From 271d40978eb5885bdb894281bc201db100658f93 Mon Sep 17 00:00:00 2001 From: Elias Naur Date: Tue, 16 Jun 2020 12:09:30 +0200 Subject: [PATCH] java/com/tailscale/ipn: explicitly allow IPv4 and IPv6 traffic The VPNService.Builder object blocks traffic to IP families for which no route, local address, nor DNS are defined. The Tailscale tunnel doesn't cover all traffic, so both IP families should be kept open. Updates tailscale/tailscale#453 (maybe fixes it) Updates tailscale/tailscale#431 (another DNS problem) Signed-off-by: Elias Naur --- android/src/main/java/com/tailscale/ipn/IPNService.java | 6 +++++- cmd/tailscale/backend.go | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/android/src/main/java/com/tailscale/ipn/IPNService.java b/android/src/main/java/com/tailscale/ipn/IPNService.java index b5bbe9e..e2b0d1d 100644 --- a/android/src/main/java/com/tailscale/ipn/IPNService.java +++ b/android/src/main/java/com/tailscale/ipn/IPNService.java @@ -9,6 +9,7 @@ import android.app.PendingIntent; import android.app.NotificationChannel; import android.content.Intent; import android.net.VpnService; +import android.system.OsConstants; import org.gioui.GioActivity; @@ -56,7 +57,10 @@ public class IPNService extends VpnService { } protected VpnService.Builder newBuilder() { - return new VpnService.Builder().setConfigureIntent(configIntent()); + return new VpnService.Builder() + .setConfigureIntent(configIntent()) + .allowFamily(OsConstants.AF_INET) + .allowFamily(OsConstants.AF_INET6); } public void notify(String title, String message) { diff --git a/cmd/tailscale/backend.go b/cmd/tailscale/backend.go index 8e68a98..dd68e04 100644 --- a/cmd/tailscale/backend.go +++ b/cmd/tailscale/backend.go @@ -135,6 +135,8 @@ func (b *backend) updateTUN(service jni.Object, cfg *router.Config) error { } err := jni.Do(b.jvm, func(env jni.Env) error { cls := jni.GetObjectClass(env, service) + // Construct a VPNService.Builder. IPNService.newBuilder calls + // setConfigureIntent, and allowFamily for both IPv4 and IPv6. m := jni.GetMethodID(env, cls, "newBuilder", "()Landroid/net/VpnService$Builder;") builder, err := jni.CallObjectMethod(env, service, m) if err != nil {