archive
/
tailscale-android
mirror of https://github.com/tailscale/tailscale-android
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
angott/gradle-8.6-update
angott/l10n-it
jonathan/docker_make
kari/shrink
kari/note
release-branch/1.66
kari/noteforeground
ox/reenable_quick_settings
percy/psychic_quicksettings
jonathan/bump_oss
kari/209
kari/213
kari/intentcrash
kari/notifbutton
jonathan/build_apk
kari/em
jonathan/remember-exit-node
revert-336-kari/defaultroute
bradfitz/docs
jonathan/auth_keys
kari/unanimate
kari/tlpub
jonathan/compose_previews
kari/1.65.1
jonathan/machine_auth
release-branch/1.64
jonathan/decorate_settings
jonathan/accssibility
jonathan/corp-19070
phirework/unstable-64
jonathan/androidTV
ox/move_admin_account_info
ox/allow_lan_access_toggle
jonathan/cleanup
jonathan/runasexitnode
jonathan/intro_screen
jonathan/switch-state
ox/detectlogin
ox/styling_bak
kari/keystore
kari/conncolor
kari/closesearch
kari/logout
kari/googlesignin
kari/toggle
ox/exit_node_clickable
ox/taildrop
ox/eng-2988
kari/fixvpn
kari/fixconnect
kari/ktfmtgradle
raggi/builds3
kari/newbuild
kari/newbackend
oxtoacart/remove_dead_code
oxtoacart/reactive_exit_node_bak
kari/connect
jonathan/mdm-debug
knyar/unstable
knyar/makefile
oxtoacart/android-nextgen-infra
raggi/buildport
kari/buildnewapp
kari/newapp
kari/editprefsvialocalapi
release-branch/1.60
kari/exitnodeui
kari/goversion
kari/17470
kari/loginvialocalapi
kari/bugreportvialocalapi
oxtocart/bugreportvialocalapi_codereview_suggestion
kari/unstable-1.58
catzkorn/notag
catzkorn/menu
release-branch/1.58
oxtoacart/gomobilepoc
kari/bump-oss
kari-bottomsheetTNL
release-branch/1.56
release-branch/1.54
version
release-branch/1.52
bradfitz/sharer_or_user
raggi/emulator
release-branch/1.48
maisem/bumposs
catzkorn/fixit
raggi/assert-goroot
catzkorn/routing
raggi/destructivepurege
bradfitz/authkey_intent
raggi/tailscale-version-workspace
release-branch/1.46
dns
unstable1_47
release-branch/1.44
karilam/7875
revert-86-feature/preference-toggles
release-branch/1.42
bradfitz/tsd_fix
bradfitz/bump_tscom
bradfitz/dns_google
bradfitz/shared_user_dev
release-branch/1.40
mihaip/readme
mihaip/build-tags
mihaip/flush
release-branch/1.38
release-branch/1.36
googlehome
gio
sonos
release-branch/1.34
release-branch/1.32
raggi/vader
release-branch/1.30
release-branch/1.28
release-branch/1.26
release-branch/1.24
bradfitz/netstack_localbackend
bradfitz/android_studio
bradfitz/firedoc
release-branch/1.22
bradfitz/tidy
release-branch/1.20
bradfitz/corp_dns_setting
bradfitz/allow_lan
bradfitz/bump_target
bradfitz/be_exit_node
bradfitz/bugreport
bradfitz/make_darwin
bradfitz/gorev
bradfitz/qr_firestick
release-branch/1.18
release-branch/1.16
release-branch/1.14
always-on
release-branch/1.12
notification
file-share
bradfitz/netns
bradfitz/1.9
split-dns-1695
1.66.3-teae73f821-g63a2bbc8e71
1.67.13-t7b3e30f39-g46cdbb7b9b2
1.67.13-t7b3e30f39-gb587bc2a18c
1.67.12-t79b2d425c-gff4ce8d9346
1.65.192-te968b0ecd-g48543799b1a
1.65.182-t80df8ffb8-g6a15347453c
1.65.167-t258b5042f-g5c494450af4
1.65.4-t7a77a2edf-gfab2f183b34
1.64.0-t78dc8622d-gfd2ca6fa940
1.63.93-t1fbaf2610-ge0020f8c4bf
1.58.2-tb0e1bbb62-gcd1f0649958
1.57.72-tca48db0d6-gdcca09fe7f8
1.56.0-tf51793b90-g49ed1df6cc9
1.55.148-t86aa0485a-g5ef7bbaff0a
1.55.47-tb88929edf-g0a44d50e8b0
1.54.0-tc82fd1256-g8e8e1d0f76a
1.53.115-t6cce5fe00-gab4a672a4eb
1.51.207-t35d7b3aa2-g3a305b158ca
1.48.2-tab970fe55-g52607bf35ef
1.48.0-t77c732357-g388b71affe8
1.44.1-ta377e1363-g584245cc823
1.44.0-tb3138a71a-gfcf1b101b70
1.43.55-tc783f2822-g0ccb93e1156
1.42.0-tab797f0ab-gccfe73ba474
1.41.69-te3cb98213-g38061656a57
1.40.0-t9bdaece3d-ge0ba590be3e
1.39.194-te3b2250e2-gaa32919ac3d
1.39.174-t280255aca-g1a4a0884663
1.39.138-tcef0a474f-ga5346dcc26a
1.38.2-t3db61d07c-g30af1bea6c7
1.39.35-t731688e5c-gdf47a609279
1.38.2-t3db61d07c-g3a45784fce8
1.38.1-t3eeff9e7f-g8725a9e98e2
1.37.262-t047b32493-g814cd3c43a9
1.37.259-tb64d78d58-gd53da4ac65e
1.36.2-t0438c67e2-gd4f0ac0b58c
1.37.108-t01d58c9b6-g813b770cdf7
1.36.1-t576b08e5e-g28a435b67d6
1.36.0-tab998de98-g9ccba36ca1b
1.35.165-t2df38b1fe-gf643488f7a1
1.35.158-tb657187a6-g9562c27766e
1.34.2-tc5ef9103d-g4727c9c4b63
1.35.108-t692eac23a-g365b0ce6b0e
1.35.108-t692eac23a-g30e46fb8545
1.35.80-t237f030cd-gfd874ed58e9
1.34.1-t331d553a5-g14e42b2de7e
1.35.5-t4b34c8842-gc5e20b297c0
1.34.0-t988801d5d-gca20b46c925
1.33.385-t86b6ff61e-g80b896e71cd
1.33.299-t300aba61a-g1181155b7d1
1.32.3-t9dd89b8c2-g79fdccd8e3e
1.33.97-t81fd25913-g26e72f15efe
1.32.2-t54e8fa172-gd9ef1cad8ab
1.33.21-t63ad49890-g80dfbd8a0c5
1.33.20-t899b4cae1-g185cc3dd8f9
1.32.0-tfc688fe02-g13fc35a8bd5
1.31.167-t6d76764f3-g5ed3921ad62
