ui: port syspolicy handler code to new app (#304)

* ui: port syspolicy handler code to new app

port over https://github.com/tailscale/tailscale-android/pull/199 from cmd/tailscale and legacy_android to libtailscale and android/

Updates tailscale/corp#18202

Signed-off-by: kari-ts <kari@tailscale.com>

* android: PR suggestions for syspolicyHandler (#308)

Updates tailscale/corp#18202

Signed-off-by: Percy Wegmann <percy@tailscale.com>

---------

Signed-off-by: kari-ts <kari@tailscale.com>
Signed-off-by: Percy Wegmann <percy@tailscale.com>
Co-authored-by: Percy Wegmann <percy@tailscale.com>
pull/309/head
kari-ts 8 months ago committed by GitHub
parent a3638f9fc7
commit 6a00880f61
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -37,6 +37,7 @@ import androidx.core.app.NotificationCompat
import androidx.core.app.NotificationManagerCompat
import androidx.security.crypto.EncryptedSharedPreferences
import androidx.security.crypto.MasterKey
import com.tailscale.ipn.mdm.MDMSettings
import com.tailscale.ipn.ui.localapi.Client
import com.tailscale.ipn.ui.localapi.Request
import com.tailscale.ipn.ui.model.Ipn
@ -451,4 +452,18 @@ class App : Application(), libtailscale.AppContext {
return downloads
}
@Throws(IOException::class, GeneralSecurityException::class)
override fun getSyspolicyBooleanValue(key: String): Boolean {
return getSyspolicyStringValue(key) == "true"
}
@Throws(IOException::class, GeneralSecurityException::class)
override fun getSyspolicyStringValue(key: String): String {
return MDMSettings.allSettingsByKey[key]?.flow?.value?.toString()
?: run {
Log.d("MDM", "$key is not defined on Android. Returning empty.")
""
}
}
}

@ -57,6 +57,8 @@ object MDMSettings {
.map { it.call(MDMSettings) as MDMSetting<*> }
}
val allSettingsByKey by lazy { allSettings.associateBy { it.key } }
fun update(app: App, restrictionsManager: RestrictionsManager?) {
val bundle = restrictionsManager?.applicationRestrictions
allSettings.forEach { it.setFrom(bundle, app) }

@ -45,6 +45,12 @@ type AppContext interface {
// GetPlatformDNSConfig gets a string representation of the current DNS
// configuration.
GetPlatformDNSConfig() string
// GetSyspolicyStringValue returns the current string value for the given system policy.
GetSyspolicyStringValue(key string) (string, error)
// GetSyspolicyBooleanValue returns whether the given system policy is enabled.
GetSyspolicyBooleanValue(key string) (bool, error)
}
// IPNService corresponds to our IPNService in Java.

@ -0,0 +1,47 @@
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
package libtailscale
import (
"log"
"tailscale.com/util/syspolicy"
)
// syspolicyHandler is a syspolicy handler for the Android version of the Tailscale client,
// which lets the main networking code read values set via the Android RestrictionsManager.
type syspolicyHandler struct {
a *App
}
func (h syspolicyHandler) ReadString(key string) (string, error) {
if key == "" {
return "", syspolicy.ErrNoSuchKey
}
retVal, err := h.a.appCtx.GetSyspolicyStringValue(key)
if err != nil {
log.Printf("syspolicy: failed to get string value via gomobile: %v", err)
}
return retVal, err
}
func (h syspolicyHandler) ReadBoolean(key string) (bool, error) {
if key == "" {
return false, syspolicy.ErrNoSuchKey
}
retVal, err := h.a.appCtx.GetSyspolicyBooleanValue(key)
if err != nil {
log.Printf("syspolicy: failed to get bool value via gomobile: %v", err)
}
return retVal, err
}
func (h syspolicyHandler) ReadUInt64(key string) (uint64, error) {
if key == "" {
return 0, syspolicy.ErrNoSuchKey
}
// TODO(angott): drop ReadUInt64 everywhere. We are not using it.
log.Fatalf("ReadUInt64 is not implemented on Android")
return 0, nil
}

@ -18,6 +18,7 @@ import (
"tailscale.com/types/logger"
"tailscale.com/types/logid"
"tailscale.com/util/clientmetric"
"tailscale.com/util/syspolicy"
)
const defaultMTU = 1280 // minimalMTU from wgengine/userspace.go
@ -38,6 +39,7 @@ func newApp(dataDir, directFileRoot string, appCtx AppContext) Application {
a.store = newStateStore(a.appCtx)
interfaces.RegisterInterfaceGetter(a.getInterfaces)
syspolicy.RegisterHandler(syspolicyHandler{a: a})
go func() {
defer func() {
if p := recover(); p != nil {

Loading…
Cancel
Save