WireGuard Archive on lore.kernel.org
 help / color / Atom feed
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Andrey Kupreychik <foxel@quickfox.ru>, wireguard@lists.zx2c4.com
Subject: Re: Bug report: WireGuard client not setting underlying network on Android Pie
Date: Wed, 15 Jan 2020 13:29:19 -0500
Message-ID: <aaf2a265-f53e-f6d2-09d7-e83497578a81@zx2c4.com> (raw)
In-Reply-To: <CA+hAYV=67S+3d0g+eQ9AZHok=AdvmBsd2XpOFSEcJ=aozjK9PA@mail.gmail.com>

Hi Andrey,

Thanks for the bug report.

On 1/13/20 12:00 AM, Andrey Kupreychik wrote:
> My Android phone running wireguard VPN threats it as a metered 
> connection and does not do anything it should do on Wi-Fi only
> 
> What I found is this discussion 
> https://issuetracker.google.com/issues/114309459
> I've looked thru the GitHub mirror code and found no evidance of 
> setUnderlyingNetworks called in WireGuard client code.
> 
> As seen in the issue tracker link above, it's needed in order to take 
> advantage of this 
> (https://developer.android.com/about/versions/pie/android-9.0-changes-all#network-capabilities-vpn) 
> behavior change. As described in the issue tracker link, this prevents 
> Pie devices from properly using unmetered WiFi networks.

Are you suggesting something like the below? According to the docs, the 
null value is the "default", and the others don't fit the wireguard 
model. Are you saying we should still be calling this anyway because the 
android system is expecting it?

 From 4ae0e9688e4edfdad06e6db49f414a95c5663d07 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 15 Jan 2020 13:25:56 -0500
Subject: [PATCH] GoBackend: set empty underlying networks

https://lists.zx2c4.com/pipermail/wireguard/2020-January/004859.html
https://issuetracker.google.com/issues/114309459
https://developer.android.com/about/versions/pie/android-9.0-changes-all#network-capabilities-vpn

Apparently we need to call this at least once.

Reported-by: Andrey Kupreychik <foxel@quickfox.ru>
---
  app/src/main/java/com/wireguard/android/backend/GoBackend.java | 1 +
  1 file changed, 1 insertion(+)

diff --git 
a/app/src/main/java/com/wireguard/android/backend/GoBackend.java 
b/app/src/main/java/com/wireguard/android/backend/GoBackend.java
index 3e8e1ec..3c4c893 100644
--- a/app/src/main/java/com/wireguard/android/backend/GoBackend.java
+++ b/app/src/main/java/com/wireguard/android/backend/GoBackend.java
@@ -224,6 +224,7 @@ public final class GoBackend implements Backend {

              currentTunnel = tunnel;

+            service.setUnderlyingNetworks(null);
              service.protect(wgGetSocketV4(currentTunnelHandle));
              service.protect(wgGetSocketV6(currentTunnelHandle));
          } else {
-- 
2.24.1


Regards,
Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

      reply index

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-13  5:00 Andrey Kupreychik
2020-01-15 18:29 ` Jason A. Donenfeld [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aaf2a265-f53e-f6d2-09d7-e83497578a81@zx2c4.com \
    --to=jason@zx2c4.com \
    --cc=foxel@quickfox.ru \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git