1.31.84-t42f1d92ae-g03970952d53
1.30.2-t118545749-g9d01824d01f
1.30.2-t118545749-gb1033503280
1.31.40-t2aade349f-g033f7d87b43
1.31.40-t2aade349f-g5d209e6122b
1.30.1-t949c40030-gda453c0f676
1.30.0-t0b00b7a13-gdbd2b98eaea
1.29.194-t70f9fc8c7-gd0812b9476b
1.29.183-te4b5b92b8-gc9d2b97402e
1.29.175-t472529af3-gac01ced297a
v1.10.2-36fe8addc39-g31f2cfa9c9c
1.29.72-tb905db7a5-g9e6ef85d269
1.29.70-tc06758c83-g140149ef876
1.29.70-tc06758c83-g34ae6109d03
1.29.0-t3c892d106-g42f688f1292
1.28.0-taabca3a4c-gd900a87f4b4
1.27.81-t755396d6f-g21ea21f4f03
1.26.2-t5a60f1ffe-g4b32a50bc96
1.27.69-t9584d8aa7-g7abc94c4eae
1.27.57-t06aa14163-gbc1b0e24950
1.27.57-t06aa14163-g4fa037b636b
1.27.24-t467eb2eca-g0c11377ca10
1.26.1-t5b81baa7d-gd2fd1453038
1.26.1-t5b81baa7d-g2ac46a95b0f
1.26.0-t9fc6551b4-g3502f448874
1.26.0-t9fc6551b4-g0ed48c78500
1.25.91-tfc5839864-g1845f173179
1.25.35-te3619b890-ge66e57fbb08
1.24.2-tdce2409b1-gb8ed6272bdb
1.24.2-tdce2409b1-gc32eb8e27e8-dirty
1.24.2-tdce2409b1-gc32eb8e27e8
1.24.0-tf0e71f4a2-g772e6ae6f06
1.23.238-t695f8a1d7-gbd5ef3fd68d
1.23.238-t695f8a1d7-g60f461e5e79
1.23.237-t53588f632-g94762403ce1
1.23.230-t13f75b966-gb8af14c0098
1.23.210-tc13be0c50-g3f8df48d23d
1.23.192-tc591c9165-g4ccafba8f7f
1.23.152-t9f604f2bd-gcc70ae7aa62
1.23.148-t7c7f37342-gb4f8e7f90a4
1.23.53-t012098ec3-gb0f1428443e
1.23.53-t012098ec3-g7203980ecc8
1.22.0-t4e0b00ad8-g56cf5b6132d
1.21.114-te921e1b02-g4a1c0cb2ee7
1.21.112-td19a63ddf-g5868fdb7b04
1.21.52-taaba49ca1-g467ddfc6052-dirty
1.21.52-taaba49ca1-g467ddfc6052
1.20.2-t8e643357d-ge1751fa2802
1.21.24-t0ada42684-g213009e9af5
1.21.8-t8cf1af8a0-g6b83c6ae21f
1.20.0-t958917dce-gdbbb71c2e39
1.19.190-tc5243562d-g039124db792
1.19.190-tc5243562d-g14b849f0e85-dirty
1.19.189-t1a4e8da08-g1be9000a6ac-dirty
1.18.2-tb04815c9c-g08e1f97a38e
1.19.127-tcced414c7-ga3d2dc95dbc
1.19.127-tcced414c7-gc63656926aa
1.19.116-t878a20df2-gb2665ab2ff5
1.19.111-te34ba3223-gca696b116ce
1.18.0-t71f1dd5aa-g6e464cc68f9
1.17.235-t773af7292-gda175ba2212
1.17.205-td6dde5a1a-gdb53a314eb3
1.17.191-t0532eb30d-g0ecb2a25874
1.16.2-tb56ba2054-g377795b3b67
1.17.81-tc60806b55-g61f90a1975b
1.16.1-t4f4000fbe-g0e7d23df47d
1.17.52-t9af27ba82-g82ea8df1dc8
1.16.0-tb0f4f3161-g2840d54aade
1.16.0-tb0f4f3161-gf0dcec6c275-dirty
1.15.210-tbabd163aa-g9b52c6b357b
1.14.6-tdfc4042ec-gb1b53ce7b58
1.15.196-t173bbaa1a-g0637d599af4
1.15.191-t52737c14a-g75ef65dd501
1.15.3-t1925fb584-g7aa8ae9a47e
1.14.0-t62a458f7f-gff91342ecc8
1.14.0-t62a458f7f-g0f6f5a30323
1.13.116-t0ac213059-gae2df120327
1.13.73-t954867fef-g3e299e873d8
1.13.53-t8bdf87883-g30324736c98
1.13.53-t8bdf87883-g15a27d2336b
1.13.52-t360223fcc-g18e6fe24db7
1.13.52-t360223fcc-gd81f8a03b65-dirty
1.13.42-tfd7b738e5-ga68462ec65f
1.12.3-t2be791762-gf6ecdd058da
1.12.3-t2be791762-g2ea501279cf
1.13.19-td37451bac-g82b6b8dbd36
1.13.19-td37451bac-g0f46117f9c0
1.13.6-tf414a9cc0-gd98827df030
1.13.6-f414a9cc01f-gf59e53e41d8
1.12.1-1d7592eb117-g1fc94ccf979
1.12.1-1d7592eb117-gf4742b7d907
1.11.151-d145c594ad6-g7b2e61e80cd
1.11.151-d145c594ad6-g7ebedfd62a9
1.11.151-d145c594ad6-g7a00ad639b4
1.11.151-d145c594ad6-g20c35d55f57
1.11.109-798b0da4703-g480b1a62eb2
1.11.109-798b0da4703-g4d32c6da4f6-dirty
1.11.106-1bb6abc604c-g2c1f35d5607
1.11.106-1bb6abc604c-g27283a8bb0a
v1.10.2-36fe8addc39-g74a18b3359b
v1.10.1-cd3fd076cc7-gadfcedb0972
v1.10.1-cd3fd076cc7-gad31a689393
v1.10.0-405ea978f8b-g242c936b2cd
v1.10.0-405ea978f8b-g10ded1bad29
v1.10.0-405ea978f8b-ge8f2409cb3d-dirty
v1.10.0-405ea978f8b-g6c005dab135-dirty
v1.10.0-405ea978f8b-g47b732aaab1
v1.10.0-t405ea978f-g07616236fc2
v1.10.0-t405ea978f-g5bb36e740cf
v-g2f7b27412a0
v1.8.6-t28a8f9c90-g04890797712
v-g90351e73923
v1.8.6-t28a8f9c90-gff16a75a65c
v1.8.3-td0e86b08c-g8ea1d4ced73
v1.8.3-td0e86b08c-g06e461d7038
v1.6.0-tddc975fcb-g05212e770b0
v1.6.0-tddc975fcb-ge2d731dbbab
v1.6.0-tddc975fcb-g05ddfd5d90e
v1.4.5-tb89c65304-gd3e0b420939
v1.4.4-t64a9656c0-g3e758d0fe21
v1.4.0-t3d7cff91b-g33cf7c0aa19
v1.4.0-t3d7cff91b-gc4f626c5a79
v1.3.267-t9936cffc1-g96e2661764c
v1.2.2-t76c2982d8-gc26c3b0a3
v1.2.2-t76c2982d8-gb981aa576
v1.2.2-t76c2982d8-g8daee9c43
v1.2.2-t76c2982d8-g33a953fb2
v1.2.2-t76c2982d8-gf2c035a8b
v1.2.2-t76c2982d8-g97a826d11
v0.1.21
v0.1.20
v0.1.19
v0.1.18
v0.1.17
v0.1.16
v0.1.15
v0.1.14
v0.1.13
v0.1.11
v0.1.10
1.60.1-t2caffeeb4-g6f7ae79a31c
1.66.0-te2a0fc0bc-g6bd50e8026d
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v1.2.2-t76c2982d8-g39dfd8495
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b42117791'
${ noResults }
tailscale-android/cmd/tailscale/main.go

1455 lines
38 KiB
Go
Raw Blame History

// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main
import (
"context"
"crypto/rand"
"crypto/sha1"
"encoding/hex"
