archive
/
tailscale-android
mirror of https://github.com/tailscale/tailscale-android
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
kari/loadfiles
kari/insttest
release-branch/1.76
kari/undocode
kari/tkalockedout
kari/androidlogs
release-branch/1.74
kari/toolchain
revert-482-main
release-branch/1.72
jonathan/bump_fix
angott/magicdns-privatedns-warn
jwhited/revert-gvisor-gro
angott/dot-915
release-branch/1.70
jonathan/bump_oss
release-branch/1.68
jonathan/npe_crash_1
angott/l10n-it
release-branch/1.66
ox/reenable_quick_settings
percy/psychic_quicksettings
jonathan/build_apk
jonathan/remember-exit-node
bradfitz/docs
jonathan/auth_keys
jonathan/compose_previews
jonathan/machine_auth
release-branch/1.64
jonathan/decorate_settings
jonathan/corp-19070
phirework/unstable-64
jonathan/androidTV
ox/move_admin_account_info
ox/allow_lan_access_toggle
jonathan/cleanup
jonathan/runasexitnode
jonathan/intro_screen
jonathan/switch-state
ox/detectlogin
ox/styling_bak
ox/exit_node_clickable
ox/taildrop
ox/eng-2988
raggi/builds3
oxtoacart/remove_dead_code
oxtoacart/reactive_exit_node_bak
jonathan/mdm-debug
knyar/unstable
knyar/makefile
oxtoacart/android-nextgen-infra
raggi/buildport
release-branch/1.60
oxtocart/bugreportvialocalapi_codereview_suggestion
kari/unstable-1.58
catzkorn/notag
catzkorn/menu
release-branch/1.58
oxtoacart/gomobilepoc
release-branch/1.56
release-branch/1.54
version
release-branch/1.52
bradfitz/sharer_or_user
raggi/emulator
release-branch/1.48
maisem/bumposs
catzkorn/fixit
raggi/assert-goroot
catzkorn/routing
raggi/destructivepurege
bradfitz/authkey_intent
raggi/tailscale-version-workspace
release-branch/1.46
dns
unstable1_47
release-branch/1.44
revert-86-feature/preference-toggles
release-branch/1.42
bradfitz/tsd_fix
bradfitz/bump_tscom
bradfitz/dns_google
bradfitz/shared_user_dev
release-branch/1.40
mihaip/readme
mihaip/build-tags
mihaip/flush
release-branch/1.38
release-branch/1.36
googlehome
gio
sonos
release-branch/1.34
release-branch/1.32
raggi/vader
release-branch/1.30
release-branch/1.28
release-branch/1.26
release-branch/1.24
bradfitz/netstack_localbackend
bradfitz/android_studio
bradfitz/firedoc
release-branch/1.22
bradfitz/tidy
release-branch/1.20
bradfitz/corp_dns_setting
bradfitz/allow_lan
bradfitz/bump_target
bradfitz/be_exit_node
bradfitz/bugreport
bradfitz/make_darwin
bradfitz/gorev
bradfitz/qr_firestick
release-branch/1.18
release-branch/1.16
release-branch/1.14
always-on
release-branch/1.12
notification
file-share
bradfitz/netns
bradfitz/1.9
split-dns-1695
1.76.2-t088d78591-gfafffd2aeba
1.76.1-t24929f6b6-ga20b1114dd5
1.76.0-t51fb4ce51-g5f19730c7a4
1.74.1-t0ca17be4a-gafa257e57b7
1.75.11-t8b962f23d-gf07d419a125
