summaryrefslogtreecommitdiffhomepage
path: root/talpid-tunnel/src/tun_provider/android
AgeCommit message (Collapse)AuthorFilesLines
2025-09-15Update ipnetwork and convert LazyLock to constJoakim Hulthe1-2/+2
2025-07-25Create new boringtun devices when toggling multihopDavid Lönnhager1-1/+2
2025-07-10Run `cargo fmt`Sebastian Holmin1-3/+3
2025-07-09Inline format argumentsLinus Färnstrand1-6/+3
2025-06-12Fix variable nameJoakim Hulthe1-4/+4
2025-06-12Fix tun file descriptor ownershipJoakim Hulthe1-4/+4
We accidentally borrowed the file descriptor when we should have moved it. This commit adds more `OwnedFd` and friends to help handle ownership correctly. Signed-off-by: Joakim Hulthe <joakim.hulthe@mullvad.net>
2025-06-10Update nix to 0.30 everywhereJoakim Hulthe1-1/+14
2025-03-24Make it possible to disable IPv6 in the tunnelJonatan Rhodin1-0/+6
2025-02-25Rename and comment variableDavid Göransson1-3/+4
2025-02-25Suppress unsafe warning when cloning JavaVMJoakim Hulthe1-0/+5
2025-02-25Reduce open_tun calls (Establish)David Göransson1-22/+64
Each call to Establish opens a window for leaks on android. By only invoking Establish if the VpnConfig if any of the input has changed and reusing it otherwise we avoid many of these leaks. This commit also waits for android to report back that the routes have been created to ping and verify connectivity to avoid pings going outside the tunnel.
2025-02-06Replace old waitForTunnelUp functionDavid Göransson1-2/+5
After invoking VpnService.establish() we will get a tunnel file descriptor that corresponds to the interface that was created. However, this has no guarantee of the routing table beeing up to date, and we might thus send traffic outside the tunnel. Previously this was done through looking at the tunFd to see that traffic is sent to verify that the routing table has changed. If no traffic is seen some traffic is induced to a random IP address to ensure traffic can be seen. This new implementation is slower but won't risk sending UDP traffic to a random public address at the internet.
2025-01-03Upgrade `tun` to get rid of set_address code on LinuxMarkus Pettersson1-2/+2
2024-12-18Fix JNI enum namesDavid Göransson1-5/+7
2024-11-27Handle legacy always-on vpn profilesDavid Göransson1-4/+14
Co-authored-by: Jonatan Rhodin <jonatan.rhodin@mullvad.net>
2024-08-13Refactor tunnel provider and TalpidVpnServiceDavid Lönnhager1-195/+144
This also fixes the issue of the VPN service being restarted unnecessarily
2024-08-13Update missing commentDavid Lönnhager1-1/+1
2024-08-13Remove duplicate dummy DNS fix for VpnServiceDavid Lönnhager1-9/+0
2024-08-13Don't pass in excluded apps from wireguard-goDavid Lönnhager1-5/+0
2024-07-30Reconnect if split tunnel state changedMarkus Pettersson1-1/+1
2024-07-25Fix Android code related to ipnetwork upgradesLinus Färnstrand1-3/+3
2024-05-29Migrate to gRPCDavid Göransson1-4/+29
Co-authored-by: Jonatan Rhodin <jonatan.rhodin@mullvad.net> Co-authored-by: Markus Pettersson <markus.pettersson@mullvad.net> Co-authored-by: David Lönnhager <david.l@mullvad.net>
2024-05-08Set dummy DNS servers in blocking statesDavid Lönnhager1-11/+30
This is a fix for DNS leaks in blocking states due to an underlying OS bug where DNS queries leak when no DNS server is configured. Lockdown mode ("Block connections without VPN") would also not help in this case. More information on this issue: https://issuetracker.google.com/issues/337961996
2024-02-27Replace err_derive with thiserrorJoakim Hulthe1-22/+14
`err_derive` is unmaintained and will probably stop working with rust edition 2024. `thiserror` is almost a drop-in replacement. This commit simply replaces all occurences of `derive(err_derive::Error)` with `derive(thiserror::Error)` and fixes the attributes, but the Error and Display impls should be identical.
2023-05-24Fix warnings pointed out by ClippyLinus Färnstrand1-2/+2
2022-11-07Split up talpid-coreEmīls Piņķis2-0/+874
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.