Hey, On Wed, Feb 8, 2012 at 4:16 AM, James Ring <s...@jdns.org> wrote: > Looks like you need to pass a native fd. OpenVPN would not be able to > open the device itself. There looks to be a chicken and egg problem > here though: the fd is returned by the VpnService.Builder.establish() > method > > http://developer.android.com/reference/android/net/VpnService.Builder.html#establish() > > This needs to happen after a bunch of parameters are already known. > Since OpenVPN would normally take care of negotiating these with the > other end, it would seem that the tunnel fd is not available to > OpenVPN in time to do this. Perhaps the user would have to configure > the route, search domain, IP address and other parameters in advance > of starting the VPN connection. That would suck.
Perhaps I wrote this too hastily. I wasn't thinking of how OpenVPN actually works. OpenVPN would: * open the connection (tcp or udp) to the remote end * negotiate session parameters * provide the Android Java wrapper with the session parameters via the service pipe * receive the file descriptor to use as the tun/tap device from the Android Java wrapper via the service pipe Another thing to think about would be whether the tunnel could be reestablished after the device wakes up from sleep. Regards, James