"errors"
"fmt"
"io"
"log"
"mime"
"net"
"net/http"
"net/netip"
"net/url"
"os"
"path/filepath"
"sort"
"strings"
"sync/atomic"
"time"
"unsafe"
"gioui.org/app"
"gioui.org/io/key"
"gioui.org/io/system"
"gioui.org/layout"
"gioui.org/op"
"inet.af/netaddr"
"github.com/tailscale/tailscale-android/jni"
"tailscale.com/client/tailscale/apitype"
"tailscale.com/hostinfo"
"tailscale.com/ipn"
"tailscale.com/ipn/ipnlocal"
"tailscale.com/net/dns"
"tailscale.com/net/interfaces"
"tailscale.com/net/netns"
"tailscale.com/paths"
"tailscale.com/tailcfg"
"tailscale.com/types/netmap"
"tailscale.com/wgengine/router"
)
type App struct {
jvm *jni.JVM
// appCtx is a global reference to the com.tailscale.ipn.App instance.
appCtx jni.Object
store *stateStore
logIDPublicAtomic atomic.Value // of string
// netStates receives the most recent network state.
netStates chan BackendState
// prefs receives new preferences from the backend.
prefs chan *ipn.Prefs
// browseURLs receives URLs when the backend wants to browse.
browseURLs chan string
// targetsLoaded receives lists of file targets.
targetsLoaded chan FileTargets
// invalidates receives whenever the window should be refreshed.
invalidates chan struct{}
}
var (
// googleClass is a global reference to the com.tailscale.ipn.Google class.
googleClass jni.Class
)
type FileTargets struct {
Targets []*apitype.FileTarget
Err error
}
type File struct {
Type FileType
Name string
Size int64
MIMEType string
// URI of the file, valid if Type is FileTypeURI.
URI string
// Text is the content of the file, if Type is FileTypeText.
Text string
}
// FileSendInfo describes the state of an ongoing file send operation.
type FileSendInfo struct {
State FileSendState
// Progress tracks the progress of the transfer from 0.0 to 1.0. Valid
// only when State is FileSendStarted.
Progress float64
}
type clientState struct {
browseURL string
backend BackendState
// query is the search query, in lowercase.
query string
Peers []UIPeer
}
type FileType uint8
// FileType constants are known to IPNActivity.java.
const (
FileTypeText FileType = 1
FileTypeURI FileType = 2
)
type ExitStatus uint8
const (
// No exit node selected.
ExitNone ExitStatus = iota
// Exit node selected and exists, but is offline or missing.
ExitOffline
// Exit node selected and online.
ExitOnline
)
type FileSendState uint8
const (
FileSendNotStarted FileSendState = iota
FileSendConnecting
FileSendTransferring
FileSendComplete
FileSendFailed
)
type Peer struct {
Label string
Online bool
ID tailcfg.StableNodeID
}
type BackendState struct {
Prefs *ipn.Prefs
State ipn.State
NetworkMap *netmap.NetworkMap
LostInternet bool
// Exits are the peers that can act as exit node.
Exits []Peer
// ExitState describes the state of our exit node.
ExitStatus ExitStatus
// Exit is our current exit node, if any.
Exit Peer
}
// UIEvent is an event flowing from the UI to the backend.
type UIEvent interface{}
type RouteAllEvent struct {
ID tailcfg.StableNodeID
}
type ConnectEvent struct {
Enable bool
}
type CopyEvent struct {
Text string
}
type SearchEvent struct {
Query string
}
type OAuth2Event struct {
Token *tailcfg.Oauth2Token
}
type FileSendEvent struct {
Target *apitype.FileTarget
Context context.Context
Updates func(FileSendInfo)
}
type SetLoginServerEvent struct {
URL string
}
// UIEvent types.
type (
ToggleEvent struct{}
ReauthEvent struct{}
BugEvent struct{}
WebAuthEvent struct{}
GoogleAuthEvent struct{}
LogoutEvent struct{}
OSSLicensesEvent struct{}
BeExitNodeEvent bool
ExitAllowLANEvent bool
)
// serverOAuthID is the OAuth ID of the tailscale-android server, used
// by GoogleSignInOptions.Builder.requestIdToken.
const serverOAuthID = "744055068597-hv4opg0h7vskq1hv37nq3u26t8c15qk0.apps.googleusercontent.com"
// releaseCertFingerprint is the SHA-1 fingerprint of the Google Play Store signing key.
// It is used to check whether the app is signed for release.
const releaseCertFingerprint = "86:9D:11:8B:63:1E:F8:35:C6:D9:C2:66:53:BC:28:22:2F:B8:C1:AE"
// backendEvents receives events from the UI (Activity, Tile etc.) to the backend.
var backendEvents = make(chan UIEvent)
func main() {
a := &App{
jvm: (*jni.JVM)(unsafe.Pointer(app.JavaVM())),
appCtx: jni.Object(app.AppContext()),
netStates: make(chan BackendState, 1),
browseURLs: make(chan string, 1),
prefs: make(chan *ipn.Prefs, 1),
targetsLoaded: make(chan FileTargets, 1),
invalidates: make(chan struct{}, 1),
}
err := jni.Do(a.jvm, func(env *jni.Env) error {
loader := jni.ClassLoaderFor(env, a.appCtx)
cl, err := jni.LoadClass(env, loader, "com.tailscale.ipn.Google")
if err != nil {
// Ignore load errors; the Google class is not included in F-Droid builds.