1.75.4-t124ff3b03-g001e79546c2
1.75.3-tafec2d41b-gffbc556cde8
1.75.2-t93f61aa4c-gfe6f9c6110a
1.75.2-t93f61aa4c-ge195def5e23
1.73.114-t0970615b1-gab7ab737364
1.73.104-te7b5e8c8c-g161457b99b5
1.73.69-ta584d04f8-gd94125e7670
1.73.0-t1e8f8ee5f-ga843c93669f
1.71.135-tccf091e4a-g7e5e0f25cf6
1.71.72-t1ed958fe2-g2a32ed1f301
1.70.0-td601f16e1-g6deb61a20e5
1.68.2-tc79c500c7-g242d97ac2ac
1.69.75-t27033c627-gb6cacdfd6a2
1.68.1-t92eacec73-g4a5d087d56d
1.68.0-t52ddf0d01-g4528ee61760
1.67.105-t916c4db75-g0e82e54ffb6
1.66.3-teae73f821-g63a2bbc8e71
1.67.13-t7b3e30f39-g46cdbb7b9b2
1.67.13-t7b3e30f39-gb587bc2a18c
1.67.12-t79b2d425c-gff4ce8d9346
1.65.192-te968b0ecd-g48543799b1a
1.65.192-te968b0ecd-g7f66c373eaf-dirty
1.65.182-t80df8ffb8-g6a15347453c
1.65.167-t258b5042f-g5c494450af4
1.65.4-t7a77a2edf-gfab2f183b34
1.64.0-t78dc8622d-gfd2ca6fa940
1.63.93-t1fbaf2610-ge0020f8c4bf
1.57.100-t8250582fe-g9e8dfbb2ab0
1.58.2-tb0e1bbb62-gcd1f0649958
1.57.72-tca48db0d6-gdcca09fe7f8
1.56.0-tf51793b90-g49ed1df6cc9
1.55.148-t86aa0485a-g5ef7bbaff0a
1.55.47-tb88929edf-g0a44d50e8b0
1.54.0-tc82fd1256-g8e8e1d0f76a
1.53.115-t6cce5fe00-gab4a672a4eb
1.51.207-t35d7b3aa2-g3a305b158ca
1.48.2-tab970fe55-g52607bf35ef
1.48.0-t77c732357-g388b71affe8
1.44.1-ta377e1363-g584245cc823
1.44.0-tb3138a71a-gfcf1b101b70
1.43.55-tc783f2822-g0ccb93e1156
1.42.0-tab797f0ab-gccfe73ba474
1.41.69-te3cb98213-g38061656a57
1.40.0-t9bdaece3d-ge0ba590be3e
1.39.194-te3b2250e2-gaa32919ac3d
1.39.174-t280255aca-g1a4a0884663
1.39.138-tcef0a474f-ga5346dcc26a
1.38.2-t3db61d07c-g30af1bea6c7
1.39.35-t731688e5c-gdf47a609279
1.38.2-t3db61d07c-g3a45784fce8
1.38.1-t3eeff9e7f-g8725a9e98e2
1.37.262-t047b32493-g814cd3c43a9
1.37.259-tb64d78d58-gd53da4ac65e
1.36.2-t0438c67e2-gd4f0ac0b58c
1.37.108-t01d58c9b6-g813b770cdf7
1.36.1-t576b08e5e-g28a435b67d6
1.36.0-tab998de98-g9ccba36ca1b
1.35.165-t2df38b1fe-gf643488f7a1
1.35.158-tb657187a6-g9562c27766e
1.34.2-tc5ef9103d-g4727c9c4b63
1.35.108-t692eac23a-g365b0ce6b0e
1.35.108-t692eac23a-g30e46fb8545
1.35.80-t237f030cd-gfd874ed58e9
1.34.1-t331d553a5-g14e42b2de7e
1.35.5-t4b34c8842-gc5e20b297c0
1.34.0-t988801d5d-gca20b46c925
1.33.385-t86b6ff61e-g80b896e71cd
1.33.299-t300aba61a-g1181155b7d1
1.32.3-t9dd89b8c2-g79fdccd8e3e
1.33.97-t81fd25913-g26e72f15efe
1.32.2-t54e8fa172-gd9ef1cad8ab
1.33.21-t63ad49890-g80dfbd8a0c5
1.33.20-t899b4cae1-g185cc3dd8f9
1.32.0-tfc688fe02-g13fc35a8bd5
1.31.167-t6d76764f3-g5ed3921ad62
1.31.84-t42f1d92ae-g03970952d53
1.30.2-t118545749-g9d01824d01f
1.30.2-t118545749-gb1033503280
1.31.40-t2aade349f-g033f7d87b43
1.31.40-t2aade349f-g5d209e6122b
1.30.1-t949c40030-gda453c0f676
1.30.0-t0b00b7a13-gdbd2b98eaea
1.29.194-t70f9fc8c7-gd0812b9476b
1.29.183-te4b5b92b8-gc9d2b97402e
1.29.175-t472529af3-gac01ced297a
