archive
/
tailscale-android
mirror of https://github.com/tailscale/tailscale-android
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

cmd/tailscale: rebind magicsock.Conn onConnect (#126)

Browse Source 
We have been getting into routing loops due to the timing of when we
bind sockets on starting the tailscale app. At this point, we do
not have access to `VpnService.protect()` and are unable to protect
the magicsock sockets, which causes a routing loop issue until we
forcibly rebind about 10 minutes into the service being started.

This change causes a rebind when the service is started, which restores
connectivity in cases where the socket was unprotected.

Updates tailscale/corp#13814
pull/127/head
Charlotte Brandhorst-Satzkorn 1 year ago committed by GitHub
parent 88d006f6b9
commit aba683bb61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File

11
cmd/tailscale/main.go
Unescape Escape View File

@ -498,6 +498,17 @@ func (a *App) runBackend() error {
return nil // even on error. see big TODO above. return nil // even on error. see big TODO above.
}) })
}) })
log.Printf("onConnect: rebind required")
// TODO(catzkorn): When we start the android application
// we bind sockets before we have access to the VpnService.protect()
// function which is needed to avoid routing loops. When we activate
// the service we get access to the protect, but do not retrospectively
// protect the sockets already opened, which breaks connectivity.
// As a temporary fix, we rebind and protect the magicsock.Conn on connect
// which restores connectivity.
// See https://github.com/tailscale/corp/issues/13814
b.backend.DebugRebind()
service = s service = s
return nil return nil
}) })

Write Preview
Loading…
Cancel
Save