diff options
| author | Janito Vaqueiro Ferreira Filho <janito@mullvad.net> | 2020-03-24 14:57:53 -0300 |
|---|---|---|
| committer | Janito Vaqueiro Ferreira Filho <janito@mullvad.net> | 2020-03-24 14:57:53 -0300 |
| commit | fe896be6b01e8aa02922a3677c4927098a1a4e27 (patch) | |
| tree | 4aaa06cf9d85fc09fa3465a40f4ea60394616d85 | |
| parent | 3c54992c343097dcdb329f02e8fc51ca4866796c (diff) | |
| parent | 33d346f46b0733990d09d2432ca4e31cc4442b5c (diff) | |
| download | mullvadvpn-fe896be6b01e8aa02922a3677c4927098a1a4e27.tar.xz mullvadvpn-fe896be6b01e8aa02922a3677c4927098a1a4e27.zip | |
Merge branch 'fix-ipv6-on-android'
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | android/src/main/kotlin/net/mullvad/talpid/TalpidVpnService.kt | 13 | ||||
| -rw-r--r-- | mullvad-daemon/src/settings.rs | 8 | ||||
| -rw-r--r-- | mullvad-types/src/settings/mod.rs | 5 |
4 files changed, 27 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 70d1e6d286..373327b590 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -35,6 +35,7 @@ Line wrap the file at 100 chars. Th - Add a reconnect button to disconnect and connect again without closing the tunnel device to avoid leaking any data during the reconnection. - Add quick settings tile to control the tunnel state. +- Enable IPv6 traffic through the tunnel. ### Changed - Prefer WireGuard when tunnel protocol is set to _auto_ on Linux and MacOS. @@ -72,6 +73,9 @@ Line wrap the file at 100 chars. Th - Fix issue in daemon where the `block_when_disconnected` setting was sometimes not honored when stopping the daemon. I.e. traffic could flow freely after the daemon was stopped. +#### Android +- Fix issue where IPv6 traffic could leak outside of the tunnel. + ## [2020.3] - 2020-02-20 This release is identical to 2020.3-beta1 diff --git a/android/src/main/kotlin/net/mullvad/talpid/TalpidVpnService.kt b/android/src/main/kotlin/net/mullvad/talpid/TalpidVpnService.kt index e2ea8c5818..a36e0b1db6 100644 --- a/android/src/main/kotlin/net/mullvad/talpid/TalpidVpnService.kt +++ b/android/src/main/kotlin/net/mullvad/talpid/TalpidVpnService.kt @@ -1,6 +1,9 @@ package net.mullvad.talpid import android.net.VpnService +import java.net.Inet4Address +import java.net.Inet6Address +import java.net.InetAddress import net.mullvad.talpid.tun_provider.TunConfig open class TalpidVpnService : VpnService() { @@ -17,7 +20,7 @@ open class TalpidVpnService : VpnService() { fun createTun(config: TunConfig): Int { val builder = Builder().apply { for (address in config.addresses) { - addAddress(address, 32) + addAddress(address, prefixForAddress(address)) } for (dnsServer in config.dnsServers) { @@ -40,4 +43,12 @@ open class TalpidVpnService : VpnService() { fun bypass(socket: Int): Boolean { return protect(socket) } + + private fun prefixForAddress(address: InetAddress): Int { + when (address) { + is Inet4Address -> return 32 + is Inet6Address -> return 128 + else -> throw RuntimeException("Invalid IP address (not IPv4 nor IPv6)") + } + } } diff --git a/mullvad-daemon/src/settings.rs b/mullvad-daemon/src/settings.rs index d61eb1c204..df0ee0b996 100644 --- a/mullvad-daemon/src/settings.rs +++ b/mullvad-daemon/src/settings.rs @@ -16,7 +16,13 @@ use talpid_core::logging::windows::log_sink; pub fn load() -> Settings { match Settings::load() { - Ok(settings) => settings, + Ok(mut settings) => { + // Force IPv6 to be enabled on Android + if cfg!(target_os = "android") { + let _ = settings.set_enable_ipv6(true); + } + settings + } #[cfg(windows)] Err(SettingsError::ReadError(ref _path, ref e)) if e.kind() == ErrorKind::NotFound => { info!( diff --git a/mullvad-types/src/settings/mod.rs b/mullvad-types/src/settings/mod.rs index 3c873ce98c..495d82739a 100644 --- a/mullvad-types/src/settings/mod.rs +++ b/mullvad-types/src/settings/mod.rs @@ -364,7 +364,10 @@ impl Default for TunnelOptions { mtu: None, automatic_rotation: None, }, - generic: GenericTunnelOptions { enable_ipv6: false }, + generic: GenericTunnelOptions { + // Enable IPv6 be default on Android + enable_ipv6: cfg!(target_os = "android"), + }, } } } |