v1.10.2-36fe8addc39-g31f2cfa9c9c
1.29.72-tb905db7a5-g9e6ef85d269
1.29.70-tc06758c83-g140149ef876
1.29.70-tc06758c83-g34ae6109d03
1.29.0-t3c892d106-g42f688f1292
1.28.0-taabca3a4c-gd900a87f4b4
1.27.81-t755396d6f-g21ea21f4f03
1.26.2-t5a60f1ffe-g4b32a50bc96
1.27.69-t9584d8aa7-g7abc94c4eae
1.27.57-t06aa14163-gbc1b0e24950
1.27.57-t06aa14163-g4fa037b636b
1.27.24-t467eb2eca-g0c11377ca10
1.26.1-t5b81baa7d-gd2fd1453038
1.26.1-t5b81baa7d-g2ac46a95b0f
1.26.0-t9fc6551b4-g3502f448874
1.26.0-t9fc6551b4-g0ed48c78500
1.25.91-tfc5839864-g1845f173179
1.25.35-te3619b890-ge66e57fbb08
1.24.2-tdce2409b1-gb8ed6272bdb
1.24.2-tdce2409b1-gc32eb8e27e8-dirty
1.24.2-tdce2409b1-gc32eb8e27e8
1.24.0-tf0e71f4a2-g772e6ae6f06
1.23.238-t695f8a1d7-gbd5ef3fd68d
1.23.238-t695f8a1d7-g60f461e5e79
1.23.237-t53588f632-g94762403ce1
1.23.230-t13f75b966-gb8af14c0098
1.23.210-tc13be0c50-g3f8df48d23d
1.23.192-tc591c9165-g4ccafba8f7f
1.23.152-t9f604f2bd-gcc70ae7aa62
1.23.148-t7c7f37342-gb4f8e7f90a4
1.23.53-t012098ec3-gb0f1428443e
1.23.53-t012098ec3-g7203980ecc8
1.22.0-t4e0b00ad8-g56cf5b6132d
1.21.114-te921e1b02-g4a1c0cb2ee7
1.21.112-td19a63ddf-g5868fdb7b04
1.21.52-taaba49ca1-g467ddfc6052-dirty
1.21.52-taaba49ca1-g467ddfc6052
1.20.2-t8e643357d-ge1751fa2802
1.21.24-t0ada42684-g213009e9af5
1.21.8-t8cf1af8a0-g6b83c6ae21f
1.20.0-t958917dce-gdbbb71c2e39
1.19.190-tc5243562d-g039124db792
1.19.190-tc5243562d-g14b849f0e85-dirty
1.19.189-t1a4e8da08-g1be9000a6ac-dirty
1.18.2-tb04815c9c-g08e1f97a38e
1.19.127-tcced414c7-ga3d2dc95dbc
1.19.127-tcced414c7-gc63656926aa
1.19.116-t878a20df2-gb2665ab2ff5
1.19.111-te34ba3223-gca696b116ce
1.18.0-t71f1dd5aa-g6e464cc68f9
1.17.235-t773af7292-gda175ba2212
1.17.205-td6dde5a1a-gdb53a314eb3
1.17.191-t0532eb30d-g0ecb2a25874
1.16.2-tb56ba2054-g377795b3b67
1.17.81-tc60806b55-g61f90a1975b
1.16.1-t4f4000fbe-g0e7d23df47d
1.17.52-t9af27ba82-g82ea8df1dc8
1.16.0-tb0f4f3161-g2840d54aade
1.16.0-tb0f4f3161-gf0dcec6c275-dirty
1.15.210-tbabd163aa-g9b52c6b357b
1.14.6-tdfc4042ec-gb1b53ce7b58
1.15.196-t173bbaa1a-g0637d599af4
1.15.191-t52737c14a-g75ef65dd501
1.15.3-t1925fb584-g7aa8ae9a47e
1.14.0-t62a458f7f-gff91342ecc8
1.14.0-t62a458f7f-g0f6f5a30323
1.13.116-t0ac213059-gae2df120327
1.13.73-t954867fef-g3e299e873d8
1.13.53-t8bdf87883-g30324736c98
1.13.53-t8bdf87883-g15a27d2336b
1.13.52-t360223fcc-g18e6fe24db7
1.13.52-t360223fcc-gd81f8a03b65-dirty
1.13.42-tfd7b738e5-ga68462ec65f
1.12.3-t2be791762-gf6ecdd058da
1.12.3-t2be791762-g2ea501279cf
1.13.19-td37451bac-g82b6b8dbd36
1.13.19-td37451bac-g0f46117f9c0
1.13.6-tf414a9cc0-gd98827df030
1.13.6-f414a9cc01f-gf59e53e41d8
1.12.1-1d7592eb117-g1fc94ccf979
1.12.1-1d7592eb117-gf4742b7d907
1.11.151-d145c594ad6-g7b2e61e80cd
1.11.151-d145c594ad6-g7ebedfd62a9