return nil
}
googleClass = jni.Class(jni.NewGlobalRef(env, jni.Object(cl)))
return nil
})
if err != nil {
fatalErr(err)
}
a.store = newStateStore(a.jvm, a.appCtx)
interfaces.RegisterInterfaceGetter(a.getInterfaces)
go func() {
if err := a.runBackend(); err != nil {
fatalErr(err)
}
}()
go func() {
if err := a.runUI(); err != nil {
fatalErr(err)
}
}()
app.Main()
}
func (a *App) runBackend() error {
appDir, err := app.DataDir()
if err != nil {
fatalErr(err)
}
paths.AppSharedDir.Store(appDir)
hostinfo.SetOSVersion(a.osVersion())
if !googleSignInEnabled() {
hostinfo.SetPackage("nogoogle")
}
deviceModel := a.modelName()
if a.isChromeOS() {
deviceModel = "ChromeOS: " + deviceModel
}
hostinfo.SetDeviceModel(deviceModel)
type configPair struct {
rcfg *router.Config
dcfg *dns.OSConfig
}
configs := make(chan configPair)
configErrs := make(chan error)
b, err := newBackend(appDir, a.jvm, a.appCtx, a.store, func(rcfg *router.Config, dcfg *dns.OSConfig) error {
if rcfg == nil {
return nil
}
configs <- configPair{rcfg, dcfg}
return <-configErrs
})
if err != nil {
return err
}
a.logIDPublicAtomic.Store(b.logIDPublic)
defer b.CloseTUNs()
// Contrary to the documentation for VpnService.Builder.addDnsServer,
// ChromeOS doesn't fall back to the underlying network nameservers if
// we don't provide any.
b.avoidEmptyDNS = a.isChromeOS()
var timer *time.Timer
var alarmChan <-chan time.Time
alarm := func(t *time.Timer) {
if timer != nil {
timer.Stop()
}
timer = t
if timer != nil {
alarmChan = timer.C
}
}
notifications := make(chan ipn.Notify, 1)
startErr := make(chan error)
// Start from a goroutine to avoid deadlock when Start
// calls the callback.
go func() {
startErr <- b.Start(func(n ipn.Notify) {
notifications <- n
})
}()
var (
cfg configPair
state BackendState
service jni.Object // of IPNService
signingIn bool
)
var (
waitingFilesDone = make(chan struct{})
waitingFiles bool
processingFiles bool
)
processFiles := func() {
if !waitingFiles || processingFiles {
return
}
processingFiles = true
waitingFiles = false
go func() {
if err := a.processWaitingFiles(b.backend); err != nil {
log.Printf("processWaitingFiles: %v", err)
}
waitingFilesDone <- struct{}{}
}()
}
for {
select {
case err := <-startErr:
if err != nil {
return err
}
case <-waitingFilesDone:
processingFiles = false
processFiles()
case s := <-configs:
cfg = s
if b == nil || service == 0 || cfg.rcfg == nil {
configErrs <- nil
break
}
configErrs <- b.updateTUN(service, cfg.rcfg, cfg.dcfg)
case n := <-notifications:
exitWasOnline := state.ExitStatus == ExitOnline
if p := n.Prefs; p != nil && n.Prefs.Valid() {
state.Prefs = p.AsStruct()
state.updateExitNodes()
a.setPrefs(state.Prefs)
}
first := state.Prefs == nil
if first {
state.Prefs = ipn.NewPrefs()
state.Prefs.Hostname = a.hostname()
go b.backend.SetPrefs(state.Prefs)
a.setPrefs(state.Prefs)
}
if s := n.State; s != nil {
oldState := state.State
state.State = *s
if service != 0 {
if cfg.rcfg != nil && state.State >= ipn.Starting {
if err := b.updateTUN(service, cfg.rcfg, cfg.dcfg); err != nil {
if errors.Is(err, errMultipleUsers) {
a.pushNotify(service, "Multiple Users", multipleUsersText)
}
log.Printf("VPN update failed: %v", err)
notifyVPNClosed()
}
} else {
b.CloseTUNs()
}
}
// Stop VPN if we logged out.
if oldState > ipn.Stopped && state.State <= ipn.Stopped {
if err := a.callVoidMethod(a.appCtx, "stopVPN", "()V"); err != nil {
fatalErr(err)
}
}
a.notify(state)
if service != 0 {
a.updateNotification(service, state.State, state.ExitStatus, state.Exit)
}
}
if u := n.BrowseToURL; u != nil {
signingIn = false
a.setURL(*u)
}
if m := n.NetMap; m != nil {
state.NetworkMap = m
state.updateExitNodes()
a.notify(state)
if service != 0 {
alarm(a.notifyExpiry(service, m.Expiry))
}
}
// Notify if a previously online exit is not longer online (or missing).
if service != 0 && exitWasOnline && state.ExitStatus == ExitOffline {
a.pushNotify(service, "Connection Lost", "Your exit node is offline. Disable your exit node or contact your network admin for help.")
}
targets, err := b.backend.FileTargets()
if err != nil {
// Construct a user-visible error message.
if b.backend.State() != ipn.Running {
err = fmt.Errorf("Not connected to tailscale")
} else {
err = fmt.Errorf("Failed to load device list")
}
}
a.targetsLoaded <- FileTargets{targets, err}
waitingFiles = n.FilesWaiting != nil
processFiles()
case <-onWriteStorageGranted:
processFiles()
case <-alarmChan:
if m := state.NetworkMap; m != nil && service != 0 {
alarm(a.notifyExpiry(service, m.Expiry))
}
case e := <-backendEvents:
switch e := e.(type) {
case OAuth2Event:
go b.backend.Login(e.Token)
case ToggleEvent:
state.Prefs.WantRunning = !state.Prefs.WantRunning
go b.backend.SetPrefs(state.Prefs)
case BeExitNodeEvent:
state.Prefs.SetAdvertiseExitNode(bool(e))
go b.backend.SetPrefs(state.Prefs)
case ExitAllowLANEvent:
state.Prefs.ExitNodeAllowLANAccess = bool(e)
go b.backend.SetPrefs(state.Prefs)
case WebAuthEvent:
if !signingIn {
go b.backend.StartLoginInteractive()
signingIn = true
}
case SetLoginServerEvent:
state.Prefs.ControlURL = e.URL
b.backend.SetPrefs(state.Prefs)
// Need to restart to force the login URL to be regenerated
// with the new control URL. Start from a goroutine to avoid
// deadlock.
go func() {
err := b.backend.Start(ipn.Options{})
if err != nil {
fatalErr(err)
}
}()
case LogoutEvent:
go func() {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
defer cancel()
b.backend.Logout(ctx)
}()
case ConnectEvent:
state.Prefs.WantRunning = e.Enable
go b.backend.SetPrefs(state.Prefs)
case RouteAllEvent:
state.Prefs.ExitNodeID = e.ID
go b.backend.SetPrefs(state.Prefs)
state.updateExitNodes()
a.notify(state)
if service != 0 {
a.updateNotification(service, state.State, state.ExitStatus, state.Exit)
}
}
case s := <-onConnect:
jni.Do(a.jvm, func(env *jni.Env) error {
if jni.IsSameObject(env, s, service) {
// We already have a reference.
jni.DeleteGlobalRef(env, s)
return nil
}
if service != 0 {
jni.DeleteGlobalRef(env, service)
}
netns.SetAndroidProtectFunc(func(fd int) error {
return jni.Do(a.jvm, func(env *jni.Env) error {
// Call https://developer.android.com/reference/android/net/VpnService#protect(int)
// to mark fd as a socket that should bypass the VPN and use the underlying network.
cls := jni.GetObjectClass(env, s)
m := jni.GetMethodID(env, cls, "protect", "(I)Z")
ok, err := jni.CallBooleanMethod(env, s, m, jni.Value(fd))
// TODO(bradfitz): return an error back up to netns if this fails, once
// we've had some experience with this and analyzed the logs over a wide
// range of Android phones. For now we're being paranoid and conservative
// and do the JNI call to protect best effort, only logging if it fails.
