android: Apply configured MTU
authorTobias Brunner <tobias@strongswan.org>
Tue, 16 Jun 2015 14:06:13 +0000 (16:06 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 28 Jul 2015 11:27:33 +0000 (13:27 +0200)
While it is stored as property of individual profiles it is really a
global setting because we currently don't support more than one
connection.

src/frontends/android/jni/libandroidbridge/backend/android_service.c
src/frontends/android/jni/libandroidbridge/charonservice.c
src/frontends/android/jni/libandroidbridge/charonservice.h
src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java

index b11e664..34fe4da 100644 (file)
@@ -32,8 +32,6 @@
 
 typedef struct private_android_service_t private_android_service_t;
 
-#define TUN_DEFAULT_MTU 1400
-
 /**
  * private data of Android service
  */
@@ -70,6 +68,11 @@ struct private_android_service_t {
        int tunfd;
 
        /**
+        * MTU of TUN device
+        */
+       int mtu;
+
+       /**
         * DNS proxy
         */
        android_dns_proxy_t *dns_proxy;
@@ -176,7 +179,7 @@ static job_requeue_t handle_plain(private_android_service_t *this)
                return JOB_REQUEUE_DIRECT;
        }
 
-       raw = chunk_alloc(TUN_DEFAULT_MTU);
+       raw = chunk_alloc(this->mtu);
        len = read(tunfd, raw.ptr, raw.len);
        if (len < 0)
        {
@@ -294,7 +297,7 @@ static bool setup_tun_device(private_android_service_t *this,
                return FALSE;
        }
        if (!add_routes(builder, child_sa) ||
-               !builder->set_mtu(builder, TUN_DEFAULT_MTU))
+               !builder->set_mtu(builder, this->mtu))
        {
                return FALSE;
        }
@@ -827,6 +830,7 @@ android_service_t *android_service_create(android_creds_t *creds,
                .settings = settings,
                .creds = creds,
                .tunfd = -1,
+               .mtu = settings->get_int(settings, "global.mtu", ANDROID_DEFAULT_MTU),
        );
        /* only allow queries for the VPN gateway */
        this->dns_proxy->add_hostname(this->dns_proxy,
index 5b4d649..f94da05 100644 (file)
@@ -44,7 +44,6 @@
 #define ANDROID_RETRASNMIT_TRIES 3
 #define ANDROID_RETRANSMIT_TIMEOUT 2.0
 #define ANDROID_RETRANSMIT_BASE 1.4
-#define ANDROID_FRAGMENT_SIZE 1400
 
 typedef struct private_charonservice_t private_charonservice_t;
 
@@ -409,6 +408,14 @@ static void initiate(settings_t *settings)
        lib->settings->set_str(lib->settings,
                                                "charon.plugins.tnc-imc.preferred_language",
                                                settings->get_str(settings, "global.language", "en"));
+       /* this is actually the size of the complete IKE/IP packet, so if the MTU
+        * for the TUN devices has to be reduced to pass traffic the IKE packets
+        * will be a bit smaller than necessary as there is no IPsec overhead like
+        * for the tunneled traffic (but compensating that seems like overkill) */
+       lib->settings->set_int(lib->settings,
+                                               "charon.fragment_size",
+                                               settings->get_int(settings, "global.mtu",
+                                                                                 ANDROID_DEFAULT_MTU));
 
        this->creds->clear(this->creds);
        DESTROY_IF(this->service);
@@ -467,8 +474,6 @@ static void set_options(char *logfile)
                                        "charon.retransmit_timeout", ANDROID_RETRANSMIT_TIMEOUT);
        lib->settings->set_double(lib->settings,
                                        "charon.retransmit_base", ANDROID_RETRANSMIT_BASE);
-       lib->settings->set_int(lib->settings,
-                                       "charon.fragment_size", ANDROID_FRAGMENT_SIZE);
        lib->settings->set_bool(lib->settings,
                                        "charon.initiator_only", TRUE);
        lib->settings->set_bool(lib->settings,
index 0c71d87..8cb68e0 100644 (file)
@@ -45,6 +45,11 @@ typedef enum android_imc_state_t android_imc_state_t;
 typedef struct charonservice_t charonservice_t;
 
 /**
+ * Default value for the MTU of TUN device and the size of IKE fragments
+ */
+#define ANDROID_DEFAULT_MTU 1400
+
+/**
  * VPN status codes. As defined in CharonVpnService.java
  */
 enum android_vpn_state_t {
index a79d9f8..ffe1449 100644 (file)
@@ -219,6 +219,7 @@ public class CharonVpnService extends VpnService implements Runnable
                                                        Log.i(TAG, "charon started");
                                                        SettingsWriter writer = new SettingsWriter();
                                                        writer.setValue("global.language", Locale.getDefault().getLanguage());
+                                                       writer.setValue("global.mtu", mCurrentProfile.getMTU());
                                                        writer.setValue("connection.type", mCurrentProfile.getVpnType().getIdentifier());
                                                        writer.setValue("connection.server", mCurrentProfile.getGateway());
                                                        writer.setValue("connection.username", mCurrentProfile.getUsername());