1.11.151-d145c594ad6-g7a00ad639b4
1.11.151-d145c594ad6-g20c35d55f57
1.11.109-798b0da4703-g480b1a62eb2
1.11.109-798b0da4703-g4d32c6da4f6-dirty
1.11.106-1bb6abc604c-g2c1f35d5607
1.11.106-1bb6abc604c-g27283a8bb0a
v1.10.2-36fe8addc39-g74a18b3359b
v1.10.1-cd3fd076cc7-gadfcedb0972
v1.10.1-cd3fd076cc7-gad31a689393
v1.10.0-405ea978f8b-g242c936b2cd
v1.10.0-405ea978f8b-g10ded1bad29
v1.10.0-405ea978f8b-ge8f2409cb3d-dirty
v1.10.0-405ea978f8b-g6c005dab135-dirty
v1.10.0-405ea978f8b-g47b732aaab1
v1.10.0-t405ea978f-g07616236fc2
v1.10.0-t405ea978f-g5bb36e740cf
v-g2f7b27412a0
v1.8.6-t28a8f9c90-g04890797712
v-g90351e73923
v1.8.6-t28a8f9c90-gff16a75a65c
v1.8.3-td0e86b08c-g8ea1d4ced73
v1.8.3-td0e86b08c-g06e461d7038
v1.6.0-tddc975fcb-g05212e770b0
v1.6.0-tddc975fcb-ge2d731dbbab
v1.6.0-tddc975fcb-g05ddfd5d90e
v1.4.5-tb89c65304-gd3e0b420939
v1.4.4-t64a9656c0-g3e758d0fe21
v1.4.0-t3d7cff91b-g33cf7c0aa19
v1.4.0-t3d7cff91b-gc4f626c5a79
v1.3.267-t9936cffc1-g96e2661764c
v1.2.2-t76c2982d8-gc26c3b0a3
v1.2.2-t76c2982d8-gb981aa576
v1.2.2-t76c2982d8-g8daee9c43
v1.2.2-t76c2982d8-g33a953fb2
v1.2.2-t76c2982d8-gf2c035a8b
v1.2.2-t76c2982d8-g97a826d11
v0.1.21
v0.1.20
v0.1.19
v0.1.18
v0.1.17
v0.1.16
v0.1.15
v0.1.14
v0.1.13
v0.1.11
v0.1.10
1.60.1-t2caffeeb4-g6f7ae79a31c
1.66.0-te2a0fc0bc-g6bd50e8026d
1.72.0-taa448d5a9-g8c424617ff0
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v1.2.2-t76c2982d8-g39dfd8495
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '526b614ef4'
${ noResults }
tailscale-android/libtailscale/backend.go

320 lines
8.7 KiB
Go
Raw Blame History

// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
package libtailscale
import (
"context"
"fmt"
"log"
"net/http"
"os"
"path/filepath"
"runtime/debug"
"sync"
"sync/atomic"
"tailscale.com/hostinfo"
"tailscale.com/ipn"
"tailscale.com/ipn/ipnlocal"
"tailscale.com/ipn/localapi"
"tailscale.com/logtail"
"tailscale.com/net/dns"
"tailscale.com/net/netmon"
"tailscale.com/net/netns"
"tailscale.com/net/tsdial"
"tailscale.com/paths"
"tailscale.com/tsd"
"tailscale.com/types/logger"
"tailscale.com/types/logid"
"tailscale.com/types/netmap"
"tailscale.com/wgengine"
"tailscale.com/wgengine/netstack"
"tailscale.com/wgengine/router"
)
type App struct {
dataDir string
// appCtx is a global reference to the com.tailscale.ipn.App instance.
appCtx AppContext
store *stateStore
logIDPublicAtomic atomic.Pointer[logid.PublicID]
localAPIHandler http.Handler
backend *ipnlocal.LocalBackend
ready sync.WaitGroup
}
func start(dataDir string, appCtx AppContext) Application {
defer func() {
if p := recover(); p != nil {
log.Printf("panic in Start %s: %s", p, debug.Stack())
panic(p)
}
}()
initLogging(appCtx)
// Set XDG_CACHE_HOME to make os.UserCacheDir work.