// The risk of returning an error is that it breaks users on some Android
// versions even when they're not using exit nodes. I'd rather the
// relatively few number of exit node users file bug reports if Tailscale
// doesn't work and then we can look for this log print.
if err != nil || !ok {
log.Printf("[unexpected] VpnService.protect(%d) = %v, %v", fd, ok, err)
}
return nil // even on error. see big TODO above.
})
})
log.Printf("onConnect: rebind required")
// TODO(catzkorn): When we start the android application
// we bind sockets before we have access to the VpnService.protect()
// function which is needed to avoid routing loops. When we activate
// the service we get access to the protect, but do not retrospectively
// protect the sockets already opened, which breaks connectivity.
// As a temporary fix, we rebind and protect the magicsock.Conn on connect
// which restores connectivity.
// See https://github.com/tailscale/corp/issues/13814
b.backend.DebugRebind()
service = s
return nil
})
a.updateNotification(service, state.State, state.ExitStatus, state.Exit)
if m := state.NetworkMap; m != nil {
alarm(a.notifyExpiry(service, m.Expiry))
}
if cfg.rcfg != nil && state.State >= ipn.Starting {
if err := b.updateTUN(service, cfg.rcfg, cfg.dcfg); err != nil {
log.Printf("VPN update failed: %v", err)
notifyVPNClosed()
}
}
case s := <-onDisconnect:
b.CloseTUNs()
jni.Do(a.jvm, func(env *jni.Env) error {
defer jni.DeleteGlobalRef(env, s)
if jni.IsSameObject(env, service, s) {
netns.SetAndroidProtectFunc(nil)
jni.DeleteGlobalRef(env, service)
service = 0
}
return nil
})
if state.State >= ipn.Starting {
notifyVPNClosed()
}
case <-onDNSConfigChanged:
if b != nil {
go b.NetworkChanged()
}
a.notify(state)
}
}
}
func (a *App) processWaitingFiles(b *ipnlocal.LocalBackend) error {
files, err := b.WaitingFiles()
if err != nil {
return err
}
var aerr error
for _, f := range files {
if err := a.downloadFile(b, f); err != nil && aerr == nil {
aerr = err
}
}
return aerr
}
func (a *App) downloadFile(b *ipnlocal.LocalBackend, f apitype.WaitingFile) (cerr error) {
in, _, err := b.OpenFile(f.Name)
if err != nil {
return err
}
defer in.Close()
ext := filepath.Ext(f.Name)
mimeType := mime.TypeByExtension(ext)
var mediaURI string
err = jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
insertMedia := jni.GetMethodID(env, cls, "insertMedia", "(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;")
jname := jni.JavaString(env, f.Name)
jmime := jni.JavaString(env, mimeType)
uri, err := jni.CallObjectMethod(env, a.appCtx, insertMedia, jni.Value(jname), jni.Value(jmime))
if err != nil {
return err
}
mediaURI = jni.GoString(env, jni.String(uri))
return nil
})
if err != nil {
return fmt.Errorf("insertMedia: %w", err)
}
deleteURI := func(uri string) error {
return jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "deleteUri", "(Ljava/lang/String;)V")
juri := jni.JavaString(env, uri)
return jni.CallVoidMethod(env, a.appCtx, m, jni.Value(juri))
})
}
out, err := a.openURI(mediaURI, "w")
if err != nil {
deleteURI(mediaURI)
return fmt.Errorf("openUri: %w", err)
}
if _, err := io.Copy(out, in); err != nil {
deleteURI(mediaURI)
return fmt.Errorf("copy: %w", err)
}
if err := out.Close(); err != nil {
deleteURI(mediaURI)
return fmt.Errorf("close: %w", err)
}
if err := a.notifyFile(mediaURI, f.Name); err != nil {
fatalErr(err)
}
return b.DeleteFile(f.Name)
}
// openURI calls a.appCtx.getContentResolver().openFileDescriptor on uri and
// mode and returns the detached file descriptor.
func (a *App) openURI(uri, mode string) (*os.File, error) {
var f *os.File
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
openURI := jni.GetMethodID(env, cls, "openUri", "(Ljava/lang/String;Ljava/lang/String;)I")
juri := jni.JavaString(env, uri)
jmode := jni.JavaString(env, mode)
fd, err := jni.CallIntMethod(env, a.appCtx, openURI, jni.Value(juri), jni.Value(jmode))
if err != nil {
return err
}
f = os.NewFile(uintptr(fd), "media-store")
return nil
})
return f, err
}
func (a *App) isChromeOS() bool {
var chromeOS bool
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "isChromeOS", "()Z")
b, err := jni.CallBooleanMethod(env, a.appCtx, m)
chromeOS = b
return err
})
if err != nil {
panic(err)
}
return chromeOS
}
func (s *BackendState) updateExitNodes() {
s.ExitStatus = ExitNone
var exitID tailcfg.StableNodeID
if p := s.Prefs; p != nil {
exitID = p.ExitNodeID
if exitID != "" {
s.ExitStatus = ExitOffline
}
}
hasMyExit := exitID == ""
s.Exits = nil
var peers []tailcfg.NodeView
if s.NetworkMap != nil {
peers = s.NetworkMap.Peers
}
for _, p := range peers {
canRoute := false
for i := range p.AllowedIPs().LenIter() {
r := p.AllowedIPs().At(i)
if r == netip.MustParsePrefix("0.0.0.0/0") || r == netip.MustParsePrefix("::/0") {
canRoute = true
break
}
}
myExit := p.StableID() == exitID
hasMyExit = hasMyExit || myExit
exit := Peer{
Label: p.DisplayName(true),
Online: canRoute,
ID: p.StableID(),
}
if myExit {
s.Exit = exit
if canRoute {
s.ExitStatus = ExitOnline
}
}
if canRoute || myExit {
s.Exits = append(s.Exits, exit)
}
}
sort.Slice(s.Exits, func(i, j int) bool {
return s.Exits[i].Label < s.Exits[j].Label
})
if !hasMyExit {
// Insert node missing from netmap.
s.Exit = Peer{Label: "Unknown device", ID: exitID}
s.Exits = append([]Peer{s.Exit}, s.Exits...)
