ホーム エクスプローラ ヘルプ
サインイン
yosoyhendrix
/
psiphon-tunnel-core
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: b5ce07555a
ブランチ タグ
psiphon-tunnel-...
/
psiphon
/
bindToDevice.go

bindToDevice.go 2.5 KB
履歴 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. // +build android linux
    2. 

  2. 

  3. /*
    4. 

  4.  * Copyright (c) 2014, Psiphon Inc.
    5. 

  5.  * All rights reserved.
    6. 

  6.  *
    7. 

  7.  * This program is free software: you can redistribute it and/or modify
    8. 

  8.  * it under the terms of the GNU General Public License as published by
    9. 

  9.  * the Free Software Foundation, either version 3 of the License, or
    10. 

  10.  * (at your option) any later version.
    11. 

  11.  *
    12. 

  12.  * This program is distributed in the hope that it will be useful,
    13. 

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.  * GNU General Public License for more details.
    16. 

  16.  *
    17. 

  17.  * You should have received a copy of the GNU General Public License
    18. 

  18.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    19. 

  19.  *
    20. 

  20.  */
    21. 

  21. 

  22. package psiphon
    23. 

  23. 

  24. import (
    25. 

  25. 	"errors"
    26. 

  26. 	"fmt"
    27. 

  27. 	"net"
    28. 

  28. 	"syscall"
    29. 

  29. 	"time"
    30. 

  30. )
    31. 

  31. 

  32. // bindToDevice sends a file descriptor a service which will bind the socket to
    33. 

  33. // a device so that it doesn't route through a VPN interface. This is used for
    34. 

  34. // TCP tunnel connections made while the VPN is active and for UDP DNS requests
    35. 

  35. // sent as part of establishing those TCP connections.
    36. 

  36. // On Android, where this facility is used, the underlying implementation uses
    37. 

  37. // setsockopt(SO_BINDTODEVICE). This socket options requires root, which is
    38. 

  38. // why this is delegated to a remote service.
    39. 

  39. func bindToDevice(socketFd int, config *DialConfig) error {
    40. 

  40. 	addr, err := net.ResolveUnixAddr("unix", config.BindToDeviceServiceAddress)
    41. 

  41. 	if err != nil {
    42. 

  42. 		return ContextError(err)
    43. 

  43. 	}
    44. 

  44. 	conn, err := net.DialUnix("unix", nil, addr)
    45. 

  45. 	if err != nil {
    46. 

  46. 		return ContextError(err)
    47. 

  47. 	}
    48. 

  48. 	defer conn.Close()
    49. 

  49. 	// Set request timeouts, using the ConnectTimeout from the overall Dial
    50. 

  50. 	conn.SetReadDeadline(time.Now().Add(config.ConnectTimeout))
    51. 

  51. 	conn.SetWriteDeadline(time.Now().Add(config.ConnectTimeout))
    52. 

  52. 	// The 0 byte payload for the write is a dummy message. The important
    53. 

  53. 	// payload is the file descriptor.
    54. 

  54. 	// The response is also a single byte. 0 is success, and any other
    55. 

  55. 	// byte value is an error code.
    56. 

  56. 	msg := []byte{byte(0)}
    57. 

  57. 	rights := syscall.UnixRights(socketFd)
    58. 

  58. 	bytesWritten, ooBytesWritten, err := conn.WriteMsgUnix(msg, rights, nil)
    59. 

  59. 	if err != nil {
    60. 

  60. 		return ContextError(err)
    61. 

  61. 	}
    62. 

  62. 	if bytesWritten != len(msg) || ooBytesWritten != len(rights) {
    63. 

  63. 		return ContextError(errors.New("bindToDevice write request failed"))
    64. 

  64. 	}
    65. 

  65. 	bytesRead, err := conn.Read(msg)
    66. 

  66. 	if err != nil {
    67. 

  67. 		return ContextError(err)
    68. 

  68. 	}
    69. 

  69. 	if bytesRead != len(msg) || msg[0] != 0 {
    70. 

  70. 		return ContextError(fmt.Errorf("bindToDevice read response failed: %d", int(msg[0])))
    71. 

  71. 	}
    72. 

  72. 	return nil
    73. 

  73. }
    74.