if _, exists := os.LookupEnv("XDG_CACHE_HOME"); !exists {
cachePath := filepath.Join(dataDir, "cache")
os.Setenv("XDG_CACHE_HOME", cachePath)
}
// Set XDG_CONFIG_HOME to make os.UserConfigDir work.
if _, exists := os.LookupEnv("XDG_CONFIG_HOME"); !exists {
cfgPath := filepath.Join(dataDir, "config")
os.Setenv("XDG_CONFIG_HOME", cfgPath)
}
// Set HOME to make os.UserHomeDir work.
if _, exists := os.LookupEnv("HOME"); !exists {
os.Setenv("HOME", dataDir)
}
return newApp(dataDir, appCtx)
}
type backend struct {
engine wgengine.Engine
backend *ipnlocal.LocalBackend
sys *tsd.System
devices *multiTUN
settings settingsFunc
lastCfg *router.Config
lastDNSCfg *dns.OSConfig
netMon *netmon.Monitor
logIDPublic logid.PublicID
logger *logtail.Logger
// avoidEmptyDNS controls whether to use fallback nameservers
// when no nameservers are provided by Tailscale.
avoidEmptyDNS bool
appCtx AppContext
}
type settingsFunc func(*router.Config, *dns.OSConfig) error
func (a *App) runBackend(ctx context.Context) error {
paths.AppSharedDir.Store(a.dataDir)
hostinfo.SetOSVersion(a.osVersion())
if !a.appCtx.IsPlayVersion() {
hostinfo.SetPackage("nogoogle")
}
deviceModel := a.modelName()
if a.isChromeOS() {
deviceModel = "ChromeOS: " + deviceModel
}
hostinfo.SetDeviceModel(deviceModel)
type configPair struct {
rcfg *router.Config
dcfg *dns.OSConfig
}
configs := make(chan configPair)
configErrs := make(chan error)
b, err := newBackend(a.dataDir, a.appCtx, a.store, func(rcfg *router.Config, dcfg *dns.OSConfig) error {
if rcfg == nil {
return nil
}
configs <- configPair{rcfg, dcfg}
return <-configErrs
})
if err != nil {
return err
}
a.logIDPublicAtomic.Store(&b.logIDPublic)
a.backend = b.backend
defer b.CloseTUNs()
h := localapi.NewHandler(b.backend, log.Printf, b.sys.NetMon.Get(), *a.logIDPublicAtomic.Load())
h.PermitRead = true
h.PermitWrite = true
a.localAPIHandler = h
a.ready.Done()
// Contrary to the documentation for VpnService.Builder.addDnsServer,
// ChromeOS doesn't fall back to the underlying network nameservers if
// we don't provide any.
b.avoidEmptyDNS = a.isChromeOS()
var (
cfg configPair
state ipn.State
networkMap *netmap.NetworkMap
service IPNService
)
stateCh := make(chan ipn.State)
netmapCh := make(chan *netmap.NetworkMap)
go b.backend.WatchNotifications(ctx, ipn.NotifyInitialNetMap|ipn.NotifyInitialPrefs|ipn.NotifyInitialState, func() {}, func(notify *ipn.Notify) bool {
if notify.State != nil {
stateCh <- *notify.State
}
if notify.NetMap != nil {
netmapCh <- notify.NetMap
}
return true
})
for {
select {
case s := <-stateCh:
state = s
case n := <-netmapCh:
networkMap = n
case c := <-configs:
cfg = c
if b == nil || service == nil || cfg.rcfg == nil {
configErrs <- nil
break
}
configErrs <- b.updateTUN(service, cfg.rcfg, cfg.dcfg)
case s := <-onVPNRequested:
if service != nil && service.ID() == s.ID() {
// Still the same VPN instance, do nothing
break
}
netns.SetAndroidProtectFunc(func(fd int) error {
if !s.Protect(int32(fd)) {
// TODO(bradfitz): return an error back up to netns if this fails, once
// we've had some experience with this and analyzed the logs over a wide
// range of Android phones. For now we're being paranoid and conservative
// and do the JNI call to protect best effort, only logging if it fails.