}
}
// hostname builds a hostname from android.os.Build fields, in place of a
// useless os.Hostname().
func (a *App) hostname() string {
var hostname string
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
getHostname := jni.GetMethodID(env, cls, "getHostname", "()Ljava/lang/String;")
n, err := jni.CallObjectMethod(env, a.appCtx, getHostname)
hostname = jni.GoString(env, jni.String(n))
return err
})
if err != nil {
panic(err)
}
return hostname
}
// osVersion returns android.os.Build.VERSION.RELEASE. " [nogoogle]" is appended
// if Google Play services are not compiled in.
func (a *App) osVersion() string {
var version string
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "getOSVersion", "()Ljava/lang/String;")
n, err := jni.CallObjectMethod(env, a.appCtx, m)
version = jni.GoString(env, jni.String(n))
return err
})
if err != nil {
panic(err)
}
return version
}
// modelName return the MANUFACTURER + MODEL from
// android.os.Build.
func (a *App) modelName() string {
var model string
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "getModelName", "()Ljava/lang/String;")
n, err := jni.CallObjectMethod(env, a.appCtx, m)
model = jni.GoString(env, jni.String(n))
return err
})
if err != nil {
panic(err)
}
return model
}
func googleSignInEnabled() bool {
return googleClass != 0
}
// updateNotification updates the foreground persistent status notification.
func (a *App) updateNotification(service jni.Object, state ipn.State, exitStatus ExitStatus, exit Peer) error {
var msg, title string
switch state {
case ipn.Starting:
title, msg = "Connecting...", ""
case ipn.Running:
title = "Connected"
switch exitStatus {
case ExitOnline:
msg = fmt.Sprintf("Exit node: %s", exit.Label)
default:
msg = ""
}
default:
return nil
}
return jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, service)
update := jni.GetMethodID(env, cls, "updateStatusNotification", "(Ljava/lang/String;Ljava/lang/String;)V")
jtitle := jni.JavaString(env, title)
jmessage := jni.JavaString(env, msg)
return jni.CallVoidMethod(env, service, update, jni.Value(jtitle), jni.Value(jmessage))
})
}
// notifyExpiry notifies the user of imminent session expiry and
// returns a new timer that triggers when the user should be notified
// again.
func (a *App) notifyExpiry(service jni.Object, expiry time.Time) *time.Timer {
if expiry.IsZero() {
return nil
}
d := time.Until(expiry)
var title string
const msg = "Reauthenticate to maintain the connection to your network."
var t *time.Timer
const (
aday = 24 * time.Hour
soon = 5 * time.Minute
)
switch {
case d <= 0:
title = "Your authentication has expired!"
case d <= soon:
title = "Your authentication expires soon!"
t = time.NewTimer(d)
case d <= aday:
title = "Your authentication expires in a day."
t = time.NewTimer(d - soon)
default:
return time.NewTimer(d - aday)
}
if err := a.pushNotify(service, title, msg); err != nil {
fatalErr(err)
}
return t
}
func (a *App) notifyFile(uri, msg string) error {
return jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
notify := jni.GetMethodID(env, cls, "notifyFile", "(Ljava/lang/String;Ljava/lang/String;)V")
juri := jni.JavaString(env, uri)
jmsg := jni.JavaString(env, msg)
return jni.CallVoidMethod(env, a.appCtx, notify, jni.Value(juri), jni.Value(jmsg))
})
}
func (a *App) pushNotify(service jni.Object, title, msg string) error {
return jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, service)
notify := jni.GetMethodID(env, cls, "notify", "(Ljava/lang/String;Ljava/lang/String;)V")
jtitle := jni.JavaString(env, title)
jmessage := jni.JavaString(env, msg)
return jni.CallVoidMethod(env, service, notify, jni.Value(jtitle), jni.Value(jmessage))
})
}
func (a *App) notify(state BackendState) {
select {
case <-a.netStates:
default:
}
a.netStates <- state
ready := jni.Bool(state.State >= ipn.Stopped)
if err := a.callVoidMethod(a.appCtx, "setTileReady", "(Z)V", jni.Value(ready)); err != nil {
fatalErr(err)
}
}
func (a *App) setPrefs(prefs *ipn.Prefs) {
wantRunning := jni.Bool(prefs.WantRunning)
if err := a.callVoidMethod(a.appCtx, "setTileStatus", "(Z)V", jni.Value(wantRunning)); err != nil {
fatalErr(err)
}
select {
case <-a.prefs:
default:
}
a.prefs <- prefs
}
func (a *App) setURL(url string) {
select {
case <-a.browseURLs:
default:
}
a.browseURLs <- url
}
func (a *App) runUI() error {
w := app.NewWindow()
ui, err := newUI(a.store)
if err != nil {
return err
}
var ops op.Ops
state := new(clientState)
var (
// activity is the most recent Android Activity reference as reported
// by Gio ViewEvents.
activity jni.Object
// files is list of files from the most recent file sharing intent.
files []File
)
deleteActivityRef := func() {
if activity == 0 {
return
}
jni.Do(a.jvm, func(env *jni.Env) error {
jni.DeleteGlobalRef(env, activity)
return nil
})
activity = 0
}
defer deleteActivityRef()
for {
select {
case <-onVPNClosed:
requestBackend(ConnectEvent{Enable: false})
case tok := <-onGoogleToken:
ui.signinType = noSignin
if tok != "" {
requestBackend(OAuth2Event{
Token: &tailcfg.Oauth2Token{
AccessToken: tok,
TokenType: ipn.GoogleIDTokenType,
},
})
} else {
// Warn about possible debug certificate.
if !a.isReleaseSigned() {
ui.ShowMessage("Google Sign-In failed because the app is not signed for Play Store")
w.Invalidate()
}
}
case p := <-a.prefs:
ui.enabled.Value = p.WantRunning
ui.runningExit = p.AdvertisesExitNode()
ui.exitLAN.Value = p.ExitNodeAllowLANAccess
w.Invalidate()
case url := <-a.browseURLs:
ui.signinType = noSignin
if a.isTV() {
ui.ShowQRCode(url)
} else {
state.browseURL = url
}
w.Invalidate()
a.updateState(activity, state)
case newState := <-a.netStates:
oldState := state.backend.State
state.backend = newState
a.updateState(activity, state)
w.Invalidate()
if activity != 0 {
newState := state.backend.State
// Start VPN if we just logged in.
