android: Use keyingtries=%forever and dpd|closeaction=restart
authorTobias Brunner <tobias@strongswan.org>
Tue, 16 Oct 2012 09:50:53 +0000 (11:50 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 18 Oct 2012 08:57:55 +0000 (10:57 +0200)
We also ignore the CHILD_SA_DOWN event.

This should allow us to keep the connection up as long as the user does
not manually disconnect.

src/frontends/android/jni/libandroidbridge/backend/android_service.c
src/frontends/android/src/org/strongswan/android/logic/CharonVpnService.java

index 83eed02..d451a3d 100644 (file)
@@ -470,7 +470,7 @@ static job_requeue_t initiate(private_android_service_t *this)
        ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 
        peer_cfg = peer_cfg_create("android", IKEV2, ike_cfg, CERT_SEND_IF_ASKED,
-                                                          UNIQUE_REPLACE, 1, /* keyingtries */
+                                                          UNIQUE_REPLACE, 0, /* keyingtries */
                                                           36000, 0, /* rekey 10h, reauth none */
                                                           600, 600, /* jitter, over 10min */
                                                           TRUE, FALSE, /* mobike, aggressive */
@@ -522,8 +522,8 @@ static job_requeue_t initiate(private_android_service_t *this)
        peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
 
        child_cfg = child_cfg_create("android", &lifetime, NULL, TRUE, MODE_TUNNEL,
-                                                                ACTION_NONE, ACTION_NONE, ACTION_NONE, FALSE,
-                                                                0, 0, NULL, NULL, 0);
+                                                                ACTION_NONE, ACTION_RESTART, ACTION_RESTART,
+                                                                FALSE, 0, 0, NULL, NULL, 0);
        /* create an ESP proposal with the algorithms currently supported by
         * libipsec, no PFS for now */
        child_cfg->add_proposal(child_cfg, proposal_create_from_string(PROTO_ESP,
index b4236f6..02db8c4 100644 (file)
@@ -329,15 +329,7 @@ public class CharonVpnService extends VpnService implements Runnable
                switch (status)
                {
                        case STATE_CHILD_SA_DOWN:
-                               synchronized (mServiceLock)
-                               {
-                                       /* if we are not actively disconnecting we assume the remote terminated
-                                        * the connection and call disconnect() to deinitialize charon properly */
-                                       if (mService != null && !mIsDisconnecting)
-                                       {
-                                               mService.disconnect();
-                                       }
-                               }
+                               /* we ignore this as we use closeaction=restart */
                                break;
                        case STATE_CHILD_SA_UP:
                                setState(State.CONNECTED);