// The risk of returning an error is that it breaks users on some Android
// versions even when they're not using exit nodes. I'd rather the
// relatively few number of exit node users file bug reports if Tailscale
// doesn't work and then we can look for this log print.
log.Printf("[unexpected] VpnService.protect(%d) returned false", fd)
}
return nil // even on error. see big TODO above.
})
log.Printf("onVPNRequested: rebind required")
// TODO(catzkorn): When we start the android application
// we bind sockets before we have access to the VpnService.protect()
// function which is needed to avoid routing loops. When we activate
// the service we get access to the protect, but do not retrospectively
// protect the sockets already opened, which breaks connectivity.
// As a temporary fix, we rebind and protect the magicsock.Conn on connect
// which restores connectivity.
// See https://github.com/tailscale/corp/issues/13814
b.backend.DebugRebind()
service = s
if networkMap != nil {
// TODO
}
if cfg.rcfg != nil && state >= ipn.Starting {
if err := b.updateTUN(service, cfg.rcfg, cfg.dcfg); err != nil {
log.Printf("VPN update failed: %v", err)
notifyVPNClosed()
}
}
case s := <-onDisconnect:
b.CloseTUNs()
if service != nil && service.ID() == s.ID() {
netns.SetAndroidProtectFunc(nil)
service = nil
}
if state >= ipn.Starting {
notifyVPNClosed()
}
case <-onDNSConfigChanged:
if b != nil {
go b.NetworkChanged()
}
}
}
}
func newBackend(dataDir string, appCtx AppContext, store *stateStore,
settings settingsFunc) (*backend, error) {
sys := new(tsd.System)
sys.Set(store)
logf := logger.RusagePrefixLog(log.Printf)
b := &backend{
devices: newTUNDevices(),
settings: settings,
appCtx: appCtx,
}
var logID logid.PrivateID
logID.UnmarshalText([]byte("dead0000dead0000dead0000dead0000dead0000dead0000dead0000dead0000"))
storedLogID, err := store.read(logPrefKey)
// In all failure cases we ignore any errors and continue with the dead value above.
if err != nil || storedLogID == nil {
// Read failed or there was no previous log id.
newLogID, err := logid.NewPrivateID()
if err == nil {
logID = newLogID
enc, err := newLogID.MarshalText()
if err == nil {
store.write(logPrefKey, enc)
}
}
} else {
logID.UnmarshalText([]byte(storedLogID))
}
netMon, err := netmon.New(logf)
if err != nil {
log.Printf("netmon.New: %w", err)
}
b.netMon = netMon
b.setupLogs(dataDir, logID, logf)
dialer := new(tsdial.Dialer)
cb := &router.CallbackRouter{
SetBoth: b.setCfg,
SplitDNS: false,
GetBaseConfigFunc: b.getDNSBaseConfig,
}
engine, err := wgengine.NewUserspaceEngine(logf, wgengine.Config{
Tun: b.devices,
Router: cb,
DNS: cb,
Dialer: dialer,
SetSubsystem: sys.Set,
NetMon: b.netMon,
})
if err != nil {
return nil, fmt.Errorf("runBackend: NewUserspaceEngine: %v", err)
}
sys.Set(engine)
b.logIDPublic = logID.Public()
ns, err := netstack.Create(logf, sys.Tun.Get(), engine, sys.MagicSock.Get(), dialer, sys.DNSManager.Get(), sys.ProxyMapper(), nil)
if err != nil {
return nil, fmt.Errorf("netstack.Create: %w", err)
}
sys.Set(ns)
ns.ProcessLocalIPs = false // let Android kernel handle it; VpnBuilder sets this up
ns.ProcessSubnets = true // for Android-being-an-exit-node support
sys.NetstackRouter.Set(true)
if w, ok := sys.Tun.GetOK(); ok {
w.Start()
}
lb, err := ipnlocal.NewLocalBackend(logf, logID.Public(), sys, 0)
if err != nil {
engine.Close()
return nil, fmt.Errorf("runBackend: NewLocalBackend: %v", err)
}
if err := ns.Start(lb); err != nil {
return nil, fmt.Errorf("startNetstack: %w", err)
}
if b.logger != nil {
lb.SetLogFlusher(b.logger.StartFlush)
}
b.engine = engine
b.backend = lb
b.sys = sys
go func() {
err := lb.Start(ipn.Options{})
if err != nil {
log.Printf("Failed to start LocalBackend, panicking: %s", err)
panic(err)
}
}()
return b, nil
}
Reference in New Issue View Git Blame Copy Permalink