if oldState <= ipn.Stopped && newState > ipn.Stopped {
if err := a.prepareVPN(activity); err != nil {
fatalErr(err)
}
}
}
case <-onVPNPrepared:
if state.backend.State > ipn.Stopped {
if err := a.callVoidMethod(a.appCtx, "startVPN", "()V"); err != nil {
return err
}
if activity != 0 {
if err := a.callVoidMethod(a.appCtx, "requestWriteStoragePermission", "(Landroid/app/Activity;)V", jni.Value(activity)); err != nil {
return err
}
}
}
case <-onVPNRevoked:
ui.ShowMessage("VPN access denied or another VPN service is always-on")
w.Invalidate()
case files = <-onFileShare:
ui.ShowShareDialog()
w.Invalidate()
case t := <-a.targetsLoaded:
ui.FillShareDialog(t.Targets, t.Err)
w.Invalidate()
case <-a.invalidates:
w.Invalidate()
case e := <-w.Events():
switch e := e.(type) {
case app.ViewEvent:
deleteActivityRef()
view := jni.Object(e.View)
if view == 0 {
break
}
activity = a.contextForView(view)
w.Invalidate()
a.attachPeer(activity)
if state.backend.State > ipn.Stopped {
if err := a.prepareVPN(activity); err != nil {
return err
}
}
case system.DestroyEvent:
return e.Err
case key.Event:
if e.Name == key.NameBack {
if ui.onBack() {
w.Invalidate()
}
}
case system.FrameEvent:
ins := e.Insets
e.Insets = system.Insets{}
gtx := layout.NewContext(&ops, e)
events := ui.layout(gtx, ins, state)
e.Frame(gtx.Ops)
a.processUIEvents(w, events, activity, state, files)
}
}
}
}
func (a *App) isTV() bool {
var istv bool
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "isTV", "()Z")
b, err := jni.CallBooleanMethod(env, a.appCtx, m)
istv = b
return err
})
if err != nil {
fatalErr(err)
}
return istv
}
// isReleaseSigned reports whether the app is signed with a release
// signature.
func (a *App) isReleaseSigned() bool {
var cert []byte
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "getPackageCertificate", "()[B")
str, err := jni.CallObjectMethod(env, a.appCtx, m)
if err != nil {
return err
}
cert = jni.GetByteArrayElements(env, jni.ByteArray(str))
return nil
})
if err != nil {
fatalErr(err)
}
h := sha1.New()
h.Write(cert)
fingerprint := h.Sum(nil)
hex := fmt.Sprintf("%x", fingerprint)
// Strip colons and convert to lower case to ease comparing.
wantFingerprint := strings.ReplaceAll(strings.ToLower(releaseCertFingerprint), ":", "")
return hex == wantFingerprint
}
// attachPeer registers an Android Fragment instance for
// handling onActivityResult callbacks.
func (a *App) attachPeer(act jni.Object) {
err := a.callVoidMethod(a.appCtx, "attachPeer", "(Landroid/app/Activity;)V", jni.Value(act))
if err != nil {
fatalErr(err)
}
}
func (a *App) updateState(act jni.Object, state *clientState) {
if act != 0 && state.browseURL != "" {
a.browseToURL(act, state.browseURL)
state.browseURL = ""
}
netmap := state.backend.NetworkMap
var (
peers []tailcfg.NodeView
myID tailcfg.UserID
)
if netmap != nil {
peers = netmap.Peers
myID = netmap.User()
}
// Split into sections.
users := make(map[tailcfg.UserID]struct{})
var uiPeers []UIPeer
for _, p := range peers {
if p.Hostinfo().Valid() && p.Hostinfo().ShareeNode() {
// Don't show nodes that only exist in the netmap because they're
// owned by somebody the user shared a node with. We can't see their
// details (including their name) anyway, so there's nothing
// interesting to render.
continue
}
if q := state.query; q != "" {
// Filter peers according to search query.
host := strings.ToLower(p.Hostinfo().Hostname())
name := strings.ToLower(p.Name())
var addr string
if p.Addresses().Len() > 0 {
addr = p.Addresses().At(0).Addr().String()
}
if !strings.Contains(host, q) && !strings.Contains(name, q) && !strings.Contains(addr, q) {
continue
}
}
uid := p.SharerOrUser()
users[uid] = struct{}{}
uiPeers = append(uiPeers, UIPeer{
Owner: uid,
Peer: p.AsStruct(),
})
}
// Add section (user) headers.
for u := range users {
name := netmap.UserProfiles[u].DisplayName
name = strings.ToUpper(name)
uiPeers = append(uiPeers, UIPeer{Owner: u, Name: name})
}
sort.Slice(uiPeers, func(i, j int) bool {
lhs, rhs := uiPeers[i], uiPeers[j]
if lu, ru := lhs.Owner, rhs.Owner; ru != lu {
// Sort own peers first.
if lu == myID {
return true
}
if ru == myID {
return false
}
return lu < ru
}
lp, rp := lhs.Peer, rhs.Peer
// Sort headers first.
if lp == nil {
return true
}
if rp == nil {
return false
}
lName := lp.DisplayName(lp.User == myID)
rName := rp.DisplayName(rp.User == myID)
return lName < rName || lName == rName && lp.ID < rp.ID
})
state.Peers = uiPeers
}
func (a *App) prepareVPN(act jni.Object) error {
return a.callVoidMethod(a.appCtx, "prepareVPN", "(Landroid/app/Activity;I)V",
jni.Value(act), jni.Value(requestPrepareVPN))
}
func requestBackend(e UIEvent) {
go func() {
backendEvents <- e
}()
}
func (a *App) processUIEvents(w *app.Window, events []UIEvent, act jni.Object, state *clientState, files []File) {
for _, e := range events {
switch e := e.(type) {
case ReauthEvent:
method, _ := a.store.ReadString(loginMethodPrefKey, loginMethodWeb)
switch method {
case loginMethodGoogle:
a.googleSignIn(act)
default:
requestBackend(WebAuthEvent{})
}
case BugEvent:
backendLogID, _ := a.logIDPublicAtomic.Load().(string)
logMarker := fmt.Sprintf("BUG-%v-%v-%v", backendLogID, time.Now().UTC().Format("20060102150405Z"), randHex(8))
log.Printf("user bugreport: %s", logMarker)
w.WriteClipboard(logMarker)
case BeExitNodeEvent:
requestBackend(e)
case ExitAllowLANEvent:
requestBackend(e)
case WebAuthEvent:
a.store.WriteString(loginMethodPrefKey, loginMethodWeb)
requestBackend(e)
case SetLoginServerEvent:
a.store.WriteString(customLoginServerPrefKey, e.URL)
requestBackend(e)
case LogoutEvent:
a.signOut()
requestBackend(e)
case ConnectEvent:
requestBackend(e)
case RouteAllEvent:
requestBackend(e)
case CopyEvent:
w.WriteClipboard(e.Text)
case GoogleAuthEvent:
a.store.WriteString(loginMethodPrefKey, loginMethodGoogle)
a.googleSignIn(act)
case SearchEvent:
state.query = strings.ToLower(e.Query)
a.updateState(act, state)
case FileSendEvent:
a.sendFiles(e, files)
case OSSLicensesEvent:
a.setURL("https://tailscale.com/licenses/android")
}
}
}
func (a *App) sendFiles(e FileSendEvent, files []File) {
go func() {
var totalSize int64
for _, f := range files {
totalSize += f.Size
}
if totalSize == 0 {
totalSize = 1
}
var totalSent int64
progress := func(n int64) {
totalSent += n
e.Updates(FileSendInfo{
State: FileSendTransferring,
Progress: float64(totalSent) / float64(totalSize),
})
a.invalidate()
}
defer a.invalidate()
for _, f := range files {
if err := a.sendFile(e.Context, e.Target, f, progress); err != nil {
if errors.Is(err, context.Canceled) {
return
}
e.Updates(FileSendInfo{
State: FileSendFailed,
})
return
}
}
e.Updates(FileSendInfo{
State: FileSendComplete,
})
}()
}
func (a *App) invalidate() {
select {
case a.invalidates <- struct{}{}:
default:
}
}
func (a *App) sendFile(ctx context.Context, target *apitype.FileTarget, f File, progress func(n int64)) error {
var body io.Reader
switch f.Type {
case FileTypeText:
body = strings.NewReader(f.Text)
case FileTypeURI:
f, err := a.openURI(f.URI, "r")
if err != nil {
return err
}
defer f.Close()
body = f
default:
panic("unknown file type")
}
body = &progressReader{r: body, size: f.Size, progress: progress}
dstURL := target.PeerAPIURL + "/v0/put/" + url.PathEscape(f.Name)
req, err := http.NewRequestWithContext(ctx, "PUT", dstURL, body)
if err != nil {
return err
}
req.ContentLength = f.Size
res, err := http.DefaultClient.Do(req)
if err != nil {
return err
}
defer res.Body.Close()
if res.StatusCode != 200 {
return fmt.Errorf("PUT failed: %s", res.Status)
}
return nil
}
// progressReader wraps an io.Reader to call a progress function
// on every non-zero Read.
