawDefaultRoute = true; builder.addRoute(addr.getAddress(), addr.getMask()); + } + } + + // "Kill-switch" semantics + if (!(sawDefaultRoute && config.getPeers().size() == 1)) { + builder.allowFamily(OsConstants.AF_INET); + builder.allowFamily(OsConstants.AF_INET6); } builder.setMtu(config.getInterface().getMtu().orElse(1280)); |