diff options
author | Arne Schwabe | 2014-10-07 22:10:50 +0200 |
---|---|---|
committer | Gert Doering | 2014-10-07 22:18:04 +0200 |
commit | 5ca1d70fa030d4344e4b64a28811a6aab091e0d2 (patch) | |
tree | 4c662b8b6744672268c192af64c19a43221922a9 | |
parent | f33ee6bcb12fdc3869b17b7c528a209f16581e2e (diff) | |
download | openvpn-5ca1d70fa030d4344e4b64a28811a6aab091e0d2.zip openvpn-5ca1d70fa030d4344e4b64a28811a6aab091e0d2.tar.gz |
Add documentation for PERSIST_TUN_ACTION (Android specific)
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1412712650-5173-1-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9090
Signed-off-by: Gert Doering <gert@greenie.muc.de>
-rw-r--r-- | doc/android.txt | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/doc/android.txt b/doc/android.txt index 871e399..137edfc 100644 --- a/doc/android.txt +++ b/doc/android.txt @@ -2,7 +2,7 @@ This file documents the support in OpenVPN for Android 4.0 and up. This support is primarily used in the "OpenVPN for Android" app (http://code.google.com/p/ics-openvpn/). For building see the developer -README: http://code.google.com/p/ics-openvpn/source/browse/README.txt. +README: http://code.google.com/p/ics-openvpn/source/browse/doc/README.txt. Android provides the VPNService API (http://developer.android.com/reference/android/net/VpnService.html) @@ -55,6 +55,21 @@ To set the DNS server and search domain. The GUI will then respond with a "needok 'command' ok' or "needok 'command' cancel', e.g. "needok 'IFCONFIG' ok". +PERSIST_TUN_ACTION + +In Android 4.4-4.4.2 a bug exists that does not allow to open a new tun fd +while a tun fd is still open. When OpenVPN wants to open an fd it will do +this query. The UI should compare the last configuration of +the tun device with the current tun configuration and reply with either (or +always respond with OPEN_AFTER_BEFORE/OPEN_BEFORE_CLOSE) + +- NOACTION: Keep using the old fd +- OPEN_AFTER_CLOSE: First close the old fd and then open a new to workaround the bug +- OPEN_BEFORE_CLOSE: the normal behaviour when the VPN configuration changed + +For example the UI could respond with +needok 'PERSIST_TUN_ACTION' OPEN_AFTER_CLOSE + To protect a socket the OpenVPN will send a PROTECTFD to the UI. When sending the PROTECTFD command command to the UI it will send the fd of the socket as ancillary message over the UNIX socket. |