type progressReader struct {
r io.Reader
bytes int64
size int64
eof bool
progress func(n int64)
}
func (r *progressReader) Read(p []byte) (int, error) {
n, err := r.r.Read(p)
// The request body may be read after http.Client.Do returns, see
// https://github.com/golang/go/issues/30597. Don't update progress if the
// file has been read.
r.eof = r.eof || errors.Is(err, io.EOF)
if !r.eof && r.bytes < r.size {
r.progress(int64(n))
r.bytes += int64(n)
}
return n, err
}
func (a *App) signOut() {
if googleClass == 0 {
return
}
err := jni.Do(a.jvm, func(env *jni.Env) error {
m := jni.GetStaticMethodID(env, googleClass,
"googleSignOut", "(Landroid/content/Context;)V")
return jni.CallStaticVoidMethod(env, googleClass, m, jni.Value(a.appCtx))
})
if err != nil {
fatalErr(err)
}
}
func (a *App) googleSignIn(act jni.Object) {
if act == 0 || googleClass == 0 {
return
}
err := jni.Do(a.jvm, func(env *jni.Env) error {
sid := jni.JavaString(env, serverOAuthID)
m := jni.GetStaticMethodID(env, googleClass,
"googleSignIn", "(Landroid/app/Activity;Ljava/lang/String;I)V")
return jni.CallStaticVoidMethod(env, googleClass, m,
jni.Value(act), jni.Value(sid), jni.Value(requestSignin))
})
if err != nil {
fatalErr(err)
}
}
func (a *App) browseToURL(act jni.Object, url string) {
if act == 0 {
return
}
err := jni.Do(a.jvm, func(env *jni.Env) error {
jurl := jni.JavaString(env, url)
return a.callVoidMethod(a.appCtx, "showURL", "(Landroid/app/Activity;Ljava/lang/String;)V", jni.Value(act), jni.Value(jurl))
})
if err != nil {
fatalErr(err)
}
}
func (a *App) callVoidMethod(obj jni.Object, name, sig string, args ...jni.Value) error {
if obj == 0 {
panic("invalid object")
}
return jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, obj)
m := jni.GetMethodID(env, cls, name, sig)
return jni.CallVoidMethod(env, obj, m, args...)
})
}
// activityForView calls View.getContext and returns a global
// reference to the result.
func (a *App) contextForView(view jni.Object) jni.Object {
if view == 0 {
panic("invalid object")
}
var ctx jni.Object
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, view)
m := jni.GetMethodID(env, cls, "getContext", "()Landroid/content/Context;")
var err error
ctx, err = jni.CallObjectMethod(env, view, m)
ctx = jni.NewGlobalRef(env, ctx)
return err
})
if err != nil {
panic(err)
}
return ctx
}
// Report interfaces in the device in net.Interface format.
func (a *App) getInterfaces() ([]interfaces.Interface, error) {
var ifaceString string
err := jni.Do(a.jvm, func(env *jni.Env) error {
cls := jni.GetObjectClass(env, a.appCtx)
m := jni.GetMethodID(env, cls, "getInterfacesAsString", "()Ljava/lang/String;")
n, err := jni.CallObjectMethod(env, a.appCtx, m)
ifaceString = jni.GoString(env, jni.String(n))
return err
})
var ifaces []interfaces.Interface
if err != nil {
return ifaces, err
}
for _, iface := range strings.Split(ifaceString, "\n") {
// Example of the strings we're processing:
// wlan0 30 1500 true true false false true | fe80::2f60:2c82:4163:8389%wlan0/64 10.1.10.131/24
// r_rmnet_data0 21 1500 true false false false false | fe80::9318:6093:d1ad:ba7f%r_rmnet_data0/64
// mnet_data2 12 1500 true false false false false | fe80::3c8c:44dc:46a9:9907%rmnet_data2/64
if strings.TrimSpace(iface) == "" {
continue
}
fields := strings.Split(iface, "|")
if len(fields) != 2 {
log.Printf("getInterfaces: unable to split %q", iface)
continue
}
var name string
var index, mtu int
var up, broadcast, loopback, pointToPoint, multicast bool
_, err := fmt.Sscanf(fields[0], "%s %d %d %t %t %t %t %t",
&name, &index, &mtu, &up, &broadcast, &loopback, &pointToPoint, &multicast)
if err != nil {
log.Printf("getInterfaces: unable to parse %q: %v", iface, err)
continue
}
newIf := interfaces.Interface{
Interface: &net.Interface{
Name: name,
Index: index,
MTU: mtu,
},
AltAddrs: []net.Addr{}, // non-nil to avoid Go using netlink
}
if up {
newIf.Flags |= net.FlagUp
}
if broadcast {
newIf.Flags |= net.FlagBroadcast
}
if loopback {
newIf.Flags |= net.FlagLoopback
}
if pointToPoint {
newIf.Flags |= net.FlagPointToPoint
}
if multicast {
newIf.Flags |= net.FlagMulticast
}
addrs := strings.Trim(fields[1], " \n")
for _, addr := range strings.Split(addrs, " ") {
ip, err := netaddr.ParseIPPrefix(addr)
if err == nil {
newIf.AltAddrs = append(newIf.AltAddrs, ip.IPNet())
}
}
ifaces = append(ifaces, newIf)
}
return ifaces, nil
}
func fatalErr(err error) {
// TODO: expose in UI.
log.Printf("fatal error: %v", err)
}
func randHex(n int) string {
b := make([]byte, n)
rand.Read(b)
return hex.EncodeToString(b)
}
const multipleUsersText = "Tailscale can't start due to an Android bug when multiple users are present on this device. " +
"Please see https://tailscale.com/s/multi-user-bug for more information."
Reference in New Issue View Git Blame Copy Permalink